openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Age	Files	Lines
...
*	deprecate EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal()	bcook	2016-09-03	1	-3/+15
\| \| \| \| \| \| \| \| \| \|	This switches EVP_CipherFinal() to work as EVP_EncryptFinal() and EVP_DecryptFinal() do, always clearing the cipher context on completion. Indicate that, since it is not possible to tell whether this function will clear the context (the API has changed over time in OpenSSL), it is better to use the _ex() variants and explicitly clear instead. ok beck@
*	deprecate internal use of EVP_[Cipher\|Encrypt\|Decrypt]_Final.	beck	2016-05-30	1	-4/+6
\| \| \| \| \| \| \|	14 years ago these were changed in OpenSSL to be the same as the _ex functions. We use the _ex functions only internally to ensure it is obvious the ctx must be cleared. ok bcook@
*	fix for integer overflow in encode and encrypt update functions.	tedu	2016-05-04	1	-2/+2
\| \| \| \| \| \|	additionally, in EncodeUpdate, if the amount written would overflow, return 0 instead to prevent bugs in the caller. CVE-2016-2105 and CVE-2016-2106 from openssl.
*	revert the big change from yesterday to prepare for smaller commits.	tedu	2016-05-04	1	-2/+2
\|
*	patch from openssl for multiple issues:	tedu	2016-05-03	1	-2/+2
\| \| \| \| \| \| \|	missing padding check in aesni functions overflow in evp encode functions use of invalid negative asn.1 types ok beck
*	Correct spelling of OPENSSL_cleanse.	jsing	2015-09-10	1	-2/+2
\| \| \| \|	ok miod@
*	Replace assert() and OPENSSL_assert() calls with proper error return paths.	miod	2015-02-10	1	-14/+31
\| \| \| \|	Careful review, feedback & ok doug@ jsing@
*	Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes().	jsing	2014-10-22	1	-4/+3
\| \| \| \| \| \| \| \|	arc4random_buf() is guaranteed to always succeed - it is worth noting that a number of the replaced function calls were already missing return value checks. ok deraadt@
*	Only import cryptlib.h in the four source files that actually need it.	jsing	2014-07-11	1	-3/+4
\| \| \| \| \| \| \| \|	Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
*	Explicitly include <openssl/opensslconf.h> in every file that references	jsing	2014-07-10	1	-1/+3
\| \| \| \| \| \| \| \| \|	an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included. This also includes some miscellaneous sorting/tidying of headers.
*	Stop including standard headers via cryptlib.h - pull in the headers that	jsing	2014-07-10	1	-1/+3
\| \| \| \| \| \|	are needed in the source files that actually require them. ok beck@ miod@
*	remove unused, private version strings except SSL_version_str	bcook	2014-07-09	1	-3/+1
\| \| \| \| \| \|	Also remove unused des_ver.h, which exports some of these strings, but is not installed. ok miod@ tedu@
*	Simplify EVP_CIPHER_CTX_new() - stop pretending that EVP_CIPHER_CTX_init()	jsing	2014-06-15	1	-6/+2
\| \| \| \| \| \|	does something special... just use calloc() instead. ok beck@ miod@
*	tags as requested by miod and tedu	deraadt	2014-06-12	1	-1/+1
\|
*	no need for null check before free. from Brendan MacDonell	tedu	2014-05-30	1	-2/+1
\|
*	KNF.	jsing	2014-05-08	1	-339/+333
\|
*	Change library to use intrinsic memory allocation functions instead of	beck	2014-04-17	1	-5/+5
\| \| \| \| \| \| \| \|	OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
*	remove FIPS mode support. people who require FIPS can buy something that	tedu	2014-04-15	1	-21/+0
\| \| \| \| \|	meets their needs, but dumping it in here only penalizes the rest of us. ok beck deraadt
*	resolve conflicts	djm	2012-10-13	1	-9/+86
\|
*	openssl-1.0.0e: resolve conflicts	djm	2011-11-03	1	-0/+1
\|
*	resolve conflicts, fix local changes	djm	2010-10-01	1	-52/+215
\|
*	resolve conflicts	djm	2009-01-09	1	-191/+63
\|
*	update to openssl-0.9.8i; tested by several, especially krw@	djm	2009-01-05	1	-4/+9
\|
*	resolve conflicts	djm	2008-09-06	1	-78/+49
\|
*	resolve conflicts	djm	2005-04-29	1	-1/+60
\|
*	merge 0.9.7d	markus	2004-04-08	1	-1/+13
\|
*	merge 0.9.7b with local changes; crank majors for libssl/libcrypto	markus	2003-05-12	1	-8/+22
\|
*	Merge openssl-0.9.7-stable-SNAP-20020519	beck	2002-05-21	1	-16/+14
\|
*	OpenSSL 0.9.7 stable 2002 05 08 merge	beck	2002-05-15	1	-61/+229
\|
*	openssl-engine-0.9.6 merge	beck	2000-12-15	1	-39/+110
\|
*	OpenSSL 0.9.4 merge	beck	1999-09-29	1	-52/+19
\|
*	Import of SSLeay-0.9.0b with RSA and IDEA stubbed + OpenBSD build	ryker	1998-10-05	1	-0/+303
	functionality for shared libs. Note that routines such as sslv2_init and friends that use RSA will not work due to lack of RSA in this library. Needs documentation and help from ports for easy upgrade to full functionality where legally possible.