summaryrefslogtreecommitdiffstats
path: root/lib/libssl/s3_lib.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Make it substantially easier to identify protocol version requirementsjsing2014-05-291-1/+1
| | | | | | | | | | | | | | by adding an enc_flags field to the ssl3_enc_method, specifying four flags that are used with this field and providing macros for evaluating these conditions. Currently the version requirements are identified by continually checking the version number and other criteria. This change also adds separate SSL3_ENC_METHOD data for TLS v1.1 and v1.2, since they have different enc_flags from TLS v1. Based on changes in OpenSSL head. No objection from miod@
* There is no point in checking if a pointer is non-NULL before calling free,jsing2014-05-281-25/+14
| | | | | | | | since free already does this for us. Also remove some pointless NULL assignments, where the result from malloc(3) is immediately assigned to the same variable. ok miod@
* Replace the following logic:miod2014-05-261-8/+10
| | | | | | | | | | | | | | | | | | | | | if (nothing to allocate) ptr = malloc(1) else { if ((ptr = malloc(size to allocate)) memcpy(ptr, data to copy, size to allocate) } if (ptr == NULL) OMG ERROR with a saner logic where the NULL pointer check if moved to the actual malloc branch, so that we do not need to malloc a single byte, just to avoid having a NULL pointer. Whoever thought allocating a single byte was a smart idea was obviously not taking his meds. ok beck@ guenther@
* Remove TLS_DEBUG, SSL_DEBUG, CIPHER_DEBUG and OPENSSL_RI_DEBUG. Much ofjsing2014-05-251-24/+0
| | | | | | | this is sporadic, hacked up and can easily be put back in an improved form should we ever need it. ok miod@
* Use C99 initialisers for SSL3_ENC_METHOD structs.jsing2014-05-241-14/+16
| | | | ok miod@
* Clean up the SSL cipher initialisation and use C99 initialisers forjsing2014-05-231-1709/+1712
| | | | | | clarity, grepability and to protect from future field reordering/removal. ok miod@
* There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (anjsing2014-05-221-1/+1
| | | | | | | | | empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl. ok miod@
* Stop including kssl_lcl.h and nuke it from orbit - it is a no-op now.jsing2014-05-221-1/+0
| | | | ok beck@ miod@
* KSSL is dead... nuke KSSL_DEBUG from orbit.jsing2014-05-201-3/+0
| | | | ok beck@ miod@
* deleted seed some time agotedu2014-05-171-101/+0
|
* Remove SRP and Kerberos support from libssl. These are complex protocolstedu2014-05-051-445/+0
| | | | | all on their own and we can't effectively maintain them without using them, which we don't. If the need arises, the code can be resurrected.
* More KNF, things that couldn't be verified with md5(1), and some whitespacemcbride2014-04-241-7/+9
| | | | I missed on the first go around.
* KNFmcbride2014-04-241-99/+181
|
* more malloc/realloc/calloc cleanups; ok beck kettenisderaadt2014-04-211-2/+1
|
* More KNF and style consistency tweaksguenther2014-04-191-8/+9
|
* spacingtedu2014-04-181-10/+11
|
* whack a bunch of disabled code. ok beck lteotedu2014-04-171-169/+0
|
* always build in RSA and DSA. ok deraadt miodtedu2014-04-171-42/+3
|
* Change library to use intrinsic memory allocation functions instead ofbeck2014-04-171-14/+14
| | | | | | | | OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
* add back SRP. i was being too greedy.tedu2014-04-161-0/+209
|
* disentangle SRP code from TLStedu2014-04-161-209/+0
|
* make OPENSSL_NO_HEARTBLEED the default and only option. ok deraadt miodtedu2014-04-141-21/+0
|
* First pass at applying KNF to the OpenSSL code, which almost makes itjsing2014-04-141-2688/+2605
| | | | | readable. This pass is whitespace only and can readily be verified using tr and md5.
* Do not include "e_os.h" anymore. Simply pull in the necessary headers.mpi2014-04-131-2/+2
| | | | ok miod@, deraadt@
* remove more cases of MS_STATIC, MS_CALLBACK, and MS_FAR. Did youderaadt2014-04-131-1/+1
| | | | | | | know that MS_STATIC doesn't mean it is static? How far can lies and half-truths be layered? I wonder if anyone got fooled, and actually returned a pointer.. ok beck
* Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.miod2014-04-131-11/+23
|
* SECURITY fixes backported from openssl-1.0.1f. ok mikeb@jca2014-02-271-1/+1
| | | | | | | | | | | | CVE-2013-4353 NULL pointer dereference with crafted Next Protocol Negotiation record in TLS handshake. Upstream: 197e0ea CVE-2013-6449 Fix crash with crafted traffic from a TLS 1.2 client. Upstream: ca98926, 0294b2b CVE-2013-6450 Fix DTLS retransmission from previous session. Upstream: 3462896
* resolve conflictsdjm2012-10-131-21/+965
|
* OpenSSL 1.0.0f: mergedjm2012-01-051-0/+3
|
* openssl-1.0.0e: resolve conflictsdjm2011-11-031-0/+6
|
* resolve conflicts, fix local changesdjm2010-10-011-772/+1475
|
* pull Ben Lauries blind prefix injection fix for CVE-2009-3555 frommarkus2009-11-101-0/+3
| | | | openssl 0.9.8l; crank minor version; ok djm@ deraadt@; initially from jsg@
* update to openssl-0.9.8i; tested by several, especially krw@djm2009-01-051-20/+20
|
* resolve conflictsdjm2008-09-061-337/+1161
|
* resolve conflictsdjm2006-06-271-6/+6
|
* resolve conflictsdjm2005-04-291-37/+37
|
* merge 0.9.7b with local changes; crank majors for libssl/libcryptomarkus2003-05-121-38/+155
|
* merge openssl-0.9.7-beta3, tested on vax by miod@markus2002-09-101-4/+4
|
* do not propose IDEA cipher on SSL connection. tested by beckitojun2002-06-071-0/+2
| | | | noticed by Sverre Froyen <sverre@viewmark.com>
* OpenSSL 0.9.7 stable 2002 05 08 mergebeck2002-05-151-51/+352
|
* openssl-engine-0.9.6a mergebeck2001-06-221-24/+64
|
* openssl-engine-0.9.6 mergebeck2000-12-151-7/+7
|
* OpenSSL 0.9.5a mergebeck2000-04-151-25/+36
|
* OpenSSL 0.9.5 mergebeck2000-03-191-78/+299
| | | | | | *warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
* OpenSSL 0.9.4 mergebeck1999-09-291-118/+264
|
* Import of SSLeay-0.9.0b with RSA and IDEA stubbed + OpenBSD buildryker1998-10-051-0/+961
functionality for shared libs. Note that routines such as sslv2_init and friends that use RSA will not work due to lack of RSA in this library. Needs documentation and help from ports for easy upgrade to full functionality where legally possible.
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.