src - OpenBSD base system

Age	Commit message (Collapse)	Author
2014-04-17	fix a potential double free	Jonathan Gray
	ok miod@
2014-04-17	remove OPENSSL_realloc_clean usage here - replace with intrinsics to make	Bob Beck
	it obvious what should happen. ok tedu@
2014-04-17	Fully kill FIPS API. Forcible certification conflicts with the goals of a	Ted Unangst
	free software project. ok beck deraadt Ports calling FIPS_mode_set(1): mongodb
2014-04-17	Initial KNF.	Joel Sing

2014-04-17	I've replaced everything in this file. ISC liscense it with my copyright	Bob Beck

2014-04-17	remove some code that is now unused after guenther's changes in 1.20.	Jonathan Gray

2014-04-17	KNF.	Joel Sing

2014-04-17	Initial KNF.	Joel Sing

2014-04-17	simply wrap around intrinsics, and knf cleanup.	Bob Beck
	ok miod@ deraadt@
2014-04-17	Change library to use intrinsic memory allocation functions instead of	Bob Beck
	OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
2014-04-17	Revert unintended whitespace changes.	Joel Sing

2014-04-17	OPENSSL_gmtime() is not a gmtime() wrapper. It is a gmtime_r().	Theo de Raadt
	Always trying to confuse people... ok guenther
2014-04-17	OPENSSL_DECLARE_EXIT serves no purpose.	Theo de Raadt

2014-04-17	1. RAND_seed is now DEPRECATED	Theo de Raadt
	2. Even passing a digest in as entropy is sloppy. But apparently the OpenSSL guys could find no objects of lesser value to pass to the pluggable random subsystem, and had to resort to private keys and digests. Classy. ok djm
2014-04-17	RAND_seed now does nothing, so skip the operation	Theo de Raadt

2014-04-17	Do not feed RSA private key information to the random subsystem as	Theo de Raadt
	entropy. It might be fed to a pluggable random subsystem.... What were they thinking?! ok guenther
2014-04-17	remove duplicated tests in if statements	Jonathan Gray
	ok krw@ sthen@ deraadt@
2014-04-17	unistd.h is always in the same place; no need to #include the result of	Theo de Raadt
	a maze of conditional #define's
2014-04-17	OpenSSL PR#3309: when looking for an extension, set the last found position	Stuart Henderson
	to -1 to properly search all extensions. ok tedu@ From http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=300b9f0b70
2014-04-17	move enginetest to regress as was done with the other tests	Jonathan Gray

2014-04-17	call the correct decrypt function in aes_cbc_cipher()	Jonathan Gray
	From: commit e9c80e04c1a3b5a0de8e666155ab4ecb2697a77d Author: Andy Polyakov <appro@openssl.org> Date: Wed Dec 18 21:42:46 2013 +0100 evp/e_[aes\|camellia].c: fix typo in CBC subroutine. It worked because it was never called. Our e_camellia.c does not have this problem. ok miod@ deraadt@
2014-04-17	tag some functions with bounded. idea and ok djm	Ted Unangst

2014-04-16	TANSTAAFL - delete the buf freelist code. if you need a better malloc, get	Ted Unangst
	a better malloc. ok beck deraadt
2014-04-16	add back SRP. i was being too greedy.	Ted Unangst

2014-04-16	Clean up dangerous strncpy use. This included a use where the resulting	Bob Beck
	string was potentially not nul terminated and a place where malloc return was unchecked. while we're at it remove dummytest.c ok miod@
2014-04-16	- Why do we hide from the OpenSSL police, dad?	Miod Vallat
	- Because they're not like us, son. They use macros to wrap stdio routines, for an undocumented (OPENSSL_USE_APPLINK) use case, which only serves to obfuscate the code. ok tedu@
2014-04-16	> As I walk through the valley of the shadow of death	Ted Unangst
	> I take a look at my life and realize there's nothin' left > Cause I've been blasting and laughing so long, > That even my mama thinks that my mind is gone Remove even more unspeakable evil being perpetuated in the name of VMS. (and lesser evils done in the name of others.) ok miod
2014-04-16	delete a few leftovers	Ted Unangst

