summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* obvious malloc -> reallocarray, for mult int oflowderaadt2014-10-081-2/+2
|
* fix an indentation that makes me upsetderaadt2014-10-081-2/+2
|
* Use strdup() instead of malloc() + memcpy().miod2014-10-072-16/+6
| | | | ok doug@ jsing@
* EC_KEY_set_group() does an EC_GROUP_dup() of its argument, so we don'tmiod2014-10-072-16/+4
| | | | | need to do it in ec_copy_parameters() prior to invoking EC_KEY_set_group(). ok doug@ jsing@
* When verifying whether an IP address is in the commonName of ajca2014-10-061-1/+15
| | | | | | certificate, do not perform wildcard matching. Suggested by Richard Moore (rich@kde) ok tedu@
* If we have to match against a wildcard in a cert, verify that it containsjca2014-10-061-3/+23
| | | | | | at least a domain label before the tld, as in *.example.org. Suggested by Richard Moore (rich@kde) ok tedu@
* The fixes to X509_PURPOSE_add() in r1.18 actually could cause a globalmiod2014-10-052-54/+58
| | | | | | | | | | | | | X509_PURPOSE object (obtained with X509_PURPOSE_get0() instead of being allocated in the function) to be freed if modifying that object would fail due to a low memory condition, while this object would still be referenced elsewhere. Fix this by only cleaning the object if we did not allocate it here. While there, fail early if either `name' or `sname' are NULL, rather than allocating an object and realizing we have nothing to strdup() into it. ok guenther@
* Be sure to check the stack push operation for success in v2i_POLICY_MAPPINGS();miod2014-10-052-34/+38
| | | | | | if it fails, free the object we were about to push. Factor error handling to avoid having four copies of about the same code. ok guenther@
* In v2i_AUTHORITY_INFO_ACCESS(), separate object allocation from object pushmiod2014-10-052-6/+16
| | | | | | on a stack; if the latter fails, we need to free the object before returning failure. ok guenther@
* Memory leak upon error in set_dist_point_name().miod2014-10-052-2/+4
| | | | ok guenther@
* Be sure to check object allocation for success before using them.miod2014-10-052-10/+20
| | | | Tweaks and ok guenther@
* Missing deallocation upon error.miod2014-10-052-4/+6
| | | | ok deraadt@ guenther@
* Fix memory leak in the error path of v2i_AUTHORITY_KEYID().miod2014-10-052-6/+12
| | | | ok deraadt@ guenther@
* compile with c89 (code / decl ordering); from Joakim.Tjernlund@transmode.sederaadt2014-10-052-4/+6
| | | | ok miod
* Use more specific curves/formats naming for local variables injsing2014-10-052-60/+56
| | | | | | | ssl_add_clienthello_tlsext() and ssl_add_serverhello_tlsext(), rather than the current generic naming. ok miod@
* Use tls1_get_curvelist() in ssl_add_clienthello_tlsext(), rather thanjsing2014-10-052-22/+4
| | | | | | hand rolling the same code. ok miod@
* Make tls1_get_formatlist() behave the same as tls1_get_curvelist() andjsing2014-10-052-42/+58
| | | | | | | | return the client format list if the client_formats flag is specified. Use tls1_get_formatlist()/tls1_get_curvelist() in tls1_check_ec_key(), simplifying the code. ok miod@
* verify changes are major changetedu2014-10-031-2/+2
|
* Bump minor for ECHD auto and other recent changes.jsing2014-10-031-1/+1
|
* Bump minor version for ECDH auto.jsing2014-10-032-2/+2
| | | | | While there are no additional symbols, there is an additional command that clients will potentially depend on.
* allow disabling hostname and cert verification separately.tedu2014-10-034-11/+22
| | | | | | if you're careful, cert only verification can be useful. always enable both though, to avoid accidentally leaving one off. ok jsing
* Allow "auto" to be specified as an ECDH curve name and make this thejsing2014-10-032-7/+13
| | | | | | default. This enables automatic handling of ephemeral EC keys. Discussed with reyk@ and tedu@
* Add support for automatic ephemeral EC keys.jsing2014-10-0314-26/+152
| | | | | | | | | | This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve. Based on OpenSSL with inspiration from boringssl. ok miod@
* Use string literals in printf style calls so gcc's -Wformat works.doug2014-10-038-40/+38
| | | | ok tedu@, miod@
* openssl.cnf tweaks following recent changes to usr.bin/openssl:sthen2014-10-011-44/+3
| | | | | | | | | | | | | | - don't define default_bits, allowing the compiled-in default (now 2048 bits) to take priority. - add commented-out default_md line in case somebody needs an easy way to change this. - remove some sample sections which aren't really useful in the default file (/etc/examples is the place for a more descriptive config, this file should be barebones). Help/OK jsing@. OKs on earlier diff (openssl.cnf only) from phessler@ aja@.
* Switch "openssl req" to using SHA256 for hashes and AES256 to encrypt on-disksthen2014-10-012-12/+12
| | | | | | | | | | keys by default (instead of SHA1/3DES) and update documentation to match. Another way to do this is s/NID_sha1/NID_sha256/ in src/crypto/rsa/rsa_ameth.c ("case ASN1_PKEY_CTRL_DEFAULT_MD_NID") but going with the more targetted method above that only affects "openssl req" for now. Help/OK jsing@. OKs on earlier diffs changing openssl.cnf from phessler@ aja@
* Clean up EC cipher handling in ssl3_choose_cipher().jsing2014-09-306-290/+304
| | | | | | | | | | | The existing code reaches around into various internals of EC, which it should not know anything about. Replace this with a set of functions that that can correctly extract the necessary details and handle the comparisions. Based on a commit to OpenSSL, with some inspiration from boringssl. ok miod@
* Previous fix (1.12) would cause a NULL pointer dereference in the error pathmiod2014-09-292-8/+6
| | | | | if a NULL stack was passed as argument. Fix this by returning NULL early in that case.
* Move cipher configuration handling to the shared SSL configuration functionjsing2014-09-292-10/+13
| | | | so that applies to both the ressl client and server.
* Add an option that allows the enabled SSL protocols to be explicitlyjsing2014-09-296-9/+51
| | | | | | | | configured. Discussed with several. ok bcook@
* When freeing the config, explicitly call ressl_config_clear_keys() ratherjsing2014-09-291-5/+6
| | | | | | than rerolling our own key clearing code. ok tedu@
* check_cert(): be sure to reset ctx->current_crl to NULL before freeing it.miod2014-09-292-20/+10
| | | | | | | | | X509_STORE_CTX_init(): do not free the X509_STORE_CTX * parameter upon failure, for we did not allocate it and it might not come from the heap, such as in check_crl_path() in this very same file where X509_STORE_CTX_init() gets invoked with a stack address. ok bcook@
* X509_NAME_get_text_by_OBJ(): make sure we do not pass a negative size tomiod2014-09-292-6/+10
| | | | | memcpy(). ok bcook@
* X509_VERIFY_PARAM_set1_name(): if invoked with NULL as the secondmiod2014-09-292-2/+4
| | | | | parameter, correctly set param->name to NULL after having freed it. ok bcook@
* Wrap long lines and add missing argument name.jsing2014-09-281-4/+6
|
* Bump minor after adding SSL_CTX_use_certificate_chain().reyk2014-09-282-2/+2
| | | | ok jsing@ miod@
* Provide a ressl config function that explicitly clears keys.jsing2014-09-282-2/+10
| | | | | | | | | Now that ressl config takes copies of the keys passed to it, the keys need to be explicitly cleared. While this can be done by calling the appropriate functions with a NULL pointer, it is simpler and more obvious to call one function that does this for you. ok tedu@
* Add a new API function SSL_CTX_use_certificate_chain() that allows toreyk2014-09-286-54/+111
| | | | | | | | | | | read the PEM-encoded certificate chain from memory instead of a file. This idea is derived from an older implementation in relayd that was needed to use the function with a privep'ed process in a chroot. Now it is time to get it into LibreSSL to make the API more privsep- friendly and to make it available for other programs and the ressl library. ok jsing@ miod@
* X509v3_add_ext(): do not free stuff we did not allocate in the error path.miod2014-09-282-4/+4
| | | | ok bcook@
* X509_TRUST_add(): check X509_TRUST_get0() return value before dereferencing it,miod2014-09-282-30/+46
| | | | | | for it may be NULL. Do not leak memory upon error. ok bcook@
* Someone (TM) thought it was smart to save memory by using malloc(1) andmiod2014-09-282-10/+8
| | | | | | | | | | | | | manual field fiddling to create an ASN1_INTEGER object, instead of using M_ASN1_INTEGER_new() which will allocate sizeof(long) bytes. That person had probably never looked into malloc(3) and never heard of allocation size rounding. Thus, replace the obfuscated code with M_ASN1_INTEGER_new() followed by ASN1_INTEGER_set(), to achieve a similar result, without the need for /* version == 0 */ comments. ok bcook@
* revamp the config interface to own memory. easier to use correctly withouttedu2014-09-283-49/+99
| | | | | | caller worrying about leaks or lifetimes. after feedback from jsing
* Revert r1.5 and reenable assembler version of ghash now that it has beenmiod2014-09-272-6/+6
| | | | fixed.
* Doh, rev 1.4 had left out one routine with both 32-bit and 64-bit code, wheremiod2014-09-272-0/+4
| | | | the 64-bit code has to be disabled under OpenBSD/hppa.
* Disable assembler code for ghash on hppa, causes wrong computations in somemiod2014-09-274-8/+8
| | | | | cases and breaks TLS 1.2; crank libcrypto.so minor version out of safety and to be able to tell broken versions apart easily.
* There is not much point checking ecdhp is not NULL... twice.jsing2014-09-274-28/+10
| | | | ok miod@
* Check that the specified curve is one of the client preferences.jsing2014-09-2710-16/+140
| | | | | | Based on OpenSSL. ok miod@
* Fix mmap() calls that check for a result other than MAP_FAILED.doug2014-09-271-1/+1
| | | | ok tedu@
* X509_STORE_new(): do not leak memory upon error.miod2014-09-262-28/+34
| | | | | | | X509_STORE_get1_certs(), X509_STORE_get1_crls(): check the result of allocations. ok tedu@
* X509_issuer_and_serial_hash(): do not leak memory if an error occurs duringmiod2014-09-262-2/+6
| | | | | | the first EVP block. ok tedu@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-26 03:46:38 +0000