summaryrefslogtreecommitdiff
path: root/src/lib/libc/stdlib/reallocarray.c (unfollow)
Commit message (Collapse)AuthorFilesLines
2022-11-14Hide public symbols in libcrypto/x509 .c filesbeck55-52/+2073
ok tb@
2022-11-13Fix comment styletb1-3/+3
2022-11-13Various improvements; joint work with beck@:schwarze1-64/+72
1. Explain up front what "ASN1_TIME" is (suggested by beck@, wording by me). 2. For opaque structs, use the generic term "object", like we already do it in many other LibreSSL manual pages. 3. Drop some redundant phrases. 4. Improve the EXAMPLES section (by beck@, with fixes by me). 6. Add a STANDARDS section. ...and some other minor polishing. OK beck@
2022-11-13Check certificate extensions in trusted certificates.beck3-8/+64
Historically the standards let the implementation decide to either check or ignore the certificate properties of trust anchors. You could either use them simply as a source of a public key which was trusted for everything, or you were also permitted to check the certificate properties and fully enforce them. Hooray for freedumb. OpenSSL changed to checking these with : commit 0daccd4dc1f1ac62181738a91714f35472e50f3c Author: Viktor Dukhovni <openssl-users@dukhovni.org> Date: Thu Jan 28 03:01:45 2016 -0500 BoringSSL currently does not check them, as it also inherited the previous OpenSSL behaviour. It will change to check them in the future. (https://bugs.chromium.org/p/boringssl/issues/detail?id=533)
2022-11-13Bump libtls minor to match libcrypto and libssltb1-1/+1
2022-11-13Bump libssl minor to match libcryptotb1-1/+1
2022-11-13Bump minor after symbol additiontb1-1/+1
2022-11-13Update Symbols.listtb1-0/+8
2022-11-13Expose direct access API for Ed25519.tb1-3/+1
2022-11-13Expose various EVP hooks for Ed25519 and X25519tb1-6/+3
This adds the EVP_PKEY_ED25519 and EVP_PKEY_X25519 aliases for the NIDs and exposes the raw public key API. The ED25519_KEYLEN and X25519_KEYLEN defines are still kept internal for now to match what OpenSSL have. We may want to expose those later.
2022-11-13Add ED25519 aliases for NID, SN and OBJtb1-3/+1
The Ed25519 versions already existed, but OpenSSL chose to uppercase the D.
2022-11-13Expose ASN1_buf_print() in asn1.htb1-3/+1
This is needed to print the 32-byte Ed25519 keys which aren't handled as BNs.
2022-11-12Hide symbols in libcrypto/uibeck6-4/+187
ok jsing@
2022-11-12Hide symbols in libcrypto/pkcs12beck18-17/+272
ok jsing@
2022-11-12Hide symbols in libcrypto/pkcs7beck11-41/+368
This applies the guentherizer 9000(tm) to pkcs7, after moving several pkcs7 funcitions back to pkcs7 that were in x509/x_all.c for reasons known only to the miasma. ok jsing@
2022-11-11Hide symbols in libcrypto/stackbeck3-1/+89
Automated change from the first attempts at the semi automated Guentherizer 2000. ok jsing@ tb@ joshua@
2022-11-11Clean up openssl(1) command execution.joshua1-20/+26
This cleans up the code that handles command execution for openssl(1), displays the help message when 'openssl help' is executed, and exits with code 1 when an invalid command is executed, matching the behaviour of OpenSSL version 1.1+ and above. ok tb@
2022-11-11Convert the legacy TLS stack to tls_content.jsing10-190/+292
This converts the legacy TLS stack to tls_content - records are now opened into a tls_content structure, rather than being written back into the same buffer that the sealed record was read into. This will allow for further clean up of the legacy record layer. ok tb@
2022-11-11Remove the legacy interactive mode from openssl(1).joshua46-376/+231
This removes the legacy interactive mode from openssl(1) since it is rarely used, complicates the code, and has also been removed from OpenSSL in version 3.x.x. ok tb@ jsing@
2022-11-11Symbols.list: Drop comments and sort.tb1-33/+22
While grouping the API by its purpose is nice, it doesn't help much if >90% is "general API". ok jsing
2022-11-11Use named initialisers.jsing1-3/+4
Requested by tb@
2022-11-11Merge bf_pi.h into bf_skey.c.jsing2-330/+268
There's not much point having a static table in a header file that is only included in one source file. Discussed with tb@
2022-11-11Tidy includes, fix comment style and mop up some blank lines.jsing6-17/+22
2022-11-11Whack blowfish with a style(9) bat.jsing9-740/+741
2022-11-11Start CBS-ifying the name constraints code.beck5-138/+198
ok jsing@ tb@
2022-11-11Stop pretending that obj_mac.h is optional.jsing1-896/+1
This is effectively: unifdef -m -DUSE_OBJ_MAC objects/objects.h ok beck@, with extreme prejudice.
2022-11-11Add support for symbol hiding disabled by default.beck10-5/+232
Fully explained in libcrypto/README. TL;DR make sure libcrypto and libssl's function calls internally and to each other are via symbol names that won't get overridden by linking other libraries. Mostly work by guenther@, which will currently be gated behind a build setting NAMESPACE=yes. once we convert all the symbols to this method we will do a major bump and pick up the changes. ok tb@ jsing@
2022-11-11zap stray space (CRITICAL!)tb1-2/+2
2022-11-10Bump LibreSSL version to 3.7tb1-3/+3
2022-11-10Use tls_buffer for alert and handshake fragments in the legacy stack.jsing5-49/+94
This avoids a bunch of pointer munging and a handrolled memmove. ok tb@
2022-11-10Finish migrating to one source file per line.joshua1-17/+78
ok jsing@ tb@
2022-11-10In asn1.h rev. 1.65, beck@ provided ASN1_TIME_set_string_X509(3),schwarze1-11/+139
ASN1_TIME_normalize(3), ASN1_TIME_to_tm(3), ASN1_TIME_cmp_time_t(3), and ASN1_TIME_compare(3). Merge documentation from the OpenSSL 1.1.1 branch, which is still under a free license, with tweaks by me in several respects to match our implementation, and also using some feedback from beck@. OK beck@.
2022-11-10Allow explicit cert trusts or distrusts for EKU anybeck1-4/+6
This matches the current OpenSSL behaviour introduced in their commit: commit 0daccd4dc1f1ac62181738a91714f35472e50f3c Date: Thu Jan 28 03:01:45 2016 -0500 ok jsing@ tb@
2022-11-10Add regress coverage for Ed25519 and X25519 EVP interfaces.jsing2-2/+838
2022-11-10Implement EVP interfaces for Ed25519 and X25519.jsing8-7/+902
ok beck@ tb@
2022-11-10Remove obsolete function, struct, and macro namesschwarze1-5/+0
that tb@ removed from asn1.h on January 14: rev. 1.58: ASN1_CTX ASN1_const_CTX rev. 1.60: ASN1_OBJECT_FLAG_CRITICAL ASN1_OBJECT_FLAG_DYNAMIC rev. 1.60: ASN1_OBJECT_FLAG_DYNAMIC_DATA ASN1_OBJECT_FLAG_DYNAMIC_STRINGS rev. 1.61: NETSCAPE_X509 NETSCAPE_X509_free NETSCAPE_X509_new rev. 1.61: d2i_NETSCAPE_X509 i2d_NETSCAPE_X509
2022-11-10Map objects for ED25519 to Ed25519.jsing1-1/+7
OpenSSL used ED25519, even though the RFCs use Ed25519 - as such, we get to provide both. ok tb@
2022-11-10Continue migrating to one source file per line.joshua1-30/+121
ok jsing@ tb@
2022-11-10Provide digestsign/digestverify hooks for EVP_PKEY_METHOD.jsing4-4/+32
These are needed for EVP implementations of Ed25519 and X25519. ok beck@ tb@
2022-11-10Continue migrating to one source file per line.joshua1-37/+163
ok jsing@ tb@
2022-11-10Port EVP raw key API from OpenSSL.jsing4-5/+116
This will be needed to deal with Curve25519 based keys. ok beck@ tb@
2022-11-10Port ASN1_buf_print() from OpenSSL 1.1.jsing2-2/+34
This is needed to print byte array based keys, such as Ed25519 and X25519. ok beck@ tb@
2022-11-10Continue migrating to one source file per line.joshua1-26/+110
ok jsing@ tb@
2022-11-10Use /tmp as opposed of /var/tmp as the default directory for temporaryanton1-2/+2
files.
2022-11-10Fix a few more leaks in *_print() functions.tobhe2-14/+28
ok jsing@
2022-11-10Move bn_prime.h to the public domain.tb1-57/+4
It's entirely trivial. ok beck
2022-11-09Start migrating to one source file per line.joshua1-18/+83
ok jsing@ tb@
2022-11-09Remove prime_t remnant and link bn_primes test staticallytb2-3/+4
2022-11-09Sync CBS_strdup() documentation update from libcrypto.jsing1-6/+4
2022-11-09Move table in bn_primes.h to a .c file and get rid of prime_ttb5-335/+292
This way we deduplicate two inclusions of the same big table and eliminate lots of stupid casts. input and ok many
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-30 12:03:39 +0000