Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-05-29 | Use .Er for errnos | Philip Guenther | |
2014-05-29 | Grammar | Philip Guenther | |
2014-05-28 | More KNF. | Joel Sing | |
2014-05-28 | Refactor tls1_change_cipher_state() and split the compression handling out | Joel Sing | |
from the cipher and message digest handling, allowing for upcoming changes. Based on Adam Langley's chromium diffs. ok miod@ | |||
2014-05-28 | EVP_MD_CTX_create() calls malloc and can return NULL. However, only one of | Joel Sing | |
the calls in libssl actually checks the return value before using it. Add NULL checks for the remaining three calls. ok miod@ | |||
2014-05-28 | There is no point in checking if a pointer is non-NULL before calling free, | Joel Sing | |
since free already does this for us. Also remove some pointless NULL assignments, where the result from malloc(3) is immediately assigned to the same variable. ok miod@ | |||
2014-05-28 | More KNF. | Joel Sing | |
2014-05-27 | Fix a Y2038 problem, by conversion of long to time_t. | Theo de Raadt | |
The TS_RESP_CTX_set_time_cb() API gets removed. Nothing in the greater ecosystem ever calls it. This API needs to be removed, because if anyone ever calls on a BE 32 system assuming long rather than time_t, it will be dangerously incompatible. ok miod guenther | |||
2014-05-27 | Remove unused defines. | Miod Vallat | |
2014-05-27 | Remove redundant test introduced in s3_pkt.c on 20001225, which got cargo-culted | Miod Vallat | |
(with an XXX comment, though) in d1_pkt.c in 2005. | |||
2014-05-27 | Wrap some long lines. | Joel Sing | |
2014-05-27 | Remove MemCheck_{on,off} that escaped last time around. | Joel Sing | |
2014-05-27 | More KNF. | Joel Sing | |
2014-05-27 | Fix ia64 cross-gcc target. | Tobias Ulmer | |
opensslconf.h is just a dummy, we're lightyears away from working userspace. ok deraadt@ | |||
2014-05-26 | Replace the following logic: | Miod Vallat | |
if (nothing to allocate) ptr = malloc(1) else { if ((ptr = malloc(size to allocate)) memcpy(ptr, data to copy, size to allocate) } if (ptr == NULL) OMG ERROR with a saner logic where the NULL pointer check if moved to the actual malloc branch, so that we do not need to malloc a single byte, just to avoid having a NULL pointer. Whoever thought allocating a single byte was a smart idea was obviously not taking his meds. ok beck@ guenther@ | |||
2014-05-26 | Unchecked malloc() return value in SSL_COMP_add_compression_method(), in the | Miod Vallat | |
!OPENSSL_NO_COMP case. Does not affect OpenBSD as we compile the opposite code path. | |||
2014-05-26 | We don't really to keep history in constructs such as: | Miod Vallat | |
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif | |||
2014-05-26 | tls_decrypt_ticket(): memory leak and uncleaned EVP_CIPHER_CTX upon error. | Miod Vallat | |
2014-05-26 | Make sure all error paths in dtls1_buffer_record() invoke SSLErr by | Miod Vallat | |
factoring error handling. ok jsing@ | |||
2014-05-26 | There is no need to include <openssl/e_os2.h> here, except for the fact | Joel Sing | |
that it brings in <openssl/opensslconf.h>, so just do that instead (currently via apps.h). | |||
2014-05-26 | Implement an improved version of the EVP AEAD API. The | Joel Sing | |
EVP_AEAD_CTX_{open,seal} functions previously returned an ssize_t that was overloaded to indicate success/failure, along with the number of bytes written as output. This change adds an explicit *out_len argument which is used to return the number of output bytes and the return value is now an int that is purely used to identify success or failure. This change effectively rides the last libcrypto crank (although I do not expect there to be many users of the EVP AEAD API currently). Thanks to Adam Langley for providing the improved code that this diff is based on. ok miod@ | |||
2014-05-26 | Use C99 initialisers for BIO_METHOD. | Joel Sing | |
2014-05-26 | KNF. | Joel Sing | |
2014-05-26 | repair some KNF missed by the script; ok jsing | Theo de Raadt | |
2014-05-26 | KNF. | Joel Sing | |
2014-05-26 | KNF. | Joel Sing | |
2008-09-06 | import of OpenSSL 0.9.8h | Damien Miller | |
2014-05-26 | move all stats collecting under MALLOC_STATS; ok krw@ | Otto Moerbeek | |
2014-05-25 | Fix resource descriptor leaks. | Loganaden Velvindron | |
CID: 966576 & 966577 OK from guenther@ and "Yup. looks good." from tedu@ | |||
2014-05-25 | -noout mentions a CRL, which is incorrect. Use "no output of encoded session | Loganaden Velvindron | |
info." instead. From Martin Kaiser. OK from tedu@ | |||
2014-05-25 | heartbearts->heartbeats fix | Loganaden Velvindron | |
From Marcos Marado: OK from tedu@ | |||
2014-05-25 | calloc instead of malloc/memset. from Benjamin Baier | Ted Unangst | |
2014-05-25 | Get the vmspace pointer from the process, not the thread | Philip Guenther | |
2014-05-25 | "for every change..." | Ted Unangst | |
2014-05-25 | remove OPENSSL_memcmp before somebody tries to use it. ok beck miod | Ted Unangst | |
2014-05-25 | remove OPENSSL_isservice. not used internally, no sane posix software will | Ted Unangst | |
call it, and windows service software can figure this out on its own. ok beck miod | |||
2014-05-25 | use calloc, from Benjamin Baier | Ted Unangst | |
2014-05-25 | one calloc from Benjamin Baier, one from me. | Ted Unangst | |
2014-05-25 | remove unused shit. from Alexander Schrijver | Ted Unangst | |
2014-05-25 | define LIBRESSL_INTERNAL, and use it to hide the bad stuff from ourselves | Ted Unangst | |
ok beck | |||
2014-05-25 | Remove TLS_DEBUG, SSL_DEBUG, CIPHER_DEBUG and OPENSSL_RI_DEBUG. Much of | Joel Sing | |
this is sporadic, hacked up and can easily be put back in an improved form should we ever need it. ok miod@ | |||
2014-05-25 | There is little interest in supporting Watt-32 TCP/IP debugging. For | Theo de Raadt | |
reference, check out http://www.watt-32.net/ ok jsing | |||
2014-05-25 | Turn off MemCheck_on and MemCheck_off. These calls are pointless since the | Joel Sing | |
crypto memory debugging code has been castrated. ok miod@ "kill it" beck@ | |||
2014-05-25 | The ssl_ciper_get_evp() function is currently overloaded to also return the | Joel Sing | |
compression associated with the SSL session. Based on one of Adam Langley's chromium diffs, factor out the compression handling code into a separate ssl_cipher_get_comp() function. Rewrite the compression handling code to avoid pointless duplication and so that failures are actually returned to and detectable by the caller. ok miod@ | |||
2014-05-25 | Whitespace fixes to align define values. | Joel Sing | |
2014-05-24 | In ssl_cipher_get_evp(), fix off-by-one in index validation before accessing | Miod Vallat | |
arrays. "kind of scary" deraadt@, ok guenther@ | |||
2014-05-24 | I'm so sorry to learn that the Diab compiler can't (or used not to) parse C | Miod Vallat | |
code. Remove workaround. | |||
2014-05-24 | Use C99 initialisers for SSL3_ENC_METHOD structs. | Joel Sing | |
ok miod@ | |||
2014-05-24 | Remove the _shadow_ indirection, which is unnecessary in a world without | Joel Sing | |
OPENSSL_EXPORT_VAR_AS_FUNCTION. ok miod@ | |||
2014-05-24 | KNF. | Joel Sing | |