| Commit message (Collapse) | Author | Files | Lines |
|---|
|
24 bits; if we don't, Td4[] gets cast to signed int, and according to C>=99
6.5.7, signed int shifted by enough bits to cause a the sign bit to be set
is an UB.
Reported by Pascal Cuoq on behalf of the trust-in-soft.com mafia I am
{partial,slightly related} to.
|
|
CAST_KEY is constructed. This is expected to reduce blood pressure in
auditors.
|
|
Suggested by WubTheCaptain so the same comparison code can be used with
LibreSSL.
https://www.openssl.org/docs/manmaster/crypto/OPENSSL_VERSION_NUMBER.html
|
|
|
|
OK jsing@
|
|
"ChaCha20 and Poly1305 for IETF Protocols", introduced a modified AEAD
construction that is incompatible with the common style that has been
already used in TLS with EVP_aead_chacha20_poly1305(). The IETF
version also adds a constant (salt) that is prepended to the nonce.
OK mikeb@ jsing@
|
|
|
|
|
|
|
|
|
|
relying upon previously included headers to do this, to enhance portability;
from Pascal Cuoq, libressl github pull request #52
|
|
From BoringSSL commit: d13a5e15d4e4eb51513be665306a2beba39869df
|
|
doesn't get pulled into all static executables
ok millert@ jca@
|
|
Wrap __cxa_{atexit,finalize}() so the call from exit() goes direct
Switch regress/lib/libc/atexit/ to be built with -static so that it can
still access __atexit*
ok millert@ jca@
|
|
|
|
For backward compatibility, the flags are redefined as 0.
ok jsing@
|
|
No part of LibreSSL checks for this flag any longer.
ok jsing@
|
|
ssl23_get_client_hello sets type=1 on error and continues processing.
It should return an error immediately to simplify things. This also
allows us to start removing the last of SSL_OP_NO_SSL*.
Added extra paranoia for s->version to make sure it is set properly.
ok jsing@
|
|
|
|
are the errno messages and signal names. Everything else is in
English. We are not planning to translate more text. Running a
mixed system with less than 1% of the text in native language makes
no sense. So remove the NLS support from libc messages. The
catopen(3) functions stay as they are.
OK stsp@ mpi@
|
|
wrappers. To keep uses from crawling back in, mark signal() as
deprecated inside libc.
ok deraadt@
|
|
|
|
|
|
list of interface names. At the same time switch if_nametoindex(3) and
if_indextoname(3) to use if_nameindex(3) instead of getifaddrs(3).
if_nameindex(3) exposes much less then getifaddrs(3) and is allowed by
pledge(2).
With and OK deraadt@
|
|
|
|
in a socket option can be pretty scary and there is no better interface for this.
so if the -V option is used you get no pledge at all.. Otherwise, do what
works for the various options. Still needs refinement for tls to drop rpath,
and a better solution for the routing table stuff
|
|
exiting, and loop the waitpid() on EINTR
ok deraadt@ millert@
|
|
SIGINT and SIGQUIT with sigaction() instead of signal() so that all bits
are preserved.
ok deraadt@ millert@
|
|
into libc, and move pthread_sigmask() as well (just a trivial wrapper).
This provides consistent handling of SIGTHR between single- and multi-threaded
programs and is a step in the merge of all the libpthread overloads, providing
some ASM and Makefile bits that the other wrappers will need.
ok deraadt@ millert@
|
|
ok guenther@
|
|
|
|
ASN1_{GENERALIZED,UTC}TIME_set_string(), which allows it to be called
with a NULL pointer.
ok beck@
|
|
ASN1_{GENERALIZED,UTC,}TIME_set_string() to be called with a NULL pointer.
Found the hard way by @kinichiro on github.
ok beck@
|
|
pointer - because, you know, you might want to set a string on a NULL
object. The previous implementation apparently allowed this as a way of
testing if the string was valid... probably because the *_check() functions
are only useable after the string has already been set.
|
|
ASN1_UTCTIME_set_string() twice instead.
|
|
|
|
becoming negative in probable_prime_dh_safe(). Reported by Franck Denis who
noticed `openssl gendh 0' would segfault.
Fix adapted from OpenSSL RT#2701.
ok beck@ jsing@
|
|
will end up doing a read and write of up to 7 bytes beyond the specified
length. This is effectively a non-issue since we read and write back the
same data and due to alignment it is within a page boundary.
Regardless, avoid this by removing the "special" handling for the remaining
length and allow the standard (non-chunk) code to process the remaining
bytes, which does not result in overrun.
Reported by Pascal Cuoq <cuoq at trust-in-soft.com> - thanks!
ok beck@ miod@
|
|
|
|
ok jsing@
|
|
utctime and gentime wrappers accordingly. Along with some other cleanup.
this also removes the need for timegm.
ok bcook@ sthen@ jsing@
|
|
|
|
|
|
ok semarie@
|
|
it is needed in order to let libssl UI_* function plays with echo on/off when
asking for password on terminal.
passwd subcommand needs additionnal "wpath cpath" in order to let it calls
fopen("/dev/tty", "w") (O_WRONLY with O_CREAT | O_TRUNC).
problem reported by several
with and ok doug@
|
|
few lines above.
|
|
macros. The only change in the generated assembly is due to line numbering.
|
|
DECLARE_ASN1_FUNCTIONS_const already includes this macro so using both
means we end up with duplicate function prototypes and externs.
|
|
ok bcook@
|
|
|
