| Commit message (Collapse) | Author | Files | Lines | ||
|---|---|---|---|---|---|
| 2021-10-23 | Change tlsext_tick_lifetime_hint to uint32_t. | jsing | 4 | -17/+11 | |
| Now that SSL_SESSION is opaque, change tlsext_tick_lifetime_hint from long to uint32_t (matching RFC4507), rather than continuing to work around an inappropriate type choice. ok tb@ | |||||
| 2021-10-22 | Prepare to provide X509_get_{extended_,}key_usage() | tb | 2 | -2/+32 | |
| ok beck jsing | |||||
| 2021-10-22 | Switch from u_int and u_char to u32 and u8 to avoid portability issues. | tb | 1 | -17/+14 | |
| Prompted by a diff by Jonas Termansen. ok jsing | |||||
| 2021-10-22 | Prepare to provide X509_REQ_pubkey_get0() | tb | 2 | -2/+13 | |
| ok jsing | |||||
| 2021-10-22 | new manual page EVP_PKEY_add1_attr(3) documenting nine functions | schwarze | 7 | -8/+202 | |
| for associating X.501 Attributes with private keys | |||||
| 2021-10-22 | new manual page X509at_add1_attr(3) | schwarze | 4 | -6/+140 | |
| describing five functions to change arrays of X.501 Attribute objects | |||||
| 2021-10-22 | fix a gratuitiously different argument name | schwarze | 1 | -3/+3 | |
| 2021-10-22 | new manual page X509at_get_attr(3) | schwarze | 3 | -4/+163 | |
| documenting five X.501 Attribute read accessors | |||||
| 2021-10-22 | Put back sys/types.h and sys/socket.h. The latter was unintentionally | tb | 1 | -1/+3 | |
| removed and the former is still needed, as pointed out by kettenis | |||||
| 2021-10-22 | Fix some ghastly whitespace. From Martin Vahlensieck | tb | 1 | -6/+6 | |
| 2021-10-22 | Use unsigned char instead of u_char in base64.c. This is a mild | tb | 1 | -9/+6 | |
| portability annoyance since not all systems have u_char. Remove the now unused includes sys/types.h and stdio.h. u_char diff from Jonas Termansen ok deraadt | |||||
| 2021-10-22 | Garbage collect an unused variable. | tb | 1 | -4/+2 | |
| 2021-10-22 | Stop setting enc.modified manually. It's no longer needed. | tb | 2 | -4/+2 | |
| 2021-10-21 | Simplify the description of RETURN VALUES. | schwarze | 1 | -10/+4 | |
| After tb@'s commit x509/x509_lu.c rev. 1.33, it is no longer necessary to talk about X509_LU_* constants as return values from these functions. Feedback and OK from tb@. | |||||
| 2021-10-21 | Simplify a return value check for X509_STORE_get_by_subject() now | tb | 1 | -18/+7 | |
| that we know that it only returns 0 or 1. Eliminate the last uses of X509_LU_{FAIL,RETRY}. ok jsing | |||||
| 2021-10-21 | Set enc.modified if the X509_REQ is going to be modified. | tb | 1 | -1/+4 | |
| ok jsing | |||||
| 2021-10-21 | new manual page X509_ATTRIBUTE_set1_object(3) | schwarze | 4 | -6/+276 | |
| documenting five X.501 Attribute write accessors | |||||
| 2021-10-21 | Sync parts of X509_STORE_get_by_subject() with OpenSSL | tb | 1 | -13/+7 | |
| Initialize stmp.type and stmp.data.ptr so that a user-defined lookup method need not take responsibility of initializing those. Get rid of current_method, which was never really used. Stop potentially returning a negative value since most callers assume Boolean return values already. In addition, garbage collect the pointless j variable. ok jsing | |||||
| 2021-10-21 | Prepare to make X509 opaque. | tb | 1 | -4/+7 | |
| ok jsing | |||||
| 2021-10-21 | libtls: Don't reach into X509_STORE_CTX. | tb | 1 | -12/+20 | |
| ok jsing | |||||
| 2021-10-21 | Switch from X509_VERIFY_PARAM_set_flags() to X509_STORE_set_flags(). | tb | 1 | -2/+2 | |
| This reduces the number of reacharounds into libcrypto internals. ok jsing | |||||
| 2021-10-21 | Add XKU_ANYEKU #define and use it to cache the anyExtendedKeyUsage | tb | 2 | -3/+8 | |
| extension. This is part of OpenSSL commit df4c395c which didn't make it into our tree for some reason. ok jsing | |||||
| 2021-10-21 | Prepare to provide X509_get_X509_PUBKEY() as a function. | tb | 2 | -5/+15 | |
| ok jsing | |||||
| 2021-10-21 | Bump to LibreSSL 3.5.0 | tb | 1 | -3/+3 | |
| 2021-10-21 | Eliminate a dead assignment and a weird cast. Adjust a comment to | tb | 1 | -6/+3 | |
| reality while there. ok jsing | |||||
| 2021-10-21 | Print uid with %u instead of %i. | tb | 1 | -2/+2 | |
| Prompted by a diff by Jonas Termansen, discussed with deraadt, millert ok jsing | |||||
| 2021-10-21 | Use *printf %d instead of %i | tb | 1 | -2/+2 | |
| ok jsing | |||||
| 2021-10-21 | Avoid potential NULL dereferences in dtls1_free() | tb | 1 | -2/+7 | |
| ok jsing | |||||
| 2021-10-20 | document ASN1_STRING_set_by_NID(3) | schwarze | 2 | -5/+129 | |
| and the three functions related to the global mask | |||||
| 2021-10-20 | new manual page ASN1_mbstring_copy(3) | schwarze | 4 | -5/+182 | |
| also documenting ASN1_mbstring_ncopy(3) | |||||
| 2021-10-20 | new manual page X509_ATTRIBUTE_get0_object(3) | schwarze | 3 | -2/+139 | |
| documenting the four X.501 Attribute read accessors | |||||
| 2021-10-20 | document X509_ATTRIBUTE_create(3) and X509_ATTRIBUTE_dup(3) | schwarze | 1 | -6/+60 | |
| 2021-10-19 | document X509_get_pubkey_parameters(3) in a new manual page | schwarze | 5 | -7/+114 | |
| 2021-10-19 | more precision, fewer words | schwarze | 1 | -28/+43 | |
| 2021-10-19 | document i2d_PrivateKey_bio(3) and i2d_PrivateKey_fp(3) | schwarze | 1 | -12/+37 | |
| 2021-10-19 | install X509_PKEY_new(3) | schwarze | 1 | -1/+2 | |
| 2021-10-19 | document X509_PKEY_new(3) and X509_PKEY_free(3) | schwarze | 4 | -8/+103 | |
| 2021-10-18 | document X509_VERIFY_PARAM_inherit(3) and X509_VERIFY_PARAM_set1(3) | schwarze | 4 | -8/+159 | |
| 2021-10-18 | split seven functions out of the page X509_VERIFY_PARAM_set_flags(3), which | schwarze | 5 | -134/+175 | |
| is becoming excessively long, into a new page X509_VERIFY_PARAM_new(3); no content change | |||||
| 2021-10-15 | Pull in ssl_locl.h so that we can keep reaching into libssl internals. | jsing | 2 | -1/+4 | |
| 2021-10-15 | Move various structs from ssl.h/tls1.h to ssl_locl.h. | jsing | 3 | -140/+128 | |
| These were already under LIBRESSL_INTERNAL hence no ABI change. ok tb@ | |||||
| 2021-10-14 | Use unsigned char instead of u_char for two prototypes (like everywhere | tb | 1 | -4/+4 | |
| else in libcrypto's manuals and headers). | |||||
| 2021-10-13 | ssltest.c does not need param.h | tb | 1 | -1/+0 | |
| From Jonas Termansen | |||||
| 2021-10-13 | Remove __dead from usage() to reduce the diff needed to build LibreSSL | tb | 1 | -3/+3 | |
| on sortix. Prompted by a diff by Jonas Termansen | |||||
| 2021-10-13 | Provide realpath(1) | kn | 1 | -2/+3 | |
| A tiny realpath(3) wrapper to make a porter's life easier. Feedback kettenis deraadt cheloha sthen OK cheloha martijn deraadt | |||||
| 2021-10-11 | does not need arpa/nameser.h | deraadt | 1 | -2/+1 | |
| 2021-10-06 | X509_STORE_CTX_init() allows the store to be NULL on init. Add checks | claudio | 1 | -1/+11 | |
| for a NULL ctx->ctx in the lookup functions using X509_STORE_CTX. This affects X509_STORE_get1_certs(), X509_STORE_get1_crls(), X509_STORE_CTX_get1_issuer() and X509_STORE_get_by_subject(). With this X509_verify_cert() no longer crashes with a NULL store. With and OK tb@ | |||||
| 2021-10-02 | Use SSL_CTX_get0_param() rather than reaching into the SSL_CTX. | jsing | 1 | -2/+2 | |
| 2021-09-30 | Mark another test as failing with the legacy verifier. | jsing | 2 | -2/+4 | |
| This test now fails with the legacy verifier, due to X509_V_FLAG_TRUSTED_FIRST being enabled by default. | |||||
| 2021-09-30 | Enable X509_V_FLAG_TRUSTED_FIRST by default in the legacy verifier. | jsing | 1 | -1/+2 | |
| In order to work around the expired DST Root CA X3 certficiate, enable X509_V_FLAG_TRUSTED_FIRST in the legacy verifier. This means that the default chain provided by Let's Encrypt will stop at the ISRG Root X1 intermediate, rather than following the DST Root CA X3 intermediate. Note that the new verifier does not suffer from this issue, so only a small number of things will hit this code path. ok millert@ robert@ tb@ | |||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |