openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Files	Lines
2024-05-22	crib better wording from schwarze's EVP_PKEY_get_attr_by_NID(3)	tb	1	-5/+4

2024-05-22	Fix incorrect X509v3_get_ext_by_NID(3) return values	tb	1	-9/+17
	This error comes from upstream, where it is still wrong.
2024-05-21	remove prototypes with no matching function and externs with no var	jsg	1	-2/+1
	partly checked by millert@
2024-05-20	cmac: zero_iv should be const	tb	1	-2/+2

2024-05-19	unwrap a line	tb	1	-3/+2

2024-05-19	Add space after commas	tb	2	-6/+6

2024-05-19	KNF for dh_err and dsa_err	tb	2	-63/+59

2024-05-19	remove prototypes with no matching function	jsg	8	-39/+9
	feedback and ok tb@
2024-05-18	remove extern with no matching var; ok tb@	jsg	1	-2/+1

2024-05-18	remove prototypes with no matching function; ok tb@	jsg	3	-6/+3

2024-05-17	asn1_str2tag(): no need for tntmp to be static	tb	1	-2/+3

2024-05-17	The long primitive function table can be const	tb	1	-2/+2

2024-05-17	The bignum primitive function table (bignum_pf) can be const	tb	1	-2/+2

2024-05-16	x509_v3.c: remove superfluous parentheses	tb	1	-39/+39
	No change in the generated assembly
2024-05-16	SSL_CTX_set_keylog_callback: copy-paste error _set_ -> _get_	tb	1	-3/+3

2024-05-15	Improve X509V3_get0_uids() documentation	tb	1	-11/+19
	Use less horrcble variable names and make it explicit that both output arguments are allowed to be NULL.
2024-05-15	X509_check_akid: zap stray space	tb	1	-2/+2

2024-05-14	x509_ext.c: remove unnecessary includes	tb	1	-5/+1

2024-05-14	x509_ext.c: remove lots of extraneous parentheses	tb	1	-23/+23
	No change in the generated assembly
2024-05-14	Fix last sentence of CAVEATS which I got the wrong way around	tb	1	-4/+3

2024-05-12	Be more specific about X509V3_ADD_APPEND and X509V3_ADD_DELETE	tb	1	-3/+6

2024-05-12	Tweak wording	tb	1	-1/+4

2024-05-12	Remove a 'built-in' that was left in by accident	tb	1	-2/+2

2024-05-12	Install X509V3_EXT_get_nid.3	tb	1	-1/+2

2024-05-12	Add minimal manpage documenting the misnamed X509V3_EXT_get_nid()	tb	2	-2/+92
	This avoids a dangling reference in i2s_ASN1_ENUMERATED_TABLE. To complete this manual, someone will need to document X509V3_EXT_METHOD, but that's for a much more rainy day than today.
2024-05-12	Avoid .Xr to no longer public X509_LOOKUP_by_subject(3)	tb	1	-7/+4
	looks good to jmc
2024-05-11	Move X509V3_add_standard_extensions out of the way	tb	1	-8/+8
	This function is only used by OpenLDAP and it's been a noop since forever. It has no business to be squeezed in between a number of other, quite unrelated functions. It's distracting.
2024-05-11	Make two NULL checks more explicit	tb	1	-3/+3

2024-05-11	Unwrap a line	tb	1	-3/+2

2024-05-11	Sync DSA_METHOD documentation with reality	tb	1	-36/+15
	It is dubious whether this opaque struct's internals should be documented in the first place. This also has been incomplete since forever. For now zap the stuff that no longer exists and make an attempt at matching KNF a bit more closely.
2024-05-11	Remove unused DSA methods	tb	4	-53/+21
	There are no accessors to set them, so this has been involved in a bunch of dead logic ever since we made DSA opaque a few years ago. ok jsing
2024-05-11	Remove unused PEM_USER and PEM_CTX	tb	1	-50/+1
	I could not find any use of this in all of OpenSSL's git history since SSLeay 0.8.1b. ok jsing
2024-05-10	Add missing EC_KEY_free()	tb	1	-1/+3
	While eckey_from_explicit_params() frees out_eckey, eckey_from_object() and eckey_from_params() do not. These functions are currently all callled with a NULL out_eckey, but the latter two would leak if that should ever change. ok jsing
2024-05-10	Remove fixed nonce length information from algorithm2	tb	2	-59/+15
	This information has been part of tls12_key_block_generate() for a while now. It remained in this table because at that point SSL_CIPHER was still public. Nothing can access algorithm2 anymore from the outside, so this is dead weight. ok jsing
2024-05-10	Inline dsa_builtin_keygen() in DSA_generate_key()	tb	1	-12/+6
	ok djm
2024-05-09	Make the openssl_dsa_meth static const	tb	1	-2/+2

2024-05-09	Move openssl_dsa_meth below the methods it uses	tb	1	-25/+17
	no functional change
2024-05-09	Make the DH_METHOD static const	tb	1	-2/+2

2024-05-09	Move public API and DH_METHOD to the bottom of the file	tb	1	-38/+31
	no functional change
2024-05-09	sync the SSL text; ok tb	jmc	1	-3/+3

2024-05-09	Tiny style tweaks in X509_REQ_add_extension_nid()	tb	1	-6/+5
	Test & assign and use ret instead of rv. ok jsing
2024-05-09	Streamline X509_REQ_check_private_key() a bit	tb	1	-16/+17
	Use better variable names, split the success from the error path and return directly rather than using an ok variable. ok jsing
2024-05-09	Zap some extra parentheses in X509_REQ_get_pubkey()	tb	1	-4/+4
	ok jsing
2024-05-09	Clean up X509_to_X509_REQ()	tb	1	-21/+18
	Use better variable names. X509_REQ_new() sets the version to the only specified version, so there is no point to set it. Extract the subject name, then assign to make it more obvious that we error happens if the cert has a missing subject. Switch to X509_get0_pubkey() to avoid some strange dance with a strangely named variable to adjust the refcount. ok jsing
2024-05-09	Further simplify X509_REQ_get_extensions()	tb	1	-6/+4
	Instead of inlining a poor version of ASN1_TYPE_unpack_sequence() with missing error checks, just call the real thing. It's safer and simpler. ok jsing
2024-05-09	ssl_ciph.c: unwrap a line	tb	1	-3/+2

2024-05-09	Remove leftover logic of SSL2 support	tb	1	-5/+3
	SSL2_CF_8_BYTE_ENC was set by things such as RC4_64_WITH_MD5, which fell victim to tedu's axe a decade ago. Zap that. ok jsing
2024-05-09	Plug a "leak" in ssl_security_group()	tb	1	-6/+13
	The way the CBB API is used, CBB_add_u16() and CBB_finish() can't actually fail here, but if they could, cbb->base would leak. Rewrite this code with the proper idioms to make it look right. ok jsing
2024-05-08	fix line wrapping in function definition	tb	1	-2/+3

2024-05-08	Add more regress coverage for lhash.	jsing	1	-3/+263