summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2015-07-31Fix SRTP parsing.Doug Hogan
jsing@ noticed that during the CBS conversion, an extra CBS_len comparison was introduced. It should be 0 after extracting MKI. ok jsing@ bcook@ deraadt@
2015-07-29Add linker warnings in case SSLv3_{,client,server}_method are referenced.Miod Vallat
Use of this symbols proves the existence of a code path willingly using SSLv3, even with OPENSSL_NO_SSL3 being defined, which hints that it needs fixing. Discussed with the LibreSSL cabal during c2k15; ok deraadt@
2015-07-29Use named initialisers for X509V3_EXT_METHOD structs (for the usualJoel Sing
reasons) - only change in generated assembly is due to line numbering.
2015-07-29Expand obsolete M_ASN1.*(cmp|dup|print|set) macros - no change in generatedJoel Sing
assembly. ok bcook@
2015-07-29Expand obsolete M_ASN1_STRING_* macros in asn1_lib.c, apply some style(9)Joel Sing
and drop an unnecessary return from a void function. ok bcook@ doug@
2015-07-27Less asn1_mac.h - asn1_lib.c does not need it and x_pkey.c should beJoel Sing
using ASN1err() instead of ASN1_MAC_H_err(). ok miod@
2015-07-25double words fix; docs are slowly getting moved to mdoc, but thisIgor Sobrado
change will help people translating them. ok jmc@, schwarze@
2015-07-25Place the ASN.1 template macros (and remaining implement macros) underJoel Sing
#ifndef LIBRESSL_INTERNAL - we're not using these anymore!
2015-07-25Expand another ASN.1 template macro that snuck through last time around.Joel Sing
No change in generated assembly.
2015-07-25Manually expand ASN.1 template macros - only change in generated assemblyJoel Sing
is due to line numbering.
2015-07-25Expand ASN.1 template macros that got missed in the last pass - only changeJoel Sing
to generated assembly is due to line numbers.
2015-07-25Expand ASN.1 template macros - the generated assembly only differs byJoel Sing
changes to line numbers.
2015-07-25Expand ASN.1 template macros - no change in generated assembly.Joel Sing
2015-07-25Expand ASN.1 template macros - no change in generated assembly.Joel Sing
2015-07-25Expand another wall of ASN.1 template macros - no change to generatedJoel Sing
assembly.
2015-07-25Expand ASN.1 template macros - no change in generated assembly.Joel Sing
2015-07-25Expand ASN.1 template macros - no change in generated assembly.Joel Sing
2015-07-25Expand ASN.1 template macros - the generated assembly only differs byJoel Sing
changes to line numbers.
2015-07-24Expand ASN.1 template macros - no change in generated assembly.Joel Sing
2015-07-24Expand ASN.1 template macros - no change in generated assembly.Joel Sing
2015-07-24Expand ASN.1 template macros - the generated assembly only differs byJoel Sing
changes to line numbers.
2015-07-24an TLS -> a TLS; from thanos tsouanasJason McIntyre
2015-07-24Expand ASN1_ITEM_TEMPLATE/ASN1_EX_TEMPLATE_TYPE/ASN1_ITEM_TEMPLATE_ENDJoel Sing
macros - the generated assembly only differs by changes to line numbers.
2015-07-24Expand IMPLEMENT_ASN1_MSTRING macros - the generated assembly only differsJoel Sing
by changes to line numbers.
2015-07-24Convert tls1_process_ticket to CBS.Doug Hogan
ok miod@ jsing@
2015-07-24Convert tls1_process_sigalgs to CBS.Doug Hogan
ok miod@ jsing@
2015-07-24Convert ssl3_get_record to CBS.Doug Hogan
ok miod@ jsing@
2015-07-21Remove duplicate check in libssl.Doug Hogan
If len == 0, it already set try_session_cache so there's no need to check len again. Fixes Coverity issue 21687. ok bcook@
2015-07-20Correct #if/else logic in BIO's dgram_ctrl.Doug Hogan
Coverity issue 72741 noticed that ret is being overwritten before use. The actual issue is that the #if/else logic is guarding the wrong lines. Besides impacting ret, this also made the case's break logic wrong because it was in the wrong location. ok bcook@ beck@
2015-07-20prefer string.h to strings.h ok guenther@ doug@Brent Cook
2015-07-20Various memory leaks upon error or unchecked allocations.Miod Vallat
ok doug@
2015-07-20Use V_ASN1_UNDEF instead of -1.Miod Vallat
Make sure ASN1_primitive_new() will return NULL in *pval in all error situations. ok bcook@ doug@
2015-07-20Check the return value of asn1_enc_save(). ok bcook@ doug@Miod Vallat
2015-07-20When freeing an X509_CRL, if freeing the user-maintained meth_data fails,Miod Vallat
do not forgot to nevertheless keep freeing the other fields. ok doug@ guenther@
2015-07-20In X509_PKEY_new(), make sure all allocation failures push an error to theMiod Vallat
error stack, not only the first one. ok guenther@ doug@
2015-07-19Remove OpenSSL engine RSAX.Doug Hogan
OpenSSL stopped building it last year and removed it this year. Based on OpenSSL commit c436e05bdc7f49985a750df64122c960240b3ae1. Also cranked major version in libcrypto, libssl and libtls. "fine with me" bcook@ miod@
2015-07-19Allow *_free() functions in libssl to handle NULL input.Doug Hogan
This mimics free()'s behavior which makes error handling simpler. ok bcook@ miod@
2015-07-19Drop stupid (int) casts for the arguments of malloc() and friends. This isMiod Vallat
not 16-bit MS-DOS anymore. ok bcook@ tedu@
2015-07-19unifdef -UCBC_HANDLES_TRUNCATED_IOMiod Vallat
ok bcook@ doug@
2015-07-19Verify ASN1 objects types before attempting to access them as a particularMiod Vallat
type. ok guenther@ doug@
2015-07-19Convert ssl3_get_certificate_request to CBS.Doug Hogan
ok miod@
2015-07-19Fix symbol collision with libtls.Doug Hogan
Pointed out by guenther. ok guenther@
2015-07-19Add TLS_method, TLS_client_method and TLS_server_method.Doug Hogan
Use these instead of SSLv23_*method when you want to make sure TLS is used. By default, we disable SSLv3 but it's still possible for the user to re-enable it. TLS_*method does not allow SSLv3. Both BoringSSL and (next version of) OpenSSL have these methods. However, they have changed the implementation significantly. We will as well, but not right now. Riding the libssl major bump. ok miod@ bcook@
2015-07-19Crank major and remove legacy variables.Doug Hogan
Libtls is riding this crank. ok miod@ bcook@
2015-07-19Now that it is safe to invoke X509_STORE_CTX_cleanup() if X509_STORE_CTX_init()Miod Vallat
fails, check its return value and correctly mop up after ourselves. ok beck@ doug@
2015-07-19Put explicit braces around assignment used in a conditional.Miod Vallat
ok bcook@ doug@
2015-07-19Remove the logic responsible for outputting most AES-NI instructions asMiod Vallat
raw byte sequences. The toolchains have had some time to update and assemble the instructions correctly (except for p{ins,ext}rd which are not supported yet by as(1) under OpenBSD, but will be fixed shortly). Inspired by a discussion between tedu@ and John-Mark Gurney. Verified to still work on Mac OS X and average Linux distros by bcook@
2015-07-19Replace `.byte 0x48,0x83,0xEC,0x08' with `sub \$8,%rsp' which is exactly theMiod Vallat
same four bytes, unobfuscated.
2015-07-19Simplify X509_STORE_CTX_init and make it safe with stack variables.Doug Hogan
The current version is not safe with stack variables because it may return prematurely with a partially constructed object on error. ok miod@ a while back
2015-07-19Remove case that can never happen.Doug Hogan
It's a little convoluted due to gotos, but at that point, pci is always NULL. Spotted by Coverity 21702. ok miod@ beck@ bcook@
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-24 13:39:01 +0000