| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2014-06-24 | Remove ancient workaround for previous century's compilers in the declaration | Miod Vallat | |
| of CRYPTO_EX_DATA; riding upon the libcrypto major bump. | |||
| 2014-06-24 | Remove BIO_f_reliable(), guilty of playing with EVP_MD_CTX internals it | Miod Vallat | |
| should not know anything about. Verified not to be used in ports; riding upon the recent libcrypto major bump. | |||
| 2014-06-24 | Crank libcrypto major since my previous commit changed the size of the | Joel Sing | |
| ChaCha context. Other changes will also ride this crank. | |||
| 2014-06-24 | If a chacha operation does not consume all of the generated key stream, | Joel Sing | |
| ensure that we save it and consume it on subsequent writes. Otherwise we end up discarding part of the key stream and instead generate a new block at the start of the next write. This was only an issue for callers that did multiple writes that are not multiples of 64 bytes - in particular, the ChaCha20Poly1305 usage does not hit this problem since it performs encryption in a single-shot. For the same reason, this is also a non-issue when openssl(1) is used to encrypt with ChaCha. Issue identified by insane coder; reported to bugs@ by Joseph M. Schwartz. ok beck@ | |||
| 2014-06-24 | Some KNF. | Joel Sing | |
| 2014-06-24 | Replace 48 lines of code with a single inet_pton() call. The previous | Joel Sing | |
| handrolled version could not even make use of sscanf(), since that would not work with a certain antiquated compiler. It is worth noting that there is a tiny change in behaviour - previously calling BIO_get_host_ip() with something that looked like it might be a valid IP address (for example, "1." or even ".") would result in it returning failure rather than trying a BIO_gethostbyname() - now we'll always try a BIO_gethostbyname() if it was not a valid IPv4 address. ok beck@ miod@ deraadt@ | |||
| 2014-06-24 | Actually make BIO_set_tcp_ndelay() work - TCP_NODELAY will not magically | Joel Sing | |
| appear by itself. ok beck@ miod@ | |||
| 2014-06-23 | Since this is a library, place issetugid() before every getenv() | Theo de Raadt | |
| ok miod | |||
| 2014-06-23 | unbreak build of getentropy_sysctl - we need linux/sysctl.h, and | Bob Beck | |
| RANDOM_UUID is an enum member. | |||
| 2014-06-23 | unbreak - main needs to be extern in here somewhere. | Bob Beck | |
| 2014-06-22 | KNF, particularly wrapped lines of calls to PEM_read_bio_FOO() and | Philip Guenther | |
| multiline comments ok jsing@ | |||
| 2014-06-22 | BIO_sock_init() no longer does anything, so stop calling it. | Joel Sing | |
| 2014-06-22 | Just use SOMAXCONN and IPPROTO_TCP, since we know we have them. | Joel Sing | |
| 2014-06-22 | In BIO_get_port(), use strol() with appropriate range checks rather than | Joel Sing | |
| an atoi() followed by an unsigned short cast. This stops things like "-1" and "66536" from being considered to be "valid" port numbers. ok beck@ deraadt@ | |||
| 2014-06-22 | nuke unused test programs; ok jsing | Theo de Raadt | |
| 2014-06-22 | More KNF. | Joel Sing | |
| 2014-06-22 | KNF. | Joel Sing | |
| 2014-06-22 | KNF. | Joel Sing | |
| 2014-06-22 | More KNF. | Joel Sing | |
| 2014-06-21 | repair indentation for an inner loop; shorten some macros and variable | Theo de Raadt | |
| names to shorten line lengths ok beck | |||
| 2014-06-21 | always compare memcmp against 0, for clarity. | Ted Unangst | |
| 2014-06-21 | Pull the code that builds a DTLS sequence number out into its own function | Joel Sing | |
