| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
| |
manual page strictly. Return -2 if the strings are not strict numbers.
The numbers remain in the range of "int". Range checking for these parameters
is done later in the pkey_*_ctl() functions, or sometimes in functions much
further downstream... but not always!!!
ok millert miod mikeb
|
| | |
|
| |
|
|
| |
behavior for certain inputs. From NetBSD. OK tedu@
|
| |
|
|
| |
which just emptied the file but didn't remove it.
|
| |
|
|
|
|
| |
They are obsoleted by the RFC3542 api.
ok mpi@
|
| |
|
|
|
|
| |
OpenSSL 1.0.0.
ok miod@ (a little while back)
|
| | |
|
| |
|
|
|
|
|
|
| |
Just kidding!
unifdef OPENSSL_NO_TLS since we will never want to actually do that.
ok deraadt@
|
| |
|
|
| |
ok beck
|
| | |
|
| |
|
|
|
|
| |
(From Jonas Maebe)
OK from beck@
|
| | |
|
| |
|
|
|
|
|
|
| |
to avoid potential null pointer dereference.
Based on david ramos work.
OK from miod@ and jsing@
|
| |
|
|
|
| |
atomicio writing out 64k in one direction will cause traffic in the other
direction to stall until it's complete. discussion with deraadt
|
| |
|
|
| |
from John-Mark Gurney
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
collateral damage.
The syncronous nature of this mechanism has hampered performance for
symmetric crypto relative to brute-force cpu. The assymetric crypto
support never really materialized in drivers.
So abandon the complexity.
ok tedu beck mikeb
some disagrement from djm but if he wants to test /dev/crypto ciphers
he should do it without this this gigantic API in the way
|
| | |
|
| | |
|
| |
|
|
|
|
| |
thing for an unsigned char array.
ok deraadt@
|
| |
|
|
|
|
|
|
|
| |
to avoid a possible NULL function call on ctx.final(). None of the callers
currently check the return value of calls to cert_verify_mac(), however
the function already returns 0 in another case and the MAC comparison will
later fail.
Issue reported by David Ramos.
|
| |
|
|
|
|
| |
protect from future field reordering/removal.
No difference in generated assembly.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
the return value of EVP_MD_CTX_copy_ex(). If the copy fails early then
EVP_DigestUpdate() will invoke md_ctx.update(), which will be a NULL
function pointer.
Analysis and patch from David Ramos.
ok deraadt@
|
| |
|
|
|
|
|
|
|
| |
fails, the NULL check will add an error but it does not abort. This will
result in EVP_DigestInit_ex() being called with a NULL context.
Also ensure that we check the return values from EVP_DigestInit_ex() and
EVP_DigestUpdate().
ok deraadt@ miod@
|
| |
|
|
|
|
|
|
|
| |
handshake MAC calculation fails. Currently, the result from both
ssl3_handshake_mac() calls is added together. This means that unless both
MD5 and SHA1 fail, a positive value will be returned to the caller,
indicating success rather than failure.
ok deraadt@ miod@ sthen@
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
using EVP_AEAD. Also provide an EVP_AEAD-only equivalent of
ssl_cipher_get_evp().
|
| |
|
|
|
|
| |
magic numbers around.
ok deraadt@
|
| |
|
|
|
|
| |
do some other clean up while here.
ok deraadt@
|
| |
|
|
|
|
|
|
| |
check, so do not duplicate it here. Make the error handling consistent
by always using 'goto err' rather than returning in certain cases. Also
add a missing BIO_free(ssl) in BIO_new_ssl_connect().
ok deraadt@
|
| | |
|
| |
|
|
| |
discussed with tedu, ok jsing
|
| |
|
|
|
|
|
| |
switching cipher states using an EVP_CIPHER. This will facilitate the
addition of cipher state changes for EVP_AEAD. No functional change.
Based on Adam Langley's chromium patches.
|
| | |
|
| |
|
|
|
|
|
|
| |
In the past, time_t's type was underspecified. But a floating point type
would not have worked in practice. Newer specifications effectively forbid it.
While cleaning this up, get partly ready for Y2038.
ok miod
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
c30718b5e7480add42598158
Don't know the full story, but it looks like a "can't do random
perfectly, so do it god awful" problem was found in 2013, and
replaced with "only do it badly if a flag is set". New flags
(SSL_MODE_SEND_SERVERHELLO_TIME and SSL_MODE_SEND_SERVERHELLO_TIME)
were added [Ben Laurie?] to support the old scheme of "use time_t
for first 4 bytes of the random buffer".
Nothing uses these flags [ecosystem scan by sthen]
Fully discourage use of these flags in the future by removing
support & definition of them. The buflen < 4 check is also interesting,
because no entropy would be returned. No callers passed such small
buffers.
ok miod sthen
|
| |
|
|
| |
Based on Adam Langley's chromium patches.
|
| |
|
|
|
|
|
| |
While this is not strictly correct (since the presence of SSL3_CC_READ does
not guarantee the absence of SSL3_CC_WRITE), in practice only one of these
flags is set at a time and there is existing logic which already relies on
this behaviour.
|
| |
|
|
| |
this is the only place where these variables are used.
|
| | |
|
| |
|
|
|
|
| |
code. Additionally, these need to be cleaned in the export case.
Based on Adam Langley's chromium patches.
|
| |
|
|
|
|
|
|
|
|
|
| |
Rather than doing a complex dance to figure out if we should reuse the
cipher context and clean it later on, just free it and allocate a new one.
This simplifies the code path, especially in the write case where special
handling is required for DTLS.
Also, calling EVP_CIPHER_CTX_init() for a newly created cipher context is
unnecessary, since EVP_CIPHER_CTX_new() already does this (not to mention
that it was already missing from the write case).
|
| |
|
|
|
|
| |
and others to the regress framework. These remaining ones just
muddle us up when re-reading code repeatedly.
ok jsing
|
| | |
|
| |
|
|
| |
ok miod
|
| | |
|
