Roumen Petrov
3eabad02d6
remove duplicates in util/libeay.num
...
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
RT: #4195 , MR: #1521
2015-12-23 20:40:54 +01:00
Kurt Roeckx
1c9ed1d8a7
Remove SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER and SSL_OP_TLS_D5_BUG support.
...
Suggested by David Benjamin
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Viktor Dukhovni <openssl-users@dukhovni.org>
MR: #1520
2015-12-23 20:40:54 +01:00
Kurt Roeckx
933d108516
Avoid using a dangling pointer when removing the last item
...
When it's the last item that is removed int_thread_hash == hash and we would
still call int_thread_release(&hash) while hash is already freed. So
int_thread_release would compare that dangling pointer to NULL which is
undefined behaviour. Instead do already what int_thread_release() would do,
and make the call do nothing instead.
Reviewed-by: Rich Salz <rsalz@openssl.org>
RT: #4155 , MR: #1519
2015-12-23 20:36:32 +01:00
Todd Short
c849c6d9d3
Memory leak in state machine in error path
...
When EC is disabled, and an error occurs in ssl_generate_master_secret()
or RAND_bytes(), the error path does not free rsa_decrypt.
RT#4197
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-23 13:33:28 +00:00
Richard Levitte
87a595e554
Refactor DTLS cookie generation and verification
...
DTLS cookie generation and verification were exact copies of each
other save the last few lines. This refactors them to avoid code
copying.
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-23 12:44:55 +01:00
Matt Caswell
7ab09630cd
Fix inline build failure
...
After the recent change to use ossl_inline, builds were failing on some
platforms due to a missing usage of "inline".
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-23 09:45:02 +00:00
Dr. Stephen Henson
80e0ecbf58
Add ossl_inline
...
Add macro ossl_inline for use in public headers where a portable inline
is required. Change existing inline to use ossl_inline
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-12-22 23:03:56 +00:00
Dr. Stephen Henson
02a60ae28f
add -unref option to mkerr.pl
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-22 19:20:11 +00:00
Dr. Stephen Henson
0f6a2a97a5
In mkerr.pl look in directories under ssl/
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-22 16:52:27 +00:00
Dr. Stephen Henson
e091c83e72
remove unused error code
...
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-22 16:16:35 +00:00
Dr. Stephen Henson
5378186199
make update
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-22 15:16:56 +00:00
Dr. Stephen Henson
a470fdab6d
unload modules in ssltest
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-22 15:14:14 +00:00
Dr. Stephen Henson
a2074b9287
make errors
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-22 15:14:14 +00:00
Dr. Stephen Henson
913592d2c5
SSL configuration module docs
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-22 15:14:14 +00:00
Dr. Stephen Henson
43d956fa65
Demo server using SSL_CTX_config
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-22 15:14:14 +00:00
Dr. Stephen Henson
287d0b948d
Add ssl configuration support to s_server and s_client
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-22 15:14:14 +00:00
Dr. Stephen Henson
f33bad3321
Load module in SSL_library_init
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-22 15:14:14 +00:00
Dr. Stephen Henson
540912cd4b
Add ssl_mcnf.c to Makefile
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-22 15:14:14 +00:00
Dr. Stephen Henson
59b1696c0c
SSL library configuration module.
...
This adds support for SSL/TLS configuration using configuration modules.
Sets of command value pairs are store and can be replayed through an
SSL_CTX or SSL structure using SSL_CTX_config or SSL_config.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-22 15:14:14 +00:00
Rich Salz
4fae386cb0
Cleanup CRYPTO_{push,pop}_info
...
Rename to OPENSSL_mem_debug_{push,pop}.
Remove simple calls; keep only calls used in recursive functions.
Ensure we always push, to simplify so that we can always pop
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-22 09:11:07 -05:00
Rich Salz
c99de0533d
Rename *_realloc_clean to *_clear_realloc
...
Just like *_clear_free routines. Previously undocumented, used
a half-dozen times within OpenSSL source.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-22 07:32:51 -05:00
Kurt Roeckx
f5d97098a4
Also change the non-debug versions to use size_t
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
MR: #1518
2015-12-22 12:55:11 +01:00
David Benjamin
679d87515d
Fix memory leak in DSA redo case.
...
Found by clang scan-build.
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Richard Levitte <levitte@openssl.org>
RT: #4184 , MR: #1496
2015-12-22 11:05:51 +01:00
Andy Polyakov
91cf7551a1
Configure: refine 'reconf' logic.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-22 10:32:08 +01:00
Andy Polyakov
b859d70d4a
bn/asm/bn-c64xplus.asm: update commentary.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-22 10:30:03 +01:00
Andy Polyakov
cfe670732b
sha/asm/sha256-armv4.pl: one of "universal" flags combination didn't compile.
...
(and unify table address calculation in ARMv8 code path).
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-12-21 13:41:47 +01:00
Matt Caswell
79caf5d323
Fix URLs mangled by reformat
...
Some URLs in the source code ended up getting mangled by indent. This fixes
it. Based on a patch supplied by Arnaud Lacombe <al@aerilon.ca>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-19 20:33:00 +00:00
Richard Levitte
7a64489f9e
Fix the etags action line, as etags doesn't take -R
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-19 18:03:40 +01:00
Dr. Stephen Henson
bc71f91064
Remove fixed DH ciphersuites.
...
Remove all fixed DH ciphersuites and associated logic.
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-19 16:14:51 +00:00
Dr. Stephen Henson
74a62e9629
delete unused context
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-19 15:04:17 +00:00
Rich Salz
7795475f53
Remove some L<asdf|asdf> which crept back in.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-12-18 14:55:37 -05:00
Rich Salz
f4d654d2f2
Remove err and prime demo's
...
ERR is not really a public facility; remove the demo.
prime shows how to generate a prime. See apps.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-12-18 14:54:12 -05:00
Richard Levitte
31384753c7
Remove the "eay" c-file-style indicators
...
Since we don't use the eay style any more, there's no point tryint to
tell emacs to use it.
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-18 13:08:40 +01:00
Matt Caswell
0d3587c7fc
Add SSL_CIPHER_description() for Chacha20/Poly1305
...
SSL_CIPHER_description() was returning "unknown" for the encryption
in the new ChaCha20/Poly1305 TLS ciphersuites.
RT#4183
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-17 13:45:23 +00:00
Richard Levitte
ff8428561a
Modify the lower level memory allocation routines to take size_t
...
We've been using int for the size for a long time, it's about time...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-17 08:24:26 +01:00
Rich Salz
33eaf4c27e
mem-cleanup, cont'd.
...
Remove LEVITTE_DEBUG_MEM.
Remove {OPENSSL,CRYPTO}_remalloc.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2015-12-16 22:23:57 -05:00
Rich Salz
3b089ca21b
Rename sec_mem to mem_sec, like other files.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-12-16 22:09:39 -05:00
Rich Salz
2503af2684
Fix typo.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-12-16 17:58:32 -05:00
Rich Salz
2e31ef0366
Provide better "make depend" warning.
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-16 17:43:41 -05:00
Ben Laurie
a7a14a23a9
Fix no-dgram.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-12-16 21:31:56 +00:00
Rich Salz
7644a9aef8
Rename some BUF_xxx to OPENSSL_xxx
...
Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
Add #define's for the old names.
Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-12-16 16:14:49 -05:00
Dr. Stephen Henson
e4cf866322
fix for no-ec
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-16 15:22:33 +00:00
Dr. Stephen Henson
91b0d2c114
make update
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-16 14:17:53 +00:00
Dr. Stephen Henson
61dd9f7a22
Use EVP_PKEY for client side EC.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-16 14:17:53 +00:00
Dr. Stephen Henson
880d9d8609
Use EVP_PKEY for server EC.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-16 14:17:53 +00:00
Dr. Stephen Henson
3f3504bdaf
Add ECDH/DH utility functions.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-16 14:17:53 +00:00
Dr. Stephen Henson
44d4f8f2d7
remove unnecessary key copy
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-16 14:17:53 +00:00
Dr. Stephen Henson
2c61a5ecca
Constify EC_KEY in ECDH_compute_key.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-16 14:17:53 +00:00
Dr. Stephen Henson
c66ce5eb23
Remove ECDH client auth code.
...
Remove incomplete non-functional ECDH client authentication code.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-16 14:17:53 +00:00
Dr. Stephen Henson
57be4444c6
Remove SSL_OP_SINGLE_ECDH_USE code.
...
Since auto ecdh is now always used SSL_OP_SINGLE_ECDH_USE is
redundant. Simplify associated code.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-16 14:17:53 +00:00