summaryrefslogtreecommitdiffstats
path: root/lib/libssl/ssl (follow)
Commit message (Collapse)AuthorAgeFilesLines
* bump the major for libcrypto/ssl/tls for a CRYPTO_chacha_20 ABI changebcook2015-12-091-2/+2
| | | | ok jsing@, deraadt@, beck@
* bump minors after adding EVP_aead_chacha20_poly1305_ietf()reyk2015-11-021-1/+1
| | | | OK jsing@
* Crank major version due to removal of SHA-0 and MD4 from libcrypto.doug2015-09-131-2/+2
|
* Mechanical minor bump to follow libcrypto.miod2015-09-131-1/+1
|
* Merge the remnants of s3_enc.c into t1_enc.c.jsing2015-09-111-2/+2
| | | | ok beck@
* Put the *method* data structures and functions in the same place.jsing2015-09-111-2/+2
| | | | | | | We can also now nuke ssl23_get_method() since it is the same as tls1_get_method(). And the empty file can bite the dust. ok bcook@ miod@
* Remove SSLv3 method data structs and unlink s3_meth.c from the build.doug2015-08-291-2/+2
| | | | ok jsing@
* Crank major version for libssl and libtls due to SSLv3 removal.doug2015-08-271-1/+1
|
* Remove OpenSSL engine RSAX.doug2015-07-191-1/+1
| | | | | | | | | OpenSSL stopped building it last year and removed it this year. Based on OpenSSL commit c436e05bdc7f49985a750df64122c960240b3ae1. Also cranked major version in libcrypto, libssl and libtls. "fine with me" bcook@ miod@
* Crank major and remove legacy variables.doug2015-07-191-1/+1
| | | | | | Libtls is riding this crank. ok miod@ bcook@
* Fix pointer to unsigned long conversion.doug2015-06-271-2/+2
| | | | | | | bcook@ notes that this check really only impacted 64-bit Windows. Also, changed the check to be unsigned for consistency. ok bcook@
* Crank major for libcrypto, ssl and tls due to MDC-2DES removal.doug2015-06-201-1/+1
| | | | ok miod@ jsing@
* Fix library search path so we link against the freshly built libcrypto.sotobiasu2015-06-051-2/+2
| | | | | | instead of a stale one. ok miod@ mpi@
* Use a relative path against BSDOBJDIR to pick libcrypto; makes cross-libmiod2015-05-261-2/+2
| | | | work again.
* Record inter-library dependencies between libcrypto, libssl and libtlskettenis2015-05-172-1/+4
|
* Bump libcrypto and libssl majors, due to various recent churn.jsing2015-02-221-1/+1
| | | | Discussed with/requested by deraadt@ at the conclusion of s2k15.
* Crank libssl major due to the recent changes and removals.jsing2015-02-071-2/+2
| | | | ok beck@ deraadt@ miod@
* Stop defining TERMIOS, ANSI_SOURCE and OPENSSL_NO_RC5 for libssl builds.jsing2015-02-071-3/+1
| | | | | | | The first two are unused in libssl/libcrypto and OPENSSL_NO_RC5 is already defined via openssl/opensslfeatures.h. ok beck@ doug@ miod@
* Import BoringSSL's crypto bytestring and crypto bytebuilder APIs.doug2015-02-061-1/+2
| | | | | | | | | | | | | | This is imported with as few changes as possible for the initial commit. I removed OPENSSL_EXPORT, replaced OPENSSL_malloc() etc with malloc() and changed a few header includes. BoringSSL has this as part of their public API. We're leaving it internal to libssl for now. Based on BoringSSL's CBB/CBS API as of commit c5cc15b4f5b1d6e9b9112cb8d30205a638aa2c54. input + ok jsing@, miod@
* Support CA verification in chroot'ed processes without direct filereyk2015-01-221-1/+1
| | | | | | | | | | access to the certificates. SSL_CTX_load_verify_mem() is a frontend to the new X509_STORE_load_mem() function that allows to load the CA chain from a memory buffer that is holding the PEM-encoded files. This function allows to handle the verification in privsep'ed code. Adopted for LibreSSL based on older code from relayd (by pyr@ and myself) With feedback and OK bluhm@
* libssl major++jsing2014-12-101-1/+1
|
* Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.miod2014-11-181-1/+1
| | | | | This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
* Crank libssl major due to recent additions, removals and changes.jsing2014-10-311-2/+2
|
* Bump minor version for ECDH auto.jsing2014-10-031-1/+1
| | | | | While there are no additional symbols, there is an additional command that clients will potentially depend on.
