| Commit message (Collapse) | Author | Files | Lines | ||
|---|---|---|---|---|---|
| 2022-01-07 | zap trailing whitespace | tb | 1 | -9/+9 | |
| 2022-01-07 | Let dtlstest peek into bio_local.h | tb | 2 | -2/+4 | |
| 2022-01-07 | Add a new, mostly empty, bio_local.h and include it in the files | tb | 23 | -22/+128 | |
| that will need it in the upcoming bump. discussed with jsing | |||||
| 2022-01-06 | refer to longindex as an argument, not a field; | jmc | 1 | -3/+3 | |
| from uwe@netbsd -r1.22 ok millert | |||||
| 2022-01-06 | Revise for change to tls_key_share_peer_public() | jsing | 1 | -3/+2 | |
| 2022-01-06 | Convert legacy TLS client to tls_key_share. | jsing | 7 | -256/+181 | |
| This requires adding DHE support to tls_key_share. In doing so, tls_key_share_peer_public() has to lose the group argument and gains an invalid_key argument. The one place that actually needs the group check is tlsext_keyshare_client_parse(), so add code to do this. ok inoguchi@ tb@ | |||||
| 2022-01-06 | Allocate and free the EVP_AEAD_CTX struct in tls13_record_protection. | jsing | 1 | -7/+13 | |
| This brings the code more in line with the tls12_record_layer and reduces the effort needed to make EVP_AEAD_CTX opaque. Prompted by and ok tb@ | |||||
| 2022-01-06 | Add regress tests for ASN1_BIT_STRING. | jsing | 1 | -2/+113 | |
| 2022-01-06 | Add a comment that explains why build_addr_block_tests isn't const | tb | 2 | -3/+8 | |
| 2022-01-06 | Convert SCT verification to CBB. | jsing | 1 | -56/+57 | |
| ok inoguchi@ tb@ | |||||
| 2022-01-06 | Sync from libssl. | jsing | 2 | -2/+21 | |
| 2022-01-06 | Test CBB_add_u64() | jsing | 1 | -2/+6 | |
| 2022-01-06 | Provide CBB_add_u64() | jsing | 2 | -2/+21 | |
| Prompted by and ok tb@ | |||||
| 2022-01-06 | minor tweaks, no code change | tb | 1 | -4/+3 | |
| Adjust a comment to reality, zap a stray empty line and fix whitespace before comment after #endif | |||||
| 2022-01-06 | With openssl-ruby-tests 20220105, test_post_connection_check_wildcard_san | tb | 1 | -2/+2 | |
| is now an unexpected pass, so remove it from the expected failures. | |||||
| 2022-01-06 | Free memory before assign to avoid leak | inoguchi | 1 | -1/+7 | |
| CID 313263 313301 313322 | |||||
| 2022-01-06 | Free memory if error occurred | inoguchi | 1 | -2/+4 | |
| 2022-01-06 | Remove NULL check before free | inoguchi | 1 | -3/+2 | |
| 2022-01-06 | Fix a copy-paste error that led to an out-of-bounds access. | tb | 1 | -2/+2 | |
| Found via a crash on bluhm's i386 regress test box | |||||
| 2022-01-06 | Add test coverage for SCT validation. | jsing | 4 | -7/+116 | |
| Of note, the public APIs for this mean that the only way you can add a CTLOG is by reading a configuration file from disk - there is no programmatic way to do this. | |||||
| 2022-01-06 | t_syscall was a test for the gcc 1.x off_t syscall padding, | guenther | 2 | -125/+2 | |
| which was an implementation detail and has been deleted, so delete the test | |||||
| 2022-01-05 | Prepare to provide DSA_bits() | tb | 2 | -2/+11 | |
| Used by Qt5 and Qt6 and slightly reduces the patching in there. ok inoguchi jsing | |||||
| 2022-01-05 | Prepare to provide BIO_set_retry_reason() | tb | 2 | -2/+11 | |
| Needed by freerdp. ok inoguchi jsing | |||||
| 2022-01-05 | Prepare to provide a number of RSA accessors | tb | 2 | -2/+67 | |
| This adds RSA_get0_{n,e,d,p,q,dmp1,dmq1,iqmp,pss_params}() which will be exposed in the upcoming bump. ok inoguchi jsing | |||||
| 2022-01-05 | Prepare to provide ECDSA_SIG_get0_{r,s}() | tb | 2 | -2/+19 | |
| ok inoguchi jsing | |||||
| 2022-01-05 | Prepare to provide DH_get_length() | tb | 2 | -2/+11 | |
| Will be needed by openssl(1) dhparam. ok inoguchi jsing | |||||
| 2022-01-05 | Prepare to provide DSA_get0_{p,q,g,{priv,pub}_key}() | tb | 2 | -2/+39 | |
| ok inoguchi jsing | |||||
| 2022-01-05 | Prepare to provide DH_get0_{p,q,g,{priv,pub}_key}() | tb | 2 | -2/+39 | |
| These are accessors that allow getting one specific DH member. They are less error prone than the current getters DH_get0_{pqg,key}(). They are used by many ports and will also be used in base for this reason. Who can remember whether the pub_key or the priv_key goes first in DH_get0_key()? ok inoguchi jsing | |||||
| 2022-01-05 | Prepare to provide BIO_set_next(). | tb | 2 | -2/+11 | |
| This will be needed in libssl and freerdp after the next bump. ok inoguchi jsing | |||||
| 2022-01-05 | Prepare to provide X509_{set,get}_verify() and X509_STORE_get_verify_cb() | tb | 2 | -7/+37 | |
| as well as the X509_STORE_CTX_verify_cb and X509_STORE_CTX_verify_fn types This will fix the X509_STORE_set_verify_func macro which is currently broken, as pointed out by schwarze. ok inoguchi jsing | |||||
| 2022-01-05 | Unindent a few lines of code and avoid shadowed variables. | tb | 1 | -12/+7 | |
| 2022-01-05 | Rename {c,p}_{min,max} into {child,parent}_{min,max} | tb | 1 | -7/+8 | |
| 2022-01-05 | Two minor KNF tweaks | tb | 1 | -5/+5 | |
| 2022-01-05 | Use child_aor and parent_aor instead of aorc and aorp | tb | 1 | -15/+15 | |
| suggested by jsing | |||||
| 2022-01-05 | Rename fp and fc into parent_af and child_af for readability. | tb | 1 | -24/+29 | |
| suggested by jsing | |||||
| 2022-01-05 | Globally rename all IPAddressFamily *f into af since this is slightly | tb | 1 | -64/+65 | |
| more readable. Repeated complaints by jsing | |||||
| 2022-01-05 | Add a helper function to turn unchecked (but sound) use of | tb | 1 | -13/+18 | |
| sk_find + sk_value into something easier to follow and swallow. ok inoguchi jsing | |||||
| 2022-01-05 | Hoist IPAddressFamily_cmp() to the other IPAddressFamily functions. | tb | 1 | -29/+29 | |
| ok inoguchi jsing | |||||
| 2022-01-05 | Call x a cert for readability. | tb | 1 | -13/+13 | |
| 2022-01-05 | Now that i is free, rename j to i for use as loop variable in | tb | 1 | -10/+10 | |
| various loops in addr_validate_path_internal(). | |||||
| 2022-01-05 | In addr_validate_path_internal() rename i to depth because that's | tb | 1 | -17/+15 | |
| what it is. | |||||
| 2022-01-05 | Turn the validation_err() macro into a function | tb | 1 | -31/+44 | |
| validation_err() is an ugly macro with side effects and a goto in it. At the cost of a few lines of code we can turn this into a function where the side effects are explicit and ret is now explicitly set in the main body of addr_validate_path_internal(). We get to a point where it is halfway possible to reason about the convoluted control flow in this function. ok inoguchi jsing | |||||
| 2022-01-05 | Move variable declarations in X509v3_addr_canonize() to the top of | tb | 1 | -17/+19 | |
| the function and unindent some code. ok inoguchi jsing | |||||
| 2022-01-05 | Revise for tls13_key_share rename. | jsing | 1 | -11/+11 | |
| 2022-01-05 | Rename tls13_key_share to tls_key_share. | jsing | 9 | -91/+97 | |
| In preparation to use the key share code in both the TLSv1.3 and legacy stacks, rename tls13_key_share to tls_key_share, moving it into the shared handshake struct. Further changes will then allow the legacy stack to make use of the same code for ephemeral key exchange. ok inoguchi@ tb@ | |||||
| 2022-01-05 | Wrap long lines and add some braces | inoguchi | 1 | -74/+129 | |
| 2022-01-05 | Check function return value | inoguchi | 1 | -8/+18 | |
| 2022-01-05 | Checking pointer variable with NULL | inoguchi | 1 | -74/+75 | |
| 2022-01-05 | Use calloc instead of malloc | inoguchi | 1 | -2/+2 | |
| suggested by tb@ | |||||
| 2022-01-05 | Check NULL first and unindent the rest of the code | inoguchi | 1 | -41/+45 | |
| suggested by tb@ | |||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |