Rich Salz
16f8d4ebf0
memset, memcpy, sizeof consistency fixes
...
Just as with the OPENSSL_malloc calls, consistently use sizeof(*ptr)
for memset and memcpy. Remove needless casts for those functions.
For memset, replace alternative forms of zero with 0.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-05 22:18:59 -04:00
Rich Salz
b4faea50c3
Use safer sizeof variant in malloc
...
For a local variable:
TYPE *p;
Allocations like this are "risky":
p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption. Instead do this:
p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-04 15:00:13 -04:00
Rich Salz
25aaa98aa2
free NULL cleanup -- coda
...
After the finale, the "real" final part. :) Do a recursive grep with
"-B1 -w [a-zA-Z0-9_]*_free" to see if any of the preceeding lines are
an "if NULL" check that can be removed.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-01 14:37:16 -04:00
Rich Salz
666964780a
Remove goto inside an if(0) block
...
There were a dozen-plus instances of this construct:
if (0) { label: ..... }
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-01 14:29:48 -04:00
Rich Salz
efa7dd6444
free NULL cleanup 11
...
Don't check for NULL before calling free functions. This gets:
ERR_STATE_free
ENGINE_free
DSO_free
CMAC_CTX_free
COMP_CTX_free
CONF_free
NCONF_free NCONF_free_data _CONF_free_data
A sk_free use within OBJ_sigid_free
TS_TST_INFO_free (rest of TS_ API was okay)
Doc update for UI_free (all uses were fine)
X509V3_conf_free
X509V3_section_free
X509V3_string_free
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-01 10:15:18 -04:00
Rich Salz
b548a1f11c
free null cleanup finale
...
Don't check for NULL before calling OPENSSL_free
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-01 10:02:07 -04:00
Rich Salz
23a1d5e97c
free NULL cleanup 7
...
This gets BN_.*free:
BN_BLINDING_free BN_CTX_free BN_FLG_FREE BN_GENCB_free
BN_MONT_CTX_free BN_RECP_CTX_free BN_clear_free BN_free BUF_MEM_free
Also fix a call to DSA_SIG_free to ccgost engine and remove some #ifdef'd
dead code in engines/e_ubsec.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-30 21:37:06 -04:00
Rich Salz
222561fe8e
free NULL cleanup 5a
...
Don't check for NULL before calling a free routine. This gets X509_.*free:
x509_name_ex_free X509_policy_tree_free X509_VERIFY_PARAM_free
X509_STORE_free X509_STORE_CTX_free X509_PKEY_free
X509_OBJECT_free_contents X509_LOOKUP_free X509_INFO_free
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-30 17:33:59 -04:00
Rich Salz
b196e7d936
remove malloc casts
...
Following ANSI C rules, remove the casts from calls to
OPENSSL_malloc and OPENSSL_realloc.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-28 15:28:14 -04:00
Rich Salz
e0e920b1a0
free NULL cleanup 9
...
Ongoing work to skip NULL check before calling free routine. This gets:
ecp_nistz256_pre_comp_free nistp224_pre_comp_free nistp256_pre_comp_free
nistp521_pre_comp_free PKCS7_free PKCS7_RECIP_INFO_free
PKCS7_SIGNER_INFO_free sk_PKCS7_pop_free PKCS8_PRIV_KEY_INFO_free
PKCS12_free PKCS12_SAFEBAG_free PKCS12_free sk_PKCS12_SAFEBAG_pop_free
SSL_CONF_CTX_free SSL_CTX_free SSL_SESSION_free SSL_free ssl_cert_free
ssl_sess_cert_free
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-04-11 16:32:54 -04:00
Rich Salz
62adbcee39
free NULL cleanup 10
...
Avoid checking for NULL before calling free functions. This gets
ssl.*free:
ssl_sess_cert_free ssl_free ssl_excert_free ssl_cert_free
SSL_free SSL_SRP_CTX_free SSL_SESSION_free SSL_CTX_free
SSL_CTX_SRP_CTX_free SSL_CONF_CTX_free
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-04-11 10:22:36 -04:00
Rich Salz
c5ba2d9904
free NULL cleanup
...
EVP_.*free; this gets:
EVP_CIPHER_CTX_free EVP_PKEY_CTX_free EVP_PKEY_asn1_free
EVP_PKEY_asn1_set_free EVP_PKEY_free EVP_PKEY_free_it
EVP_PKEY_meth_free; and also EVP_CIPHER_CTX_cleanup
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-03-28 10:54:15 -04:00
Rich Salz
ca3a82c3b3
free NULL cleanup
...
This commit handles BIO_ACCEPT_free BIO_CB_FREE BIO_CONNECT_free
BIO_free BIO_free_all BIO_vfree
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-25 11:31:18 -04:00
Matt Caswell
266483d2f5
RAND_bytes updates
...
Ensure RAND_bytes return value is checked correctly, and that we no longer
use RAND_pseudo_bytes.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-25 12:38:07 +00:00
Rich Salz
d64070838e
free NULL cleanup
...
Start ensuring all OpenSSL "free" routines allow NULL, and remove
any if check before calling them.
This gets DH_free, DSA_free, RSA_free
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-24 23:17:16 -04:00
Rich Salz
7aa0b02246
Dead code cleanup: crypto/*.c, x509v3, demos
...
Some of the #if 0 code in demo's was kept, but given helpful #ifdef
names, to show more sample code.
Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-02-02 11:08:16 -05:00
Matt Caswell
e640fa0200
Harmonise use of EVP_CTRL_GET_TAG/EVP_CTRL_SET_TAG/EVP_CTRL_SET_IVLEN
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-28 10:39:01 +00:00
Rich Salz
a2b18e657e
ifdef cleanup, part 4a: '#ifdef undef'
...
This removes all code surrounded by '#ifdef undef'
One case is left: memmove() replaced by open-coded for loop,
in crypto/stack/stack.c That needs further review.
Also removed a couple of instances of /* dead code */ if I saw them
while doing the main removal.
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-01-24 10:58:38 -05:00
Matt Caswell
35a1cc90bc
More comment realignment
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:10 +00:00
Matt Caswell
0f113f3ee4
Run util/openssl-format-source -v -c .
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:09 +00:00
Matt Caswell
68d39f3ce6
Move more comments that confuse indent
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:09 +00:00
Matt Caswell
dbd87ffc21
indent has problems with comments that are on the right hand side of a line.
...
Sometimes it fails to format them very well, and sometimes it corrupts them!
This commit moves some particularly problematic ones.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:08 +00:00
Matt Caswell
e636e2acd7
Fix source where indent will not be able to cope
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:06 +00:00
Matt Caswell
28470b6095
Yet more comments
...
Conflicts:
crypto/dsa/dsa_asn1.c
crypto/pem/pem_all.c
fips/dh/dh_gen.c
fips/dh/fips_dh_check.c
fips/dh/fips_dh_gen.c
ssl/ssl_ciph.c
Conflicts:
ssl/d1_clnt.c
Conflicts:
ssl/s2_pkt.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:06 +00:00
Matt Caswell
23a22b4cf7
More comments
...
Conflicts:
crypto/dsa/dsa_vrf.c
crypto/ec/ec2_smpl.c
crypto/ec/ecp_smpl.c
Conflicts:
demos/bio/saccept.c
ssl/d1_clnt.c
Conflicts:
bugs/dggccbug.c
demos/tunala/cb.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:06 +00:00
Matt Caswell
c80fd6b215
Further comment changes for reformat (master)
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:19:59 +00:00
Rich Salz
6d23cf9744
RT3548: Remove unsupported platforms
...
This last one for this ticket. Removes WIN16.
So long, MS_CALLBACK and MS_FAR. We won't miss you.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-12 17:30:54 -05:00
Tim Hudson
1d97c84351
mark all block comments that need format preserving so that
...
indent will not alter them when reformatting comments
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-12-30 22:10:26 +00:00
Kurt Roeckx
45f55f6a5b
Remove SSLv2 support
...
The only support for SSLv2 left is receiving a SSLv2 compatible client hello.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-12-04 11:55:03 +01:00
Rich Salz
8cfe08b4ec
Remove all .cvsignore files
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-11-28 18:32:43 -05:00
Rich Salz
5f855569c4
RT2600: Change Win line-endings to Unix.
...
For consistency.
Reviewed-by: Bodo Moeller <bodo@openssl.org>
2014-09-08 16:40:24 -04:00
Jeffrey Walton
a520ae3628
RT3142: Extra initialization in state_machine
...
Remove extra initialization calls in the sample program.
Reviewed-by: Emilia Kasper <emilia@openssl.org>
2014-08-21 13:32:17 -04:00
Martin Olsson
89fb142b49
RT2847: Don't "check" uninitialized memory
...
Don't check err variable until after it's been set.
Reviewed-by: Emilia Kasper <emilia@openssl.org>
2014-08-19 12:47:02 -04:00
Jonas Maebe
94c0a987c7
engine_md_copy: check for NULL after allocating to_md->HashBuffer
...
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-17 18:56:44 +02:00
Rich Salz
f642ebc1e2
Undo a90081576c
...
Undo unapproved commit that removed DJGPP and WATT32
2014-08-09 08:02:20 -04:00
Rich Salz
a90081576c
Remove DJGPP (and therefore WATT32) #ifdef's.
...
DJGPP is no longer a supported platform. Remove all #ifdef, etc.,
cases that refer to it. DJGPP also #define'd WATT32, so that
is now removed as well.
2014-08-08 16:54:14 -04:00
Geoff Thorpe
ceea4bf047
Remove demos/tunala
...
This has been unmaintained for a long time. If it's still of interest
to anyone, it can be obtained easily enough by reverting this commit.
(It could join other demo code in some other repository, perhaps.) In
any case we don't want it taking up space in the baseline source
package, so <snip>.
Signed-off-by: Geoff Thorpe <geoff@openssl.org>
2014-07-22 15:16:30 -04:00
Tim Hudson
62352b8138
Remove old unused and unmaintained demonstration code.
...
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-07-22 05:26:17 +10:00
Dr. Stephen Henson
0f78819c8c
New ctrl to set current certificate.
...
New ctrl sets current certificate based on certain criteria. Currently
two options: set the first valid certificate as current and set the
next valid certificate as current. Using these an application can
iterate over all certificates in an SSL_CTX or SSL structure.
2014-02-02 22:58:19 +00:00
Dr. Stephen Henson
9f9ab1dc66
Demo of use of errors in applications.
2014-02-02 22:58:19 +00:00
Dr. Stephen Henson
cb2182676b
typo
2014-01-28 15:35:16 +00:00
Dr. Stephen Henson
717cc85895
Fix demo comment: 0.9.9 never released.
2014-01-28 15:15:26 +00:00
Dr. Stephen Henson
88c21c47a3
Update demo.
2013-12-18 13:28:44 +00:00
Dr. Stephen Henson
ea131a0644
Update demos/bio/README
2013-10-21 03:51:44 +01:00
Dr. Stephen Henson
f3efeaad54
Fix various typos.
2013-10-20 22:31:00 +01:00
Dr. Stephen Henson
d80b0eeee5
Modify sample accept.cnf
2013-10-20 22:21:52 +01:00
Dr. Stephen Henson
ebd14bfce9
Add demo for SSL server using SSL_CONF.
2013-10-20 22:21:52 +01:00
Veres Lajos
478b50cf67
misspellings fixes by https://github.com/vlajos/misspell_fixer
2013-09-05 21:39:42 +01:00
Dr. Stephen Henson
e24fd37cda
Typo.
...
(cherry picked from commit 1546fb780b
)
2013-03-18 14:00:39 +00:00
Dr. Stephen Henson
bcb157f07f
typo
2013-03-05 21:20:00 +00:00
Dr. Stephen Henson
e942c15451
Initial CCM code.
...
Simple example of CCM code use: translated from the FIPS self tests.
2013-03-05 18:30:53 +00:00
Dr. Stephen Henson
3646578ae7
Demo code for SSL_CONF API
...
Two example programs one for command line argument processing and
one for configuration file processing.
2013-02-26 16:33:05 +00:00
Dr. Stephen Henson
92821996de
oops, revert, committed in error
2012-12-14 23:29:58 +00:00
Dr. Stephen Henson
11e2957d5f
apps/ocsp.c
2012-12-14 23:28:19 +00:00
Dr. Stephen Henson
24f77b34d5
remove redundant code from demo
2012-11-18 14:47:25 +00:00
Dr. Stephen Henson
226afe4956
typo
2012-10-27 18:05:56 +00:00
Dr. Stephen Henson
07a4ff79d2
add simple AES GCM code example
2012-10-16 23:03:45 +00:00
Dr. Stephen Henson
61d24f102d
update README
2012-09-09 20:47:36 +00:00
Dr. Stephen Henson
79b184fb4b
Extend certificate creation examples to include CRL generation and sample
...
scripts running the test OCSP responder.
2012-09-09 20:43:49 +00:00
Dr. Stephen Henson
ef6b34bec2
make EC test certificates usable for ECDH
2012-08-31 11:15:44 +00:00
Dr. Stephen Henson
18d7158809
Add certificate callback. If set this is called whenever a certificate
...
is required by client or server. An application can decide which
certificate chain to present based on arbitrary criteria: for example
supported signature algorithms. Add very simple example to s_server.
This fixes many of the problems and restrictions of the existing client
certificate callback: for example you can now clear existing certificates
and specify the whole chain.
2012-06-29 14:24:42 +00:00
Dr. Stephen Henson
57559471bf
oops, revert unrelated changes
2012-02-09 15:43:58 +00:00
Dr. Stephen Henson
f4e1169341
Modify client hello version when renegotiating to enhance interop with
...
some servers.
2012-02-09 15:42:10 +00:00
Dr. Stephen Henson
ccd395cbcc
add example for DH certificate generation
2012-01-25 16:33:39 +00:00
Dr. Stephen Henson
1bfdb34f70
Add private keys and generation scripts for test certificates in apps
...
directory.
2011-12-14 22:14:47 +00:00
Dr. Stephen Henson
b6df360b9e
Simple automated certificate creation demo.
2011-06-01 18:36:49 +00:00
Dr. Stephen Henson
55f39a199d
fix comments
2010-01-21 01:17:17 +00:00
Dr. Stephen Henson
3ec5f38b47
Update demo
2010-01-20 14:06:21 +00:00
Dr. Stephen Henson
98c08a6312
Use SHA1 and not deprecated MD5 in demos.
2009-08-15 11:01:09 +00:00
Richard Levitte
cc8cc9a3a1
Functional VMS changes submitted by sms@antinode.info (Steven M. Schweda).
...
Thank you\!
(note: not tested for now, a few nightly builds should give indications though)
2009-05-15 16:36:56 +00:00
Dr. Stephen Henson
14023fe352
Merge from 1.0.0-stable branch.
2009-04-03 11:45:19 +00:00
Dr. Stephen Henson
2e5975285e
Update obsolete email address...
2008-11-05 18:39:08 +00:00
Lutz Jänicke
0f401ff08b
Add missing 'extern "C" {' to some _err.h files in crypto/engines/
...
PR: 1609
2008-04-18 07:43:26 +00:00
Dr. Stephen Henson
1728756255
Detached encrypt/decrypt example, fix decrypt sample.
2008-04-11 23:52:26 +00:00
Dr. Stephen Henson
f3eba36c4c
Fix comments.
2008-04-11 17:50:20 +00:00
Dr. Stephen Henson
47a6d388c7
CMS compressed data examples.
2008-04-11 17:33:29 +00:00
Dr. Stephen Henson
c02b6b6b21
Fix for compression and updated CMS_final().
2008-04-11 17:07:01 +00:00
Dr. Stephen Henson
3b28bc9910
PKCS#7 examples converted to CMS.
2008-04-11 16:52:45 +00:00
Geoff Thorpe
eb77ebe26c
Update tunala so it builds ok with OPENSSL_NO_DEPRECATED, and improve the
...
autoungunk.sh logic (autobits have grown since I last tried this...).
2008-03-28 01:56:08 +00:00
Dr. Stephen Henson
be3b365a34
Sample text files for S/MIME test programs.
2007-04-13 20:41:42 +00:00
Dr. Stephen Henson
b2b2dafc28
Add a bunch of S/MIME sample programs and data.
2007-04-13 20:40:47 +00:00
Nils Larsch
90076b96df
fix typos
...
PR: 1280
2006-02-15 19:42:22 +00:00
Bodo Möller
d56349a2aa
update TLS-ECC code
...
Submitted by: Douglas Stebila
2005-12-13 07:33:35 +00:00
Richard Levitte
37e27219f2
From branch OpenSSL_0_9_7-stable, 2002-11-13 15:30:
...
The loading functions should be static if we build a dynamic
engine.
2005-04-30 14:34:28 +00:00
Richard Levitte
4bb61becbb
Add emacs cache files to .cvsignore.
2005-04-11 14:17:07 +00:00
Richard Levitte
b94f886b22
Stupid casts...
2004-08-11 17:41:15 +00:00
Bodo Möller
968766cad8
updates for draft-ietf-tls-ecc-03.txt
...
Submitted by: Douglas Stebila
Reviewed by: Bodo Moeller
2003-07-22 12:34:21 +00:00
Richard Levitte
c14b337570
Typo.
...
PR: 593
2003-06-11 22:45:53 +00:00
Richard Levitte
0b13e9f055
Add the possibility to build without the ENGINE framework.
...
PR: 287
2003-01-30 17:39:26 +00:00
Geoff Thorpe
e5a08ce44d
Make 'tunala' link with zlib if possible (so it works if openssl was
...
configured with zlib support).
2002-12-11 19:07:03 +00:00
Richard Levitte
8d6e60486f
Fix to build better with DJGPP.
...
PR: 338
Here's the description, submitted by Gisle Vanem <giva@bgnett.no>:
1. sock_init() renamed to ssl_sock_init() in ./apps/s_socket.c due
to name-clash with Watt-32.
2. rand() renamed to Rand() in ./crypto/bn/divtest.c due to name-clash
with <stdlib.h>
3. Added calls to dbug_init()/sock_init() in some demo programs.
4. Changed cflags/lflags in configure. Watt-32 install root now taken
from $WATT_ROOT.
2002-11-14 11:22:01 +00:00
Ben Laurie
54a656ef08
Security fixes brought forward from 0.9.7.
2002-11-13 15:43:43 +00:00
Richard Levitte
c0d64de660
Make internal functions static.
2002-11-13 14:34:53 +00:00
Richard Levitte
c1ce8cf3b8
Name the flag files correctly.
2002-11-13 14:31:34 +00:00
Richard Levitte
bd1fb77245
There's a name clash between OpenSSL and RSAref. Since this engine handles
...
RSAref data, pretend we don't care for OpenSSL's MD2 and MD5 structures or
implementation.
Remove all kinds of silly warning
2002-10-24 17:02:27 +00:00
Dr. Stephen Henson
5aa3429c5d
Typo: v3 is represented by 2.
2002-10-21 00:10:10 +00:00
Richard Levitte
fa4bde98d2
Add a few more target platforms, to see how well the shared library
...
linking works on them.
2002-10-10 12:46:05 +00:00
Richard Levitte
27bad5ad3d
Don't fuss with the demo binaries
2002-10-09 13:57:55 +00:00
Bodo Möller
7cc6ec7af7
add URL for Internet Draft
2002-09-16 13:45:14 +00:00
Bodo Möller
c2bbf275b2
1. switch from "-newkey ecdsa:..." to "-newkey ec:..."
...
2. automatically create required sub-directories
Submitted by: Vipul Gupta <Vipul.Gupta@sun.com>
2002-09-10 07:36:52 +00:00