summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* decompress libssl. ok beck jsingtedu2014-07-1049-1469/+77
|
* KNF comments, reflowing and moving out of the middle of argument lists inguenther2014-07-106-186/+300
| | | | | | places ok jsing@
* remove unused ecc_pkey_size.bcook2014-07-102-8/+4
| | | | ok jsing@ miod@
* BN_free, BN_clear_free, BN_CTX_free, BN_BLINDING_free and BN_MONT_CTX_freejsing2014-07-1012-110/+64
| | | | | | all have implicit NULL checks, so we do not need them here. ok miod@
* Use a while loop instead of an ifdowhile loop.jsing2014-07-104-24/+20
| | | | ok miod@ tedu@
* Add some extra sanity checks to make sure the test functions actuallymatthew2014-07-091-1/+13
| | | | run on altstack.
* include <limits.h> for LONG_MIN/LONG_MAX.bcook2014-07-092-4/+4
| | | | | | | Also remove <sys/filio.h> added from previous commit. This was the wrong way to get FIONBIO. ok jsing@
* ASN1_STRING_free can handle NULL, so callers don't need to check. ok miodtedu2014-07-0910-54/+34
|
* unfidef RL_DEBUG. hopefully it's been debugged by nowtedu2014-07-092-50/+2
|
* firebomb some MDEBUG leftoverstedu2014-07-091-87/+1
|
* unifdef a whole bunch of NO RSA/DSA/ECDH defines i deleted from libssltedu2014-07-0912-190/+12
|
* clean up if 0/if 1 code. we don't care anymore.tedu2014-07-092-119/+3
|
* move a commenttedu2014-07-091-3/+3
|
* reset host, port, path to null after freeing so the caller doesn'ttedu2014-07-092-2/+8
| | | | | accidentally free them again. actually a bug in the caller and (hey hey) apps/ocsp.c has exactly that bug, but it's easier/safer to fix here.
* stale prototypetedu2014-07-092-4/+2
|
* Make comments readable.jsing2014-07-092-54/+66
|
* More KNF.jsing2014-07-0938-644/+662
|
* KNF.jsing2014-07-094-246/+216
|
* reduce obvious dependency on global g_pool by moving to local aliasestedu2014-07-091-42/+48
| | | | ok otto
* ocsp_check_ids says "If algoritm mismatch let caller deal with it" beforetedu2014-07-092-12/+2
| | | | | | returning 2. The one and only caller doesn't check for that, so... Stop returning it. ok miod
* Minor cleanupsmatthew2014-07-091-5/+12
| | | | | | | | | | | | | Rename _waitpid() to safewaitpid() to avoid POSIX reserved identifier namespace. KNF nit: return value expressions should be surrounded by parentheses, per style(9). Ensure SIGCHLD is set to SIG_DFL, not SIG_IGN. POSIX allows (and requires under XSI) that terminated child processes not leave zombies if SIGCHLD is set to SIG_IGN, and it also allows execve() to leave SIGCHLD set to SIG_IGN.
* Better workaround for OS X sigaltstack() bugmatthew2014-07-091-15/+20
| | | | | | | OS X's sigaltstack() fails with ENOMEM if ss_size < MINSIGSTKSZ even if SS_DISABLE is specified in ss_flags. Rather than add code to try to cope with this stupidity, just don't bother restoring the original signal stack.
* Update to match the current state of crypto/rand, and remove MLINKS formiod2014-07-099-199/+31
| | | | RAND_event and RAND_screen.
* Remove mention that the PRNG needs to be seeded before invoking somemiod2014-07-0928-73/+8
| | | | functions.
* Unifdef -UPKCS_TESTVECT - we don't want the random data used in OAEP paddingmiod2014-07-092-12/+2
| | | | to get overwritten by a known value, ever.
* rephrase the stpcpy() warningnaddy2014-07-091-2/+2
| | | | new wording agreed by at least kettenis@ millert@ otto@
* {malloc,reallocarray} + memset(,0,) -> callocmiod2014-07-094-14/+10
| | | | ok tedu@
* Clean up after arc4random u_int32_t uint32_t changebeck2014-07-091-5/+5
| | | | ok jsing@
* changes to improve portabilitybcook2014-07-091-10/+11
| | | | ok beck@ deraadt@ jsing@ guenther@
* Replace memset(a, 0, ...); free(a); by explicit_bzero(a, ...); free(a); inmiod2014-07-092-4/+4
| | | | | | | fear a smartass-optimizing compiler decides memset is useless immediately before free(). ok jsing@ deraadt@ tedu@
* Remove leading underscore from _BYTE_ORDER and _{LITTLE,BIG}_ENDIAN, to bemiod2014-07-0922-120/+120
| | | | | more friendly to systems where the underscore flavours may be defined as empty. Found the hard way be bcook@; joint brainstrom with bcook beck and guenther
* miod@ fixed the "bug" so remove reference to it in the man pod^Wpage.jsing2014-07-092-10/+0
|
* add <sys/filio.h> header for FIONBIObcook2014-07-092-2/+4
| | | | ok beck@
* check for EINTR when calling waitpid.bcook2014-07-091-2/+13
| | | | ok jsing@
* check if we were previously on a signal stack before restoring.bcook2014-07-091-2/+3
| | | | | | | | OS X fails to restore the old signal stack because the signal stack is not enabled by default. This causes sigaltstack(2) to fail with ENOMEM as ss_size is 0, < MINSIGSTCKSZ. ok jsing@
* Clean up and simplify SSL_CIPHER_description by always using asprintf. Ifjsing2014-07-092-108/+108
| | | | | | | a buffer was supplied then we copy the result into it. Also make the failure case return values match the documentation. Joint work with beck@
* Simplify error path of DH_check_pub_key()miod2014-07-092-16/+8
|
* KNFmiod2014-07-0918-1134/+1198
|
* remove unused variables getentropy for OS Xbcook2014-07-092-6/+6
| | | | ok beck@
* Rewrite gcm128test as a table-driven regress instead of using defines.jsing2014-07-092-293/+852
| | | | | | This avoids compiler warnings for always true/false conditionals and makes the code readable. Also avoid pulling in modes_lcl.h, which should not be used outside the library.
* tedu the SSL export cipher handling - since we do not have enabled exportjsing2014-07-0921-724/+93
| | | | | | ciphers we no longer need the flags or code to support it. ok beck@ miod@
* cast ASN1_STRING (unsigned char *) to match strlcat's argument (char *)bcook2014-07-092-4/+4
| | | | ok beck@
* remove unused, private version strings except SSL_version_strbcook2014-07-0972-340/+70
| | | | | | Also remove unused des_ver.h, which exports some of these strings, but is not installed. ok miod@ tedu@
* Make use of this wonderful modern C construct known as a `switch', instead ofmiod2014-07-092-22/+34
| | | | 8-line if() tests.
* KNFmiod2014-07-0922-1812/+1878
|
* Kill more FIPS tentacles by removing the private_AES_set_{enc,dec}rypt_key()miod2014-07-0916-168/+120
| | | | | | | | internal interfaces, and promoting them to being the public AES_set_{enc,dec}rypt_key() interfaces. In non-FIPS mode, these public interfaces were directly calling the private ones. ok guenther@ jsing@
* Be more strict in RSA_padding_check_X931(), and thus avoid a possiblemiod2014-07-092-4/+4
| | | | | memcpy() with a negative size. ok tedu@
* Remove typecasts on password_callback.bcook2014-07-093-20/+15
| | | | | | | Rather than casting password_callback to the correct function pointer signature at every call site, change it to match the signature instead. ok miod@ deraadt@ tedu@
* In the old days (not in this century), SSLeay 0.4.5 would create X.509 RSAmiod2014-07-092-28/+6
| | | | | | | | | signatures using the wrong oid for the signature type. The signature verification code has thus been modified to allow these signatures to be accepted, with a printf to stderr to notify the user something was fishy. Remove this chunk; these signatures will no longer get accepted. ok deraadt@ guenther@ jsing@ tedu@
* Remove RSA_memory_lock(). This undocumented function sort-of serializes yourmiod2014-07-094-102/+4
| | | | | | | | | | RSA components to memory and clears them, but there is no unserializing function, so its usefulness is close to zero. A grep through the ports tree sources show that it is only present in ports embedding their own openssl copy, and never used otherwise. ok jsing@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-31 05:48:18 +0000