| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Take the MAC before clobbering the input value on decryption. Fixes hangs
during the QUIC handshake with HAProxy using TLS_CHACHA20_POLY1305_SHA256.
Found, issue pinpointed, and initial fix tested by Lucas Gabriel Vuotto:
Let me take this opportunity to thank the HAProxy team for going out of
their way to keep supporting LibreSSL. It's much appreciated.
See https://github.com/haproxy/haproxy/issues/2569
tweak/ok jsing
|
| | |
|
| |
|
|
| |
This error comes from upstream, where it is still wrong.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
feedback and ok tb@
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
No change in the generated assembly
|
| |
|
|
|
| |
Use less horrcble variable names and make it explicit that both output
arguments are allowed to be NULL.
|
| | |
|
| | |
|
| |
|
|
| |
No change in the generated assembly
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
This avoids a dangling reference in i2s_ASN1_ENUMERATED_TABLE.
To complete this manual, someone will need to document X509V3_EXT_METHOD,
but that's for a much more rainy day than today.
|
| |
|
|
| |
looks good to jmc
|
| |
|
|
|
|
| |
This function is only used by OpenLDAP and it's been a noop since
forever. It has no business to be squeezed in between a number of
other, quite unrelated functions. It's distracting.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
It is dubious whether this opaque struct's internals should be documented
in the first place. This also has been incomplete since forever. For now
zap the stuff that no longer exists and make an attempt at matching KNF a
bit more closely.
|
| |
|
|
|
|
|
| |
There are no accessors to set them, so this has been involved in a bunch
of dead logic ever since we made DSA opaque a few years ago.
ok jsing
|
| |
|
|
|
|
|
| |
I could not find any use of this in all of OpenSSL's git history since
SSLeay 0.8.1b.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
While eckey_from_explicit_params() frees *out_eckey, eckey_from_object()
and eckey_from_params() do not. These functions are currently all callled
with a NULL *out_eckey, but the latter two would leak if that should ever
change.
ok jsing
|
| |
|
|
| |
ok djm
|
| | |
|
| |
|
|
| |
no functional change
|
| | |
|
| |
|
|
| |
no functional change
|
| |
|
|
|
|
| |
Test & assign and use ret instead of rv.
ok jsing
|
| |
|
|
|
|
|
| |
Use better variable names, split the success from the error path and
return directly rather than using an ok variable.
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
Use better variable names. X509_REQ_new() sets the version to the only
specified version, so there is no point to set it. Extract the subject
name, then assign to make it more obvious that we error happens if the
cert has a missing subject. Switch to X509_get0_pubkey() to avoid some
strange dance with a strangely named variable to adjust the refcount.
ok jsing
|
| |
|
|
|
|
|
| |
Instead of inlining a poor version of ASN1_TYPE_unpack_sequence() with
missing error checks, just call the real thing. It's safer and simpler.
ok jsing
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Now that we know the two OIDs we need to look for when checking for the
extension list attribute in a certification request, we can simplify this
quite a bit. There is one change of behavior. Attribute value sets are not
supposed to be empty and it makes no sense to return an empty stack of
extensions in that case, return NULL instead, matching BoringSSL.
This removes last use of ext_nids and ext_nid_list[], so these two bits
of unprotected global mutable state can now join the party in the attic.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Now that the global ext_nids[] array can no longer be modified by the
application, we can simplify this by returning the two possible NIDs
that we accept in the extension list attribute in PKCS#10 certification
requests.
The year is 2024. This API is entirely unused by the ecosystem. Well not
entirely! One small village of indomitable rare API use still holds out
against the cleansers. You may have guessed it: security/xca.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
These fiddle with unprotected global state, so aren't thread safe and
of course there was no good reason to have this API in the first place.
Nothing uses it, so it becomes a noop and will be removed in the next
major bump.
ok jsing
|
| |
|
|
| |
This old [...] routines use [...] -> These old [...] routines [...]
|
| |
|
|
| |
No functional change.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It is not safe to unconditionally call contract() - when called repeatedly
it will shrink the bucket array to zero and then attempt to access that
allocation on the next call. Use the same guard that is used in
lh_delete().
Issue found when investigating haproxy crashes reported by wizard-it on
GitHub.
ok tb@
|
| |
|
|
|
|
|
|
| |
The only caller that could potentially call these with NULL has been fixed.
This way an ugly hack that was needed to plug a memory leak can go away and
the functions again behave as intended without OpenSSL-style workarounds.
ok beck
|
| |
|
|
|
|
|
|
|
|
| |
If s is NULL, the only thing the tm_to_*() functions do is a check that
a GeneralizedTime has a four digit year (between 0000 and 9999) and a
UTCTime has a year between 1950 and 2050. These checks are already done
in ASN1_TIME_parse() itself: the century is 100 times a two-digit value
(or 19 in the UTCTime case) plus another two-digit value.
ok beck
|
