summaryrefslogtreecommitdiff
path: root/src (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Remove hacky workaround for Cray T3E.deraadt2014-04-191-11/+0
| | | | ok guenther
* More KNF.jsing2014-04-198-522/+758
|
* oops, typo got into changederaadt2014-04-191-1/+1
|
* More KNF.jsing2014-04-196-20/+28
|
* malloc + strlcpy -> strdupderaadt2014-04-191-3/+2
|
* unifdef ENOTDIR, everyone has itderaadt2014-04-191-15/+3
|
* We'll interpret a (void) cast on snprintf() to mean it's been verified thatguenther2014-04-1955-147/+147
| | | | | | truncation is either desirable, not an issue, or is detected and handled later ok deraadt@
* Use somewhat harsher language and better examples; demonstrate thatderaadt2014-04-194-109/+88
| | | | | non-dangerous use functions is difficult. ok guenther
* Split inet(3) into three pages by decade: 1980s -> inet_lnaof(3),guenther2014-04-194-183/+320
| | | | | | 1990s -> inet_addr(3), 2000s and beyond -> inet_ntop(3). ok tedu@ (who also noted the timeline) deraadt@ jmc@
* egd is gonederaadt2014-04-194-38/+3
|
* The internal ssl2_* functions and variables are goneguenther2014-04-192-60/+0
|
* More KNF.jsing2014-04-198-1370/+1522
|
* Add SSL_OP_NO_TLSv1_1 and SSL_OP_NO_TLSv1_2guenther2014-04-191-4/+13
| | | | Document that SSL_OP_NO_SSLv2 is a no-op now
* More KNF and style consistency tweaksguenther2014-04-1953-479/+465
|
* More KNF.jsing2014-04-1912-760/+942
|
* More KNF.jsing2014-04-1912-726/+868
|
* More KNF.jsing2014-04-1914-406/+414
|
* use intrinsic strlcpy and strlcat everywhere so we only have one set ofbeck2014-04-1931-106/+106
| | | | | | funcitons to check for incorrect use. keep BUF_strlcpy and BUF_strlcat for API comptibility only. ok tedu@
* OPENSSL_gmtime() is really just gmtime_r(); ok guentherderaadt2014-04-1810-26/+12
|
* spacingtedu2014-04-182-20/+22
|
* remove references to rshd;jmc2014-04-182-15/+6
|
* tone down some XXXXX to not appear in greptedu2014-04-185-5/+5
|
* XXXXXXXXXXXXXXXX -> XXXtedu2014-04-182-6/+6
| | | | XXXXXXXXXXXXXXXXXXXXXXX -> XXXX
* unifdef NO_SOCKtedu2014-04-188-16/+0
|
* now that knf carpet bombing is finished, switch to hand to hand combat.tedu2014-04-184-346/+332
| | | | | still not sure what to make of mysteries like this: for (i = 7; i >= 0; i--) { /* increment */
* Unsurprisingly, since <unistd.h> was so darn hard to find for OpenSSL developersbeck2014-04-1810-62/+8
| | | | | | | | they had resorted to manually protyping read(2) instead of incredible amount of preprocessor wizardry needed to find the ever illusive <unistd.h>. Let's just include <unistd.h> and we don't need to do this.. While we're at it flense out _OSD_POSIX and __DGJPP__ cruft. ok krw@
* ECDSA signature computation involves a random number. Remove the test trying tomiod2014-04-181-116/+0
| | | | | force what RAND_bytes() will return and comparing it against known values - I can't let you do this, Dave.
* collateral damagetedu2014-04-181-0/+1
|
* no app_rand.ctedu2014-04-181-2/+2
|
* $HOME/.rnd will never be a good source of entropy. ok becktedu2014-04-1823-392/+2
|
* Do not ask the user to pass either -DB_ENDIAN or -DL_ENDIAN to the compiler,miod2014-04-189-37/+37
| | | | | | | but rather figure out the endianness from <machine/endian.h> automagically; help from guenther@ ok jca@ guenther@ beck@ and the rest of the `Buena SSL rampage club'
* Shrink a local buffer to the size it really needs to be; this is the onlymiod2014-04-182-2/+2
| | | | | | discrepancy found while checking proper {HEX,DECIMAL}_SIZE macro usage, which is confusing enough. tweaks and ok jca@, ok guenther@
* eroMgib dne- nai 68xtnetelca .smiod2014-04-182-14/+4
|
* Not welcomemiod2014-04-182-302/+0
|
* typomiod2014-04-182-2/+2
|
* first round of static config. ok miodtedu2014-04-1826-1118/+0
|
* Use the cleaned up asprintf-based make_config_name() to make the name oflteo2014-04-182-18/+8
| | | | | | | | the config file instead of the malloc/BUF_strlcpy/BUF_strlcat calls with no return value checks (that make_config_name() also used to do prior to being cleaned up). ok beck@
* Check the return value of make_config_name() before attempting to uselteo2014-04-181-1/+6
| | | | | | the config filename. ok beck@
* anothertedu2014-04-181-3/+0
|
* another "string to make the random number generator think it has entropy"tedu2014-04-181-23/+0
|
* delete "string to make the random number generator think it has entropy"tedu2014-04-181-4/+0
|
* Put back i2d_ASN1_SET() and d2i_ASN1_SET() from the NO_ASN1_OLD prune, as theremiod2014-04-187-1/+518
| | | | | | | are still some 3rd-party code using it, and fixing them is not trivial. As an excuse gift, the memory leaks on failure in resurrected a_set.c have been fixed.
* this file is not relevantderaadt2014-04-181-25/+0
|
* guenther would prefer more separationtedu2014-04-182-0/+4
|
* we need to cranktedu2014-04-182-2/+2
|
* remove include files not neededderaadt2014-04-184-34/+4
|
* Document support for "openssl s_client -starttls lmtp"guenther2014-04-181-1/+1
|
* Finish zapping SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION usage; only keepguenther2014-04-185-25/+19
| | | | | | | the #define for compat, but document that it's a no-op now. Also, neuter the -legacy_renegotiation option to "openssl s_{client,server}" ok beck@
* use the portable construct around asprintf; pointed out by halexderaadt2014-04-183-3/+6
|
* Some dude named Tavis Ormandy reported a bug which has gone unfixed.tedu2014-04-182-0/+10
| | | | | | | | | | | http://marc.info/?l=openssl-users&m=138014120223264&w=2 Arguably a doc bug, but we argue not. If you parse a new cert into memory occupied by a previously verified cert, the new cert will inherit that state, bypassing future verification checks. To avoid this, we will always start fresh with a new object. grudging ok from guenther, after i threatened to make him read the code yet again. "that ok was way more painful and tiring then it should have been"
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-11 17:09:51 +0000