summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* memset like a normal human.bcook2014-11-262-20/+20
| | | | ok beck@ tedu@ miod@
* normalize set/getsockopt usage.bcook2014-11-266-90/+54
| | | | | | | | | | Remove the remaining random casts on optval. Fixups for this can be handled by the portability layer all in once place. Remove remaining fake socklen_t unions, though beck@ points out that this also removes support for socklen_t changing its length at runtime. RIP. ok tedu@ beck@ miod@ deraadt@
* Linux has had IP_MTU since 2005, don't force it.bcook2014-11-262-16/+8
| | | | ok beck@ miod@ tedu@ deraadt@
* rand() is a pseudo-random number generatormillert2014-11-251-3/+3
|
* Don't describe random() as "better".millert2014-11-251-5/+5
| | | | | Remove the bug about rand() being faster. Add a bug about historical implementations seeding very poorly.
* Warn people to use arc4random() in DESCRIPTION so they see it usingmillert2014-11-251-5/+8
| | | | the same text from random.3.
* rand48(3) not drand48(3) to align with the actual man page and Xrmillert2014-11-251-3/+3
| | | | entries.
* no need for md5 xrtedu2014-11-251-3/+2
|
* revert the bludgeoning of DES. if we need a thread safe crypt, maybe it'stedu2014-11-251-31/+33
| | | | better to find one instead of continuing to mangle this mess.
* push some global data down into functions to make this threadlier.tedu2014-11-251-33/+31
| | | | only doing what's needed for crypt_hashpass. sigh.
* introduce a hashspace define and check that there's enough space totedu2014-11-241-15/+10
| | | | write out a hash. also simplify writing out the hash.
* check crypt() for null. noticed by Jonas Termansentedu2014-11-241-2/+2
|
* Mention the -no_tls1_[12] optionsguenther2014-11-231-6/+10
|
* mop up a barely started project... getting in the way of grepping the tree!deraadt2014-11-222-8/+0
|
* Fix incorrect escape.bentley2014-11-222-4/+4
|
* MPE support, begone. ok teduderaadt2014-11-212-4/+4
|
* space needed between macro args and punctuation;jmc2014-11-211-2/+2
|
* add ERRORS, HISTORY, AUTHORS, Copyright year, and some missing macros;schwarze2014-11-211-6/+39
| | | | ok tedu@ on a previous version
* Let crypt_checkpass() set EACCES after bcrypt_checkpass() failure;schwarze2014-11-211-2/+4
| | | | ok tedu@
* change prototype for crypt_newhash. the login_cap_t is a holdover from itstedu2014-11-212-15/+10
| | | | | | pwd_gensalt origins, but a string argument works equally work and is more friendly to consumers beyond local user accounts. ok deraadt
* Oops, make sure camellia is compiled on platforms without an arch-specificmiod2014-11-201-1/+2
| | | | Makefile.inc (i.e. landisk and m88k)
* split crypt_checkpass off into a new filetedu2014-11-203-36/+73
|
* Document behavior of atexit() when called in a DSO that is later unloaded.guenther2014-11-201-2/+14
| | | | | | | | Would be nice to document when/where this originated (in glibc?) if anyone knows... tweaks by schwarze@ ok jmc@ espie@ kettenis@ schwarze@ dimitry(at)google.com
* Nuke yet more obvious #include duplications.krw2014-11-192-6/+2
| | | | ok deraadt@
* include camellia.h using the public include pathbcook2014-11-192-4/+4
|
* Fix a memory leak with pkey in client key exchangedoug2014-11-192-2/+4
| | | | | | Based on boringssl commit: 1df112448b41c3568477f3fcd3b8fc820ce80066 ok miod@ jsing@
* add crypt_newhash to NAME and add an MLINK;jmc2014-11-182-4/+6
|
* GOST regression tests; from Dmitry Eremin-Solenikovmiod2014-11-183-1/+18
|
* Argh, another bug introduced in r1.3; Dmitry Eremin-Solenikovmiod2014-11-182-4/+4
|
* Nuke more obvious #include duplications.krw2014-11-181-2/+1
| | | | ok deraadt@ millert@ tedu@
* Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.miod2014-11-1826-146/+594
| | | | | This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
* Enable the build of GOST routines in libcrypto. Riding upon the Cammeliamiod2014-11-183-8/+6
| | | | libcrypto minor bump.
* More missing error checks I forgot to commit last week, part of the largemiod2014-11-182-24/+46
| | | | cleanup diff.
* Return success in param_copy_gost01() if there is no private key to copy;miod2014-11-182-4/+4
| | | | | broken in r1.3. Spotted by Dmitry Eremin-Solenikov
* further BUF_strdup conversion: these places should be safe to rely ontedu2014-11-186-12/+12
| | | | the function argument not being NULL
* Add the Cammelia cipher to libcrypto.miod2014-11-1727-30/+70
| | | | | | | | | | | | | | | | | | There used to be a strong reluctance to provide this cipher in LibreSSL in the past, because the licence terms under which Cammelia was released by NTT were free-but-not-in-the-corners, by restricting the right to modify the source code, as well retaining the right to enforce their patents against anyone in the future. However, as stated in http://www.ntt.co.jp/news/news06e/0604/060413a.html , NTT changed its mind and made this code truly free. We only wish there had been more visibility of this, for we could have had enabled Cammelia earlier (-: Licence change noticed by deraadt@. General agreement from the usual LibreSSL suspects. Crank libcrypto.so minor version due to the added symbols.
* Make the ECDSA_SIG bowels public. This matches RSA_SIG and DSA_SIG, and wemiod2014-11-174-60/+60
| | | | | | expect a good use for this knowledge in the tree in the near future. Contributed by Vincent Gross, thanks!
* add new function crypt_newhash to simplify creating new hashes.tedu2014-11-172-3/+46
| | | | | does most of the work pwd_gensalt did, but also creates the hash. (unused yet)
* Sort and group includes.jsing2014-11-1671-183/+317
|
* Reduce instances of `` '' in manuals.bentley2014-11-151-5/+5
| | | | | | | | | | | | troff displays these as typographic quotes, but nroff implementations almost always print them literally, which rarely has the intended effect with modern fonts, even in stock xterm. These uses of `` '' can be replaced either with more semantic alternatives or with Dq, which prints typographic quotes in a UTF-8 locale (but will automatically fall back to `` '' in an ASCII locale). improvements and ok schwarze@
* Add many missing error checks (probably not exhaustive, but a good start):miod2014-11-1312-574/+976
| | | | | | | | | | | | - make VKO_compute_key() no longer void so that it can return failure. - fix unchecked allocations in too many routines to mention /-: - fix unchecked BN operations in gost2001_do_sign(), gost2001_do_verify(), VKO_compute_key(). - fix the gost2001_do_sign() interface violation by having its sole caller free the BIGNUM it passes to that function by itself, instead of having the callee do this. Reviewed (except for the last item) by Dmitry Eremin-Solenikov.
* Sacrifice this code to the KNF deities.miod2014-11-1318-804/+802
|
* Fix GOST TC26-B curve description.miod2014-11-122-4/+4
|
* f{read,write} take a number of items and an item size as arguments, andmiod2014-11-114-28/+14
| | | | | | | | | | | | | | | | | | | | | return the number of items read of written. When you intend to return the number of bytes actually processed, it is wise to pass 1 as the item size and the size as the number of items. But in *some* places, the OpenSSL does the opposite, and has extra logic to change a successful return of 1 (item processed) into the real size. And, guess why it does that? Because of old VMS, for they (used to) have a substandard stdio implementation. Note that this change causes the return values of BIO_dump_fp() and BIO_dump_indent_fp() to no longer be useless (actual number of callback calls), but actual bytes output. Given the irrelevance of the return value before, it is unlikely that anything depends upon it (and if something does, it probably has other problems in need for a fix...) ok tedu@ beck@ jsing@
* correct the failure case for getentropy on win32bcook2014-11-112-6/+6
| | | | | | CryptAcquireContext and CryptGenRandom returns zero (FALSE) if fails. From: Dongsheng Song <dongsheng.song@gmail.com>
* Don't free garbage in ec_wNAF_mul() if wNAF could be allocated butguenther2014-11-112-10/+22
| | | | | | | other allocations in the same block couldn't. problem pointed out by David Ramos on the openssl-dev list ok miod@ doug@
* delete extra word in Ndderaadt2014-11-111-3/+3
|
* KNF (when not conflicting with other cleanup changes in progress)miod2014-11-0928-746/+1014
|
* GOST tests, not connected to the build yet.miod2014-11-092-0/+1464
|
* Remove DEBUG_SIGN code. Make sure gost_key_unwrap_crypto_pro() returns failuremiod2014-11-094-38/+8
| | | | instead of a printf and a success return, when the operation fails.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-28 22:17:37 +0000