openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	Rework ssl_ctx_use_certificate_chain_bio() to use the CERT_PKEY chain.	jsing	2019-03-25	1	-46/+26
\| \| \| \| \| \| \| \| \| \|	This means that any additional CA certificates end up on the per certificate chain, rather than the single/shared extra_certs. Also simplify this code and in particular, avoid setting the return value to indicate success until we've actually succeeded. ok beck@ tb@
*	Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.	jsing	2018-11-08	1	-25/+1
\| \| \| \|	ok beck@ tb@
*	OpenSSL started adding const to functions all over the place. Make all	tb	2018-04-25	1	-16/+8
\| \| \| \| \| \| \| \|	our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step. this went through a i386 bulk by sthen ok jsing
*	Change SSLerror() back to taking two args, with the first one being an SSL *.	beck	2017-02-07	1	-52/+52
\| \| \| \| \| \| \| \| \|	Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
*	Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly	beck	2017-01-26	1	-5/+3
\| \| \| \|	line wraps that resulted
*	Send the error function codes to rot in the depths of hell where they belong	beck	2017-01-26	1	-52/+52
\| \| \| \| \| \| \|	We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
*	sk_pop_free() checks for NULL so do not bother doing it from the callers.	jsing	2017-01-24	1	-5/+3
\|
*	move default_passwd_cb and default_passwd_cb_userdata back into	beck	2017-01-23	1	-17/+17
\| \| \| \| \| \| \|	the ssl_ctx from internal - these are used directly by python and openvpn and a few other things - we have the set accessors but the get accessors were added in 1.1 and these roll their own caveat OPENSSL_VERSION chickenpluckery
*	Move most of the fields in SSL_CTX to internal - the ones that remain are	jsing	2017-01-23	1	-7/+7
\| \| \| \| \| \|	known to be in use. ok beck@
*	Move callback function pointers and argument pointers from SSL_CTX to	jsing	2017-01-23	1	-17/+17
\| \| \| \| \| \|	internal. ok beck@
*	X509_free(3) is NULL-safe, so remove NULL checks before its calls.	mmcc	2016-03-11	1	-9/+5
\| \| \| \|	ok doug@
*	Rename SSL_CTX_use_certificate_chain() to SSL_CTX_use_certificate_chain_mem().	reyk	2015-02-06	1	-2/+2
\| \| \| \| \|	As discussed with beck@ jsing@ and others OK beck@
*	Remove trailing whitespace.	jsing	2014-12-14	1	-7/+7
\|
*	Sort and group includes.	jsing	2014-11-16	1	-3/+5
\|
*	Add a new API function SSL_CTX_use_certificate_chain() that allows to	reyk	2014-09-28	1	-16/+48
\| \| \| \| \| \| \| \| \| \| \|	read the PEM-encoded certificate chain from memory instead of a file. This idea is derived from an older implementation in relayd that was needed to use the function with a privep'ed process in a chroot. Now it is time to get it into LibreSSL to make the API more privsep- friendly and to make it available for other programs and the ressl library. ok jsing@ miod@
*	if (x) FOO_free(x) -> FOO_free(x).	miod	2014-07-12	1	-3/+2
\| \| \| \| \| \| \|	Improves readability, keeps the code smaller so that it is warmer in your cache. review & ok deraadt@
*	KNF, particularly wrapped lines of calls to PEM_read_bio_FOO() and	guenther	2014-06-22	1	-24/+44
\| \| \| \| \| \|	multiline comments ok jsing@
*	tags as requested by miod and tedu	deraadt	2014-06-12	1	-1/+1
\|
*	BIO_free has an implicit NULL check, so do not bother checking for NULL	jsing	2014-06-07	1	-14/+7
\| \| \| \|	before calling it.
*	Any sane platform has stdio. Stop pretending we will ever use a platform	beck	2014-05-29	1	-14/+0
\| \| \| \| \|	that does not. "fire bomb" tedu@
*	always build in RSA and DSA. ok deraadt miod	tedu	2014-04-17	1	-10/+0
\|
*	First pass at applying KNF to the OpenSSL code, which almost makes it	jsing	2014-04-14	1	-466/+416
\| \| \| \| \|	readable. This pass is whitespace only and can readily be verified using tr and md5.
*	Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.	miod	2014-04-13	1	-5/+9
\|
*	resolve conflicts, fix local changes	djm	2010-10-01	1	-1/+1
\|
*	resolve conflicts	djm	2008-09-06	1	-75/+37
\|
*	resolve conflicts	djm	2005-04-29	1	-1/+1
\|
*	merge 0.9.7c; minor bugsfixes;	markus	2003-11-11	1	-1/+3
\| \| \| \| \|	API addition: ERR_release_err_state_table [make includes before you build libssl/libcrypto]
*	merge openssl-0.9.7-beta3, tested on vax by miod@	markus	2002-09-10	1	-1/+1
\|
*	OpenSSL 0.9.7 stable 2002 05 08 merge	beck	2002-05-15	1	-21/+21
\|
*	OpenSSL 0.9.4 merge	beck	1999-09-29	1	-174/+158
\|
*	Import of SSLeay-0.9.0b with RSA and IDEA stubbed + OpenBSD build	ryker	1998-10-05	1	-0/+831
	functionality for shared libs. Note that routines such as sslv2_init and friends that use RSA will not work due to lack of RSA in this library. Needs documentation and help from ports for easy upgrade to full functionality where legally possible.