| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
EVP_PKEY_get_attr_by_OBJ(3), X509at_get_attr_by_OBJ(3),
X509at_get0_data_by_OBJ(3), X509_REQ_get_attr_by_OBJ(3)
tested in a bulk by sthen
ok beck (as part of a larger diff)
|
| |
|
|
|
|
| |
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@
|
| | |
|
| |
|
|
|
|
|
| |
different from the macro expansion, but the result is the same. Also
replace some ASN1_STRING_dup() with ASN1_INTEGER_dup().
ok beck@ doug@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
A NULL pointer could be dereferenced when X509_REQ_set_pubkey() calls
X509_PUBKEY_set() with pktmp.
OpenSSL says it's the fix for CVE-2015-0288, but there aren't any public
details yet to confirm. Either way, we should fix this.
Based on OpenSSL commit 28a00bcd8e318da18031b2ac8778c64147cd54f9
and BoringSSL commit 9d102ddbc0f6ed835ed12272a3d8a627d6a8e728.
"looks sane" beck@
ok miod@, bcook@
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
manual field fiddling to create an ASN1_INTEGER object, instead of using
M_ASN1_INTEGER_new() which will allocate sizeof(long) bytes.
That person had probably never looked into malloc(3) and never heard of
allocation size rounding.
Thus, replace the obfuscated code with M_ASN1_INTEGER_new() followed by
ASN1_INTEGER_set(), to achieve a similar result, without the need for
/* version == 0 */ comments.
ok bcook@
|
| |
|
|
|
|
|
|
| |
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.
ok beck@ miod@
|
| |
|
|
|
|
|
|
|
| |
an OPENSSL_NO_* define. This avoids relying on something else pulling it
in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is
never going to do anything, since OPENSSL_NO_XYZ will never defined, due
to the fact that opensslconf.h has not been included.
This also includes some miscellaneous sorting/tidying of headers.
|
| | |
|
| |
|
|
| |
ok miod
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
OPENSSL_foo wrappers. This changes:
OPENSSL_malloc->malloc
OPENSSL_free->free
OPENSSL_relloc->realloc
OPENSSL_freeFunc->free
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
| | |
|
|
|
functionality for shared libs.
Note that routines such as sslv2_init and friends that use RSA will
not work due to lack of RSA in this library.
Needs documentation and help from ports for easy upgrade to full
functionality where legally possible.
|
