openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Files	Lines
2024-05-23	x509_v3.c: consistently call STACK_OF(X509_EXTENSIONS) arguments sk	tb	1	-12/+12
	(where it doesn't conflict with a local variable)
2024-05-23	x509_v3.c: zap another pointless local variable	tb	1	-7/+2

2024-05-23	x509_v3.c: add a few empty lines	tb	1	-1/+9

2024-05-23	X509v3_get_ext_by_NID: make obj const, test & assign	tb	1	-4/+4

2024-05-23	x509_v3.c: remove a pointless local variable	tb	1	-5/+3

2024-05-23	x509_v3.c: mechanically replace ex with ext and new_ex with new_ext	tb	1	-42/+42

2024-05-22	Exercise EVP_chacha20_poly1305() with in-place decryption	tb	1	-2/+143
	This needs quite a bit of cleanup but let's have some tests rather than none.
2024-05-22	Fix in-place decryption for EVP_chacha20_poly1305()	tb	1	-3/+3
	Take the MAC before clobbering the input value on decryption. Fixes hangs during the QUIC handshake with HAProxy using TLS_CHACHA20_POLY1305_SHA256. Found, issue pinpointed, and initial fix tested by Lucas Gabriel Vuotto: Let me take this opportunity to thank the HAProxy team for going out of their way to keep supporting LibreSSL. It's much appreciated. See https://github.com/haproxy/haproxy/issues/2569 tweak/ok jsing
2024-05-22	crib better wording from schwarze's EVP_PKEY_get_attr_by_NID(3)	tb	1	-5/+4

2024-05-22	Fix incorrect X509v3_get_ext_by_NID(3) return values	tb	1	-9/+17
	This error comes from upstream, where it is still wrong.
2024-05-21	remove prototypes with no matching function and externs with no var	jsg	1	-2/+1
	partly checked by millert@
2024-05-20	cmac: zero_iv should be const	tb	1	-2/+2

2024-05-19	unwrap a line	tb	1	-3/+2

2024-05-19	Add space after commas	tb	2	-6/+6

2024-05-19	KNF for dh_err and dsa_err	tb	2	-63/+59

2024-05-19	remove prototypes with no matching function	jsg	8	-39/+9
	feedback and ok tb@
2024-05-18	remove extern with no matching var; ok tb@	jsg	1	-2/+1

2024-05-18	remove prototypes with no matching function; ok tb@	jsg	3	-6/+3

2024-05-17	asn1_str2tag(): no need for tntmp to be static	tb	1	-2/+3

2024-05-17	The long primitive function table can be const	tb	1	-2/+2

2024-05-17	The bignum primitive function table (bignum_pf) can be const	tb	1	-2/+2

2024-05-16	x509_v3.c: remove superfluous parentheses	tb	1	-39/+39
	No change in the generated assembly
2024-05-16	SSL_CTX_set_keylog_callback: copy-paste error _set_ -> _get_	tb	1	-3/+3

2024-05-15	Improve X509V3_get0_uids() documentation	tb	1	-11/+19
	Use less horrcble variable names and make it explicit that both output arguments are allowed to be NULL.
2024-05-15	X509_check_akid: zap stray space	tb	1	-2/+2

2024-05-14	x509_ext.c: remove unnecessary includes	tb	1	-5/+1

2024-05-14	x509_ext.c: remove lots of extraneous parentheses	tb	1	-23/+23
	No change in the generated assembly
2024-05-14	Fix last sentence of CAVEATS which I got the wrong way around	tb	1	-4/+3

2024-05-12	Be more specific about X509V3_ADD_APPEND and X509V3_ADD_DELETE	tb	1	-3/+6

2024-05-12	Tweak wording	tb	1	-1/+4

2024-05-12	Remove a 'built-in' that was left in by accident	tb	1	-2/+2

2024-05-12	Install X509V3_EXT_get_nid.3	tb	1	-1/+2

2024-05-12	Add minimal manpage documenting the misnamed X509V3_EXT_get_nid()	tb	2	-2/+92
	This avoids a dangling reference in i2s_ASN1_ENUMERATED_TABLE. To complete this manual, someone will need to document X509V3_EXT_METHOD, but that's for a much more rainy day than today.
2024-05-12	Avoid .Xr to no longer public X509_LOOKUP_by_subject(3)	tb	1	-7/+4
	looks good to jmc
2024-05-11	Move X509V3_add_standard_extensions out of the way	tb	1	-8/+8
	This function is only used by OpenLDAP and it's been a noop since forever. It has no business to be squeezed in between a number of other, quite unrelated functions. It's distracting.
2024-05-11	Make two NULL checks more explicit	tb	1	-3/+3

2024-05-11	Unwrap a line	tb	1	-3/+2

2024-05-11	Sync DSA_METHOD documentation with reality	tb	1	-36/+15
	It is dubious whether this opaque struct's internals should be documented in the first place. This also has been incomplete since forever. For now zap the stuff that no longer exists and make an attempt at matching KNF a bit more closely.
2024-05-11	Remove unused DSA methods	tb	4	-53/+21
	There are no accessors to set them, so this has been involved in a bunch of dead logic ever since we made DSA opaque a few years ago. ok jsing
2024-05-11	Remove unused PEM_USER and PEM_CTX	tb	1	-50/+1
	I could not find any use of this in all of OpenSSL's git history since SSLeay 0.8.1b. ok jsing
2024-05-10	Add missing EC_KEY_free()	tb	1	-1/+3
	While eckey_from_explicit_params() frees out_eckey, eckey_from_object() and eckey_from_params() do not. These functions are currently all callled with a NULL out_eckey, but the latter two would leak if that should ever change. ok jsing
2024-05-10	Remove fixed nonce length information from algorithm2	tb	2	-59/+15
	This information has been part of tls12_key_block_generate() for a while now. It remained in this table because at that point SSL_CIPHER was still public. Nothing can access algorithm2 anymore from the outside, so this is dead weight. ok jsing
2024-05-10	Inline dsa_builtin_keygen() in DSA_generate_key()	tb	1	-12/+6
	ok djm
2024-05-09	Make the openssl_dsa_meth static const	tb	1	-2/+2

2024-05-09	Move openssl_dsa_meth below the methods it uses	tb	1	-25/+17
	no functional change
2024-05-09	Make the DH_METHOD static const	tb	1	-2/+2

2024-05-09	Move public API and DH_METHOD to the bottom of the file	tb	1	-38/+31
	no functional change
2024-05-09	sync the SSL text; ok tb	jmc	1	-3/+3

2024-05-09	Tiny style tweaks in X509_REQ_add_extension_nid()	tb	1	-6/+5
	Test & assign and use ret instead of rv. ok jsing
2024-05-09	Streamline X509_REQ_check_private_key() a bit	tb	1	-16/+17
	Use better variable names, split the success from the error path and return directly rather than using an ok variable. ok jsing