summaryrefslogtreecommitdiff
path: root/src/lib/libssl (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Put the *method* data structures and functions in the same place.jsing2015-09-114-155/+122
| | | | | | | We can also now nuke ssl23_get_method() since it is the same as tls1_get_method(). And the empty file can bite the dust. ok bcook@ miod@
* Put the *server_method* data structures and functions in the same place.jsing2015-09-114-148/+122
| | | | | | | We can also now nuke ssl23_get_server_method() since it is the same as tls1_get_server_method(). ok miod@
* Put the *client_method* data structures and functions in the same place.jsing2015-09-114-148/+122
| | | | | | | We can also now nuke ssl23_get_client_method() since it is the same as tls1_get_client_method(). ok bcook@ miod@
* Fixup inter-bank movq/movd operations, emit bytes for pclmulqdq again.bcook2015-09-113-13/+27
| | | | | | | | | | Fixes builds gcc + Apple's assembler, working on reenabling builds with older OpenBSD releases. based on OpenSSL commit: https://git.openssl.org/?p=openssl.git;a=commitdiff;h=902b30df193afc3417a96ba72a81ed390bd50de3 ok miod@
* When loading a DSA key from an raw (without DH parameters) ASN.1 serialization,miod2015-09-101-2/+48
| | | | | | | | | | | | | perform some consistency checks on its `p' and `q' values, and return an error if the checks failed. Thanks for Georgi Guninski (guninski at guninski dot com) for mentioning the possibility of a weak (non prime) q value and providing a test case. See https://cpunks.org/pipermail/cypherpunks/2015-September/009007.html for a longer discussion. ok bcook@ beck@
* delete empty SYNOPSIS sectionschwarze2015-09-102-6/+4
|
* Remove support for DTLS_BAD_VER. We do not support non-standard andjsing2015-09-1020-98/+46
| | | | | | | incomplete implementations just so that we can interoperate with products from vendors who have not bothered to fix things in the last ~10 years. ok bcook@ miod@
* Put OPENSSL_cleanse under #ifndef LIBRESSL_INTERNAL.jsing2015-09-101-1/+4
|
* CRYPTO_set_mem_debug_functions() and CRYPTO_set_mem_functions() are alreadyjsing2015-09-101-18/+3
| | | | | | | | | noops, so neuter the CRYPTO_malloc_init and CRYPTO_malloc_debug_init macros. With input from miod@ ok beck@ bcook@ miod@
* Correct spelling of OPENSSL_cleanse.jsing2015-09-1077-220/+232
| | | | ok miod@
* Remove pointless comments.jsing2015-09-103-6/+6
| | | | ok "captain obvious"
* Replace remaining M_ASN1_STRING_* macros with calls to ASN1_STRING_*.jsing2015-09-103-18/+18
| | | | | | | This is not the same as the macro expansion, however the ASN1_STRING_* functions do match the macro expansions. ok doug@ miod@
* Fix an incorrect error check in DSA verify.bcook2015-09-101-4/+2
| | | | | | From Matt Caswell's OpenSSL commit "RT3192: spurious error in DSA verify". https://github.com/openssl/openssl/commit/eb63bce040d1cc6147d256f516b59552c018e29b
* Check handshake_func against NULL rather than 0, since it is a functionjsing2015-09-092-14/+14
| | | | | | pointer. ok bcook@ miod@
* Replace dtls1_client_hello() with ssl3_client_hello() - both are basicallyjsing2015-09-026-212/+58
| | | | | | | | | | | the same code, with two slight differences for DTLS handling. Also, make use of send_cookie to determine if the client random needs to be preserved, rather than testing if it is zeroed (hopefully your random number generator never returned all zeros, since the existing code would break). Inspired by BoringSSL. ok doug@
* Fewer magic numbers - we already have defines for the header lengths, sojsing2015-09-022-10/+14
| | | | | | make use of them. ok doug@
* Remove duplicate prototype for SSL_get_selected_srtp_profile().jsing2015-09-012-4/+2
| | | | From Aaron Burghardt.
