summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* In ssl3_send_certificate_request(), when adding the extra payload ifmiod2014-05-182-2/+12
| | | | | | | NETSCAPE_HANG_BUG is defined, make sure we BUF_MEM_grow() the buffer to accomodate for the payload size. Issue reported by David Ramos; ok beck@
* Make sure ssl3_setup_buffers() does not return upon error with a freedmiod2014-05-182-14/+14
| | | | | | | pqueue still chained, by inserting it into the list only after all possible failure conditions have been avoided. Reported and fix proposed by David Ramos; ok beck@
* bio_err is initialised in main, hence there is no need to initialise itjsing2014-05-1846-168/+16
| | | | | | | | | | | | in each application (since there is no longer a non-monolithic mode). In typical OpenSSL fashion, the code is inconsistent and there are multiple ways that bio_err was initialised - none of them actually checked to see if the initialisation actually succeeded. Additionally, it is worth noting that in at least two cases bio_err was also being used before it would have been initialised. ok miod@
* More KNF.jsing2014-05-1820-386/+416
|
* Omit -Werror if building with gcc3, for it triggers "redefinition of `pqueue'"miod2014-05-181-2/+6
| | | | warnings now that pqueue.h has been removed from public scope.
* No need to check for NULL before invoking free(); use calloc() whenmiod2014-05-182-60/+14
| | | | | | applicable; further simplify pqueue_find(). From Dimitris Papastamos on tech@
* sync openssl(1) with changes already made in src/lib/libssl/doc, reminded bysthen2014-05-181-5/+5
| | | | jmc: move from 1024 to 2048 bit key defaults; see genrsa.c 1.26 et al.
* does sunos not have memmove? sorry, i guess sunos will not have libressl.tedu2014-05-172-42/+6
| | | | ok guenther miod
* unchecked malloc() return value in OCSP_sendreq_new().miod2014-05-172-0/+4
|
* KNFmiod2014-05-1716-2548/+2664
|
* add missing header needed for mem{cpy,cmp}()chl2014-05-171-0/+1
| | | | ok tedu@
* correctly match size and buffer. from enh at googletedu2014-05-171-3/+3
|
* simple reallocarray to check multiplies. ok guenthertedu2014-05-172-12/+8
|
* no no md2tedu2014-05-179-57/+0
|
* no no seedtedu2014-05-174-34/+0
|
* deleted seed some time agotedu2014-05-1713-295/+0
|
* Add missing header needed by isdigit().chl2014-05-171-4/+5
| | | | | | While there, sort headers. ok tedu@
* refactor some of the des crypt code to use fewer globals.tedu2014-05-172-42/+45
| | | | ok miod
* switch RSA key generation default to 2048 bits (matching ssh); ok miod@sthen2014-05-175-5/+5
|
* update NAME and MLINKS for previous;jmc2014-05-162-5/+7
|
* document crypt_checkpasstedu2014-05-161-1/+14
|
* Include openssl/evp.h for OPENSSL_add_all_algorithms_noconf().jsing2014-05-161-0/+1
| | | | From Brent Cook.
* Fix various issues that result in compiler warnings.jsing2014-05-161-13/+14
| | | | Prompted by a diff from Brent Cook.
* When OPENSSL_LOAD_CONF was added it ended up with more #if 0 code,jsing2014-05-167-190/+30
| | | | | | | | | | | more #ifdefs and a new source file that contains a single function. Nuke the #if 0 code that is now a macro and move the single function in evp_acnf.c to c_all.c, which is where the other code lives. While here, tidy evp.h slightly, remove an unnecessary #ifdef __OpenBSD__ and nuke a comment that is now a lie. ok miod@
* use $2b in the bcrypt example, ok tedusthen2014-05-161-3/+3
|
* Fix memory leaks upon failure.miod2014-05-154-54/+78
| | | | ok beck@
* Replace ASN1_GENERALIZEDTIME_adj(), ASN1_UTCTIME_adj() andmiod2014-05-156-50/+146
| | | | | | | ASN1_TIME_to_generalizedtime() with wrappers around their former implementations, making sure memory allocated is freed in all failure cases. help and ok from beck@ and Brendan MacDonell.
* No longer make pqueue.h a public (and installed) header file. Replace itsmiod2014-05-157-6/+12
| | | | | | | | | inclusion in <ssl/dtls1.h> by the benign `struct _pqueue; typedef struct _pqueue *pqueue;'. Note that said dtls1.h should probably be considered a private header as well... ok beck@
* Get pqueue.h from the libssl sources rather than relying upon it beingmiod2014-05-152-2/+4
| | | | installed.
* More KNF.jsing2014-05-158-14/+14
|
* Add additional chacha20-poly1305 test vectors.jsing2014-05-152-10/+620
| | | | Thanks to Piotr Sikora for providing a reference to the source.
* Use C99 initialisers for the AEAD struct.jsing2014-05-152-18/+18
|
* Add chacha20-poly1305 test vector to regress.jsing2014-05-152-5/+24
|
* KNF.jsing2014-05-152-140/+134
|
* Add a ChaCha20-Poly1305 AEAD EVP implementation to libcrypto, from Adamjsing2014-05-157-2/+546
| | | | | | Langley's Chromium OpenSSL patches. ok miod@
* KNF.jsing2014-05-1512-613/+736
|
* Add a regress test for AEAD, based on Adam Langley's code.jsing2014-05-153-0/+413
|
* Add an AEAD EVP interface to libcrypto, along with AES-GCM AEADjsing2014-05-1511-68/+1100
| | | | | | | implementations. This largely pulls in Adam Langley's AEAD patches from Chromium's OpenSSL. ok miod@
* Stop being a dummy... presumably these are left overs from pedantic modejsing2014-05-1518-44/+4
| | | | | | that were not wrapped with #if PEDANTIC. ok miod@
* stop flushing streams in abort(). it's hackish and unsafe, and no longertedu2014-05-142-21/+13
| | | | | required. try to document this fact and some of the history. with feedback from deraadt guenther millert
* Add poly1305 to libcrypto utilising Andrew Moon's public domainjsing2014-05-1410-2/+877
| | | | | | implementation. ok miod@
* Remove AES_bi_ige_encrypt() from libcrypto. This routine is supposed to usemiod2014-05-125-366/+0
| | | | | | | | | | | | | two keys and four IVs to do much magic, is specified as such with test vectors, but the implementation actually always uses the first key, and the test vectors were computed with it, so they are wrong. Fixing the code to match the intended specification would break interoperability with existing code (assuming such code would exist), so it is better to remove this interface, which is obviously too complex for mere mortals if even its author can not implement it correctly. Riding on the libcrypto major bump.
* Bring back ASN1_seq_pack(), ASN1_seq_unpack(), ASN1_pack_string() andmiod2014-05-126-0/+430
| | | | | | | | ASN1_unpack_string() from the NO_ASN1_OLD purge; turns out that some Ruby extensions still use them, unfortunately, so we need to give them some more time to catch up on ``recent'' interfaces. Riding on the libcrypto major bump.
* Move the `pqueue' part of libcrypto, which is a glorified sorted linked listmiod2014-05-1212-62/+40
| | | | | | | | | | | | | of 64-bit data, and only used by DTLS, to libssl where it belongs. Remove pqueue_print() which is a debugging interface and serves no useful purpose, except for the regress test, which grows its own pqueue_print() routine. Bump libcrypto major and libssl minor. WARNING: do not update your tree right now, more changes are coming, which will ride the libcrypto major bump.
* remove md5crypt.tedu2014-05-125-195/+65
| | | | | | while changing things, add a crypt_checkpass wrapper that handles most of the edge cases. (not quite ready for production, though.) ok deraadt
* change to having four freelists per size, to reduce another source oftedu2014-05-121-16/+20
| | | | | deterministic behavior. four selected because it's more than three, less than five. i.e., no particular reason.
* More KNF.jsing2014-05-1110-32/+54
|
* KNF.jsing2014-05-114-644/+574
|
* fix MALLOC_STATS code that was broken in rev 1.159, not compiled in by defaultotto2014-05-101-2/+2
|
* __bounded => __attribute__((__bounded__djm2014-05-102-10/+10
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 15:58:51 +0000