| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Add ISRG Root X1, the letsencrypt CA root. This is now included in its own | sthen | 2016-09-04 | 1 | -1/+55 |
| | | | | | | right in Mozilla's CA list, rather than relying on IdenTrust cross-signing. ok beck@ jca@ | ||||
| * | only regen pkg-config files when required; ok jasper | natano | 2016-09-04 | 2 | -8/+10 |
| | | |||||
| * | test wcrtomb(3) | schwarze | 2016-09-04 | 2 | -0/+93 |
| | | |||||
| * | Options that take a time argument....take an argument | guenther | 2016-09-04 | 1 | -2/+3 |
| | | | | | diff from Kinichiro Inoguchi (kinichiro.inoguchi (at) gmail.com) | ||||
| * | test mbrtowc(3) in conjunction with mbsinit(3) | schwarze | 2016-09-03 | 2 | -0/+93 |
| | | |||||
| * | squash some possibly-used-uninitialized warnings | bcook | 2016-09-03 | 1 | -3/+3 |
| | | |||||
| * | switch to a constant-time gather procedure for amd64 mont5 asm | bcook | 2016-09-03 | 1 | -199/+314 |
| | | | | | | | | from OpenSSL commit 7f98aa7403a1244cf17d1aa489f5bb0f39bae431 CVE-2016-0702 ok beck@ | ||||
| * | import new BN tests from OpenSSL | bcook | 2016-09-03 | 2 | -167/+434 |
| | | | | | | | | New tests that various BIGNUM methods behave correctly on zero/even inputs. from OpenSSL ok beck@ | ||||
| * | add constant-time MOD_EXP_CTIME_COPY_FROM_PREBUF. | bcook | 2016-09-03 | 1 | -16/+55 |
| | | | | | | | | | | | Patch based on OpenSSL commit d7a854c055ff22fb7da80c3b0e7cb08d248591d0 "Performance penalty varies from platform to platform, and even key length. For rsa2048 sign it was observed to reach almost 10%." CVE-2016-0702 ok beck@ | ||||
| * | BN_mod_exp_mont_consttime: check for zero modulus. | bcook | 2016-09-03 | 1 | -9/+33 |
| | | | | | | | | Don't dereference d when top is zero. Original patch from OpenSSL commit d46e946d2603c64df6e1e4f9db0c70baaf1c4c03 ok jsing@ | ||||
| * | remove unneeded reach-around include | bcook | 2016-09-03 | 1 | -2/+2 |
| | | |||||
| * | add iOS support for getentropy | bcook | 2016-09-03 | 1 | -1/+12 |
| | | | | | from Jacob Berkman, ok beck@ | ||||
| * | deprecate EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() | bcook | 2016-09-03 | 2 | -7/+23 |
| | | | | | | | | | | | This switches EVP_CipherFinal() to work as EVP_EncryptFinal() and EVP_DecryptFinal() do, always clearing the cipher context on completion. Indicate that, since it is not possible to tell whether this function will clear the context (the API has changed over time in OpenSSL), it is better to use the _ex() variants and explicitly clear instead. ok beck@ | ||||
| * | BN_mod_exp_mont_consttime: check for zero modulus. | bcook | 2016-09-03 | 1 | -4/+5 |
| | | | | | | | | Don't dereference |d| when |top| is zero. Also test that various BIGNUM methods behave correctly on zero/even inputs. Original patch from OpenSSL commit d46e946d2603c64df6e1e4f9db0c70baaf1c4c03 | ||||
| * | Avoid undefined-behavior right-shifting by a word-size # of bits. | bcook | 2016-09-03 | 1 | -3/+2 |
| | | | | | Found with STACK, originally from OpenSSL, ok @beck | ||||
| * | shorten s_time; help/ok bcook | jmc | 2016-09-03 | 1 | -91/+22 |
| | | |||||
| * | Make tree build again | beck | 2016-09-03 | 6 | -12/+482 |
| | | |||||
| * | remove unused variable | beck | 2016-09-03 | 1 | -2/+1 |
| | | |||||
| * | Fix some very unnecessary convoultion. | beck | 2016-09-03 | 1 | -16/+6 |
| | | | | | ok krw@ | ||||
| * | crank minor for API addiiton of x509_email, etc. functions | beck | 2016-09-03 | 2 | -2/+2 |
| | | |||||
| * | Bring in functions used by stunnel and exim from BoringSSL - this brings | beck | 2016-09-03 | 2 | -2/+452 |
| | | | | | | | in X509_check_host, X509_check_email, X509_check_ip, and X509_check_ip_asc, with some cleanup on the way in by myself and jsing@ ok bcook@ | ||||
| * | Remove the libcrypto/crypto directory | beck | 2016-09-03 | 41 | -6330/+0 |
| | | |||||
| * | Remove the libssl/ssl directory | beck | 2016-09-03 | 2 | -54/+0 |
| | | |||||
| * | Remove the libssl/src directory | beck | 2016-09-03 | 1190 | -386114/+0 |
| | | |||||
| * | Print SKIPPED if a regress test cannot be executed for some reason. | bluhm | 2016-09-02 | 1 | -2/+3 |
| | | | | | This allows to identify such tests by looking at their output. | ||||
| * | shorten s_server; | jmc | 2016-09-02 | 1 | -134/+72 |
| | | |||||
| * | Fix build of regress after source moves | beck | 2016-09-02 | 1 | -2/+2 |
| | | |||||
| * | Make this regress build again | beck | 2016-09-02 | 2 | -4/+4 |
| | | |||||
| * | Less lock contention by using more pools for mult-threaded programs. | otto | 2016-09-01 | 2 | -94/+190 |
| | | | | | tested by many (thanks!) ok tedu, guenther@ | ||||
| * | black magic for sparc page size can go | tedu | 2016-09-01 | 1 | -4/+2 |
| | | |||||
| * | shorten s_client; | jmc | 2016-09-01 | 1 | -142/+50 |
| | | |||||
| * | Crank minor due to API addition | beck | 2016-08-31 | 1 | -1/+1 |
| | | |||||
| * | We don't need any VMS access tricks. | deraadt | 2016-08-31 | 1 | -27/+4 |
| | | | | | ok beck tedu | ||||
| * | Add OPTION_ARG_TIME for parsing a (64 bit if needed) time_t | deraadt | 2016-08-30 | 3 | -4/+15 |
| | | | | | prodding & ok jsing | ||||
| * | buf[][] with strange use all over the place is ridiculous, especially | deraadt | 2016-08-30 | 1 | -15/+14 |
| | | | | | | if buf[1] is never used. ok guenther beck | ||||
| * | Fix 32-bit time handling, using time_t and make it work on systems | deraadt | 2016-08-30 | 2 | -24/+25 |
| | | | | | | where that is long long. ok beck guenther | ||||
| * | shorten rsautl; | jmc | 2016-08-30 | 1 | -152/+13 |
| | | |||||
| * | shorten the rsa text; of note, i've also reduced the description | jmc | 2016-08-28 | 1 | -278/+44 |
| | | | | | | for -inform/-outform/-text and removed the oft-repeated header/footer blurb; | ||||
| * | Don't call lstat() before readlink() just to see if it's a symlink, | guenther | 2016-08-28 | 1 | -14/+17 |
| | | | | | | | as readlink() will tell you that more cheaply. ok millert@ | ||||
| * | shorten the req text; | jmc | 2016-08-27 | 1 | -452/+189 |
| | | |||||
| * | Enable ALPN regress now that it passes. | jsing | 2016-08-27 | 1 | -4/+2 |
| | | |||||
| * | Be more strict when parsing TLS extensions. | jsing | 2016-08-27 | 2 | -34/+74 |
| | | | | | | | Based on a diff from Kinichiro Inoguchi. ok beck@ | ||||
| * | Pull in <stdio.h> for NULL | guenther | 2016-08-27 | 1 | -1/+2 |
| | | | | | ok deraadt@ | ||||
| * | Repeated occurances of the idiom buf[5][BUFSIZ] -- ridiculous. Give each | deraadt | 2016-08-26 | 1 | -86/+87 |
| | | | | | | | buf a special name, recognize that most are PATH_MAX, and remove a few that are not needed at all. ok jsing beck | ||||
| * | Pull in <time.h> for clock_gettime() | guenther | 2016-08-26 | 1 | -1/+2 |
| | | | | | ok deraadt@ | ||||
| * | shorten the pkeyutl text; | jmc | 2016-08-25 | 1 | -83/+40 |
| | | | | | help/ok guenther | ||||
| * | shorten the pkeyparam text; | jmc | 2016-08-24 | 1 | -23/+8 |
| | | |||||
| * | shorten the pkey text; | jmc | 2016-08-24 | 1 | -73/+25 |
| | | |||||
| * | shorten pkcs12; | jmc | 2016-08-23 | 1 | -187/+42 |
| | | |||||
| * | Various clean up and reorganisation of the connection info handling code. | jsing | 2016-08-22 | 3 | -69/+97 |
| | | | | | | | | | | In particular, rename tls_free_conninfo() to tls_conninfo_free() and make it a real free function. Rename tls_get_conninfo() to tls_conninfo_populate() and have it allocate the struct tls_conninfo (after freeing any existing one). ok beck@ | ||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |