| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2016-08-20 | Sync connect_wait() example with its real usage in ftp(1). | Todd C. Miller | |
| 2016-08-20 | Declare all _asr_* debug functions as hidden. | Jeremie Courreges-Anglas | |
| Reported by & similar diff by guenther@ some time ago, ok eric@ | |||
| 2016-08-18 | Add an EXAMPLES section that illustrates how to deal with connect(2) | Todd C. Miller | |
| returning EINTR. OK jung@ deraadt@ | |||
| 2016-08-18 | Split out the TLS server SSL_CTX allocation and configuration code, so | Joel Sing | |
| that it can be reused to allocate the additional SSL_CTXs needed for SNI. ok reyk@ | |||
| 2016-08-18 | Rework parts of the libtls man page for clarity. Split out the connection | Joel Sing | |
| information related functions under their own heading and dedup the text relating to when these functions can be called. With input from and ok jmc@ | |||
| 2016-08-17 | % is escaped with more %, not backslash. | Ted Unangst | |
| 2016-08-17 | Generate syslog warnings for %s fmt strings NULL to "(null)" conversions. | Theo de Raadt | |
| Over time we can repair software which performs this non-standard behaviour, and fix bugs along the way. Let's first find out how bad the situation is by deploying this in snapshots. This type of logging is possible because OpenBSD syslog_r(3) -> sendsyslog(2) is side-effect free enough to be used in the bowels of libc. ok tedu | |||
| 2016-08-17 | wrterror() is fatal, delete dead code; ok tom@ natano@ tedu@ | Otto Moerbeek | |
| 2016-08-15 | The tls_conninfo serial is also unused. | Joel Sing | |
| 2016-08-15 | Group conninfo fields by connection and peer cert based information, | Joel Sing | |
| sort and remove unused fingerprint. | |||
| 2016-08-15 | Fix some style(9) issues. | Joel Sing | |
| 2016-08-15 | Explicitly pass in an SSL_CTX * to the functions that operate on one, | Joel Sing | |
| instead of assuming that they should use the one associated with the TLS context. This allows these functions to be used with the additional SSL contexts that are needed to support server-side SNI. Also rename tls_configure_keypair() to tls_configure_ssl_keypair(), so that these functions have a common prefix. ok reyk@ | |||
| 2016-08-15 | add a bit of spacing to previous, to keep the notes about deprecated | Jason McIntyre | |
| functions out the way of the main body; ok guenther | |||
| 2016-08-14 | Reduce qabs() and qdiv() to aliases of llabs() and lldiv(). | Philip Guenther | |
| Merge the manual pages and call them deprecated there. ok and manpage tweak jmc@, ok natano@ | |||
| 2016-08-14 | Refer to /etc/passwd consistently as the "legacy password file" and | Theo Buehler | |
| remove some references to differences between versions 6 and 7. ok jmc, millert, tedu | |||
| 2016-08-13 | modern interfaces should use modern speelings, so spell quad_t as int64_t. | Ted Unangst | |
| 2016-08-13 | Avoid leaking memory if tls_config_set_alpn() is called multiple times | Joel Sing | |
| (this was in the original commit, but got reverted in the recommit). | |||
| 2016-08-13 | Load CA, certificate and key files into memory when the appropriate | Joel Sing | |
| tls_config_set_*_file() function is called. This allows us to immediately propagate useful error messages, play more nicely with privsep/pledge and have a single code path. Instead of always loading the default CA when tls_config_new() is called, defer and only load the default CA when tls_configure() is invoked, if a CA has not already been specified. ok beck@ bluhm@ | |||
| 2016-08-12 | Bump libtls minor due to symbol additions. | Joel Sing | |
| 2016-08-12 | Add ALPN support to libtls. | Joel Sing | |
| ok beck@ doug@ | |||
| 2016-08-11 | Between relro and previous RWX work, the __{got,plt}_{start,end} symbols | Philip Guenther | |
| are no longer needed by ld.so. Move them to the m88k-specific list, as it hasn't made the jump. ok deraadt@ | |||
| 2016-08-10 | armish handled some early-gen arm machines, which required tons of | Theo de Raadt | |
