A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=OPENBSD_7_2_BASE 2022-09-21T15:24:45+00:00 2022-09-21T15:24:45+00:00 tb 2022-09-21T15:24:45+00:00 urn:sha1:a1ab11b512a48638b18c6decdb5824adc3a3a139 Symbols.list mistake: undefine aliases (except _cfb block ciphers which are aliases for historical reasons). Use -Wl,--no-allow-shlib-undefined. 2022-09-19T12:25:52+00:00 tb 2022-09-19T12:25:52+00:00 urn:sha1:8c6b171d46b1c38f2d049466913944f62bc162e2 These functions were renamed in the last bump #define PKCS12_MAKE_KEYBAG PKCS12_SAFEBAG_create0_p8inf #define PKCS12_MAKE_SHKEYBAG PKCS12_SAFEBAG_create_pkcs8_encrypt They don't appear in the compiled library itself, so no further bump required. Fixes libressl-portable/portable#791 Found the hard way by vollkommenheit ok deraadt jsing 2022-09-17T17:14:06+00:00 jsing 2022-09-17T17:14:06+00:00 urn:sha1:74f7c264c9c7cf9fa2bbccfe73e2d98bf2e07476 While RFC 8446 is clear about what legacy session identifiers can be sent by a TLSv1.3 client and how middlebox compatibility mode is requested, it is delightfully vague about the circumstances under which a client is permitted to send CCS messages. While it does not make sense for a client to send CCS messages when they are not requesting middlebox compatibility mode, it is not strictly forbidden by the RFC and at least one (unknown) TLSv1.3 stack has been observed to do this in the wild. Revert part of the previous change and allow clients to send CCS messages, even if they are not requesting middlebox compatibility mode. Found the hard way by florian@ ok tb@ 2022-09-17T16:03:21+00:00 kn 2022-09-17T16:03:21+00:00 urn:sha1:70f7b2faa17684b3944dd57095e0993328b1b4a3 OK tb 2022-09-15T08:20:34+00:00 job 2022-09-15T08:20:34+00:00 urn:sha1:5e986ba9f9b316020df4d510e27b6b7d1a19effe IANA made a permanent registration in the SMI Security for S/MIME CMS Content Type registry at https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#security-smime-1 for signed objects conforming to draft-ietf-sidrops-signed-tal. OK tb@ 2022-09-15T07:04:19+00:00 jsing 2022-09-15T07:04:19+00:00 urn:sha1:69a6645367fe0e98f414f8ce038c6a4c2e3fb102 These ciphers have long based APIs, while EVP has a size_t based API. The intent of these loops is to handle sizes that are bigger than LONG_MAX. Rather than using the rather crazy EVP_MAXCHUNK construct, use LONG_MAX rounded down to a large block size, ensuring that it is a block size multiple. Revert the recently added overflow checks now that this is handled more appropriately. ok tb@ 2022-09-14T16:31:36+00:00 tb 2022-09-14T16:31:36+00:00 urn:sha1:b90fb1a563a5bd5fbe53dc5355f9de11f4dd687e 2022-09-13T04:59:18+00:00 jsing 2022-09-13T04:59:18+00:00 urn:sha1:2ec5e8a2e012afe68c1a580604d754b7e8cc73ee Now that EVP_CIPHER is opaque, stop pretending that EVP_CIPHER cleanup can fail. ok tb@ 2022-09-12T14:36:09+00:00 tb 2022-09-12T14:36:09+00:00 urn:sha1:ac803c42a5901693703e027059e9c004c3f5e507 2022-09-12T14:33:47+00:00 tb 2022-09-12T14:33:47+00:00 urn:sha1:afa32a688a05314cc1b6eec8c3ec695173e1459d This is no longer public API. Also remove some comments about i2c and c2i functions being intentionally undocumented since they are no longer public.