summaryrefslogtreecommitdiffstats
path: root/lib/libssl/src/crypto/ocsp (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Remove the libssl/src directorybeck2016-09-0310-4525/+0
|
* Clean up OCSP_check_validity() a bit more.beck2016-07-161-11/+10
| | | | | | - Return on first failure rather than continuing. - Don't compare times by comparing strings that possibly were not parsable as a time. ok deraadt@
* remove unneeded duplicate call - spotted by jsing@beck2016-07-051-3/+1
|
* Add several fixes from OpenSSL to make OCSP work with intermediatebeck2016-07-051-10/+24
| | | | | | certificates provided in the response. - makes our newly added ocsp regress test pass too.. ok bcook@
* Fix from kinichiro.inoguchi@gmail.com to ensure that OCSP usesbeck2016-06-251-2/+2
| | | | Generalized Time on requests as per RFC6960
* Fix the ocsp code to actually check for errors when comparing time valuesbeck2016-06-251-7/+31
| | | | | | | | | which was not being done due to a lack of checking of the return code for X509_cmp_time. Ensure that we only compare GERNERALIZEDTIME values because this is what is specified by RFC6960. Issue reported, and fix provided by Kazuki Yamaguchi <k@rhe.jp> ok bcook@
* Use ASN1_item_dup() instead of ASN1_dup().jsing2015-09-261-4/+3
| | | | ok bcook@
* Expand ASN.1 template macros - no change in generated assembly.jsing2015-07-251-76/+496
|
* Drop stupid (int) casts for the arguments of malloc() and friends. This ismiod2015-07-191-3/+3
| | | | | not 16-bit MS-DOS anymore. ok bcook@ tedu@
* Check return value of all used functions in OCSP_REQUEST_print(); coversmiod2015-07-161-5/+9
| | | | Coverity CID 78796; ok beck@
* Manually expand ASN1_ITEM_rptr macros that should have been expanded withjsing2015-02-101-2/+2
| | | | the IMPLEMENT_ASN1_DUP_FUNCTION macro.
* Expand the IMPLEMENT_ASN1_DUP_FUNCTION macro so that the code is visiblejsing2015-02-101-2/+7
| | | | | | | | | and functions can be readily located. Change has been scripted and the generated assembly only differs by changes to line numbers. Discussed with beck@ miod@ tedu@
* Expand the IMPLEMENT_ASN1_FUNCTIONS macro so that the code is visible andjsing2015-02-091-16/+376
| | | | | | | | functions can be readily located. Change has been scripted and there is no change to the generated assembly. Discussed with beck@ miod@ tedu@
* Check the result of sk_*_push() operations for failure.miod2014-10-281-2/+5
| | | | ok doug@ jsing@
* Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes().jsing2014-10-221-3/+3
| | | | | | | | arc4random_buf() is guaranteed to always succeed - it is worth noting that a number of the replaced function calls were already missing return value checks. ok deraadt@
* None of these need to include <openssl/rand.h>jsing2014-10-183-6/+3
|
* Use string literals in printf style calls so gcc's -Wformat works.doug2014-10-031-8/+4
| | | | ok tedu@, miod@
* BIO_free() returns immediately when the sole input is NULL.doug2014-07-251-3/+2
| | | | | | Remove unnecessary NULL check. ok miod@
* The bell tolls for BUF_strdup - Start the migration to usingbeck2014-07-131-6/+6
| | | | | | intrinsics. This is the easy ones, a few left to check one at a time. ok miod@ deraadt@
* Principle of least surprise: make CMAC_CTX_free(), OCSP_REQ_CTX_free() andmiod2014-07-121-1/+4
| | | | | X509_STORE_CTX_free() accept NULL pointers as input without dereferencing them, like all the other well-behaved *_CTX_free() functions do.
* Only import cryptlib.h in the four source files that actually need it.jsing2014-07-114-16/+17
| | | | | | | | Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
* Explicitly include <openssl/opensslconf.h> in every file that referencesjsing2014-07-102-2/+7
| | | | | | | | | an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included. This also includes some miscellaneous sorting/tidying of headers.
* Stop including standard headers via cryptlib.h - pull in the headers thatjsing2014-07-102-4/+8
| | | | | | are needed in the source files that actually require them. ok beck@ miod@
* reset host, port, path to null after freeing so the caller doesn'ttedu2014-07-091-1/+4
| | | | | accidentally free them again. actually a bug in the caller and (hey hey) apps/ocsp.c has exactly that bug, but it's easier/safer to fix here.
* ocsp_check_ids says "If algoritm mismatch let caller deal with it" beforetedu2014-07-091-6/+1
| | | | | | returning 2. The one and only caller doesn't check for that, so... Stop returning it. ok miod
* tags as requested by miod and teduderaadt2014-06-1210-10/+10
|
* no need for null check before free. from Brendan MacDonelltedu2014-05-301-2/+1
|
* Not OPENSSL_SYS_SUNOS.jsing2014-05-231-3/+0
|
* Plug memory leaks upon error in OCSP_url_svcloc_new().miod2014-05-181-6/+9
| | | | ok jsing@
* In OCSP_sendreq_bio(), cope with OCSP_sendreq_new() returning NULL.miod2014-05-181-4/+6
| | | | ok jsing@
* More KNF.jsing2014-05-1810-193/+208
|
* unchecked malloc() return value in OCSP_sendreq_new().miod2014-05-171-0/+2
|
* KNFmiod2014-05-178-1274/+1332
|
* Replace all use of ERR_add_error_data with ERR_asprintf_error_data.beck2014-04-262-5/+5
| | | | | | | | This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
* Put the final pieces from e_os.h in the required places, and remove it.deraadt2014-04-181-1/+0
| | | | | "dance on it's grave" says beck ok guenther beck
* fix some more leaks, mostly suggestions from miodjsg2014-04-171-0/+3
| | | | ok miod@
* fix some of the leaksjsg2014-04-171-3/+11
| | | | ok miod@ looks good deraadt@
* Change library to use intrinsic memory allocation functions instead ofbeck2014-04-173-15/+15
| | | | | | | | OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
* we don't use these files for buildingtedu2014-04-151-78/+0
|
* remove auto-generated dependencies from the old unused build system, soderaadt2014-04-141-135/+0
| | | | | that it is easier to find code pieces. They are getting in the way. ok miod
* Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.miod2014-04-131-0/+1
|
* cherry pick bugfixes for http://www.openssl.org/news/secadv_20130205.txtmarkus2013-02-141-3/+6
| | | | | from the openssl git (changes between openssl 1.0.1c and 1.0.1d). ok djm@
* resolve conflictsdjm2012-10-131-1/+2
|
* openssl-1.0.0e: resolve conflictsdjm2011-11-033-9/+13
|
* resolve conflicts, fix local changesdjm2010-10-019-370/+82
|
* import OpenSSL-1.0.0adjm2010-10-011-48/+43
|
* resolve conflictsdjm2009-01-093-4/+5
|
* import openssl-0.9.8jdjm2009-01-092-39/+44
|
* resolve conflictsdjm2008-09-066-111/+414
|
* import of OpenSSL 0.9.8hdjm2008-09-064-196/+124
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.