openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Files	Lines
2018-11-19	Revert previous - DTLSv1 uses MD5+SHA1 for RSA signature verification.	jsing	2	-10/+4
	Discussed with beck@
2018-11-19	Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.	jsing	1	-4/+4
	In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
2018-11-18	Implement malloc_usable_size(); ok millert@ deraadt@ and jmc@ for the man page	otto	2	-6/+108

2018-11-17	Fix DTLS, because DTLS still remains a special flower, allows regress to pass	beck	2	-4/+10

2018-11-17	Fix whitespace around assignment operators.	tb	1	-7/+7

2018-11-16	revert previous	beck	1	-5/+3

2018-11-16	Fix DTLS. Because the DTLS code is strange. I am really coming around to	beck	1	-3/+5
	joel's line of thinking about it
2018-11-16	Unbreak legacy ciphers for prior to 1.1 by setting having a legacy	beck	4	-10/+22
	sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
2018-11-15	Port OpenSSL commit 99540ec79491f59ed8b46b4edf130e17dc907f52 -- mitigation	tb	1	-4/+4
	for a timing vullnerability in ECDSA signature generation (CVE-2018-0735). Note that the blinding that we introduced back in June for ECDSA and DSA should mitigate this and related issues. This simply adds an additional layer of protection. discussed with jsing
2018-11-14	Fix wrong sizeof argument by using 'uint16_t *', with minor nit from tb@,	mestre	1	-2/+2
	instead of 'uint16_t' Found with llvm's static analyzer, noticed that it was also already reported in Coverity CID 155890 and to ensure this was correct also inspected OpenSSL's equivalent code. OK tb@ and jsing@
2018-11-14	didn't found -> didn't find.	tb	1	-2/+2
	From Edgar Pettijohn III
2018-11-14	In TLS1.2 we use evp_sha1 if we fall back this far, not evp_md5_sha1 as in 1.1	beck	1	-2/+2
	Makes connections to outlook.office365.com work
2018-11-13	Temporary workaround for breakage seen in www.videolan.org with curve mismatch	beck	1	-3/+4

2018-11-13	Just err if we can't create secrets	beck	1	-2/+2

2018-11-13	NULL out mdctx to prevent possible double free introduced in version 1.4	beck	1	-1/+2
	Spotted by maestre@, ok tb@
2018-11-13	Fix pkey_ok to be less strange, and add cuve checks required for the EC ones	beck	1	-9/+26
	ok tb@
2018-11-12	Missing initialization for pub_key. CID 184303.	tb	1	-2/+2
	ok bcook
2018-11-12	Rework the sm3 regress based on a suggestion by jsing. Zap the weird	tb	1	-30/+36
	hex_encode() function and use byte arrays instead of strings to store the expected values. Snatch and tweak hexdump() from beck's key_schedule test to pretty-print data in case of failure.
2018-11-11	Add check function to verify that pkey is usable with a sigalg.	beck	4	-7/+24
	Include check for appropriate RSA key size when used with PSS. ok tb@
2018-11-11	Add back a few missing compatibility stubs	bcook	2	-4/+37
	ok beck@
2018-11-11	quiet warning on other compilers	bcook	1	-3/+3
	ok beck@
2018-11-11	Fix a race in libssl interop regress. The success messages from	bluhm	3	-6/+9
	the server child could be delayed. In this case wait a second and check again.
2018-11-11	Hook up sm3 regress tests.	tb	1	-1/+2

2018-11-11	Add sm3 regress tests.	tb	2	-0/+101

2018-11-11	Add sm3 to the 'openssl dgst' command.	tb	1	-1/+5
	ok beck inoguchi
2018-11-11	Add EVP_sm3() to OpenSSL_add_all_digests_internal().	tb	1	-1/+4
	ok beck inoguchi
2018-11-11	bump minors after symbol addition.	tb	3	-3/+3

2018-11-11	Add SSL_set1_host(), a thin wrapper around X509_VERIFY_PARAM_set1_host().	tb	3	-2/+10
	Used by unbound's DNS over TLS implementation to do server name verification. ok jsing
2018-11-11	Add Ribose Inc's implementation of the SM3 hashing function with	tb	8	-3/+437
	tweaks from jsing and myself. The SM2/SM3/SM4 algorithms are mandatory for legal use of cryptography within China and [are] widely applied in the country, covering identification/financial cards, contactless, TPM 2.0 and PKI. ok beck inoguchi jsing
2018-11-11	Nuke trailing whitespace	beck	1	-6/+6

2018-11-11	Add automatic threading initialization for libcrypto.	bcook	8	-561/+141
	This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init\|lock\|unlock) are provided for ramdisks. This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed. ok beck@, tb@, looks sane guenther@
2018-11-11	Free the server tls transcript in case session reuse did not work.	bluhm	1	-3/+4
	Regression found by Perl module p5-IO-Socket-SSL tests. with beck@ tb@
2018-11-11	include crypto.h from the correct path, remove unused variable	bcook	1	-5/+2

2018-11-11	Add support for RSA PSS algorithims being used in sigalgs.	beck	2	-2/+29
	lightly tested, but will need sanity checks and regress test changes before being added to any sigalgs list for real ok jsing@ tb@
2018-11-11	Convert signatures and verifcation to use the EVP_DigestXXX api	beck	3	-45/+93
	to allow for adding PSS, Nuke the now unneejded guard around the PSS algorithms in the sigalgs table ok jsing@ tb@
2018-11-11	Reorganize libssl interop tests. Move netcat tests into separate	bluhm	9	-148/+197
	directory. Keep all log files for easier debugging. Name regress target names consistently.
2018-11-10	Remove dead code	beck	2	-16/+2
	ok jsing@
2018-11-10	Speling	beck	1	-2/+2

2018-11-10	Regress client and server can do session reuse now. Test this with	bluhm	6	-129/+220
	all combinations of LibreSSL, OpenSSL 1.0.2, and OpenSSL 1.1. It is currently disabled for TLS 1.3 as this needs more setup.
2018-11-10	Tweak and improve the TLSv1.3 state machine.	jsing	1	-24/+46
	- Provide a tls13_handshake_active_action() function to reduce code duplication and replace tls13_handshake_get_sender(). - Add an INVALID message_type, so we can explicitly detect invalid conditions. - Implement skeletons for the tls13_handshake_send_action() and tls13_handshake_recv_action() functions. - OR in the NEGOTIATED value at the end of recving or sending a server hello so that we switch to the next chain in the state table. ok tb@
2018-11-10	Make sure the interop test happen last (since they take a long time)	beck	2	-8/+9

2018-11-10	Clean up and free objects at the completion of the regress test.	jsing	1	-1/+13
	From Ben L <bobsayshilol at live dot co dot uk>.
2018-11-10	fix a leak reported by Ben L (bobsayshilol () live ! co ! uk)	tb	1	-1/+3

2018-11-10	Fix a leak reported by Ben L bobsayshilol () live ! co ! uk.	tb	1	-1/+3

2018-11-10	fix a leak pointed out by Ben L (bobsayshi () live ! co ! uk)	tb	1	-4/+8

2018-11-10	Avoid a double allocation and memory leak.	jsing	1	-4/+2
	Reported by Ben L <bobsayshilol at live dot co dot uk>
2018-11-10	Stop keeping track of sigalgs by guessing it from digest and pkey,	beck	8	-92/+102
	just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
2018-11-10	More regress all the way to exporter_master	beck	1	-4/+44

2018-11-10	Use TLS13_HS_{CLIENT,SERVER} instead of using a redundant _SEND{,S}.	tb	1	-30/+28
	ok jsing
2018-11-10	Fix last of the empty hash nonsense	beck	2	-32/+6
	ok jsing@