summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--VERSION2
-rw-r--r--compat/arc4random.c4
-rw-r--r--compat/chacha_private.h4
-rw-r--r--configure.ac3
-rw-r--r--m4/check-hardening-options.m426
-rw-r--r--man/Makefile.am2
6 files changed, 16 insertions, 25 deletions
diff --git a/VERSION b/VERSION
index fc1335a..6f711e8 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
-3.5.0
+3.5.1
 
diff --git a/compat/arc4random.c b/compat/arc4random.c
index 2bb4dbf..6f95d57 100644
--- a/compat/arc4random.c
+++ b/compat/arc4random.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: arc4random.c,v 1.55 2019/03/24 17:56:54 deraadt Exp $	*/
+/*	$OpenBSD: arc4random.c,v 1.56 2022/02/28 21:56:29 dtucker Exp $	*/
 
 /*
  * Copyright (c) 1996, David Mazieres <dm@uun.org>
@@ -78,7 +78,7 @@ _rs_init(u_char *buf, size_t n)
 			_exit(1);
 	}
 
-	chacha_keysetup(&rsx->rs_chacha, buf, KEYSZ * 8, 0);
+	chacha_keysetup(&rsx->rs_chacha, buf, KEYSZ * 8);
 	chacha_ivsetup(&rsx->rs_chacha, buf + KEYSZ);
 }
 
diff --git a/compat/chacha_private.h b/compat/chacha_private.h
index 7c3680f..b0427b6 100644
--- a/compat/chacha_private.h
+++ b/compat/chacha_private.h
@@ -4,7 +4,7 @@ D. J. Bernstein
 Public domain.
 */
 
-/* $OpenBSD: chacha_private.h,v 1.2 2013/10/04 07:02:27 djm Exp $ */
+/* $OpenBSD: chacha_private.h,v 1.3 2022/02/28 21:56:29 dtucker Exp $ */
 
 typedef unsigned char u8;
 typedef unsigned int u32;
@@ -52,7 +52,7 @@ static const char sigma[16] = "expand 32-byte k";
 static const char tau[16] = "expand 16-byte k";
 
 static void
-chacha_keysetup(chacha_ctx *x,const u8 *k,u32 kbits,u32 ivbits)
+chacha_keysetup(chacha_ctx *x,const u8 *k,u32 kbits)
 {
   const char *constants;
 
diff --git a/configure.ac b/configure.ac
index fdf72ee..8119508 100644
--- a/configure.ac
+++ b/configure.ac
@@ -12,7 +12,7 @@
 # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 
-AC_INIT([libressl], m4_esyscmd([tr -d '\n' < VERSION]))
+AC_INIT([libressl], m4_esyscmd(tr -d '\n' < VERSION))
 AC_SUBST([LIBCRYPTO_VERSION], m4_esyscmd([tr -d '\n' < crypto/VERSION]))
 AC_SUBST([LIBSSL_VERSION], m4_esyscmd([tr -d '\n' < ssl/VERSION]))
 AC_SUBST([LIBTLS_VERSION], m4_esyscmd([tr -d '\n' < tls/VERSION]))
@@ -27,7 +27,6 @@ m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
 USER_CFLAGS="$CFLAGS"
 
 AC_PROG_CC([cc gcc])
-AC_PROG_CC_STDC
 AM_PROG_CC_C_O
 LT_INIT([pic-only])
 
diff --git a/m4/check-hardening-options.m4 b/m4/check-hardening-options.m4
index c8ab12e..4b5784b 100644
--- a/m4/check-hardening-options.m4
+++ b/m4/check-hardening-options.m4
@@ -4,16 +4,13 @@ AC_DEFUN([CHECK_CFLAG], [
 	 AC_MSG_CHECKING([if $saved_CC supports "$1"])
 	 old_cflags="$CFLAGS"
 	 CFLAGS="$1 -Wall -Werror"
-	 AC_TRY_LINK([
-		      #include <stdio.h>
-		      ],
-		     [printf("Hello")],
-		     AC_MSG_RESULT([yes])
+	 AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <stdio.h>]], [[printf("Hello")]])],
+		     [AC_MSG_RESULT([yes])
 		     CFLAGS=$old_cflags
-		     HARDEN_CFLAGS="$HARDEN_CFLAGS $1",
-		     AC_MSG_RESULT([no])
+		     HARDEN_CFLAGS="$HARDEN_CFLAGS $1"],
+		     [AC_MSG_RESULT([no])
 		     CFLAGS=$old_cflags
-		     [$2])
+		     [$2]])
 ])
 
 AC_DEFUN([CHECK_LDFLAG], [
@@ -21,16 +18,13 @@ AC_DEFUN([CHECK_LDFLAG], [
 	 AC_MSG_CHECKING([if $saved_LD supports "$1"])
 	 old_ldflags="$LDFLAGS"
 	 LDFLAGS="$1 -Wall -Werror"
-	 AC_TRY_LINK([
-		      #include <stdio.h>
-		      ],
-		     [printf("Hello")],
-		     AC_MSG_RESULT([yes])
+	 AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <stdio.h>]], [[printf("Hello")]])],
+		     [AC_MSG_RESULT([yes])
 		     LDFLAGS=$old_ldflags
-		     HARDEN_LDFLAGS="$HARDEN_LDFLAGS $1",
-		     AC_MSG_RESULT([no])
+		     HARDEN_LDFLAGS="$HARDEN_LDFLAGS $1"],
+		     [AC_MSG_RESULT([no])
 		     LDFLAGS=$old_ldflags
-		     [$2])
+		     [$2]])
 ])
 
 AC_DEFUN([DISABLE_AS_EXECUTABLE_STACK], [
diff --git a/man/Makefile.am b/man/Makefile.am
index 6ab71ef..5c1bee7 100644
--- a/man/Makefile.am
+++ b/man/Makefile.am
@@ -2985,7 +2985,6 @@ install-data-hook:
 	ln -sf "bn_dump.3" "$(DESTDIR)$(mandir)/man3/mul.3"
 	ln -sf "bn_dump.3" "$(DESTDIR)$(mandir)/man3/mul_add.3"
 	ln -sf "bn_dump.3" "$(DESTDIR)$(mandir)/man3/sqr.3"
-	ln -sf "d2i_ASN1_BOOLEAN.3" "$(DESTDIR)$(mandir)/man3/i2d_ASN1_BOOLEAN.3"
 	ln -sf "d2i_ASN1_NULL.3" "$(DESTDIR)$(mandir)/man3/i2d_ASN1_NULL.3"
 	ln -sf "d2i_ASN1_OBJECT.3" "$(DESTDIR)$(mandir)/man3/i2d_ASN1_OBJECT.3"
 	ln -sf "d2i_ASN1_OCTET_STRING.3" "$(DESTDIR)$(mandir)/man3/d2i_ASN1_BIT_STRING.3"
@@ -5865,7 +5864,6 @@ uninstall-local:
 	-rm -f "$(DESTDIR)$(mandir)/man3/mul.3"
 	-rm -f "$(DESTDIR)$(mandir)/man3/mul_add.3"
 	-rm -f "$(DESTDIR)$(mandir)/man3/sqr.3"
-	-rm -f "$(DESTDIR)$(mandir)/man3/i2d_ASN1_BOOLEAN.3"
 	-rm -f "$(DESTDIR)$(mandir)/man3/i2d_ASN1_NULL.3"
 	-rm -f "$(DESTDIR)$(mandir)/man3/i2d_ASN1_OBJECT.3"
 	-rm -f "$(DESTDIR)$(mandir)/man3/d2i_ASN1_BIT_STRING.3"
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-18 19:56:21 +0000
rooturl}()Lukas Fleischer The return values of these functions are essentially constant and should never be modified. Note that this will introduce a compiler warning when we try to free the return value of any of these functions. However, given that all of these currently return statically allocated strings in some cases, they need to be refactored before this can be done anyway. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> 2013-04-08Update git to v1.8.2.1John Keeping This requires a small change to how we handle notes, but otherwise just works. Note that we can't use anything from v1.8.0 until v1.8.2.1 because some of the symbols that we need for graph drawing were made private in v1.8.0 and this was not reverted until v1.8.2.1. Signed-off-by: John Keeping <john@keeping.me.uk> 2013-04-07ui-blob: don't segfault when no path is givenJohn Keeping It it possible to inspect blobs by specifying only the SHA-1, and CGit provides links to do so, for example if a tag points directly at a blob. In this case the path_items structure is never used, but creating it still causes strlen to be run on a null pointer. Fix this. This error was introduced by commit c1633c6 (Update git to v1.7.6.5 - 2013-03-02). Signed-off-by: John Keeping <john@keeping.me.uk> 2013-03-20Convert pager navigation into a unordered listLukas Fleischer It is common practice and semantically appropriate to use unordered lists for long navigation lists. This also fixes the layout of very long pager navigations in Webkit-based browsers. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> 2013-03-20Makefile: remove CGIT-CFLAGS files in clean stageJason A. Donenfeld 2013-03-20ui-summary.c: Move urls variable into print_urls()Lukas Fleischer There's no need for this variable to be global. Printing the header in print_urls() instead of print_url() allows for moving this variable into print_urls() without having to pass any status to print_url(). Note that this only works as long as we don't call print_urls() more than once. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> 2013-03-20Fix colspan valuesLukas Fleischer This fixes a couple of minor oversights in previous commits and adjusts all cells using colspan to use the correct width. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> 2013-03-20html: check return value of writeJason A. Donenfeld This squelches a gcc warning. It's also correct that we check to see if there are any partial or failed writes. For now, we just print a warning to stderr. In the future, perhaps it will prove wise to exit(1) on partial writes. 2013-03-20ui-shared: squelch compiler warning.Jason A. Donenfeld Since tail is initialized to 0, we will never get a warning on the last if statement, but recent gcc complains anyway. So, we initialize len as well. Future gcc versions should be able to optimize this out anyway. 2013-03-20cgit.mk: Use SHELL_PATH_SQ to run gen-version.shJohn Keeping On some platforms (notably Solaris) /bin/sh doesn't support enough of POSIX for gen-version.sh to run. Git's Makefile provides SHELL_PATH_SQ to address this issue so we just have to use it. Signed-off-by: John Keeping <john@keeping.me.uk> 2013-03-20cgit.mk: don't rebuild everything if CGIT_VERSION changesJohn Keeping If CGIT_VERSION is in CGIT_CFLAGS then a change in version (for example because you have committed your changes) causes all of the CGit objects to be rebuilt. Avoid this by using EXTRA_CPPFLAGS to add the version for only those files that are affected and make them depend on VERSION. Signed-off-by: John Keeping <john@keeping.me.uk> 2013-03-20ui-patch: use cgit_version not CGIT_VERSIONJohn Keeping We already have a global cgit_version which is set from the #define'd CGIT_VERSION in cgit.c. Change ui-patch.c to use this so that we only need to rebuild cgit.o when the version changes. Signed-off-by: John Keeping <john@keeping.me.uk> 2013-03-20Makefile: re-use Git's Makefile where possibleJohn Keeping