| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2015-06-19 | Return the failing engine ID in the error stack. | Brent Cook | |
| Noted by doug@ in an earlier revision of the dynamic engine removal patch, but I had forgotten to include it in the latest version. | |||
| 2015-06-19 | Add standard headers, C++ support to tls.h. | Brent Cook | |
| This makes using libtls easier to include by including dependent headers, making something like this work as expected: #include <iostream> #include <tls.h> int main() { std::cout << "tls_init: " << tls_init() << "\n"; } This also makes building a standalone libtls-portable simpler. ok doug@, jsing@ | |||
| 2015-06-19 | Disable ENGINE_load_dynamic (dynamic engine support). | Brent Cook | |
| We do not build, test or ship any dynamic engines, so we can remove the dynamic engine loader as well. This leaves a stub initialization function in its place. ok beck@, reyk@, miod@ | |||
| 2015-06-19 | sync | Theo de Raadt | |
| 2015-06-19 | Convert tls1_alpn_handle_client_hello() to CBS. | Doug Hogan | |
| tweak + ok miod@ jsing@ | |||
| 2015-06-19 | Add CBS_dup() to initialize a new CBS with the same values. | Doug Hogan | |
| This is useful for when you need to check the data ahead and then continue on from the same spot. input + ok jsing@ miod@ | |||
| 2015-06-18 | Use the SRCDST define for usage. | Nicholas Marriott | |
| 2015-06-18 | Use xsnprintf. | Nicholas Marriott | |
| 2015-06-18 | Remove a stray : and tweak paragraph. | Nicholas Marriott | |
| 2015-06-18 | Extend the input types for CBB_add_*() to help catch bugs. | Doug Hogan | |
| While the previous types were correct, they can silently accept bad data via truncation or signed conversion. We now take size_t as input for CBB_add_u*() and do a range check. discussed with deraadt@ input + ok jsing@ miod@ | |||
| 2015-06-18 | Remove Microsoft Server Gated Crypto. | Doug Hogan | |
| Another relic due to the old US crypto policy. From OpenSSL commit 63eab8a620944a990ab3985620966ccd9f48d681 and 95275599399e277e71d064790a1f828a99fc661a. ok jsing@ miod@ | |||
| 2015-06-18 | Change DTLS client cert request code to match TLS. | Doug Hogan | |
| DTLS currently doesn't check whether a client cert is expected. This change makes the logic in dtls1_accept() match that from ssl3_accept(). From OpenSSL commit c8d710dc5f83d69d802f941a4cc5895eb5fe3d65 input + ok jsing@ miod@ | |||
| 2015-06-18 | I'm afraid it will be a sunday. | Miod Vallat | |
| 2015-06-18 | add 5.9 firmware key | Stuart Henderson | |
| 2015-06-18 | For unsupported sample formats, don't return EINVAL but set the closest | Christian Weisgerber | |
| available format. ok ratchov@ | |||
| 2015-06-18 | Fix stack shuffle such that sj includes si and the last element actually | Martynas Venckus | |
| gets a chance to be reordered. | |||
| 2015-06-18 | spelling fixes from theo buehler; | Jason McIntyre | |
| 2015-06-18 | CP2110 is handled by uslhcom not uslcom | Jonathan Gray | |
| 2015-06-18 | Only match devices with a valid configuration. | Martin Pieuchot | |
| Tested by jsg@ | |||
| 2015-06-18 | Only match devices with a valid configuration. | Martin Pieuchot | |
| 2015-06-18 | Only match devices with a valid configuration. | Martin Pieuchot | |
| Most of the WiFi/Ethernet USB adapter only have one configuration and always use its first interface. In order to improve USB descriptors parsing start by reducing the number of places where a configuration is set. Tested by jsg@ | |||
| 2015-06-18 | sync | Theo de Raadt | |
| 2015-06-17 | my keyboard is conspiring against me | Theo de Raadt | |
| 2015-06-17 | crank to 5.8-beta | Theo de Raadt | |
| 2015-06-17 | Use strdup in xstrdup; from Fritjof Bornebusch. | Nicholas Marriott | |
| 2015-06-17 | when no fingers are down, send 0 for z | Joshua Stein | |
| fixes tap-to-click | |||
| 2015-06-17 | fix compilation with UBCMTP_DEBUG | Joshua Stein | |
| 2015-06-17 | Change break-pane to take target and source panes (-t and -s) in line | Nicholas Marriott | |
| with other commands, from Thomas Adam. | |||
| 2015-06-17 | move to 5.8-beta. This is a bit earlier than normal... | Theo de Raadt | |
| 2015-06-17 | Use strdup in xstrdup from Fritjof Bornebusch. While here, remove xfree | Nicholas Marriott | |
| which is unused. | |||
| 2015-06-17 | Make kernel text read-only and unreadable from userland, and remove the bogus | Miod Vallat | |
| comment about the emulation code requiring kernel text to be readable from userland. Add a few DIAGNOSTIC checks for rogue ptes passed to rmpage(). Make sure the pte extent operations and update_pcbs() run at >= IPL_SCHED. | |||
| 2015-06-17 | Break cmdq_continue inner loop into a helper function. | Nicholas Marriott | |
| 2015-06-17 | Move the shuffle code from new-window -a into a function and add a -a | Nicholas Marriott | |
| flag for move-window too. From Thomas Adam. | |||
| 2015-06-17 | Use an explicit job state instead of avoid closing our side of the | Nicholas Marriott | |
| socketpair and setting it to -1 to mark when the other side is closed. This avoids closing it while the libevent bufferevent still has it (it could try to add it to the polled set which some mechanisms don't like). Fixes part a problem reported by Bruno Sutic. | |||
| 2015-06-17 | add DST Root CA X3 certificate, already present in most browser cert stores. | Stuart Henderson | |
| "O=Digital Signature Trust Co., CN=DST Root CA X3". This CA is cross signing the issuing intermediates for letsencrypt.org so is expected to be important for at least ports distfile fetching in the future. ok ajacoutot@ juanfra@ | |||
| 2015-06-17 | Clean up alert codes and add references. | Joel Sing | |
| 2015-06-17 | Keep alerts sorted by alert code. | Joel Sing | |
| 2015-06-17 | Remove pointless comments. | Joel Sing | |
| 2015-06-17 | Four new sensors, from David Higgs. | Martin Pieuchot | |
| 2015-06-17 | Remove NULL check before free; Fritjof Bornebusch. | Nicholas Marriott | |
| 2015-06-17 | Convert ssl_next_proto_validate to CBS. | Doug Hogan | |
| ok miod@, tweak + ok jsing@ | |||
| 2015-06-17 | Really make daemon_class read-only; it's set to "daemon" of a matching | Antoine Jacoutot | |
| login class. | |||
| 2015-06-17 | Convert tls1_check_curve to CBS. | Doug Hogan | |
| ok miod@ jsing@ | |||
| 2015-06-17 | KNF whitespace. | Doug Hogan | |
| ok miod@ jsing@ | |||
| 2015-06-17 | Use explicit int in bs_cbs.c. | Doug Hogan | |
| ok miod@ jsing@ | |||
| 2015-06-17 | Use explicit int in bs_ber.c. | Doug Hogan | |
| ok miod@ jsing@ | |||
| 2015-06-17 | Add tests for CBS_offset() and CBS_write_bytes(). | Doug Hogan | |
| "no problem" miod@, tweak + ok jsing@ | |||
| 2015-06-17 | Add CBS_write_bytes() to copy the remaining CBS bytes to the caller. | Doug Hogan | |
| This is a common operation when dealing with CBS. ok miod@ jsing@ | |||
| 2015-06-17 | Add a new function CBS_offset() to report the current offset in the data. | Doug Hogan | |
| "why not" miod@, sure jsing@ | |||
| 2015-06-17 | Cleanup SSL_OP_* compat flags in ssl.h. | Doug Hogan | |
| These were recently removed and are now set to 0: SSL_OP_NETSCAPE_CA_DN_BUG SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG SSL_OP_SSLEAY_080_CLIENT_DH_BUG The code associated with these was deleted in the past at some point and these are also now 0: SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION SSL_OP_EPHEMERAL_RSA SSL_OP_MICROSOFT_SESS_ID_BUG SSL_OP_NETSCAPE_CHALLENGE_BUG SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG The SSL_OP_ALL macro has been updated to reflect the removals. ok miod@ jsing@ | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |