openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Files	Lines
2018-03-20	crypto.h HISTORY up to SSLeay 0.8.1b; researched from OpenSSL git	schwarze	4	-12/+35

2018-03-20	buffer.h HISTORY up to SSLeay 0.8.1b; researched from OpenSSL git	schwarze	1	-5/+7

2018-03-20	bn.h HISTORY up to SSLeay 0.8.1b; researched from OpenSSL git	schwarze	16	-65/+96

2018-03-20	bio.h HISTORY up to SSLeay 0.8.1b; researched from OpenSSL git	schwarze	17	-36/+151

2018-03-20	asn1.h HISTORY up to SSLeay 0.8.1b; researched from OpenSSL git	schwarze	9	-19/+105

2018-03-20	HISTORY; from CHANGES.SSLeay	schwarze	1	-2/+6

2018-03-20	Two HISTORY bits from the old CHANGES.SSLeay file, which goes up to	schwarze	2	-5/+9
	0.9.0b. Nothing else that can be used in there.
2018-03-20	In ssl.h rev. 1.154 2018/03/20 15:28:12, tb@ provided	schwarze	1	-9/+37
	SSL_SESSION_set1_id(3). Merge the documentation from OpenSSL, slightly tweaked by me.
2018-03-20	If X509_check_{host,email}() are called with a length of zero, use strlen()	jsing	1	-3/+7
	to determine the length. This is the documented behaviour and matches the OpenSSL implementation. Issue found by Michael Gmelin <freebsd at grem dot de>. ok tb@
2018-03-20	In x509_vfy.h rev. 1.27 2018/03/20 15:26:22, jsing@ provided	schwarze	1	-4/+18
	X509_STORE_get_ex_new_index(3). Document it.
2018-03-20	In i2d_SSL_SESSION(), on error call CBB_cleanup() with the correct CBB.	jsing	1	-2/+2
	Spotted by Coverity, although reported as a different issue.
2018-03-20	Avoid potentially calling strchr() on a NULL pointer in	jsing	1	-7/+6
	tls_config_set_ecdhecurve(). Spotted by Coverity.
2018-03-20	bump minors after symbol addition	tb	3	-3/+3

2018-03-20	Provide SSL_SESSION_set1_id()	tb	4	-3/+21
	ok jsing
2018-03-20	Provide X509_STORE_get_ex_new_index macro.	jsing	1	-1/+5

2018-03-19	Remove the now unnecessary tls_init() call.	jsing	1	-4/+1

2018-03-19	Remove the tls_init() call, since it is no longer necessary.	jsing	1	-3/+1
	ok bcook@ beck@ inoguchi@
2018-03-19	Automatically handle library initialisation for libtls.	jsing	6	-11/+28
	Now that we have tls_init() under pthread_once(), automatically initialise libtls from the entry point functions (tls_config(), tls_client() and tls_server()) - this makes an explicit tls_init() call no longer a requirement. ok bcook@ beck@ inoguchi@
2018-03-19	Add regress test ensuring autoinit stays pledge("stdio") safe.	beck	3	-1/+50

2018-03-19	correct funciton prototype	beck	1	-3/+3
	spotted by anton@
2018-03-19	I should not be calling ENGINE_load_builtin_engines_internal	beck	1	-4/+2
	here, just the normal version. ok jsing@
2018-03-19	Add a -q (for quick) mode to apptest.sh, and use it by default.	beck	2	-11/+35
	this means that running the regression test doesn't take forever because we run a huge dhparam test and openssl speed tests. ok inoguchi@
2018-03-19	Correct mistake of loading the default openssl.conf by default during autoinit.	beck	3	-13/+37
	This brings in the OPENSSL_INIT_LOAD_CONFIG flag with the same semantics as OpenSSL. As a result, by default the openssl.conf file is not loaded during autoinit, which makes autoinit safe for pledge(stdio). ok jsing@
2018-03-18	In ecdsa.h rev. 1.5 2018/03/17 15:24:44, tb@ provided	schwarze	1	-4/+39
	ECDSA_SIG_get0(3) and ECDSA_SIG_set0(3). Merge the documentation from OpenSSL.
2018-03-18	In rsa.h rev. 1.38 2018/03/17 15:12:56 and dsa.h rev. 1.30 2018/03/17	schwarze	10	-15/+400
	15:19:12, tb@ provided a subset of the DSA_meth_(3) and RSA_meth_(3) functions. Merge the relevant parts of the manual pages from OpenSSL, heavily tweaked by me, in particular for conciseness.
2018-03-18	In x509.h rev. 1.43 2018/03/17 14:55:39, jsing@ provided	schwarze	1	-5/+16
	X509_PUBKEY_get0(3). Merge the documentation from OpenSSL.
2018-03-18	In ocsp.h rev. 1.12 2018/03/17 14:44:34, jsing@ provided	schwarze	1	-4/+14
	OCSP_SINGLERESP_get0_id(3). OpenSSL fails to document it, so document it from scratch.
2018-03-18	In ssl.h rev. 1.149 2018/03/17 14:40:45, jsing@ provided	schwarze	1	-6/+79
	SSL_CIPHER_get_cipher_nid(3), SSL_CIPHER_get_digest_nid(3), SSL_CIPHER_get_kx_nid(3), SSL_CIPHER_get_auth_nid(3), and SSL_CIPHER_is_aead(3). Merge the documentation from OpenSSL.
2018-03-18	In x509.h rev. 1.42 2018/03/17 14:33:20, jsing@ provided	schwarze	1	-3/+14
	X509_REVOKED_dup(3). Document it.
2018-03-18	In ssl.h rev. 1.148 2018/03/17 14:26:13, jsing@ provided	schwarze	1	-4/+30
	SSL_SESSION_get0_id_context(3). Merge the documentation from OpenSSL, tweaked by me.
2018-03-18	Fix a typo: OPENSSL_INIT_LOAD_CONFIG doesn't have double underbars.	tb	1	-2/+2
	Found via port build failures reported by sthen. ok jsing
2018-03-17	Clean up now that autoconfiguration is available:	schwarze	1	-78/+55
	- deprecation notice - say more precisely what OPENSSL_config(3) does - kill the unfounded rumour that the library might inspect environment variables; in fact, only the openssl(1) program inspects $OPENSSL_CONF - garbage collect long, irrelevant ramblings about engines - garbage collect empty RETURN VALUES section - garbage collect CAVEATS section, duplicate information only
2018-03-17	In crypto.h rev. 1.43 and ssl.h rev. 1.153 2018/03/17 16:20:01, beck@	schwarze	6	-7/+148
	provided OPENSSL_init_crypto(3) and OPENSSL_init_ssl(3). Write the documentation from scratch because the text OpenSSL provides is full of bloat.
2018-03-17	In ssl.h rev. 1.152 2018/03/17 15:55:52, tb@ provided	schwarze	6	-9/+97
	SSL_SESSION_has_ticket(3) and SSL_SESSION_get_ticket_lifetime_hint(3). Merge the documentation from OpenSSL, tweaked by me.
2018-03-17	In x509_cmp.c rev. 1.30 2018/03/17 14:57:23, jsing@ adjusted	schwarze	1	-3/+14
	X509_get0_pubkey(3) to the same semantics as in OpenSSL. Merge the documentation.
2018-03-17	crank majors	tb	3	-6/+6
	req by deraadt
2018-03-17	Bump minors after symbol addition	tb	3	-3/+3

2018-03-17	Bring in compatibility for OpenSSL 1.1 style init functions.	beck	20	-38/+322
	This adds OPENSSL_init_crypto and OPENSSL_init_ssl, as well thread safety modifications for the existing LibreSSL init functions. The initialization routines are called automatically by the normal entry points into the library, as in newer OpenSSL ok jsing@, nits by tb@ and deraadt@
2018-03-17	Provide SSL_SESSION_get_ticket_lifetime_hint() and	tb	3	-2/+18
	SSL_SESSION_has_ticket() ok jsing
2018-03-17	Provide SSL_CTX_get_default_passwd_cb{,_userdata}()	tb	3	-2/+18
	ok jsing
2018-03-17	Provide X509_STORE_get0_param()	tb	3	-2/+10
	ok jsing
2018-03-17	Provide X509_OBJECT_get_type(). Instead of the X509_LOOKUP_TYPE enum	tb	3	-2/+10
	(which we don't have) it returns a plain int. ok jsing
2018-03-17	Provide X509_NAME_ENTRY_set()	tb	3	-2/+10
	ok jsing
2018-03-17	Provide ECDSA_SIG_{g,s}et0().	tb	3	-2/+40
	ok jsing
2018-03-17	Add DSA_meth_{dup,free,new,set_{finish,sign}}()	tb	4	-2/+93
	As in RSA_meth_*, note that these functions return NULL in out-of-memory situations, but they do not set an error explicitly. ok jsing
2018-03-17	Provide RSA_meth_{dup,free,new,set_{finish,priv_{dec,enc}}}()	tb	4	-3/+104
	Note that these functions return NULL in out-of-memory situations, but contrary to OpenSSL's versions they do not set an error. ok jsing
2018-03-17	Make BIO_meth_get_write() public. Omission spotted by schwarze.	tb	2	-1/+3
	ok jsing
2018-03-17	Fix X509_get0_pubkey() - X509_get_pubkey() is a misnamed "get1" function,	jsing	1	-2/+4
	so call X509_PUBKEY_get0() instead. Spotted by schwarze@ while documenting.
2018-03-17	Provide X509_PUBKEY_get0() by splitting X509_PUBKEY_get() and turning it	jsing	3	-7/+19
	into a wrapper that calls X509_PUBKEY_get0() and up refs.
2018-03-17	SSL_SESSION_get_protocol_version() takes a const SSL_SESSION *.	tb	2	-4/+4
	Noted by schwarze@ ok jsing@