|  | Commit message (Collapse) | Author | Files | Lines | 
|---|
|  |  | 
|  |  | 
|  | Based on changes to OpenSSL trunk.
ok beck@ miod@ | 
|  |  | 
|  | ok jsing@ | 
|  | ``The probability that a randomly generated key is weak is -1/2^52,
  so it is not really worth checking for them.''
This kind of naively optimistic attitude is not compatible with security. | 
|  |  | 
|  | OK: beck@ | 
|  | add a function to use function pointers that does not take sizeof(fptr).
OK beck@ | 
|  | build on pre-EVP_CIPH_FLAG_DEFAULT_ASN1 codebases.
ok jsing@ | 
|  | done for other symmetric algorithms recently. | 
|  | constructs (a switch statement) and returns the appropriate string defined
by SSL_TXT_* for the given version, including support for DTLSv1 and
DTLSv1-bad. Use this function in SSL_get_version() and SSL_SESSION_print().
ok beck@ | 
|  | This allows us to remove the ERR_load_crypto_strings() call, along with
the various SSL_load_error_strings() and OpenSSL_add_ssl_algorithms()
calls scattered around the place.
ok beck@ | 
|  | definitions using C99 field initializers. No functional change. | 
|  | can copy this file (plus chacha_private.h) directly and reuse it
trivially.  Well, as long as they have a getentropy() as well..
ok beck | 
|  |  | 
|  | conditionals.
ok miod@ | 
|  |  | 
|  | OPENSSL_NO_X509_VERIFY. We're not going to build with these and the same
removal has already been done for libssl. | 
|  | load_config() once when we start.
ok miod@ | 
|  | instances.  This one for OPENSSL_ALLOW_PROXY_CERTS gets turned off first,
especially since it had this special comment:
/* A hack to keep people who don't want to modify their software happy */
ok beck jsing | 
|  | - first, BN_free == BN_clear_free in our libcrypto, so we do not need to
  treat CBIGNUM (crypto BN) separately from BIGNUM (regular BN).
- then, in bn_i2c(), since BN_bn2bin returns BN_num_bytes(input), take
  advantage of this to avoid calling BN_num_bytes() a second time.
  BN_num_bytes() is cheap, but this not a reason to perform redundant
  work.
- finally, in bn_c2i, if bn_new() fails, return early. Otherwise
  BN_bin2bn will try to create a BN too, and although this will probably
  fail since we were already out of memory, if we are on a threaded
  process and suddenly the allocation succeeds, we will leak it since it
  will never be stored in *pval.
ok jsing@ | 
|  | NULL.
ok deraadt@ guenther@ jsing@ | 
|  | Improves readability, keeps the code smaller so that it is warmer in your
cache.
review & ok deraadt@ | 
|  |  | 
|  | keep linux distros happy that don't have it.
ok bcook@ | 
|  | X509_STORE_CTX_free() accept NULL pointers as input without dereferencing them,
like all the other well-behaved *_CTX_free() functions do. | 
|  |  | 
|  |  | 
|  | now using this as upstream code.  The particular problem is systems
that contain older arc4random derivations lacking arc4random_uniform().
ok tedu miod | 
|  | using O_NOFOLLOW - cope with it as best as possible by trying two
different paths. - written by deraadt@ and kettenis@ | 
|  | ok beck@ miod@ | 
|  |  | 
|  | to interleave them within the conditions. Also fix wrapping and
indentation. | 
|  | From Thijs Alkemade via OpenSSL trunk
ok miod@ | 
|  | ok guenther | 
|  | is | 
|  |  | 
|  | consistent and secure-by-default API for SSL clients (and soon servers).
This is a long way from complete and the interface will likely change
substantially - committing now so that further work can happen in the tree.
Initiated by tedu@ and inspired by discussions with tedu@, beck@ and
other developers. | 
|  | bounds check, after reading the 2-, 3- or 4-byte size of the next chunk to
process. But the size fields themselves are not checked for being entirely
contained in the buffer.
Since reading past your bounds is bad practice, and may not possible if you
are using a secure memory allocator, we need to add the necessary bounds check,
at the expense of some readability.
As a bonus, a wrong size GOST session key will now trigger an error instead of
a printf to stderr and it being handled as if it had the correct size.
Creating this diff made my eyes bleed (in the real sense); reviewing it
made guenther@'s and beck@'s eyes bleed too (in the literal sense).
ok guenther@ beck@ | 
|  | detect versions distinct from OPENSSL_BLAH_WOOF..
ok jsing@ tedu@ deraadt@ | 
|  | RT. | 
|  | OpenSSL trunk | 
|  |  | 
|  | ok bcook@ | 
|  | ok miod@ | 
|  | ok miod@ bcook@ | 
|  |  | 
|  | Jeff Trawick, Jean-Paul Calderone, Michal Bozon, Jeffrey Walton and Rich Salz,
via OpenSSL trunk (with some parts not applying to us, such as SSLv2 support,
at least partially removed). | 
|  | the CCS_OK flag. From OpenSSL trunk. |