summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
* Switch from <sys/endian.h> or <machine/endian.h> to the new,guenther2014-07-215-10/+10
| | | | | | being-standardized <endian.h> ok deraadt@ millert@ beck@
* Move more OS-specific functionality to arc4random.h headers.bcook2014-07-2010-14/+88
| | | | | | | | Move <sys/mman.h> and raise(SIGKILL) calls to OS-specific headers. On OpenBSD, move thread_private.h as well to arc4random.h. On Windows, use TerminateProcess on getentropy failure. ok deraadt@
* initial win32 ARC4_LOCK/UNLOCK implementation.bcook2014-07-202-2/+42
| | | | | It may make sense to later replace this with a Critical Section later. ok guenther@
* From ISO/IEC 9899:1999 and 9899:201x,guenther2014-07-202-5/+5
| | | | | | | | | 6.11.5 - Storage-class specifiers: The placement of a storage-class specifier other than at the beginning of the declaration specifiers in a declaration is an obsolescent feature. Diff from Jean-Philippe Ouellet (jean-philippe (at) ouellet.biz)
* Demonstrate how new linux getrandom() will be called, at least untilderaadt2014-07-202-2/+74
| | | | | | it shows up in libraries. Even the system call is probably not finalized. Bit dissapointed it has turned out to be a descriptor-less read() with EINVAL and EINTR error conditions, but we can work with it.
* Mark the format string argument to BIO_*printf as not being allowed to be NULLguenther2014-07-202-10/+14
| | | | ok bcook@
* Fix ordering breakage, moving the fclose() test last again.guenther2014-07-201-6/+22
| | | | | | Also correct some format strings. From Doug Hogan (doug (at) acyclic.org)
* Make sure the correct errno is reported by warn* or err* and notguenther2014-07-207-7/+14
| | | | | | the errno of an intervening cleanup operation like close/unlink/etc. Diff from Doug Hogan (doug (at) acyclic.org)
* Delete unused variables found by -Wallguenther2014-07-205-5/+2
|
* Add missing include. Tickled by Doug Hogan (doug (at) acyclic.org)guenther2014-07-201-0/+1
|
* remove disabled main hook; we use phdr now; ok bcookderaadt2014-07-196-42/+6
|
* arc4random re-seeds with getentropy() now; ok deraadt@ jmc@naddy2014-07-191-3/+3
|
* tab lovederaadt2014-07-192-6/+6
|
* Move _ARC4_ATFORK handlers from thread_private.h in portable.bcook2014-07-196-6/+30
|
* move _ARC4_LOCK/UNLOCK primitives from thread_private into OS-specific modulesbcook2014-07-196-6/+44
|
* fixup typosbcook2014-07-196-110/+108
|
* Fix strtonum range to unbreak -pass fd:0lteo2014-07-191-2/+2
| | | | ok deraadt@
* Change _rs_allocate so it can combine the two regions (rs and rsx)deraadt2014-07-1910-138/+135
| | | | | | | | | | into one if a system has an awesome getentropy(). In that case it is valid to totally throw away the rsx state in the child. If the getentropy() is not very good and has a lazy reseed operation, this combining is a bad idea, and the reseed should probably continue to use the "something old, something new" mix. _rs_allocate() can accomodate either method, but not on the fly. ok matthew
* Cleanup portable arc4random fork detection code:matthew2014-07-186-66/+48
| | | | | | | | | | | | | | 1. Use "len" parameter instead of sizeof(*rs). 2. Simplify the atfork handler to be strictly async signal safe by simply writing to a global volatile sig_atomic_t object, and then checking for this in _rs_forkdetect(). (Idea from discussions with Szabolcs Nagy and Rich Felker.) 3. Use memset(rs, 0, sizeof(*rs)) to match OpenBSD's MAP_INHERIT_ZERO fork semantics to avoid any skew in behavior across platforms. ok deraadt
* missing newlinederaadt2014-07-181-2/+2
|
* Remove "const" from the lsearch(3) manual's synopsis too.matthew2014-07-181-3/+3
| | | | Reminded by Rafael Neves
* zap trailing whitespace;jmc2014-07-181-3/+3
|
* Change lsearch()'s "base" argument to require a non-const pointer tomatthew2014-07-181-2/+2
| | | | | | | align with POSIX and other systems. Pointed out by Elliott Hughes on tech ok deraadt
* Seperate arc4random's os-dependent parts into static inline functions,deraadt2014-07-1810-36/+543
| | | | | making it much easier for libressl -portable to fill in the gaps. ok bcook beck
* avoid errx(); Jonas Termansenderaadt2014-07-171-3/+5
|
* avoid sys/param.h; Jonas Termansenderaadt2014-07-174-10/+12
|
* it is 2014, and we still need to encourage people away from srand()deraadt2014-07-172-5/+14
| | | | and random(). Sigh.
* "Race-free because we're running single-threaded in a newderaadt2014-07-171-1/+5
| | | | | address space, and once allocated rs is never deallocated." document the forkhandler to save reviewers time, with matthew
* Missing bounds check in ssl3_get_certificate_request(), was not spotted inmiod2014-07-172-2/+12
| | | | 1.78; reported by Ilja Van Sprundel.
* Free sktmp when it's no longer needed. By doing so, we fix a bunch of memory ↵logan2014-07-172-4/+8
| | | | | | | | leaks. From miod@ OK from miod@ and guenther@
* Fix tlsext_tick_lifetime_hint value in test #2 to make sure themiod2014-07-161-29/+29
| | | | | (tlsext_tick_lifetime_hint > 0) test also passes on 32-bit platforms (tlsext_tick_lifetime_hint is a long).
* Only call getauxval(3) if HAVE_GETAUXVAL is defined. Fixes build on olderkettenis2014-07-162-2/+6
| | | | | | | Linux (such as Ubuntu 12.04LTS) that don't have it yet. Seems the AT_XXX defines are pulled in by <link.h> now. ok beck@
* do not need a variable to track locking, since all code paths have itderaadt2014-07-162-10/+4
| | | | locked throughout.
* #ifdef wrap the _rs_forkhandlerderaadt2014-07-161-1/+3
|
* added handler for an atfork hook from kettenis@bcook2014-07-161-1/+10
| | | | ok deraadt@ beck@ kettenis@
* not needed anymorederaadt2014-07-142-1173/+0
|
* Fix memory leak upon error in ssl_parse_clienthello_use_srtp_ext().miod2014-07-142-12/+12
| | | | From BoringSSL.
* whitespacederaadt2014-07-1445-172/+172
|
* Improve RAND_write_file(), chmod crud, etc.deraadt2014-07-142-54/+38
| | | | ok tedu
* Add configuration handling for certificate and key files.jsing2014-07-133-7/+22
|
* Add stubs for the proposed server API.jsing2014-07-133-1/+72
|
* Stop leaking internal library pointers in error messages.jsing2014-07-132-4/+4
| | | | Requested by miod@
* Tabs, not spaces.jsing2014-07-133-22/+22
|
* Rename the context allocation from ressl_new to ressl_client, which makesjsing2014-07-133-1/+30
| | | | | it completely obvious what the context is for. Ensure client functions are used on client contexts.
* Split the context allocation out from the configuration. This will allowjsing2014-07-132-5/+14
| | | | | | us to properly report errors that occur during configuration processing. Discussed with tedu@
* Move the client code into a separate file.jsing2014-07-133-161/+185
|
* Rename various configuration handling functions.jsing2014-07-132-13/+14
| | | | Requested by and discussed with tedu@.
* Use a single ressl.h header file.jsing2014-07-135-45/+18
| | | | Discussed with beck@ and tedu@.
* Explicitly initialise slen - this was not previously done due to a missingjsing2014-07-132-2/+4
| | | | M_ASN1_D2I_begin macro.
* Convert error handling to SSLerr and ERR_asprintf_error_data.jsing2014-07-132-118/+108
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-16 21:58:09 +0000