summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Flense the greasy black guts of unreadble string parsing code out of three areasbeck2015-10-0215-543/+666
| | | | | | | | | in asn1 and x509 code, all dealing with an ASN1_TIME. This brings the parsing together in one function that converts into a struct tm. While we are at it this also brings us into conformance with RFC 5280 for times allowed in an X509 cert, as OpenSSL is very liberal with what it allows. input and fixes from deraadt@ jsing@ guethther@ and others. ok krw@, guenther@, jsing@
* s/ssl3_client_kex/ssl3_send_client_kex/ for consistency with the caller.jsing2015-10-022-18/+22
|
* include <sys/types.h> for ssize_tbcook2015-10-011-1/+3
| | | | ok jsing@, deraadt@
* Another s/M_ASN1_INTEGER_free/ASN1_INTEGER_free/.jsing2015-10-011-2/+2
| | | | Found the hard way by Mark Patruck.
* Eliminate the last of the LINTEDn and PRINTFLIKEn comments. In oneguenther2015-10-016-15/+7
| | | | | | | case, by deleting some useless '& of an array' we also eliminate the need for the casts which prompted the original lint warnings ok deraadt@
* Place all of the ASN1 M_ macros under #ifndef LIBRESSL_INTERNAL.jsing2015-09-302-60/+74
|
* Expand M_i2d_ASN1_OCTET_STRING macros - no change in generated assembly,jsing2015-09-302-6/+10
| | | | aside from line numbers.
* s/M_ASN1_ENUMERATED_free/ASN1_ENUMERATED_free/jsing2015-09-302-4/+4
|
* Replace M_ASN1_ENUMERATED_(free|new) with ASN1_ENUMERATED_(free|new).jsing2015-09-302-6/+6
|
* Replace M_ASN1_OCTET_STRING_(free|new) with ASN1_OCTET_STRING_(free|new).jsing2015-09-3030-98/+98
|
* Replace M_ASN1_UTCTIME_(new|free) with ASN1_UTCTIME_(new|free).jsing2015-09-302-6/+6
|
* Replace M_ASN1_IA5STRING_(new|free) with ASN1_IA5STRING_(new|free). Samejsing2015-09-306-18/+18
| | | | with one s/M_ASN1_VISIBLESTRING_new/ASN1_VISIBLESTRING_new/.
* Replace M_ASN1_GENERALIZEDTIME_(new|free) withjsing2015-09-306-14/+14
| | | | ASN1_GENERALIZEDTIME_(new|free).
* s/M_ASN1_TIME_free/ASN1_TIME_free/jsing2015-09-304-14/+14
|
* Replace M_ASN1_INTEGER_(new|free) with ASN1_INTEGER_(new|free) - this isjsing2015-09-3024-82/+82
| | | | | | | different from the macro expansion, but the result is the same. Also replace some ASN1_STRING_dup() with ASN1_INTEGER_dup(). ok beck@ doug@
* Remove unnecessary type assignments - M_ASN1_INTEGER_new() already setsjsing2015-09-302-6/+2
| | | | | | the type to V_ASN1_INTEGER. ok doug@
* fix two typos.sobrado2015-09-301-2/+2
|
* Fix a bug in the regress, and be much more pedantic about what is allowedbeck2015-09-301-22/+46
| | | | | | | per RFC 5380 in an X509. RFC 5280 states that all times before 2050 must be specified as a UTCtime, not a Generalized time, and all times after must be a UTC time. By extension this also means the smallest time allowed per RFC 5280 is 500101000000Z and the largest is 99991231235959Z..
* Remove support for NO_ASN1_TYPEDEFS.doug2015-09-302-42/+2
| | | | | | | This ifdef was introduced 15 years ago and was known to cause problems with STACK_OF() back then. ok jsing@, beck@, jca@
* convert "last_time" to a time_t, to handle beyond Y2038deraadt2015-09-292-14/+14
| | | | ok guenther miod
* Replace remaining M_ASN1_BIT_STRING_(new|free) macros with calls tojsing2015-09-296-18/+18
| | | | | | ASN1_BIT_STRING_(new|free). ok beck@ doug@
* Instead of declaring a union in multiple places, move it to tls_internal.h.jsing2015-09-293-15/+14
| | | | ok deraadt@
* clean some ugly intendation wartsderaadt2015-09-295-12/+21
|
* Add an rfc5280 test suite to test x509_cmp_time.beck2015-09-292-2/+362
| | | | | | Note some of these will yet fail with the current libcrypto as the current X509_cmp_time is not RFC5280 compliant ok jsing@
* Fix sha2 regression test for libcrypto.doug2015-09-291-2/+2
| | | | | | | | | By default, "openssl sha" used SHA-0. However, it was possible to use the form "openssl sha -sha256" to run SHA-256 instead. The regression test used this form. Since we removed SHA-0 support, the regress tests should now call "openssl <digest>". ok guenther@, bcook@
* remove excessive brackets on pointer mathderaadt2015-09-282-16/+16
|
* Explicit NULL checks and style(9) tweaks.jsing2015-09-281-7/+7
|
* Redo 1.25, without the NULL deref.miod2015-09-272-44/+62
| | | | ok sthen@ bcook@
* check if openssl(1) actually works before proceedingbcook2015-09-271-0/+2
| | | | | It was possible for this test to pass even if the openssl command itself was missing.
* bump to 2.3.1bcook2015-09-272-6/+6
|
* Use ASN1_item_dup() instead of ASN1_dup().jsing2015-09-264-14/+10
| | | | ok bcook@
* lint is dead: delete useless LINTLIBRARY commentsguenther2015-09-262-4/+2
| | | | ok millert@
* We don't need no stinking "EXAMPLE OF THE DSA" or README (the credits arejsing2015-09-264-252/+0
| | | | | | already in the code). ok beck@ miod@
* Add DER encoding/decoding coverage for ASN.1 GENERALIZEDTIME and UTCTIME.jsing2015-09-251-39/+158
|
* Add initial regress tests for ASN.1 times.jsing2015-09-253-1/+372
|
* avoid trailing .Ns, reduce .Xo and .Sm, drop redundant .Bkschwarze2015-09-251-12/+4
|
* typos in documentation; better wording, suggested by jmc@libressl-v2.3.0sobrado2015-09-2251-88/+88
| | | | ok jmc@
* add a missing NULL checkbcook2015-09-211-1/+5
| | | | noted by Bill Parker (dogbert2) on github
* add a couple of missing NULL checksbcook2015-09-211-3/+3
| | | | noted by Bill Parker (dogbert2) on github
* remove vestigial bits of sha-0 and md2 from openssl(1)bcook2015-09-215-23/+17
| | | | | | | | Noted by kinichiro on github. We probably need a better way to indicate the list of message digests that are allowed, as the current ones are nowhere near exhaustive (sigh - guenther@) OK guenther@ jmc@
* Pack the algorithm numbers, to avoid printing a useless (null) 0 0 0 0miod2015-09-201-34/+34
| | | | line in the summary.
* Don't wrap initialized variables: binutils appears to be mishandling themguenther2015-09-191-1/+3
| | | | | | on arm and m88k problems with optind observed by jsg@
* avoid void * pointer arithmeticbcook2015-09-182-4/+4
| | | | ok miod@
* Revert bn_print.c:r1.25 ("handle negative-zero in BN_bn2dec() too") forsthen2015-09-182-62/+44
| | | | now, it has a NULL deref. Segfault reported by Mikolaj Kucharski, ok bcook
* Remove more EVP_sha() SHA-0 references.bcook2015-09-173-6/+5
|
* Re-add missing comma from SHA-0 removal which breaks mlinks generation.sthen2015-09-172-2/+2
| | | | Worked out by bcook@
* include stdint.h for uint64_tbcook2015-09-172-2/+4
| | | | noted by Bernard Spil
* Zap RANDFILE.lteo2015-09-162-5/+3
|
* tweak previous;jmc2015-09-141-2/+2
|
* Provide tls_config_insecure_noverifytime() in order to be able to disablejsing2015-09-146-6/+29
| | | | | | certificate validity checking. ok beck@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-31 16:12:18 +0000