| #
b4faea50 |
| 02-May-2015 |
Rich Salz |
Use safer sizeof variant in malloc
For a local variable:
TYPE *p;
Allocations like this are "risky":
p = OPENSSL_malloc(sizeof(TYPE));
if the type of p change
Use safer sizeof variant in malloc
For a local variable:
TYPE *p;
Allocations like this are "risky":
p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption. Instead do this:
p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.
Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
| #
23b0fa5a |
| 04-May-2015 |
Rich Salz |
Fix cut/paste error
Was memset with wrong sizeof.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| #
b6eb9827 |
| 02-May-2015 |
Dr. Stephen Henson |
Add OSSL_NELEM macro.
Add OSSL_NELEM macro to e_os.h to determine the number of elements in an
array.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| #
53ba0a9e |
| 02-May-2015 |
Rich Salz |
RT3776: Wrong size for malloc
Use sizeof *foo parameter, to avoid these errors.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
|
| #
25aaa98a |
| 01-May-2015 |
Rich Salz |
free NULL cleanup -- coda
After the finale, the "real" final part. :) Do a recursive grep with
"-B1 -w [a-zA-Z0-9_]*_free" to see if any of the preceeding lines are
an "if NULL" che
free NULL cleanup -- coda
After the finale, the "real" final part. :) Do a recursive grep with
"-B1 -w [a-zA-Z0-9_]*_free" to see if any of the preceeding lines are
an "if NULL" check that can be removed.
Reviewed-by: Tim Hudson <tjh@openssl.org>
show more ...
|
| #
b548a1f1 |
| 01-May-2015 |
Rich Salz |
free null cleanup finale
Don't check for NULL before calling OPENSSL_free
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| #
222561fe |
| 30-Apr-2015 |
Rich Salz |
free NULL cleanup 5a
Don't check for NULL before calling a free routine. This gets X509_.*free:
x509_name_ex_free X509_policy_tree_free X509_VERIFY_PARAM_free
X509_STORE_fre
free NULL cleanup 5a
Don't check for NULL before calling a free routine. This gets X509_.*free:
x509_name_ex_free X509_policy_tree_free X509_VERIFY_PARAM_free
X509_STORE_free X509_STORE_CTX_free X509_PKEY_free
X509_OBJECT_free_contents X509_LOOKUP_free X509_INFO_free
Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
| #
2ace7450 |
| 30-Apr-2015 |
Rich Salz |
free NULL cleanup 8
Do not check for NULL before calling a free routine. This addresses:
ASN1_BIT_STRING_free ASN1_GENERALIZEDTIME_free ASN1_INTEGER_free
ASN1_OBJECT_free AS
free NULL cleanup 8
Do not check for NULL before calling a free routine. This addresses:
ASN1_BIT_STRING_free ASN1_GENERALIZEDTIME_free ASN1_INTEGER_free
ASN1_OBJECT_free ASN1_OCTET_STRING_free ASN1_PCTX_free ASN1_SCTX_free
ASN1_STRING_clear_free ASN1_STRING_free ASN1_TYPE_free
ASN1_UTCTIME_free M_ASN1_free_of
Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
| #
f49baeff |
| 11-Apr-2015 |
Kurt Roeckx |
X509_VERIFY_PARAM_free: Check param for NULL
Reviewed-by: Viktor Dukhovni <openssl-users@dukhovni.org>
|
|
Revision tags: OpenSSL_0_9_8zf, OpenSSL_1_0_0r, OpenSSL_1_0_1m, OpenSSL_1_0_2a, OpenSSL_1_0_2, master-post-auto-reformat |
|
| #
0f113f3e |
| 22-Jan-2015 |
Matt Caswell |
Run util/openssl-format-source -v -c .
