summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* if (x) free(x) -> free(x); semantic patch generated with coccinelle, carefullymiod2014-05-2251-164/+85
| | | | eyeballed before applying. Contributed by Cyril Roelandt on tech@
* Add explicit #include lines for stdio.h, stdlib.h and string.h; these filesmiod2014-05-222-0/+6
| | | | | | | | | | | | used to be pulled via <openssl/pqueue.h> which got removed, and it turns out that there is code in the wild which currently relies upon these headers to be brought in scope by including <openssl/dtls1.h>. Although such code needs to be fixed to not rely upon any system header being automagically included by including ssl headers, our goal is not to break code for the sake of it (ok, maybe from time to time). Hopefully, this commit can be reverted in a not-so-distant future.
* Expand the OPENSSL_{GLOBAL,EXPORT,IMPORT,EXTERN} macros - this rids thejsing2014-05-2214-44/+40
| | | | | | libssl tree from all uses of these defines. ok miod@
* There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (anjsing2014-05-228-14/+4
| | | | | | | | | empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl. ok miod@
* Stop pulling pqueue.h into ssl_locl.h since only a small part of libssljsing2014-05-2212-12/+16
| | | | | | | | | | actually needs it. Instead, just include it in the files where it is actually necessary. Also remove standard includes from pqueue.h so that they are not available as a side effect. Just add the two includes that are needed to pqueue.c. ok miod@
* Stop including kssl_lcl.h and nuke it from orbit - it is a no-op now.jsing2014-05-229-72/+0
| | | | ok beck@ miod@
* Hello? Yes, you're speaking with OPENSSL_SYS_UNIX.jsing2014-05-222-56/+0
| | | | ok beck@ miod@
* mark BIO_snprintf as deprecated, so warnings will be generated for it'sbeck2014-05-222-4/+4
| | | | use. ok miod@ tedu@
* KNF.jsing2014-05-226-342/+308
|
* More KNF.jsing2014-05-222-368/+388
|
* Make this build cleanly even with UTF8_{putc,getc} moved from theguenther2014-05-222-2/+6
| | | | | public header to the internal. Make some variables unsigned to eliminate some warnings
* No uses of UTF8_{getc,putc}() in ports, so remove them from the public header.guenther2014-05-224-18/+16
| | | | ok miod@
* fix MALLOC_STATS (not compiled in by default); ok tedu@otto2014-05-211-18/+19
|
* KSSL is dead... nuke KSSL_DEBUG from orbit.jsing2014-05-2010-276/+0
| | | | ok beck@ miod@
* Use errc/warnc to simplify code.guenther2014-05-202-9/+9
| | | | | | Also, in 'ftp', always put the error message last, after the hostname/ipaddr. ok jsing@ krw@ millert@
* Bring UTF8_{getc,putc} up-to-date: it's been a decade since 5- and 6-byteguenther2014-05-208-186/+176
| | | | | | | | encodings and encoding of surrogate pair code points were banned. Add checks for those, both to those functions and to the code decoding the BMP and UNIV encodings. ok miod@
* Fix several bounds checks in ssl_add_clienthello_tlsext() andmiod2014-05-192-68/+78
| | | | | | | | | ssl_add_serverhello_tlsext(), and convert all of them to the same idiom, for easier review. Math is hard, let's go webshopping. Help and ok guenther@
* More KNF.jsing2014-05-191-60/+60
|
* More whack-a-mole^Wfips.jsing2014-05-192-18/+1
| | | | ok miod@
* It is perfectly valid to call free(NULL), so stop checking for non-NULLjsing2014-05-1929-128/+80
| | | | before calling free - of some course parts of the code already did this.
* Enable the 3- and 4-byte sequence tests for UTF8_getc()guenther2014-05-191-9/+18
| | | | | Add surrogate and out-of-range tests for UTF8_putc() on the assumption we'll make it return -2. Maybe.
* Add regression test for UTF8_{getc,putc}()guenther2014-05-183-2/+317
|
* If you need to allocate `a + b' bytes of memory, then don't allocate `a + b*2',miod2014-05-186-12/+12
| | | | | | this is confusing and unnecessary. Help (coz I got confused) and ok guenther@ beck@
* Make sure UTF8_getc() is invoked with the proper buffer size.miod2014-05-182-4/+4
| | | | ok beck@ guenther@
* factor out a bit of the chunk index code and use it to make sure that atedu2014-05-181-14/+33
| | | | | freed chunk is actually freeable immediately. catch more errors. hints/ok otto
* Out of all the openssl apps, just one of them has code to mess around withjsing2014-05-181-12/+0
| | | | | | electric fence externs. Nuke from orbit. ok miod@
* W_OK comes via unistd.h - nuke several #ifndef W_OK that attempt to handlejsing2014-05-181-13/+2
| | | | missing defines.
* Remove unused include.jsing2014-05-183-3/+0
|
* Group and sort includes.jsing2014-05-1850-214/+308
| | | | | | | | Currently "apps.h" needs to be included before any of the openssl headers and there are several cases where the code depends on headers that are included by something included by apps.h... More untangling saved for later on.
* Plug memory leaks upon error in OCSP_url_svcloc_new().miod2014-05-182-12/+18
| | | | ok jsing@
* In OCSP_sendreq_bio(), cope with OCSP_sendreq_new() returning NULL.miod2014-05-182-8/+12
| | | | ok jsing@
* In dtls1_reassemble_fragment() and dtls1_process_out_of_seq_message(), in casemiod2014-05-182-14/+6
| | | | | | | | of error, make sure we do not free pitem which is still linked into the pqueue. In the same vain, only free `frag' if we allocated it in this function. Help and ok beck@
* In ssl3_send_certificate_request(), when adding the extra payload ifmiod2014-05-182-2/+12
| | | | | | | NETSCAPE_HANG_BUG is defined, make sure we BUF_MEM_grow() the buffer to accomodate for the payload size. Issue reported by David Ramos; ok beck@
* Make sure ssl3_setup_buffers() does not return upon error with a freedmiod2014-05-182-14/+14
| | | | | | | pqueue still chained, by inserting it into the list only after all possible failure conditions have been avoided. Reported and fix proposed by David Ramos; ok beck@
* bio_err is initialised in main, hence there is no need to initialise itjsing2014-05-1846-168/+16
| | | | | | | | | | | | in each application (since there is no longer a non-monolithic mode). In typical OpenSSL fashion, the code is inconsistent and there are multiple ways that bio_err was initialised - none of them actually checked to see if the initialisation actually succeeded. Additionally, it is worth noting that in at least two cases bio_err was also being used before it would have been initialised. ok miod@
* More KNF.jsing2014-05-1820-386/+416
|
* Omit -Werror if building with gcc3, for it triggers "redefinition of `pqueue'"miod2014-05-181-2/+6
| | | | warnings now that pqueue.h has been removed from public scope.
* No need to check for NULL before invoking free(); use calloc() whenmiod2014-05-182-60/+14
| | | | | | applicable; further simplify pqueue_find(). From Dimitris Papastamos on tech@
* sync openssl(1) with changes already made in src/lib/libssl/doc, reminded bysthen2014-05-181-5/+5
| | | | jmc: move from 1024 to 2048 bit key defaults; see genrsa.c 1.26 et al.
* does sunos not have memmove? sorry, i guess sunos will not have libressl.tedu2014-05-172-42/+6
| | | | ok guenther miod
* unchecked malloc() return value in OCSP_sendreq_new().miod2014-05-172-0/+4
|
* KNFmiod2014-05-1716-2548/+2664
|
* add missing header needed for mem{cpy,cmp}()chl2014-05-171-0/+1
| | | | ok tedu@
* correctly match size and buffer. from enh at googletedu2014-05-171-3/+3
|
* simple reallocarray to check multiplies. ok guenthertedu2014-05-172-12/+8
|
* no no md2tedu2014-05-179-57/+0
|
* no no seedtedu2014-05-174-34/+0
|
* deleted seed some time agotedu2014-05-1713-295/+0
|
* Add missing header needed by isdigit().chl2014-05-171-4/+5
| | | | | | While there, sort headers. ok tedu@
* refactor some of the des crypt code to use fewer globals.tedu2014-05-172-42/+45
| | | | ok miod
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-28 12:16:52 +0000