summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* obvious use after free was less obviously not a use after free.tedu2014-04-241-1/+1
| | | | | who uses '\0' as a null pointer constant? fix my mistake and restore original semantics.
* More KNF.jsing2014-04-242-184/+244
|
* Make it compile again.jsing2014-04-242-2/+2
|
* Remove some malloc/strlcpy/strlcat horror. Just use asprintf and avoid anjsing2014-04-242-50/+24
| | | | | | unchecked malloc at the same time. ok beck@
* add ERR_asprintf_error_data, A tool to be used to get rid of the far toobeck2014-04-244-50/+52
| | | | | | | | | frequent construct of 30 lines of pointer and strlcat insanity followed by an ERR_add_error_data. I will sweep through here like a chubby mongol horde in the next few days pillaging crappy ERR_add_error_data's. Oh and while we're at it fix the nasty vdata function to use something less hard on the eyes. ok jsing@
* You want signals?!? I'll give you signals!!! Oh, and we have termios asjsing2014-04-242-72/+0
| | | | | | well... ok beck@
* More KNF.jsing2014-04-244-74/+74
|
* More KNF, things that couldn't be verified with md5(1), and some whitespacemcbride2014-04-248-468/+508
| | | | I missed on the first go around.
* unifdef -U LINTjsing2014-04-246-18/+0
|
* When OPENSSL_C is not defined, apps_startup becomes ajsing2014-04-2438-72/+72
| | | | | | | signal(SIGPIPE, SIG_IGN) and apps_shutdown is a no-op. So just do that instead. ok beck@
* KNFmcbride2014-04-246-2052/+2974
|
* Remove more FIPS tenticles.jsing2014-04-241-12/+1
| | | | ok beck@
* Rip a bunch of ifdefs from speed. We know we can fork, have SIGALRM andjsing2014-04-241-267/+2
| | | | | | do not use lint. ok miod@
* A fantastic way to make a large unsigned number is to assignbeck2014-04-242-0/+4
| | | | | | | | | a small signed one to it.. Some people on OpenSSL's list noticed - http://marc.info/?l=openssl-dev&m=139809485525663&w=2 This should fix that, and make sure we don't try to write out insane amounts of stuff. ok miod@ tedu@
* remove redundant asign. from David Hilltedu2014-04-242-2/+0
|
* Support for the -ssl2 option has been removed, so remove it from usagelteo2014-04-241-1/+0
| | | | | | as well ("openssl ciphers -h"). "sure" miod@
* on today's episode of things you didn't want to learn:tedu2014-04-242-0/+8
| | | | | | | | | | | | | do_ssl3_write() is recursive. and not in the simple, obvious way, but in the sneaky called through ssl3_dispatch_alert way. (alert level: fuchsia) this then has a decent chance of releasing the buffer that we thought we were going to use. check for this happening, and if the buffer has gone missing, put another one back in place. the direct recursive call is safe because it won't call ssl3_write_pending which is the function that actually does do the writing and releasing. as reported by David Ramos to openssl-dev: http://marc.info/?l=openssl-dev&m=139809493725682&w=2 ok beck
* repair missing semicolon. from Ian Mcwilliamtedu2014-04-242-2/+2
|
* Unifdef -UPKCS1_CHECK and remove SSL_OP_PKCS1_CHECK_[12], this is leftovermiod2014-04-2311-58/+0
| | | | | | | | ``debug'' code from a 15+ years old bugfix and the SSL_OP_PKCS1_CHECK_* constants have had a value of zero since ages. No production code should use them. ok beck@
* ain't nobody got time for hpuxtedu2014-04-232-44/+0
|
* fix some variablestedu2014-04-232-4/+2
|
* replace a bunch of hand duped strings with strduptedu2014-04-234-20/+8
|
* Don't bother generating win64 assembly prologue.miod2014-04-232-52/+4
|
* malloc/memset -> calloc. from peter malonetedu2014-04-232-4/+2
|
* No longer needed during build. Brings a smile on beck@'s face.miod2014-04-232-12/+0
|
* null pointers after free to prevent double frees and worse. also fix atedu2014-04-231-12/+6
| | | | very obvious use after free. this file may still be a total loss.
* The usual idiom to cope with systems not defining socklen_t is to add amiod2014-04-234-98/+16
| | | | | | | | | | | | | | | | | | #define socklen_t int somewhere (or a typedef, whatever gives you an integer type of the size your system expects as the 3rd argument of accept(2), really). OpenSSL here is a bit more creative by using an union of an int and a size_t, and extra code if sizeof(int) != sizeof(size_t) in order to recover the proper size. With a comment mentioning that this has no chance to work on a platform with a stack growing up and accept() returning an int, fortunately this seems to work on HP-UX. Switch to the light side of the force and declare and use socklen_t variables, period. If your system does not define socklen_t, consider bringing it back to your vendor for a refund. ok matthew@ tedu@
* whitespacetedu2014-04-232-4/+4
|
* close socket in failure cases tootedu2014-04-232-0/+6
|
* if realloc failed, BIO_accept would leak memory and return NULL, causingtedu2014-04-232-4/+22
| | | | caller to crash. Fix leak and return an error instead. from Chad Loder
* One last Dec C tentacle on alpha.miod2014-04-232-8/+2
|
* When I grow up, I want to write workaround for long long multiplicationsmiod2014-04-232-30/+0
| | | | under __TANDEM systems and compilers, using hardcoded octal numbers. NOT.
* Remove IRIX_CC_BUG workaround.miod2014-04-232-12/+0
|
* I'm glad to know that Ultrix CC has a bug optimizing switch() statementsmiod2014-04-234-30/+0
| | | | | lacking an explicit `case 0:' construct. But Ultrix has been dead for more than 15 years, really. Don't give it any reason to move out of its coffin.
* Grr, the more you remove, the more there remain.miod2014-04-234-1236/+0
|
* Forgotten during latest spring cleaning of unreferenced bits.miod2014-04-232-552/+0
|
* Unifdef -UPEDANTIC. ok beck@ tedu@miod2014-04-2339-221/+70
|
* Remove duplicate pointer assignment in ASN1_primitive_free(); Dirk Englingmiod2014-04-232-2/+0
|
* Figure out endianness at compile-time, using _BYTE_ORDER frommiod2014-04-2318-138/+104
| | | | | | | <machine/endian.h>, rather than writing 1 to a 32-bit variable and checking whether the first byte is nonzero. tweaks and ok matthew@; ok beck@ tedu@
* remove Z option and default to something halfway to J.tedu2014-04-231-32/+22
| | | | | | | we always junk small chunks now, and the first part of pages, but only after free. J still does the old thing. j disables everything. Consider experimental as we evaluate performance in the real world. ok otto
* Casting from a const unsigned char ** to a const unsigned char ** seems...jsing2014-04-232-16/+8
| | | | | | | unnecessary. Remove the temporary ugly casts - the comments even call them that! ok guenther@
* We do not need ARGV, Argc and Argv - just use argc and argv like normaljsing2014-04-231-12/+9
| | | | | | people do. ok beck@ (although he wanted #Arrrrrrrgv instead).
* explain a bit more what's going on for stupid me.espie2014-04-231-1/+4
| | | | okay otto@
* Better, cleaner hash function that computes the same on be and le archs.otto2014-04-231-10/+8
| | | | Should improve sparc64 and other be archs. ok matthew@ miod@
* Make libssl and libcrypto compile with -Werrorbeck2014-04-238-10/+10
| | | | ok miod@
* Make sure ret->name is NULL'ed before return when freeing.beck2014-04-232-0/+2
| | | | from Dirk Engling <erdgeist@erdgeist.org>
* Rather than sprinkling magical numbers everywhere, we can use sizeof()beck2014-04-232-8/+8
| | | | | for the size of a fixed size array. From Dirk Engling <erdgeist@erdgeist.org>
* unifdef -UAES_LONG for we do not intend to run on platforms where int is smallermiod2014-04-224-16/+0
| | | | than 32 bits.
* So it turns out that libcrypto on i386 platforms, unconditionaly compiles thismiod2014-04-222-78/+0
| | | | | | | | | | | | | little gem called OPENSSL_indirect_call(), supposedly to be ``handy under Win32''. In my view, this is a free-win ROP entry point. Why try and return to libc when you can return to libcrypto with an easy to use interface? Better not give that much attack surface, and remove this undocumented entry point. ok beck@ tedu@
* When compiling with AES_WRAP_TEST, make main() return a meaningful valuemiod2014-04-224-3/+44
| | | | | instead of garbage, and add this to the libcrypto regress. Note these tests are incomplete, as they always use the default IV.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-05 02:49:29 +0000