| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2016-11-05 | Convert ssl3_get_server_kex_ecdhe() to CBS, simplifying tls1_check_curve() | Joel Sing | |
| in the process. This also fixes a long standing bug where tls1_ec_curve_id2nid() is called with only one byte of the curve ID. ok beck@ miod@ | |||
| 2016-11-05 | Remove generated Symbols.map on make clean. | Joel Sing | |
| ok guenther@ | |||
| 2016-11-04 | tweak previous | Ingo Schwarze | |
| 2016-11-04 | Rename ssl3_get_key_exchange() to ssl3_get_server_key_exchange(), since | Joel Sing | |
| that's what it really is. ok miod@ | |||
| 2016-11-04 | Build with WARNINGS=Yes. | Joel Sing | |
| 2016-11-04 | Avoid shadowing the socket global. | Joel Sing | |
| ok miod@ | |||
| 2016-11-04 | Make the tls_keypair_new() function a valid prototype. | Joel Sing | |
| 2016-11-04 | Avoid another signed vs unsigned comparison. | Joel Sing | |
| ok miod@ | |||
| 2016-11-04 | Tidy up the usage of peer_ecdh_tmp, following the fixed ECDH removal. | Joel Sing | |
| ok beck@ | |||
| 2016-11-04 | Kill a bunch of OLD_ASN1 usage by replacing ASN1_{d2i,i2d}_* with | Joel Sing | |
| ASN1_item_{d2i,i2d}_* equivalents. ok guenther@ miod@ | |||
| 2016-11-04 | Mark a couple local functions as static | Philip Guenther | |
| ok jsing@ beck@ | |||
| 2016-11-04 | The *_method_data structures can be static | Philip Guenther | |
| ok jsing@ | |||
| 2016-11-04 | Add an explict list of exported symbols with just the functions | Philip Guenther | |
| declared in the public headers, and use __{BEGIN,END}_HIDDEN_DECLS in the internal headers to optimize internal functions ok jsing@ | |||
| 2016-11-04 | Add an explict list of exported symbols with just the functions declared | Philip Guenther | |
| in <tls.h>, and use __{BEGIN,END}_HIDDEN_DECLS in tls_internal.h to optimize internal functions ok jsing@ | |||
| 2016-11-04 | Nuke the KRB5 ASN.1 code from orbit. | Joel Sing | |
| ok beck@ | |||
| 2016-11-04 | Ride the current major bump and enable assembler code for nist 256p curve, | Miod Vallat | |
| on amd64 only for now. Stanzas to enable it on arm, i386 and sparc64 are provided but commented out for lack of testing due to the machine room being currently in storage. ok jsing@ | |||
| 2016-11-04 | make public ASN1_time_parse and ASN1_time_tm_cmp to replace former hidden | Bob Beck | |
| functions.. document with a man page. bump majors on libtls, libssl, libcrypto ok jsing@ guenther@ | |||
| 2016-11-04 | Make do_dtls1_write() static to d1_pkt.c and delete declarations for | Philip Guenther | |
| three functions that were removed a while ago ok jsing@ | |||
| 2016-11-04 | Fix some linewrapping glitches | Philip Guenther | |
| ok jsing@ | |||
| 2016-11-04 | Add assembler code for the nist 256-bit GFp curve, written initially by | Miod Vallat | |
| Intel. Obtained from BoringSSL, with some integration work borrowed from OpenSSL 1.0.2; assembler code for arm and sparc64 borrowed from OpenSSL 1.1.0. None of this code is enabled in libcrypto yet. ok beck@ jsing@ | |||
| 2016-11-04 | Replace all uses of magic numbers when operating on OPENSSL_ia32_P[] by | Miod Vallat | |
| meaningful constants in a private header file, so that reviewers can actually get a chance to figure out what the code is attempting to do without knowing all cpuid bits. While there, turn it from an array of two 32-bit ints into a properly aligned 64-bit int. Use of OPENSSL_ia32_P is now restricted to the assembler parts. C code will now always use OPENSSL_cpu_caps() and check for the proper bits in the whole 64-bit word it returns. i386 tests and ok jsing@ | |||
| 2016-11-04 | Address some signed vs unsigned warnings and check that an integer value | Joel Sing | |
| is positive before passing it to several functions as a size_t. Additionally, in tls_load_file() there is not much point using calloc(), when we're immediately reading into the buffer (having an extra byte for NUL termination seems pointless given the API). ok beck@ miod@ | |||
| 2016-11-04 | Assign and test, as is consistent with the rest of the libtls code. | Joel Sing | |
| 2016-11-04 | Use a consistent name for struct bio_cb * variables. | Joel Sing | |
| 2016-11-04 | Rename struct bio_cb_st to struct bio_cb. | Joel Sing | |
| 2016-11-04 | Do not cast a pointer to a struct, to a char * when assigning to a void *. | Joel Sing | |
| 2016-11-04 | Use a consistent name for a BIO *, rather than having four different names | Joel Sing | |
| in the same file. | |||
| 2016-11-04 | Avoid signed vs unsigned comparisons. | Joel Sing | |
| ok miod@ | |||
| 2016-11-04 | convert X509 manuals from pod to mdoc | Ingo Schwarze | |
| 2016-11-04 | Completely rewrite the session handling ASN.1 code using CBB and CBS. This | Joel Sing | |
| addresses two 2038 related issues and also adds support for allocation in the i2d function, which will allow for simplification in the callers. ok beck@ miod@ | |||
| 2016-11-04 | Convert ssl3_get_server_kex_dhe() to CBS. | Joel Sing | |
| ok beck@ | |||
| 2016-11-04 | No need to reach libssl private headers and to define TERMIOS anymore. | Miod Vallat | |
| ok bcook@ | |||
| 2016-11-04 | Remove I386_ONLY define. It was only used to prefer a | Miod Vallat | |
| faster-on-genuine-80386-but-slower-on-80486-onwards innstruction sequence in the SHA512 code, and had not been enabled in years, if at all. ok tom@ bcook@ | |||
| 2016-11-04 | In OPENSSL_wipe_cpu() on i386, which noone uses anyway, check the proper | Miod Vallat | |
| flag for the presence of a FPU before deciding to wipe the fpu registers. ok jsing@ | |||
| 2016-11-04 | There's not much point having three static functions that do a cast and | Joel Sing | |
| assign a pointer, when we can just inline the three and do one cast followed by three pointer assignments. | |||
| 2010-10-01 | import OpenSSL-1.0.0a | Damien Miller | |
| 2009-04-06 | import of OpenSSL 0.9.8k | Damien Miller | |
| 2008-09-06 | import of OpenSSL 0.9.8h | Damien Miller | |
| 2016-11-04 | Do not mix declarations and code. | Joel Sing | |
| 2016-11-04 | Rename the internal bio related functions so that they have a common | Joel Sing | |
| prefix. Makes the code more readable and removes shadowing. | |||
| 2016-11-04 | Add X509_up_ref, from boring | Bob Beck | |
| ok jsing@ | |||
| 2016-11-04 | convert RSA manuals from pod to mdoc | Ingo Schwarze | |
| 2016-11-04 | MALLOC_STATS tweaks, by default not compiled in | Otto Moerbeek | |
| 2016-11-04 | There's not much point in casting a void * to a specific type just before | Joel Sing | |
| calling free(). ok beck@ ingo@ | |||
| 2016-11-04 | bump minor for ocsp_require_stapling addition | Bob Beck | |
| 2016-11-04 | Add ocsp_require_stapling config option for tls - allows a connection | Bob Beck | |
| to indicate that it requires the peer to provide a stapled OCSP response with the handshake. Provide a "-T muststaple" for nc that uses it. ok jsing@, guenther@ | |||
| 2016-11-03 | small tweak to also check canaries if F is in effect | Otto Moerbeek | |
| 2016-11-03 | In ssl3_read_bytes(), do not process more than three consecutive TLS | Joel Sing | |
| records, otherwise a peer can potentially cause us to loop indefinately. Return with an SSL_ERROR_WANT_READ instead, so that the caller can choose when they want to handle further processing for this connection. ok beck@ miod@ | |||
| 2016-11-03 | convert RAND manuals from pod to mdoc | Ingo Schwarze | |
| 2016-11-03 | zap the overview manual page of the RAND subsystem | Ingo Schwarze | |
| that contained nothing but duplicate and misleading information; OK jsing@ | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |