| Commit message (Collapse) | Author | Files | Lines | ||
|---|---|---|---|---|---|
| 2019-05-29 | There are some bugs in __realpath(2) -- it isn't quite ready so disable | deraadt | 1 | -136/+3 | |
| calling it until those are fixed. | |||||
| 2019-05-28 | Fix typo and label indent. | jsing | 1 | -3/+3 | |
| 2019-05-28 | Tidy up some names/structures following the renaming of TLS extension | jsing | 1 | -35/+35 | |
| functions based on message type (clienthello/serverhello), to which side is handling the processing. No intended functional change. ok beck@ | |||||
| 2019-05-28 | Enable the use of the kernel __realpath() system call in the libc wrapper. | beck | 1 | -3/+136 | |
| For now, this also still uses the existing realpath implmentation and emits a syslog if we see differening results. Once we have run with that for a little while we will remove the old code ok deraadt@ | |||||
| 2019-05-23 | Throw malloc_conceal and freezero into the mix. | otto | 1 | -3/+8 | |
| 2019-05-23 | Only override size of chunk if we're not given the actual length. | otto | 1 | -2/+3 | |
| Fixes malloc_conceal...freezero with malloc options C and/or G. | |||||
| 2019-05-23 | bump to LibreSSL 3.0.0 | bcook | 1 | -3/+3 | |
| ok tb@ | |||||
| 2019-05-23 | add stdlib.h for reallocarray | bcook | 1 | -1/+2 | |
| 2019-05-20 | *an* RSA; | jmc | 3 | -9/+9 | |
| 2019-05-19 | clarify that later flags modify earlier flags; | schwarze | 1 | -2/+4 | |
| triggered by a question from Jan Stary <hans at stare dot cz> on misc@; OK otto@ | |||||
| 2019-05-16 | More consistently put remarks about the less useful LC_* categoties, | schwarze | 2 | -14/+26 | |
| i.e. those other than LC_CTYPE, into the CAVEATS section, and standardize wording somewhat. OK jmc@ | |||||
| 2019-05-15 | delete two stray blank lines | schwarze | 1 | -4/+2 | |
| 2019-05-15 | check result of ftruncate() as we do write() below | bcook | 1 | -2/+4 | |
| ok beck@ | |||||
| 2019-05-15 | s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is | bcook | 3 | -29/+20 | |
| no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead. ok jsing@ | |||||
| 2019-05-14 | Correct missing test to determine if length is in bytes or in bits. | beck | 1 | -1/+3 | |
| Issue found by Guido Vranken <guidovranken@gmail.com> ok tedu@ tb@ | |||||
| 2019-05-14 | Use propper regress target to integrate better into test framework. | bluhm | 1 | -2/+4 | |
| 2019-05-13 | Remove unused pad check, which is handled by tls1_cbc_remove_padding() now. | bcook | 1 | -4/+2 | |
| Fixes COV-174858 ok tb@ | |||||
| 2019-05-13 | Acquire mutex before incrementing the refcount. Fixes COV-186144 | bcook | 1 | -1/+3 | |
| ok tb@ | |||||
| 2019-05-13 | Move 'how this works' details from namespace.h to DETAILS | guenther | 2 | -112/+136 | |
| 2019-05-13 | explicitly mention that RES_NOALIASES has no effect; | schwarze | 1 | -3/+4 | |
| jmc@ noticed that the text wasn't completely clear; OK jmc@ | |||||
| 2019-05-13 | Mention introduction of *_conceal. | otto | 1 | -2/+8 | |
| 2019-05-13 | The call to fseek(fp, -1, SEEK_END) also sets the reported size to | bluhm | 1 | -10/+10 | |
| this value. To match the expectation of the test again, move this line before the the code that sets the final position. OK yasuoka@ | |||||
| 2019-05-12 | Fix signed overflow in X509_CRL_print(). | tb | 1 | -1/+4 | |
| fixes oss-fuzz #14558 ok beck jsing | |||||
| 2019-05-12 | Revert the other hunk of r1.36 as well: in the case of CCM, ccm.key is | tb | 1 | -1/+11 | |
| assigned from aesni_ccm_init_key() via CRYPTO_ccm128_init(), so it needs to be copied over... Pointed out by Guido Vranken. ok jsing | |||||
| 2019-05-12 | Stop the eyebleed in here and just use calloc | beck | 1 | -31/+8 | |
| 2019-05-11 | $OpenBSD$ | tb | 4 | -0/+4 | |
| 2019-05-11 | Remove commented out rc5 bits | tb | 7 | -20/+6 | |
| 2019-05-10 | Initialize EC_KEY_METHOD before use. | bcook | 1 | -2/+2 | |
| Fixes COV-186146 ok tb, beck | |||||
| 2019-05-10 | Revert part of r1.36: in the case of GCM, gcm.key is assigned from | tb | 1 | -1/+7 | |
| aesni_gcm_init_key() via CRYPTO_gcm128_init(), so it needs to be copied over... Fixes cryptofuzz issue #14352 and likely also #14374. ok beck jsing | |||||
| 2019-05-10 | Inroduce malloc_conceal() and calloc_conceal(). Similar to their | otto | 2 | -199/+219 | |
| counterparts but return memory in pages marked MAP_CONCEAL and on free() freezero() is actually called. | |||||
| 2019-05-09 | Add a test vector for Streebog 512 from Guido Vranken | tb | 1 | -1/+2 | |
| 2019-05-09 | Fix incorrect carry operation in 512 bit addition: in the case | tb | 1 | -6/+8 | |
| that there is already a carry and Sigma[i-1] == -1, the carry must be kept. From Dmitry Eremin-Solenik. Fixes incorrect Streebog result reported by Guido Vranken. | |||||
| 2019-05-09 | Proper prototype for main(). Make sparc64 happier. | claudio | 1 | -2/+4 | |
| 2019-05-08 | In DTLS, use_srtp is part of the extended server hello while in TLSv1.3, | tb | 1 | -2/+3 | |
| it is an encrypted extension. Include it in the server hello for now. This will have to be revisited once TLSv1.3 gets there. Fixes SRTP negotiation. Problem found by two rust-openssl regress failures reported by mikeb. with & ok beck | |||||
| 2019-05-08 | initialize safestack pointers | bcook | 3 | -6/+6 | |
| ok beck@, tb@ | |||||
| 2019-05-08 | Make sure that the tag buffer size is equal to the tag size | tb | 1 | -2/+2 | |
| in CRYPTO_ccm128_tag(). Otherwise the caller might end up using the part of the tag buffer that was left uninitialized. Issue found by Guido Vranken. ok inoguchi | |||||
| 2019-05-02 | Add test fseek(,-1) works properly. | yasuoka | 1 | -3/+8 | |
| 2019-04-28 | Avoid an undefined shift in ASN1_ENUMERATED_get(). | tb | 1 | -4/+9 | |
| (same fix as in a_int.c rev 1.34) Fixes oss-fuzz issue #13809 ok beck, jsing | |||||
| 2019-04-28 | Avoid an undefined shift in ASN1_INTEGER_get(). | tb | 1 | -4/+8 | |
| Fixes oss-fuzz issue #13804 ok beck, jsing | |||||
| 2019-04-25 | Use calloc/freezero when allocating and freeing the session ticket data. | jsing | 1 | -4/+6 | |
| The decrypted session ticket contains key material. ok tb@ | |||||
| 2019-04-25 | Use EVP_CIPHER_CTX_{new,free}() and HMAC_CTX_{new,free}() instead of | jsing | 1 | -24/+29 | |
| allocating on stack. While here also check the return values from EVP_DecryptInit_ex() and HMAC_Init_ex(). ok tb@ | |||||
| 2019-04-25 | Rename some variables in tls_decrypt_ticket(). | jsing | 1 | -18/+18 | |
| Rename mlen to hlen since it is a hmac (and this matches hctx and hmac). Rename ctx to cctx since it is a cipher context and ctx is usually used to mean SSL_CTX in this code. ok tb@ | |||||
| 2019-04-24 | Do not check for working go executable during make clean cleandir obj. | bluhm | 1 | -1/+3 | |
| reminded by jsing@ | |||||
| 2019-04-24 | Do not check for working go executable during make clean cleandir obj. | bluhm | 1 | -1/+3 | |
| 2019-04-23 | Convert tls_decrypt_ticket() to CBS. | jsing | 1 | -44/+72 | |
| This removes various pointer arithmetic and manual length checks. ok tb@ | |||||
| 2019-04-22 | Add error checking to i2v_POLICY_MAPPINGS(). | tb | 1 | -9/+26 | |
| ok jsing | |||||
| 2019-04-22 | Add error checking to i2v_POLICY_CONSTRAINTS(). | tb | 1 | -5/+19 | |
| ok jsing | |||||
| 2019-04-22 | Add error checking to i2v_EXTENDED_KEY_USAGE(). | tb | 1 | -8/+23 | |
| ok jsing | |||||
| 2019-04-22 | Add error checking to i2v_ASN1_BIT_STRING(). | tb | 1 | -4/+18 | |
| ok jsing | |||||
| 2019-04-22 | Add error checking to i2v_BASIC_CONSTRAINTS(). | tb | 1 | -3/+18 | |
| ok jsing | |||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |