Branch :
| Author | Commit | Date | CI | Message |
|---|---|---|---|---|
| 47f2496f | 2025-06-15 15:58:56 | crypto_ex_data: use same sizeof idiom as everywhere else in our own code ok beck | ||
| 1a751a5f | 2025-06-15 15:43:00 | Remove aesni_init_key(). The various methods can now use the regular init key functions, since the call to AES_set_{en,de}crypt_key() will be routed to the AES-NI implementation, if supported. ok tb@ | ||
| 41eed276 | 2025-06-15 15:11:50 | Integrate AES-NI into the AES code. Currently, the AES-NI code is only integrated into EVP - add code to integrate AES-NI into AES. Rename the assembly provided functions and provide C versions for the original names, which check for AES-NI support and dispatch to the appropriate function. This means that the AES_* public API will now use AES-NI, if available. ok tb@ | ||
| 3ebadeb6 | 2025-06-15 14:18:31 | Provide machine dependent CPU capabilities for i386. This indicates if AES-NI is available via CRYPTO_CPU_CAPS_I386_AES. ok tb@ | ||
| 2c2a083c | 2025-06-15 14:16:11 | Provide CRYPTO_CPU_CAPS_AMD64_AES in machine dependent CPU capabilities. ok tb@ | ||
| 577fe228 | 2025-06-14 06:48:47 | Fix signature of BN_zero This was changed a bit more than two years ago. | ||
| f8007ba6 | 2025-06-13 18:48:05 | Switch misuse of .Ft to the more appropriate .Vt macro, and remove useless quoting of .Ft arguments. | ||
| f6773c1f | 2025-06-13 18:45:02 | Fix a documentation bug: pcap_fopen_offline(3) returns a pointer, not a structure. Also remove useless quoting of .Ft arguments. | ||
| 74a1e058 | 2025-06-13 18:34:00 | The mdoc(7) .Ft macro does not need quoting of its arguments, but about 10% of our manual pages using this macro employed useless quoting anyway. Remove these quotes such that they do not incite fear, uncertainty, and doubt in developers who happen to look at these pages. jmc@ and tb@ agree with the direction. | ||
| 430d307e | 2025-06-13 13:56:43 | tweak previous: cull a stray .Pp that crept in and caused a warning: mandoc: intro.2:164:2: WARNING: skipping paragraph macro: Pp before It | ||
| e52d87dc | 2025-06-13 13:25:32 | ENOTDIR is used often enough to refer to a fd situation rather than a pathname situation, so we should mention this in the documentation. The message is not changed. | ||
| f3df33fd | 2025-06-12 16:07:09 | <uvm/uvmexp.h> is clearly only for VM_MALLOC_CONF, but <sys/sysctl.h> takes care of doing that include. | ||
| 966ca342 | 2025-06-12 15:59:30 | Bring the DESCRIPTION a bit closer to reality, in particular stop claiming that the "add" functions add anything. Indicate that they are mostly NOOPs nowadays, but without being overly specific. Also, more explicitly discourage abusing OpenSSL_add_all_algorithms(3) for loadiing a configuration file. Guidance and OK tb@. | ||
| b52a5c78 | 2025-06-12 11:23:36 | Drop __multf3 from the list; it isn't actually exported. ok deraadt@, tb@ | ||
| 97ca9391 | 2025-06-12 01:16:50 | fix incomplete NAME sections; OK jsg@ | ||
| 2de8940e | 2025-06-12 00:21:39 | fpurge() first appeared in 4.3BSD-Reno ok deraadt@ schwarze@ | ||
| c82f3d91 | 2025-06-11 23:41:19 | EC_GROUP_check: rephrase a sentence so it's a bit less awkward | ||
| 8e6fb259 | 2025-06-11 23:21:08 | The functions SMIME_read_ASN1(3) and SMIME_write_ASN1(3) are no longer public, so delete their manual pages. OK tb@ | ||
| c383fa08 | 2025-06-11 23:16:32 | Since the function SMIME_write_ASN1(3) is no longer public, move the descriptions of CMS_REUSE_DIGEST, PKCS7_REUSE_DIGEST, SMIME_BINARY, and SMIME_CRLFEOL and some improved wordings from that former page to SMIME_write_CMS(3) and SMIME_write_PKCS7(3), with some further polishing. Feedback and OK tb@. | ||
| 14125471 | 2025-06-11 18:11:55 | pk7_asn1: delete lines containing nothing but a tab | ||
| da941465 | 2025-06-11 14:23:14 | Lie less below RETURN VALUES, add a related BUGS entry, and since SMIME_write_ASN1(3) is no longer public, replace the .Xr to it with some other pointers. OK tb@ | ||
| 575fc61e | 2025-06-11 13:48:54 | SMIME_read_ASN1(3) and SMIME_write_ASN1(3) are no longer public, so link to SMIME_read_CMS(3), SMIME_read_PKCS7(3), SMIME_write_CMS(3), and/or SMIME_write_PKCS7(3) instead; OK tb@ | ||
| d72f8b34 | 2025-06-11 13:41:03 | SMIME_read_ASN1(3) is no longer public, so link to SMIME_read_CMS(3) or SMIME_read_PKCS7(3) instead, and sprinkle a few other .Xrs that may be helpful; OK tb@ | ||
| 725adbd6 | 2025-06-11 07:41:12 | Explain why we still need OPENSSL_init() (autoconf) | ||
| 25dd8fed | 2025-06-11 04:08:15 | Remove BF_PTR In bf_local.h r1.2, openssl/opensslconf.h was pulled out of the HEADER_BF_LOCL_H header guard, so BF_PTR was never defined from opensslfeatures.h. Thus, alpha, mips64, sparc64 haven't used the path that is supposedly optimized for them. On the M3k the speed gain of bf-cbc with BF_PTR is roughly 5%, so not really great. This is blowfish, so I don't think we want to carry complications for alpha and mips64 only. ok jsing kenjiro | ||
| 42cfcc5e | 2025-06-10 17:19:45 | Delete the pesky LIBRARY sections and move the .Lb macros to their new home in SYNOPSIS. OK jsg@ tedu@ | ||
| 710bbf07 | 2025-06-10 12:55:33 | .Lb libfuse ; OK tedu@ | ||
| ce95613e | 2025-06-10 12:52:51 | .Lb libarm ; OK tedu@ | ||
| efcd8228 | 2025-06-10 08:53:37 | err.c: fix previous: 8 spaces -> tab | ||
| 6b7165bf | 2025-06-09 17:49:45 | Fix comment: unsigned int, not just int | ||
| 13cef4fa | 2025-06-09 15:34:35 | one DES_LONG hid in arch/sh/opensslconf.h | ||
| eaf31d1a | 2025-06-09 14:37:48 | Move (mostly) MI constants to proper headers Most of the constants here are only defined if a specific header is in scope. So move the machine-independent macros to those headers and lose the header guards. Most of these should actually be typedefs but let's change this when we're bumping the major since this technically has ABI impact. IDEA_INT RC2_INT and RC4_INT are always unsigned int DES_LONG is always unsigned int except on i386 This preserves the existing situation on OpenBSD. If you're using portable on i386 with a compiler that does not define __i386__, there's an ABI break. ok jsing | ||
| 23f4dfa0 | 2025-06-09 14:28:33 | Make OPENSSL_IA32_SSE2 the default for i386 and remove the flag. The OPENSSL_IA32_SSE2 flag controls whether a number of the perlasm scripts generate additional implementations that use SSE2 functionality. In all cases except ghash, the code checks OPENSSL_ia32cap_P for SSE2 support, before trying to run SSE2 code. For ghash it generates a CLMUL based implementation in addition to different MMX version (one MMX version hides behind OPENSSL_IA32_SSE2, the other does not), however this does not appear to actually use SSE2. We also disable AES-NI on i386 if OPENSSL_IA32_SSE2. On OpenBSD, we've always defined OPENSSL_IA32_SSE2 so this is effectively a no-op. The only change is that we now check MMX rather than SSE2 for the ghash MMX implementation. ok bcook@ beck@ | ||
| 234f524d | 2025-06-09 13:58:28 | Remove GNU assembler version check. GNU assembler version 2.19 was released in 2014, so it does not seem unreasonable to expect that we have an assembler that supports AVX. Furthermore, the current check fails on LLVM. ok bcook@ beck@ | ||
| 7445a4f7 | 2025-06-09 13:51:48 | Stop defining OPENSSL_IA32_SSE2 on amd64. This no longer does anything on this architecture. ok bcook@ beck@ | ||
| 24daa640 | 2025-06-09 12:43:53 | Retire the manual pages OPENSSL_load_builtin_modules(3) and OBJ_NAME_add(3) because these functions no longer exist. OK tb@ | ||
| dbfd3f95 | 2025-06-09 12:42:46 | EVP_cleanup(3) is no longer relevant here since it no longer has any effect. OK tb@ | ||
| 1ccd8002 | 2025-06-09 12:06:23 | This file is no longer relevant because the function CONF_module_add() is no longer public. Even though ASN1_add_oid_module() still exists as an internal function, this file contains more misleading (DSO, OPENSSL_load_builtin_modules) than useful information, so delete it. OK tb@ | ||
| ca887080 | 2025-06-09 10:14:38 | SSL_shutdown(): remove pointless NULL check. reported by smatch via jsg ok beck | ||
| c8a0fb63 | 2025-06-09 09:40:57 | If OK to read flag is set, don't set write space to buffer size. Avoids a problem where after fpurge(), putc() characters to a read-write FILE may be lost. If this doesn't work, gnulib accesses FILE internals. From Eric Blake in FreeBSD PR 137819. ok yasuoka@ | ||
| 5863e374 | 2025-06-09 02:07:30 | .Lb libradius ; OK yasuoka@ tedu@ | ||
| 1d858eeb | 2025-06-08 22:58:09 | mention that SSL_load_error_strings(3) lives in libssl; "sounds good" tb@ | ||
| a8680c8b | 2025-06-08 22:52:00 | .Lb libssl libcrypto ; OK tb@ | ||
| 61351504 | 2025-06-08 22:49:42 | delete an "intentionally undocumented" comment regarding stuff that no longer exists, and add .Lb libssl libcrypto; OK tb@ | ||
| e5b65a2f | 2025-06-08 22:47:20 | add the missing .In line and add .Lb libssl libcrypto ; OK tb@ | ||
| 4579975d | 2025-06-08 22:40:29 | .Lb libcrypto ; OK tb@ | ||
| d4aada61 | 2025-06-08 22:37:23 | remove some "intentionally undocumented" comments regarding stuff that no longer exists, and add .Lb; OK tb@ | ||
| 2e898360 | 2025-06-08 22:30:52 | add the missing .In line and add .Lb libcrypto ; OK tb@ | ||
| 41ab2432 | 2025-06-08 12:48:44 | .Lb libalpha ; OK matthieu@ tedu@. There is no .In macro because application code using these functions needs to copy the required prototypes from the manual page into the code instead of using any #include directive. According to matthieu@, this "was used by the X server on alpha, which has been broken for several years. No one seems to care enough to try to figure out what is needed to fix it." | ||
| a29a425e | 2025-06-08 11:22:18 | Remove ${MULTIPLE_OF_EIGHT}_BIT* These are unused internally and very few things look at them, none of which should really matter to us, except possibly free pascal on Windows. sizeof has been available since forever... ok jsing | ||
| 4165ed75 | 2025-06-08 07:49:45 | More code clean up. Fix some things that got missed in the last pass - the majority is use of post-increment rather than unnecessary pre-increment. | ||
| 8b0b9e0d | 2025-06-08 07:38:42 | Remove more mess related to arm assembly. | ||
| 03ca89d1 | 2025-06-08 07:37:49 | Garbage collect DES_PTR pointed out by/ok jsing | ||
| dc0813ea | 2025-06-08 04:48:07 | Remove DES_RISC* codesearch.debian.net only shows some legacy openssl patches plus binkd (a FidoNet mailer) as sole potential user. net-snmp and a strongswan DES plugin bundle some opt-in libdes/openssl legacy things. If this should break any of this, I don't think we need to care. If you're really going to use DES you can also use non bleeding edge libressl. We can remove the big 'default values' block because one of DES_RISC1, DES_RISC2, DES_UNROLL is always defined (you can ignore DES_PTR for this), so this is dead support code for mostly dead platforms. ok kenjiro | ||
| 5ece6a59 | 2025-06-07 23:56:57 | fpclassify(3) and isgreater(3) are the last two pages living in src/lib/libc that require <math.h>, which implies that POSIX allows them to be in libm. While -lm is not currently required on OpenBSD, which POSIX is also fine with, providing -lm for these may help portability elsewhere. Requested by guenther@ and tedu@. | ||
| beadac4b | 2025-06-07 20:50:40 | .Lb libevent in some WIP pages that are not yet installed | ||
| 44b12aca | 2025-06-07 20:37:45 | .Lb libevent ; OK tedu@ | ||
| c3fb235e | 2025-06-07 15:50:12 | Trim trailing whitespace | ||
| 4f09611f | 2025-06-07 15:49:22 | Spelling, discussed with jsing | ||
| c6539648 | 2025-06-07 10:33:06 | .Lb libm ; OK tedu@ | ||
| 43bdc3b5 | 2025-06-07 10:25:12 | tls13_ctx_new(): fix calloc() incantation Switch argument order and use sizeof(*ctx) rather than sizeof(struct ...). ok jsg | ||
| 88350ef7 | 2025-06-07 10:23:21 | Fix weird calloc() argument order ok jsg | ||
| d757ecc8 | 2025-06-07 10:04:45 | .Lb libz ; OK tb@ tedu@ | ||
| 921df737 | 2025-06-07 09:56:51 | .Lb libpcap ; OK dlg@ tedu@ | ||
| a2fdf17a | 2025-06-07 09:53:06 | .Lb libsndio ; OK ratchov@ tedu@ | ||
| f83cb516 | 2025-06-07 09:51:54 | sioctl_revents(3) was missing from the name section, and add .Lb libsndio to the SYNOPSIS; OK ratchov@ tedu@ | ||
| 6bc9d332 | 2025-06-07 09:45:07 | English grammar: add a missing word; from Jan Stary <hans at stare dot cz> | ||
| 2c19ae91 | 2025-06-07 09:32:35 | do_PVK_body: Unconditionally free enctmp enctmp is only allocated if saltlen > 0, so there is no harm in checking for that, but it's also pointless. Unconfuses smatch who thinks there might be a memory leak: pem/pvkfmt.c:808 do_PVK_body() warn: possible memory leak of 'enctmp' found by jsg | ||
| 2062ef68 | 2025-06-07 09:28:00 | Fix smatch warning in asn1_primitive_print() Remove unnecessary and inconsistent NULL check for 'it', which the only caller, asn1_item_print_ctx(), already dereferenced. found by jsg ok kenjiro | ||
| b2c6c93a | 2025-06-07 04:37:01 | crypto_ex_data: fix allocation size of classes_new classes_new is an array of pointers to struct crypto_ex_data, not an array of struct crypto_ex_data_index, so this overallocated by 240 or 480 bytes on ILP32 or LP64, respectively. found by jsg using smatch ok jsing | ||
| 5d8200c9 | 2025-06-07 00:30:54 | The pthread_sigmask(3) function is a special case. The POSIX specification of the c99 utility explicitly requires it to be declared in <signal.h> (and not in <pthread.h>) and yet allows it to require -lpthread. While OpenBSD does not require -lpthread and provides the function in libc, which POSIX permits, specifying -lpthread can do no harm and may improve portability, so say .Lb libpthread here, too. Requested by guenther@. | ||
| 288e47d5 | 2025-06-07 00:16:52 | .Lb libpthread ; significant help and OK from guenther@ and tedu@ OpenBSD actually provides the functions documented in about 20 of these 70 manual pages in libc rather than in libpthread, which the POSIX specification of the c99 utility explicitly permits. Recommend specifying -lpthread for all of them anyway. That not only does no harm, but may even improve portability. | ||
| a2f4fefd | 2025-06-06 22:01:39 | .Lb libutil ; OK tedu@ | ||
| 3ca9b1da | 2025-06-06 21:53:13 | .Lb libkvm ; OK tedu@ | ||
| a424e829 | 2025-06-06 21:50:10 | While we have fabs(3), frexp(3), ldexp(3), and modf(3) in libc, we have their eight *f and *l variants in libm, so add .Lb libm as suggested by tedu@: "A little extra -lm won't hurt anyone." | ||
| 5a5f6d11 | 2025-06-06 21:38:27 | fix multiple small markup issues and add .Lb libusbhid ; OK anton@ tedu@ | ||
| a3a8500a | 2025-06-06 21:34:12 | .Lb libskey ; OK millert@ tedu@ | ||
| 45bd099d | 2025-06-06 21:09:33 | Add a roff(7) comment saying "these functions live in libc" to help future manpage editors, as suggested by miod@ and tedu@. | ||
| a866c4c7 | 2025-06-06 20:52:27 | .Lb libossaudio , and reference sioctl_open(3) properly; OK ratchov@ tedu@ | ||
| 361533b7 | 2025-06-06 07:41:01 | Fix EVP_DecryptFinal() for CCM ciphers There is an old trap that you must not call EVP_*Final() when using AES-CCM. While encrypting this happens to be a noop and succeeds, but when decrypting, the call fails. This behavior changed in OpenSSL and BoringSSL, making the trap even worse since we now fail when the others succeed. This is an adaptation of OpenSSL commit 197421b1 to fix this. See also https://github.com/sfackler/rust-openssl/pull/1805#issuecomment-2734788336 ok beck kenjiro | ||
| 9a0f4693 | 2025-06-06 00:04:33 | use the first nibble in DLT_RAW as a link type field. this lets you filter on ip or ip6 payloads, and rejects every other link type. ok claudio@ | ||
| 402b23ce | 2025-06-05 18:59:11 | .Lb libkeynote libm libcrypto ; OK tedu@ | ||
| 03cfeab9 | 2025-06-05 18:57:01 | .Lb libedit libcurses ; OK tedu@ | ||
| b57dcb7b | 2025-06-05 18:47:18 | use .Lb for libi386 and libamd64; OK guenther@ tedu@ | ||
| 5c99a53f | 2025-06-05 18:43:07 | .Lb libagentx ; OK martijn@ tedu@ | ||
| c8758384 | 2025-06-05 08:55:07 | Add back #include <sys/types.h> for pid_t This makes imsg.h is self-standing again and unbreaks the build of audio/amused whose player.c managed to include imsg.h before pulling in sys/types.h. ok claudio | ||
| 57a8f85d | 2025-06-05 07:50:30 | pkcs7.h: drop two spaces before a tab | ||
| 6c5cd6d4 | 2025-06-05 06:37:24 | Rename the header guard of des.h with HEADER_DES_H libdes is dead, Jim. Only its successors continue to haunt us. discussed with jsing | ||
| 644a22cd | 2025-06-05 06:34:11 | Remove preprocessor branching on HEADER_DES_H This was the header guard for des_old.h introduced in 2002 and removed in 2014. The header guard for des.h is HEADER_NEW_DES_H for the sake of inconsistency (ostensibly due to backward compat concerns with libdes). ok jsing | ||
| ea02ff1e | 2025-06-05 04:14:50 | opensslconf.h: remove md2 leftovers md2.h left on Apr 15, 2014, along with jpake and seed. In particular, HEADER_MD2_H is never defined. These bits have been dead ever since. ok jsing | ||
| 60a11250 | 2025-06-04 10:25:30 | libtls: abort handshake on no ALPN protcol overlap RFC 7301, section 3.2: In the event that the server supports no protocols that the client advertises, then the server SHALL respond with a fatal "no_application_protocol" alert. This change makes tlsext_alpn_server_process() send the alert rather than pretending no callback was present. ok jsing | ||
| 78ca79c0 | 2025-06-04 09:09:25 | Bump minor version because of symbol additions. | ||
| a6a83a45 | 2025-06-04 09:08:52 | More imsg function additions: imsgbuf_get() will replace imsg_get() in the long run. Has much simpler return value since nobody uses the imsg_get() return value for anything. imsg_ibufq_push() and imsg_ibufq_pop() allows to push and pop imsg into an ibufq so they can be processed at a later stage or from a different task. OK tb@ | ||
| 7dadfe6f | 2025-06-04 09:07:58 | Kill internal use of imsg_add() and use ibuf_add() instead. Also ibuf_free() now preserves the errno so no need for any extra dance. OK tb@ | ||
| 41a801a1 | 2025-06-04 09:06:56 | Preserve errno in ibuf_free() so we don't have to do it in the callers. OK tb@ | ||
| a2618958 | 2025-06-04 09:06:21 | Add a few extra len == 0 checks just to avoid possible UB via memcpy and memset. OK tb@ | ||
| 309618ec | 2025-06-04 09:04:52 | Add ibufq API to support multithreaded use of ibufs ibufq_new() allocates a new struct ibufqueue ibufq_free() flushes all ibufs and frees the ibufqueue ibufq_push() enqueues an ibuf onto the queue ibufq_pop() dequeues an ibuf from the queue ibufq_queuelen() returns the current queue length ibufq_concat() concatenates all ibufs from the 2nd queue to the end of the first queue. msgbuf_concat() enqueue all ibufs from the ibuf queue into the msgbuf. Adjust the internal msgbuf code to use ibufq as well. OK tb@ | ||
| 9a015d61 | 2025-06-04 09:03:05 | Implement following new helper functions: ibuf_add_strbuf, ibuf_get_strbuf functions to insert or parse a fixed size string buffer. These function ensure that the returned string is always NUL terminated and return errors (errno EOVERFLOW) when the string is truncated to fit into the buffer. Two new convenience functions for imsg parsing imsg_get_buf() and imsg_get_strbuf(). The first simply wraps ibuf_get() and the latter ibuf_get_strbuf(). imsg_get_buf() is like imsg_get_data() but does not enforce that all data has to be pulled in one go. Two functions to adjust the max payload of a buffer: imsg_set_maxsize() and ibuf_set_maxsize(). Align imsgbuf_set_maxsize() with imsg_set_maxsize() and use the payload size (excluding the IMSG_HEADER_SIZE). man page updates by tb@ OK tb@ | ||
| 1c8bb539 | 2025-06-04 09:00:44 | Make imsg.h freestanding by adding sys/queue.h to imsg.h and use stdint.h and stddef.h to get types and NULL. OK tb@ | ||
| ce1bcb34 | 2025-06-04 00:38:01 | Revert 1.144 of lib/libc/stdlib/malloc.3. It was changed by accident by my previous commit. |