IABSD.fr/src/lib
Branch :
Log
| Author | Commit | Date | CI | Message |
|---|---|---|---|---|
 |
a5dd8c56 | 2025-07-11 18:42:51 | X509_sign: make variables in SYNOPSIS match the ones used in DESCRIPTION | |
|
0b4ddc31 | 2025-07-10 18:50:23 | X509_verify(): sync with X509_CRL_verify() Check X509_ALGOR_cmp() explicitly against 0 and add an explanatory comment referring to the relevant RFC 5280 sections. ok beck kenjiro | |
|
aafaeed7 | 2025-07-10 18:48:31 | Add missing check to X509_CRL_verify() When fixing CVE-2014-8275 in commit 684400ce, Henson added a check that the AlgorithmIdentifier in the certificate's signature matches the one in the tbsCertificate. A corresponding check for CRLs was missed. BoringSSL added such a check in 2022, so this should be fine for us to do as well even though OpenSSL still doesn't have it. The only caller will set an error on the stack, so we don't do it here. There's no obvious check that X509_REQ_verify() could do. ok beck kenjiro | |
 |
261b85fc | 2025-07-09 00:01:43 | add .Lb libfido2 libcbor libcrypto libz ; ok djm@ upstream likes this in principle, but wants to delay merging the patch until groff perfectly supports this style, see https://github.com/Yubico/libfido2/pull/877 | |
 |
69de08c2 | 2025-07-08 02:23:49 | avaliable -> available | |
|
f9ed96d1 | 2025-07-07 10:54:00 | .Lb libtls libssl libcrypto OK tb@ and no objection from tedu@ | |
|
e35fec96 | 2025-07-07 10:17:54 | Restore the HISTORY section that fell victim to the pthread_rwlock_*(3) merge. Also, sort SEE ALSO, and delete trailing whitespace from one input line. OK tedu@ | |
 |
f9786dbb | 2025-07-06 15:37:33 | Move aes_ecb_encrypt_internal() prototype to aes_local.h. | |
|
4185180c | 2025-07-06 09:32:08 | X509_get0_signature: call out inconsistent argument order in BUGS These annoying and careless inconsistencies were introduced when const was sprinkled everywhere without rhyme or reason. | |
 |
c8caed09 | 2025-07-05 16:15:05 | remove pages that have been combined | |
|
d55306ec | 2025-07-05 16:13:50 | combine the rwlock man pages into a single file. ok schwarze | |
|
0d69c4a5 | 2025-07-04 05:16:56 | fix double word; ok tb@ | |
|
f0abab3c | 2025-07-03 18:02:54 | rm now combined pages | |
|
8e0abe1f | 2025-07-03 18:01:38 | combine the text of the condition variable pages together. these pages all have the same author and copyright. with many suggestions and ok schwarze | |
|
990053bb | 2025-07-02 16:07:02 | sprinkle some missing .Dv macros in .It heads, no text change | |
|
3edd23df | 2025-07-02 15:56:32 | fix one instance of ".Va struct stat" to use the correct macro, .Vt | |
|
6391cbfe | 2025-07-02 15:42:13 | tweak previous: use .Xr for manual page references and .Dv for object-like preprocessor macros | |
 |
0f465eff | 2025-07-02 13:08:21 | Describe the "dns" promise in more detail, as being distinct from "inet". This is a pretty important factor that makes it impossible for other operating systems to do pledge.. | |
|
1ea7a893 | 2025-07-02 10:24:17 | pkcs7.h: remove whitespace before opening paren. fixes in particular ./check_complete.pl pkcs7 | |
|
8d84bbd7 | 2025-07-02 06:40:28 | Const correct the documentation of EVP_PKEY_get{0,1}_{DH,DSA,EC_KEY,RSA}() | |
|
e01cebc4 | 2025-07-02 06:36:52 | Const correct EVP_PKEY_get{0,1}_{DH,DSA,EC_KEY,RSA}() These are safe to call concurrently and they don't modify the memory region pointed to by the pkey - they only bump the refcount of the key hanging off of it. The returned "legacy" key has to be handled with care in threaded constexts, so it is handed back as non-const. This also matches what EVP_PKEY_get0() always had. This way our signature is identical to BoringSSL's and doesn't cause compiler warnings in code that overuses const because one of the many API incoherencies added by OpenSSL 3 was to turn get0 into a function that takes and returns const while leaving get1 as it was. dlg agrees ok kenjiro | |
|
781a641e | 2025-07-02 06:27:44 | Fix documented EVP_PKEY{,_base}_id() signature These have been taking a const pkey ever since they were added in OpenSSL 1.0.0. | |
|
2072c1ca | 2025-07-02 06:19:46 | EVP_CipherInit_ex(): normalize EVP_CIPHER_CTX_ctrl() error check While EVP_CIPHER_CTX_ctrl() can return a negative value this can't actually happen currently as all ciphers with EVP_CIPH_CTRL_INIT set normalize the EVP_CTRL_INIT return value to boolean in their ctrl() methods. Still, this check looks weird in grep, so align it. ok beck kenjiro | |
|
6a23f579 | 2025-07-01 06:47:56 | X509_print_ex.3: document X509_FLAG_NO_IDS ok job kenjiro | |
|
edf5a014 | 2025-07-01 06:46:39 | X509_print: emit UIDs unless X509_FLAG_NO_IDS is set issuerUID and subjectUID are a curiosity introduced in X.509v2 before extensions were a thing. Their purpose is to help distinguishing certs with identical subject. They are rarely used and are MUST NOT use in the CA/BF baseline requirements. They do occasionally show up in test certificates and it is confusing that openssl x509 silently ignores them. Their encoding also makes them relatively hard to spot in the output of asn1 parsing tools. The output is identical to OpenSSL < 3 and BoringSSL, but due to some weird tweaks added leading up to OpenSSL 3 their output is no longer compatible with that. It is not entirely correct anyway. Since it is a (not further specified) bit string, you shouldn't be ignoring its unused bits... The X509_FLAG_NO_IDS flag has no effect for CSRs. discussed with beck ok job kenjiro (on an earlier version) | |
|
ddd64f10 | 2025-07-01 06:35:16 | x509.h: provide X509_FLAG_NO_IDS | |
 |
6036672b | 2025-06-29 00:33:46 | make the argument to ether_ntoa const. this drives me nuts when i want to print something out of what's already const. casting it works, but feels gross. ok guenther@ tb@ deraadt@ enh says this is already in bionic/glibc/musl | |
|
87ed7926 | 2025-06-28 12:51:08 | Provide accelerated SHA-1 for aarch64. Provide an assembly implementation of SHA-1 for aarch64 using the ARM Cryptographic Extension (CE). This results in around a 2x speed up for larger block sizes. ok tb@ | |
|
37a8ce51 | 2025-06-28 12:39:10 | Rework gcm128 implementation selection for amd64/i386. Provide gcm128_amd64.c and gcm128_i386.c, which contain the appropriate gcm128 initialisation and CPU feature tests for the respective platform. This allows for all of the #define spagetti to be removed from gcm128.c and removes one of the two remaining consumers of crypto_cpu_caps_ia32(). ok tb@ | |
|
ea22eee2 | 2025-06-28 12:32:27 | Use a single implementation of gcm_mul()/gcm_ghash(). Since we always initialise the gmult/ghash function pointers, use the same implementaion of gcm_mul() and gcm_ghash(), regardless of the actual underlying implementation. ok tb@ | |
|
995c766a | 2025-06-28 12:25:22 | Remove less than useful comment. | |
|
11e9ba59 | 2025-06-28 12:21:46 | Add CLMUL and MMX to machine dependent CPU capabilities for i386. ok tb@ | |
|
a7901eeb | 2025-06-28 12:20:39 | Add CLMUL to machine dependent CPU capabilities for amd64. ok tb@ | |
|
12eed96c | 2025-06-27 17:26:57 | Simplify EVP AES-GCM implementation and remove AES-NI specific code. Like CTR, the mode implementation for GCM has two variants - rather than using multiple variants (one for AES-NI, another for non-AES-NI), consistently use CRYPTO_gcm128_{en,de}crypt_ctr32() with the aes_ctr32_encrypt_internal() function added for CTR mode. This lets us remove the AES-NI specific code, AES-NI specific EVP_CIPHER methods and the ctr function pointer from EVP_AES_GCM_CTX. ok tb@ | |
|
d7bdfee2 | 2025-06-27 17:10:45 | Move AES-NI from EVP to AES for CTR mode. The mode implementation for CTR has two variants - one takes the block function, while the other takes a "ctr32" function. The latter is expected to handle the lower 32 bits of the IV/counter, but is not expected to handle overflow. The AES-NI implementation for CTR currently uses the second variant. Provide aes_ctr32_encrypt_internal() as a function that can be replaced on a machine dependent basis, along with an aes_ctr32_encrypt_generic() function that provides the default implementation and can be used as a fallback. Wire up the AES-NI version for amd64 and i386, change AES_ctr128_encrypt() to use CRYPTO_ctr128_encrypt_ctr32() (which calls aes_ctr32_encrypt_internal()) and remove the various AES-NI specific EVP_CIPHER methods for CTR. Callers of AES_ctr128_encrypt() will now use AES-NI, if available. ok tb@ | |
|
53243425 | 2025-06-27 16:43:54 | Remove unused defines from aes_local.h. MAXKB was added in OpenSSL commit deb2c1a1 and appears to have never been used, while MAXKC (originally RIJNDAEL_MAXKC) stopped being used in that same commit. MAXNR is also unused - AES_MAXNR exists in the public header. ok tb@ | |
|
9079c04a | 2025-06-25 18:28:47 | X509_print and friends: switch from BIO_write() to BIO_printf() Manually counting letters in const strings is ... suboptimal. ok beck jsing | |
 |
8b6603bd | 2025-06-23 13:53:11 | Merge changes from tzcode2013[e-g] This adds support for version 3 of the time zone data files which supports perpetual DST and new values for the embedded TZ-format string. Older libc can still read the version 3 files. The zdump utility now outputs "UT" when referring to Universal Time, not "UTC". "UTC" does not make sense for time stamps that predate the introduction of UTC, whereas "UT", a more-generic term, does. The documentation also now references "UT" in cases where the time may predate UTC. OK tb@ | |
 |
705f259c | 2025-06-21 08:10:02 | Clarify these functions are about an attributes object OK tb@ | |
|
20528415 | 2025-06-20 12:57:56 | Clarify pthread_rwlockattr_destroy is for use with an attributes object OK tb@ | |
|
ddd591ea | 2025-06-20 12:51:51 | Add more precise wording to the pthread_rwlockattr_init(3) synopsis OK tb@ | |
|
2d066bec | 2025-06-18 13:50:02 | Periodic re-check of /etc/resolv.conf was done with stat(), then open(), then parse. This is not a TOCTOU because there is no data dependency problem. However, this is intricately tied into an undocumented secret contract between libc and kernel for pledge("dns"), where a pledge_namei() callback checks which path & system call is doing the operation. I had to add a SYS_stat check rather than relying on just the SYS_open check. I prefer to be reduce the sneakiness. In a year after statically-linked binaries have been replaced everywhere, I can tighten the pledge_namei() check by removing the SYS_stat check. ok dlg guenther florian | |
|
bd2de2c5 | 2025-06-16 14:50:30 | Remove AES-NI specific EVP_CIPHER methods for CFB/CFB1/CFB8. These now end up in aesni_encrypt() via AES_encrypt(), when appropriate. ok tb@ | |
|
9819e79f | 2025-06-16 14:42:18 | Remove AES-NI specific EVP_CIPHER methods for OFB. These now end up in aesni_encrypt() via AES_encrypt(), when appropriate. ok tb@ | |
|
2080c483 | 2025-06-16 14:31:52 | Remove AES-NI specific EVP_CIPHER methods for CBC. These now end up in aesni_cbc_encrypt() via AES_cbc_encrypt(), when appropriate. ok tb@ | |
 |
6ebced9d | 2025-06-16 13:56:11 | Set the initial imsg header len to 0 in imsg_create(). The real value is written in imsg_close() but this way no uninitialized value is added to the imsg. CID 554939 OK tb@ | |
 |
5a46b081 | 2025-06-16 10:24:55 | strip the temporary filename when displaying a verification error; avoids unnecessary diff in output between runs | |
|
47f2496f | 2025-06-15 15:58:56 | crypto_ex_data: use same sizeof idiom as everywhere else in our own code ok beck | |
|
1a751a5f | 2025-06-15 15:43:00 | Remove aesni_init_key(). The various methods can now use the regular init key functions, since the call to AES_set_{en,de}crypt_key() will be routed to the AES-NI implementation, if supported. ok tb@ | |
|
41eed276 | 2025-06-15 15:11:50 | Integrate AES-NI into the AES code. Currently, the AES-NI code is only integrated into EVP - add code to integrate AES-NI into AES. Rename the assembly provided functions and provide C versions for the original names, which check for AES-NI support and dispatch to the appropriate function. This means that the AES_* public API will now use AES-NI, if available. ok tb@ | |
|
3ebadeb6 | 2025-06-15 14:18:31 | Provide machine dependent CPU capabilities for i386. This indicates if AES-NI is available via CRYPTO_CPU_CAPS_I386_AES. ok tb@ | |
|
2c2a083c | 2025-06-15 14:16:11 | Provide CRYPTO_CPU_CAPS_AMD64_AES in machine dependent CPU capabilities. ok tb@ | |
|
577fe228 | 2025-06-14 06:48:47 | Fix signature of BN_zero This was changed a bit more than two years ago. | |
|
f8007ba6 | 2025-06-13 18:48:05 | Switch misuse of .Ft to the more appropriate .Vt macro, and remove useless quoting of .Ft arguments. | |
|
f6773c1f | 2025-06-13 18:45:02 | Fix a documentation bug: pcap_fopen_offline(3) returns a pointer, not a structure. Also remove useless quoting of .Ft arguments. | |
|
74a1e058 | 2025-06-13 18:34:00 | The mdoc(7) .Ft macro does not need quoting of its arguments, but about 10% of our manual pages using this macro employed useless quoting anyway. Remove these quotes such that they do not incite fear, uncertainty, and doubt in developers who happen to look at these pages. jmc@ and tb@ agree with the direction. | |
|
430d307e | 2025-06-13 13:56:43 | tweak previous: cull a stray .Pp that crept in and caused a warning: mandoc: intro.2:164:2: WARNING: skipping paragraph macro: Pp before It | |
|
e52d87dc | 2025-06-13 13:25:32 | ENOTDIR is used often enough to refer to a fd situation rather than a pathname situation, so we should mention this in the documentation. The message is not changed. | |
|
f3df33fd | 2025-06-12 16:07:09 | <uvm/uvmexp.h> is clearly only for VM_MALLOC_CONF, but <sys/sysctl.h> takes care of doing that include. | |
|
966ca342 | 2025-06-12 15:59:30 | Bring the DESCRIPTION a bit closer to reality, in particular stop claiming that the "add" functions add anything. Indicate that they are mostly NOOPs nowadays, but without being overly specific. Also, more explicitly discourage abusing OpenSSL_add_all_algorithms(3) for loadiing a configuration file. Guidance and OK tb@. | |
 |
b52a5c78 | 2025-06-12 11:23:36 | Drop __multf3 from the list; it isn't actually exported. ok deraadt@, tb@ | |
|
97ca9391 | 2025-06-12 01:16:50 | fix incomplete NAME sections; OK jsg@ | |
|
2de8940e | 2025-06-12 00:21:39 | fpurge() first appeared in 4.3BSD-Reno ok deraadt@ schwarze@ | |
|
c82f3d91 | 2025-06-11 23:41:19 | EC_GROUP_check: rephrase a sentence so it's a bit less awkward | |
|
8e6fb259 | 2025-06-11 23:21:08 | The functions SMIME_read_ASN1(3) and SMIME_write_ASN1(3) are no longer public, so delete their manual pages. OK tb@ | |
|
c383fa08 | 2025-06-11 23:16:32 | Since the function SMIME_write_ASN1(3) is no longer public, move the descriptions of CMS_REUSE_DIGEST, PKCS7_REUSE_DIGEST, SMIME_BINARY, and SMIME_CRLFEOL and some improved wordings from that former page to SMIME_write_CMS(3) and SMIME_write_PKCS7(3), with some further polishing. Feedback and OK tb@. | |
|
14125471 | 2025-06-11 18:11:55 | pk7_asn1: delete lines containing nothing but a tab | |
|
da941465 | 2025-06-11 14:23:14 | Lie less below RETURN VALUES, add a related BUGS entry, and since SMIME_write_ASN1(3) is no longer public, replace the .Xr to it with some other pointers. OK tb@ | |
|
575fc61e | 2025-06-11 13:48:54 | SMIME_read_ASN1(3) and SMIME_write_ASN1(3) are no longer public, so link to SMIME_read_CMS(3), SMIME_read_PKCS7(3), SMIME_write_CMS(3), and/or SMIME_write_PKCS7(3) instead; OK tb@ | |
|
d72f8b34 | 2025-06-11 13:41:03 | SMIME_read_ASN1(3) is no longer public, so link to SMIME_read_CMS(3) or SMIME_read_PKCS7(3) instead, and sprinkle a few other .Xrs that may be helpful; OK tb@ | |
|
725adbd6 | 2025-06-11 07:41:12 | Explain why we still need OPENSSL_init() (autoconf) | |
|
25dd8fed | 2025-06-11 04:08:15 | Remove BF_PTR In bf_local.h r1.2, openssl/opensslconf.h was pulled out of the HEADER_BF_LOCL_H header guard, so BF_PTR was never defined from opensslfeatures.h. Thus, alpha, mips64, sparc64 haven't used the path that is supposedly optimized for them. On the M3k the speed gain of bf-cbc with BF_PTR is roughly 5%, so not really great. This is blowfish, so I don't think we want to carry complications for alpha and mips64 only. ok jsing kenjiro | |
|
42cfcc5e | 2025-06-10 17:19:45 | Delete the pesky LIBRARY sections and move the .Lb macros to their new home in SYNOPSIS. OK jsg@ tedu@ | |
|
710bbf07 | 2025-06-10 12:55:33 | .Lb libfuse ; OK tedu@ | |
|
ce95613e | 2025-06-10 12:52:51 | .Lb libarm ; OK tedu@ | |
|
efcd8228 | 2025-06-10 08:53:37 | err.c: fix previous: 8 spaces -> tab | |
|
6b7165bf | 2025-06-09 17:49:45 | Fix comment: unsigned int, not just int | |
|
13cef4fa | 2025-06-09 15:34:35 | one DES_LONG hid in arch/sh/opensslconf.h | |
|
eaf31d1a | 2025-06-09 14:37:48 | Move (mostly) MI constants to proper headers Most of the constants here are only defined if a specific header is in scope. So move the machine-independent macros to those headers and lose the header guards. Most of these should actually be typedefs but let's change this when we're bumping the major since this technically has ABI impact. IDEA_INT RC2_INT and RC4_INT are always unsigned int DES_LONG is always unsigned int except on i386 This preserves the existing situation on OpenBSD. If you're using portable on i386 with a compiler that does not define __i386__, there's an ABI break. ok jsing | |
|
23f4dfa0 | 2025-06-09 14:28:33 | Make OPENSSL_IA32_SSE2 the default for i386 and remove the flag. The OPENSSL_IA32_SSE2 flag controls whether a number of the perlasm scripts generate additional implementations that use SSE2 functionality. In all cases except ghash, the code checks OPENSSL_ia32cap_P for SSE2 support, before trying to run SSE2 code. For ghash it generates a CLMUL based implementation in addition to different MMX version (one MMX version hides behind OPENSSL_IA32_SSE2, the other does not), however this does not appear to actually use SSE2. We also disable AES-NI on i386 if OPENSSL_IA32_SSE2. On OpenBSD, we've always defined OPENSSL_IA32_SSE2 so this is effectively a no-op. The only change is that we now check MMX rather than SSE2 for the ghash MMX implementation. ok bcook@ beck@ | |
|
234f524d | 2025-06-09 13:58:28 | Remove GNU assembler version check. GNU assembler version 2.19 was released in 2014, so it does not seem unreasonable to expect that we have an assembler that supports AVX. Furthermore, the current check fails on LLVM. ok bcook@ beck@ | |
|
7445a4f7 | 2025-06-09 13:51:48 | Stop defining OPENSSL_IA32_SSE2 on amd64. This no longer does anything on this architecture. ok bcook@ beck@ | |
|
24daa640 | 2025-06-09 12:43:53 | Retire the manual pages OPENSSL_load_builtin_modules(3) and OBJ_NAME_add(3) because these functions no longer exist. OK tb@ | |
|
dbfd3f95 | 2025-06-09 12:42:46 | EVP_cleanup(3) is no longer relevant here since it no longer has any effect. OK tb@ | |
|
1ccd8002 | 2025-06-09 12:06:23 | This file is no longer relevant because the function CONF_module_add() is no longer public. Even though ASN1_add_oid_module() still exists as an internal function, this file contains more misleading (DSO, OPENSSL_load_builtin_modules) than useful information, so delete it. OK tb@ | |
|
ca887080 | 2025-06-09 10:14:38 | SSL_shutdown(): remove pointless NULL check. reported by smatch via jsg ok beck | |
|
c8a0fb63 | 2025-06-09 09:40:57 | If OK to read flag is set, don't set write space to buffer size. Avoids a problem where after fpurge(), putc() characters to a read-write FILE may be lost. If this doesn't work, gnulib accesses FILE internals. From Eric Blake in FreeBSD PR 137819. ok yasuoka@ | |
|
5863e374 | 2025-06-09 02:07:30 | .Lb libradius ; OK yasuoka@ tedu@ | |
|
1d858eeb | 2025-06-08 22:58:09 | mention that SSL_load_error_strings(3) lives in libssl; "sounds good" tb@ | |
|
a8680c8b | 2025-06-08 22:52:00 | .Lb libssl libcrypto ; OK tb@ | |
|
61351504 | 2025-06-08 22:49:42 | delete an "intentionally undocumented" comment regarding stuff that no longer exists, and add .Lb libssl libcrypto; OK tb@ | |
|
e5b65a2f | 2025-06-08 22:47:20 | add the missing .In line and add .Lb libssl libcrypto ; OK tb@ | |
|
4579975d | 2025-06-08 22:40:29 | .Lb libcrypto ; OK tb@ | |
|
d4aada61 | 2025-06-08 22:37:23 | remove some "intentionally undocumented" comments regarding stuff that no longer exists, and add .Lb; OK tb@ | |
|
2e898360 | 2025-06-08 22:30:52 | add the missing .In line and add .Lb libcrypto ; OK tb@ | |
|
41ab2432 | 2025-06-08 12:48:44 | .Lb libalpha ; OK matthieu@ tedu@. There is no .In macro because application code using these functions needs to copy the required prototypes from the manual page into the code instead of using any #include directive. According to matthieu@, this "was used by the X server on alpha, which has been broken for several years. No one seems to care enough to try to figure out what is needed to fix it." | |
|
a29a425e | 2025-06-08 11:22:18 | Remove ${MULTIPLE_OF_EIGHT}_BIT* These are unused internally and very few things look at them, none of which should really matter to us, except possibly free pascal on Windows. sizeof has been available since forever... ok jsing | |
|
4165ed75 | 2025-06-08 07:49:45 | More code clean up. Fix some things that got missed in the last pass - the majority is use of post-increment rather than unnecessary pre-increment. | |
|
8b0b9e0d | 2025-06-08 07:38:42 | Remove more mess related to arm assembly. | |
|
03ca89d1 | 2025-06-08 07:37:49 | Garbage collect DES_PTR pointed out by/ok jsing |