miod
64e337e151
Do not use sha512-parisc for now, as it is subtly bugged - passes the sha
regress tests but causes tls ciphersuite using sha386 to fail; found the
hard way by henning@.
I can't see anything wrong in the generated assembly code yet, but building
a libcrypto with no assembler code but sha512_block_data_order() is enough
to trigger Henning's issue, so the bug lies there.
No ABI change; ok deraadt@
9 years ago
millert
9b1817bc73
Update comment to match code; Caspar Schutijser
9 years ago
tedu
236787ace7
we don't let strtonum errors bleed through now.
9 years ago
tedu
6e172aaf1a
Set errno to EINVAL, instead of letting ERANGE escape out.
Printing strerror() in that case will say result too large, even if rounds is
actually too small. invalid is less specific, but less incorrect.
ok millert
9 years ago
jsing
c9efcf7f21
Bump libcrypto and libssl majors, due to various recent churn.
Discussed with/requested by deraadt@ at the conclusion of s2k15.
9 years ago
tedu
ade522ddbc
update siphash manpages to reflect change in return type spelling.
ok dlg
9 years ago
tedu
6b550eb5a9
Use standard spelling for types, and rename local variable from "free".
No actual change, but makes it easier to reuse the code elsewhere.
Suggested by Andre Smagin
9 years ago
tedu
f560a5c78d
lsearch and lfind return void *
10 years ago
jmc
a4b14a72e4
use a width specifier for lists, and Sq rather than Dq for single letters
to avoid swamping it;
10 years ago
tedu
486708efb7
the possible algos for pref should be documented here
10 years ago
jsing
9282f51280
unifdef OPENSSL_NO_RFC3779 - this is currently disabled and unlikely to
be enabled, mostly since people use SANs instead.
ok beck@ guenther@
10 years ago
jsing
71b2d0a64a
Remove RC5 code - this is not currently enabled and is not likely to ever
be enabled.
Removes one symbol from libcrypto, however there is no ABI change.
ok beck@ miod@ tedu@
10 years ago
jsing
2b9dce95cd
Remove crypto/store - part of which is "currently highly experimental".
This code is not compiled in and OPENSSL_NO_STORE is already defined in
opensslfeatures.h. No symbol removal for libcrypto.
ok beck@
10 years ago
jsing
e928a301f0
Crank major for libcrypto since symbols have been removed.
Requested by deraadt@
10 years ago
dlg
eed98717a6
userland gets static on functions only used within a file.
ok tedu@
10 years ago
jsing
b22634d3c6
Combine c_allc.c and c_alld.c into c_all.c - there is not much point having
this split across files, especially when two of them have less code than
license text.
ok bcook@ beck@ doug@ miod@
10 years ago
millert
b1bfe035b7
Include stdint.h, not limits.h to get SIZE_MAX. OK guenther@
10 years ago
schwarze
cdb05c968a
macro fixes from Kaspars at Bankovskis dot net;
also fixing one typo in fts(3) while here
10 years ago
schwarze
72a38c830c
Use .Rv where appropriate, and move it to RETURN VALUES;
remove .Tn, and a few minor macro adjustments.
Patch from Kaspars at Bankovskis dot net.
10 years ago
tedu
29b14402f1
dial the time back to about 0.1s, closer to the original targets and
friendlier for users. requested by deraadt
10 years ago
reyk
2f3cb396e7
Add X509_STORE_load_mem() to load certificates from a memory buffer
instead of disk. OpenSSL didn't provide a built-in API from loading
certificates in a chroot'ed process that doesn't have direct access to
the files. X509_STORE_load_mem() provides a new backend that will be
used by libssl and libtls to implement such privsep-friendly
functionality.
Adopted for LibreSSL based on older code from relayd (by pyr@ and myself)
With feedback and OK bluhm@
10 years ago
bcook
3856d7a152
Add arc4random/getentropy shims for NetBSD.
The latest NetBSD (6.1.5) arc4random does not appear to reseed the CRNG state
after a fork, so provide an override until the fork-safe version in CVS appears
in a release.
These are the same as the FreeBSD shims.
ok deraadt@
10 years ago
tedu
dcb96ce7a3
Improve wording in alloca.
1. it's not a bug; it's a caveat.
2. "slightly unsafe" gives me the willies.
3. one .Xr to malloc should suffice
ok deraadt jmc
10 years ago
deraadt
75d428b273
Move to the <limits.h> universe.
review by millert, binary checking process with doug, concept with guenther
10 years ago
schwarze
3772d4b01b
remove .Tn; from Jan Stary <hans at stare dot cz>
10 years ago
chl
2c03498197
remove unused variable
ok tedu@
10 years ago
millert
1a5ffaf941
Use explicit_bzero instead of memset in hash Final and End functions.
OK deraadt@ djm@
10 years ago
deraadt
345209bd2a
back in september I did the large abstraction refactoring to allow these
other systems to fit into the same mold, so add copyright
10 years ago
millert
70272b819c
Make strlcpy/strlcat slightly easier to read.
10 years ago
tedu
94520ae40e
rename blocks to words. bcrypt "blocks" are unrelated to blowfish blocks,
nor are they the same size.
10 years ago
deraadt
8ab45b8557
missing , found by Dongsheng Song
10 years ago
deraadt
1eaa32d2da
declare a local version of MIN(), call it MINIMUM()
(sorry, my other changes were accidentally premature)
10 years ago
deraadt
474792cd61
declare a local version of MIN(), call it MINIMUM()
10 years ago
deraadt
c7195d4619
Do not need sys/param.h
10 years ago
tedu
3e66a761e0
stupid me. need errno.h
10 years ago
tedu
f2faceb1ea
set errno = EINVAL for invalid salts and hashes in most functions.
remember to set EACCES in bcrypt_checkpass for hash differences.
the higher level crypt_checkpass function will reset errno to EACCES in
all cases, which is probably the right behavior, but this change gives code
working with the lower level functions the correct errno if they care.
10 years ago
bcook
bfaebb4169
mix in more virtual memory and process information
10 years ago
bcook
015bfd5abc
add initial HP-UX getentropy/arc4random support.
patch from Kinichiro Inoguchi, tested on HP-UX 11.31
ok deraadt@
10 years ago
tedu
06084f37f2
rename kern enter/exit macros to malloc enter/leave to better reflect
what's going on.
10 years ago
tedu
6758bf4952
convert clock() to clock_gettime() for improved precision (and accuracy?)
guenther suggested using thread time, which actually may improve accuracy
if somebody puts this in a threaded program.
10 years ago
tedu
7387fe8b05
copy bcrypt autotune from encrypt(1) and expose via crypt_newhash
ok deraadt miod
10 years ago
djm
0f0ceb5483
typo in comment: ouput => output
10 years ago
benno
f0ed57e872
return ERANGE instead of ENOMEM, so callers can differentiate real oom
from this case where we have a static buffer and cant realloc.
ok phessler, claudio, reyk
10 years ago
tedu
6ae58cad45
simplify crypt_checkpass. The API promise is that this function doesn't
use global data. The simplest fix is to only check blowfish passwords,
and implicitly lock out DES passwords.
crypt_checkpass is currently only used in one place, passwd, to verify
the local user's password, so this is probably acceptable.
Gives people a little more time to migrate away from DES before introduing
checkpass into more places.
10 years ago
tedu
1b9ff6ebe7
be like the kernel and only unroll if not small
10 years ago
deraadt
0dc2c70460
i386 unrolling blows up the media in a big way, due to -Os for
ramdisk libc builds. there has to be a better way without #ifdef's
in gross places, but I don't see it yet.
10 years ago
tedu
29c323adc2
only unroll on i386 and amd64 (where confirmed to be much faster).
naddy found sparc64 gets a little slower when unrolled.
ok deraadt
10 years ago
tedu
b3da475e6b
unroll loops. much faster on amd64. ok deraadt millert
10 years ago
sthen
fc55253b4e
typo; ok deraadt
10 years ago
deraadt
eb5fb39e0c
warn for correct symbol
10 years ago