| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2014-05-06 | clear a stack buffer with explicit_bzero | Ted Unangst | |
| 2014-05-06 | remove cpsw_{read,write}_4 wrapper functions and just use the real | Jasper Lievisse Adriaanse | |
| bus_space_{read,write}_4 instead. tested by nick@, ok bmercer@ | |||
| 2014-05-06 | change the create-child-sa responder code, so it does not store any | Markus Friedl | |
| state in the ikesa structure. this way we can initiate a create-child-sa and process requests for the peer at the same time. ok mikeb@ | |||
| 2014-05-06 | zap stray word; ok markus | Jason McIntyre | |
| 2014-05-06 | Include <sys/vmmeter.h> directly instead of relying on it being | Martin Pieuchot | |
| pulled by <uvm/uvm_extern.h> and turn uvm_total() into a private function. The preferred way to get memory stats is through the VM_UVMEXP sysctl(3) since VM_METER is just a wrapper on top of it. In the kernel, use `uvmexp' directly instead of uvm_total(). This change does not remove <sys/vmmeter.h> from <uvm/uvm_extern.h> to give some more time to port maintainers to fix their ports. ok guenther@ as part of a larger diff. | |||
| 2014-05-06 | Explicitly zero out the ibufs before releasing the memory to make sure | Reyk Floeter | |
| that included crypto parameters are cleaned. ok mikeb@ markus@ | |||
| 2014-05-06 | Fix two memory leaks: EVP_PKEY_get1_RSA() returns a referenced key | Reyk Floeter | |
| that requires to call RSA_free() to dereference it after use. Also free a temporary key that was read by PEM_read_PrivateKey() and immediately written into a bio. ok markus@ | |||
| 2014-05-06 | initiate ike sa rekeying (ikesalifetime keyword), re-queue pfkey | Markus Friedl | |
| events while we are busy initiating child-SAs; ok mikeb@ | |||
| 2014-05-06 | Fix a memleak when lookup of SA fails during forwarding of encrypted IPv6 | Gerhard Roth | |
| pakets. ok mpi@ markus@ mikeb@ | |||
| 2014-05-06 | cleanup IKE-SA tree handling (fixes repeated-insert & double-remove) | Markus Friedl | |
| sa_new() always re-inserts an SA into the SA tree. in case of a key collision it would try to free the new SA. While doing that it would accidentially free the existing SA, since config_free_sa() does RB_REMOVE() uncoditionally. This change fixes this by: a) moving the responsibility for RB_REMOVE() to CALLER of config_free_sa() and b) by calling config_free_sa() instead of sa_free() from sa_new() It also changes to code to NEVER re-add an SA to the tree. So RB_INSERT() is ONLY called once per SA. The code also makes sure that there is always a KEY defined for this tree (ispi). ok mikeb@ | |||
| 2014-05-06 | Plug two xfer leaks and a buffer one. | Martin Pieuchot | |
| 2014-05-06 | don't sa_free() in the receive path (prevents use-after-free); ok mikeb@ | Markus Friedl | |
| 2014-05-06 | send the delete with the locally allocated SPI in ikev2_init_create_child_sa() | Markus Friedl | |
| 2014-05-06 | make sure some notify payloads are encrypted; ok mikeb@ | Markus Friedl | |
| 2014-05-06 | initial support for PFS; ok reyk@ | Markus Friedl | |
| 2014-05-06 | retire IKED_REQ_DELETE and fix delete parsing; ok reyk@ | Markus Friedl | |
| 2014-05-06 | no need to include rand.h now the RAND_seed() calls are gone. | Jonathan Gray | |
| ok reyk@ | |||
| 2014-05-06 | knf approximation | Ted Unangst | |
| 2014-05-06 | move chacha context and buffer out of bss and allow mmap to place them | Ted Unangst | |
| wherever it decides it would like them. first step. ok deraadt dlg djm | |||
| 2014-05-06 | "stay backwards-compatible with 0.9.5; this should go away soon" | Ted Unangst | |
| it's your lucky day! | |||
| 2014-05-06 | remove Kerberos | Ted Unangst | |
| 2014-05-06 | move a comment to make unifdef happier | Ted Unangst | |
| 2014-05-06 | bye bye SRP | Ted Unangst | |
| 2012-10-13 | import OpenSSL-1.0.1c | Damien Miller | |
