summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Add ASN1_TIME_set_to to exported symbolsbeck2017-05-061-0/+4
| | | | ok jsing@
* Add ASN1_TIME_set_tm to set an asn1 from a struct tm *beck2017-05-063-5/+44
| | | | ok jsing@
* the XXXfree functions being called accept NULL, so don't check first.deraadt2017-05-023-26/+14
| | | | ok beck
* use freezero() instead of memset/explicit_bzero + free. Substantiallyderaadt2017-05-0237-234/+107
| | | | | | | | | | reduces conditional logic (-218, +82). MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c wasn'tt quite right. Two other tricky bits with ASN1_STRING_FLAG_NDEF and BN_FLG_STATIC_DATA where the condition cannot be collapsed completely. Passes regress. ok beck
* No original OpenSSL code remains in this file. Relicensebeck2017-04-301-54/+13
|
* Make BIO_get_host_ip just yet another getaddrinfo wrapperbeck2017-04-301-27/+20
|
* Rework BIO_accept to be more like modern code.beck2017-04-301-54/+19
| | | | ok jsing@
* Only enable -Werror on libcrypto/libssl/libtls if we are building withjsing2017-04-301-3/+6
| | | | | | | gcc4. This should avoid failed builds while transitioning compilers. While here also make the CFLAGS blocks consistent across makefiles. Discussed with deraadt@, ok beck@
* Microsoft Windows hates BIO_get_accept_socket in portable. Fix it tobeck2017-04-301-115/+35
| | | | | | not be awful or have any claims on supporting ipv6 when it does so very badly ok jsing@
* Stop calling OPENSSL_init() internally, since it is a no-op. Also placejsing2017-04-293-9/+4
| | | | | | it under #ifndef LIBRESSL_INTERNAL. ok beck@
* Switch Linux getrandom() usage to non-blocking mode, continuing tobeck2017-04-291-6/+9
| | | | | | | | | | use fallback mechanims if unsuccessful. The design of Linux getrandom is broken. It has an uninitialized phase coupled with blocking behaviour, which is unacceptable from within a library at boot time without possible recovery. ok deraadt@ jsing@
* Revert previous change that forced consistency between return value andbeck2017-04-281-10/+2
| | | | | | | error code, since this breaks the documented API. Under certain circumstances this will result in incorrect successful certiticate verification (where a user supplied callback always returns 1, and later code checks the error code to potentially abort post verification)
* revert previous accidental commitbeck2017-04-285-25/+46
|
* *** empty log message ***beck2017-04-285-46/+25
|
* new X25519(3) manual page;schwarze2017-04-105-10/+113
| | | | from Dr. Stephen Henson <steve@openssl.org>, OpenSSL commit d218f3c3
* document three additional functions;schwarze2017-04-101-7/+60
| | | | from Emilia Kasper <emilia at openssl dot org>, OpenSSL commit 4ac139b4
* Simplify/clean up BUF_MEM_grow_clean().jsing2017-04-091-17/+16
| | | | ok beck@
* With recallocarray() BUF_MEM_grow() is essentially the same asjsing2017-04-091-28/+2
| | | | | | | BUF_MEM_grow_clean() (the only difference is clearing on internal down sizing), so make it a wrapper. ok beck@ deraadt@
* Explicitly test for NULL.jsing2017-04-091-4/+4
| | | | ok beck@
* trailing ; on end of macro definition is wrong; ok guentherderaadt2017-04-061-4/+4
|
* bump version for new development branchbcook2017-04-061-3/+3
|
* Fix silly code that printfs NULL when there are no fractional secondsbeck2017-04-031-2/+2
| | | | | | on a GENREALIZEDTIME (which there should really never be for anything remotely standards compliant) ok jsing@
* reinstate the capitalisation from previous, as advised by schwarze;jmc2017-03-271-3/+3
|
* tweak previous;jmc2017-03-263-9/+9
|
* merge new UI documentation from OpenSSLschwarze2017-03-265-13/+651
|
* document X509_Digest(3) and friends;schwarze2017-03-252-1/+135
| | | | from Rich Salz <rsalz@openssl.org>, OpenSSL commit 3e5d9da5 etc.
* document the public function X509_cmp_time(3);schwarze2017-03-252-1/+88
| | | | | from Emilia Kasper <emilia@openssl.org>, OpenSSL commit 80770da3, tweaked by me
* correct RETURN VALUES;schwarze2017-03-251-7/+13
| | | | from Richard Levitte <levitte@openssl.org>, OpenSSL commit cdd6c8c5
* fix two more prototypes;schwarze2017-03-251-5/+5
| | | | from Matt Caswell <matt@openssl.org>, OpenSSL commit b41f6b64
* correct prototypes;schwarze2017-03-251-5/+5
| | | | from Matt Caswell <matt@openssl.org>, OpenSSL commit b41f6b64
* complete description of RETURN VALUES;schwarze2017-03-251-6/+8
| | | | from Alexander Koeppe via OpenSSL commit bb6c5e7f
* minimal stub-quality documentation of EVP_MD_CTX_ctrl(3);schwarze2017-03-251-3/+17
| | | | from Todd Short <tshort@akamai.com> via OpenSSL commit 52ad5b60
* OpenSSL documented the public function BIO_printf(3) (and friends)schwarze2017-03-253-3/+91
| | | | | in commit 2ca2e917. Document it here, too, but do not use their text. Be more concise and more precise at the same time.
* document ASN1_tag2str(3); from OpenSSL commit 9e183d22schwarze2017-03-251-4/+14
|
* Convert BUF_MEM_grow() and BUF_MEM_grow_clean() to recallocarray(),jsing2017-03-161-13/+3
| | | | | | | | | | ensuring that the buffer contents are zeroed on allocation and not leaked when resizing. It is worth noting that BUF_MEM_grow_clean() already did this manually by avoiding realloc(). ok beck@ inoguchi@
* Use calloc() instead of malloc() followed by manually zeroing fields.jsing2017-03-161-6/+3
| | | | ok beck@ inoguchi@
* Ensure MD and key initialized before processing HMACinoguchi2017-03-031-4/+18
| | | | | | | | Ensure both MD and key have been initialized before processing HMAC. Releasing HMAC_CTX in error path of HMAC(). In regress test, added test 4,5,6 and cleaned up the code. ok jsing@
* Include EVP_md5_sha1() via OpenSSL_add_all_digests().jsing2017-03-011-1/+2
|
* Bump minors due to symbol addition.jsing2017-02-281-1/+1
|
* Document EVP_md5_sha1().jsing2017-02-281-2/+11
|
* Add an EVP interface that provides concatenated MD5+SHA1 hashes, which arejsing2017-02-284-2/+88
| | | | | | | | | | used in various parts of TLS 1.0/1.1. This will allow for code simplification in libssl. The same interface exists in OpenSSL 1.1. ok beck@ deraadt@ inoguchi@ millert@
* Fix typo in issuingDistributionPoint description.jsing2017-02-281-1/+1
|
* Add the following root CAs, from SECOM Trust Systems / Security Communicationsthen2017-02-241-1/+126
| | | | | | | | of Japan, they are present in Mozilla's CA store. OK ajacoutot@ /C=JP/O=SECOM Trust Systems CO.,LTD./OU=Security Communication EV RootCA1 /C=JP/O=SECOM Trust Systems CO.,LTD./OU=Security Communication RootCA2 /C=JP/O=SECOM Trust.net/OU=Security Communication RootCA1
* don;t end Nd with a full stop;jmc2017-02-211-3/+3
|
* Mark ERR_add_error_data and ERR_add_error_vdata as not for internal use,beck2017-02-205-14/+81
| | | | | and document ERR_asprintf_error_data as their replacement. ok jsing@, ingo@
* bump to 2.5.2bcook2017-02-141-3/+3
|
* DES keys are not 7 days long. ok jsing@dtucker2017-02-092-5/+5
|
* Revert previous; the implementation is incorrect since it assumes that thejsing2017-02-072-20/+7
| | | | | provided error code matches the error that is currently on the top of the error stack.
* Add file and line to the LibreSSL error strings sine we are no longer inbeck2017-02-072-7/+20
| | | | | | | 1989, VMS, or MS/DOS and we all run Brobdingnagian C compilers that have can now be counted on to achieve this level of sophistication nearly everywhere. ok jsing@
* Kill leak introduced with refactorbeck2017-02-051-3/+6
| | | | ok jsing@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 07:26:53 +0000