openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	This commit was manufactured by cvs2git to create tag 'OPENBSD_5_8_BASE'.OPENBSD_5_8_BASE	cvs2svn	2015-08-02	1	-474/+0
\|
*	Allow *_free() functions in libssl to handle NULL input.	doug	2015-07-19	1	-1/+4
\| \| \| \| \| \|	This mimics free()'s behavior which makes error handling simpler. ok bcook@ miod@
*	Fix several crash causing defects from OpenSSL.	tedu	2015-03-19	1	-1/+4
\| \| \| \| \| \| \| \| \| \| \| \| \|	These include: CVE-2015-0209 - Use After Free following d2i_ECPrivatekey error CVE-2015-0286 - Segmentation fault in ASN1_TYPE_cmp CVE-2015-0287 - ASN.1 structure reuse memory corruption CVE-2015-0289 - PKCS7 NULL pointer dereferences Several other issues did not apply or were already fixed. Refer to https://www.openssl.org/news/secadv_20150319.txt joint work with beck, doug, guenther, jsing, miod
*	Jettison DTLS over SCTP.	jsing	2015-02-09	1	-8/+1
\| \| \| \| \| \| \| \|	OpenBSD does not have SCTP support and it sees little use in the wild. OPENSSL_NO_SCTP is already specified via opensslfeatures.h, hence this is a code removal only and symbols should remain unchanged. ok beck@ miod@ tedu@
*	Remove trailing whitespace.	jsing	2014-12-14	1	-4/+4
\|
*	Sort and group includes.	jsing	2014-11-16	1	-1/+2
\|
*	avoid sys/param.h; Jonas Termansen	deraadt	2014-07-17	1	-2/+2
\|
*	In dtls1_clear_queues(), free buffered_add_data.q correctly, it's made of	miod	2014-07-11	1	-4/+4
\| \| \| \| \| \|	DTLS1_RECORD_DATA, not hm_fragment. OpenSSL PR #3286 via OpenSSL trunk.
*	remove unused, private version strings except SSL_version_str	bcook	2014-07-09	1	-2/+1
\| \| \| \| \| \|	Also remove unused des_ver.h, which exports some of these strings, but is not installed. ok miod@ tedu@
*	Pull the code that builds a DTLS sequence number out into its own function	jsing	2014-06-21	1	-1/+14
\| \| \| \| \| \|	to avoid duplication. Also use fewer magic numbers. ok miod@
*	Remove support for the `opaque PRF input' extension, which draft has expired	miod	2014-06-13	1	-1/+3
\| \| \| \| \| \| \| \|	7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major. With help and enlightenment from Brendan MacDonell.
*	tags as requested by miod and tedu	deraadt	2014-06-12	1	-1/+1
\|
*	Fix memory leak: free s if calloc fails.	logan	2014-06-11	1	-1/+3
\| \| \| \| \| \|	(From Jonas Maebe) OK from beck@
*	Make it substantially easier to identify protocol version requirements	jsing	2014-05-29	1	-0/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	by adding an enc_flags field to the ssl3_enc_method, specifying four flags that are used with this field and providing macros for evaluating these conditions. Currently the version requirements are identified by continually checking the version number and other criteria. This change also adds separate SSL3_ENC_METHOD data for TLS v1.1 and v1.2, since they have different enc_flags from TLS v1. Based on changes in OpenSSL head. No objection from miod@
*	There is no point in checking if a pointer is non-NULL before calling free,	jsing	2014-05-28	1	-6/+2
\| \| \| \| \| \| \| \|	since free already does this for us. Also remove some pointless NULL assignments, where the result from malloc(3) is immediately assigned to the same variable. ok miod@
*	repair some KNF missed by the script; ok jsing	deraadt	2014-05-26	1	-6/+10
\|
*	Use C99 initialisers for SSL3_ENC_METHOD structs.	jsing	2014-05-24	1	-12/+14
\| \| \| \|	ok miod@
*	Stop pulling pqueue.h into ssl_locl.h since only a small part of libssl	jsing	2014-05-22	1	-0/+2
\| \| \| \| \| \| \| \| \| \|	actually needs it. Instead, just include it in the files where it is actually necessary. Also remove standard includes from pqueue.h so that they are not available as a side effect. Just add the two includes that are needed to pqueue.c. ok miod@
*	gettimeofday() is portable enough and does not need a wrapper	deraadt	2014-04-20	1	-9/+2
\|
*	calloc() rather than malloc+memset	deraadt	2014-04-20	1	-2/+2
\|
*	More KNF and style consistency tweaks	guenther	2014-04-19	1	-2/+2
\|
*	Change library to use intrinsic memory allocation functions instead of	beck	2014-04-17	1	-13/+13
\| \| \| \| \| \| \| \|	OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
*	make OPENSSL_NO_HEARTBLEED the default and only option. ok deraadt miod	tedu	2014-04-14	1	-7/+0
\|
*	First pass at applying KNF to the OpenSSL code, which almost makes it	jsing	2014-04-14	1	-184/+180
\| \| \| \| \|	readable. This pass is whitespace only and can readily be verified using tr and md5.
*	Revert previous. I don't known why cvs blame tells me I committed this,	mpi	2014-04-14	1	-27/+292
\| \| \| \| \|	but after cross-checking with 1.0.1g sources, they are not coming from my change.
*	Revert to 1.1 minus the VMS stuff, I accidentally committed this chunk	mpi	2014-04-14	1	-292/+27
\| \| \| \|	in my last change.
*	Fix the gettimeofday function that I broke with my last commit.	beck	2014-04-13	1	-6/+0
\| \| \| \| \|	noticed by mattheew and deraadt ok deraadt@
*	Remove vms support stuff.	beck	2014-04-13	1	-10/+0
\| \| \| \|	ok deraadt@
*	Do not include "e_os.h" anymore. Simply pull in the necessary headers.	mpi	2014-04-13	1	-1/+5
\| \| \| \|	ok miod@, deraadt@
*	Import OpenSSL 1.0.1g	miod	2014-04-13	1	-0/+1
\|
*	import OpenSSL-1.0.1c	djm	2012-10-13	1	-11/+43
\|
*	OpenSSL 1.0.0f: import upstream source	djm	2012-01-05	1	-1/+8
\|
*	import OpenSSL 1.0.0e	djm	2011-11-03	1	-8/+57
\|
*	import OpenSSL-1.0.0a	djm	2010-10-01	1	-26/+209
\|
*	import openssl-0.9.8j	djm	2009-01-09	1	-0/+1
\|
*	import of OpenSSL 0.9.8h	djm	2008-09-06	1	-0/+210