aboutsummaryrefslogtreecommitdiffstats
path: root/crypto
Commit message (Collapse)AuthorAgeFilesLines
...
* Fix the init cleanup orderMatt Caswell2016-03-141-14/+21
| | | | | | | There are internal dependencies between the various cleanup functions. This re-orders things to try and get that right. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Add some missing cleanup calls to de-initMatt Caswell2016-03-141-0/+2
| | | | | | | | OBJ_cleanup() doesn't always get called from EVP_cleanup() so needs to be explicitly called in de-init. Also BIO_sock_cleanup() also needs to be called. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Change an function macro for ERR match the function it's used in.Richard Levitte2016-03-131-1/+1
| | | | Reviewed-by: Kurt Roeckx <kurt@openssl.org>
* Complete incomplete makefile variable referensesRichard Levitte2016-03-131-2/+2
| | | | | | A couple of '$(PERLASM_SCHEM' had sneaked in. Reviewed-by: Tim Hudson <tjh@openssl.org>
* Add $(LIB_CFLAGS) for any build.info generator that uses $(CFLAGS)Richard Levitte2016-03-1317-34/+34
| | | | | | | The reason to do so is that some of the generators detect PIC flags like -fPIC and -KPIC, and those are normally delivered in LD_CFLAGS. Reviewed-by: Rich Salz <rsalz@openssl.org>
* Fix memory leak in library deinitEmilia Kasper2016-03-122-16/+20
| | | | | | | | | | | | | | ENGINE_cleanup calls CRYPTO_free_ex_data and therefore, CRYPTO_cleanup_all_ex_data - which cleans up the method pointers - must run after ENGINE_cleanup. Additionally, don't needlessly initialize the EX_CALLBACKS stack during e.g. CRYPTO_free_ex_data. The only time this is actually needed is when reserving the first ex data index. Specifically, since sk_num returns -1 on NULL input, the rest of the code already handles a NULL method stack correctly. Reviewed-by: Rich Salz <rsalz@openssl.org>
* Fix no-comp buildEmilia Kasper2016-03-121-0/+7
| | | | Reviewed-by: Matt Caswell <matt@openssl.org>
* Remove some dead code from 1999Matt Caswell2016-03-112-12/+0
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Don't clobber the last errorMatt Caswell2016-03-111-4/+8
| | | | | | | | | | | | | | | | On Windows we call WSAGetLastError() to find out the last error that happened on a socket operation. We use this to find out whether we can retry the operation or not. You are supposed to call this immediately however in a couple of places we logged an error first. This can end up making other Windows system calls to get the thread local error state. Sometimes that can clobber the error code, so if you call WSAGetLastError() later on you get a spurious response and the socket operation looks like a fatal error. Really we shouldn't be logging an error anyway if its a retryable issue. Otherwise we could end up with stale errors on the error queue. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Make X509_SIG opaque.Dr. Stephen Henson2016-03-117-25/+50
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* Use unsigned int instead of just unsigned.Kurt Roeckx2016-03-111-2/+2
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Save leaf_node and node_offset as character arrayKurt Roeckx2016-03-114-36/+33
| | | | | | | They are not numbers in the machine byte order. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Review commentsKurt Roeckx2016-03-1114-212/+192
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Add blake2 support.Bill Cox2016-03-1114-8/+891
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* move DSA_SIG definition into C source fileDr. Stephen Henson2016-03-112-6/+5
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* crypto/*/build.info: make it work on ARM platforms.Andy Polyakov2016-03-117-20/+37
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* crypto/*/build.info: SPARC-specific fixups.Andy Polyakov2016-03-112-1/+6
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* constify CT_POLICY_EVAL_CTX gettersRob Percival2016-03-111-3/+3
| | | | | Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Call CONF_modules_free() before ENGINE_cleanup() in auto-deinitMatt Caswell2016-03-111-3/+3
| | | | | | | | | | During auto de-init we were calling ENGINE_cleanup(), and then later CONF_modules_free(). However the latter function can end up calling engine code, which can lead to a use of the global_engine_lock after it has already been freed. Therefore we should swap the calling order of these two functions. Reviewed-by: Rich Salz <rsalz@openssl.org>
* Fix some assembler generating scripts for better unificationRichard Levitte2016-03-1127-39/+39
| | | | | | | | | | | Some of these scripts would recognise an output parameter if it looks like a file path. That works both in both the classic and new build schemes. Some fo these scripts would only recognise it if it's a basename (i.e. no directory component). Those need to be corrected, as the output parameter in the new build scheme is more likely to contain a directory component than not. Reviewed-by: Andy Polyakov <appro@openssl.org>
* Add include directory options for assembler files that include from crypto/Richard Levitte2016-03-102-0/+4
| | | | | | | | A few were missed in the previous commit. Closes RT#4412 Reviewed-by: Rich Salz <rsalz@openssl.org>
* check reviewer --reviewer=emiliaRob Percival2016-03-101-8/+10
| | | | | | | | | Pass entire CTLOG_STORE to SCT_print, rather than just the SCT's CTLOG SCT_print now looks up the correct CT log for you. Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* check reviewer --reviewer=emiliaRob Percival2016-03-104-35/+20
| | | | | | | | | | | | Remove 'log' field from SCT and related accessors In order to still have access to an SCT's CTLOG when calling SCT_print, SSL_CTX_get0_ctlog_store has been added. Improved documentation for some CT functions in openssl/ssl.h. Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Add include directory options for assembler files that include from crypto/Richard Levitte2016-03-1010-1/+31
