| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
... and another file without license disappears.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With one exception, none of this is used anymore. All of it will be removed
in the next major bump.
The exception is OBJ_NAME_add(). scurity/xca ran into issues with their
cert renewal logic because RSA certs had a way of mapping the signature
algorithms to a hash, but a similar mechanism wasn't available for ECDSA
certs. So xca uses EVP_add_digest_alias() to have corresponding aliases
for ECDSA. This is a macro wrapping OBJ_NAME_add().
xca now has better logic using the more appropriate OBJ_find_sigid_algs()
(which wasn't available back then). We will still add the alias entries
that xca still adds ourselves to make sure there are no unexpected side
effects. They make sense anyway.
The diff will hopefully land in a few days. If your life depends on ECDSA
cert renewal in xca please hold off on updating to a new snap.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This implements the do_all API by simple loops over the tables of
digests and ciphers. Since some ciphers are only available on some
platforms, we need to skip them if necessary. We use loops in each
of the functions rather the convoluted way of reducing some of the
loops to others.
Since the tables are sorted, as ensured by regress, both do_all() and
do_all_sorted() walk the lists in order. In particular, we no longer
need to allocate to be able to sort hash tables by name on the fly in a
void function that may end up doing nothing because allocation failed.
We still need to do an unchecked OPENSSL_init_crypto() call. But that's
what prayer and clean living are there for (as beck put it).
The OBJ_NAME API is completely misnamed. It has little to do with objects
and a lot to do with EVP. Therefore we implement what will remain from
its saner replacement in the evp directory, i.e., evp_names.c.
ok jsing
|
| |
|
|
| |
ok tb@
|
| |
|
|
|
|
| |
is leaked in OBJ_NAME_add.
ok tb
Found by CodeChecker.
|
| |
|
|
|
|
| |
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@
|
| |
|
|
|
|
|
|
|
|
| |
lease worst alternative and do nothing rather than dereference NULL, but having
a function with fundamentally broken API to simply make a list of strings, sort them,
and call a function with each string as an argument is really quite silly....
and of course it was exposed API that the ecosystem uses that we can't delete.. yet.
ok miod@ doug@
|
| |
|
|
| |
15 years.
|
| |
|
|
| |
ok doug@ jsing@
|
| | |
|
| |
|
|
| |
ok miod
|
| |
|
|
|
|
|
|
|
| |
potential integer overflows easily changed into an allocation return
of NULL, with errno nicely set if need be. checks for an allocations
returning NULL are commonplace, or if the object is dereferenced
(quite normal) will result in a nice fault which can be detected &
repaired properly.
ok tedu
|
| |
|
|
|
|
| |
crypto memory debugging code has been castrated.
ok miod@ "kill it" beck@
|
| |
|
|
|
|
|
| |
including it they get <openssl/opensslconf.h>. So instead of pulling in
<openssl/e_os2.h>, just pull in <openssl/opensslconf.h>.
"go ahead" miod@
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
OPENSSL_foo wrappers. This changes:
OPENSSL_malloc->malloc
OPENSSL_free->free
OPENSSL_relloc->realloc
OPENSSL_freeFunc->free
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
correctly autogenerate obj_mac.h
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
| |
|
