| Age | Commit message (Collapse) | Author |
|---|
|
ok beck jsing
|
|
Return 0 on success, return <= 0 on failure. Sigh. In particular, if an
allocation failed, the password that no one entered was considered valid.
ok jsing
|
|
unused in ports and on codesearch
|
|
|
|
These constitute the bulk of the remaining global mutable state in
libcrypto. This commit moves most of them into data.rel.ro, leaving
out ERR_str_{functs,libraries,reasons} (which require a slightly
different approach) and SYS_str_reasons which is populated on startup.
The main observation is that if ERR_load_strings() is called with a 0 lib
argument, the ERR_STRING_DATA argument is not actually modified. We could
use this fact to cast away const on the caller side and be done with it.
We can make this cleaner by adding a helper ERR_load_const_strings() which
explicitly avoids the assignment to str->error overriding the error code
already set in the table.
In order for this to work, we need to sprinkle some const in err/err.c.
CMS called ERR_load_strings() with non-0 lib argument, but this didn't
actually modify the error data since it ored in the value already stored
in the table.
Annoyingly, we need to cast const away once, namely in the call to
lh_insert() in int_err_set_item(). Fixing this would require changing
the public API and is going to be tricky since it requires that the
LHASH_DOALL_FN_* types adjust.
ok jsing
|
|
Some headers were included conditionally on OPENSSL_NO_DEPRECATED in hopes
that eventually the mess of everything includes everything will magically
resolve itself. Of course everyone would end up building openssl with
OPENSSL_NO_DEPRECATED over time... Right.
Surprisingly, the ecosystem has come to rely on these implicit inclusions,
so about two dozen ports would fail to build because of this. Patching this
would be easy but really not worth the effort.
ok jsing
|
|
|
|
LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon.
This does not conform to style(9), breaks editors and ctags and
(most importantly) my workflow. Fix this by neutering them with
asm("") so that -Wpedantic doesn't complain. There's precedent
in libc's namespace.h
fix suggested by & ok jsing
|
|
i removed the arithmetics -> arithmetic changes, as i felt they
were not clearly correct
ok tb
|
|
Also be more consistent with variable naming.
ok tb@
|
|
ok tb@
|
|
ok tb@
|
|
Remove a comment that tells you not to call a function that internally
calls free, with a stack allocated pointer...
ok tb@
|
|
Nothing can be actually using these as the symbols are not exported from
libcrypto... hopefully ui_compat.h can also go away entirely.
ok tb@
|
|
xmlsec needs this, nothing else. Our linkers link libxmlsec1-openssl,
only warns and since nothing uses this library in ports, this wasn't
noticed for a long time.
Reported by Thomas Mitterfellner
ok jsing
|
|
Not all of them, only those that didn't leak into a public header...
Yes.
|
|
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.
discussed with jsing,
no objection bcook
|
|
ok jsing@
|
|
|
|
This script is not used at all and files are edited by hand instead.
Thus remove misleading comments incl. the obsolete script/config.
Feedback OK jsing tb
|
|
|
|
|
|
Use calloc() instead of malloc() and setting all members manually to 0.
Avoid unnecessary else branch.
|
|
a pointless local scope.
suggested by jsing
|
|
local scope of a case branch. Move it into the proper location.
No binary change on amd64.
"sure" jsing
|
|
There is no reason for print_error()'s third argument to be a UI *.
It may just as well be a void * to match what ERR_print_errors_cb()
expects. This avoids casting the function pointer. Also, there's no
need for a (void *) cast.
ok jsing
|
|
It is a bit silly to push an error on the stack without erroring out,
so error out if the ok_chars and cancel_chars overlap.
ok jsing
|
|
If any of general_allocate_{prompt,string,boolean}() fail, the
UI_dup_* functions may leak the strings they strduped beforehand.
Instead, use strdup inside these functions, so we can free as
necessary. This makes the UI_add_* and UI_dup_* simple wrappers
around general_allocate_{string,boolean}() that differ only in
passing a Boolean that indicates whether or not to use strdup.
Make a general cleanup pass over these functions, simplify the
logic and make it overall a bit easier to follow. While there,
use strcspn() instead of a handrolled variant.
The only changes in behavior are that ERR_R_MALLOC_FAILURE is now
pushed onto the stack a bit more often and that UI_dup_input_string()
now returns -1 on failure to dup prompt like all the other UI_dup_*
functions. This is not a problem since the manual already documents
that errors are signaled with <= 0. The only consumer of this function
according to Debian's codesearch is libp11, I sent them a PR to fix
their (already broken) error handling.
Addresses about 10 errors thrown by the LLVM static analyzer in ui/.
ok jsing
|
|
If sk_UI_STRING_new_null() fails, this must be due to a memory error,
so signal this to the user.
ok jsing
|
|
ok jsing
|
|
|
|
UI_method_get_flusher(), UI_method_get_opener(),
UI_method_get_prompt_constructor(), UI_method_get_reader(), and
UI_method_get_writer().
tested in a bulk build by sthen
ok jsing
|
|
^^^^^
tested in a bulk build by sthen
ok jsing
|
|
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@
|
|
Move the "internal" BN functions from bn.h to bn_lcl.h and stop exporting
the bn_* symbols. These are documented as only being intended for internal
use, so why they were placed in a public header is beyond me...
This hides 363 previously exported symbols, most of which exist in headers
that are not installed and were never intended to be public. This also
removes a few crusty old things that should have died long ago (like
_ossl_old_des_read_pw). But don't worry... there are still 3451 symbols
exported from the library.
With input and testing from inoguchi@.
ok beck@ inoguchi@
|
|
as reading passwords. allow ^C to break.
the pain was mine, the fix is miod's.
|
|
ok miod@
|
|
its original state instead of blindly turning echo on.
problem reported on the openssl-dev list by William Freeman
ok miod@ beck@
|
|
15 years.
|
|
ok tedu@, miod@
|
|
NULL before an intrinsic strdup.
ok miod@
|
|
intrinsics. This is the easy ones, a few left to check one at
a time.
ok miod@ deraadt@
|
|
|
|
|
|
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.
ok beck@ miod@
|
|
an OPENSSL_NO_* define. This avoids relying on something else pulling it
in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is
never going to do anything, since OPENSSL_NO_XYZ will never defined, due
to the fact that opensslconf.h has not been included.
This also includes some miscellaneous sorting/tidying of headers.
|
|
|
|
|
|
ok miod
|
|
|
