add missing #include <string.h>; ok tb@

typo in comment

Null out pointers on asprintf() failure.

These pointers will be passed to free. According to asprintf(3), "on
OpenBSD, ret will be set to the null pointer, but this behavior should
not be relied upo

Null out pointers on asprintf() failure.

These pointers will be passed to free. According to asprintf(3), "on
OpenBSD, ret will be set to the null pointer, but this behavior should
not be relied upon."

ok jsing

show more ...

Only assign destlen when src is non-NULL.

This avoids ever having a non-zero len with a NULL pointer.

Assert tedu's copyright since some of the code moved here is his.

Split keypair handling out into its own file - it had already appeared
in multiple locations.

ok beck@

Be consistent with the goto label names used in libtls code.

No change to generated assembly.

Use the tls_password_cb() callback with all PEM_read_bio_*() calls, so that
we can prevent libcrypto from going behind our back and trying to read
passwords from standard input (which we may not be p

Use the tls_password_cb() callback with all PEM_read_bio_*() calls, so that
we can prevent libcrypto from going behind our back and trying to read
passwords from standard input (which we may not be permitted to do).

Found by jsg@ with httpd and password protected keys.

show more ...

Use freezero() for the tls_load_file() failure case, since we're
potentially dealing with key material. Also switch a calloc to malloc,
since we immediately copy the same amount of data to the newly

Use freezero() for the tls_load_file() failure case, since we're
potentially dealing with key material. Also switch a calloc to malloc,
since we immediately copy the same amount of data to the newly allocated
buffer.

show more ...

BIO_free_all() and EVP_PKEY_free() can be called with NULL.

Provide a tls_unload_file() function, that frees the memory returned from
a tls_load_file() call, ensuring that it the contents become inaccessible.
This is specifically needed on platforms where the

Provide a tls_unload_file() function, that frees the memory returned from
a tls_load_file() call, ensuring that it the contents become inaccessible.
This is specifically needed on platforms where the library allocators may
be different from the application allocator.

ok beck@

show more ...

Address some signed vs unsigned warnings and check that an integer value
is positive before passing it to several functions as a size_t.
Additionally, in tls_load_file() there is not much point using

Address some signed vs unsigned warnings and check that an integer value
is positive before passing it to several functions as a size_t.
Additionally, in tls_load_file() there is not much point using calloc(),
when we're immediately reading into the buffer (having an extra byte for
NUL termination seems pointless given the API).

ok beck@ miod@

show more ...

use the same type for buf as the return type in tls_load_file

ok tedu@, noted by kinichiro

Indent labels with a space so that diff -p is more friendly.

Requested by bluhm@

Add tls_load_file() as a helper to load certificates or encrypted keys
into memory. This can be used for tls_config_set_ca_mem(),
tls_config_set_cert_mem() or tls_config_set_key_mem().

With input f

Add tls_load_file() as a helper to load certificates or encrypted keys
into memory. This can be used for tls_config_set_ca_mem(),
tls_config_set_cert_mem() or tls_config_set_key_mem().

With input from jsing@, tedu@ and henning@

OK tedu@

show more ...

Rename libressl to libtls to avoid confusion and to make it easier to
distinguish between LibreSSL (the project) and libressl (the library).

Discussed with many.