Up to [local] / src / lib / libssl
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.6 / (download) - annotate - [select for diffs], Sat Nov 26 16:08:56 2022 UTC (18 months ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
HEAD
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)
Make internal header file names consistent Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special. Adjust all .c files in libcrypto, libssl and regress. The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually. discussed with jsing, no objection bcook
Revision 1.5 / (download) - annotate - [select for diffs], Tue Jun 7 17:19:09 2022 UTC (23 months, 3 weeks ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)
The master_key_length can no longer be < 0 ok jsing
Revision 1.4 / (download) - annotate - [select for diffs], Sat Feb 5 14:54:10 2022 UTC (2 years, 3 months ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.3: +9 -9 lines
Diff to previous 1.3 (colored)
Bye bye S3I. S3I has served us well, however now that libssl is fully opaque it is time to say goodbye. Aside from removing the calloc/free/memset, the rest is mechanical sed. ok inoguchi@ tb@
Revision 1.3 / (download) - annotate - [select for diffs], Sun May 2 15:57:29 2021 UTC (3 years, 1 month ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.2: +4 -1 lines
Diff to previous 1.2 (colored)
Harden tls12_finished_verify_data() by checking master key length. Require master key length to be greater than zero if we're asked to derive verify data for a finished or peer finished message. ok tb@
Revision 1.2 / (download) - annotate - [select for diffs], Fri Apr 30 19:26:45 2021 UTC (3 years, 1 month ago) by jsing
Branch: MAIN
Changes since 1.1: +23 -0 lines
Diff to previous 1.1 (colored)
Clean up and harden TLSv1.2 master key derivation. The master key and its length are only stored in one location, so it makes no sense to handle these outside of the derivation function (the current 'out' argument is unused). This simplifies the various call sites. If derivation fails for some reason, fail hard rather than continuing on and hoping that something deals with this correctly later. ok inoguchi@ tb@
Revision 1.1 / (download) - annotate - [select for diffs], Sun Apr 25 13:15:23 2021 UTC (3 years, 1 month ago) by jsing
Branch: MAIN
Clean up derivation of finished/peer finished. Make this process more readable by having specific client/server functions, calling the correct one based on s->server. This allows to remove various SSL_ST_ACCEPT/SSL_ST_CONNECT checks, along with duplicate code. ok inoguchi@ tb@