summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2014-05-29Use .Er for errnosPhilip Guenther
2014-05-29GrammarPhilip Guenther
2014-05-28More KNF.Joel Sing
2014-05-28Refactor tls1_change_cipher_state() and split the compression handling outJoel Sing
from the cipher and message digest handling, allowing for upcoming changes. Based on Adam Langley's chromium diffs. ok miod@
2014-05-28EVP_MD_CTX_create() calls malloc and can return NULL. However, only one ofJoel Sing
the calls in libssl actually checks the return value before using it. Add NULL checks for the remaining three calls. ok miod@
2014-05-28There is no point in checking if a pointer is non-NULL before calling free,Joel Sing
since free already does this for us. Also remove some pointless NULL assignments, where the result from malloc(3) is immediately assigned to the same variable. ok miod@
2014-05-28More KNF.Joel Sing
2014-05-27Fix a Y2038 problem, by conversion of long to time_t.Theo de Raadt
The TS_RESP_CTX_set_time_cb() API gets removed. Nothing in the greater ecosystem ever calls it. This API needs to be removed, because if anyone ever calls on a BE 32 system assuming long rather than time_t, it will be dangerously incompatible. ok miod guenther
2014-05-27Remove unused defines.Miod Vallat
2014-05-27Remove redundant test introduced in s3_pkt.c on 20001225, which got cargo-cultedMiod Vallat
(with an XXX comment, though) in d1_pkt.c in 2005.
2014-05-27Wrap some long lines.Joel Sing
2014-05-27Remove MemCheck_{on,off} that escaped last time around.Joel Sing
2014-05-27More KNF.Joel Sing
2014-05-27Fix ia64 cross-gcc target.Tobias Ulmer
opensslconf.h is just a dummy, we're lightyears away from working userspace. ok deraadt@
2014-05-26Replace the following logic:Miod Vallat
if (nothing to allocate) ptr = malloc(1) else { if ((ptr = malloc(size to allocate)) memcpy(ptr, data to copy, size to allocate) } if (ptr == NULL) OMG ERROR with a saner logic where the NULL pointer check if moved to the actual malloc branch, so that we do not need to malloc a single byte, just to avoid having a NULL pointer. Whoever thought allocating a single byte was a smart idea was obviously not taking his meds. ok beck@ guenther@
2014-05-26Unchecked malloc() return value in SSL_COMP_add_compression_method(), in theMiod Vallat
!OPENSSL_NO_COMP case. Does not affect OpenBSD as we compile the opposite code path.
2014-05-26We don't really to keep history in constructs such as:Miod Vallat
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
2014-05-26tls_decrypt_ticket(): memory leak and uncleaned EVP_CIPHER_CTX upon error.Miod Vallat
2014-05-26Make sure all error paths in dtls1_buffer_record() invoke SSLErr byMiod Vallat
factoring error handling. ok jsing@
2014-05-26There is no need to include <openssl/e_os2.h> here, except for the factJoel Sing
that it brings in <openssl/opensslconf.h>, so just do that instead (currently via apps.h).
2014-05-26Implement an improved version of the EVP AEAD API. TheJoel Sing
EVP_AEAD_CTX_{open,seal} functions previously returned an ssize_t that was overloaded to indicate success/failure, along with the number of bytes written as output. This change adds an explicit *out_len argument which is used to return the number of output bytes and the return value is now an int that is purely used to identify success or failure. This change effectively rides the last libcrypto crank (although I do not expect there to be many users of the EVP AEAD API currently). Thanks to Adam Langley for providing the improved code that this diff is based on. ok miod@
2014-05-26Use C99 initialisers for BIO_METHOD.Joel Sing
2014-05-26KNF.Joel Sing
2014-05-26repair some KNF missed by the script; ok jsingTheo de Raadt
2014-05-26KNF.Joel Sing
2014-05-26KNF.Joel Sing
2008-09-06import of OpenSSL 0.9.8hDamien Miller
2014-05-26move all stats collecting under MALLOC_STATS; ok krw@Otto Moerbeek
2014-05-25Fix resource descriptor leaks.Loganaden Velvindron
CID: 966576 & 966577 OK from guenther@ and "Yup. looks good." from tedu@
2014-05-25-noout mentions a CRL, which is incorrect. Use "no output of encoded sessionLoganaden Velvindron
info." instead. From Martin Kaiser. OK from tedu@
2014-05-25heartbearts->heartbeats fixLoganaden Velvindron
From Marcos Marado: OK from tedu@
2014-05-25calloc instead of malloc/memset. from Benjamin BaierTed Unangst
2014-05-25Get the vmspace pointer from the process, not the threadPhilip Guenther
2014-05-25"for every change..."Ted Unangst
2014-05-25remove OPENSSL_memcmp before somebody tries to use it. ok beck miodTed Unangst
2014-05-25remove OPENSSL_isservice. not used internally, no sane posix software willTed Unangst
call it, and windows service software can figure this out on its own. ok beck miod
2014-05-25use calloc, from Benjamin BaierTed Unangst
2014-05-25one calloc from Benjamin Baier, one from me.Ted Unangst
2014-05-25remove unused shit. from Alexander SchrijverTed Unangst
2014-05-25define LIBRESSL_INTERNAL, and use it to hide the bad stuff from ourselvesTed Unangst
ok beck
2014-05-25Remove TLS_DEBUG, SSL_DEBUG, CIPHER_DEBUG and OPENSSL_RI_DEBUG. Much ofJoel Sing
this is sporadic, hacked up and can easily be put back in an improved form should we ever need it. ok miod@
2014-05-25There is little interest in supporting Watt-32 TCP/IP debugging. ForTheo de Raadt
reference, check out http://www.watt-32.net/ ok jsing
2014-05-25Turn off MemCheck_on and MemCheck_off. These calls are pointless since theJoel Sing
crypto memory debugging code has been castrated. ok miod@ "kill it" beck@
2014-05-25The ssl_ciper_get_evp() function is currently overloaded to also return theJoel Sing
compression associated with the SSL session. Based on one of Adam Langley's chromium diffs, factor out the compression handling code into a separate ssl_cipher_get_comp() function. Rewrite the compression handling code to avoid pointless duplication and so that failures are actually returned to and detectable by the caller. ok miod@
2014-05-25Whitespace fixes to align define values.Joel Sing
2014-05-24In ssl_cipher_get_evp(), fix off-by-one in index validation before accessingMiod Vallat
arrays. "kind of scary" deraadt@, ok guenther@
2014-05-24I'm so sorry to learn that the Diab compiler can't (or used not to) parse CMiod Vallat
code. Remove workaround.
2014-05-24Use C99 initialisers for SSL3_ENC_METHOD structs.Joel Sing
ok miod@
2014-05-24Remove the _shadow_ indirection, which is unnecessary in a world withoutJoel Sing
OPENSSL_EXPORT_VAR_AS_FUNCTION. ok miod@
2014-05-24KNF.Joel Sing