| Commit message (Collapse) | Author | Files | Lines | ||
|---|---|---|---|---|---|
| 2023-11-22 | typo: mutiple -> multiple | op | 1 | -2/+2 | |
| from Ryan Kavanagh (rak [at] debian [dot] org), ok tb@ | |||||
| 2023-11-22 | Unhook and remove the now even more useless ssl_algs.c than it was before. | tb | 2 | -68/+1 | |
| ok jsing | |||||
| 2023-11-22 | Make SSL_library_init() a wrapper of OPENSSL_init_ssl() | tb | 2 | -61/+9 | |
| This way it doesn't do nonsensical work for all those who cargo culted an init sequence. There's no point in having SSL_library_init() as a cheaper version of OPENSSL_init_ssl(): once you do crypto, you'll init crypto... Also move the now trivial implementation to ssl_init.c which has a good license. ok jsing | |||||
| 2023-11-22 | Stop calling SSL_library_init() from OPENSSL_init_ssl_internal() | tb | 1 | -2/+1 | |
| It's pointless: all the ciphers and digests added by SSL_library_init() are already added by OPENSSL_init_crypto(), which was already called at that point. ok jsing | |||||
| 2023-11-22 | Move SSL_library_init() next to OPENSSL_init_ssl() | tb | 1 | -3/+2 | |
| Its current position makes no sense and it will become a wrapper of the latter in a subsequent commit. ok jsing | |||||
| 2023-11-21 | ec_print.c: Unwrap a line | tb | 1 | -3/+2 | |
| 2023-11-21 | Inline a better version of print_bin() in only caller | tb | 1 | -42/+27 | |
| Instead of printing to a temporary buffer with weird gymnastics, we can simply write things out to the BIO using proper indent. This still isn't perfect since we have a CBS version of this in ecx_buf_print(), which is basically what used to be ASN1_buf_print(). Annotate this with an XXX for future cleanup. ok beck | |||||
| 2023-11-21 | Make a few purpose things const | tb | 4 | -11/+11 | |
| This should allow us to constify a sizable table in libcrypto in an upcoming bump. | |||||
| 2023-11-21 | Fix a <= 5-byte buffer overwrite in print_bin() | tb | 1 | -2/+3 | |
| If the offset is > 124, this function would overwrite between 1 and 5 bytes of stack space after str[128]. So for a quick fix extend the buffer by 5 bytes. Obviously this is the permanent fix chosen elswehere. The proper fix will be to rewrite this function from scratch. Reported in detail by Masaru Masuda, many thanks! Fixes https://github.com/libressl/openbsd/issues/145 begrudging ok from beck | |||||
| 2023-11-20 | Still need engine.h for ENGINE_free() | tb | 1 | -1/+2 | |
| But do away with the OPENSSL_NO_ENGINE dance. | |||||
| 2023-11-19 | Mark up an occurrence of ENGINE | tb | 1 | -2/+3 | |
| 2023-11-19 | ENGINE can no longer have ex_data attached to it | tb | 1 | -3/+3 | |
| 2023-11-19 | Remove musings how ENGINE may or may not screw everything up. | tb | 1 | -23/+2 | |
| 2023-11-19 | Remove ENGINE mention in RSA_new() | tb | 1 | -14/+6 | |
| 2023-11-19 | OPENSSL_config() no longer calls ENGINE_load_builtin_engines() | tb | 1 | -5/+4 | |
| 2023-11-19 | ENGINE_add_conf_module() no longer exists | tb | 1 | -8/+2 | |
| 2023-11-19 | Remove ENGINE Xr that I left behind | tb | 1 | -2/+1 | |
| 2023-11-19 | zap stray comma | tb | 1 | -2/+2 | |
| 2023-11-19 | Unifdef OPENSSL_NO_ENGINE in libssl | tb | 5 | -69/+5 | |
| As usual, a few manual fixes to avoid duplicate lines. ok jsing | |||||
| 2023-11-19 | Manually unifdef OPENSSL_NO_ENGINE in ssl_clnt.c | tb | 1 | -17/+4 | |
| This allows us to simplify ssl_do_client_cert_cb() a bit. ok jsing | |||||
| 2023-11-19 | Rename an ENGINE from e to engine for consistency | tb | 1 | -2/+2 | |
| 2023-11-19 | Unifdef OPENSSL_NO_ENGINE in libcrypto | tb | 21 | -431/+21 | |
| This is mechanical apart from a few manual edits to avoid doubled empty lines. ok jsing | |||||
| 2023-11-19 | Unifdef OPENSSL_NO_ENGINE in pmeth_lib.c | tb | 1 | -41/+3 | |
| This includes a manual intervention for the call to EVP_PKEY_meth_find() which ended up in the middle of nowhere. ok jsing | |||||
| 2023-11-19 | Unifdef OPENSSL_NO_ENGINE in engine.h | tb | 1 | -566/+8 | |
| Also rip out all the gross, useless comments. There's still too much garbage in here... ok jsing | |||||
| 2023-11-19 | Also mention ENGINE_{cleanup,{ctrl_cmd{,_string}() | tb | 1 | -3/+29 | |
| 2023-11-19 | Remove last OPENSSL_NO_ENGINE from libssl regress | tb | 1 | -7/+1 | |
| 2023-11-19 | Unifdef OPENSSL_NO_ENGINE in libcrypto regress | tb | 8 | -68/+8 | |
| 2023-11-19 | Missing period | tb | 1 | -2/+2 | |
| 2023-11-19 | fix grammar | tb | 1 | -2/+2 | |
| 2023-11-19 | Remove remaining ENGINE manuals | tb | 11 | -1988/+1 | |
| They document functionality that no longer exists. | |||||
| 2023-11-19 | Strip mention of ENGINE out of *_set_method.3 | tb | 3 | -98/+26 | |
| 2023-11-19 | Strip out mentions of ENGINE_load_builtin_engines() | tb | 1 | -7/+4 | |
| There's probably more that needs to be updated here, but that can be done another day. | |||||
| 2023-11-19 | ex data for ENGINEs is no longer a thing | tb | 1 | -9/+2 | |
| 2023-11-19 | Remove section explaining how great and flexible ENGINE is and | tb | 1 | -28/+2 | |
| remove two Xr to ENGINE manuals. | |||||
| 2023-11-19 | Remove obsolete engine configuration section | tb | 1 | -106/+2 | |
| 2023-11-19 | Document the remaining ENGINE stubs in a single manual | tb | 1 | -146/+103 | |
| 2023-11-19 | EVP_PKEY_encrypt() simplify example | tb | 1 | -6/+4 | |
| In particular, do not use an uninitialized engine, simply pass NULL. | |||||
| 2023-11-19 | openssl pkcs12: rewrite without reaching into X509_ALGOR | tb | 1 | -7/+10 | |
| We can call ASN1_item_unpack() which will end up stuffing the same arguments into ASN1_item_d2i() as d2i_PBEPARAM(). This eliminates the last struct access into X509_ALGOR outside libcrypto in the base tree. ok jsing | |||||
| 2023-11-19 | openssl ts: convert to X509_ALGOR_set0() | tb | 1 | -5/+8 | |
| ok jsing | |||||
| 2023-11-18 | Check for negative EVP_CIPHER_CTX_iv_length() return in libssl | tb | 2 | -9/+13 | |
| ok beck | |||||
| 2023-11-18 | Forgot to fix one unsigned int vs int confusion | tb | 1 | -3/+3 | |
| CID 468015 | |||||
| 2023-11-18 | Check for negative IV length | tb | 5 | -27/+45 | |
| A recent change in EVP_CIPHER_CTX_iv_length() made it possible in principle that this function returns -1. This can only happen for an incorrectly set up EVP_CIPHER. Still it is better form to check for negative lengths before stuffing it into a memcpy(). It would probably be desirable to cap the iv_length to something large enough. This can be done another time. ok beck | |||||
| 2023-11-16 | Mention which functions are implemented as macros in the few cases | schwarze | 13 | -34/+76 | |
| where that information was missing. | |||||
| 2023-11-16 | drop some duplicate statements about macros | schwarze | 4 | -23/+10 | |
| 2023-11-16 | fix wrong macro | schwarze | 1 | -3/+3 | |
| 2023-11-16 | delete lots of stuff that no longer exists | schwarze | 1 | -300/+17 | |
| 2023-11-16 | fix typo: exdata -> ex_data | schwarze | 1 | -4/+4 | |
| 2023-11-16 | Minimal fix to unbreak OPENSSL_{gmtime,timegm}(3) | tb | 1 | -15/+18 | |
| I was told not to look since it will magically get fixed. Fine. I'd still have expected a minimal amount of care so that the manpage isn't totally dysfunctional and missing text in the right places. Sigh. | |||||
| 2023-11-15 | Drop some unnecessary parentheses | tb | 1 | -19/+19 | |
| 2023-11-15 | Shuffle getters and adders down a bit | tb | 1 | -34/+30 | |
| These use static helper functions which don't need prototypes this way. | |||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |