src - OpenBSD base system

Age	Commit message (Collapse)	Author
2014-08-28	preserve errno value on success.	Brent Cook
	If getrandom returns a temporary failure, make sure errno is not polluted when it succeeds. Thanks to deraadt@ for pointing it out.
2014-08-16	only build the getrandom path if SYS_getrandom is defined.	bcook
	like the sysctl path
2014-08-16	getrandom(2) support for getentropy_linux	bcook
	This enables support for the new getrandom(2) syscall in Linux 3.17. If the call exists and fails, return a failure in getentropy(2) emulation as well. This adds a EINTR check in case the urandom pool is not initialized. Tested on Fedora Rawhide with 3.17rc0 and Ubuntu 14.04 ok deraadt@
2014-08-14	fixed overrid(d)en typo	Tobias Stoeckmann
	millert@ and jmc@ agree that "overriden" is wrong
2014-08-13	munmap correct object in (extremely unlikely, and effectively terminal)	Theo de Raadt
	case of failing to map the 2nd object. found by Paul Maurers
2014-08-11	Guard RSA / RC4-5 ASM when NO_ASM is not defined	bcook
	Most assembly blocks remain inactive if OPENSSL_NO_ASM is not defined, only enabling inline assembly, but the RSA / RC4-5 blocks (used only in amd64 systems) turn on implicitly. Guard these two as well. This simplifies enabling just inline ASM in portable, no effective change in OpenBSD.
2014-07-28	Remove SRP code. It contains a bug (this should not surprise anyone), but	Ted Unangst
	the details are under embargo. The original plan was to wait for the embargo to lift, but we've been waiting for quite some time, and there's no indication of when or even if it will end. No sense in dragging this out any longer. The SRP code has never been enabled in OpenBSD, though I understand it is in use by some other people. However, in light of this and other issues, we're officially saying SRP is outside the scope of libressl. (For now.)
2014-07-22	better match proposed syscall api	bcook

2014-07-21	protect sysctl path with SYS__sysctl instead; from enh@google, ok bcook	Theo de Raadt

2014-07-21	Use explicit_bzero() instead of memset() on buffers going out of scope.	Philip Guenther
	Also, zero the SHA256 context. suggested by "eric" in a comment on an opensslrampage.org post ok miod@ deraadt@
2014-07-21	cast from void * before math; enh@google	Theo de Raadt

2014-07-20	Move more OS-specific functionality to arc4random.h headers.	bcook
	Move <sys/mman.h> and raise(SIGKILL) calls to OS-specific headers. On OpenBSD, move thread_private.h as well to arc4random.h. On Windows, use TerminateProcess on getentropy failure. ok deraadt@
2014-07-20	initial win32 ARC4_LOCK/UNLOCK implementation.	bcook
	It may make sense to later replace this with a Critical Section later. ok guenther@
2014-07-20	Demonstrate how new linux getrandom() will be called, at least until	Theo de Raadt
	it shows up in libraries. Even the system call is probably not finalized. Bit dissapointed it has turned out to be a descriptor-less read() with EINVAL and EINTR error conditions, but we can work with it.
2014-07-19	remove disabled main hook; we use phdr now; ok bcook	Theo de Raadt

2014-07-19	tab love	Theo de Raadt

2014-07-19	Move _ARC4_ATFORK handlers from thread_private.h in portable.	bcook

2014-07-19	move _ARC4_LOCK/UNLOCK primitives from thread_private into OS-specific modules	bcook