| | | | | | Closes RT#4406 Reviewed-by: Rich Salz <rsalz@openssl.org>
* The typedef ECPARAMETERS is already defined, don't define it anewRichard Levitte2016-03-101-2/+2
| | | | Reviewed-by: Matt Caswell <matt@openssl.org>
* Remove a missed item from the old thread APIMatt Caswell2016-03-101-2/+0
| | | | | | | A line from cryptlib.h was missed during the old Thread API removal. This breaks no-deprecated builds. Reviewed-by: Rich Salz <rsalz@openssl.org>
* Mark SRP_VBASE_get_by_user() as deprecatedMatt Caswell2016-03-101-0/+2
| | | | | | | The function SRP_VBASE_get_by_user() is declared as deprecated but the implementation was not. Reviewed-by: Rich Salz <rsalz@openssl.org>
* RT3676 add: Export ASN.1 DHparamsRich Salz2016-03-091-1/+1
| | | | Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
* Avoid negative array index in BIO_debug_callback()Benjamin Kaduk2016-03-091-0/+3
| | | | | | | | | | | | | | | | BIO_snprintf() can return -1 on truncation (and overflow as of commit 9cb177301fdab492e4cfef376b28339afe3ef663). Though neither can realistically occur while printing a pointer and short fixed string into a buffer of length 256, the analysis to confirm that this the case goes somewhat far up the call chain, and not all static analyzers can successfully follow the chain of logic. It's easy enough to clamp the returned length to be nonnegative before continuing, which appeases the static analyzer and does not harm the subsequent code. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* CT: check some GeneralizedTime return valuesBenjamin Kaduk2016-03-091-2/+4
| | | | | | | | | Some of the ASN.1 routines for the GeneralizedTime type can return errors; check for these and do not continue past failure, so as to appease coverity. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Avoid double-free in calleres to OCSP_parse_urlJim Basney2016-03-091-0/+3
| | | | | | | | set pointers to NULL after OPENSSL_free before returning to caller to avoid possible double-free in caller Signed-off-by: Rich Salz <rsalz@akamai.com> Reviewed-by: Richard Levitte <levitte@openssl.org>
* Fix return type for CRYPTO_THREAD_run_onceMat2016-03-091-1/+1
| | | | | | | return type should be int and not void Signed-off-by: Rich Salz <rsalz@akamai.com> Reviewed-by: Richard Levitte <levitte@openssl.org>
* Add X509_CHECK_FLAG_NEVER_CHECK_SUBJECT flagViktor Dukhovni2016-03-091-4/+2
| | | | Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
* RT3676: Expose ECgroup i2d functionsRich Salz2016-03-092-85/+66
| | | | Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
* Makes STACK_OF(SCT)* parameter of i2d_SCT_LIST constRob Percival2016-03-091-1/+1
| | | | | Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Removes SCT_LIST_set_source and SCT_LIST_set0_logsRob Percival2016-03-091-29/+0
| | | | | | | Both of these functions can easily be implemented by callers instead. Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Makes SCT_get0_log return const CTLOG*Rob Percival2016-03-092-2/+2
| | | | | Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Makes CTLOG_STORE_get0_log_by_id return const CTLOG*Rob Percival2016-03-091-4/+4
| | | | | Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Improved documentation of SCT_CTX_* functionsRob Percival2016-03-092-15/+29
| | | | | Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Updates ct_err.cRob Percival2016-03-091-5/+5
| | | | | Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Reset SCT validation_status if the SCT is modifiedRob Percival2016-03-091-0/+12
| | | | | Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Fixes "usuable" typo in ct_locl.hRob Percival2016-03-091-1/+1
| | | | | Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Treat boolean functions as booleansRob Percival2016-03-093-20/+13
| | | | | | | | Use "!x" instead of "x <= 0", as these functions never return a negative value. Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Make parameters of CTLOG_get* constRob Percival2016-03-091-3/+4
| | | | | Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Extensive application of __owur to CT functions that return a booleanRob Percival2016-03-092-16/+36
| | | | | | | Also improves some documentation of those functions. Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Makes SCT_LIST_set_source return the number of successesRob Percival2016-03-091-4/+3
| | | | | | | | No longer terminates on first error, but instead tries to set the source of every SCT regardless of whether an error occurs with some. Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Fix classic buildMatt Caswell2016-03-091-1/+1
| | | | | | The Thread API changes broke classic build. This fixes it. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Remove the old threading APIMatt Caswell2016-03-095-761/+15
| | | | | | | | | | All OpenSSL code has now been transferred to use the new threading API, so the old one is no longer used and can be removed. We provide some compat macros for removed functions which are all no-ops. There is now no longer a need to set locking callbacks!! Reviewed-by: Richard Levitte <levitte@openssl.org>
* Remove use of the old CRYPTO_LOCK_X5O9_STOREMatt Caswell2016-03-091-12/+22
| | | | | | | | The locking here is a bit strange and unclear. Rather than refactor anything and possibly break stuff I have just moved to using the new thread API following as closely as possible what was there previously. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Don't call ENGINE_cleanup when configured "no-engine"Richard Levitte2016-03-091-0/+4
| | | | Reviewed-by: Matt Caswell <matt@openssl.org>
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-19 19:59:06 +0000