openbsd/src/lib/libcrypto/crypto, branch master

openbsd/src/lib/libcrypto/crypto, branch master A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=master 2016-09-03T11:33:43+00:00 Remove the libcrypto/crypto directory 2016-09-03T11:33:43+00:00 beck 2016-09-03T11:33:43+00:00 urn:sha1:bfb40cbd29e3a70915d1708f9660744ebfb3c110 Update the link for the getentropy(2) manual to man.openbsd.org/ 2016-08-07T03:27:21+00:00 tb 2016-08-07T03:27:21+00:00 urn:sha1:45a99457661a695d9e6070e26d9383b3a955a536 ok deraadt@ Tighten behavior of _rs_allocate failure for portable arc4random implementations. 2016-06-30T12:19:51+00:00 bcook 2016-06-30T12:19:51+00:00 urn:sha1:feaba99148498e3901e21567eef6244222c71431 In the event of a failure in _rs_allocate for rsx, we still have a reference to freed memory for rs on return. Not a huge deal since we subsequently abort in _rs_init, but it looks strange on its own. ok deraadt@ Tighten behavior of _rs_allocate on Windows. 2016-06-30T12:17:29+00:00 bcook 2016-06-30T12:17:29+00:00 urn:sha1:04659cfbf6434208cea373c44b6482783a1a7299 For Windows, we are simply using calloc, which has two annoyances: the memory has more permissions than needed by default, and it comes from the process heap, which looks like a memory leak since this memory is rightfully never freed. This switches _rs_alloc on Windows to use VirtualAlloc, which restricts the memory to READ|WRITE and keeps the memory out of the process heap. ok deraadt@ remove hppa64 port, which we never got going beyond broken single users. 2016-05-11T21:52:49+00:00 deraadt 2016-05-11T21:52:49+00:00 urn:sha1:42135baa1d099815f06003af138c18bcef038202 hppa reverse-stack gives us a valuable test case, but most developers don't have a 2nd one to proceed further with this. ok kettenis Crank majors for lib{crypto,ssl,tls} due to symbol removals, symbol 2016-04-28T17:07:07+00:00 jsing 2016-04-28T17:07:07+00:00 urn:sha1:643f50290d39864797888fc818170917b845775c additions and functionality changes. fix typo in comment; ok beck 2016-04-19T20:20:24+00:00 tj 2016-04-19T20:20:24+00:00 urn:sha1:86631535ec5e92d1d055ad8b03986f6dc52cc4d7 Calling clone(2) with CLONE_NEWPID yields multiple processes with pid=1. 2016-01-04T02:04:56+00:00 bcook 2016-01-04T02:04:56+00:00 urn:sha1:0f894628446dec0db2f00dac168dac6bcb7dd705 Work around this particular case by reseeding whenever pid=1, but as guenther@ notes, directly calling clone(2), and then forking to match another pid, provides other ways to bypass new process detection on Linux. Hopefully at some point Linux implements something like MAP_INHERIT_ZERO, and does not invent a corresponding mechanism to subvert it. Noted by Sebastian Krahmer and the opmsg team. See http://stealth.openwall.net/crypto/randup.c for a test program. ok beck@ bump the major for libcrypto/ssl/tls for a CRYPTO_chacha_20 ABI change 2015-12-09T14:11:03+00:00 bcook 2015-12-09T14:11:03+00:00 urn:sha1:362a098a9defa7a18d8f5b3336d4810a11db94ec ok jsing@, deraadt@, beck@ bump minors after adding EVP_aead_chacha20_poly1305_ietf() 2015-11-02T15:41:59+00:00 reyk 2015-11-02T15:41:59+00:00 urn:sha1:9b531b26eeeea735265af970dfaa4b2ecc207f35 OK jsing@