openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Files	Lines
2016-05-04	revert the big change from yesterday to prepare for smaller commits.	tedu	14	-110/+60

2016-05-03	prefer limits.h over sys/limits.h	bcook	2	-4/+4

2016-05-03	patch from openssl for multiple issues:	tedu	16	-60/+530
	missing padding check in aesni functions overflow in evp encode functions use of invalid negative asn.1 types ok beck
2016-05-02	Remove a vax remnant (that was really a no-op anyway).	millert	1	-3/+1

2016-05-01	Remove old NeXT-specific cruft. From mmcc@	millert	1	-13/+1

2016-04-28	spelling fix;	jmc	1	-2/+2

2016-04-28	Crank majors for lib{crypto,ssl,tls} due to symbol removals, symbol	jsing	5	-5/+5
	additions and functionality changes.
2016-04-28	Factor our the keypair handling in libtls. This results in more readable	jsing	7	-52/+164
	and self-contained code, while preparing for the ability to handle multiple keypairs. Also provide two additional functions that allow a public certificate and private key to be set with a single function call. ok beck@
2016-04-28	Rework the error handling in libtls so that we can associate errors with	jsing	5	-28/+90
	both configuration and contexts. This allows us to propagate errors that occur during configuration, rather than either just failing with no reason or delaying the failure until it can be propagated via the tls context. Also provide a tls_config_error() function for retrieving the last error from a tls_config *. ok bcook@
2016-04-28	don't go into an unbreakable infinite loop during operations such	tedu	2	-2/+4
	as reading passwords. allow ^C to break. the pain was mine, the fix is miod's.
2016-04-28	Update regress test to reflect changes in the cipher list.	jsing	1	-61/+62

2016-04-28	Implement the IETF ChaCha20-Poly1305 cipher suites.	jsing	10	-92/+336
	Rename the existing ChaCha20-Poly1305 cipher suites with an "-OLD" suffix, effectively replaces the original Google implementation. We continue to support both the IETF and Google versions, however the existing names now refer to the ciphers from draft-ietf-tls-chacha20-poly1305-04. Feedback from doug@
2016-04-28	Update AEAD regress to match EVP_aead_chacha20_poly1305() changes.	jsing	2	-83/+83

2016-04-28	Rename EVP_aead_chacha20_poly1305() to EVP_aead_chacha20_poly1305_old()	jsing	6	-30/+30
	and replace with EVP_aead_chacha20_poly1305_ietf(). The IETF version will become the standard version. Discussed with many.
2016-04-26	add "dns" to openssl ocsp	semarie	1	-2/+2
	problem reported by Alexandre (kAworu) ok beck@ deraadt@ sthen@
2016-04-25	Allow setenv(3) and putenv(3) to operate on a NULL environ pointer.	millert	1	-11/+15
	The getenv(3) and unsetenv(3) functions already support this. This will make it easier to emulate the glibc clearenv() function in ports. Based on a diff from and OK jca@
2016-04-24	no more outlen; from remco	jmc	1	-5/+3
	ok bcook deraadt
2016-04-24	typos;	jmc	1	-3/+3

2016-04-19	fix typo in comment; ok beck	tj	2	-4/+4

2016-04-13	Use the correct iv and counter when decrypting the ciphertext for	jsing	2	-8/+8
	EVP_aead_chacha20_poly1305_ietf().
2016-04-13	After opening an AEAD, ensure that the decrypted output matches the	jsing	1	-0/+5
	plaintext for the regress test case.
2016-04-12	two times a define to an inline function, from Michael McConville; ok djm@	otto	1	-10/+19

2016-04-09	tweak MALLOC_STATS printing (switched off by default), prodded by	otto	1	-14/+14
	Michael McConville
2016-04-09	redundant memset(3), from Michael McConville, ok armani@	otto	1	-2/+1

2016-04-07	hexidecimal->hexadecimal; from mmcc	jmc	1	-4/+4
	ok beck
2016-04-05	Prefer _MUTEX_LOCK over _THREAD_PRIVATE_MUTEX_LOCK() when thread-specific	guenther	2	-8/+8
	data isn't necessary. ok mpi@, ok&tweak natano@
2016-04-05	Update example in comment: setlogin doesn't use {PROTO,DEF}_WRAP() now	guenther	1	-8/+8

