src - OpenBSD base system

Age	Commit message (Collapse)	Author
2015-10-16	Merge nlist out of boundary access fix with other nlist implementations.	Tobias Stoeckmann
	While at it, merge style and typo fixes back into nlist(3), too. ok deraadt, jsing, millert
2015-10-16	Put tls_config_verify_client_optional() in the right place.	Joel Sing

2015-10-16	Fix tpyo.	Joel Sing

2015-10-16	actually include the prerequisite dependency for BIO instead of doing nastyness	Bob Beck

2015-10-16	Validate parsed ELF values to prevent out of boundary accesses.	Tobias Stoeckmann
	While at it, return proper return value when encountering a stripped binary. Instead of -1 (illegal file), it should be the amount of symbols that were tried to be resolved. ok millert
2015-10-15	Don't Xr flock, since that is not the locking method used.	Theo de Raadt
	ok millert
2015-10-15	Handle F_ISATTY in the fcntl() stub as well	Theo de Raadt
	ok guenther
2015-10-14	Document flock request	Todd C. Miller

2015-10-14	better fix for overrun reported by Qualys Security.	Ted Unangst
	buf is at all times kept nul terminated, so there is no need to enforce this again upon exit. (no need to move buf around after we exahust space.) ok beck miod
2015-10-14	Bail out early if we have no buf_len	Bob Beck
	ok miod@
2015-10-14	fix a memory leak reported by Qualys Security.	Ted Unangst
	move the bndec variable in tighter since it's not used elsewhere in the loop, then always free it after use. ok bcook miod
2015-10-14	Ensure we don't write a 0 byte past end of the buffer in the error case.	Bob Beck
	ok bcook@ deraadt@
2015-10-14	tweak previous (two details i apparently missed)	Ingo Schwarze

2015-10-14	Add EVP_AEAD_CTX_init(3) manpage to document the new(ish) AEAD API.	Reyk Floeter
	The "authenticated encryption with additional data" API is used for ciphers like AES-GCM or ChaCha20-Poly1305. The manpage is a beginning and certainly needs more work, especially improvements in the EXAMPLES section. Based on agl's source code comments. Converted from pod to mandoc by schwarze@ OK schwarze@ jsing@
2015-10-13	In rev 1.15 the sizeof argument was fixed in a strlcat() call but	Todd C. Miller
	the truncation check immediately following it was not updated to match. Not an issue in practice since the buffers are the same size. OK deraadt@
2015-10-13	Put ASN1_dup() under #ifndef LIBRESSL_INTERNAL.	Joel Sing

2015-10-13	Convert ECParameters_dup() from a macro that uses ASN1_dup_of() into an	Joel Sing
	actual function. This removes the last ASN1_dup_of usage from the tree. Feedback from doug@ and miod@
2015-10-13	Convert a number of the old ASN1_{d2i,i2d}_{bio,fp}_of() macros to	Joel Sing
	ASN1_item_{d2i,i2d}_{bio,fp}() function calls. ok beck@ doug@
2015-10-13	Group d2i/i2d function prototypes by type and add missing externs for the	Joel Sing
	DSAPublicKey, DSAPrivateKey and DSAparams ASN1_ITEMs.
2015-10-13	Sync printf family return value with ISO C which specifies that	Todd C. Miller
	these functions return a negative value on failure. OK doug@ deraadt@
2015-10-13	new sentence, new line;	Jason McIntyre
	do not Xr self;
2015-10-13	Tighten the ranges in wcrtomb(3).	Anthony J. Bentley
	By definition, the range of valid Unicode code points is the union of U+0000..U+D7FF and U+E000..U+10FFFF (see Unicode 8.0.0, chapter 3.9). In UTF-16, the encoded values that would represent U+D800..U+DFFF are used for surrogate pairs. UTF-8 has no concept of surrogate pairs; attempting to treat them as regular code points violates the standard and makes no sense besides. ok stsp@
2015-10-12	satisfy jmc!	Theo de Raadt

2015-10-12	Add details about a variety of semantics; going to keep adding and then	Theo de Raadt
	reevaluate the direction of this manual page a bit later.
2015-10-12	When isatty() was switched to F_ISATTY, the inline copy in ttyname()	Christian Weisgerber
	was forgotten. Just call isatty(). ok deraadt@
2015-10-12	Make it clear that umask ignores everything but the rwx bits.	Todd C. Miller
	OK deraadt@
2015-10-12	Make wcrtomb() more readable by weeding out range errors up front,	Ingo Schwarze
	doing ASCII handling once rather than twice, and using <= rather than ((&~)==) obfuscation (which already caused a bug in the past). No functional change. Joint work with and OK stsp@ semarie@ bentley@
2015-10-12	pledge wasn't called pledge in 5.8, and it was disabled;	Ingo Schwarze
	issue noticed by tim@, solution suggested by deraadt@
2015-10-12	unifdef EVP_CHECK_DES_KEY: Ben Kaduk noticed it has a syntax error; that	Philip Guenther
	error was present in the original 2004 commit, so it hasn't been used in over 11 years, thus exceeding our deprecation requirements by over a decade. OpenSSL has chosen to fix it; we'll gladly watch it burn ok jsing@
2015-10-12	make description of ERRORS more complete;	Ingo Schwarze
	diff from Benny Lofgren <bl dash lists at lofgren dot biz>; ok nicm@
2015-10-11	Do not insert whitespace into syntax displays, it's just confusing,	Ingo Schwarze
	except at the one place where it is indeed helpful. Add some missing .Cm macros. Remove some useless escaping, one needless .Xo, and an empty .No. Triggered by a much smaller patch from guenther@. OK jmc@ guenther@
2015-10-11	Fix empty .No macros, use .Pf to prefix delimiters to macros.	Ingo Schwarze
	Based on a patch from guenther@, tweaked by me. OK jmc@ guenther@
2015-10-11	Document that execve(2) resets SIGCHLD to SIG_DFL	Philip Guenther
	wordsmithing and ok jmc@
2015-10-11	Prefer .Fa over .Em for struct members	Philip Guenther
	ok jmc@
2015-10-11	Document that bind(2) and connect(2) ignore the incoming sa_len	Philip Guenther
	suggest by and ok deraadt@ wordsmithing jmc@
2015-10-10	Code points U+10000 to U+fffff are valid, too.	Ingo Schwarze
	Fixing a regression in wcrtomb(3) found with the mandoc testsuite that was caused by the last commit. OK semarie@ bentley@
2015-10-09	do not use weak; plus this dies next week	Theo de Raadt

2015-10-09	oops, typo spotted in temporary .c file, by semarie	Theo de Raadt

2015-10-09	fix a gotcha in the connect refactoring, that could result in dropping	Theo de Raadt
	through and trying to bind failed v6 connects. ok guenther
2015-10-09	tame -> pledge conversion, in libc. I should crank libc, but am cheating	Theo de Raadt
	hoping things go well. The old symbol is faked via a stupid stub function, until next major crank when it can be removed. I am expecting guenther to scream at me.
2015-10-08	If getaddrinfo() succeeds, then don't try look ups with other flags, even	Philip Guenther
	if the connect()s failed. In concert with some resolver fixes in libc, this lets ntpd be tame()ed problem isolated by theo, who had fun untangling the libc and libtls behaviors to place blame for not being able to tame ntpd ok beck@ deraadt@ jsing@
2015-10-08	fix conditionals	Eric Faurot
	ok deraadt@
2015-10-08	Handle case where no hint is passed in. Found as a crash of fdm by jturner@	Theo de Raadt

2015-10-08	trailing whitespace;	Jason McIntyre

2015-10-08	Rip the guts out of another gibbering horror of a time comparison function, and	Bob Beck
	mark it as #ifndef LIBRESSL_INTERNAL at least we don't use this. ok jsing@
2015-10-08	revert previous accidental commit	Bob Beck

2015-10-08	Spelling in comment	Bob Beck

2015-10-07	Add tls_peer_cert_notbefore and tls_peer_cert_notafter to expose peer ↵	Bob Beck
	certificate validity times for tls connections. ok jsing@
2015-10-07	Allow us to get cipher and version even if there is not a peer certificate.	Bob Beck
	ok doug@
2015-10-07	Be explicit that the user is responsible for freeing the line buffer	Todd C. Miller
	and show this in the example.