summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Restore beck's rev 1.3: snprintf() was reviewedguenther2014-04-201-1/+1
|
* More KNF.jsing2014-04-202-3/+3
|
* KNF.jsing2014-04-206-714/+951
|
* KNF.jsing2014-04-206-470/+592
|
* KNF.jsing2014-04-204-264/+359
|
* More KNF.jsing2014-04-2013-80/+88
|
* More KNF.jsing2014-04-201-50/+62
|
* KNF.jsing2014-04-202-181/+219
|
* KNF.jsing2014-04-204-398/+393
|
* Chop off more SSLv2 tentacles and start fixing and noting y2038 issues.guenther2014-04-202-2/+2
| | | | | | | APIs that pass times as longs will have to change at some point... Bump major on both libcrypto and libssl. ok tedu@
* return after error instead of plowing ahead. noticed by mancha1 at zohotedu2014-04-201-0/+1
|
* KNF.jsing2014-04-2012-1154/+1134
|
* reset imprint to NULL to avoid double free. from mancha1 at zohotedu2014-04-201-0/+1
|
* another attempt at fixing stale x509 data. since we don't know where thetedu2014-04-191-10/+8
| | | | | initial storage came from, we can't free it. just memset in the sequence case. probably ok beck
* KNF.jsing2014-04-196-813/+814
|
* can't actually do this. cause unknown.tedu2014-04-191-1/+1
|
* KNF.jsing2014-04-196-564/+530
|
* More KNF.jsing2014-04-193-33/+34
|
* Lacking a proof that--for this implementation--exposure of Montgomeryguenther2014-04-192-7/+7
| | | | | | | | multiplication or RSA blinding parameters doesn't permit retroactive timing analysis of the secrets, we'll do the stupidly cheap thing and cleanse them before freeing them. ok deraadt@
* More KNF.jsing2014-04-195-238/+296
|
* More KNF.jsing2014-04-194-261/+379
|
* More KNF.jsing2014-04-193-10/+14
|
* We'll interpret a (void) cast on snprintf() to mean it's been verified thatguenther2014-04-1925-62/+62
| | | | | | truncation is either desirable, not an issue, or is detected and handled later ok deraadt@
* egd is gonederaadt2014-04-192-6/+2
|
* More KNF.jsing2014-04-194-685/+761
|
* More KNF.jsing2014-04-196-380/+471
|
* More KNF.jsing2014-04-196-363/+434
|
* More KNF.jsing2014-04-197-203/+207
|
* use intrinsic strlcpy and strlcat everywhere so we only have one set ofbeck2014-04-1912-40/+40
| | | | | | funcitons to check for incorrect use. keep BUF_strlcpy and BUF_strlcat for API comptibility only. ok tedu@
* OPENSSL_gmtime() is really just gmtime_r(); ok guentherderaadt2014-04-185-13/+6
|
* tone down some XXXXX to not appear in greptedu2014-04-182-2/+2
|
* XXXXXXXXXXXXXXXX -> XXXtedu2014-04-181-3/+3
| | | | XXXXXXXXXXXXXXXXXXXXXXX -> XXXX
* unifdef NO_SOCKtedu2014-04-184-8/+0
|
* Unsurprisingly, since <unistd.h> was so darn hard to find for OpenSSL developersbeck2014-04-185-31/+4
| | | | | | | | they had resorted to manually protyping read(2) instead of incredible amount of preprocessor wizardry needed to find the ever illusive <unistd.h>. Let's just include <unistd.h> and we don't need to do this.. While we're at it flense out _OSD_POSIX and __DGJPP__ cruft. ok krw@
* Do not ask the user to pass either -DB_ENDIAN or -DL_ENDIAN to the compiler,miod2014-04-185-24/+19
| | | | | | | but rather figure out the endianness from <machine/endian.h> automagically; help from guenther@ ok jca@ guenther@ beck@ and the rest of the `Buena SSL rampage club'
* Shrink a local buffer to the size it really needs to be; this is the onlymiod2014-04-181-1/+1
| | | | | | discrepancy found while checking proper {HEX,DECIMAL}_SIZE macro usage, which is confusing enough. tweaks and ok jca@, ok guenther@
* eroMgib dne- nai 68xtnetelca .smiod2014-04-181-7/+2
|
* Not welcomemiod2014-04-181-151/+0
|
* typomiod2014-04-181-1/+1
|
* first round of static config. ok miodtedu2014-04-1826-1118/+0
|
* Put back i2d_ASN1_SET() and d2i_ASN1_SET() from the NO_ASN1_OLD prune, as theremiod2014-04-184-1/+260
| | | | | | | are still some 3rd-party code using it, and fixing them is not trivial. As an excuse gift, the memory leaks on failure in resurrected a_set.c have been fixed.
* guenther would prefer more separationtedu2014-04-181-0/+2
|
* we need to cranktedu2014-04-182-2/+2
|
* remove include files not neededderaadt2014-04-182-17/+2
|
* use the portable construct around asprintf; pointed out by halexderaadt2014-04-181-1/+2
|
* Some dude named Tavis Ormandy reported a bug which has gone unfixed.tedu2014-04-181-0/+5
| | | | | | | | | | | http://marc.info/?l=openssl-users&m=138014120223264&w=2 Arguably a doc bug, but we argue not. If you parse a new cert into memory occupied by a previously verified cert, the new cert will inherit that state, bypassing future verification checks. To avoid this, we will always start fresh with a new object. grudging ok from guenther, after i threatened to make him read the code yet again. "that ok was way more painful and tiring then it should have been"
* Put the final pieces from e_os.h in the required places, and remove it.deraadt2014-04-1812-49/+3
| | | | | "dance on it's grave" says beck ok guenther beck
* blank lines between decls and codetedu2014-04-181-0/+5
|
* in CONF_get1_default_config_file(), don't calculate a buffer size,deraadt2014-04-181-15/+5
| | | | | | | malloc it, do unbounded strlcpy's to it... but instead of asnprintf. While there, let's put a '/' between the two path components! Wonder how old that bug is.. ok guenther
* More KNF.jsing2014-04-181-76/+80
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-27 23:23:00 +0000