openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Age	Files	Lines
...
*	Work towards supporting Cryptographic Message Syntax (CMS) in libcrypto.	jsing	2019-08-10	15	-0/+6172
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Cryptographic Message Syntax (CMS) is a standard for cryptographically protecting messages, as defined in RFC 5652. It is derived from PKCS #7 version 1.5 and utilises various ASN.1 structures, making it complex and fairly heavyweight. Various protocols - including RPKI (RFC 6480) - have been built on top of it, which means it is necessary to support CMS, in order to support RPKI. This imports around 6,000 lines of code from OpenSSL 1.1.1, which is still under the original OpenSSL license. Further work will occur in tree. Requested by and discussed with many. ok deraadt@ tb@
*	Remove cms.	jsing	2016-09-04	15	-7541/+0
\| \| \| \|	ok beck@, guenther@, tedu@
*	X509_free(3) is NULL-safe, so remove NULL checks before its calls.	mmcc	2016-03-11	2	-8/+5
\| \| \| \|	ok doug@
*	Correct spelling of OPENSSL_cleanse.	jsing	2015-09-10	4	-14/+14
\| \| \| \|	ok miod@
*	Expand another wall of ASN.1 template macros - no change to generated	jsing	2015-07-25	1	-224/+1357
\| \| \| \|	assembly.
*	Avoid an infinite loop that can occur when verifying a message with anlibressl-v2.2.0	jsing	2015-06-11	1	-2/+2
\| \| \| \| \| \| \| \| \| \|	unknown hash function OID. Diff based on OpenSSL. Fixes CVE-2015-1792 (however, this code is not enabled/built in LibreSSL). ok doug@ miod@
*	Fix return paths with missing EVP_CIPHER_CTX_cleanup() calls.	jsg	2015-05-15	1	-4/+4
\| \| \| \|	ok doug@
*	Guenther has plans for OPENSSL_NO_CMS, so revert this for the moment.	beck	2015-02-11	1	-1/+3
\|
*	get rid of OPENSSL_NO_CMS code we do not use.	beck	2015-02-11	1	-3/+1
\| \| \| \|	ok miod@
*	get rid of OPENSSL_NO_COMP code we don't use.	beck	2015-02-11	1	-4/+1
\| \| \| \|	jajaja miod@
*	GOST crypto algorithms (well, most of them), ported from the removed GOST	miod	2014-11-09	1	-1/+3
\| \| \| \| \| \| \| \| \| \| \| \|	engine to regular EVP citizens, contributed by Dmitry Eremin-Solenikov; libcrypto bits only for now. This is a verbatim import of Dmitry's work, and does not compile in this state; the forthcoming commits will address these issues. None of the GOST code is enabled in libcrypto yet, for it still gets compiled with OPENSSL_NO_GOST defined. However, the public header gost.h will be installed.
*	Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes().	jsing	2014-10-22	3	-14/+13
\| \| \| \| \| \| \| \|	arc4random_buf() is guaranteed to always succeed - it is worth noting that a number of the replaced function calls were already missing return value checks. ok deraadt@
*	None of these need to include <openssl/rand.h>	jsing	2014-10-18	1	-2/+1
\|
*	BIO_free() returns immediately when the sole input is NULL.	doug	2014-07-25	1	-3/+2
\| \| \| \| \| \|	Remove unnecessary NULL check. ok miod@
*	if (x) FOO_free(x) -> FOO_free(x).	miod	2014-07-12	3	-13/+8
\| \| \| \| \| \| \|	Improves readability, keeps the code smaller so that it is warmer in your cache. review & ok deraadt@
*	Avoid invoking EVP_CIPHER_CTX_cleanup() on uninitialized memory; from	miod	2014-07-11	1	-2/+2
\| \| \| \|	Coverity via OpenSSL trunk
*	Fix version number processing in cms_sd_set_version(); OpenSSL PR #3249 via	miod	2014-07-11	1	-3/+3
\| \| \| \|	OpenSSL trunk.
*	Make CMS_decrypt_set1_pkey() return an error if no recipient type matches,	miod	2014-07-11	1	-3/+4
\| \| \| \|	instead of returning a random key; OpenSSL PR #3348 via OpenSSL trunk
*	Only import cryptlib.h in the four source files that actually need it.	jsing	2014-07-11	8	-40/+41
\| \| \| \| \| \| \| \|	Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
*	Explicitly include <openssl/opensslconf.h> in every file that references	jsing	2014-07-10	3	-6/+11
\| \| \| \| \| \| \| \| \|	an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included. This also includes some miscellaneous sorting/tidying of headers.
*	tags as requested by miod and tedu	deraadt	2014-06-12	15	-15/+15
\|
*	KNF.	jsing	2014-05-24	15	-2218/+1913
\|
*	Spell ssize_t correctly (the incorrect spelling is ossl_ssize_t).	jsing	2014-05-24	3	-6/+6
\| \| \| \|	ok miod@
*	if (x) free(x) -> free(x); semantic patch generated with coccinelle, carefully	miod	2014-05-22	3	-6/+3
\| \| \| \|	eyeballed before applying. Contributed by Cyril Roelandt on tech@
*	Replace all use of ERR_add_error_data with ERR_asprintf_error_data.	beck	2014-04-26	1	-1/+1
\| \| \| \| \| \| \| \|	This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
*	Change library to use intrinsic memory allocation functions instead of	beck	2014-04-17	6	-30/+30
\| \| \| \| \| \| \| \|	OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
*	we don't use these files for building	tedu	2014-04-15	1	-81/+0
\|
*	remove auto-generated dependencies from the old unused build system, so	deraadt	2014-04-14	1	-203/+0
\| \| \| \| \|	that it is easier to find code pieces. They are getting in the way. ok miod
*	This commit was generated by cvs2git to track changes on a CVS vendor	miod	2014-04-13	3	-5/+3
\|\ \| \| \| \|	branch.
\| *	Import OpenSSL 1.0.1g	miod	2014-04-13	3	-5/+3
\| \|
* \|	resolve conflicts	djm	2012-10-13	1	-4/+57
\| \|
* \|	This commit was generated by cvs2git to track changes on a CVS vendor	djm	2012-10-13	1	-2/+22
\|\ \ \| \| \| \| \| \|	branch.
\| * \|	import OpenSSL-1.0.1c	djm	2012-10-13	1	-2/+22
\| \| \|
* \| \|	This commit was generated by cvs2git to track changes on a CVS vendor	djm	2012-10-13	9	-23/+575
\|\ \ \ \| \| \|/ \| \|/\|	branch.
\| * \|	import OpenSSL-1.0.1c	djm	2012-10-13	10	-27/+632
\| \| \|
* \| \|	resolve conflicts, fix local changes	djm	2010-10-01	1	-18/+4
\| \| \|
* \| \|	This commit was generated by cvs2git to track changes on a CVS vendor	djm	2010-10-01	9	-172/+217
\|\\| \| \| \| \| \| \| \|	branch.
\| * \|	import OpenSSL-1.0.0a	djm	2010-10-01	10	-190/+221
\| \| \|
\| * \|	import of OpenSSL 0.9.8k	djm	2009-04-06	1	-2/+2
\| \| \|
* \| \|	This commit was generated by cvs2git to track changes on a CVS vendor	djm	2010-10-01	1	-2/+83
\|\ \ \ \| \| \|/ \| \|/\|	branch.
\| * \|	import OpenSSL-1.0.0a	djm	2010-10-01	1	-2/+83
\| \| \|
* \| \|	resolve conflicts	djm	2009-04-06	1	-2/+2
\| \| \|
* \| \|	resolve conflicts	djm	2009-01-09	1	-0/+3
\| \| \|
* \| \|	This commit was generated by cvs2git to track changes on a CVS vendor	djm	2009-01-09	1	-1/+1
\|\ \ \ \| \| \|/ \| \|/\|	branch.
\| * \|	import openssl-0.9.8j	djm	2009-01-09	2	-3/+8
\| \| \|
* \| \|	This commit was generated by cvs2git to track changes on a CVS vendor	djm	2009-01-09	1	-1/+1
\|\ \ \ \| \| \|/ \| \|/\|	branch.
\| * \|	import openssl-0.9.8j	djm	2009-01-09	1	-1/+1
\| \| \|
* \| \|	update to openssl-0.9.8i; tested by several, especially krw@	djm	2009-01-05	1	-2/+4
\| \| \|
* \| \|	This commit was generated by cvs2git to track changes on a CVS vendor	djm	2008-09-06	14	-0/+6082
\|\ \ \ \| \|/ / \|/\| / \| \|/	branch.
\| *	import of OpenSSL 0.9.8h	djm	2008-09-06	14	-0/+6082
\|