src - OpenBSD base system

Age	Commit message (Collapse)	Author
2017-05-06	BIO_free_all() and EVP_PKEY_free() can be called with NULL.	Joel Sing

2017-05-06	Be explicit about when it is safe to call tls_config_free().	Joel Sing
	Discussed with beck@
2017-05-06	Document tls_unload_file().	Joel Sing

2017-05-06	Perform reference counting for tls_config. This allows tls_config_free() to	Joel Sing
	be called as soon as it has been passed to the final tls_configure() call, simplifying lifetime tracking for the application. Requested some time ago by tedu@. ok beck@
2017-05-06	Provide a tls_unload_file() function, that frees the memory returned from	Joel Sing
	a tls_load_file() call, ensuring that it the contents become inaccessible. This is specifically needed on platforms where the library allocators may be different from the application allocator. ok beck@
2017-05-06	Bring in HKDF, from BoringSSL, with regress tests modified to be	Bob Beck
	in C. Ride previous minor bump ok tom@ inoguchi@ jsing@
2017-05-06	Provide SSL{,_CTX}_set_{min,max}_proto_version() functions.	Joel Sing
	Rides minor bump. ok beck@
2017-05-06	space needed between macro arg and punctuation;	Jason McIntyre

2017-05-06	Bump minors for symbol addition in libcrypto	Bob Beck
	ok jsing@
2017-05-06	Add ASN1_TIME_set_to to exported symbols	Bob Beck
	ok jsing@
2017-05-06	Add ASN1_TIME_set_tm to set an asn1 from a struct tm *	Bob Beck
	ok jsing@
2017-05-06	Add missing $OpenBSD$ tags.	Joel Sing

2017-05-05	Document what happens when sending a signal to the calling process.	Todd C. Miller
	OK jmc@
2017-05-05	Mention that the signal mask does not affect what signals are	Todd C. Miller
	discarded by the kernel. Document that at least one pending signal will be delivered before sigprocmask() returns.
2017-05-04	Merge headers defining identifiers from sysctl.8 into sysctl.3. Shorten and	Theo Buehler
	update their descriptions. In sysctl.8 refer to /etc/sysctl.conf in FILES. discussed with and ok jmc
2017-05-04	Move tls_config_skip_private_key_check() out from under HIDDEN_DECLS.	Claudio Jeker
	Even though this is not a real public interface we need the symbol in the shared library so that relayd can use it (needed for TLS key privsep) OK beck@
2017-05-03	spacing (in EXAMPLES code)	Reyk Floeter

2017-05-03	make the description strings match the code	Theo de Raadt

2017-05-02	the XXXfree functions being called accept NULL, so don't check first.	Theo de Raadt
	ok beck
2017-05-02	use freezero() instead of memset/explicit_bzero + free. Substantially	Theo de Raadt
	reduces conditional logic (-218, +82). MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c wasn'tt quite right. Two other tricky bits with ASN1_STRING_FLAG_NDEF and BN_FLG_STATIC_DATA where the condition cannot be collapsed completely. Passes regress. ok beck
2017-05-01	Document that wait3/waitpid can receive SIGCHILD when wpid does	Todd C. Miller
	not exist or is not a child of the calling process. Document what happens when SIGCHLD is ignored or SA_NOCLDWAIT is set in sa_flags (this part from FreeBSD). OK guenther@
2017-04-30	No original OpenSSL code remains in this file. Relicense	Bob Beck

2017-04-30	Add futex(2) shim, bump minor.	Martin Pieuchot
	Inputs from guenther@, ok kettenis@, visa@
2017-04-30	Make BIO_get_host_ip just yet another getaddrinfo wrapper	Bob Beck

2017-04-30	Rework BIO_accept to be more like modern code.	Bob Beck
	ok jsing@
2017-04-30	Only enable -Werror on libcrypto/libssl/libtls if we are building with	Joel Sing
	gcc4. This should avoid failed builds while transitioning compilers. While here also make the CFLAGS blocks consistent across makefiles. Discussed with deraadt@, ok beck@
2017-04-30	Switch back to freezero() and explicitly initialise data_len to zero. The	Joel Sing
	previous code was safe since data would always be NULL if data_len was uninitialised, however compilers cannot know this.
2017-04-30	Microsoft Windows hates BIO_get_accept_socket in portable. Fix it to	Bob Beck
	not be awful or have any claims on supporting ipv6 when it does so very badly ok jsing@
2017-04-30	Add a tls_keypair_clear_key() function that uses freezero() to make key	Joel Sing
	material inaccessible, then call it from the appropriate places. ok beck@
2017-04-29	Fix a bug caused by the return value being set early to signal successful	Joel Sing
	DTLS cookie validation. This can mask a later failure and result in a positive return value being returned from ssl3_get_client_hello(), when it should return a negative value to propagate the error. Ironically this was introduced in OpenSSL 2e9802b7a7b with the commit message "Fix DTLS cookie management bugs". Fix based on OpenSSL. Issue reported by Nicolas Bouliane <nbouliane at jive dot com>. ok beck@
2017-04-29	Revert previous - we still want to do this, but I forgot about the installer	Bob Beck
	and want to avoid the wrath of theo when he arrives home in a couple of hours :)
2017-04-29	We now require you to have a working libpthread	Bob Beck

2017-04-29	Make it safe to call SSL_library_init more than once.	Bob Beck
	We are basically admitting that pthread is everywhere, and we will be using it for other things too. ok jsing@
2017-04-29	Stop calling OPENSSL_init() internally, since it is a no-op. Also place	Joel Sing
	it under #ifndef LIBRESSL_INTERNAL. ok beck@
2017-04-29	Switch Linux getrandom() usage to non-blocking mode, continuing to	Bob Beck
	use fallback mechanims if unsuccessful. The design of Linux getrandom is broken. It has an uninitialized phase coupled with blocking behaviour, which is unacceptable from within a library at boot time without possible recovery. ok deraadt@ jsing@
2017-04-28	Revert previous change that forced consistency between return value and	Bob Beck
	error code, since this breaks the documented API. Under certain circumstances this will result in incorrect successful certiticate verification (where a user supplied callback always returns 1, and later code checks the error code to potentially abort post verification)
2017-04-28	revert previous accidental commit	Bob Beck

2017-04-28	* empty log message *	Bob Beck

2017-04-28	Reference the "Futexes Are Tricky" paper.	Martin Pieuchot
	With schwarze@
2017-04-28	errant space;	Jason McIntyre

2017-04-28	Document futex(2) with a lot of inputs from schwarze@	Martin Pieuchot

2017-04-27	ntohl() returns uint32_t so it cannot be < 0. Since we're storing	Todd C. Miller
	the result in an int check for > INT_MAX instead. OK bluhm@
2017-04-27	Remove "len < 0" check; len is socklen_t (uint32_t) so can't be	Todd C. Miller
	negative. Quiets a warning from clang. OK bluhm@
2017-04-27	tls_free(3) and tls_config_free(3) accept NULL;	Ingo Schwarze
	patch from Matthew Martin <phy1729 at gmail dot com>, slightly tweaked by me
2017-04-27	Remove the "volatile" attribute from bpf_error(). The "volatile"	Todd C. Miller
	attribute is an obsolete way of saying "noreturn". clang doesn't recognize it and the function is already marked __dead so it is superfluous anyway.
2017-04-27	Remove useless check for ks_env_table being NULL. Since ks_env_table	Todd C. Miller
	is an array embedded in struct keynote_session it can never be NULL. Quiets a clang warning.
2017-04-23	Rearrange text a bit to make it clear what "discarded" means; ok jmc@ deraadt@	Otto Moerbeek

2017-04-22	For small allocations (chunk) freezero only validates the given	Otto Moerbeek
	size if canaries are enabled. In that case we have the exact requested size of the allocation. But we can at least check the given size against the chunk size if C is not enabled. Plus add some braces so my brain doesn't have to scan for dangling else problems when I see this code.
2017-04-20	add previous to NAME;	Jason McIntyre

2017-04-20	Add getptmfd(), fdopenpty(), fdforkpty() functions. These allow programs	Nicholas Marriott
	to separate the open(/dev/ptm) from the ioctl(PTMGET) for privilege separation or pledge(). Based on a diff from reyk@. ok deraadt millert