| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| |
|
|
|
| |
more friendly to systems where the underscore flavours may be defined as empty.
Found the hard way be bcook@; joint brainstrom with bcook beck and guenther
|
| |
|
|
|
|
| |
libc interfaces over libcrypto interfaces. for now we also prefer
timingsafe_memcmp over timingsafe_bcmp, even when the latter is acceptable.
ok beck deraadt matthew miod
|
| |
|
|
|
|
|
| |
so that it reflects what it is actually doing. Use this function in a
number of places that still have the hand rolled version.
ok beck@ miod@
|
| | |
|
| |
|
|
|
|
|
|
| |
Just kidding!
unifdef OPENSSL_NO_TLS since we will never want to actually do that.
ok deraadt@
|
| |
|
|
| |
a not quite appropriate data structure. ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
DTLS code had a chunk that checked to see if the SSL version was *not*
DTLS. Turns out that this is inside a big #if 0 block with a comment
explaining why DTLS will never need this code...
The DTLS code was clearly written by wholesale copying the SSLv3 code.
Any code not applicable to DTLS was seemingly #if 0'd or commented out
and left for others to find.
d1_pkt.c is copied from s3_pkt.c and it has a do_dtls1_write() function
that has the same function signature as do_ssl3_write(), except that the
create_empty_fragement (yes, that is the spelling in ssl_locl.h) argument
is unused for DTLS (although there is code that pretends to use it) since
it uses explicit IV (as the comment notes).
Instead of leaving this turd lying around, nuke the #if 0'd code (along
with the check for *not* DTLS) and remove the pointless
create_empty_fragment argument given the only two do_dtls1_write() calls
specify zero.
This kind of thing also makes you wonder how much actual peer review
occurred before the code was initially committed...
ok beck@
|
| |
|
|
|
|
|
|
| |
since free already does this for us. Also remove some pointless NULL
assignments, where the result from malloc(3) is immediately assigned to the
same variable.
ok miod@
|
| |
|
|
| |
(with an XXX comment, though) in d1_pkt.c in 2005.
|
| |
|
|
|
|
| |
factoring error handling.
ok jsing@
|
| |
|
|
|
|
|
| |
this is sporadic, hacked up and can easily be put back in an improved form
should we ever need it.
ok miod@
|
| |
|
|
|
|
|
|
|
|
| |
actually needs it. Instead, just include it in the files where it is
actually necessary.
Also remove standard includes from pqueue.h so that they are not available
as a side effect. Just add the two includes that are needed to pqueue.c.
ok miod@
|
| |
|
|
|
|
|
| |
pqueue still chained, by inserting it into the list only after all possible
failure conditions have been avoided.
Reported and fix proposed by David Ramos; ok beck@
|
| |
|
|
|
|
|
|
|
| |
inclusion in <ssl/dtls1.h> by the benign
`struct _pqueue; typedef struct _pqueue *pqueue;'.
Note that said dtls1.h should probably be considered a private header as well...
ok beck@
|
| |
|
|
|
|
|
|
| |
This avoids a lot of ugly gymnastics to do snprintfs before sending the
bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c
where it was being called with the incorrect number of arguments and
using random things off the stack as addresses of strings.
ok krw@, jsing@
|
| |
|
|
|
|
|
| |
<machine/endian.h>, rather than writing 1 to a 32-bit variable and checking
whether the first byte is nonzero.
tweaks and ok matthew@; ok beck@ tedu@
|
| | |
|
| |
|
|
|
|
|
|
| |
OPENSSL_foo wrappers. This changes:
OPENSSL_malloc->malloc
OPENSSL_free->free
OPENSSL_relloc->realloc
OPENSSL_freeFunc->free
|
| |
|
|
|
|
| |
and allow for the normal posix mandated return values instead of the
nonstandard one from BIO_snprintf.
ok miod@
|
| | |
|
| |
|
|
|
| |
readable. This pass is whitespace only and can readily be verified using
tr and md5.
|
| |
|
|
| |
ok miod@, deraadt@
|
| | |
|
| |
|
|
|
| |
from the openssl git (changes between openssl 1.0.1c and 1.0.1d).
ok djm@
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
