| Commit message (Collapse) | Author | Age | Files | Lines | ||
|---|---|---|---|---|---|---|
| ... | ||||||
| * | Ensure that we clear the libssl error stack before we make a function call | jsing | 2015-09-12 | 3 | -5/+12 | |
| | | | | | | | | | | | that we will pass the result through tls_ssl_error() on failure. Otherwise we can end up reporting spurious errors due to their being unrelated errors already on the error stack. Spotted by Marko Kreen. ok beck@ | |||||
| * | Unwrap a bunch of lines. | jsing | 2015-09-12 | 2 | -74/+38 | |
| | | ||||||
| * | Nuke SSLEAY_CONF -- a backwards compatibility environment variable that | lteo | 2015-09-12 | 4 | -14/+5 | |
| | | | | | | | | | | | has been superseded by OPENSSL_CONF and discouraged from use for almost 16 years. "Definately ok" jsing@ "burn it" deraadt@ "Kill it with fire" miod@ "KILL IT WITH FIRE!!! BURN!!!!" beck@ | |||||
| * | __strsignal() is now declared in hidden/signal.h | guenther | 2015-09-12 | 1 | -2/+0 | |
| | | ||||||
| * | Put tls_peer_cert* functions in the same place. | jsing | 2015-09-12 | 1 | -6/+6 | |
| | | ||||||
| * | Wrap <inttypes.h> and finish wrapping of <wchar.h> so that calls go direct | guenther | 2015-09-12 | 24 | -24/+51 | |
| | | | | | and the symbols not in the C standard are weak | |||||
| * | Remove most of the SSLv3 version checks and a few TLS v1.0. | doug | 2015-09-12 | 14 | -236/+114 | |
| | | | | | | | | We can now assume >= TLS v1.0 since SSL2_VERSION, SSL3_VERSION and DTLS1_BAD_VER support was removed. "reads ok" miod@ | |||||
| * | Add openssl(1) speed support for AEAD algorithms. | bcook | 2015-09-12 | 1 | -17/+96 | |
| | | | | | | | | This adds aes-128-gcm aes-256-gcm chacha20-poly1305 from Adam Langley's original patch for OpenSSL ok beck@ jsing@ | |||||
| * | Cleanup enginetest a bit. | bcook | 2015-09-12 | 1 | -104/+84 | |
| | | | | | | It was the only thing preventing -Werror from building on some systems due to the unchecked asprintf's. | |||||
| * | Uncopy and unpaste dtls1_send_newsession_ticket() - another 111 lines of | jsing | 2015-09-12 | 4 | -222/+6 | |
| | | | | | code deduped. | |||||
| * | Fix the openssl(1) prime command: When checking a decimal number for | lteo | 2015-09-12 | 1 | -3/+2 | |
| | | | | | | | | | | primality, do not unnecessarily convert the original decimal number to hex in the output. Hex numbers explicitly specified with -hex remain unchanged. ok beck@ deraadt@ jsing@ miod@ | |||||
| * | Move handshake message header length determination into a separate | jsing | 2015-09-12 | 8 | -46/+54 | |
| | | | | | | | | ssl3_handshake_msg_hdr_len() function. Use this to correct several places that have magic numbers with header lengths hardcoded as '4'. ok beck@ | |||||
| * | Wrap <unistd.h> so that internal calls go direct and they're all weak symbols | guenther | 2015-09-12 | 6 | -4/+12 | |
| | | | | | Delete unused 'fd' argument from internal function oldttyname() | |||||
| * | Wrap <getopt.h> to make the functions weak and make access to the initialized | guenther | 2015-09-12 | 1 | -1/+6 | |
| | | | | | variables go direct. (Common variables cannot be aliased.) | |||||
| * | Uncopy and unpaste dtls1_send_certificate_request() - removes another 80 | jsing | 2015-09-12 | 4 | -160/+6 | |
| | | | | | lines of code, while gaining SIGALGs support. | |||||
| * | Uncopy and unpaste dtls1_send_server_key_exchange(). Removes another 329 | jsing | 2015-09-12 | 4 | -658/+6 | |
| | | | | | lines of code, while gaining bug fixes and SIGALGs support. | |||||
| * | Uncopy and unpaste dtls1_send_server_done(). | jsing | 2015-09-12 | 4 | -36/+6 | |
| | | ||||||
| * | Uncopy and unpaste dtls1_send_server_hello(). | jsing | 2015-09-12 | 4 | -136/+6 | |
| | | ||||||
| * | Uncopy and unpaste dtls1_send_hello_request(). | jsing | 2015-09-12 | 4 | -36/+6 | |
| | | ||||||
| * | Convert the rest of the server handshake functions to ssl3_handshake_msg_*. | jsing | 2015-09-12 | 2 | -88/+70 | |
| | | | | | ok beck@ | |||||
| * | Uncopy and unpaste dtls1_send_client_verify() - the | jsing | 2015-09-12 | 4 | -148/+6 | |
| | | | | | | ssl3_send_client_verify() is different, but it correctly supports things like SIGALGS. Another 74 lines of code bites the dust. | |||||
| * | Uncopy and unpaste dtls1_send_client_key_exchange() - the | jsing | 2015-09-12 | 4 | -538/+10 | |
| | | | | | | | | | ssl3_send_client_key_exchange() is effectively identical, in fact it has a number of bug fixes and improvements that never got merged into the DTLS copy of the code. Flenses another 264 lines of code. ok beck@ | |||||
| * | Use explicit_bzero() instead of memset() when clearing private keys. | jsing | 2015-09-12 | 2 | -6/+8 | |
| | | | | | ok bcook@ beck@ miod@ | |||||
| * | Pull variable assignment out from function call, fix indentation and set | jsing | 2015-09-12 | 2 | -16/+14 | |
| | | | | | state after calling ssl3_handshake_msg_finish(). | |||||
| * | style(9) and whitespace cleanups. | jsing | 2015-09-12 | 2 | -58/+50 | |
| | | ||||||
| * | Remove workaround for old SIMICS toolchain. | miod | 2015-09-12 | 2 | -90/+2 | |
| | | ||||||
| * | Remove horribly old and outdated `documentation' for the assembly code. | miod | 2015-09-12 | 12 | -652/+0 | |
| | | ||||||
| * | use SOCK_CLOEXEC instead of fnctl; ok guenther beck jsing | deraadt | 2015-09-12 | 1 | -12/+16 | |
| | | ||||||
| * | fix previous; | jmc | 2015-09-12 | 2 | -31/+48 | |
| | | ||||||
| * | spaces found during a read | deraadt | 2015-09-11 | 1 | -19/+18 | |
| | | ||||||
| * | Add TLS suppport to nc. Provides a useful little test and script tool. | beck | 2015-09-11 | 3 | -45/+346 | |
| | | | | | ok jsing@ bluhm@ | |||||
| * | unifdef -DOPENSSL_NO_RC5 | jsing | 2015-09-11 | 2 | -42/+2 | |
| | | ||||||
| * | kill evil comment | beck | 2015-09-11 | 1 | -3/+1 | |
| | | | | | ok deraadt@ | |||||
| * | Rename functions that moved to t1_enc.c, with a tls1_ prefix instead of a | jsing | 2015-09-11 | 24 | -130/+130 | |
| | | | | | | | ssl3_ prefix. ok beck@ | |||||
| * | fix unchecked mallocs - coverity 130454 and 130455 | beck | 2015-09-11 | 1 | -6/+15 | |
| | | | | | ok jsing@ | |||||
| * | Merge the remnants of s3_enc.c into t1_enc.c. | jsing | 2015-09-11 | 4 | -269/+248 | |
| | | | | | ok beck@ | |||||
| * | Nuke ssl_set_peer_cert_type(). | jsing | 2015-09-11 | 4 | -20/+4 | |
| | | | | | ok "flensing knife" | |||||
| * | Nuke ssl_bad_method(). | jsing | 2015-09-11 | 4 | -22/+4 | |
| | | | | | ok "flensing knife" | |||||
| * | Nuke ssl3_default_timeout(). | jsing | 2015-09-11 | 4 | -26/+4 | |
| | | | | | ok "flensing knife" | |||||
| * | Nuke ssl_replace_hash(). | jsing | 2015-09-11 | 4 | -46/+4 | |
| | | | | | ok "flensing knife" | |||||
| * | Nuke ssl3_cbc_remove_padding(). | jsing | 2015-09-11 | 4 | -68/+4 | |
| | | | | | ok "flensing knife" | |||||
| * | Nuke ssl3_alert_code(). | jsing | 2015-09-11 | 3 | -76/+3 | |
| | | | | | ok "flensing knife" | |||||
| * | Nuke ssl3_cert_verify_mac() and ssl3_handshake_mac(). | jsing | 2015-09-11 | 3 | -86/+3 | |
| | | | | | | | We also no longer need the ssl3_pad_1 and ssl3_pad_2 arrays... ok "flensing knife" | |||||
| * | Nuke ssl3_final_finish_mac(). | jsing | 2015-09-11 | 3 | -22/+3 | |
| | | | | | ok "flensing knife" | |||||
| * | Nuke ssl3_change_cipher_state(). | jsing | 2015-09-11 | 3 | -113/+3 | |
| | | | | | ok "flensing knife" | |||||
| * | Nuke ssl3_generate_master_secret(). | jsing | 2015-09-11 | 3 | -39/+3 | |
| | | | | | ok "flensing knife" | |||||
| * | Nuke ssl3_setup_key_block() and ssl3_generate_key_block(). | jsing | 2015-09-11 | 3 | -122/+3 | |
| | | | | | ok "flensing knife" | |||||
| * | Nuke n_ssl3_mac(). | jsing | 2015-09-11 | 3 | -103/+3 | |
| | | | | | ok "flensing knife" | |||||
| * | Nuke ssl3_enc(). | jsing | 2015-09-11 | 3 | -76/+3 | |
| | | | | | ok "flensing knife" | |||||
| * | Nuke SSLv3_enc_data. | jsing | 2015-09-11 | 4 | -48/+6 | |
| | | | | | ok "flensing knife" | |||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |