| Commit message (Collapse) | Author | Files | Lines | ||
|---|---|---|---|---|---|
| 2018-08-27 | tweak failure messages | tb | 1 | -9/+9 | |
| 2018-08-27 | dedup AES-CBC-PKCS5 encryption and decryption checks | tb | 1 | -66/+24 | |
| 2018-08-27 | 2x missing "..." | tb | 1 | -3/+3 | |
| 2018-08-27 | Run Wycheproof AES-CCM testvectors against libcrypto. | tb | 1 | -2/+200 | |
| 2018-08-27 | n2s and l2n3 finally bite the dust! | jsing | 1 | -7/+1 | |
| 2018-08-27 | Convert ssl3_get_cert_verify() to CBS and clean up somewhat. | jsing | 1 | -74/+72 | |
| ok inoguchi@ | |||||
| 2018-08-27 | Dedup DTLS header writing code and convert to CBB. | jsing | 1 | -25/+35 | |
| There are three versions of the DTLS header writing code, which primarily differ by the fragment offset and fragment length values that differ. Rework dtls1_write_message_header() such that it can be used in all three cases and convert it to CBB in the process. ok inoguchi@ tb@ | |||||
| 2018-08-27 | Add some missing statics. | jsing | 2 | -5/+5 | |
| 2018-08-27 | Simplify new session ticket encoding/generation. | jsing | 3 | -84/+90 | |
| The original code did a crazy encode/malloc/encode/decode/modify/encode dance, in order to encode a session in the form needed to encrypt then add to a session ticket. By modifying the encoding functions slightly, we can do this entire dance as a single encode. Inspired by similar changes in BoringSSL. ok inoguchi@ tb@ | |||||
| 2018-08-27 | Fix formatting and grammatical issues with the description of how to use | jsing | 1 | -19/+17 | |
| i2d_SSL_SESSION. Also rework the example code so that it is clearer and uses more appropriate names. Input from and ok schwarze@, tb@ | |||||
| 2018-08-27 | Add protocol and cipher patterns in regress appstest.sh | inoguchi | 1 | -18/+88 | |
| 2018-08-26 | fix the same "an non" issue found by tb in EVP_EncryptInit.3; | jmc | 1 | -3/+3 | |
| 2018-08-26 | Check return value of EVP_CipherInit_ex() | tb | 1 | -6/+15 | |
| 2018-08-26 | Run Wycheproof AES-CBC-PKCS5 testvectors against libcrypto. | tb | 1 | -1/+189 | |
| 2018-08-26 | Remove some redundant info from log.Fatalf | tb | 1 | -2/+2 | |
| 2018-08-26 | simplify returned value | tb | 1 | -2/+2 | |
| 2018-08-26 | Some of the functions in this manual need <openssl/dsa.h>, others | tb | 1 | -3/+45 | |
| need <openssl/x509.h>. The functions {d2i,i2d}_DSA_params_{bio,fp}(3) were missing from the manual, so document them. The return values of the i2d_* functions are left undocumented, as these still need to be audited. ok schwarze (lots of input and help as usual) | |||||
| 2018-08-26 | typo: an nonce -> a nonce | tb | 1 | -3/+3 | |
| 2018-08-26 | Stop s_server if error occurs in regress appstest.sh | inoguchi | 1 | -4/+13 | |
| 2018-08-25 | Also run DSA tests with the PEM encoded public key. | tb | 1 | -2/+22 | |
| 2018-08-24 | update usage for pkcs8; | jmc | 1 | -10/+9 | |
| ok tb | |||||
| 2018-08-24 | tweak previous; | jmc | 1 | -3/+3 | |
| 2018-08-24 | crank majors after symbol addition/modification/removal | tb | 3 | -6/+6 | |
| 2018-08-24 | Adjust documentation for SSL_copy_session_id() | tb | 1 | -8/+7 | |
| ok jsing | |||||
| 2018-08-24 | Let SSL_copy_session_id() return an int for error checking. | tb | 3 | -28/+31 | |
| Accordingly, add some error checking to SSL_copy_session_id(), BIO_ssl_copy_session_id(), and SSL_dup(). Prompted by OpenSSL commit 17dd65e6e1f Tested in a bulk build by sthen ok jsing | |||||
| 2018-08-24 | Add const to EVP_PKCS82PKEY(). | tb | 2 | -4/+4 | |
| tested in a bulk by sthen ok jsing | |||||
| 2018-08-24 | Add consts to EVP_PKEY_asn1_set_private() | tb | 8 | -16/+16 | |
| Requires adding a const to the priv_decode() member of EVP_PKEY_ASN1_METHOD and adjusting all *_priv_decode() functions. All this is already documented this way. tested in a bulk build by sthen ok jsing | |||||
| 2018-08-24 | After removing support for broken PKCS#8 formats (it was high time), | tb | 7 | -22/+19 | |
