#
1.23 |
|
08-Jul-2023 |
beck |
Hide symbols in cast, idea, and ocsp
ok tb@
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.22 |
|
26-Nov-2022 |
tb |
Make internal header file names consistent
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually.
discussed with jsing, no objection bcook
|
Revision tags: OPENBSD_7_1_BASE OPENBSD_7_2_BASE
|
#
1.21 |
|
22-Jan-2022 |
inoguchi |
X509_GET_PUBKEY(3) return value check in libcrypto
ok beck@ tb@
suggest using X509_get0_pubkey() and remove EVP_PKEY_free() from tb@
|
#
1.20 |
|
07-Jan-2022 |
tb |
Add an essentially empty ocsp_local.h and include it in the files that will need it in the upcoming bump.
discussed with jsing
|
#
1.19 |
|
24-Nov-2021 |
tb |
Fix OCSP_basic_verify() cert chain construction in case the OCSP_BASICRESP bs contains no certificates.
From David von Oheimb (OpenSSL 121738d1)
ok beck
|
#
1.18 |
|
24-Nov-2021 |
tb |
Simplify slightly by using X509_get0_pubkey() thus eliminating the need for EVP_PKEY_free().
ok beck
|
#
1.17 |
|
01-Nov-2021 |
tb |
Move the now internal X.509-related structs into x509_lcl.h. Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and fix a couple of unnecessary reacharounds.
ok jsing
|
#
1.16 |
|
24-Oct-2021 |
tb |
Prepare to provide a bunch of OCSP_resp_* getters.
ok beck jsing
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.15 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.14 |
|
05-Nov-2016 |
miod |
X509_STORE_CTX_set_*() may fail, so check for errors.
ok beck@
|
#
1.13 |
|
05-Jul-2016 |
beck |
Add several fixes from OpenSSL to make OCSP work with intermediate certificates provided in the response. - makes our newly added ocsp regress test pass too.. ok bcook@
|
#
1.12 |
|
09-Jul-2014 |
tedu |
ocsp_check_ids says "If algoritm mismatch let caller deal with it" before returning 2. The one and only caller doesn't check for that, so... Stop returning it. ok miod
|
#
1.11 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.10 |
|
18-May-2014 |
jsing |
More KNF.
|
#
1.9 |
|
17-May-2014 |
miod |
KNF
|
#
1.8 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.7 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.6 |
|
14-Feb-2013 |
markus |
cherry pick bugfixes for http://www.openssl.org/news/secadv_20130205.txt from the openssl git (changes between openssl 1.0.1c and 1.0.1d). ok djm@
|
#
1.5 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.4 |
|
09-Jan-2009 |
djm |
resolve conflicts
|
#
1.3 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.2 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.1 |
|
15-May-2002 |
beck |
branches: 1.1.1; OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.22 |
|
26-Nov-2022 |
tb |
Make internal header file names consistent
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually.
discussed with jsing, no objection bcook
|
Revision tags: OPENBSD_7_1_BASE OPENBSD_7_2_BASE
|
#
1.21 |
|
22-Jan-2022 |
inoguchi |
X509_GET_PUBKEY(3) return value check in libcrypto
ok beck@ tb@
suggest using X509_get0_pubkey() and remove EVP_PKEY_free() from tb@
|
#
1.20 |
|
07-Jan-2022 |
tb |
Add an essentially empty ocsp_local.h and include it in the files that will need it in the upcoming bump.
discussed with jsing
|
#
1.19 |
|
24-Nov-2021 |
tb |
Fix OCSP_basic_verify() cert chain construction in case the OCSP_BASICRESP bs contains no certificates.
From David von Oheimb (OpenSSL 121738d1)
ok beck
|
#
1.18 |
|
24-Nov-2021 |
tb |
Simplify slightly by using X509_get0_pubkey() thus eliminating the need for EVP_PKEY_free().
ok beck
|
#
1.17 |
|
01-Nov-2021 |
tb |
Move the now internal X.509-related structs into x509_lcl.h. Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and fix a couple of unnecessary reacharounds.
ok jsing
|
#
1.16 |
|
24-Oct-2021 |
tb |
Prepare to provide a bunch of OCSP_resp_* getters.
ok beck jsing
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.15 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.14 |
|
05-Nov-2016 |
miod |
X509_STORE_CTX_set_*() may fail, so check for errors.
ok beck@
|
#
1.13 |
|
05-Jul-2016 |
beck |
Add several fixes from OpenSSL to make OCSP work with intermediate certificates provided in the response. - makes our newly added ocsp regress test pass too.. ok bcook@
|
#
1.12 |
|
09-Jul-2014 |
tedu |
ocsp_check_ids says "If algoritm mismatch let caller deal with it" before returning 2. The one and only caller doesn't check for that, so... Stop returning it. ok miod
|
#
1.11 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.10 |
|
18-May-2014 |
jsing |
More KNF.
|
#
1.9 |
|
17-May-2014 |
miod |
KNF
|
#
1.8 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.7 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.6 |
|
14-Feb-2013 |
markus |
cherry pick bugfixes for http://www.openssl.org/news/secadv_20130205.txt from the openssl git (changes between openssl 1.0.1c and 1.0.1d). ok djm@
|
#
1.5 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.4 |
|
09-Jan-2009 |
djm |
resolve conflicts
|
#
1.3 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.2 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.1 |
|
15-May-2002 |
beck |
branches: 1.1.1; OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.21 |
|
22-Jan-2022 |
inoguchi |
X509_GET_PUBKEY(3) return value check in libcrypto
ok beck@ tb@
suggest using X509_get0_pubkey() and remove EVP_PKEY_free() from tb@
|
#
1.20 |
|
07-Jan-2022 |
tb |
Add an essentially empty ocsp_local.h and include it in the files that will need it in the upcoming bump.
discussed with jsing
|
#
1.19 |
|
24-Nov-2021 |
tb |
Fix OCSP_basic_verify() cert chain construction in case the OCSP_BASICRESP bs contains no certificates.
From David von Oheimb (OpenSSL 121738d1)
ok beck
|
#
1.18 |
|
24-Nov-2021 |
tb |
Simplify slightly by using X509_get0_pubkey() thus eliminating the need for EVP_PKEY_free().
ok beck
|
#
1.17 |
|
01-Nov-2021 |
tb |
Move the now internal X.509-related structs into x509_lcl.h. Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and fix a couple of unnecessary reacharounds.
ok jsing
|
#
1.16 |
|
24-Oct-2021 |
tb |
Prepare to provide a bunch of OCSP_resp_* getters.
ok beck jsing
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.15 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.14 |
|
05-Nov-2016 |
miod |
X509_STORE_CTX_set_*() may fail, so check for errors.
ok beck@
|
#
1.13 |
|
05-Jul-2016 |
beck |
Add several fixes from OpenSSL to make OCSP work with intermediate certificates provided in the response. - makes our newly added ocsp regress test pass too.. ok bcook@
|
#
1.12 |
|
09-Jul-2014 |
tedu |
ocsp_check_ids says "If algoritm mismatch let caller deal with it" before returning 2. The one and only caller doesn't check for that, so... Stop returning it. ok miod
|
#
1.11 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.10 |
|
18-May-2014 |
jsing |
More KNF.
|
#
1.9 |
|
17-May-2014 |
miod |
KNF
|
#
1.8 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.7 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.6 |
|
14-Feb-2013 |
markus |
cherry pick bugfixes for http://www.openssl.org/news/secadv_20130205.txt from the openssl git (changes between openssl 1.0.1c and 1.0.1d). ok djm@
|
#
1.5 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.4 |
|
09-Jan-2009 |
djm |
resolve conflicts
|
#
1.3 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.2 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.1 |
|
15-May-2002 |
beck |
branches: 1.1.1; OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.20 |
|
07-Jan-2022 |
tb |
Add an essentially empty ocsp_local.h and include it in the files that will need it in the upcoming bump.
discussed with jsing
|
#
1.19 |
|
24-Nov-2021 |
tb |
Fix OCSP_basic_verify() cert chain construction in case the OCSP_BASICRESP bs contains no certificates.
From David von Oheimb (OpenSSL 121738d1)
ok beck
|
#
1.18 |
|
24-Nov-2021 |
tb |
Simplify slightly by using X509_get0_pubkey() thus eliminating the need for EVP_PKEY_free().
ok beck
|
#
1.17 |
|
01-Nov-2021 |
tb |
Move the now internal X.509-related structs into x509_lcl.h. Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and fix a couple of unnecessary reacharounds.
ok jsing
|
#
1.16 |
|
24-Oct-2021 |
tb |
Prepare to provide a bunch of OCSP_resp_* getters.
ok beck jsing
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.15 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.14 |
|
05-Nov-2016 |
miod |
X509_STORE_CTX_set_*() may fail, so check for errors.
ok beck@
|
#
1.13 |
|
05-Jul-2016 |
beck |
Add several fixes from OpenSSL to make OCSP work with intermediate certificates provided in the response. - makes our newly added ocsp regress test pass too.. ok bcook@
|
#
1.12 |
|
09-Jul-2014 |
tedu |
ocsp_check_ids says "If algoritm mismatch let caller deal with it" before returning 2. The one and only caller doesn't check for that, so... Stop returning it. ok miod
|
#
1.11 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.10 |
|
18-May-2014 |
jsing |
More KNF.
|
#
1.9 |
|
17-May-2014 |
miod |
KNF
|
#
1.8 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.7 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.6 |
|
14-Feb-2013 |
markus |
cherry pick bugfixes for http://www.openssl.org/news/secadv_20130205.txt from the openssl git (changes between openssl 1.0.1c and 1.0.1d). ok djm@
|
#
1.5 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.4 |
|
09-Jan-2009 |
djm |
resolve conflicts
|
#
1.3 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.2 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.1 |
|
15-May-2002 |
beck |
branches: 1.1.1; OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.19 |
|
24-Nov-2021 |
tb |
Fix OCSP_basic_verify() cert chain construction in case the OCSP_BASICRESP bs contains no certificates.
From David von Oheimb (OpenSSL 121738d1)
ok beck
|
#
1.18 |
|
24-Nov-2021 |
tb |
Simplify slightly by using X509_get0_pubkey() thus eliminating the need for EVP_PKEY_free().
ok beck
|
#
1.17 |
|
01-Nov-2021 |
tb |
Move the now internal X.509-related structs into x509_lcl.h. Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and fix a couple of unnecessary reacharounds.
ok jsing
|
#
1.16 |
|
24-Oct-2021 |
tb |
Prepare to provide a bunch of OCSP_resp_* getters.
ok beck jsing
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.15 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.14 |
|
05-Nov-2016 |
miod |
X509_STORE_CTX_set_*() may fail, so check for errors.
ok beck@
|
#
1.13 |
|
05-Jul-2016 |
beck |
Add several fixes from OpenSSL to make OCSP work with intermediate certificates provided in the response. - makes our newly added ocsp regress test pass too.. ok bcook@
|
#
1.12 |
|
09-Jul-2014 |
tedu |
ocsp_check_ids says "If algoritm mismatch let caller deal with it" before returning 2. The one and only caller doesn't check for that, so... Stop returning it. ok miod
|
#
1.11 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.10 |
|
18-May-2014 |
jsing |
More KNF.
|
#
1.9 |
|
17-May-2014 |
miod |
KNF
|
#
1.8 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.7 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.6 |
|
14-Feb-2013 |
markus |
cherry pick bugfixes for http://www.openssl.org/news/secadv_20130205.txt from the openssl git (changes between openssl 1.0.1c and 1.0.1d). ok djm@
|
#
1.5 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.4 |
|
09-Jan-2009 |
djm |
resolve conflicts
|
#
1.3 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.2 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.1 |
|
15-May-2002 |
beck |
branches: 1.1.1; OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.17 |
|
01-Nov-2021 |
tb |
Move the now internal X.509-related structs into x509_lcl.h. Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and fix a couple of unnecessary reacharounds.
