openssl

Author	SHA1	Message	Date
Pauli	9be34ee5c8	Null pointer used. Address coverity report of null pointer being dereferenced. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4381)	2017-09-18 06:52:13 +10:00
Rich Salz	d3c3dfc577	Add checks for alloc failing. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4341)	2017-09-06 09:52:16 -04:00
Rob Percival	986dbbbeff	Prevent double-free of CTLOG public key Previously, if ct_v1_log_id_from_pkey failed, public_key would be freed by CTLOG_free at the end of the function, and then again by the caller (who would assume ownership was not transferred when CTLOG_new returned NULL). Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>	2016-08-23 20:17:14 +01:00
Rob Percival	1ccbe6b32c	Removes CTLOG_new_null from the CT public API This is an entirely useless function, given that CTLOG is publicly immutable. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1406)	2016-08-05 18:49:58 -04:00
FdaSilvaYY	4aed8756d8	Improve some error management code in CT Separate invalid input case from any internal (malloc) failure Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>	2016-07-05 17:45:58 +01:00
FdaSilvaYY	e57036f2bf	Fix some memory error handling in CT Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>	2016-07-05 17:45:58 +01:00
FdaSilvaYY	68efafc513	Add checks on sk_TYPE_push() returned value Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>	2016-07-05 17:45:50 +01:00
Rich Salz	d2e9e32018	Copyright consolidation 07/10 Reviewed-by: Richard Levitte <levitte@openssl.org>	2016-05-17 14:51:26 -04:00
Rob Percival	12d2d28185	Makes CTLOG_STORE_get0_log_by_id return const CTLOG* Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-09 11:34:48 -05:00
Rob Percival	70073f3e3a	Treat boolean functions as booleans Use "!x" instead of "x <= 0", as these functions never return a negative value. Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-09 11:34:48 -05:00
Rob Percival	8c92c4eac0	Make parameters of CTLOG_get* const Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-09 11:34:48 -05:00
Rob Percival	2508c047eb	Handle empty log name in "enable_logs" line of the CT log file e.g. "enabled_logs = foo,,bar" Reviewed-by: Ben Laurie <ben@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-04 10:50:10 -05:00
Rob Percival	0c6ea56568	Handle missing "enabled_logs" line in CT log file Reviewed-by: Ben Laurie <ben@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-04 10:50:10 -05:00
Rob Percival	a930afb698	If a CT log entry in CTLOG_FILE is invalid, skip it and continue loading Previously, the remaining CT log entries would not be loaded. Also, CTLOG_STORE_load_file would return 1 even if a log entry was invalid, resulting in no errors being shown. Reviewed-by: Ben Laurie <ben@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-04 10:50:10 -05:00
Rob Percival	0dfd6cf901	Addresses review comments from richsalz Reviewed-by: Ben Laurie <ben@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-01 11:59:28 -05:00
Rob Percival	8c6afbc55c	Verify SCT signatures Tests included in future commit, which adds CT policy validation. Reviewed-by: Ben Laurie <ben@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-01 11:59:28 -05:00

16 commits