Commit graph

560 commits

Author SHA1 Message Date
Andy Polyakov
b13fdc4860 Explicitly cast INVALID_SOCKET to (int) to address warnings on Windows.
Even though SOCKET is effectively declared as (void *) on Windows, it's
not actually a pointer, but an index within per-process table of
kernel objects. The table size is actually limited and its upper limit
is far below upper limit for signed 32-bit integer. This is what makes
cast in question possible.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-10-05 09:22:54 +02:00
David Woodhouse
984d6c6052 Fix no-stdio build
Much related/similar work also done by
Ivan Nestlerode <ivan.nestlerode@sonos.com>

   +Replace FILE BIO's with dummy ops that fail.
   +Include <stdio.h> for sscanf() even with no-stdio (since the declaration
    is there). We rely on sscanf() to parse the OPENSSL_ia32cap environment
    variable, since it can be larger than a 'long'. And we don't rely on the
    availability of strtoull().
   +Remove OPENSSL_stderr(); not used.
   +Make OPENSSL_showfatal() do nothing (currently without stdio there's
    nothing we can do).
   +Remove file-based functionality from ssl/. The function
    prototypes were already gone, but not the functions themselves.
   +Remove unviable conf functionality via SYS_UEFI
   +Add fallback definition of BUFSIZ.
   +Remove functions taking FILE * from header files.
   +Add missing DECLARE_PEM_write_fp_const
   +Disable X509_LOOKUP_hash_dir(). X509_LOOKUP_file() was already compiled out,
    so remove its prototype.
   +Use OPENSSL_showfatal() in CRYPTO_destroy_dynlockid().
   +Eliminate SRP_VBASE_init() and supporting functions. Users will need to
    build the verifier manually instead.
   +Eliminate compiler warning for unused do_pk8pkey_fp().
   +Disable TEST_ENG_OPENSSL_PKEY.
   +Disable GOST engine as is uses [f]printf all over the place.
   +Eliminate compiler warning for unused send_fp_chars().

Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-09-29 21:59:19 -04:00
Matt Caswell
01b7851aa2 Add BIO_CTRL_DGRAM_SET_PEEK_MODE
Add the ability to peek at a message from the DTLS read BIO. This is needed
for the DTLSv1_listen rewrite.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-09-23 13:53:26 +01:00
David Woodhouse
ff03599a2f RT3479: Add UTF8 support to BIO_read_filename()
If we use BIO_new_file(), on Windows it'll jump through hoops to work
around their unusual charset/Unicode handling. it'll convert a UTF-8
filename to UCS-16LE and attempt to use _wfopen().

If you use BIO_read_filename(), it doesn't do this. Shouldn't it be
consistent?

It would certainly be nice if SSL_use_certificate_chain_file() worked.

Also made BIO_C_SET_FILENAME work (rsalz)

Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-09-21 17:30:54 -04:00
Rich Salz
64b25758ed remove 0 assignments.
After openssl_zalloc, cleanup more "set to 0/NULL" assignments.
Many are from github feedback.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-09-03 16:26:34 -04:00
Rich Salz
b51bce9420 Add and use OPENSSL_zalloc
There are many places (nearly 50) where we malloc and then memset.
Add an OPENSSL_zalloc routine to encapsulate that.
(Missed one conversion; thanks Richard)
Also fixes GH328

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-09-02 22:05:37 -04:00
Kurt Roeckx
7f098cb436 Check dgram_sctp_write() return value.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-06-28 18:21:06 +02:00
Kurt Roeckx
03a1c85062 Check BIO_dgram_sctp_wait_for_dry() return value for error
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-06-28 18:21:06 +02:00
Rich Salz
74924dcb38 More secure storage of key material.
Add secure heap for storage of private keys (when possible).
Add BIO_s_secmem(), CBIGNUM, etc.
Add BIO_CTX_secure_new so all BIGNUM's in the context are secure.
Contributed by Akamai Technologies under the Corporate CLA.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-06-23 17:09:35 -04:00
Matt Caswell
b8b12aadd8 Change BIO_number_read and BIO_number_written() to be 64 bit
The return type of BIO_number_read() and BIO_number_written() as well as
the corresponding num_read and num_write members in the BIO structure has
been changed from unsigned long to uint64_t. On platforms where an unsigned
long is 32 bits (e.g. Windows) these counters could overflow if >4Gb is
transferred.