2014-04-16	fix a few bugs observed on http://www.viva64.com/en/b/0250/	Ted Unangst
	ok krw miod
2014-04-16	Thanks to the knobs in http://tools.ietf.org/html/rfc5746, we have a knob	Bob Beck
	to say "allow this connection to negotiate insecurely". de-fang the code that respects this option to ignore it. ok miod@
2014-04-16	disentangle SRP code from TLS	Ted Unangst

2014-04-16	whack the ifdef pinata:	Ted Unangst
	OPENSSL_SYSNAME_VXWORKS OPENSSL_SYS_VMS OPENSSL_SYS_MSDOS OPENSSL_UNISTD OPENSSL_SYS_WIN16 WIN_CONSOLE_BUG OPENSSL_SYS_WINCE SGTTY OPENSSL_SYS_MACINTOSH_CLASSIC MAC_OS_GUSI_SOURCE OPENSSL_SYS_NETWARE OPENSSL_SYS_SUNOS __DJGPP__ OPENSSL_SYS_BEOS OPENSSL_SYS_WIN32
2014-04-16	Zero-pad usec format to handle values less than 100,000 correctly	Philip Guenther
	ok matthew@ tedu@
2014-04-16	Mandatory Surgeon Guenther's Warning: This code could not possibly be	Ted Unangst
	correct because it doesn't zerofill the front of usecs, but that's the way I found it. a more thorough emulation of the old code, but with fewer whacky snprintf pointer arithmetic antics. ok beck guenther
2014-04-16	revert. the full horror has only now revealed itself.	Ted Unangst

2014-04-16	replace some bio_snprintf crazy with regular snprintf.	Ted Unangst
	beck had a diff to convert to strftime, but it's easier to verify this is functionally the same. ok beck.
2014-04-16	Kill the bogus "send an SSLv3/TLS hello in SSLv2 format" crap from	Philip Guenther
	the SSLv23_* client code. The server continues to accept it. It also kills the bits for SSL2 SESSIONs; even when the server gets an SSLv2-style compat handshake, the session that it creates has the correct version internally. ok tedu@ beck@
2014-04-16	More KNF.	Joel Sing

2014-04-16	More KNF.	Joel Sing

2014-04-16	Make this byzantine horror a shell of it's former self by stubbing the	Bob Beck
	functions. The ability to set the debug mem functions died with mem.c, but some of the rest of this is still exposed API so we can't delete it.. yet... ok tedu@
2014-04-16	Some software expects RAND_status() to return 1 for success, so always	Reyk Floeter
	return 1 in the arc4random backend because there is no possible error condition. Unbreaks lynx, git and friends. ok miod@ dcoppa@
2014-04-16	Clean up non-fatal error handling - we know which error numbers we have	Joel Sing
	defined. ok miod@ beck@
2014-04-16	Sync the list of man pages for libcrypto, explicity rename conflicting	Martin Pieuchot
	pages instead of doing it in the Makefiles and move a libssl page where it belongs. ok miod@
2014-04-16	Remove _CRAY references. Note that this pleads for the use of <stdint.h>	Miod Vallat
	fixed-width types instead of choosing int or long depending upon what we think the architecture support.
2014-04-16	Remove DES_read_password and DES_read_2passwords which are `modern' flavours	Miod Vallat
	of des_old.h routines, acting as wrappers about the OpenSSL UI API. Nothing should use these functions directly. Riding the recent libcrypto major bump (in a `des' car).
2014-04-16	Your operating system memory allocation functions are your friend. If they	Bob Beck
	are not please fix your operating system. Replace mem.c with an API-compatible wrapper that just calls the system functions and does not allow a one word modification of a variable in a running shared library to turn on memory debug functions that expose things that should not be seen. ok tedu@
2014-04-16	dead file	Ted Unangst

2014-04-16	API compat fix. RAND_load_file can never fail now. discovered and ok beck.	Ted Unangst

2014-04-16	Remove non-posix support. Why is OPENSSL_isservice even here?	Ted Unangst
	Is this a crypto library or a generic platform abstraction library? "A hack to make Visual C++ 5.0 work correctly" ... time to upgrade.
2014-04-16	strncpy(d, s, strlen(s)) is a special kind of stupid. even when it's right,	Ted Unangst
	it looks wrong. replace with auditable code and eliminate many strlen calls to improve efficiency. (wait, did somebody say FASTER?) ok beck