summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* fix MALLOC_STATS (not compiled in by default); ok tedu@otto2014-05-211-18/+19
|
* KSSL is dead... nuke KSSL_DEBUG from orbit.jsing2014-05-2010-276/+0
| | | | ok beck@ miod@
* Use errc/warnc to simplify code.guenther2014-05-202-9/+9
| | | | | | Also, in 'ftp', always put the error message last, after the hostname/ipaddr. ok jsing@ krw@ millert@
* Bring UTF8_{getc,putc} up-to-date: it's been a decade since 5- and 6-byteguenther2014-05-208-186/+176
| | | | | | | | encodings and encoding of surrogate pair code points were banned. Add checks for those, both to those functions and to the code decoding the BMP and UNIV encodings. ok miod@
* Fix several bounds checks in ssl_add_clienthello_tlsext() andmiod2014-05-192-68/+78
| | | | | | | | | ssl_add_serverhello_tlsext(), and convert all of them to the same idiom, for easier review. Math is hard, let's go webshopping. Help and ok guenther@
* More KNF.jsing2014-05-191-60/+60
|
* More whack-a-mole^Wfips.jsing2014-05-192-18/+1
| | | | ok miod@
* It is perfectly valid to call free(NULL), so stop checking for non-NULLjsing2014-05-1929-128/+80
| | | | before calling free - of some course parts of the code already did this.
* Enable the 3- and 4-byte sequence tests for UTF8_getc()guenther2014-05-191-9/+18
| | | | | Add surrogate and out-of-range tests for UTF8_putc() on the assumption we'll make it return -2. Maybe.
* Add regression test for UTF8_{getc,putc}()guenther2014-05-183-2/+317
|
* If you need to allocate `a + b' bytes of memory, then don't allocate `a + b*2',miod2014-05-186-12/+12
| | | | | | this is confusing and unnecessary. Help (coz I got confused) and ok guenther@ beck@
* Make sure UTF8_getc() is invoked with the proper buffer size.miod2014-05-182-4/+4
| | | | ok beck@ guenther@
* factor out a bit of the chunk index code and use it to make sure that atedu2014-05-181-14/+33
| | | | | freed chunk is actually freeable immediately. catch more errors. hints/ok otto
* Out of all the openssl apps, just one of them has code to mess around withjsing2014-05-181-12/+0
| | | | | | electric fence externs. Nuke from orbit. ok miod@
* W_OK comes via unistd.h - nuke several #ifndef W_OK that attempt to handlejsing2014-05-181-13/+2
| | | | missing defines.
* Remove unused include.jsing2014-05-183-3/+0
|
* Group and sort includes.jsing2014-05-1850-214/+308
| | | | | | | | Currently "apps.h" needs to be included before any of the openssl headers and there are several cases where the code depends on headers that are included by something included by apps.h... More untangling saved for later on.
* Plug memory leaks upon error in OCSP_url_svcloc_new().miod2014-05-182-12/+18
| | | | ok jsing@
* In OCSP_sendreq_bio(), cope with OCSP_sendreq_new() returning NULL.miod2014-05-182-8/+12
| | | | ok jsing@
* In dtls1_reassemble_fragment() and dtls1_process_out_of_seq_message(), in casemiod2014-05-182-14/+6
| | | | | | | | of error, make sure we do not free pitem which is still linked into the pqueue. In the same vain, only free `frag' if we allocated it in this function. Help and ok beck@
* In ssl3_send_certificate_request(), when adding the extra payload ifmiod2014-05-182-2/+12
| | | | | | | NETSCAPE_HANG_BUG is defined, make sure we BUF_MEM_grow() the buffer to accomodate for the payload size. Issue reported by David Ramos; ok beck@
* Make sure ssl3_setup_buffers() does not return upon error with a freedmiod2014-05-182-14/+14
| | | | | | | pqueue still chained, by inserting it into the list only after all possible failure conditions have been avoided. Reported and fix proposed by David Ramos; ok beck@
* bio_err is initialised in main, hence there is no need to initialise itjsing2014-05-1846-168/+16
| | | | | | | | | | | | in each application (since there is no longer a non-monolithic mode). In typical OpenSSL fashion, the code is inconsistent and there are multiple ways that bio_err was initialised - none of them actually checked to see if the initialisation actually succeeded. Additionally, it is worth noting that in at least two cases bio_err was also being used before it would have been initialised. ok miod@
* More KNF.jsing2014-05-1820-386/+416
|
* Omit -Werror if building with gcc3, for it triggers "redefinition of `pqueue'"miod2014-05-181-2/+6
| | | | warnings now that pqueue.h has been removed from public scope.
