aboutsummaryrefslogtreecommitdiffstats
path: root/include
Commit message (Collapse)AuthorAgeFilesLines
...
* Add lh_new() inliningDr. Stephen Henson2016-01-112-14/+7
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* Inline LHASH_OFDr. Stephen Henson2016-01-113-178/+52
| | | | | | | | | | | Make LHASH_OF use static inline functions. Add new lh_get_down_load and lh_set_down_load functions and their typesafe inline equivalents. Make lh_error a function instead of a macro. Reviewed-by: Rich Salz <rsalz@openssl.org>
* Make SSL{_CTX,}_{get,set,clear}_options functionsViktor Dukhovni2016-01-111-14/+6
| | | | | | | These now take and return unsigned long, and get is constified. Updated related documentation and util/ssleay.num Reviewed-by: Matt Caswell <matt@openssl.org>
* Add memory leak return value.Dr. Stephen Henson2016-01-111-2/+2
| | | | | | | Make CRYPTO_mem_leaks() and CRYPTO_mem_leaks_fp() return a status value. Update documentation. Don't abort() if there are leaks. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* Enable/disable crypto-mdebug just like other featuresViktor Dukhovni2016-01-111-16/+5
| | | | | | Also always abort() on leak failure. Reviewed-by: Stephen Henson <steve@openssl.org>
* Regenerate SSL record/statem error stringsViktor Dukhovni2016-01-101-75/+0
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* RT41897: Add an CRYPTO_secure_actual_sizeRich Salz2016-01-091-0/+5
| | | | | | This is already documented, I just forgot to include the code :) Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* Fix c++ compilationMat2016-01-091-0/+2
| | | | | | | Fixes https://github.com/openssl/openssl/issues/532 Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
* Adds missing type castsMat2016-01-091-4/+4
| | | | | | | This fixes https://github.com/openssl/openssl/issues/534 Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
* Correct header definesDr. Stephen Henson2016-01-092-2/+10
| | | | Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* Fix no CRYPTO_MDEBUG build (windows)Rich Salz2016-01-081-8/+11
| | | | | | | | | In order for mkdep to find #ifdef'd functions, they must be wrapped (in the header file) with #ifndef OPENSSL_NO_... So do that for various CRYPTO_mem_debug... things. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* Simplify deprecated declaration exceptionViktor Dukhovni2016-01-081-7/+1
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* Backwards-compatibility subject to OPENSSL_API_COMPATViktor Dukhovni2016-01-0715-68/+68
| | | | | | | | | Provide backwards-compatiblity for functions, macros and include files if OPENSSL_API_COMPAT is either not defined or defined less than the version number of the release in which the feature was deprecated. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Remove all remaining traces if PEM_SealRichard Levitte2016-01-081-20/+0
| | | | Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* Fix build-break; 'make update'Rich Salz2016-01-071-2/+2
| | | | | | | Commit bbd86bf5424a611cb6b77a3a17fc522931c4dcb8 broke certain builds. Commit 0674427f71ca050e3c61a7ec9dc71b208c3b39f5 missing 'make update' Reviewed-by: Richard Levitte <levitte@openssl.org>
* mem functions cleanupRich Salz2016-01-072-134/+81
| | | | | | | | | | | | | | | | | Only two macros CRYPTO_MDEBUG and CRYPTO_MDEBUG_ABORT to control this. If CRYPTO_MDEBUG is not set, #ifdef out the whole debug machinery. (Thanks to Jakob Bohm for the suggestion!) Make the "change wrapper functions" be the only paradigm. Wrote documentation! Format the 'set func' functions so their paramlists are legible. Format some multi-line comments. Remove ability to get/set the "memory debug" functions at runtme. Remove MemCheck_* and CRYPTO_malloc_debug_init macros. Add CRYPTO_mem_debug(int flag) function. Add test/memleaktest. Rename CRYPTO_malloc_init to OPENSSL_malloc_init; remove needless calls. Reviewed-by: Richard Levitte <levitte@openssl.org>
* DANE support for X509_verify_cert()Viktor Dukhovni2016-01-072-0/+4
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* use more descriptive name DEFINE_STACK_OF_CONSTDr. Stephen Henson2016-01-072-2/+2
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Only declare stacks in headersDr. Stephen Henson2016-01-072-2/+2
| | | | | | | Don't define stacks in C source files: it causes warnings about unused functions in some compilers. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Rename DECLARE*STACK_OF to DEFINE*STACK_OFDr. Stephen Henson2016-01-0719-67/+67
| | | | | | | | | | Applications wishing to include their own stacks now just need to include DEFINE_STACK_OF(foo) in a header file. Reviewed-by: Richard Levitte <levitte@openssl.org>
* remove unused PREDECLAREDr. Stephen Henson2016-01-071-1/+0
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Fix declarations and constification for inline stack.Dr. Stephen Henson2016-01-073-5/+7
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Change STACK_OF to use inline functions.Dr. Stephen Henson2016-01-071-2057/+100
| | | | | | | Change DECLARE_STACK_OF into inline functions. This avoids the need for auto generated mkstack.pl macros and now handles const properly. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Remove more (rest?) of FIPS build stuff.Rich Salz2016-01-061-4/+0
| | | | Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
* DANE support structures, constructructors and accessorsViktor Dukhovni2016-01-054-0/+218
| | | | | | | | | Also tweak some of the code in demos/bio, to enable interactive testing of BIO_s_accept's use of SSL_dup. Changed the sconnect client to authenticate the server, which now exercises the new SSL_set1_host() function. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Fix X509_STORE_CTX_cleanup()Viktor Dukhovni2016-01-031-1/+1
| | | | Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
* X509_verify_cert() cleanupViktor Dukhovni2016-01-032-2/+3
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Instead of a local hack, implement SIZE_MAX in numbers.h if it's missingRichard Levitte2016-01-021-0/+4
| | | | Reviewed-by: Stephen Henson <steve@openssl.org>
* Protocol version selection and negotiation rewriteViktor Dukhovni2016-01-021-5/+3
| | | | | | | | | | | | | | | | | | | The protocol selection code is now consolidated in a few consecutive short functions in a single file and is table driven. Protocol-specific constraints that influence negotiation are moved into the flags field of the method structure. The same protocol version constraints are now applied in all code paths. It is now much easier to add new protocol versions without reworking the protocol selection logic. In the presence of "holes" in the list of enabled client protocols we no longer select client protocols below the hole based on a subset of the constraints and then fail shortly after when it is found that these don't meet the remaining constraints (suiteb, FIPS, security level, ...). Ideally, with the new min/max controls users will be less likely to create "holes" in the first place. Reviewed-by: Kurt Roeckx <kurt@openssl.org>
* Add support for minimum and maximum protocol versionKurt Roeckx2016-01-022-0/+14
| | | | Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* Remove the #ifndef OPENSSL_SYS_VMS around SSL_add_dir_cert_subjects_to_stackRichard Levitte2015-12-301-2/+0
| | | | | | It served a purpose, but not any more. Reviewed-by: Stephen Henson <steve@openssl.org>
* Fix no-engine.Ben Laurie2015-12-291-1/+1
| | | | Reviewed-by: Kurt Roeckx <kurt@openssl.org>
* Server side EVP_PKEY DH supportDr. Stephen Henson2015-12-231-1/+1
| | | | Reviewed-by: Matt Caswell <matt@openssl.org>
* Always generate DH keys for ephemeral DH cipher suites.Dr. Stephen Henson2015-12-231-2/+2
| | | | Reviewed-by: Matt Caswell <matt@openssl.org>
* redundant redeclaration of 'OPENSSL_strlcpy'Roumen Petrov2015-12-231-1/+0
| | | | | | | Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Rich Salz <rsalz@openssl.org> MR: #1523
* __STDC_VERSION__ is not defined for c89 compilersRoumen Petrov2015-12-231-2/+4
| | | | | | | Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Rich Salz <rsalz@openssl.org> MR: #1522
* Remove SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER and SSL_OP_TLS_D5_BUG support.Kurt Roeckx2015-12-231-2/+2
| | | | | | | | | Suggested by David Benjamin Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Viktor Dukhovni <openssl-users@dukhovni.org> MR: #1520
* Add ossl_inlineDr. Stephen Henson2015-12-222-40/+70
| | | | | | | Add macro ossl_inline for use in public headers where a portable inline is required. Change existing inline to use ossl_inline Reviewed-by: Kurt Roeckx <kurt@openssl.org>
* remove unused error codeDr. Stephen Henson2015-12-221-1/+0
| | | | | Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* make errorsDr. Stephen Henson2015-12-221-1/+10
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* SSL library configuration module.Dr. Stephen Henson2015-12-221-0/+4
| | | | | | | | This adds support for SSL/TLS configuration using configuration modules. Sets of command value pairs are store and can be replayed through an SSL_CTX or SSL structure using SSL_CTX_config or SSL_config. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Cleanup CRYPTO_{push,pop}_infoRich Salz2015-12-221-5/+6
| | | | | | | | Rename to OPENSSL_mem_debug_{push,pop}. Remove simple calls; keep only calls used in recursive functions. Ensure we always push, to simplify so that we can always pop Reviewed-by: Richard Levitte <levitte@openssl.org>
* Rename *_realloc_clean to *_clear_reallocRich Salz2015-12-221-3/+3
| | | | | | | Just like *_clear_free routines. Previously undocumented, used a half-dozen times within OpenSSL source. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Remove the "eay" c-file-style indicatorsRichard Levitte2015-12-187-7/+7
| | | | | | | Since we don't use the eay style any more, there's no point tryint to tell emacs to use it. Reviewed-by: Matt Caswell <matt@openssl.org>
* Modify the lower level memory allocation routines to take size_tRichard Levitte2015-12-171-16/+16
| | | | | | We've been using int for the size for a long time, it's about time... Reviewed-by: Rich Salz <rsalz@openssl.org>
* mem-cleanup, cont'd.Rich Salz2015-12-161-3/+0
| | | | | | | Remove LEVITTE_DEBUG_MEM. Remove {OPENSSL,CRYPTO}_remalloc. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* Rename some BUF_xxx to OPENSSL_xxxRich Salz2015-12-162-26/+31
| | | | | | | | | Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen} to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen} Add #define's for the old names. Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros. Reviewed-by: Tim Hudson <tjh@openssl.org>
* Constify EC_KEY in ECDH_compute_key.Dr. Stephen Henson2015-12-161-4/+5
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Remove SSL_OP_SINGLE_ECDH_USE code.Dr. Stephen Henson2015-12-161-2/+2
| | | | | | | Since auto ecdh is now always used SSL_OP_SINGLE_ECDH_USE is redundant. Simplify associated code. Reviewed-by: Richard Levitte <levitte@openssl.org>
* New EC functions.Dr. Stephen Henson2015-12-161-0/+37
| | | | | | | | | | New functions EC_POINT_point2buf and EC_KEY_key2buf which encode a point and allocate a buffer in one call. New function EC_KEY_oct2key() which sets public key in an EC_KEY structure from an encoded point. Reviewed-by: Richard Levitte <levitte@openssl.org>
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-03 15:03:29 +0000