2014-07-19	fixup typos	bcook

2014-07-19	Change _rs_allocate so it can combine the two regions (rs and rsx)	Theo de Raadt
	into one if a system has an awesome getentropy(). In that case it is valid to totally throw away the rsx state in the child. If the getentropy() is not very good and has a lazy reseed operation, this combining is a bad idea, and the reseed should probably continue to use the "something old, something new" mix. _rs_allocate() can accomodate either method, but not on the fly. ok matthew
2014-07-18	Cleanup portable arc4random fork detection code:	Matthew Dempsky
	1. Use "len" parameter instead of sizeof(rs). 2. Simplify the atfork handler to be strictly async signal safe by simply writing to a global volatile sig_atomic_t object, and then checking for this in _rs_forkdetect(). (Idea from discussions with Szabolcs Nagy and Rich Felker.) 3. Use memset(rs, 0, sizeof(rs)) to match OpenBSD's MAP_INHERIT_ZERO fork semantics to avoid any skew in behavior across platforms. ok deraadt
2014-07-18	Seperate arc4random's os-dependent parts into static inline functions,	Theo de Raadt
	making it much easier for libressl -portable to fill in the gaps. ok bcook beck
2014-07-16	Only call getauxval(3) if HAVE_GETAUXVAL is defined. Fixes build on older	Mark Kettenis
	Linux (such as Ubuntu 12.04LTS) that don't have it yet. Seems the AT_XXX defines are pulled in by <link.h> now. ok beck@
2014-07-13	Use dl_iterate_phdr() to iterate over the segments and throw the addresses	Theo de Raadt
	into the hash; hoping the system has some ASLR or PIE. This replaces and substantially improves upon &main which proved problematic with some picky linkers. Work with kettenis, testing by beck
2014-07-13	Provide a link to the canonical API specification.	Theo de Raadt
	ok beck
2014-07-13	Take away the use of the address of main as a source of entropy. Causes	Bob Beck
	distractions to people testing and seeing link errors in some setups. This will come back in another form ok deraadt@
2014-07-12	more MLINKS	Miod Vallat

2014-07-12	getentropy on Windows. It compiles but has not been thoroughly tested yet.	wouter
	OK: beck@
2014-07-12	Remove signed/unsigned warning, statement before declaration and	wouter
	add a function to use function pointers that does not take sizeof(fptr). OK beck@
2014-07-12	Remove private_{Camellia,RC4}_set_key FIPS indirection tentacles, as has been	Miod Vallat
	done for other symmetric algorithms recently.
2014-07-12	more MLINKs	Miod Vallat

2014-07-12	guard inclusion of sys/sysctl.h so we can detect at compile time and	Bob Beck
	keep linux distros happy that don't have it. ok bcook@
2014-07-12	remove gratuitous differences, ok beck	Theo de Raadt

2014-07-12	remove gratuitous differences, ok beck bcook	Theo de Raadt

2014-07-12	Solaris uses a symbolic link for /dev/urandom which harms best practice of	Bob Beck
	using O_NOFOLLOW - cope with it as best as possible by trying two different paths. - written by deraadt@ and kettenis@
2014-07-12	odds are that some ABI change occured today, no matter how careful everyone	Theo de Raadt
	is
2014-07-11	add comment about format requirements	Bob Beck
	ok miod@
2014-07-11	Huge documentation update for libcrypto and libssl, mostly from Matt Caswell,	Miod Vallat
	Jeff Trawick, Jean-Paul Calderone, Michal Bozon, Jeffrey Walton and Rich Salz, via OpenSSL trunk (with some parts not applying to us, such as SSLv2 support, at least partially removed).
2014-07-11	i'm a dumbdumb. fix build.	Ted Unangst

2014-07-11	move all the feature settings to a common header.	Ted Unangst
	probably ok beck jsing miod
2014-07-11	Fix incorrect duplicate mlinks	Bob Beck
	ok bcook@
2014-07-11	Correct incorrect mlinks	Bob Beck
	ok bcook@
2014-07-11	Fix incorrect mlinks	Bob Beck
	ok bcook@
2014-07-11	Make sure we leave OPENSSL_NO_PSK in the conf files so things	Bob Beck
	can know... ok jsing@
2014-07-09	Update to match the current state of crypto/rand, and remove MLINKS for	Miod Vallat
	RAND_event and RAND_screen.
2014-07-09	remove unused variables getentropy for OS X	bcook
	ok beck@
2014-07-09	RSA_NULL used to be a compile option allowing the RSA interfaces to be	Miod Vallat
	compiled-in, with nonfunctional code, to be able to cope with the RSA patent. However, we don't use this option, and the RSA patent has expired more than 10 years ago, so just drop this piece.
2014-07-08	Remove undocumented _des_crypt() interface and its companion header file,	Miod Vallat
	which had never been installed, so it's unlikely something ever used this in the last 15~20 years. ok deraadt@ jsing@ beck@
2014-07-08	getentropy for osx and solaris. will be needed for a portable release	Bob Beck

2014-07-08	fix oops, accidental delete.. darn copying of files between machines	Bob Beck