A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=OPENBSD_7_6 2024-08-31T10:42:21+00:00 2024-08-31T10:42:21+00:00 tb 2024-08-31T10:42:21+00:00 urn:sha1:49dd9dd6066796148cceffc28570ac4ba886e6f0 Long deprecated, last users have been fixed. ok beck jsing 2024-07-09T07:57:57+00:00 tb 2024-07-09T07:57:57+00:00 urn:sha1:aad46278badf2512dfdf3ab62ed34e70ca66b204 ok beck 2024-06-01T07:36:17+00:00 tb 2024-06-01T07:36:17+00:00 urn:sha1:0cd26255605cab2a8643bb8585c4148069240e3c HMAC() and the one-step digests used to support passing a NULL buffer and would return the digest in a static buffer. This design is firmly from the nineties, not thread safe and it saves callers a single line. The few ports that used to rely this were fixed with patches sent to non-hostile (and non-dead) upstreams. It's early enough in the release cycle that remaining uses hidden from the compiler should be caught, at least the ones that matter. There won't be that many since BoringSSL removed this feature in 2017. https://boringssl-review.googlesource.com/14528 Add non-null attributes to the headers and add a few missing bounded attributes. ok beck jsing 2024-03-30T10:10:58+00:00 tb 2024-03-30T10:10:58+00:00 urn:sha1:0077955942fa0ec11c1d7c17f1d83a38778062e6 HMAC_CTX_reset() and HMAC_Init() had missing LCRYPTO_ALIAS(). ok beck jsing 2024-03-26T12:10:50+00:00 joshua 2024-03-26T12:10:50+00:00 urn:sha1:8db9f9e666f34e36b4b40e5fb6cf87517050a56a There is no need to call HMAC_CTX_init() as the memory has already been initialised to zero. ok tb 2024-02-18T15:45:42+00:00 tb 2024-02-18T15:45:42+00:00 urn:sha1:ff3e386de60f6149938edb124d31bc2fd7ae04f6 ok jsing 2024-01-04T17:01:26+00:00 tb 2024-01-04T17:01:26+00:00 urn:sha1:9f1cd2582409ac5778c5a0e28dfb77f18d122c98 Every EVP_PKEY_ASN1_METHOD is either an ASN.1 method or an alias. As such it resolves to an underlying ASN.1 method (in one step). This information can be stored in a base_method pointer in allusion to the pkey_base_id, which is the name for the nid (aka pkey_id aka type) of the underlying method. For an ASN.1 method, the base method is itself, so the base method is set as a pointer to itself. For an alias it is of course a pointer to the underlying method. Then obviously ameth->pkey_base_id is the same as ameth->base_method->pkey_id, so rework all ASN.1 methods to follow that. ok jsing 2023-12-28T22:00:56+00:00 tb 2023-12-28T22:00:56+00:00 urn:sha1:0ba1ffaa654066f019e25b3ff2c8b684e0bffa08 The usual: single exit, error check all functions even if they can't actually fail. This one was flagged again. ok jsing CID 471706 (false positive) 2023-11-29T21:35:57+00:00 tb 2023-11-29T21:35:57+00:00 urn:sha1:69bbc5fea4f411f0c0033ecb0fc5126c895ea82a This removes the remaining ENGINE members from various internal structs and functions. Any ENGINE passed into a public API is now completely ignored functions returning an ENGINE always return NULL. ok jsing 2023-04-25T15:48:48+00:00 tb 2023-04-25T15:48:48+00:00 urn:sha1:8c449d8a1445a23c96b8b2f389e256ea32662e36 from jsing