summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* KNFmiod2014-07-0918-1134/+1198
|
* remove unused variables getentropy for OS Xbcook2014-07-092-6/+6
| | | | ok beck@
* Rewrite gcm128test as a table-driven regress instead of using defines.jsing2014-07-092-293/+852
| | | | | | This avoids compiler warnings for always true/false conditionals and makes the code readable. Also avoid pulling in modes_lcl.h, which should not be used outside the library.
* tedu the SSL export cipher handling - since we do not have enabled exportjsing2014-07-0921-724/+93
| | | | | | ciphers we no longer need the flags or code to support it. ok beck@ miod@
* cast ASN1_STRING (unsigned char *) to match strlcat's argument (char *)bcook2014-07-092-4/+4
| | | | ok beck@
* remove unused, private version strings except SSL_version_strbcook2014-07-0972-340/+70
| | | | | | Also remove unused des_ver.h, which exports some of these strings, but is not installed. ok miod@ tedu@
* Make use of this wonderful modern C construct known as a `switch', instead ofmiod2014-07-092-22/+34
| | | | 8-line if() tests.
* KNFmiod2014-07-0922-1812/+1878
|
* Kill more FIPS tentacles by removing the private_AES_set_{enc,dec}rypt_key()miod2014-07-0916-168/+120
| | | | | | | | internal interfaces, and promoting them to being the public AES_set_{enc,dec}rypt_key() interfaces. In non-FIPS mode, these public interfaces were directly calling the private ones. ok guenther@ jsing@
* Be more strict in RSA_padding_check_X931(), and thus avoid a possiblemiod2014-07-092-4/+4
| | | | | memcpy() with a negative size. ok tedu@
* Remove typecasts on password_callback.bcook2014-07-093-20/+15
| | | | | | | Rather than casting password_callback to the correct function pointer signature at every call site, change it to match the signature instead. ok miod@ deraadt@ tedu@
* In the old days (not in this century), SSLeay 0.4.5 would create X.509 RSAmiod2014-07-092-28/+6
| | | | | | | | | signatures using the wrong oid for the signature type. The signature verification code has thus been modified to allow these signatures to be accepted, with a printf to stderr to notify the user something was fishy. Remove this chunk; these signatures will no longer get accepted. ok deraadt@ guenther@ jsing@ tedu@
* Remove RSA_memory_lock(). This undocumented function sort-of serializes yourmiod2014-07-094-102/+4
| | | | | | | | | | RSA components to memory and clears them, but there is no unserializing function, so its usefulness is close to zero. A grep through the ports tree sources show that it is only present in ports embedding their own openssl copy, and never used otherwise. ok jsing@
* remove unused dynamic_cmd_defns_empty structure.bcook2014-07-092-8/+2
| | | | ok miod@ deraadt@ guenther@
* RSA_NULL used to be a compile option allowing the RSA interfaces to bemiod2014-07-099-354/+10
| | | | | | | | compiled-in, with nonfunctional code, to be able to cope with the RSA patent. However, we don't use this option, and the RSA patent has expired more than 10 years ago, so just drop this piece.
* KNFmiod2014-07-0938-3934/+3918
|
* format string should be a string literal.bcook2014-07-091-2/+2
| | | | ok beck@ jsing@
* Mark the weakened 40-bit export ciphers as invalid - no one in their rightjsing2014-07-082-18/+18
| | | | | | mind should be using them. ok deraadt@ miod@
* Remove SSL_FIPS.jsing2014-07-086-188/+172
| | | | ok deraadt@ miod@
* Nuke SSL_NOT_EXP since it does nothing.jsing2014-07-084-252/+250
| | | | ok deraadt@ miod@
* Document SSL_CIPHER_description() will now use asprintf if passed a NULLmiod2014-07-081-5/+5
| | | | buffer.
* Do not suggest using BUF_strdup() preferably to strdup() for fallaciousmiod2014-07-081-4/+1
| | | | reasons.
* Match the current state of the code.miod2014-07-081-3/+3
|
* remove use of internally-deprecated OPENSSL_malloc/freebcook2014-07-081-3/+2
| | | | ok jsing@
* replace malloc(strlen())/strlcpy with strdupbcook2014-07-082-6/+4
| | | | ok beck@ jsing@
* Define SMALL_REGISTER_BANK on arm and vax, for it generates faster code formiod2014-07-082-2/+10
| | | | | these systems (vax being 30% faster!). (surprisingly, the prime candidate for SMALL_REGISTER_BANK, SuperH, runs actually slower in that case)
* Remove undocumented _des_crypt() interface and its companion header file,miod2014-07-085-464/+2
| | | | | | | which had never been installed, so it's unlikely something ever used this in the last 15~20 years. ok deraadt@ jsing@ beck@
* pedantic avoidance of division by zero, likely not actuallybeck2014-07-082-2/+12
| | | | | possible to hit for real. ok miod@ jsing@
* Include -DLIBRESSL_INTERNAL in regress makefiles.jsing2014-07-0839-78/+78
| | | | ok miod@
* add missing stdint. include for uint32_t, etc.bcook2014-07-082-2/+8
| | | | ok beck@ jsing@
* string.h is the correct file, not strings.hbcook2014-07-081-2/+2
| | | | ok beck@ jsing@
* We do not care about broken Borland C pre-processors.jsing2014-07-082-10/+6
| | | | ok beck@ deraadt@
* Pretty much everything has SO_REUSEADDR - nuke the #ifdefs.jsing2014-07-082-10/+2
| | | | ok beck@
* We have EAI_FAMILY - remove the #ifdefs.jsing2014-07-082-10/+2
| | | | ok beck@
* getentropy for osx and solaris. will be needed for a portable releasebeck2014-07-084-0/+1676
|
* More KNF.jsing2014-07-082-22/+42
|
* Avoid locking in BIO_get_port() by using getservbyname_r() instead ofjsing2014-07-082-62/+62
| | | | | | getservbyname(). While here, provide a common/single return path. ok deraadt@
* fix oops, accidental delete.. darn copying of files between machinesbeck2014-07-082-4/+4
|
* j should be an int, like repeatbeck2014-07-082-6/+8
|
* KNF.jsing2014-07-0832-1312/+1514
|
* unbreak last commit - but same intent, make re-seed less expensivebeck2014-07-082-24/+32
|
* More KNF.jsing2014-07-082-32/+36
|
* Simplify various BIO_sock_* fuctions - less code, better variable names,jsing2014-07-082-54/+24
| | | | | | correct types and fewer casts. ok deraadt@ miod@
* repeat calls to getentrypy() with the same pid likely indicate reseeds.deraadt2014-07-082-6/+20
| | | | | | Since we assume the PRNG above is doing "something old, something new" folding, shortcut and do fewer repeats through the timing loop. ok beck
* Memory-leak-in-error-path of the day in X509_ATTRIBUTE_set1_data().miod2014-07-032-4/+6
| | | | ok logan@ beck@
* Enter the REGRESS_FULL target subdirs for clean, cleandir and obj targets.miod2014-07-032-4/+4
|
* Memory leak in error path of the day, from clang via dhill@bitrig;miod2014-07-022-4/+6
| | | | ok dhill@bitrig
* Warnings. I haz them.miod2014-07-021-2/+11
|
* pk7_doit.c r1.20 introduced a NULL check that ensures that the signaturejsing2014-07-022-4/+4
| | | | | | | | | | contents are not NULL, however this breaks detached signature processing. Fix this by allowing the signature contents to be NULL when operating with a detached signature. Found the hard way by sthen@. ok sthen@
* Add an initial regress test for pkcs7.jsing2014-07-023-1/+300
| | | | This currently fails when signing/verifying with a detached signature.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-01 19:48:30 +0000