summaryrefslogtreecommitdiff
path: root/src/lib/libssl (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Remove typecasts on password_callback.bcook2014-07-093-20/+15
| | | | | | | Rather than casting password_callback to the correct function pointer signature at every call site, change it to match the signature instead. ok miod@ deraadt@ tedu@
* In the old days (not in this century), SSLeay 0.4.5 would create X.509 RSAmiod2014-07-091-14/+3
| | | | | | | | | signatures using the wrong oid for the signature type. The signature verification code has thus been modified to allow these signatures to be accepted, with a printf to stderr to notify the user something was fishy. Remove this chunk; these signatures will no longer get accepted. ok deraadt@ guenther@ jsing@ tedu@
* Remove RSA_memory_lock(). This undocumented function sort-of serializes yourmiod2014-07-092-51/+2
| | | | | | | | | | RSA components to memory and clears them, but there is no unserializing function, so its usefulness is close to zero. A grep through the ports tree sources show that it is only present in ports embedding their own openssl copy, and never used otherwise. ok jsing@
* remove unused dynamic_cmd_defns_empty structure.bcook2014-07-091-4/+1
| | | | ok miod@ deraadt@ guenther@
* RSA_NULL used to be a compile option allowing the RSA interfaces to bemiod2014-07-094-176/+4
| | | | | | | | compiled-in, with nonfunctional code, to be able to cope with the RSA patent. However, we don't use this option, and the RSA patent has expired more than 10 years ago, so just drop this piece.
* KNFmiod2014-07-0919-1967/+1959
|
* Mark the weakened 40-bit export ciphers as invalid - no one in their rightjsing2014-07-082-18/+18
| | | | | | mind should be using them. ok deraadt@ miod@
* Remove SSL_FIPS.jsing2014-07-086-188/+172
| | | | ok deraadt@ miod@
* Nuke SSL_NOT_EXP since it does nothing.jsing2014-07-084-252/+250
| | | | ok deraadt@ miod@
* Document SSL_CIPHER_description() will now use asprintf if passed a NULLmiod2014-07-081-5/+5
| | | | buffer.
* Do not suggest using BUF_strdup() preferably to strdup() for fallaciousmiod2014-07-081-4/+1
| | | | reasons.
* Match the current state of the code.miod2014-07-081-3/+3
|
* replace malloc(strlen())/strlcpy with strdupbcook2014-07-081-3/+2
| | | | ok beck@ jsing@
* Define SMALL_REGISTER_BANK on arm and vax, for it generates faster code formiod2014-07-081-1/+5
| | | | | these systems (vax being 30% faster!). (surprisingly, the prime candidate for SMALL_REGISTER_BANK, SuperH, runs actually slower in that case)
* Remove undocumented _des_crypt() interface and its companion header file,miod2014-07-082-231/+0
| | | | | | | which had never been installed, so it's unlikely something ever used this in the last 15~20 years. ok deraadt@ jsing@ beck@
* pedantic avoidance of division by zero, likely not actuallybeck2014-07-082-2/+12
| | | | | possible to hit for real. ok miod@ jsing@
* add missing stdint. include for uint32_t, etc.bcook2014-07-081-1/+4
| | | | ok beck@ jsing@
* We do not care about broken Borland C pre-processors.jsing2014-07-081-5/+3
| | | | ok beck@ deraadt@
* Pretty much everything has SO_REUSEADDR - nuke the #ifdefs.jsing2014-07-081-5/+1
| | | | ok beck@
* We have EAI_FAMILY - remove the #ifdefs.jsing2014-07-081-5/+1
| | | | ok beck@
* More KNF.jsing2014-07-081-11/+21
|
* Avoid locking in BIO_get_port() by using getservbyname_r() instead ofjsing2014-07-081-31/+31
| | | | | | getservbyname(). While here, provide a common/single return path. ok deraadt@
* KNF.jsing2014-07-0816-656/+757
|
* More KNF.jsing2014-07-081-16/+18
|
* Simplify various BIO_sock_* fuctions - less code, better variable names,jsing2014-07-081-27/+12
| | | | | | correct types and fewer casts. ok deraadt@ miod@
* Memory-leak-in-error-path of the day in X509_ATTRIBUTE_set1_data().miod2014-07-031-2/+3
| | | | ok logan@ beck@
* Memory leak in error path of the day, from clang via dhill@bitrig;miod2014-07-022-4/+6
| | | | ok dhill@bitrig
* pk7_doit.c r1.20 introduced a NULL check that ensures that the signaturejsing2014-07-021-2/+2
| | | | | | | | | | contents are not NULL, however this breaks detached signature processing. Fix this by allowing the signature contents to be NULL when operating with a detached signature. Found the hard way by sthen@. ok sthen@
* Remove more unused cruft.jsing2014-07-0229-1633/+0
| | | | No objection from the usual suspects.
* KNF.jsing2014-07-021-61/+51
|
* Avoid a NULL deref in i2d_ECPrivateKey() when an EC_KEY lacks the public keymiod2014-07-011-2/+2
| | | | | | member (which is perfectly acceptable). From BoringSSL (Adam Langley), commit f71a27920a903c9c36bcb31e68781b17674d3fd2
* simplify and unobfuscate a variable to fix a mem leak.tedu2014-06-301-6/+9
| | | | original diff by logan
* fix the identical leak in three different files.tedu2014-06-306-12/+18
| | | | reported by Brent Cook, original diff by logan
* Free "data" when it's no longer in use.logan2014-06-291-1/+2
| | | | | | (Thanks to Brent Cook) OK from jsing@
* Fix file descriptor leaklogan2014-06-291-1/+2
| | | | | | (Thanks to Brent Cook) OK from jsing@
* Remove yet another unused file... a backup copy (minus copyright andjsing2014-06-291-66/+0
| | | | includes) follows this commit message:
* KNF.jsing2014-06-2911-1606/+1563
| | | | | | | | I just spent too long chasing a bug in here and really should have done this first. Gem of the day... is it an if test or a for loop? No, it is a super ifloop! if (!(flags & PKCS7_NOVERIFY)) for (k = 0; k < sk_X509_num(signers); k++) {
* Remove another unused source file - I got suspicious when I found ajsing2014-06-291-460/+0
| | | | | | | | function that ended with: if (ret & 0x01) if (ret & V_ASN1_CONSTRUCTED) }
* More KNF.jsing2014-06-292-64/+98
|
* correct issetugid sense as spotted by Stijn van Drongelen.deraadt2014-06-291-3/+7
| | | | Substantially expand the conditional to reduce potential for error.
* Add a missing word.jca2014-06-281-1/+1
|
* Fix a memory leak and another one that occurs in the error paths.logan2014-06-281-2/+6
| | | | | | | (Thanks to Brent Cook) OK from tedu@
* Fix 9 memory leaks.logan2014-06-281-1/+10
| | | | | | | | (Thanks to Brent Cook) With help from tedu@ OK from tedu@
* Fix 2 memory leaks.logan2014-06-282-2/+6
| | | | | | (Thanks to Brent Cook) OK from tedu@
* Use strtonum() instead of atoi(), and then impose what are we thinkderaadt2014-06-2813-102/+211
| | | | | | are the current range checks. Help from millert and lteo. Please test now that it is deployed and let us know if any numbers are off.. ok lteo
* When building a BN on the stack in BN_div(), make sure to initialize all itsmiod2014-06-271-1/+2
| | | | | | fields (i.e. the flags field) before using it. This is currently harmless, but might not be if we end up invoking other BN functions checking for constant-time processing requirement in the future.
* save_errno botch; spotted by miodderaadt2014-06-271-2/+2
|
* hand-KNF macro the do { } while loopsderaadt2014-06-274-40/+49
|
* hand-KNF the remaining bitsderaadt2014-06-271-98/+106
|
* Remove M_ASN1_New* macros which are only used in X509_PKEY_new() are obfuscatemiod2014-06-272-22/+16
| | | | | | it to hide memory leaks in the error paths, and fix aforementioned memory leaks. ok jsing@ logan@ deraadt@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-25 15:19:15 +0000