summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* More KNF.jsing2014-07-082-32/+36
|
* Simplify various BIO_sock_* fuctions - less code, better variable names,jsing2014-07-082-54/+24
| | | | | | correct types and fewer casts. ok deraadt@ miod@
* repeat calls to getentrypy() with the same pid likely indicate reseeds.deraadt2014-07-082-6/+20
| | | | | | Since we assume the PRNG above is doing "something old, something new" folding, shortcut and do fewer repeats through the timing loop. ok beck
* Memory-leak-in-error-path of the day in X509_ATTRIBUTE_set1_data().miod2014-07-032-4/+6
| | | | ok logan@ beck@
* Enter the REGRESS_FULL target subdirs for clean, cleandir and obj targets.miod2014-07-032-4/+4
|
* Memory leak in error path of the day, from clang via dhill@bitrig;miod2014-07-022-4/+6
| | | | ok dhill@bitrig
* Warnings. I haz them.miod2014-07-021-2/+11
|
* pk7_doit.c r1.20 introduced a NULL check that ensures that the signaturejsing2014-07-022-4/+4
| | | | | | | | | | contents are not NULL, however this breaks detached signature processing. Fix this by allowing the signature contents to be NULL when operating with a detached signature. Found the hard way by sthen@. ok sthen@
* Add an initial regress test for pkcs7.jsing2014-07-023-1/+300
| | | | This currently fails when signing/verifying with a detached signature.
* Remove more unused cruft.jsing2014-07-0258-3266/+0
| | | | No objection from the usual suspects.
* KNF.jsing2014-07-022-122/+102
|
* Avoid a NULL deref in i2d_ECPrivateKey() when an EC_KEY lacks the public keymiod2014-07-012-4/+4
| | | | | | member (which is perfectly acceptable). From BoringSSL (Adam Langley), commit f71a27920a903c9c36bcb31e68781b17674d3fd2
* simplify and unobfuscate a variable to fix a mem leak.tedu2014-06-302-12/+18
| | | | original diff by logan
* fix the identical leak in three different files.tedu2014-06-306-12/+18
| | | | reported by Brent Cook, original diff by logan
* Free "data" when it's no longer in use.logan2014-06-291-1/+2
| | | | | | (Thanks to Brent Cook) OK from jsing@
* Fix file descriptor leaklogan2014-06-291-1/+2
| | | | | | (Thanks to Brent Cook) OK from jsing@
* Remove yet another unused file... a backup copy (minus copyright andjsing2014-06-292-132/+0
| | | | includes) follows this commit message:
* KNF.jsing2014-06-2922-3212/+3126
| | | | | | | | I just spent too long chasing a bug in here and really should have done this first. Gem of the day... is it an if test or a for loop? No, it is a super ifloop! if (!(flags & PKCS7_NOVERIFY)) for (k = 0; k < sk_X509_num(signers); k++) {
* Remove another unused source file - I got suspicious when I found ajsing2014-06-292-920/+0
| | | | | | | | function that ended with: if (ret & 0x01) if (ret & V_ASN1_CONSTRUCTED) }
* More KNF.jsing2014-06-292-64/+98
|
* correct issetugid sense as spotted by Stijn van Drongelen.deraadt2014-06-292-6/+14
| | | | Substantially expand the conditional to reduce potential for error.
* Add a missing word.jca2014-06-282-2/+2
|
* Fix a memory leak and another one that occurs in the error paths.logan2014-06-282-4/+12
| | | | | | | (Thanks to Brent Cook) OK from tedu@
* Fix 9 memory leaks.logan2014-06-282-2/+20
| | | | | | | | (Thanks to Brent Cook) With help from tedu@ OK from tedu@
* Fix 2 memory leaks.logan2014-06-282-2/+6
| | | | | | (Thanks to Brent Cook) OK from tedu@
* Use strtonum() instead of atoi(), and then impose what are we thinkderaadt2014-06-2813-102/+211
| | | | | | are the current range checks. Help from millert and lteo. Please test now that it is deployed and let us know if any numbers are off.. ok lteo
* When building a BN on the stack in BN_div(), make sure to initialize all itsmiod2014-06-272-2/+4
| | | | | | fields (i.e. the flags field) before using it. This is currently harmless, but might not be if we end up invoking other BN functions checking for constant-time processing requirement in the future.
* re-init and init code paths are now more shared, so the getpid()-basedderaadt2014-06-271-2/+3
| | | | portable code path must handle that; with brent cook
* extra evil spaces snuck in over the last whilederaadt2014-06-271-20/+20
|
* Move to a smaller rbytes buffer and skip a random part. Not tootto2014-06-271-3/+4
| | | | | | improve the random stream itself (it doesn't), but to introduce noise in the arc4random calling pattern. Thanks to matthew@ who pointed out bias in a previous diff, ok deraadt@ matthew@
* save_errno botch; spotted by miodderaadt2014-06-272-4/+4
|
* hand-KNF macro the do { } while loopsderaadt2014-06-278-80/+98
|
* hand-KNF the remaining bitsderaadt2014-06-272-196/+212
|
* Remove M_ASN1_New* macros which are only used in X509_PKEY_new() are obfuscatemiod2014-06-274-44/+32
| | | | | | it to hide memory leaks in the error paths, and fix aforementioned memory leaks. ok jsing@ logan@ deraadt@
* Add back an #ifndef MAP_INHERIT_ZERO chunk to support the old getpid()deraadt2014-06-261-1/+13
| | | | | mechanism, to aid in portability to other systems as requested. ok matthew
* save errno in ERR_put_error(), so that SYSerr doesn't have any accidentalderaadt2014-06-262-2/+6
| | | | | cases where errno can be trashed. ok jsing
* fix HD() misuse; from brent cookderaadt2014-06-262-4/+4
|
* AT_BASE returns us the *address* of the start of ld.so, sobeck2014-06-252-4/+4
| | | | | use the address, not what it points to (which is always the same) ok deraadt@
* get the page of data at AT_SYSINFO_EHDRbeck2014-06-252-4/+4
| | | | ok deraadt@
* comment fixes from theobeck2014-06-252-10/+12
|
* Possibly obtain a little bit of entropy from addresses returnedbeck2014-06-252-4/+46
| | | | | by getauxval if we have it. ok deraadt@
* O_NOFOLLOW would be very nice to have here if the version of linuxbeck2014-06-252-20/+22
| | | | | we are running supports it. from enh@google.com
* Alexander Schrijver posted a diff to remove references to the c_rehash script,jmc2014-06-251-6/+5
| | | | | | which we don;t have in base. after some discussion with jca, i've not removed these references, but tried to make it clearer it's distributed with openssl and not included in base;
* document why we explicit_bzeroderaadt2014-06-251-2/+2
|
* Unifdef -UNO_SYS_TYPES_Hmiod2014-06-2410-40/+18
|
* Remove previously commented out wrong code, as well as the comment saying thismiod2014-06-242-6/+2
| | | | is incorrect code.
* Remove ancient workaround for previous century's compilers in the declarationmiod2014-06-242-4/+2
| | | | of CRYPTO_EX_DATA; riding upon the libcrypto major bump.
* Remove BIO_f_reliable(), guilty of playing with EVP_MD_CTX internals itmiod2014-06-245-1256/+4
| | | | | should not know anything about. Verified not to be used in ports; riding upon the recent libcrypto major bump.
* Crank libcrypto major since my previous commit changed the size of thejsing2014-06-242-2/+2
| | | | ChaCha context. Other changes will also ride this crank.
* If a chacha operation does not consume all of the generated key stream,jsing2014-06-246-14/+92
| | | | | | | | | | | | | | | | ensure that we save it and consume it on subsequent writes. Otherwise we end up discarding part of the key stream and instead generate a new block at the start of the next write. This was only an issue for callers that did multiple writes that are not multiples of 64 bytes - in particular, the ChaCha20Poly1305 usage does not hit this problem since it performs encryption in a single-shot. For the same reason, this is also a non-issue when openssl(1) is used to encrypt with ChaCha. Issue identified by insane coder; reported to bugs@ by Joseph M. Schwartz. ok beck@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-26 03:46:03 +0000