* No need to check for NULL before invoking free(); use calloc() whenmiod2014-05-182-60/+14
| | | | | | applicable; further simplify pqueue_find(). From Dimitris Papastamos on tech@
* sync openssl(1) with changes already made in src/lib/libssl/doc, reminded bysthen2014-05-181-5/+5
| | | | jmc: move from 1024 to 2048 bit key defaults; see genrsa.c 1.26 et al.
* does sunos not have memmove? sorry, i guess sunos will not have libressl.tedu2014-05-172-42/+6
| | | | ok guenther miod
* unchecked malloc() return value in OCSP_sendreq_new().miod2014-05-172-0/+4
|
* KNFmiod2014-05-1716-2548/+2664
|
* add missing header needed for mem{cpy,cmp}()chl2014-05-171-0/+1
| | | | ok tedu@
* correctly match size and buffer. from enh at googletedu2014-05-171-3/+3
|
* simple reallocarray to check multiplies. ok guenthertedu2014-05-172-12/+8
|
* no no md2tedu2014-05-179-57/+0
|
* no no seedtedu2014-05-174-34/+0
|
* deleted seed some time agotedu2014-05-1713-295/+0
|
* Add missing header needed by isdigit().chl2014-05-171-4/+5
| | | | | | While there, sort headers. ok tedu@
* refactor some of the des crypt code to use fewer globals.tedu2014-05-172-42/+45
| | | | ok miod
* switch RSA key generation default to 2048 bits (matching ssh); ok miod@sthen2014-05-175-5/+5
|
* update NAME and MLINKS for previous;jmc2014-05-162-5/+7
|
* document crypt_checkpasstedu2014-05-161-1/+14
|
* Include openssl/evp.h for OPENSSL_add_all_algorithms_noconf().jsing2014-05-161-0/+1
| | | | From Brent Cook.
* Fix various issues that result in compiler warnings.jsing2014-05-161-13/+14
| | | | Prompted by a diff from Brent Cook.
* When OPENSSL_LOAD_CONF was added it ended up with more #if 0 code,jsing2014-05-167-190/+30
| | | | | | | | | | | more #ifdefs and a new source file that contains a single function. Nuke the #if 0 code that is now a macro and move the single function in evp_acnf.c to c_all.c, which is where the other code lives. While here, tidy evp.h slightly, remove an unnecessary #ifdef __OpenBSD__ and nuke a comment that is now a lie. ok miod@
* use $2b in the bcrypt example, ok tedusthen2014-05-161-3/+3
|
* Fix memory leaks upon failure.miod2014-05-154-54/+78
| | | | ok beck@
* Replace ASN1_GENERALIZEDTIME_adj(), ASN1_UTCTIME_adj() andmiod2014-05-156-50/+146
| | | | | | | ASN1_TIME_to_generalizedtime() with wrappers around their former implementations, making sure memory allocated is freed in all failure cases. help and ok from beck@ and Brendan MacDonell.
* No longer make pqueue.h a public (and installed) header file. Replace itsmiod2014-05-157-6/+12
| | | | | | | | | inclusion in <ssl/dtls1.h> by the benign `struct _pqueue; typedef struct _pqueue *pqueue;'. Note that said dtls1.h should probably be considered a private header as well... ok beck@
* Get pqueue.h from the libssl sources rather than relying upon it beingmiod2014-05-152-2/+4
| | | | installed.
* More KNF.jsing2014-05-158-14/+14
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-28 12:16:59 +0000