summaryrefslogtreecommitdiff
path: root/src/lib (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* move all the feature settings to a common header.tedu2014-07-1131-1875/+176
| | | | probably ok beck jsing miod
* Tolerate critical AKID in CRLs; OpenSSL PR #3014 via OpenSSL trunk, andmiod2014-07-112-14/+16
| | | | also update the comments to reflect what the code now does.
* Fix OID encoding for single components. OpenSSL PR #2556 via OpenSSL trunk.miod2014-07-112-2/+2
| | | | (be sure to make cleandir and make includes before building)
* More memory leaks and unchecked allocations; OpenSSL PR #3403 via OpenSSLmiod2014-07-118-14/+38
| | | | trunk. (note we had already fixed some of the issues in that PR independently)
* Fix incorrect duplicate mlinksbeck2014-07-111-8/+1
| | | | ok bcook@
* Make sure BN_sqr never returns negative numbers.miod2014-07-112-2/+4
| | | | OpenSSL PR #3400 via OpenSSL trunk.
* Accept CCS again after `finished' has been sent by the client; at this pointmiod2014-07-112-10/+12
| | | | | | | keys have been correctly set up so it is ok to accept CCS from the server. Without renegotiation can sometimes fail. OpenSSL PR #3400 via OpenSSL trunk.
* Correct incorrect mlinksbeck2014-07-111-5/+1
| | | | ok bcook@
* In dtls1_clear_queues(), free buffered_add_data.q correctly, it's made ofmiod2014-07-112-8/+8
| | | | | | DTLS1_RECORD_DATA, not hm_fragment. OpenSSL PR #3286 via OpenSSL trunk.
* Fix incorrect mlinksbeck2014-07-111-3/+1
| | | | ok bcook@
* Fix version number processing in cms_sd_set_version(); OpenSSL PR #3249 viamiod2014-07-112-6/+6
| | | | OpenSSL trunk.
* Remove duplicate 0x for salt len in output; Martin Kaiser via OpenSSL trunk.miod2014-07-112-4/+4
|
* When looking for the issuer of a certificate, if the current candidate ismiod2014-07-116-26/+194
| | | | | | | expired or not valid yet, continue looking; only return an expired certificate if no valid certificates have been found. OpenSSL PR #3359 via OpenSSL trunk.
* In ssl3_get_client_key_exchange() parsing a GOST session key, invoke themiod2014-07-112-26/+16
| | | | | regular ASN.1 parser rather than trying to handroll one and potentially misbehave; OpenSSL PR #3335 via OpenSSL trunk.
* Missing calloc() return value check in dgram_sctp_ctrl(); from Kurt Roeckx viamiod2014-07-112-22/+42
| | | | OpenSSL trunk
* Make CMS_decrypt_set1_pkey() return an error if no recipient type matches,miod2014-07-112-6/+8
| | | | instead of returning a random key; OpenSSL PR #3348 via OpenSSL trunk
* Missing initialization for error line in error paths; from Coverity viamiod2014-07-112-2/+8
| | | | OpenSSL trunk.
* Missing initialization; OpenSSL PR#3289 and #3345 via OpenSSL trunk.miod2014-07-112-4/+6
|
* Provide correct version details for LibreSSL.jsing2014-07-112-154/+6
| | | | ok beck@ deraadt@ miod@
* Clean up versioning and remove #ifdefs that we do not define.jsing2014-07-112-68/+18
| | | | ok beck@
* Make sure we leave OPENSSL_NO_PSK in the conf files so thingsbeck2014-07-1126-0/+26
| | | | | can know... ok jsing@
* Suspicions confirmed by sthen's searching that nothing uses ossl_ssize_tderaadt2014-07-111-3/+1
| | | | except embedded openssl's in other trees.
* pour some water on an ass emberderaadt2014-07-112-2/+2
| | | | spotted by doctor jsing, always keeping an eye out for these
* Fetch the specific license which will be used fromderaadt2014-07-112-0/+48
| | | | | | https://www.openssl.org/~appro/camellia/dist/BSD_license.txt It isn't our concern to supply the other licences mentioned in source files; that is realy not our problem.
* Add locking for __cxa_finalize() as it modifies the page permissions of thekettenis2014-07-111-1/+5
| | | | | | | __atexit tables and touches global variables. From Srinavasa Nagaraju through Android/Elliott Hughes. ok tedu@, guenther@
* Remove the commentary about the majority of this code being underderaadt2014-07-112-6/+4
| | | | | | | 'BSD-style Open Source licenses'. It is a bit improper of OpenSSL to classify themselves into the BSD community without a clear justification for the extra clauses / terms...
* More e_os2.h clean up. Also move the includes inside the guard.jsing2014-07-111-20/+12
| | | | ok deraadt@ who also has a similar diff.
* Revert change that snuck into previous commit.jsing2014-07-112-6/+2
|
* Remove the PSK code. We don't need to drag around thisbeck2014-07-1125-1507/+27
| | | | | baggage. ok miod@ jsing@
* better document perils of setuid getenv and xr with issetugidtedu2014-07-111-2/+10
| | | | ok deraadt
* The only thing openssl is consistant about is inconsistancy, so therederaadt2014-07-112-2/+2
| | | | | | | are many variations of their license and we need to say: licenses which follow: rather than license which follows:
* say hi to the bitbucketderaadt2014-07-115-12388/+0
|
* replace u_int8_t with uint8_tbcook2014-07-112-6/+10
| | | | ok beck@
* Only import cryptlib.h in the four source files that actually need it.jsing2014-07-11690-2194/+2290
| | | | | | | | Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
* Add a small note about LibReSSL at the start of this.beck2014-07-112-0/+14
| | | | ok jsing@
* No need to keep ssl23_foo() flavours mapping to ssl3_foo().miod2014-07-119-86/+24
| | | | ok tedu@
* Remove JPAKE remnants - there is no jpake.h, so if OPENSSL_NO_JPAKE wasjsing2014-07-114-16/+2
| | | | removed from opensslconf.h, this would no longer compile.
* Explicitly include <openssl/opensslconf.h> in every file that referencesjsing2014-07-10394-550/+1462
| | | | | | | | | an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included. This also includes some miscellaneous sorting/tidying of headers.
* OPENSSL_stderr() is unused so nuke it. OPENSSL_showfatal() is only used byjsing2014-07-104-24/+6
| | | | | | OpenSSLDie(), which is in the same file, so just make it static. ok miod@
* Use size_t as realloc() size argument whenever possible. ok tedu@miod2014-07-104-12/+16
|
* Simplify realloc() usage; ok tedu@miod2014-07-102-30/+12
|
* Upon realloc() failure, free() the original pointer and remove the stupidmiod2014-07-102-6/+6
| | | | | comments implying you don't have to. ok tedu@
* KNFmiod2014-07-102-52/+68
|
* Fix a double free in a can't-fail error path in PKCS7_decrypt(), by removingmiod2014-07-102-20/+12
| | | | | the error path altogether and simplifying the local variables as a result. joint work with jsing@; ok jsing@ tedu@
* remove unused variable from ssl3_get_client_hellobcook2014-07-102-6/+4
| | | | ok tedu@ miod@
* as noted by google/android via kettenis, atexit handlers can install newtedu2014-07-101-1/+8
| | | | | handlers. if this happens, restart the loop. ok kettenis matthew millert miod
* Inline the only use of the HEX_SIZE macro and nuke both DECIMAL_SIZE andjsing2014-07-104-14/+6
| | | | | | HEX_SIZE. ok beck@ miod@
* Make sure srp_Calc_k() digest operations are checked for error; frommiod2014-07-102-18/+34
| | | | Florian Zumbiehl (florz , florz . de) on tech@
* Make sure SRP_Calc_client_key() returns NULL instead of a pristine BN_new()miod2014-07-102-8/+18
| | | | upon error; from Florian Zumbiehl (florz , florz . de) on tech@
* Nuke OPENSSL_NONPIC_relocated since nothing uses it.jsing2014-07-104-8/+4
| | | | ok miod@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-23 06:40:04 +0000