summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Better workaround for OS X sigaltstack() bugmatthew2014-07-091-15/+20
| | | | | | | OS X's sigaltstack() fails with ENOMEM if ss_size < MINSIGSTKSZ even if SS_DISABLE is specified in ss_flags. Rather than add code to try to cope with this stupidity, just don't bother restoring the original signal stack.
* Update to match the current state of crypto/rand, and remove MLINKS formiod2014-07-099-199/+31
| | | | RAND_event and RAND_screen.
* Remove mention that the PRNG needs to be seeded before invoking somemiod2014-07-0928-73/+8
| | | | functions.
* Unifdef -UPKCS_TESTVECT - we don't want the random data used in OAEP paddingmiod2014-07-092-12/+2
| | | | to get overwritten by a known value, ever.
* rephrase the stpcpy() warningnaddy2014-07-091-2/+2
| | | | new wording agreed by at least kettenis@ millert@ otto@
* {malloc,reallocarray} + memset(,0,) -> callocmiod2014-07-094-14/+10
| | | | ok tedu@
* Clean up after arc4random u_int32_t uint32_t changebeck2014-07-091-5/+5
| | | | ok jsing@
* changes to improve portabilitybcook2014-07-091-10/+11
| | | | ok beck@ deraadt@ jsing@ guenther@
* Replace memset(a, 0, ...); free(a); by explicit_bzero(a, ...); free(a); inmiod2014-07-092-4/+4
| | | | | | | fear a smartass-optimizing compiler decides memset is useless immediately before free(). ok jsing@ deraadt@ tedu@
* Remove leading underscore from _BYTE_ORDER and _{LITTLE,BIG}_ENDIAN, to bemiod2014-07-0922-120/+120
| | | | | more friendly to systems where the underscore flavours may be defined as empty. Found the hard way be bcook@; joint brainstrom with bcook beck and guenther
* miod@ fixed the "bug" so remove reference to it in the man pod^Wpage.jsing2014-07-092-10/+0
|
* add <sys/filio.h> header for FIONBIObcook2014-07-092-2/+4
| | | | ok beck@
* check for EINTR when calling waitpid.bcook2014-07-091-2/+13
| | | | ok jsing@
* check if we were previously on a signal stack before restoring.bcook2014-07-091-2/+3
| | | | | | | | OS X fails to restore the old signal stack because the signal stack is not enabled by default. This causes sigaltstack(2) to fail with ENOMEM as ss_size is 0, < MINSIGSTCKSZ. ok jsing@
* Clean up and simplify SSL_CIPHER_description by always using asprintf. Ifjsing2014-07-092-108/+108
| | | | | | | a buffer was supplied then we copy the result into it. Also make the failure case return values match the documentation. Joint work with beck@
* Simplify error path of DH_check_pub_key()miod2014-07-092-16/+8
|
* KNFmiod2014-07-0918-1134/+1198
|
* remove unused variables getentropy for OS Xbcook2014-07-092-6/+6
| | | | ok beck@
* Rewrite gcm128test as a table-driven regress instead of using defines.jsing2014-07-092-293/+852
| | | | | | This avoids compiler warnings for always true/false conditionals and makes the code readable. Also avoid pulling in modes_lcl.h, which should not be used outside the library.
* tedu the SSL export cipher handling - since we do not have enabled exportjsing2014-07-0921-724/+93
| | | | | | ciphers we no longer need the flags or code to support it. ok beck@ miod@
* cast ASN1_STRING (unsigned char *) to match strlcat's argument (char *)bcook2014-07-092-4/+4
| | | | ok beck@
* remove unused, private version strings except SSL_version_strbcook2014-07-0972-340/+70
| | | | | | Also remove unused des_ver.h, which exports some of these strings, but is not installed. ok miod@ tedu@
* Make use of this wonderful modern C construct known as a `switch', instead ofmiod2014-07-092-22/+34
| | | | 8-line if() tests.
* KNFmiod2014-07-0922-1812/+1878
|
* Kill more FIPS tentacles by removing the private_AES_set_{enc,dec}rypt_key()miod2014-07-0916-168/+120
| | | | | | | | internal interfaces, and promoting them to being the public AES_set_{enc,dec}rypt_key() interfaces. In non-FIPS mode, these public interfaces were directly calling the private ones. ok guenther@ jsing@
* Be more strict in RSA_padding_check_X931(), and thus avoid a possiblemiod2014-07-092-4/+4
| | | | | memcpy() with a negative size. ok tedu@
* Remove typecasts on password_callback.bcook2014-07-093-20/+15
| | | | | | | Rather than casting password_callback to the correct function pointer signature at every call site, change it to match the signature instead. ok miod@ deraadt@ tedu@
* In the old days (not in this century), SSLeay 0.4.5 would create X.509 RSAmiod2014-07-092-28/+6
| | | | | | | | | signatures using the wrong oid for the signature type. The signature verification code has thus been modified to allow these signatures to be accepted, with a printf to stderr to notify the user something was fishy. Remove this chunk; these signatures will no longer get accepted. ok deraadt@ guenther@ jsing@ tedu@
* Remove RSA_memory_lock(). This undocumented function sort-of serializes yourmiod2014-07-094-102/+4
| | | | | | | | | | RSA components to memory and clears them, but there is no unserializing function, so its usefulness is close to zero. A grep through the ports tree sources show that it is only present in ports embedding their own openssl copy, and never used otherwise. ok jsing@
* remove unused dynamic_cmd_defns_empty structure.bcook2014-07-092-8/+2
| | | | ok miod@ deraadt@ guenther@
* RSA_NULL used to be a compile option allowing the RSA interfaces to bemiod2014-07-099-354/+10
| | | | | | | | compiled-in, with nonfunctional code, to be able to cope with the RSA patent. However, we don't use this option, and the RSA patent has expired more than 10 years ago, so just drop this piece.
* KNFmiod2014-07-0938-3934/+3918
|
* format string should be a string literal.bcook2014-07-091-2/+2
| | | | ok beck@ jsing@
* Mark the weakened 40-bit export ciphers as invalid - no one in their rightjsing2014-07-082-18/+18
| | | | | | mind should be using them. ok deraadt@ miod@
* Remove SSL_FIPS.jsing2014-07-086-188/+172
| | | | ok deraadt@ miod@
* Nuke SSL_NOT_EXP since it does nothing.jsing2014-07-084-252/+250
| | | | ok deraadt@ miod@
* Document SSL_CIPHER_description() will now use asprintf if passed a NULLmiod2014-07-081-5/+5
| | | | buffer.
* Do not suggest using BUF_strdup() preferably to strdup() for fallaciousmiod2014-07-081-4/+1
| | | | reasons.
* Match the current state of the code.miod2014-07-081-3/+3
|
* remove use of internally-deprecated OPENSSL_malloc/freebcook2014-07-081-3/+2
| | | | ok jsing@
* replace malloc(strlen())/strlcpy with strdupbcook2014-07-082-6/+4
| | | | ok beck@ jsing@
* Define SMALL_REGISTER_BANK on arm and vax, for it generates faster code formiod2014-07-082-2/+10
| | | | | these systems (vax being 30% faster!). (surprisingly, the prime candidate for SMALL_REGISTER_BANK, SuperH, runs actually slower in that case)
* Remove undocumented _des_crypt() interface and its companion header file,miod2014-07-085-464/+2
| | | | | | | which had never been installed, so it's unlikely something ever used this in the last 15~20 years. ok deraadt@ jsing@ beck@
* pedantic avoidance of division by zero, likely not actuallybeck2014-07-082-2/+12
| | | | | possible to hit for real. ok miod@ jsing@
* Include -DLIBRESSL_INTERNAL in regress makefiles.jsing2014-07-0839-78/+78
| | | | ok miod@
* add missing stdint. include for uint32_t, etc.bcook2014-07-082-2/+8
| | | | ok beck@ jsing@
* string.h is the correct file, not strings.hbcook2014-07-081-2/+2
| | | | ok beck@ jsing@
* We do not care about broken Borland C pre-processors.jsing2014-07-082-10/+6
| | | | ok beck@ deraadt@
* Pretty much everything has SO_REUSEADDR - nuke the #ifdefs.jsing2014-07-082-10/+2
| | | | ok beck@
* We have EAI_FAMILY - remove the #ifdefs.jsing2014-07-082-10/+2
| | | | ok beck@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-25 09:50:20 +0000