| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
| |
need to do it in ec_copy_parameters() prior to invoking EC_KEY_set_group().
ok doug@ jsing@
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
X509_PURPOSE object (obtained with X509_PURPOSE_get0() instead of being
allocated in the function) to be freed if modifying that object would fail
due to a low memory condition, while this object would still be referenced
elsewhere.
Fix this by only cleaning the object if we did not allocate it here.
While there, fail early if either `name' or `sname' are NULL, rather than
allocating an object and realizing we have nothing to strdup() into it.
ok guenther@
|
| |
|
|
|
|
| |
if it fails, free the object we were about to push.
Factor error handling to avoid having four copies of about the same code.
ok guenther@
|
| |
|
|
|
|
| |
on a stack; if the latter fails, we need to free the object before returning
failure.
ok guenther@
|
| |
|
|
| |
ok guenther@
|
| |
|
|
| |
Tweaks and ok guenther@
|
| |
|
|
| |
ok deraadt@ guenther@
|
| |
|
|
| |
ok deraadt@ guenther@
|
| |
|
|
| |
ok miod
|
| |
|
|
|
|
|
| |
ssl_add_clienthello_tlsext() and ssl_add_serverhello_tlsext(), rather than
the current generic naming.
ok miod@
|
| |
|
|
|
|
| |
hand rolling the same code.
ok miod@
|
| |
|
|
|
|
|
|
| |
return the client format list if the client_formats flag is specified.
Use tls1_get_formatlist()/tls1_get_curvelist() in tls1_check_ec_key(),
simplifying the code.
ok miod@
|
| |
|
|
|
|
|
|
|
|
| |
This allows an SSL server to enable ECDHE ciphers with a single setting,
which results in an EC key being generated using the first preference
shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
| |
|
|
| |
ok tedu@, miod@
|
| |
|
|
|
|
|
|
|
|
|
| |
The existing code reaches around into various internals of EC, which it
should not know anything about. Replace this with a set of functions that
that can correctly extract the necessary details and handle the
comparisions.
Based on a commit to OpenSSL, with some inspiration from boringssl.
ok miod@
|
| |
|
|
|
| |
if a NULL stack was passed as argument. Fix this by returning NULL early in
that case.
|
| |
|
|
|
|
|
|
|
| |
X509_STORE_CTX_init(): do not free the X509_STORE_CTX * parameter upon
failure, for we did not allocate it and it might not come from the heap,
such as in check_crl_path() in this very same file where X509_STORE_CTX_init()
gets invoked with a stack address.
ok bcook@
|
| |
|
|
|
| |
memcpy().
ok bcook@
|
| |
|
|
|
| |
parameter, correctly set param->name to NULL after having freed it.
ok bcook@
|
| |
|
|
|
|
|
|
|
|
|
| |
read the PEM-encoded certificate chain from memory instead of a file.
This idea is derived from an older implementation in relayd that was
needed to use the function with a privep'ed process in a chroot. Now
it is time to get it into LibreSSL to make the API more privsep-
friendly and to make it available for other programs and the ressl
library.
ok jsing@ miod@
|
| |
|
|
| |
ok bcook@
|
| |
|
|
|
|
| |
for it may be NULL. Do not leak memory upon error.
ok bcook@
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
manual field fiddling to create an ASN1_INTEGER object, instead of using
M_ASN1_INTEGER_new() which will allocate sizeof(long) bytes.
That person had probably never looked into malloc(3) and never heard of
allocation size rounding.
Thus, replace the obfuscated code with M_ASN1_INTEGER_new() followed by
ASN1_INTEGER_set(), to achieve a similar result, without the need for
/* version == 0 */ comments.
ok bcook@
|
| |
|
|
| |
the 64-bit code has to be disabled under OpenBSD/hppa.
|
| |
|
|
| |
ok miod@
|
| |
|
|
|
|
| |
Based on OpenSSL.
ok miod@
|
| |
|
|
|
|
|
| |
X509_STORE_get1_certs(), X509_STORE_get1_crls(): check the result of
allocations.
ok tedu@
|
| |
|
|
|
|
| |
the first EVP block.
ok tedu@
|
| |
|
|
| |
ok tedu@
|
| |
|
|
|
|
|
|
| |
for the server hello.
From OpenSSL.
ok miod@
|
| |
|
|
|
|
| |
strdup() to allocated directory list components.
ok jsing@
|
| |
|
|
|
|
|
|
|
| |
effectively built two "static" data structures - instead of doing this,
just use static data structures to start with.
From OpenSSL (part of a larger commit).
ok miod@
|
| |
|
|
|
|
| |
ssl3_send_finished(). While this previously checked against a zero return
value (which could occur on failure), we may as well test against the
expected length, since we already know what that is.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
end up with a value of zero, primarily since ssl3_take_mac() fails to check
the return value from the final_finish_mac() call. This would then mean that
an SSL finished message with a zero-byte payload would successfully match
against the calculated finish MAC.
Avoid this by checking the length of peer_finish_md_len and the SSL
finished message payload, against the known length already stored in
the SSL3_ENC_METHOD finish_mac_length field (making use of a previously
unused field).
ok miod@ (a little while back)
|
| |
|
|
| |
From OpenSSL.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
is off by default (instead of being enabled unconditionally).
The TLS padding extension was added as a workaround for a bug in F5 SSL
terminators, however appears to trigger bugs in IronPort SMTP appliances.
Now the SSL client gets to choose which of these devices it wants to
trigger bugs in...
Ported from OpenSSL.
Discussed with many.
ok miod@
|
| |
|
|
|
|
|
|
| |
some changes an a_int.c did not get applied to a_enum.c; despite style
changes, make sure BN_to_ASN1_ENUMERATED() correctly handles a zero value
the same way BN_to_ASN1_INTEGER() does.
ok bcook@ beck@ jsing@
|
| |
|
|
|
|
|
| |
Replace an if() posse with a switch() statement in traverse_string().
Remove unnecessary casts in cpy_*(),
with tweaks from guenther@; ok bcook@ jsing@ guenther@
|
| |
|
|
| |
From Ming <gzchenym at 126.com>
|
| | |
|
| |
|
|
|
|
| |
nor do we plan on supporting them.
ok guenther@
|
| |
|
|
|
|
|
|
| |
a system/superuser binary. At the same time, move the source code from its
current lib/libssl/src/apps location to a more appropriate home under
usr.bin/openssl.
ok deraadt@ miod@
|
| |
|
|
|
|
|
|
|
| |
There is no intention to modify the string returned by strerror and
doing so is forbidden by the standard.
from Jonas 'Sortie' Termansen
ok tedu@ deraadt@
|
| |
|
|
|
|
|
|
|
| |
The crypto/bio/bss_dgram.c file assumes that another file indirectly
includes <stdlib.h> that includes <sys/time.h>.
from Jonas 'Sortie' Termansen
ok deraadt@ tedu@
|
| |
|
|
|
|
|
|
|
| |
These files currently depends on the wrapper <stdlib.h> file indirectly
including a header that provides select().
from Jonas 'Sortie' Termansen
ok deraadt@ tedu@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
rather than passing in a fixed size buffer.
This is yet another example of a horribly designed API - if the given
buffer is NULL then SSL_CIPHER_description() allocates one for us (great!),
which we then need to free (no problem). However, if this allocation fails
it returns a pointer to a static string "OPENSSL_malloc Error" - obviously
bad things happen if we call free() with this pointer.
Unfortunately, there is no way of knowing that the function failed, other
than comparing the returned string against the string literal - so do that
before calling free()...
Joint work with beck@ during g2k14.
|
| |
|
|
|
|
|
| |
ssl3_cipher_get_value() helper function, which returns the cipher suite
value for the given cipher.
ok miod@
|
| |
|
|
|
|
| |
currently).
From Dmitry Eremin-Solenikov.
|
| |
|
|
|
|
| |
ssl3_get_cipher_by_id().
ok bcook@
|
| | |
|
miod
deraadt
jsing
doug
reyk
tedu
bcook