#
1.60 |
|
02-Mar-2024 |
tb |
Make CRYPTO_THREADID opaque
With ERR_STATE out of the way, we can make CRYPTO_THREADID opaque. The type is still accessed by used public API, but some of the public API can also go away.
ok jsing
|
#
1.59 |
|
02-Mar-2024 |
tb |
Remove ERR_get_state
The ERR_STATE struct is an unused implementation detail of the horrific error stack code. It is the last public consumer of CRYPTO_THREAD internals. Make this and its accessor internal so we can make the CRYPTO_THREAD struct opaque.
ok jsing
|
#
1.58 |
|
24-Feb-2024 |
tb |
Remove last calls to CRYPTO_{push,pop}_info()
These don't do anything but return 0 and will be garbage collected in the upcoming bump.
ok jsing
|
#
1.57 |
|
24-Feb-2024 |
tb |
err.c: fix incorrect line wrapping
|
Revision tags: OPENBSD_7_4_BASE
|
#
1.56 |
|
28-Jul-2023 |
tb |
Remove more ERR cruft
Ever wondered how many entries populate the various err hashes? Me neither. Remove this garbage.
ok jsing
|
#
1.55 |
|
28-Jul-2023 |
tb |
Remove ERR_{get,set}_implementation()
Much like ex_data, applications can make the library use their own error stack implementation. Well, except as of right now they no longer can.
ok jsing
|
#
1.54 |
|
07-Jul-2023 |
beck |
Unbreak the namespace build after a broken mk.conf and tool misfire had me aliasing symbols not in the headers I was procesing.
This unbreaks the namespace build so it will pass again
ok tb@
|
#
1.53 |
|
07-Jul-2023 |
beck |
Hide symbols in hkdf, evp, err, ecdsa, and ec
(part 2 of commit)
ok jsing@
|
#
1.52 |
|
09-Apr-2023 |
tb |
Move a few functions out of OPENSSL_NO_DEPRECATED
Geoff Thorpe added OPENSSL_NO_DEPRECATED nearly two decades ago. The hope was that at some point some functions can be dropped. Most of the functions marked deprecated are actually unused nowadays but unfortunately some of them are still used in the ecosystem. Move them out of OPENSSL_NO_DEPRECATED so we can define it without breaking the consumers in the next bump.
ERR_remove_state() is still used by a dozen or so ports. This isn't a big deal since it is just a stupid wrapper for the not quite as deprecated ERR_remove_thread_state(). It's not worth patching these ports.
Annoyingly, {DH,DSA}_generate_parameters() and RSA_generate_key() are still used. They "make use" of the old-style BN_GENCB callback, which is therefore more difficult to remove - in case you don't know know: that's the thing responsible for printing pretty '.', '+' and '*' when you generate keys.
Most annoyingly, DH_generate_parameters() was added to rust-openssl in 2020 for "advanced DH support". This is very unfortunate since cargo bundles a rust-openssl and updates it only every few years or so. As a consequence we're going to be stuck with this nonsense for a good while.
ok beck jsing
|
#
1.51 |
|
27-Mar-2023 |
jan |
Avoid errno is EINVAL after OpenSSL initialization
ok tb@
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.50 |
|
26-Dec-2022 |
jmc |
spelling fixes; from paul tagliamonte i removed the arithmetics -> arithmetic changes, as i felt they were not clearly correct
ok tb
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.49 |
|
29-Aug-2022 |
jsing |
Provide ERR_R_INIT_FAIL.
Needed for an upcoming change.
ok tb@
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
|
#
1.48 |
|
17-Oct-2019 |
jsing |
Provide err_clear_last_constant_time() as a way of clearing an error from the top of the error stack in constant time.
This will be used by upcoming RSA changes.
From OpenSSL 1.1.1d.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.47 |
|
03-Apr-2018 |
tb |
KNF: move two opening curly braces of function bodies to their own lines
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.46 |
|
17-Mar-2018 |
beck |
Bring in compatibility for OpenSSL 1.1 style init functions.
This adds OPENSSL_init_crypto and OPENSSL_init_ssl, as well thread safety modifications for the existing LibreSSL init functions. The initialization routines are called automatically by the normal entry points into the library, as in newer OpenSSL
ok jsing@, nits by tb@ and deraadt@
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.45 |
|
20-Feb-2017 |
beck |
Mark ERR_add_error_data and ERR_add_error_vdata as not for internal use, and document ERR_asprintf_error_data as their replacement. ok jsing@, ingo@
|
#
1.44 |
|
07-Feb-2017 |
jsing |
Revert previous; the implementation is incorrect since it assumes that the provided error code matches the error that is currently on the top of the error stack.
|
#
1.43 |
|
07-Feb-2017 |
beck |
Add file and line to the LibreSSL error strings sine we are no longer in 1989, VMS, or MS/DOS and we all run Brobdingnagian C compilers that have can now be counted on to achieve this level of sophistication nearly everywhere. ok jsing@
|
#
1.42 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.41 |
|
09-Nov-2014 |
miod |
GOST crypto algorithms (well, most of them), ported from the removed GOST engine to regular EVP citizens, contributed by Dmitry Eremin-Solenikov; libcrypto bits only for now.
This is a verbatim import of Dmitry's work, and does not compile in this state; the forthcoming commits will address these issues.
None of the GOST code is enabled in libcrypto yet, for it still gets compiled with OPENSSL_NO_GOST defined. However, the public header gost.h will be installed.
|
#
1.40 |
|
05-Oct-2014 |
deraadt |
compile with c89 (code / decl ordering); from Joakim.Tjernlund@transmode.se ok miod
|
#
1.39 |
|
24-Aug-2014 |
bcook |
constify strerror return value
There is no intention to modify the string returned by strerror and doing so is forbidden by the standard.
from Jonas 'Sortie' Termansen
ok tedu@ deraadt@
|
#
1.38 |
|
11-Jul-2014 |
jsing |
Only import cryptlib.h in the four source files that actually need it. Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes.
ok beck@ miod@
|
#
1.37 |
|
10-Jul-2014 |
jsing |
Explicitly include <openssl/opensslconf.h> in every file that references an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included.
This also includes some miscellaneous sorting/tidying of headers.
|
#
1.36 |
|
27-Jun-2014 |
deraadt |
save_errno botch; spotted by miod
|
#
1.35 |
|
27-Jun-2014 |
deraadt |
hand-KNF the remaining bits
|
#
1.34 |
|
26-Jun-2014 |
deraadt |
save errno in ERR_put_error(), so that SYSerr doesn't have any accidental cases where errno can be trashed. ok jsing
|
#
1.33 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.32 |
|
07-Jun-2014 |
deraadt |
malloc() result does not need a cast. ok miod
|
#
1.31 |
|
24-May-2014 |
jsing |
No OPENSSL_SYS_WINDOWS wanted.
ok miod@
|
#
1.30 |
|
24-Apr-2014 |
beck |
add ERR_asprintf_error_data, A tool to be used to get rid of the far too frequent construct of 30 lines of pointer and strlcat insanity followed by an ERR_add_error_data. I will sweep through here like a chubby mongol horde in the next few days pillaging crappy ERR_add_error_data's. Oh and while we're at it fix the nasty vdata function to use something less hard on the eyes. ok jsing@
|
#
1.29 |
|
21-Apr-2014 |
jsing |
KNF.
|
#
1.28 |
|
20-Apr-2014 |
guenther |
Chop off more SSLv2 tentacles and start fixing and noting y2038 issues. APIs that pass times as longs will have to change at some point... Bump major on both libcrypto and libssl.
ok tedu@
|
#
1.27 |
|
19-Apr-2014 |
guenther |
We'll interpret a (void) cast on snprintf() to mean it's been verified that truncation is either desirable, not an issue, or is detected and handled later
ok deraadt@
|
#
1.26 |
|
19-Apr-2014 |
beck |
use intrinsic strlcpy and strlcat everywhere so we only have one set of funcitons to check for incorrect use. keep BUF_strlcpy and BUF_strlcat for API comptibility only. ok tedu@
|
#
1.25 |
|
18-Apr-2014 |
beck |
Unsurprisingly, since <unistd.h> was so darn hard to find for OpenSSL developers they had resorted to manually protyping read(2) instead of incredible amount of preprocessor wizardry needed to find the ever illusive <unistd.h>. Let's just include <unistd.h> and we don't need to do this.. While we're at it flense out _OSD_POSIX and __DGJPP__ cruft. ok krw@
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
16-Apr-2014 |
beck |
Clean up dangerous strncpy use. This included a use where the resulting string was potentially not nul terminated and a place where malloc return was unchecked. while we're at it remove dummytest.c ok miod@
|
#
1.21 |
|
15-Apr-2014 |
beck |
Part 1 of eliminating BIO_snprintf(). This fixes mechanical conversions where the return value is ignored changing to (void) snprintf. ok deraadt@
|
#
1.20 |
|
13-Apr-2014 |
deraadt |
Remove various horrible socket syscall wrappers, especially SHUTDOWN* which did shutdown + close, all nasty and surprising. Use the raw syscalls that everyone knows the behaviour of. ok beck matthew
|
#
1.19 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.18 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.17 |
|
09-Jan-2009 |
djm |
resolve conflicts
|
#
1.16 |
|
05-Jan-2009 |
djm |
update to openssl-0.9.8i; tested by several, especially krw@
|
#
1.15 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.14 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.13 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.12 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.11 |
|
11-Nov-2003 |
markus |
merge 0.9.7c; minor bugsfixes; API addition: ERR_release_err_state_table [make includes before you build libssl/libcrypto]
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
03-Apr-2003 |
ho |
str{cat,cpy}/sprintf cleanup. markus@, deraadt@ ok
|
#
1.8 |
|
10-Sep-2002 |
markus |
merge openssl-0.9.7-beta3, tested on vax by miod@
|
#
1.7 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.6 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.5 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.58 |
|
24-Feb-2024 |
tb |
Remove last calls to CRYPTO_{push,pop}_info()
These don't do anything but return 0 and will be garbage collected in the upcoming bump.
ok jsing
|
#
1.57 |
|
24-Feb-2024 |
tb |
err.c: fix incorrect line wrapping
|
Revision tags: OPENBSD_7_4_BASE
|
#
1.56 |
|
28-Jul-2023 |
tb |
Remove more ERR cruft
Ever wondered how many entries populate the various err hashes? Me neither. Remove this garbage.
ok jsing
|
#
1.55 |
|
28-Jul-2023 |
tb |
Remove ERR_{get,set}_implementation()
Much like ex_data, applications can make the library use their own error stack implementation. Well, except as of right now they no longer can.
ok jsing
|
#
1.54 |
|
07-Jul-2023 |
beck |
Unbreak the namespace build after a broken mk.conf and tool misfire had me aliasing symbols not in the headers I was procesing.
This unbreaks the namespace build so it will pass again
ok tb@
|
#
1.53 |
|
07-Jul-2023 |
beck |
Hide symbols in hkdf, evp, err, ecdsa, and ec
(part 2 of commit)
ok jsing@
|
#
1.52 |
|
09-Apr-2023 |
tb |
Move a few functions out of OPENSSL_NO_DEPRECATED
Geoff Thorpe added OPENSSL_NO_DEPRECATED nearly two decades ago. The hope was that at some point some functions can be dropped. Most of the functions marked deprecated are actually unused nowadays but unfortunately some of them are still used in the ecosystem. Move them out of OPENSSL_NO_DEPRECATED so we can define it without breaking the consumers in the next bump.
ERR_remove_state() is still used by a dozen or so ports. This isn't a big deal since it is just a stupid wrapper for the not quite as deprecated ERR_remove_thread_state(). It's not worth patching these ports.
Annoyingly, {DH,DSA}_generate_parameters() and RSA_generate_key() are still used. They "make use" of the old-style BN_GENCB callback, which is therefore more difficult to remove - in case you don't know know: that's the thing responsible for printing pretty '.', '+' and '*' when you generate keys.
Most annoyingly, DH_generate_parameters() was added to rust-openssl in 2020 for "advanced DH support". This is very unfortunate since cargo bundles a rust-openssl and updates it only every few years or so. As a consequence we're going to be stuck with this nonsense for a good while.
ok beck jsing
|
#
1.51 |
|
27-Mar-2023 |
jan |
Avoid errno is EINVAL after OpenSSL initialization
ok tb@
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.50 |
|
26-Dec-2022 |
jmc |
spelling fixes; from paul tagliamonte i removed the arithmetics -> arithmetic changes, as i felt they were not clearly correct
ok tb
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.49 |
|
29-Aug-2022 |
jsing |
Provide ERR_R_INIT_FAIL.
Needed for an upcoming change.
ok tb@
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
|
#
1.48 |
|
17-Oct-2019 |
jsing |
Provide err_clear_last_constant_time() as a way of clearing an error from the top of the error stack in constant time.
This will be used by upcoming RSA changes.
From OpenSSL 1.1.1d.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.47 |
|
03-Apr-2018 |
tb |
KNF: move two opening curly braces of function bodies to their own lines
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.46 |
|
17-Mar-2018 |
beck |
Bring in compatibility for OpenSSL 1.1 style init functions.
This adds OPENSSL_init_crypto and OPENSSL_init_ssl, as well thread safety modifications for the existing LibreSSL init functions. The initialization routines are called automatically by the normal entry points into the library, as in newer OpenSSL
ok jsing@, nits by tb@ and deraadt@
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.45 |
|
20-Feb-2017 |
beck |
Mark ERR_add_error_data and ERR_add_error_vdata as not for internal use, and document ERR_asprintf_error_data as their replacement. ok jsing@, ingo@
|
#
1.44 |
|
07-Feb-2017 |
jsing |
Revert previous; the implementation is incorrect since it assumes that the provided error code matches the error that is currently on the top of the error stack.
|
#
1.43 |
|
07-Feb-2017 |
beck |
Add file and line to the LibreSSL error strings sine we are no longer in 1989, VMS, or MS/DOS and we all run Brobdingnagian C compilers that have can now be counted on to achieve this level of sophistication nearly everywhere. ok jsing@
|
#
1.42 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.41 |
|
09-Nov-2014 |
miod |
GOST crypto algorithms (well, most of them), ported from the removed GOST engine to regular EVP citizens, contributed by Dmitry Eremin-Solenikov; libcrypto bits only for now.
This is a verbatim import of Dmitry's work, and does not compile in this state; the forthcoming commits will address these issues.
None of the GOST code is enabled in libcrypto yet, for it still gets compiled with OPENSSL_NO_GOST defined. However, the public header gost.h will be installed.
|
#
1.40 |
|
05-Oct-2014 |
deraadt |
compile with c89 (code / decl ordering); from Joakim.Tjernlund@transmode.se ok miod
|
#
1.39 |
|
24-Aug-2014 |
bcook |
constify strerror return value
There is no intention to modify the string returned by strerror and doing so is forbidden by the standard.
from Jonas 'Sortie' Termansen
ok tedu@ deraadt@
|
#
1.38 |
|
11-Jul-2014 |
jsing |
Only import cryptlib.h in the four source files that actually need it. Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes.
ok beck@ miod@
|
#
1.37 |
|
10-Jul-2014 |
jsing |
Explicitly include <openssl/opensslconf.h> in every file that references an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included.
This also includes some miscellaneous sorting/tidying of headers.
|
#
1.36 |
|
27-Jun-2014 |
deraadt |
save_errno botch; spotted by miod
|
#
1.35 |
|
27-Jun-2014 |
deraadt |
hand-KNF the remaining bits
|
#
1.34 |
|
26-Jun-2014 |
deraadt |
save errno in ERR_put_error(), so that SYSerr doesn't have any accidental cases where errno can be trashed. ok jsing
|
#
1.33 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.32 |
|
07-Jun-2014 |
deraadt |
malloc() result does not need a cast. ok miod
|
#
1.31 |
|
24-May-2014 |
jsing |
No OPENSSL_SYS_WINDOWS wanted.
ok miod@
|
#
1.30 |
|
24-Apr-2014 |
beck |
add ERR_asprintf_error_data, A tool to be used to get rid of the far too frequent construct of 30 lines of pointer and strlcat insanity followed by an ERR_add_error_data. I will sweep through here like a chubby mongol horde in the next few days pillaging crappy ERR_add_error_data's. Oh and while we're at it fix the nasty vdata function to use something less hard on the eyes. ok jsing@
|
#
1.29 |
|
21-Apr-2014 |
jsing |
KNF.
|
#
1.28 |
|
20-Apr-2014 |
guenther |
Chop off more SSLv2 tentacles and start fixing and noting y2038 issues. APIs that pass times as longs will have to change at some point... Bump major on both libcrypto and libssl.
ok tedu@
|
#
1.27 |
|
19-Apr-2014 |
guenther |
We'll interpret a (void) cast on snprintf() to mean it's been verified that truncation is either desirable, not an issue, or is detected and handled later
ok deraadt@
|
#
1.26 |
|
19-Apr-2014 |
beck |
use intrinsic strlcpy and strlcat everywhere so we only have one set of funcitons to check for incorrect use. keep BUF_strlcpy and BUF_strlcat for API comptibility only. ok tedu@
|
#
1.25 |
|
18-Apr-2014 |
beck |
Unsurprisingly, since <unistd.h> was so darn hard to find for OpenSSL developers they had resorted to manually protyping read(2) instead of incredible amount of preprocessor wizardry needed to find the ever illusive <unistd.h>. Let's just include <unistd.h> and we don't need to do this.. While we're at it flense out _OSD_POSIX and __DGJPP__ cruft. ok krw@
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
16-Apr-2014 |
beck |
Clean up dangerous strncpy use. This included a use where the resulting string was potentially not nul terminated and a place where malloc return was unchecked. while we're at it remove dummytest.c ok miod@
|
#
1.21 |
|
15-Apr-2014 |
beck |
Part 1 of eliminating BIO_snprintf(). This fixes mechanical conversions where the return value is ignored changing to (void) snprintf. ok deraadt@
|
#
1.20 |
|
13-Apr-2014 |
deraadt |
Remove various horrible socket syscall wrappers, especially SHUTDOWN* which did shutdown + close, all nasty and surprising. Use the raw syscalls that everyone knows the behaviour of. ok beck matthew
|
#
1.19 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.18 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.17 |
|
09-Jan-2009 |
djm |
resolve conflicts
|
#
1.16 |
|
05-Jan-2009 |
djm |
update to openssl-0.9.8i; tested by several, especially krw@
|
#
1.15 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.14 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.13 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.12 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.11 |
|
11-Nov-2003 |
markus |
merge 0.9.7c; minor bugsfixes; API addition: ERR_release_err_state_table [make includes before you build libssl/libcrypto]
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
03-Apr-2003 |
ho |
str{cat,cpy}/sprintf cleanup. markus@, deraadt@ ok
|
#
1.8 |
|
10-Sep-2002 |
markus |
merge openssl-0.9.7-beta3, tested on vax by miod@
|
#
1.7 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.6 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.5 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.56 |
|
28-Jul-2023 |
tb |
Remove more ERR cruft
Ever wondered how many entries populate the various err hashes? Me neither. Remove this garbage.
ok jsing
|
#
1.55 |
|
28-Jul-2023 |
tb |
Remove ERR_{get,set}_implementation()
Much like ex_data, applications can make the library use their own error stack implementation. Well, except as of right now they no longer can.
ok jsing
|
#
1.54 |
|
07-Jul-2023 |
beck |
Unbreak the namespace build after a broken mk.conf and tool misfire had me aliasing symbols not in the headers I was procesing.
This unbreaks the namespace build so it will pass again
ok tb@
|
#
1.53 |
|
07-Jul-2023 |
beck |
Hide symbols in hkdf, evp, err, ecdsa, and ec
(part 2 of commit)
ok jsing@
|
#
1.52 |
|
09-Apr-2023 |
tb |
Move a few functions out of OPENSSL_NO_DEPRECATED
Geoff Thorpe added OPENSSL_NO_DEPRECATED nearly two decades ago. The hope was that at some point some functions can be dropped. Most of the functions marked deprecated are actually unused nowadays but unfortunately some of them are still used in the ecosystem. Move them out of OPENSSL_NO_DEPRECATED so we can define it without breaking the consumers in the next bump.
ERR_remove_state() is still used by a dozen or so ports. This isn't a big deal since it is just a stupid wrapper for the not quite as deprecated ERR_remove_thread_state(). It's not worth patching these ports.
Annoyingly, {DH,DSA}_generate_parameters() and RSA_generate_key() are still used. They "make use" of the old-style BN_GENCB callback, which is therefore more difficult to remove - in case you don't know know: that's the thing responsible for printing pretty '.', '+' and '*' when you generate keys.
Most annoyingly, DH_generate_parameters() was added to rust-openssl in 2020 for "advanced DH support". This is very unfortunate since cargo bundles a rust-openssl and updates it only every few years or so. As a consequence we're going to be stuck with this nonsense for a good while.
ok beck jsing
|
#
1.51 |
|
27-Mar-2023 |
jan |
Avoid errno is EINVAL after OpenSSL initialization
ok tb@
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.50 |
|
26-Dec-2022 |
jmc |
spelling fixes; from paul tagliamonte i removed the arithmetics -> arithmetic changes, as i felt they were not clearly correct
ok tb
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.49 |
|
29-Aug-2022 |
jsing |
Provide ERR_R_INIT_FAIL.
Needed for an upcoming change.
ok tb@
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
|
#
1.48 |
|
17-Oct-2019 |
jsing |
Provide err_clear_last_constant_time() as a way of clearing an error from the top of the error stack in constant time.
This will be used by upcoming RSA changes.
From OpenSSL 1.1.1d.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.47 |
|
03-Apr-2018 |
tb |
KNF: move two opening curly braces of function bodies to their own lines
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.46 |
|
17-Mar-2018 |
beck |
Bring in compatibility for OpenSSL 1.1 style init functions.
This adds OPENSSL_init_crypto and OPENSSL_init_ssl, as well thread safety modifications for the existing LibreSSL init functions. The initialization routines are called automatically by the normal entry points into the library, as in newer OpenSSL
ok jsing@, nits by tb@ and deraadt@
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.45 |
|
20-Feb-2017 |
beck |
Mark ERR_add_error_data and ERR_add_error_vdata as not for internal use, and document ERR_asprintf_error_data as their replacement. ok jsing@, ingo@
|
#
1.44 |
|
07-Feb-2017 |
jsing |
Revert previous; the implementation is incorrect since it assumes that the provided error code matches the error that is currently on the top of the error stack.
|
#
1.43 |
|
07-Feb-2017 |
beck |
Add file and line to the LibreSSL error strings sine we are no longer in 1989, VMS, or MS/DOS and we all run Brobdingnagian C compilers that have can now be counted on to achieve this level of sophistication nearly everywhere. ok jsing@
|
#
1.42 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.41 |
|
09-Nov-2014 |
miod |
GOST crypto algorithms (well, most of them), ported from the removed GOST engine to regular EVP citizens, contributed by Dmitry Eremin-Solenikov; libcrypto bits only for now.
This is a verbatim import of Dmitry's work, and does not compile in this state; the forthcoming commits will address these issues.
None of the GOST code is enabled in libcrypto yet, for it still gets compiled with OPENSSL_NO_GOST defined. However, the public header gost.h will be installed.
|
#
1.40 |
|
05-Oct-2014 |
deraadt |
compile with c89 (code / decl ordering); from Joakim.Tjernlund@transmode.se ok miod
|
#
1.39 |
|
24-Aug-2014 |
bcook |
constify strerror return value
There is no intention to modify the string returned by strerror and doing so is forbidden by the standard.
from Jonas 'Sortie' Termansen
ok tedu@ deraadt@
|
#
1.38 |
|
11-Jul-2014 |
jsing |
Only import cryptlib.h in the four source files that actually need it. Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes.
ok beck@ miod@
|
#
1.37 |
|
10-Jul-2014 |
jsing |
Explicitly include <openssl/opensslconf.h> in every file that references an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included.
This also includes some miscellaneous sorting/tidying of headers.
|
#
1.36 |
|
27-Jun-2014 |
deraadt |
save_errno botch; spotted by miod
|
#
1.35 |
|
27-Jun-2014 |
deraadt |
hand-KNF the remaining bits
|
#
1.34 |
|
26-Jun-2014 |
deraadt |
save errno in ERR_put_error(), so that SYSerr doesn't have any accidental cases where errno can be trashed. ok jsing
|
#
1.33 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.32 |
|
07-Jun-2014 |
deraadt |
malloc() result does not need a cast. ok miod
|
#
1.31 |
|
24-May-2014 |
jsing |
No OPENSSL_SYS_WINDOWS wanted.
ok miod@
|
#
1.30 |
|
24-Apr-2014 |
beck |
add ERR_asprintf_error_data, A tool to be used to get rid of the far too frequent construct of 30 lines of pointer and strlcat insanity followed by an ERR_add_error_data. I will sweep through here like a chubby mongol horde in the next few days pillaging crappy ERR_add_error_data's. Oh and while we're at it fix the nasty vdata function to use something less hard on the eyes. ok jsing@
|
#
1.29 |
|
21-Apr-2014 |
jsing |
KNF.
|
#
1.28 |
|
20-Apr-2014 |
guenther |
Chop off more SSLv2 tentacles and start fixing and noting y2038 issues. APIs that pass times as longs will have to change at some point... Bump major on both libcrypto and libssl.
ok tedu@
|
#
1.27 |
|
19-Apr-2014 |
guenther |
We'll interpret a (void) cast on snprintf() to mean it's been verified that truncation is either desirable, not an issue, or is detected and handled later
ok deraadt@
|
#
1.26 |
|
19-Apr-2014 |
beck |
use intrinsic strlcpy and strlcat everywhere so we only have one set of funcitons to check for incorrect use. keep BUF_strlcpy and BUF_strlcat for API comptibility only. ok tedu@
|
#
1.25 |
|
18-Apr-2014 |
beck |
Unsurprisingly, since <unistd.h> was so darn hard to find for OpenSSL developers they had resorted to manually protyping read(2) instead of incredible amount of preprocessor wizardry needed to find the ever illusive <unistd.h>. Let's just include <unistd.h> and we don't need to do this.. While we're at it flense out _OSD_POSIX and __DGJPP__ cruft. ok krw@
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
16-Apr-2014 |
beck |
Clean up dangerous strncpy use. This included a use where the resulting string was potentially not nul terminated and a place where malloc return was unchecked. while we're at it remove dummytest.c ok miod@
|
#
1.21 |
|
15-Apr-2014 |
beck |
Part 1 of eliminating BIO_snprintf(). This fixes mechanical conversions where the return value is ignored changing to (void) snprintf. ok deraadt@
|
#
1.20 |
|
13-Apr-2014 |
deraadt |
Remove various horrible socket syscall wrappers, especially SHUTDOWN* which did shutdown + close, all nasty and surprising. Use the raw syscalls that everyone knows the behaviour of. ok beck matthew
|
#
1.19 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.18 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.17 |
|
09-Jan-2009 |
djm |
resolve conflicts
|
#
1.16 |
|
05-Jan-2009 |
djm |
update to openssl-0.9.8i; tested by several, especially krw@
|
#
1.15 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.14 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.13 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.12 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.11 |
|
11-Nov-2003 |
markus |
merge 0.9.7c; minor bugsfixes; API addition: ERR_release_err_state_table [make includes before you build libssl/libcrypto]
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
03-Apr-2003 |
ho |
str{cat,cpy}/sprintf cleanup. markus@, deraadt@ ok
|
#
1.8 |
|
10-Sep-2002 |
markus |
merge openssl-0.9.7-beta3, tested on vax by miod@
|
#
1.7 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.6 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.5 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.54 |
|
07-Jul-2023 |
beck |
Unbreak the namespace build after a broken mk.conf and tool misfire had me aliasing symbols not in the headers I was procesing.
This unbreaks the namespace build so it will pass again
ok tb@
|
#
1.53 |
|
07-Jul-2023 |
beck |
Hide symbols in hkdf, evp, err, ecdsa, and ec
(part 2 of commit)
ok jsing@
|
#
1.52 |
|
09-Apr-2023 |
tb |
Move a few functions out of OPENSSL_NO_DEPRECATED
Geoff Thorpe added OPENSSL_NO_DEPRECATED nearly two decades ago. The hope was that at some point some functions can be dropped. Most of the functions marked deprecated are actually unused nowadays but unfortunately some of them are still used in the ecosystem. Move them out of OPENSSL_NO_DEPRECATED so we can define it without breaking the consumers in the next bump.
ERR_remove_state() is still used by a dozen or so ports. This isn't a big deal since it is just a stupid wrapper for the not quite as deprecated ERR_remove_thread_state(). It's not worth patching these ports.
Annoyingly, {DH,DSA}_generate_parameters() and RSA_generate_key() are still used. They "make use" of the old-style BN_GENCB callback, which is therefore more difficult to remove - in case you don't know know: that's the thing responsible for printing pretty '.', '+' and '*' when you generate keys.
Most annoyingly, DH_generate_parameters() was added to rust-openssl in 2020 for "advanced DH support". This is very unfortunate since cargo bundles a rust-openssl and updates it only every few years or so. As a consequence we're going to be stuck with this nonsense for a good while.
ok beck jsing
|
#
1.51 |
|
27-Mar-2023 |
jan |
Avoid errno is EINVAL after OpenSSL initialization
ok tb@
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.50 |
|
26-Dec-2022 |
jmc |
spelling fixes; from paul tagliamonte i removed the arithmetics -> arithmetic changes, as i felt they were not clearly correct
ok tb
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.49 |
|
29-Aug-2022 |
jsing |
Provide ERR_R_INIT_FAIL.
Needed for an upcoming change.
ok tb@
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
|
#
1.48 |
|
17-Oct-2019 |
jsing |
Provide err_clear_last_constant_time() as a way of clearing an error from the top of the error stack in constant time.
This will be used by upcoming RSA changes.
From OpenSSL 1.1.1d.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.47 |
|
03-Apr-2018 |
tb |
KNF: move two opening curly braces of function bodies to their own lines
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.46 |
|
17-Mar-2018 |
beck |
Bring in compatibility for OpenSSL 1.1 style init functions.
This adds OPENSSL_init_crypto and OPENSSL_init_ssl, as well thread safety modifications for the existing LibreSSL init functions. The initialization routines are called automatically by the normal entry points into the library, as in newer OpenSSL
ok jsing@, nits by tb@ and deraadt@
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.45 |
|
20-Feb-2017 |
beck |
Mark ERR_add_error_data and ERR_add_error_vdata as not for internal use, and document ERR_asprintf_error_data as their replacement. ok jsing@, ingo@
|
#
1.44 |
|
07-Feb-2017 |
jsing |
Revert previous; the implementation is incorrect since it assumes that the provided error code matches the error that is currently on the top of the error stack.
|
#
1.43 |
|
07-Feb-2017 |
beck |
Add file and line to the LibreSSL error strings sine we are no longer in 1989, VMS, or MS/DOS and we all run Brobdingnagian C compilers that have can now be counted on to achieve this level of sophistication nearly everywhere. ok jsing@
|
#
1.42 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.41 |
|
09-Nov-2014 |
miod |
GOST crypto algorithms (well, most of them), ported from the removed GOST engine to regular EVP citizens, contributed by Dmitry Eremin-Solenikov; libcrypto bits only for now.
This is a verbatim import of Dmitry's work, and does not compile in this state; the forthcoming commits will address these issues.
None of the GOST code is enabled in libcrypto yet, for it still gets compiled with OPENSSL_NO_GOST defined. However, the public header gost.h will be installed.
|
#
1.40 |
|
05-Oct-2014 |
deraadt |
compile with c89 (code / decl ordering); from Joakim.Tjernlund@transmode.se ok miod
|
#
1.39 |
|
24-Aug-2014 |
bcook |
constify strerror return value
There is no intention to modify the string returned by strerror and doing so is forbidden by the standard.
from Jonas 'Sortie' Termansen
ok tedu@ deraadt@
|
#
1.38 |
|
11-Jul-2014 |
jsing |
Only import cryptlib.h in the four source files that actually need it. Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes.
ok beck@ miod@
|
#
1.37 |
|
10-Jul-2014 |
jsing |
Explicitly include <openssl/opensslconf.h> in every file that references an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included.
This also includes some miscellaneous sorting/tidying of headers.
|
#
1.36 |
|
27-Jun-2014 |
deraadt |
save_errno botch; spotted by miod
|
#
1.35 |
|
27-Jun-2014 |
deraadt |
hand-KNF the remaining bits
|
#
1.34 |
|
26-Jun-2014 |
deraadt |
save errno in ERR_put_error(), so that SYSerr doesn't have any accidental cases where errno can be trashed. ok jsing
|
#
1.33 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.32 |
|
07-Jun-2014 |
deraadt |
malloc() result does not need a cast. ok miod
|
#
1.31 |
|
24-May-2014 |
jsing |
No OPENSSL_SYS_WINDOWS wanted.
ok miod@
|
#
1.30 |
|
24-Apr-2014 |
beck |
add ERR_asprintf_error_data, A tool to be used to get rid of the far too frequent construct of 30 lines of pointer and strlcat insanity followed by an ERR_add_error_data. I will sweep through here like a chubby mongol horde in the next few days pillaging crappy ERR_add_error_data's. Oh and while we're at it fix the nasty vdata function to use something less hard on the eyes. ok jsing@
|
#
1.29 |
|
21-Apr-2014 |
jsing |
KNF.
|
#
1.28 |
|
20-Apr-2014 |
guenther |
Chop off more SSLv2 tentacles and start fixing and noting y2038 issues. APIs that pass times as longs will have to change at some point... Bump major on both libcrypto and libssl.
ok tedu@
|
#
1.27 |
|
19-Apr-2014 |
guenther |
We'll interpret a (void) cast on snprintf() to mean it's been verified that truncation is either desirable, not an issue, or is detected and handled later
ok deraadt@
|
#
1.26 |
|
19-Apr-2014 |
beck |
use intrinsic strlcpy and strlcat everywhere so we only have one set of funcitons to check for incorrect use. keep BUF_strlcpy and BUF_strlcat for API comptibility only. ok tedu@
|
#
1.25 |
|
18-Apr-2014 |
beck |
Unsurprisingly, since <unistd.h> was so darn hard to find for OpenSSL developers they had resorted to manually protyping read(2) instead of incredible amount of preprocessor wizardry needed to find the ever illusive <unistd.h>. Let's just include <unistd.h> and we don't need to do this.. While we're at it flense out _OSD_POSIX and __DGJPP__ cruft. ok krw@
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
16-Apr-2014 |
beck |
Clean up dangerous strncpy use. This included a use where the resulting string was potentially not nul terminated and a place where malloc return was unchecked. while we're at it remove dummytest.c ok miod@
|
#
1.21 |
|
15-Apr-2014 |
beck |
Part 1 of eliminating BIO_snprintf(). This fixes mechanical conversions where the return value is ignored changing to (void) snprintf. ok deraadt@
|
#
1.20 |
|
13-Apr-2014 |
deraadt |
Remove various horrible socket syscall wrappers, especially SHUTDOWN* which did shutdown + close, all nasty and surprising. Use the raw syscalls that everyone knows the behaviour of. ok beck matthew
|
#
1.19 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.18 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.17 |
|
09-Jan-2009 |
djm |
resolve conflicts
|
#
1.16 |
|
05-Jan-2009 |
djm |
update to openssl-0.9.8i; tested by several, especially krw@
|
#
1.15 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.14 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.13 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.12 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.11 |
|
11-Nov-2003 |
markus |
merge 0.9.7c; minor bugsfixes; API addition: ERR_release_err_state_table [make includes before you build libssl/libcrypto]
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
03-Apr-2003 |
ho |
str{cat,cpy}/sprintf cleanup. markus@, deraadt@ ok
|
#
1.8 |
|
10-Sep-2002 |
markus |
merge openssl-0.9.7-beta3, tested on vax by miod@
|
#
1.7 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.6 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.5 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.52 |
|
09-Apr-2023 |
tb |
Move a few functions out of OPENSSL_NO_DEPRECATED
Geoff Thorpe added OPENSSL_NO_DEPRECATED nearly two decades ago. The hope was that at some point some functions can be dropped. Most of the functions marked deprecated are actually unused nowadays but unfortunately some of them are still used in the ecosystem. Move them out of OPENSSL_NO_DEPRECATED so we can define it without breaking the consumers in the next bump.
ERR_remove_state() is still used by a dozen or so ports. This isn't a big deal since it is just a stupid wrapper for the not quite as deprecated ERR_remove_thread_state(). It's not worth patching these ports.
Annoyingly, {DH,DSA}_generate_parameters() and RSA_generate_key() are still used. They "make use" of the old-style BN_GENCB callback, which is therefore more difficult to remove - in case you don't know know: that's the thing responsible for printing pretty '.', '+' and '*' when you generate keys.
Most annoyingly, DH_generate_parameters() was added to rust-openssl in 2020 for "advanced DH support". This is very unfortunate since cargo bundles a rust-openssl and updates it only every few years or so. As a consequence we're going to be stuck with this nonsense for a good while.
ok beck jsing
|
#
1.51 |
|
27-Mar-2023 |
jan |
Avoid errno is EINVAL after OpenSSL initialization
ok tb@
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.50 |
|
26-Dec-2022 |
jmc |
spelling fixes; from paul tagliamonte i removed the arithmetics -> arithmetic changes, as i felt they were not clearly correct
ok tb
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.49 |
|
29-Aug-2022 |
jsing |
Provide ERR_R_INIT_FAIL.
Needed for an upcoming change.
ok tb@
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
|
#
1.48 |
|
17-Oct-2019 |
jsing |
Provide err_clear_last_constant_time() as a way of clearing an error from the top of the error stack in constant time.
This will be used by upcoming RSA changes.
From OpenSSL 1.1.1d.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.47 |
|
03-Apr-2018 |
tb |
KNF: move two opening curly braces of function bodies to their own lines
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.46 |
|
17-Mar-2018 |
beck |
Bring in compatibility for OpenSSL 1.1 style init functions.
This adds OPENSSL_init_crypto and OPENSSL_init_ssl, as well thread safety modifications for the existing LibreSSL init functions. The initialization routines are called automatically by the normal entry points into the library, as in newer OpenSSL
ok jsing@, nits by tb@ and deraadt@
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.45 |
|
20-Feb-2017 |
beck |
Mark ERR_add_error_data and ERR_add_error_vdata as not for internal use, and document ERR_asprintf_error_data as their replacement. ok jsing@, ingo@
|
#
1.44 |
|
07-Feb-2017 |
jsing |
Revert previous; the implementation is incorrect since it assumes that the provided error code matches the error that is currently on the top of the error stack.
|
#
1.43 |
|
07-Feb-2017 |
beck |
Add file and line to the LibreSSL error strings sine we are no longer in 1989, VMS, or MS/DOS and we all run Brobdingnagian C compilers that have can now be counted on to achieve this level of sophistication nearly everywhere. ok jsing@
|
#
1.42 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.41 |
|
09-Nov-2014 |
miod |
GOST crypto algorithms (well, most of them), ported from the removed GOST engine to regular EVP citizens, contributed by Dmitry Eremin-Solenikov; libcrypto bits only for now.
This is a verbatim import of Dmitry's work, and does not compile in this state; the forthcoming commits will address these issues.
None of the GOST code is enabled in libcrypto yet, for it still gets compiled with OPENSSL_NO_GOST defined. However, the public header gost.h will be installed.
|
#
1.40 |
|
05-Oct-2014 |
deraadt |
compile with c89 (code / decl ordering); from Joakim.Tjernlund@transmode.se ok miod
|
#
1.39 |
|
24-Aug-2014 |
bcook |
constify strerror return value
There is no intention to modify the string returned by strerror and doing so is forbidden by the standard.
from Jonas 'Sortie' Termansen
ok tedu@ deraadt@
|
#
1.38 |
|
11-Jul-2014 |
jsing |
Only import cryptlib.h in the four source files that actually need it. Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes.
ok beck@ miod@
|
#
1.37 |
|
10-Jul-2014 |
jsing |
Explicitly include <openssl/opensslconf.h> in every file that references an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included.
This also includes some miscellaneous sorting/tidying of headers.
|
#
1.36 |
|
27-Jun-2014 |
deraadt |
save_errno botch; spotted by miod
|
#
1.35 |
|
27-Jun-2014 |
deraadt |
hand-KNF the remaining bits
|
#
1.34 |
|
26-Jun-2014 |
deraadt |
save errno in ERR_put_error(), so that SYSerr doesn't have any accidental cases where errno can be trashed. ok jsing
|
#
1.33 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.32 |
|
07-Jun-2014 |
deraadt |
malloc() result does not need a cast. ok miod
|
#
1.31 |
|
24-May-2014 |
jsing |
No OPENSSL_SYS_WINDOWS wanted.
ok miod@
|
#
1.30 |
|
24-Apr-2014 |
beck |
add ERR_asprintf_error_data, A tool to be used to get rid of the far too frequent construct of 30 lines of pointer and strlcat insanity followed by an ERR_add_error_data. I will sweep through here like a chubby mongol horde in the next few days pillaging crappy ERR_add_error_data's. Oh and while we're at it fix the nasty vdata function to use something less hard on the eyes. ok jsing@
|
#
1.29 |
|
21-Apr-2014 |
jsing |
KNF.
|
#
1.28 |
|
20-Apr-2014 |
guenther |
Chop off more SSLv2 tentacles and start fixing and noting y2038 issues. APIs that pass times as longs will have to change at some point... Bump major on both libcrypto and libssl.
ok tedu@
|
#
1.27 |
|
19-Apr-2014 |
guenther |
We'll interpret a (void) cast on snprintf() to mean it's been verified that truncation is either desirable, not an issue, or is detected and handled later
ok deraadt@
|
#
1.26 |
|
19-Apr-2014 |
beck |
use intrinsic strlcpy and strlcat everywhere so we only have one set of funcitons to check for incorrect use. keep BUF_strlcpy and BUF_strlcat for API comptibility only. ok tedu@
|
#
1.25 |
|
18-Apr-2014 |
beck |
Unsurprisingly, since <unistd.h> was so darn hard to find for OpenSSL developers they had resorted to manually protyping read(2) instead of incredible amount of preprocessor wizardry needed to find the ever illusive <unistd.h>. Let's just include <unistd.h> and we don't need to do this.. While we're at it flense out _OSD_POSIX and __DGJPP__ cruft. ok krw@
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
16-Apr-2014 |
beck |
Clean up dangerous strncpy use. This included a use where the resulting string was potentially not nul terminated and a place where malloc return was unchecked. while we're at it remove dummytest.c ok miod@
|
#
1.21 |
|
15-Apr-2014 |
beck |
Part 1 of eliminating BIO_snprintf(). This fixes mechanical conversions where the return value is ignored changing to (void) snprintf. ok deraadt@
|
#
1.20 |
|
13-Apr-2014 |
deraadt |
Remove various horrible socket syscall wrappers, especially SHUTDOWN* which did shutdown + close, all nasty and surprising. Use the raw syscalls that everyone knows the behaviour of. ok beck matthew
|
#
1.19 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.18 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.17 |
|
09-Jan-2009 |
djm |
resolve conflicts
|
#
1.16 |
|
05-Jan-2009 |
djm |
update to openssl-0.9.8i; tested by several, especially krw@
|
#
1.15 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.14 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.13 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.12 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.11 |
|
11-Nov-2003 |
markus |
merge 0.9.7c; minor bugsfixes; API addition: ERR_release_err_state_table [make includes before you build libssl/libcrypto]
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
03-Apr-2003 |
ho |
str{cat,cpy}/sprintf cleanup. markus@, deraadt@ ok
|
#
1.8 |
|
10-Sep-2002 |
markus |
merge openssl-0.9.7-beta3, tested on vax by miod@
|
#
1.7 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.6 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.5 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.50 |
|
26-Dec-2022 |
jmc |
spelling fixes; from paul tagliamonte i removed the arithmetics -> arithmetic changes, as i felt they were not clearly correct
ok tb
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.49 |
|
29-Aug-2022 |
jsing |
Provide ERR_R_INIT_FAIL.
Needed for an upcoming change.
ok tb@
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
|
#
1.48 |
|
17-Oct-2019 |
jsing |
Provide err_clear_last_constant_time() as a way of clearing an error from the top of the error stack in constant time.
This will be used by upcoming RSA changes.
From OpenSSL 1.1.1d.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.47 |
|
03-Apr-2018 |
tb |
KNF: move two opening curly braces of function bodies to their own lines
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.46 |
|
17-Mar-2018 |
beck |
Bring in compatibility for OpenSSL 1.1 style init functions.
This adds OPENSSL_init_crypto and OPENSSL_init_ssl, as well thread safety modifications for the existing LibreSSL init functions. The initialization routines are called automatically by the normal entry points into the library, as in newer OpenSSL
ok jsing@, nits by tb@ and deraadt@
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.45 |
|
20-Feb-2017 |
beck |
Mark ERR_add_error_data and ERR_add_error_vdata as not for internal use, and document ERR_asprintf_error_data as their replacement. ok jsing@, ingo@
|
#
1.44 |
|
07-Feb-2017 |
jsing |
Revert previous; the implementation is incorrect since it assumes that the provided error code matches the error that is currently on the top of the error stack.
|
#
1.43 |
|
07-Feb-2017 |
beck |
Add file and line to the LibreSSL error strings sine we are no longer in 1989, VMS, or MS/DOS and we all run Brobdingnagian C compilers that have can now be counted on to achieve this level of sophistication nearly everywhere. ok jsing@
|
#
1.42 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.41 |
|
09-Nov-2014 |
miod |
GOST crypto algorithms (well, most of them), ported from the removed GOST engine to regular EVP citizens, contributed by Dmitry Eremin-Solenikov; libcrypto bits only for now.
This is a verbatim import of Dmitry's work, and does not compile in this state; the forthcoming commits will address these issues.
None of the GOST code is enabled in libcrypto yet, for it still gets compiled with OPENSSL_NO_GOST defined. However, the public header gost.h will be installed.
|
#
1.40 |
|
05-Oct-2014 |
deraadt |
compile with c89 (code / decl ordering); from Joakim.Tjernlund@transmode.se ok miod
|
#
1.39 |
|
24-Aug-2014 |
bcook |
constify strerror return value
There is no intention to modify the string returned by strerror and doing so is forbidden by the standard.
from Jonas 'Sortie' Termansen
ok tedu@ deraadt@
|
#
1.38 |
|
11-Jul-2014 |
jsing |
Only import cryptlib.h in the four source files that actually need it. Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes.
ok beck@ miod@
|
#
1.37 |
|
10-Jul-2014 |
jsing |
Explicitly include <openssl/opensslconf.h> in every file that references an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included.
This also includes some miscellaneous sorting/tidying of headers.
|
#
1.36 |
|
27-Jun-2014 |
deraadt |
save_errno botch; spotted by miod
|
#
1.35 |
|
27-Jun-2014 |
deraadt |
hand-KNF the remaining bits
|
#
1.34 |
|
26-Jun-2014 |
deraadt |
save errno in ERR_put_error(), so that SYSerr doesn't have any accidental cases where errno can be trashed. ok jsing
|
#
1.33 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.32 |
|
07-Jun-2014 |
deraadt |
malloc() result does not need a cast. ok miod
|
#
1.31 |
|
24-May-2014 |
jsing |
No OPENSSL_SYS_WINDOWS wanted.
ok miod@
|
#
1.30 |
|
24-Apr-2014 |
beck |
add ERR_asprintf_error_data, A tool to be used to get rid of the far too frequent construct of 30 lines of pointer and strlcat insanity followed by an ERR_add_error_data. I will sweep through here like a chubby mongol horde in the next few days pillaging crappy ERR_add_error_data's. Oh and while we're at it fix the nasty vdata function to use something less hard on the eyes. ok jsing@
|
#
1.29 |
|
21-Apr-2014 |
jsing |
KNF.
|
#
1.28 |
|
20-Apr-2014 |
guenther |
Chop off more SSLv2 tentacles and start fixing and noting y2038 issues. APIs that pass times as longs will have to change at some point... Bump major on both libcrypto and libssl.
ok tedu@
|
#
1.27 |
|
19-Apr-2014 |
guenther |
We'll interpret a (void) cast on snprintf() to mean it's been verified that truncation is either desirable, not an issue, or is detected and handled later
ok deraadt@
|
#
1.26 |
|
19-Apr-2014 |
beck |
use intrinsic strlcpy and strlcat everywhere so we only have one set of funcitons to check for incorrect use. keep BUF_strlcpy and BUF_strlcat for API comptibility only. ok tedu@
|
#
1.25 |
|
18-Apr-2014 |
beck |
Unsurprisingly, since <unistd.h> was so darn hard to find for OpenSSL developers they had resorted to manually protyping read(2) instead of incredible amount of preprocessor wizardry needed to find the ever illusive <unistd.h>. Let's just include <unistd.h> and we don't need to do this.. While we're at it flense out _OSD_POSIX and __DGJPP__ cruft. ok krw@
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
16-Apr-2014 |
beck |
Clean up dangerous strncpy use. This included a use where the resulting string was potentially not nul terminated and a place where malloc return was unchecked. while we're at it remove dummytest.c ok miod@
|
#
1.21 |
|
15-Apr-2014 |
beck |
Part 1 of eliminating BIO_snprintf(). This fixes mechanical conversions where the return value is ignored changing to (void) snprintf. ok deraadt@
|
#
1.20 |
|
13-Apr-2014 |
deraadt |
Remove various horrible socket syscall wrappers, especially SHUTDOWN* which did shutdown + close, all nasty and surprising. Use the raw syscalls that everyone knows the behaviour of. ok beck matthew
|
#
1.19 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.18 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.17 |
|
09-Jan-2009 |
djm |
resolve conflicts
|
#
1.16 |
|
05-Jan-2009 |
djm |
update to openssl-0.9.8i; tested by several, especially krw@
|
#
1.15 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.14 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.13 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.12 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.11 |
|
11-Nov-2003 |
markus |
merge 0.9.7c; minor bugsfixes; API addition: ERR_release_err_state_table [make includes before you build libssl/libcrypto]
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
03-Apr-2003 |
ho |
str{cat,cpy}/sprintf cleanup. markus@, deraadt@ ok
|
#
1.8 |
|
10-Sep-2002 |
markus |
merge openssl-0.9.7-beta3, tested on vax by miod@
|
#
1.7 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.6 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.5 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.49 |
|
29-Aug-2022 |
jsing |
Provide ERR_R_INIT_FAIL.
Needed for an upcoming change.
ok tb@
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
|
#
1.48 |
|
17-Oct-2019 |
jsing |
Provide err_clear_last_constant_time() as a way of clearing an error from the top of the error stack in constant time.
This will be used by upcoming RSA changes.
From OpenSSL 1.1.1d.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.47 |
|
03-Apr-2018 |
tb |
KNF: move two opening curly braces of function bodies to their own lines
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.46 |
|
17-Mar-2018 |
beck |
Bring in compatibility for OpenSSL 1.1 style init functions.
This adds OPENSSL_init_crypto and OPENSSL_init_ssl, as well thread safety modifications for the existing LibreSSL init functions. The initialization routines are called automatically by the normal entry points into the library, as in newer OpenSSL
ok jsing@, nits by tb@ and deraadt@
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.45 |
|
20-Feb-2017 |
beck |
Mark ERR_add_error_data and ERR_add_error_vdata as not for internal use, and document ERR_asprintf_error_data as their replacement. ok jsing@, ingo@
|
#
1.44 |
|
07-Feb-2017 |
jsing |
Revert previous; the implementation is incorrect since it assumes that the provided error code matches the error that is currently on the top of the error stack.
|
#
1.43 |
|
07-Feb-2017 |
beck |
Add file and line to the LibreSSL error strings sine we are no longer in 1989, VMS, or MS/DOS and we all run Brobdingnagian C compilers that have can now be counted on to achieve this level of sophistication nearly everywhere. ok jsing@
|
#
1.42 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.41 |
|
09-Nov-2014 |
miod |
GOST crypto algorithms (well, most of them), ported from the removed GOST engine to regular EVP citizens, contributed by Dmitry Eremin-Solenikov; libcrypto bits only for now.
This is a verbatim import of Dmitry's work, and does not compile in this state; the forthcoming commits will address these issues.
None of the GOST code is enabled in libcrypto yet, for it still gets compiled with OPENSSL_NO_GOST defined. However, the public header gost.h will be installed.
|
#
1.40 |
|
05-Oct-2014 |
deraadt |
compile with c89 (code / decl ordering); from Joakim.Tjernlund@transmode.se ok miod
|
#
1.39 |
|
24-Aug-2014 |
bcook |
constify strerror return value
There is no intention to modify the string returned by strerror and doing so is forbidden by the standard.
from Jonas 'Sortie' Termansen
ok tedu@ deraadt@
|
#
1.38 |
|
11-Jul-2014 |
jsing |
Only import cryptlib.h in the four source files that actually need it. Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes.
ok beck@ miod@
|
#
1.37 |
|
10-Jul-2014 |
jsing |
Explicitly include <openssl/opensslconf.h> in every file that references an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included.
This also includes some miscellaneous sorting/tidying of headers.
|
#
1.36 |
|
27-Jun-2014 |
deraadt |
save_errno botch; spotted by miod
|
#
1.35 |
|
27-Jun-2014 |
deraadt |
hand-KNF the remaining bits
|
#
1.34 |
|
26-Jun-2014 |
deraadt |
save errno in ERR_put_error(), so that SYSerr doesn't have any accidental cases where errno can be trashed. ok jsing
|
#
1.33 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.32 |
|
07-Jun-2014 |
deraadt |
malloc() result does not need a cast. ok miod
|
#
1.31 |
|
24-May-2014 |
jsing |
No OPENSSL_SYS_WINDOWS wanted.
ok miod@
|
#
1.30 |
|
24-Apr-2014 |
beck |
add ERR_asprintf_error_data, A tool to be used to get rid of the far too frequent construct of 30 lines of pointer and strlcat insanity followed by an ERR_add_error_data. I will sweep through here like a chubby mongol horde in the next few days pillaging crappy ERR_add_error_data's. Oh and while we're at it fix the nasty vdata function to use something less hard on the eyes. ok jsing@
|
#
1.29 |
|
21-Apr-2014 |
jsing |
KNF.
|
#
1.28 |
|
20-Apr-2014 |
guenther |
Chop off more SSLv2 tentacles and start fixing and noting y2038 issues. APIs that pass times as longs will have to change at some point... Bump major on both libcrypto and libssl.
ok tedu@
|
#
1.27 |
|
19-Apr-2014 |
guenther |
We'll interpret a (void) cast on snprintf() to mean it's been verified that truncation is either desirable, not an issue, or is detected and handled later
ok deraadt@
|
#
1.26 |
|
19-Apr-2014 |
beck |
use intrinsic strlcpy and strlcat everywhere so we only have one set of funcitons to check for incorrect use. keep BUF_strlcpy and BUF_strlcat for API comptibility only. ok tedu@
|
#
1.25 |
|
18-Apr-2014 |
beck |
Unsurprisingly, since <unistd.h> was so darn hard to find for OpenSSL developers they had resorted to manually protyping read(2) instead of incredible amount of preprocessor wizardry needed to find the ever illusive <unistd.h>. Let's just include <unistd.h> and we don't need to do this.. While we're at it flense out _OSD_POSIX and __DGJPP__ cruft. ok krw@
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
16-Apr-2014 |
beck |
Clean up dangerous strncpy use. This included a use where the resulting string was potentially not nul terminated and a place where malloc return was unchecked. while we're at it remove dummytest.c ok miod@
|
#
1.21 |
|
15-Apr-2014 |
beck |
Part 1 of eliminating BIO_snprintf(). This fixes mechanical conversions where the return value is ignored changing to (void) snprintf. ok deraadt@
|
#
1.20 |
|
13-Apr-2014 |
deraadt |
Remove various horrible socket syscall wrappers, especially SHUTDOWN* which did shutdown + close, all nasty and surprising. Use the raw syscalls that everyone knows the behaviour of. ok beck matthew
|
#
1.19 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.18 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.17 |
|
09-Jan-2009 |
djm |
resolve conflicts
|
#
1.16 |
|
05-Jan-2009 |
djm |
update to openssl-0.9.8i; tested by several, especially krw@
|
#
1.15 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.14 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.13 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.12 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.11 |
|
11-Nov-2003 |
markus |
merge 0.9.7c; minor bugsfixes; API addition: ERR_release_err_state_table [make includes before you build libssl/libcrypto]
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
03-Apr-2003 |
ho |
str{cat,cpy}/sprintf cleanup. markus@, deraadt@ ok
|
#
1.8 |
|
10-Sep-2002 |
markus |
merge openssl-0.9.7-beta3, tested on vax by miod@
|
#
1.7 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.6 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.5 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.48 |
|
17-Oct-2019 |
jsing |
Provide err_clear_last_constant_time() as a way of clearing an error from the top of the error stack in constant time.
This will be used by upcoming RSA changes.
From OpenSSL 1.1.1d.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.47 |
|
03-Apr-2018 |
tb |
KNF: move two opening curly braces of function bodies to their own lines
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.46 |
|
17-Mar-2018 |
beck |
Bring in compatibility for OpenSSL 1.1 style init functions.
This adds OPENSSL_init_crypto and OPENSSL_init_ssl, as well thread safety modifications for the existing LibreSSL init functions. The initialization routines are called automatically by the normal entry points into the library, as in newer OpenSSL
ok jsing@, nits by tb@ and deraadt@
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.45 |
|
20-Feb-2017 |
beck |
Mark ERR_add_error_data and ERR_add_error_vdata as not for internal use, and document ERR_asprintf_error_data as their replacement. ok jsing@, ingo@
|
#
1.44 |
|
07-Feb-2017 |
jsing |
Revert previous; the implementation is incorrect since it assumes that the provided error code matches the error that is currently on the top of the error stack.
|
#
1.43 |
|
07-Feb-2017 |
beck |
Add file and line to the LibreSSL error strings sine we are no longer in 1989, VMS, or MS/DOS and we all run Brobdingnagian C compilers that have can now be counted on to achieve this level of sophistication nearly everywhere. ok jsing@
|
#
1.42 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.41 |
|
09-Nov-2014 |
miod |
GOST crypto algorithms (well, most of them), ported from the removed GOST engine to regular EVP citizens, contributed by Dmitry Eremin-Solenikov; libcrypto bits only for now.
This is a verbatim import of Dmitry's work, and does not compile in this state; the forthcoming commits will address these issues.
None of the GOST code is enabled in libcrypto yet, for it still gets compiled with OPENSSL_NO_GOST defined. However, the public header gost.h will be installed.
|
#
1.40 |
|
05-Oct-2014 |
deraadt |
compile with c89 (code / decl ordering); from Joakim.Tjernlund@transmode.se ok miod
|
#
1.39 |
|
24-Aug-2014 |
bcook |
constify strerror return value
There is no intention to modify the string returned by strerror and doing so is forbidden by the standard.
from Jonas 'Sortie' Termansen
ok tedu@ deraadt@
|
#
1.38 |
|
11-Jul-2014 |
jsing |
Only import cryptlib.h in the four source files that actually need it. Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes.
ok beck@ miod@
|
#
1.37 |
|
10-Jul-2014 |
jsing |
Explicitly include <openssl/opensslconf.h> in every file that references an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included.
This also includes some miscellaneous sorting/tidying of headers.
|
#
1.36 |
|
27-Jun-2014 |
deraadt |
save_errno botch; spotted by miod
|
#
1.35 |
|
27-Jun-2014 |
deraadt |
hand-KNF the remaining bits
|
#
1.34 |
|
26-Jun-2014 |
deraadt |
save errno in ERR_put_error(), so that SYSerr doesn't have any accidental cases where errno can be trashed. ok jsing
|
#
1.33 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.32 |
|
07-Jun-2014 |
deraadt |
malloc() result does not need a cast. ok miod
|
#
1.31 |
|
24-May-2014 |
jsing |
No OPENSSL_SYS_WINDOWS wanted.
ok miod@
|
#
1.30 |
|
24-Apr-2014 |
beck |
add ERR_asprintf_error_data, A tool to be used to get rid of the far too frequent construct of 30 lines of pointer and strlcat insanity followed by an ERR_add_error_data. I will sweep through here like a chubby mongol horde in the next few days pillaging crappy ERR_add_error_data's. Oh and while we're at it fix the nasty vdata function to use something less hard on the eyes. ok jsing@
|
#
1.29 |
|
21-Apr-2014 |
jsing |
KNF.
|
#
1.28 |
|
20-Apr-2014 |
guenther |
Chop off more SSLv2 tentacles and start fixing and noting y2038 issues. APIs that pass times as longs will have to change at some point... Bump major on both libcrypto and libssl.
ok tedu@
|
#
1.27 |
|
19-Apr-2014 |
guenther |
We'll interpret a (void) cast on snprintf() to mean it's been verified that truncation is either desirable, not an issue, or is detected and handled later
ok deraadt@
|
#
1.26 |
|
19-Apr-2014 |
beck |
use intrinsic strlcpy and strlcat everywhere so we only have one set of funcitons to check for incorrect use. keep BUF_strlcpy and BUF_strlcat for API comptibility only. ok tedu@
|
#
1.25 |
|
18-Apr-2014 |
beck |
Unsurprisingly, since <unistd.h> was so darn hard to find for OpenSSL developers they had resorted to manually protyping read(2) instead of incredible amount of preprocessor wizardry needed to find the ever illusive <unistd.h>. Let's just include <unistd.h> and we don't need to do this.. While we're at it flense out _OSD_POSIX and __DGJPP__ cruft. ok krw@
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
16-Apr-2014 |
beck |
Clean up dangerous strncpy use. This included a use where the resulting string was potentially not nul terminated and a place where malloc return was unchecked. while we're at it remove dummytest.c ok miod@
|
#
1.21 |
|
15-Apr-2014 |
beck |
Part 1 of eliminating BIO_snprintf(). This fixes mechanical conversions where the return value is ignored changing to (void) snprintf. ok deraadt@
|
#
1.20 |
|
13-Apr-2014 |
deraadt |
Remove various horrible socket syscall wrappers, especially SHUTDOWN* which did shutdown + close, all nasty and surprising. Use the raw syscalls that everyone knows the behaviour of. ok beck matthew
|
#
1.19 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.18 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.17 |
|
09-Jan-2009 |
djm |
resolve conflicts
|
#
1.16 |
|
05-Jan-2009 |
djm |
update to openssl-0.9.8i; tested by several, especially krw@
|
#
1.15 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.14 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.13 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.12 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.11 |
|
11-Nov-2003 |
markus |
merge 0.9.7c; minor bugsfixes; API addition: ERR_release_err_state_table [make includes before you build libssl/libcrypto]
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
03-Apr-2003 |
ho |
str{cat,cpy}/sprintf cleanup. markus@, deraadt@ ok
|
#
1.8 |
|
10-Sep-2002 |
markus |
merge openssl-0.9.7-beta3, tested on vax by miod@
|
#
1.7 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.6 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.5 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.47 |
|
03-Apr-2018 |
tb |
KNF: move two opening curly braces of function bodies to their own lines
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.46 |
|
17-Mar-2018 |
beck |
Bring in compatibility for OpenSSL 1.1 style init functions.
This adds OPENSSL_init_crypto and OPENSSL_init_ssl, as well thread safety modifications for the existing LibreSSL init functions. The initialization routines are called automatically by the normal entry points into the library, as in newer OpenSSL
ok jsing@, nits by tb@ and deraadt@
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.45 |
|
20-Feb-2017 |
beck |
Mark ERR_add_error_data and ERR_add_error_vdata as not for internal use, and document ERR_asprintf_error_data as their replacement. ok jsing@, ingo@
|
#
1.44 |
|
07-Feb-2017 |
jsing |
Revert previous; the implementation is incorrect since it assumes that the provided error code matches the error that is currently on the top of the error stack.
|
#
1.43 |
|
07-Feb-2017 |
beck |
Add file and line to the LibreSSL error strings sine we are no longer in 1989, VMS, or MS/DOS and we all run Brobdingnagian C compilers that have can now be counted on to achieve this level of sophistication nearly everywhere. ok jsing@
|
#
1.42 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.41 |
|
09-Nov-2014 |
miod |
GOST crypto algorithms (well, most of them), ported from the removed GOST engine to regular EVP citizens, contributed by Dmitry Eremin-Solenikov; libcrypto bits only for now.
This is a verbatim import of Dmitry's work, and does not compile in this state; the forthcoming commits will address these issues.
None of the GOST code is enabled in libcrypto yet, for it still gets compiled with OPENSSL_NO_GOST defined. However, the public header gost.h will be installed.
|
#
1.40 |
|
05-Oct-2014 |
deraadt |
compile with c89 (code / decl ordering); from Joakim.Tjernlund@transmode.se ok miod
|
#
1.39 |
|
24-Aug-2014 |
bcook |
constify strerror return value
There is no intention to modify the string returned by strerror and doing so is forbidden by the standard.
from Jonas 'Sortie' Termansen
ok tedu@ deraadt@
|
#
1.38 |
|
11-Jul-2014 |
jsing |
Only import cryptlib.h in the four source files that actually need it. Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes.
ok beck@ miod@
|
#
1.37 |
|
10-Jul-2014 |
jsing |
Explicitly include <openssl/opensslconf.h> in every file that references an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included.
This also includes some miscellaneous sorting/tidying of headers.
|
#
1.36 |
|
27-Jun-2014 |
deraadt |
save_errno botch; spotted by miod
|
#
1.35 |
|
27-Jun-2014 |
deraadt |
hand-KNF the remaining bits
|
#
1.34 |
|
26-Jun-2014 |
deraadt |
save errno in ERR_put_error(), so that SYSerr doesn't have any accidental cases where errno can be trashed. ok jsing
|
#
1.33 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.32 |
|
07-Jun-2014 |
deraadt |
malloc() result does not need a cast. ok miod
|
#
1.31 |
|
24-May-2014 |
jsing |
No OPENSSL_SYS_WINDOWS wanted.
ok miod@
|
#
1.30 |
|
24-Apr-2014 |
beck |
add ERR_asprintf_error_data, A tool to be used to get rid of the far too frequent construct of 30 lines of pointer and strlcat insanity followed by an ERR_add_error_data. I will sweep through here like a chubby mongol horde in the next few days pillaging crappy ERR_add_error_data's. Oh and while we're at it fix the nasty vdata function to use something less hard on the eyes. ok jsing@
|
#
1.29 |
|
21-Apr-2014 |
jsing |
KNF.
|
#
1.28 |
|
20-Apr-2014 |
guenther |
Chop off more SSLv2 tentacles and start fixing and noting y2038 issues. APIs that pass times as longs will have to change at some point... Bump major on both libcrypto and libssl.
ok tedu@
|
#
1.27 |
|
19-Apr-2014 |
guenther |
We'll interpret a (void) cast on snprintf() to mean it's been verified that truncation is either desirable, not an issue, or is detected and handled later
ok deraadt@
|
#
1.26 |
|
19-Apr-2014 |
beck |
use intrinsic strlcpy and strlcat everywhere so we only have one set of funcitons to check for incorrect use. keep BUF_strlcpy and BUF_strlcat for API comptibility only. ok tedu@
|
#
1.25 |
|
18-Apr-2014 |
beck |
Unsurprisingly, since <unistd.h> was so darn hard to find for OpenSSL developers they had resorted to manually protyping read(2) instead of incredible amount of preprocessor wizardry needed to find the ever illusive <unistd.h>. Let's just include <unistd.h> and we don't need to do this.. While we're at it flense out _OSD_POSIX and __DGJPP__ cruft. ok krw@
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
16-Apr-2014 |
beck |
Clean up dangerous strncpy use. This included a use where the resulting string was potentially not nul terminated and a place where malloc return was unchecked. while we're at it remove dummytest.c ok miod@
|
#
1.21 |
|
15-Apr-2014 |
beck |
Part 1 of eliminating BIO_snprintf(). This fixes mechanical conversions where the return value is ignored changing to (void) snprintf. ok deraadt@
|
#
1.20 |
|
13-Apr-2014 |
deraadt |
Remove various horrible socket syscall wrappers, especially SHUTDOWN* which did shutdown + close, all nasty and surprising. Use the raw syscalls that everyone knows the behaviour of. ok beck matthew
|
#
1.19 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.18 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.17 |
|
09-Jan-2009 |
djm |
resolve conflicts
|
#
1.16 |
|
05-Jan-2009 |
djm |
update to openssl-0.9.8i; tested by several, especially krw@
|
#
1.15 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.14 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.13 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.12 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.11 |
|
11-Nov-2003 |
markus |
merge 0.9.7c; minor bugsfixes; API addition: ERR_release_err_state_table [make includes before you build libssl/libcrypto]
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
03-Apr-2003 |
ho |
str{cat,cpy}/sprintf cleanup. markus@, deraadt@ ok
|
#
1.8 |
|
10-Sep-2002 |
markus |
merge openssl-0.9.7-beta3, tested on vax by miod@
|
#
1.7 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.6 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.5 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.46 |
|
17-Mar-2018 |
beck |
Bring in compatibility for OpenSSL 1.1 style init functions.
This adds OPENSSL_init_crypto and OPENSSL_init_ssl, as well thread safety modifications for the existing LibreSSL init functions. The initialization routines are called automatically by the normal entry points into the library, as in newer OpenSSL
ok jsing@, nits by tb@ and deraadt@
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.45 |
|
20-Feb-2017 |
beck |
Mark ERR_add_error_data and ERR_add_error_vdata as not for internal use, and document ERR_asprintf_error_data as their replacement. ok jsing@, ingo@
|
#
1.44 |
|
07-Feb-2017 |
jsing |
Revert previous; the implementation is incorrect since it assumes that the provided error code matches the error that is currently on the top of the error stack.
|
#
1.43 |
|
07-Feb-2017 |
beck |
Add file and line to the LibreSSL error strings sine we are no longer in 1989, VMS, or MS/DOS and we all run Brobdingnagian C compilers that have can now be counted on to achieve this level of sophistication nearly everywhere. ok jsing@
|
#
1.42 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.41 |
|
09-Nov-2014 |
miod |
GOST crypto algorithms (well, most of them), ported from the removed GOST engine to regular EVP citizens, contributed by Dmitry Eremin-Solenikov; libcrypto bits only for now.
This is a verbatim import of Dmitry's work, and does not compile in this state; the forthcoming commits will address these issues.
None of the GOST code is enabled in libcrypto yet, for it still gets compiled with OPENSSL_NO_GOST defined. However, the public header gost.h will be installed.
|
#
1.40 |
|
05-Oct-2014 |
deraadt |
compile with c89 (code / decl ordering); from Joakim.Tjernlund@transmode.se ok miod
|
#
1.39 |
|
24-Aug-2014 |
bcook |
constify strerror return value
There is no intention to modify the string returned by strerror and doing so is forbidden by the standard.
from Jonas 'Sortie' Termansen
ok tedu@ deraadt@
|
#
1.38 |
|
11-Jul-2014 |
jsing |
Only import cryptlib.h in the four source files that actually need it. Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes.
ok beck@ miod@
|
#
1.37 |
|
10-Jul-2014 |
jsing |
Explicitly include <openssl/opensslconf.h> in every file that references an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included.
This also includes some miscellaneous sorting/tidying of headers.
|
#
1.36 |
|
27-Jun-2014 |
deraadt |
save_errno botch; spotted by miod
|
#
1.35 |
|
27-Jun-2014 |
deraadt |
hand-KNF the remaining bits
|
#
1.34 |
|
26-Jun-2014 |
deraadt |
save errno in ERR_put_error(), so that SYSerr doesn't have any accidental cases where errno can be trashed. ok jsing
|
#
1.33 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.32 |
|
07-Jun-2014 |
deraadt |
malloc() result does not need a cast. ok miod
|
#
1.31 |
|
24-May-2014 |
jsing |
No OPENSSL_SYS_WINDOWS wanted.
ok miod@
|
#
1.30 |
|
24-Apr-2014 |
beck |
add ERR_asprintf_error_data, A tool to be used to get rid of the far too frequent construct of 30 lines of pointer and strlcat insanity followed by an ERR_add_error_data. I will sweep through here like a chubby mongol horde in the next few days pillaging crappy ERR_add_error_data's. Oh and while we're at it fix the nasty vdata function to use something less hard on the eyes. ok jsing@
|
#
1.29 |
|
21-Apr-2014 |
jsing |
KNF.
|
#
1.28 |
|
20-Apr-2014 |
guenther |
Chop off more SSLv2 tentacles and start fixing and noting y2038 issues. APIs that pass times as longs will have to change at some point... Bump major on both libcrypto and libssl.
ok tedu@
|
#
1.27 |
|
19-Apr-2014 |
guenther |
We'll interpret a (void) cast on snprintf() to mean it's been verified that truncation is either desirable, not an issue, or is detected and handled later
ok deraadt@
|
#
1.26 |
|
19-Apr-2014 |
beck |
use intrinsic strlcpy and strlcat everywhere so we only have one set of funcitons to check for incorrect use. keep BUF_strlcpy and BUF_strlcat for API comptibility only. ok tedu@
|
#
1.25 |
|
18-Apr-2014 |
beck |
Unsurprisingly, since <unistd.h> was so darn hard to find for OpenSSL developers they had resorted to manually protyping read(2) instead of incredible amount of preprocessor wizardry needed to find the ever illusive <unistd.h>. Let's just include <unistd.h> and we don't need to do this.. While we're at it flense out _OSD_POSIX and __DGJPP__ cruft. ok krw@
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
16-Apr-2014 |
beck |
Clean up dangerous strncpy use. This included a use where the resulting string was potentially not nul terminated and a place where malloc return was unchecked. while we're at it remove dummytest.c ok miod@
|
#
1.21 |
|
15-Apr-2014 |
beck |
Part 1 of eliminating BIO_snprintf(). This fixes mechanical conversions where the return value is ignored changing to (void) snprintf. ok deraadt@
|
#
1.20 |
|
13-Apr-2014 |
deraadt |
Remove various horrible socket syscall wrappers, especially SHUTDOWN* which did shutdown + close, all nasty and surprising. Use the raw syscalls that everyone knows the behaviour of. ok beck matthew
|
#
1.19 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.18 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.17 |
|
09-Jan-2009 |
djm |
resolve conflicts
|
#
1.16 |
|
05-Jan-2009 |
djm |
update to openssl-0.9.8i; tested by several, especially krw@
|
#
1.15 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.14 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.13 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.12 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.11 |
|
11-Nov-2003 |
markus |
merge 0.9.7c; minor bugsfixes; API addition: ERR_release_err_state_table [make includes before you build libssl/libcrypto]
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
03-Apr-2003 |
ho |
str{cat,cpy}/sprintf cleanup. markus@, deraadt@ ok
|
#
1.8 |
|
10-Sep-2002 |
markus |
merge openssl-0.9.7-beta3, tested on vax by miod@
|
#
1.7 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.6 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.5 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.45 |
|
20-Feb-2017 |
beck |
Mark ERR_add_error_data and ERR_add_error_vdata as not for internal use, and document ERR_asprintf_error_data as their replacement. ok jsing@, ingo@
|
#
1.44 |
|
07-Feb-2017 |
jsing |
Revert previous; the implementation is incorrect since it assumes that the provided error code matches the error that is currently on the top of the error stack.
|
#
1.43 |
|
07-Feb-2017 |
beck |
Add file and line to the LibreSSL error strings sine we are no longer in 1989, VMS, or MS/DOS and we all run Brobdingnagian C compilers that have can now be counted on to achieve this level of sophistication nearly everywhere. ok jsing@
|
#
1.42 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.41 |
|
09-Nov-2014 |
miod |
GOST crypto algorithms (well, most of them), ported from the removed GOST engine to regular EVP citizens, contributed by Dmitry Eremin-Solenikov; libcrypto bits only for now.
This is a verbatim import of Dmitry's work, and does not compile in this state; the forthcoming commits will address these issues.
None of the GOST code is enabled in libcrypto yet, for it still gets compiled with OPENSSL_NO_GOST defined. However, the public header gost.h will be installed.
|
#
1.40 |
|
05-Oct-2014 |
deraadt |
compile with c89 (code / decl ordering); from Joakim.Tjernlund@transmode.se ok miod
|
#
1.39 |
|
24-Aug-2014 |
bcook |
constify strerror return value
There is no intention to modify the string returned by strerror and doing so is forbidden by the standard.
from Jonas 'Sortie' Termansen
ok tedu@ deraadt@
|
#
1.38 |
|
11-Jul-2014 |
jsing |
Only import cryptlib.h in the four source files that actually need it. Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes.
ok beck@ miod@
|
#
1.37 |
|
10-Jul-2014 |
jsing |
Explicitly include <openssl/opensslconf.h> in every file that references an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included.
This also includes some miscellaneous sorting/tidying of headers.
|
#
1.36 |
|
27-Jun-2014 |
deraadt |
save_errno botch; spotted by miod
|
#
1.35 |
|
27-Jun-2014 |
deraadt |
hand-KNF the remaining bits
|
#
1.34 |
|
26-Jun-2014 |
deraadt |
save errno in ERR_put_error(), so that SYSerr doesn't have any accidental cases where errno can be trashed. ok jsing
|
#
1.33 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.32 |
|
07-Jun-2014 |
deraadt |
malloc() result does not need a cast. ok miod
|
#
1.31 |
|
24-May-2014 |
jsing |
No OPENSSL_SYS_WINDOWS wanted.
ok miod@
|
#
1.30 |
|
24-Apr-2014 |
beck |
add ERR_asprintf_error_data, A tool to be used to get rid of the far too frequent construct of 30 lines of pointer and strlcat insanity followed by an ERR_add_error_data. I will sweep through here like a chubby mongol horde in the next few days pillaging crappy ERR_add_error_data's. Oh and while we're at it fix the nasty vdata function to use something less hard on the eyes. ok jsing@
|
#
1.29 |
|
21-Apr-2014 |
jsing |
KNF.
|
#
1.28 |
|
20-Apr-2014 |
guenther |
Chop off more SSLv2 tentacles and start fixing and noting y2038 issues. APIs that pass times as longs will have to change at some point... Bump major on both libcrypto and libssl.
ok tedu@
|
#
1.27 |
|
19-Apr-2014 |
guenther |
We'll interpret a (void) cast on snprintf() to mean it's been verified that truncation is either desirable, not an issue, or is detected and handled later
ok deraadt@
|
#
1.26 |
|
19-Apr-2014 |
beck |
use intrinsic strlcpy and strlcat everywhere so we only have one set of funcitons to check for incorrect use. keep BUF_strlcpy and BUF_strlcat for API comptibility only. ok tedu@
|
#
1.25 |
|
18-Apr-2014 |
beck |
Unsurprisingly, since <unistd.h> was so darn hard to find for OpenSSL developers they had resorted to manually protyping read(2) instead of incredible amount of preprocessor wizardry needed to find the ever illusive <unistd.h>. Let's just include <unistd.h> and we don't need to do this.. While we're at it flense out _OSD_POSIX and __DGJPP__ cruft. ok krw@
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
16-Apr-2014 |
beck |
Clean up dangerous strncpy use. This included a use where the resulting string was potentially not nul terminated and a place where malloc return was unchecked. while we're at it remove dummytest.c ok miod@
|
#
1.21 |
|
15-Apr-2014 |
beck |
Part 1 of eliminating BIO_snprintf(). This fixes mechanical conversions where the return value is ignored changing to (void) snprintf. ok deraadt@
|
#
1.20 |
|
13-Apr-2014 |
deraadt |
Remove various horrible socket syscall wrappers, especially SHUTDOWN* which did shutdown + close, all nasty and surprising. Use the raw syscalls that everyone knows the behaviour of. ok beck matthew
|
#
1.19 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.18 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.17 |
|
09-Jan-2009 |
djm |
resolve conflicts
|
#
1.16 |
|
05-Jan-2009 |
djm |
update to openssl-0.9.8i; tested by several, especially krw@
|
#
1.15 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.14 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.13 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.12 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.11 |
|
11-Nov-2003 |
markus |
merge 0.9.7c; minor bugsfixes; API addition: ERR_release_err_state_table [make includes before you build libssl/libcrypto]
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
03-Apr-2003 |
ho |
str{cat,cpy}/sprintf cleanup. markus@, deraadt@ ok
|
#
1.8 |
|
10-Sep-2002 |
markus |
merge openssl-0.9.7-beta3, tested on vax by miod@
|
#
1.7 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.6 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.5 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|