summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Add a regress for libc handling of SIGTHRguenther2015-10-222-0/+71
|
* Reject too small bits value in BN_generate_prime_ex(), so that it does not riskmiod2015-10-216-8/+44
| | | | | | | | becoming negative in probable_prime_dh_safe(). Reported by Franck Denis who noticed `openssl gendh 0' would segfault. Fix adapted from OpenSSL RT#2701. ok beck@ jsing@
* In the case where len is not a multiple of sizeof(RC4_CHUNK) the RC4 codejsing2015-10-212-126/+2
| | | | | | | | | | | | | | will end up doing a read and write of up to 7 bytes beyond the specified length. This is effectively a non-issue since we read and write back the same data and due to alignment it is within a page boundary. Regardless, avoid this by removing the "special" handling for the remaining length and allow the standard (non-chunk) code to process the remaining bytes, which does not result in overrun. Reported by Pascal Cuoq <cuoq at trust-in-soft.com> - thanks! ok beck@ miod@
* Lob a style(9) grenade in here.jsing2015-10-206-344/+370
|
* free rbio before wbiobeck2015-10-192-14/+14
| | | | ok jsing@
* Stop supporing "legcay" time formats that OpenSSL supports. Rewrite thebeck2015-10-1915-1220/+698
| | | | | | utctime and gentime wrappers accordingly. Along with some other cleanup. this also removes the need for timegm. ok bcook@ sthen@ jsing@
* Change regress to not believe legacy times are validbeck2015-10-191-65/+4
|
* Need <string.h> for memset()guenther2015-10-181-1/+2
|
* Exit if a pledge call fails in non-interactive mode.doug2015-10-1745-89/+179
| | | | ok semarie@
* add "tty" for several subcommands of opensslsemarie2015-10-1724-48/+48
| | | | | | | | | | | it is needed in order to let libssl UI_* function plays with echo on/off when asking for password on terminal. passwd subcommand needs additionnal "wpath cpath" in order to let it calls fopen("/dev/tty", "w") (O_WRONLY with O_CREAT | O_TRUNC). problem reported by several with and ok doug@
* Remove pointless externs - the structs are declared in the same files ajsing2015-10-166-16/+6
| | | | few lines above.
* Expand DECLARE_ASN1_ALLOC_FUNCTIONS and DECLARE_ASN1_FUNCTIONS_constjsing2015-10-166-22/+68
| | | | macros. The only change in the generated assembly is due to line numbering.
* Remove pointless uses of DECLARE_ASN1_ENCODE_FUNCTIONS_const.jsing2015-10-166-16/+10
| | | | | DECLARE_ASN1_FUNCTIONS_const already includes this macro so using both means we end up with duplicate function prototypes and externs.
* Fix use of pointer value after BIO_free, and remove senseless NULL checks.beck2015-10-162-14/+16
| | | | ok bcook@
* Put tls_config_verify_client_optional() in the right place.jsing2015-10-161-6/+6
|
* Fix tpyo.jsing2015-10-161-3/+3
|
* Implement real "flock" request and add it to userland programs thatmillert2015-10-161-2/+2
| | | | use pledge and file locking. OK deraadt@
* actually include the prerequisite dependency for BIO instead of doing nastynessbeck2015-10-162-10/+4
|
* better fix for overrun reported by Qualys Security.tedu2015-10-142-8/+2
| | | | | | buf is at all times kept nul terminated, so there is no need to enforce this again upon exit. (no need to move buf around after we exahust space.) ok beck miod
* Bail out early if we have no buf_lenbeck2015-10-142-2/+10
| | | | ok miod@
* fix a memory leak reported by Qualys Security.tedu2015-10-142-6/+8
| | | | | | move the bndec variable in tighter since it's not used elsewhere in the loop, then always free it after use. ok bcook miod
* Ensure we don't write a 0 byte past end of the buffer in the error case.beck2015-10-142-6/+6
| | | | ok bcook@ deraadt@
* tweak previous (two details i apparently missed)schwarze2015-10-141-4/+6
|
* Add EVP_AEAD_CTX_init(3) manpage to document the new(ish) AEAD API.reyk2015-10-144-1/+285
| | | | | | | | | | | | The "authenticated encryption with additional data" API is used for ciphers like AES-GCM or ChaCha20-Poly1305. The manpage is a beginning and certainly needs more work, especially improvements in the EXAMPLES section. Based on agl's source code comments. Converted from pod to mandoc by schwarze@ OK schwarze@ jsing@
* In rev 1.15 the sizeof argument was fixed in a strlcat() call butmillert2015-10-131-2/+2
| | | | | | the truncation check immediately following it was not updated to match. Not an issue in practice since the buffers are the same size. OK deraadt@
* Put ASN1_dup() under #ifndef LIBRESSL_INTERNAL.jsing2015-10-132-10/+10
|
* Convert ECParameters_dup() from a macro that uses ASN1_dup_of() into anjsing2015-10-136-10/+40
| | | | | | actual function. This removes the last ASN1_dup_of usage from the tree. Feedback from doug@ and miod@
* Convert a number of the old ASN1_{d2i,i2d}_{bio,fp}_of() macros tojsing2015-10-132-38/+38
| | | | | | ASN1_item_{d2i,i2d}_{bio,fp}() function calls. ok beck@ doug@
* Single byte read/write tests.jsing2015-10-131-0/+67
|
* Add test coverage for peer certificate info and connection info.jsing2015-10-132-6/+231
|
* Make regress work again post hackathon tls_handshake/tls_read/tls_writejsing2015-10-131-7/+42
| | | | changes.
* Group d2i/i2d function prototypes by type and add missing externs for thejsing2015-10-132-14/+24
| | | | DSAPublicKey, DSAPrivateKey and DSAparams ASN1_ITEMs.
* unifdef EVP_CHECK_DES_KEY: Ben Kaduk noticed it has a syntax error; thatguenther2015-10-124-40/+4
| | | | | | | | error was present in the original 2004 commit, so it hasn't been used in over 11 years, thus exceeding our deprecation requirements by over a decade. OpenSSL has chosen to *fix it*; we'll gladly watch it burn ok jsing@
* Userspace doesn't need to use SUN_LEN(): connect() and bind() must acceptguenther2015-10-111-8/+3
| | | | | | sizeof(struct sockaddr_un), so do the simple, portable thing ok beck@ deraadt@
* Initial support for pledges in openssl(1) commands.doug2015-10-1047-46/+281
| | | | | | | | | | | | | | | | openssl(1) has two mechanisms for operating: either a single execution of one command (looking at argv[0] or argv[1]) or as an interactive session than may execute any number of commands. We already have a top level pledge that should cover all commands and that's what interactive mode must continue using. However, we can tighten up the pledges when only executing one command. This is an initial stab at support and may contain regressions. Most commands only need "stdio rpath wpath cpath". The pledges could be further restricted by evaluating the situation after parsing options. deraadt@ and beck@ are roughly fine with this approach.
* normalize the ordering of tame requests (particularily, "rpath wpath cpath",deraadt2015-10-101-2/+2
| | | | | | | which i have put in that order). this is not important, but helps look for outliers which might be strange. it hints that "ioctl" should be reassessed in a few places, to see if "tty" is better; that "unix" may be used in some places where "route" could now work.
* fix a gotcha in the connect refactoring, that could result in droppingderaadt2015-10-091-1/+5
| | | | | through and trying to bind failed v6 connects. ok guenther
* Change all tame callers to namechange to pledge(2).deraadt2015-10-091-3/+3
|
* If getaddrinfo() succeeds, then don't try look ups with other flags, evenguenther2015-10-081-41/+39
| | | | | | | | | | if the connect()s failed. In concert with some resolver fixes in libc, this lets ntpd be tame()ed problem isolated by theo, who had fun untangling the libc and libtls behaviors to place blame for not being able to tame ntpd ok beck@ deraadt@ jsing@
* trailing whitespace;jmc2015-10-081-6/+6
|
* Rip the guts out of another gibbering horror of a time comparison function, andbeck2015-10-084-74/+48
| | | | | mark it as #ifndef LIBRESSL_INTERNAL at least we don't use this. ok jsing@
* revert previous accidental commitbeck2015-10-084-46/+72
|
* Spelling in commentbeck2015-10-086-78/+50
|
* Add tls_peer_cert_notbefore and tls_peer_cert_notafter to expose peer ↵beck2015-10-076-9/+98
| | | | | | | certificate validity times for tls connections. ok jsing@
* Allow us to get cipher and version even if there is not a peer certificate.beck2015-10-072-15/+21
| | | | ok doug@
* include <sys/time.h> for gettimeofday(2)bcook2015-10-072-2/+4
|
* tame "stdio inet rpath cpath wpath proc" seems to be sufficient forderaadt2015-10-071-1/+7
| | | | | all the wading in here. "proc" is for the speed command, which fork()'s. ok doug
* prefer limits.h over sys/limits.hbcook2015-10-062-6/+6
| | | | ok deraadt@
* these do not use ioctl.hderaadt2015-10-062-4/+2
|
* Make sure dot is not set after tz - fixes incorrect handling, which allowsjsing2015-10-052-4/+4
| | | | | | 20151005171301+1.09Z to be treated as a valid time. ok beck@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 15:21:02 +0000