| Commit message (Collapse) | Author | Files | Lines |
|---|
|
any changes not taken noted on tech, but chiefly here i did not take the
cancelation - cancellation changes;
|
|
ok tb
|
|
This is an obvious omission from the OpenSSL 1.1 and OpenSSL 3 API which
does not provide a way to access the tbs sigalg of a CRL. This is needed
in security/pivy.
From Alex Wilson
ok jsing
|
|
one wouldn't have triggered a spell checker though)
|
|
ok tb
|
|
i removed the arithmetics -> arithmetic changes, as i felt they
were not clearly correct
ok tb
|
|
|
|
Requested some time ago by tb@.
According to OpenSSL git history, the original version of this code
appeared in SSLeay 0.9.1b (July 6, 1998). The LICENSE file in that
release states that the Copyright of SSLeay belongs to Eric Young,
and we believe that Eric still maintained SSLeay himself at that time.
We have seen a small number of examples where Eric credited outside
contributors for code that he included in his distribution, including
citing Copyright notices and license headers as appropriate. We
found no such hints regarding this code, so it is reasonable to
assume that he wrote this code himself.
Regarding subsequent changes and additions, i inspected the OpenSSL
git repository.
No code change; only Copyright and license comments are added.
|
|
Some code roams the wild still calling them.
|
|
Contrary to what bio.h says, it does not *not* retrieve some "IO type",
whatever that is supposed to be, but it is a NOOP, and nothing uses it.
Despite its name, it is unrelated to BIO_f_buffer(3), and please
be careful to not confuse it with BIO_get_buffer_num_lines(3).
|
|
It exposes absurd functionality, and according to codesearch.debian.net,
it is unused except in openssl(1) s_client/s_server -nbio_test.
|
|
feedback and OK tb@
|
|
The only real difference between BN_cmp() and BN_ucmp() is that one has
to respect the sign of the BN (although BN_cmp() also gets to deal with
some insanity from accepting NULLs). Rewrite/cleanup BN_ucmp() and turn
BN_cmp() into code that handles differences in sign, before calling
BN_ucmp().
ok tb@
|
|
Also be more consistent with variable naming.
ok tb@
|
|
ok tb@
|
|
ok tb@
|
|
Remove a comment that tells you not to call a function that internally
calls free, with a stack allocated pointer...
ok tb@
|
|
Nothing can be actually using these as the symbols are not exported from
libcrypto... hopefully ui_compat.h can also go away entirely.
ok tb@
|
|
|
|
This prevents realloc from unnecessarily impacting the lshift benchmarks.
|
|
|
|
OK tb@
|
|
A few programs used the plural in their synopsis which doesn't read as
clear as the obvious triple-dot notation.
mdoc(7) .Ar defaults to "file ..." if no arguments are given and consistent
use of 'arg ...' matches that behaviour.
Cleanup a few markups of the same argument so the text keeps reading
naturally; omit unhelpful parts like 'if optional arguments are given,
they are passed along' for tools like time(1) and timeout(1) that obviously
execute commands with whatever arguments where given -- just like doas(1)
which doesn't mention arguments in its DESCRIPTION in the first place.
For expr(1) the difference between 'expressions' and 'expression ...' is
crucial, as arguments must be passed as individual words.
Feedback millert jmc schwarze deraadt
OK jmc
|
|
Ben Laurie invented the system logging BIO in 1999 and yet,
nothing whatsoever uses it according to codesearch.debian.net.
Besides, it is poorly designed and a crypto library is absolutely
not the place for putting a clumsy system logging facility.
Not everything needs to be a BIO!
|
|
as intentionally undocumented.
Bodo Moeller invented this "non-copying I/O" API in 1999, but according
to codesearch.debian.net, it is still completely unused by anything.
On top of that, it appears to be inflexible in so far as it only
supports BIO pairs and no other BIO types and fragile in so far as
it exposes pointers to internal storage and runs contrary to expectations
of how BIO objects are supposed to work.
|
|
It appears Richard Levitte succumbed to everything-needs-a-callback-paranoia
in 2004, but nobody is going to be surprised that nothing whatsoever wants
to use this particular callback, according to codesearch.debian.net.
|
|
|
|
Don't test waitid(WUNTRACED) as that's not portable and only 'works' due
to an implementation decision
|
|
|
|
|
|
BIO_set_retry_special(3), BIO_clear_retry_flags(3), BIO_get_retry_flags(3),
and the BIO_FLAGS_* constants
|
|
|
|
|
|
from Richard Levitte via OpenSSL commit 0e474b8b in the 1.1.1 branch,
which is still under a freee license
|
|
|
|
In udp mode, nc would always print that the connected succeeded
independently of whether that was actually the case. Don't do that.
idea/ok mpf
|
|
The connection test writes four X to the socket, which corrupts data
that we may want to pipe into nc. So don't do that if stdin is not a
tty but still do it in scan mode, this is needed according to chris.
based on a diff by and ok mpf
|
|
ok mpf as part of a larger diff
|
|
Avoids repeated use of ternary operator on globals.
|
|
This simply moves a chunk of code in this spaghetti mess into its own
function with minimal changes.
idea from a diff by mpf
|
|
|
|
|
|
|
|
|
|
jsing doesn't like it, but it's better than nothing.
ok jsing
|
|
and BIO_get_flags(3).
|
|
|
|
xmlsec needs this, nothing else. Our linkers link libxmlsec1-openssl,
only warns and since nothing uses this library in ports, this wasn't
noticed for a long time.
Reported by Thomas Mitterfellner
ok jsing
|
|
Provide regress coverage for BN_lshift1(), BN_rshift1(), BN_lshift() and
BN_rshift(), along with basic benchmarking functionality (run via
'make benchmark').
|
|
A SSL_set_security_level() call was added to the cipher list regress, which
expects a failure - however, it should succeed and fails for a completely
unrelated reason. Rework this regress so that it actually passes and tests
for the expected behaviour.
|
