| Age | Commit message (Collapse) | Author |
|---|
|
ok miod@ tedu@
|
|
This is a getaddrinfo() flag that is defined thusly in RFC 3493:
If the AI_ADDRCONFIG flag is specified, IPv4 addresses shall be
returned only if an IPv4 address is configured on the local system,
and IPv6 addresses shall be returned only if an IPv6 address is
configured on the local system. The loopback address is not
considered for this case as valid as a configured address.
For example, when using the DNS, a query for AAAA records should
occur only if the node has at least one IPv6 address configured
(other than IPv6 loopback) and a query for A records should occur
only if the node has at least one IPv4 address configured (other
than the IPv4 loopback).
The flag is set by default when hints is NULL.
ok Eric Faurot, Jason McIntyre
|
|
Also check for _LP64 rather than __arch64__ (the former being more reliable
than __LP64__ or __arch64__) to tell 64-bit int platforms apart from 32-bit
int platforms.
Loosely based upon a diff from Martijn van Duren on tech@
|
|
http://marc.info/?l=openssl-dev&m=139779977532459&w=2
ok miod
|
|
but disabling attack mitigations is not safe. 0.9.6d contained a
workaround for an attack against CBC modes. 0.9.6e disabled it by default
because "some" implementations couldn't handle empty fragments. 12 years
have passed. Does anybody still care? Let's find out.
ok miod
|
|
Gebruiker Schoot.
|
|
|
|
|
|
from Helg Bredow, thanks!
input/OK reyk@
|
|
|
|
|
|
avoid unreadable/unmaintainable constructs like that:
const EVP_PKEY_ASN1_METHOD cmac_asn1_meth =
{
EVP_PKEY_CMAC,
EVP_PKEY_CMAC,
0,
"CMAC",
"OpenSSL CMAC method",
0,0,0,0,
0,0,0,
cmac_size,
0,
0,0,0,0,0,0,0,
cmac_key_free,
0,
0,0
};
ok matthew@ deraadt@
|
|
No functional change.
|
|
redefine OPENSSL_EXTERN from `extern' to `extern'.
|
|
declaration to pass -Wextra, should we want to add it to CFLAGS.
No binary change.
|
|
|
|
|
|
|
|
ok miod@
|
|
|
|
OK from jmc@, and thanks to sthen@ for pointing out my mistake in the first
version of the diff.
|
|
|
|
This avoids a lot of ugly gymnastics to do snprintfs before sending the
bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c
where it was being called with the incorrect number of arguments and
using random things off the stack as addresses of strings.
ok krw@, jsing@
|
|
|
|
|
|
ok miod@
|
|
ok miod@
|
|
|
|
|
|
from there instead and ditch the macro.
|
|
ok miod@
|
|
reduce the macro to two functions and just call them instead.
ok miod@
|
|
ok miod@
|
|
Suggested by miod@
|
|
|
|
The intent of this change is to only keep support for two kind of architectures:
- those with 32-bit int and long, and 64-bit long long, where
``long * long -> long long'' multiplication routines are available.
- those with 64-bit int and long, and no 128-bit long long type.
This gets rid of the SIXTY_FOUR_BIT_LONG, SIXTY_FOUR_BIT (not the same!),
THIRTY_TWO_BIT, SIXTEEN_BIT and EIGHT_BIT defines.
After this change, the types and defines are as follows:
arch: 64bit 32bit rationale
BN_LLONG undefined defined defined if l * l -> ll
BN_ULLONG undefined u long long result of BN_LONG * BN_LONG
BN_ULONG u long u int native register size
BN_LONG long int the same, signed
BN_BITS 128 64 size of 2*BN_ULONG in bits
BN_BYTES 8 4 size of 2*BN_ULONG in bytes
BN_BITS2 64 32 BN_BITS / 2
Tested on various 32-bit and 64-bit OpenBSD systems of various endianness.
|
|
|
|
were), after stumbling upon code (mis)using them in the wild.
|
|
|
|
|
|
ok miod@
|
|
who uses '\0' as a null pointer constant? fix my mistake and restore
original semantics.
|
|
|
|
|
|
|
|
unchecked malloc at the same time.
ok beck@
|
|
frequent construct of 30 lines of pointer and strlcat insanity followed
by an ERR_add_error_data. I will sweep through here like a chubby mongol
horde in the next few days pillaging crappy ERR_add_error_data's.
Oh and while we're at it fix the nasty vdata function to use something less
hard on the eyes.
ok jsing@
|
|
well...
ok beck@
|
|
|
|
I missed on the first go around.
|
