| Commit message (Collapse) | Author | Files | Lines | ||
|---|---|---|---|---|---|
| 2015-09-12 | Fix the openssl(1) prime command: When checking a decimal number for | lteo | 1 | -3/+2 | |
| primality, do not unnecessarily convert the original decimal number to hex in the output. Hex numbers explicitly specified with -hex remain unchanged. ok beck@ deraadt@ jsing@ miod@ | |||||
| 2015-09-12 | Move handshake message header length determination into a separate | jsing | 8 | -46/+54 | |
| ssl3_handshake_msg_hdr_len() function. Use this to correct several places that have magic numbers with header lengths hardcoded as '4'. ok beck@ | |||||
| 2015-09-12 | Wrap <unistd.h> so that internal calls go direct and they're all weak symbols | guenther | 6 | -4/+12 | |
| Delete unused 'fd' argument from internal function oldttyname() | |||||
| 2015-09-12 | Wrap <getopt.h> to make the functions weak and make access to the initialized | guenther | 1 | -1/+6 | |
| variables go direct. (Common variables cannot be aliased.) | |||||
| 2015-09-12 | Uncopy and unpaste dtls1_send_certificate_request() - removes another 80 | jsing | 4 | -160/+6 | |
| lines of code, while gaining SIGALGs support. | |||||
| 2015-09-12 | Uncopy and unpaste dtls1_send_server_key_exchange(). Removes another 329 | jsing | 4 | -658/+6 | |
| lines of code, while gaining bug fixes and SIGALGs support. | |||||
| 2015-09-12 | Uncopy and unpaste dtls1_send_server_done(). | jsing | 4 | -36/+6 | |
| 2015-09-12 | Uncopy and unpaste dtls1_send_server_hello(). | jsing | 4 | -136/+6 | |
| 2015-09-12 | Uncopy and unpaste dtls1_send_hello_request(). | jsing | 4 | -36/+6 | |
| 2015-09-12 | Convert the rest of the server handshake functions to ssl3_handshake_msg_*. | jsing | 2 | -88/+70 | |
| ok beck@ | |||||
| 2015-09-12 | Uncopy and unpaste dtls1_send_client_verify() - the | jsing | 4 | -148/+6 | |
| ssl3_send_client_verify() is different, but it correctly supports things like SIGALGS. Another 74 lines of code bites the dust. | |||||
| 2015-09-12 | Uncopy and unpaste dtls1_send_client_key_exchange() - the | jsing | 4 | -538/+10 | |
| ssl3_send_client_key_exchange() is effectively identical, in fact it has a number of bug fixes and improvements that never got merged into the DTLS copy of the code. Flenses another 264 lines of code. ok beck@ | |||||
| 2015-09-12 | Use explicit_bzero() instead of memset() when clearing private keys. | jsing | 2 | -6/+8 | |
| ok bcook@ beck@ miod@ | |||||
| 2015-09-12 | Pull variable assignment out from function call, fix indentation and set | jsing | 2 | -16/+14 | |
| state after calling ssl3_handshake_msg_finish(). | |||||
| 2015-09-12 | style(9) and whitespace cleanups. | jsing | 2 | -58/+50 | |
| 2015-09-12 | Remove workaround for old SIMICS toolchain. | miod | 2 | -90/+2 | |
| 2015-09-12 | Remove horribly old and outdated `documentation' for the assembly code. | miod | 12 | -652/+0 | |
| 2015-09-12 | use SOCK_CLOEXEC instead of fnctl; ok guenther beck jsing | deraadt | 1 | -12/+16 | |
| 2015-09-12 | fix previous; | jmc | 2 | -31/+48 | |
| 2015-09-11 | spaces found during a read | deraadt | 1 | -19/+18 | |
| 2015-09-11 | Add TLS suppport to nc. Provides a useful little test and script tool. | beck | 3 | -45/+346 | |
| ok jsing@ bluhm@ | |||||
| 2015-09-11 | unifdef -DOPENSSL_NO_RC5 | jsing | 2 | -42/+2 | |
| 2015-09-11 | kill evil comment | beck | 1 | -3/+1 | |
| ok deraadt@ | |||||
| 2015-09-11 | Rename functions that moved to t1_enc.c, with a tls1_ prefix instead of a | jsing | 24 | -130/+130 | |
| ssl3_ prefix. ok beck@ | |||||
| 2015-09-11 | fix unchecked mallocs - coverity 130454 and 130455 | beck | 1 | -6/+15 | |
| ok jsing@ | |||||
| 2015-09-11 | Merge the remnants of s3_enc.c into t1_enc.c. | jsing | 4 | -269/+248 | |
| ok beck@ | |||||
| 2015-09-11 | Nuke ssl_set_peer_cert_type(). | jsing | 4 | -20/+4 | |
| ok "flensing knife" | |||||
| 2015-09-11 | Nuke ssl_bad_method(). | jsing | 4 | -22/+4 | |
| ok "flensing knife" | |||||
| 2015-09-11 | Nuke ssl3_default_timeout(). | jsing | 4 | -26/+4 | |
| ok "flensing knife" | |||||
| 2015-09-11 | Nuke ssl_replace_hash(). | jsing | 4 | -46/+4 | |
| ok "flensing knife" | |||||
| 2015-09-11 | Nuke ssl3_cbc_remove_padding(). | jsing | 4 | -68/+4 | |
| ok "flensing knife" | |||||
| 2015-09-11 | Nuke ssl3_alert_code(). | jsing | 3 | -76/+3 | |
| ok "flensing knife" | |||||
| 2015-09-11 | Nuke ssl3_cert_verify_mac() and ssl3_handshake_mac(). | jsing | 3 | -86/+3 | |
| We also no longer need the ssl3_pad_1 and ssl3_pad_2 arrays... ok "flensing knife" | |||||
| 2015-09-11 | Nuke ssl3_final_finish_mac(). | jsing | 3 | -22/+3 | |
| ok "flensing knife" | |||||
| 2015-09-11 | Nuke ssl3_change_cipher_state(). | jsing | 3 | -113/+3 | |
| ok "flensing knife" | |||||
| 2015-09-11 | Nuke ssl3_generate_master_secret(). | jsing | 3 | -39/+3 | |
| ok "flensing knife" | |||||
| 2015-09-11 | Nuke ssl3_setup_key_block() and ssl3_generate_key_block(). | jsing | 3 | -122/+3 | |
| ok "flensing knife" | |||||
| 2015-09-11 | Nuke n_ssl3_mac(). | jsing | 3 | -103/+3 | |
| ok "flensing knife" | |||||
| 2015-09-11 | Nuke ssl3_enc(). | jsing | 3 | -76/+3 | |
| ok "flensing knife" | |||||
| 2015-09-11 | Nuke SSLv3_enc_data. | jsing | 4 | -48/+6 | |
| ok "flensing knife" | |||||
| 2015-09-11 | Shuffle the code in ssl3_send_finished() to make it more logical/readable. | jsing | 2 | -18/+14 | |
| ok beck@ | |||||
| 2015-09-11 | Replace dtls1_send_finished() with ssl3_send_finished() - they're now | jsing | 8 | -96/+12 | |
| both essentially the same (in fact DTLS benefits from improvements previously made to the ssl3_send_finished() function). ok beck@ | |||||
| 2015-09-11 | style(9), fix comments, wrap long lines and tweak whitespace. | jsing | 2 | -62/+118 | |
| 2015-09-11 | Convert dtls1_send_finished() and ssl3_send_finished() to | jsing | 4 | -44/+20 | |
| ssl3_handshake_msg_start()/ssl3_handshake_msg_finish(). ok beck@ | |||||
| 2015-09-11 | typo | deraadt | 1 | -2/+2 | |
| 2015-09-11 | Bring back the expansion-into-.byte-sequences routines removed in r1.9, but | miod | 2 | -24/+134 | |
| only define them if not building for the "openbsd" flavour. This way, non-obfuscated output can still be generated for analysis, by using the "openbsd" flavour (which OpenBSD HEAD will do), and obfuscated output, compatible with older as(1), will be generated for other platforms. The portable version of LibreSSL can then use "openbsd-portable" as the flavour for OpenBSD/amd64 so that generated files can be compiled with OpenBSD 5.7 and other older versions stuck with as(1) 2.15. | |||||
| 2015-09-11 | Put the *method* data structures and functions in the same place. | jsing | 4 | -155/+122 | |
| We can also now nuke ssl23_get_method() since it is the same as tls1_get_method(). And the empty file can bite the dust. ok bcook@ miod@ | |||||
| 2015-09-11 | Pass "openbsd" instead of "openbsd-elf" as the "flavour" to the perl assembler | miod | 2 | -4/+4 | |
| machinery. OpenBSD has never been not ELF on amd64, and changing this will actually make -portable life slightly easier in the near future. | |||||
| 2015-09-11 | Put the *server_method* data structures and functions in the same place. | jsing | 4 | -148/+122 | |
| We can also now nuke ssl23_get_server_method() since it is the same as tls1_get_server_method(). ok miod@ | |||||
| 2015-09-11 | "Shutdown" should be "Shut down" in the usage for s_time's -no_shutdown | lteo | 1 | -2/+2 | |
| flag. Pointed out by jmc@'s commit to the openssl(1) man page. | |||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |