CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/28 07:07:47
Modified files:
lib/libssl/src/ssl: s3_clnt.c s3_enc.c ssl_lib.c
Log message:
EVP_MD_CTX_create() calls malloc and can return NULL. However, only one of
the calls in libssl actually
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/28 07:29:18
Modified files:
lib/libssl/src/ssl: t1_enc.c
Log message:
Refactor tls1_change_cipher_state() and split the compression handling out
from the cipher and message digest handling, allowing
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/28 08:05:35
Modified files:
lib/libssl/src/ssl: t1_enc.c
Log message:
More KNF.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/29 02:47:56
Modified files:
lib/libssl/src/ssl: s3_enc.c
Log message:
Add missing NULL checks for calls to ssl_replace_hash(). This function
calls EVP_MD_CTX_create(), which will return NULL if it
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/29 05:28:18
Modified files:
lib/libssl/src/ssl: t1_enc.c
Log message:
Fix another two cases where the return value of ssl_replace_hash() is
unchecked.
In the case of tls1_change_cipher_state(), it
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/29 08:43:33
Modified files:
lib/libssl/src/ssl: ssl_lib.c
Log message:
When you have functions that perform specific functions, use them.
EVP_CIPHER_CTX_free() does a NULL check, then calls
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/29 10:00:16
Modified files:
lib/libssl/src/ssl: d1_lib.c s3_lib.c ssl_lib.c ssl_locl.h
t1_clnt.c t1_lib.c t1_meth.c t1_srvr.c
Log message:
Make it substantially easier
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/29 22:59:14
Modified files:
lib/libssl/src/apps: apps.c
Log message:
Rework parse_name() so that variable declaration is separate from function
based initialisation, use more readable variable names
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/29 23:27:32
Modified files:
lib/libssl/src/ssl: ssl_locl.h d1_pkt.c
Log message:
While working on another diff I ended up looking to see why on earth the
DTLS code had a chunk that checked to see if
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/30 08:01:11
Modified files:
lib/libssl/src/ssl: s3_both.c s3_cbc.c s3_clnt.c s3_lib.c
s3_pkt.c s3_srvr.c ssl_lib.c t1_enc.c
t1_lib.c
Log
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/30 08:31:03
Modified files:
lib/libssl/src/ssl: ssl_ciph.c
Log message:
More KNF.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/30 09:17:43
Modified files:
lib/libssl/src/crypto/aes: aes_wrap.c
regress/lib/libcrypto/aeswrap: Makefile
Added files:
regress/lib/libcrypto/aeswrap: aes_wrap.c
Log message:
Move
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/30 09:35:09
src/regress/lib/libcrypto/sha256
Update of /cvs/src/regress/lib/libcrypto/sha256
In directory cvs.openbsd.org:/tmp/cvs-serv14905/sha256
Log Message:
Directory
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/30 09:35:10
src/regress/lib/libcrypto/sha512
Update of /cvs/src/regress/lib/libcrypto/sha512
In directory cvs.openbsd.org:/tmp/cvs-serv14905/sha512
Log Message:
Directory
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/30 09:38:28
Modified files:
regress/lib/libcrypto: Makefile
Added files:
regress/lib/libcrypto/sha256: Makefile sha256test.c
regress/lib/libcrypto/sha512: Makefile sha512test.c
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/31 03:57:50
Modified files:
regress/lib/libcrypto/sha256: sha256test.c
regress/lib/libcrypto/sha512: sha512test.c
Log message:
KNF and other cleanup.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/31 04:49:28
Modified files:
lib/libssl/src/ssl: d1_clnt.c d1_srvr.c s23_clnt.c s3_clnt.c
s3_lib.c s3_srvr.c ssl.h ssl3.h ssl_asn1.c
ssl_lib.c
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/31 04:53:39
Modified files:
lib/libssl/src/ssl: s3_both.c s3_lib.c ssl.h ssl3.h ssl_lib.c
ssl_locl.h ssl_sess.c t1_lib.c
Log message:
ECDH and ECDSA will not work overly
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/31 04:58:50
Modified files:
lib/libssl/src/ssl: ssl_lib.c
Log message:
unifdef -UDOXYGEN and manually remove the few doxygen comments that are not
wrapped in #ifdef DOXYGEN...
