openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Files	Lines
2014-05-27	Fix ia64 cross-gcc target.	tobiasu	2	-0/+6
	opensslconf.h is just a dummy, we're lightyears away from working userspace. ok deraadt@
2014-05-26	Replace the following logic:	miod	4	-68/+98
	if (nothing to allocate) ptr = malloc(1) else { if ((ptr = malloc(size to allocate)) memcpy(ptr, data to copy, size to allocate) } if (ptr == NULL) OMG ERROR with a saner logic where the NULL pointer check if moved to the actual malloc branch, so that we do not need to malloc a single byte, just to avoid having a NULL pointer. Whoever thought allocating a single byte was a smart idea was obviously not taking his meds. ok beck@ guenther@
2014-05-26	Unchecked malloc() return value in SSL_COMP_add_compression_method(), in the	miod	2	-0/+8
	!OPENSSL_NO_COMP case. Does not affect OpenBSD as we compile the opposite code path.
2014-05-26	We don't really to keep history in constructs such as:	miod	4	-24/+2
	#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
2014-05-26	tls_decrypt_ticket(): memory leak and uncleaned EVP_CIPHER_CTX upon error.	miod	2	-2/+8

2014-05-26	Make sure all error paths in dtls1_buffer_record() invoke SSLErr by	miod	2	-40/+24
	factoring error handling. ok jsing@
2014-05-26	There is no need to include <openssl/e_os2.h> here, except for the fact	jsing	5	-5/+2
	that it brings in <openssl/opensslconf.h>, so just do that instead (currently via apps.h).
2014-05-26	Update the aead regress to work with the improved EVP AEAD API.	jsing	1	-22/+14

2014-05-26	Implement an improved version of the EVP AEAD API. The	jsing	10	-212/+218
	EVP_AEAD_CTX_{open,seal} functions previously returned an ssize_t that was overloaded to indicate success/failure, along with the number of bytes written as output. This change adds an explicit *out_len argument which is used to return the number of output bytes and the return value is now an int that is purely used to identify success or failure. This change effectively rides the last libcrypto crank (although I do not expect there to be many users of the EVP AEAD API currently). Thanks to Adam Langley for providing the improved code that this diff is based on. ok miod@
2014-05-26	Use C99 initialisers for BIO_METHOD.	jsing	2	-18/+18

2014-05-26	KNF.	jsing	6	-720/+958

2014-05-26	repair some KNF missed by the script; ok jsing	deraadt	2	-12/+20

2014-05-26	KNF.	jsing	14	-1076/+1312

2014-05-26	KNF.	jsing	12	-2886/+3110

2014-05-26	move all stats collecting under MALLOC_STATS; ok krw@	otto	1	-28/+33

2014-05-25	Fix resource descriptor leaks.	logan	1	-0/+4
	CID: 966576 & 966577 OK from guenther@ and "Yup. looks good." from tedu@
2014-05-25	-noout mentions a CRL, which is incorrect. Use "no output of encoded session	logan	1	-1/+1
	info." instead. From Martin Kaiser. OK from tedu@
2014-05-25	heartbearts->heartbeats fix	logan	2	-2/+2
	From Marcos Marado: OK from tedu@
2014-05-25	calloc instead of malloc/memset. from Benjamin Baier	tedu	26	-80/+42

2014-05-25	"for every change..."	tedu	2	-2/+2

2014-05-25	remove OPENSSL_memcmp before somebody tries to use it. ok beck miod	tedu	2	-12/+0

2014-05-25	remove OPENSSL_isservice. not used internally, no sane posix software will	tedu	2	-12/+0
	call it, and windows service software can figure this out on its own. ok beck miod
2014-05-25	remove unused shit. from Alexander Schrijver	tedu	8	-42/+4

2014-05-25	define LIBRESSL_INTERNAL, and use it to hide the bad stuff from ourselves	tedu	4	-4/+8
	ok beck
2014-05-25	Remove TLS_DEBUG, SSL_DEBUG, CIPHER_DEBUG and OPENSSL_RI_DEBUG. Much of	jsing	18	-296/+0
	this is sporadic, hacked up and can easily be put back in an improved form should we ever need it. ok miod@
2014-05-25	There is little interest in supporting Watt-32 TCP/IP debugging. For	deraadt	1	-7/+0
	reference, check out http://www.watt-32.net/ ok jsing
2014-05-25	Turn off MemCheck_on and MemCheck_off. These calls are pointless since the	jsing	4	-30/+6
	crypto memory debugging code has been castrated. ok miod@ "kill it" beck@
2014-05-25	The ssl_ciper_get_evp() function is currently overloaded to also return the	jsing	13	-62/+107
	compression associated with the SSL session. Based on one of Adam Langley's chromium diffs, factor out the compression handling code into a separate ssl_cipher_get_comp() function. Rewrite the compression handling code to avoid pointless duplication and so that failures are actually returned to and detectable by the caller. ok miod@
2014-05-25	Whitespace fixes to align define values.	jsing	2	-170/+172

2014-05-24	In ssl_cipher_get_evp(), fix off-by-one in index validation before accessing	miod	2	-4/+4
	arrays. "kind of scary" deraadt@, ok guenther@
2014-05-24	I'm so sorry to learn that the Diab compiler can't (or used not to) parse C	miod	2	-10/+2
	code. Remove workaround.
2014-05-24	Use C99 initialisers for SSL3_ENC_METHOD structs.	jsing	8	-108/+126
	ok miod@
2014-05-24	Remove the _shadow_ indirection, which is unnecessary in a world without	jsing	6	-14/+8
	OPENSSL_EXPORT_VAR_AS_FUNCTION. ok miod@
2014-05-24	KNF.	jsing	30	-4436/+3826

2014-05-24	More KNF.	jsing	2	-4/+4

2014-05-24	Add the RFC 7027 test vectors; from OpenSSL HEAD	miod	1	-0/+171

2014-05-24	KNF.	jsing	8	-182/+182

2014-05-24	Enable three brainpool elliptic curves for TLS, as specified in RFC 7027;	miod	2	-2/+26
	from OpenSSL HEAD. ok beck@ deraadt@ jsing@
2014-05-24	Code using malloc() in ssl23_get_client_hello() got removed 12 years ago,	miod	2	-64/+54
	it's time to remove the test for a possible need to free(). ok jsing@
2014-05-24	Use sizeof(cryptopro_ext) instead of 36 when applicable.	miod	2	-8/+8
	ok jsing@
2014-05-24	Invoke OPENSSL_cleanse() with the size of the variable you are cleaning.	miod	2	-2/+2
	ok jsing@
2014-05-24	We have shared global variables - unifdef OPENSSL_EXPORT_VAR_AS_FUNCTION.	jsing	5	-146/+0
	ok miod@ beck@
2014-05-24	Move ssltest.c to a regress test.	jsing	7	-0/+330

2014-05-24	remove OPENSSL_malloc and CRYPTO_malloc goo from the regress tests.	beck	6	-77/+22
	ok miod@ jsing@ guenther@
2014-05-24	make this compile again - actually include stdio and friends ourselves.	beck	1	-1/+3

2014-05-24	Move the regress tests that are in lib/libssl to usr.sbin/openssl,	jsing	8	-245/+0
	since they are really testing openssl(1) (although this also tests libcrypto and libssl), rather than actual parts of the libssl library. Discussed with miod@
2014-05-24	Expand the OPENSSL_.GLOBAL. macros and stop including e_os2.h.	jsing	6	-16/+14
	ok miod@ beck@
2014-05-24	Include <openssl/opensslconf.h> - currently ssl.h is relying on it being	jsing	2	-2/+4
	pulled in elsewhere, even though it is makes use of the OPENSSL_NO_* defines. While here, remove kssl.h since it is a no-op. ok beck@ miod@
2014-05-24	DeIMPLEMENT libssl. Expand the IMPLEMENT_* macros since it is far more	jsing	24	-412/+1308
	readable and one less layer of abstraction. Use C99 initialisers for clarity, grepability and to protect from future field reordering/removal. ok miod@ (tedu@ also thought it was a wonderful idea, beck@ also agreed, but ran away squealing since it reminded him of the VOP layer...)
2014-05-24	Another e_os2.h -> opensslconf.h.	jsing	2	-2/+6