summaryrefslogtreecommitdiff
path: root/src (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Assorted cleanups:miod2014-05-062-28/+8
| | | | | | | | | | | - replace hardcoded sizes with sizeof() - pqueue_find() apparently used to need to keep track of the previous node when iterating, which causes its logic to be complicated. However, nowadays it only needs to iterate, so replace with a straightforward, much readable logic. - remove #if 0'ed code From ``sin'' from 2f30 dot org on tech@, thanks!
* Add a fixed (read: non-SIGSEGV'ing) pq_test.miod2014-05-063-1/+111
|
* Remove broken-by-design testmiod2014-05-062-190/+0
|
* Make sure PKCS7_get_octet_string() return values are checked for NULL.miod2014-05-062-4/+20
| | | | | | Reported by David Ramos (and simultaneously to OpenSSL as PR#3339). ok beck@ logan@
* Sort CFLAGS, SRC and SSLASM stanzas by the directories they apply to, to makemiod2014-05-064-136/+166
| | | | | these files similar in layout to the other md Makefile.inc; no functional change.
* missing NULL checks to see if init is needed. found hard way by deraadt.tedu2014-05-061-3/+3
|
* fix stupid committedu2014-05-061-5/+5
|
* use explicit_bzerotedu2014-05-061-5/+5
|
* clear a stack buffer with explicit_bzerotedu2014-05-061-2/+2
|
* knf approximationtedu2014-05-0648-17238/+18272
|
* move chacha context and buffer out of bss and allow mmap to place themtedu2014-05-061-6/+16
| | | | wherever it decides it would like them. first step. ok deraadt dlg djm
* "stay backwards-compatible with 0.9.5; this should go away soon"tedu2014-05-061-8/+0
| | | | it's your lucky day!
* remove Kerberostedu2014-05-062-41/+0
|
* move a comment to make unifdef happiertedu2014-05-061-2/+3
|
* bye bye SRPtedu2014-05-064-975/+0
|
* inspired by a cloudflare diff, cleanse old memory when expanding a bignum.tedu2014-05-052-34/+18
| | | | | | however, instead of trying to audit all the places where a secret bignum is used, apply the big hammer and clear all bignums when freed. ok deraadt miod
* Sort and group includes.jsing2014-05-054-20/+22
|
* Repair BIO_socket_nbio operation.jsing2014-05-052-4/+6
| | | | ok miod@
* During the great e_os.h nukathon we stopped pulling in <sys/filio.h> viajsing2014-05-053-35/+6
| | | | | | | | | the ifdef maze, meaning that FIONBIO was no longer defined. This removes non-blocking I/O support from s_{client,server,time}. Remove all FIONBIO ifdefs and import <sys/ioctl.h>, renabling -nbio. ok miod@
* Kill memory debug calls that are now noops. While here, nuke an #if 0 andjsing2014-05-051-22/+3
| | | | | | a unnecessary NULL check before free. ok miod@
* OpenBSD has_SC_CLK_TCK.jsing2014-05-051-27/+0
| | | | ok miod@
* Remove SRP and Kerberos support from libssl. These are complex protocolstedu2014-05-0530-5120/+2
| | | | | all on their own and we can't effectively maintain them without using them, which we don't. If the need arises, the code can be resurrected.
* Enable assembler code for DES. Assembler code for BN is commented out as itmiod2014-05-052-0/+54
| | | | | uses the `umul' and `udiv' instructions directly, which are not supported on v7 processors.
* Improve line wrapping for lines exceeding 80 chars.jim2014-05-04128-497/+714
| | | | ok jmc@
* Add missing SEE ALSO section header.jim2014-05-041-0/+2
| | | | yup jmc@
* Remove trailing whitespace.jim2014-05-04140-345/+345
| | | | fine jmc@
* Remove a leading whitespace.jim2014-05-041-1/+1
| | | | ok jmc@
* Add missing SEE ALSO section header.jim2014-05-042-0/+4
| | | | ok jmc@
* Improve line wrapping for lines exceeding 80 chars.jim2014-05-0443-58/+115
| | | | ok jmc@
* Remove trailing whitespace.jim2014-05-0422-36/+36
| | | | ok jmc@
* delete useless test codederaadt2014-05-041-23/+1
|
* Remove trailing whitespace.jim2014-05-0437-176/+176
| | | | no objection jmc@
* i give up. reuse problem is unfixable. dlg says puppet crashes.tedu2014-05-042-16/+8
|
* Enable the assembler code for BN, which was lost quite some time ago.miod2014-05-042-0/+38
|
* Remove the !SSLASM conditional. Either there is an arch-specific Makefile.inc,miod2014-05-041-4/+2
| | | | | or the !SSLASM list of files applies. This allows for an arch-specific Makefile.inc to not specify SSLASM.
* Enable assembler code for AES, DES, GCM, SHA1, SHA256 and SHA512.miod2014-05-032-0/+92
| | | | | The sparcv9 BN code is not enabled, as it expects to run on a 32-bit userland and will need to be fixed for 64-bit userland first.
* Enable assembler code for AES, BN (Montgomery), GCM128, SHA1, SHA256 and SHA512.miod2014-05-032-0/+90
| | | | | Note that GCM128 Neon code is currently not built (and thus not tested), as the current toolchain does not support Neon instructions.
* Do not compile the neon probe code until __ARM_ARCH__ >= 7. Neon-specific codemiod2014-05-034-4/+28
| | | | will not get referenced if this condition is not met.
* typosmiod2014-05-032-4/+4
|
* Correctly enable Montgomery code.miod2014-05-032-2/+4
|
* now that 5.5 has been released with compatibility for 2b hashes,tedu2014-05-031-2/+2
| | | | switch to generating them by default. prodded by deraadt and sthen
* Update the base64 regress test and enable a test that would previouslyjsing2014-05-031-19/+28
| | | | | | | have resulted in a segfault. Also update the resulting output bytes now that the invalid/corrupt input is detected and rejected; unless you're using BIO_FLAGS_BASE64_NO_NL, in which case you still get a stream of zero value bytes and no way of knowing that the data is invalid/corrupt.
* Add checks for invalid base64 encoded data, specifically relating to thejsing2014-05-032-0/+24
| | | | | | | | | | | | | | | | | | | | | handling of padding. This fixes a crash that can be triggered by feeding base64 data followed by 64 or more padding characters, which results in a negative output length. This issue was reported by David Ramos, although the same bug has been sitting in the OpenSSL RT since 2011: https://rt.openssl.org/Ticket/Display.html?id=2608 Worse still, BIO_read seems to be completely unable to detect that the base64 input was invalid/corrupt - in particular, enabling BIO_FLAGS_BASE64_NO_NL results in a stream of zero value bytes rather than no input (possibly a good replacement for /dev/null...), which could result in nasty consequences. Prior to this fix some zero value bytes were also injected without this flag being enabled. The recently added base64 regress triggers and documents these issues (and also ensures that this change retains functional behaviour).
* 1. Drop support for no minor. This variant doesn't exist anymore.tedu2014-05-031-44/+30
| | | | | | | | | | 2. Pull up the actual minor processing code into the switch that parses it. 3. atoi is actually simpler than strtonum in this case, but check the input beforehand so we don't get unexpected results. 4. Slightly more consistent style between various parse and check and increment operations on salt. ok deraadt
* It is definitly not the correct spelling.jsing2014-05-032-4/+4
|
* KNF.jsing2014-05-038-1864/+1820
|
* Nuke more defines - we have setvbuf() and _IONBF.jsing2014-05-032-16/+0
| | | | ok deraadt@
* KNF.jsing2014-05-038-990/+1028
|
* Initial version of a base64 regress.jsing2014-05-033-1/+382
|
* Enable assembler bits for BN (Montgomery), SHA1 and SHA256.miod2014-05-032-0/+88
| | | | Assembler bits for AES remain commented out as they run slower than the C code.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-05-04 13:53:33 +0000