* Bump minor after adding SSL_CTX_use_certificate_chain().reyk2014-09-281-1/+1
| | | | ok jsing@ miod@
* -DOPENSSL_NO_KRB5 is no longer neededderaadt2014-07-121-2/+2
| | | | ok guenther
* enough churn, a crank is advised by guenther..deraadt2014-07-121-1/+1
|
* crank major for decompression featuretedu2014-07-101-1/+1
|
* Remove support for the `opaque PRF input' extension, which draft has expiredmiod2014-06-131-2/+2
| | | | | | | | 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major. With help and enlightenment from Brendan MacDonell.
* Make make includes work again without kssl.hbeck2014-05-291-2/+2
|
* define LIBRESSL_INTERNAL, and use it to hide the bad stuff from ourselvestedu2014-05-251-1/+2
| | | | ok beck
* Omit -Werror if building with gcc3, for it triggers "redefinition of `pqueue'"miod2014-05-181-2/+6
| | | | warnings now that pqueue.h has been removed from public scope.
* No longer make pqueue.h a public (and installed) header file. Replace itsmiod2014-05-151-2/+2
| | | | | | | | | inclusion in <ssl/dtls1.h> by the benign `struct _pqueue; typedef struct _pqueue *pqueue;'. Note that said dtls1.h should probably be considered a private header as well... ok beck@
* Move the `pqueue' part of libcrypto, which is a glorified sorted linked listmiod2014-05-122-4/+5
| | | | | | | | | | | | | of 64-bit data, and only used by DTLS, to libssl where it belongs. Remove pqueue_print() which is a debugging interface and serves no useful purpose, except for the regress test, which grows its own pqueue_print() routine. Bump libcrypto major and libssl minor. WARNING: do not update your tree right now, more changes are coming, which will ride the libcrypto major bump.
* Remove SRP and Kerberos support from libssl. These are complex protocolstedu2014-05-051-2/+2
| | | | | all on their own and we can't effectively maintain them without using them, which we don't. If the need arises, the code can be resurrected.
* Make libssl and libcrypto compile with -Werrorbeck2014-04-231-2/+2
| | | | ok miod@
* Chop off more SSLv2 tentacles and start fixing and noting y2038 issues.guenther2014-04-201-1/+1
| | | | | | | APIs that pass times as longs will have to change at some point... Bump major on both libcrypto and libssl. ok tedu@
* -Walltedu2014-04-171-1/+2
|
* TANSTAAFL - delete the buf freelist code. if you need a better malloc, gettedu2014-04-161-2/+1
| | | | a better malloc. ok beck deraadt
* add back SRP. i was being too greedy.tedu2014-04-161-2/+2
|
* disentangle SRP code from TLStedu2014-04-161-2/+2
|
* remove ssl2 support even more completely.tedu2014-04-151-3/+1
| | | | | | in the process, always include ssl3 and tls1, we don't need config options for them. when the time comes to expire ssl3, it will be with an ax. checked by miod
* Crank major for libcrypto and libssl; more symbol removals to occur during themiod2014-04-151-1/+1
| | | | | next few moments, don't rush your update. Requested by deraadt@
* o_dir.c has a questionable odor.. now that we got rid of OPENSSL_DIR_XXXbeck2014-04-141-2/+1
| | | | | | remove it from the build.. we can cvs rm it and the files it includes once we know for sure ports are good. ok deraadt@
* make OPENSSL_NO_HEARTBLEED the default and only option. ok deraadt miodtedu2014-04-141-2/+2
|
* Move undocumented internal OPENSSL_DIR interface from libcrypto to libssl,miod2014-04-131-2/+3
| | | | | | so that libssl no longer need to access the non-external headers of libcrypto to build. No library bump, riding upon the recent update.
* Crank libcrypto minor (addition of BN_consttime_swap and CRYPTO_memcmp)miod2014-04-131-1/+1
| | | | and libssl major (ssl_check_clienthello_tlsext split into two functions)
* Move build machinery for libcrypto from libssl/crypto to libcrypto, as wellmiod2014-04-111-5/+4
| | | | | | | | | as configuration files; split manpages and .pc files between libcrypto and libssl. No functional change, only there to make engineering easier, and libcrypto sources are still found in libssl/src/crypto at the moment. ok reyk@, also discussed with deraadt@ beck@ and the usual crypto suspects.
* oops, typo, spotted by Matthias Schelerderaadt2014-04-101-2/+2
|
* crank major; struct ssl_ctx_st changes; ok teduderaadt2014-04-101-1/+1
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.