| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2015-09-11 | Rename functions that moved to t1_enc.c, with a tls1_ prefix instead of a | Joel Sing | |
| ssl3_ prefix. ok beck@ | |||
| 2015-09-11 | Merge the remnants of s3_enc.c into t1_enc.c. | Joel Sing | |
| ok beck@ | |||
| 2015-09-11 | Nuke ssl_set_peer_cert_type(). | Joel Sing | |
| ok "flensing knife" | |||
| 2015-09-11 | Nuke ssl_bad_method(). | Joel Sing | |
| ok "flensing knife" | |||
| 2015-09-11 | Nuke ssl3_default_timeout(). | Joel Sing | |
| ok "flensing knife" | |||
| 2015-09-11 | Nuke ssl_replace_hash(). | Joel Sing | |
| ok "flensing knife" | |||
| 2015-09-11 | Nuke ssl3_cbc_remove_padding(). | Joel Sing | |
| ok "flensing knife" | |||
| 2015-09-11 | Nuke ssl3_alert_code(). | Joel Sing | |
| ok "flensing knife" | |||
| 2015-09-11 | Nuke ssl3_cert_verify_mac() and ssl3_handshake_mac(). | Joel Sing | |
| We also no longer need the ssl3_pad_1 and ssl3_pad_2 arrays... ok "flensing knife" | |||
| 2015-09-11 | Nuke ssl3_final_finish_mac(). | Joel Sing | |
| ok "flensing knife" | |||
| 2015-09-11 | Nuke ssl3_change_cipher_state(). | Joel Sing | |
| ok "flensing knife" | |||
| 2015-09-11 | Nuke ssl3_generate_master_secret(). | Joel Sing | |
| ok "flensing knife" | |||
| 2015-09-11 | Nuke ssl3_setup_key_block() and ssl3_generate_key_block(). | Joel Sing | |
| ok "flensing knife" | |||
| 2015-09-11 | Nuke n_ssl3_mac(). | Joel Sing | |
| ok "flensing knife" | |||
| 2015-09-11 | Nuke ssl3_enc(). | Joel Sing | |
| ok "flensing knife" | |||
| 2015-09-11 | Nuke SSLv3_enc_data. | Joel Sing | |
| ok "flensing knife" | |||
| 2015-09-11 | Shuffle the code in ssl3_send_finished() to make it more logical/readable. | Joel Sing | |
| ok beck@ | |||
| 2015-09-11 | Replace dtls1_send_finished() with ssl3_send_finished() - they're now | Joel Sing | |
| both essentially the same (in fact DTLS benefits from improvements previously made to the ssl3_send_finished() function). ok beck@ | |||
| 2015-09-11 | style(9), fix comments, wrap long lines and tweak whitespace. | Joel Sing | |
| 2015-09-11 | Convert dtls1_send_finished() and ssl3_send_finished() to | Joel Sing | |
| ssl3_handshake_msg_start()/ssl3_handshake_msg_finish(). ok beck@ | |||
| 2015-09-11 | Add PROTO_WRAP() for (almost) all the syscalls that libpthread doesn't | Philip Guenther | |
| override so that internal calls go direct ok deraadt@ | |||
| 2015-09-11 | typo | Theo de Raadt | |
| 2015-09-11 | Bring back the expansion-into-.byte-sequences routines removed in r1.9, but | Miod Vallat | |
| only define them if not building for the "openbsd" flavour. This way, non-obfuscated output can still be generated for analysis, by using the "openbsd" flavour (which OpenBSD HEAD will do), and obfuscated output, compatible with older as(1), will be generated for other platforms. The portable version of LibreSSL can then use "openbsd-portable" as the flavour for OpenBSD/amd64 so that generated files can be compiled with OpenBSD 5.7 and other older versions stuck with as(1) 2.15. | |||
| 2015-09-11 | Put the *method* data structures and functions in the same place. | Joel Sing | |
| We can also now nuke ssl23_get_method() since it is the same as tls1_get_method(). And the empty file can bite the dust. ok bcook@ miod@ | |||
| 2015-09-11 | Pass "openbsd" instead of "openbsd-elf" as the "flavour" to the perl assembler | Miod Vallat | |
| machinery. OpenBSD has never been not ELF on amd64, and changing this will actually make -portable life slightly easier in the near future. | |||
| 2015-09-11 | Put the *server_method* data structures and functions in the same place. | Joel Sing | |
| We can also now nuke ssl23_get_server_method() since it is the same as tls1_get_server_method(). ok miod@ | |||
| 2015-09-11 | Put the *client_method* data structures and functions in the same place. | Joel Sing | |
| We can also now nuke ssl23_get_client_method() since it is the same as tls1_get_client_method(). ok bcook@ miod@ | |||
| 2015-09-11 | more for NAME; | Jason McIntyre | |
| 2015-09-11 | more cleanup; | Jason McIntyre | |
| 2015-09-11 | update NAME; various cleanup | Jason McIntyre | |
| 2015-09-11 | document tls_get_peer_subject, tls_get_peer_issuer, and tls_get_peer_hash | Bob Beck | |
| ok jsing@ | |||
| 2015-09-11 | lseek() is in <unistd.h> ok deraadt@ | Philip Guenther | |
| 2015-09-11 | Use PROTO_NORMAL() on __syscall to go direct, adjusting the declaration | Philip Guenther | |
| to eliminate some casts. Retire some uses of old-style STUB* macros where superseded by namespace.h bits tweaks and ok deraadt@ | |||
| 2015-09-11 | != -> == that I broke while bikeshedding | Bob Beck | |
| 2015-09-11 | Do not match a wildcard against a name with no host part. | Bob Beck | |
| ok jsing@ | |||
| 2015-09-11 | fix libpcap for ifmedia64 | Stefan Sperling | |
| 2015-09-11 | add tls_peer functions for checking names and issuers of peer certificates. | Bob Beck | |
| ok jsing@ | |||
| 2015-09-11 | Put a private copy of the ypresp_allfn/ypresp_data interface into ypserv | Theo de Raadt | |
| (which uses it in a strange way..) thereby making it possible to static the interface in libc. ok guenther | |||
| 2015-09-11 | _rpc_dtablesize() is not used anywhere, tracking by sthen; ok guenther | Theo de Raadt | |
| 2015-09-11 | Fixup inter-bank movq/movd operations, emit bytes for pclmulqdq again. | Brent Cook | |
| Fixes builds gcc + Apple's assembler, working on reenabling builds with older OpenBSD releases. based on OpenSSL commit: https://git.openssl.org/?p=openssl.git;a=commitdiff;h=902b30df193afc3417a96ba72a81ed390bd50de3 ok miod@ | |||
| 2015-09-11 | unify files further | Theo de Raadt | |
| 2015-09-11 | rpcdata should not be exported; ok guenther | Theo de Raadt | |
| 2015-09-11 | Provide tls_peer_cert_hash() which returns a hash of the raw certificate | Joel Sing | |
| that was presented by the peer. The hash used is currently SHA256, however since we prefix the result with the hash name, we can change this in the future as the need arises. The same output can be generated by using: h=$(openssl x509 -outform der -in mycert.crt | sha256) printf "SHA256:${h}\n" ok beck@ | |||
| 2015-09-11 | Prefer <fcntl.h> over <sys/fcntl.h> | Philip Guenther | |
| 2012-10-13 | import OpenSSL-1.0.1c | Damien Miller | |
| 2015-09-11 | _getnetbyaddr and _getnetbyname appear to be historical accidents in | Theo de Raadt | |
| our tree. ok guenther miod | |||
| 2015-09-11 | Store a reference to the peer certificate (if any) upon completion of the | Joel Sing | |
| handshake. Free the reference when we reset the TLS context. ok beck@ | |||
| 2015-09-11 | Wrap blowfish, sha*, md5, and rmd160 so that internal calls go direct | Philip Guenther | |
| ok deraadt@ | |||
| 2015-09-11 | specify what is permitted as an argument to tls_config_set_ciphers() | Bob Beck | |
| 2015-09-11 | change remaining mentions of "flags" to "request" and adapt text | Theo de Raadt | |
| nearby. Spotted by Ross Richardson. | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |