openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	Consistently spell 'unsigned' as 'unsigned int', as style(9) seems	tb	2020-03-16	1	-25/+25
\| \| \| \| \| \| \| \| \|	to prefer that. No binary change except in d1_srtp.c where the generated assembly differs only in line numbers (due to a wrapped long line) and in s3_cbc.c where there is no change in the generated assembly. ok inoguchi jsing
*	Stop overloading the record type for padding length.	jsing	2020-03-12	1	-2/+2
\| \| \| \| \| \| \| \|	Currently the CBC related code stuffs the padding length in the upper bits of the type field... stop doing that and add a padding_length field to the record struct instead. ok inoguchi@ tb@
*	Use internal versions of SSL3_BUFFER, SSL3_RECORD and DTLS1_RECORD_DATA.	jsing	2020-03-12	1	-4/+4
\| \| \| \| \| \| \| \| \|	SSL3_BUFFER, SSL3_RECORD and DTLS1_RECORD_DATA are currently still in public headers, even though their usage is internal. This moves to using _INTERNAL suffixed versions that are in internal headers, which then allows us to change them without any potential public API fallout. ok inoguchi@ tb@
*	Move l2n/l2n8 into s3_cbc.c, since this is the only code that uses it.	jsing	2020-02-21	1	-1/+15
\| \| \| \|	ok inoguchi@ tb@
*	Remove now unused code for EVP_CIPH_FLAG_AEAD_CIPHER and EVP_CIPH_GCM_MODE.	jsing	2018-09-08	1	-7/+1
\| \| \| \|	ok inoguchi@ tb@
*	move back read_hash and enc_read_ctx into ssl_st. wpa_supplicant and	beck	2017-01-23	1	-2/+2
\| \| \| \|	other perversions touches them sickly and unnaturally.
*	Move a large part of ssl_st into internal, so we can see what squeals.	beck	2017-01-23	1	-2/+2
\| \| \| \|	ok jsing@
*	When using an union including a type known for having strong alignment	miod	2016-11-08	1	-7/+15
\| \| \| \| \| \| \| \|	constraints, in order to force the union to have the same constraint, use the actual type instead of `double'. And add a comment explaining why we want such an alignment in there. ok beck@
*	Remove unused SSLv3 from ssl3_cbc_record_digest_supported().	jsing	2016-11-06	1	-72/+29
\| \| \| \| \| \|	From Markus Uhlin <markus.uhlin at bredband dot net> ok beck@ bcooK@
*	" the the " -> " the ", or in a couple of cases replace the superfluous	krw	2016-03-20	1	-2/+2
\| \| \| \| \| \|	"the" with the obviously intended word. Started with a "the the" spotted by Mihal Mazurek.
*	Nuke ssl3_cbc_remove_padding().	jsing	2015-09-11	1	-31/+1
\| \| \| \|	ok "flensing knife"
*	Remove workaround for TLS padding bug from SSLeay days.	doug	2015-07-17	1	-19/+1
\| \| \| \| \| \| \| \| \|	OpenSSL doesn't remember which clients were impacted and the functionality has been broken in their stable releases for 2 years. Based on OpenSSL commit a8e4ac6a2fe67c19672ecf0c6aeafa15801ce3a5. ok jsing@
*	Add error handling for EVP_DigestInit_ex().	doug	2014-12-15	1	-5/+11
\| \| \| \| \| \| \| \| \| \| \| \| \|	A few EVP_DigestInit_ex() calls were left alone since reporting an error would change the public API. Changed internal ssl3_cbc_digest_record() to return a value due to the above change. It will also now set md_out_size=0 on failure. This is based on part of BoringSSL's commit to fix malloc crashes: https://boringssl.googlesource.com/boringssl/+/69a01608f33ab6fe2c3485d94aef1fe9eacf5364 ok miod@
*	decompress libssl. ok beck jsing	tedu	2014-07-10	1	-2/+3
\|
*	tags as requested by miod and tedu	deraadt	2014-06-12	1	-1/+1
\|
*	Add a define for the SSLv3 sequence size and use it, rather than sprinkling	jsing	2014-06-08	1	-2/+2
\| \| \| \| \| \|	magic numbers around. ok deraadt@
*	Make use of SSL_IS_DTLS, SSL_USE_EXPLICIT_IV, SSL_USE_SIGALGS and	jsing	2014-05-30	1	-1/+2
\| \| \| \| \| \|	SSL_USE_TLS1_2_CIPHERS. Largely based on OpenSSL head.
*	quick pass at removing ability to disable sha256 and sha512. ok miod	tedu	2014-04-17	1	-12/+0
\|
*	remove FIPS mode support. people who require FIPS can buy something that	tedu	2014-04-15	1	-51/+0
\| \| \| \| \|	meets their needs, but dumping it in here only penalizes the rest of us. ok miod
*	First pass at applying KNF to the OpenSSL code, which almost makes it	jsing	2014-04-14	1	-238/+207
\| \| \| \| \|	readable. This pass is whitespace only and can readily be verified using tr and md5.
*	cherry pick bugfixes for http://www.openssl.org/news/secadv_20130205.txt	markus	2013-02-14	1	-0/+790
	from the openssl git (changes between openssl 1.0.1c and 1.0.1d). ok djm@