Age | Commit message (Collapse) | Author |
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Implement range-checking in all counts in apps. Turns out only a couple
of cases were missing. And make the range-checking code more strict.
Replace almost all opt_ulong() calls with opt_long()
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Make LHASH_OF use static inline functions.
Add new lh_get_down_load and lh_set_down_load functions and their
typesafe inline equivalents.
Make lh_error a function instead of a macro.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Commit 189ae368d91 (RT ticket 3352) provided the capability to output
session key data in NSS format. The big apps cleanup broke that capability.
This commit restores it.
RT#4201
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
|
|
Also always abort() on leak failure.
Reviewed-by: Stephen Henson <steve@openssl.org>
|
|
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
|
|
Make some local variables and a table of them be static.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Only two macros CRYPTO_MDEBUG and CRYPTO_MDEBUG_ABORT to control this.
If CRYPTO_MDEBUG is not set, #ifdef out the whole debug machinery.
(Thanks to Jakob Bohm for the suggestion!)
Make the "change wrapper functions" be the only paradigm.
Wrote documentation!
Format the 'set func' functions so their paramlists are legible.
Format some multi-line comments.
Remove ability to get/set the "memory debug" functions at runtme.
Remove MemCheck_* and CRYPTO_malloc_debug_init macros.
Add CRYPTO_mem_debug(int flag) function.
Add test/memleaktest.
Rename CRYPTO_malloc_init to OPENSSL_malloc_init; remove needless calls.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
|
|
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Stephen Henson <steve@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
DTLS cookie generation and verification were exact copies of each
other save the last few lines. This refactors them to avoid code
copying.
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
Add #define's for the old names.
Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
s_server was trying to set the ECDH curve when no-ec was defined. This also
highlighted the fact that the -no_ecdhe option to s_server is broken, and
doesn't make any sense any more (ECDHE is on by default and the only way it
can be disabled is through the cipherstring). Therefore this commit removes
the option.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
|
|
Reviewed-by: Rich Saltz <rsalz@openssl.org>
|
|
When processing a public key input via "-pubin", "private" was
sometimes erroneously set, or else not set and incorrectly asserted.
Reviewed-by: Rich salz <rsalz@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Remove redundant ecdh.h header and any references to it.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
This change required some special treatment, as HMAC is intertwined
with EVP_MD. For now, all local HMAC_CTX variables MUST be
initialised with HMAC_CTX_EMPTY, or whatever happens to be on the
stack will be mistaken for actual pointers to EVP_MD_CTX. This will
change as soon as HMAC_CTX becomes opaque.
Also, since HMAC_CTX_init() can fail now, its return type changes from
void to int, and it will return 0 on failure, 1 on success.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
MR: #364
|
|
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@akamai.com>
GH: #481
|
|
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@akamai.com>
GH: #458
|
|
In theory the pthreads approach for Thread Local Storage should be more
portable.
This also changes some APIs in order to accommodate this change. In
particular ASYNC_init_pool is renamed ASYNC_init_thread and
ASYNC_free_pool is renamed ASYNC_cleanup_thread. Also introduced ASYNC_init
and ASYNC_cleanup.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
s_server already had the ability to wait on an async file descriptor. This
adds it to s_client too.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
0 is a valid file descriptor so SSL_get_async_wait_fd should instead return
-1 on error.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
s_client was not freeing up the async pool if async mode was enabled.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
If an async event occurs during a renegotiation in SSL_read then s_server
was looping around, detecting we were in init and calling
init_ssl_connection instead of re-calling SSL_read.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Implement the ASYNC_JOB as a local thread pool. Remove the API support
for global pools.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|