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Revision tags: OpenSSL_1_0_2-post-auto-reformat, OpenSSL_0_9_8-post-auto-reformat, OpenSSL_0_9_8-pre-auto-reformat, OpenSSL_1_0_0-post-auto-reformat, OpenSSL_1_0_0-pre-auto-reformat, OpenSSL_1_0_1-post-auto-reformat, OpenSSL_1_0_1-pre-auto-reformat, master-post-reformat, OpenSSL_0_9_8-pre-reformat, OpenSSL_0_9_8ze, OpenSSL_1_0_0-pre-reformat, OpenSSL_1_0_0q, OpenSSL_1_0_1-pre-reformat, OpenSSL_1_0_1l, master-pre-reformat, OpenSSL_1_0_2-pre-reformat, OpenSSL_0_9_8zd, OpenSSL_1_0_0p, OpenSSL_1_0_1k, OpenSSL_0_9_8-post-reformat |
|
| #
1d97c843 |
| 28-Dec-2014 |
Tim Hudson |
mark all block comments that need format preserving so that
indent will not alter them when reformatting comments
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell
mark all block comments that need format preserving so that
indent will not alter them when reformatting comments
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
show more ...
|
|
Revision tags: OpenSSL-fips-2_0_9, OpenSSL_1_0_1j, OpenSSL_1_0_0o, OpenSSL_0_9_8zc, OpenSSL_1_0_2-beta3, OpenSSL_0_9_8zb, OpenSSL_1_0_0n, OpenSSL_1_0_1i, OpenSSL_1_0_2-beta2, OpenSSL-fips-2_0_8 |
|
| #
297c67fc |
| 07-Jul-2014 |
Viktor Dukhovni |
Update API to use (char *) for email addresses and hostnames
Reduces number of silly casts in OpenSSL code and likely most
applications. Consistent with (char *) for "peername" value fr
Update API to use (char *) for email addresses and hostnames
Reduces number of silly casts in OpenSSL code and likely most
applications. Consistent with (char *) for "peername" value from
X509_check_host() and X509_VERIFY_PARAM_get0_peername().
show more ...
|
| #
6e661d45 |
| 05-Jul-2014 |
Viktor Dukhovni |
New peername element in X509_VERIFY_PARAM_ID
Declaration, memory management, accessor and documentation.
|
| #
8abffa4a |
| 22-Jun-2014 |
Viktor Dukhovni |
Multiple verifier reference identities.
Implemented as STACK_OF(OPENSSL_STRING).
|
| #
b3012c69 |
| 22-Jun-2014 |
Viktor Dukhovni |
Drop hostlen from X509_VERIFY_PARAM_ID.
Just store NUL-terminated strings. This works better when we add
support for multiple hostnames.
|
|
Revision tags: OpenSSL_1_0_1h, OpenSSL_1_0_0m, OpenSSL_0_9_8za |
|
| #
6c21b860 |
| 24-May-2014 |
Dr. Stephen Henson |
Rename vpm_int.h to x509_lcl.h
|
| #
397a8e74 |
| 21-May-2014 |
Viktor Dukhovni |
Fixes to host checking.
Fixes to host checking wild card support and add support for
setting host checking flags when verifying a certificate
chain.
|
|
Revision tags: OpenSSL-fips-2_0_7, OpenSSL_1_0_1g, OpenSSL_1_0_2-beta1, OpenSSL_1_0_0l, OpenSSL_1_0_1f, OpenSSL-fips-2_0_6, OpenSSL-fips-2_0_5, OpenSSL-fips-2_0_4 |
|
| #
4a253652 |
| 11-Dec-2013 |
Dr. Stephen Henson |
Add opaque ID structure.
Move the IP, email and host checking fields from the public
X509_VERIFY_PARAM structure into an opaque X509_VERIFY_PARAM_ID
structure. By doing this the stru
Add opaque ID structure.
Move the IP, email and host checking fields from the public
X509_VERIFY_PARAM structure into an opaque X509_VERIFY_PARAM_ID
structure. By doing this the structure can be modified in future
without risk of breaking any applications.
(cherry picked from commit adc6bd73e3bd10ce6e76867482e8d137071298d7)
Conflicts:
crypto/x509/x509_vpm.c
show more ...
|
|
Revision tags: OpenSSL-fips-2_0_3, OpenSSL_1_0_1e, OpenSSL_0_9_8y, OpenSSL_1_0_0k, OpenSSL_1_0_1d |
|
| #
3bf15e29 |
| 05-Dec-2012 |
Dr. Stephen Henson |
Integrate host, email and IP address checks into X509_verify.
Add new verify options to set checks.
Remove previous -check* commands from s_client and s_server.
|
|
Revision tags: OpenSSL-fips-2_0-pl1, OpenSSL-fips-2_0_2, OpenSSL-fips-2_0_1, OpenSSL_1_0_1c, OpenSSL_1_0_0j, OpenSSL_0_9_8x, OpenSSL_1_0_1b, OpenSSL_0_9_8w, OpenSSL_1_0_1a, OpenSSL_0_9_8v, OpenSSL_1_0_0i, OpenSSL_1_0_1, OpenSSL_1_0_0h, OpenSSL_0_9_8u, OpenSSL_1_0_1-beta3, OpenSSL_1_0_1-beta2, OpenSSL-fips-2_0, OpenSSL_1_0_0g, OpenSSL_0_9_8t, OpenSSL_0_9_8s, OpenSSL_1_0_0f, OpenSSL-fips-2_0-rc8, OpenSSL_1_0_1-beta1, OpenSSL-fips-2_0-rc7, OpenSSL-fips-2_0-rc6, OpenSSL-fips-2_0-rc5, OpenSSL-fips-2_0-rc4, OpenSSL-fips-2_0-rc3, OpenSSL-fips-2_0-rc2, OpenSSL-fips-2_0-rc1, OpenSSL-fips-1_2_3, OpenSSL-fips-1_2_2, OpenSSL-fips-1_2_1, OpenSSL_1_0_0e, OpenSSL_1_0_0d, OpenSSL_0_9_8r, OpenSSL_0_9_8q, OpenSSL_1_0_0c, OpenSSL_0_9_8p, OpenSSL_1_0_0b, OpenSSL_0_9_8o, OpenSSL_1_0_0a, OpenSSL_1_0_0, OpenSSL_0_9_8n, OpenSSL_0_9_8m |
|
| #
9b3d7570 |
| 25-Feb-2010 |
Dr. Stephen Henson |
verify parameter enumeration functions
|
|
Revision tags: OpenSSL_0_9_8m-beta1, OpenSSL_1_0_0-beta5, OpenSSL_1_0_0-beta4, OpenSSL_0_9_8l, OpenSSL_1_0_0-beta3 |
|
| #
508c5352 |
| 30-Jun-2009 |
Dr. Stephen Henson |
Update from 1.0.0-stable
|
|
Revision tags: OpenSSL_1_0_0-beta2, OpenSSL_1_0_0-beta1, OpenSSL_0_9_8k |
|
| #
237d7b6c |
| 15-Mar-2009 |
Dr. Stephen Henson |
Fix from stable branch.
|
| #
30e5e39a |
| 16-Feb-2009 |
Dr. Stephen Henson |
PR: 1778
Increase default verify depth to 100.
|
|
Revision tags: OpenSSL_0_9_8j |
|
| #
2e597528 |
| 05-Nov-2008 |
Dr. Stephen Henson |
Update obsolete email address...
|
| #
e19106f5 |
| 22-Oct-2008 |
Dr. Stephen Henson |
Create function of the form OBJ_bsearch_xxx() in bsearch typesafe macros
with the appropriate parameters which calls OBJ_bsearch(). A compiler will
typically inline this.
This avoids
Create function of the form OBJ_bsearch_xxx() in bsearch typesafe macros
with the appropriate parameters which calls OBJ_bsearch(). A compiler will
typically inline this.
This avoids the need for cmp_xxx variables and fixes unchecked const issues
with CHECKED_PTR_OF()
show more ...
|