| to avoid duplication. Also use fewer magic numbers. ok miod@ | |||
| 2014-06-21 | Specify the correct strength bits for 3DES cipher suites. | Joel Sing | |
| From OpenSSL. ok miod@ | |||
| 2014-06-21 | Switch to the ISC licensed versions of these files, which Google has made | Joel Sing | |
| available via boringssl. ok deraadt@ | |||
| 2014-06-21 | Pull out the sequence number selection and handle this up front. Also, the | Joel Sing | |
| correct record is already known, so avoid reassignment. | |||
| 2014-06-21 | More KNF and clean up. | Joel Sing | |
| 2014-06-21 | More KNF. | Joel Sing | |
| 2014-06-21 | More KNF. | Joel Sing | |
| 2014-06-21 | KNF | Miod Vallat | |
| 2014-06-21 | KNF | Miod Vallat | |
| 2014-06-21 | Fix memory leak in error path. | Loganaden Velvindron | |
| OK from miod@ | |||
| 2014-06-21 | hash in correct pointer | Theo de Raadt | |
| 2014-06-20 | Remove the OPENSSL_*cap getenv's. A program should not be able to | Theo de Raadt | |
| change the behaviour of the library in such a complicated fashion. ok miod | |||
| 2014-06-20 | wrap getenv OPENSSL_ALLOW_PROXY_CERTS in an issetugid check, to protect | Theo de Raadt | |
| setuid applications from being fooled. ok miod | |||
| 2014-06-20 | KNF | Bob Beck | |
| 2014-06-20 | indent | Theo de Raadt | |
| 2014-06-20 | rearrange so that the main function with the important comments is at the top | Otto Moerbeek | |
| ok deraadt@ beck@ | |||
| 2014-06-20 | Work in progress on how to deal with the inherit unreliability of | Bob Beck | |
| /dev/urandom. Does well in the fallback case. Get it in tree so it can be worked on. ok otto@ deraadt@ | |||
| 2014-06-20 | Remove OPENSSL_instrument_halt and OPENSSL_far_spin, which both might | Miod Vallat | |
| have been used under DJGPP in the previous century (if at all). | |||
| 2014-06-20 | Fix incorrect bounds check in amd64 assembly version of bn_mul_mont(); | Miod Vallat | |
| noticed and fix by Fedor Indutny of Joyent ( https://github.com/joyent/node/issues/7704 ) | |||
| 2014-06-19 | convert CRYPTO_memcmp to timingsafe_memcmp based on current policy favoring | Ted Unangst | |
| libc interfaces over libcrypto interfaces. for now we also prefer timingsafe_memcmp over timingsafe_bcmp, even when the latter is acceptable. ok beck deraadt matthew miod | |||
| 2014-06-19 | check stack push return and make some effort to clean up. ok beck miod | Ted Unangst | |
| 2014-06-19 | improve error checking. set error code on error, and check malloc return. | Ted Unangst | |
| add missing unlock in one case. ok lteo miod | |||
| 2014-06-18 | In ssl3_send_newsession_ticket(), fix a memory leak in an error path. | Miod Vallat | |
| 2014-06-18 | Make sure to always invoke EVP_CIPHER_CTX_cleanup() before returning in the | Miod Vallat | |
| error paths from tls_decrypt_ticket(). ok tedu@ | |||
| 2014-06-18 | Use asprintf() instead of a fixed 128-byte size in SSL_CIPHER_description() | Miod Vallat | |
| when no storage buffer is passed. ok deraadt@ tedu@ | |||
| 2014-06-18 | In SSL_COMP_add_compression_method(), make sure error cases actually return | Miod Vallat | |
| `error' rather than `success'. ok deraadt@ | |||
| 2014-06-17 | ssl_session_cmp is not a sort function, can use CRYPTO_memcmp here too. | Ted Unangst | |
| 2014-06-15 | free iv, then cleanse. from Cyril Jouve | Ted Unangst | |
| 2014-06-15 | Simplify EVP_MD_CTX_create() by just using calloc(). Also, use 0 rather | Joel Sing | |
| than '\0' for several memset(). ok beck@ miod@ | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |