| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
a system/superuser binary. At the same time, move the source code from its
current lib/libssl/src/apps location to a more appropriate home under
usr.bin/openssl.
ok deraadt@ miod@
|
| | |
|
| |
|
|
|
|
| |
load_config() once when we start.
ok miod@
|
| | |
|
| |
|
|
|
|
|
| |
Rather than casting password_callback to the correct function pointer
signature at every call site, change it to match the signature instead.
ok miod@ deraadt@ tedu@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The underlying code has long been removed, making this a no-op.
If your random subsystem actually requires that you seed it from a file,
then you really should go and buy a new random subsystem that was built
after 1990.
Diff from Brent Cook.
ok deraadt@
|
| |
|
|
|
|
| |
this again in each app.
ok miod@
|
| |
|
|
| |
before calling free - of some course parts of the code already did this.
|
| |
|
|
|
|
|
|
| |
Currently "apps.h" needs to be included before any of the openssl headers
and there are several cases where the code depends on headers that are
included by something included by apps.h...
More untangling saved for later on.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
in each application (since there is no longer a non-monolithic mode).
In typical OpenSSL fashion, the code is inconsistent and there are multiple
ways that bio_err was initialised - none of them actually checked to see if
the initialisation actually succeeded. Additionally, it is worth noting
that in at least two cases bio_err was also being used before it would have
been initialised.
ok miod@
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The intent of this change is to only keep support for two kind of architectures:
- those with 32-bit int and long, and 64-bit long long, where
``long * long -> long long'' multiplication routines are available.
- those with 64-bit int and long, and no 128-bit long long type.
This gets rid of the SIXTY_FOUR_BIT_LONG, SIXTY_FOUR_BIT (not the same!),
THIRTY_TWO_BIT, SIXTEEN_BIT and EIGHT_BIT defines.
After this change, the types and defines are as follows:
arch: 64bit 32bit rationale
BN_LLONG undefined defined defined if l * l -> ll
BN_ULLONG undefined u long long result of BN_LONG * BN_LONG
BN_ULONG u long u int native register size
BN_LONG long int the same, signed
BN_BITS 128 64 size of 2*BN_ULONG in bits
BN_BYTES 8 4 size of 2*BN_ULONG in bytes
BN_BITS2 64 32 BN_BITS / 2
Tested on various 32-bit and 64-bit OpenBSD systems of various endianness.
|
| | |
|
| |
|
|
|
|
|
| |
signal(SIGPIPE, SIG_IGN) and apps_shutdown is a no-op. So just do that
instead.
ok beck@
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
ok tedu@
|
| | |
|
| |
|
|
|
|
|
|
| |
USE_SOCKETS is unrelated to using sockets, but just pulls in .h files. It
makes every file buy a kitchen sink, because 11 files forgot to.
EXIT() is really exit(), a gentle surprise
but... OPENSSL_EXIT() is really just return(), because noone compiles the
openssl command non-monolithic anymore
|
| | |
|
| |
|
|
|
|
|
|
| |
OPENSSL_foo wrappers. This changes:
OPENSSL_malloc->malloc
OPENSSL_free->free
OPENSSL_relloc->realloc
OPENSSL_freeFunc->free
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
so that its lovecraftian horror is not forever lost, i reproduce below
a comment from the deleted code.
/* 2011-03-22 SMS.
* If we have 32-bit pointers everywhere, then we're safe, and
* we bypass this mess, as on non-VMS systems. (See ARGV,
* above.)
* Problem 1: Compaq/HP C before V7.3 always used 32-bit
* pointers for argv[].
* Fix 1: For a 32-bit argv[], when we're using 64-bit pointers
* everywhere else, we always allocate and use a 64-bit
* duplicate of argv[].
* Problem 2: Compaq/HP C V7.3 (Alpha, IA64) before ECO1 failed
* to NULL-terminate a 64-bit argv[]. (As this was written, the
* compiler ECO was available only on IA64.)
* Fix 2: Unless advised not to (VMS_TRUST_ARGV), we test a
* 64-bit argv[argc] for NULL, and, if necessary, use a
* (properly) NULL-terminated (64-bit) duplicate of argv[].
* The same code is used in either case to duplicate argv[].
* Some of these decisions could be handled in preprocessing,
* but the code tends to get even uglier, and the penalty for
* deciding at compile- or run-time is tiny.
*/
|
| |
|
|
|
|
|
| |
know that MS_STATIC doesn't mean it is static? How far can lies
and half-truths be layered? I wonder if anyone got fooled, and
actually returned a pointer..
ok beck
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
| | |
|
|
|
functionality for shared libs.
Note that routines such as sslv2_init and friends that use RSA will
not work due to lack of RSA in this library.
Needs documentation and help from ports for easy upgrade to full
functionality where legally possible.
|
jsing
deraadt
tedu
bcook
sthen
miod
beck
djm
markus
ryker