| 2008-09-06 | import of OpenSSL 0.9.8h | Damien Miller | |
| 2014-05-05 | Plug a memory leak, free the keymap's memory on detach. | Martin Pieuchot | |
| ok miod@ | |||
| 2014-05-05 | ca_x509_serialize: don't leak the bio buffer; ok reyk@ | Markus Friedl | |
| 2014-05-05 | make the ca_pubkey_serialize() code similar to the private key code, and | Markus Friedl | |
| fixes a leak of the rsa object in the error case. from hshoexer@; ok reyk@ | |||
| 2014-05-05 | pfkey is unreliable, so add a select-timeout before MSG_PEEK; | Markus Friedl | |
| similar code is in isakmpd; ok reyk@ | |||
| 2014-05-05 | inspired by a cloudflare diff, cleanse old memory when expanding a bignum. | Ted Unangst | |
| however, instead of trying to audit all the places where a secret bignum is used, apply the big hammer and clear all bignums when freed. ok deraadt miod | |||
| 2014-05-05 | Don't call the BOOTP handler indirectly. | Martin Pelikan | |
| ok krw | |||
| 2014-05-05 | Don't call the ICMP handler indirectly + clean up a bit. | Martin Pelikan | |
| ok krw | |||
| 2014-05-05 | Zap trailing whitespace. Started by pointed comments from andre@. | Kenneth R Westerback | |
| 2014-05-05 | Ugly workaround for an overoptimistic alignment expectation of dos_partition | Miod Vallat | |
| fields, found the hard way on landisk, to allow the tree to build until a proper fix is devised. ok deraadt@ | |||
| 2014-05-05 | Enhance reading of saved ascii labels (-R) to process mountpoint | Kenneth R Westerback | |
| information if present. Can be used with -F/-f options to create an fstab from the saved label. ok otto@ | |||
| 2014-05-05 | work-around the same location being reinstalled thru a different path | Marc Espie | |
| later... no need to do anything on sets consisting purely of "kept" handles This is not fully satisfying, I expect I need to tie some "done already" to locations as we do with sets, so that we can wipe update_info properly and be done once and for all... Issue found by stsp@ while trying to use FETCH_PACKAGES, which is still not 100% in good shape with this. | |||
| 2014-05-05 | Sort and group includes. | Joel Sing | |
| 2014-05-05 | Repair BIO_socket_nbio operation. | Joel Sing | |
| ok miod@ | |||
| 2014-05-05 | During the great e_os.h nukathon we stopped pulling in <sys/filio.h> via | Joel Sing | |
| the ifdef maze, meaning that FIONBIO was no longer defined. This removes non-blocking I/O support from s_{client,server,time}. Remove all FIONBIO ifdefs and import <sys/ioctl.h>, renabling -nbio. ok miod@ | |||
| 2014-05-05 | the caller of ikev2_msg_retransmit_response already frees the sa; ok mikeb | Markus Friedl | |
| 2014-05-05 | don't leak on pid mismatch; ok mikeb | Markus Friedl | |
| 2014-05-05 | Kill memory debug calls that are now noops. While here, nuke an #if 0 and | Joel Sing | |
| a unnecessary NULL check before free. ok miod@ | |||
| 2014-05-05 | OpenBSD has_SC_CLK_TCK. | Joel Sing | |
| ok miod@ | |||
| 2014-05-05 | validate the attribute length, too; from hshoexer; ok mikeb | Markus Friedl | |
| 2014-05-05 | convert select to poll. from peter malone | Ted Unangst | |
| 2014-05-05 | "new file systemsize is" -> "new filesystem size is". | Kenneth R Westerback | |
| From David Vasek. | |||
| 2014-05-05 | Remove SRP and Kerberos support from libssl. These are complex protocols | Ted Unangst | |
| all on their own and we can't effectively maintain them without using them, which we don't. If the need arises, the code can be resurrected. | |||
| 2014-05-05 | A couple of malloc()+memset(0) -> calloc. | Kenneth R Westerback | |
| 2014-05-05 | Plug a memory leak related to HID descriptor parsing. | Martin Pieuchot | |
| ok jsg@ | |||
| 2014-05-05 | Tweak comment on struct _partitionv0. It's no longer the partition | Kenneth R Westerback | |
| table. Suggested by David Vasek. | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |