| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2018-10-01 | Add retguard to arm64 libc syscalls and setjmp / longjmp. | mortimer | |
| ok kettenis@ | |||
| 2018-10-01 | As per POSIX, when str{,r}chr is comparing it should convert c to a char. | Martijn van Duren | |
| The C implementation of str{,r}chr are not linked to the build, because assembly implementations are used, but change to code for easier reference. At least the i386 and amd64 are checked and seem to do the correct thing. Found thanks to the csh any/strchr change. minor pointers and OK millert@ | |||
| 2018-09-30 | add spin lock in KERN_CPTIME cpu states | solene | |
| ok mpi@ jca@ | |||
| 2018-09-30 | Make the HISTORY sections of the "intro" manuals less confusing and | Ingo Schwarze | |
| more uniform; potential for confusion noticed by aalm@; OK jmc@. | |||
| 2018-09-30 | bump for LibreSSL 2.8.2 | Brent Cook | |
| 2018-09-26 | explicitly mention local processes; from geoff hill | Jason McIntyre | |
| ok nicm | |||
| 2018-09-26 | call _sndio_parsenum() instead of duplicating the code in parsedev(); ok ↵ | miko | |
| ratchov@ | |||
| 2018-09-26 | typo; ok jmc@ | miko | |
| 2018-09-26 | align RETURN VALUES section with pledge manual; ok deraadt@ | miko | |
| 2018-09-24 | enable futex(2) based mutexes on armv7 and use futex based semaphores in | Jonathan Gray | |
| librthread on armv7 as well from brad ok visa@ kettenis@ mpi@ | |||
| 2018-09-23 | bump for LibreSSL 2.8.1 | Brent Cook | |
| 2018-09-23 | Document bufferevent_setwatermark(). Initial diff from Geoff Hill on tech@ with | anton | |
| some tweaks. With feedback and ok jmc@ | |||
| 2018-09-22 | Correct the uid_from_user() and gid_from_group() comments. | Todd C. Miller | |
| 2018-09-19 | fix message to reflect "rmidi" is the expected string; ok ratchov@ | miko | |
| 2018-09-19 | sys/stat.h not needed here; ok ratchov@ | miko | |
| 2018-09-18 | Update to compiler-rt 6.0.0. | Patrick Wildt | |
| tested by naddy@ ok kettenis@ | |||
| 2018-09-17 | Simplify initialization of asn1_cb; use correct spelling of NULL. | Theo Buehler | |
| 2018-09-16 | Adjust sparc64 bits after libunwind 6.0.0 update. | Mark Kettenis | |
| ok visa@ | |||
| 2018-09-13 | missing comma in previous; | Jason McIntyre | |
| 2018-09-13 | Add uid_from_user() and gid_from_group(), derived from pax's cache.c. | Todd C. Miller | |
| It replaces the existing pwcache.c functions user_from_uid(3) and group_from_gid(3) with the pax equivalents. Adapted from NetBSD (mycroft) changes from our own pax's cache.c. OK guenther@ | |||
| 2018-09-12 | sync with mozilla-release (one removal, TURKTRUST, more details at | Stuart Henderson | |
| https://bugzilla.mozilla.org/show_bug.cgi?id=1439127) ok danj guenther millert | |||
| 2018-09-12 | tweak previous; | Jason McIntyre | |
| 2018-09-12 | crank to follow minor crank in libcrypto; ok tb@ jsing@ | Damien Miller | |
| 2018-09-12 | Add some accessor functions: | Damien Miller | |
| RSA_meth_get_finish() RSA_meth_set1_name() EVP_CIPHER_CTX_(get|set)_iv() feedback and ok jsing@ tb@ | |||
| 2018-09-11 | define _LIBCXXABI_BUILDING_LIBRARY to avoid the same issues as in libcxx | Robert Nagy | |
| 2018-09-11 | add -Wall to CFLAGS | Robert Nagy | |
| 2018-09-11 | instead of defining _LIBCPP_DEBUG in debug.cpp which enables some debug | Robert Nagy | |
| code which breaks quiet a few things, define _LIBCPP_BUILDING_LIBRARY for the complete build to get the needed definitions in debug.cpp without enabling debug code | |||
| 2018-09-11 | merge libc++ 6.0.0 (bump lib major); ok patrick@, kettenis@ | Robert Nagy | |
| 2018-09-11 | import of libc++ 6.0.0 | Robert Nagy | |
| 2018-09-11 | merge libc++abi 6.0.0 and bump lib minor; ok patrick@, kettenis@ | Robert Nagy | |
| 2018-09-11 | import of libc++abi 6.0.0 | Robert Nagy | |
| 2018-09-11 | merge libunwind 6.0.0; ok patrick@, kettenis@ | Robert Nagy | |
| 2018-09-11 | import of libunwind 6.0.0 | Robert Nagy | |
| 2018-09-08 | Remove now unused code for EVP_CIPH_FLAG_AEAD_CIPHER and EVP_CIPH_GCM_MODE. | Joel Sing | |
| ok inoguchi@ tb@ | |||
| 2018-09-08 | SSL_MAX_DIGEST is no longer needed. | Joel Sing | |
| 2018-09-08 | ASN1_OBJECTs should be freed with ASN1_OBJECT_free(3), not with free(3). | Theo Buehler | |
| ok inoguchi, jsing | |||
| 2018-09-08 | indent labels | Theo Buehler | |
| 2018-09-08 | missing word & a couple of typos | Theo Buehler | |
| 2018-09-07 | Fix "_nfiles" reference for crash dump. | YASUOKA Masahiko | |
| Diff from fukaumi at soum.co.jp ok mpi | |||
| 2018-09-06 | Drop SSL_CIPHER_ALGORITHM2_AEAD flag. | Joel Sing | |
| All of our algorithm_mac == SSL_AEAD cipher suites use EVP_AEAD, so we can condition on that rather than having a separate redundant flag. ok tb@ | |||
| 2018-09-05 | Use the newer/more sensible names for EVP_MD_CTX_* functions. | Joel Sing | |
| EVP_MD_CTX_create -> EVP_MD_CTX_new EVP_MD_CTX_destroy -> EVP_MD_CTX_free This should make the intent more obvious and reduce head scratching during code reviews. Raised by tb@ | |||
| 2018-09-05 | Correctly clear the current cipher state, when changing cipher state. | Joel Sing | |
| When a renegotiation results in a change of cipher suite, the renegotation would fail if it switched from AEAD to non-AEAD or vice versa. This is due to the fact that the previous EVP_AEAD or EVP_CIPHER state remained, resulting in incorrect logic that caused MAC failures. Rename ssl_clear_cipher_ctx() to ssl_clear_cipher_state() and split it into separate read/write components, then call these functions from the appropriate places when a ChangeCipherSpec message is being processed. Also, remove the separate ssl_clear_hash_ctx() calls and fold these into the ssl_clear_cipher_{read,write}_state() functions. Issue reported by Bernard Spil, who also tested this diff. ok tb@ | |||
| 2018-09-05 | use timing-safe compares for checking results in signature verification | Damien Miller | |
| (there are no known attacks, this is just inexpensive prudence) feedback and ok tb@ jsing@ | |||
| 2018-09-03 | Stop using composite EVP_CIPHER AEADs. | Joel Sing | |
| The composite AEADs are "stitched" mode ciphers, that are only supported on some architectures/CPUs and are designed to be faster than a separate EVP_CIPHER and EVP_MD implementation. The three AEADs are used for less than ideal cipher suites (if you have hardware support that these use there are better cipher suite options), plus continuing to support AEADs via EVP_CIPHER is creating additional code complexity. ok inoguchi@ tb@ | |||
| 2018-09-03 | Stop handling AES-GCM via ssl_cipher_get_evp(). | Joel Sing | |
| All of the AES-GCM ciphersuites use the EVP_AEAD interface, so there is no need to support them via EVP_CIPHER. ok inoguchi@ tb@ | |||
| 2018-09-03 | Clean up SSL_DES and SSL_IDEA remnants. | Joel Sing | |
| All ciphersuites that used these encryption algorithms were removed some time ago. ok bcook@ inoguchi@ tb@ | |||
| 2018-09-02 | Elliptic curve arithmetic only makes sense between points that belong to | Theo Buehler | |
| the same curve. Some Wycheproof tests violate this assumption, making ECDH_compute_key() compute and return garbage. Check that pub_key lies on the curve of the private key so that the calculations make sense. Most paths that get here have this checked (in particular those from OpenSSH and libssl), but one might get here after using d2i_* or manual computation. discussed with & ok jsing; "good catch!" markus | |||
| 2018-09-01 | Tweak comment. | Theo Buehler | |
| 2018-08-31 | Remove unused argument to tls1_change_cipher_state_cipher(). | Joel Sing | |
| 2018-08-30 | Nuke ssl_pending/ssl_shutdown function pointers. | Joel Sing | |
| ssl3_pending() is used for all protocols and dtls1_shutdown() just calls ssl3_shutdown(), so just call the appropriate function directly instead. ok beck@ inoguchi@ tb@ | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |