| #
b70c5e97 |
| 02-Mar-2024 |
tb <tb@openbsd.org> |
Remove ASN1_STRING_TABLE_{add,cleanup}
This was API for the ASN1_STRING_TABLE extensibility which has been
neutered for months and was completely unused in the ecosystem.
ok jsing
|
| #
7d2d6947 |
| 02-Mar-2024 |
tb <tb@openbsd.org> |
const correct ASN1_STRING_TABLE_get()
The ability of modifying the ASN1_STRING_TABLE was removed and the table
is now static. Stop casting away const. The only consumer, security/xca,
is already fix
const correct ASN1_STRING_TABLE_get()
The ability of modifying the ASN1_STRING_TABLE was removed and the table
is now static. Stop casting away const. The only consumer, security/xca,
is already fixed.
ok jsing
show more ...
|
| #
cf3aa6ad |
| 16-Dec-2023 |
tb <tb@openbsd.org> |
Annotate incorrect value for ub_email_address
The ub_email_address upper bound, 128, returned for NID_pkcs9_emailAddress,
doesn't match the PKCS#9 specification where it is 255. This was adjusted
i
Annotate incorrect value for ub_email_address
The ub_email_address upper bound, 128, returned for NID_pkcs9_emailAddress,
doesn't match the PKCS#9 specification where it is 255. This was adjusted
in RFC 5280:
The ASN.1 modules in Appendix A are unchanged from RFC 3280, except
that ub-emailaddress-length was changed from 128 to 255 in order to
align with PKCS #9 [RFC2985].
Nobody seems to have noticed so far, so leave it at an XXX and a BUGS
entry for now. It also clearly has the wrong name.
Another mystery is why the RFCs suffix some upper bounds with length, but
not others. Also, OpenSSL chose to be inconsistent with that, because
inconsistency is one of the few things this library is really good at.
show more ...
|
| #
2a38580f |
| 16-Dec-2023 |
tb <tb@openbsd.org> |
Neuter the ASN1_STRING_TABLE modification API
This is complete nonsense that nothing's ever used except for a test by
schwarze. It will be removed in the next major bump. What remains could
be moved
Neuter the ASN1_STRING_TABLE modification API
This is complete nonsense that nothing's ever used except for a test by
schwarze. It will be removed in the next major bump. What remains could
be moved to a simple lookup table in security/xca...
ok jsing
show more ...
|
| #
acf64401 |
| 05-Jul-2023 |
beck <beck@openbsd.org> |
Hide symbols in asn1 and bio
ok jsing@
|
| #
4c21d318 |
| 02-Jul-2023 |
tb <tb@openbsd.org> |
Convert some tables to C99 initializers
ok & "happy pirate day" beck
|
| #
e6e17ed5 |
| 13-Dec-2021 |
schwarze <schwarze@openbsd.org> |
this file doesn't use anything from <stdio.h>;
in particular, NULL is also in <stdlib.h> according to the C99 standard;
"free commit" tb@
|
| #
141e8b05 |
| 13-Dec-2021 |
schwarze <schwarze@openbsd.org> |
Catch integer overflow rather than silently truncating while
parsing MASK: strings in ASN1_STRING_set_default_mask_asc(3).
Issue noticed by tb@, patch by me, two additional #include lines from tb@.
O
Catch integer overflow rather than silently truncating while
parsing MASK: strings in ASN1_STRING_set_default_mask_asc(3).
Issue noticed by tb@, patch by me, two additional #include lines from tb@.
OK tb@.
show more ...
|
| #
a57b1275 |
| 11-Dec-2021 |
schwarze <schwarze@openbsd.org> |
Merge two bugfixes in ASN1_STRING_TABLE_add(3) and ASN1_STRING_TABLE_get(3)
from the OpenSSL 1.1.1 branch, which is still under a free license,
mostly this commit:
commit d35c0ff30b31be9fd5dcf3d552a
Merge two bugfixes in ASN1_STRING_TABLE_add(3) and ASN1_STRING_TABLE_get(3)
from the OpenSSL 1.1.1 branch, which is still under a free license,
mostly this commit:
commit d35c0ff30b31be9fd5dcf3d552a16feb8de464bc
Author: Dr. Stephen Henson <steve@openssl.org>
Date: Fri Oct 19 15:06:31 2012 +0000
fix ASN1_STRING_TABLE_add so it can override existing string table values
This fixes a segfault in ASN1_STRING_TABLE_add(3), which tried to change a
static const entry when called with an nid already in the default table,
and it switches the precedence of the two tables in ASN1_STRING_TABLE_get(3).
In addition, it changes behaviour in the following minor ways:
* Ignore negative minsize and maxsize arguments, not just -1.
* Ignore a zero mask and zero flags.
It's unclear whether these additional changes make the API absolutely
better, but we want compatibility with OpenSSL in these functions.
Tweaks & OK tb@.
show more ...
|
| #
69f42677 |
| 11-Dec-2021 |
schwarze <schwarze@openbsd.org> |
Merge the deletion of <ctype.h>, which isn't used here,
and some style improvements from the OpenSSL 1.1.1 branch,
which is still under a free license.
No functional change.
OK and additional tweaks
Merge the deletion of <ctype.h>, which isn't used here,
and some style improvements from the OpenSSL 1.1.1 branch,
which is still under a free license.
No functional change.
OK and additional tweaks tb@.
show more ...
|
| #
5067ae9f |
| 29-Jan-2017 |
beck <beck@openbsd.org> |
Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@
|
| #
d4053c9c |
| 21-Jan-2017 |
jsing <jsing@openbsd.org> |
Expand DECLARE_OBJ_BSEARCH_CMP_FN and IMPLEMENT_OBJ_BSEARCH_CMP_FN macros.
No change to generated assembly excluding line numbers.
|
| #
569a82d4 |
| 10-Feb-2015 |
jsing <jsing@openbsd.org> |
Remove more IMPLEMENT_STACK_OF noops that have been hiding for the last
15 years.
|
| #
6d179423 |
| 28-Oct-2014 |
miod <miod@openbsd.org> |
Check the result of sk_*_push() operations for failure.
ok doug@ jsing@
|
| #
b6ab114e |
| 11-Jul-2014 |
jsing <jsing@openbsd.org> |
Only import cryptlib.h in the four source files that actually need it.
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need t
Only import cryptlib.h in the four source files that actually need it.
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.
ok beck@ miod@
show more ...
|
| #
a8913c44 |
| 10-Jul-2014 |
jsing <jsing@openbsd.org> |
Stop including standard headers via cryptlib.h - pull in the headers that
are needed in the source files that actually require them.
ok beck@ miod@
|
| #
5b762cc7 |
| 22-Jun-2014 |
deraadt <deraadt@openbsd.org> |
nuke unused test programs; ok jsing
|
| #
c3d6a26a |
| 12-Jun-2014 |
deraadt <deraadt@openbsd.org> |
tags as requested by miod and tedu
|
| #
027d845c |
| 31-May-2014 |
beck <beck@openbsd.org> |
Change the actual default for returned asn1 strings to be utf8 in the code,
rather than only in the config file, to trip people up later.
Found, and fix pleaded for by <spider@skuggor.se> who apparen
Change the actual default for returned asn1 strings to be utf8 in the code,
rather than only in the config file, to trip people up later.
Found, and fix pleaded for by <spider@skuggor.se> who apparently
spent hours chasing it down.
ok miod@
show more ...
|
| #
59a78a17 |
| 19-Apr-2014 |
jsing <jsing@openbsd.org> |
More KNF.
|
| #
cc777fd4 |
| 18-Apr-2014 |
tedu <tedu@openbsd.org> |
lob a few more knf grenades in here to soften things up.
|
| #
6f3a6cb1 |
| 17-Apr-2014 |
beck <beck@openbsd.org> |
Change library to use intrinsic memory allocation functions instead of
OPENSSL_foo wrappers. This changes:
OPENSSL_malloc->malloc
OPENSSL_free->free
OPENSSL_relloc->realloc
OPENSSL_freeFunc->free
|
| #
c32db552 |
| 03-Nov-2011 |
djm <djm@openbsd.org> |
openssl-1.0.0e: resolve conflicts
|
| #
0a5d6ede |
| 01-Oct-2010 |
djm <djm@openbsd.org> |
resolve conflicts, fix local changes
|
| #
e6841c1d |
| 09-Jan-2009 |
djm <djm@openbsd.org> |
resolve conflicts
|