summaryrefslogtreecommitdiff
path: root/src (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* use freezero() instead of memset/explicit_bzero + free. Substantiallyderaadt2017-05-0238-238/+109
| | | | | | | | | | reduces conditional logic (-218, +82). MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c wasn'tt quite right. Two other tricky bits with ASN1_STRING_FLAG_NDEF and BN_FLG_STATIC_DATA where the condition cannot be collapsed completely. Passes regress. ok beck
* No original OpenSSL code remains in this file. Relicensebeck2017-04-301-54/+13
|
* whitespacebeck2017-04-301-3/+3
|
* Make BIO_get_host_ip just yet another getaddrinfo wrapperbeck2017-04-301-27/+20
|
* Rework BIO_accept to be more like modern code.beck2017-04-301-54/+19
| | | | ok jsing@
* Only enable -Werror on libcrypto/libssl/libtls if we are building withjsing2017-04-303-7/+14
| | | | | | | gcc4. This should avoid failed builds while transitioning compilers. While here also make the CFLAGS blocks consistent across makefiles. Discussed with deraadt@, ok beck@
* Switch back to freezero() and explicitly initialise data_len to zero. Thejsing2017-04-301-6/+3
| | | | | previous code was safe since data would always be NULL if data_len was uninitialised, however compilers cannot know this.
* Microsoft Windows hates BIO_get_accept_socket in portable. Fix it tobeck2017-04-301-115/+35
| | | | | | not be awful or have any claims on supporting ipv6 when it does so very badly ok jsing@
* Add missing tls_init() and tls_free() calls.jsing2017-04-301-1/+4
|
* Add a tls_keypair_clear_key() function that uses freezero() to make keyjsing2017-04-301-5/+11
| | | | | | material inaccessible, then call it from the appropriate places. ok beck@
* Fix a bug caused by the return value being set early to signal successfuljsing2017-04-291-5/+5
| | | | | | | | | | | | | | | DTLS cookie validation. This can mask a later failure and result in a positive return value being returned from ssl3_get_client_hello(), when it should return a negative value to propagate the error. Ironically this was introduced in OpenSSL 2e9802b7a7b with the commit message "Fix DTLS cookie management bugs". Fix based on OpenSSL. Issue reported by Nicolas Bouliane <nbouliane at jive dot com>. ok beck@
* Revert previous - we still want to do this, but I forgot about the installerbeck2017-04-292-14/+6
| | | | | and want to avoid the wrath of theo when he arrives home in a couple of hours :)
* We now require you to have a working libpthreadbeck2017-04-291-1/+2
|
* Make it safe to call SSL_library_init more than once.beck2017-04-291-5/+12
| | | | | | We are basically admitting that pthread is everywhere, and we will be using it for other things too. ok jsing@
* Stop calling OPENSSL_init() internally, since it is a no-op. Also placejsing2017-04-293-9/+4
| | | | | | it under #ifndef LIBRESSL_INTERNAL. ok beck@
* Switch Linux getrandom() usage to non-blocking mode, continuing tobeck2017-04-291-6/+9
| | | | | | | | | | use fallback mechanims if unsuccessful. The design of Linux getrandom is broken. It has an uninitialized phase coupled with blocking behaviour, which is unacceptable from within a library at boot time without possible recovery. ok deraadt@ jsing@
* Revert previous change that forced consistency between return value andbeck2017-04-281-10/+2
| | | | | | | error code, since this breaks the documented API. Under certain circumstances this will result in incorrect successful certiticate verification (where a user supplied callback always returns 1, and later code checks the error code to potentially abort post verification)
* revert previous accidental commitbeck2017-04-285-25/+46
|
* *** empty log message ***beck2017-04-285-46/+25
|
* Remove "len < 0" check; len is socklen_t (uint32_t) so can't bemillert2017-04-271-2/+2
| | | | negative. Quiets a warning from clang. OK bluhm@
* tls_free(3) and tls_config_free(3) accept NULL;schwarze2017-04-272-4/+14
| | | | | patch from Matthew Martin <phy1729 at gmail dot com>, slightly tweaked by me
* Rearrange text a bit to make it clear what "discarded" means; ok jmc@ deraadt@otto2017-04-231-8/+13
|
* For small allocations (chunk) freezero only validates the givenotto2017-04-221-5/+10
| | | | | | | | size if canaries are enabled. In that case we have the exact requested size of the allocation. But we can at least check the given size against the chunk size if C is not enabled. Plus add some braces so my brain doesn't have to scan for dangling else problems when I see this code.
* Fix previous.visa2017-04-201-2/+2
|
* Get TCB address using the RDHWR instruction instead of __get_tcb().visa2017-04-201-4/+5
| | | | | | | | | | | This gives fast access to the address on systems that implement the UserLocal register. TCB caching is still used when running in the single-threaded mode in order not to penalize old systems. The kernel counterpart of this change must be in place before using this diff! With guenther@
* don't forget to fill in canary bytes for posix_memalign(3); reported byotto2017-04-181-1/+4
| | | | and ok jeremy@
* use freezero() instead of 4-line conditional explicit_bzero + freederaadt2017-04-184-28/+10
|
* consictently use .Dv NULL and a few other tweaks; ok schwarze@otto2017-04-171-20/+17
|
* whitespace fixesotto2017-04-171-14/+14
|
* Use INT_MAX instead of SIZE_MAX as the maximum file size we can handle.kettenis2017-04-161-2/+2
| | | | | | Fixes this test on 64-bit architectures. ok visa@
* Define DEF_WEAK like we do for ld.so to fix building this with clang.kettenis2017-04-161-1/+2
| | | | ok millert@, deraadt@
* Move comments into a block and uses {} to unconfuse reading.deraadt2017-04-161-12/+13
|
* Use %zu to print a size_t.kettenis2017-04-161-2/+2
|
* Remove unused rnd_seed variable. Upstream made the same change 4 days ago.kettenis2017-04-161-3/+0
| | | | Fixes compiling this test using clang on arm64.
* backout previous, data_len is not always initializedotto2017-04-161-2/+5
|
* Use freezero(3) when cleaning up session tickets - not only does it requirejsing2017-04-141-6/+3
| | | | | less code, but there is also a potential performance gain since they can be larger allocations.
* Use freezero(3) to clean up the X25519 keys - simpler, cleaner code.jsing2017-04-141-6/+3
|
* Use freezero(3) in the CBB clean up path, since this could hold sensitivejsing2017-04-141-3/+2
| | | | information (such as master keys).
* Switch i2d_SSL_SESSION() back to freezero(3) now that the size constraintsjsing2017-04-141-5/+2
| | | | have been relaxed.
* Clean up server key exchange EC point handling. Encode the point directlyjsing2017-04-141-27/+15
| | | | | | | | into the CBB memory, rather than mallocing and memcpying, which also makes makes the code more consistent with the client. Add a missing check for the first EC_POINT_point2oct() call. ok beck@
* allow clearing less than allocated and document freezero(3) betterotto2017-04-132-13/+26
|
* New strstr() implementation from musl libc by Rich Felker. Thismillert2017-04-121-44/+180
| | | | | | | | version uses the two-way string matching algorithm and is faster than the old implementation. With this change, ports that check for strstr having linear complexity time strstr will no longer replace the libc strstr with a private version. OK deraadt@ espie@
* Revert ssl_asn1.c r1.50 - CBB and freezero(3) do not play nicely together.jsing2017-04-111-2/+5
| | | | | | Back this out while we investigate and implement a solution. Found the hard way by sthen@
* new X25519(3) manual page;schwarze2017-04-105-10/+113
| | | | from Dr. Stephen Henson <steve@openssl.org>, OpenSSL commit d218f3c3
* Use freezero() for the internal opaque structures, instead of the currentjsing2017-04-103-18/+9
| | | | explicit_bzero()/free(). Less code and potentially less overhead.
* Use freezero() for X25519 keys - same result with more readable code.jsing2017-04-101-7/+3
|
* document three additional functions;schwarze2017-04-101-7/+60
| | | | from Emilia Kasper <emilia at openssl dot org>, OpenSSL commit 4ac139b4
* Rework and significantly extend TLS name verification tests to matchjsing2017-04-101-99/+377
| | | | changes in libtls.
* Rework name verification code so that a match is indicated via an argument,jsing2017-04-105-47/+76
| | | | | | | | | | rather than return codes. More strictly follow RFC 6125, in particular only check the CN if there are no SAN identifiers present in the certificate (per section 6.4.4). Previous behaviour questioned by Daniel Stenberg <daniel at haxx dot se>. ok beck@ jca@
* freezero() the key block; simpler code and less of it.jsing2017-04-101-7/+3
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-19 11:33:58 +0000