src - OpenBSD base system

Age	Commit message (Collapse)	Author
2015-06-20	Remove obsolete MDC-2DES from libcrypto.	Doug Hogan
	ok deraadt@ jsing@ miod@
2015-06-19	Disable ENGINE_load_dynamic (dynamic engine support).	Brent Cook
	We do not build, test or ship any dynamic engines, so we can remove the dynamic engine loader as well. This leaves a stub initialization function in its place. ok beck@, reyk@, miod@
2015-02-14	Words read better when they are separated by spaces.	Miod Vallat

2014-12-06	fix manual names that clash with other manuals	Ingo Schwarze

2014-07-13	OPENSSL_{malloc,free} -> {malloc,free}	Miod Vallat

2014-07-12	Remove this sentence:	Miod Vallat
	``The probability that a randomly generated key is weak is -1/2^52, so it is not really worth checking for them.'' This kind of naively optimistic attitude is not compatible with security.
2014-07-11	Huge documentation update for libcrypto and libssl, mostly from Matt Caswell,	Miod Vallat
	Jeff Trawick, Jean-Paul Calderone, Michal Bozon, Jeffrey Walton and Rich Salz, via OpenSSL trunk (with some parts not applying to us, such as SSLv2 support, at least partially removed).
2014-07-10	Try and fix the horrible coding style of the example code snippets.	Miod Vallat

2014-07-10	Remove empty sections and references to des_modes(7) which we don't have.	Miod Vallat

2014-07-10	Fewer lies, also do not document DES_3cbc_encrypt anymore.	Miod Vallat

2014-07-10	Features introduce in OpenSSL 0.9.8 do not deserve their own section.	Miod Vallat
	Instead, fold their description in the main documentation, and update the history section to mention them as well.
2014-07-10	Attempt to (incompletely) document EVP_aes_*().	Miod Vallat
	When EVP_des_cbc() was suggested, suggest EVP_aes_256_cbc() instead. Remove mention of EVP_des_ede3_cbc() being the algorithm of choice for S/MIME. Don't mention US-export limited RC2 algorithms, you'd better not know about them.
2014-07-09	Update to match the current state of crypto/rand, and remove MLINKS for	Miod Vallat
	RAND_event and RAND_screen.
2014-07-09	Remove mention that the PRNG needs to be seeded before invoking some	Miod Vallat
	functions.
2014-07-09	miod@ fixed the "bug" so remove reference to it in the man pod^Wpage.	Joel Sing

2014-06-28	Add a missing word.	Jeremie Courreges-Anglas

2014-05-30	remove some of the bigger lies, as applicable to libressl.	Ted Unangst

2014-05-04	Improve line wrapping for lines exceeding 80 chars.	Jim Razmus II
	ok jmc@
2014-05-04	Remove trailing whitespace.	Jim Razmus II
	fine jmc@
2014-04-19	egd is gone	Theo de Raadt

2014-04-16	Sync the list of man pages for libcrypto, explicity rename conflicting	Martin Pieuchot
	pages instead of doing it in the Makefiles and move a libssl page where it belongs. ok miod@
2014-04-15	Replace the old OpenSSL PRNG by direct use of arc4random_buf(), keeping the	Miod Vallat
	existing RAND interfaces unchanged. All interfaces allowing external feed or seed of the RNG (either from a file or a local entropy gathering daemon) are kept for ABI compatibility, but are no longer do anything. While the OpenSSL PRNG was required 15+ years ago when many systems lacked proper entropy collection, things have evolved and one can reasonably assume it is better to use the kernel (system global) entropy pool rather than trying to build one's own and having to compensate for thread scheduling... <RANT> Whoever thought that RAND_screen(), feeding the PRNG with the contents of the local workstation's display, under Win32, was a smart idea, ought to be banned from security programming. </RANT> ok beck@ deraadt@ tedu@
2014-04-14	Remove the GMP engine: It was an experimental engine using libgmp as	Reyk Floeter
	an alternative backend for BIGNUM calculations. It is PoC code that is not enabled in OpenSSL and probably not used by anymore. ok deraadt@
2014-04-14	Remove the nuron engine. The static engine is not standalone and the	Reyk Floeter
	FPGA-based device is long obsolete.
2014-04-14	Remove the nCipher CHIL engine. It is not standalone and depends on	Reyk Floeter
	external libraries that aren't covered by the same license.
2014-04-13	Remove the AEP engine: it is not standalone and doesn't seem to be	Reyk Floeter
	relevant anymore. OpenSSL should have a better way to include 3rd party engines: either completely and free or external. But including a wrapper for a non-free wrapper in the code base does not make much sense and could also be provided by the vendor. ok deraadt@
2014-04-13	Remove the Atalla engine: It is not standalone and depends on external	Reyk Floeter
	non-free libraries. OpenSSL should have a better way to include 3rd party engines: either completely free or external. But including a wrapper for a non-free wrapper in the code base does not make much sense and could also be provided by the vendor. ok deraadt@
2014-04-13	Remove the cswift engine: it is not standalone and we don't have the	Reyk Floeter
	hardware. The vendor_defns/cswift.h does not specify a copyright and theoretically defaults to the OpenSSL license, but it also mentions that it includes parts that have been "clipped" from CryptoSwift's proprietary headers. This file should better include an explicit copyright statement or mention OpenSSL's library instead of the ambiguous "Attribution notice". ok deraadt@
2014-04-13	Remove the "sureware" engine:	Reyk Floeter
	The vendor_defns/sureware.h file by Baltimore Technologies Ltd. has a copyright that does not grant rights! Vendor files should either include a compatible license in the copyright statement or use OpenSSL's defaults, but adding a copyright statement without any terms is not acceptable. It should not have been included in the first place. ok deraadt@
2014-04-13	Remove the Broadcom ubsec engine:	Reyk Floeter
	The vendor_defns/hw_ubsec.h file has a copyright that does not grant rights! Vendor files should either include a compatible license in the copyright statement or use OpenSSL's defaults, but adding a copyright statement without any terms is not acceptable. It should not have been included in the first place. (The ubsec(4) kernel driver is not affected by this change) ok deraadt@
2014-04-13	Remove the IBM 4758 engine: we don't have this hardware and it is an	Reyk Floeter
	old PCI accelerator that was EOL'ed in 2005. ok deraadt@
2014-04-13	Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.	Miod Vallat

2014-04-13	Import OpenSSL 1.0.1g	Miod Vallat

2014-03-18	prepare manpages for new perl.	Marc Espie
	Note that I missed two of these in the diff shown initially, thx to the atrocious Makefile rule... okay millert@, sthen@, basically
2012-10-13	resolve conflicts	Damien Miller

2010-10-01	resolve conflicts, fix local changes	Damien Miller

2010-10-01	import OpenSSL-1.0.0a	Damien Miller

2008-09-06	resolve conflicts	Damien Miller

2008-09-06	import of OpenSSL 0.9.8h	Damien Miller

2006-06-27	resolve conflicts	Damien Miller

2005-04-29	resolve conflicts	Damien Miller

2004-04-08	merge 0.9.7d	Markus Friedl

2004-04-07	import openssl-0.9.7d	Markus Friedl

2003-05-12	merge 0.9.7b with local changes; crank majors for libssl/libcrypto	Markus Friedl

2003-05-11	import 0.9.7b (without idea and rc5)	Markus Friedl

2003-02-28	DSAparams_print_pf() -> DSAparams_print_fp()	Cedric Berger
	ok deraadt@
2002-09-14	merge with openssl-0.9.7-stable-SNAP-20020911,	Markus Friedl
	new minor for libcrypto (_X509_REQ_print_ex) tested by miod@, pb@
2002-09-12	import openssl-0.9.7-stable-SNAP-20020911 (without idea)	Markus Friedl

2002-09-10	merge openssl-0.9.7-beta3, tested on vax by miod@	Markus Friedl

2002-05-15	import openssl-0.9.7-beta1	Bob Beck