openbsd/src/lib/libcrypto/crypto, branch libressl-v2.4.1

openbsd/src/lib/libcrypto/crypto, branch libressl-v2.4.1 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v2.4.1 2016-05-11T21:52:49+00:00 remove hppa64 port, which we never got going beyond broken single users. 2016-05-11T21:52:49+00:00 deraadt 2016-05-11T21:52:49+00:00 urn:sha1:42135baa1d099815f06003af138c18bcef038202 hppa reverse-stack gives us a valuable test case, but most developers don't have a 2nd one to proceed further with this. ok kettenis Crank majors for lib{crypto,ssl,tls} due to symbol removals, symbol 2016-04-28T17:07:07+00:00 jsing 2016-04-28T17:07:07+00:00 urn:sha1:643f50290d39864797888fc818170917b845775c additions and functionality changes. fix typo in comment; ok beck 2016-04-19T20:20:24+00:00 tj 2016-04-19T20:20:24+00:00 urn:sha1:86631535ec5e92d1d055ad8b03986f6dc52cc4d7 Calling clone(2) with CLONE_NEWPID yields multiple processes with pid=1. 2016-01-04T02:04:56+00:00 bcook 2016-01-04T02:04:56+00:00 urn:sha1:0f894628446dec0db2f00dac168dac6bcb7dd705 Work around this particular case by reseeding whenever pid=1, but as guenther@ notes, directly calling clone(2), and then forking to match another pid, provides other ways to bypass new process detection on Linux. Hopefully at some point Linux implements something like MAP_INHERIT_ZERO, and does not invent a corresponding mechanism to subvert it. Noted by Sebastian Krahmer and the opmsg team. See http://stealth.openwall.net/crypto/randup.c for a test program. ok beck@ bump the major for libcrypto/ssl/tls for a CRYPTO_chacha_20 ABI change 2015-12-09T14:11:03+00:00 bcook 2015-12-09T14:11:03+00:00 urn:sha1:362a098a9defa7a18d8f5b3336d4810a11db94ec ok jsing@, deraadt@, beck@ bump minors after adding EVP_aead_chacha20_poly1305_ietf() 2015-11-02T15:41:59+00:00 reyk 2015-11-02T15:41:59+00:00 urn:sha1:9b531b26eeeea735265af970dfaa4b2ecc207f35 OK jsing@ Stop supporing "legcay" time formats that OpenSSL supports. Rewrite the 2015-10-19T16:32:37+00:00 beck 2015-10-19T16:32:37+00:00 urn:sha1:6f20e3b7bc4e6801abfde111c397198fb23a59ec utctime and gentime wrappers accordingly. Along with some other cleanup. this also removes the need for timegm. ok bcook@ sthen@ jsing@ Flense the greasy black guts of unreadble string parsing code out of three areas 2015-10-02T15:04:45+00:00 beck 2015-10-02T15:04:45+00:00 urn:sha1:0fdba47b730ef7a8d2107e42c5db7b2a3e008a8f in asn1 and x509 code, all dealing with an ASN1_TIME. This brings the parsing together in one function that converts into a struct tm. While we are at it this also brings us into conformance with RFC 5280 for times allowed in an X509 cert, as OpenSSL is very liberal with what it allows. input and fixes from deraadt@ jsing@ guethther@ and others. ok krw@, guenther@, jsing@ Temporarily revive MD4 for MS CHAP support. 2015-09-14T01:45:03+00:00 doug 2015-09-14T01:45:03+00:00 urn:sha1:ea990ff7851a189e7a61b56357a6d6e0de88a040 Crank major version due to removal of SHA-0 and MD4 from libcrypto. 2015-09-13T23:42:29+00:00 doug 2015-09-13T23:42:29+00:00 urn:sha1:da36d6a18c187f8d3c2e38a0e5940d8073110b10