summaryrefslogtreecommitdiff
path: root/src/lib/libssl/d1_enc.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Remove dtls1_enc().jsing2020-03-131-212/+0
| | | | | | | | | | | | | Like much of the original DTLS code, dtls1_enc() is effectively a renamed copy of tls1_enc(). Since then tls1_enc() has been modified, however the non-AEAD code remains largely the same. As such, remove dtls1_enc() and instead call tls1_enc() from the DTLS code. The tls1_enc() AEAD code does not currently work correctly with DTLS, however this is a non-issue since we do not support AEAD cipher suites with DTLS currently. ok tb@
* Use internal versions of SSL3_BUFFER, SSL3_RECORD and DTLS1_RECORD_DATA.jsing2020-03-121-2/+2
| | | | | | | | | SSL3_BUFFER, SSL3_RECORD and DTLS1_RECORD_DATA are currently still in public headers, even though their usage is internal. This moves to using _INTERNAL suffixed versions that are in internal headers, which then allows us to change them without any potential public API fallout. ok inoguchi@ tb@
* move back read_hash and enc_read_ctx into ssl_st. wpa_supplicant andbeck2017-01-231-6/+6
| | | | other perversions touches them sickly and unnaturally.
* Move a large part of ssl_st into internal, so we can see what squeals.beck2017-01-231-11/+11
| | | | ok jsing@
* Move most of the SSL3_STATE fields to internal - the ones that remain arejsing2017-01-221-3/+3
| | | | | | known to be used by ports. ok beck@
* Make sure stdio functions don't end up in the library, from miod@beck2016-03-061-3/+5
| | | | ok doug@ bcook@
* Remove workaround for TLS padding bug from SSLeay days.doug2015-07-171-5/+1
| | | | | | | | | OpenSSL doesn't remember which clients were impacted and the functionality has been broken in their stable releases for 2 years. Based on OpenSSL commit a8e4ac6a2fe67c19672ecf0c6aeafa15801ce3a5. ok jsing@
* Remove trailing whitespace.jsing2014-12-141-10/+10
|
* Sort and group includes.jsing2014-11-161-1/+3
|
* Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes().jsing2014-10-181-4/+3
| | | | | | | | | | | | | | | arc4random provides high quality pseudo-random numbers, hence there is no need to differentiate between "strong" and "pseudo". Furthermore, the arc4random_buf() function is guaranteed to succeed, which avoids the need to check for and handle failure, simplifying the code. It is worth noting that a number of the replaced RAND_bytes() and RAND_pseudo_bytes() calls were missing return value checks and these functions can fail for a number of reasons (at least in OpenSSL - thankfully they were converted to wrappers around arc4random_buf() some time ago in LibreSSL). ok beck@ deraadt@ miod@
* decompress libssl. ok beck jsingtedu2014-07-101-4/+1
|
* tags as requested by miod and teduderaadt2014-06-121-1/+1
|
* KSSL is dead... nuke KSSL_DEBUG from orbit.jsing2014-05-201-31/+0
| | | | ok beck@ miod@
* First pass at applying KNF to the OpenSSL code, which almost makes itjsing2014-04-141-78/+65
| | | | | readable. This pass is whitespace only and can readily be verified using tr and md5.
* cherry pick bugfixes for http://www.openssl.org/news/secadv_20130205.txtmarkus2013-02-141-44/+15
| | | | | from the openssl git (changes between openssl 1.0.1c and 1.0.1d). ok djm@
* import OpenSSL-1.0.1cdjm2012-10-131-1/+1
|
* import OpenSSL 1.0.0edjm2011-11-031-5/+1
|
* import OpenSSL-1.0.0adjm2010-10-011-12/+19
|
* import openssl-0.9.8jdjm2009-01-091-7/+12
|
* import of OpenSSL 0.9.8hdjm2008-09-061-0/+281