| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Set BN_FLG_CONSTTIME on the correct variable. beck committed wrong fix.libressl-v2.3.6 | tedu | 2016-06-06 | 1 | -2/+2 |
| | | | | | Mistake noted by Billy Brumley. Many thanks. | ||||
| * | Correct a problem that prevents the DSA signing algorithm from running | beck | 2016-06-06 | 1 | -4/+6 |
| | | | | | | | | in constant time even if the flag BN_FLG_CONSTTIME is set. This issue was reported by Cesar Pereida (Aalto University), Billy Brumley (Tampere University of Technology), and Yuval Yarom (The University of Adelaide and NICTA). The fix was developed by Cesar Pereida | ||||
| * | LibreSSL 2.3.6 | bcook | 2016-06-06 | 1 | -3/+3 |
| | | |||||
| * | bump to 2.3.5libressl-v2.3.5 | bcook | 2016-05-29 | 1 | -3/+3 |
| | | |||||
| * | Fix a short-read bug in the previous version of asn1_d2i_read_bio | bcook | 2016-05-29 | 1 | -26/+28 |
| | | | | | | The outer while() loop is missing, so we only read up to chunk_max bytes. ok tedu | ||||
| * | this chunk was NOT supposed to be committed. spotted by jsg. | tedu | 2016-05-04 | 1 | -2/+1 |
| | | |||||
| * | prefer limits.h over sys/limits.hlibressl-v2.3.4 | bcook | 2016-05-03 | 1 | -2/+2 |
| | | |||||
| * | bump to 2.3.4 | bcook | 2016-05-03 | 1 | -2/+2 |
| | | |||||
| * | backport patch from openssl for multiple issues: | tedu | 2016-05-03 | 8 | -31/+58 |
| | | | | | | | | missing padding check in aesni functions overflow in evp encode functions use of invalid negative asn.1 types ok beck | ||||
| * | This commit was manufactured by cvs2git to create branch 'OPENBSD_5_9'. | cvs2svn | 2016-05-03 | 1 | -0/+209 |
| | | |||||
| * | bump for LibreSSL 2.3.3libressl-v2.3.3 | bcook | 2016-03-12 | 1 | -3/+3 |
| | | |||||
| * | This commit was manufactured by cvs2git to create branch 'OPENBSD_5_9'. | cvs2svn | 2016-02-17 | 194 | -57103/+0 |
| | | |||||
| * | Therefor -> Therefore (where appropriate) | tb | 2016-01-29 | 2 | -2/+2 |
| | | | | | from ray@, ok jmc@ | ||||
| * | deprecate SSL_OP_SINGLE_DH_USElibressl-v2.3.2 | beck | 2016-01-27 | 4 | -74/+12 |
| | | | | | ok jsing@ | ||||
| * | Document that the ssl free() functions are NULL safe. OK mmcc@ | millert | 2015-12-30 | 6 | -12/+42 |
| | | |||||
| * | More adress -> address | mmcc | 2015-12-24 | 2 | -2/+2 |
| | | |||||
| * | remove NULL-checks before free() | mmcc | 2015-12-23 | 3 | -19/+11 |
| | | |||||
| * | assign pointer NULL rather than 0 | mmcc | 2015-12-23 | 1 | -2/+2 |
| | | |||||
| * | assign pointer to NULL rather than 0 | mmcc | 2015-12-23 | 1 | -2/+2 |
| | | |||||
| * | initialize a pointer to NULL rather than 0 | mmcc | 2015-12-22 | 1 | -2/+2 |
| | | |||||
| * | initialize ext_len to 0. | beck | 2015-12-14 | 1 | -2/+6 |
| | | | | | ok guenther@ | ||||
| * | initialize ok to 0 | beck | 2015-12-14 | 1 | -2/+2 |
| | | | | | ok guenther@ | ||||
| * | initialize md_len to 0 for readability to quell warnings. | beck | 2015-12-14 | 1 | -3/+3 |
| | | | | | ok guenther@ | ||||
| * | decipher comment. ok bcook@ | mmcc | 2015-12-12 | 2 | -4/+4 |
| | | |||||
| * | move initialization of buf up to quell warnings and make it obvious the err ↵ | beck | 2015-12-12 | 1 | -4/+5 |
| | | | | | | | case is ok. ok bcook@ | ||||
| * | prevent possibly use of uninitialized variable | beck | 2015-12-12 | 1 | -2/+2 |
| | | | | | ok bcook@ | ||||
| * | make the counter a size_t as well, which quells a warning on visual studio 2015 | beck | 2015-12-12 | 1 | -2/+3 |
| | | | | | ok bcook@ | ||||
| * | bump the major for libcrypto/ssl/tls for a CRYPTO_chacha_20 ABI change | bcook | 2015-12-09 | 2 | -4/+4 |
| | | | | | ok jsing@, deraadt@, beck@ | ||||
| * | Change the counter argument for CRYPTO_chacha_20 to be 64-bits on all platforms. | bcook | 2015-12-09 | 2 | -5/+6 |
| | | | | | | | | | | | | The recently-added EVP_aead_chacha20_poly1305_ietf() function, which implements informational RFC 7539, "ChaCha20 and Poly1305 for IETF Protocols", needs a 64-bit counter to avoid truncation on 32-bit platforms. The existing TLS ChaCha20-Poly1305 ciphersuite is not impacted by this, but making this change requires an ABI bump. ok jsing@, "Looks sane" beck@ | ||||
| * | Remove SHA0 check, as we did in v1.21 of sha.h. | bcook | 2015-12-07 | 1 | -2/+2 |
| | | | | | | | This enables ENGINE_get_digest to work again with SHA1. noted by NARUSE, Yui, @nurse from github | ||||
| * | Fix for OpenSSL CVE-2015-3195 | beck | 2015-12-04 | 1 | -3/+8 |
| | | | | | ok djm@ jsing@ | ||||
| * | Fix for OpenSSL CVE-2015-3194 | beck | 2015-12-03 | 1 | -2/+2 |
| | | | | | ok krw@ | ||||
| * | fix references to lhash(3); | jmc | 2015-11-15 | 2 | -14/+16 |
| | | |||||
| * | mutli -> multi | miod | 2015-11-14 | 1 | -1/+1 |
| | | |||||
| * | Various *syncron* -> *synchron* typos. | miod | 2015-11-14 | 1 | -1/+1 |
| | | |||||
| * | update cross references after deleting the imaginary MLINKS | schwarze | 2015-11-12 | 2 | -2/+2 |
| | | | | | bn_internal(3) and lhash(3) | ||||
| * | Convert the handful of manuals that had imaginary names, | schwarze | 2015-11-12 | 6 | -1055/+0 |
| | | | | | | give them names that really exist. This also helps jmc@'s ongoing work on improving NAME sections. | ||||
| * | add missing functions to NAME, or otherwise correct the mlink | jmc | 2015-11-11 | 20 | -43/+69 |
| | | | | | | | entry for them; feedback/ok schwarze | ||||
| * | Convert five more manuals from POD to mdoc. | schwarze | 2015-11-11 | 5 | -458/+0 |
| | | | | | | I found drafts of these in my tree, probably originally from Max Fillinger, that just needed minor polishing. | ||||
| * | Convert and enable CMS manuals. | schwarze | 2015-11-11 | 16 | -1234/+0 |
| | | | | | Already some time ago, bcook@ said these can be installed. | ||||
| * | SSL_CTX_sess_set_remove mlink should be SSL_CTX_sess_set_remove_cb; | jmc | 2015-11-10 | 1 | -2/+2 |
| | | |||||
| * | Fix gcc version preprocessor checks to cope with gcc 5.x and beyond; | miod | 2015-11-06 | 1 | -2/+2 |
| | | | | | reported by Ruslan Babayev. | ||||
| * | Cast Td4[] values (which are uint8_t) to uint32_t before shifting them left by | miod | 2015-11-05 | 1 | -5/+5 |
| | | | | | | | | | | 24 bits; if we don't, Td4[] gets cast to signed int, and according to C>=99 6.5.7, signed int shifted by enough bits to cause a the sign bit to be set is an UB. Reported by Pascal Cuoq on behalf of the trust-in-soft.com mafia I am {partial,slightly related} to. | ||||
| * | Mention ROTL() is always invoked with a proper shift value, due to the way the | miod | 2015-11-05 | 1 | -1/+2 |
| | | | | | | CAST_KEY is constructed. This is expected to reduce blood pressure in auditors. | ||||
| * | bump to 2.3.2, format LIBRESSL_VERSION_NUMBER like OPENSSL_VERSION_NUMBER. | bcook | 2015-11-03 | 1 | -3/+3 |
| | | | | | | | Suggested by WubTheCaptain so the same comparison code can be used with LibreSSL. https://www.openssl.org/docs/manmaster/crypto/OPENSSL_VERSION_NUMBER.html | ||||
| * | Fix typo in comment of previous commit: "that that". | reyk | 2015-11-02 | 1 | -3/+3 |
| | | |||||
| * | bump minors after adding EVP_aead_chacha20_poly1305_ietf() | reyk | 2015-11-02 | 2 | -2/+2 |
| | | | | | OK jsing@ | ||||
| * | Add EVP_aead_chacha20_poly1305_ietf() - The informational RFC 7539, | reyk | 2015-11-02 | 2 | -19/+113 |
| | | | | | | | | | | "ChaCha20 and Poly1305 for IETF Protocols", introduced a modified AEAD construction that is incompatible with the common style that has been already used in TLS with EVP_aead_chacha20_poly1305(). The IETF version also adds a constant (salt) that is prepended to the nonce. OK mikeb@ jsing@ | ||||
| * | Pull in <sys/types.h> to get ssize_t or <stdint.h> to get uint32_t, instead of | miod | 2015-10-30 | 1 | -1/+2 |
| | | | | | | relying upon previously included headers to do this, to enhance portability; from Pascal Cuoq, libressl github pull request #52 | ||||
| * | Sort the obsolete flags. | doug | 2015-10-25 | 2 | -12/+12 |
| | | |||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |