| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and
at least handle the file name and line number they are called from,
there's no need to report ERR_R_MALLOC_FAILURE where they are called
directly, or when SSLfatal() and RLAYERfatal() is used, the reason
`ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`.
There were a number of places where `ERR_R_MALLOC_FAILURE` was reported
even though it was a function from a different sub-system that was
called. Those places are changed to report ERR_R_{lib}_LIB, where
{lib} is the name of that sub-system.
Some of them are tricky to get right, as we have a lot of functions
that belong in the ASN1 sub-system, and all the `sk_` calls or from
the CRYPTO sub-system.
Some extra adaptation was necessary where there were custom OPENSSL_malloc()
wrappers, and some bugs are fixed alongside these changes.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19301)
|
| |
|
|
|
| |
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/16042)
|
| |
|
|
|
|
|
| |
Fixes #16026
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16036)
|
| |
|
|
|
|
|
|
|
| |
clean a few style nits.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14806)
|
| |
|
|
|
| |
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14801)
|
| |
|
|
|
|
|
| |
Partial fix for #12964
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14473)
|
| |
|
|
|
|
|
|
|
|
| |
It never makes sense for multi-string or CHOICE types to have implicit
tagging. If we have a template that uses the in this way then we
should immediately fail.
Thanks to David Benjamin from Google for reporting this issue.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
|
| |
|
|
|
| |
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13533)
|
| |
|
|
|
|
|
|
|
|
| |
This includes error reporting for libcrypto sub-libraries in surprising
places.
This was done using util/err-to-raise
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13318)
|
| |
|
|
|
|
|
|
| |
Also added blanks lines after declarations in a couple of places.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9916)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Apart from public and internal header files, there is a third type called
local header files, which are located next to source files in the source
directory. Currently, they have different suffixes like
'*_lcl.h', '*_local.h', or '*_int.h'
This commit changes the different suffixes to '*_local.h' uniformly.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9333)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, there are two different directories which contain internal
header files of libcrypto which are meant to be shared internally:
While header files in 'include/internal' are intended to be shared
between libcrypto and libssl, the files in 'crypto/include/internal'
are intended to be shared inside libcrypto only.
To make things complicated, the include search path is set up in such
a way that the directive #include "internal/file.h" could refer to
a file in either of these two directoroes. This makes it necessary
in some cases to add a '_int.h' suffix to some files to resolve this
ambiguity:
#include "internal/file.h" # located in 'include/internal'
#include "internal/file_int.h" # located in 'crypto/include/internal'
This commit moves the private crypto headers from
'crypto/include/internal' to 'include/crypto'
As a result, the include directives become unambiguous
#include "internal/file.h" # located in 'include/internal'
#include "crypto/file.h" # located in 'include/crypto'
hence the superfluous '_int.h' suffixes can be stripped.
The files 'store_int.h' and 'store.h' need to be treated specially;
they are joined into a single file.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9333)
|
| |
|
|
|
|
|
|
| |
introducing DECLARE_ASN1_DUP_FUNCTION
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8029)
|
| |
|
|
|
| |
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7772)
|
| |
|
|
|
|
|
| |
Almost all *alloc failures now set an error code.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5842)
|
| |
|
|
|
| |
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5851)
|
| |
|
|
|
|
|
|
|
|
| |
If we don't have OID data for an object then we should fail if we
are asked to encode the ASN.1 for that OID.
Fixes #5723
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5725)
|
| |
|
|
| |
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
| |
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Only treat an ASN1_ANY type as an integer if it has the V_ASN1_INTEGER
tag: V_ASN1_NEG_INTEGER is an internal only value which is never used
for on the wire encoding.
Thanks to David Benjamin <davidben@google.com> for reporting this bug.
This was found using libFuzzer.
RT#4364 (part)CVE-2016-2108.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This was done by the following
find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
print unless $. == 1 && m@/\* .*\.[ch] \*/@;
close ARGV if eof; # Close file to reset $.
And then some hand-editing of other files.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
|
| |
|
|
|
|
|
| |
Continuing from previous commit ensure our style is consistent for malloc
return checks.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
New ASN.1 macro ASN1_EMBED. This is the same as ASN1_SIMPLE except the
structure is not allocated: it is part of the parent. That is instead of
FOO *x;
it must be:
FOO x;
This reduces memory fragmentation and make it impossible to accidentally
set a mandatory field to NULL.
This currently only works for SEQUENCE and since it is equivalent to
ASN1_SIMPLE it cannot be tagged, OPTIONAL, SET OF or SEQUENCE OF.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
There are header files in crypto/ that are used by a number of crypto/
submodules. Move those to crypto/include/internal and adapt the
affected source code and Makefiles.
The header files that got moved are:
crypto/cryptolib.h
crypto/md32_common.h
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
| |
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
|
| |
|
|
| |
Reviewed-by: Matt Caswell <matt@openssl.org>
|
| |
|
|
| |
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
| |
Reviewed-by: Matt Caswell <matt@openssl.org>
|
| |
|
|
|
|
|
|
|
| |
Remove old ASN.1 COMPAT type. This was meant as a temporary measure
so older ASN.1 code (from OpenSSL 0.9.6) still worked. It's a hack
which breaks constification and hopefully nothing uses it now, if
it ever did.
Reviewed-by: Matt Caswell <matt@openssl.org>
|
| |
|
|
| |
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
| |
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
|
| |
PR#3403
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
casts.
|
| |
|
|
| |
correctly encode FALSE for BOOL in ASN1_TYPE.
|
| |
|
|
|
| |
PR: 1196
Submitted by: Russel Ruby
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
the buffer pointer.
Rename PKCS7_PARTSIGN to PKCS7_STREAM.
Guess what that's for :-)
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
change the way ASN1 modules are exported.
Still needs a bit of work for example the hack which a
dummy function prototype to avoid compilers warning about
multiple ;s.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
authenticated attributes: this is used to retain the
original encoding and not break signatures.
Support for a SET OF which reorders the STACK when
encoding a structure. This will be used with the
PKCS7 code.
|
