summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* explict_bzero for some asn1 free's - ok miod@beck2016-03-064-6/+18
|
* Make sure stdio functions don't end up in the library, from miod@beck2016-03-067-15/+39
| | | | ok doug@ bcook@
* graduate bn_expand() to a real function. the openssl version of thisderaadt2016-03-044-8/+32
| | | | | | | uses a macro with multiple-evaluations of arguments (different amount than the previous version..), but doug/bcook's inline version makes BIGNUM not opaque [problem spotted by naddy] ok doug
* Revert bn_expand until there's consensus on a fix.doug2016-03-042-28/+6
|
* fix the rest of the read_ledword() calls used as lengths to be bounded.beck2016-03-022-2/+10
| | | | | inspired by guido vranken https://guidovranken.wordpress.com/2016/03/01/public-disclosure-malformed-private-keys-lead-to-heap-corruption-in-b2i_pvk_bio/ ok doug@
* Add bounds checking for BN_hex2bn/BN_dec2bn.doug2016-03-024-20/+52
| | | | | | | | | Need to make sure i * 4 won't overflow. Based on OpenSSL: commit 99ba9fd02fd481eb971023a3a0a251a37eb87e4c input + ok bcook@ ok beck@
* bound lengths coming out of a pem file to something like realitybeck2016-03-022-6/+14
| | | | ok deraadt@
* Remove support for ancient, broken DSA implementations.doug2016-03-012-120/+40
| | | | | | | | | | | | | | | Based on a few OpenSSL commits: Remove ancient DSA workarounds commit ab4a81f69ec88d06c9d8de15326b9296d7f498ed Remove workaround for broken DSA implementations using negative integers commit dfb10af92e9663ce4eefaa1d6b678817fa85344d Typo in error name (EVP_R_DECODE_ERROR -> DSA_R_DECODE_ERROR) commit f6fb7f1856d443185c23f1a5968c08b4269dd37d ok beck@
* remove NULL checks for pqueue_free()mmcc2016-02-292-22/+12
| | | | ok doug@
* Add a test for negated POSIX characer classes.millert2016-02-261-0/+1
|
* refactor option letter parsing into a subfunction, to increase clarityderaadt2016-02-251-93/+102
| | | | | about which options are turned on/off by 's' and 'S' ok tedu
* Sync some root certificates with Mozilla's cert store. ok bcook@sthen2016-02-171-84/+1016
| | | | | | | | | | | | | | | | | | | - Add new root certificates present in Mozilla cert store from CA organizations who are already in cert.pem (AddTrust, Comodo, DigiCert, Entrust, GeoTrust, USERTrust). - Replace Startcom's root with their updated sha256 version present in Mozilla cert store. (They maintained serial# etc so this is still valid for existing signed certificates). - Add two root certificates from CA not previously present: "C=US, O=Network Solutions L.L.C., CN=Network Solutions Certificate Authority" "C=PL, O=Unizeto Sp. z o.o., CN=Certum CA" (the latter used by yandex.ru) We are still listing some certificates that have been removed from Mozilla's store (1024-bit etc) however these cannot be removed until cert validation is improved (we don't currently accept a certificate as valid unless the CA is at the end of a chain).
* word fix from previous; ok sthenjmc2016-02-121-3/+3
|
* sslv3 has been removed;jmc2016-02-081-16/+21
| | | | | prompted by a mail from jiri navratil help/ok sthen
* compare pointer to NULL in example codemmcc2016-02-071-3/+3
|
* be more forceful about not using these.espie2016-02-051-2/+9
| | | | improvements sthen@, jmc@. okay millert@, jca@ jmc@
* Fix err(3) calls after allocation failures in examples.schwarze2016-02-051-8/+8
| | | | | | There is long-standing consensus that err(1, NULL) is the best idiom after failure of malloc(3) and friends. Quirk in the manual noticed by tb@.
* Sort cert.pem alphabetically, first by organisation, then by CA namesthen2016-02-011-1604/+1584
| | | | | | | | | | | (CN if available, otherwise OU). Add a comment identifying the org. Now to get an easy-to-read list of certificates in the file you can use "grep ^[#=] cert.pem". Prepared with https://spacehopper.org/format-pem.20160201. If you would like to verify this commit to ensure that I didn't sneak in any other changes, it will be easier to use the script rather than do it by hand.
* Revamp cert.pem certificate information formatting. Skip headers whichsthen2016-01-311-2459/+184
| | | | | | | | | aren't really useful (the information can be obtained by feeding the cert into "openssl x509 -in filename -text") and add a separator between certs showing the CA's CN or OU (similar to the display format in web browsers). Include both SHA1 and SHA256 fingerprints for all certificates. ok beck@ zhuk@ jung@
* Therefor -> Therefore (where appropriate)tb2016-01-292-2/+2
| | | | from ray@, ok jmc@
* deprecate SSL_OP_SINGLE_DH_USElibressl-v2.3.2beck2016-01-274-74/+12
| | | | ok jsing@
* Don't crash dumping malloc stats if malloc_init hasn't been called, noted byotto2016-01-261-1/+3
| | | | David CARLIER
* Call BIO_sock_init() from tls_init() to ensure sockets are enabled on Windows.bcook2016-01-181-1/+4
| | | | This is of course a no-op on other platforms. Noted by equalsraf from github.
* Long ago, malloc internally had two kinds of failures, warnings and errors.tedu2016-01-062-14/+7
| | | | | | | | The 'A' option elevated warnings to errors, and has been the default for some time. Then warnings were effectively eliminated in favor of everything being an error, but then the 'a' flag turned real errors into warnings! Remove the 'a' option entirely. You shouldn't have used it anyway. ok tb tdeval
* Follow style(9) and drop lint /* NOTREACHED */ annotations fromtb2016-01-042-6/+4
| | | | | | | | the examples. Diff from Juuso Lapinlampi < wub () partyvan ! eu >, thanks! ok schwarze@
* Use the correct values for TLS certificate / private key flags.bcook2016-01-041-5/+5
| | | | fix from Andreas Bartelt <obsd at bartula.de>
* Calling clone(2) with CLONE_NEWPID yields multiple processes with pid=1.bcook2016-01-042-4/+6
| | | | | | | | | | | | | Work around this particular case by reseeding whenever pid=1, but as guenther@ notes, directly calling clone(2), and then forking to match another pid, provides other ways to bypass new process detection on Linux. Hopefully at some point Linux implements something like MAP_INHERIT_ZERO, and does not invent a corresponding mechanism to subvert it. Noted by Sebastian Krahmer and the opmsg team. See http://stealth.openwall.net/crypto/randup.c for a test program. ok beck@
* Document that the ssl free() functions are NULL safe. OK mmcc@millert2015-12-306-12/+42
|
* another case where bad things would happen after wrterrortedu2015-12-301-2/+4
|
* if somebody makes the mistake of disabling abort, don't deref null intedu2015-12-301-2/+4
| | | | validate_junk. from Michal Mazurek
* Remove NULL-checks before free() and a few related dead assignments.mmcc2015-12-282-8/+5
| | | | ok and valuable input from millert@
* initialize pointer to avoid undefined free on failurebcook2015-12-281-2/+2
| | | | ok beck@
* include time.h over sys/time.h for ctime(3)bcook2015-12-281-2/+2
| | | | ok beck@
* remove unused variablechl2015-12-271-2/+1
| | | | ok tedu@
* more e-mail -> emailmmcc2015-12-242-5/+5
|
* More adress -> addressmmcc2015-12-244-4/+4
|
* remove NULL-check before free()mmcc2015-12-231-3/+2
|
* remove NULL-checks before free()mmcc2015-12-236-38/+22
|
* assign pointer NULL rather than 0mmcc2015-12-232-4/+4
|
* assign pointer to NULL rather than 0mmcc2015-12-232-4/+4
|
* initialize a pointer to NULL rather than 0mmcc2015-12-222-4/+4
|
* gethostbyname2() and gethostbyaddr() need <sys/socket.h>; discussed withtim2015-12-191-6/+8
| | | | millert@
* Simplify return call of rand() and rand_r() to make it easier to read.tb2015-12-181-2/+2
| | | | | | | | | This is slightly less robust, but RAND_MAX must be one below a power of two in both variants anyway. Based on a suggestion by Matthew Martin. ok tedu@
* Add missing colon after "Peer name" in verbose output. Mentioned on themmcc2015-12-171-2/+2
| | | | lists recently.
* tweak previous;jmc2015-12-162-4/+5
|
* Remove support for HOSTALIASES from the resolver. This "open and parsederaadt2015-12-162-15/+6
| | | | | | | | any file indicated by an environment variable" feature inside the resolver is incompatible with what pledge "dns" is trying to be. It is a misguided "feature" added way back in history which almost noone uses, but everyone has to assume the risk from. ok eric florian kettenis
* clean up some unused variables, and add the printing of the certificate validitybeck2015-12-161-4/+7
| | | | | to the verbose output when using tls - from rob@2keys.ca ok mmcc@ jsing@ deraadt@
* Remove "C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certificationsthen2015-12-151-49/+0
| | | | | | | | | | | | | | | | | Authority" (serial 3c:91:31:cb:1f:f6:d0:1b:0e:9a:b8:d0:44:bf:12:be) root certificate from cert.pem. ok rpe@ Symantec/VeriSign say "Browsers/root store operators are encouraged to remove/untrust this root from their root stores" and "hasn't been used to generate new certificates in several years, and will now be repurposed to provide transition support for some of our enterprise customers' legacy, non-public applications" (https://www.symantec.com/page.jsp?id=roots, http://www.scmagazine.com/google-will-remove-trust-of-symantecs-pca3-g1-certificate/article/459688/). Also see https://knowledge.symantec.com/support/ssl-certificates-support/index?page=content&id=ALERT1941 https://googleonlinesecurity.blogspot.co.uk/2015/12/proactive-measures-in-digital.html
* initialize ext_len to 0.beck2015-12-142-4/+12
| | | | ok guenther@
* initialize ok to 0beck2015-12-142-4/+4
| | | | ok guenther@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-28 12:17:44 +0000