src - OpenBSD base system

Age	Commit message (Collapse)	Author
2017-06-10	fix broken markup of callback arguments; found with mandoc -Tlint	Ingo Schwarze

2017-05-07	Drop cipher suites with DSS authentication - there is no good reason to	Joel Sing
	keep these around. ok beck@
2017-05-07	Instead of starting a 'zero-sized' CBB at the size of the first addition	Joel Sing
	to the CBB, then doubling, start with an initial size of 64 bytes. Almost all uses will exceed this size and we avoid multiple small recallocarray() calls during the initial usage. ok beck@
2017-05-07	Move state from ssl->internal to the handshake structure.	Bob Beck
	while we are at it, convert SSLerror to use a function internally, so that we may later allocate the handshake structure and check for it ok jsing@
2017-05-06	Bring in an SSL_HANDSHAKE structure and commence the great shovelling	Bob Beck
	ok jsing@, gcc@, regress@
2017-05-06	Provide SSL{,_CTX}_set_{min,max}_proto_version() functions.	Joel Sing
	Rides minor bump. ok beck@
2017-05-06	Bump minors for symbol addition in libcrypto	Bob Beck
	ok jsing@
2017-05-06	Add missing $OpenBSD$ tags.	Joel Sing

2017-04-30	Only enable -Werror on libcrypto/libssl/libtls if we are building with	Joel Sing
	gcc4. This should avoid failed builds while transitioning compilers. While here also make the CFLAGS blocks consistent across makefiles. Discussed with deraadt@, ok beck@
2017-04-30	Switch back to freezero() and explicitly initialise data_len to zero. The	Joel Sing
	previous code was safe since data would always be NULL if data_len was uninitialised, however compilers cannot know this.
2017-04-29	Fix a bug caused by the return value being set early to signal successful	Joel Sing
	DTLS cookie validation. This can mask a later failure and result in a positive return value being returned from ssl3_get_client_hello(), when it should return a negative value to propagate the error. Ironically this was introduced in OpenSSL 2e9802b7a7b with the commit message "Fix DTLS cookie management bugs". Fix based on OpenSSL. Issue reported by Nicolas Bouliane <nbouliane at jive dot com>. ok beck@
2017-04-29	Revert previous - we still want to do this, but I forgot about the installer	Bob Beck
	and want to avoid the wrath of theo when he arrives home in a couple of hours :)
2017-04-29	We now require you to have a working libpthread	Bob Beck

2017-04-29	Make it safe to call SSL_library_init more than once.	Bob Beck
	We are basically admitting that pthread is everywhere, and we will be using it for other things too. ok jsing@
2017-04-16	backout previous, data_len is not always initialized	Otto Moerbeek

2017-04-14	Use freezero(3) when cleaning up session tickets - not only does it require	Joel Sing
	less code, but there is also a potential performance gain since they can be larger allocations.
2017-04-14	Use freezero(3) to clean up the X25519 keys - simpler, cleaner code.	Joel Sing

2017-04-14	Use freezero(3) in the CBB clean up path, since this could hold sensitive	Joel Sing
	information (such as master keys).
2017-04-14	Switch i2d_SSL_SESSION() back to freezero(3) now that the size constraints	Joel Sing
	have been relaxed.
2017-04-14	Clean up server key exchange EC point handling. Encode the point directly	Joel Sing
	into the CBB memory, rather than mallocing and memcpying, which also makes makes the code more consistent with the client. Add a missing check for the first EC_POINT_point2oct() call. ok beck@
2017-04-11	Revert ssl_asn1.c r1.50 - CBB and freezero(3) do not play nicely together.	Joel Sing
	Back this out while we investigate and implement a solution. Found the hard way by sthen@
2017-04-10	Use freezero() for the internal opaque structures, instead of the current	Joel Sing
	explicit_bzero()/free(). Less code and potentially less overhead.
2017-04-10	Use freezero() for X25519 keys - same result with more readable code.	Joel Sing

2017-04-10	freezero() the key block; simpler code and less of it.	Joel Sing

2017-04-10	Use freezero() for i2d_SSL_SESSION() - one line of code instead of three.	Joel Sing
	In this case the memory allocated can also be significant, in which case freezero() will have less overhead than explicit_bzero() (munmap instead of touching all of the memory to write zeros).
2017-04-10	fix some .Xr errors that jmc@ found with mdoclint(1)	Ingo Schwarze

2017-04-10	new manual page SSL_get_server_tmp_key(3)	Ingo Schwarze
	from Matt Caswell <matt@openssl.org>, OpenSSL commit 508fafd8
2017-04-10	Additional SSL_SESSION documentation	Ingo Schwarze
	from Matt Caswell <matt at openssl dot org>, OpenSSL commit b31db505. Improve crosslinking while here.
2017-04-10	for pure *_ctrl() wrapper macros, move the reference from ssl(3)	Ingo Schwarze
	to SSL_CTX_ctrl(3) to make ssl(3) slightly more palatable
2017-04-10	new manual page SSL_CTX_set_tlsext_servername_callback(3) for SNI;	Ingo Schwarze
	from <Jon dot Spillett at oracle dot com> via OpenSSL commit 8c55c461
2017-04-10	Convert various client key exchange functions to freezero(3). The memory	Joel Sing
	contents needs to be made inaccessible - this is simpler and less error prone than the current "if not NULL, explicit_bzero(); free()" dance.
2017-04-10	pasto; from <Jon dot Spillett at oracle dot com> via OpenSSL commit 3aaa1bd0	Ingo Schwarze

2017-04-10	typo fix; from <Jon dot Spillett at oracle dot com>	Ingo Schwarze
	via OpenSSL commit 7bd27895
2017-03-29	tweak previous;	Jason McIntyre

2017-03-28	Fix typo in function name;	Ingo Schwarze
	from Markus Triska <triska at metalevel dot at> via OpenSSL commit 1f164c6f.
2017-03-28	After i wrote SSL_renegotiate(3) from scratch, OpenSSL also	Ingo Schwarze
	documented the function. Merge the more detailed descriptions and the additional documentation of SSL_renegotiate_abbreviated(3) and SSL_renegotiate_pending(3). From Matt Caswell, OpenSSL commit 39820637.
2017-03-25	Update RFC reference for TLSEXT_TYPE_padding.	Joel Sing

2017-03-25	Check tls1_PRF() return value in tls1_generate_master_secret().	Joel Sing

2017-03-25	More cleanup for tls1_PRF()/tls1_P_hash() - change the argument order of	Joel Sing
	tls1_PRF() so that it matches tls1_P_hash(), use more explicit argument names and change lengths to size_t. ok inoguchi@
2017-03-18	Fewer magic numbers.	Joel Sing

2017-03-18	t1_enc.c	Joel Sing

2017-03-18	Currently tls1_PRF() requires that a temporary buffer be provided, that	Joel Sing
	matches the size of the output buffer. This is used in the case where there are multiple hashes - tls_P_hash() is called with the temporary buffer and the result is then xored into the output buffer. Avoid this by simply using a local buffer in tls_P_hash() and then xoring the result into the output buffer. Overall this makes the code cleaner and simplifies all of the tls_PRF() callers. Similar to BoringSSL. ok inoguchi@
2017-03-10	Remove the handshake digests and related code, replacing remaining uses	Joel Sing
	with the handshake hash. For now tls1_digest_cached_records() is retained to release the handshake buffer. ok beck@ inoguchi@
2017-03-10	Switch CBB to use recallocarray() - this ensures that we do not leak	Joel Sing
	secrets via realloc(). ok inoguchi@
2017-03-10	First pass at cleaning up the tls1_P_hash() function - remove a pointless	Joel Sing
	EVP_DigestSignInit() call and avoid the need for ctx_tmp by reordering the code slightly. ok inoguchi@
2017-03-10	Make tls1_PRF() non-static so it can be regress tested.	Joel Sing

2017-03-07	Correctly handle TLS PRF with MD5+SHA1 - the secret has to be partitioned	Joel Sing
	and each hash processed separately. Tested by tb@
2017-03-06	Clean up and simplify the tls1_PRF() implementation now that we have a	Joel Sing
	single EVP MD for the PRF hash. ok beck@ inoguchi@
2017-03-05	Correctly convert an SSLv2 challenge into an SSLv3/TLS client random by	Joel Sing
	truncating or left zero padding. ok beck@ inoguchi@ sthen@
2017-03-05	Provide a rolling handshake hash that commences as soon as the cipher	Joel Sing
	suite has been selected, and convert the final finish MAC to use this handshake hash. This is a first step towards cleaning up the current handshake buffer/digest code. ok beck@ inoguchi@