Requested by miod@
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/31 07:55:45
Modified files:
lib/libssl/src/ssl: s3_clnt.c s3_lib.c s3_srvr.c ssl_lib.c
Log message:
More manual OPENSSL_NO_EC and OPENSSL_NO_TLSEXT cleanup.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/31 08:15:21
Modified files:
lib/libssl/src/ssl: d1_clnt.c
Log message:
More KNF.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/31 08:35:03
src/regress/lib/libcrypto/cts128
Update of /cvs/src/regress/lib/libcrypto/cts128
In directory cvs.openbsd.org:/tmp/cvs-serv28312/cts128
Log Message:
Directory
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/31 08:39:06
Modified files:
regress/lib/libcrypto: Makefile
lib/libssl/src/crypto/modes: cts128.c gcm128.c
regress/lib/libcrypto/gcm128: Makefile
Added files:
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/31 10:45:53
Modified files:
lib/libssl/src/ssl: ssl_lib.c
Log message:
Some KNF and fix the vairable spelling.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/31 19:46:13
Modified files:
lib/libssl/src/ssl: ssl_ciph.c
Log message:
Use C99 initialisers for cipher_aliases. This improves readability,
removes the need for zero values to be specified (meaning
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/31 19:57:10
Modified files:
lib/libssl/src/ssl: t1_enc.c
Log message:
Clean up the tls1_change_cipher_state() key length handling and use a
single variable with a descriptive name, instead of two
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/05/31 23:12:50
Modified files:
lib/libssl/src/crypto/pem: pem_lib.c
Log message:
Avoid the use of an uninitialised variable. In reality, this is a non-issue
since the calculated value is not actually
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/01 09:54:28
Modified files:
lib/libssl/src/ssl: t1_enc.c
Log message:
In tls1_setup_key_block(), use the correct IV length for GCM mode, which
results in the key block length calculation also being
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/01 10:07:20
Modified files:
lib/libssl/src/ssl: t1_enc.c
Log message:
Overhaul the key block handling in tls1_change_cipher_state() - use
meaningful variable names with pointer arithmitic, rather
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/02 07:02:31
Modified files:
lib/libssl/src/ssl: t1_enc.c
Log message:
Rename more variables for readability and consistency.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/02 10:23:18
Modified files:
lib/libssl/src/apps: cms.c dgst.c dhparam.c dsaparam.c ecparam.c
gendh.c gendsa.c genrsa.c pkcs12.c rand.c
req.c
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/02 10:56:50
Modified files:
usr.sbin/openssl: openssl.1
Log message:
Remove details regarding -rand from the openssl man page.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/02 11:03:46
Modified files:
lib/libssl/src/apps: ca.c openssl.cnf
Log message:
Remove RANDFILE remnants.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/02 11:06:28
Modified files:
usr.sbin/openssl: openssl.1
Log message:
Remove references to RANDFILE.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/05 08:31:44
Modified files:
lib/libssl/src/ssl: s3_clnt.c
Log message:
More KNF.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/05 09:46:24
Modified files:
lib/libssl/src/ssl: ssl3.h s3_clnt.c s3_pkt.c s3_srvr.c
Log message:
Be selective as to when ChangeCipherSpec messages will be accepted.
Without this an early
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/05 09:51:06
Modified files:
lib/libssl/src/ssl: s3_pkt.c
Log message:
Ensure that we do not process a ChangeCipherSpec with an empty master
secret. This is an additional safeguard against early
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/05 10:08:11
Modified files:
lib/libssl/src/ssl: s3_clnt.c
Log message:
ssl_sess_cert_new() can return NULL. Fix two cases where the return value
is unchecked, which would result in a later null
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/05 10:53:15
Modified files:
lib/libssl/src/ssl: d1_both.c
Log message:
Avoid a buffer overflow that can be triggered by sending specially crafted
DTLS fragments.
Fix for CVE-2014-0195, from
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/05 11:47:16
Modified files:
lib/libssl/src/ssl: s3_clnt.c
Log message:
Ensure that sess_cert is not NULL before trying to use it.
Fixes CVE-2014-3470, from OpenSSL.
ok deraadt@
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/05 11:53:02
Modified files:
lib/libssl/src/ssl: d1_both.c
Log message:
Do not recurse when a 'Hello Request' message is received while getting
DTLS fragments. A stream of 'Hello Request' messages
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/07 07:45:15
Modified files:
lib/libssl/src/ssl: ssl_cert.c
Log message:
More KNF.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/07 08:03:50
Modified files:
lib/libssl/src/ssl: ssl_lib.c
Log message:
More KNF.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/07 08:10:35
Modified files:
lib/libssl/src/ssl: d1_clnt.c s3_clnt.c s3_lib.c s3_srvr.c
ssl_cert.c
Log message:
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/07 08:14:13
Modified files:
lib/libssl/src/ssl: s3_lib.c
Log message:
ssl3_release_{read,write}_buffer() handle being called with NULL buffers,
so do not bother checking before calling.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/07 08:35:31
Modified files:
lib/libssl/src/ssl: s3_enc.c s3_lib.c ssl_cert.c ssl_rsa.c
Log message:
BIO_free has an implicit NULL check, so do not bother checking for NULL
before calling it.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/07 08:37:35
Modified files:
lib/libssl/src/ssl: s3_enc.c s3_lib.c
Log message:
ssl3_free_digest_list() has its own NULL check.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/07 08:40:55
Modified files:
lib/libssl/src/ssl: s3_lib.c
Log message:
Remove another NULL check before a BIO_free().
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/07 09:01:31
Removed files:
lib/libssl/src/test: evptests.txt
Log message:
evptests.txt lives in regress/lib/libcrypto/evp
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/07 09:23:48
Modified files:
lib/libssl/src/ssl: t1_enc.c
Log message:
Further clean up of context handling in tls1_change_cipher_state().
Rather than doing a complex dance to figure out if we
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/07 09:57:27
Modified files:
lib/libssl/src/ssl: t1_enc.c
Log message:
Rename variables to make it clear that these are only used in the export
code. Additionally, these need to be cleaned in the
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/07 11:05:47
Modified files:
lib/libssl/src/ssl: t1_enc.c
Log message:
Remove pointless casts - no binary change.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/07 11:10:47
Modified files:
lib/libssl/src/ssl: t1_enc.c
Log message:
Move the export label initialisation into the export handling code, since
this is the only place where these variables are used.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/07 11:16:39
Modified files:
lib/libssl/src/ssl: t1_enc.c
Log message:
Use !is_read to imply SSL3_CC_WRITE.
While this is not strictly correct (since the presence of SSL3_CC_READ does
not guarantee
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/07 11:27:14
Modified files:
lib/libssl/src/ssl: t1_enc.c
Log message:
Add missing NULL check after calling EVP_PKEY_new_mac_key().
Based on Adam Langley's chromium patches.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/08 07:32:32
Modified files:
lib/libssl/src/ssl: t1_enc.c
Log message:
Factor out the sequence number reset code to aid in upcoming changes.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/08 08:13:44
Modified files:
lib/libssl/src/ssl: ssl.h ssl_err.c t1_enc.c
Log message:
Factor out the part of tls1_change_cipher_state() that is specific to
switching cipher states using an
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/08 08:33:04
Modified files:
lib/libssl/src/ssl: t1_enc.c
Log message:
Be explicit with types. No binary change.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/08 08:43:57
Modified files:
lib/libssl/src/ssl: bio_ssl.c
Log message:
Clean up BIO_free() handling in bio_ssl.c - BIO_free() has its own NULL
check, so do not duplicate it here. Make the error
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/08 08:51:53
Modified files:
lib/libssl/src/ssl: ssl_cert.c
Log message:
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and
do some other clean up while here.
ok deraadt@
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/08 09:10:14
Modified files:
lib/libssl/src/ssl: s3_cbc.c s3_enc.c ssl3.h t1_enc.c
Log message:
Add a define for the SSLv3 sequence size and use it, rather than sprinkling
magic numbers around.
ok
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/08 10:24:50
Modified files:
lib/libssl/src/ssl: ssl_ciph.c ssl_locl.h
Log message:
Add an SSL_CIPHER_ALGORITHM2_AEAD flag that is used to mark a cipher as
using EVP_AEAD. Also provide an
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/09 07:13:48
Modified files:
usr.sbin/installboot: bootstrap.c i386_softraid.c
sparc64_installboot.c
Log message:
Use calloc() instead of malloc()/memset().
