A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v3.8.2 2023-10-02T11:14:15+00:00 2023-10-02T11:14:15+00:00 tb 2023-10-02T11:14:15+00:00 urn:sha1:bd4c65ab446591df390d1c9860be1c6932bc7c99 ASN1_UTCTIME_cmp_tim_t() could be done similarly, but then I have to mess with LIBRESSL_INTERNAL. Let's do this after unlock. 2023-10-02T10:40:43+00:00 tb 2023-10-02T10:40:43+00:00 urn:sha1:774c2629b7cc4b1e6db48beed1fc69ed6f35dd3c 2023-10-02T09:42:58+00:00 tb 2023-10-02T09:42:58+00:00 urn:sha1:ba67bb45759c955aca3a3fcafa46e1eda2106d4b Sprinkle some (static) const and garbage collect an unused struct. 2023-10-01T04:48:39+00:00 tb 2023-10-01T04:48:39+00:00 urn:sha1:6f1c04b2af0e6345bad5c37f69e75551a58f8f52 2023-09-29T15:53:59+00:00 beck 2023-09-29T15:53:59+00:00 urn:sha1:80b641926ef387afe18b1bf1d78decf21db0f607 Our checking here was a bit too aggressive, and did not permit an IP address in a URI. IP's in a URI are allowed for things like CRLdp's AIA, SAN URI's etc.). The check for this was also slightly flawed as we would permit an IP if memory allocation failed while checking for an IP. Correct both issues. ok tb@ 2023-09-29T06:53:05+00:00 tb 2023-09-29T06:53:05+00:00 urn:sha1:843941dbbebb6948184f5afccda53839c1b9513b This is a static pointer, so it ain't ever NULL, but shrug 2023-09-28T14:55:48+00:00 tb 2023-09-28T14:55:48+00:00 urn:sha1:ea4541364b8977ab692cc5d68b9c2100462f1f98 2023-09-28T14:54:39+00:00 tb 2023-09-28T14:54:39+00:00 urn:sha1:a56f2499730fd383a03cee2dde92eaf64ac6d4be 2023-09-28T11:39:35+00:00 tb 2023-09-28T11:39:35+00:00 urn:sha1:e0dbc3d49a53a4744ee871556f3728104ff5ad84 Awesome: the IV length for GCM is only bounded by INT_MAX or malloc limits. In the absence of an overflowing issue tracker, I'm labeling this "good first issue", "help wanted" here. 2023-09-28T11:35:10+00:00 tb 2023-09-28T11:35:10+00:00 urn:sha1:796b898541e7e7ffbbea5d7651628475cb67fbe2 This really only covers AES-GCM. From beck