summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2020-06-26Provide an optimized implementation of ffs(3) in libc onChristian Weisgerber
aarch64/powerpc/powerpc64, making use of the count leading zeros instruction. Also add a brief regression test. ok deraadt@ kettenis@
2020-06-26Fix powerpc64 pie binraries, in register renumbering one line was missed.Dale Rahn
2020-06-26Fix TCB_OFFSET_ERRNO. Adjust comments to reflect that powerpc64 uses %r13Mark Kettenis
as the per-thread register. ok patrick@, drahn@
2020-06-26Avoid "bare" register numbers.Mark Kettenis
2020-06-26Accidentally doubled these files on first commit. Correcting.Dale Rahn
2020-06-25Add missing kvm_dump(3) and kvm_getfiles(3) under SEE ALSO for completenesskn
2020-06-25Switch the order of the two tests in tls13_client_hello_required_extensionsTheo Buehler
to match the order they are listed in the RFC. No functional change.
2020-06-25Intial attempt at powerpc64 libcrypto pieces.Dale Rahn
just commit this kettenis@
2020-06-25disable altivec and vsx as it causes issues in qemu testing.Dale Rahn
This probably should be backed out after fully debugged, vector instructions caused problems with debug configuration.
2020-06-25PowerPC64 startup code.Dale Rahn
Determine location of toc based on PC relative location and load into %r2
2020-06-25PowerPC64 libc powerpc sys filesDale Rahn
Initial attempt to port powerpc code to powerpc64 Expects TOC loading in ENTRY(), ok kettenis@ (some cleanup required)
2020-06-25PowerPC64 libc string/net filesDale Rahn
Initial attempt to port powerpc code to powerpc64 Expects TOC loading in ENTRY(), memmove.S is the powerpc 32 bit, optimization is possible for 64 bit and handle len of > 32 bits.
2020-06-25*** empty log message ***Dale Rahn
2020-06-25PowerPC64 libc/arch/powerpc/gdtoa filesDale Rahn
This is a almost a direct copy from powerpc with 64 bit mods, with two additions present in 64 arch. NOTE: long double 128 is not supported currently.
2020-06-25Committed wrong version of file, atomic_lock is 32 bit.Dale Rahn
2020-06-25PowerPC64 libc gen filesDale Rahn
Initial attempt to port powerpc code to powerpc64 Expects TOC loading in ENTRY(), ok kettenis@
2020-06-25PowerPC64 libc (libc powerpc top)Dale Rahn
Expects ELFv2 TOC loading in ENTRY(), build with -gdwarf-4 Split SYS.h into SYS.h and DEFS.h fix tabs after #define
2020-06-24Properly document the return values of EVP_PKEY_base_id(3)Ingo Schwarze
and EVP_PKEY_id(3), then describe the "type" parameters of various functions more precisely referencing that information. In particular, document X509_get_signature_type(3) which was so far missing. OK tb@
2020-06-24use n-bit <noun> consistently; ok schwarze for the principal of the idea,Jason McIntyre
and for flagging which pages to check;
2020-06-24Make tls13_legacy_shutdown() match ssl3_shutdown() semantics.Joel Sing
When first called, queue and send a close notify, before returning 0 or 1 to indicate if a close notify has already been received from the peer. If called again only attempt to read a close notify if there is no pending application data and only read one record from the wire. In particular, this avoids continuing to read application data where the peer continues to send application data. Issue noted by naddy@ with ftp(1). ok jca@ tb@
2020-06-24new manual page ChaCha(3);Ingo Schwarze
OK tb@
2020-06-24new manual page CMAC_Init(3);Ingo Schwarze
OK tb@
2020-06-24Document eight additional pre-OpenSSL-1.1 accessor functions that areIngo Schwarze
still widely used according to code searches on the web, so people reading existing code will occasionally want to look them up. While here, correct the return type of X509_CRL_get0_lastUpdate(3) and X509_CRL_get0_nextUpdate(3), which return const pointers. Also, add some precision regarding RETURN VALUES.
2020-06-24Enforce restrictions for ClientHello extensionsTheo Buehler
RFC 8446 section 9.2 imposes some requirements on the extensions sent in the ClientHello: key_share and supported_groups must either both be present or both be absent. If no pre_shared_key was sent, the CH must contain both signature_algorithms and supported_groups. If either of these conditions is violated, servers must abort the handshake with a missing_extensions alert. Add a function that enforces this. If we are going to enforce that clients send an SNI, we can also do this in this function. Fixes failing test case in tlsfuzzer's test-tls13-keyshare-omitted.py ok beck inoguchi jsing
2020-06-22spelling fix;Jason McIntyre
2020-06-22Extend kqueue interface with EVFILT_EXCEPT filter.Martin Pieuchot
This filter, already implemented in macOS and Dragonfly BSD, returns exceptional conditions like the reception of out-of-band data. The functionnality is similar to poll(2)'s POLLPRI & POLLRDBAND and it can be used by the kqfilter-based poll & select implementation. ok millert@ on a previous version, ok visa@
2020-06-20basic macro cleanup: .Fo for long .Fn lines, .Fa for struct fields,Ingo Schwarze
avoid \*(Gt and \*(Lt, .Dv NULL, .Cm for pledge promises
2020-06-20add missing ENVIRONMENT. HISTORY, and AUTHORS sections,Ingo Schwarze
and a few other wording and markup improvements while here; OK jmc@ ratchov@
2020-06-19We inherited the constant time CBC padding removal from BoringSSL, butTheo Buehler
missed a subsequent fix for an off-by-one in that code. If the first byte of a CBC padding of length 255 is mangled, we don't detect that. Adam Langley's BoringSSL commit 80842bdb44855dd7f1dde64a3fa9f4e782310fc7 Fixes the failing tlsfuzzer lucky 13 test case. ok beck inoguchi
2020-06-19mark the functions documented in des_read_pw(3) as deprecatedIngo Schwarze
and point to UI_UTIL_read_pw(3) instead; tb@ agrees with the general direction
2020-06-19document X509_get0_pubkey_bitstr(3),Ingo Schwarze
correct the description of X509_get_X509_PUBKEY(3), document error handling of the read accessors, and mention the relevant STANDARDS
2020-06-19document error handling of X509_PUBKEY_get0(3) and X509_PUBKEY_get(3)Ingo Schwarze
2020-06-19Merge documentation of X509_get0_serialNumber(3) from OpenSSL-1.1.1Ingo Schwarze
which is still under a free license. Wording tweaked by me.
2020-06-18uint8_t is a discrete, not a continuous type,Ingo Schwarze
and some other wording improvements with respect to types; OK ratchov@
2020-06-18Many of these functions have several arguments, and some argumentsIngo Schwarze
are very long (function pointers), such that a number of input lines in the SYNOPSIS do not fit into 80 columns. Consequently, consistently use .Fo/.Fa/.Fc rather than .Fn for better readability of the source code. Mechanical diff, no output change.
2020-06-18basic macro cleanup, and reword two phrases about closed intervalsIngo Schwarze
of integers for clarity and to read better; one of the issues (abuse of .Sm) was originally reported by jmc@; ok jmc@ ratchov@
2020-06-18Document sioctl_desc structure maxval attributeAlexandre Ratchov
2020-06-15Document EVP_read_pw_string_min(3)Theo Buehler
Add detailed information on the return values of all the functions in this page and remove the previous incorrect information. tweaks & ok schwarze
2020-06-15Document PEM_def_callback(3).Ingo Schwarze
Move pem_password_cb(3) to the file PEM_read(3) and rewrite its description from scratch for precision and conciseness. Plus some minor improvements in the vicinity. Tweaks and OK tb@.
2020-06-12add my Copyright and license, which i forgot when adding a significantIngo Schwarze
amount of text, the ERRORS section, in the previous commit
2020-06-12add a comment saying that name_cmp() is intentionally undocumented;Ingo Schwarze
tb@ agrees that it should not be part of the public API
2020-06-12document PEM_ASN1_read(3) and PEM_ASN1_read_bio(3);Ingo Schwarze
tweaks and OK tb@
2020-06-11wording tweaks from ross l richardson and tb;Jason McIntyre
ok tb
2020-06-10document PKCS7_get_signer_info(3)Ingo Schwarze
2020-06-10describe six more PKCS7 attribute functionsIngo Schwarze
2020-06-09The check_includes step is incorrect dependency management model forTheo de Raadt
how our tree gets built. If this was done in all the libraries (imagine sys/dev), it would disrupt the development process hugely. So it should not be done here either. use 'make includes' by hand instead.
2020-06-07In the libc resolver function asr_run(), clear the result buffer everytime,Theo de Raadt
because there are callers who were inspecting unrelated fields. discussion with eric, otto, solution from semarie this is errata 6.6/031_asr and 6.7/009_asr
2020-06-06Implement a rolling hash of the ClientHello message, Enforce RFC 8446Bob Beck
section 4.1.2 to ensure subsequent ClientHello messages after a HelloRetryRequest messages must be unchanged from the initial ClientHello. ok tb@ jsing@
2020-06-05Remove redundant codedenis
Reported by Prof. Dr. Steffen Wendzel <wendzel @ hs-worms . de>, thanks! OK martijn@ sthen@
2020-06-05Add a custom copy handler for AES key wrapTheo Buehler
This is necessary because ctx->cipher_data is an EVP_AES_WRAP_CTX containing a pointer to ctx->iv. EVP_CIPHER_CTX_copy() uses memcpy to copy cipher_data to the target struct. The result is that the copy contains a pointer to the wrong struct, which then leads to a use-after-free. The custom copy handler fixes things up to avoid that. Issue reported by Guido Vranken ok beck inoguchi jsing