src - OpenBSD base system

Age	Commit message (Collapse)	Author
2018-05-14	wrap an overlong line	Theo Buehler

2018-05-13	Add const qualifier to the path and url{,s} parameters of	Theo Buehler
	OCSP_crlID_new(3), OCSP_parse_url(3), OCSP_sendreq_bio(3), OCSP_sendreq_new(3), and OCSP_url_svcloc_new(3). tested in a bulk build by sthen ok jsing (as part of a larger diff)
2018-05-13	Add const qualifier to the X509_NAME , ASN1_BIT_STRING , and	Theo Buehler
	ASN1_INTEGER * arguments of OCSP_cert_id_new(3). tested in a bulk build by sthen ok jsing (as part of a larger diff)
2018-05-13	Add const qualifier to the ASN1_OBJECT * argument of:	Theo Buehler
	OCSP_REQUEST_get_ext_by_OBJ(3), OCSP_ONEREQ_ext_by_OBJ(3) OCSP_BASICRESP_get_ext_by_OBJ(3), OCSP_SINGLERESP_get_ext_by_OBJ(3) tested in a bulk build by sthen ok jsing (as part of a larger diff)
2018-03-17	Provide OCSP_SINGLERESP_get0_id().	Joel Sing

2017-01-29	Send the function codes from the error functions to the bit bucket,	Bob Beck
	as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
2016-12-30	Expand ASN1_ITEM_rptr macros - no change in preprocessor output.	Joel Sing

2016-12-30	Expand ASN1_ITEM_rptr macros - no change in generated assembly.	Joel Sing

2016-12-27	Remove all DECLARE_ASN1_SET_OF macro usage - since 2000 these have been	Joel Sing
	nothing but markers for utils/mkstack.pl... and we removed the code that generated more macros from these markers in 2014.
2016-12-27	Kill some #if 0 code that uses old-style ASN.1 encoding.	Joel Sing

2016-12-21	rewrite OCSP_parse_url to be sligthly less nasty and not have one byte ↵	Bob Beck
	buffer overreads helpful nitpicking and ok tb@ miod@
2016-11-05	Check BIO_new*() for failure.	Miod Vallat
	ok beck@ jsing@
2016-11-05	X509_STORE_CTX_set_*() may fail, so check for errors.	Miod Vallat
	ok beck@
2016-11-04	Kill a bunch of OLD_ASN1 usage by replacing ASN1_{d2i,i2d}_* with	Joel Sing
	ASN1_item_{d2i,i2d}_* equivalents. ok guenther@ miod@
2016-11-04	make public ASN1_time_parse and ASN1_time_tm_cmp to replace former hidden	Bob Beck
	functions.. document with a man page. bump majors on libtls, libssl, libcrypto ok jsing@ guenther@
2016-09-04	Expand DECLARE_ASN1_.*FUNCTIONS macros.	Joel Sing
	No change in preprocessed output, ignoring whitespace and line numbers.
2016-07-16	Clean up OCSP_check_validity() a bit more.	Bob Beck
	- Return on first failure rather than continuing. - Don't compare times by comparing strings that possibly were not parsable as a time. ok deraadt@
2016-07-05	remove unneeded duplicate call - spotted by jsing@	Bob Beck

2016-07-05	Add several fixes from OpenSSL to make OCSP work with intermediate	Bob Beck
	certificates provided in the response. - makes our newly added ocsp regress test pass too.. ok bcook@
2016-06-25	Fix from kinichiro.inoguchi@gmail.com to ensure that OCSP uses	Bob Beck
	Generalized Time on requests as per RFC6960
2016-06-25	Fix the ocsp code to actually check for errors when comparing time values	Bob Beck
	which was not being done due to a lack of checking of the return code for X509_cmp_time. Ensure that we only compare GERNERALIZEDTIME values because this is what is specified by RFC6960. Issue reported, and fix provided by Kazuki Yamaguchi <k@rhe.jp> ok bcook@
2015-09-26	Use ASN1_item_dup() instead of ASN1_dup().	Joel Sing
	ok bcook@
2015-07-25	Expand ASN.1 template macros - no change in generated assembly.	Joel Sing

2015-07-19	Drop stupid (int) casts for the arguments of malloc() and friends. This is	Miod Vallat
	not 16-bit MS-DOS anymore. ok bcook@ tedu@
2015-07-16	Check return value of all used functions in OCSP_REQUEST_print(); covers	Miod Vallat
	Coverity CID 78796; ok beck@
2015-02-10	Manually expand ASN1_ITEM_rptr macros that should have been expanded with	Joel Sing
	the IMPLEMENT_ASN1_DUP_FUNCTION macro.
2015-02-10	Expand the IMPLEMENT_ASN1_DUP_FUNCTION macro so that the code is visible	Joel Sing
	and functions can be readily located. Change has been scripted and the generated assembly only differs by changes to line numbers. Discussed with beck@ miod@ tedu@
2015-02-09	Expand the IMPLEMENT_ASN1_FUNCTIONS macro so that the code is visible and	Joel Sing
	functions can be readily located. Change has been scripted and there is no change to the generated assembly. Discussed with beck@ miod@ tedu@
2014-10-28	Check the result of sk_*_push() operations for failure.	Miod Vallat
	ok doug@ jsing@
2014-10-22	Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes().	Joel Sing
	arc4random_buf() is guaranteed to always succeed - it is worth noting that a number of the replaced function calls were already missing return value checks. ok deraadt@
2014-10-18	None of these need to include <openssl/rand.h>	Joel Sing

2014-10-03	Use string literals in printf style calls so gcc's -Wformat works.	Doug Hogan
	ok tedu@, miod@
2014-07-25	BIO_free() returns immediately when the sole input is NULL.	Doug Hogan
	Remove unnecessary NULL check. ok miod@
2014-07-13	The bell tolls for BUF_strdup - Start the migration to using	Bob Beck
	intrinsics. This is the easy ones, a few left to check one at a time. ok miod@ deraadt@
2014-07-12	Principle of least surprise: make CMAC_CTX_free(), OCSP_REQ_CTX_free() and	Miod Vallat
	X509_STORE_CTX_free() accept NULL pointers as input without dereferencing them, like all the other well-behaved *_CTX_free() functions do.
2014-07-11	Only import cryptlib.h in the four source files that actually need it.	Joel Sing
	Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
2014-07-10	Explicitly include <openssl/opensslconf.h> in every file that references	Joel Sing
	an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included. This also includes some miscellaneous sorting/tidying of headers.
2014-07-10	Stop including standard headers via cryptlib.h - pull in the headers that	Joel Sing
	are needed in the source files that actually require them. ok beck@ miod@
2014-07-09	reset host, port, path to null after freeing so the caller doesn't	Ted Unangst
	accidentally free them again. actually a bug in the caller and (hey hey) apps/ocsp.c has exactly that bug, but it's easier/safer to fix here.
2014-07-09	ocsp_check_ids says "If algoritm mismatch let caller deal with it" before	Ted Unangst
	returning 2. The one and only caller doesn't check for that, so... Stop returning it. ok miod
2014-06-12	tags as requested by miod and tedu	Theo de Raadt

2014-05-30	no need for null check before free. from Brendan MacDonell	Ted Unangst

2014-05-23	Not OPENSSL_SYS_SUNOS.	Joel Sing

2014-05-18	Plug memory leaks upon error in OCSP_url_svcloc_new().	Miod Vallat
	ok jsing@
2014-05-18	In OCSP_sendreq_bio(), cope with OCSP_sendreq_new() returning NULL.	Miod Vallat
	ok jsing@
2014-05-18	More KNF.	Joel Sing

2014-05-17	unchecked malloc() return value in OCSP_sendreq_new().	Miod Vallat

2014-05-17	KNF	Miod Vallat

2014-04-26	Replace all use of ERR_add_error_data with ERR_asprintf_error_data.	Bob Beck
	This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
2014-04-18	Put the final pieces from e_os.h in the required places, and remove it.	Theo de Raadt
	"dance on it's grave" says beck ok guenther beck