| Commit message (Collapse) | Author | Files | Lines | ||
|---|---|---|---|---|---|
| 2017-03-28 | small cleanup & optimization; ok deraadt@ millert@ | otto | 1 | -2/+5 | |
| 2017-03-27 | repair knf & whitespace that jumped out of the screen during review | deraadt | 1 | -23/+18 | |
| ok beck | |||||
| 2017-03-27 | use a path of "/" if the URL does not include a trailing / - since | beck | 1 | -2/+5 | |
| the web server probably doesn't like it, even though you published the url without the trailing / in the certificate. (hello digicert!) ok claudio@ | |||||
| 2017-03-27 | Fail early if an ocep server returns a non-200 http response, there is no | beck | 1 | -1/+4 | |
| point in trying to parse error pages as an ocsp response. | |||||
| 2017-03-27 | reinstate the capitalisation from previous, as advised by schwarze; | jmc | 1 | -3/+3 | |
| 2017-03-26 | recallocarray() for data buffer from the net. | deraadt | 1 | -3/+5 | |
| ok beck | |||||
| 2017-03-26 | tweak previous; | jmc | 3 | -9/+9 | |
| 2017-03-26 | Stop enumeration all allocation functions, just say "allocation functions"libressl-v2.5.2 | otto | 1 | -32/+13 | |
| ok jmc@ deraadt@ | |||||
| 2017-03-26 | merge new UI documentation from OpenSSL | schwarze | 5 | -13/+651 | |
| 2017-03-25 | document X509_Digest(3) and friends; | schwarze | 2 | -1/+135 | |
| from Rich Salz <rsalz@openssl.org>, OpenSSL commit 3e5d9da5 etc. | |||||
| 2017-03-25 | document the public function X509_cmp_time(3); | schwarze | 2 | -1/+88 | |
| from Emilia Kasper <emilia@openssl.org>, OpenSSL commit 80770da3, tweaked by me | |||||
| 2017-03-25 | correct RETURN VALUES; | schwarze | 1 | -7/+13 | |
| from Richard Levitte <levitte@openssl.org>, OpenSSL commit cdd6c8c5 | |||||
| 2017-03-25 | fix two more prototypes; | schwarze | 1 | -5/+5 | |
| from Matt Caswell <matt@openssl.org>, OpenSSL commit b41f6b64 | |||||
| 2017-03-25 | correct prototypes; | schwarze | 1 | -5/+5 | |
| from Matt Caswell <matt@openssl.org>, OpenSSL commit b41f6b64 | |||||
| 2017-03-25 | complete description of RETURN VALUES; | schwarze | 1 | -6/+8 | |
| from Alexander Koeppe via OpenSSL commit bb6c5e7f | |||||
| 2017-03-25 | minimal stub-quality documentation of EVP_MD_CTX_ctrl(3); | schwarze | 1 | -3/+17 | |
| from Todd Short <tshort@akamai.com> via OpenSSL commit 52ad5b60 | |||||
| 2017-03-25 | OpenSSL documented the public function BIO_printf(3) (and friends) | schwarze | 3 | -3/+91 | |
| in commit 2ca2e917. Document it here, too, but do not use their text. Be more concise and more precise at the same time. | |||||
| 2017-03-25 | document ASN1_tag2str(3); from OpenSSL commit 9e183d22 | schwarze | 1 | -4/+14 | |
| 2017-03-25 | Update RFC reference for TLSEXT_TYPE_padding. | jsing | 1 | -5/+2 | |
| 2017-03-25 | Check tls1_PRF() return value in tls1_generate_master_secret(). | jsing | 1 | -4/+4 | |
| 2017-03-25 | Update regress to match changes to tls1_PRF(). | jsing | 1 | -10/+10 | |
| 2017-03-25 | More cleanup for tls1_PRF()/tls1_P_hash() - change the argument order of | jsing | 1 | -46/+50 | |
| tls1_PRF() so that it matches tls1_P_hash(), use more explicit argument names and change lengths to size_t. ok inoguchi@ | |||||
| 2017-03-24 | add a helper function to print all pools #ifdef MALLOC_STATS | otto | 1 | -1/+16 | |
| from David CARLIER | |||||
| 2017-03-24 | document new recallocarray diagnostic; zap a few diagnostics that should | otto | 1 | -8/+9 | |
| never occur | |||||
| 2017-03-24 | move recallocarray to malloc.c and | otto | 2 | -19/+207 | |
| - use internal meta-data to do more consistency checking (especially with option C) - use cheap free if possible ok deraadt@ | |||||
| 2017-03-18 | Fewer magic numbers. | jsing | 1 | -3/+3 | |
| 2017-03-18 | t1_enc.c | jsing | 1 | -3/+2 | |
| 2017-03-18 | Update regress and remove temporary buffer to match changes in tls_PRF(). | jsing | 1 | -8/+4 | |