With thanks to the Open Crypto Audit Project for reporting this issue.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-06-10 10:40:50 +01:00
Matt Caswell
aec54108ef Fix memory leaks in BIO_dup_chain()
This fixes a memory leak that can occur whilst duplicating a BIO chain if
the call to CRYPTO_dup_ex_data() fails. It also fixes a second memory leak
where if a failure occurs after successfully creating the first BIO in the
chain, then the beginning of the new chain was not freed.

With thanks to the Open Crypto Audit Project for reporting this issue.

Reviewed-by: Stephen Henson <steve@openssl.org>
2015-06-10 10:09:57 +01:00
Matt Caswell
133dce447b Fix compilation failure for some tool chains
Some tool chains (e.g. android) do not define IP_PMTUDISC_PROBE, and so
this build breaks.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-06-02 23:35:28 +01:00
Per Allansson
0baaff1a76 Fix IP_MTU_DISCOVER typo
The code in bss_dgram.c checks if IP_MTUDISCOVER is defined, where it
should test for IP_MTU_DISCOVER

RT#3888

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-06-02 12:57:31 +01:00
Matt Caswell
fc52ac9028 Handle unsigned struct timeval members
The members of struct timeval on OpenVMS are unsigned. The logic for
calculating timeouts needs adjusting to deal with this.

RT#3862

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-26 10:34:56 +01:00
Richard Levitte
0f539dc1a2 Fix the update target and remove duplicate file updates
We had updates of certain header files in both Makefile.org and the
Makefile in the directory the header file lived in.  This is error
prone and also sometimes generates slightly different results (usually
just a comment that differs) depending on which way the update was
done.

This removes the file update targets from the top level Makefile, adds
an update: target in all Makefiles and has it depend on the depend: or
local_depend: targets, whichever is appropriate, so we don't get a
double run through the whole file tree.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-22 18:44:33 +02:00
Richard Levitte
a3aadb2d9c make depend
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-14 17:38:31 +02:00
Richard Levitte
b39fc56061 Identify and move common internal libcrypto header files
There are header files in crypto/ that are used by a number of crypto/
submodules.  Move those to crypto/include/internal and adapt the
affected source code and Makefiles.

The header files that got moved are:

crypto/cryptolib.h
crypto/md32_common.h

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-14 17:21:40 +02:00
Rich Salz
75ebbd9aa4 Use p==NULL not !p (in if statements, mainly)
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-11 10:06:38 -04:00
Rich Salz
16f8d4ebf0 memset, memcpy, sizeof consistency fixes
Just as with the OPENSSL_malloc calls, consistently use sizeof(*ptr)
for memset and memcpy.  Remove needless casts for those functions.
For memset, replace alternative forms of zero with 0.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-05 22:18:59 -04:00
Rich Salz
b4faea50c3 Use safer sizeof variant in malloc
For a local variable:
        TYPE *p;
Allocations like this are "risky":
        p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption.  Instead do this:
        p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-04 15:00:13 -04:00
Dr. Stephen Henson
b6eb9827a6 Add OSSL_NELEM macro.
Add OSSL_NELEM macro to e_os.h to determine the number of elements in an
array.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-03 12:53:08 +01:00
Rich Salz
b548a1f11c free null cleanup finale
Don't check for NULL before calling OPENSSL_free

