| Commit message (Collapse) | Author | Files | Lines | ||
|---|---|---|---|---|---|
| 2019-07-04 | Fix manual openssl(1) ca | inoguchi | 1 | -8/+15 | |
| - Add undocumented options -crlsec and -sigopt - Sync argument name between usage and options description ok jmc@ | |||||
| 2019-07-03 | snprintf/vsnprintf return < 0 on error, rather than -1. | deraadt | 8 | -25/+25 | |
| 2019-07-02 | Add cpuid support for arm64 so that we can recognize which | patrick | 3 | -3/+57 | |
| hardware crypto features are available. "no objections" kettenis@ | |||||
| 2019-06-30 | tweak previous; ok guenther | jmc | 1 | -5/+6 | |
| 2019-06-29 | Document that getcwd() and realpath() are built on system calls that | guenther | 1 | -2/+16 | |
| have a different calling convention than the standard function...as seen in kdump output. ok deraadt@ schwarze@ | |||||
| 2019-06-28 | When system calls indicate an error they return -1, not some arbitrary | deraadt | 10 | -56/+56 | |
| value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future. | |||||
| 2019-06-28 | failed to detect asprintf() error by observing return of -1, instead the | deraadt | 1 | -6/+3 | |
| code was inspecting the pointer (which is, sadly, undefined on error, because the current specification of asprintf is crazy sloppy) | |||||
| 2019-06-27 | Some asprintf() calls were checked < 0, rather than the precise == -1. | deraadt | 1 | -3/+3 | |
| ok millert nicm tb, etc | |||||
| 2019-06-27 | The C89 standard only requires that atexit(3) returns a non-zero value | schwarze | 1 | -5/+12 | |
| on error, so checking for -1 only is potentially non-portable. Also mention that the C89 standard does not require errno to be set. OK deraadt@ millert@ | |||||
| 2019-06-27 | Add more option tests to req, ts, x509 and verify in appstest.sh | inoguchi | 1 | -17/+42 | |
| 2019-06-27 | check for asprintf failing allocation | deraadt | 1 | -1/+4 | |
| 2019-06-24 | Add more options test to ocsp in appstest.sh | inoguchi | 1 | -7/+30 | |
| 2019-06-23 | Add more option test to dgst in appstest.sh | inoguchi | 1 | -4/+33 | |
| 2019-06-22 | Add more option tests to ca in appstest.sh | inoguchi | 1 | -8/+21 | |
| 2019-06-20 | tls_read() & tls_write() return 4 possible values: TLS_WANT_POLLOUT, | deraadt | 1 | -4/+4 | |
| TLS_WANT_POLLIN, -1, or 0. After handling the first two, check for -1 rather than vaguely "< 0". ok jsing | |||||
| 2019-06-20 | sockatmark(3), recv(2), getsockopt(2), and connect(2) return specifically | deraadt | 1 | -4/+4 | |
| -1 to mark failure, not arbitrary values < 0. I believe manual pages should follow the described contract precisely and accurately. | |||||
| 2019-06-19 | Move variables into struct in openssl(1) genrsa | inoguchi | 1 | -25/+33 | |
| - Move local variables in genrsa_main() to struct genrsa_config - Leave long lines more than 80, still ok bcook@ | |||||
| 2019-06-17 | Make BN_num_bits_word() constant time. | tb | 1 | -48/+18 | |
| Previously, this function would leak the most significant word of its argument due to branching and memory access pattern. This patch is enough to fix the use of BN_num_bits() on RSA prime factors in the library. The diff is a simplified and more readable (but perhaps less efficient) version of https://github.com/openssl/openssl/commit/972c87df by Andy Polyakov and David Benjamin (pre license change). Consult that commit message for details. Subsequent fixes to follow in the near future. Issue pointed out by David Schrammel and Samuel Weiser as part of a larger report. tests & ok inoguchi, ok jsing | |||||
| 2019-06-17 | Remove old realpath(3), and the userland-vs-kernel realpath verification | deraadt | 1 | -334/+44 | |
| code. We now user the simple userland wrapper on top of __realpath(2). The non-POSIX behaviour still remains, that is the next component to fix. From a diff by beck, but I managed to chainsaw it a bit further. Tested in snaps for a couple of days. ok beck | |||||
| 2019-06-15 | oops - missing .El in previous; | jmc | 1 | -1/+2 | |
| 2019-06-15 | realpath(3) doesn't use lstat(2), readlink(2), or getcwd(3) anymore, | deraadt | 1 | -21/+39 | |
| it is a thin wrapper over the syscall __readlink(2). Improve the list of possible errors. ok millert beck jmc | |||||
| 2019-06-14 | Improve pages that briefly mentioned ERR - usually below SEE ALSO - | schwarze | 20 | -124/+198 | |
| but failed to provide any real information. OK tb@ jmc@ | |||||
| 2019-06-14 | Further improve the documentation of library initialization and configuration. | schwarze | 9 | -94/+126 | |
| Among other improvements: * Use a uniform wording at the top of the DECSRIPTION for obsolete pages. * Better explain how to use a non-standard configuration file. * Remove obsolete functions from SEE ALSO. Triggered by some suggestions from tb@. Tweaks and OK tb@. | |||||
| 2019-06-13 | Add more options to pkcs12 and smime in appstest.sh | inoguchi | 1 | -10/+13 | |
| 2019-06-12 | Set malloc_options in global scope with an initializer. | bluhm | 2 | -10/+8 | |
| recommended by otto@ | |||||
| 2019-06-12 | add missing backlinks to ssl(3) | schwarze | 31 | -64/+100 | |
| 2019-06-12 | List all 17 SSL pages that were missing. | schwarze | 1 | -51/+89 | |
| Split some excessively long lists into useful sub-categories. Add a new, very short subsection "Obsolete functions" at the end. OK tb@ jmc@ | |||||
| 2019-06-11 | Disable junking with malloc options. If set, the test hangs on low | bluhm | 1 | -2/+5 | |
| memory arm64 machines. found by patrick@; OK otto@ | |||||
| 2019-06-10 | delete references to ERR pages from SEE ALSO where such | schwarze | 35 | -115/+79 | |
| references were already given below RETURN VALUES right above | |||||
| 2019-06-10 | Add pkcs12 options and smime tests for appstest.sh | inoguchi | 1 | -8/+40 | |
| - Add some options to pkcs12 test. - Add smime tests for encrypt, decrypt and pk7out. | |||||
| 2019-06-10 | add links back to crypto(3) to function group entry pages | schwarze | 22 | -45/+70 | |
| and to isolated obsolete pages; OK bcook@ jmc@ | |||||
| 2019-06-08 | remove pointless NOTES section header lines | schwarze | 9 | -27/+27 | |
| 2019-06-08 | Delete the display of the RSA_METHOD object | schwarze | 1 | -70/+1 | |
| which is now supposed to be opaque. OK tb@ I checked that all the information contained in comments in the display is available from the appropriate places in RSA_meth_new(3) and RSA_set_flags(3). Note that the comments regarding "mod_exp", "init", and "finish" were half-misleading simplifications, anyway. | |||||
| 2019-06-08 | In rsa.h rev. 1.40, gilles@ provided several new RSA_METHOD accessors. | schwarze | 5 | -46/+499 | |
| Update the documentation. OK tb@ jmc@ | |||||
| 2019-06-08 | document the RSA_FLAG_* constants for RSA_*_flags(3); | schwarze | 1 | -3/+76 | |
| OK tb@ jmc@ | |||||
| 2019-06-07 | Remove the last references to the RAND_*(3) functions. | schwarze | 12 | -47/+34 | |
| These references were misleading because these functions are no longer used internally and applications should not call them either. Issue brought up by tb@. | |||||
| 2019-06-07 | link to EVP_EncodeInit(3), which was the only missing child page | schwarze | 1 | -1/+6 | |
| 2019-06-07 | link back to evp(3), just like for the other group entry pages | schwarze | 1 | -2/+3 | |
| 2019-06-07 | Remove pointless direct backlinks from the leaf pages HMAC(3) and | schwarze | 2 | -6/+4 | |
| PKCS5_PBKDF2_HMAC(3) to the top level page evp(3). The leaf pages still have backlinks to the group entry page EVP_DigestInit(3), which is enough. Redundancy and asymmetry pointed out by tb@. | |||||
| 2019-06-07 | remove cross-references to the obsolete function OpenSSL_add_all_algorithms(3) | schwarze | 3 | -21/+7 | |
| 2019-06-07 | tidy up the formatting of gendsa synopsis a little; | jmc | 1 | -5/+3 | |
| 2019-06-07 | Convert openssl(1) gendsa to the newer style of option handling | inoguchi | 2 | -84/+178 | |
| - Adapt openssl(1) gendsa command to new option handling. - Add lacking ciphers and passout description in openssl.1 manpage. - Describe paramfile as argument in openssl.1 manpage. ok bcook@ | |||||
| 2019-06-06 | minor errors in previous commit pointed out by jmc@ | schwarze | 4 | -8/+8 | |
| 2019-06-06 | Tree structure for manual pages: crypto(3) links to 33 function | schwarze | 117 | -281/+539 | |
| group pages, and these link on to all their second-level subpages. Only a handful of second-level pages have third-level subpages. So all crypto pages can now be reached from the www.libressl.org frontpage via at most four clicks, in most cases three clicks. Also link back from leaf pages to their respective group pages and add a couple of additional links between related pages. Triggered by a question from deraadt@. OK jmc@ tb@ | |||||
| 2019-06-05 | provide getters and setters for the RSA_METHOD interface | gilles | 6 | -5/+246 | |
| ok tb@, jsing@, sthen@ | |||||
| 2019-06-05 | Fix bogus cross reference: EVP_SignDigest* -> EVP_DigestSign* | tb | 1 | -3/+3 | |
| 2019-06-04 | OPENSSL_realloc(3) is no longer used, we now use reallocarray(3) | schwarze | 1 | -3/+3 | |
| 2019-06-04 | Readability tweak in a comment. | tb | 1 | -2/+2 | |
| 2019-06-04 | Remove the blinding later to avoid leaking information on the length | tb | 1 | -3/+3 | |
| of ckinv. Pointed out and fix suggested by David Schrammel and Samuel Weiser ok jsing | |||||
| 2019-06-04 | Readability tweaks for comments that explain the blinding. | tb | 1 | -5/+5 | |
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |