| Age | Commit message (Collapse) | Author |
|---|
|
The SRP_create_verifier_BN function goes to the |err| label if the |salt|
value passed to it is NULL. It is then deref'd.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
There were some memory leaks in the creation of an SRP verifier (both on
successful completion and also on some error paths).
Reviewed-by: Emilia Käsper <emilia@openssl.org>
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
We had updates of certain header files in both Makefile.org and the
Makefile in the directory the header file lived in. This is error
prone and also sometimes generates slightly different results (usually
just a comment that differs) depending on which way the update was
done.
This removes the file update targets from the top level Makefile, adds
an update: target in all Makefiles and has it depend on the depend: or
local_depend: targets, whichever is appropriate, so we don't get a
double run through the whole file tree.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
There are header files in crypto/ that are used by a number of crypto/
submodules. Move those to crypto/include/internal and adapt the
affected source code and Makefiles.
The header files that got moved are:
crypto/cryptolib.h
crypto/md32_common.h
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
For a local variable:
TYPE *p;
Allocations like this are "risky":
p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption. Instead do this:
p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
This gets BN_.*free:
BN_BLINDING_free BN_CTX_free BN_FLG_FREE BN_GENCB_free
BN_MONT_CTX_free BN_RECP_CTX_free BN_clear_free BN_free BUF_MEM_free
Also fix a call to DSA_SIG_free to ccgost engine and remove some #ifdef'd
dead code in engines/e_ubsec.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Don't check for NULL before calling free function. This gets:
NAME_CONSTRAINTS_free GENERAL_SUBTREE_free ECDSA_METHOD_free
JPAKE_CTX_free OCSP_REQ_CTX_free SCT_free SRP_VBASE_free
SRP_gN_free SRP_user_pwd_free TXT_DB_free
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Following ANSI C rules, remove the casts from calls to
OPENSSL_malloc and OPENSSL_realloc.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
With no more symlinks, there's no need for those variables, or the links
target. This also goes for all install: and uninstall: targets that do
nothing but copy $(EXHEADER) files, since that's now taken care of by the
top Makefile.
Also, removed METHTEST from test/Makefile. It looks like an old test that's
forgotten...
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Rather than making include/openssl/foo.h a symlink to
crypto/foo/foo.h, this change moves the file to include/openssl/foo.h
once and for all.
Likewise, move crypto/foo/footest.c to test/footest.c, instead of
symlinking it there.
Originally-by: Geoff Thorpe <geoff@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
This commit handles BIO_ACCEPT_free BIO_CB_FREE BIO_CONNECT_free
BIO_free BIO_free_all BIO_vfree
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
Ensure RAND_bytes return value is checked correctly, and that we no longer
use RAND_pseudo_bytes.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
And an uncompiled C++ test file.
Also remove srp_lcl.h, with help from Richard.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
These correspond to targets of the same name in test/Makefile that clash when
using the single-makefile build method using GitConfigure and GitMake.
Change-Id: If7e900c75f4341b446608b6916a3d76f202026ea
Signed-off-by: Mike Bland <mbland@acm.org>
Signed-off-by: Geoff Thorpe <geoff@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Invalid parameters passed to the SRP code can be overrun an internal
buffer. Add sanity check that g, A, B < N to SRP code.
Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC
Group for reporting this issue.
|
|
|
|
|
|
PR: 3165
Submitted by: Daniel Richard G.
|
|
|
|
|
|
Submitted by: Bruce Stephens <bruce.stephens@isode.com>
Use same construct for EXHEADER in srp/Makefile as other makefiles to cope
with possibly empty EXHEADER.
|
|
|
|
functions such as rand() ).
|
|
|
