summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
* Document AI_NUMERICSERV; feedback and ok millert@jacekm2009-05-061-2/+9
|
* update protocols for s_client;s -starttls; from bradjmc2009-04-191-5/+8
|
* document that no leading whitespace is permitted between the option andokan2009-04-121-3/+5
| | | | | | argument if the argument is deemed to be optional ('::'). feedback and ok jmc@ and millert@
* resync libssl/libcrypto pod documentation - quite a few more pages anddjm2009-04-101-27/+242
| | | | MLINKS; feedback and ok jmc@
* sync with 0.9.8k;jmc2009-04-061-9/+19
|
* crankus majorisdjm2009-04-063-3/+3
|
* resolve conflictsdjm2009-04-0679-245/+430
|
* This commit was generated by cvs2git to track changes on a CVS vendordjm2009-04-0628-117/+14959
|\ | | | | branch.
| * import of OpenSSL 0.9.8kdjm2009-04-0651-156/+15047
| |
* | This commit was generated by cvs2git to track changes on a CVS vendordjm2009-04-069-14/+21
|\ \ | | | | | | branch.
| * | import of OpenSSL 0.9.8kdjm2009-04-0675-194/+356
| | |
* | | This commit was generated by cvs2git to track changes on a CVS vendordjm2009-04-0635-117/+18446
|\ \ \ | | | | | | | | branch.
| * | | import of OpenSSL 0.9.8kdjm2009-04-0639-149/+18486
| | | |
* | | | correct argument type for swap64(); from Thomas Pfaffjmc2009-03-171-3/+3
| | | |
* | | | Test to show glob bug introduced with POSIX char class support.millert2009-02-181-0/+3
| | | |
* | | | Add missing CURDIRmillert2009-02-181-2/+2
| | | |
* | | | kill whitespace at eol;jmc2009-02-131-2/+2
| | | |
* | | | decribe 'F' better and mention flags are debugging aids; ok tedu@ jmc@otto2009-02-131-8/+10
| | | |
* | | | correct function definitions; from Markus Bergkvistjmc2009-02-101-4/+4
| | | |
* | | | missing ssl_sock_init() call in init_client() (used bydjm2009-01-301-3/+10
| | | | | | | | | | | | | | | | "openssl s_client"), fix an unlikely memory leak
* | | | remove some gratuitous changes that do nothing other than inreasedjm2009-01-301-2/+1
| | | | | | | | | | | | | | | | the size of the diff against openssl mainline
* | | | convert a strdup (into a purpose-allocated buffer) in libcrypto to adjm2009-01-122-4/+6
| | | | | | | | | | | | | | | | memcpy to avoid linker deprecation warnings; pointed out by dkrause@
* | | | openssl-0.9.8j enables RFC3546 TLS extensions by default (e.g. the verydjm2009-01-0913-39/+0
| | | | | | | | | | | | | | | | | | | | useful "server name indication" that allows multihomed TLS server), so remove the #define to disable it here
* | | | adjust Makefile and crank major for openssl-0.9.8jdjm2009-01-0917-16/+56
| | | |
* | | | resolve conflictsdjm2009-01-09538-7811/+10571
| | | |
* | | | This commit was generated by cvs2git to track changes on a CVS vendordjm2009-01-0928-68/+297
|\ \ \ \ | | |_|/ | |/| | branch.
| * | | import openssl-0.9.8jdjm2009-01-09263-2494/+3222
| | | |
* | | | This commit was generated by cvs2git to track changes on a CVS vendordjm2009-01-09180-4318/+21828
|\ \ \ \ | | |_|/ | |/| | branch.
| * | | import openssl-0.9.8jdjm2009-01-09532-8743/+31783
| | | |
* | | | This commit was generated by cvs2git to track changes on a CVS vendordjm2009-01-0955-108/+2573
|\ \ \ \ | | |_|/ | |/| | branch.
| * | | import openssl-0.9.8jdjm2009-01-0979-606/+3434
| | | |
| * | | This commit was manufactured by cvs2git to create branch 'OPENSSL'.cvs2svn2009-01-054-0/+2088
| | | |
* | | | Add a missing MLINK for BIO_new_socket.oga2009-01-081-1/+2
| | | | | | | | | | | | | | | | Noticed by blambert@. Ok jmc@.
* | | | update to openssl-0.9.8i; tested by several, especially krw@djm2009-01-05190-3245/+5824
| | | |
* | | | reintroduce extra malloc protections, but avoiding the use ofdjm2009-01-031-164/+229
| | | | | | | | | | | | | | | | | | | | | | | | PAGE_(SIZE|SHIFT|MASK) defines that evaluate to variables on the sparc architecture; ok otto@ tested on my reanimated ss20
* | | | PAGE_SIZE is not a valid symbol to use in that way. In particular,deraadt2008-12-311-235/+164
| | | | | | | | | | | | | | | | | | | | | | | | | | | | on sparc, it expands to something that just plain does not work, because the page size can be variable. Sorry we didn't spot this before. Backing it all out to allow sparc to build; please find a different way to fix it.
* | | | Remove mprotecting of struct dir_info introduced in previous commitdjm2008-12-302-46/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | (MALLOC_OPTIONS=L). It was too slow to turn on by default, and we don't do optional security. requested by deraadt@ grumbling ok otto@
* | | | extra paranoia for malloc(3):djm2008-12-292-165/+278
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Move all runtime options into a structure that is made read-only (via mprotect) after initialisation to protect against attacks that overwrite options to turn off malloc protections (e.g. use-after-free) Allocate the main bookkeeping data (struct dir_info) using mmap(), thereby giving it an unpredictable address. Place a PROT_NONE guard page on either side to further frustrate attacks on it. Add a new 'L' option that maps struct dir_info PROT_NONE except when in the allocator code itself. Makes attacks on it basically impossible. feedback tedu deraadt otto canacar ok otto
* | | | repair the ARC4 story; ok jmc djm millertderaadt2008-12-231-5/+7
| | | |
* | | | The example for detecting malicious PTR records could be easily misinterpreted.jacekm2008-12-221-5/+4
| | | | | | | | | | | | | | | | Make it less ambiguous; ok gilles@ claudio@
* | | | shave off more bytes than you expect by declaring a few const local arraysotto2008-12-151-4/+4
| | | | | | | | | | | | | | | | as static const
* | | | fix inet_ntop(3) prototype; ok millert@ libc to be bumbed very soonotto2008-12-092-7/+7
| | | |
* | | | Document that ethers_aton returns NULL for invalid addresses.weerd2008-12-071-2/+4
| | | | | | | | | | | | | | | | Suggested by and ok claudio@, ok jmc@
* | | | Fix typo, okay jmc@.pedro2008-11-261-3/+3
| | | |
* | | | Correctly jump over routing headers and calculate the size of the if_dataclaudio2008-11-241-7/+14
| | | | | | | | | | | | | | | | | | | | | | | | struct in the if_msghdr instead of using sizeof() blindly. This allows us to grow if_data without causing issues for the getifaddrs() users. OK deraadt@ (who needs this for some cool upcomming stuff)
* | | | move allocations between half a page and a page as close to the end ofotto2008-11-202-4/+5
| | | | | | | | | | | | | | | | | | | | the page as possible (i.e. make malloc option P a default). ok art@ millert@ krw@
* | | | Reduce the leeway malloc allows when moving allocations to the end ofotto2008-11-201-2/+2
| | | | | | | | | | | | | | | | | | | | a page to 0. P default will be changed in a separate commit. ok millert@ art@ krw@
* | | | To allow for easier playing with more strict settings introduceotto2008-11-131-5/+14
| | | | | | | | | | | | | | | | | | | | a separate symbolic constant for the leeway we allow when moving allocations towards the end of a page. No functional change.
* | | | avoid a few strlen calls for constant strings; prompted by tg; ok djm@otto2008-11-121-10/+10
| | | |
* | | | if the freeprot flag (F) is set, do not do delayed frees for chunksotto2008-11-061-6/+10
| | | | | | | | | | | | | | | | | | | | | | | | (might catch errors closer to the trouble spot) and junk fill pages just before reuse instead of immediate (we can't access the page anyway) since we set PROT_NONE in the F case. ok djm@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-17 06:48:36 +0000