summaryrefslogtreecommitdiff
path: root/src/lib/libc/stdlib/recallocarray.c (unfollow)
Commit message (Collapse)AuthorFilesLines
2019-06-27Add more option tests to req, ts, x509 and verify in appstest.shinoguchi1-17/+42
2019-06-27check for asprintf failing allocationderaadt1-1/+4
2019-06-24Add more options test to ocsp in appstest.shinoguchi1-7/+30
2019-06-23Add more option test to dgst in appstest.shinoguchi1-4/+33
2019-06-22Add more option tests to ca in appstest.shinoguchi1-8/+21
2019-06-20tls_read() & tls_write() return 4 possible values: TLS_WANT_POLLOUT,deraadt1-4/+4
TLS_WANT_POLLIN, -1, or 0. After handling the first two, check for -1 rather than vaguely "< 0". ok jsing
2019-06-20sockatmark(3), recv(2), getsockopt(2), and connect(2) return specificallyderaadt1-4/+4
-1 to mark failure, not arbitrary values < 0. I believe manual pages should follow the described contract precisely and accurately.
2019-06-19Move variables into struct in openssl(1) genrsainoguchi1-25/+33
- Move local variables in genrsa_main() to struct genrsa_config - Leave long lines more than 80, still ok bcook@
2019-06-17Make BN_num_bits_word() constant time.tb1-48/+18
Previously, this function would leak the most significant word of its argument due to branching and memory access pattern. This patch is enough to fix the use of BN_num_bits() on RSA prime factors in the library. The diff is a simplified and more readable (but perhaps less efficient) version of https://github.com/openssl/openssl/commit/972c87df by Andy Polyakov and David Benjamin (pre license change). Consult that commit message for details. Subsequent fixes to follow in the near future. Issue pointed out by David Schrammel and Samuel Weiser as part of a larger report. tests & ok inoguchi, ok jsing
2019-06-17Remove old realpath(3), and the userland-vs-kernel realpath verificationderaadt1-334/+44
code. We now user the simple userland wrapper on top of __realpath(2). The non-POSIX behaviour still remains, that is the next component to fix. From a diff by beck, but I managed to chainsaw it a bit further. Tested in snaps for a couple of days. ok beck
2019-06-15oops - missing .El in previous;jmc1-1/+2
2019-06-15realpath(3) doesn't use lstat(2), readlink(2), or getcwd(3) anymore,deraadt1-21/+39
it is a thin wrapper over the syscall __readlink(2). Improve the list of possible errors. ok millert beck jmc
2019-06-14Improve pages that briefly mentioned ERR - usually below SEE ALSO -schwarze20-124/+198
but failed to provide any real information. OK tb@ jmc@
2019-06-14Further improve the documentation of library initialization and configuration.schwarze9-94/+126
Among other improvements: * Use a uniform wording at the top of the DECSRIPTION for obsolete pages. * Better explain how to use a non-standard configuration file. * Remove obsolete functions from SEE ALSO. Triggered by some suggestions from tb@. Tweaks and OK tb@.
2019-06-13Add more options to pkcs12 and smime in appstest.shinoguchi1-10/+13
2019-06-12Set malloc_options in global scope with an initializer.bluhm2-10/+8
recommended by otto@
2019-06-12add missing backlinks to ssl(3)schwarze31-64/+100
2019-06-12List all 17 SSL pages that were missing.schwarze1-51/+89
Split some excessively long lists into useful sub-categories. Add a new, very short subsection "Obsolete functions" at the end. OK tb@ jmc@
2019-06-11Disable junking with malloc options. If set, the test hangs on lowbluhm1-2/+5
memory arm64 machines. found by patrick@; OK otto@
2019-06-10delete references to ERR pages from SEE ALSO where suchschwarze35-115/+79
references were already given below RETURN VALUES right above
2019-06-10Add pkcs12 options and smime tests for appstest.shinoguchi1-8/+40
- Add some options to pkcs12 test. - Add smime tests for encrypt, decrypt and pk7out.
2019-06-10add links back to crypto(3) to function group entry pagesschwarze22-45/+70
and to isolated obsolete pages; OK bcook@ jmc@
2019-06-08remove pointless NOTES section header linesschwarze9-27/+27
2019-06-08Delete the display of the RSA_METHOD objectschwarze1-70/+1
which is now supposed to be opaque. OK tb@ I checked that all the information contained in comments in the display is available from the appropriate places in RSA_meth_new(3) and RSA_set_flags(3). Note that the comments regarding "mod_exp", "init", and "finish" were half-misleading simplifications, anyway.
2019-06-08In rsa.h rev. 1.40, gilles@ provided several new RSA_METHOD accessors.schwarze5-46/+499
Update the documentation. OK tb@ jmc@
2019-06-08document the RSA_FLAG_* constants for RSA_*_flags(3);schwarze1-3/+76
OK tb@ jmc@
2019-06-07Remove the last references to the RAND_*(3) functions.schwarze12-47/+34
These references were misleading because these functions are no longer used internally and applications should not call them either. Issue brought up by tb@.
2019-06-07link to EVP_EncodeInit(3), which was the only missing child pageschwarze1-1/+6
2019-06-07link back to evp(3), just like for the other group entry pagesschwarze1-2/+3
2019-06-07Remove pointless direct backlinks from the leaf pages HMAC(3) andschwarze2-6/+4
PKCS5_PBKDF2_HMAC(3) to the top level page evp(3). The leaf pages still have backlinks to the group entry page EVP_DigestInit(3), which is enough. Redundancy and asymmetry pointed out by tb@.
2019-06-07remove cross-references to the obsolete function OpenSSL_add_all_algorithms(3)schwarze3-21/+7
2019-06-07tidy up the formatting of gendsa synopsis a little;jmc1-5/+3
2019-06-07Convert openssl(1) gendsa to the newer style of option handlinginoguchi2-84/+178
- Adapt openssl(1) gendsa command to new option handling. - Add lacking ciphers and passout description in openssl.1 manpage. - Describe paramfile as argument in openssl.1 manpage. ok bcook@
2019-06-06minor errors in previous commit pointed out by jmc@schwarze4-8/+8
2019-06-06Tree structure for manual pages: crypto(3) links to 33 functionschwarze117-281/+539
group pages, and these link on to all their second-level subpages. Only a handful of second-level pages have third-level subpages. So all crypto pages can now be reached from the www.libressl.org frontpage via at most four clicks, in most cases three clicks. Also link back from leaf pages to their respective group pages and add a couple of additional links between related pages. Triggered by a question from deraadt@. OK jmc@ tb@
2019-06-05provide getters and setters for the RSA_METHOD interfacegilles6-5/+246
ok tb@, jsing@, sthen@
2019-06-05Fix bogus cross reference: EVP_SignDigest* -> EVP_DigestSign*tb1-3/+3
2019-06-04OPENSSL_realloc(3) is no longer used, we now use reallocarray(3)schwarze1-3/+3
2019-06-04Readability tweak in a comment.tb1-2/+2
2019-06-04Remove the blinding later to avoid leaking information on the lengthtb1-3/+3
of ckinv. Pointed out and fix suggested by David Schrammel and Samuel Weiser ok jsing
2019-06-04Readability tweaks for comments that explain the blinding.tb1-5/+5
2019-06-04Remove the blinding later to avoid leaking information on the lengthtb1-3/+3
of kinv. Pointed out and fix suggested by David Schrammel and Samuel Weiser ok jsing
2019-06-04.In openssl/x509_vfy.hschwarze1-3/+4
for consistency with all the other X509_STORE_*(3) manual pages
2019-06-04Add several missing .In linesschwarze1-3/+13
and add a sentence pointing to the detailed description in RSA_get_ex_new_index(3), worded like in DH_get_ex_new_index(3).
2019-06-04Move to env var, likelky the possibility to set malloc options fromotto2-19/+8
main is going away.
2019-06-03add missing .In linesschwarze2-4/+6
2019-06-03add missing .In lineschwarze1-2/+3
2019-06-02Complete the ld.so boot cleanup: move most libc initialization fromguenther2-8/+5
_csu_finish() to _libc_preinit(), which is an .init_array function in shared libc (and mark it INITFIRST) or a .preinit_array function in static libc, grabbing the _dl_cb callback there from ld.so. Then in _csu_finish(), invoke the dl_clean_boot() callback to free ld.so's startup bits before main() gets control. Other cleanups this permits: - move various startup structures into .data.rel.ro - the dl* stubs in libc can be strong and call the callbacks provided via _dl_cb - no longer need to conditionalize dlctl() calls on presence of _DYNAMIC original concept and full diff ok kettenis@ ok deraadt@
2019-05-30__realpath(2) appears to have improved, so re-enable the code thatderaadt1-3/+136
checks userland-parsing vs kernel parsing, we are hoping to spot another bug..
2019-05-29Relax parsing of TLS key share extensions on the server.jsing1-5/+2
The RFC does not require X25519 and it also allows clients to send an empty key share when the want the server to select a group. The current behaviour results in handshake failures where the client supports TLS 1.3 and sends a TLS key share extension that does not contain X25519. Issue reported by Hubert Kario via github. ok tb@