summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Bump LibreSSL version number to 2.2.4 in 5.8 release branch.libressl-v2.2.4bcook2015-10-151-3/+3
|
* pull up fixes for leak and overruntedu2015-10-151-6/+4
|
* Bump LibreSSL version number to 2.2.3 in 5.8 release branch.libressl-v2.2.3jsing2015-08-281-3/+3
| | | | Requested by bcook@ for libressl portable.
* MFC: Correctly handle a ClientHello that contains no TLS extensions, ratherjsing2015-08-281-1/+3
| | | | than treating it as invalid and aborting the handshake.
* This commit was manufactured by cvs2git to create branch 'OPENBSD_5_8'.libressl-v2.2.2cvs2svn2015-08-021185-381116/+0
|
* spelling; ok deraadtjmc2015-08-022-4/+4
|
* remove ssl3 bits; ok dougjmc2015-08-021-58/+14
|
* Don't hardcode /usr/src, use BSDSRCDIRtobiasu2015-07-311-2/+2
|
* Fix SRTP parsing.doug2015-07-312-6/+4
| | | | | | | jsing@ noticed that during the CBS conversion, an extra CBS_len comparison was introduced. It should be 0 after extracting MKI. ok jsing@ bcook@ deraadt@
* Add linker warnings in case SSLv3_{,client,server}_method are referenced.miod2015-07-295-5/+35
| | | | | | | Use of this symbols proves the existence of a code path willingly using SSLv3, even with OPENSSL_NO_SSL3 being defined, which hints that it needs fixing. Discussed with the LibreSSL cabal during c2k15; ok deraadt@
* Use named initialisers for X509V3_EXT_METHOD structs (for the usualjsing2015-07-2938-456/+1176
| | | | reasons) - only change in generated assembly is due to line numbering.
* Expand obsolete M_ASN1.*(cmp|dup|print|set) macros - no change in generatedjsing2015-07-2940-108/+108
| | | | | | assembly. ok bcook@
* Expand obsolete M_ASN1_STRING_* macros in asn1_lib.c, apply some style(9)jsing2015-07-292-12/+10
| | | | | | and drop an unnecessary return from a void function. ok bcook@ doug@
* use file system path (.Pa) semantic markup macros where appropriate.sobrado2015-07-271-7/+7
| | | | ok jmc@
* Less asn1_mac.h - asn1_lib.c does not need it and x_pkey.c should bejsing2015-07-274-20/+10
| | | | | | using ASN1err() instead of ASN1_MAC_H_err(). ok miod@
* remove unused variablechl2015-07-261-2/+2
| | | | ok tedu@
* double words fix; docs are slowly getting moved to mdoc, but thissobrado2015-07-254-4/+4
| | | | | | change will help people translating them. ok jmc@, schwarze@
* Place the ASN.1 template macros (and remaining implement macros) underjsing2015-07-252-6/+12
| | | | #ifndef LIBRESSL_INTERNAL - we're not using these anymore!
* double word fix.sobrado2015-07-251-2/+2
| | | | ok jmc@, schwarze@
* Expand another ASN.1 template macro that snuck through last time around.jsing2015-07-252-4/+16
| | | | No change in generated assembly.
* Manually expand ASN.1 template macros - only change in generated assemblyjsing2015-07-256-32/+80
| | | | is due to line numbering.
* Expand ASN.1 template macros that got missed in the last pass - only changejsing2015-07-256-22/+62
| | | | to generated assembly is due to line numbers.
* Expand ASN.1 template macros - the generated assembly only differs byjsing2015-07-2526-282/+1612
| | | | changes to line numbers.
* Expand ASN.1 template macros - no change in generated assembly.jsing2015-07-252-112/+588
|
* Expand ASN.1 template macros - no change in generated assembly.jsing2015-07-252-178/+1090
|
* Expand another wall of ASN.1 template macros - no change to generatedjsing2015-07-252-448/+2714
| | | | assembly.
* Expand ASN.1 template macros - no change in generated assembly.jsing2015-07-254-272/+1694
|
* Expand ASN.1 template macros - the generated assembly only differs byjsing2015-07-252-110/+702
| | | | changes to line numbers.
* Expand ASN.1 template macros - no change in generated assembly.jsing2015-07-244-54/+342
|
* Expand ASN.1 template macros - the generated assembly only differs byjsing2015-07-242-102/+682
| | | | changes to line numbers.
* an TLS -> a TLS; from thanos tsouanasjmc2015-07-245-14/+14
|
* Expand ASN1_ITEM_TEMPLATE/ASN1_EX_TEMPLATE_TYPE/ASN1_ITEM_TEMPLATE_ENDjsing2015-07-248-44/+212
| | | | macros - the generated assembly only differs by changes to line numbers.
* Expand IMPLEMENT_ASN1_MSTRING macros - the generated assembly only differsjsing2015-07-244-12/+84
| | | | by changes to line numbers.
* Convert tls1_process_ticket to CBS.doug2015-07-244-62/+76
| | | | ok miod@ jsing@
* Convert tls1_process_sigalgs to CBS.doug2015-07-242-10/+28
| | | | ok miod@ jsing@
* Convert ssl3_get_record to CBS.doug2015-07-242-44/+58
| | | | ok miod@ jsing@
* call it bcrypt in the man page tootedu2015-07-231-3/+3
|
* permit "bcrypt" as an alias for "blowfish". this is, after all, whattedu2015-07-231-11/+27
| | | | | | | 99% of the world calls it. allow just "bcrypt" without params to mean auto-tune ("bcrypt,a"). default remains 8 rounds (for now) ok deraadt
* Revert ca.c r1.7 - BN_to_ASN1_INTEGER() only allocates an ASN.1 integerjsing2015-07-221-6/+2
| | | | | | | | | when it is not passed a reference to one. In this case, it is passed a reference to an ASN.1 integer that is part of the X509 ASN.1 data structure. Freeing this causes bad things to happen, since it is used and then freed later on. Found the hard way by kinichiro inoguchi.
* Convert openssl(1) nseq to new option handling.jsing2015-07-211-40/+51
| | | | ok bcook@ doug@
* Convert openssl(1) pkcs7 to new option handling.jsing2015-07-211-93/+111
| | | | ok doug@
* remove superfluous strings.hbcook2015-07-211-2/+1
|
* Remove duplicate check in libssl.doug2015-07-212-6/+2
| | | | | | | If len == 0, it already set try_session_cache so there's no need to check len again. Fixes Coverity issue 21687. ok bcook@
* Correct #if/else logic in BIO's dgram_ctrl.doug2015-07-202-6/+6
| | | | | | | | | Coverity issue 72741 noticed that ret is being overwritten before use. The actual issue is that the #if/else logic is guarding the wrong lines. Besides impacting ret, this also made the case's break logic wrong because it was in the wrong location. ok bcook@ beck@
* app_tminterval moved to apps_posix.c, we don't need sys/times.hbcook2015-07-201-2/+1
|
* prefer string.h to strings.h ok guenther@ doug@bcook2015-07-202-4/+4
|
* No need to recheck for NULL in openssl(1) ecparam.doug2015-07-201-5/+1
| | | | | | Fixes Coverity issue 78802. ok bcook@
* Don't try to run ECDH if ecdh_checks fails in openssl(1) speed.doug2015-07-201-17/+23
| | | | | | | Coverity 72744 noticed that rsa_count was overwitten. The underlying issue is that this code is supposed to be in an else block. ok bcook@
* Avoid NULL deref in openssl(1) s_cb.doug2015-07-201-5/+14
| | | | | | Fixes Coverity issue 24956. ok bcook@
* Avoid possible NULL deref in openssl(1) s_server.doug2015-07-201-2/+5
| | | | | | Fixes Coverity issue 78873. ok miod@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-16 02:17:25 +0000