| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | bump for LibreSSL 2.7.5libressl-v2.7.5OPENBSD_6_3 | bcook | 2018-12-15 | 1 | -3/+3 |
| | | |||||
| * | Backport getentropy changes from deraadt@ on MAIN | bcook | 2018-12-15 | 5 | -144/+27 |
| | | | | | | | | | | Saw a mention somewhere a while back that the gotdata() function in here could creates non-uniformity since very short fetches of 0 would be excluded. blocks of 0 are just as random as any other data, including blocks of 4 4 4.. This is a misguided attempt to identify errors from the entropy churn/gather code doesn't make sense, errors don't happen. ok bcook | ||||
| * | Use a blinding value when generating DSA and ECDSA signatures, in order to | tb | 2018-11-17 | 2 | -23/+104 |
| | | | | | | | reduce the possibility of a side-channel attack leaking the private key. OpenBSD 6.3 errata 022 | ||||
| * | MFC: Reject excessively large primes in DH key generation. Problem reportedlibressl-v2.7.4 | jsing | 2018-06-13 | 1 | -1/+6 |
| | | | | | | | | by Guido Vranken to OpenSSL (https://github.com/openssl/openssl/pull/6457) and based on his diff. suggestions from tb@, ok tb@ jsing@ Original commit by sthen@ | ||||
| * | MFC: Avoid a timing side-channel leak when generating DSA and ECDSA | jsing | 2018-06-13 | 2 | -7/+4 |
| | | | | | | | | | | | | signatures. This is caused by an attempt to do fast modular arithmetic, which introduces branches that leak information regarding secret values. Issue identified and reported by Keegan Ryan of NCC Group. ok beck@ tb@ | ||||
| * | Bump to LibreSSL 2.6.4 | bcook | 2018-06-13 | 1 | -3/+3 |
| | | |||||
| * | bump to 2.7.3libressl-v2.7.3 | bcook | 2018-05-03 | 1 | -3/+3 |
| | | |||||
| * | MFC: | tb | 2018-05-02 | 1 | -5/+1 |
| | | | | | | | | Remove incorrect NULL checks in DH_set0_key(). Reported by Ondrej Sury, LibreSSL-portable issue #92. ok inoguchi, jsing | ||||
| * | Limit tls_config_clear_keys() to only clearing private keys. | jsing | 2018-04-18 | 3 | -8/+6 |
| | | | | | | | | | This was inadvertently clearing the keypair, which includes the OCSP staple and pubkey hash - if an application called tls_configure() followed by tls_config_clear_keys(), this would prevent OCSP staples from working. ok beck@ | ||||
| * | This commit was manufactured by cvs2git to create branch 'OPENBSD_6_3'.libressl-v2.7.2 | cvs2svn | 2018-03-24 | 0 | -0/+0 |
| | | |||||
| * | bump to 2.7.2 | bcook | 2018-03-24 | 1 | -3/+3 |
| | | |||||
| * | finish ssl HISTORY; mostly 1.1.0/6.3, but also various other fixeslibressl-v2.7.1 | schwarze | 2018-03-24 | 18 | -47/+104 |
| | | |||||
| * | ouch, previous was wrong; revert it and fix HISTORY instead | schwarze | 2018-03-24 | 1 | -2/+29 |
| | | |||||
| * | delete two functions that do not exist | schwarze | 2018-03-23 | 1 | -22/+1 |
| | | |||||
| * | finish crypto HISTORY; mostly 1.1.0/6.3, but also various other fixes | schwarze | 2018-03-23 | 52 | -155/+289 |
| | | |||||
| * | ssl.h HISTORY up to 1.0.2; researched from OpenSSL git and OpenBSD CVS | schwarze | 2018-03-23 | 6 | -9/+41 |
| | | |||||
| * | crypto HISTORY up to 1.0.2; researched from OpenSSL git and OpenBSD CVS | schwarze | 2018-03-23 | 6 | -12/+41 |
| | | |||||
| * | ssl.h HISTORY up to 1.0.1; researched from OpenSSL git | schwarze | 2018-03-23 | 9 | -18/+60 |
| | | |||||
| * | crypto HISTORY up to 1.0.1; researched from OpenSSL git | schwarze | 2018-03-23 | 10 | -16/+79 |
| | | |||||
| * | ssl.h HISTORY up to 1.0.0; researched from OpenSSL git | schwarze | 2018-03-23 | 2 | -5/+15 |
| | | |||||
| * | crypto HISTORY up to 1.0.0; researched from OpenSSL git | schwarze | 2018-03-23 | 43 | -114/+299 |
| | | |||||
| * | ssl.h HISTORY up to 0.9.8zh; researched from OpenSSL git | schwarze | 2018-03-23 | 2 | -8/+11 |
| | | |||||
| * | crypto HISTORY up to 0.9.8zh; researched from OpenSSL git | schwarze | 2018-03-23 | 3 | -4/+18 |
| | | |||||
| * | ssl.h HISTORY up to 0.9.8h; researched from OpenSSL git | schwarze | 2018-03-23 | 3 | -6/+23 |
| | | |||||
| * | crypto HISTORY up to 0.9.8h; researched from OpenSSL git | schwarze | 2018-03-23 | 7 | -14/+59 |
| | | |||||
| * | ssl.h HISTORY up to 0.9.8; researched from OpenSSL git | schwarze | 2018-03-23 | 4 | -8/+31 |
| | | |||||
| * | crypto HISTORY up to 0.9.8; researched from OpenSSL git | schwarze | 2018-03-23 | 29 | -68/+329 |
| | | |||||
| * | crypto HISTORY up to 0.9.7h; researched from OpenSSL git | schwarze | 2018-03-22 | 6 | -10/+34 |
| | | |||||
| * | ssl.h HISTORY up to 0.9.7; researched from OpenSSL git | schwarze | 2018-03-22 | 4 | -12/+19 |
| | | |||||
| * | crypto HISTORY up to 0.9.7; researched from OpenSSL git | schwarze | 2018-03-22 | 51 | -134/+383 |
| | | |||||
| * | organizationUnitName -> organizationalUnitName; | jmc | 2018-03-22 | 1 | -3/+3 |
| | | | | | from matt schwartz | ||||
| * | crypto HISTORY up to 0.9.6h; researched from OpenSSL git | schwarze | 2018-03-22 | 1 | -2/+6 |
| | | |||||
| * | ssl.h HISTORY up to 0.9.6c; researched from OpenSSL git | schwarze | 2018-03-22 | 1 | -2/+8 |
| | | |||||
| * | crypto HISTORY up to 0.9.6c; researched from OpenSSL git | schwarze | 2018-03-22 | 2 | -5/+7 |
| | | |||||
| * | crypto HISTORY up to 0.9.6a; researched from OpenSSL git | schwarze | 2018-03-22 | 1 | -2/+4 |
| | | |||||
| * | crypto HISTORY up to 0.9.6; researched from OpenSSL git | schwarze | 2018-03-22 | 19 | -36/+141 |
| | | |||||
| * | bump for 2.7.1 | bcook | 2018-03-22 | 1 | -3/+4 |
| | | |||||
| * | ssl.h HISTORY up to 0.9.5; researched from OpenSSL git | schwarze | 2018-03-22 | 3 | -6/+22 |
| | | |||||
| * | crypto HISTORY up to 0.9.5; researched from OpenSSL git | schwarze | 2018-03-22 | 48 | -140/+362 |
| | | |||||
| * | Call strlen() if name length provided is 0, like OpenSSL does. | beck | 2018-03-22 | 1 | -1/+3 |
| | | | | | | Issue notice by Christian Heimes <christian@python.org> ok deraadt@ jsing@ | ||||
| * | Catch up after beck@ fixed autoconfiguration: | schwarze | 2018-03-21 | 3 | -62/+55 |
| | | | | | | | | | | * Say more precisely what OPENSSL_config(3) and OPENSSL_no_config(3) do. * Revert the deprecation notice for them, nothing wrong with them. * Document OPENSSL_INIT_LOAD_CONFIG. * Deprecate OpenSSL_add_all_algorithms(3), it's now automatic. * Add OpenSSL_add_all_algorithms(3) HISTORY. Substantial feedback and OK beck@. | ||||
| * | ssl.h HISTORY up to 0.9.4; researched from OpenSSL git | schwarze | 2018-03-21 | 2 | -3/+15 |
| | | |||||
| * | crypto HISTORY up to 0.9.4; researched from OpenSSL git | schwarze | 2018-03-21 | 12 | -25/+92 |
| | | |||||
| * | ssl.h HISTORY up to 0.9.3; researched from OpenSSL gitlibressl-v2.7.0 | schwarze | 2018-03-21 | 3 | -4/+19 |
| | | |||||
| * | crypto HISTORY up to 0.9.3; researched from OpenSSL git | schwarze | 2018-03-21 | 21 | -43/+178 |
| | | |||||
| * | ssl.h HISTORY up to 0.9.2b; researched from OpenSSL git | schwarze | 2018-03-21 | 8 | -11/+49 |
| | | |||||
| * | crypto HISTORY up to OpenSSL 0.9.2b; researched from OpenSSL git | schwarze | 2018-03-21 | 18 | -30/+134 |
| | | |||||
| * | Full sync of CA list with Mozilla's. | sthen | 2018-03-21 | 1 | -580/+3448 |
| | | | | | | | | | Produced using curl's make-ca-bundle.pl and then reformatted with our format-pem.pl from: https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt OK benno@. juanfra agrees with syncing with Mozilla. No objections received. | ||||
| * | Adjust (non-installed) helper script to cope better with CAs that don't have | sthen | 2018-03-21 | 1 | -2/+6 |
| | | | | | "o=" in their subject. | ||||
| * | crypto HISTORY up to OpenSSL 0.9.1c; researched from OpenSSL git | schwarze | 2018-03-21 | 1 | -3/+6 |
| | | |||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |