summaryrefslogtreecommitdiff
path: root/src/lib (follow)
Commit message (Collapse)AuthorAgeFilesLines
* fix broken markup of callback arguments; found with mandoc -Tlintschwarze2017-06-102-11/+8
|
* repair broken markup of callback argument; found with mandoc -Tlintschwarze2017-06-101-5/+3
|
* Don't fall back to heapsort() if we would otherwise switch tomillert2017-05-301-7/+7
| | | | insertion sort (when the number of elements is < 7).
* Randomize link-order of libcrypto as we do with libc. This libraryderaadt2017-05-291-1/+2
| | | | | | | | | | | | | | has many small functions without significant local storage, therefore less tail protection from -fstack-protector-strong to prevent their use as ROP gadgets. It is used in security contexts. Also many functions dribble pointers onto the stack, allowing discovery of gadgets via the fixed relative addresses, so let's randomly bias those. ok tedu jsing The rc script will soon need a strategy for skipping this step on machines with poor IO performance. Or maybe do it less often? However, I don't see many more libraries we'll do this with, these are the two most important ones.
* Avoid a potential NULL pointer dereference in d2i_ECPrivateKey().jsing2017-05-261-1/+7
| | | | | | Reported by Robert Swiecki, who found the issue using honggfuzz. ok bcook@
* Add definitions for three OIDs used in EV certificates.jsing2017-05-252-0/+9
| | | | From Kyle J. McKay <mackyle at gmail dot com>
* Support swapping 32-bit aligned elements on 64-bit platforms.millert2017-05-241-22/+63
| | | | | Previously they would be swapped a byte at a time when sizeof(int) != sizeof(long). Idea from FreeBSD.
* Document that qsort falls back to heapsort() if the recursion depthmillert2017-05-201-3/+13
| | | | exceeds 2 lg N and add a reference to the introsort paper.
* Use David Musser's introsort algorithm to fall back to heapsort(3)millert2017-05-202-14/+45
| | | | | | when the recursion depth reaches 2*lg(n + 1). This avoids quicksort's quadratic behavior for pathological input without appreciably changing the average run time.
* The BSD qsort() performs tail recursion elimination on the secondmillert2017-05-171-10/+25
| | | | | | | | side of the array being partitioned to save on stack space. Greater savings can be gained by choosing recursion for the smaller side of the partition and eliminating recursion for the larger side. This also results in a small but measurable performance gain. OK otto@ schwarze@
* Plug a memory leak. The main_cert needs to be X509_free()ed sinceclaudio2017-05-161-0/+2
| | | | | | SSL_get_peer_certificate() increases the ref count whereas extra_certs do not because SSL_get_peer_cert_chain() won't increase ref counts. OK beck@
* Typo: freezeo -> freezerotb2017-05-151-3/+3
| | | | From "fenderq" on freenode via tj@
* - fix bug wrt posix_memalign(3) of blocks between half a page and a pageotto2017-05-132-8/+18
| | | | | - document posix_memalign() does not play nice with reacallocarray(3) and freezero(3)
* Fix a problem introduced in freezero() conversion and usejsg2017-05-111-2/+2
| | | | | | | | | | sizeof(struct) not sizeof(pointer). otto@ points out that on OpenBSD currently freezero() would have still zeroed the entire allocation, but this is not documented behaviour and may change in future. ok tom@
* BUF_MEM_grow_clean() returns an int, not a size_t. Humourously, on successjsing2017-05-081-3/+3
| | | | it returns "len", which is a size_t value, as an int...
* Drop cipher suites with DSS authentication - there is no good reason tojsing2017-05-071-197/+1
| | | | | | keep these around. ok beck@
* Instead of starting a 'zero-sized' CBB at the size of the first additionjsing2017-05-071-5/+8
| | | | | | | | to the CBB, then doubling, start with an initial size of 64 bytes. Almost all uses will exceed this size and we avoid multiple small recallocarray() calls during the initial usage. ok beck@
* Move state from ssl->internal to the handshake structure.beck2017-05-0715-256/+267
| | | | | | | while we are at it, convert SSLerror to use a function internally, so that we may later allocate the handshake structure and check for it ok jsing@
* Ensure that a client context has been connected before attempting tojsing2017-05-072-4/+12
| | | | complete a TLS handshake.
* Return an error if tls_handshake() is called on a TLS context that hasjsing2017-05-071-1/+6
| | | | already completed a TLS handshake.
* Bring in an SSL_HANDSHAKE structure and commence the great shovellingbeck2017-05-0611-113/+119
| | | | ok jsing@, gcc@, regress@
* Use freezero() for the tls_load_file() failure case, since we'rejsing2017-05-061-4/+4
| | | | | | potentially dealing with key material. Also switch a calloc to malloc, since we immediately copy the same amount of data to the newly allocated buffer.
* BIO_free_all() and EVP_PKEY_free() can be called with NULL.jsing2017-05-061-5/+3
|
* Be explicit about when it is safe to call tls_config_free().jsing2017-05-061-3/+8
| | | | Discussed with beck@
* Document tls_unload_file().jsing2017-05-061-3/+14
|
* Perform reference counting for tls_config. This allows tls_config_free() tojsing2017-05-064-6/+22
| | | | | | | | | be called as soon as it has been passed to the final tls_configure() call, simplifying lifetime tracking for the application. Requested some time ago by tedu@. ok beck@
* Provide a tls_unload_file() function, that frees the memory returned fromjsing2017-05-063-2/+10
| | | | | | | | a tls_load_file() call, ensuring that it the contents become inaccessible. This is specifically needed on platforms where the library allocators may be different from the application allocator. ok beck@
* Bring in HKDF, from BoringSSL, with regress tests modified to bebeck2017-05-063-1/+186
| | | | | in C. Ride previous minor bump ok tom@ inoguchi@ jsing@
* Provide SSL{,_CTX}_set_{min,max}_proto_version() functions.jsing2017-05-066-5/+115
| | | | | | Rides minor bump. ok beck@
* space needed between macro arg and punctuation;jmc2017-05-061-2/+2
|
* Bump minors for symbol addition in libcryptobeck2017-05-063-3/+3
| | | | ok jsing@
* Add ASN1_TIME_set_to to exported symbolsbeck2017-05-061-0/+4
| | | | ok jsing@
* Add ASN1_TIME_set_tm to set an asn1 from a struct tm *beck2017-05-063-5/+44
| | | | ok jsing@
* Add missing $OpenBSD$ tags.jsing2017-05-064-2/+4
|
* Move tls_config_skip_private_key_check() out from under HIDDEN_DECLS.claudio2017-05-041-2/+4
| | | | | | Even though this is not a real public interface we need the symbol in the shared library so that relayd can use it (needed for TLS key privsep) OK beck@
* make the description strings match the codederaadt2017-05-031-10/+10
|
* the XXXfree functions being called accept NULL, so don't check first.deraadt2017-05-023-26/+14
| | | | ok beck
* use freezero() instead of memset/explicit_bzero + free. Substantiallyderaadt2017-05-0238-238/+109
| | | | | | | | | | reduces conditional logic (-218, +82). MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c wasn'tt quite right. Two other tricky bits with ASN1_STRING_FLAG_NDEF and BN_FLG_STATIC_DATA where the condition cannot be collapsed completely. Passes regress. ok beck
* No original OpenSSL code remains in this file. Relicensebeck2017-04-301-54/+13
|
* Make BIO_get_host_ip just yet another getaddrinfo wrapperbeck2017-04-301-27/+20
|
* Rework BIO_accept to be more like modern code.beck2017-04-301-54/+19
| | | | ok jsing@
* Only enable -Werror on libcrypto/libssl/libtls if we are building withjsing2017-04-303-7/+14
| | | | | | | gcc4. This should avoid failed builds while transitioning compilers. While here also make the CFLAGS blocks consistent across makefiles. Discussed with deraadt@, ok beck@
* Switch back to freezero() and explicitly initialise data_len to zero. Thejsing2017-04-301-6/+3
| | | | | previous code was safe since data would always be NULL if data_len was uninitialised, however compilers cannot know this.
* Microsoft Windows hates BIO_get_accept_socket in portable. Fix it tobeck2017-04-301-115/+35
| | | | | | not be awful or have any claims on supporting ipv6 when it does so very badly ok jsing@
* Add a tls_keypair_clear_key() function that uses freezero() to make keyjsing2017-04-301-5/+11
| | | | | | material inaccessible, then call it from the appropriate places. ok beck@
* Fix a bug caused by the return value being set early to signal successfuljsing2017-04-291-5/+5
| | | | | | | | | | | | | | | DTLS cookie validation. This can mask a later failure and result in a positive return value being returned from ssl3_get_client_hello(), when it should return a negative value to propagate the error. Ironically this was introduced in OpenSSL 2e9802b7a7b with the commit message "Fix DTLS cookie management bugs". Fix based on OpenSSL. Issue reported by Nicolas Bouliane <nbouliane at jive dot com>. ok beck@
* Revert previous - we still want to do this, but I forgot about the installerbeck2017-04-292-14/+6
| | | | | and want to avoid the wrath of theo when he arrives home in a couple of hours :)
* We now require you to have a working libpthreadbeck2017-04-291-1/+2
|
* Make it safe to call SSL_library_init more than once.beck2017-04-291-5/+12
| | | | | | We are basically admitting that pthread is everywhere, and we will be using it for other things too. ok jsing@
* Stop calling OPENSSL_init() internally, since it is a no-op. Also placejsing2017-04-293-9/+4
| | | | | | it under #ifndef LIBRESSL_INTERNAL. ok beck@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-03 22:07:29 +0000