| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
discussed with jsing
|
|
|
|
| |
Clean up the other includes while there.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
imodules are called imodules because they contain Information about
modules that have been Initialized. Which one of these two I it is
is anyone's best guess. Why anything outside of libcrypto would ever
possibly care will also remain a mystery.
Remove the old way of adding a conf module, user data, stop allowing
to set a method (it's opaque now, remember?) and drop a couple bits
more from the public api interface.
ok beck jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use C99 initializers for all structs (some were forgotten).
Make all the structs static, call them x509v3_ext_* matching NID_*.
Add accessors called x509v3_ext_method_* and use these to implement
X509V3_EXT_get_nid().
This adds consistency and avoids a few contortions like grouping
a few extensions in arrays to save a couple externs.
ok beck jsing
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These constitute the bulk of the remaining global mutable state in
libcrypto. This commit moves most of them into data.rel.ro, leaving
out ERR_str_{functs,libraries,reasons} (which require a slightly
different approach) and SYS_str_reasons which is populated on startup.
The main observation is that if ERR_load_strings() is called with a 0 lib
argument, the ERR_STRING_DATA argument is not actually modified. We could
use this fact to cast away const on the caller side and be done with it.
We can make this cleaner by adding a helper ERR_load_const_strings() which
explicitly avoids the assignment to str->error overriding the error code
already set in the table.
In order for this to work, we need to sprinkle some const in err/err.c.
CMS called ERR_load_strings() with non-0 lib argument, but this didn't
actually modify the error data since it ored in the value already stored
in the table.
Annoyingly, we need to cast const away once, namely in the call to
lh_insert() in int_err_set_item(). Fixing this would require changing
the public API and is going to be tricky since it requires that the
LHASH_DOALL_FN_* types adjust.
ok jsing
|
|
|
|
|
|
|
| |
This does not need tls1.h (upstream used TLSEXT constants we don't have)
nor does it need evp.h. But it does need asn1.h, objects.h for STACK_OF
and NID_*, among other things and it also uses uint64_t and allocates,
so it needs stdint.h and stdlib.h.
|
|
|
|
| |
ok jsing@
|
|
|
|
|
|
|
| |
This script is not used at all and files are edited by hand instead.
Thus remove misleading comments incl. the obsolete script/config.
Feedback OK jsing tb
|
|
|
|
| |
Pointed out by and ok jsing
|
|
|
|
| |
ok jsing
|
|
|
|
| |
ok beck@ tb@
|
|
|
|
| |
ok inoguchi@ tb@
|
|
|
|
|
|
| |
as is done for most other X.509 v3 extension methods.
discussed with jsing
|
|
|
|
|
|
|
|
| |
If we're given a pointer to an existing stack, free it and allocate a new
one rather than poping and freeing all of the existing entries so we can
reuse it. While here rename some arguments and variables.
ok inoguchi@ tb@
|
|
|
|
|
|
|
| |
Remove the existing o2i_SCT_signature() function and rename
o2i_SCT_signature_internal() to replace it.
ok inoguchi@ tb@
|
| |
|
| |
|
|
|
|
|
|
| |
files in libcrypto/ct. This reverts OpenSSL commit d2e9e320
discussed with jsing
|
|
|
|
|
|
| |
This provides cleaner and safer code.
ok inoguchi@ tb@
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
Our ASN1_GENERALIZEDTIME_set() doesn't accept time strings with
fractional seconds, so don't feed it milliseconds, but only seconds.
Ensures that openssl x509 -text prints timestamps instead of skipping
them.
ok beck jsing
|
|
|
|
| |
ok jsing@ tb@
|
| |
|
| |
|
|
This is not yet hooked up and will not compile. Follow on commits
will KNF and then make it build.
ok jsing@ tb@
|