From
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/09 07:54:01
Modified files:
lib/libssl/src/ssl: s3_enc.c
Log message:
More KNF.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/09 09:50:08
Modified files:
usr.sbin/installboot: i386_installboot.c util.c
Log message:
Change the installboot file copying process so that it carefully
overwrites the existing file, before
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/09 09:51:40
Removed files:
sys/arch/i386/stand/installboot: Makefile installboot.8
installboot.c
sys/arch/amd64/stand/installboot: Makefile
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/10 05:26:34
Modified files:
lib/libssl/src/ssl: s3_enc.c
Log message:
Ensure ssl3_final_finish_mac() returns failure if either the MD5 or SHA1
handshake MAC calculation fails. Currently, the result
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/10 05:32:38
Modified files:
lib/libssl/src/ssl: s3_enc.c
Log message:
Multiple fixes for ssl3_digest_cached_records() - if EVP_MD_CTX_create()
fails, the NULL check will add an error but it does not
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/10 05:40:22
Modified files:
lib/libssl/src/ssl: s3_enc.c
Log message:
Avoid potential NULL pointer function calls in n_ssl3_mac() by checking
the return value of EVP_MD_CTX_copy_ex(). If the copy
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/10 06:56:39
Modified files:
lib/libssl/src/ssl: s3_enc.c
Log message:
More KNF.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/10 08:14:07
Modified files:
lib/libssl/src/crypto/evp: m_dss.c m_dss1.c m_ecdsa.c m_md4.c
m_md5.c m_mdc2.c m_null.c m_ripemd.c
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/10 08:46:11
Modified files:
lib/libssl/src/ssl: t1_enc.c
Log message:
In tls1_cert_verify_mac(), check the return value of EVP_MD_CTX_copy_ex()
to avoid a possible NULL function call on ctx.final().
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/10 08:49:15
Modified files:
lib/libssl/src/ssl: s3_enc.c
Log message:
Remove pointless casts and use c instead of c[0], since it is the same
thing for an unsigned char array.
ok deraadt@
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/10 08:56:02
Modified files:
lib/libssl/src/crypto/engine: tb_asnmth.c tb_cipher.c tb_dh.c
tb_digest.c tb_dsa.c tb_ecdh.c
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/10 09:20:40
Modified files:
lib/libssl/src/crypto/engine: eng_aesni.c eng_all.c eng_cnf.c
eng_ctrl.c eng_dyn.c eng_err.c
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/11 08:50:07
Modified files:
lib/libssl/src/ssl: s3_pkt.c
Log message:
More KNF.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/11 09:17:19
Modified files:
lib/libssl/src/ssl: d1_pkt.c s3_pkt.c s23_clnt.c
Log message:
Disable TLS support...
Just kidding!
unifdef OPENSSL_NO_TLS since we will never want to actually do that.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/11 09:40:52
Modified files:
lib/libssl/src/crypto/bio: b_print.c
Log message:
Tsk. Tsk. Someone forgot to compile test the other half.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/11 09:44:10
Modified files:
lib/libssl/src/crypto/x509: x509_cmp.c
lib/libssl/src/ssl: s3_clnt.c s3_enc.c s3_srvr.c t1_enc.c
Log message:
Stop setting the EVP_MD_CTX_FLAG_NON_FIPS_ALLOW -
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/13 04:52:24
Modified files:
lib/libssl/src/ssl: s3_pkt.c ssl.h ssl_lib.c ssl_locl.h
Log message:
Add an SSL_AEAD_CTX to enable the use of EVP_AEAD with an SSL cipher.
