summaryrefslogtreecommitdiff
path: root/src/lib/libc/string/wcsdup.c (unfollow)
Commit message (Collapse)AuthorFilesLines
2023-12-29fix previous: key -> parametertb1-2/+2
2023-12-29A .Xr to DSA_generate_parameters_ex() was lost accidentallytb1-1/+2
2023-12-29Move DSA_generate_parameters.3 to DSA_generate_parameters_ex.3tb2-3/+3
2023-12-29Adjust documentation for upcoming DSA_generate_parameters removaltb5-70/+17
This removes any mention of DSA_generate_parameters in the manuals apart from a comment that it is intentionally undocumented and adapts cross references to DSA_generate_parameters_ex. The file itself will be moved in a second step.
2023-12-29ameth_lib: zap trailing empty linetb1-2/+1
2023-12-29eckey: adjust some variable names and unwrap function definitionstb1-11/+8
ok jsing
2023-12-29Clean up old_ec_priv_decode()tb1-10/+17
As per usual. Stylistic adjustments and missing error check. ok jsing
2023-12-29Clean up eckey_param_decode()tb1-9/+16
This aligns eckey's parameter decoding routine with the one of other cipher abstractions: better variable names, single exit and add missing check for EVP_PKEY_assign_EC_KEY(). ok jsing
2023-12-29Rework eckey_priv_decode()tb1-49/+53
Factor out the pubkey computation and bring it into more sensible form. This removes lots of pointless setting of errors (twice) and makes the code a bit easier on the eyes. Other than that perform some stylistic cleanup like single exit and add an error check for EVP_PKEY_assign(). ok jsing
2023-12-29Move a call to X509_ALGOR_get0() down a linetb1-2/+2
2023-12-29Neuter the SSL_set_debug(3) APItb4-21/+5
The TLSv1.3 stack didn't support this in the first place, and in the legacy stack it only added some dubious BIO_flush(3) calls. The sleep call between SSL_read(3) and SSL_write(3) advertised in the comment next to the flag has been a sleep call in the s_server since time immemorial, nota bene between calls to BIO_gets(3). Anyway. This can all go and what remains will go with the next major bump. ok jsing
2023-12-29Garbage collect the last users of SSL_set_debug(3)tb2-5/+2
This undocumented, incomplete public function has never done anything useful. It will be removed from libssl. Removing it from openssl(1) clears the way for this. ok jsing
2023-12-29s_client: pause hasn't worked in ages. Just ignore ittb2-13/+5
ok jsing
2023-12-29Move the EVP_PKEY_asn1_* API that will stay to evp/p_lib.ctb5-212/+260
Most of these functions are only called from this file internally apart from the pem_str lookups from pem/. In the next major bump we can then remove asn/ameth_lib.c. Also move EVP_PKEY_ASN1_METHOD to evp_local.h. While this is used to dispatch to various ASN.1 decoding routines, it doesn't fit into asn1/ at all.
2023-12-29Zap some whitespacetb1-2/+2
2023-12-29Replace outdated comment on EVP_PKEY_asn1_find() with a todo itemtb1-5/+5
2023-12-29Move EVP_PKEY_asn1_add* to the end of the filetb1-15/+20
Also add a reminder to remove most of the public API in this file.
2023-12-29Move the EVP_MD block size accessor downtb1-7/+11
This way all the EVP_MD accessors are in the order of the struct fields. Well, arguably the EVP_MD_meth* should come first, but they are scheduled to go meet the dodo.
2023-12-29Move the EVP_MD_CTX flag accessors up a bittb1-19/+19
This way the accessors are sorted the same way as the struct.
2023-12-29Hoist EVP_MD_CTX accessors to after EVP_MD_CTX_ctrltb1-63/+62
This way the file has EVP_Digest*, then EVP_MD_CTX new/free/clean, then ctrl then the EVP_MD_CTX accessors, then the EVP_MD accessors and finally the EVP_MD_meth stuff and the order of things starts making a wee bit of sense.
2023-12-29Move init/reset next to cleanuptb1-13/+13
This way new/free aka create/destroy are next to each other. reset/cleanup are the same thing and init will join the club after some other fixing because two APIs that do the exact same thing aren't enough.
2023-12-29Move the copy/copy_ex stuff down below the new/free/clear messtb1-63/+64
2023-12-29Merge the EVP_CIPHER_meth_* API into evp_cipher.ctb3-188/+176
2023-12-29Merge the remainder of evp_lib.c into evp_cipher.ctb3-367/+299
2023-12-29Move the middle part of evp_lib.c to evp_digest.ctb2-205/+205
These are ~200 lines of EVP_MD API that separated two parts of the file dedicated to EVP_CIPHER thingies.
2023-12-29Use more consistent naming for some files in evptb4-7/+7
EVP_Digest{Init,Update,Final}() move from digest.c to evp_digest.c which will become the home of all things related to EVP_MD{,_CTX} handling. EVP_Cipher{Init,Update,Final}() move from evp_enc.c to evp_cipher.c which will become the home of all things related to EVP_CIPHER{,_CTX} handling. EVP_Encode{Init,Update,Final}() move from encode.c to evp_encode.c which already is the home of EVP_ENCODE_CTX_{new,free}(). discussed with jsing
2023-12-29Use a void pointer rather than char for method_datatb2-9/+7
This way we don't need to cast from BY_DIR * to char * and back in its only consumer, the lovely by_dir.
2023-12-29Remove the unused init flag of X509_LOOKUPtb1-2/+1
2023-12-28Clean up pkey_ec_paramgen()tb1-10/+17
This is basically the same as the dh and dsa version, except it's different because it's EC. Single exit, uniform error checking. "Plug" another leak. With this I earned another shining turd for my collection. ok jsing
2023-12-28Rework pkey_das_paramgen()tb1-16/+21
Another copy-paste-then-tweak-and-diverge version of the same old thing. Fix it the same way as pkey_rsa_paramgen() and pkey_dh_paramgen(). The callbacks are initialized at the top and the weird error checking is turned into something much simpler. ok jsing
2023-12-28Rework pkey_dh_paramgen()tb1-16/+19
Similar to pkey_rsa_paramgen() this function does some strange dances with the pkey_gencb and initialization plus missing error checks. Fix all that and use the idiom established in previous commits. ok jsing
2023-12-28Fix pkey_ec_keygen()tb1-13/+20
The EC code came later, and people got better at writing terrible code. In this case, they could remain quite close to what they copy-pasted from DH, so it was relatively straightforward (for once). There's only one slight extra twist and that's easily dealt with. ok jsing
2023-12-28Rework pkey_dsa_keygen()tb1-9/+18
Very similar to pkey_dh_keygen(): single exit and hold on to an extra reference by calling EVP_PKEY_set1_DSA() instead of assigning the DSA to the pkey. "Fixes" another leak that Coverity missed. ok jsing
2023-12-28Rework pkey_dh_keygen()tb1-9/+19
Single exit, fix error checking and hold on to the DH by keeping a reference. In other words, switch from EVP_PKEY_assign() to using EVP_PKEY_set1_DH() and free unconditionally in the error path. ok jsing
2023-12-28Rework and fix pkey_hmac_keygen()tb1-8/+15
The usual: single exit, error check all functions even if they can't actually fail. This one was flagged again. ok jsing CID 471706 (false positive)
2023-12-28Rework pkey_rsa_keygen()tb1-17/+21
As usual, make the function single exit. Initialize the pkey callback pointer and the BN_GENCB on the stack at the top rather than relying on the weird trans_cb() in evp_pkey_set_cb_translate() to do so. Greatly simplify the control flow and add missing error checks. ok jsing
2023-12-28Rework rsa_priv_decode()tb1-14/+17
Turn the function into single exit and error check EVP_PKEY_assign() for style. ok jsing
2023-12-28Clean up old_rsa_priv_decode()tb1-4/+13
Again change this function into the single exit idiom, and error check EVP_PKEY_assign(). ok jsing
2023-12-28Clean up and fix pkey_cmac_keygen()tb1-11/+16
A void pointer can be passed without any cast or assigning it to an intermediate variable. That's one of hte puzzling things in old OpenSSL code: there are plenty of unnecessary casts and assignments of void pointers. Make use of this fact and rework the function to be single exit, error check consistently, including the EVP_PKEY_assign() call that can't really fail and free the cmkey on exit. Why coverity didn't flag this one is another mystery. ok jsing
2023-12-28Replace EVP_KEY_assign_GOST() calls with EVP_PKEY_set_type()tb1-3/+7
Calling EVP_KEY_assign_GOST(pkey, NULL) has the same effect as calling EVP_PKEY_set_type(pkey, EVP_PKEY_GOSTR01). The only difference is that the latter form allows for error checking while the former won't let you do that. Add comments explaining what we're actually doing: freeing and zeroing the pkey->pkey union. ok jsing
2023-12-28Fix another EVP_PKEY_assign_GOST() calltb1-2/+4
Again this can't actually fail, but if it did, things would leak. Call GOST_KEY_free() in the error path. ok jsing CID 471706 (false positive)
2023-12-28Clean up pkey_gost_mac_keygen()tb1-8/+15
Make this function single exit, check and assign and finally error check EVP_PKEY_assign(). This can't actually fail currently, but if it did, things would leak. Free the key data with freezero. ok jsing CID 471704 (false positive)
2023-12-27Add initial regress for CRYPTO_EX_DATA.jsing3-1/+237
2023-12-27Remove engine regress.jsing3-264/+1
Engines are no longer a thing. Discussed with tb@
2023-12-27X509_LOOKUP_shutdown() became a noop.tb1-2/+1
That we are still calling this (NB without error check because heritage), made coverity unhappy. CID 471705
2023-12-26Rename some argument placeholders to be less cryptic,schwarze2-55/+58
in particular s/inl/in_len/ and s/outl/out_len/ as suggested by tb@. While here, also get rid of the "outm" placeholder that has been around since the file was added to OpenSSL in 2000, replacing it with the usual "out" in the four function prototypes affected; tb@ and myself suspect it was simply a typo followed by copy and paste. Slightly improve variable naming in the examples, too, for clarity and consistency, even though that doesn't turn the examples into good examples. OK tb@
2023-12-26Close some major gaps in the documentation of EVP_Cipher(3),schwarze1-10/+65
and describe EVP_CIPHER_CTX_init(3) in a less misleading way. Joint work with and OK tb@.
2023-12-26EVP_CipherInit(): remove cleanup calltb1-3/+1
There is a bizarre EVP_CIPHER_CTX_cleanup() call in EVP_CipherInit() leading to a subtle behavior difference with EVP_CipherInit_ex(). The history is that before EVP_CIPHER_CTX was made opaque, a context would often live on the stack (hello, MariaDB) and the EVP_CIPHER_CTX_cleanup() call was in fact an EVP_CIPHER_CTX_init() which just zeroes out the struct. The problem with doing this is that on context reuse there could be data hanging off it, causing leaks. Attempts were made to clean up things in EVP_CipherFinal*(), but that broke applications reaching into the context afterward, so they were removed again. Later on, opacity allowed changing the _init() to a _cleanup() since EVP_CIPHER_CTX could no longer live on the stack, so it would no longer contain garbage. I have to correct myself: it would no longer contain stack garbage. Now: EVP_CipherInit_ex() does some extra dances to preserve the AES key wrap flag, which is cleared unconditionally in EVP_CipherInit(). That's annoying to document and very likely never going to be an issue in the wild: you'd need to do key wrap and then use the same context for use with a cipher that does not allow key wrap for this to make a difference. This way, all our EVP_{Cipher,Decrypt,Encrypt}*_ex() functions are now trivially wrapped by their non-_ex() versions. ok jsing
2023-12-26EVP_CipherInit_ex() merge two code pathstb1-9/+4
Clean up the cipher context unconditionally if the cipher is being set. This allows doing the dance to retain the key wrap flag only once and makes it more obvious that allocating the cipher data doesn't leak. suggested by/ok jsing
2023-12-25Move EVP_PKEY_assign() a bit up and tweak it slightlytb1-10/+10
ok jsing