wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
8346 commits 20 branches 302 tags 153 MiB
Commit graph

406 commits

Author SHA1 Message Date
Dr. Stephen Henson
6a62b2e54b Update from HEAD. 2005-04-30 18:16:40 +00:00
Dr. Stephen Henson
c1668fe59d Update from HEAD. 2005-04-30 13:08:56 +00:00
Dr. Stephen Henson
342b7e0458 Rebuild error codes. 2005-04-12 13:47:58 +00:00
Richard Levitte
9addd9b6fb Add emacs cache files to .cvsignore. 2005-04-11 14:18:14 +00:00
Ben Laurie
801fea5f11 Constification. 2005-03-23 08:21:30 +00:00
Dr. Stephen Henson
66d68327cb Avoid memory leak. 2005-01-31 01:40:39 +00:00
Richard Levitte
532d936be8 Check for errors from EVP_VerifyInit_ex(), or EVP_VerifyUpdate might 
cause a segfault...  This was uncovered because EVP_VerifyInit() may fail
in FIPS mode if the wrong algorithm is chosen...
 2005-01-27 01:49:23 +00:00
Richard Levitte
d88edf1447 Get rid if the annoying warning 2005-01-27 01:47:27 +00:00
Dr. Stephen Henson
965574039b Remove duplicate lines. 2004-12-12 13:18:23 +00:00
Dr. Stephen Henson
a4c9668f3c Automatically mark the CRL cached encoding as invalid when some operations 
are performed.
 2004-12-09 13:34:41 +00:00
Dr. Stephen Henson
da8534693c Add lots of checks for memory allocation failure, error codes to indicate 
failure and freeing up memory if a failure occurs.

PR:620
 2004-12-05 01:04:44 +00:00
Richard Levitte
a2617f727d Don't use $(EXHEADER) directly in for loops, as most shells will break 
if $(EXHEADER) is empty.

Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
 2004-11-02 23:53:31 +00:00
Dr. Stephen Henson
8de8bcbe2c Fix race condition when CRL checking is enabled. 2004-10-04 16:27:36 +00:00
Dr. Stephen Henson
85e8decc16 ASN1_STRING_to_UTF8() assumed that the MBSTRING_* flags were of 
the form MBSTRING_FLAG|nbyte where "nbyte" is the number of
bytes per character.

Unfortunately this isn't so and we can't change the #defines because
this would break binary compatibility, so for 0.9.7X only translate
between the two.
 2004-09-13 22:30:31 +00:00
Dr. Stephen Henson
8c172bce1c Make ASN1_INTEGER_cmp() work as expected with negative integers. 2004-08-10 17:40:31 +00:00
Dr. Stephen Henson
531b538df5 Ooops, missed part of PKCS#8 patch. 2004-07-06 17:25:11 +00:00
Dr. Stephen Henson
49ede900fa Fix memory leak. 2004-07-04 16:36:58 +00:00
Ben Laurie
3642f632d3 Pull FIPS back into stable. 2004-05-11 12:46:24 +00:00
Dr. Stephen Henson
f36f469430 Obsolete files. 2004-03-28 12:29:53 +00:00
Dr. Stephen Henson
931a031916 Cleanup ASN1 OID module when it exits. 2004-03-05 23:47:39 +00:00
Richard Levitte
de23af982a Avoid signed vs. unsigned warnings (which are treated like errors on 
Windows).
 2004-01-27 01:16:09 +00:00
Richard Levitte
cc056d6395 Use sh explicitely to run point.sh 
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
 2003-12-27 15:00:24 +00:00
Richard Levitte
394178c94c Use BUF_strlcpy() instead of strcpy(). 
Use BUF_strlcat() instead of strcat().
Use BIO_snprintf() instead of sprintf().
In some cases, keep better track of buffer lengths.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
 2003-12-27 14:40:57 +00:00
Dr. Stephen Henson
c22e6753ef Print out GeneralizedTime and UTCTime in ASN1_STRING_print_ex(). 2003-11-10 01:25:11 +00:00
Dr. Stephen Henson
662ede2370 Fix for ASN1 parsing bugs. 2003-09-30 12:05:44 +00:00
Dr. Stephen Henson
3b07c32fe7 outlen should be int * in out_utf8. 2003-08-21 12:31:17 +00:00
Richard Levitte
457f692eab Fix sign bugs. 
PR: 621
 2003-05-21 14:29:33 +00:00
Dr. Stephen Henson
22e6c2524e Add correct DN entry for serialNumber. 2003-05-07 23:20:41 +00:00
Dr. Stephen Henson
75fcbb43a7 Typo. 2003-04-10 00:03:22 +00:00
Dr. Stephen Henson
ee435c0d9c Add entry for domainComponent so it is treated correctly. 
Add table order test to end of a_strnid.c
 2003-03-14 01:45:44 +00:00
Dr. Stephen Henson
624feae8af Check return value of gmtime() and add error codes 
where it fails in ASN1_TIME_set().

