summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Remove the blinding later to avoid leaking information on the lengthtb2019-06-041-3/+3
| | | | | | | | of kinv. Pointed out and fix suggested by David Schrammel and Samuel Weiser ok jsing
* .In openssl/x509_vfy.hschwarze2019-06-041-3/+4
| | | | for consistency with all the other X509_STORE_*(3) manual pages
* Add several missing .In linesschwarze2019-06-041-3/+13
| | | | | and add a sentence pointing to the detailed description in RSA_get_ex_new_index(3), worded like in DH_get_ex_new_index(3).
* Move to env var, likelky the possibility to set malloc options fromotto2019-06-042-19/+8
| | | | main is going away.
* add missing .In linesschwarze2019-06-032-4/+6
|
* add missing .In lineschwarze2019-06-031-2/+3
|
* Complete the ld.so boot cleanup: move most libc initialization fromguenther2019-06-022-8/+5
| | | | | | | | | | | | | | | | | _csu_finish() to _libc_preinit(), which is an .init_array function in shared libc (and mark it INITFIRST) or a .preinit_array function in static libc, grabbing the _dl_cb callback there from ld.so. Then in _csu_finish(), invoke the dl_clean_boot() callback to free ld.so's startup bits before main() gets control. Other cleanups this permits: - move various startup structures into .data.rel.ro - the dl* stubs in libc can be strong and call the callbacks provided via _dl_cb - no longer need to conditionalize dlctl() calls on presence of _DYNAMIC original concept and full diff ok kettenis@ ok deraadt@
* __realpath(2) appears to have improved, so re-enable the code thatderaadt2019-05-301-3/+136
| | | | | checks userland-parsing vs kernel parsing, we are hoping to spot another bug..
* Relax parsing of TLS key share extensions on the server.jsing2019-05-291-5/+2
| | | | | | | | | | | The RFC does not require X25519 and it also allows clients to send an empty key share when the want the server to select a group. The current behaviour results in handshake failures where the client supports TLS 1.3 and sends a TLS key share extension that does not contain X25519. Issue reported by Hubert Kario via github. ok tb@
* Do not send an SNI extension when resuming a session that contains a serverjsing2019-05-291-1/+4
| | | | | | | | name (which means the client sent SNI during the initial handshake). Issue reported by Renaud Allard. ok tb@
* There are some bugs in __realpath(2) -- it isn't quite ready so disablederaadt2019-05-291-136/+3
| | | | calling it until those are fixed.
* Fix typo and label indent.jsing2019-05-281-3/+3
|
* Tidy up some names/structures following the renaming of TLS extensionjsing2019-05-281-35/+35
| | | | | | | | | functions based on message type (clienthello/serverhello), to which side is handling the processing. No intended functional change. ok beck@
* Enable the use of the kernel __realpath() system call in the libc wrapper.beck2019-05-281-3/+136
| | | | | | | | For now, this also still uses the existing realpath implmentation and emits a syslog if we see differening results. Once we have run with that for a little while we will remove the old code ok deraadt@
* Throw malloc_conceal and freezero into the mix.otto2019-05-231-3/+8
|
* Only override size of chunk if we're not given the actual length.otto2019-05-231-2/+3
| | | | Fixes malloc_conceal...freezero with malloc options C and/or G.
* bump to LibreSSL 3.0.0bcook2019-05-231-3/+3
| | | | ok tb@
* add stdlib.h for reallocarraybcook2019-05-231-1/+2
|
* *an* RSA;jmc2019-05-203-9/+9
|
* clarify that later flags modify earlier flags;schwarze2019-05-191-2/+4
| | | | | triggered by a question from Jan Stary <hans at stare dot cz> on misc@; OK otto@
* More consistently put remarks about the less useful LC_* categoties,schwarze2019-05-162-14/+26
| | | | | | i.e. those other than LC_CTYPE, into the CAVEATS section, and standardize wording somewhat. OK jmc@
* delete two stray blank linesschwarze2019-05-151-4/+2
|
* check result of ftruncate() as we do write() belowbcook2019-05-151-2/+4
| | | | ok beck@
* s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there isbcook2019-05-153-29/+20
| | | | | | | no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead. ok jsing@
* Correct missing test to determine if length is in bytes or in bits.beck2019-05-141-1/+3
| | | | | Issue found by Guido Vranken <guidovranken@gmail.com> ok tedu@ tb@
* Use propper regress target to integrate better into test framework.bluhm2019-05-141-2/+4
|
* Remove unused pad check, which is handled by tls1_cbc_remove_padding() now.bcook2019-05-131-4/+2
| | | | | | Fixes COV-174858 ok tb@
* Acquire mutex before incrementing the refcount. Fixes COV-186144bcook2019-05-131-1/+3
| | | | ok tb@
* Move 'how this works' details from namespace.h to DETAILSguenther2019-05-132-112/+136
|
* explicitly mention that RES_NOALIASES has no effect;schwarze2019-05-131-3/+4
| | | | | jmc@ noticed that the text wasn't completely clear; OK jmc@
* Mention introduction of *_conceal.otto2019-05-131-2/+8
|
* The call to fseek(fp, -1, SEEK_END) also sets the reported size tobluhm2019-05-131-10/+10
| | | | | | this value. To match the expectation of the test again, move this line before the the code that sets the final position. OK yasuoka@
* Fix signed overflow in X509_CRL_print().tb2019-05-121-1/+4
| | | | | | fixes oss-fuzz #14558 ok beck jsing
* Revert the other hunk of r1.36 as well: in the case of CCM, ccm.key istb2019-05-121-1/+11
| | | | | | | | | assigned from aesni_ccm_init_key() via CRYPTO_ccm128_init(), so it needs to be copied over... Pointed out by Guido Vranken. ok jsing
* Stop the eyebleed in here and just use callocbeck2019-05-121-31/+8
|
* $OpenBSD$tb2019-05-114-0/+4
|
* Remove commented out rc5 bitstb2019-05-117-20/+6
|
* Initialize EC_KEY_METHOD before use.bcook2019-05-101-2/+2
| | | | | | Fixes COV-186146 ok tb, beck
* Revert part of r1.36: in the case of GCM, gcm.key is assigned fromtb2019-05-101-1/+7
| | | | | | | | | aesni_gcm_init_key() via CRYPTO_gcm128_init(), so it needs to be copied over... Fixes cryptofuzz issue #14352 and likely also #14374. ok beck jsing
* Inroduce malloc_conceal() and calloc_conceal(). Similar to theirotto2019-05-102-199/+219
| | | | | counterparts but return memory in pages marked MAP_CONCEAL and on free() freezero() is actually called.
* Add a test vector for Streebog 512 from Guido Vrankentb2019-05-091-1/+2
|
* Fix incorrect carry operation in 512 bit addition: in the casetb2019-05-091-6/+8
| | | | | | | | | that there is already a carry and Sigma[i-1] == -1, the carry must be kept. From Dmitry Eremin-Solenik. Fixes incorrect Streebog result reported by Guido Vranken.
* Proper prototype for main(). Make sparc64 happier.claudio2019-05-091-2/+4
|
* In DTLS, use_srtp is part of the extended server hello while in TLSv1.3,tb2019-05-081-2/+3
| | | | | | | | | | it is an encrypted extension. Include it in the server hello for now. This will have to be revisited once TLSv1.3 gets there. Fixes SRTP negotiation. Problem found by two rust-openssl regress failures reported by mikeb. with & ok beck
* initialize safestack pointersbcook2019-05-083-6/+6
| | | | ok beck@, tb@
* Make sure that the tag buffer size is equal to the tag sizetb2019-05-081-2/+2
| | | | | | | | | in CRYPTO_ccm128_tag(). Otherwise the caller might end up using the part of the tag buffer that was left uninitialized. Issue found by Guido Vranken. ok inoguchi
* Add test fseek(,-1) works properly.yasuoka2019-05-021-3/+8
|
* Avoid an undefined shift in ASN1_ENUMERATED_get().tb2019-04-281-4/+9
| | | | | | | | (same fix as in a_int.c rev 1.34) Fixes oss-fuzz issue #13809 ok beck, jsing
* Avoid an undefined shift in ASN1_INTEGER_get().tb2019-04-281-4/+8
| | | | | | Fixes oss-fuzz issue #13804 ok beck, jsing
* Use calloc/freezero when allocating and freeing the session ticket data.jsing2019-04-251-4/+6
| | | | | | The decrypted session ticket contains key material. ok tb@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 15:59:14 +0000