openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	Add a comment that explains what the check is doing and why len >= 1.	tb	2018-08-14	1	-1/+2
\| \| \| \|	Prompted by a remark by jsing
*	The UI_add_{input,verify}_string() functions want a length not including	tb	2018-08-14	1	-5/+8
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	the terminating NUL. EVP_read_pw_string_min() got this wrong, leading to a one-byte buffer overrun in all callers of EVP_read_pw_string(). Found by mestre running 'openssl passwd' with MALLOC_OPTIONS including C. Fix this by doing some basic sanity checking in EVP_read_pw_string_min(). Cap the len argument at BUFSIZ and ensure that min < len as well as 0 <= min and 1 <= len. The last two checks are important as these numbers may end up in reallocarray(). ok bcook (on previous version), jsing, mestre
*	Send the function codes from the error functions to the bit bucket,	beck	2017-01-29	1	-3/+3
\| \| \| \| \| \|	as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
*	Correct spelling of OPENSSL_cleanse.	jsing	2015-09-10	1	-3/+3
\| \| \| \|	ok miod@
*	EVP_BytesToKey(): return through the error path (which cleans things up)	miod	2015-02-10	1	-3/+3
\| \| \| \|	if EVP_DigestInit_ex() fails.
*	Replace assert() and OPENSSL_assert() calls with proper error return paths.	miod	2015-02-10	1	-3/+12
\| \| \| \|	Careful review, feedback & ok doug@ jsing@
*	Correct error checks in EVP_read_pw_string_min(): UI_add_input_string()	guenther	2014-08-06	1	-3/+3
\| \| \| \| \| \| \| \|	and UI_add_verify_string() return -1 (and maybe -2?) on failure and >=0 on success, instead of always zero on success problem reported by Mark Patruck (mark (at) wrapped.cx) ok miod@
*	Check the return value of the UI functions (including UI_new() which return	miod	2014-07-23	1	-6/+11
\| \| \| \| \| \|	value is happily dereferenced without checking it for being non-NULL). ok beck@
*	Only import cryptlib.h in the four source files that actually need it.	jsing	2014-07-11	1	-4/+3
\| \| \| \| \| \| \| \|	Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
*	Kill a blatantly outdated (and now wrong) comment	miod	2014-07-10	1	-4/+1
\|
*	Stop including standard headers via cryptlib.h - pull in the headers that	jsing	2014-07-10	1	-1/+3
\| \| \| \| \| \|	are needed in the source files that actually require them. ok beck@ miod@
*	tags as requested by miod and tedu	deraadt	2014-06-12	1	-1/+1
\|
*	More KNF.	jsing	2014-05-11	1	-1/+1
\|
*	KNF.	jsing	2014-05-08	1	-73/+79
\|
*	Clean up dangerous strncpy use. This included a use where the resulting	beck	2014-04-16	1	-2/+1
\| \| \| \| \| \| \|	string was potentially not nul terminated and a place where malloc return was unchecked. while we're at it remove dummytest.c ok miod@
*	resolve conflicts	djm	2012-10-13	1	-9/+18
\|
*	resolve conflicts, fix local changes	djm	2010-10-01	1	-2/+7
\|
*	resolve conflicts	djm	2008-09-06	1	-1/+1
\|
*	resolve conflicts	djm	2006-06-27	1	-1/+2
\|
*	merge 0.9.7b with local changes; crank majors for libssl/libcrypto	markus	2003-05-12	1	-2/+4
\|
*	OpenSSL 0.9.7 stable 2002 05 08 merge	beck	2002-05-15	1	-13/+26
\|
*	merge openssl 0.9.6b-engine	beck	2001-08-01	1	-3/+3
\| \| \| \| \|	Note that this is a maintenence release, API's appear not to have changed. As such, I have only increased the minor number on these libraries
*	openssl-engine-0.9.6 merge	beck	2000-12-15	1	-1/+1
\|
*	OpenSSL 0.9.5 merge	beck	2000-03-19	1	-4/+7
\| \| \| \| \| \|	warning this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
*	OpenSSL 0.9.4 merge	beck	1999-09-29	1	-21/+10
\|
*	Import of SSLeay-0.9.0b with RSA and IDEA stubbed + OpenBSD build	ryker	1998-10-05	1	-0/+167
	functionality for shared libs. Note that routines such as sslv2_init and friends that use RSA will not work due to lack of RSA in this library. Needs documentation and help from ports for easy upgrade to full functionality where legally possible.