summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2014-06-28Fix 9 memory leaks.Loganaden Velvindron
(Thanks to Brent Cook) With help from tedu@ OK from tedu@
2014-06-28Fix 2 memory leaks.Loganaden Velvindron
(Thanks to Brent Cook) OK from tedu@
2014-06-27When building a BN on the stack in BN_div(), make sure to initialize all itsMiod Vallat
fields (i.e. the flags field) before using it. This is currently harmless, but might not be if we end up invoking other BN functions checking for constant-time processing requirement in the future.
2014-06-27save_errno botch; spotted by miodTheo de Raadt
2014-06-27hand-KNF macro the do { } while loopsTheo de Raadt
2014-06-27hand-KNF the remaining bitsTheo de Raadt
2014-06-27Remove M_ASN1_New* macros which are only used in X509_PKEY_new() are obfuscateMiod Vallat
it to hide memory leaks in the error paths, and fix aforementioned memory leaks. ok jsing@ logan@ deraadt@
2014-06-26save errno in ERR_put_error(), so that SYSerr doesn't have any accidentalTheo de Raadt
cases where errno can be trashed. ok jsing
2014-06-26fix HD() misuse; from brent cookTheo de Raadt
2014-06-25AT_BASE returns us the *address* of the start of ld.so, soBob Beck
use the address, not what it points to (which is always the same) ok deraadt@
2014-06-25get the page of data at AT_SYSINFO_EHDRBob Beck
ok deraadt@
2014-06-25comment fixes from theoBob Beck
2014-06-25Possibly obtain a little bit of entropy from addresses returnedBob Beck
by getauxval if we have it. ok deraadt@
2014-06-25O_NOFOLLOW would be very nice to have here if the version of linuxBob Beck
we are running supports it. from enh@google.com
2014-06-24Unifdef -UNO_SYS_TYPES_HMiod Vallat
2014-06-24Remove previously commented out wrong code, as well as the comment saying thisMiod Vallat
is incorrect code.
2014-06-24Remove ancient workaround for previous century's compilers in the declarationMiod Vallat
of CRYPTO_EX_DATA; riding upon the libcrypto major bump.
2014-06-24Remove BIO_f_reliable(), guilty of playing with EVP_MD_CTX internals itMiod Vallat
should not know anything about. Verified not to be used in ports; riding upon the recent libcrypto major bump.
2014-06-24Crank libcrypto major since my previous commit changed the size of theJoel Sing
ChaCha context. Other changes will also ride this crank.
2014-06-24If a chacha operation does not consume all of the generated key stream,Joel Sing
ensure that we save it and consume it on subsequent writes. Otherwise we end up discarding part of the key stream and instead generate a new block at the start of the next write. This was only an issue for callers that did multiple writes that are not multiples of 64 bytes - in particular, the ChaCha20Poly1305 usage does not hit this problem since it performs encryption in a single-shot. For the same reason, this is also a non-issue when openssl(1) is used to encrypt with ChaCha. Issue identified by insane coder; reported to bugs@ by Joseph M. Schwartz. ok beck@
2014-06-24Some KNF.Joel Sing
2014-06-24Replace 48 lines of code with a single inet_pton() call. The previousJoel Sing
handrolled version could not even make use of sscanf(), since that would not work with a certain antiquated compiler. It is worth noting that there is a tiny change in behaviour - previously calling BIO_get_host_ip() with something that looked like it might be a valid IP address (for example, "1." or even ".") would result in it returning failure rather than trying a BIO_gethostbyname() - now we'll always try a BIO_gethostbyname() if it was not a valid IPv4 address. ok beck@ miod@ deraadt@
2014-06-24Actually make BIO_set_tcp_ndelay() work - TCP_NODELAY will not magicallyJoel Sing
appear by itself. ok beck@ miod@
2014-06-23Since this is a library, place issetugid() before every getenv()Theo de Raadt
ok miod
2014-06-23unbreak build of getentropy_sysctl - we need linux/sysctl.h, andBob Beck
RANDOM_UUID is an enum member.
2014-06-23unbreak - main needs to be extern in here somewhere.Bob Beck
2014-06-22KNF, particularly wrapped lines of calls to PEM_read_bio_FOO() andPhilip Guenther
multiline comments ok jsing@
2014-06-22BIO_sock_init() no longer does anything, so stop calling it.Joel Sing
2014-06-22Just use SOMAXCONN and IPPROTO_TCP, since we know we have them.Joel Sing
2014-06-22In BIO_get_port(), use strol() with appropriate range checks rather thanJoel Sing
an atoi() followed by an unsigned short cast. This stops things like "-1" and "66536" from being considered to be "valid" port numbers. ok beck@ deraadt@
2014-06-22nuke unused test programs; ok jsingTheo de Raadt
2014-06-22More KNF.Joel Sing
2014-06-22KNF.Joel Sing
2014-06-22KNF.Joel Sing
2014-06-22More KNF.Joel Sing
2014-06-21repair indentation for an inner loop; shorten some macros and variableTheo de Raadt
names to shorten line lengths ok beck
2014-06-21always compare memcmp against 0, for clarity.Ted Unangst
2014-06-21Pull the code that builds a DTLS sequence number out into its own functionJoel Sing
to avoid duplication. Also use fewer magic numbers. ok miod@
2014-06-21Specify the correct strength bits for 3DES cipher suites.Joel Sing
From OpenSSL. ok miod@
2014-06-21Switch to the ISC licensed versions of these files, which Google has madeJoel Sing
available via boringssl. ok deraadt@
2014-06-21Pull out the sequence number selection and handle this up front. Also, theJoel Sing
correct record is already known, so avoid reassignment.
2014-06-21More KNF and clean up.Joel Sing
2014-06-21More KNF.Joel Sing
2014-06-21More KNF.Joel Sing
2014-06-21KNFMiod Vallat
2014-06-21KNFMiod Vallat
2014-06-21Fix memory leak in error path.Loganaden Velvindron
OK from miod@
2014-06-21hash in correct pointerTheo de Raadt
2014-06-20Remove the OPENSSL_*cap getenv's. A program should not be able toTheo de Raadt
change the behaviour of the library in such a complicated fashion. ok miod
2014-06-20wrap getenv OPENSSL_ALLOW_PROXY_CERTS in an issetugid check, to protectTheo de Raadt
setuid applications from being fooled. ok miod
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-28 08:21:23 +0000