from:"Joel Sing"

CVS: cvs.openbsd.org: src

2014-05-28 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/28 07:07:47 Modified files: lib/libssl/src/ssl: s3_clnt.c s3_enc.c ssl_lib.c Log message: EVP_MD_CTX_create() calls malloc and can return NULL. However, only one of the calls in libssl actually

CVS: cvs.openbsd.org: src

2014-05-28 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/28 07:29:18 Modified files: lib/libssl/src/ssl: t1_enc.c Log message: Refactor tls1_change_cipher_state() and split the compression handling out from the cipher and message digest handling, allowing

CVS: cvs.openbsd.org: src

2014-05-28 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/28 08:05:35 Modified files: lib/libssl/src/ssl: t1_enc.c Log message: More KNF.

CVS: cvs.openbsd.org: src

2014-05-29 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/29 02:47:56 Modified files: lib/libssl/src/ssl: s3_enc.c Log message: Add missing NULL checks for calls to ssl_replace_hash(). This function calls EVP_MD_CTX_create(), which will return NULL if it

CVS: cvs.openbsd.org: src

2014-05-29 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/29 05:28:18 Modified files: lib/libssl/src/ssl: t1_enc.c Log message: Fix another two cases where the return value of ssl_replace_hash() is unchecked. In the case of tls1_change_cipher_state(), it

CVS: cvs.openbsd.org: src

2014-05-29 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/29 08:43:33 Modified files: lib/libssl/src/ssl: ssl_lib.c Log message: When you have functions that perform specific functions, use them. EVP_CIPHER_CTX_free() does a NULL check, then calls

CVS: cvs.openbsd.org: src

2014-05-29 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/29 10:00:16 Modified files: lib/libssl/src/ssl: d1_lib.c s3_lib.c ssl_lib.c ssl_locl.h t1_clnt.c t1_lib.c t1_meth.c t1_srvr.c Log message: Make it substantially easier

CVS: cvs.openbsd.org: src

2014-05-29 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/29 22:59:14 Modified files: lib/libssl/src/apps: apps.c Log message: Rework parse_name() so that variable declaration is separate from function based initialisation, use more readable variable names

CVS: cvs.openbsd.org: src

2014-05-29 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/29 23:27:32 Modified files: lib/libssl/src/ssl: ssl_locl.h d1_pkt.c Log message: While working on another diff I ended up looking to see why on earth the DTLS code had a chunk that checked to see if

CVS: cvs.openbsd.org: src

2014-05-30 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/30 08:01:11 Modified files: lib/libssl/src/ssl: s3_both.c s3_cbc.c s3_clnt.c s3_lib.c s3_pkt.c s3_srvr.c ssl_lib.c t1_enc.c t1_lib.c Log

CVS: cvs.openbsd.org: src

2014-05-30 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/30 08:31:03 Modified files: lib/libssl/src/ssl: ssl_ciph.c Log message: More KNF.

CVS: cvs.openbsd.org: src

2014-05-30 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/30 09:17:43 Modified files: lib/libssl/src/crypto/aes: aes_wrap.c regress/lib/libcrypto/aeswrap: Makefile Added files: regress/lib/libcrypto/aeswrap: aes_wrap.c Log message: Move

CVS: cvs.openbsd.org: src

2014-05-30 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/30 09:35:09 src/regress/lib/libcrypto/sha256 Update of /cvs/src/regress/lib/libcrypto/sha256 In directory cvs.openbsd.org:/tmp/cvs-serv14905/sha256 Log Message: Directory

CVS: cvs.openbsd.org: src

2014-05-30 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/30 09:35:10 src/regress/lib/libcrypto/sha512 Update of /cvs/src/regress/lib/libcrypto/sha512 In directory cvs.openbsd.org:/tmp/cvs-serv14905/sha512 Log Message: Directory

CVS: cvs.openbsd.org: src

2014-05-30 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/30 09:38:28 Modified files: regress/lib/libcrypto: Makefile Added files: regress/lib/libcrypto/sha256: Makefile sha256test.c regress/lib/libcrypto/sha512: Makefile sha512test.c

CVS: cvs.openbsd.org: src

2014-05-31 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/31 03:57:50 Modified files: regress/lib/libcrypto/sha256: sha256test.c regress/lib/libcrypto/sha512: sha512test.c Log message: KNF and other cleanup.

CVS: cvs.openbsd.org: src

2014-05-31 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/31 04:49:28 Modified files: lib/libssl/src/ssl: d1_clnt.c d1_srvr.c s23_clnt.c s3_clnt.c s3_lib.c s3_srvr.c ssl.h ssl3.h ssl_asn1.c ssl_lib.c

CVS: cvs.openbsd.org: src

2014-05-31 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/31 04:53:39 Modified files: lib/libssl/src/ssl: s3_both.c s3_lib.c ssl.h ssl3.h ssl_lib.c ssl_locl.h ssl_sess.c t1_lib.c Log message: ECDH and ECDSA will not work overly

CVS: cvs.openbsd.org: src

2014-05-31 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/31 04:58:50 Modified files: lib/libssl/src/ssl: ssl_lib.c Log message: unifdef -UDOXYGEN and manually remove the few doxygen comments that are not wrapped in #ifdef DOXYGEN... Requested by miod@

CVS: cvs.openbsd.org: src

2014-05-31 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/31 07:55:45 Modified files: lib/libssl/src/ssl: s3_clnt.c s3_lib.c s3_srvr.c ssl_lib.c Log message: More manual OPENSSL_NO_EC and OPENSSL_NO_TLSEXT cleanup.

CVS: cvs.openbsd.org: src

2014-05-31 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/31 08:15:21 Modified files: lib/libssl/src/ssl: d1_clnt.c Log message: More KNF.

CVS: cvs.openbsd.org: src

2014-05-31 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/31 08:35:03 src/regress/lib/libcrypto/cts128 Update of /cvs/src/regress/lib/libcrypto/cts128 In directory cvs.openbsd.org:/tmp/cvs-serv28312/cts128 Log Message: Directory

CVS: cvs.openbsd.org: src

2014-05-31 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/31 08:39:06 Modified files: regress/lib/libcrypto: Makefile lib/libssl/src/crypto/modes: cts128.c gcm128.c regress/lib/libcrypto/gcm128: Makefile Added files:

CVS: cvs.openbsd.org: src

2014-05-31 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/31 10:45:53 Modified files: lib/libssl/src/ssl: ssl_lib.c Log message: Some KNF and fix the vairable spelling.

CVS: cvs.openbsd.org: src

2014-05-31 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/31 19:46:13 Modified files: lib/libssl/src/ssl: ssl_ciph.c Log message: Use C99 initialisers for cipher_aliases. This improves readability, removes the need for zero values to be specified (meaning

CVS: cvs.openbsd.org: src

2014-05-31 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/31 19:57:10 Modified files: lib/libssl/src/ssl: t1_enc.c Log message: Clean up the tls1_change_cipher_state() key length handling and use a single variable with a descriptive name, instead of two

CVS: cvs.openbsd.org: src

2014-05-31 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/05/31 23:12:50 Modified files: lib/libssl/src/crypto/pem: pem_lib.c Log message: Avoid the use of an uninitialised variable. In reality, this is a non-issue since the calculated value is not actually

CVS: cvs.openbsd.org: src

2014-06-01 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/01 09:54:28 Modified files: lib/libssl/src/ssl: t1_enc.c Log message: In tls1_setup_key_block(), use the correct IV length for GCM mode, which results in the key block length calculation also being

CVS: cvs.openbsd.org: src

2014-06-01 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/01 10:07:20 Modified files: lib/libssl/src/ssl: t1_enc.c Log message: Overhaul the key block handling in tls1_change_cipher_state() - use meaningful variable names with pointer arithmitic, rather

CVS: cvs.openbsd.org: src

2014-06-02 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/02 07:02:31 Modified files: lib/libssl/src/ssl: t1_enc.c Log message: Rename more variables for readability and consistency.

CVS: cvs.openbsd.org: src

2014-06-02 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/02 10:23:18 Modified files: lib/libssl/src/apps: cms.c dgst.c dhparam.c dsaparam.c ecparam.c gendh.c gendsa.c genrsa.c pkcs12.c rand.c req.c

CVS: cvs.openbsd.org: src

2014-06-02 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/02 10:56:50 Modified files: usr.sbin/openssl: openssl.1 Log message: Remove details regarding -rand from the openssl man page.

CVS: cvs.openbsd.org: src

2014-06-02 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/02 11:03:46 Modified files: lib/libssl/src/apps: ca.c openssl.cnf Log message: Remove RANDFILE remnants.

CVS: cvs.openbsd.org: src

2014-06-02 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/02 11:06:28 Modified files: usr.sbin/openssl: openssl.1 Log message: Remove references to RANDFILE.

CVS: cvs.openbsd.org: src

2014-06-05 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/05 08:31:44 Modified files: lib/libssl/src/ssl: s3_clnt.c Log message: More KNF.

CVS: cvs.openbsd.org: src

2014-06-05 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/05 09:46:24 Modified files: lib/libssl/src/ssl: ssl3.h s3_clnt.c s3_pkt.c s3_srvr.c Log message: Be selective as to when ChangeCipherSpec messages will be accepted. Without this an early

CVS: cvs.openbsd.org: src

2014-06-05 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/05 09:51:06 Modified files: lib/libssl/src/ssl: s3_pkt.c Log message: Ensure that we do not process a ChangeCipherSpec with an empty master secret. This is an additional safeguard against early

CVS: cvs.openbsd.org: src

2014-06-05 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/05 10:08:11 Modified files: lib/libssl/src/ssl: s3_clnt.c Log message: ssl_sess_cert_new() can return NULL. Fix two cases where the return value is unchecked, which would result in a later null

CVS: cvs.openbsd.org: src

2014-06-05 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/05 10:53:15 Modified files: lib/libssl/src/ssl: d1_both.c Log message: Avoid a buffer overflow that can be triggered by sending specially crafted DTLS fragments. Fix for CVE-2014-0195, from

CVS: cvs.openbsd.org: src

2014-06-05 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/05 11:47:16 Modified files: lib/libssl/src/ssl: s3_clnt.c Log message: Ensure that sess_cert is not NULL before trying to use it. Fixes CVE-2014-3470, from OpenSSL. ok deraadt@

CVS: cvs.openbsd.org: src

2014-06-05 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/05 11:53:02 Modified files: lib/libssl/src/ssl: d1_both.c Log message: Do not recurse when a 'Hello Request' message is received while getting DTLS fragments. A stream of 'Hello Request' messages

CVS: cvs.openbsd.org: src

2014-06-07 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/07 07:45:15 Modified files: lib/libssl/src/ssl: ssl_cert.c Log message: More KNF.

CVS: cvs.openbsd.org: src

2014-06-07 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/07 08:03:50 Modified files: lib/libssl/src/ssl: ssl_lib.c Log message: More KNF.

CVS: cvs.openbsd.org: src

2014-06-07 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/07 08:10:35 Modified files: lib/libssl/src/ssl: d1_clnt.c s3_clnt.c s3_lib.c s3_srvr.c ssl_cert.c Log message: The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free

CVS: cvs.openbsd.org: src

2014-06-07 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/07 08:14:13 Modified files: lib/libssl/src/ssl: s3_lib.c Log message: ssl3_release_{read,write}_buffer() handle being called with NULL buffers, so do not bother checking before calling.

CVS: cvs.openbsd.org: src

2014-06-07 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/07 08:35:31 Modified files: lib/libssl/src/ssl: s3_enc.c s3_lib.c ssl_cert.c ssl_rsa.c Log message: BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.

CVS: cvs.openbsd.org: src

2014-06-07 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/07 08:37:35 Modified files: lib/libssl/src/ssl: s3_enc.c s3_lib.c Log message: ssl3_free_digest_list() has its own NULL check.

CVS: cvs.openbsd.org: src

2014-06-07 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/07 08:40:55 Modified files: lib/libssl/src/ssl: s3_lib.c Log message: Remove another NULL check before a BIO_free().

CVS: cvs.openbsd.org: src

2014-06-07 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/07 09:01:31 Removed files: lib/libssl/src/test: evptests.txt Log message: evptests.txt lives in regress/lib/libcrypto/evp

CVS: cvs.openbsd.org: src

2014-06-07 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/07 09:23:48 Modified files: lib/libssl/src/ssl: t1_enc.c Log message: Further clean up of context handling in tls1_change_cipher_state(). Rather than doing a complex dance to figure out if we

CVS: cvs.openbsd.org: src

2014-06-07 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/07 09:57:27 Modified files: lib/libssl/src/ssl: t1_enc.c Log message: Rename variables to make it clear that these are only used in the export code. Additionally, these need to be cleaned in the

CVS: cvs.openbsd.org: src

2014-06-07 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/07 11:05:47 Modified files: lib/libssl/src/ssl: t1_enc.c Log message: Remove pointless casts - no binary change.

CVS: cvs.openbsd.org: src

2014-06-07 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/07 11:10:47 Modified files: lib/libssl/src/ssl: t1_enc.c Log message: Move the export label initialisation into the export handling code, since this is the only place where these variables are used.

CVS: cvs.openbsd.org: src

2014-06-07 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/07 11:16:39 Modified files: lib/libssl/src/ssl: t1_enc.c Log message: Use !is_read to imply SSL3_CC_WRITE. While this is not strictly correct (since the presence of SSL3_CC_READ does not guarantee

CVS: cvs.openbsd.org: src

2014-06-07 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/07 11:27:14 Modified files: lib/libssl/src/ssl: t1_enc.c Log message: Add missing NULL check after calling EVP_PKEY_new_mac_key(). Based on Adam Langley's chromium patches.

CVS: cvs.openbsd.org: src

2014-06-08 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/08 07:32:32 Modified files: lib/libssl/src/ssl: t1_enc.c Log message: Factor out the sequence number reset code to aid in upcoming changes.

CVS: cvs.openbsd.org: src

2014-06-08 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/08 08:13:44 Modified files: lib/libssl/src/ssl: ssl.h ssl_err.c t1_enc.c Log message: Factor out the part of tls1_change_cipher_state() that is specific to switching cipher states using an

CVS: cvs.openbsd.org: src

2014-06-08 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/08 08:33:04 Modified files: lib/libssl/src/ssl: t1_enc.c Log message: Be explicit with types. No binary change.

CVS: cvs.openbsd.org: src

2014-06-08 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/08 08:43:57 Modified files: lib/libssl/src/ssl: bio_ssl.c Log message: Clean up BIO_free() handling in bio_ssl.c - BIO_free() has its own NULL check, so do not duplicate it here. Make the error

CVS: cvs.openbsd.org: src

2014-06-08 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/08 08:51:53 Modified files: lib/libssl/src/ssl: ssl_cert.c Log message: No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here. ok deraadt@

CVS: cvs.openbsd.org: src

2014-06-08 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/08 09:10:14 Modified files: lib/libssl/src/ssl: s3_cbc.c s3_enc.c ssl3.h t1_enc.c Log message: Add a define for the SSLv3 sequence size and use it, rather than sprinkling magic numbers around. ok

CVS: cvs.openbsd.org: src

2014-06-08 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/08 10:24:50 Modified files: lib/libssl/src/ssl: ssl_ciph.c ssl_locl.h Log message: Add an SSL_CIPHER_ALGORITHM2_AEAD flag that is used to mark a cipher as using EVP_AEAD. Also provide an

CVS: cvs.openbsd.org: src

2014-06-09 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/09 07:13:48 Modified files: usr.sbin/installboot: bootstrap.c i386_softraid.c sparc64_installboot.c Log message: Use calloc() instead of malloc()/memset(). From

CVS: cvs.openbsd.org: src

2014-06-09 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/09 07:54:01 Modified files: lib/libssl/src/ssl: s3_enc.c Log message: More KNF.

CVS: cvs.openbsd.org: src

2014-06-09 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/09 09:50:08 Modified files: usr.sbin/installboot: i386_installboot.c util.c Log message: Change the installboot file copying process so that it carefully overwrites the existing file, before

CVS: cvs.openbsd.org: src

2014-06-09 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/09 09:51:40 Removed files: sys/arch/i386/stand/installboot: Makefile installboot.8 installboot.c sys/arch/amd64/stand/installboot: Makefile

CVS: cvs.openbsd.org: src

2014-06-10 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/10 05:26:34 Modified files: lib/libssl/src/ssl: s3_enc.c Log message: Ensure ssl3_final_finish_mac() returns failure if either the MD5 or SHA1 handshake MAC calculation fails. Currently, the result

CVS: cvs.openbsd.org: src

2014-06-10 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/10 05:32:38 Modified files: lib/libssl/src/ssl: s3_enc.c Log message: Multiple fixes for ssl3_digest_cached_records() - if EVP_MD_CTX_create() fails, the NULL check will add an error but it does not

CVS: cvs.openbsd.org: src

2014-06-10 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/10 05:40:22 Modified files: lib/libssl/src/ssl: s3_enc.c Log message: Avoid potential NULL pointer function calls in n_ssl3_mac() by checking the return value of EVP_MD_CTX_copy_ex(). If the copy

CVS: cvs.openbsd.org: src

2014-06-10 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/10 06:56:39 Modified files: lib/libssl/src/ssl: s3_enc.c Log message: More KNF.

CVS: cvs.openbsd.org: src

2014-06-10 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/10 08:14:07 Modified files: lib/libssl/src/crypto/evp: m_dss.c m_dss1.c m_ecdsa.c m_md4.c m_md5.c m_mdc2.c m_null.c m_ripemd.c

CVS: cvs.openbsd.org: src

2014-06-10 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/10 08:46:11 Modified files: lib/libssl/src/ssl: t1_enc.c Log message: In tls1_cert_verify_mac(), check the return value of EVP_MD_CTX_copy_ex() to avoid a possible NULL function call on ctx.final().

CVS: cvs.openbsd.org: src

2014-06-10 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/10 08:49:15 Modified files: lib/libssl/src/ssl: s3_enc.c Log message: Remove pointless casts and use c instead of c[0], since it is the same thing for an unsigned char array. ok deraadt@

CVS: cvs.openbsd.org: src

2014-06-10 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/10 08:56:02 Modified files: lib/libssl/src/crypto/engine: tb_asnmth.c tb_cipher.c tb_dh.c tb_digest.c tb_dsa.c tb_ecdh.c

CVS: cvs.openbsd.org: src

2014-06-10 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/10 09:20:40 Modified files: lib/libssl/src/crypto/engine: eng_aesni.c eng_all.c eng_cnf.c eng_ctrl.c eng_dyn.c eng_err.c

CVS: cvs.openbsd.org: src

2014-06-11 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/11 08:50:07 Modified files: lib/libssl/src/ssl: s3_pkt.c Log message: More KNF.

CVS: cvs.openbsd.org: src

2014-06-11 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/11 09:17:19 Modified files: lib/libssl/src/ssl: d1_pkt.c s3_pkt.c s23_clnt.c Log message: Disable TLS support... Just kidding! unifdef OPENSSL_NO_TLS since we will never want to actually do that.

CVS: cvs.openbsd.org: src

2014-06-11 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/11 09:40:52 Modified files: lib/libssl/src/crypto/bio: b_print.c Log message: Tsk. Tsk. Someone forgot to compile test the other half.

CVS: cvs.openbsd.org: src

2014-06-11 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/11 09:44:10 Modified files: lib/libssl/src/crypto/x509: x509_cmp.c lib/libssl/src/ssl: s3_clnt.c s3_enc.c s3_srvr.c t1_enc.c Log message: Stop setting the EVP_MD_CTX_FLAG_NON_FIPS_ALLOW -

CVS: cvs.openbsd.org: src

2014-06-13 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/13 04:52:24 Modified files: lib/libssl/src/ssl: s3_pkt.c ssl.h ssl_lib.c ssl_locl.h Log message: Add an SSL_AEAD_CTX to enable the use of EVP_AEAD with an SSL cipher. Read and write contexts are

CVS: cvs.openbsd.org: src

2014-06-13 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/13 05:52:03 Modified files: lib/libssl/src/ssl: ssl.h ssl3.h ssl_err.c t1_enc.c Log message: Add support for handling SSL_CIPHER_ALGORITHM2_AEAD ciphers, which are those that use EVP_AEAD instead ov

CVS: cvs.openbsd.org: src

2014-06-13 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/13 06:41:01 Modified files: lib/libssl/src/ssl: s3_enc.c Log message: Use SSL3_SEQUENCE_SIZE and if we're going to preincrement we may as well do it properly.

CVS: cvs.openbsd.org: src

2014-06-13 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/13 06:49:10 Modified files: lib/libssl/src/ssl: t1_enc.c Log message: Combine the MAC handling for both !EVP_CIPH_FLAG_AEAD_CIPHER and EVP_CIPH_FLAG_AEAD_CIPHER into the same if/else block.

CVS: cvs.openbsd.org: src

2014-06-13 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/13 07:21:09 Modified files: lib/libssl/src/ssl: s3_lib.c Log message: Switch the AES-GCM cipher suites to SSL_CIPHER_ALGORITHM2_AEAD.

CVS: cvs.openbsd.org: src

2014-06-13 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/13 07:28:53 Modified files: lib/libssl/src/ssl: s3_lib.c ssl.h ssl_ciph.c ssl_locl.h tls1.h Log message: Add ChaCha20-Poly1305 based ciphersuites. Based on Adam Langley's chromium patches. Tested

CVS: cvs.openbsd.org: src

2014-06-13 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/13 08:11:35 Modified files: lib/libssl/src/ssl: s3_enc.c Log message: Rename a bunch of variables in ssl3_change_cipher_state() for readability. This also brings it inline with

CVS: cvs.openbsd.org: src

2014-06-13 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/13 08:15:14 Modified files: lib/libssl/src/ssl: s3_enc.c Log message: The export_key/export_iv variables are only used in the is_export case. Also use c rather than c[0].

CVS: cvs.openbsd.org: src

2014-06-13 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/13 08:32:35 Modified files: lib/libssl/src/ssl: t1_enc.c Log message: Swap compress/expand around so they are in the correct order - these ended up in the wrong order when the code was refactored.

CVS: cvs.openbsd.org: src

2014-06-13 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/13 08:38:13 Modified files: lib/libssl/src/ssl: s3_enc.c Log message: Separate the comression handling from the cipher/message digest handling in ssl3_change_cipher_state().

CVS: cvs.openbsd.org: src

2014-06-13 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/13 08:58:05 Modified files: lib/libssl/src/ssl: s3_enc.c Log message: Do not bother trying to work out of we can reuse a cipher context - just throw it away and create a new one. This simplifies the

CVS: cvs.openbsd.org: src

2014-06-13 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/13 09:28:49 Modified files: lib/libssl/src/ssl: s3_enc.c Log message: Use meaningful variable names, rather than i, j, k and cl.

CVS: cvs.openbsd.org: src

2014-06-13 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/13 10:04:13 Modified files: lib/libssl/src/ssl: s3_enc.c Log message: Correctly calculate the key block length when used with export ciphers. While here, use meaningful variable names and simplify

CVS: cvs.openbsd.org: src

2014-06-13 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/13 10:08:03 Modified files: lib/libssl/src/ssl: s3_enc.c Log message: Overhaul the keyblock handling in ssl3_change_cipher_state(). Use meaningful variable names with use with pointer arithmitic

CVS: cvs.openbsd.org: src

2014-06-13 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/13 10:09:15 Modified files: lib/libssl/src/ssl: t1_enc.c Log message: Correctly calculate the key block length when using export ciphers.

CVS: cvs.openbsd.org: src

2014-06-15 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/15 09:29:25 Modified files: lib/libssl/src/ssl: d1_pkt.c s3_enc.c ssl_locl.h t1_enc.c Log message: Rename ssl3_record_sequence_update() to ssl3_record_sequence_increment(), so that it reflects what

CVS: cvs.openbsd.org: src

2014-06-15 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/15 09:39:43 Modified files: lib/libssl/src/crypto/evp: e_aes.c Log message: The OPENSSL_cleanse() in aes_gcm_cleanup() only cleans the gcm field of the EVP_AES_GCM_CTX, leaving the AES key untouched

CVS: cvs.openbsd.org: src

2014-06-15 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/15 09:41:25 Modified files: lib/libssl/src/crypto/evp: e_aes.c Log message: Add missing OPENSSL_cleanse() in aead_aes_gcm_cleanup(). ok beck@ miod@

CVS: cvs.openbsd.org: src

2014-06-15 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/15 09:44:39 Modified files: lib/libssl/src/crypto/evp: evp_enc.c Log message: Simplify EVP_CIPHER_CTX_new() - stop pretending that EVP_CIPHER_CTX_init() does something special... just use calloc()

CVS: cvs.openbsd.org: src

2014-06-15 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/15 09:46:22 Modified files: lib/libssl/src/crypto/evp: digest.c Log message: Simplify EVP_MD_CTX_create() by just using calloc(). Also, use 0 rather than '\0' for several memset(). ok beck@ miod@

CVS: cvs.openbsd.org: src

2014-06-21 Thread Joel Sing

CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2014/06/21 07:39:46 Modified files: lib/libssl/src/crypto/hmac: hm_ameth.c hm_pmeth.c hmac.c hmac.h Log message: More KNF.

< 5 6 7 8 9 10 11 12 13 14 >

901 - 1000 of 4100 matches

Mail list logo