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-01 10:02:07 -04:00
Matt Caswell
9d9e37744c Clarify logic in BIO_*printf functions
The static function dynamically allocates an output buffer if the output
grows larger than the static buffer that is normally used. The original
logic implied that |currlen| could be greater than |maxlen| which is
incorrect (and if so would cause a buffer overrun). Also the original
logic would call OPENSSL_malloc to create a dynamic buffer equal to the
size of the static buffer, and then immediately call OPENSSL_realloc to
make it bigger, rather than just creating a buffer than was big enough in
the first place. Thanks to Kevin Wojtysiak (Int3 Solutions) and Paramjot
Oberoi (Int3 Solutions) for reporting this issue.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-04-30 23:12:39 +01:00
Rich Salz
2d29e2df0c realloc of NULL is like malloc
ANSI C, and OpenSSL's malloc wrapper do this, also.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-28 16:34:52 -04:00
Rich Salz
b196e7d936 remove malloc casts
Following ANSI C rules, remove the casts from calls to
OPENSSL_malloc and OPENSSL_realloc.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-28 15:28:14 -04:00
Viktor Dukhovni
61986d32f3 Code style: space after 'if'
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-16 13:44:59 -04:00
Richard Levitte
5098c029ce Remove SSL_TASK, the DECnet Based SSL Engine
This engine is for VMS only, and isn't really part of the core OpenSSL
but rather a side project of its own that just happens to have tagged
along for a long time.  The reasons why it has remained within the
OpenSSL source are long lost in history, and there not being any real
reason for it to remain here, it's time for it to move out.

This side project will appear as a project in its own right, the
location of which will be announced later on.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-03-31 21:59:43 +02:00
Richard Levitte
a80e33b991 Remove EXHEADER, TEST, APPS, links:, install: and uninstall: where relevant
With no more symlinks, there's no need for those variables, or the links
target.  This also goes for all install: and uninstall: targets that do
nothing but copy $(EXHEADER) files, since that's now taken care of by the
top Makefile.

Also, removed METHTEST from test/Makefile.  It looks like an old test that's
forgotten...

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-31 20:16:01 +02:00
Richard Levitte
dee502be89 Stop symlinking, move files to intended directory
Rather than making include/openssl/foo.h a symlink to
crypto/foo/foo.h, this change moves the file to include/openssl/foo.h
once and for all.

Likewise, move crypto/foo/footest.c to test/footest.c, instead of
symlinking it there.

Originally-by: Geoff Thorpe <geoff@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-31 20:16:01 +02:00
Rich Salz
ca3a82c3b3 free NULL cleanup
This commit handles BIO_ACCEPT_free BIO_CB_FREE BIO_CONNECT_free
BIO_free BIO_free_all BIO_vfree

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-25 11:31:18 -04:00
Matt Caswell
266483d2f5 RAND_bytes updates
Ensure RAND_bytes return value is checked correctly, and that we no longer
use RAND_pseudo_bytes.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-25 12:38:07 +00:00
Mike Frysinger
7c82e339a6 Fix malloc define typo
Fix compilation failure when SCTP is compiled due to incorrect define.

Reported-by: Conrad Kostecki <ck+gentoobugzilla@bl4ckb0x.de>
URL: https://bugs.gentoo.org/543828

RT#3758
Signed-off-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-03-24 11:33:39 +00:00
Matt Caswell
b7573c597c Remove dead code from crypto
Some miscellaneous removal of dead code from lib crypto.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-17 14:48:44 +00:00
Richard Godbee
460e920d8a BIO_debug_callback: Fix output on 64-bit machines
BIO_debug_callback() no longer assumes the hexadecimal representation of
a pointer fits in 8 characters.

Signed-off-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-10 12:32:39 +01:00
Matt Caswell
f3b9ce90bb make errors
Run make errors on master

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-06 14:06:17 +00:00
Matt Caswell
918bb86529 Unchecked malloc fixes
Miscellaneous unchecked malloc fixes. Also fixed some mem leaks on error
paths as I spotted them along the way.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-03-05 09:09:57 +00:00
Dr. Stephen Henson
e5bf3c923c size_t for buffer functions.
Change BUF_MEM_grow and BUF_MEM_grow_clean to return size_t.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-02-13 13:50:36 +00:00
Rich Salz
6f91b017bb Live code cleanup: remove #if 1 stuff
For code bracketed by "#if 1" then remove the alternate
"#else .. #endif" lines.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-02-06 10:54:20 -05:00
Rich Salz
5b18d3025c util/mkstack.pl now generates entire safestack.h
The mkstack.pl script now generates the entire safestack.h file.
It generates output that follows the coding style.
Also, removed all instances of the obsolete IMPLEMENT_STACK_OF
macro.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-02-06 10:47:53 -05:00
Rich Salz
4d428cd250 Dead code removal: #if 0 bio, comp, rand
The start of removing dead code.
A remaining #if 0 in bss_conn.c needs more thought.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-29 21:38:57 -05:00
Richard Levitte
c6ef15c494 clang on Linux x86_64 complains about unreachable code.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-01-29 01:54:09 +01:00
Rich Salz
68b00c2372 ifdef cleanup part 3: OPENSSL_SYSNAME
Rename OPENSSL_SYSNAME_xxx to OPENSSL_SYS_xxx
Remove MS_STATIC; it's a relic from platforms <32 bits.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-23 11:58:26 -05:00
Matt Caswell
d2a0d72f33 Fix post-reformat errors preventing windows compilation
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 14:09:37 +00:00
Matt Caswell
35a1cc90bc More comment realignment
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:10 +00:00
Matt Caswell
50e735f9e5 Re-align some comments after running the reformat script.
This should be a one off operation (subsequent invokation of the
script should not move them)

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:10 +00:00
Matt Caswell
739a5eee61 Rerun util/openssl-format-source -v -c .
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:10 +00:00
Matt Caswell
0f113f3ee4 Run util/openssl-format-source -v -c .
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:09 +00:00
Matt Caswell
68d39f3ce6 Move more comments that confuse indent
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:09 +00:00
Matt Caswell
dbd87ffc21 indent has problems with comments that are on the right hand side of a line.
Sometimes it fails to format them very well, and sometimes it corrupts them!
This commit moves some particularly problematic ones.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:08 +00:00
Matt Caswell
23a22b4cf7 More comments
Conflicts:
	crypto/dsa/dsa_vrf.c
	crypto/ec/ec2_smpl.c
	crypto/ec/ecp_smpl.c

Conflicts:
	demos/bio/saccept.c
	ssl/d1_clnt.c

Conflicts:
	bugs/dggccbug.c
	demos/tunala/cb.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:06 +00:00
Rich Salz
4b618848f9 Cleanup OPENSSL_NO_xxx, part 1
OPENSSL_NO_RIPEMD160, OPENSSL_NO_RIPEMD merged into OPENSSL_NO_RMD160
OPENSSL_NO_FP_API merged into OPENSSL_NO_STDIO
Two typo's on #endif comments fixed:
	OPENSSL_NO_ECB fixed to OPENSSL_NO_OCB
	OPENSSL_NO_HW_SureWare fixed to OPENSSL_NO_HW_SUREWARE

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-14 15:57:28 -05:00
Rich Salz
6d23cf9744 RT3548: Remove unsupported platforms
This last one for this ticket.  Removes WIN16.
So long, MS_CALLBACK and MS_FAR.  We won't miss you.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-12 17:30:54 -05:00
Martin Brejcha
41cd41c441 Fix memory leak.
Fix memory leak by freeing up saved_message.data if it is not NULL.

PR#3489
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-06 16:48:04 +00:00
Matt Caswell
3a83462dfe Further comment amendments to preserve formatting prior to source reformat
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-06 15:45:25 +00:00
Kurt Roeckx
97d5809c2b Add missing include of sys/time.h
gettimeofday was undefined

Reviewed-by: Geoff Thorpe <geoff@openssl.org>
2014-12-31 11:13:48 +01:00
Tim Hudson
1d97c84351 mark all block comments that need format preserving so that
indent will not alter them when reformatting comments

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-12-30 22:10:26 +00:00
Rich Salz
5ad4fdce41 RT3548: Remove unsupported platforms.
This commit removes MPE/iX

Reviewed-by: Andy Polyakov <appro@openssl.org>
2014-12-22 17:47:28 -05:00
Michael Tuexen
2521fcd852 Fix incorrect OPENSSL_assert() usage.
Return an error code for I/O errors instead of an assertion failure.

PR#3470
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-20 14:45:51 +00:00
Rich Salz
b317819b2e RT3548: Remove some obsolete platforms
This commit removes BEOS.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-12-17 17:24:51 -05:00
Dr. Stephen Henson
f072785eb4 Remove fipscanister build functionality from makefiles.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-08 13:23:45 +00:00
Matt Caswell
0d3ae34df5 There are a number of instances throughout the code where the constant 28 is
used with no explanation. Some of this was introduced as part of RT#1929. The
value 28 is the length of the IP header (20 bytes) plus the UDP header (8
bytes). However use of this constant is incorrect because there may be
instances where a different value is needed, e.g. an IPv4 header is 20 bytes
but an IPv6 header is 40. Similarly you may not be using UDP (e.g. SCTP).
This commit introduces a new BIO_CTRL that provides the value to be used for
this mtu "overhead". It will be used by subsequent commits.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-03 09:24:04 +00:00
Rich Salz
8cfe08b4ec Remove all .cvsignore files
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-11-28 18:32:43 -05:00
Jan Hykel
012aa9ec76 Don't use msg on error.
Don't attempt to access msg structure if recvmsg returns an error.

PR#3483
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-11-17 12:40:44 +00:00
l.montecchiani@gmail.com
ac53354b94 RT2193: #ifdef errors in bss_dgram.c
Problem with #ifdef in the BIO_CTRL_DGRAM_MTU_DISCOVER case that
is different from the BIO_CTRL_DGRAM_QUERY_MTU one which seems
correct.

Reviewed-by: Matt Caswell <matt@openssl.org>
2014-08-28 17:17:36 -04:00
Jonas Maebe
4e64f671c9 rtcp_new: return failure if allocation of bi->ptr failed
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-15 22:38:05 +02:00
Jonas Maebe
bd4acbc70e BIO_new_dgram_sctp, dgram_sctp_read: zero entire authchunks
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-15 22:37:28 +02:00
Rich Salz
f642ebc1e2 Undo a90081576c
Undo unapproved commit that removed DJGPP and WATT32
2014-08-09 08:02:20 -04:00
Rich Salz
a90081576c Remove DJGPP (and therefore WATT32) #ifdef's.
DJGPP is no longer a supported platform.  Remove all #ifdef, etc.,
cases that refer to it.  DJGPP also #define'd WATT32, so that
is now removed as well.
2014-08-08 16:54:14 -04:00
Matt Caswell
66816c53be Fix memory leak in BIO_free if there is no destroy function.
Based on an original patch by Neitrino Photonov <neitrinoph@gmail.com>

PR#3439
2014-07-09 23:29:17 +01:00
Kurt Roeckx
3b3ecce141 Set authkey to NULL and check malloc return value. 2014-05-12 00:20:08 +01:00
Martin Brejcha
00f3a236e0 dgram_sctp_ctrl: authkey memory leak
PR: 3327
2014-05-12 00:20:08 +01:00
Andy Polyakov
972b0dc350 bss_dgram.c,d1_lib.c: make it compile with mingw.
Submitted by: Roumen Petrov
2014-03-06 14:04:56 +01:00
Dr. Stephen Henson
a4cc3c8041 Avoid Windows 8 Getversion deprecated errors.
Windows 8 SDKs complain that GetVersion() is deprecated.

We only use GetVersion like this:

	(GetVersion() < 0x80000000)

which checks if the Windows version is NT based. Use a macro check_winnt()
which uses GetVersion() on older SDK versions and true otherwise.
2014-02-25 13:40:33 +00:00
Rob Stradling
b263f21246 Move the SCT List extension parser into libssl.
Add the extension parser in the s_client, ocsp and x509 apps.
2014-02-19 13:12:46 +00:00
Robin Seggelmann
b814081136 DTLS/SCTP struct authchunks Bug
PR: 2809

DTLS/SCTP requires DATA and FORWARD-TSN chunks to be protected with
SCTP-AUTH.  It is checked if this has been activated successfully for
the local and remote peer. Due to a bug, however, the
gauth_number_of_chunks field of the authchunks struct is missing on
FreeBSD, and was therefore not considered in the OpenSSL implementation.
This patch sets the corresponding pointer for the check correctly
whether or not this bug is present.
(cherry picked from commit f596e3c491)
2013-11-01 21:41:52 +00:00
Ben Laurie
c45a48c186 Constification. 2013-10-07 12:45:26 +01:00
Andy Polyakov
a006fef78e Improve WINCE support.
Submitted by: Pierre Delaage
2013-01-19 21:23:13 +01:00
Andy Polyakov
f469880c61 d1_lib.c,bss_dgram.c: eliminate dependency on _ftime. 2012-12-16 19:02:59 +00:00
Andy Polyakov
5833e4f5d6 bss_dgram.c: fix compilation failure and warning on Windows with
contemporary SDK.
2012-08-14 09:53:24 +00:00
Andy Polyakov
ae432028d1 bss_dgram.c: fix typos in Windows code. 2012-07-01 09:11:47 +00:00
Andy Polyakov
447e1319b1 bss_dgram.c: add BIO_CTRL_DGRAM_SET_DONT_FRAG.
PR: 2830
Submitted by: Robin Seggelmann
2012-06-11 14:56:25 +00:00
Andy Polyakov
e77ec2ba6f bss_dgram.c: make getsockopt work in cases when optlen is 64-bit value. 2012-06-11 14:27:56 +00:00
Andy Polyakov
80c42f3e0c b_sock.c: make getsockopt work in cases when optlen is 64-bit value. 2012-06-11 08:52:11 +00:00
Ben Laurie
03c1d9f99d Build on FreeBSD with gcc 4.6. 2012-05-30 09:34:44 +00:00
Andy Polyakov
4a1fbd13ee OPENSSL_NO_SOCK fixes.
PR: 2791
Submitted by: Ben Noordhuis
2012-04-16 17:42:36 +00:00
Andy Polyakov
9eba5614fe Minor compatibility fixes.
PR: 2790
Submitted by: Alexei Khlebnikov
2012-04-16 17:35:30 +00:00
Dr. Stephen Henson
62b6948a27 PR: 2755
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Reduce MTU after failed transmissions.
2012-03-06 13:47:43 +00:00
Dr. Stephen Henson
a36fb72584 PR: 2730
Submitted by: Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se>

VMS fixes: disable SCTP by default.
2012-02-25 17:59:40 +00:00
Dr. Stephen Henson
ffdfce8d14 fix error code 2011-12-27 14:40:21 +00:00
Dr. Stephen Henson
7e159e0133 PR: 2535
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Add SCTP support for DTLS (RFC 6083).
2011-12-25 14:45:15 +00:00
Bodo Möller
390c579568 Fix BIO_f_buffer().
Submitted by: Adam Langley
Reviewed by: Bodo Moeller
2011-12-02 12:25:03 +00:00
Dr. Stephen Henson
74e056edbc PR: 2340
Submitted by: "Mauro H. Leggieri" <mxmauro@caiman.com.ar>
Reviewed by: steve

Stop warnings if OPENSSL_NO_DGRAM is defined.
2011-09-01 15:01:35 +00:00
Dr. Stephen Henson
dafce90ae5 PR: 2559
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS socket error bug
2011-07-20 15:22:11 +00:00
Dr. Stephen Henson
44ddb27fa6 PR: 2512
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix BIO_accept so it can be bound to IPv4 or IPv6 sockets consistently.
2011-05-25 12:37:07 +00:00
Richard Levitte
537c982306 After some adjustments, apply the changes OpenSSL 1.0.0d on OpenVMS
submitted by Steven M. Schweda <sms@antinode.info>
2011-03-19 10:58:14 +00:00
Dr. Stephen Henson
df6de39fe7 Change AR to ARX to allow exclusion of fips object modules 2011-01-26 16:08:08 +00:00
Dr. Stephen Henson
88ea810e25 PR: 2413
Submitted by: Michael Bergandi <mbergandi@gmail.com>
Reviewed by: steve

Fix typo in crypto/bio/bss_dgram.c
2011-01-03 01:07:35 +00:00
Andy Polyakov
05e4fbf801 bss_file.c: refine UTF8 logic.
PR: 2382
2010-12-11 14:53:14 +00:00
Dr. Stephen Henson
eb1c48be6f Add new type ossl_ssize_t instead of ssize_t and move definitions to
e_os2.h, this should fix WIN32 compilation issues and hopefully avoid
conflicts with other headers which may workaround ssize_t in different ways.
2010-07-26 18:15:59 +00:00
Ben Laurie
c8bbd98a2b Fix warnings. 2010-06-12 14:13:23 +00:00
Dr. Stephen Henson
eadfa019b3 fix PR#2261 in a different way 2010-05-31 13:18:21 +00:00
Andy Polyakov
bb92e2c89b bss_file.c: refine UTF-8 logic on Windows. 2010-04-28 20:02:28 +00:00
Andy Polyakov
d183244b43 bss_file.c: reserve for option to encode file name with UTF-8. 2010-04-21 20:38:21 +00:00
Dr. Stephen Henson
3ac75e21a1 PR: 1763
Remove useless num = 0 assignment.

Remove redundant cases on sock_ctrl(): default case handles them.
2010-03-27 23:28:09 +00:00
Andy Polyakov
3dd303129f bss_file.c: fix MSC 6.0 warning. 2010-03-22 22:38:56 +00:00
Andy Polyakov
f2fccce4bd Fix UPLINK typo. 2010-03-15 22:25:57 +00:00
Andy Polyakov
25d1d62275 http://cvs.openssl.org/chngview?cn=19053 made me wonder if bind() and
connect() are as finicky as sendto() when it comes to socket address
length. As it turned out they are, therefore the fix. Note that you
can't reproduce the problem on Linux, it was failing on Solaris,
FreeBSD, most likely on more...
2010-01-07 13:12:30 +00:00
Andy Polyakov
9b5ca55695 sendto is reportedly picky about destination socket address length.
PR: 2114
Submitted by: Robin Seggelmann
2010-01-07 10:42:39 +00:00
Andy Polyakov
cba9ffc32a Fix compilation on older Linux. Linux didn't always have sockaddr_storage,
not to mention that first sockaddr_storage had __ss_family, not ss_family.
In other words it makes more sense to avoid sockaddr_storage...
2010-01-06 21:22:56 +00:00
Andy Polyakov
2f4c1dc86c b_sock.c: correct indirect calls on WinSock platforms.
PR: 2130
Submitted by: Eugeny Gostyukhin
2009-12-30 12:55:23 +00:00
Andy Polyakov
b6bf9e2ea7 bss_dgram.c: re-fix BIO_CTRL_DGRAM_GET_PEER.
PR: 2110
2009-11-26 20:52:08 +00:00
Andy Polyakov
b7cec490fa bss_dgram.c: more elegant solution to PR#2069. Use socklen_t heuristic
from b_sock.c, don't assume that caller always passes pointer to buffer
large enough to hold sockaddr_storage.
PR: 2069
2009-11-15 17:03:33 +00:00
Andy Polyakov
2335e8a9cc b_sock.c: fix compiler warning. 2009-11-15 16:52:11 +00:00
Dr. Stephen Henson
636b6b450d PR: 2069
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org

IPv6 support for DTLS.
2009-10-15 17:41:31 +00:00
Andy Polyakov
b34d449c42 Combat gcc 4.4.1 aliasing rules. 2009-10-06 07:17:57 +00:00
Dr. Stephen Henson
c21869fb07 Prevent ignored return value warning 2009-10-04 14:04:27 +00:00
Dr. Stephen Henson
7c75f462e8 PR: 2050
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org

Fix handling of ENOTCONN and EMSGSIZE for dgram BIOs.
2009-09-22 11:34:45 +00:00
Dr. Stephen Henson
d636aa7109 PR: 2047
Submitted by: David Lee <live4thee@gmail.com>, steve@openssl.org
Approved by: steve@openssl.org

Fix for IPv6 handling in BIO_get_accept_socket().
2009-09-20 16:41:27 +00:00
Dr. Stephen Henson
07a9d1a2c2 PR: 2028
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Fix DTLS cookie management bugs.
2009-09-04 17:42:53 +00:00
Dr. Stephen Henson
a6dab873d9 PR: 2005
Submitted by: steve@openssl.org

Some systems have broken IPv6 headers and/or implementations. If
OPENSSL_USE_IPV6 is set to 0 IPv6 is not used, if it is set to 1 it is used
and if undefined an attempt is made to detect at compile time by checking
if AF_INET6 is set and excluding known problem platforms.
2009-08-26 15:15:15 +00:00
Dr. Stephen Henson
6aa220c935 PR: 1990
Update from 0.9.8-stable
2009-07-24 13:07:30 +00:00
Dr. Stephen Henson
83019f7e12 Update from 0.9.8-stable. 2009-07-24 11:25:13 +00:00
Dr. Stephen Henson
4aa902ebaf Stop warnings in gcc where "a" is const passed as a non-const argument. 2009-06-25 17:10:44 +00:00
Dr. Stephen Henson
e30dd20c0e Update from 1.0.0-stable 2009-06-25 11:29:30 +00:00
Dr. Stephen Henson
58f41a926a Updates from 1.0.0-stable 2009-06-05 14:59:26 +00:00
Dr. Stephen Henson
81d06ef2fd Update from 1.0.0-stable. 2009-06-05 11:52:23 +00:00
Dr. Stephen Henson
4243a7f796 Update from 1.0.0-stable. 2009-05-18 16:12:24 +00:00
Dr. Stephen Henson
046f210112 Update from 1.0.0-stable. 2009-05-17 16:04:58 +00:00
Dr. Stephen Henson
9289f21b7d Update from 1.0.0 stable branch. 2009-05-16 11:15:42 +00:00
Dr. Stephen Henson
d3d4f9f5e9 PR: 1929
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS MTU bug.
2009-05-15 23:06:41 +00:00
Dr. Stephen Henson
eb38b26dbc Update from 1.0.0-stable. 2009-05-15 22:58:40 +00:00
Dr. Stephen Henson
eed15a831c Fix from 1.0.0-stable. 2009-05-06 10:28:37 +00:00
Richard Levitte
5d6a017931 Move the time fetching code to its own static function, and thereby
make sure that BOTH instances of said code get the VMS modification.
2009-05-05 08:45:33 +00:00
Richard Levitte
3c3f98dc93 Reimplement time check for VMS to mimic the way it's done on Windows.
Reason: gettimeofday() is deprecated.
2009-04-28 12:50:32 +00:00
Dr. Stephen Henson
d4f0339c66 Update from 1.0.0-stable. 2009-04-26 22:18:22 +00:00
Andy Polyakov
f81e86d791 Improve readability of bio/b_sock.c 2009-04-26 18:06:14 +00:00
Richard Levitte
93caba129b Include sys/time.h to declare gettimeofday(). 2009-04-26 11:23:15 +00:00
Dr. Stephen Henson
e5fa864f62 Updates from 1.0.0-stable. 2009-04-15 15:27:03 +00:00
Dr. Stephen Henson
06ddf8eb08 Updates from 1.0.0-stable 2009-04-04 19:54:06 +00:00
Dr. Stephen Henson
c836f8ef73 Update from stable branch. 2009-03-09 12:30:10 +00:00
Dr. Stephen Henson
77202a85a0 Update from stable branch. 2009-03-07 17:00:23 +00:00
Richard Levitte
44390fadc0 In BIO_write(), update the write statistics, not the read statistics.
PR: 1803
2008-12-25 22:24:17 +00:00
Andy Polyakov
e527201f6b This _WIN32-specific patch makes it possible to "wrap" OpenSSL in another
.DLL, in particular static build. The issue has been discussed in RT#1230
and later on openssl-dev, and mutually exclusive approaches were suggested.
This completes compromise solution suggested in RT#1230.
PR: 1230
2008-12-22 13:54:12 +00:00
Geoff Thorpe
6343829a39 Revert the size_t modifications from HEAD that had led to more
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
2008-11-12 03:58:08 +00:00
Dr. Stephen Henson
70d71f6185 Fix warnings: printf format mismatches on 64 bit platforms.
Change assert to OPENSSL_assert().
Fix e_padlock prototype.
2008-11-02 15:41:30 +00:00
Andy Polyakov
befe1fbc29 Fix bss_log.c on Windows. 2008-11-01 21:09:54 +00:00
Ben Laurie
4d6e1e4f29 size_tification. 2008-11-01 14:37:00 +00:00
Andy Polyakov
d7235a9d68 Fix yesterday typos in bss_dgram.c. 2008-09-15 05:43:04 +00:00
Andy Polyakov
b9790c1cd4 Winsock handles SO_RCVTIMEO in unique manner...
PR: 1648
2008-09-14 19:22:52 +00:00
Geoff Thorpe
1e26a8baed Fix a variety of warnings generated by some elevated compiler-fascism,
OPENSSL_NO_DEPRECATED, etc. Steve, please double-check the CMS stuff...
2008-03-16 21:05:46 +00:00