* Remove the ssl_prepare_{client,server}hello_tlsext() functions, which arejsing2015-09-0110-68/+10
| | | | | | now nothing more than noops. ok bcook@ doug@
* Make it always safe to call CBB_cleanup() providing that CBB_init() orjsing2015-09-012-4/+16
| | | | | | CBB_init_fixed() have been attempted. ok doug@
* Now that SSLv3 is going away, TLS_* and SSLv23 are equivalent.doug2015-08-297-288/+12
| | | | | | Remove the TLS method data and tls_any_* functions. Point to SSLv23. ok jsing@
* Delete s3_meth.c since it was only for SSLv3 support.doug2015-08-291-103/+0
| | | | ok jsing@
* Remove SSLv3 method data structs and unlink s3_meth.c from the build.doug2015-08-295-164/+6
| | | | ok jsing@
* Kill coverity 128475beck2015-08-281-2/+2
| | | | ok doug@
* Change AEAD out_len argument to size_t instead of ssize_t - while here,jsing2015-08-272-20/+16
| | | | | | | rename it to out_len so that its purpose is more obvious. Also, drop two checks that are no longer possible (and have not been for a long time). Spotted by and ok doug@
* Crank major version for libssl and libtls due to SSLv3 removal.doug2015-08-272-2/+2
|
* Remove SSLv3 support from LibreSSL.doug2015-08-2719-178/+34
| | | | | | | | | | This is the first wave of SSLv3 removal which removes the main SSLv3 functions. Future commits will remove the rest of the SSLv3 support. Discussed the plan at c2k15. Input from jsing@, beck@, miod@, bcook@, sthen@, naddy@, and deraadt@. ok jsing@, beck@
* bump to 2.3.0 for the next LibreSSL release cyclebcook2015-08-201-3/+3
|
* Properly handle missing TLS extensions in client hello as a non-failure.bcook2015-08-192-2/+6
| | | | | Noticed by @Ligushka from github. ok miod@, doug@
* typosmiod2015-08-185-5/+5
|
* Fix SRTP parsing.doug2015-07-312-6/+4
| | | | | | | jsing@ noticed that during the CBS conversion, an extra CBS_len comparison was introduced. It should be 0 after extracting MKI. ok jsing@ bcook@ deraadt@
* Add linker warnings in case SSLv3_{,client,server}_method are referenced.miod2015-07-295-5/+35
| | | | | | | Use of this symbols proves the existence of a code path willingly using SSLv3, even with OPENSSL_NO_SSL3 being defined, which hints that it needs fixing. Discussed with the LibreSSL cabal during c2k15; ok deraadt@
* Use named initialisers for X509V3_EXT_METHOD structs (for the usualjsing2015-07-2919-228/+588
| | | | reasons) - only change in generated assembly is due to line numbering.
* Expand obsolete M_ASN1.*(cmp|dup|print|set) macros - no change in generatedjsing2015-07-2920-54/+54
| | | | | | assembly. ok bcook@
* Expand obsolete M_ASN1_STRING_* macros in asn1_lib.c, apply some style(9)jsing2015-07-291-6/+5
| | | | | | and drop an unnecessary return from a void function. ok bcook@ doug@
* Less asn1_mac.h - asn1_lib.c does not need it and x_pkey.c should bejsing2015-07-272-10/+5
| | | | | | using ASN1err() instead of ASN1_MAC_H_err(). ok miod@
* double words fix; docs are slowly getting moved to mdoc, but thissobrado2015-07-252-2/+2
| | | | | | change will help people translating them. ok jmc@, schwarze@
* Place the ASN.1 template macros (and remaining implement macros) underjsing2015-07-251-3/+6
| | | | #ifndef LIBRESSL_INTERNAL - we're not using these anymore!
* Expand another ASN.1 template macro that snuck through last time around.jsing2015-07-251-2/+8
| | | | No change in generated assembly.
* Manually expand ASN.1 template macros - only change in generated assemblyjsing2015-07-253-16/+40
| | | | is due to line numbering.
* Expand ASN.1 template macros that got missed in the last pass - only changejsing2015-07-253-11/+31
| | | | to generated assembly is due to line numbers.
* Expand ASN.1 template macros - the generated assembly only differs byjsing2015-07-2513-141/+806
| | | | changes to line numbers.
* Expand ASN.1 template macros - no change in generated assembly.jsing2015-07-251-56/+294
|
* Expand ASN.1 template macros - no change in generated assembly.jsing2015-07-251-89/+545
|
* Expand another wall of ASN.1 template macros - no change to generatedjsing2015-07-251-224/+1357
| | | | assembly.
* Expand ASN.1 template macros - no change in generated assembly.jsing2015-07-252-136/+847
|
* Expand ASN.1 template macros - the generated assembly only differs byjsing2015-07-251-55/+351
| | | | changes to line numbers.
* Expand ASN.1 template macros - no change in generated assembly.jsing2015-07-242-27/+171
|
* Expand ASN.1 template macros - the generated assembly only differs byjsing2015-07-241-51/+341
| | | | changes to line numbers.
* an TLS -> a TLS; from thanos tsouanasjmc2015-07-244-12/+12
|
* Expand ASN1_ITEM_TEMPLATE/ASN1_EX_TEMPLATE_TYPE/ASN1_ITEM_TEMPLATE_ENDjsing2015-07-244-22/+106
| | | | macros - the generated assembly only differs by changes to line numbers.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-05-09 06:29:34 +0000