openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Files	Lines
2015-09-12	Ensure that we clear the libssl error stack before we make a function call	jsing	3	-5/+12
	that we will pass the result through tls_ssl_error() on failure. Otherwise we can end up reporting spurious errors due to their being unrelated errors already on the error stack. Spotted by Marko Kreen. ok beck@
2015-09-12	Unwrap a bunch of lines.	jsing	2	-74/+38

2015-09-12	Nuke SSLEAY_CONF -- a backwards compatibility environment variable that	lteo	4	-14/+5
	has been superseded by OPENSSL_CONF and discouraged from use for almost 16 years. "Definately ok" jsing@ "burn it" deraadt@ "Kill it with fire" miod@ "KILL IT WITH FIRE!!! BURN!!!!" beck@
2015-09-12	__strsignal() is now declared in hidden/signal.h	guenther	1	-2/+0

2015-09-12	Put tls_peer_cert* functions in the same place.	jsing	1	-6/+6

2015-09-12	Wrap <inttypes.h> and finish wrapping of <wchar.h> so that calls go direct	guenther	24	-24/+51
	and the symbols not in the C standard are weak
2015-09-12	Remove most of the SSLv3 version checks and a few TLS v1.0.	doug	14	-236/+114
	We can now assume >= TLS v1.0 since SSL2_VERSION, SSL3_VERSION and DTLS1_BAD_VER support was removed. "reads ok" miod@
2015-09-12	Add openssl(1) speed support for AEAD algorithms.	bcook	1	-17/+96
	This adds aes-128-gcm aes-256-gcm chacha20-poly1305 from Adam Langley's original patch for OpenSSL ok beck@ jsing@
2015-09-12	Cleanup enginetest a bit.	bcook	1	-104/+84
	It was the only thing preventing -Werror from building on some systems due to the unchecked asprintf's.
2015-09-12	Uncopy and unpaste dtls1_send_newsession_ticket() - another 111 lines of	jsing	4	-222/+6
	code deduped.
2015-09-12	Fix the openssl(1) prime command: When checking a decimal number for	lteo	1	-3/+2
	primality, do not unnecessarily convert the original decimal number to hex in the output. Hex numbers explicitly specified with -hex remain unchanged. ok beck@ deraadt@ jsing@ miod@
2015-09-12	Move handshake message header length determination into a separate	jsing	8	-46/+54
	ssl3_handshake_msg_hdr_len() function. Use this to correct several places that have magic numbers with header lengths hardcoded as '4'. ok beck@
2015-09-12	Wrap <unistd.h> so that internal calls go direct and they're all weak symbols	guenther	6	-4/+12
	Delete unused 'fd' argument from internal function oldttyname()
2015-09-12	Wrap <getopt.h> to make the functions weak and make access to the initialized	guenther	1	-1/+6
	variables go direct. (Common variables cannot be aliased.)
2015-09-12	Uncopy and unpaste dtls1_send_certificate_request() - removes another 80	jsing	4	-160/+6
	lines of code, while gaining SIGALGs support.
2015-09-12	Uncopy and unpaste dtls1_send_server_key_exchange(). Removes another 329	jsing	4	-658/+6
	lines of code, while gaining bug fixes and SIGALGs support.
2015-09-12	Uncopy and unpaste dtls1_send_server_done().	jsing	4	-36/+6

2015-09-12	Uncopy and unpaste dtls1_send_server_hello().	jsing	4	-136/+6

2015-09-12	Uncopy and unpaste dtls1_send_hello_request().	jsing	4	-36/+6

2015-09-12	Convert the rest of the server handshake functions to ssl3_handshake_msg_*.	jsing	2	-88/+70
	ok beck@
2015-09-12	Uncopy and unpaste dtls1_send_client_verify() - the	jsing	4	-148/+6
	ssl3_send_client_verify() is different, but it correctly supports things like SIGALGS. Another 74 lines of code bites the dust.
2015-09-12	Uncopy and unpaste dtls1_send_client_key_exchange() - the	jsing	4	-538/+10
	ssl3_send_client_key_exchange() is effectively identical, in fact it has a number of bug fixes and improvements that never got merged into the DTLS copy of the code. Flenses another 264 lines of code. ok beck@
2015-09-12	Use explicit_bzero() instead of memset() when clearing private keys.	jsing	2	-6/+8
	ok bcook@ beck@ miod@
2015-09-12	Pull variable assignment out from function call, fix indentation and set	jsing	2	-16/+14
	state after calling ssl3_handshake_msg_finish().
2015-09-12	style(9) and whitespace cleanups.	jsing	2	-58/+50

2015-09-12	Remove workaround for old SIMICS toolchain.	miod	2	-90/+2

2015-09-12	Remove horribly old and outdated `documentation' for the assembly code.	miod	12	-652/+0

2015-09-12	use SOCK_CLOEXEC instead of fnctl; ok guenther beck jsing	deraadt	1	-12/+16

2015-09-12	fix previous;	jmc	2	-31/+48

2015-09-11	spaces found during a read	deraadt	1	-19/+18

2015-09-11	Add TLS suppport to nc. Provides a useful little test and script tool.	beck	3	-45/+346
	ok jsing@ bluhm@
2015-09-11	unifdef -DOPENSSL_NO_RC5	jsing	2	-42/+2

2015-09-11	kill evil comment	beck	1	-3/+1
	ok deraadt@
2015-09-11	Rename functions that moved to t1_enc.c, with a tls1_ prefix instead of a	jsing	24	-130/+130
	ssl3_ prefix. ok beck@
2015-09-11	fix unchecked mallocs - coverity 130454 and 130455	beck	1	-6/+15
	ok jsing@
2015-09-11	Merge the remnants of s3_enc.c into t1_enc.c.	jsing	4	-269/+248
	ok beck@
2015-09-11	Nuke ssl_set_peer_cert_type().	jsing	4	-20/+4
	ok "flensing knife"
2015-09-11	Nuke ssl_bad_method().	jsing	4	-22/+4
	ok "flensing knife"
2015-09-11	Nuke ssl3_default_timeout().	jsing	4	-26/+4
	ok "flensing knife"
2015-09-11	Nuke ssl_replace_hash().	jsing	4	-46/+4
	ok "flensing knife"
2015-09-11	Nuke ssl3_cbc_remove_padding().	jsing	4	-68/+4
	ok "flensing knife"
2015-09-11	Nuke ssl3_alert_code().	jsing	3	-76/+3
	ok "flensing knife"
2015-09-11	Nuke ssl3_cert_verify_mac() and ssl3_handshake_mac().	jsing	3	-86/+3
	We also no longer need the ssl3_pad_1 and ssl3_pad_2 arrays... ok "flensing knife"
2015-09-11	Nuke ssl3_final_finish_mac().	jsing	3	-22/+3
	ok "flensing knife"
2015-09-11	Nuke ssl3_change_cipher_state().	jsing	3	-113/+3
	ok "flensing knife"
2015-09-11	Nuke ssl3_generate_master_secret().	jsing	3	-39/+3
	ok "flensing knife"
2015-09-11	Nuke ssl3_setup_key_block() and ssl3_generate_key_block().	jsing	3	-122/+3
	ok "flensing knife"
2015-09-11	Nuke n_ssl3_mac().	jsing	3	-103/+3
	ok "flensing knife"
2015-09-11	Nuke ssl3_enc().	jsing	3	-76/+3
	ok "flensing knife"
2015-09-11	Nuke SSLv3_enc_data.	jsing	4	-48/+6
	ok "flensing knife"