| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
| |
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.
ok beck@ miod@
|
| |
|
|
|
|
|
|
|
| |
an OPENSSL_NO_* define. This avoids relying on something else pulling it
in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is
never going to do anything, since OPENSSL_NO_XYZ will never defined, due
to the fact that opensslconf.h has not been included.
This also includes some miscellaneous sorting/tidying of headers.
|
| |
|
|
|
|
| |
are needed in the source files that actually require them.
ok beck@ miod@
|
| |
|
|
|
| |
more friendly to systems where the underscore flavours may be defined as empty.
Found the hard way be bcook@; joint brainstrom with bcook beck and guenther
|
| |
|
|
|
|
| |
Also remove unused des_ver.h, which exports some of these strings, but is not installed.
ok miod@ tedu@
|
| |
|
|
|
|
| |
fields (i.e. the flags field) before using it. This is currently harmless,
but might not be if we end up invoking other BN functions checking for
constant-time processing requirement in the future.
|
| | |
|
| |
|
|
|
| |
noticed and fix by Fedor Indutny of Joyent
( https://github.com/joyent/node/issues/7704 )
|
| | |
|
| |
|
|
| |
ok miod
|
| |
|
|
|
| |
hackathon, just saying 'ass ember' was enough to start giggles.
Unfortunately far more offensive stuff remains in here...
|
| |
|
|
| |
from Brent Cook
|
| |
|
|
| |
ok tedu guenther
|
| |
|
|
| |
in the "size_t nmemb, size_t size"
|
| |
|
|
|
|
|
|
|
| |
potential integer overflows easily changed into an allocation return
of NULL, with errno nicely set if need be. checks for an allocations
returning NULL are commonplace, or if the object is dereferenced
(quite normal) will result in a nice fault which can be detected &
repaired properly.
ok tedu
|
| |
|
|
| |
ok to firebomb from tedu@
|
| | |
|
| |
|
|
|
|
|
| |
including it they get <openssl/opensslconf.h>. So instead of pulling in
<openssl/e_os2.h>, just pull in <openssl/opensslconf.h>.
"go ahead" miod@
|
| |
|
|
|
|
| |
through volatile pointers with explicit_bzero().
ok beck@ jsing@
|
| |
|
|
| |
eyeballed before applying. Contributed by Cyril Roelandt on tech@
|
| |
|
|
|
|
| |
that were not wrapped with #if PEDANTIC.
ok miod@
|
| | |
|
| | |
|
| |
|
|
| |
i've never worked on codebase so resistant to efforts to improve it.
|
| |
|
|
|
|
|
|
| |
much debugging work done by otto. ok miod otto.
side note: BN_FLG_STATIC_DATA doesn't actually mean the data is static.
it's also used to indicate the data may be secretly shared behind your back
as a sort of poor man's refcounting, but without the refcounting.
|
| | |
|
| |
|
|
|
|
| |
however, instead of trying to audit all the places where a secret bignum
is used, apply the big hammer and clear all bignums when freed.
ok deraadt miod
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
scripts. We certainly do not need an identical copy of the win64
exception handler in each script (surely one copy would be sufficient).
ok miod@
|
| |
|
|
|
|
|
|
| |
Also check for _LP64 rather than __arch64__ (the former being more reliable
than __LP64__ or __arch64__) to tell 64-bit int platforms apart from 32-bit
int platforms.
Loosely based upon a diff from Martijn van Duren on tech@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The intent of this change is to only keep support for two kind of architectures:
- those with 32-bit int and long, and 64-bit long long, where
``long * long -> long long'' multiplication routines are available.
- those with 64-bit int and long, and no 128-bit long long type.
This gets rid of the SIXTY_FOUR_BIT_LONG, SIXTY_FOUR_BIT (not the same!),
THIRTY_TWO_BIT, SIXTEEN_BIT and EIGHT_BIT defines.
After this change, the types and defines are as follows:
arch: 64bit 32bit rationale
BN_LLONG undefined defined defined if l * l -> ll
BN_ULLONG undefined u long long result of BN_LONG * BN_LONG
BN_ULONG u long u int native register size
BN_LONG long int the same, signed
BN_BITS 128 64 size of 2*BN_ULONG in bits
BN_BYTES 8 4 size of 2*BN_ULONG in bytes
BN_BITS2 64 32 BN_BITS / 2
Tested on various 32-bit and 64-bit OpenBSD systems of various endianness.
|
| | |
|
| |
|
|
| |
under __TANDEM systems and compilers, using hardcoded octal numbers. NOT.
|
| | |
|
| |
|
|
|
| |
lacking an explicit `case 0:' construct. But Ultrix has been dead for more than
15 years, really. Don't give it any reason to move out of its coffin.
|
| | |
|
| |
|
|
| |
for 20th century historians, and can be put in the Attic.
|
| |
|
|
|
|
| |
the contents below:
#!/usr/local/bin/perl
# x86 assember
|
| |
|
|
|
|
|
|
| |
multiplication or RSA blinding parameters doesn't permit retroactive
timing analysis of the secrets, we'll do the stupidly cheap thing and
cleanse them before freeing them.
ok deraadt@
|
| |
|
|
|
|
| |
truncation is either desirable, not an issue, or is detected and handled later
ok deraadt@
|
| |
|
|
|
|
|
| |
but rather figure out the endianness from <machine/endian.h> automagically;
help from guenther@
ok jca@ guenther@ beck@ and the rest of the `Buena SSL rampage club'
|
| | |
|
| | |
|
| | |
|
| | |
|
