summaryrefslogtreecommitdiff
path: root/src/lib/libtls/tls_util.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* add missing #include <string.h>; ok tb@op2023-05-141-1/+2
|
* typo in commenttb2021-08-161-2/+2
|
* Null out pointers on asprintf() failure.tb2019-04-131-3/+7
| | | | | | | | These pointers will be passed to free. According to asprintf(3), "on OpenBSD, ret will be set to the null pointer, but this behavior should not be relied upon." ok jsing
* Only assign destlen when src is non-NULL.jsing2019-04-041-3/+4
| | | | This avoids ever having a non-zero len with a NULL pointer.
* Assert tedu's copyright since some of the code moved here is his.jsing2018-02-081-1/+2
|
* Split keypair handling out into its own file - it had already appearedjsing2018-02-081-1/+36
| | | | | | in multiple locations. ok beck@
* Be consistent with the goto label names used in libtls code.jsing2018-02-051-16/+16
| | | | No change to generated assembly.
* Use the tls_password_cb() callback with all PEM_read_bio_*() calls, so thatjsing2017-06-221-2/+2
| | | | | | | we can prevent libcrypto from going behind our back and trying to read passwords from standard input (which we may not be permitted to do). Found by jsg@ with httpd and password protected keys.
* Use freezero() for the tls_load_file() failure case, since we'rejsing2017-05-061-4/+4
| | | | | | potentially dealing with key material. Also switch a calloc to malloc, since we immediately copy the same amount of data to the newly allocated buffer.
* BIO_free_all() and EVP_PKEY_free() can be called with NULL.jsing2017-05-061-5/+3
|
* Provide a tls_unload_file() function, that frees the memory returned fromjsing2017-05-061-1/+7
| | | | | | | | a tls_load_file() call, ensuring that it the contents become inaccessible. This is specifically needed on platforms where the library allocators may be different from the application allocator. ok beck@
* Address some signed vs unsigned warnings and check that an integer valuejsing2016-11-041-4/+14
| | | | | | | | | is positive before passing it to several functions as a size_t. Additionally, in tls_load_file() there is not much point using calloc(), when we're immediately reading into the buffer (having an extra byte for NUL termination seems pointless given the API). ok beck@ miod@
* use the same type for buf as the return type in tls_load_filebcook2016-10-031-2/+3
| | | | ok tedu@, noted by kinichiro
* Indent labels with a space so that diff -p is more friendly.jsing2015-09-091-3/+3
| | | | Requested by bluhm@
* Add tls_load_file() as a helper to load certificates or encrypted keysreyk2015-02-071-1/+89
| | | | | | | | | into memory. This can be used for tls_config_set_ca_mem(), tls_config_set_cert_mem() or tls_config_set_key_mem(). With input from jsing@, tedu@ and henning@ OK tedu@
* Rename libressl to libtls to avoid confusion and to make it easier tojsing2014-10-311-0/+81
distinguish between LibreSSL (the project) and libressl (the library). Discussed with many.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-31 08:21:16 +0000