| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Move division by two out of sizeof() | tb | 2022-09-12 | 1 | -3/+3 |
| | | |||||
| * | Error checks for EVP_* | tb | 2022-09-12 | 1 | -25/+36 |
| | | | | | CID 356777 | ||||
| * | Move division by two out of sizeof() | tb | 2022-09-12 | 1 | -3/+3 |
| | | | | | CID 356778 | ||||
| * | Add regression tests for the sendmmsg and recvmmsg system calls. | mbuhl | 2022-09-11 | 4 | -2/+410 |
| | | |||||
| * | Enforce the minimum TLS version requirement for QUIC. | jsing | 2022-09-11 | 1 | -1/+9 |
| | | | | | ok tb@ | ||||
| * | Adjust for opaque structs in ts.h | tb | 2022-09-11 | 1 | -14/+24 |
| | | | | | ok jsing | ||||
| * | Adjust for opaque structs in pkcs12.h | tb | 2022-09-11 | 1 | -25/+38 |
| | | | | | ok jsing | ||||
| * | bump major after libcrypto and libssl major bump | tb | 2022-09-11 | 1 | -2/+2 |
| | | |||||
| * | Crank major after symbol addition and libcrypto major bump | tb | 2022-09-11 | 1 | -2/+2 |
| | | |||||
| * | Update Symbols.list | tb | 2022-09-11 | 1 | -0/+11 |
| | | | | | ok jsing | ||||
| * | Expose SSL_get_share_{group,curve}() and related #defines | tb | 2022-09-11 | 1 | -7/+3 |
| | | | | | ok jsing | ||||
| * | Expose some error codes needed for QUIC support | tb | 2022-09-11 | 1 | -3/+1 |
| | | | | | ok jsing | ||||
| * | Define LIBRESSL_HAS_QUIC | tb | 2022-09-11 | 1 | -0/+1 |
| | | | | | ok jsing | ||||
| * | Bump major after symbol addition and removal and struct visibility changes | tb | 2022-09-11 | 1 | -2/+2 |
| | | |||||
| * | Update Symbols.list | tb | 2022-09-11 | 1 | -9/+31 |
| | | | | | ok jsing | ||||
| * | Make structs in ts.h opaque | tb | 2022-09-11 | 2 | -215/+223 |
| | | | | | ok jsing | ||||
| * | Make structs in pkcs12.h opaque | tb | 2022-09-11 | 4 | -162/+45 |
| | | | | | ok jsing | ||||
| * | Expose EVP_chacha20_poly1305() | tb | 2022-09-11 | 1 | -3/+1 |
| | | | | | ok jsing | ||||
| * | Expose various EVP AEAD constants for EVP ChaCha and QUIC | tb | 2022-09-11 | 1 | -3/+1 |
| | | | | | ok jsing | ||||
| * | Expose OPENSL_cleanup() | tb | 2022-09-11 | 1 | -3/+1 |
| | | | | | ok jsing | ||||
| * | Make BIO_info_cb() identical to bio_info_cb() | tb | 2022-09-11 | 1 | -2/+3 |
| | | | | | | | | | | | | | | Various projects use bio_info_cb and BIO_info_cb interchangeably, for example mupdf and freerdp. This is because this was changed in OpenSSL commit fce78bd4 (2017), triggered by new warnings in gcc 8. https://github.com/openssl/openssl/pull/4493 This results in some scary compiler warnings and useless patches in ports. Nobody seems to be using the old bio_info_cb() version. ok jsing | ||||
| * | Remove c2i_* and i2c_* from public visibility | tb | 2022-09-11 | 2 | -10/+11 |
| | | | | | | | | | This removes c2i_ASN1_OBJECT(), {c2i,i2c}_ASN1_BIT_STRING() and {c2i,i2c}_ASN1_INTEGER(). These are not part of the OpenSSL 1.1 API and should never have been exposed in the first place. ok jsing | ||||
| * | link asn1object test statically in preparation for upcoming bump | tb | 2022-09-11 | 1 | -1/+2 |
| | | |||||
| * | Be stricter with middlebox compatibility mode in the TLSv1.3 server. | jsing | 2022-09-11 | 1 | -5/+21 |
| | | | | | | | | | | | Only allow a TLSv1.3 client to request middlebox compatibility mode if this is permitted. Ensure that the legacy session identifier is either zero length or 32 bytes in length. Additionally, only allow CCS messages on the server side if the client actually requested middlebox compatibility mode. ok tb@ | ||||
| * | Only permit CCS messages if requesting middlebox compatibility mode. | jsing | 2022-09-11 | 1 | -4/+4 |
| | | | | | | | | | Currently the TLSv1.3 client always permits the server to send CCS messages. Be more strict and only permit this if the client is actually requesitng middlebox compatibility mode. ok tb@ | ||||
| * | Use CBS when procesing a CCS message in the legacy stack. | jsing | 2022-09-11 | 1 | -4/+7 |
| | | | | | ok tb@ | ||||
| * | Ensure there is no trailing data for a CCS received by the TLSv1.3 stack. | jsing | 2022-09-11 | 1 | -1/+3 |
| | | | | | ok tb@ | ||||
| * | Replace archaic \*(Lt and \*(Gt by plain < and >, respectively, | schwarze | 2022-09-11 | 1 | -7/+7 |
| | | | | | | because these inspire devotion to cargo cult in developers. Cleanup suggested by kn@. | ||||
| * | .Li -> .Vt where appropriate; | jmc | 2022-09-11 | 24 | -106/+103 |
| | | | | | | | from josiah frentsos, tweaked by schwarze ok schwarze | ||||
| * | fix repeated words | jsg | 2022-09-11 | 2 | -6/+6 |
| | | |||||
| * | Increment the input and output position for EVP AES CFB1. | jsing | 2022-09-10 | 1 | -1/+3 |
| | | | | | | | | | | | The length is decremented, however the input is repeatedly read from and output written to the same position. Correct this by actually incrementing the input and output pointers. Found via OpenSSL 604e591ed7, ok tb@ | ||||
| * | Use correct length for EVP CFB mode ciphers. | jsing | 2022-09-10 | 7 | -22/+22 |
| | | | | | | | | | | | The BLOCK_CIPHER_* macros contained a bug where the total length is passed to the underlying cipher implementation, rather than the length of the current chunk. Correct this and use the chunk length instead. Should address the remaining issues reported by Coverity. ok tb@ | ||||
| * | Use CBS to parse TLS alerts in the legacy stack. | jsing | 2022-09-10 | 1 | -4/+10 |
| | | | | | ok tb@ | ||||
| * | Provide a version of ssl_msg_callback() that takes a CBS. | jsing | 2022-09-10 | 3 | -8/+17 |
| | | | | | | | Use this from the TLSv1.3 code. ok tb@ | ||||
| * | carrier return character -> carriage return character | jsg | 2022-09-10 | 1 | -2/+2 |
| | | | | | ok jmc@ miod@ | ||||
| * | fix repeated words | jsg | 2022-09-10 | 5 | -15/+15 |
| | | | | | ok ok miod@ ack ack jmc@ | ||||
| * | fix repeated words | jsg | 2022-09-10 | 1 | -3/+3 |
| | | | | | ok miod@ jmc@ | ||||
| * | ssl_cipher_process_rulestr: return early if a cipher command is invalid | millert | 2022-09-08 | 1 | -5/+2 |
| | | | | | | This is a safer fix for the bug where we might read outside rule_str buffer and is how BoringSSL fixed it. OK tb@ | ||||
| * | ssl_cipher_process_rulestr: don't read outside rule_str buffer | millert | 2022-09-07 | 1 | -2/+3 |
| | | | | | | | If rule_str ended in a "-", "l" was incremented one byte past the end of the buffer. This resulted in an out-of-bounds read when "l" is dereferenced at the end of the loop. OK tb@ | ||||
| * | Add EVP test coverage for RC2. | tb | 2022-09-07 | 1 | -1/+194 |
| | | | | | From Joshua Sing | ||||
| * | Add output length validation for EVP | tb | 2022-09-07 | 1 | -6/+24 |
| | | | | | From Joshua Sing | ||||
| * | Add a table-driven test for RC2 in ECB mode to replace the old one. | tb | 2022-09-06 | 3 | -140/+296 |
| | | | | | From Joshua Sing | ||||
| * | Remove more mkerr.pl remnants, missed in previous | kn | 2022-09-06 | 1 | -54/+3 |
| | | | | | | Noticed by jsg Feedback OK jsg | ||||
| * | Replace aes_{ccm,xts}_cleanup usage with NULL. | jsing | 2022-09-06 | 1 | -16/+11 |
| | | | | | Only change in generated assembly is due to line numbers. | ||||
| * | Stop casting a size_t to a long and then passing it as a size_t. | jsing | 2022-09-06 | 3 | -31/+31 |
| | | | | | | | | | | These cipher implementations take a size_t length argument, so stop casting it to a long. Found by Coverity. ok tb@ | ||||
| * | Fix copy-paste error | tb | 2022-09-05 | 1 | -2/+2 |
| | | |||||
| * | Plug leaks due to not resetting the EVP_CIPHER_CTX | tb | 2022-09-05 | 1 | -1/+11 |
| | | |||||
| * | Two more missing long long casts | tb | 2022-09-05 | 1 | -3/+3 |
| | | |||||
| * | More long long casts for printing time_t | tb | 2022-09-05 | 1 | -3/+3 |
| | | |||||
| * | Convert from %i to %d | tb | 2022-09-05 | 12 | -84/+84 |
| | | |||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |