summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/asn1 (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* A few fixes/improvements:miod2014-07-121-20/+19
| | | | | | | | | | | | | | | | - first, BN_free == BN_clear_free in our libcrypto, so we do not need to treat CBIGNUM (crypto BN) separately from BIGNUM (regular BN). - then, in bn_i2c(), since BN_bn2bin returns BN_num_bytes(input), take advantage of this to avoid calling BN_num_bytes() a second time. BN_num_bytes() is cheap, but this not a reason to perform redundant work. - finally, in bn_c2i, if bn_new() fails, return early. Otherwise BN_bin2bn will try to create a BN too, and although this will probably fail since we were already out of memory, if we are on a threaded process and suddenly the allocation succeeds, we will leak it since it will never be stored in *pval. ok jsing@
* Make sure the return value of X509_NAME_oneline(, NULL,) is checked againstmiod2014-07-122-5/+13
| | | | | NULL. ok deraadt@ guenther@ jsing@
* if (x) FOO_free(x) -> FOO_free(x).miod2014-07-125-25/+15
| | | | | | | Improves readability, keeps the code smaller so that it is warmer in your cache. review & ok deraadt@
* typosmiod2014-07-121-2/+2
|
* In ASN1_get_object(), reject primitive encodings using the indefinite lengthmiod2014-07-111-1/+4
| | | | constructed form. OpenSSL PR #2438 via OpenSSL trunk
* In asn1_get_length(), tolerate leading zeroes in BER encoding.miod2014-07-111-5/+8
| | | | OpenSSL PR #2746 via OpenSSL trunk
* Tolerate critical AKID in CRLs; OpenSSL PR #3014 via OpenSSL trunk, andmiod2014-07-111-7/+8
| | | | also update the comments to reflect what the code now does.
* More memory leaks and unchecked allocations; OpenSSL PR #3403 via OpenSSLmiod2014-07-114-7/+19
| | | | trunk. (note we had already fixed some of the issues in that PR independently)
* Only import cryptlib.h in the four source files that actually need it.jsing2014-07-1165-209/+234
| | | | | | | | Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
* Explicitly include <openssl/opensslconf.h> in every file that referencesjsing2014-07-1012-12/+46
| | | | | | | | | an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included. This also includes some miscellaneous sorting/tidying of headers.
* Use size_t as realloc() size argument whenever possible. ok tedu@miod2014-07-102-6/+8
|
* Inline the only use of the HEX_SIZE macro and nuke both DECIMAL_SIZE andjsing2014-07-101-2/+2
| | | | | | HEX_SIZE. ok beck@ miod@
* Stop including standard headers via cryptlib.h - pull in the headers thatjsing2014-07-1024-32/+80
| | | | | | are needed in the source files that actually require them. ok beck@ miod@
* make asn1 free safe to call with null pointers of any type.tedu2014-07-101-4/+3
| | | | ok jsing miod
* delete some casts. ok miodtedu2014-07-104-14/+14
|
* ASN1_STRING_free can handle NULL, so callers don't need to check. ok miodtedu2014-07-092-10/+7
|
* remove unused, private version strings except SSL_version_strbcook2014-07-091-2/+1
| | | | | | Also remove unused des_ver.h, which exports some of these strings, but is not installed. ok miod@ tedu@
* Remove M_ASN1_New* macros which are only used in X509_PKEY_new() are obfuscatemiod2014-06-272-22/+16
| | | | | | it to hide memory leaks in the error paths, and fix aforementioned memory leaks. ok jsing@ logan@ deraadt@
* Unifdef -UNO_SYS_TYPES_Hmiod2014-06-243-12/+6
|
* Remove previously commented out wrong code, as well as the comment saying thismiod2014-06-241-3/+1
| | | | is incorrect code.
* nuke unused test programs; ok jsingderaadt2014-06-222-46/+2
|
* tags as requested by miod and teduderaadt2014-06-1282-80/+82
|
* do not include dso.h where it is not needed; ok miodderaadt2014-06-091-1/+0
|
* malloc() result does not need a cast.deraadt2014-06-071-1/+1
| | | | ok miod
* There is no need for is{upper,lower}() tests before to{lower,uppper}(),deraadt2014-06-011-23/+6
| | | | | since all other characters are mapped through transparently. ok jsing
* Change the actual default for returned asn1 strings to be utf8 in the code,beck2014-05-311-1/+1
| | | | | | | rather than only in the config file, to trip people up later. Found, and fix pleaded for by <spider@skuggor.se> who apparently spent hours chasing it down. ok miod@
* Add a comment documenting where libssl depends upon the current (objectionable)miod2014-05-311-0/+1
| | | | behaviour of this code, to prevent people from blindly changing it.
* more: no need for null check before freederaadt2014-05-3012-46/+23
| | | | ok tedu guenther
* remove CONST_STRICT. ok beck deraadttedu2014-05-301-2/+0
|
* no need for null check before free. from Brendan MacDonelltedu2014-05-309-28/+14
|
* convert 53 malloc(a*b) to reallocarray(NULL, a, b). that is 53deraadt2014-05-292-2/+2
| | | | | | | | | potential integer overflows easily changed into an allocation return of NULL, with errno nicely set if need be. checks for an allocations returning NULL are commonplace, or if the object is dereferenced (quite normal) will result in a nice fault which can be detected & repaired properly. ok tedu
* Everything sane has stdio, and FILE *. we don't need ifdefs for this.beck2014-05-297-20/+0
| | | | ok to firebomb from tedu@
* remove unused shit. from Alexander Schrijvertedu2014-05-252-4/+2
|
* We have shared global variables - unifdef OPENSSL_EXPORT_VAR_AS_FUNCTION.jsing2014-05-242-69/+0
| | | | ok miod@ beck@
* Almost nothing actually needs to include <openssl/e_os2.h>, however byjsing2014-05-242-2/+6
| | | | | | | including it they get <openssl/opensslconf.h>. So instead of pulling in <openssl/e_os2.h>, just pull in <openssl/opensslconf.h>. "go ahead" miod@
* Expand OPENSSL_{GLOBAL,EXTERN} macros that I missed last time around,jsing2014-05-242-2/+2
| | | | | | since they are hiding in the #define forest. ok miod@
* if (x) free(x) -> free(x); semantic patch generated with coccinelle, carefullymiod2014-05-222-6/+3
| | | | eyeballed before applying. Contributed by Cyril Roelandt on tech@
* KNF.jsing2014-05-223-171/+154
|
* No uses of UTF8_{getc,putc}() in ports, so remove them from the public header.guenther2014-05-222-9/+8
| | | | ok miod@
* Bring UTF8_{getc,putc} up-to-date: it's been a decade since 5- and 6-byteguenther2014-05-204-93/+88
| | | | | | | | encodings and encoding of surrogate pair code points were banned. Add checks for those, both to those functions and to the code decoding the BMP and UNIV encodings. ok miod@
* If you need to allocate `a + b' bytes of memory, then don't allocate `a + b*2',miod2014-05-183-6/+6
| | | | | | this is confusing and unnecessary. Help (coz I got confused) and ok guenther@ beck@
* Make sure UTF8_getc() is invoked with the proper buffer size.miod2014-05-181-2/+2
| | | | ok beck@ guenther@
* Fix memory leaks upon failure.miod2014-05-152-27/+39
| | | | ok beck@
* Replace ASN1_GENERALIZEDTIME_adj(), ASN1_UTCTIME_adj() andmiod2014-05-153-25/+73
| | | | | | | ASN1_TIME_to_generalizedtime() with wrappers around their former implementations, making sure memory allocated is freed in all failure cases. help and ok from beck@ and Brendan MacDonell.
* Bring back ASN1_seq_pack(), ASN1_seq_unpack(), ASN1_pack_string() andmiod2014-05-122-0/+108
| | | | | | | | ASN1_unpack_string() from the NO_ASN1_OLD purge; turns out that some Ruby extensions still use them, unfortunately, so we need to give them some more time to catch up on ``recent'' interfaces. Riding on the libcrypto major bump.
* i give up. reuse problem is unfixable. dlg says puppet crashes.tedu2014-05-041-8/+4
|
* Use C99 initializers for the various FOO_METHOD structs. More readable, andmiod2014-04-272-15/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | avoid unreadable/unmaintainable constructs like that: const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = { EVP_PKEY_CMAC, EVP_PKEY_CMAC, 0, "CMAC", "OpenSSL CMAC method", 0,0,0,0, 0,0,0, cmac_size, 0, 0,0,0,0,0,0,0, cmac_key_free, 0, 0,0 }; ok matthew@ deraadt@
* static const char * = "" -> static const char[] = "", to produce shorter code.miod2014-04-273-3/+3
| | | | No functional change.
* Unifdef -U OPENSSL_BUILD_SHLIBCRYPTO, since all it causes under Unix is tomiod2014-04-272-10/+0
| | | | redefine OPENSSL_EXTERN from `extern' to `extern'.
* Replace all use of ERR_add_error_data with ERR_asprintf_error_data.beck2014-04-265-21/+12
| | | | | | | | This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-28 01:12:16 +0000