| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2014-04-20 | Restore beck's (void)snprintf(): they were reviewed. | Philip Guenther | |
| 2014-04-20 | Restore beck's rev 1.8: snprintf() was reviewed. | Philip Guenther | |
| 2014-04-20 | Restore tedu's rev 1.4: snprintf() was reviewed. | Philip Guenther | |
| 2014-04-20 | Restore beck's rev 1.7: snprintf() was reviewed. | Philip Guenther | |
| Also, use sizeof() for snprintf()'s size argument | |||
| 2014-04-20 | Remove unused/never installed libssl tools and docs and references to them | Andrew Fresh | |
| Sure deraadt | |||
| 2014-04-20 | Restore beck's rev 1.21: snprintf() was reviewed | Philip Guenther | |
| 2014-04-20 | theo found a file we don't seem to need, but just in case, i will paste | Ted Unangst | |
| the contents below: #!/usr/local/bin/perl # x86 assember | |||
| 2014-04-20 | Restore beck's rev 1.9: snprintf() was reviewed | Philip Guenther | |
| 2010-10-01 | import OpenSSL-1.0.0a | Damien Miller | |
| 2005-04-29 | import of openssl-0.9.7g; tested on platforms from alpha to zaurus, ok deraadt@ | Damien Miller | |
| 2003-05-11 | import 0.9.7b (without idea and rc5) | Markus Friedl | |
| 2014-04-20 | KNF. | Joel Sing | |
| 2014-04-20 | Restore beck's rev 1.3: snprintf() was reviewed | Philip Guenther | |
| 2014-04-20 | More KNF. | Joel Sing | |
| 2014-04-20 | KNF. | Joel Sing | |
| 2014-04-20 | KNF. | Joel Sing | |
| 2014-04-20 | KNF. | Joel Sing | |
| 2014-04-20 | More KNF. | Joel Sing | |
| 2014-04-20 | More KNF. | Joel Sing | |
| 2014-04-20 | gettimeofday() is portable enough and does not need a wrapper | Theo de Raadt | |
| 2014-04-20 | calloc() rather than malloc+memset | Theo de Raadt | |
| 2014-04-20 | Fix indentation, adding braces and combining a nested if to reduce depth | Philip Guenther | |
| 2014-04-20 | KNF. | Joel Sing | |
| 2014-04-20 | KNF. | Joel Sing | |
| 2014-04-20 | Chop off more SSLv2 tentacles and start fixing and noting y2038 issues. | Philip Guenther | |
| APIs that pass times as longs will have to change at some point... Bump major on both libcrypto and libssl. ok tedu@ | |||
| 2014-04-20 | return after error instead of plowing ahead. noticed by mancha1 at zoho | Ted Unangst | |
| 2014-04-20 | Use calloc(a,b) instead of malloc(a*b) + memset(a*b). I don't know if | Theo de Raadt | |
| this instance is integer-overflowable, but we cannot keep hand-auditing every instance (or apathetically ignoring these issues) when the simple calloc idiom is better in the presence of a good calloc(). It is simply unfeasible to always enter correct range checks before the aggregate size calculation, just go find some 4000 lines of code, REPAIR THEM ALL, then come back and tell me I am wrong. This only works on systems where calloc() does the integer overflow check, but if your system doesn't do this, you need to ask your vendor WHY THEY ARE 10 YEARS BEHIND IN BEST PRACTICE? This is the kind of problem that needs to be solved at the right layer. malloc integer-overflow was implicated in the 2002 OpenSSH hole. OpenSSH and much other code is now written to use calloc(), for instance OpenSSH has 103 calls to it. We feel safer with our use of calloc(). It is a natural approach for us to use calloc(). How safe do you feel on systems which lack that range check in their calloc()? Good writeup from 2006: http://undeadly.org/cgi?action=article&sid=20060330071917 | |||
| 2014-04-20 | Undo a calloc() replacement. It lacks the integer overflow check that | Theo de Raadt | |
| the system one has. | |||
| 2014-04-20 | KNF. | Joel Sing | |
| 2014-04-20 | reset imprint to NULL to avoid double free. from mancha1 at zoho | Ted Unangst | |
| 2014-04-19 | release buffers fix was lost in merge. put it back. | Ted Unangst | |
| 2014-04-19 | change some rsh references to ssh. poke by jmc | Ted Unangst | |
| 2014-04-19 | More KNF. | Joel Sing | |
| 2014-04-19 | More KNF. | Joel Sing | |
| 2014-04-19 | another attempt at fixing stale x509 data. since we don't know where the | Ted Unangst | |
| initial storage came from, we can't free it. just memset in the sequence case. probably ok beck | |||
| 2014-04-19 | More KNF. | Joel Sing | |
| 2014-04-19 | More KNF. | Joel Sing | |
| 2014-04-19 | More KNF. | Joel Sing | |
| 2014-04-19 | More KNF. | Joel Sing | |
| 2014-04-19 | tweak previous; | Jason McIntyre | |
| 2014-04-19 | need to escape %U, since it is used in Re/Rs blocks; | Jason McIntyre | |
| 2014-04-19 | zap trailing whitespace; | Jason McIntyre | |
| 2014-04-19 | remove the openssl_fdset wrapper, and a variety of VMS'ism's like | Theo de Raadt | |
| crazy (void *) casts all over the place ok beck jsing | |||
| 2014-04-19 | KNF. | Joel Sing | |
| 2014-04-19 | KNF. | Joel Sing | |
| 2014-04-19 | Remove a gethostbyname() cache layer. The internet works better these | Theo de Raadt | |
| days. Initially fixed this, but Ted asked for it to die. | |||
| 2014-04-19 | ReadFile() and GetStdHandle() are not very POSIX. | Theo de Raadt | |
| ok beck jsing | |||
| 2014-04-19 | Add missing description for IPv6 mtudisctimeout sysctl and | logan | |
| rework the wording for both IPv4 and IPv6. OK from sthen@, henning@ and claudio@ | |||
| 2014-04-19 | truncation check some snprintf calls (over-cautiously in case) | Theo de Raadt | |
| ok jsing beck | |||
| 2014-04-19 | can't actually do this. cause unknown. | Ted Unangst | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |