| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
ok guenther jmc
|
| |
|
|
|
|
| |
- Add undocumented option -r
ok jmc@
|
| |
|
|
|
|
|
|
| |
requiring it (sftp-server).
Remove the /exists///// behaviour from here. The /nonexistant
behaviour remains in the kernel and needs to be shot next.
There may be ports fallout, but we doubt it.
ok beck djm
|
| |
|
|
|
|
| |
- Add undocumented options -crlnumber, -hash_old, -nameopt and -verify
ok jmc@
|
| |
|
|
|
|
|
| |
- Add undocumented options -crlsec and -sigopt
- Sync argument name between usage and options description
ok jmc@
|
| | |
|
| |
|
|
|
|
| |
hardware crypto features are available.
"no objections" kettenis@
|
| | |
|
| |
|
|
|
|
|
| |
have a different calling convention than the standard function...as seen
in kdump output.
ok deraadt@ schwarze@
|
| |
|
|
|
|
| |
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future.
|
| |
|
|
|
| |
code was inspecting the pointer (which is, sadly, undefined on error, because
the current specification of asprintf is crazy sloppy)
|
| |
|
|
| |
ok millert nicm tb, etc
|
| |
|
|
|
|
| |
on error, so checking for -1 only is potentially non-portable.
Also mention that the C89 standard does not require errno to be set.
OK deraadt@ millert@
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
TLS_WANT_POLLIN, -1, or 0. After handling the first two, check for -1
rather than vaguely "< 0".
ok jsing
|
| |
|
|
|
| |
-1 to mark failure, not arbitrary values < 0. I believe manual pages
should follow the described contract precisely and accurately.
|
| |
|
|
|
|
|
| |
- Move local variables in genrsa_main() to struct genrsa_config
- Leave long lines more than 80, still
ok bcook@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, this function would leak the most significant word of its
argument due to branching and memory access pattern. This patch is
enough to fix the use of BN_num_bits() on RSA prime factors in the
library.
The diff is a simplified and more readable (but perhaps less efficient)
version of https://github.com/openssl/openssl/commit/972c87df
by Andy Polyakov and David Benjamin (pre license change). Consult that
commit message for details. Subsequent fixes to follow in the near future.
Issue pointed out by David Schrammel and Samuel Weiser as part of
a larger report.
tests & ok inoguchi, ok jsing
|
| |
|
|
|
|
|
|
| |
code. We now user the simple userland wrapper on top of __realpath(2).
The non-POSIX behaviour still remains, that is the next component to fix.
From a diff by beck, but I managed to chainsaw it a bit further. Tested
in snaps for a couple of days.
ok beck
|
| | |
|
| |
|
|
|
|
| |
it is a thin wrapper over the syscall __readlink(2). Improve the list
of possible errors.
ok millert beck jmc
|
| |
|
|
|
| |
but failed to provide any real information.
OK tb@ jmc@
|
| |
|
|
|
|
|
|
|
| |
Among other improvements:
* Use a uniform wording at the top of the DECSRIPTION for obsolete pages.
* Better explain how to use a non-standard configuration file.
* Remove obsolete functions from SEE ALSO.
Triggered by some suggestions from tb@.
Tweaks and OK tb@.
|
| | |
|
| |
|
|
| |
recommended by otto@
|
| | |
|
| |
|
|
|
|
| |
Split some excessively long lists into useful sub-categories.
Add a new, very short subsection "Obsolete functions" at the end.
OK tb@ jmc@
|
| |
|
|
|
| |
memory arm64 machines.
found by patrick@; OK otto@
|
| |
|
|
| |
references were already given below RETURN VALUES right above
|
| |
|
|
|
| |
- Add some options to pkcs12 test.
- Add smime tests for encrypt, decrypt and pk7out.
|
| |
|
|
|
| |
and to isolated obsolete pages;
OK bcook@ jmc@
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
which is now supposed to be opaque.
OK tb@
I checked that all the information contained in comments in the
display is available from the appropriate places in RSA_meth_new(3)
and RSA_set_flags(3). Note that the comments regarding "mod_exp",
"init", and "finish" were half-misleading simplifications, anyway.
|
| |
|
|
|
| |
Update the documentation.
OK tb@ jmc@
|
| |
|
|
| |
OK tb@ jmc@
|
| |
|
|
|
|
| |
These references were misleading because these functions are no
longer used internally and applications should not call them either.
Issue brought up by tb@.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
PKCS5_PBKDF2_HMAC(3) to the top level page evp(3). The leaf pages
still have backlinks to the group entry page EVP_DigestInit(3),
which is enough.
Redundancy and asymmetry pointed out by tb@.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
- Adapt openssl(1) gendsa command to new option handling.
- Add lacking ciphers and passout description in openssl.1 manpage.
- Describe paramfile as argument in openssl.1 manpage.
ok bcook@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
group pages, and these link on to all their second-level subpages.
Only a handful of second-level pages have third-level subpages.
So all crypto pages can now be reached from the www.libressl.org
frontpage via at most four clicks, in most cases three clicks.
Also link back from leaf pages to their respective group pages
and add a couple of additional links between related pages.
Triggered by a question from deraadt@.
OK jmc@ tb@
|
| |
|
|
| |
ok tb@, jsing@, sthen@
|
| | |
|