| we can add const to PKCS8_pkey_get0(). In order for this to work, we need to sprinkle a few consts here and there. tested in a bulk by sthen ok jsing | |||||
| 2018-08-24 | The broken pkcs8 formats generated by openssl pkcs -{embed,nooct,nsdb} | tb | 1 | -22/+2 | |
| are no longer supported. Remove their documentation. ok jsing | |||||
| 2018-08-24 | Stop handling broken PKCS#8 formats in openssl(1). | tb | 1 | -52/+2 | |
| ok jsing | |||||
| 2018-08-24 | Remove EVP_PKEY2PKCS8_broken() and PKCS8_set_broken() | tb | 5 | -98/+46 | |
| Provide PKCS8_pkey_add1_attr_by_NID() and PKCS8_pkey_get0_attrs(). Remove the whole broken code and simplify pkcs8_priv_key_info_st accordingly. Based on OpenSSL commit 54dbf42398e23349b59f258a3dd60387bbc5ba13 plus some const that was added later. tested in a bulk build by sthen ok jsing | |||||
| 2018-08-24 | Document const change for OCSP_cert_to_id() | tb | 1 | -4/+4 | |
| ok jsing | |||||
| 2018-08-24 | Add const to two arguments of OCSP_cert_to_id() | tb | 2 | -6/+7 | |
| tested in a bulk by sthen ok jsing | |||||
| 2018-08-24 | Provide X509_get0_serialNumber() | tb | 3 | -2/+10 | |
| tested in a bulk by sthen ok jsing | |||||
| 2018-08-24 | Turn a number of #defines into proper functions with prototypes matching | tb | 5 | -18/+80 | |
| those that OpenSSL has had for ages. ok jsing | |||||
| 2018-08-24 | Change PEM_Sign{Init,Update}() to return an int. | tb | 2 | -8/+8 | |
| tested in a bulk by sthen ok jsing | |||||
| 2018-08-24 | Check return value of EVP_EncodeUpdate() in PEM_write_bio(). | tb | 1 | -2/+3 | |
| ok jsing | |||||
| 2018-08-24 | Check return value of EVP_EncodeUpdate() in b64_write(). | tb | 1 | -3/+4 | |
| ok jsing | |||||
| 2018-08-24 | Convert EVP_EncodeUpdate() to return an int to allow for error | tb | 2 | -8/+10 | |
| checking. Matches our documented behavior. Based on OpenSSL commit c5ebfcab713a82a1d46a51c8c2668c419425b387 tested in a bulk by sthen ok jsing | |||||
| 2018-08-24 | Provide EVP_CIPHER_CTX_encrypting(). | tb | 3 | -2/+10 | |
| tested in a bulk by sthen ok jsing | |||||
| 2018-08-24 | unifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE. | jsing | 2 | -26/+3 | |
| This code has been rotting since 2006. ok bcook@ tb@ | |||||
| 2018-08-24 | Document prototype change and return values for BIO_set_cipher() | tb | 1 | -3/+5 | |
| ok jsing | |||||
| 2018-08-24 | Return an int in BIO_set_cipher() to be able to report errors. | tb | 2 | -13/+22 | |
| tested in a bulk by sthen ok jsing | |||||
| 2018-08-24 | In DSO_up_ref(), check return value of CRYPTO_add() and report | tb | 1 | -3/+5 | |
| failure accordingly. ok jsing | |||||
| 2018-08-24 | In ENGINE_up_ref(), check return value of CRYPTO_add() and report | tb | 1 | -3/+5 | |
| failure accordingly. ok jsing | |||||
| 2018-08-24 | Document new prototype and return values of X509_OBJECT_up_ref_count() | tb | 1 | -3/+6 | |
| ok jsing | |||||
| 2018-08-24 | Make X509_OBJECT_up_ref_count return an int. | tb | 2 | -9/+7 | |
| Based on OpenSSL commit c5ebfcab713a82a1d46a51c8c2668c419425b387 tested in a bulk by sthen ok jsing | |||||
| 2018-08-24 | Update documentation of CRYPTO_mem_leaks*. | tb | 1 | -6/+12 | |
| ok jsing | |||||
| 2018-08-24 | Let CRYPTO_mem_leaks{,_fp,_cb}() return -1. | tb | 2 | -12/+12 | |
| These functions are no-ops. Their signature was changed by OpenSSL to allow error checking. This way we return an error and do not indicate the (non-)existence of memory leaks. tested in a bulk by sthen ok jsing | |||||
| 2018-08-24 | Simplify session ticket parsing/handling. | jsing | 4 | -69/+46 | |
| The original implementation is rather crazy and means that we effectively have two lots of code that parse a ClientHello and two lots of code that parse TLS extensions. Partially simplify this by passing a CBS containing the extension block through to the session handling functions, removing the need to reimplement the ClientHello parsing. While here standarise on naming for session_id and session_id_len. ok inoguchi@ tb@ | |||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |