Age | Commit message (Collapse) | Author |
|
entropy. It might be fed to a pluggable random subsystem....
What were they thinking?!
ok guenther
|
|
ok krw@ sthen@ deraadt@
|
|
a maze of conditional #define's
|
|
to -1 to properly search all extensions. ok tedu@
From http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=300b9f0b70
|
|
|
|
From:
commit e9c80e04c1a3b5a0de8e666155ab4ecb2697a77d
Author: Andy Polyakov <appro@openssl.org>
Date: Wed Dec 18 21:42:46 2013 +0100
evp/e_[aes|camellia].c: fix typo in CBC subroutine.
It worked because it was never called.
Our e_camellia.c does not have this problem.
ok miod@ deraadt@
|
|
|
|
a better malloc. ok beck deraadt
|
|
|
|
string was potentially not nul terminated and a place where malloc return
was unchecked.
while we're at it remove dummytest.c
ok miod@
|
|
- Because they're not like us, son. They use macros to wrap stdio routines,
for an undocumented (OPENSSL_USE_APPLINK) use case, which only serves to
obfuscate the code.
ok tedu@
|
|
> I take a look at my life and realize there's nothin' left
> Cause I've been blasting and laughing so long,
> That even my mama thinks that my mind is gone
Remove even more unspeakable evil being perpetuated in the name of VMS.
(and lesser evils done in the name of others.)
ok miod
|
|
|
|
ok krw miod
|
|
to say "allow this connection to negotiate insecurely". de-fang the code
that respects this option to ignore it.
ok miod@
|
|
|
|
OPENSSL_SYSNAME_VXWORKS
OPENSSL_SYS_VMS
OPENSSL_SYS_MSDOS
OPENSSL_UNISTD
OPENSSL_SYS_WIN16
WIN_CONSOLE_BUG
OPENSSL_SYS_WINCE
SGTTY
OPENSSL_SYS_MACINTOSH_CLASSIC
MAC_OS_GUSI_SOURCE
OPENSSL_SYS_NETWARE
OPENSSL_SYS_SUNOS
__DJGPP__
OPENSSL_SYS_BEOS
OPENSSL_SYS_WIN32
|
|
ok matthew@ tedu@
|
|
correct because it doesn't zerofill the front of usecs, but that's the
way I found it.
a more thorough emulation of the old code, but with fewer whacky snprintf
pointer arithmetic antics. ok beck guenther
|
|
|
|
beck had a diff to convert to strftime, but it's easier to verify this
is functionally the same. ok beck.
|
|
the SSLv23_* client code. The server continues to accept it. It
also kills the bits for SSL2 SESSIONs; even when the server gets
an SSLv2-style compat handshake, the session that it creates has
the correct version internally.
ok tedu@ beck@
|
|
|
|
|
|
functions. The ability to set the debug mem functions died with mem.c,
but some of the rest of this is still exposed API so we can't delete it..
yet...
ok tedu@
|
|
return 1 in the arc4random backend because there is no possible error
condition. Unbreaks lynx, git and friends.
ok miod@ dcoppa@
|
|
defined.
ok miod@ beck@
|
|
pages instead of doing it in the Makefiles and move a libssl page where
it belongs.
ok miod@
|
|
fixed-width types instead of choosing int or long depending upon what we
think the architecture support.
|
|
of des_old.h routines, acting as wrappers about the OpenSSL UI API.
Nothing should use these functions directly.
Riding the recent libcrypto major bump (in a `des' car).
|
|
are not please fix your operating system. Replace mem.c with an API-compatible
wrapper that just calls the system functions and does not allow a one word
modification of a variable in a running shared library to turn on memory
debug functions that expose things that should not be seen.
ok tedu@
|
|
|
|
|
|
Is this a crypto library or a generic platform abstraction library?
"A hack to make Visual C++ 5.0 work correctly" ... time to upgrade.
|
|
it looks wrong. replace with auditable code and eliminate many strlen calls
to improve efficiency. (wait, did somebody say FASTER?) ok beck
|
|
removed.
Also, fix some nearby KNF nits that were bothering me.
ok beck
|
|
|
|
|
|
|
|
and OPENSSL_memcmp.
All modern systems have strncasecmp. No need to rewrite it.
Same with memcmp, call the system one! It is more likely to be hot
in the icache, and is specifically optimized for the platform. I
thought these OpenSSL people cared about performance?
ok tedu
|
|
enough to optimize this" monstrosity.
|
|
|
|
consign it to the Attic.
ok deraadt@
|
|
I will note that some were missing, looking at you Solaris!!! Anyone home?
Using my own copyright on the file now, since this is a rewrite of
a trivial wrapper around a system call I invented.
ok beck
|
|
in the process, always include ssl3 and tls1, we don't need config options
for them. when the time comes to expire ssl3, it will be with an ax.
checked by miod
|
|
I wonder when these scripts were last used...
|
|
|
|
|
|
The man page says "Compatibility des_ functions are provided for a short
while" and indeed even the original commit message says "The compatibility
functions will be removed in some future release, at the latest in
version 1.0." So here we are, a short while later.
Now I've only been an OpenBSD developer for 11 years, one year less than
this header has existed, but in that brief time, I've learned a thing or
two about deleting obsolete code. It doesn't delete itself. And worse,
people will continue using it until you force them onto a better path.
|
|
The man page says "Compatibility des_ functions are provided for a short
while" and indeed even the original commit message says "The compatibility
functions will be removed in some future release, at the latest in
version 1.0." So here we are, a short while later.
Now I've only been an OpenBSD developer for 11 years, one year less than
this header has existed, but in that brief time, I've learned a thing or
two about deleting obsolete code. It doesn't delete itself. And worse,
people will continue using it until you force them onto a better path.
|