Read and write contexts are
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/13 05:52:03
Modified files:
lib/libssl/src/ssl: ssl.h ssl3.h ssl_err.c t1_enc.c
Log message:
Add support for handling SSL_CIPHER_ALGORITHM2_AEAD ciphers, which are
those that use EVP_AEAD instead ov
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/13 06:41:01
Modified files:
lib/libssl/src/ssl: s3_enc.c
Log message:
Use SSL3_SEQUENCE_SIZE and if we're going to preincrement we may as well
do it properly.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/13 06:49:10
Modified files:
lib/libssl/src/ssl: t1_enc.c
Log message:
Combine the MAC handling for both !EVP_CIPH_FLAG_AEAD_CIPHER and
EVP_CIPH_FLAG_AEAD_CIPHER into the same if/else block.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/13 07:21:09
Modified files:
lib/libssl/src/ssl: s3_lib.c
Log message:
Switch the AES-GCM cipher suites to SSL_CIPHER_ALGORITHM2_AEAD.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/13 07:28:53
Modified files:
lib/libssl/src/ssl: s3_lib.c ssl.h ssl_ciph.c ssl_locl.h tls1.h
Log message:
Add ChaCha20-Poly1305 based ciphersuites.
Based on Adam Langley's chromium patches.
Tested
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/13 08:11:35
Modified files:
lib/libssl/src/ssl: s3_enc.c
Log message:
Rename a bunch of variables in ssl3_change_cipher_state() for readability.
This also brings it inline with
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/13 08:15:14
Modified files:
lib/libssl/src/ssl: s3_enc.c
Log message:
The export_key/export_iv variables are only used in the is_export case.
Also use c rather than c[0].
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/13 08:32:35
Modified files:
lib/libssl/src/ssl: t1_enc.c
Log message:
Swap compress/expand around so they are in the correct order - these ended
up in the wrong order when the code was refactored.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/13 08:38:13
Modified files:
lib/libssl/src/ssl: s3_enc.c
Log message:
Separate the comression handling from the cipher/message digest handling in
ssl3_change_cipher_state().
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/13 08:58:05
Modified files:
lib/libssl/src/ssl: s3_enc.c
Log message:
Do not bother trying to work out of we can reuse a cipher context - just
throw it away and create a new one. This simplifies the
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/13 09:28:49
Modified files:
lib/libssl/src/ssl: s3_enc.c
Log message:
Use meaningful variable names, rather than i, j, k and cl.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/13 10:04:13
Modified files:
lib/libssl/src/ssl: s3_enc.c
Log message:
Correctly calculate the key block length when used with export ciphers.
While here, use meaningful variable names and simplify
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/13 10:08:03
Modified files:
lib/libssl/src/ssl: s3_enc.c
Log message:
Overhaul the keyblock handling in ssl3_change_cipher_state(). Use
meaningful variable names with use with pointer arithmitic
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/13 10:09:15
Modified files:
lib/libssl/src/ssl: t1_enc.c
Log message:
Correctly calculate the key block length when using export ciphers.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/15 09:29:25
Modified files:
lib/libssl/src/ssl: d1_pkt.c s3_enc.c ssl_locl.h t1_enc.c
Log message:
Rename ssl3_record_sequence_update() to ssl3_record_sequence_increment(),
so that it reflects what
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/15 09:39:43
Modified files:
lib/libssl/src/crypto/evp: e_aes.c
Log message:
The OPENSSL_cleanse() in aes_gcm_cleanup() only cleans the gcm field of the
EVP_AES_GCM_CTX, leaving the AES key untouched
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/15 09:41:25
Modified files:
lib/libssl/src/crypto/evp: e_aes.c
Log message:
Add missing OPENSSL_cleanse() in aead_aes_gcm_cleanup().
ok beck@ miod@
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/15 09:44:39
Modified files:
lib/libssl/src/crypto/evp: evp_enc.c
Log message:
Simplify EVP_CIPHER_CTX_new() - stop pretending that EVP_CIPHER_CTX_init()
does something special... just use calloc()
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/15 09:46:22
Modified files:
lib/libssl/src/crypto/evp: digest.c
Log message:
Simplify EVP_MD_CTX_create() by just using calloc(). Also, use 0 rather
than '\0' for several memset().
ok beck@ miod@
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2014/06/21 07:39:46
Modified files:
lib/libssl/src/crypto/hmac: hm_ameth.c hm_pmeth.c hmac.c hmac.h
Log message:
More KNF.
901 - 1000 of 4100 matches
Mail list logo