summaryrefslogtreecommitdiff
path: root/src (follow)
Commit message (Collapse)AuthorAgeFilesLines
* tone down some XXXXX to not appear in greptedu2014-04-185-5/+5
|
* XXXXXXXXXXXXXXXX -> XXXtedu2014-04-182-6/+6
| | | | XXXXXXXXXXXXXXXXXXXXXXX -> XXXX
* unifdef NO_SOCKtedu2014-04-188-16/+0
|
* now that knf carpet bombing is finished, switch to hand to hand combat.tedu2014-04-184-346/+332
| | | | | still not sure what to make of mysteries like this: for (i = 7; i >= 0; i--) { /* increment */
* Unsurprisingly, since <unistd.h> was so darn hard to find for OpenSSL developersbeck2014-04-1810-62/+8
| | | | | | | | they had resorted to manually protyping read(2) instead of incredible amount of preprocessor wizardry needed to find the ever illusive <unistd.h>. Let's just include <unistd.h> and we don't need to do this.. While we're at it flense out _OSD_POSIX and __DGJPP__ cruft. ok krw@
* ECDSA signature computation involves a random number. Remove the test trying tomiod2014-04-181-116/+0
| | | | | force what RAND_bytes() will return and comparing it against known values - I can't let you do this, Dave.
* collateral damagetedu2014-04-181-0/+1
|
* no app_rand.ctedu2014-04-181-2/+2
|
* $HOME/.rnd will never be a good source of entropy. ok becktedu2014-04-1823-392/+2
|
* Do not ask the user to pass either -DB_ENDIAN or -DL_ENDIAN to the compiler,miod2014-04-189-37/+37
| | | | | | | but rather figure out the endianness from <machine/endian.h> automagically; help from guenther@ ok jca@ guenther@ beck@ and the rest of the `Buena SSL rampage club'
* Shrink a local buffer to the size it really needs to be; this is the onlymiod2014-04-182-2/+2
| | | | | | discrepancy found while checking proper {HEX,DECIMAL}_SIZE macro usage, which is confusing enough. tweaks and ok jca@, ok guenther@
* eroMgib dne- nai 68xtnetelca .smiod2014-04-182-14/+4
|
* Not welcomemiod2014-04-182-302/+0
|
* typomiod2014-04-182-2/+2
|
* first round of static config. ok miodtedu2014-04-1826-1118/+0
|
* Use the cleaned up asprintf-based make_config_name() to make the name oflteo2014-04-182-18/+8
| | | | | | | | the config file instead of the malloc/BUF_strlcpy/BUF_strlcat calls with no return value checks (that make_config_name() also used to do prior to being cleaned up). ok beck@
* Check the return value of make_config_name() before attempting to uselteo2014-04-181-1/+6
| | | | | | the config filename. ok beck@
* anothertedu2014-04-181-3/+0
|
* another "string to make the random number generator think it has entropy"tedu2014-04-181-23/+0
|
* delete "string to make the random number generator think it has entropy"tedu2014-04-181-4/+0
|
* Put back i2d_ASN1_SET() and d2i_ASN1_SET() from the NO_ASN1_OLD prune, as theremiod2014-04-187-1/+518
| | | | | | | are still some 3rd-party code using it, and fixing them is not trivial. As an excuse gift, the memory leaks on failure in resurrected a_set.c have been fixed.
* this file is not relevantderaadt2014-04-181-25/+0
|
* guenther would prefer more separationtedu2014-04-182-0/+4
|
* we need to cranktedu2014-04-182-2/+2
|
* remove include files not neededderaadt2014-04-184-34/+4
|
* Document support for "openssl s_client -starttls lmtp"guenther2014-04-181-1/+1
|
* Finish zapping SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION usage; only keepguenther2014-04-185-25/+19
| | | | | | | the #define for compat, but document that it's a no-op now. Also, neuter the -legacy_renegotiation option to "openssl s_{client,server}" ok beck@
* use the portable construct around asprintf; pointed out by halexderaadt2014-04-183-3/+6
|
* Some dude named Tavis Ormandy reported a bug which has gone unfixed.tedu2014-04-182-0/+10
| | | | | | | | | | | http://marc.info/?l=openssl-users&m=138014120223264&w=2 Arguably a doc bug, but we argue not. If you parse a new cert into memory occupied by a previously verified cert, the new cert will inherit that state, bypassing future verification checks. To avoid this, we will always start fresh with a new object. grudging ok from guenther, after i threatened to make him read the code yet again. "that ok was way more painful and tiring then it should have been"
* since e_os.h is dead, and e_os2.h is installed, we can fetch from there.deraadt2014-04-181-8/+2
| | | | This means we don't need the reach-around anymore.
* Put the final pieces from e_os.h in the required places, and remove it.deraadt2014-04-1828-204/+9
| | | | | "dance on it's grave" says beck ok guenther beck
* blank lines between decls and codetedu2014-04-182-0/+10
|
* These files were never installed in the past, and are not generallyderaadt2014-04-1845-1465/+0
| | | | | used. They can go away. ok guenther reyk
* Use asprintf() for generating path, instead of multiplederaadt2014-04-181-7/+1
| | | | return-value-not-checked strlcpy and strlcat
* in CONF_get1_default_config_file(), don't calculate a buffer size,deraadt2014-04-182-30/+10
| | | | | | | malloc it, do unbounded strlcpy's to it... but instead of asnprintf. While there, let's put a '/' between the two path components! Wonder how old that bug is.. ok guenther
* More KNF.jsing2014-04-182-152/+160
|
* another round of chemo for the RAND code to provide clarity.tedu2014-04-189-761/+172
| | | | ok deraadt
* More KNF.jsing2014-04-1814-850/+1070
|
* egd support is too dangerous to leave where somebody might find it.tedu2014-04-186-244/+4
| | | | ok deraadt.
* More KNF.jsing2014-04-1814-928/+1028
|
* unistd.h for protos where neededderaadt2014-04-1814-0/+14
|
* define RFILE only in the file that needs itderaadt2014-04-183-11/+2
|
* More KNF.jsing2014-04-1834-1030/+1324
|
* add braces missed when fixing leaksjsg2014-04-182-2/+4
|
* KNF, since this is no longer script generatedderaadt2014-04-181-172/+171
|
* simplify file:file:... stuffderaadt2014-04-1812-14/+13
|
* More KNF.jsing2014-04-1822-1328/+1626
|
* More KNF.jsing2014-04-1816-406/+390
|
* whitespace normalizationtedu2014-04-188-91/+81
|
* repair whitespace. this is what happens when functions take 20 params.tedu2014-04-181-20/+20
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-27 20:31:09 +0000