summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Expand)Author
2016-07-20Make the size for the syn cache hash array tunable. As we areAlexander Bluhm
2016-07-18We have __weak_alias() everywhere; remove obsolete #ifdef'sPhilip Guenther
2016-07-18don't mix code and decls, ok tedu@Brent Cook
2016-07-17use memset to initialize the unionBrent Cook
2016-07-17remove unused OPENSSL_NO_OBJECT caseBrent Cook
2016-07-17Initialize buffers before use, noted by Kinichiro Inoguchi.Brent Cook
2016-07-17Talk about event API instead of libeventStefan Kempf
2016-07-16Clean up OCSP_check_validity() a bit more.Bob Beck
2016-07-16Fix example: long long should be print with %lldJeremie Courreges-Anglas
2016-07-16Limit the support of the "backward compatible" ssl2 handshake to only beBob Beck
2016-07-14kern.usermount is currently a no-op;Jason McIntyre
2016-07-13Split the existing TLS cipher suite groups into four:Joel Sing
2016-07-10zero the read buffer after copying data to user so it doesn't linger.Ted Unangst
2016-07-10use offsetof to create an offset instead of illegal unaligned pointersTed Unangst
2016-07-10Document that SIGTTOU is sent if the process is in the background.Todd C. Miller
2016-07-07Revert previous - it introduces problems with a common privsep use case.Joel Sing
2016-07-07call BN_init on temporaries to avoid use-before-set warningsBrent Cook
2016-07-06J/j is a three valued option, document and fix code to actuall support thatOtto Moerbeek
2016-07-06Check that the given ciphers string is syntactically valid and results inJoel Sing
2016-07-06Always load CA, key and certificate files at the time the configurationJoel Sing
2016-07-06Use fstatat() to avoid path surgery.Philip Guenther
2016-07-06Correctly handle an EOF that occurs prior to the TLS handshake completing.Joel Sing
2016-07-05remove unneeded duplicate call - spotted by jsing@Bob Beck
2016-07-05On systems where we do not have BN_ULLONG defined (most 64-bit systems),Brent Cook
2016-07-05Missed a reference to dl_prebind.hPhilip Guenther
2016-07-05Add several fixes from OpenSSL to make OCSP work with intermediateBob Beck
2016-07-04DEBUGLIBS has been broken since the gcc4 switch, so delete it. CFLAGSPhilip Guenther
2016-07-03introduces new promise "chown" to allow changing owner/group with *chown(2) f...Sebastien Marie
2016-06-30nptys sysctls were removedTed Unangst
2016-06-30Tighten behavior of _rs_allocate failure for portable arc4random implementati...Brent Cook
2016-06-30Tighten behavior of _rs_allocate on Windows.Brent Cook
2016-06-30bump to 2.4.2Brent Cook
2016-06-30adapt S option: add C, rm F (not relevant with 0 cache and disablesOtto Moerbeek
2016-06-30Remove flags for disabling constant-time operations.Brent Cook
2016-06-28For the EINVAL case there can be more than a single option.Todd C. Miller
2016-06-28fts_open() requires that the list passed as argument to contain at leastTodd C. Miller
2016-06-28Add sysctl for arp timers: net.inet.ip.arptimeout (expire timer for resolvedChris Cappuccio
2016-06-28Do not return an error in fts_open(3) if one of the paths in argvTodd C. Miller
2016-06-28fix a couple of errors in the page;Jason McIntyre
2016-06-28Back out previous; otto saw a potential race that could lead to aTheo Buehler
2016-06-27make proper use of fstatat, as suggested by guenther@Marc Espie
2016-06-27defer munmap to after unlocking malloc. this can (unfortunately) be anTed Unangst
2016-06-27make the fallback code more accurate (in particular, it should return namesMarc Espie
2016-06-26increase the minimum for auto rounds to 6. that was the previous low boundTed Unangst
2016-06-25Fix from kinichiro.inoguchi@gmail.com to ensure that OCSP usesBob Beck
2016-06-25Fix the ocsp code to actually check for errors when comparing time valuesBob Beck
2016-06-21Disable DSA_FLAG_NO_EXP_CONSTTIME, always enable constant-time behavior.Brent Cook
2016-06-18sort previous;Jason McIntyre
2016-06-18Remove duplicated line.Reyk Floeter
2016-06-18Add net.inet.{tcp,udp}.rootonly sysctl, to mark which portsVincent Gross