| workarounds. Some of them will soon stand in the way of armv7. Off to the attic you go. | |||
| 2016-08-09 | Expand the asynchronous connect information and move it out of | Todd C. Miller | |
| ERRORS and into a new second paragraph. Adapted from NetBSD. OK deraadt@ jmc@ | |||
| 2016-08-09 | Document that connect goes async when interrupted by signal. | Todd C. Miller | |
| 2016-08-08 | Look for a PT_GNU_RELRO section and, if present, mprotect that range | Philip Guenther | |
| instead of the [__got_start, __got_end) range. Also, instead of mprotecting the [__plt_start, __plt_end) range, just scan for sections which are both writable and executable and mprotect them to read-only. (This part was stolen from kettenis@) ok kettenis@ | |||
| 2016-08-07 | Update the link for the getentropy(2) manual to man.openbsd.org/ | Theo Buehler | |
| ok deraadt@ | |||
| 2016-08-07 | Teach mips64 to pass &_DYNAMIC to _dl_boot_bind(). | Philip Guenther | |
| mips64be testing by deraadt@ | |||
| 2016-08-07 | alpha already calculates &_DYNAMIC for the _reloc_alpha_got() call, so | Philip Guenther | |
| save that and pass it to _dl_boot_bind() too | |||
| 2016-08-07 | Teach i386 to pass &_DYNAMIC to _dl_boot_bind() | Philip Guenther | |
| 2016-08-07 | Psych: amd64 has been passing &_DYNAMIC to _dl_boot_bind() for 19 months | Philip Guenther | |
| 2016-08-07 | Flip the #ifdef logic: amd64, i386, and mips64 were the only static PIE | Philip Guenther | |
| archs using the #else case | |||
| 2016-08-07 | Add XOR cookies for lr and sp. Stop saving/restoring r12 to/from the jmpbuf. | Philip Guenther | |
| Switch from calling obsolete sig{block,setmask} to directly using the sigprocmask syscall. ok deraadt@ kettenis@ | |||
| 2016-08-06 | Use internal names for __errno, _memcpy, memset, and {,_}{set,long}jmp | Philip Guenther | |
| Eliminate pointless use of PIC_SYM() Split out DEFS.h from SYS.h like some other archs ok kettenis@ deraadt@ | |||
| 2016-08-05 | Do not *printf %s NULL | Theo de Raadt | |
| ok bcook | |||
| 2016-08-05 | Obvious minor fixes: | Ingo Schwarze | |
| * Add missing .Dv, .Ev, and .Fa macros. * Delete deprecated .Tn macros. * Mark up global variable names with .Va, not with .Fa or .Li. * Mark up config file commands with .Ic, not with .Fa. * Fix HISTORY, trivial to verify from the CSRG archive CD. | |||
| 2016-08-05 | grammar fix; | Jason McIntyre | |
| 2016-08-05 | Make RES_OPTIONS point directly to resolv.conf(5) instead of going through | Martijn van Duren | |
| resolver(3). OK jmc@ | |||
| 2016-08-02 | Revert previous since it adds new symbols. | Joel Sing | |
| Requested by deraadt@ | |||
| 2016-08-01 | Bump TLS_API for addition of ALPN support. | Joel Sing | |
| 2016-08-01 | Add ALPN support to libtls. | Joel Sing | |
| ok beck@ doug@ | |||
| 2016-07-31 | bump for LibreSSL 2.5.x | Brent Cook | |
| 2016-07-29 | Fix regression introduced by patch to CVE-2016-0718: Tag names were cut off ↵ | Remi Pointel | |
| in some cases. | |||
| 2016-07-28 | RMD160Update actually takes size_t length | Ted Unangst | |
| 2016-07-26 | Wrap fpgetround() so internal calls to it (seen on arm, powerpc, and sh) | Philip Guenther | |
| go direct instead of through the PLT. ok millert@ kettenis@ | |||
| 2016-07-20 | Make the size for the syn cache hash array tunable. As we are | Alexander Bluhm | |
| swapping between two syn caches for random reseeding anyway, this feature can be added easily. When the cache is empty, there is an opportunity to change the hash size. This allows an admin under SYN flood attack to defend his machine. Suggested by claudio@; OK jung@ claudio@ jmc@ | |||
| 2016-07-18 | We have __weak_alias() everywhere; remove obsolete #ifdef's | Philip Guenther | |
| ok deraadt@ | |||
| 2016-07-18 | don't mix code and decls, ok tedu@ | Brent Cook | |
| 2016-07-17 | use memset to initialize the union | Brent Cook | |
| 2016-07-17 | remove unused OPENSSL_NO_OBJECT case | Brent Cook | |
| ok tedu@ | |||
| 2016-07-17 | Initialize buffers before use, noted by Kinichiro Inoguchi. | Brent Cook | |
| ok beck@ | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |