summaryrefslogtreecommitdiff
path: root/src/lib (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* reset host, port, path to null after freeing so the caller doesn'ttedu2014-07-092-2/+8
| | | | | accidentally free them again. actually a bug in the caller and (hey hey) apps/ocsp.c has exactly that bug, but it's easier/safer to fix here.
* stale prototypetedu2014-07-092-4/+2
|
* Make comments readable.jsing2014-07-092-54/+66
|
* More KNF.jsing2014-07-0938-644/+662
|
* KNF.jsing2014-07-094-246/+216
|
* reduce obvious dependency on global g_pool by moving to local aliasestedu2014-07-091-42/+48
| | | | ok otto
* ocsp_check_ids says "If algoritm mismatch let caller deal with it" beforetedu2014-07-092-12/+2
| | | | | | returning 2. The one and only caller doesn't check for that, so... Stop returning it. ok miod
* Update to match the current state of crypto/rand, and remove MLINKS formiod2014-07-099-199/+31
| | | | RAND_event and RAND_screen.
* Remove mention that the PRNG needs to be seeded before invoking somemiod2014-07-0928-73/+8
| | | | functions.
* Unifdef -UPKCS_TESTVECT - we don't want the random data used in OAEP paddingmiod2014-07-092-12/+2
| | | | to get overwritten by a known value, ever.
* rephrase the stpcpy() warningnaddy2014-07-091-2/+2
| | | | new wording agreed by at least kettenis@ millert@ otto@
* {malloc,reallocarray} + memset(,0,) -> callocmiod2014-07-094-14/+10
| | | | ok tedu@
* Clean up after arc4random u_int32_t uint32_t changebeck2014-07-091-5/+5
| | | | ok jsing@
* changes to improve portabilitybcook2014-07-091-10/+11
| | | | ok beck@ deraadt@ jsing@ guenther@
* Replace memset(a, 0, ...); free(a); by explicit_bzero(a, ...); free(a); inmiod2014-07-092-4/+4
| | | | | | | fear a smartass-optimizing compiler decides memset is useless immediately before free(). ok jsing@ deraadt@ tedu@
* Remove leading underscore from _BYTE_ORDER and _{LITTLE,BIG}_ENDIAN, to bemiod2014-07-0922-120/+120
| | | | | more friendly to systems where the underscore flavours may be defined as empty. Found the hard way be bcook@; joint brainstrom with bcook beck and guenther
* miod@ fixed the "bug" so remove reference to it in the man pod^Wpage.jsing2014-07-092-10/+0
|
* add <sys/filio.h> header for FIONBIObcook2014-07-092-2/+4
| | | | ok beck@
* Clean up and simplify SSL_CIPHER_description by always using asprintf. Ifjsing2014-07-092-108/+108
| | | | | | | a buffer was supplied then we copy the result into it. Also make the failure case return values match the documentation. Joint work with beck@
* Simplify error path of DH_check_pub_key()miod2014-07-092-16/+8
|
* KNFmiod2014-07-0918-1134/+1198
|
* remove unused variables getentropy for OS Xbcook2014-07-092-6/+6
| | | | ok beck@
* tedu the SSL export cipher handling - since we do not have enabled exportjsing2014-07-0921-724/+93
| | | | | | ciphers we no longer need the flags or code to support it. ok beck@ miod@
* cast ASN1_STRING (unsigned char *) to match strlcat's argument (char *)bcook2014-07-092-4/+4
| | | | ok beck@
* remove unused, private version strings except SSL_version_strbcook2014-07-0972-340/+70
| | | | | | Also remove unused des_ver.h, which exports some of these strings, but is not installed. ok miod@ tedu@
* Make use of this wonderful modern C construct known as a `switch', instead ofmiod2014-07-092-22/+34
| | | | 8-line if() tests.
* KNFmiod2014-07-0922-1812/+1878
|
* Kill more FIPS tentacles by removing the private_AES_set_{enc,dec}rypt_key()miod2014-07-0916-168/+120
| | | | | | | | internal interfaces, and promoting them to being the public AES_set_{enc,dec}rypt_key() interfaces. In non-FIPS mode, these public interfaces were directly calling the private ones. ok guenther@ jsing@
* Be more strict in RSA_padding_check_X931(), and thus avoid a possiblemiod2014-07-092-4/+4
| | | | | memcpy() with a negative size. ok tedu@
* Remove typecasts on password_callback.bcook2014-07-093-20/+15
| | | | | | | Rather than casting password_callback to the correct function pointer signature at every call site, change it to match the signature instead. ok miod@ deraadt@ tedu@
* In the old days (not in this century), SSLeay 0.4.5 would create X.509 RSAmiod2014-07-092-28/+6
| | | | | | | | | signatures using the wrong oid for the signature type. The signature verification code has thus been modified to allow these signatures to be accepted, with a printf to stderr to notify the user something was fishy. Remove this chunk; these signatures will no longer get accepted. ok deraadt@ guenther@ jsing@ tedu@
* Remove RSA_memory_lock(). This undocumented function sort-of serializes yourmiod2014-07-094-102/+4
| | | | | | | | | | RSA components to memory and clears them, but there is no unserializing function, so its usefulness is close to zero. A grep through the ports tree sources show that it is only present in ports embedding their own openssl copy, and never used otherwise. ok jsing@
* remove unused dynamic_cmd_defns_empty structure.bcook2014-07-092-8/+2
| | | | ok miod@ deraadt@ guenther@
* RSA_NULL used to be a compile option allowing the RSA interfaces to bemiod2014-07-099-354/+10
| | | | | | | | compiled-in, with nonfunctional code, to be able to cope with the RSA patent. However, we don't use this option, and the RSA patent has expired more than 10 years ago, so just drop this piece.
* KNFmiod2014-07-0938-3934/+3918
|
* Mark the weakened 40-bit export ciphers as invalid - no one in their rightjsing2014-07-082-18/+18
| | | | | | mind should be using them. ok deraadt@ miod@
* Remove SSL_FIPS.jsing2014-07-086-188/+172
| | | | ok deraadt@ miod@
* Nuke SSL_NOT_EXP since it does nothing.jsing2014-07-084-252/+250
| | | | ok deraadt@ miod@
* Document SSL_CIPHER_description() will now use asprintf if passed a NULLmiod2014-07-081-5/+5
| | | | buffer.
* Do not suggest using BUF_strdup() preferably to strdup() for fallaciousmiod2014-07-081-4/+1
| | | | reasons.
* Match the current state of the code.miod2014-07-081-3/+3
|
* replace malloc(strlen())/strlcpy with strdupbcook2014-07-082-6/+4
| | | | ok beck@ jsing@
* Define SMALL_REGISTER_BANK on arm and vax, for it generates faster code formiod2014-07-082-2/+10
| | | | | these systems (vax being 30% faster!). (surprisingly, the prime candidate for SMALL_REGISTER_BANK, SuperH, runs actually slower in that case)
* Remove undocumented _des_crypt() interface and its companion header file,miod2014-07-085-464/+2
| | | | | | | which had never been installed, so it's unlikely something ever used this in the last 15~20 years. ok deraadt@ jsing@ beck@
* pedantic avoidance of division by zero, likely not actuallybeck2014-07-082-2/+12
| | | | | possible to hit for real. ok miod@ jsing@
* add missing stdint. include for uint32_t, etc.bcook2014-07-082-2/+8
| | | | ok beck@ jsing@
* We do not care about broken Borland C pre-processors.jsing2014-07-082-10/+6
| | | | ok beck@ deraadt@
* Pretty much everything has SO_REUSEADDR - nuke the #ifdefs.jsing2014-07-082-10/+2
| | | | ok beck@
* We have EAI_FAMILY - remove the #ifdefs.jsing2014-07-082-10/+2
| | | | ok beck@
* getentropy for osx and solaris. will be needed for a portable releasebeck2014-07-084-0/+1676
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-04 13:55:16 +0000