src - OpenBSD base system

Age	Commit message (Collapse)	Author
2004-06-15	machdep.xcrypt now has a different meaning: Instead of > 0 indicating	Theo de Raadt
	that AES is there, we now have 3 flag bits: C3_HAS_AES, C3_HAS_SHA (SHA1 & SHA256), and C3_HAS_MM (RSA). Change this code to only look at C3_HAS_AES for now.
2004-04-27	do not link ssltest.c into libssl, stops main/doit symbols from being	Anil Madhavapeddy
	exported. no bump needed since nothing should use them, markus@ ok
2004-04-25	update missing pieces from 0.9.7d; ok henning	Markus Friedl
	crank minor for API extensions
2004-04-25	avoid NULL deref; from danh@	Markus Friedl

2004-04-25	from openssl, 1.50.2.9, make S/MIME encrypt work again.	Markus Friedl

2004-04-08	backout for now	Markus Friedl

2004-04-08	merge 0.9.7d	Markus Friedl

2004-04-07	import openssl-0.9.7d	Markus Friedl

2004-03-31	support IPv6 connections in "openssl s_client", adding -4 and -6 options to	Damien Miller
	force protocol; ok itojun@
2004-03-22	Unbreak rmd160. Was broken on sparc64 when compiled with gcc3. Fix and report	Hans-Joerg Hoexer
	by Simon Kellner. XXX This is only a temporary work-around and we still need a REAL fix for XXX this issue. Testing on different archs by marc@ tdvall@ millert@ otto@ ho@ miod@ hshoexer@ ok deraadt@
2004-03-21	Insert missing ABORT if EC_GROUP_copy() fails.	Tom Cosgrove
	ok markus@
2004-03-17	return(00); -> return(0); markus@ ok	Aaron Campbell

2004-03-17	out-of-bounds read in (unused) kerberos ciphersuites (CAN-2004-0112)	Markus Friedl

2004-03-17	avoid null-pointer deref (aka CAN-2004-0079)	Markus Friedl
	see http://www.openssl.org/news/secadv_20040317.txt
2004-02-27	change amd64's MACHINE_ARCH from x86_64 to amd64. There are many many	Theo de Raadt
	reasons for this, quite a few of them technical, and not all of them in response to Intel's broken ia32e crud. The gcc toolchain stays at x86_64 for now.
2004-02-13	Cleanup and shrink ACSS_KEY a bit. Thus crank library minor.	Hans-Joerg Hoexer
	Change cipher modes to more generic names and add an additional mode. ok deraadt@ markus@
2004-02-09	simpler ssl manpages, using --name=.	Marc Espie
	okay markus@
2004-02-04	remove some debug code and cleanup..	Theo de Raadt

2004-02-03	OK, this time the AES soft keys work with ssh and such. I spent over 3	Theo de Raadt
	hours learning that OpenSSL's internal functions for AES extended keys generate screwy byte order swapped data..
2004-02-03	oops, software key gen bug	Theo de Raadt

2004-02-03	Switch to using software generated extended keys (because the cpu cannot	Theo de Raadt
	yet generate 192 & 256 bit keys). Ensure that 192 and 256 are in the nids table. This also accelerates performance for 128 a tiny bit: type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-128-cbc 34921.48k 129617.82k 362059.93k 623649.81k 790397.77k aes-192-cbc 26227.43k 99215.33k 283242.84k 509881.15k 665323.22k aes-256-cbc 26133.22k 97458.06k 265990.84k 457824.69k 579835.09k
2004-02-03	config for arm, copied from powerpc/sparc ok markus@	Dale Rahn

2004-02-03	If on an i386, detect existance of the VIA C3 xcrypt-* using sysctl of	Theo de Raadt
	the machdep.xcrypt node. If they exist, use the xcrypt-cbc instruction to accelerate aes-{128,192,256}-cbc, for more than 100x performance increase. This code has no effect on any cpu... Tested thus far using openssl speed command, and of course, ssh. 778MB/sec AES-128-CBC performance at 8192 byte block size.
2004-01-29	cleanup byte order detection per arch a bit; mickey ok	Theo de Raadt

2004-01-28	the rest of the libs stuff; from art@ again	Michael Shalayeff

2004-01-23	Use correct cvs id string.	Hans-Joerg Hoexer
	ok deraadt@
2004-01-23	remove junk return at end	Theo de Raadt

2004-01-23	enable acss.	Hans-Joerg Hoexer
	ok @deraadt @markus Also bump minor version. ok @deraadt
2004-01-23	evp api and manual page for acss	Hans-Joerg Hoexer
	ok deraadt@ markus@
2004-01-23	Add acss to libcrypto.	Hans-Joerg Hoexer
	ok deraadt@ markus@
2004-01-14	Fix printf format string. ok markus@	Otto Moerbeek

2003-11-19	Break up the colon-separated path to -I into two -I args so the tree	Todd C. Miller
	can build with perl 5.8.2. Ok markus@
2003-11-18	use bn_asm_vax.S (from netbsd); test + ok by miod	Markus Friedl
	use asm code for i386, except for the CBC code, because it is not clean PIC code. add <machime/asm.h> support to x86unix.pl tested by: nick (on 30386), henning, djm, tedu, jmc and more; no shlib minor crank necessary, only internal symbols changed.
2003-11-13	remove obsolete files	Markus Friedl

2003-11-11	crank minor for ERR_release_err_state_table	Markus Friedl

2003-11-11	merge 0.9.7c; minor bugsfixes;	Markus Friedl
	API addition: ERR_release_err_state_table [make includes before you build libssl/libcrypto]
2003-11-11	import 0.9.7c	Markus Friedl

2003-11-11	import 0.9.7c	Markus Friedl

2003-11-11	import 0.9.7c	Markus Friedl

2003-10-25	don't destroy old pointer if realloc fails; from Daniel Lucq; ok deraadt@	Markus Friedl

2003-10-01	Correct some off-by-ones. They currently don't matter, but this	Chad Loder
	is for future safety and consistency. OK krw@, markus@
2003-09-30	more fixes from 0.9.7c, ok deraadt, cloder	Markus Friedl

2003-09-30	security fix from http://www.openssl.org/news/secadv_20030930.txt	Markus Friedl
	see also http://cvs.openssl.org/chngview?cn=11471
2003-09-29	Revert BN_cmp() change. Its arguments are const. Spotted by miod@.	Otto Moerbeek
	ok deraadt@
2003-09-25	Return immediately if argument to BN_sub_word is zero.	Otto Moerbeek
	ok markus@ deraadt@
2003-09-25	Use BN_is_zero(), not x->top == 0 to test if a BN is zero.	Otto Moerbeek
	ok markus@ deraadt@
2003-09-25	Add extra calls to bn_fix_top() in BN_cmp(), since some functions may	Otto Moerbeek
	leave an invalid BN. ok markus@ deraadt@
2003-09-22	Off-by-ones, from aaron@	Miod Vallat

2003-08-25	You shall NOT BREAK THE TREE	Theo de Raadt

2003-08-25	Setup /dev/crypto early (SSL_library_init) to make sure it's actually done	Jason Wright
	for all applications; ok markus and deraadt