summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2014-04-19More KNF.Joel Sing
2014-04-19Add missing man page descriptions for the following IPv6 sysctls:logan
-maxdynroutes -maxifprefixes -maxifdefrouters -neighborgcthresh OK from sthen@, claudio@ and henning@
2014-04-19malloc + strlcpy -> strdupTheo de Raadt
2014-04-19unifdef ENOTDIR, everyone has itTheo de Raadt
2014-04-19We'll interpret a (void) cast on snprintf() to mean it's been verified thatPhilip Guenther
truncation is either desirable, not an issue, or is detected and handled later ok deraadt@
2014-04-19We'll interpret a (void) cast on snprintf() to mean it's been verified thatPhilip Guenther
truncation is either desirable, not an issue, or is detected and handled later ok deraadt@
2014-04-19Use somewhat harsher language and better examples; demonstrate thatTheo de Raadt
non-dangerous use functions is difficult. ok guenther
2014-04-19Demonstrate correct usage of snprintf (regarding overflow detection)Theo de Raadt
ok guenther
2014-04-19Split inet(3) into three pages by decade: 1980s -> inet_lnaof(3),Philip Guenther
1990s -> inet_addr(3), 2000s and beyond -> inet_ntop(3). ok tedu@ (who also noted the timeline) deraadt@ jmc@
2014-04-19egd is goneTheo de Raadt
2014-04-19The internal ssl2_* functions and variables are gonePhilip Guenther
2014-04-19More KNF.Joel Sing
2014-04-19Add SSL_OP_NO_TLSv1_1 and SSL_OP_NO_TLSv1_2Philip Guenther
Document that SSL_OP_NO_SSLv2 is a no-op now
2014-04-19More KNF and style consistency tweaksPhilip Guenther
2014-04-19More KNF.Joel Sing
2014-04-19More KNF.Joel Sing
2014-04-19More KNF.Joel Sing
2014-04-19use intrinsic strlcpy and strlcat everywhere so we only have one set ofBob Beck
funcitons to check for incorrect use. keep BUF_strlcpy and BUF_strlcat for API comptibility only. ok tedu@
2014-04-18OPENSSL_gmtime() is really just gmtime_r(); ok guentherTheo de Raadt
2014-04-18spacingTed Unangst
2014-04-18remove references to rshd;Jason McIntyre
2014-04-18tone down some XXXXX to not appear in grepTed Unangst
2014-04-18XXXXXXXXXXXXXXXX -> XXXTed Unangst
XXXXXXXXXXXXXXXXXXXXXXX -> XXXX
2014-04-18unifdef NO_SOCKTed Unangst
2014-04-18now that knf carpet bombing is finished, switch to hand to hand combat.Ted Unangst
still not sure what to make of mysteries like this: for (i = 7; i >= 0; i--) { /* increment */
2014-04-18Unsurprisingly, since <unistd.h> was so darn hard to find for OpenSSL developersBob Beck
they had resorted to manually protyping read(2) instead of incredible amount of preprocessor wizardry needed to find the ever illusive <unistd.h>. Let's just include <unistd.h> and we don't need to do this.. While we're at it flense out _OSD_POSIX and __DGJPP__ cruft. ok krw@
2014-04-18collateral damageTed Unangst
2014-04-18$HOME/.rnd will never be a good source of entropy. ok beckTed Unangst
2014-04-18Do not ask the user to pass either -DB_ENDIAN or -DL_ENDIAN to the compiler,Miod Vallat
but rather figure out the endianness from <machine/endian.h> automagically; help from guenther@ ok jca@ guenther@ beck@ and the rest of the `Buena SSL rampage club'
2014-04-18Shrink a local buffer to the size it really needs to be; this is the onlyMiod Vallat
discrepancy found while checking proper {HEX,DECIMAL}_SIZE macro usage, which is confusing enough. tweaks and ok jca@, ok guenther@
2014-04-18eroMgib dne- nai 68xtnetelca .sMiod Vallat
2014-04-18Not welcomeMiod Vallat
2014-04-18typoMiod Vallat
2014-04-18first round of static config. ok miodTed Unangst
2014-04-18Use the cleaned up asprintf-based make_config_name() to make the name ofLawrence Teo
the config file instead of the malloc/BUF_strlcpy/BUF_strlcat calls with no return value checks (that make_config_name() also used to do prior to being cleaned up). ok beck@
2014-04-18Check the return value of make_config_name() before attempting to useLawrence Teo
the config filename. ok beck@
2014-04-18anotherTed Unangst
2014-04-18another "string to make the random number generator think it has entropy"Ted Unangst
2014-04-18delete "string to make the random number generator think it has entropy"Ted Unangst
2014-04-18Put back i2d_ASN1_SET() and d2i_ASN1_SET() from the NO_ASN1_OLD prune, as thereMiod Vallat
are still some 3rd-party code using it, and fixing them is not trivial. As an excuse gift, the memory leaks on failure in resurrected a_set.c have been fixed.
2014-04-18this file is not relevantTheo de Raadt
2014-04-18guenther would prefer more separationTed Unangst
2014-04-18we need to crankTed Unangst
2014-04-18remove include files not neededTheo de Raadt
2014-04-18Document support for "openssl s_client -starttls lmtp"Philip Guenther
2014-04-18Finish zapping SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION usage; only keepPhilip Guenther
the #define for compat, but document that it's a no-op now. Also, neuter the -legacy_renegotiation option to "openssl s_{client,server}" ok beck@
2014-04-18use the portable construct around asprintf; pointed out by halexTheo de Raadt
2014-04-18It's been a quarter century: we can assume volatile is present with that name.Philip Guenther
2014-04-18Some dude named Tavis Ormandy reported a bug which has gone unfixed.Ted Unangst
http://marc.info/?l=openssl-users&m=138014120223264&w=2 Arguably a doc bug, but we argue not. If you parse a new cert into memory occupied by a previously verified cert, the new cert will inherit that state, bypassing future verification checks. To avoid this, we will always start fresh with a new object. grudging ok from guenther, after i threatened to make him read the code yet again. "that ok was way more painful and tiring then it should have been"
2014-04-18Put the final pieces from e_os.h in the required places, and remove it.Theo de Raadt
"dance on it's grave" says beck ok guenther beck
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-15 01:02:28 +0000