#
54e5ba05 |
| 17-Jul-2017 |
Rich Salz |
Fix use-after-free Also fix a RANDerr call. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3947)
|
#
3ee1eac2 |
| 05-Jul-2017 |
Rich Salz |
Standardize apps use of -rand, etc. Standardized the -rand flag and added a new one: -rand file... Always reads the specified files -writerand file
Standardize apps use of -rand, etc. Standardized the -rand flag and added a new one: -rand file... Always reads the specified files -writerand file Always writes to the file on exit For apps that use a config file, the RANDFILE config parameter reads the file at startup (to seed the RNG) and write to it on exit if the -writerand flag isn't used. Ensured that every app that took -rand also took -writerand, and made sure all of that agreed with all the documentation. Fix error reporting in write_file and -rand Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/3862)
show more ...
|
#
1ef45418 |
| 06-Jul-2017 |
Rich Salz |
Remove some now-unneeded VMS controls Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3875)
|
#
9ee344f5 |
| 05-Jul-2017 |
Rich Salz |
Cleanup RAND_load_file,RAND_write_file Document an internal assumption that these are only for use with files, and return an error if not. That made the code much simpler. Leave it a
Cleanup RAND_load_file,RAND_write_file Document an internal assumption that these are only for use with files, and return an error if not. That made the code much simpler. Leave it as writing 1024 bytes, even though we don't need more than 256 from a security perspective. But the amount isn't specified, now, so we can change it later if we want. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3864)
show more ...
|
#
810ef917 |
| 14-Jun-2017 |
Rich Salz |
Undo commit de02ec2 Original text: Check if a random "file" is really a device file, and treat it specially if it is. Add a few OpenBSD-specific cases. This i
Undo commit de02ec2 Original text: Check if a random "file" is really a device file, and treat it specially if it is. Add a few OpenBSD-specific cases. This is part of a large change submitted by Markus Friedl <markus@openbsd.or Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3700)
show more ...
|
Revision tags: OpenSSL_1_0_2l, OpenSSL_1_1_0f, OpenSSL-fips-2_0_16, OpenSSL_1_1_0e, OpenSSL_1_0_2k, OpenSSL_1_1_0d |
|
#
6974fca4 |
| 05-Dec-2016 |
Paul Hovey |
updated macro spacing for styling purposes Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> CLA: trivial
|
#
8bd62abe |
| 05-Dec-2016 |
Paul Hovey |
fix undoes errors introduced by https://github.com/openssl/openssl/commit/fc6076ca272f74eb1364c29e6974ad5da5ef9777?diff=split#diff-1014acebaa2c13d44ca196b9a433ef2eR184 Reviewed-by: Richard L
fix undoes errors introduced by https://github.com/openssl/openssl/commit/fc6076ca272f74eb1364c29e6974ad5da5ef9777?diff=split#diff-1014acebaa2c13d44ca196b9a433ef2eR184 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> CLA: trivial
show more ...
