openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Files	Lines
2014-06-13	Remove deprecated RFC2292 ancillary data convenience functions.	chrisz	2	-488/+2
	They are obsoleted by the RFC3542 api. ok mpi@
2014-06-13	use getgentropy() call. If it fails, things are pretty bad --	deraadt	1	-8/+3
	call abort(). this direction discussed at length with miod beck tedu matthew etc
2014-06-13	use getentropy; from matthew	deraadt	1	-5/+2

2014-06-13	Use meaningful variable names, rather than i, j, k and cl.	jsing	1	-23/+27

2014-06-13	Do not bother trying to work out of we can reuse a cipher context - just	jsing	1	-22/+12
	throw it away and create a new one. This simplifies the code and also allows ASR to do its thing.
2014-06-13	Separate the comression handling from the cipher/message digest handling in	jsing	1	-43/+47
	ssl3_change_cipher_state().
2014-06-13	Swap compress/expand around so they are in the correct order - these ended	jsing	2	-28/+28
	up in the wrong order when the code was refactored.
2014-06-13	The export_key/export_iv variables are only used in the is_export case.	jsing	1	-7/+10
	Also use c rather than &c[0].
2014-06-13	Rename a bunch of variables in ssl3_change_cipher_state() for readability.	jsing	1	-38/+40
	This also brings it inline with tls1_change_cipher_state_cipher().
2014-06-13	Add ChaCha20-Poly1305 based ciphersuites.	jsing	10	-14/+162
	Based on Adam Langley's chromium patches. Tested by and ok sthen@
2014-06-13	Switch the AES-GCM cipher suites to SSL_CIPHER_ALGORITHM2_AEAD.	jsing	2	-42/+136

2014-06-13	Combine the MAC handling for both !EVP_CIPH_FLAG_AEAD_CIPHER and	jsing	2	-28/+22
	EVP_CIPH_FLAG_AEAD_CIPHER into the same if/else block.
2014-06-13	Use SSL3_SEQUENCE_SIZE and if we're going to preincrement we may as well	jsing	1	-4/+3
	do it properly.
2014-06-13	Add support for handling SSL_CIPHER_ALGORITHM2_AEAD ciphers, which are	jsing	8	-66/+498
	those that use EVP_AEAD instead ov EVP_CIPHER. This means being able to change cipher state with an EVP_AEAD and being able to encrypt/decrypt TLS using the EVP_AEAD. This has no change on existing non-SSL_CIPHER_ALGORITHM2_AEAD ciphers. Based on Adam Langley's chromium patches. Rides the recent libssl bump. Tested by sthen@
2014-06-13	Add an SSL_AEAD_CTX to enable the use of EVP_AEAD with an SSL cipher.	jsing	8	-8/+98
	Read and write contexts are also added to the SSL_CTX, along with supporting code. Based on Adam Langley's chromium diffs. Rides the recent SSL library bump.
2014-06-13	Remove support for the `opaque PRF input' extension, which draft has expired	miod	24	-700/+29
	7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major. With help and enlightenment from Brendan MacDonell.
2014-06-13	Add timingsafe_memcmp().	matthew	6	-38/+153
	ok deraadt, jmc, tedu
2014-06-13	Add regress tests for timingsafe_bcmp and timingsafe_memcmp.	matthew	3	-2/+86
	timingsafe_memcmp tests are disabled for now, pending its addition to libc.
2014-06-12	Add regress test for explicit_bzero.	matthew	3	-2/+145

2014-06-12	replace atoi() calls with strtol(). Follow the idiomatic pattern in our	deraadt	6	-80/+194
	manual page strictly. Return -2 if the strings are not strict numbers. The numbers remain in the range of "int". Range checking for these parameters is done later in the pkey_*_ctl() functions, or sometimes in functions much further downstream... but not always!!! ok millert miod mikeb
2014-06-12	tags as requested by miod and tedu	deraadt	1537	-1373/+1553

2014-06-12	Disable the "switch to insertion sort" optimization to avoid quadratic	millert	1	-13/+2
	behavior for certain inputs. From NetBSD. OK tedu@
2014-06-11	Really remove the obsolete manpages left by earlier commit	chrisz	2	-0/+0
	which just emptied the file but didn't remove it.
2014-06-11	Remove manpages about deprecated RFC2292 ancillary data convenience functions.	chrisz	4	-769/+4
	They are obsoleted by the RFC3542 api. ok mpi@
2014-06-11	Stop setting the EVP_MD_CTX_FLAG_NON_FIPS_ALLOW - it has been ignored since	jsing	9	-17/+0
	OpenSSL 1.0.0. ok miod@ (a little while back)
2014-06-11	Tsk. Tsk. Someone forgot to compile test the other half.	jsing	2	-4/+4

2014-06-11	Disable TLS support...	jsing	6	-16/+0
	Just kidding! unifdef OPENSSL_NO_TLS since we will never want to actually do that. ok deraadt@
2014-06-11	Provide support for non-funopen systems.	deraadt	3	-18/+62
	ok beck
2014-06-11	More KNF.	jsing	2	-112/+182

2014-06-11	Fix memory leak: free s if calloc fails.	logan	2	-2/+6
	(From Jonas Maebe) OK from beck@
2014-06-11	c-file-style hints, begone; ok beck	deraadt	94	-94/+94

2014-06-10	Check return value of EVP_MD_CTX_copy_ex() in ssl3_handshake_mac()	logan	1	-1/+3
	to avoid potential null pointer dereference. Based on david ramos work. OK from miod@ and jsing@
2014-06-10	stick with 16k buffers for a little while to avoid bufferbloat.	tedu	1	-2/+2
	atomicio writing out 64k in one direction will cause traffic in the other direction to stall until it's complete. discussion with deraadt
2014-06-10	increase buffer size to 64k, and actually use it. ok deraadt	tedu	1	-3/+3
	from John-Mark Gurney
2014-06-10	Abandon the auto-ENGINE /dev/crypto interface. VIA 3des cbc receives	deraadt	9	-2738/+4
	collateral damage. The syncronous nature of this mechanism has hampered performance for symmetric crypto relative to brute-force cpu. The assymetric crypto support never really materialized in drivers. So abandon the complexity. ok tedu beck mikeb some disagrement from djm but if he wants to test /dev/crypto ciphers he should do it without this this gigantic API in the way
2014-06-10	KNF.	jsing	16	-1512/+1512

2014-06-10	KNF.	jsing	22	-870/+1032

2014-06-10	Remove pointless casts and use c instead of &c[0], since it is the same	jsing	1	-9/+3
	thing for an unsigned char array. ok deraadt@
2014-06-10	In tls1_cert_verify_mac(), check the return value of EVP_MD_CTX_copy_ex()	jsing	2	-6/+10
	to avoid a possible NULL function call on ctx.final(). None of the callers currently check the return value of calls to cert_verify_mac(), however the function already returns 0 in another case and the MAC comparison will later fail. Issue reported by David Ramos.
2014-06-10	Use C99 initialisers for EVP_MD structs, for clarity, grepability and to	jsing	22	-360/+532
	protect from future field reordering/removal. No difference in generated assembly.
2014-06-10	More KNF.	jsing	1	-19/+18

2014-06-10	Avoid potential NULL pointer function calls in n_ssl3_mac() by checking	jsing	1	-2/+4
	the return value of EVP_MD_CTX_copy_ex(). If the copy fails early then EVP_DigestUpdate() will invoke md_ctx.update(), which will be a NULL function pointer. Analysis and patch from David Ramos. ok deraadt@
2014-06-10	Multiple fixes for ssl3_digest_cached_records() - if EVP_MD_CTX_create()	jsing	1	-8/+12
	fails, the NULL check will add an error but it does not abort. This will result in EVP_DigestInit_ex() being called with a NULL context. Also ensure that we check the return values from EVP_DigestInit_ex() and EVP_DigestUpdate(). ok deraadt@ miod@
2014-06-10	Ensure ssl3_final_finish_mac() returns failure if either the MD5 or SHA1	jsing	1	-5/+10
	handshake MAC calculation fails. Currently, the result from both ssl3_handshake_mac() calls is added together. This means that unless both MD5 and SHA1 fail, a positive value will be returned to the caller, indicating success rather than failure. ok deraadt@ miod@ sthen@
2014-06-10	mop up ifndef KERNEL goo; ok miod	deraadt	12	-60/+12

2014-06-09	use memset instead of bzero	deraadt	2	-4/+4

2014-06-09	do not include dso.h where it is not needed; ok miod	deraadt	6	-6/+0

2014-06-09	More KNF.	jsing	1	-11/+11

2014-06-08	Add an SSL_CIPHER_ALGORITHM2_AEAD flag that is used to mark a cipher as	jsing	4	-0/+114
	using EVP_AEAD. Also provide an EVP_AEAD-only equivalent of ssl_cipher_get_evp().
2014-06-08	Add a define for the SSLv3 sequence size and use it, rather than sprinkling	jsing	7	-14/+16
	magic numbers around. ok deraadt@