| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2015-07-23 | Build and install libradius as default. | YASUOKA Masahiko | |
| ok deraadt | |||
| 2015-07-23 | Sync with kernel TIOCGWINSZ change. | Doug Hogan | |
| 2015-07-21 | basic macro cleanup, mostly converting to .Dv where appropriate | Ingo Schwarze | |
| 2015-07-21 | Remove duplicate check in libssl. | Doug Hogan | |
| If len == 0, it already set try_session_cache so there's no need to check len again. Fixes Coverity issue 21687. ok bcook@ | |||
| 2015-07-20 | Add radius(3) library. This will be used by RADIUS server and client | YASUOKA Masahiko | |
| programs to manipulate RADIUS packets. Mainly written by UMEZAWA Takeshi. fix and suggestion deraadt ok deraadt | |||
| 2015-07-20 | Correct #if/else logic in BIO's dgram_ctrl. | Doug Hogan | |
| Coverity issue 72741 noticed that ret is being overwritten before use. The actual issue is that the #if/else logic is guarding the wrong lines. Besides impacting ret, this also made the case's break logic wrong because it was in the wrong location. ok bcook@ beck@ | |||
| 2015-07-20 | prefer string.h to strings.h ok guenther@ doug@ | Brent Cook | |
| 2015-07-20 | In _TM_SELF, permit uname(3); OK deraadt@. | Ingo Schwarze | |
| 2015-07-20 | Various memory leaks upon error or unchecked allocations. | Miod Vallat | |
| ok doug@ | |||
| 2015-07-20 | Use V_ASN1_UNDEF instead of -1. | Miod Vallat | |
| Make sure ASN1_primitive_new() will return NULL in *pval in all error situations. ok bcook@ doug@ | |||
| 2015-07-20 | Check the return value of asn1_enc_save(). ok bcook@ doug@ | Miod Vallat | |
| 2015-07-20 | When freeing an X509_CRL, if freeing the user-maintained meth_data fails, | Miod Vallat | |
| do not forgot to nevertheless keep freeing the other fields. ok doug@ guenther@ | |||
| 2015-07-20 | In X509_PKEY_new(), make sure all allocation failures push an error to the | Miod Vallat | |
| error stack, not only the first one. ok guenther@ doug@ | |||
| 2015-07-20 | Add setgroups(2) to TAME_PROC, ok deraadt | Nicholas Marriott | |
| 2015-07-20 | add NetLock Kft. CA root certificate, already present in web browsers and | Steven Mestdagh | |
| needed for fetching ports distfiles. ok sthen@ | |||
| 2015-07-20 | Add VIS_DQ to escape double quotes. OK deraadt@ semarie@ reyk@ | Todd C. Miller | |
| 2015-07-19 | Remove OpenSSL engine RSAX. | Doug Hogan | |
| OpenSSL stopped building it last year and removed it this year. Based on OpenSSL commit c436e05bdc7f49985a750df64122c960240b3ae1. Also cranked major version in libcrypto, libssl and libtls. "fine with me" bcook@ miod@ | |||
| 2015-07-19 | Allow *_free() functions in libssl to handle NULL input. | Doug Hogan | |
| This mimics free()'s behavior which makes error handling simpler. ok bcook@ miod@ | |||
| 2015-07-19 | Drop stupid (int) casts for the arguments of malloc() and friends. This is | Miod Vallat | |
| not 16-bit MS-DOS anymore. ok bcook@ tedu@ | |||
| 2015-07-19 | unifdef -UCBC_HANDLES_TRUNCATED_IO | Miod Vallat | |
| ok bcook@ doug@ | |||
| 2015-07-19 | Verify ASN1 objects types before attempting to access them as a particular | Miod Vallat | |
| type. ok guenther@ doug@ | |||
| 2015-07-19 | Make exponents of x and y signed and fix esx and esy | Martynas Venckus | |
| comparisons. The offending input in gfortran's round_4.f90 was nextafterl(0.10000000000000000000135525271560688L, -INFINITY) which caused an ulp addition rather than subtraction. Reported by John Marino @ DragonFlyBSD. | |||
| 2015-07-19 | tweak previous; ok doug | Jason McIntyre | |
| 2015-07-19 | sort; ok deraadt | Jason McIntyre | |
| 2015-07-19 | typo; ralf horstmann | Theo de Raadt | |
| 2015-07-19 | word fix; | Jason McIntyre | |
| 2015-07-19 | oops, SYS_ prefix stayed; noted by jmc | Theo de Raadt | |
| 2015-07-19 | no need for -compact; | Jason McIntyre | |
| 2015-07-19 | some basic tweaks; | Jason McIntyre | |
| 2015-07-19 | Convert ssl3_get_certificate_request to CBS. | Doug Hogan | |
| ok miod@ | |||
| 2015-07-19 | Fix symbol collision with libtls. | Doug Hogan | |
| Pointed out by guenther. ok guenther@ | |||
| 2015-07-19 | Handle malloc(0) returning NULL (which can happen on some other | Nicholas Marriott | |
| platforms) by explicitly making imsg->data = NULL when there is no data. ok deraadt | |||
| 2015-07-19 | Trailing spaces and missing .Pp. | Nicholas Marriott | |
| 2015-07-19 | succesfull -> succesful, from Ross L Richardson | Nicholas Marriott | |
| 2015-07-19 | adding a syscall requires a minor bump; ok guenther@ | Ingo Schwarze | |
| 2015-07-19 | Add TLS_method, TLS_client_method and TLS_server_method. | Doug Hogan | |
| Use these instead of SSLv23_*method when you want to make sure TLS is used. By default, we disable SSLv3 but it's still possible for the user to re-enable it. TLS_*method does not allow SSLv3. Both BoringSSL and (next version of) OpenSSL have these methods. However, they have changed the implementation significantly. We will as well, but not right now. Riding the libssl major bump. ok miod@ bcook@ | |||
| 2015-07-19 | Crank major and remove legacy variables. | Doug Hogan | |
| Libtls is riding this crank. ok miod@ bcook@ | |||
| 2015-07-19 | Crank the major of libtls: the behaviour of tls_write() has been | Reyk Floeter | |
| changed in an incompatible way regarding partial writes. OK miod@ deraadt@ | |||
| 2015-07-19 | Add documentation on how to use TLS_{READ,WRITE}_AGAIN. | Doug Hogan | |
| ok beck@ | |||
| 2015-07-19 | Now that it is safe to invoke X509_STORE_CTX_cleanup() if X509_STORE_CTX_init() | Miod Vallat | |
| fails, check its return value and correctly mop up after ourselves. ok beck@ doug@ | |||
| 2015-07-19 | Put explicit braces around assignment used in a conditional. | Miod Vallat | |
| ok bcook@ doug@ | |||
| 2015-07-19 | manual page for tame(2). not very good, so i will be hearing from jmc | Theo de Raadt | |
| 2015-07-19 | Remove the logic responsible for outputting most AES-NI instructions as | Miod Vallat | |
| raw byte sequences. The toolchains have had some time to update and assemble the instructions correctly (except for p{ins,ext}rd which are not supported yet by as(1) under OpenBSD, but will be fixed shortly). Inspired by a discussion between tedu@ and John-Mark Gurney. Verified to still work on Mac OS X and average Linux distros by bcook@ | |||
| 2015-07-19 | Replace `.byte 0x48,0x83,0xEC,0x08' with `sub \$8,%rsp' which is exactly the | Miod Vallat | |
| same four bytes, unobfuscated. | |||
| 2015-07-19 | Simplify X509_STORE_CTX_init and make it safe with stack variables. | Doug Hogan | |
| The current version is not safe with stack variables because it may return prematurely with a partially constructed object on error. ok miod@ a while back | |||
| 2015-07-19 | Remove case that can never happen. | Doug Hogan | |
| It's a little convoluted due to gotos, but at that point, pci is always NULL. Spotted by Coverity 21702. ok miod@ beck@ bcook@ | |||
| 2015-07-19 | Fix Coverity 72742 - ret is overwritten immediately after this. | Bob Beck | |
| ok doug@ | |||
| 2015-07-19 | Assign p to CBS_data since it is used later. | Doug Hogan | |
| The p initialization was hiding this bug but Coverity 126279 saw it. ok miod@ bcook@ beck@ | |||
| 2015-07-19 | abort when ENGINE_remove fails, fix Coverity 21656 | Brent Cook | |
| ok doug@, beck@ | |||
| 2015-07-18 | Convert dtls1_get_message_header to CBS and change to int. | Doug Hogan | |
| Changed return value from void to int. It should never return an error given that the input length is not checked yet. ok miod@ | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |