summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Make sure PEM_def_callback() correctly handles negative buffer sizes; all usesmiod2014-07-232-20/+34
| | | | | | | within libcrypto are safe, but until we can change this function prototype to use size_t instead of int, better be safe than sorry. tweaks and ok guenther@
* Check the return value of the UI functions (including UI_new() which returnmiod2014-07-232-12/+22
| | | | | | value is happily dereferenced without checking it for being non-NULL). ok beck@
* Now that DES_random_key() can be trusted, use it to generate DES keys in themiod2014-07-224-24/+20
| | | | | | | EVP_CTRL_RAND_KEY method handlers, rather than generating a random odd key and not even checking it against the weak keys list. ok beck@
* In DES_random_key(), force the generated key to the odd parity before checkingmiod2014-07-222-16/+16
| | | | | | | | | | | it is not one of the weak and semi-weak keys. Even though the probability of generating a weak key with incorrect parity is abysmally small, there is no reason to be correct (although, if you're in a need for fresh DES keys nowadays, you should seriously consider switching to a stronger symmetric cipher algorithm). ok beck@
* Handle failure of NETSCAPE_SPKI_b64_encode() and don't leak memoryguenther2014-07-221-6/+10
| | | | | | when BIO_new_{file,fp}() fails. inspired by a diff from logan@ ok miod@
* Use Cm instead of Li for 'MASK:'guenther2014-07-221-2/+2
| | | | (Overlooked among jmc@'s other suggestions)
* Rewrite the description of the string_mask config file option to matchguenther2014-07-221-34/+30
| | | | | | reality, and reformatting to be readable. formatting and wording suggestions miod@ jmc@
* Kill a bunch more BUF_strdup's - these are converted to have a check forbeck2014-07-2212-30/+40
| | | | | NULL before an intrinsic strdup. ok miod@
* better match proposed syscall apibcook2014-07-222-16/+4
|
* protect sysctl path with SYS__sysctl instead; from enh@google, ok bcookderaadt2014-07-212-12/+12
|
* Use explicit_bzero() instead of memset() on buffers going out of scope.guenther2014-07-216-12/+18
| | | | | | | Also, zero the SHA256 context. suggested by "eric" in a comment on an opensslrampage.org post ok miod@ deraadt@
* cast from void * before math; enh@googlederaadt2014-07-212-4/+4
|
* missing newlinederaadt2014-07-211-1/+2
|
* Switch from <sys/endian.h> or <machine/endian.h> to the new,guenther2014-07-215-10/+10
| | | | | | being-standardized <endian.h> ok deraadt@ millert@ beck@
* Move more OS-specific functionality to arc4random.h headers.bcook2014-07-2010-14/+88
| | | | | | | | Move <sys/mman.h> and raise(SIGKILL) calls to OS-specific headers. On OpenBSD, move thread_private.h as well to arc4random.h. On Windows, use TerminateProcess on getentropy failure. ok deraadt@
* initial win32 ARC4_LOCK/UNLOCK implementation.bcook2014-07-202-2/+42
| | | | | It may make sense to later replace this with a Critical Section later. ok guenther@
* From ISO/IEC 9899:1999 and 9899:201x,guenther2014-07-202-5/+5
| | | | | | | | | 6.11.5 - Storage-class specifiers: The placement of a storage-class specifier other than at the beginning of the declaration specifiers in a declaration is an obsolescent feature. Diff from Jean-Philippe Ouellet (jean-philippe (at) ouellet.biz)
* Demonstrate how new linux getrandom() will be called, at least untilderaadt2014-07-202-2/+74
| | | | | | it shows up in libraries. Even the system call is probably not finalized. Bit dissapointed it has turned out to be a descriptor-less read() with EINVAL and EINTR error conditions, but we can work with it.
* Mark the format string argument to BIO_*printf as not being allowed to be NULLguenther2014-07-202-10/+14
| | | | ok bcook@
* Fix ordering breakage, moving the fclose() test last again.guenther2014-07-201-6/+22
| | | | | | Also correct some format strings. From Doug Hogan (doug (at) acyclic.org)
* Make sure the correct errno is reported by warn* or err* and notguenther2014-07-207-7/+14
| | | | | | the errno of an intervening cleanup operation like close/unlink/etc. Diff from Doug Hogan (doug (at) acyclic.org)
* Delete unused variables found by -Wallguenther2014-07-205-5/+2
|
* Add missing include. Tickled by Doug Hogan (doug (at) acyclic.org)guenther2014-07-201-0/+1
|
* remove disabled main hook; we use phdr now; ok bcookderaadt2014-07-196-42/+6
|
* arc4random re-seeds with getentropy() now; ok deraadt@ jmc@naddy2014-07-191-3/+3
|
* tab lovederaadt2014-07-192-6/+6
|
* Move _ARC4_ATFORK handlers from thread_private.h in portable.bcook2014-07-196-6/+30
|
* move _ARC4_LOCK/UNLOCK primitives from thread_private into OS-specific modulesbcook2014-07-196-6/+44
|
* fixup typosbcook2014-07-196-110/+108
|
* Fix strtonum range to unbreak -pass fd:0lteo2014-07-191-2/+2
| | | | ok deraadt@
* Change _rs_allocate so it can combine the two regions (rs and rsx)deraadt2014-07-1910-138/+135
| | | | | | | | | | into one if a system has an awesome getentropy(). In that case it is valid to totally throw away the rsx state in the child. If the getentropy() is not very good and has a lazy reseed operation, this combining is a bad idea, and the reseed should probably continue to use the "something old, something new" mix. _rs_allocate() can accomodate either method, but not on the fly. ok matthew
* Cleanup portable arc4random fork detection code:matthew2014-07-186-66/+48
| | | | | | | | | | | | | | 1. Use "len" parameter instead of sizeof(*rs). 2. Simplify the atfork handler to be strictly async signal safe by simply writing to a global volatile sig_atomic_t object, and then checking for this in _rs_forkdetect(). (Idea from discussions with Szabolcs Nagy and Rich Felker.) 3. Use memset(rs, 0, sizeof(*rs)) to match OpenBSD's MAP_INHERIT_ZERO fork semantics to avoid any skew in behavior across platforms. ok deraadt
* missing newlinederaadt2014-07-181-2/+2
|
* Remove "const" from the lsearch(3) manual's synopsis too.matthew2014-07-181-3/+3
| | | | Reminded by Rafael Neves
* zap trailing whitespace;jmc2014-07-181-3/+3
|
* Change lsearch()'s "base" argument to require a non-const pointer tomatthew2014-07-181-2/+2
| | | | | | | align with POSIX and other systems. Pointed out by Elliott Hughes on tech ok deraadt
* Seperate arc4random's os-dependent parts into static inline functions,deraadt2014-07-1810-36/+543
| | | | | making it much easier for libressl -portable to fill in the gaps. ok bcook beck
* avoid errx(); Jonas Termansenderaadt2014-07-171-3/+5
|
* avoid sys/param.h; Jonas Termansenderaadt2014-07-174-10/+12
|
* it is 2014, and we still need to encourage people away from srand()deraadt2014-07-172-5/+14
| | | | and random(). Sigh.
* "Race-free because we're running single-threaded in a newderaadt2014-07-171-1/+5
| | | | | address space, and once allocated rs is never deallocated." document the forkhandler to save reviewers time, with matthew
* Missing bounds check in ssl3_get_certificate_request(), was not spotted inmiod2014-07-172-2/+12
| | | | 1.78; reported by Ilja Van Sprundel.
* Free sktmp when it's no longer needed. By doing so, we fix a bunch of memory ↵logan2014-07-172-4/+8
| | | | | | | | leaks. From miod@ OK from miod@ and guenther@
* Fix tlsext_tick_lifetime_hint value in test #2 to make sure themiod2014-07-161-29/+29
| | | | | (tlsext_tick_lifetime_hint > 0) test also passes on 32-bit platforms (tlsext_tick_lifetime_hint is a long).
* Only call getauxval(3) if HAVE_GETAUXVAL is defined. Fixes build on olderkettenis2014-07-162-2/+6
| | | | | | | Linux (such as Ubuntu 12.04LTS) that don't have it yet. Seems the AT_XXX defines are pulled in by <link.h> now. ok beck@
* do not need a variable to track locking, since all code paths have itderaadt2014-07-162-10/+4
| | | | locked throughout.
* #ifdef wrap the _rs_forkhandlerderaadt2014-07-161-1/+3
|
* added handler for an atfork hook from kettenis@bcook2014-07-161-1/+10
| | | | ok deraadt@ beck@ kettenis@
* not needed anymorederaadt2014-07-142-1173/+0
|
* Fix memory leak upon error in ssl_parse_clienthello_use_srtp_ext().miod2014-07-142-12/+12
| | | | From BoringSSL.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-02 21:42:39 +0000