|
Revision tags: OpenSSL-fips-2_0_15, OpenSSL-fips-2_0_14, OpenSSL_1_1_0c, OpenSSL_1_0_2j, OpenSSL_1_1_0b, OpenSSL_1_0_1u, OpenSSL_1_0_2i, OpenSSL_1_1_0a |
|
#
7dc0ad4d |
| 20-Sep-2016 |
Andy Polyakov |
rand/randfile.c: treat empty string in RAND_file_name as error. Suggested in GH#1589. Reviewed-by: Rich Salz <rsalz@openssl.org>
|
#
ba8fa4e5 |
| 20-Sep-2016 |
Andy Polyakov |
rand/randfile.c: rationalize __OpenBSD__ code path. Reviewed-by: Rich Salz <rsalz@openssl.org>
|
#
799c1293 |
| 20-Sep-2016 |
Andy Polyakov |
rand/randfile.c: restore fallback to $HOME for non-setuid programs. Reported in GH#1589, but solution is different from suggested. Reviewed-by: Rich Salz <rsalz@openssl.org>
|
Revision tags: OpenSSL_1_1_0, OpenSSL_1_1_0-pre6, OpenSSL-fips-2_0_13 |
|
#
fc6076ca |
| 21-Jun-2016 |
Andy Polyakov |
rand/randfile.c: make it non-ASCII-savvy. Reviewed-by: Richard Levitte <levitte@openssl.org>
|
#
b73cfb13 |
| 20-Jun-2016 |
Andy Polyakov |
rand/randfile.c: remove obsolete commentary. Reviewed-by: Richard Levitte <levitte@openssl.org>
|
#
b8f304f7 |
| 20-Jun-2016 |
Richard Levitte |
Change default directory for the .rnd file on Windows and VMS The previous change for Windows wasn't quite right. Corrected to use %HOME%, %USERPROFILE% and %SYSTEMPROFILE%, in that ord
Change default directory for the .rnd file on Windows and VMS The previous change for Windows wasn't quite right. Corrected to use %HOME%, %USERPROFILE% and %SYSTEMPROFILE%, in that order. Also adding the default home for VMS, SYS$LOGIN: Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org>
show more ...
|
#
13c03c8d |
| 15-Jun-2016 |
Matt Caswell |
Change default directory for storing the .rnd file on Windows Previously we would try %RANDFILE%, then %HOME% and finally "C:". Unfortunately this often ends up being "C:" which the user
Change default directory for storing the .rnd file on Windows Previously we would try %RANDFILE%, then %HOME% and finally "C:". Unfortunately this often ends up being "C:" which the user may not have write permission for. Now we try %RANDFILE% first, and then the same set of environment vars as GetTempFile() uses, i.e. %TMP%, then %TEMP%, %USERPROFILE% and %SYSTEMROOT%. If all else fails we fall back to %HOME% and only then "C:". Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
#
06593767 |
| 20-May-2016 |
Richard Levitte |
Clean up the VMS hacks in crypto/rand/randfile.c Reviewed-by: Andy Polyakov <appro@openssl.org>
|
#
8ff889c2 |
| 20-May-2016 |
Richard Levitte |
VMS: setbuf() only takes 32-bit pointers Giving setbuf() a 64-bit pointer isn't faulty, as the argument is passed by a 64-bit register anyway, so you only get a warning (MAYLOSEDATA2
VMS: setbuf() only takes 32-bit pointers Giving setbuf() a 64-bit pointer isn't faulty, as the argument is passed by a 64-bit register anyway, so you only get a warning (MAYLOSEDATA2) pointing out that only the least significant 32 bits will be used. However, we know that a FILE* returned by fopen() and such really is a 32-bit pointer (a study of the system header files make that clear), so we temporarly turn off that warning when calling setbuf(). Reviewed-by: Andy Polyakov <appro@openssl.org>
show more ...
|
#
2e6d7799 |
| 16-May-2016 |
Andy Polyakov |
rand/randfile.c: remove _XOPEN_SOURCE definition. Defintions of macros similar to _XOPEN_SOURCE belong in command line or in worst case prior first #include directive in source. As for
rand/randfile.c: remove _XOPEN_SOURCE definition. Defintions of macros similar to _XOPEN_SOURCE belong in command line or in worst case prior first #include directive in source. As for macros is was allegedly controlling. One can argue that we are probably better off demanding S_IS* macros but there are systems that just don't comply, hence this compromise solution... Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
#
b1322259 |
| 17-May-2016 |
Rich Salz |
Copyright consolidation 09/10 Reviewed-by: Richard Levitte <levitte@openssl.org>
|
Revision tags: OpenSSL_1_0_1t, OpenSSL_1_0_2h, OpenSSL_1_1_0-pre5 |
|
#
3012e650 |
| 11-Apr-2016 |
Matt Caswell |
Fix the no-posix-io option Fix a compile failure with no-posix-io Reviewed-by: Tim Hudson <tjh@openssl.org>
|
Revision tags: OpenSSL_1_1_0-pre4, OpenSSL_1_0_1s, OpenSSL_1_0_2g, OpenSSL_1_1_0-pre3, OpenSSL-fips-2_0_12 |
|
#
040d43b3 |
| 13-Feb-2016 |
Rich Salz |
OpenSSLDie --> OPENSSL_die Also removed a bunch of unused define's from e_os.h Reviewed-by: Richard Levitte <levitte@openssl.org>
|
Revision tags: OpenSSL_1_0_1r, OpenSSL_1_0_2f |
|
#
d8ca44ba |
| 27-Jan-2016 |
Emilia Kasper |
Always DPURIFY The use of the uninitialized buffer in the RNG has no real security benefits and is only a nuisance when using memory sanitizers. Reviewed-by: Rich Salz <rsalz@op
Always DPURIFY The use of the uninitialized buffer in the RNG has no real security benefits and is only a nuisance when using memory sanitizers. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
show more ...
|
Revision tags: OpenSSL_1_1_0-pre2 |
|
#
34980760 |
| 18-Dec-2015 |
Rich Salz |
Remove /* foo.c */ comments This was done by the following find . -name '*.[ch]' | /tmp/pl where /tmp/pl is the following three-line script: print unless $. == 1
Remove /* foo.c */ comments This was done by the following find . -name '*.[ch]' | /tmp/pl where /tmp/pl is the following three-line script: print unless $. == 1 && m@/\* .*\.[ch] \*/@; close ARGV if eof; # Close file to reset $. And then some hand-editing of other files. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
show more ...
|
#
7644a9ae |
| 16-Dec-2015 |
Rich Salz |
Rename some BUF_xxx to OPENSSL_xxx Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen} to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen} Add #define's for the old nam
Rename some BUF_xxx to OPENSSL_xxx Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen} to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen} Add #define's for the old names. Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros. Reviewed-by: Tim Hudson <tjh@openssl.org>
show more ...
|
Revision tags: OpenSSL_1_1_0-pre1, OpenSSL_0_9_8zh, OpenSSL_1_0_0t, OpenSSL_1_0_1q, OpenSSL_1_0_2e, OpenSSL_1_0_1p, OpenSSL_1_0_2d, OpenSSL-fips-2_0_11, OpenSSL_1_0_1o, OpenSSL_1_0_2c, OpenSSL_0_9_8zg, OpenSSL_1_0_0s, OpenSSL_1_0_1n, OpenSSL_1_0_2b, OpenSSL-fips-2_0_10, OpenSSL_0_9_8zf, OpenSSL_1_0_0r, OpenSSL_1_0_1m, OpenSSL_1_0_2a |
|
#
68b00c23 |
| 23-Jan-2015 |
Rich Salz |
ifdef cleanup part 3: OPENSSL_SYSNAME Rename OPENSSL_SYSNAME_xxx to OPENSSL_SYS_xxx Remove MS_STATIC; it's a relic from platforms <32 bits. Reviewed-by: Andy Polyakov <appro@ope
ifdef cleanup part 3: OPENSSL_SYSNAME Rename OPENSSL_SYSNAME_xxx to OPENSSL_SYS_xxx Remove MS_STATIC; it's a relic from platforms <32 bits. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
show more ...
|
#
27c7609c |
| 22-Jan-2015 |
Rich Salz |
ifdef cleanup, 2 remove OPENSSL_NO_SETVBUF_IONBF Use setbuf(fp, NULL) instead of setvbuf(). This removes some ifdef complexity because all of our platforms support setbuf. Revi
ifdef cleanup, 2 remove OPENSSL_NO_SETVBUF_IONBF Use setbuf(fp, NULL) instead of setvbuf(). This removes some ifdef complexity because all of our platforms support setbuf. Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|