| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
| |
silently accept multiple unnamed arguments, ignoring all except the last.
This behaviour was already inconsistent between openssl(1) applications;
apply the principal of least surprise. This will also simplify the addition
of upcoming functionality.
|
| | |
|
| | |
|
| |
|
|
|
| |
allows for simpler code in the common cases and will allow for further
extension to support the complex cases.
|
| |
|
|
|
| |
for openssl(1), which is also variable in behaviour between applications
(and currently inconsistent).
|
| |
|
|
| |
Noticed while testing libtls on FreeBSD.
|
| |
|
|
|
|
|
|
|
| |
use global data. The simplest fix is to only check blowfish passwords,
and implicitly lock out DES passwords.
crypt_checkpass is currently only used in one place, passwd, to verify
the local user's password, so this is probably acceptable.
Gives people a little more time to migrate away from DES before introduing
checkpass into more places.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Sync cipher strings with the ones that are actually implemented.
- Remove CIPHERS SUITE NAMES (the actual cipher suites can be obtained
via "openssl ciphers -v"), CIPHERS NOTES, and CIPHERS HISTORY
sections.
- Stop mentioning export cipher suites since they have already been
removed.
feedback from deraadt@ and jmc@
ok jmc@
|
| | |
|
| |
|
|
|
|
| |
"openssl dgst".
feedback/ok jmc@
|
| |
|
|
|
|
|
|
|
|
| |
libtls accepts size_t for lengths but libssl accepts int. This verifies
that the input does not exceed INT_MAX. It also avoids truncating size_t
when comparing with int and adds printf-style attributes for
tls_set_error().
with input from deraadt@ and tedu@
ok tedu@
|
| | |
|
| | |
|
| |
|
|
| |
the Camellia ciphersuites for TLS 1.2 introduced in RFC 5932. From OpenSSL HEAD.
|
| |
|
|
| |
platforms with small MAXTSIZ or MAXSSIZ.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
A few EVP_DigestInit_ex() calls were left alone since reporting an
error would change the public API.
Changed internal ssl3_cbc_digest_record() to return a value due to the above
change. It will also now set md_out_size=0 on failure.
This is based on part of BoringSSL's commit to fix malloc crashes:
https://boringssl.googlesource.com/boringssl/+/69a01608f33ab6fe2c3485d94aef1fe9eacf5364
ok miod@
|
| |
|
|
|
|
|
|
| |
Remove support for conditional payload alignment, since we would never
want to turn it off. Also, consistently use size_t for calculating the
alignment.
ok miod@
|
| |
|
|
|
|
| |
the new handshake functions.
ok miod@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
messages. This will allow for removal of repeated/duplicated code.
Additionally, DTLS was written by wholesale copying of the SSL/TLS code,
with some DTLS specifics being added to the duplicated code. Since these
SSL handshake message functions know how to handle both SSL/TLS and DTLS,
upon conversion the duplicate versions will become identical (or close to),
at which point the DTLS versions can be removed and the SSL/TLS versions
used for both protocols.
Partially based on similar changes in OpenSSL.
ok miod@
|
| | |
|
| | |
|
| |
|
|
| |
EC_GROUP_free() all have implicit NULL checks.
|
| | |
|
| |
|
|
|
|
|
| |
mazes in libssl. NPN is being replaced by ALPN, however it is still going
to be around for a while yet.
ok miod@
|
| |
|
|
|
|
|
| |
enabled and I would hope that no one is using client certificates with DTLS
and Netscape, assuming it even supported it...
ok bcook@ miod@
|
| |
|
|
| |
update SYNOPSIS and DESCRIPTION and add STANDARDS
|
| |
|
|
| |
use RSA authentication, rather than only those that use RSA key exchange.
|
| |
|
|
|
|
| |
rewrite the function to be simpler as well. the compiler can unroll the
loop for us if necessary.
ok schwarze
|
| |
|
|
|
|
|
|
| |
calls malloc(). Instead of silently continuing on failure, check the return
value of BIO_new() and propagate failure back to the caller for appropriate
handling.
ok bcook@
|
| |
|
|
|
|
|
| |
the two ciphersuites that use it. GOST94 public/private keys have been
long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
| |
|
|
| |
Based on OpenSSL.
|
| |
|
|
| |
Based on OpenSSL.
|
| | |
|
| |
|
|
|
|
| |
Based on OpenSSL and BoringSSL.
ok bcook@
|
| |
|
|
| |
ok jsing@
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
It may take a few iterations to get the tone right.
previously discussed with millert
|
| |
|
|
|
|
|
| |
the same thingies. Therefore these "lists of functions" man pages can go
away.
Hurray! I've wanted these pages to die for around 10 years!
ok ingo (and i think jmc)
|
| | |
|
| |
|
|
| |
observed by jonas termansen
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
to returning strong random by default, source from arc4random(3).
Parameters to the seeding functions are ignored, and the subsystems remain
in strong random mode. If you wish the standardized deterministic mode,
call srand_deterministic(), srandom_determistic(), srand48_deterministic(),
seed48_deterministic() or lcong48_deterministic() instead.
The re-entrant functions rand_r(), erand48(), nrand48(), jrand48() are
unaffected by this change and remain in deterministic mode (for now).
Verified as a good roadmap forward by auditing 8800 pieces of software.
Roughly 60 pieces of software will need adaptation to request the
deterministic mode.
Violates POSIX and C89, which violate best practice in this century.
ok guenther tedu millert
|
| | |
|
| | |
|
| | |
|
