summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* save errno in ERR_put_error(), so that SYSerr doesn't have any accidentalderaadt2014-06-262-2/+6
| | | | | cases where errno can be trashed. ok jsing
* fix HD() misuse; from brent cookderaadt2014-06-262-4/+4
|
* AT_BASE returns us the *address* of the start of ld.so, sobeck2014-06-252-4/+4
| | | | | use the address, not what it points to (which is always the same) ok deraadt@
* get the page of data at AT_SYSINFO_EHDRbeck2014-06-252-4/+4
| | | | ok deraadt@
* comment fixes from theobeck2014-06-252-10/+12
|
* Possibly obtain a little bit of entropy from addresses returnedbeck2014-06-252-4/+46
| | | | | by getauxval if we have it. ok deraadt@
* O_NOFOLLOW would be very nice to have here if the version of linuxbeck2014-06-252-20/+22
| | | | | we are running supports it. from enh@google.com
* Alexander Schrijver posted a diff to remove references to the c_rehash script,jmc2014-06-251-6/+5
| | | | | | which we don;t have in base. after some discussion with jca, i've not removed these references, but tried to make it clearer it's distributed with openssl and not included in base;
* document why we explicit_bzeroderaadt2014-06-251-2/+2
|
* Unifdef -UNO_SYS_TYPES_Hmiod2014-06-2410-40/+18
|
* Remove previously commented out wrong code, as well as the comment saying thismiod2014-06-242-6/+2
| | | | is incorrect code.
* Remove ancient workaround for previous century's compilers in the declarationmiod2014-06-242-4/+2
| | | | of CRYPTO_EX_DATA; riding upon the libcrypto major bump.
* Remove BIO_f_reliable(), guilty of playing with EVP_MD_CTX internals itmiod2014-06-245-1256/+4
| | | | | should not know anything about. Verified not to be used in ports; riding upon the recent libcrypto major bump.
* Crank libcrypto major since my previous commit changed the size of thejsing2014-06-242-2/+2
| | | | ChaCha context. Other changes will also ride this crank.
* If a chacha operation does not consume all of the generated key stream,jsing2014-06-246-14/+92
| | | | | | | | | | | | | | | | ensure that we save it and consume it on subsequent writes. Otherwise we end up discarding part of the key stream and instead generate a new block at the start of the next write. This was only an issue for callers that did multiple writes that are not multiples of 64 bytes - in particular, the ChaCha20Poly1305 usage does not hit this problem since it performs encryption in a single-shot. For the same reason, this is also a non-issue when openssl(1) is used to encrypt with ChaCha. Issue identified by insane coder; reported to bugs@ by Joseph M. Schwartz. ok beck@
* Extend the chacha regress to cover the ChaCha interface, in addition to thejsing2014-06-241-22/+99
| | | | | | | single-shot CRYPTO_chacha_20() interface (the ChaCha interface was already tested via the EVP regress, but not extensively). The additional ChaCha tests include single-shot writes, along with partial/single-byte writes that currently fail due to a bug in the underlying implementation.
* Some KNF.jsing2014-06-242-12/+24
|
* Replace 48 lines of code with a single inet_pton() call. The previousjsing2014-06-242-96/+6
| | | | | | | | | | | | | handrolled version could not even make use of sscanf(), since that would not work with a certain antiquated compiler. It is worth noting that there is a tiny change in behaviour - previously calling BIO_get_host_ip() with something that looked like it might be a valid IP address (for example, "1." or even ".") would result in it returning failure rather than trying a BIO_gethostbyname() - now we'll always try a BIO_gethostbyname() if it was not a valid IPv4 address. ok beck@ miod@ deraadt@
* Actually make BIO_set_tcp_ndelay() work - TCP_NODELAY will not magicallyjsing2014-06-242-32/+6
| | | | | | appear by itself. ok beck@ miod@
* Fix memory leak.logan2014-06-241-2/+4
| | | | | | Thanks to Brenk Cook. OK from miod@
* Since this is a library, place issetugid() before every getenv()deraadt2014-06-2310-26/+48
| | | | ok miod
* unbreak build of getentropy_sysctl - we need linux/sysctl.h, andbeck2014-06-232-36/+42
| | | | RANDOM_UUID is an enum member.
* unbreak - main needs to be extern in here somewhere.beck2014-06-232-2/+4
|
* KNF, particularly wrapped lines of calls to PEM_read_bio_FOO() andguenther2014-06-222-48/+88
| | | | | | multiline comments ok jsing@
* Add regress tests for BIO_get_host_ip().jsing2014-06-221-2/+70
|
* BIO_sock_init() no longer does anything, so stop calling it.jsing2014-06-222-20/+2
|
* Just use SOMAXCONN and IPPROTO_TCP, since we know we have them.jsing2014-06-222-28/+8
|
* In BIO_get_port(), use strol() with appropriate range checks rather thanjsing2014-06-226-68/+100
| | | | | | | an atoi() followed by an unsigned short cast. This stops things like "-1" and "66536" from being considered to be "valid" port numbers. ok beck@ deraadt@
* Add a skeleton regress for crypto/bio, which currently only coversjsing2014-06-223-1/+94
| | | | | BIO_get_port() and fails since the current code believes that "-1" is a valid port.
* Hook in the aead regress.jsing2014-06-221-1/+2
|
* nuke unused test programs; ok jsingderaadt2014-06-224-92/+4
|
* More KNF.jsing2014-06-222-10/+10
|
* KNF.jsing2014-06-226-416/+406
|
* KNF.jsing2014-06-2212-1922/+2162
|
* More KNF.jsing2014-06-226-18/+18
|
* matthew reminds me to update regress to reflect current spectedu2014-06-211-10/+3
|
* repair indentation for an inner loop; shorten some macros and variablederaadt2014-06-212-258/+270
| | | | | names to shorten line lengths ok beck
* always compare memcmp against 0, for clarity.tedu2014-06-216-14/+14
|
* loosen the spec for timingsafe functions slightly, so as to nottedu2014-06-211-10/+5
| | | | artificially constrain alternative implementations. ok deraadt
* Pull the code that builds a DTLS sequence number out into its own functionjsing2014-06-216-46/+58
| | | | | | to avoid duplication. Also use fewer magic numbers. ok miod@
* Specify the correct strength bits for 3DES cipher suites.jsing2014-06-212-30/+26
| | | | | | From OpenSSL. ok miod@
* Add DTLS support to ssltest and wire up some regress tests.jsing2014-06-212-8/+41
| | | | ok miod@
* Switch to the ISC licensed versions of these files, which Google has madejsing2014-06-214-202/+52
| | | | | | available via boringssl. ok deraadt@
* Pull out the sequence number selection and handle this up front. Also, thejsing2014-06-212-18/+12
| | | | correct record is already known, so avoid reassignment.
* More KNF and clean up.jsing2014-06-212-26/+18
|
* More KNF.jsing2014-06-2116-122/+112
|
* KNFmiod2014-06-216-248/+274
|
* KNFmiod2014-06-216-356/+372
|
* Fix memory leak in error path.logan2014-06-212-4/+4
| | | | OK from miod@
* Protect explicit_bzero() from link-time optimizationmatthew2014-06-211-7/+10
| | | | | | | | | | | | | | | | | | | | Modern compiler toolchains are capable of optimizing even across translation unit boundaries, so simply moving the memory clearing into a separate function is not guaranteed to clear memory. To avoid this, we take advantage of ELF weak symbol semantics, and insert a call to an empty, weakly named function. The semantics of calling this function aren't determinable until load time, so the compiler and linker need to keep the memset() call. There are still ways a toolchain might defeat this trick (e.g., optimistically expecting the weak symbol to not be overloaded, and only calling memset() if it is; promoting weak symbols to strong symbols at link-time when emitting a static binary because they won't be interposed; implementing load-time optimizations). But at least for the foreseeable future, these seem unlikely. ok deraadt
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-01 23:07:41 +0000