2016-04-03	Document ``use after free'' error message	otto	1	-2/+4

2016-03-30	for some time now mandoc has not required MLINKS to function	jmc	7	-1233/+7
	correctly - logically complete that now by removing MLINKS from base; authors need only to ensure there is an entry in NAME for any function/ util being added. MLINKS will still work, and remain for perl to ease upgrades; ok nicm (curses) bcook (ssl) ok schwarze, who provided a lot of feedback and assistance ok tb natano jung
2016-03-27	Merge a memleak fix from BoringSSL 6b6e0b2:	mmcc	2	-2/+6
	https://boringssl.googlesource.com/boringssl/+/6b6e0b20893e2be0e68af605a60ffa2cbb0ffa64%5E!/#F0 ok millert@, beck@
2016-03-26	fix the last bunch of NAME sections that were overlooked earlier	schwarze	1	-2/+9
	such that the MLINKS removal can be committed after this; OK jmc@
2016-03-21	Return zero from two functions on allocation failure instead of always	mmcc	4	-8/+8
	returning one (indicating success). Each function has only a single usage, and both usages check the return value. Merged from BoringSSL 0ce78a757d815c0dde9ed5884229f3a5b2cb3e9c: https://boringssl.googlesource.com/boringssl/+/0ce78a757d815c0dde9ed5884229f3a5b2cb3e9c%5E!/#F0 ok beck@
2016-03-20	" the the " -> " the ", or in a couple of cases replace the superfluous	krw	9	-13/+13
	"the" with the obviously intended word. Started with a "the the" spotted by Mihal Mazurek.
2016-03-17	properly guard to macros	mmcc	1	-5/+5
	ok otto@
2016-03-17	explicit_bzero for asn1 objects on free. Too often these contain sensitive ↵	beck	2	-48/+54
	information and they should not be a performance bottleneck ok miod@ krw@
2016-03-15	'accomodate' -> 'accommodate' in comments.	krw	10	-18/+18
	Started by diff from Mical Mazurek.
2016-03-14	small step towards multiple pools: move two globls into the struct dir_info	otto	1	-112/+126
	ok @stefan armani@
2016-03-13	environ and __progname are not declared in a public header; declare them	guenther	4	-10/+4
	in libc's hidden/stdlib.h instead of in each .c file that needs one ok deraadt@ gsoares@ mpi@
2016-03-13	check return value for BN_hex2bn in regression tests	bcook	1	-4/+10

2016-03-13	Fix examples for EVP_PKEY_CTX_set_rsa_padding.	bcook	4	-4/+4
	Noted here, https://github.com/libressl-portable/portable/issues/161, we document a non-existent constant in the examples for EVP_PKEY_CTX_set_rsa_padding. ok deraadt@
2016-03-12	Add error handling to the remaining calls to bn_wexpand().	bcook	4	-32/+46
	Noticed by pascal-cuoq from Github: https://github.com/libressl-portable/openbsd/issues/56 ok beck@
2016-03-12	Remove sentences in RETURN VALUES sections saying that functions with	mmcc	28	-79/+14
	void return types 'return no value'. This is obvious and therefore unneccessary to mention. We spare rewind(3)'s sentence because espie@ pointed out that it's a warning - the function masks a potential error. This commit also adds a sentence to X509_free clarifying that it's NULL-safe. This bit was discussed with doug@. ok martijn@, sentiment supported by schwarze@
2016-03-12	Bump for LibreSSL 2.4.0	bcook	2	-6/+6

2016-03-11	X509_free(3) is NULL-safe, so remove NULL checks before its calls.	mmcc	30	-148/+92
	ok doug@
2016-03-10	http -> https for a few more IETF URLs in comments or man pages	mmcc	6	-14/+14

2016-03-10	un-vax;	jmc	1	-3/+3

2016-03-07	http -> https for IETF/IANA URLs in comments	mmcc	2	-8/+8

2016-03-06	explict_bzero for some asn1 free's - ok miod@	beck	4	-6/+18

2016-03-06	Make sure stdio functions don't end up in the library, from miod@	beck	7	-15/+39
	ok doug@ bcook@
2016-03-04	graduate bn_expand() to a real function. the openssl version of this	deraadt	4	-8/+32
	uses a macro with multiple-evaluations of arguments (different amount than the previous version..), but doug/bcook's inline version makes BIGNUM not opaque [problem spotted by naddy] ok doug