| Age | Commit message (Collapse) | Author |
|---|
|
- in EVP_read_pw_string_min(), the return value from UI_add_* wasn't
properly checked
- in UI_process(), |state| was never made NULL, which means an error
when closing the session wouldn't be accurately reported.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/3849)
(cherry picked from commit b96dba9e5ec7afc355be1eab915f69c8c0d51741)
|
|
Document thread-safety issues
Cherry-pick from 076fc55527a1499391fa6de109c8387895199ee9 but
keeps the RSA_null method.
Reviewed-by: Geoff Thorpe <geoff@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3146)
|
|
It shouldn't try to return an action description for UIT_PROMPT type
UI strings.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2904)
(cherry picked from commit 6e470e190853f59a394dc92fefd74666c94266f4)
|
|
A bang (!) slipped through in the recent UI cleanup
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2051)
(cherry picked from commit 949320c567811e714216ea987fe24eea1b56da5e)
|
|
Mostly condition check changes.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2047)
(cherry picked from commit 120fb9e43656e1801c75a4fbb7c178ebec9bac18)
|
|
Since there are many parts of UI_process() that can go wrong, it isn't
very helpful to only return -1 with no further explanation. With this
change, the error message will at least show which part went wrong.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2037)
(cherry picked from commit 0a687ab0a92d2d68289364a6e232028c229f44bb)
|
|
Remove NULL check on parameter, and use NULL not ! on buffer.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit bde588df8a4d9f714cefe9cfd1a3931558de4c3c)
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1215)
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
A number of the METHOD functions weren't properly handling malloc failures.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/996)
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
This was done by the following
find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
print unless $. == 1 && m@/\* .*\.[ch] \*/@;
close ARGV if eof; # Close file to reset $.
And then some hand-editing of other files.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
|
|
Since we don't use the eay style any more, there's no point tryint to
tell emacs to use it.
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
Add #define's for the old names.
Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Add CRYPTO_free_ex_index (for shared libraries)
Unify and complete the documentation for all "ex_data" API's and objects.
Replace xxx_get_ex_new_index functions with a macro.
Added an exdata test.
Renamed the ex_data internal datatypes.
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
Continuing from previous commit ensure our style is consistent for malloc
return checks.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
|
|
After openssl_zalloc, cleanup more "set to 0/NULL" assignments.
Many are from github feedback.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
There are many places (nearly 50) where we malloc and then memset.
Add an OPENSSL_zalloc routine to encapsulate that.
(Missed one conversion; thanks Richard)
Also fixes GH328
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
There are header files in crypto/ that are used by a number of crypto/
submodules. Move those to crypto/include/internal and adapt the
affected source code and Makefiles.
The header files that got moved are:
crypto/cryptolib.h
crypto/md32_common.h
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
For a local variable:
TYPE *p;
Allocations like this are "risky":
p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption. Instead do this:
p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Don't check for NULL before calling OPENSSL_free
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Following ANSI C rules, remove the casts from calls to
OPENSSL_malloc and OPENSSL_realloc.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
The mkstack.pl script now generates the entire safestack.h file.
It generates output that follows the coding style.
Also, removed all instances of the obsolete IMPLEMENT_STACK_OF
macro.
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
|
|
Detected by dcruette@qualitesys.com
|
|
Submitted By: Jaroslav Imrich <jaroslav.imrich@disig.sk>
Add "missing" functions to get and set prompt constructor.
|
|
Notified by Gerardo Ganis <gerardo.ganis@cern.ch>
|
|
PR: 1170
Submitted by: Yair Elharrar
Reviewed and edited by: Nils Larsch
|
|
first everywhere in crypto and skip stdio.h and string.h [because it
includes them].
|
|
|
|
Use BUF_strlcat() instead of strcat().
Use BIO_snprintf() instead of sprintf().
In some cases, keep better track of buffer lengths.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
|
|
PR: 456
|
|
PR: 381
|
|
|
|
See the commit log message for that for more information.
NB: X509_STORE_CTX's use of "ex_data" support was actually misimplemented
(initialisation by "memset" won't/can't/doesn't work). This fixes that but
requires that X509_STORE_CTX_init() be able to handle errors - so its
prototype has been changed to return 'int' rather than 'void'. All uses of
that function throughout the source code have been tracked down and
adjusted.
|
|
setting stack (actually, array) values in ex_data. So only increment the
global counters if the underlying CRYPTO_get_ex_new_index() call succeeds.
This change doesn't make "ex_data" right (see the comment at the head of
ex_data.c to know why), but at least makes the source code marginally less
frustrating.
|
|
|
|
|
|
|
|
Implement UI controls. Current controls are the possibility to output
the OpenSSL error stack on the same channel from within UI_process()
and to check if the same user interface can be redone without being
rebuilt (this is often more a question of philosophy than
technicalities).
|
|
|
|
well.
This probably requires reference counters and locks as well. To be
implemented later.
|
|
prompting, application-defined prompts, the possibility to use
defaults (for example default passwords from somewhere else) and
interrupts/cancelations.
|
|
|
|
|
