openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	X509_GET_PUBKEY(3) return value check in libcrypto	inoguchi	2022-01-22	1	-3/+4
\| \| \| \| \| \| \| \|	CID 25131 ok beck@ tb@ suggest using X509_REQ_get0_pubkey() and remove the EVP_PKEY_free() from tb@
*	Include evp_locl.h where it will be needed once most structs from	tb	2021-12-12	1	-1/+2
\| \| \| \| \| \|	evp.h will be moved to evp_locl.h in an upcoming bump. ok inoguchi
*	Some cleanup in X509_REQ_get_extensions(3), no functional change.	schwarze	2021-11-03	1	-10/+6
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	In this function, merge everything that is worth merging from the OpenSSL 1.1.1 branch, which is still under a free license, mostly the relevant part of commit 9b0a4531 Mar 14 23:48:47 2015 +0000 to use X509_ATTRIBUTE_get0_type(3) rather than re-implementing it. While here, * use d2i_X509_EXTENSIONS(3) rather than ASN1_item_d2i(3); * test pointers explicitly against NULL, not with '!', as suggested by tb@; * drop some useless parentheses as suggested by tb@. OK tb@
*	Fix two bugs in X509_REQ_add_extensions_nid(3)	schwarze	2021-11-03	1	-32/+13
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	that i noticed while documneting the function: * missing return value check for ASN1_item_i2d(3) and * missing return value check for OBJ_nid2obj(3). In the function X509_REQ_add_extensions_nid(3), merge everything that is worth merging from the OpenSSL 1.1.1 branch, which is still under a free license; that's mostly parts of the commit 9b0a4531 Mar 14 23:48:47 2015 +0000 (containing the bugfix, even though the OpenSSL commit message did not mention the bugs) and some minor stylistic changes from 0f113f3e and 26a7d938. While here, use i2d_X509_EXTENSIONS(3) instead of the layer-violating call to ASN1_item_i2d(3), and include a few stylistic tweaks from tb@. OK tb@, and jsing@ agreed on the general direction.
*	Move the now internal X.509-related structs into x509_lcl.h.	tb	2021-11-01	1	-1/+3
\| \| \| \| \| \| \| \|	Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and fix a couple of unnecessary reacharounds. ok jsing
*	Prepare to provide X509_re_X509*_tbs()	tb	2021-10-23	1	-1/+8
\| \| \| \|	ok beck jsing
*	Prepare to provide X509_REQ_pubkey_get0()	tb	2021-10-22	1	-1/+9
\| \| \| \|	ok jsing
*	Add a const qualifier to the ASN1_OBJECT * argument of the following:	tb	2018-05-13	1	-2/+3
\| \| \| \| \| \| \| \|	EVP_PKEY_get_attr_by_OBJ(3), X509at_get_attr_by_OBJ(3), X509at_get0_data_by_OBJ(3), X509_REQ_get_attr_by_OBJ(3) tested in a bulk by sthen ok beck (as part of a larger diff)
*	Send the function codes from the error functions to the bit bucket,	beck	2017-01-29	1	-12/+7
\| \| \| \| \| \|	as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
*	Expand ASN1_ITEM_rptr macros - no change in generated assembly.	jsing	2016-12-30	1	-3/+3
\|
*	Replace M_ASN1_INTEGER_(new\|free) with ASN1_INTEGER_(new\|free) - this is	jsing	2015-09-30	1	-2/+2
\| \| \| \| \| \| \|	different from the macro expansion, but the result is the same. Also replace some ASN1_STRING_dup() with ASN1_INTEGER_dup(). ok beck@ doug@
*	Avoid a NULL pointer deref when X509_get_pubkey() returns NULL.	doug	2015-03-15	1	-2/+4
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	A NULL pointer could be dereferenced when X509_REQ_set_pubkey() calls X509_PUBKEY_set() with pktmp. OpenSSL says it's the fix for CVE-2015-0288, but there aren't any public details yet to confirm. Either way, we should fix this. Based on OpenSSL commit 28a00bcd8e318da18031b2ac8778c64147cd54f9 and BoringSSL commit 9d102ddbc0f6ed835ed12272a3d8a627d6a8e728. "looks sane" beck@ ok miod@, bcook@
*	Someone (TM) thought it was smart to save memory by using malloc(1) and	miod	2014-09-28	1	-5/+4
\| \| \| \| \| \| \| \| \| \| \| \| \|	manual field fiddling to create an ASN1_INTEGER object, instead of using M_ASN1_INTEGER_new() which will allocate sizeof(long) bytes. That person had probably never looked into malloc(3) and never heard of allocation size rounding. Thus, replace the obfuscated code with M_ASN1_INTEGER_new() followed by ASN1_INTEGER_set(), to achieve a similar result, without the need for /* version == 0 */ comments. ok bcook@
*	Only import cryptlib.h in the four source files that actually need it.	jsing	2014-07-11	1	-6/+6
\| \| \| \| \| \| \| \|	Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
*	Explicitly include <openssl/opensslconf.h> in every file that references	jsing	2014-07-10	1	-1/+4
\| \| \| \| \| \| \| \| \|	an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included. This also includes some miscellaneous sorting/tidying of headers.
*	tags as requested by miod and tedu	deraadt	2014-06-12	1	-1/+1
\|
*	malloc() result does not need a cast.	deraadt	2014-06-07	1	-1/+1
\| \| \| \|	ok miod
*	KNF.	jsing	2014-04-20	1	-88/+122
\|
*	blunt force knf	tedu	2014-04-18	1	-28/+21
\|
*	Change library to use intrinsic memory allocation functions instead of	beck	2014-04-17	1	-1/+1
\| \| \| \| \| \| \| \|	OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
*	resolve conflicts, fix local changes	djm	2010-10-01	1	-16/+8
\|
*	resolve conflicts	djm	2008-09-06	1	-2/+47
\|
*	resolve conflicts	djm	2005-04-29	1	-17/+18
\|
*	OpenSSL 0.9.7 stable 2002 05 08 merge	beck	2002-05-15	1	-8/+8
\|
*	openssl-engine-0.9.6 merge	beck	2000-12-15	1	-3/+3
\|
*	OpenSSL 0.9.5 merge	beck	2000-03-19	1	-1/+164
\| \| \| \| \| \|	warning this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
*	OpenSSL 0.9.4 merge	beck	1999-09-29	1	-14/+13
\|
*	Import of SSLeay-0.9.0b with RSA and IDEA stubbed + OpenBSD build	ryker	1998-10-05	1	-0/+116
	functionality for shared libs. Note that routines such as sslv2_init and friends that use RSA will not work due to lack of RSA in this library. Needs documentation and help from ports for easy upgrade to full functionality where legally possible.