summaryrefslogtreecommitdiffstats
path: root/lib (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Add missing RCS tag.tb2019-12-031-0/+1
|
* Fix typo: ECHD -> ECDH.tb2019-12-031-4/+4
| | | | From Michael Forney, thanks!
* fwide() does not unlock if error was occurred.asou2019-12-031-2/+4
| | | | ok guenther@ and deraadt
* comply with POSIX and make execve() return EACCES for directoriesnaddy2019-12-011-4/+2
| | | | ok millert@ deraadt@
* crank libelf major for exec_elf.h changesjsg2019-12-011-1/+1
|
* bump libcbor after symbol addition; ok deraadt@naddy2019-11-281-1/+1
|
* Fix typo in comment in struct pcap_pkthdrakoshibe2019-11-281-2/+2
|
* update to libcbor rev 56a43b1e799; this includes a number of fixesdjm2019-11-2840-3396/+3347
| | | | | | for unaligned accesses, requested by miod@ ok deraadt@
* tweak previous: add missing name after .Fn, delete stray .Pp,schwarze2019-11-271-4/+2
| | | | and drop NetBSD RCS tag apparently left over from copy & paste
* Document msyscall(2): ld.so can use this (once only) to tell the kernelderaadt2019-11-272-2/+76
| | | | | | | where libc.so's text segment is, thereby allowing invocation of system calls from that region. An upcoming change will kill the process if a system call is invoked from addresses not explicitly permitted. ok guenther kettenis mortimer
* sync upstream commit with manpage fixes from jmc@djm2019-11-2717-59/+59
| | | | | | | | > commit 437896dcafc67d9596774c3bb9f97bfdb4810bb1 > Author: pedro martelletto <pedro@yubico.com> > Date: Wed Nov 20 09:38:22 2019 +0100 > > man: mop up dangling .Xr's; Jason McIntyre <jmc@openbsd.org>
* Add support for TLS 1.3 post handshake messages and key updating.beck2019-11-263-20/+217
| | | | | | tested against openssl 1.1's server. ok jsing@ tb@
* gcc3, like clang and unlike our gcc4, doesn't support redirecting builtinsguenther2019-11-251-6/+12
| | | | | | | like mem{set,cpy,move} or __stack_smash_handler using asm() renaming. So treat gcc3 like clang and mark such functions as protected instead. ok ayoma@
* A touch of style(9)tim2019-11-211-6/+6
| | | | OK tb@ tedu@
* Use explicit_bzero() to clear key materialtim2019-11-211-1/+2
| | | | OK tb@ tedu@
* zero tmpout too. reminded by related diff from timtedu2019-11-211-1/+2
|
* overwrite the key in failure modes in case the caller doesn't check.tedu2019-11-212-7/+17
| | | | ok deraadt
* Add accessors to change the buffer in a handshake message.beck2019-11-203-3/+20
| | | | | | Needed for doing TLS 1.3 Post Handshake Handshake messages. ok jsing@
* Fix rsa key output formatinoguchi2019-11-201-5/+12
| | | | | | This fixes openssl(1) rsa -text output format ok tb@
* Sync documentation fixes from upstream:djm2019-11-1928-660/+39
| | | | | | | | | | | commit 99c4cb00b50b846e4ba2492f67d44171de8c7066 Author: pedro martelletto <pedro@yubico.com> Date: Mon Nov 18 16:55:37 2019 +0100 documentation fixes ensure man pages are named after existing functions; pointed out by Jason McIntyre <jmc@openbsd.org>; thanks!
* Add prototypes for the functions that update application secretsbeck2019-11-181-1/+3
| | | | so that the regress tests will work for them
* Provide a clean interface for sending TLSv1.3 alerts.jsing2019-11-182-5/+17
| | | | ok beck@
* Change tls13_record_layer_phh() to take a CBS as this avoids ownershipjsing2019-11-172-8/+6
| | | | | | issues and makes call sites cleaner. ok beck@
* Correct update of application traffic secrets to use an empty contextbeck2019-11-171-3/+7
| | | | | | rather than the hash of an empty context ok jsing@
* Bring back the ssl_shutdown internal method pointer.jsing2019-11-173-4/+21
| | | | | | | For now ssl3_shutdown() is called in all cases, however TLSv1.3 will soon get its own version. ok beck@
* Add a reference for the non-standard post-handshake handshake (PHH).tb2019-11-171-2/+2
| | | | ok beck, jsing
* Ensure that we are never operating in plaintext mode once the handshakejsing2019-11-171-1/+7
| | | | | | is complete, which should never occur. ok beck@
* Provide framework for sending alerts and post-handshake handshake messages.jsing2019-11-172-15/+174
| | | | | | Discussed at length with beck@ ok beck@ tb@
* indent with a tab instead of 8 spacestb2019-11-171-2/+2
|
* Move the TLSv1.3 server message handling stubs.jsing2019-11-172-125/+125
|
* Add the initial framework for the TLSv1.3 server.jsing2019-11-173-3/+84
| | | | ok beck@
* tls13_connect() should be static.jsing2019-11-171-2/+2
|
* Fix backoff to legacy when in client auth mode.beck2019-11-171-2/+2
| | | | ok jsing@
* Drop back to the legacy tls method if we are doing client authenticaitonbeck2019-11-171-1/+7
| | | | | | from a tls 1.3 connection, for now. ok jsing@
* Separate the callbacks for recieved and completed post handshake messagesbeck2019-11-173-10/+22
| | | | | | from the record layer ok jsing@
* Allow 1.3 ciphers in libtls.beck2019-11-161-2/+2
| | | | ok jsing@
* Revert previous deduplication diff, I broke portable in a strange way.beck2019-11-161-47/+58
| | | | | I'll figure it out a bit later. Found and diagnosed by inoguchi@
* Allow portable to override the default CA bundle locationbeck2019-11-162-3/+7
| | | | ok kinichiro@ jsing@
* Deduplicate some extension processing code.beck2019-11-151-58/+47
| | | | ok tb@ inoguchi@
* Fix a segmentation fault in ncurses.fcambus2019-11-151-6/+6
| | | | | | | | | | | | | | | | This is a backported patch [1] from ncurses-5.7-20100501. It takes begx and begy values into account when calculating lengths, in order to avoid writing data past the end of the buffer when calling memset in wredrawln(). From upstream NEWS file: 20100501 + correct limit-check in wredrawln, accounting for begy/begx values (patch by David Benjamin). [1] https://lists.gnu.org/archive/html/bug-ncurses/2010-04/msg00017.html OK nicm@
* our older gcc requires forced -std=c99deraadt2019-11-152-4/+4
|
* LDADD for libcbor and libusbhiddjm2019-11-141-1/+4
|
* extra whitespacederaadt2019-11-142-2/+0
|
* add libcbor and libfido2djm2019-11-141-3/+3
|
* import libfido2 (git HEAD). This library allows communication withdjm2019-11-1470-0/+14154
| | | | | | U2F/FIDO2 devices over USB. feedback and "start the churn" deraadt@
* Add libcbor; an implementation of the Concise Binary Objectdjm2019-11-1447-0/+5933
| | | | | | | | | Representation (CBOR) encoding format defined in RFC7049. This is a dependency of libfido2, that we'll use for U2F/FIDO support in OpenSSH. feedback and "Looks good enough to me" deraadt@
* Add missing cross-reference to NOTES section.millert2019-11-141-3/+3
| | | | OK kn@ tb@
* Now that libc.so has only five PLT entries on almost all our archs,guenther2019-11-121-2/+2
| | | | | | link it with -znow ok kettenis@ deraadt@ jca@
* Mark as 'protected' all the routines from the quad/ and softfloat/ subdirs,guenther2019-11-1025-161/+170
| | | | | | | | | as well as those in arch/arm/gen/divsi3.S. This cleans up the PLTs on the 32bit archs. luna88k testing by aoyama@ "looks good" kettenis@, testing and ok deraadt@
* MPLSCTL_MAXINKLOOP (net.mpls.maxloop_inkernel) was removed. Adjust manpage.claudio2019-11-051-8/+3
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.