| Age | Commit message (Collapse) | Author |
|---|
|
The intent of this change is to only keep support for two kind of architectures:
- those with 32-bit int and long, and 64-bit long long, where
``long * long -> long long'' multiplication routines are available.
- those with 64-bit int and long, and no 128-bit long long type.
This gets rid of the SIXTY_FOUR_BIT_LONG, SIXTY_FOUR_BIT (not the same!),
THIRTY_TWO_BIT, SIXTEEN_BIT and EIGHT_BIT defines.
After this change, the types and defines are as follows:
arch: 64bit 32bit rationale
BN_LLONG undefined defined defined if l * l -> ll
BN_ULLONG undefined u long long result of BN_LONG * BN_LONG
BN_ULONG u long u int native register size
BN_LONG long int the same, signed
BN_BITS 128 64 size of 2*BN_ULONG in bits
BN_BYTES 8 4 size of 2*BN_ULONG in bytes
BN_BITS2 64 32 BN_BITS / 2
Tested on various 32-bit and 64-bit OpenBSD systems of various endianness.
|
|
|
|
were), after stumbling upon code (mis)using them in the wild.
|
|
|
|
ok miod@
|
|
|
|
|
|
unchecked malloc at the same time.
ok beck@
|
|
frequent construct of 30 lines of pointer and strlcat insanity followed
by an ERR_add_error_data. I will sweep through here like a chubby mongol
horde in the next few days pillaging crappy ERR_add_error_data's.
Oh and while we're at it fix the nasty vdata function to use something less
hard on the eyes.
ok jsing@
|
|
well...
ok beck@
|
|
|
|
I missed on the first go around.
|
|
|
|
a small signed one to it.. Some people on OpenSSL's list
noticed - http://marc.info/?l=openssl-dev&m=139809485525663&w=2
This should fix that, and make sure we don't try to write out insane
amounts of stuff.
ok miod@ tedu@
|
|
|
|
do_ssl3_write() is recursive. and not in the simple, obvious way, but in
the sneaky called through ssl3_dispatch_alert way. (alert level: fuchsia)
this then has a decent chance of releasing the buffer that we thought we
were going to use. check for this happening, and if the buffer has gone
missing, put another one back in place.
the direct recursive call is safe because it won't call ssl3_write_pending
which is the function that actually does do the writing and releasing.
as reported by David Ramos to openssl-dev:
http://marc.info/?l=openssl-dev&m=139809493725682&w=2
ok beck
|
|
|
|
``debug'' code from a 15+ years old bugfix and the SSL_OP_PKCS1_CHECK_*
constants have had a value of zero since ages. No production code should use
them.
ok beck@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#define socklen_t int
somewhere (or a typedef, whatever gives you an integer type of the size
your system expects as the 3rd argument of accept(2), really).
OpenSSL here is a bit more creative by using an union of an int and a size_t,
and extra code if sizeof(int) != sizeof(size_t) in order to recover the
proper size. With a comment mentioning that this has no chance to work on
a platform with a stack growing up and accept() returning an int, fortunately
this seems to work on HP-UX.
Switch to the light side of the force and declare and use socklen_t variables,
period. If your system does not define socklen_t, consider bringing it back
to your vendor for a refund.
ok matthew@ tedu@
|
|
|
|
|
|
caller to crash. Fix leak and return an error instead. from Chad Loder
|
|
|
|
under __TANDEM systems and compilers, using hardcoded octal numbers. NOT.
|
|
|
|
lacking an explicit `case 0:' construct. But Ultrix has been dead for more than
15 years, really. Don't give it any reason to move out of its coffin.
|
|
|
|
|
|
|
|
|
|
<machine/endian.h>, rather than writing 1 to a 32-bit variable and checking
whether the first byte is nonzero.
tweaks and ok matthew@; ok beck@ tedu@
|
|
unnecessary. Remove the temporary ugly casts - the comments even call them
that!
ok guenther@
|
|
ok miod@
|
|
from Dirk Engling <erdgeist@erdgeist.org>
|
|
for the size of a fixed size array.
From Dirk Engling <erdgeist@erdgeist.org>
|
|
than 32 bits.
|
|
little gem called OPENSSL_indirect_call(), supposedly to be ``handy under
Win32''.
In my view, this is a free-win ROP entry point. Why try and return to libc
when you can return to libcrypto with an easy to use interface?
Better not give that much attack surface, and remove this undocumented
entry point.
ok beck@ tedu@
|
|
instead of garbage, and add this to the libcrypto regress. Note these tests
are incomplete, as they always use the default IV.
|
|
|
|
One even says (in comments): HAS BUGS! DON'T USE
|
|
|
|
for 20th century historians, and can be put in the Attic.
|
|
|
|
|