| 2017-03-18 | Currently tls1_PRF() requires that a temporary buffer be provided, that | jsing | 1 | -50/+32 | |
| matches the size of the output buffer. This is used in the case where there are multiple hashes - tls_P_hash() is called with the temporary buffer and the result is then xored into the output buffer. Avoid this by simply using a local buffer in tls_P_hash() and then xoring the result into the output buffer. Overall this makes the code cleaner and simplifies all of the tls_PRF() callers. Similar to BoringSSL. ok inoguchi@ | |||||
| 2017-03-17 | remove unneccessary macro; | jmc | 1 | -2/+2 | |
| 2017-03-17 | Strengthen description of recallocarray(3) behaviour, hoping that readers | deraadt | 1 | -5/+10 | |
| make the behaviour -> use case connection. help from jmc and jsing | |||||
| 2017-03-16 | Convert BUF_MEM_grow() and BUF_MEM_grow_clean() to recallocarray(), | jsing | 1 | -13/+3 | |
| ensuring that the buffer contents are zeroed on allocation and not leaked when resizing. It is worth noting that BUF_MEM_grow_clean() already did this manually by avoiding realloc(). ok beck@ inoguchi@ | |||||
| 2017-03-16 | Use calloc() instead of malloc() followed by manually zeroing fields. | jsing | 1 | -6/+3 | |
| ok beck@ inoguchi@ | |||||
| 2017-03-14 | copy /etc/services in test directory | eric | 1 | -1/+2 | |
| 2017-03-10 | refresh the test infrastructure a bit. | eric | 3 | -90/+93 | |
| 2017-03-10 | Remove the handshake digests and related code, replacing remaining uses | jsing | 7 | -166/+45 | |
| with the handshake hash. For now tls1_digest_cached_records() is retained to release the handshake buffer. ok beck@ inoguchi@ | |||||
| 2017-03-10 | Switch CBB to use recallocarray() - this ensures that we do not leak | jsing | 1 | -2/+2 | |
| secrets via realloc(). ok inoguchi@ | |||||
| 2017-03-10 | First pass at cleaning up the tls1_P_hash() function - remove a pointless | jsing | 1 | -20/+19 | |
| EVP_DigestSignInit() call and avoid the need for ctx_tmp by reordering the code slightly. ok inoguchi@ | |||||
| 2017-03-10 | Add a unit test for tls1_PRF(). | jsing | 2 | -1/+257 | |
| 2017-03-10 | Make tls1_PRF() non-static so it can be regress tested. | jsing | 1 | -2/+7 | |
| 2017-03-09 | The netcat server did not print the correct TLS error message if | bluhm | 1 | -2/+2 | |
| the handshake after accept had failed. Use the context of the accepted TLS connection. OK beck@ | |||||
| 2017-03-09 | remove bogus variable expansion | eric | 2 | -4/+4 | |
| 2017-03-09 | missing include | eric | 1 | -1/+2 | |
| 2017-03-07 | Correctly handle TLS PRF with MD5+SHA1 - the secret has to be partitioned | jsing | 1 | -5/+26 | |
| and each hash processed separately. Tested by tb@ | |||||
| 2017-03-07 | Add a test that covers a libtls client talking to a Go TLS server with | jsing | 1 | -5/+107 | |
| varying minimum and maximum protocol versions. This gives us protocol version test coverage against an independent TLS stack. | |||||
| 2017-03-07 | Allow ciphers to be set on the TLS config. | jsing | 1 | -0/+10 | |
| 2017-03-07 | Provide support for libtls protocols and allow for protocols to be set on | jsing | 1 | -3/+47 | |
| a TLS config. The ConnVersion function now also returns a protocol version instead of a string. | |||||
| 2017-03-07 | Add handling for errors on the TLS config and properly check/handle | jsing | 2 | -6/+23 | |
| failures when setting the CA file. | |||||
| 2017-03-07 | libtls errors are much more descriptive these days - return them directly | jsing | 1 | -9/+8 | |
| and avoid adding redundant/duplicate information. | |||||
| 2017-03-07 | We no longer need to keep pointers following tls_config_set_*() calls. | jsing | 1 | -6/+3 | |
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |