summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/crypto/getentropy_netbsd.c (unfollow)
Commit message (Collapse)AuthorFilesLines
2015-10-07Allow us to get cipher and version even if there is not a peer certificate.beck2-15/+21
ok doug@
2015-10-07include <sys/time.h> for gettimeofday(2)bcook2-2/+4
2015-10-07tame "stdio inet rpath cpath wpath proc" seems to be sufficient forderaadt1-1/+7
all the wading in here. "proc" is for the speed command, which fork()'s. ok doug
2015-10-06prefer limits.h over sys/limits.hbcook2-6/+6
ok deraadt@
2015-10-06these do not use ioctl.hderaadt2-4/+2
2015-10-05Make sure dot is not set after tz - fixes incorrect handling, which allowsjsing2-4/+4
20151005171301+1.09Z to be treated as a valid time. ok beck@
2015-10-05Wrap <resolv.h> so that internal calls go directguenther3-5/+11
ok millert@
2015-10-04Apply some style(9), tweak a few things for readability and add somejsing2-72/+80
additional bounds checks. ok beck@
2015-10-04wrap __ivaliduser_sa() so the internal call is direct (at least until weguenther1-0/+2
stop exporting it)
2015-10-04recv() and send() aren't overriden by libpthread (vs recvfrom() and sendto()!)guenther2-2/+4
so wrap them to make internal calls go direct
2015-10-03SSL_new(): fix ref counting and memory leak in error path.doug2-16/+6
Rather than a half-hearted attempt to free up resources and fix ref counting at the SSL_CTX level, let SSL_free() do its job. This diff got lost in the shuffle somewhere. It's from last year. Ref counting error reported by Parakleta in github ticket #51. Thanks! ok jsing@, beck@
2015-10-03BIO_get_fd() could return fd 0; fix error condition. Found atderaadt1-2/+2
http://marc.info/?l=openssl-dev&m=144374015404899&w=2 ok doug
2015-10-02avoid sys/param.h, by using PATH_MAXderaadt1-1/+1
2015-10-02Add another invalid time, which is currently accepted.jsing1-1/+4
2015-10-02Flense the greasy black guts of unreadble string parsing code out of three areasbeck15-543/+666
in asn1 and x509 code, all dealing with an ASN1_TIME. This brings the parsing together in one function that converts into a struct tm. While we are at it this also brings us into conformance with RFC 5280 for times allowed in an X509 cert, as OpenSSL is very liberal with what it allows. input and fixes from deraadt@ jsing@ guethther@ and others. ok krw@, guenther@, jsing@
2015-10-02s/ssl3_client_kex/ssl3_send_client_kex/ for consistency with the caller.jsing2-18/+22
2015-10-01include <sys/types.h> for ssize_tbcook1-1/+3
ok jsing@, deraadt@
2015-10-01Another s/M_ASN1_INTEGER_free/ASN1_INTEGER_free/.jsing1-2/+2
Found the hard way by Mark Patruck.
2015-10-01Eliminate the last of the LINTEDn and PRINTFLIKEn comments. In oneguenther6-15/+7
case, by deleting some useless '& of an array' we also eliminate the need for the casts which prompted the original lint warnings ok deraadt@
2015-09-30Place all of the ASN1 M_ macros under #ifndef LIBRESSL_INTERNAL.jsing2-60/+74
2015-09-30Expand M_i2d_ASN1_OCTET_STRING macros - no change in generated assembly,jsing2-6/+10
aside from line numbers.
2015-09-30s/M_ASN1_ENUMERATED_free/ASN1_ENUMERATED_free/jsing2-4/+4
2015-09-30Replace M_ASN1_ENUMERATED_(free|new) with ASN1_ENUMERATED_(free|new).jsing2-6/+6
2015-09-30Replace M_ASN1_OCTET_STRING_(free|new) with ASN1_OCTET_STRING_(free|new).jsing30-98/+98
2015-09-30Replace M_ASN1_UTCTIME_(new|free) with ASN1_UTCTIME_(new|free).jsing2-6/+6
2015-09-30Replace M_ASN1_IA5STRING_(new|free) with ASN1_IA5STRING_(new|free). Samejsing6-18/+18
with one s/M_ASN1_VISIBLESTRING_new/ASN1_VISIBLESTRING_new/.
2015-09-30Replace M_ASN1_GENERALIZEDTIME_(new|free) withjsing6-14/+14
ASN1_GENERALIZEDTIME_(new|free).
2015-09-30s/M_ASN1_TIME_free/ASN1_TIME_free/jsing4-14/+14
2015-09-30Replace M_ASN1_INTEGER_(new|free) with ASN1_INTEGER_(new|free) - this isjsing24-82/+82
different from the macro expansion, but the result is the same. Also replace some ASN1_STRING_dup() with ASN1_INTEGER_dup(). ok beck@ doug@
2015-09-30Remove unnecessary type assignments - M_ASN1_INTEGER_new() already setsjsing2-6/+2
the type to V_ASN1_INTEGER. ok doug@
2015-09-30fix two typos.sobrado1-2/+2
2015-09-30Fix a bug in the regress, and be much more pedantic about what is allowedbeck1-22/+46
per RFC 5380 in an X509. RFC 5280 states that all times before 2050 must be specified as a UTCtime, not a Generalized time, and all times after must be a UTC time. By extension this also means the smallest time allowed per RFC 5280 is 500101000000Z and the largest is 99991231235959Z..
2015-09-30Remove support for NO_ASN1_TYPEDEFS.doug2-42/+2
This ifdef was introduced 15 years ago and was known to cause problems with STACK_OF() back then. ok jsing@, beck@, jca@
2015-09-29convert "last_time" to a time_t, to handle beyond Y2038deraadt2-14/+14
ok guenther miod
2015-09-29Replace remaining M_ASN1_BIT_STRING_(new|free) macros with calls tojsing6-18/+18
ASN1_BIT_STRING_(new|free). ok beck@ doug@
2015-09-29Instead of declaring a union in multiple places, move it to tls_internal.h.jsing3-15/+14
ok deraadt@
2015-09-29clean some ugly intendation wartsderaadt5-12/+21
2015-09-29Add an rfc5280 test suite to test x509_cmp_time.beck2-2/+362
Note some of these will yet fail with the current libcrypto as the current X509_cmp_time is not RFC5280 compliant ok jsing@
2015-09-29Fix sha2 regression test for libcrypto.doug1-2/+2
By default, "openssl sha" used SHA-0. However, it was possible to use the form "openssl sha -sha256" to run SHA-256 instead. The regression test used this form. Since we removed SHA-0 support, the regress tests should now call "openssl <digest>". ok guenther@, bcook@
2015-09-28remove excessive brackets on pointer mathderaadt2-16/+16
2015-09-28Explicit NULL checks and style(9) tweaks.jsing1-7/+7
2015-09-27Redo 1.25, without the NULL deref.miod2-44/+62
ok sthen@ bcook@
2015-09-27check if openssl(1) actually works before proceedingbcook1-0/+2
It was possible for this test to pass even if the openssl command itself was missing.
2015-09-27bump to 2.3.1bcook2-6/+6
2015-09-26Use ASN1_item_dup() instead of ASN1_dup().jsing4-14/+10
ok bcook@
2015-09-26lint is dead: delete useless LINTLIBRARY commentsguenther2-4/+2
ok millert@
2015-09-26We don't need no stinking "EXAMPLE OF THE DSA" or README (the credits arejsing4-252/+0
already in the code). ok beck@ miod@
2015-09-25Add DER encoding/decoding coverage for ASN.1 GENERALIZEDTIME and UTCTIME.jsing1-39/+158
2015-09-25Add initial regress tests for ASN.1 times.jsing3-1/+372
2015-09-25avoid trailing .Ns, reduce .Xo and .Sm, drop redundant .Bkschwarze1-12/+4