summaryrefslogtreecommitdiff
path: root/src (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Remove silly parenthesestb2023-11-271-3/+3
|
* Move the callers X509_STORE_CTX_purpose_inherit() down a bittb2023-11-271-15/+15
|
* Move ssl_cipher_id_cmp() next to its only callertb2023-11-252-15/+14
| | | | | | It was left alone and forlorn in the middle of other nonsense. Since there is only one caller (the OBJ_bsearch_ stupidity), it can be static and there is no need to prototype it in ssl_local.h.
* typo: mutiple -> multipleop2023-11-221-2/+2
| | | | from Ryan Kavanagh (rak [at] debian [dot] org), ok tb@
* Unhook and remove the now even more useless ssl_algs.c than it was before.tb2023-11-222-68/+1
| | | | ok jsing
* Make SSL_library_init() a wrapper of OPENSSL_init_ssl()tb2023-11-222-61/+9
| | | | | | | | | | | This way it doesn't do nonsensical work for all those who cargo culted an init sequence. There's no point in having SSL_library_init() as a cheaper version of OPENSSL_init_ssl(): once you do crypto, you'll init crypto... Also move the now trivial implementation to ssl_init.c which has a good license. ok jsing
* Stop calling SSL_library_init() from OPENSSL_init_ssl_internal()tb2023-11-221-2/+1
| | | | | | | | It's pointless: all the ciphers and digests added by SSL_library_init() are already added by OPENSSL_init_crypto(), which was already called at that point. ok jsing
* Move SSL_library_init() next to OPENSSL_init_ssl()tb2023-11-221-3/+2
| | | | | | | Its current position makes no sense and it will become a wrapper of the latter in a subsequent commit. ok jsing
* ec_print.c: Unwrap a linetb2023-11-211-3/+2
|
* Inline a better version of print_bin() in only callertb2023-11-211-42/+27
| | | | | | | | | | Instead of printing to a temporary buffer with weird gymnastics, we can simply write things out to the BIO using proper indent. This still isn't perfect since we have a CBS version of this in ecx_buf_print(), which is basically what used to be ASN1_buf_print(). Annotate this with an XXX for future cleanup. ok beck
* Make a few purpose things consttb2023-11-214-11/+11
| | | | | This should allow us to constify a sizable table in libcrypto in an upcoming bump.
* Fix a <= 5-byte buffer overwrite in print_bin()tb2023-11-211-2/+3
| | | | | | | | | | | | If the offset is > 124, this function would overwrite between 1 and 5 bytes of stack space after str[128]. So for a quick fix extend the buffer by 5 bytes. Obviously this is the permanent fix chosen elswehere. The proper fix will be to rewrite this function from scratch. Reported in detail by Masaru Masuda, many thanks! Fixes https://github.com/libressl/openbsd/issues/145 begrudging ok from beck
* Still need engine.h for ENGINE_free()tb2023-11-201-1/+2
| | | | But do away with the OPENSSL_NO_ENGINE dance.
* Mark up an occurrence of ENGINEtb2023-11-191-2/+3
|
* ENGINE can no longer have ex_data attached to ittb2023-11-191-3/+3
|
* Remove musings how ENGINE may or may not screw everything up.tb2023-11-191-23/+2
|
* Remove ENGINE mention in RSA_new()tb2023-11-191-14/+6
|
* OPENSSL_config() no longer calls ENGINE_load_builtin_engines()tb2023-11-191-5/+4
|
* ENGINE_add_conf_module() no longer existstb2023-11-191-8/+2
|
* Remove ENGINE Xr that I left behindtb2023-11-191-2/+1
|
* zap stray commatb2023-11-191-2/+2
|
* Unifdef OPENSSL_NO_ENGINE in libssltb2023-11-195-69/+5
| | | | | | As usual, a few manual fixes to avoid duplicate lines. ok jsing
* Manually unifdef OPENSSL_NO_ENGINE in ssl_clnt.ctb2023-11-191-17/+4
| | | | | | This allows us to simplify ssl_do_client_cert_cb() a bit. ok jsing
* Rename an ENGINE from e to engine for consistencytb2023-11-191-2/+2
|
* Unifdef OPENSSL_NO_ENGINE in libcryptotb2023-11-1921-431/+21
| | | | | | | This is mechanical apart from a few manual edits to avoid doubled empty lines. ok jsing
* Unifdef OPENSSL_NO_ENGINE in pmeth_lib.ctb2023-11-191-41/+3
| | | | | | | This includes a manual intervention for the call to EVP_PKEY_meth_find() which ended up in the middle of nowhere. ok jsing
* Unifdef OPENSSL_NO_ENGINE in engine.htb2023-11-191-566/+8
| | | | | | | Also rip out all the gross, useless comments. There's still too much garbage in here... ok jsing
* Also mention ENGINE_{cleanup,{ctrl_cmd{,_string}()tb2023-11-191-3/+29
|
* Remove last OPENSSL_NO_ENGINE from libssl regresstb2023-11-191-7/+1
|
* Unifdef OPENSSL_NO_ENGINE in libcrypto regresstb2023-11-198-68/+8
|
* Missing periodtb2023-11-191-2/+2
|
* fix grammartb2023-11-191-2/+2
|
* Remove remaining ENGINE manualstb2023-11-1911-1988/+1
| | | | They document functionality that no longer exists.
* Strip mention of ENGINE out of *_set_method.3tb2023-11-193-98/+26
|
* Strip out mentions of ENGINE_load_builtin_engines()tb2023-11-191-7/+4
| | | | | There's probably more that needs to be updated here, but that can be done another day.
* ex data for ENGINEs is no longer a thingtb2023-11-191-9/+2
|
* Remove section explaining how great and flexible ENGINE is andtb2023-11-191-28/+2
| | | | remove two Xr to ENGINE manuals.
* Remove obsolete engine configuration sectiontb2023-11-191-106/+2
|
* Document the remaining ENGINE stubs in a single manualtb2023-11-191-146/+103
|
* EVP_PKEY_encrypt() simplify exampletb2023-11-191-6/+4
| | | | In particular, do not use an uninitialized engine, simply pass NULL.
* openssl pkcs12: rewrite without reaching into X509_ALGORtb2023-11-191-7/+10
| | | | | | | | | We can call ASN1_item_unpack() which will end up stuffing the same arguments into ASN1_item_d2i() as d2i_PBEPARAM(). This eliminates the last struct access into X509_ALGOR outside libcrypto in the base tree. ok jsing
* openssl ts: convert to X509_ALGOR_set0()tb2023-11-191-5/+8
| | | | ok jsing
* Check for negative EVP_CIPHER_CTX_iv_length() return in libssltb2023-11-182-9/+13
| | | | ok beck
* Forgot to fix one unsigned int vs int confusiontb2023-11-181-3/+3
| | | | CID 468015
* Check for negative IV lengthtb2023-11-185-27/+45
| | | | | | | | | | | | A recent change in EVP_CIPHER_CTX_iv_length() made it possible in principle that this function returns -1. This can only happen for an incorrectly set up EVP_CIPHER. Still it is better form to check for negative lengths before stuffing it into a memcpy(). It would probably be desirable to cap the iv_length to something large enough. This can be done another time. ok beck
* Mention which functions are implemented as macros in the few casesschwarze2023-11-1613-34/+76
| | | | where that information was missing.
* drop some duplicate statements about macrosschwarze2023-11-164-23/+10
|
* fix wrong macroschwarze2023-11-161-3/+3
|
* delete lots of stuff that no longer existsschwarze2023-11-161-300/+17
|
* fix typo: exdata -> ex_dataschwarze2023-11-161-4/+4
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-09 16:10:14 +0000