dear ressl fellows,
when trying to properly reimplement a curses client (i.e. handling stdin
with select) with a tls connection using ressl (i.e. handling a server
socket with select), I stumbled upon conflicting recommendations in man
pages regarding whether to use blocking sockets in BIOs.
The
On 28.04.14 23:05, Miod Vallat wrote:
I'm not too fond of this kind of change - the compiler does a good job
at merging or optimizing temporary variables.
I disagree. I stopped writing code for the compiler when I got my first
pubic hair. Now I think that useless introduction of non-obviously
On 24.04.14 02:45, Bob Beck wrote:
Hi Dirk, I'm not fond of this because you've included all the various
BLAHWOOF_free functions in the bag.
I agree that this creepy macro hell must die. It makes auditing the
software nearly impossible. What they basically have done is to put
OO-lipstick on a
On 23.04.14 07:42, patrick keshishian wrote:
Why not kill the 'if (ret-name != NULL)' check while at it?
I am currently working on a patch that removes all superflous NULL
checks before every free function throughout libressl. There will be a
single commit fixing this.
erdgeist
On 22.04.14 19:16, Bob Beck wrote:
I'll take a look at this when I get home, and either apply your fix or
disentangle this in a hopefully more obvious way.
How shall I proceed with the other fixes? Just bundle them as diffs
against the current revision an put them on the list as new threads?
remove M_ASN1_New_Malloc, M_ASN1_New, M_ASN1_New_Error marcos, they hide
a malloc and are only used once
Index: x_pkey.c
===
RCS file: /cvs/src/lib/libssl/src/crypto/asn1/x_pkey.c,v
retrieving revision 1.10
diff -u -r1.10 x_pkey.c
Note that asn1_mac.h is installed...
You're right, I found it referenced at least here:
http://opensource.apple.com/source/OpenSSL/OpenSSL-5/openssl/crypto/asn1/p5_pbev2.c
erdgeist
* remove unnecessary temp variable d
* move loop counter j in for() header
* fix prototype for memcpy
* make calculation of actual length in BN_to_ASN1_ENUMERATED
more transparent
This code still looks rather odd, it uses a temporary buffer to first
convert the number into a minimal little
Index: tasn_fre.c
===
RCS file: /cvs/src/lib/libssl/src/crypto/asn1/tasn_fre.c,v
retrieving revision 1.9
diff -u -r1.9 tasn_fre.c
--- tasn_fre.c 18 Apr 2014 12:15:48 - 1.9
+++ tasn_fre.c 23 Apr 2014 01:47:49 -
@@ -247,7
Index: n_pkey.c
===
RCS file: /cvs/src/lib/libssl/src/crypto/asn1/n_pkey.c,v
retrieving revision 1.15
diff -u -r1.15 n_pkey.c
--- n_pkey.c21 Apr 2014 11:37:41 - 1.15
+++ n_pkey.c23 Apr 2014 01:50:02 -
@@ -205,7
Index: x_x509.c
===
RCS file: /cvs/src/lib/libssl/src/crypto/asn1/x_x509.c,v
retrieving revision 1.12
diff -u -r1.12 x_x509.c
--- x_x509.c18 Apr 2014 11:20:32 - 1.12
+++ x_x509.c23 Apr 2014 01:54:03 -
@@ -125,6
On 21.04.14 19:01, Bob Beck wrote:
Not quite, because now you avoid the potential double free and instead leak
ret itself because of how ASN1_STRING_free works.. You need to
do this slightly differently.
I disagree:
err:
if ((ret != NULL) ((a == NULL) || (*a != ret)))
On 21.04.14 01:13, Bob Beck wrote:
this list is for diffs. post them. keep them reviewable - of
meaningful size and doing a certain thing.
(as opposed to this diff changes 15 things.. )
Find attached my patches for some memory leaks, use after frees and some
minor house keeping as follows.
On 21.04.14 04:56, Ted Unangst wrote:
Also, can you include diffs inline please? One diff per email. Maybe
just one or two emails to start, then try sending the rest after we
see how that goes?
fix memory leak in a2i_ASN1_ENUMERATED, a2i_ASN1_STRING and
a2i_ASN1_INTEGER, in case of of goto
On 21.04.14 04:56, Ted Unangst wrote:
Also, can you include diffs inline please? One diff per email. Maybe
just one or two emails to start, then try sending the rest after we
see how that goes?
fix double free in d2i_ASN1_bytes by setting ret-data = NULL after
free, before potential goto err;
Dear openbsd devs,
I've just put on my rubber gloves to help with your heroic efforts on
OpenSSL. I started to dive into OpenSSL's ASN.1 implementation and now
wonder how to share my findings, patches and requests without spamming
this list.
Also while scanning through the rest of libssl,
16 matches
Mail list logo
