openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Files	Lines
2017-05-22	Instead of embedding pre-generated tables from McIlroy's "A Killer	millert	3	-1538/+315
	Adversary for Quicksort", just include the code to generate them. Also allow the number of elements to be specified on the command line.
2017-05-21	correct a return value test	jsg	1	-1/+1
	ok millert@
2017-05-20	Document that qsort falls back to heapsort() if the recursion depth	millert	1	-3/+13
	exceeds 2 lg N and add a reference to the introsort paper.
2017-05-20	Use David Musser's introsort algorithm to fall back to heapsort(3)	millert	2	-14/+45
	when the recursion depth reaches 2*lg(n + 1). This avoids quicksort's quadratic behavior for pathological input without appreciably changing the average run time.
2017-05-19	Add input targeted at the Bentley and McIrlroy quicksort generated	millert	1	-6/+1389
	by McIlroy's "A Killer Adversary for Quicksort". This results in quadratic behavior and the test aborts before completion.
2017-05-18	use mergesort instead of heapsort when comparing results	millert	1	-9/+17

2017-05-17	Avoid running the "killer" tests multiple times with the same	millert	1	-10/+19
	parameters.
2017-05-17	Add "median of three" killer, as seen in "Introspective Sorting and	millert	1	-18/+44
	Selection Algorithms" by David R Musser.
2017-05-17	Approximate nlgn instead of using libm. The same approximation may	millert	2	-10/+8
	be used in qsort.c in a later commit.
2017-05-17	Add "killer" input from "algorithmic complexity attacks and libc	millert	1	-0/+12
	qsort()". This causes quadratic behavior with the 4.4BSD qsort's "switch to insertion sort" optimization when the input appears to be mostly sorted. That optimization was removed in qsort.c r1.12 but it is worth having in the regress test too.
2017-05-17	The BSD qsort() performs tail recursion elimination on the second	millert	1	-10/+25
	side of the array being partitioned to save on stack space. Greater savings can be gained by choosing recursion for the smaller side of the partition and eliminating recursion for the larger side. This also results in a small but measurable performance gain. OK otto@ schwarze@
2017-05-17	There's no need to track the number of errors (and the counter might	millert	1	-21/+30
	wrap), make it a flag instead. Pointed out by schwarze@
2017-05-17	Add qsort(3) regress based on Bentley & McIlroy's "Engineering a Sort Function"	millert	3	-2/+278

2017-05-16	Plug a memory leak. The main_cert needs to be X509_free()ed since	claudio	1	-0/+2
	SSL_get_peer_certificate() increases the ref count whereas extra_certs do not because SSL_get_peer_cert_chain() won't increase ref counts. OK beck@
2017-05-16	typo: ket -> key.	tb	1	-3/+3
	from "fenderq" on freenode via tj
2017-05-15	Typo: freezeo -> freezero	tb	1	-3/+3
	From "fenderq" on freenode via tj@
2017-05-13	- fix bug wrt posix_memalign(3) of blocks between half a page and a page	otto	2	-8/+18
	- document posix_memalign() does not play nice with reacallocarray(3) and freezero(3)
2017-05-11	Fix a problem introduced in freezero() conversion and use	jsg	1	-2/+2
	sizeof(struct) not sizeof(pointer). otto@ points out that on OpenBSD currently freezero() would have still zeroed the entire allocation, but this is not documented behaviour and may change in future. ok tom@
2017-05-10	Implement nc -W recvlimit to terminate netcat after receiving a	bluhm	2	-8/+28
	number of packets. This allows to send a UDP request, receive a reply and check the result on the command line. input jmc@; OK millert@
2017-05-08	simplify startdate/enddate validation	beck	1	-27/+5
	ok jsing@
2017-05-08	Print size_t's correctly.	beck	1	-3/+3
	Fix from Jonas 'Sortie' Termansen <sortie@maxsi.org>
2017-05-08	BUF_MEM_grow_clean() returns an int, not a size_t. Humourously, on success	jsing	1	-3/+3
	it returns "len", which is a size_t value, as an int...
2017-05-07	Revise cipher suites in regress to match DSS cipher suite removal.	jsing	1	-96/+82

2017-05-07	Drop cipher suites with DSS authentication - there is no good reason to	jsing	1	-197/+1
	keep these around. ok beck@
2017-05-07	Instead of starting a 'zero-sized' CBB at the size of the first addition	jsing	1	-5/+8
	to the CBB, then doubling, start with an initial size of 64 bytes. Almost all uses will exceed this size and we avoid multiple small recallocarray() calls during the initial usage. ok beck@
2017-05-07	Move state from ssl->internal to the handshake structure.	beck	15	-256/+267
	while we are at it, convert SSLerror to use a function internally, so that we may later allocate the handshake structure and check for it ok jsing@
2017-05-07	Limit -Werror to gcc4 as was done in libcrypto/libssl/libtls to avoid	jsg	2	-6/+14
	failed builds with different compilers. ok jsing@
2017-05-07	Ensure that a client context has been connected before attempting to	jsing	2	-4/+12
	complete a TLS handshake.
2017-05-07	Add a (currently failing) call to tls_handshake() on a client context that	jsing	1	-1/+8
	has not yet been connected. We expect this to fail, but it should fail gracefully.
2017-05-07	Also test calling tls_handshake() on a server connection context that has	jsing	1	-1/+7
	already completed a TLS handshake.
2017-05-07	Return an error if tls_handshake() is called on a TLS context that has	jsing	1	-1/+6
	already completed a TLS handshake.
2017-05-07	Add a test that calls tls_handshake() on a connection that has already	jsing	1	-1/+7
	completed a TLS handshake. This should return a failure, but currently succeeds (hence the regress currently fails).
2017-05-07	An an initial sequencing/ordering test for libtls.	jsing	1	-1/+61

2017-05-06	Split TLS client/server handshake and close code into separate functions	jsing	1	-4/+27
	so that it can be reused.
2017-05-06	Bring in an SSL_HANDSHAKE structure and commence the great shovelling	beck	12	-115/+121
	ok jsing@, gcc@, regress@
2017-05-06	Move TLS test code into a function that is called from main, making it	jsing	2	-17/+33
	easier for new tests to be added.
2017-05-06	Free tls_configs earlier now that we have refcounting.	jsing	1	-4/+4

2017-05-06	Use freezero() for the tls_load_file() failure case, since we're	jsing	1	-4/+4
	potentially dealing with key material. Also switch a calloc to malloc, since we immediately copy the same amount of data to the newly allocated buffer.
2017-05-06	BIO_free_all() and EVP_PKEY_free() can be called with NULL.	jsing	1	-5/+3

2017-05-06	Add more functions.	jsing	1	-1/+5

2017-05-06	Sort/group functions.	jsing	1	-5/+10

2017-05-06	Not much point using a failed variable here.	jsing	1	-3/+4

2017-05-06	Be explicit about when it is safe to call tls_config_free().	jsing	1	-3/+8
	Discussed with beck@
2017-05-06	Document tls_unload_file().	jsing	1	-3/+14

2017-05-06	Perform reference counting for tls_config. This allows tls_config_free() to	jsing	4	-6/+22
	be called as soon as it has been passed to the final tls_configure() call, simplifying lifetime tracking for the application. Requested some time ago by tedu@. ok beck@
2017-05-06	Provide a tls_unload_file() function, that frees the memory returned from	jsing	3	-2/+10
	a tls_load_file() call, ensuring that it the contents become inaccessible. This is specifically needed on platforms where the library allocators may be different from the application allocator. ok beck@
2017-05-06	Bring in HKDF, from BoringSSL, with regress tests modified to be	beck	6	-2/+496
	in C. Ride previous minor bump ok tom@ inoguchi@ jsing@
2017-05-06	Add regress coverage for SSL{,_CTX}_set_{min,max}_proto_version().	jsing	1	-12/+304

2017-05-06	Provide SSL{,_CTX}_set_{min,max}_proto_version() functions.	jsing	6	-5/+115
	Rides minor bump. ok beck@
2017-05-06	space needed between macro arg and punctuation;	jmc	1	-2/+2