| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
horrific macros from asn1_mac.h.
This is a classic example of using macros to obfuscate code, in an attempt
to reduce the line count. The end result is so ridiculously convoluted that
it is completely unreadable and it takes hours to deconstruct the macros
and figure out what is actually going on behind the scenes.
ok miod@
|
| |
|
|
|
|
| |
intrinsics. This is the easy ones, a few left to check one at
a time.
ok miod@ deraadt@
|
| |
|
|
| |
OK from beck@ and miod@
|
| | |
|
| | |
|
| |
|
|
| |
ok jsing@
|
| |
|
|
| |
EVP_MD_CTX_cleanup() to be called.
|
| | |
|
| |
|
|
|
|
| |
appropriate function. Checking for privkey != NULL is not enough since
privkey points to a member of ndsa if ndsa != NULL.
dsa_priv_encode(): possible double free in error path.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
to reinitialize all of it, especially if it is used with the same MD algorithm.
However, when the MD algorithm changes, it needs to perform more cleanups.
Make that code more closer to what EVP_MD_CTX_cleanup() does by:
- only freeing md_data if EVP_MD_CTX_FLAG_REUSE is not set
- performing an explicit_bzero of md_data before freeing it
- making sure we call EVP_PKEY_CTX_free on the pctx if the allocation for the
new md_data fails.
ok tedu@
|
| | |
|
| |
|
|
|
|
|
| |
while we can take it out in portable at compile time, it is still a problem
when we install this header file on a system that doesn't support __bounded__
if this is unguarded.
ok miod@ bcook@
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Based on changes to OpenSSL trunk.
ok beck@ miod@
|
| | |
|
| |
|
|
| |
ok jsing@
|
| |
|
|
|
|
|
| |
``The probability that a randomly generated key is weak is -1/2^52,
so it is not really worth checking for them.''
This kind of naively optimistic attitude is not compatible with security.
|
| |
|
|
|
|
| |
build on pre-EVP_CIPH_FLAG_DEFAULT_ASN1 codebases.
ok jsing@
|
| |
|
|
| |
done for other symmetric algorithms recently.
|
| |
|
|
|
|
|
|
| |
constructs (a switch statement) and returns the appropriate string defined
by SSL_TXT_* for the given version, including support for DTLSv1 and
DTLSv1-bad. Use this function in SSL_get_version() and SSL_SESSION_print().
ok beck@
|
| |
|
|
|
|
|
|
| |
This allows us to remove the ERR_load_crypto_strings() call, along with
the various SSL_load_error_strings() and OpenSSL_add_ssl_algorithms()
calls scattered around the place.
ok beck@
|
| |
|
|
| |
definitions using C99 field initializers. No functional change.
|
| | |
|
| |
|
|
|
|
| |
conditionals.
ok miod@
|
| |
|
|
|
|
| |
load_config() once when we start.
ok miod@
|
| |
|
|
|
|
|
| |
instances. This one for OPENSSL_ALLOW_PROXY_CERTS gets turned off first,
especially since it had this special comment:
/* A hack to keep people who don't want to modify their software happy */
ok beck jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- first, BN_free == BN_clear_free in our libcrypto, so we do not need to
treat CBIGNUM (crypto BN) separately from BIGNUM (regular BN).
- then, in bn_i2c(), since BN_bn2bin returns BN_num_bytes(input), take
advantage of this to avoid calling BN_num_bytes() a second time.
BN_num_bytes() is cheap, but this not a reason to perform redundant
work.
- finally, in bn_c2i, if bn_new() fails, return early. Otherwise
BN_bin2bn will try to create a BN too, and although this will probably
fail since we were already out of memory, if we are on a threaded
process and suddenly the allocation succeeds, we will leak it since it
will never be stored in *pval.
ok jsing@
|
| |
|
|
|
| |
NULL.
ok deraadt@ guenther@ jsing@
|
| |
|
|
|
|
|
| |
Improves readability, keeps the code smaller so that it is warmer in your
cache.
review & ok deraadt@
|
| |
|
|
|
| |
X509_STORE_CTX_free() accept NULL pointers as input without dereferencing them,
like all the other well-behaved *_CTX_free() functions do.
|
| |
|
|
| |
ok beck@ miod@
|
| | |
|
| |
|
|
|
| |
to interleave them within the conditions. Also fix wrapping and
indentation.
|
| |
|
|
|
| |
From Thijs Alkemade via OpenSSL trunk
ok miod@
|
| |
|
|
| |
ok guenther
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
bounds check, after reading the 2-, 3- or 4-byte size of the next chunk to
process. But the size fields themselves are not checked for being entirely
contained in the buffer.
Since reading past your bounds is bad practice, and may not possible if you
are using a secure memory allocator, we need to add the necessary bounds check,
at the expense of some readability.
As a bonus, a wrong size GOST session key will now trigger an error instead of
a printf to stderr and it being handled as if it had the correct size.
Creating this diff made my eyes bleed (in the real sense); reviewing it
made guenther@'s and beck@'s eyes bleed too (in the literal sense).
ok guenther@ beck@
|
| |
|
|
|
| |
detect versions distinct from OPENSSL_BLAH_WOOF..
ok jsing@ tedu@ deraadt@
|
| | |
|
| |
|
|
| |
ok bcook@
|
| |
|
|
| |
ok miod@ bcook@
|
| | |
|
| |
|
|
|
|
| |
Jeff Trawick, Jean-Paul Calderone, Michal Bozon, Jeffrey Walton and Rich Salz,
via OpenSSL trunk (with some parts not applying to us, such as SSLv2 support,
at least partially removed).
|
| |
|
|
| |
the CCS_OK flag. From OpenSSL trunk.
|
