summaryrefslogtreecommitdiff
path: root/src (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Move leaf certificate checks to the last thing after chain validation.beck2022-06-253-20/+317
| | | | | | | | While seemingly illogical and not what is done in Go's validator, this mimics OpenSSL's behavior so that callback overrides for the expiry of a certificate will not "sticky" override a failure to build a chain. ok jsing@
* Use ints for boolean values.jsing2022-06-251-31/+31
| | | | | | | Switch to using ints for boolean values and use 0 or 1 for constructed, rather than using 0 the ASN.1 tag encoded value (1 << 5). ok tb@
* Reuse ASN1_INTEGER functions for ASN1_ENUMERATED_{get,set}()jsing2022-06-252-56/+59
| | | | | | | Instead of having a separate get/set implementation, reuse the ASN1_INTEGER code. Also prepare to provide ASN1_ENUMERATED_{get,set}_int64(). ok beck@ tb@
* Check pointer argument after {d2i,i2d}_ASN1_{BIT_STRING,BOOLEAN,INTEGER}()jsing2022-06-251-2/+46
|
* Add regress for ASN1_INTEGER_{get,set}_{u,}int64()jsing2022-06-251-1/+103
|
* Rewrite ASN1_INTEGER_{get,set}() using CBS/CBBjsing2022-06-254-65/+197
| | | | | | In the process, prepare to provide ASN1_INTEGER_{get,set}_{u,}int64(). ok beck@ tb@
* Simplify ASN1_INTEGER_cmp()jsing2022-06-251-16/+9
| | | | ok beck@ tb@
* Add regress for ASN1_INTEGER_cmp()jsing2022-06-251-1/+76
|
* Use dynamic linking correctly. bntest and bn_to_string need static linking.tb2022-06-231-3/+5
|
* Explicitly include fcntl.h and unistd.h for pipe2tb2022-06-221-1/+4
|
* Fix format strings for size_ttb2022-06-221-5/+5
|
* Fix format string: use %zu for size_t, not %lu.tb2022-06-221-3/+3
|
* Error out on negative shifts in BN_{r,l}shift()tb2022-06-221-1/+13
| | | | | | | | | | Without these checks in both functions nw = n / BN_BITS2 will be negative and this leads to out-of-bounds accesses via negative array indices and memset with a negative size. Pointed out by cheloha ok jsing
* Tweak a commenttb2022-06-201-2/+2
|
* Flip roles of lowercase and uppercase A and B.tb2022-06-201-44/+44
| | | | | | | This matches Cohen's text better and makes the entire thing easier to read. suggested by jsing
* Clean up BN_kronecker()tb2022-06-201-73/+88
| | | | | | | | | | Instead of "Cohen's step N" explain in words what is being done. Things such as (A & B & 2) != 0 being equivalent to (-1)^((A-1)(B-1)/4) being negative are not entirely obvious... Remove the strange error dance and adjust variable names to what Cohen's book uses. Simplify various curly bits. ok jsing
* Fix some bizarre indentation and line breaks.tb2022-06-201-8/+7
|
* Use uppercase for SUCCESS for consistencytb2022-06-191-2/+2
|
* None of these tests needs to link statically.tb2022-06-192-4/+4
|
* Drop bogus DPADD += ${LIBSSL}tb2022-06-193-7/+6
|
* Quick regression test that checks that BN_is_prime_fasttest_ex()tb2022-06-182-1/+97
| | | | | recognizes the primes in the primes[] table with and without trial division. Would have caught the bug fixed in bn_primes.c r1.9.
* Fix prime recognition when doing trial divisionstb2022-06-181-2/+2
| | | | | | | | | If gcd(a, primes[i]) == 0 then a could still be a prime, namely in the case that a == primes[i], so check for that case as well. Problem noted by Martin Grenouilloux ok jsing
* Switch to using TLS_INT instead of handrolling ittb2022-06-151-3/+2
|
* More %i vs %d cleanuptb2022-06-107-20/+20
|
* do not refuse valid IPv6 addresses in -X connect (HTTP CONNECT proxy)djm2022-06-081-2/+2
| | | | support. Identified by Wilmer van der Gaast, ok millert@
* KNF, mostly whitespace - no binary change on amd64tb2022-06-081-22/+19
|
* Fix format strings: change %i, %li, %lli to %d, %ld, %lld and switch totb2022-06-071-18/+18
| | | | | %zu for master_key_length, session_id_length and sid_ctx_length, which are now size_t.
* Change the loop index from an unsigned int to size_t now that alltb2022-06-071-2/+2
| | | | | | upper bounds are known to be size_t. ok jsing
* Simplify another CBS_write_bytes() call in d2i_SSL_SESSION()tb2022-06-071-5/+2
| | | | ok jsing
* Switch sid_ctx_length in SSL, SSL_CTX and SSL_SESSION to a size_ttb2022-06-071-4/+4
| | | | ok jsing
* Use CBS_write_bytes() instead of manual unpacking of a CBS and assigningtb2022-06-071-3/+5
| | | | | | | length and using memcpy(). This also provides a missing overflow check (which is done by the only caller, however). ok jsing
* Simplify various CBS_write_bytes() callstb2022-06-073-13/+7
| | | | | | | Now that session_id_length is a size_t, we can pass it directly to CBS_write_bytes() instead of using a temporary variable. ok jsing
* Switch SSL_SESSION's session_id_length to a size_ttb2022-06-071-2/+2
| | | | ok jsing
* Add missing error check call in ssl3_get_new_session_ticket()tb2022-06-071-4/+9
| | | | | | | EVP_Digest() can fail, so handle failure appropriately and prepare switch of session_id_length to a size_t. ok jsing
* Another small readability tweak: compare explicitly against 0 and NULL,tb2022-06-071-4/+3
| | | | | | respectively ok jsing
* Tweak readability of a test: compare tmp explicitly against 0 and droptb2022-06-071-2/+2
| | | | | | redundant parentheses. ok jsing
* Add a cast to SSL_SESSION_get_id() to indicate that session_id_lengthtb2022-06-071-2/+2
| | | | | | | is deliberately reduced to an unsigned int. Since the session_id is at most 32 bytes, this is not a concern. ok jsing
* fix indenttb2022-06-071-2/+2
|
* Unindent and simplify remove_session_lock()tb2022-06-071-21/+22
| | | | ok jsing (who informs me he had the same diff in his jungle)
* Drop an unnecessary casttb2022-06-071-2/+2
| | | | ok jsing
* Simplify CBS_write_bytes() invocationtb2022-06-071-5/+2
| | | | | | | Now that master_key_length is a size_t, we no longer have to fiddle with data_len. We can rather pass a pointer to it to CBS_write_bytes(). ok jsing
* The master_key_length can no longer be < 0tb2022-06-071-2/+2
| | | | ok jsing
* Switch the SSL_SESSION's master_key_length to a size_ttb2022-06-071-2/+2
| | | | ok jsing
* Add error checking to tls_session_secret_cb() callstb2022-06-072-32/+49
| | | | | | | | | | | Failure of this undocumented callback was previously silently ignored. Follow OpenSSL's behavior and throw an internal error (for lack of a better choice) if the callback failed or if it set the master_key_length to a negative number. Unindent the success path and clean up some strange idioms. ok jsing
* Use SSL3_CK_VALUE_MASK instead of hardcoded 0xffff and remove sometb2022-06-062-12/+6
| | | | | | SSLv2 remnants. ok jsing
* Tweak comment describing the SSL_SESSION ASN.1tb2022-06-061-4/+5
| | | | ok jsing
* Minor style cleanup in ssl_txt.ctb2022-06-061-23/+41
| | | | | | | Wrap long lines and fix a bug where the wrong struct member was checked for NULL. ok jsing
* Fix comment + spacing.tb2022-06-061-2/+2
| | | | | Apparently 60 * 5 + 4 seconds is 5 minutes. Presumably this is the case with sufficiently potent crack, which would explain a few things in here.
* Remove incorrect and ungrammattical commenttb2022-06-061-3/+2
| | | | | The fallback to SHA-1 if SHA-256 is disabled fell victim to tedu many moons ago when this file was still called s3_clnt.c and had no RCS ID.
* Fix spaces before tabstb2022-06-061-12/+12
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 20:48:45 +0000