openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	Remove mkerr.pl remnants from LibreSSL	kn	2022-07-12	1	-5/+1
\| \| \| \| \| \| \|	This script is not used at all and files are edited by hand instead. Thus remove misleading comments incl. the obsolete script/config. Feedback OK jsing tb
*	Expose new API in headers.	tb	2022-07-07	1	-3/+1
\| \| \| \| \| \| \|	These are mostly security-level related, but there are also ASN1_TIME and ASN_INTEGER functions here, as well as some missing accessors. ok jsing
*	Prepare to provide DH_security_bits()	tb	2022-06-27	1	-1/+4
\| \| \| \|	ok beck jsing
*	Make structs in dh.h opaque	tb	2022-01-14	1	-50/+1
\| \| \| \| \| \|	This moves the struct internals for DH and DH_METHOD to dh_local.h. ok inoguchi jsing
*	Unifdef LIBRESSL_OPAQUE_* and LIBRESSL_NEXT_API	tb	2022-01-14	1	-5/+1
\| \| \| \| \|	This marks the start of major surgery in libcrypto. Do not attempt to build the tree for a while (~50 commits).
*	Provide DH_check*_ex and many error codes	tb	2022-01-10	1	-1/+12
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	DH_check{,_pub_key}_ex() wrap their non-ex versions to translate the flags argument of the original functions into OpenSSL errors. For this almost a dozen new error codes need to be added. DH_params_check{,_ex}() is a new version of DH_check that only performs a cheap subset of the checks. They are needed to implement EVP_PKEY_{public,param}_check() (observe the consistent naming) although the actual implementation of EVP_PKEY_param_check() chose to use DH_check_ex(). As far as I can tell, the only raison d'être of the _ex functions and error codes is to spew them to stderr in a couple of openssl(1) commands. This couldn't have been solved differently... These functions will not be exposed publicly. ok inoguchi jsing
*	zap trailing whitespace	tb	2022-01-07	1	-9/+9
\|
*	Prepare to provide DH_get_length()	tb	2022-01-05	1	-1/+4
\| \| \| \| \| \|	Will be needed by openssl(1) dhparam. ok inoguchi jsing
*	Prepare to provide DH_get0_{p,q,g,{priv,pub}_key}()	tb	2022-01-05	1	-1/+8
\| \| \| \| \| \| \| \| \| \| \|	These are accessors that allow getting one specific DH member. They are less error prone than the current getters DH_get0_{pqg,key}(). They are used by many ports and will also be used in base for this reason. Who can remember whether the pub_key or the priv_key goes first in DH_get0_key()? ok inoguchi jsing
*	Provide a number of flags for DH_check and DH_check_pubkey	tb	2021-11-29	1	-1/+5
\| \| \| \| \| \|	that will be used in subsequent commits. ok inoguchi jsing
*	Provide DH_get0_engine().	jsing	2018-02-22	1	-1/+2
\|
*	Provide DH_set_length()	tb	2018-02-20	1	-1/+2
\| \| \| \|	ok jsing
*	Provide DH_bits()	tb	2018-02-20	1	-1/+2
\| \| \| \|	ok jsing
*	Provide DH_{clear,set,test}_flags().	tb	2018-02-20	1	-1/+4
\| \| \| \|	ok jsing
*	Provide {DH,DSA}_set0_key(). Requested by sthen.	tb	2018-02-18	1	-1/+2
\| \| \| \|	ok jsing
*	Provide DH_set0_pqg.	tb	2018-02-18	1	-1/+2
\| \| \| \|	ok jsing
*	Provide further parts of the OpenSSL 1.1 API: {DH,DSA}_get0_{key,pqg}(),	tb	2018-02-17	1	-1/+5
\| \| \| \| \| \|	EVP_PKEY_get0_{DH,DSA,RSA}(), RSA_{g,s}et0_key(). ok jsing
*	Kill a bunch of OLD_ASN1 usage by replacing ASN1_{d2i,i2d}_* with	jsing	2016-11-04	1	-7/+5
\| \| \| \| \| \|	ASN1_item_{d2i,i2d}_* equivalents. ok guenther@ miod@
*	Remove flags for disabling constant-time operations.	bcook	2016-06-30	1	-8/+1
\| \| \| \| \| \| \| \|	This removes support for DSA_FLAG_NO_EXP_CONSTTIME, DH_FLAG_NO_EXP_CONSTTIME, and RSA_FLAG_NO_CONSTTIME flags, making all of these operations unconditionally constant-time. Based on the original patch by César Pereid. ok beck@
*	tags as requested by miod and tedu	deraadt	2014-06-12	1	-1/+1
\|
*	Everything sane has stdio, and FILE *. we don't need ifdefs for this.	beck	2014-05-29	1	-2/+0
\| \| \| \|	ok to firebomb from tedu@
*	Almost nothing actually needs to include <openssl/e_os2.h>, however by	jsing	2014-05-24	1	-1/+1
\| \| \| \| \| \| \|	including it they get <openssl/opensslconf.h>. So instead of pulling in <openssl/e_os2.h>, just pull in <openssl/opensslconf.h>. "go ahead" miod@
*	resolve conflicts	djm	2012-10-13	1	-0/+20
\|
*	resolve conflicts, fix local changes	djm	2010-10-01	1	-13/+28
\|
*	resolve conflicts	djm	2009-04-06	1	-3/+1
\|
*	resolve conflicts	djm	2009-01-09	1	-0/+11
\|
*	resolve conflicts	djm	2008-09-06	1	-21/+34
\|
*	openssl security fixes, diff from markus@, ok & "commit it" djm@	pvalchev	2006-10-04	1	-0/+3
\| \| \| \|	http://www.openssl.org/news/secadv_20060928.txt for more
*	resolve conflicts	djm	2006-06-27	1	-1/+8
\|
*	backport checks for degenerate Diffie-Hellman public exponents from	djm	2006-05-04	1	-0/+6
\| \| \| \| \|	OpenSSL-0.9.8a, where they were added without a corresponding patch to 0.9.7 or an advisory! ok theo@ markus@
*	OpenSSL 0.9.7 stable 2002 05 08 merge	beck	2002-05-15	1	-33/+27
\|
*	openssl-engine-0.9.6 merge	beck	2000-12-15	1	-7/+19
\|
*	OpenSSL 0.9.5 merge	beck	2000-03-19	1	-4/+47
\| \| \| \| \| \|	warning this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
*	OpenSSL 0.9.4 merge	beck	1999-09-29	1	-24/+20
\|
*	Import of SSLeay-0.9.0b with RSA and IDEA stubbed + OpenBSD build	ryker	1998-10-05	1	-0/+162
	functionality for shared libs. Note that routines such as sslv2_init and friends that use RSA will not work due to lack of RSA in this library. Needs documentation and help from ports for easy upgrade to full functionality where legally possible.