openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Files	Lines
2015-07-14	Convert ssl_parse_clienthello_use_srtp_ext to CBS.	doug	4	-84/+50
	ok miod@ jsing@
2015-07-14	Convert ssl3_get_cert_status to CBS.	doug	2	-34/+52
	ok miod@ jsing@
2015-07-14	Convert ssl3_get_server_certificate to CBS.	doug	2	-34/+36
	ok miod@
2015-07-13	Unhook tls_ext_alpn test until the code passes it.	doug	1	-2/+5

2015-07-12	Convert openssl(1) dh to the new option handling.	doug	1	-98/+111
	ok jsing@
2015-07-12	Convert openssl(1) dsa to the new option handling.	doug	1	-154/+208
	ok jsing@
2015-07-12	Convert openssl(1) ec to the new option handling.	doug	1	-170/+247
	ok jsing@
2015-07-12	Convert gendh.c to the new option handling.	doug	1	-54/+79
	ok jsing@
2015-07-12	Convert openssl(1) dsaparam to the new option handling.	doug	1	-154/+123
	This also removes support for -timebomb related code which was only enabled for GENCB_TEST. ok jsing@
2015-07-12	Convert openssl(1) crl2pkcs7 to the new option handling.	doug	1	-95/+110
	input + ok jsing@
2015-07-11	Convert openssl(1) dhparam to new option handling.	jsing	1	-121/+160
	ok doug@
2015-07-09	Add tests for parsing TLS extension ALPN (RFC 7301).	doug	2	-2/+446
	The current libssl code does not pass these tests yet.
2015-07-08	switch "openssl dhparam" default from 512 to 2048 bits, ok jsing@	sthen	2	-6/+6

2015-07-07	add setlocale test	semarie	1	-1/+3

2015-07-07	add regress test for setlocale(3) and some related	semarie	2	-0/+140
	functions (MB_CUR_MAX, isalpha() for ctype. some tips from stsp@
2015-07-03	Repair algorithm name array after 1.6.	miod	1	-4/+4

2015-07-01	specify the array initializer valuelibressl-v2.2.1	bcook	1	-2/+2
	noted by kinichiro from github
2015-06-29	fix the build on arm after the recent addition of -Wundef	jsg	2	-4/+4
	ok doug@ deraadt@
2015-06-28	Convert ssl_bytes_to_cipher_list to CBS.	doug	6	-23/+59
	Link in the new 'unit' regress and expand the invalid tests to include some that would fail before the CBS conversion. input + ok miod@ jsing@
2015-06-27	Add unit tests for LibreSSL.	doug	3	-0/+256
	cipher_list.c is based on code from jsing@. Discussed with jsing@
2015-06-27	Fix pointer to unsigned long conversion.	doug	4	-10/+14
	bcook@ notes that this check really only impacted 64-bit Windows. Also, changed the check to be unsigned for consistency. ok bcook@
2015-06-24	Put BUF_memdup() and BUF_reverse() under #ifndef LIBRESSL_INTERNAL.	jsing	2	-6/+4

2015-06-24	Stop using BUF_memdup() within the LibreSSL code base - it is correctly	jsing	4	-12/+14
	spelt malloc+memcpy, which is what is used in all except two places. ok deraadt@ doug@
2015-06-23	Change CBS_dup() to also sync the offset.	doug	3	-3/+41
	Previously, CBS_dup() had its own offset. However, it is more consistent to copy everything. ok miod@ jsing@
2015-06-23	Convert bytestringtest to individual checks and don't short circuit.	doug	1	-321/+337
	The statements were chained together with OR which makes it more annoying to debug. Also, it was short circuiting all tests as soon as one function failed. Since the functions are independent, they should each run until error. Discussed with miod@ and jsing@
2015-06-23	Remove unnecessary regress target.	doug	1	-7/+2

2015-06-21	Check for failure with CBB_init() in bs_ber.c.	doug	2	-4/+6
	From BoringSSL commit 3fa65f0f05f67615d9daf48940e07f84d094ac6e.
2015-06-21	Just return if nmemb is 0. Avoids a NULL dereference and is	millert	1	-1/+4
	consistent with the behavior of the other libc sort functions. OK deraadt@
2015-06-20	Convert ssl3_get_new_session_ticket to CBS.	doug	2	-48/+48
	tweak + ok miod@ jsing@
2015-06-20	Convert ssl3_get_next_proto to CBS.	doug	2	-28/+38
	tweak + ok miod@ jsing@
2015-06-20	Convert ssl_parse_serverhello_renegotiate_ext to CBS.	doug	4	-38/+42
	ok miod@ jsing@
2015-06-20	Handle NIST curve names in openssl(1) ecparam.	jsing	1	-1/+4
	From OpenSSL.
2015-06-20	Handle NIST curve names.	jsing	2	-4/+8
	From OpenSSL. ok miod@ (a while ago)
2015-06-20	Have ECPKParameters_print() include the NIST curve name, if known.	jsing	2	-2/+20
	From OpenSSL. ok miod@ (a while ago).
2015-06-20	Less mdc2.	jsing	1	-4/+1

2015-06-20	Provide EC_curve_nid2nist() and EC_curve_nist2nid().	jsing	4	-4/+114
	From OpenSSL. Rides libcrypto bump. ok miod@ (a while ago)
2015-06-20	Make SSL_OP_ALL readable.	jsing	2	-4/+18
	ok deraadt@ doug@ millert@ miod@ sthen@
2015-06-20	Put CRYPTO_memcmp() under #ifndef LIBRESSL_INTERNAL.	jsing	2	-2/+6
	ok doug@ deraadt@
2015-06-20	Replace remaining CRYPTO_memcmp() calls with timingsafe_memcmp().	jsing	6	-12/+12
	ok doug@ deraadt@
2015-06-20	Convert ssl_parse_clienthello_renegotiate_ext to CBS.	doug	4	-30/+28
	ok miod@, tweak + ok jsing@
2015-06-20	Replace internal call to CRYPTO_memcmp with timingsafe_memcmp.	doug	2	-4/+4
	Suggested by jsing@. ok jsing@ miod@
2015-06-20	Fix warning on vax due to old gcc.	doug	2	-8/+8
	Old gcc warns when parameters have the same names as functions. Noticed by deraadt@. ok deraadt@ jsing@
2015-06-20	Crank major for libcrypto, ssl and tls due to MDC-2DES removal.	doug	5	-6/+6
	ok miod@ jsing@
2015-06-20	Remove obsolete MDC-2DES from libcrypto.	doug	46	-1239/+59
	ok deraadt@ jsing@ miod@
2015-06-19	Remove needless casts. There's no reason to cast delim to char *	millert	1	-5/+4
	when we can just make spanp const char * to match it. OK deraadt@
2015-06-19	Add missing message digests to function table.	jsing	1	-3/+27
	Diff from kinichiro via github. ok doug@
2015-06-19	Remove fallback dynamic engine loading support.	bcook	1	-18/+2
	Since we no longer have dynamic engines, don't bother falling back to them if a builtin engine is not found first. Before: $ openssl dgst -engine unknown invalid engine "unknown" 27256010481532:error:2606A074:engine routines:ENGINE_by_id:no such engine:/usr/src/lib/libcrypto/crypto/../../libssl/src/crypto/engine/eng_list.c:384:id=unknown 27256010481532:error:2606A074:engine routines:ENGINE_by_id:no such engine:/usr/src/lib/libcrypto/crypto/../../libssl/src/crypto/engine/eng_list.c:384:id=dynamic After: $ openssl dgst -engine unknown invalid engine "unknown" 27256010481532:error:2606A074:engine routines:ENGINE_by_id:no such engine:/usr/src/lib/libcrypto/crypto/../../libssl/src/crypto/engine/eng_list.c:384:id=unknown ok doug@
2015-06-19	Return the failing engine ID in the error stack.	bcook	2	-4/+8
	Noted by doug@ in an earlier revision of the dynamic engine removal patch, but I had forgotten to include it in the latest version.
2015-06-19	Add standard headers, C++ support to tls.h.	bcook	1	-1/+12
	This makes using libtls easier to include by including dependent headers, making something like this work as expected: #include <iostream> #include <tls.h> int main() { std::cout << "tls_init: " << tls_init() << "\n"; } This also makes building a standalone libtls-portable simpler. ok doug@, jsing@
2015-06-19	Disable ENGINE_load_dynamic (dynamic engine support).	bcook	34	-1060/+22
	We do not build, test or ship any dynamic engines, so we can remove the dynamic engine loader as well. This leaves a stub initialization function in its place. ok beck@, reyk@, miod@