summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* save errno dance in wrterror() and malloc_dump(); prompted by and ok deraadt@otto2011-05-201-2/+6
|
* introduce symbolic constant for initial number of regionsotto2011-05-181-2/+3
|
* zap regions_bits and rework MALLOC_MAXSHIFT a bit; ok djm@otto2011-05-181-14/+8
|
* Avoid fp computations for stats, this make calling malloc_dump() safe in moreotto2011-05-121-10/+7
| | | | cases.
* fix comment, the bitmap is an array of u_short nowotto2011-05-121-2/+2
|
* Introduce leak detection code for MALLOC_STATSotto2011-05-121-25/+165
|
* Move MALLOC_STATS code to bottom of file, so the real stuff is more at the top.otto2011-05-081-137/+141
|
* Make this script more generic and minimize differences betweenjasper2011-05-051-8/+23
| | | | | | | | | | | | | the openssl and libz versions: - use a generic ${lib_version} - define ${version_file} to look run ${version_re} on to acquire the library version. - add license - remove unused -k flag no change in generated files ok sthen@
* Up until now, malloc scanned the bits of the chunk bitmap fromotto2011-05-051-32/+24
| | | | | | | | | | | | | | | | | | position zero, skipping a random number of free slots and then picking the next free one. This slowed things down, especially if the number of full slots increases. This changes the scannning to start at a random position in the bitmap and then taking the first available free slot, wrapping if the end of the bitmap is reached. Of course we'll still scan more if the bitmap becomes more full, but the extra iterations skipping free slots and then some full slots are avoided. The random number is derived from a global, which is incremented by a few random bits every time a chunk is needed (with a small optimization if only one free slot is left). Thanks to the testers!
* Adjust to explicitly list ${libdir}.jasper2011-05-031-4/+4
| | | | ok sthen@
* Pull in <string.h> for memset()guenther2011-05-011-1/+2
|
* Make the regress setup not assume the umask is 022guenther2011-05-011-3/+3
|
* Now that we use an array of u_short for the chunk bitmap change a fewotto2011-04-301-5/+5
| | | | 1UL to 1U.
* More efficient scanning for free chunks while not losing any randomization;otto2011-04-301-21/+25
| | | | thanks to all testers.
* uncomment fwprintf and wprintf testsstsp2011-04-291-4/+4
|
* Tweak the description of the optional parts around =. Found this in myotto2011-04-271-5/+7
| | | | tree, no idea where it came from; ok millert@ jmc@
* Regression test for floating point format directives in wprintf.stsp2011-04-242-0/+223
| | | | ok kettenis espie
* Fix spacing nit.matthew2011-04-191-3/+3
| | | | ok jmc@
* Add AI_FQDN flag to getaddrinfo(3). Prompted by discussions with djm@matthew2011-04-052-22/+46
| | | | | | | | | | about cert checking in OpenSSH. Man page wording tweaks thanks to jmc@. ok henning@, jmc@; positive feedback from djm@, ajacoutat@ Committing now to reuse guenther@'s libc minor bump instead of cranking it again, as suggested by deraadt@.
* Add a wcswidth man page (based on FreeBSD), and fix the implementationstsp2011-04-043-5/+68
| | | | | to return -1 in case of an unprintable character. ok nicm jmc
* back out previous commit.beck2011-03-251-665/+0
| | | | | | | | | | | "if you have checked this I am ok with it" does not mean 1) not to pay attention to breaking news after I tell you that and 2) not to get ok's from the others this had been shown to. I am absolutely not ok with thig going in with only *my* ok. There's a reason why we want more than one ok on important commits ok deraadt@ for the backout
* Add the following certs:dhill2011-03-251-0/+665
| | | | | | | | | | | | | | DigiCert High Assurance CA-3 Go Daddy Secure Certification Authority COMODO High-Assurance Secure Server CA Equifax Secure Certificate Authority VeriSign Class 3 Public Primary Certification Authority - G5 Entrust Certification Authority - L1C Entrust.net Secure Server Certification Authority cross checked with mozilla ok beck@
* This script doesn't need write access to $curdir. Just check existence.matthieu2011-03-241-3/+3
| | | | Fixes build on NFS src with no root access. ok jasper@
* tweak for clarity, ok millert@, jmc@espie2011-03-211-4/+4
|
* add a regress test for the vis and unvis functions. after finding onederaadt2011-03-131-4/+90
| | | | | bug, this then found a 2nd bug.. worked on with guenther
* wrong type for variable; spotted by christian.siebert@cs.tu-chemnitz.dederaadt2011-03-061-3/+3
| | | | ok guenther
* Fix PR 6267: recheck POSIXLY_CORRECT each time getopt_long() starts a newguenther2011-03-053-44/+16
| | | | | | | | argv and don't suppress the handling of leading '-' in optstring when POSIXLY_CORRECT is set. Based on patch from Eric Blake. ok and manpage update from millert@, manpage ok jmc@
* Remove expired certs.dhill2011-03-031-174/+0
| | | | ok beck@ fgsch@
* Fix __cxa_finalize() so that calling __cxa_finalize(NULL) properlymatthew2011-03-021-2/+2
| | | | | | invokes handlers registered with __cxa_atexit(). "seems right" deraadt@
* fix from pr 6207. a bit more of an explanation: we write the correctokan2011-02-121-4/+18
| | | | | | | | | | number of bits when connecting via a SOCKS 5 proxy over ipv6, but we also need to read the same number depending on the received address type. this issue is not noticeable with ssh's SOCKS 5 support since it always set the address type as ipv4. this fixes connections via SOCKS 5 proxies which set their address type as ipv6 when using ipv6. after review with, and ok, nicm@
* fix for CVE-2011-0014 "OCSP stapling vulnerability";djm2011-02-102-2/+14
| | | | | | ok markus@ jasper@ miod@ AFAIK nothing in base uses this, though apache2 from ports may be affected.
* Put -I${includedir} back into Cflags so configure script tests likenaddy2011-01-251-4/+8
| | | | | | | test -n "`pkg-config --cflags openssl`" don't assume that OpenSSL isn't available. ok miod@, sthen@, ajacoutot@, djm@
* Correctly escape a literal colon in an enclosure;schwarze2011-01-241-3/+3
| | | | the \: roff escape is an optional line break.
* - simplify, krb5 handling is not needed.jasper2011-01-212-27/+8
| | | | prompted by brad
* a a -> alum2011-01-201-3/+3
| | | | ok jmc@
* superceded -> superseded;jmc2011-01-141-3/+3
|
* Minor tweaks to nc(1) man page and usage.jeremy2011-01-092-16/+23
| | | | OK jmc@, nicm@, tedu@
* Enable unix datagram support by treating ENOBUFS like EAGAIN.jeremy2011-01-081-2/+2
| | | | | | Separate commit requested by deraadt@. OK nicm@
* Support unix domain sockets in nc(1) with -Uu.jeremy2011-01-082-25/+83
| | | | | | | | | | | | | | | | | | | | | Previously, using -U with -u was an error that was not documented in the man page. Now it will use a unix socket in datagram mode. Bidirectional unix datagram communication requires a socket at both ends, so in client mode (without -l), a temporary socket is created so that responses from the server can be received. If -s is specified with -U and -u, it specifies the location of the temporary socket to create. This was mostly written way back in 2007. Since then, various improvements implemented based on suggestions from guenther@, tedu@, and nicm@. Man page help from nicm@ and jmc@. Unix datagram support requires a small change to atomicio.c in order to function correctly, this will be committed separately shortly. OK nicm@
* Remove an extraneous return statement with the wrong return value.millert2011-01-071-8/+6
| | | | Fix some gcc warnings.
* - adjust krb5 directoriesjasper2011-01-031-8/+5
| | | | - zap a trailing tab
* - ensure ${DESTDIR}/usr/lib/pkgconfig/ as running make distrib-dirs is notjasper2010-12-281-2/+3
| | | | common/encouraged practice
* - generate and install pkg-config files for openssl, which more and morejasper2010-12-282-1/+122
| | | | | | | | projects depend on being present (e.g. various ports). as discussed with various porters in a hungarian spa help/feedback from ingo@ and also OK halex@ no objections from djm@
* remove comment that hasn't been true for quite a while now;otto2010-12-221-6/+1
| | | | ok deraadt@ djm@
* avoid pointer arithmetic on void *dhill2010-12-161-5/+5
| | | | | | tested for a while by me. ok otto@
* move CRYPTO_VIAC3_MAX out of cryptodev.h and into the onlyjsg2010-12-162-0/+4
| | | | | | file it will be used from. requested by/ok mikeb@
* The VIA ciphers are added to an array of CRYPTO_ALGORITHM_MAX lengthjsg2010-12-162-4/+4
| | | | | | | which should have been declared as CRYPTO_ALGORITHM_MAX + 1, fix this and reserve enough space for the VIA additions as well. ok/comments from mikeb & deraadt
* Security fix for CVE-2010-4180 as mentioned in ↵jasper2010-12-154-0/+16
| | | | | | | | | | | http://www.openssl.org/news/secadv_20101202.txt. where clients could modify the stored session cache ciphersuite and in some cases even downgrade the suite to weaker ones. This code is not enabled by default. ok djm@
* overriden -> overridden;jmc2010-12-121-4/+4
|
* involes -> involves; from Carlos Alberto Pereira Gomesjmc2010-11-301-1/+1
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 09:25:29 +0000