IABSD.fr/src/lib
Branch :
Log
| Author | Commit | Date | CI | Message |
|---|---|---|---|---|
 |
71517d29 | 2023-04-27 10:50:37 | ssl_tlsext.c: Add an accessor for the tls extension type. Needed for the tlsexttest.c ok jsing | |
|
96e95ebe | 2023-04-27 10:43:47 | Somehow I managed not to bump LIBRESSL_VERSION_NUMBER reported by aja | |
|
24ef2b6b | 2023-04-27 09:49:44 | EC_KEY_{get,insert}_key_method_data() are no longer available | |
|
bc877740 | 2023-04-27 09:47:03 | One more reciprocal thing hid in here (yay for consistent naming) | |
|
80fdaf6e | 2023-04-27 09:45:56 | Remove stale references to BN reciprocal stuff | |
|
6da78a26 | 2023-04-27 09:43:55 | Remove documentation of reciprocal BN which is now internal only | |
|
b7d527b2 | 2023-04-27 09:39:52 | Remove documentation of GF2m point stuff | |
|
7b4b8eb1 | 2023-04-27 09:35:20 | EC_GROUP_new() Strip out complications due to binary curves. | |
|
57df9e19 | 2023-04-27 09:11:40 | Remove stale reference to BN_GF2m_add() | |
|
b8a53383 | 2023-04-27 09:08:08 | Remove BN_GF2m_add.3 | |
|
5e359b95 | 2023-04-27 08:47:04 | Remove mention of EC_GFp_nist_method and add back a .Pp that was accidentally dropped | |
|
a211c03a | 2023-04-27 08:07:26 | Remove braces around single lines statements using knfmt -s Pointed out by anton | |
|
5583d2a5 | 2023-04-27 08:04:40 | Rework simple allocation and free functions in x509_policy.c Use calloc() instead of malloc/memset and make free functions look the same as elsewhere in the tree. ok beck jsing | |
|
0737cd42 | 2023-04-27 07:22:22 | Remove dangling references to BN_get0_nist_prime_521(3) | |
|
02a9106b | 2023-04-27 07:10:05 | Move EC_POINT_{get,set}_Jprojective_coordinates to ec_local.h | |
|
c6caf7cb | 2023-04-27 07:04:23 | Nuke doxygen noise | |
|
ae25a20b | 2023-04-27 07:01:45 | Remove documentation of no longer supported EC methods | |
|
af5efd56 | 2023-04-27 06:57:10 | Remove NIST prime documentation | |
|
72480323 | 2023-04-27 06:54:09 | Stop installing NIST prime documentation | |
|
a4b4c0cc | 2023-04-27 06:48:47 | Remove a useless doxygen comment | |
|
ea2d6ca4 | 2023-04-26 22:09:07 | Make x509_policy.c compile with gcc 4. ok beck | |
|
ae8ea746 | 2023-04-26 21:36:42 | Allow compiling with -DHAS_DAG to enable the policy check with a DAG. ok beck | |
|
e59b13fe | 2023-04-26 21:35:22 | Turn C++ comments into C comments and minor KNF fixups | |
|
2018f220 | 2023-04-26 21:07:32 | KNF according to knfmt(1) | |
|
fb9eeb22 | 2023-04-26 20:54:21 | Zap trailing whitespace | |
|
511c0573 | 2023-04-26 20:52:11 | Add RCS tag | |
|
e2a6bdce | 2023-04-26 20:43:32 | Take X509_POLICY_NODE_print() behind the barn This used to be public API but is now only used for debug code that has certainly never been used since it was released to the public. It drags that debug nonsense with it. ok beck | |
 |
cdae8c1b | 2023-04-26 19:16:02 | Add the new policy code to the build. ok tb@ jsing@ | |
|
e6cf98fc | 2023-04-26 19:11:32 | Make the new policy code in x509_policy.c to be selectable at compile time. The old policy codes remains the default, with the new policy code selectable by defining LIBRESSL_HAS_POLICY_DAG. ok tb@ jsing@ | |
|
5e44526e | 2023-04-26 19:08:10 | Add a shim to mimic the BoringSSL sk_delete_if function. We add this locally as a function to avoid delving into the unholy macro madness of STACK_OF(3). ok tb@ jsing@ | |
|
0d1e3181 | 2023-04-26 19:05:11 | Adapt the sk_find calls from BoringSSL's api to ours. ok tb@ jsing@ | |
|
c9883637 | 2023-04-26 19:03:46 | Add the STACK_OF declarations we require. ok tb@ jsing@ | |
|
c4305e2e | 2023-04-26 19:02:25 | Change OPENSSL_malloc|free|memset and friends to the normal versions. ok tb@ jsing@ | |
|
e4817b8b | 2023-04-26 19:00:57 | Fix error code goop ok tb@ jsing@ | |
|
224b605e | 2023-04-26 18:59:36 | Use the correct headers to compile with libressl | |
|
25478f03 | 2023-04-26 18:56:52 | Import policy.c from BoringSSL as x509_policy.c This is an implementation of the X509 policy processing using a DAG instead of a tree to avoid the problem of exponential expansion of the policy tree as specified in RFC 5280 For details see: https://boringssl-review.googlesource.com/c/boringssl/+/55762 ok tb@ jsing@ | |
 |
e3c12358 | 2023-04-26 18:56:16 | New manual page written by Ted Bullock <tbullock at comlore dot com>, to start working on it in the tree. | |
|
e3dcf5f3 | 2023-04-26 15:03:02 | Document those BIO_ctrl(3) command constants that correspond to more than one macro each. | |
|
4fc1a588 | 2023-04-26 14:27:40 | Remove the now unused bio_pk7.c | |
|
841512ab | 2023-04-26 14:25:58 | Move BIO_new_PKCS7() to the the other streaming stuff in pk7_mime.c | |
|
e636c802 | 2023-04-26 14:23:18 | KNF nit | |
|
f3fe7ad5 | 2023-04-26 13:12:51 | Clean up ec.h a little. The doxygen comments are either obvious or otherwise unhelpful and generally an eye sore. Go read the manpage if the header isn't enough. | |
|
d8b126eb | 2023-04-26 08:25:37 | Remove e_old.c again Also remove nonexistent symbols #defined to other symbols that confuse some linkers in -portable. This commit entails no ABI change on OpenBSD. Discussed with jsing | |
 |
7cb86289 | 2023-04-26 06:52:45 | Declare sendsyslog to match its man page This simplifies syzkaller revival after the removal of __syscall. OK bluhm, millert, deraadt | |
|
88f2f324 | 2023-04-25 23:16:31 | Reinstate e_old.c it is still used by -portable | |
|
652c047d | 2023-04-25 20:07:55 | Remove documentation of BN_BLINDING_{g,s}et_thread_id | |
|
24688063 | 2023-04-25 20:06:35 | e_old can also go | |
|
ca27616f | 2023-04-25 19:57:59 | Remove the deprecated API from BN | |
|
c22169df | 2023-04-25 19:53:30 | GF2m bites the dust. It won't be missed. | |
|
2a340e4c | 2023-04-25 19:52:25 | ASN1_item_ndef_i2d also goes. discussed with deraadt | |
|
99bf92dc | 2023-04-25 19:34:06 | Remove commented version of OPENSSL_NO_EC2M | |
|
ce228578 | 2023-04-25 19:32:19 | Remove duplicate NID definitions | |
|
29ebe6fd | 2023-04-25 19:29:36 | LIBRESSL_NEXT_API is no longer needed | |
|
dfe55a34 | 2023-04-25 19:28:22 | Remove prototype of EC_GFp_nist_method() | |
|
57df2b50 | 2023-04-25 19:26:45 | Move EC_KEY_{insert,set}_key_method_data() to internal-only | |
|
2b5e1227 | 2023-04-25 19:08:30 | Move low level BIO_new_NDEF API to internal-only | |
|
558e5df7 | 2023-04-25 19:01:01 | Remove proxy cert remnants | |
|
325163d2 | 2023-04-25 18:57:57 | Remove NETSCAPE_CERT_SEQUENCE | |
|
c6a62bec | 2023-04-25 18:53:42 | Move the policy STACK_OF stuff to pcy_int.h as well | |
|
970dc4d6 | 2023-04-25 18:48:32 | Remove SXNET Unused and no authorative information was found online in 2016 | |
|
90f7323e | 2023-04-25 18:39:12 | Move truncated sha-2 and sha3 out of #ifdef wrappers | |
|
3bdcabd2 | 2023-04-25 18:37:56 | Use X509_STORE_CTX_get1_{certs,crls}() instead of an alias | |
|
c691c31b | 2023-04-25 18:33:50 | X509_STORE_get1_{certs,crls} become X509_STORE_CTX_* also in Symbols.namespace | |
|
02633900 | 2023-04-25 18:32:42 | X509_STORE_get1_{certs,crls} become X509_STORE_CTX_* This matches the OpenSSL 1.1 API a bit better. | |
|
0f3cdff2 | 2023-04-25 18:28:05 | Move the policy tree code to internal-only A few hooks remain in the legacy validator, which will soon be replaced with something better. The rest of the tentacles are now largely contained. | |
|
a642977f | 2023-04-25 18:13:25 | Remove i2d_PKCS7_NDEF from the hidden version as well | |
|
81f5ba5a | 2023-04-25 18:05:07 | Remove documentation for i2d_PKCS7_NDEF | |
|
fff54091 | 2023-04-25 18:04:03 | Remove i2d_PKCS7_NDEF | |
|
f1d19b09 | 2023-04-25 17:59:41 | BN_RECP_CTX moves to internal | |
|
f3a99ecf | 2023-04-25 17:57:55 | Put ERRORS and DIAGNOSTICS information in the sections where they belong. More details on RETURN VALUES and ERRORS. Document all DIAGNOSTICS messages except the various malloc(3)-related ones and except those that cannot actually occur but would merely report violations of internal invariants. Shorten some wordings in this section. Using feedback from jmc@ and Ted Bullock. OK jmc@ and nicm@ on an earlier version. | |
|
bb62b8f9 | 2023-04-25 17:54:10 | Remove CTS mode ok jsing | |
|
7776dc19 | 2023-04-25 17:52:54 | Remove TS_VERIFY_CTX_init() | |
|
32cde93f | 2023-04-25 17:51:36 | Remove PEM wrappers for NETSCAPE_CERT_SEQUENCE | |
|
23b73b73 | 2023-04-25 17:42:07 | Remove the horror show that is bn_nist and ecp_nist This code is full of problematic C and is also otherwise of questionable quality. It is far from constant time and jsing informs me it also isn't faster. Good riddance. | |
|
3d0ade2c | 2023-04-25 17:23:08 | Remove BN_init() documentation | |
|
b734bde4 | 2023-04-25 17:21:51 | Remove BN_CTX_init() documentation | |
|
500413e3 | 2023-04-25 17:20:24 | Remove the no longer used BN_MONT_CTX_init() | |
|
3606bd1e | 2023-04-25 17:13:06 | Move a few now internal prototypes to bn_local.h | |
|
3a8cbd64 | 2023-04-25 17:01:21 | Remove old BN_one/BN_zero compat stuff ok jsing | |
|
a04ea15d | 2023-04-25 16:59:10 | Update libz to the HEAD of the develop branch This mostly moves from K&R prototypes to ANSI prototypes and includes a handful of bug fixes that are nice to have. The corresponding sys commit will allow us to undo some hacks that jca applied to make the kernel build with clang 15. discussed with deraadt | |
|
3a50714b | 2023-04-25 16:50:33 | Remove X9.31 support ok jsing | |
|
36a3f2eb | 2023-04-25 16:41:29 | Remove the no longer used BN_CTX_init() ok jsing | |
|
eeeb5c16 | 2023-04-25 16:15:37 | Bump LibreSSL version to 3.8.0 | |
|
9615abee | 2023-04-25 15:59:45 | Document most command constants. They are part of the public API, may be needed for implementing custom BIO types, and application programmers need to avoid clashing with them. | |
|
e4a04903 | 2023-04-25 15:54:19 | Bump majors after symbol addition and removal | |
|
3592c481 | 2023-04-25 15:52:41 | Update Symbols.list after symbol addition and removal | |
|
2238b465 | 2023-04-25 15:51:31 | Comment out a few now unused files from Makefile | |
|
7603ff28 | 2023-04-25 15:51:04 | Use proper fix for the recent x400Address issue From David Benjamin (BoringSSL) ok beck | |
|
0f18a018 | 2023-04-25 15:50:09 | Temporarily define LIBRESSL_NEXT_API in opensslfeatures.h | |
|
cb90b220 | 2023-04-25 15:49:42 | Define OPENSSL_NO_DEPRECATED and OPENSSL_NO_EC2M in opensslfeatures.h ok beck jsing | |
|
9a5a6ad9 | 2023-04-25 15:48:48 | Wire up truncated SHA-2, SHA-3 and related things from jsing | |
|
21724f70 | 2023-04-25 15:47:29 | Remove no longer necessary compat #defines | |
|
00cd692d | 2023-04-25 15:46:54 | Add NIDs for truncated SHA-2, SHA-3 and related things From jsing | |
|
bf6faba2 | 2023-04-25 11:03:37 | The #ifdef missed a few NETSCAPE_CERT things | |
|
d1390f7f | 2023-04-25 10:56:58 | Remove v3_sxnet from the standard extensions | |
 |
92e946e3 | 2023-04-25 10:18:39 | Invalidate the DER cache earlier on in X509 setter functions Note that it is important to invalidate the cache before returning, as the return might bubble up an error. OK tb@ jsing@ | |
|
caa52935 | 2023-04-25 09:46:36 | Use X509_set_version() and X509_REQ_set_version() instead doing it by hand A small side-effect in X509_to_X509_REQ() is that 'x->req_info->enc.modified' now earlier on is set to 1. OK tb@ jsing@ | |
|
4250ba74 | 2023-04-25 07:50:38 | Fix allocation size Reported by anton | |
|
f6e67eb5 | 2023-04-25 07:48:15 | Unbreak tree: file missed in last commit Reported by anton | |
 |
1d4dcfa7 | 2023-04-25 04:42:25 | Add endbr64 where needed by inspection. Passes regresson tests. ok jsing, and kind of tb an earlier version |