summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* truncation check some snprintf calls (over-cautiously in case)deraadt2014-04-194-19/+78
| | | | ok jsing beck
* can't actually do this. cause unknown.tedu2014-04-192-2/+2
|
* Fix some serious pointer-arithmatic-magic-number-unchecked-return eyebleedbeck2014-04-191-53/+44
| | | | | | | | | | that I stumbled into here and got stuck with. If modern society can get past selling daughters for cows, surely we can decide to write modern C code in an "application" that is probably 3 lines of shell/python/cgi away from talking to the internet in a lot of places.. (This file still needs a lot more love though) "oh god yuck" deraadt@ ok tedu@
* KNF.jsing2014-04-1912-1128/+1060
|
* Repair some indent to be more KNF, and break instead of fallthrough toderaadt2014-04-191-12/+14
| | | | default which does break
* one small tweak to avoid ever going off the end of a string.tedu2014-04-191-4/+6
|
* improved checking for invalid hashes. from solar designertedu2014-04-191-6/+10
|
* More KNF.jsing2014-04-196-66/+68
|
* kill a stray \deraadt2014-04-191-2/+2
|
* Lacking a proof that--for this implementation--exposure of Montgomeryguenther2014-04-194-14/+14
| | | | | | | | multiplication or RSA blinding parameters doesn't permit retroactive timing analysis of the secrets, we'll do the stupidly cheap thing and cleanse them before freeing them. ok deraadt@
* More KNF.jsing2014-04-1910-476/+592
|
* Remove hacky workaround for Cray T3E.deraadt2014-04-191-11/+0
| | | | ok guenther
* More KNF.jsing2014-04-198-522/+758
|
* oops, typo got into changederaadt2014-04-191-1/+1
|
* More KNF.jsing2014-04-196-20/+28
|
* malloc + strlcpy -> strdupderaadt2014-04-191-3/+2
|
* unifdef ENOTDIR, everyone has itderaadt2014-04-191-15/+3
|
* We'll interpret a (void) cast on snprintf() to mean it's been verified thatguenther2014-04-1955-147/+147
| | | | | | truncation is either desirable, not an issue, or is detected and handled later ok deraadt@
* Use somewhat harsher language and better examples; demonstrate thatderaadt2014-04-194-109/+88
| | | | | non-dangerous use functions is difficult. ok guenther
* Split inet(3) into three pages by decade: 1980s -> inet_lnaof(3),guenther2014-04-194-183/+320
| | | | | | 1990s -> inet_addr(3), 2000s and beyond -> inet_ntop(3). ok tedu@ (who also noted the timeline) deraadt@ jmc@
* egd is gonederaadt2014-04-194-38/+3
|
* The internal ssl2_* functions and variables are goneguenther2014-04-192-60/+0
|
* More KNF.jsing2014-04-198-1370/+1522
|
* Add SSL_OP_NO_TLSv1_1 and SSL_OP_NO_TLSv1_2guenther2014-04-191-4/+13
| | | | Document that SSL_OP_NO_SSLv2 is a no-op now
* More KNF and style consistency tweaksguenther2014-04-1953-479/+465
|
* More KNF.jsing2014-04-1912-760/+942
|
* More KNF.jsing2014-04-1912-726/+868
|
* More KNF.jsing2014-04-1914-406/+414
|
* use intrinsic strlcpy and strlcat everywhere so we only have one set ofbeck2014-04-1931-106/+106
| | | | | | funcitons to check for incorrect use. keep BUF_strlcpy and BUF_strlcat for API comptibility only. ok tedu@
* OPENSSL_gmtime() is really just gmtime_r(); ok guentherderaadt2014-04-1810-26/+12
|
* spacingtedu2014-04-182-20/+22
|
* remove references to rshd;jmc2014-04-182-15/+6
|
* tone down some XXXXX to not appear in greptedu2014-04-185-5/+5
|
* XXXXXXXXXXXXXXXX -> XXXtedu2014-04-182-6/+6
| | | | XXXXXXXXXXXXXXXXXXXXXXX -> XXXX
* unifdef NO_SOCKtedu2014-04-188-16/+0
|
* now that knf carpet bombing is finished, switch to hand to hand combat.tedu2014-04-184-346/+332
| | | | | still not sure what to make of mysteries like this: for (i = 7; i >= 0; i--) { /* increment */
* Unsurprisingly, since <unistd.h> was so darn hard to find for OpenSSL developersbeck2014-04-1810-62/+8
| | | | | | | | they had resorted to manually protyping read(2) instead of incredible amount of preprocessor wizardry needed to find the ever illusive <unistd.h>. Let's just include <unistd.h> and we don't need to do this.. While we're at it flense out _OSD_POSIX and __DGJPP__ cruft. ok krw@
* ECDSA signature computation involves a random number. Remove the test trying tomiod2014-04-181-116/+0
| | | | | force what RAND_bytes() will return and comparing it against known values - I can't let you do this, Dave.
* collateral damagetedu2014-04-181-0/+1
|
* no app_rand.ctedu2014-04-181-2/+2
|
* $HOME/.rnd will never be a good source of entropy. ok becktedu2014-04-1823-392/+2
|
* Do not ask the user to pass either -DB_ENDIAN or -DL_ENDIAN to the compiler,miod2014-04-189-37/+37
| | | | | | | but rather figure out the endianness from <machine/endian.h> automagically; help from guenther@ ok jca@ guenther@ beck@ and the rest of the `Buena SSL rampage club'
* Shrink a local buffer to the size it really needs to be; this is the onlymiod2014-04-182-2/+2
| | | | | | discrepancy found while checking proper {HEX,DECIMAL}_SIZE macro usage, which is confusing enough. tweaks and ok jca@, ok guenther@
* eroMgib dne- nai 68xtnetelca .smiod2014-04-182-14/+4
|
* Not welcomemiod2014-04-182-302/+0
|
* typomiod2014-04-182-2/+2
|
* first round of static config. ok miodtedu2014-04-1826-1118/+0
|
* Use the cleaned up asprintf-based make_config_name() to make the name oflteo2014-04-182-18/+8
| | | | | | | | the config file instead of the malloc/BUF_strlcpy/BUF_strlcat calls with no return value checks (that make_config_name() also used to do prior to being cleaned up). ok beck@
* Check the return value of make_config_name() before attempting to uselteo2014-04-181-1/+6
| | | | | | the config filename. ok beck@
* anothertedu2014-04-181-3/+0
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-02 18:24:20 +0000