summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/crypto (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Tighten behavior of _rs_allocate failure for portable arc4random ↵bcook2016-06-307-7/+14
| | | | | | | | | | implementations. In the event of a failure in _rs_allocate for rsx, we still have a reference to freed memory for rs on return. Not a huge deal since we subsequently abort in _rs_init, but it looks strange on its own. ok deraadt@
* Tighten behavior of _rs_allocate on Windows.bcook2016-06-301-4/+7
| | | | | | | | | | | | For Windows, we are simply using calloc, which has two annoyances: the memory has more permissions than needed by default, and it comes from the process heap, which looks like a memory leak since this memory is rightfully never freed. This switches _rs_alloc on Windows to use VirtualAlloc, which restricts the memory to READ|WRITE and keeps the memory out of the process heap. ok deraadt@
* remove hppa64 port, which we never got going beyond broken single users.deraadt2016-05-111-157/+0
| | | | | | hppa reverse-stack gives us a valuable test case, but most developers don't have a 2nd one to proceed further with this. ok kettenis
* Crank majors for lib{crypto,ssl,tls} due to symbol removals, symboljsing2016-04-281-1/+1
| | | | additions and functionality changes.
* fix typo in comment; ok becktj2016-04-191-2/+2
|
* Calling clone(2) with CLONE_NEWPID yields multiple processes with pid=1.bcook2016-01-041-2/+3
| | | | | | | | | | | | | Work around this particular case by reseeding whenever pid=1, but as guenther@ notes, directly calling clone(2), and then forking to match another pid, provides other ways to bypass new process detection on Linux. Hopefully at some point Linux implements something like MAP_INHERIT_ZERO, and does not invent a corresponding mechanism to subvert it. Noted by Sebastian Krahmer and the opmsg team. See http://stealth.openwall.net/crypto/randup.c for a test program. ok beck@
* bump the major for libcrypto/ssl/tls for a CRYPTO_chacha_20 ABI changebcook2015-12-091-2/+2
| | | | ok jsing@, deraadt@, beck@
* bump minors after adding EVP_aead_chacha20_poly1305_ietf()reyk2015-11-021-1/+1
| | | | OK jsing@
* Stop supporing "legcay" time formats that OpenSSL supports. Rewrite thebeck2015-10-191-2/+2
| | | | | | utctime and gentime wrappers accordingly. Along with some other cleanup. this also removes the need for timegm. ok bcook@ sthen@ jsing@
* Flense the greasy black guts of unreadble string parsing code out of three areasbeck2015-10-021-1/+2
| | | | | | | | | in asn1 and x509 code, all dealing with an ASN1_TIME. This brings the parsing together in one function that converts into a struct tm. While we are at it this also brings us into conformance with RFC 5280 for times allowed in an X509 cert, as OpenSSL is very liberal with what it allows. input and fixes from deraadt@ jsing@ guethther@ and others. ok krw@, guenther@, jsing@
* Temporarily revive MD4 for MS CHAP support.doug2015-09-141-2/+7
|
* Crank major version due to removal of SHA-0 and MD4 from libcrypto.doug2015-09-131-2/+2
|
* Remove MD4 support from LibreSSL.doug2015-09-131-7/+2
| | | | | | | | MD4 should have been removed a long time ago. Also, RFC 6150 moved it to historic in 2011. Rides the major crank from removing SHA-0. Discussed with many including beck@, millert@, djm@, sthen@ ok jsing@, input + ok bcook@
* Remove SHA-0 support.doug2015-09-131-3/+3
| | | | | | | SHA-0 was withdrawn shortly after publication 20 years ago and replaced with SHA-1. This will require a major crank. ok bcook@, jsing@
* Merge ech_ossl.c into ech_key.c - not much point having one file with ajsing2015-09-131-2/+2
| | | | | | four line function and a tonne of license text. ok beck@
* Nuke openssl/e_os2.h, since nothing should be using it.jsing2015-09-131-2/+1
| | | | ok deraadt@ "hurray! finally!" miod@ "Yay!" sthen@
* Add a new interface, OPENSSL_cpu_caps(), to return the currently runningmiod2015-09-131-1/+1
| | | | | | | | | | | | | cpu's specific hardware capabilities users of libcrypto might be interested in, as an integer value. This deprecates the existing OPENSSL_ia32cap() macro and the OPENSSL_ia32cap_loc() function (which returns the pointer so that you can mess with stuff you shouldn't mess with). Interpreting the value returned by OPENSSL_cpu_caps() is, of course, machine-dependent. Minor version bump for libcrypto. ok beck@ jsing@
* Pass "openbsd" instead of "openbsd-elf" as the "flavour" to the perl assemblermiod2015-09-111-2/+2
| | | | | machinery. OpenBSD has never been not ELF on amd64, and changing this will actually make -portable life slightly easier in the near future.
* unify files furtherderaadt2015-09-1110-61/+61
|
* unify versions, so they are easier to diff.deraadt2015-08-254-9/+9
|
* KNFderaadt2015-08-251-6/+4
|
* Remove OpenSSL engine RSAX.doug2015-07-192-3/+2
| | | | | | | | | OpenSSL stopped building it last year and removed it this year. Based on OpenSSL commit c436e05bdc7f49985a750df64122c960240b3ae1. Also cranked major version in libcrypto, libssl and libtls. "fine with me" bcook@ miod@
* Fix pointer to unsigned long conversion.doug2015-06-271-2/+2
| | | | | | | bcook@ notes that this check really only impacted 64-bit Windows. Also, changed the check to be unsigned for consistency. ok bcook@
* Crank major for libcrypto, ssl and tls due to MDC-2DES removal.doug2015-06-201-1/+1
| | | | ok miod@ jsing@
* Remove obsolete MDC-2DES from libcrypto.doug2015-06-201-7/+2
| | | | ok deraadt@ jsing@ miod@
* Disable ENGINE_load_dynamic (dynamic engine support).bcook2015-06-1913-13/+0
| | | | | | | We do not build, test or ship any dynamic engines, so we can remove the dynamic engine loader as well. This leaves a stub initialization function in its place. ok beck@, reyk@, miod@
* Remove unneeded sys/sysctl.h on linux.bcook2015-06-131-2/+1
| | | | This only provides the sysctl wrapper in glibc, which we do not use and is not available in other libc implementations for Linux. Thanks to ncopa from github.
* Record inter-library dependencies between libcrypto, libssl and libtlskettenis2015-05-171-0/+1
|
* Not all Linux libc's include linux/sysctl.h in sys/sysctl.h.bcook2015-04-271-2/+3
| | | | Include it if we have the sysctl syscall.
* Support AIX versions without WPAR support.bcook2015-04-271-1/+5
| | | | From Michael Felt.
* Send OPENSSL_issetugid() straight to hell, no final cigarette.deraadt2015-04-112-3/+3
| | | | | | | | | | | | | | | | | | | The issetugid() API is supposed to make a strong promise where "0 means it is safe to look at the environment". Way back in the past someone on the OpenSSL team responded to the environment access danger by creating a wrapper called OPENSSL_issetugid, and went to use it a number of places. However, by default on systems lacking true issetugid(), OPENSSL_issetugid returns 0. 0 indicating safely. False safety. Which means OPENSSL_issetugid() fails to make any sort of promise about safety, in fact it is just the opposite. Can you believe the OpenSSL team? This nastiness was noticed over the years, however noone could gain traction and get it fixed in OpenSSL. Also see a paragraph about this in http://www.tedunangst.com/flak/post/worst-common-denominator-programming ok jsing
* add initial AIX getentropy/arc4random files. Thanks to Michael Felt.bcook2015-03-302-0/+501
|
* sys/sysctl.h includes linux/sysctl.h, remove the extra unchecked includebcook2015-03-221-2/+1
|
* In the neverending saga of enabling and disabling assembler code for shamiod2015-03-181-5/+1
| | | | | | | | | | | routines on hppa, the cause for sha512-parisc subtly misbehaving has been found: despite having fallback pa1.1 code when running on a 32-bit cpu, the shift constants used in the sigma computations in sha512 are >= 32 and are silently truncated to 5 bits by the assembler, so there is no chance of getting this code to work on a non-pa2.0 processor. However, the pa1.1 fallback code for sha256 is safe, as it never attempts to shift by more than 31, so reenable it again.
* Do not use sha512-parisc for now, as it is subtly bugged - passes the shamiod2015-03-051-1/+3
| | | | | | | | | | | regress tests but causes tls ciphersuite using sha386 to fail; found the hard way by henning@. I can't see anything wrong in the generated assembly code yet, but building a libcrypto with no assembler code but sha512_block_data_order() is enough to trigger Henning's issue, so the bug lies there. No ABI change; ok deraadt@
* Bump libcrypto and libssl majors, due to various recent churn.jsing2015-02-221-1/+1
| | | | Discussed with/requested by deraadt@ at the conclusion of s2k15.
* unifdef OPENSSL_NO_RFC3779 - this is currently disabled and unlikely tojsing2015-02-101-2/+1
| | | | | | be enabled, mostly since people use SANs instead. ok beck@ guenther@
* Remove RC5 code - this is not currently enabled and is not likely to everjsing2015-02-101-8/+2
| | | | | | | | be enabled. Removes one symbol from libcrypto, however there is no ABI change. ok beck@ miod@ tedu@
* Remove crypto/store - part of which is "currently highly experimental".jsing2015-02-101-6/+1
| | | | | | | This code is not compiled in and OPENSSL_NO_STORE is already defined in opensslfeatures.h. No symbol removal for libcrypto. ok beck@
* Crank major for libcrypto since symbols have been removed.jsing2015-02-071-2/+2
| | | | Requested by deraadt@
* Combine c_allc.c and c_alld.c into c_all.c - there is not much point havingjsing2015-02-071-2/+2
| | | | | | | this split across files, especially when two of them have less code than license text. ok bcook@ beck@ doug@ miod@
* Add X509_STORE_load_mem() to load certificates from a memory bufferreyk2015-01-222-3/+3
| | | | | | | | | | | instead of disk. OpenSSL didn't provide a built-in API from loading certificates in a chroot'ed process that doesn't have direct access to the files. X509_STORE_load_mem() provides a new backend that will be used by libssl and libtls to implement such privsep-friendly functionality. Adopted for LibreSSL based on older code from relayd (by pyr@ and myself) With feedback and OK bluhm@
* Add arc4random/getentropy shims for NetBSD.bcook2015-01-192-0/+150
| | | | | | | | | | The latest NetBSD (6.1.5) arc4random does not appear to reseed the CRNG state after a fork, so provide an override until the fork-safe version in CVS appears in a release. These are the same as the FreeBSD shims. ok deraadt@
* back in september I did the large abstraction refactoring to allow thesederaadt2015-01-156-6/+12
| | | | other systems to fit into the same mold, so add copyright
* mix in more virtual memory and process informationbcook2015-01-071-2/+4
|
* add initial HP-UX getentropy/arc4random support.bcook2015-01-062-0/+496
| | | | | | patch from Kinichiro Inoguchi, tested on HP-UX 11.31 ok deraadt@
* Revert to the use of C code for the basic BN routines (bn_add_words,miod2014-12-071-2/+7
| | | | | bn_div_words, bn_mul_add_words, bn_mul_words, bn_sqr_words, bn_sub_words) on sgi, because the generated assembly code isn't R4000-safe.
* Move Windows OS-specific functions to make porting easier.bcook2014-12-031-5/+5
| | | | | | | | | Several functions that need to be redefined for a Windows port are right in the middle of other code that is relatively portable. This patch isolates the functions that need Windows-specific implementations so they can be built conditionally in the portable tree. ok jsing@ deraadt@
* mop up a barely started project... getting in the way of grepping the tree!deraadt2014-11-221-4/+0
|
* Oops, make sure camellia is compiled on platforms without an arch-specificmiod2014-11-201-1/+2
| | | | Makefile.inc (i.e. landisk and m88k)
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 14:46:47 +0000