|  | Commit message (Collapse) | Author | Age | Files | Lines | 
|---|
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| | lease worst alternative and do nothing rather than dereference NULL, but having
a function with fundamentally broken API to simply make a list of strings, sort them,
and call a function with each string as an argument is really quite silly....
and of course it was exposed API that the ecosystem uses that we can't delete.. yet.
ok miod@ doug@ | 
| | 
| 
| 
| | 15 years. | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | engine to regular EVP citizens, contributed by Dmitry Eremin-Solenikov;
libcrypto bits only for now.
This is a verbatim import of Dmitry's work, and does not compile in this
state; the forthcoming commits will address these issues.
None of the GOST code is enabled in libcrypto yet, for it still gets
compiled with OPENSSL_NO_GOST defined. However, the public header gost.h
will be installed. | 
| | 
| 
| 
| | ok doug@ jsing@ | 
| | 
| 
| 
| | ok doug@ jsing@ | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | - make sure the output buffer is always NUL terminated if buf_len
   was initially greater than zero.
 - reject OIDs that are too long, too short, or not in proper base-127
Based on
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=0042fb5fd1c9d257d713b15a1f45da05cf5c1c87
ok bcook@ | 
| | 
| 
| 
| | (be sure to make cleandir and make includes before building) | 
| | 
| 
| 
| 
| 
| 
| 
| | Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.
ok beck@ miod@ | 
| | 
| 
| 
| 
| 
| 
| 
| 
| | an OPENSSL_NO_* define. This avoids relying on something else pulling it
in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is
never going to do anything, since OPENSSL_NO_XYZ will never defined, due
to the fact that opensslconf.h has not been included.
This also includes some miscellaneous sorting/tidying of headers. | 
| | 
| 
| 
| 
| 
| | are needed in the source files that actually require them.
ok beck@ miod@ | 
| | |  | 
| | 
| 
| 
| 
| 
| | and others to the regress framework.  These remaining ones just
muddle us up when re-reading code repeatedly.
ok jsing | 
| | 
| 
| 
| | ok miod | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | this nasty function.
This gets rid of the nasty tmp variables used to hold temporary strings
and the DECIMAL_SIZE hack. it gets rid of the rather pointless null checks
for buf (since the original code dereferences it before checking). It also
gets rid of the insane possibility this could return -1 when stuff is
using the return values to compute lengths All the failure cases now
return 0 and an empty string like the first error case in the original
code.
ok miod@ tedu@ | 
| | 
| 
| 
| | ok tedu guenther | 
| | 
| 
| 
| | in the "size_t nmemb, size_t size" | 
| | 
| 
| 
| 
| 
| 
| 
| 
| | potential integer overflows easily changed into an allocation return
of NULL, with errno nicely set if need be.  checks for an allocations
returning NULL are commonplace, or if the object is dereferenced
(quite normal) will result in a nice fault which can be detected &
repaired properly.
ok tedu | 
| | 
| 
| 
| 
| 
| | crypto memory debugging code has been castrated.
ok miod@ "kill it" beck@ | 
| | 
| 
| 
| 
| 
| 
| | including it they get <openssl/opensslconf.h>. So instead of pulling in
<openssl/e_os2.h>, just pull in <openssl/opensslconf.h>.
"go ahead" miod@ | 
| | 
| 
| 
| | ok miod@ | 
| | 
| 
| 
| | ok miod@ | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| | While not to be considered a good choice of elliptic curve (refer to
http://safecurves.cr.yp.to/ for more details), it is nevertheless deemed a
good decision to allow developers with requirements to use such a curve,
to be able to do this via a crypto library allowing for much better choices
to be made, without having to change (much of) their code to get better crypto.
ok beck@ deraadt@ | 
| | 
| 
| 
| 
| | Be sure to rerun `make includes' after updating.
ok tedu@ beck@ deraadt@ | 
| | |  | 
| | |  | 
| | 
| 
| 
| 
| 
| | truncation is either desirable, not an issue, or is detected and handled later
ok deraadt@ | 
| | 
| 
| 
| 
| 
| | funcitons to check for incorrect use. keep BUF_strlcpy and BUF_strlcat
for API comptibility only.
ok tedu@ | 
| | 
| 
| 
| 
| 
| | discrepancy found while checking proper {HEX,DECIMAL}_SIZE macro usage, which
is confusing enough.
tweaks and ok jca@, ok guenther@ | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| 
| | OPENSSL_foo wrappers. This changes:
OPENSSL_malloc->malloc
OPENSSL_free->free
OPENSSL_relloc->realloc
OPENSSL_freeFunc->free | 
| | |  | 
| | 
| 
| 
| 
| | with the bearded ones...
some API's that nobody should be using will dissapear with this commit. | 
| | 
| 
| 
| 
| | where the return value is ignored changing to (void) snprintf.
ok deraadt@ | 
| | 
| 
| 
| 
| | that it is easier to find code pieces.  They are getting in the way.
ok miod | 
| | 
| 
| 
| | ok miod@ deraadt@ | 
| | |  | 
| | |  | 
| |\  
| | 
| | | branch. | 
| | | |  | 
| | | |  | 
| |\| 
| | 
| | | branch. | 
| | | |  | 
| | | |  | 
| | | |  | 
| | | |  | 
| | | |  | 
| | | |  | 
| | | |  | 
| | | |  | 
| | | |  |