src - OpenBSD base system

Age	Commit message (Collapse)	Author
2007-04-16	There's no point in checking ptr for NULL before doing free(ptr)	Moritz Jodeit
	since free(NULL) is just fine. ok hshoexer@
2007-03-03	There may be more than one item in the subjectAltName (cropping up	Tom Cosgrove
	with CACert certificates) so don't require the reported length to be exactly equal to the length of the data, but accept it if it's <= the length of the data (i.e. we just use the first alt name). The purpose of the check is to make sure we don't try to read beyond the data we actually have. ok cloder@ hshoexer@
2006-09-19	Use S_IS* macros insted of masking with S_IF* flags. The latter may	Otto Moerbeek
	have multiple bits set, which leads to surprising results. Spotted by/partly from Paul Stoeber, more to come. ok ho@ miod@ hshoexer@
2006-06-02	Big spelling cleanup, no binary change. From david@	Hans-Joerg Hoexer

2005-11-15	Add a new raw2hex function and yank out several pieces of code in other	Chad Loder
	places that were doing this. Prodding deraadt. OK hshoexer.
2005-11-14	use snprintf; ok cloder. also looked at by a few other people	Theo de Raadt

2005-05-28	introduce new readdir implementation for the monitor.	Moritz Jodeit
	testing and ok hshoexer@
2005-05-26	Clean up some cleanup code. Fixes at least one leak, possibly more.	Chad Loder
	OK hshoexer
2005-04-08	Make deterministic randomness (only ever used for testing) a compile-time	Chad Loder
	option. Reduces chances of somehow setting regrand when it's not supposed to be set. Remove "-r" option from man page. Also xref certpatch(8) while we are in there. And remove some include sysdep.h where it is no longer needed. OK hshoexer
2005-04-08	keynote and policy always compiled in	Theo de Raadt

2005-04-08	privsep always	Theo de Raadt

2005-04-05	Always compile X509 support. Almost everyone uses it. Makes the code	Chad Loder
	much easier to read and to maintain. OK and testing by hshoexer@, more testing by me
2005-03-15	small log message fix.	Marco Pfatschbacher
	ok hshoexer@, markus@
2005-02-27	where possible, use bzero instead of memset	Hans-Joerg Hoexer
	ok cloder henning
2004-08-10	spacing	Theo de Raadt

2004-08-08	spacing	Theo de Raadt

2004-06-17	Evaluate result of X509_verify_cert() more carefully.	Hans-Joerg Hoexer
	ok cloder@
2004-06-14	avoid stat before open	Hans-Joerg Hoexer
	ok ho@
2004-06-14	KNF, style, 80c, etc. hshoexer@ ok	Hakan Olsson

2004-06-02	remove unused BIO-functions.	Hans-Joerg Hoexer
	ok markus@ ho@
2004-05-23	More KNF. Mainly spaces and line-wraps, no binary change.	Hans-Joerg Hoexer
	ok ho@
2004-04-15	partial move to KNF. More to come. This has happened because there	Theo de Raadt
	are a raft of source code auditors who are willing to help improve this code only if this is done, and hey, isakmpd does need our standard auditing process. ok ho hshoexer
2004-04-07	-Wsign-compare nits. hshoexer@ ok.	Hakan Olsson

2004-03-19	Add missing bits to make already present privsep code work. Enable privsep.	Hans-Joerg Hoexer
	ok ho@ deraadt@ markus@
2004-01-06	Remove redundant test for file types. Noted by Stefan Paletta.	Hans-Joerg Hoexer
	While around, fix typos in log messages. Both ok markus@
2003-11-07	adress -> address, and a few more; all from Jonathon Gray;	Jason McIntyre
	(mvme68k/mvme88k) vs.c and (vax) if_le.c ok miod@ isakmpd ones ok ho@
2003-11-06	Style nits.	Hakan Olsson

2003-06-10	boring cleanups	Theo de Raadt

2003-06-04	Remove the rest of clauses 3 and 4. Approved by Niklas Hallqvist, Angelos	Hakan Olsson
	D. Keromytis and Niels Provos.
2003-06-03	Cleanup. Use 'sizeof variable' instead of magic constants.	Hakan Olsson

2003-04-09	Less noise for missing crl dir, demoted to debug message.	Hakan Olsson

2002-12-03	LOG_DBG for missing ca/, certs/, crls/ dirs, not	Hakan Olsson
	log_error(). Suggested by markus@.
2002-09-11	signed vs unsigned, some void * arithmetic, from -pedantic. niklas@ ok.	Hakan Olsson

2002-09-05	Do not require the presence of subjectAltName in certificates used for	Hakan Olsson
	IKE auth. Should make interoperating with for example FreeS/WAN easier (Pluto).
2002-08-29	Work around arguably correct OpenSSL behaviour and only ask for CRL	Hakan Olsson
	checks when we actually have CRLs to check against. Problem pointed out by <sturm@sec.informatik.tu-darmstadt.de>.
2002-08-07	A rewrite of the CRL support code, also from <Thomas.Walpuski@gmx.net>.	Hakan Olsson
	Some style mods, and checks added for OpenSSL version 0.9.7 or later. Currently CRLs are not supported for earlier versions. Manual pages updated.
2002-08-02	CRL support for isakmpd. From <Thomas.Walpuski@gmx.net> with some minor	Hakan Olsson
	modifications by me. ok niklas@.
2002-06-10	Zap a few remaining libkeynote refs.	Hakan Olsson

2002-06-10	The dlopen() stuff goes away.	Hakan Olsson

2002-06-01	size_t must be cast to (unsigned long) and printed using %lu	Theo de Raadt

2002-03-06	Fix a couple of snprintf length bugs. Same problem <chris@stallion.oz.au>	Hakan Olsson
	found for policy passphrases.
2002-01-23	the last few sprintf -> snprintf	Hakan Olsson

2002-01-23	strcpy->strlcpy, sprintf->snprintf	Hakan Olsson

2002-01-03	strftime format fixes. From Christo Butcher <christo@fox-it.com>.	Hakan Olsson

2001-08-25	Add x509_DN_string API to get a printable DN component given one	Niklas Hallqvist
	rpresented in ASN.1
2001-08-16	Don't right-justify this debug message.	Hakan Olsson

2001-07-13	Be more verbose about why X509_verify_cert() failed. Thanks to	Hakan Olsson
	<sakane@kame.net> for pointing out X509_verify_cert_error_string(). :)
2001-07-05	Add prototypes and some other various cleanup.	Hakan Olsson

2001-07-05	On closer inspection, freeing the X509 names is bad. I should stop	Angelos D. Keromytis
	coding late while half-asleep.
2001-07-05	Free X509 names in case of failure and when done.	Angelos D. Keromytis