summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Clean up versioning and remove #ifdefs that we do not define.jsing2014-07-112-68/+18
| | | | ok beck@
* Make sure we leave OPENSSL_NO_PSK in the conf files so thingsbeck2014-07-1126-0/+26
| | | | | can know... ok jsing@
* Suspicions confirmed by sthen's searching that nothing uses ossl_ssize_tderaadt2014-07-111-3/+1
| | | | except embedded openssl's in other trees.
* Remove PSK from the ssl regress.jsing2014-07-112-134/+1
|
* pour some water on an ass emberderaadt2014-07-112-2/+2
| | | | spotted by doctor jsing, always keeping an eye out for these
* Fetch the specific license which will be used fromderaadt2014-07-112-0/+48
| | | | | | https://www.openssl.org/~appro/camellia/dist/BSD_license.txt It isn't our concern to supply the other licences mentioned in source files; that is realy not our problem.
* Add locking for __cxa_finalize() as it modifies the page permissions of thekettenis2014-07-111-1/+5
| | | | | | | __atexit tables and touches global variables. From Srinavasa Nagaraju through Android/Elliott Hughes. ok tedu@, guenther@
* Remove the commentary about the majority of this code being underderaadt2014-07-112-6/+4
| | | | | | | 'BSD-style Open Source licenses'. It is a bit improper of OpenSSL to classify themselves into the BSD community without a clear justification for the extra clauses / terms...
* More e_os2.h clean up. Also move the includes inside the guard.jsing2014-07-111-20/+12
| | | | ok deraadt@ who also has a similar diff.
* Revert change that snuck into previous commit.jsing2014-07-112-6/+2
|
* Remove the PSK code. We don't need to drag around thisbeck2014-07-1125-1507/+27
| | | | | baggage. ok miod@ jsing@
* better document perils of setuid getenv and xr with issetugidtedu2014-07-111-2/+10
| | | | ok deraadt
* The only thing openssl is consistant about is inconsistancy, so therederaadt2014-07-112-2/+2
| | | | | | | are many variations of their license and we need to say: licenses which follow: rather than license which follows:
* say hi to the bitbucketderaadt2014-07-115-12388/+0
|
* replace u_int32_t with uint32_tbcook2014-07-111-4/+5
| | | | ok beck@
* replace u_int8_t with uint8_tbcook2014-07-112-6/+10
| | | | ok beck@
* Only import cryptlib.h in the four source files that actually need it.jsing2014-07-11690-2194/+2290
| | | | | | | | Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
* Add a small note about LibReSSL at the start of this.beck2014-07-112-0/+14
| | | | ok jsing@
* No need to keep ssl23_foo() flavours mapping to ssl3_foo().miod2014-07-119-86/+24
| | | | ok tedu@
* Remove JPAKE remnants - there is no jpake.h, so if OPENSSL_NO_JPAKE wasjsing2014-07-114-16/+2
| | | | removed from opensslconf.h, this would no longer compile.
* Fix dumb copy/paste mistake.matthew2014-07-111-3/+3
| | | | Noticed testing with clang.
* Fix explicit_bzero regress for Solaris and OS X compatibilitymatthew2014-07-111-27/+68
| | | | | | | | | | | | | Solaris and OS X clobber the signal stack when returning to the main stack, which caused the original testing strategy (inspecting the signal stack once we're back on the main stack) to fail. To be compatible with this behavior, the regress test now inspects the signal stack space while we're still executing on it. This is a bit iffy because we might clobber it ourselves while inspecting it, but we as long as its not completely clobbered we should be okay. thx bcook for the Solaris test account
* Explicitly include <openssl/opensslconf.h> in every file that referencesjsing2014-07-10394-550/+1462
| | | | | | | | | an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included. This also includes some miscellaneous sorting/tidying of headers.
* OPENSSL_stderr() is unused so nuke it. OPENSSL_showfatal() is only used byjsing2014-07-104-24/+6
| | | | | | OpenSSLDie(), which is in the same file, so just make it static. ok miod@
* Use size_t as realloc() size argument whenever possible. ok tedu@miod2014-07-104-12/+16
|
* Simplify realloc() usage; ok tedu@miod2014-07-102-30/+12
|
* Upon realloc() failure, free() the original pointer and remove the stupidmiod2014-07-102-6/+6
| | | | | comments implying you don't have to. ok tedu@
* KNFmiod2014-07-102-52/+68
|
* Fix a double free in a can't-fail error path in PKCS7_decrypt(), by removingmiod2014-07-102-20/+12
| | | | | the error path altogether and simplifying the local variables as a result. joint work with jsing@; ok jsing@ tedu@
* remove unused variable from ssl3_get_client_hellobcook2014-07-102-6/+4
| | | | ok tedu@ miod@
* as noted by google/android via kettenis, atexit handlers can install newtedu2014-07-101-1/+8
| | | | | handlers. if this happens, restart the loop. ok kettenis matthew millert miod
* Inline the only use of the HEX_SIZE macro and nuke both DECIMAL_SIZE andjsing2014-07-104-14/+6
| | | | | | HEX_SIZE. ok beck@ miod@
* Make sure srp_Calc_k() digest operations are checked for error; frommiod2014-07-102-18/+34
| | | | Florian Zumbiehl (florz , florz . de) on tech@
* Make sure SRP_Calc_client_key() returns NULL instead of a pristine BN_new()miod2014-07-102-8/+18
| | | | upon error; from Florian Zumbiehl (florz , florz . de) on tech@
* Nuke OPENSSL_NONPIC_relocated since nothing uses it.jsing2014-07-104-8/+4
| | | | ok miod@
* Kill a blatantly outdated (and now wrong) commentmiod2014-07-102-8/+2
|
* Fix examples description, and use less ambiguous wording.miod2014-07-101-4/+4
|
* Try and fix the horrible coding style of the example code snippets.miod2014-07-1019-398/+445
|
* Stop including standard headers via cryptlib.h - pull in the headers thatjsing2014-07-10268-420/+906
| | | | | | are needed in the source files that actually require them. ok beck@ miod@
* Remove empty sections and references to des_modes(7) which we don't have.miod2014-07-1067-218/+32
|
* Fewer lies, also do not document DES_3cbc_encrypt anymore.miod2014-07-102-44/+12
|
* Features introduce in OpenSSL 0.9.8 do not deserve their own section.miod2014-07-102-42/+38
| | | | | Instead, fold their description in the main documentation, and update the history section to mention them as well.
* Attempt to (incompletely) document EVP_aes_*().miod2014-07-107-23/+30
| | | | | | | | | When EVP_des_cbc() was suggested, suggest EVP_aes_256_cbc() instead. Remove mention of EVP_des_ede3_cbc() being the algorithm of choice for S/MIME. Don't mention US-export limited RC2 algorithms, you'd better not know about them.
* RSA_setup_blinding() gets a BN with BN_CTX_get(), returns `out of memory'miod2014-07-102-12/+2
| | | | | | | | if it fails, then never uses it anymore, and may invoke a function which needs more than one BN from the BN_CTX anyway, so this is pointless - remove the BN_CTX_get() call and the test. ok jsing
* make asn1 free safe to call with null pointers of any type.tedu2014-07-102-8/+6
| | | | ok jsing miod
* One sure hopes that OPENSSL_cleanse will:jsing2014-07-102-4/+4
| | | | /* Clear password from memory */
* Remove #if 0 code which dumps your data to stdout.miod2014-07-102-18/+2
|
* Tweak some comments. We do not really need to know that "New!" flags werejsing2014-07-102-18/+16
| | | | added 10+ years ago (they're kinda somewhat stale by now...)
* Uncompress ssltest.jsing2014-07-101-50/+0
|
* Remove more compression tendrils.jsing2014-07-106-28/+8
| | | | ok tedu@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-04 04:05:12 +0000