ok jsing
|
#
1.16 |
|
24-Oct-2021 |
tb |
Prepare to provide a bunch of OCSP_resp_* getters.
ok beck jsing
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.15 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.14 |
|
05-Nov-2016 |
miod |
X509_STORE_CTX_set_*() may fail, so check for errors.
ok beck@
|
#
1.13 |
|
05-Jul-2016 |
beck |
Add several fixes from OpenSSL to make OCSP work with intermediate certificates provided in the response. - makes our newly added ocsp regress test pass too.. ok bcook@
|
#
1.12 |
|
09-Jul-2014 |
tedu |
ocsp_check_ids says "If algoritm mismatch let caller deal with it" before returning 2. The one and only caller doesn't check for that, so... Stop returning it. ok miod
|
#
1.11 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.10 |
|
18-May-2014 |
jsing |
More KNF.
|
#
1.9 |
|
17-May-2014 |
miod |
KNF
|
#
1.8 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.7 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.6 |
|
14-Feb-2013 |
markus |
cherry pick bugfixes for http://www.openssl.org/news/secadv_20130205.txt from the openssl git (changes between openssl 1.0.1c and 1.0.1d). ok djm@
|
#
1.5 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.4 |
|
09-Jan-2009 |
djm |
resolve conflicts
|
#
1.3 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.2 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.1 |
|
15-May-2002 |
beck |
branches: 1.1.1; OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.16 |
|
24-Oct-2021 |
tb |
Prepare to provide a bunch of OCSP_resp_* getters.
ok beck jsing
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.15 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.14 |
|
05-Nov-2016 |
miod |
X509_STORE_CTX_set_*() may fail, so check for errors.
ok beck@
|
#
1.13 |
|
05-Jul-2016 |
beck |
Add several fixes from OpenSSL to make OCSP work with intermediate certificates provided in the response. - makes our newly added ocsp regress test pass too.. ok bcook@
|
#
1.12 |
|
09-Jul-2014 |
tedu |
ocsp_check_ids says "If algoritm mismatch let caller deal with it" before returning 2. The one and only caller doesn't check for that, so... Stop returning it. ok miod
|
#
1.11 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.10 |
|
18-May-2014 |
jsing |
More KNF.
|
#
1.9 |
|
17-May-2014 |
miod |
KNF
|
#
1.8 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.7 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.6 |
|
14-Feb-2013 |
markus |
cherry pick bugfixes for http://www.openssl.org/news/secadv_20130205.txt from the openssl git (changes between openssl 1.0.1c and 1.0.1d). ok djm@
|
#
1.5 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.4 |
|
09-Jan-2009 |
djm |
resolve conflicts
|
#
1.3 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.2 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.1 |
|
15-May-2002 |
beck |
branches: 1.1.1; OpenSSL 0.9.7 stable 2002 05 08 merge
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.15 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.14 |
|
05-Nov-2016 |
miod |
X509_STORE_CTX_set_*() may fail, so check for errors.
ok beck@
|
#
1.13 |
|
05-Jul-2016 |
beck |
Add several fixes from OpenSSL to make OCSP work with intermediate certificates provided in the response. - makes our newly added ocsp regress test pass too.. ok bcook@
|
#
1.12 |
|
09-Jul-2014 |
tedu |
ocsp_check_ids says "If algoritm mismatch let caller deal with it" before returning 2. The one and only caller doesn't check for that, so... Stop returning it. ok miod
|
#
1.11 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.10 |
|
18-May-2014 |
jsing |
More KNF.
|
#
1.9 |
|
17-May-2014 |
miod |
KNF
|
#
1.8 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.7 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.6 |
|
14-Feb-2013 |
markus |
cherry pick bugfixes for http://www.openssl.org/news/secadv_20130205.txt from the openssl git (changes between openssl 1.0.1c and 1.0.1d). ok djm@
|
#
1.5 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.4 |
|
09-Jan-2009 |
djm |
resolve conflicts
|
#
1.3 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.2 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.1 |
|
15-May-2002 |
beck |
branches: 1.1.1; OpenSSL 0.9.7 stable 2002 05 08 merge
|