Skip to content
  1. Nov 30, 2015
  2. Nov 28, 2015
  3. Nov 27, 2015
  4. Nov 26, 2015
    • Dr. Stephen Henson's avatar
      Remove X509_VERIFY_PARAM_ID · 9689a6ae
      Dr. Stephen Henson authored
      
      
      Now that X509_VERIFY_PARAM is opaque X509_VERIFY_PARAM_ID is no longer
      needed.
      
      Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
      9689a6ae
    • Matt Caswell's avatar
      Fix a NULL deref in an error path · 3bbd1d63
      Matt Caswell authored
      
      
      The SRP_create_verifier_BN function goes to the |err| label if the |salt|
      value passed to it is NULL. It is then deref'd.
      
      Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
      3bbd1d63
    • Matt Caswell's avatar
      Add documentation for BN_with_flags · e113c9c5
      Matt Caswell authored
      
      
      Following on from the previous commit this adds some documentation for the
      BN_with_flags function which is easy to misuse.
      
      Reviewed-by: default avatarEmilia Käsper <emilia@openssl.org>
      e113c9c5
    • Matt Caswell's avatar
      Tighten up BN_with_flags usage and avoid a reachable assert · fd7d2520
      Matt Caswell authored
      
      
      The function rsa_ossl_mod_exp uses the function BN_with_flags to create a
      temporary copy (local_r1) of a BIGNUM (r1) with modified flags. This
      temporary copy shares some state with the original r1. If the state of r1
      gets updated then local_r1's state will be stale. This was occurring in the
      function so that when local_r1 was freed a call to bn_check_top was made
      which failed an assert due to the stale state. To resolve this we must free
      local_r1 immediately after we have finished using it and not wait until the
      end of the function.
      
      This problem prompted a review of all BN_with_flag usage within the
      codebase. All other usage appears to be correct, although often not
      obviously so. This commit refactors things to make it much clearer for
      these other uses.
      
      Reviewed-by: default avatarEmilia Käsper <emilia@openssl.org>
      fd7d2520
  5. Nov 25, 2015
  6. Nov 24, 2015
  7. Nov 23, 2015
  8. Nov 22, 2015
    • Matt Caswell's avatar
      Fix a rebase error · 46ddbcf2
      Matt Caswell authored
      
      
      During rebasing of the async changes some error codes ended up being
      duplicated so that "make errors" fails. This removes the duplication.
      
      Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
      Reviewed-by: default avatarStephen Henson <steve@openssl.org>
      46ddbcf2
    • Viktor Dukhovni's avatar
      Async error handling and MacOS/X fixes · 6e8ac508
      Viktor Dukhovni authored
      
      
      In the async code for MacOS/X define _XOPEN_SOURCE (if not already
      defined) as early as possible.  We must do this before including
      any header files, because on MacOS/X <stlib.h> includes <signal.h>
      which includes <ucontext.h>.  If we delay defining _XOPEN_SOURCE
      and include <ucontext.h> after various system headers are included,
      we are very likely to end up with the wrong (truncated) definition
      of ucontext_t.
      
      Also, better error handling and some code cleanup in POSIX fibre
      construction and destruction.  We make sure that async_fibre_makecontext()
      always initializes the fibre to a state that can be freed.
      
      For all implementations, check for error returns from
      async_fibre_makecontext().
      
      Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
      6e8ac508