| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The most terrible code in OpenSSL has its roots in libdes, which came
before SSLeay. Hello, LHASH. Hello speed app. Hello DES (obviously).
There are some diary-style changelog comments dating all the way back
to 1990.
/* This has some uglies in it but it works - even over sockets. */
Well, kind of:
* - This code cannot handle non-blocking sockets.
Also:
/* >output is a multiple of 8 byes, if len < rnum
* >we must be careful. The user must be aware that this
* >routine will write more bytes than he asked for.
* >The length of the buffer must be correct.
* FIXED - Should be ok now 18-9-90 - eay */
Or
/* This is really a bad error - very bad
* It will stuff-up both ends. */
Or
#ifdef _LIBC
extern unsigned long time();
extern int write();
#endif
I can't even...
Delete, delete, delete.
ok jsing
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
(where it doesn't conflict with a local variable)
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Take the MAC before clobbering the input value on decryption. Fixes hangs
during the QUIC handshake with HAProxy using TLS_CHACHA20_POLY1305_SHA256.
Found, issue pinpointed, and initial fix tested by Lucas Gabriel Vuotto:
Let me take this opportunity to thank the HAProxy team for going out of
their way to keep supporting LibreSSL. It's much appreciated.
See https://github.com/haproxy/haproxy/issues/2569
tweak/ok jsing
|
| | |
|
| |
|
|
| |
This error comes from upstream, where it is still wrong.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
feedback and ok tb@
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
No change in the generated assembly
|
| | |
|
| |
|
|
|
| |
Use less horrcble variable names and make it explicit that both output
arguments are allowed to be NULL.
|
| | |
|
| | |
|
| |
|
|
| |
No change in the generated assembly
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
This avoids a dangling reference in i2s_ASN1_ENUMERATED_TABLE.
To complete this manual, someone will need to document X509V3_EXT_METHOD,
but that's for a much more rainy day than today.
|
| |
|
|
| |
looks good to jmc
|
| |
|
|
|
|
| |
This function is only used by OpenLDAP and it's been a noop since
forever. It has no business to be squeezed in between a number of
other, quite unrelated functions. It's distracting.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
It is dubious whether this opaque struct's internals should be documented
in the first place. This also has been incomplete since forever. For now
zap the stuff that no longer exists and make an attempt at matching KNF a
bit more closely.
|
| |
|
|
|
|
|
| |
There are no accessors to set them, so this has been involved in a bunch
of dead logic ever since we made DSA opaque a few years ago.
ok jsing
|
| |
|
|
|
|
|
| |
I could not find any use of this in all of OpenSSL's git history since
SSLeay 0.8.1b.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
While eckey_from_explicit_params() frees *out_eckey, eckey_from_object()
and eckey_from_params() do not. These functions are currently all callled
with a NULL *out_eckey, but the latter two would leak if that should ever
change.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
This information has been part of tls12_key_block_generate() for a while
now. It remained in this table because at that point SSL_CIPHER was still
public. Nothing can access algorithm2 anymore from the outside, so this is
dead weight.
ok jsing
|
| |
|
|
| |
ok djm
|
| | |
|
| |
|
|
| |
no functional change
|
| | |
|
| |
|
|
| |
no functional change
|
| | |
|
| |
|
|
|
|
| |
Test & assign and use ret instead of rv.
ok jsing
|
| |
|
|
|
|
|
| |
Use better variable names, split the success from the error path and
return directly rather than using an ok variable.
ok jsing
|
