| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| |
|
|
| |
reported by Steven Chamberlain
|
| |
|
|
|
| |
Thanks to Google for agreeing to offer the code under more agreeable
licensing terms!
|
| |
|
|
| |
Forgotten during yesterday's STRICT_ALIGNMENT cleanup commit.
|
| | |
|
| | |
|
| |
|
|
| |
"fire bomb" tedu@
|
| | |
|
| |
|
|
|
|
| |
is amusing.
ok deraadt@
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
ok miod@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
than defining it for not (i386 and amd64 (and sometimes s390)) only.
Compile-time tests remain compile-time tests, and runtime-test remain
runtime-test instead of being converted to compile-time tests, per matthew@'s
explicit demand (rationale: this makes sure the compiler checks your code even
if you won't run it).
No functional change except on s390 (which we don't run on) and vax (which we
run on, but noone cares about)
ok matthew@
|
| | |
|
| |
|
|
|
| |
reported to openssl by David Ramos (rt 3338)
stealing commit from logan, who's run away. ok miod.
|
| |
|
|
| |
i've never worked on codebase so resistant to efforts to improve it.
|
| |
|
|
|
|
|
|
| |
much debugging work done by otto. ok miod otto.
side note: BN_FLG_STATIC_DATA doesn't actually mean the data is static.
it's also used to indicate the data may be secretly shared behind your back
as a sort of poor man's refcounting, but without the refcounting.
|
| | |
|
| | |
|
| |
|
|
|
| |
makes this compile with OPENSSL_NO_DEPRECATED defined.
ok deraadt@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
- replace hardcoded sizes with sizeof()
- pqueue_find() apparently used to need to keep track of the previous node
when iterating, which causes its logic to be complicated. However, nowadays
it only needs to iterate, so replace with a straightforward, much
readable logic.
- remove #if 0'ed code
From ``sin'' from 2f30 dot org on tech@, thanks!
|
| | |
|
| |
|
|
|
|
| |
Reported by David Ramos (and simultaneously to OpenSSL as PR#3339).
ok beck@ logan@
|
| | |
|
| |
|
|
| |
it's your lucky day!
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
however, instead of trying to audit all the places where a secret bignum
is used, apply the big hammer and clear all bignums when freed.
ok deraadt miod
|
| | |
|
| |
|
|
| |
ok miod@
|
| |
|
|
|
|
|
|
|
| |
the ifdef maze, meaning that FIONBIO was no longer defined. This removes
non-blocking I/O support from s_{client,server,time}.
Remove all FIONBIO ifdefs and import <sys/ioctl.h>, renabling -nbio.
ok miod@
|
| |
|
|
|
|
| |
a unnecessary NULL check before free.
ok miod@
|
| |
|
|
| |
ok miod@
|
| |
|
|
|
| |
all on their own and we can't effectively maintain them without using them,
which we don't. If the need arises, the code can be resurrected.
|
| |
|
|
| |
ok jmc@
|
| |
|
|
| |
yup jmc@
|
| |
|
|
| |
fine jmc@
|
| |
|
|
| |
ok jmc@
|
| |
|
|
| |
ok jmc@
|
| |
|
|
| |
ok jmc@
|
| |
|
|
| |
ok jmc@
|
| |
|
|
| |
no objection jmc@
|
| | |
|
| |
|
|
| |
will not get referenced if this condition is not met.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
handling of padding. This fixes a crash that can be triggered by feeding
base64 data followed by 64 or more padding characters, which results in a
negative output length.
This issue was reported by David Ramos, although the same bug has been
sitting in the OpenSSL RT since 2011:
https://rt.openssl.org/Ticket/Display.html?id=2608
Worse still, BIO_read seems to be completely unable to detect that the
base64 input was invalid/corrupt - in particular, enabling
BIO_FLAGS_BASE64_NO_NL results in a stream of zero value bytes rather than
no input (possibly a good replacement for /dev/null...), which could
result in nasty consequences. Prior to this fix some zero value bytes were
also injected without this flag being enabled.
The recently added base64 regress triggers and documents these issues
(and also ensures that this change retains functional behaviour).
|
| | |
|
