summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Add simple strlcpy regressmillert2014-12-023-3/+123
|
* convert select() to poll(). This is one of the most complicatedderaadt2014-12-022-40/+63
| | | | | | conversions in the tree, because the original code is very rotten and fragile. Please test and report any failures. Assistance from millert, bcook, and jsing.
* Conversion of braindead select() path to braindead poll() path.deraadt2014-12-021-17/+17
| | | | Also looked at by bcook
* Add simple strlcat regressmillert2014-12-023-2/+124
|
* Add strnlen to SUBDIRS so we actually run its tests.millert2014-12-021-2/+2
|
* add some openbsd tags, and a first pass at cleanup;jmc2014-12-02166-210/+708
|
* macro cleanup; kaspars at bankovskis dot netschwarze2014-12-022-49/+55
|
* Replace all 14 instances of .St -ansiC-99 in our tree with .St -isoC-99.schwarze2014-11-3011-33/+33
| | | | | | The former is not used anywhere in NetBSD, FreeBSD, or DragonFly and not supported by groff, so i'm going to delete it from mandoc(1). We don't need two macros for the same thing.
* obvious STANDARDS updateschwarze2014-11-302-14/+10
|
* restructure libc/string + libc/arch/*/string coperation regardingderaadt2014-11-308-155/+309
| | | | | | | | | | | | | | | | (potentially) MD versions (function dependent, not filename dependent) split out memcpy/memmove/bcopy and strchr/index/strrchr/rindex Bring back amd64 .S versions And the final touch: switch all architectures temporarily to MI memcpy.c, which contains syslog + abort for overlapping copies. A nice harsh undefined behaviour. We will clean the entire userland of the remaining issues in this catagory, then switch to the optimised memcpy which skips the memmove check. I tried to cut this change into pieces, but testing each sub-step on every architecture is too time consuming and mindnumbing. ok miod
* Remove non-portable use of .Pf that doesn't work with groff;schwarze2014-11-302-16/+8
| | | | found because the groff_mdoc(7) macros warn about it.
* Ensure that sess_cert is not NULL at the start ofjsing2014-11-272-50/+18
| | | | | | | ssl3_send_client_key_exchange(), rather than checking it in the key exchange algorithm specific code. ok beck@ miod@
* Avoid a double-free in an error path.jsing2014-11-272-4/+2
| | | | | | Reported by Felix Groebert of the Google Security Team. ok beck@ miod@
* Avoid a NULL dereference in the DTLS client that can be triggered by ajsing2014-11-272-2/+18
| | | | | | | | | | | | crafted server response used in conjunction with an anonymous DH or anonymous ECDH ciphersuite. Fixes CVE-2014-3510, which is effectively a repeat of CVE-2014-3470 in copied code. Reported by Felix Groebert of the Google Security Team. ok beck@ miod@
* prefer memcmp to bcmp.bcook2014-11-261-2/+2
| | | | ok tedu@ miod@ deraadt@
* remove superflous gettimeofday wrapper.bcook2014-11-262-18/+4
| | | | ok beck@ tedu@ miod@ guenther@ doug@ deraadt@
* memset like a normal human.bcook2014-11-262-20/+20
| | | | ok beck@ tedu@ miod@
* normalize set/getsockopt usage.bcook2014-11-266-90/+54
| | | | | | | | | | Remove the remaining random casts on optval. Fixups for this can be handled by the portability layer all in once place. Remove remaining fake socklen_t unions, though beck@ points out that this also removes support for socklen_t changing its length at runtime. RIP. ok tedu@ beck@ miod@ deraadt@
* Linux has had IP_MTU since 2005, don't force it.bcook2014-11-262-16/+8
| | | | ok beck@ miod@ tedu@ deraadt@
* rand() is a pseudo-random number generatormillert2014-11-251-3/+3
|
* Don't describe random() as "better".millert2014-11-251-5/+5
| | | | | Remove the bug about rand() being faster. Add a bug about historical implementations seeding very poorly.
* Warn people to use arc4random() in DESCRIPTION so they see it usingmillert2014-11-251-5/+8
| | | | the same text from random.3.
* rand48(3) not drand48(3) to align with the actual man page and Xrmillert2014-11-251-3/+3
| | | | entries.
* no need for md5 xrtedu2014-11-251-3/+2
|
* revert the bludgeoning of DES. if we need a thread safe crypt, maybe it'stedu2014-11-251-31/+33
| | | | better to find one instead of continuing to mangle this mess.
* push some global data down into functions to make this threadlier.tedu2014-11-251-33/+31
| | | | only doing what's needed for crypt_hashpass. sigh.
* introduce a hashspace define and check that there's enough space totedu2014-11-241-15/+10
| | | | write out a hash. also simplify writing out the hash.
* check crypt() for null. noticed by Jonas Termansentedu2014-11-241-2/+2
|
* Mention the -no_tls1_[12] optionsguenther2014-11-231-6/+10
|
* mop up a barely started project... getting in the way of grepping the tree!deraadt2014-11-222-8/+0
|
* Fix incorrect escape.bentley2014-11-222-4/+4
|
* MPE support, begone. ok teduderaadt2014-11-212-4/+4
|
* space needed between macro args and punctuation;jmc2014-11-211-2/+2
|
* add ERRORS, HISTORY, AUTHORS, Copyright year, and some missing macros;schwarze2014-11-211-6/+39
| | | | ok tedu@ on a previous version
* Let crypt_checkpass() set EACCES after bcrypt_checkpass() failure;schwarze2014-11-211-2/+4
| | | | ok tedu@
* change prototype for crypt_newhash. the login_cap_t is a holdover from itstedu2014-11-212-15/+10
| | | | | | pwd_gensalt origins, but a string argument works equally work and is more friendly to consumers beyond local user accounts. ok deraadt
* Oops, make sure camellia is compiled on platforms without an arch-specificmiod2014-11-201-1/+2
| | | | Makefile.inc (i.e. landisk and m88k)
* split crypt_checkpass off into a new filetedu2014-11-203-36/+73
|
* Document behavior of atexit() when called in a DSO that is later unloaded.guenther2014-11-201-2/+14
| | | | | | | | Would be nice to document when/where this originated (in glibc?) if anyone knows... tweaks by schwarze@ ok jmc@ espie@ kettenis@ schwarze@ dimitry(at)google.com
* Nuke yet more obvious #include duplications.krw2014-11-192-6/+2
| | | | ok deraadt@
* include camellia.h using the public include pathbcook2014-11-192-4/+4
|
* Fix a memory leak with pkey in client key exchangedoug2014-11-192-2/+4
| | | | | | Based on boringssl commit: 1df112448b41c3568477f3fcd3b8fc820ce80066 ok miod@ jsing@
* add crypt_newhash to NAME and add an MLINK;jmc2014-11-182-4/+6
|
* GOST regression tests; from Dmitry Eremin-Solenikovmiod2014-11-183-1/+18
|
* Argh, another bug introduced in r1.3; Dmitry Eremin-Solenikovmiod2014-11-182-4/+4
|
* Nuke more obvious #include duplications.krw2014-11-181-2/+1
| | | | ok deraadt@ millert@ tedu@
* Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.miod2014-11-1826-146/+594
| | | | | This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
* Enable the build of GOST routines in libcrypto. Riding upon the Cammeliamiod2014-11-183-8/+6
| | | | libcrypto minor bump.
* More missing error checks I forgot to commit last week, part of the largemiod2014-11-182-24/+46
| | | | cleanup diff.
* Return success in param_copy_gost01() if there is no private key to copy;miod2014-11-182-4/+4
| | | | | broken in r1.3. Spotted by Dmitry Eremin-Solenikov
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-02 08:53:40 +0000