Clear error queue in req.c if *_min or *_max is absent.
 2003-01-24 00:42:50 +00:00
Richard Levitte
d57084f235 Make sure the last character of the ASN.1 time string (the 'Z') is copied. 
PR: 429
 2003-01-01 03:41:01 +00:00
Andy Polyakov
1c799131ae Workaround for GCC-ia64 compiler bug. 
Submitted by: <appro>
Reviewed by:
PR:
 2002-12-06 17:16:25 +00:00
Dr. Stephen Henson
a6ee8fe26a Make ASN1_TYPE_get() work for V_ASN1_NULL type. 2002-12-04 00:50:20 +00:00
Dr. Stephen Henson
38b085902f In asn1_d2i_read_bio, don't assume BIO_read will 
return the requested number of bytes when reading
content.
 2002-12-03 23:49:12 +00:00
Richard Levitte
75e3026a14 Cleanse memory using the new OPENSSL_cleanse() function. 
I've covered all the memset()s I felt safe modifying, but may have missed some.
 2002-11-28 08:09:03 +00:00
Richard Levitte
b193f29a9b free() -> OPENSSL_free() 2002-11-13 20:25:56 +00:00
Ben Laurie
9831d941ca Many security improvements (CHATS) and a warning fix. 2002-11-12 13:23:40 +00:00
Dr. Stephen Henson
8d699c8c93 Check for NULL ASN1_ITEM when initializeing 
boolean option in ASN1_TYPE.
 2002-11-05 13:49:04 +00:00
Richard Levitte
f6733ae577 makedepend complains when a header file is included more than once in 
the same source file.
 2002-10-14 09:53:46 +00:00
Richard Levitte
ff90d659e6 Use double dashes so makedepend doesn't misunderstand the flags we 
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
 2002-10-09 13:21:33 +00:00
Dr. Stephen Henson
a98beb3a2d Apply -nameopt patches to 0.9.7 2002-08-30 18:26:26 +00:00
Dr. Stephen Henson
f627c159b1 Fix ASN1_STRING_to_UTF8: remove non sensical !*out test. 2002-08-30 17:17:45 +00:00
Dr. Stephen Henson
a69d50b02d Reinstate the check for invalid length BIT STRINGS, 
which was effectively bypassed in the ASN1 changed.
 2002-08-23 00:00:54 +00:00
Dr. Stephen Henson
f1e1d6d6af Fix typo 2002-08-02 19:03:41 +00:00
Dr. Stephen Henson
b012127a99 Fix the ASN1 sanity check: correct header length 
calculation and check overflow against LONG_MAX.
 2002-08-02 18:42:40 +00:00
Lutz Jänicke
bca9dc2a51 OpenSSL Security Advisory [30 July 2002] 
Changes marked "(CHATS)" were sponsored by the Defense Advanced
Research Projects Agency (DARPA) and Air Force Research Laboratory,
Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.
Submitted by:
Reviewed by:
PR:
 2002-07-30 11:21:19 +00:00
Lutz Jänicke
3720ea24f0 "make update" 
Submitted by:
Reviewed by:
PR:
 2002-07-30 07:18:03 +00:00
Richard Levitte
ca55c617e5 Pass CFLAG to dependency makers, so non-standard system include paths are 
handled properly.
Part of PR 75
 2002-06-27 16:44:52 +00:00
Bodo Möller
1c45b1fef3 Make sure buffers are large enough even for weird parameters 
Submitted by: Nils Larsch
 2002-06-26 14:29:10 +00:00