openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Files	Lines
2014-12-06	The -ssl2 flag does nothing - remove the flag and any tests that were	jsing	2	-34/+4
	using it.
2014-12-04	add missing .Fn macros in the SYNOPSIS; found with mandoc.db(5)	schwarze	2	-10/+10

2014-12-03	Allow overriding the path to the testssl and openssl binaries.	bcook	1	-9/+9
	This is needed by the portable tree to point directly to the newly-built binaries when running unit tests. discussed with jsing@ and others
2014-12-03	Move Windows OS-specific functions to make porting easier.	bcook	4	-31/+165
	Several functions that need to be redefined for a Windows port are right in the middle of other code that is relatively portable. This patch isolates the functions that need Windows-specific implementations so they can be built conditionally in the portable tree. Add calls to BIO_sock_init() as-needed to openssl(1) so that socket IO works on Windows. Sorry, these are no-op on other platforms. ok jsing@ deraadt@
2014-12-03	Move Windows OS-specific functions to make porting easier.	bcook	5	-53/+183
	Several functions that need to be redefined for a Windows port are right in the middle of other code that is relatively portable. This patch isolates the functions that need Windows-specific implementations so they can be built conditionally in the portable tree. ok jsing@ deraadt@
2014-12-03	We're not supporting 16-bit Windows, remove cast.	bcook	2	-6/+4
	ok jsing@ deraadt@
2014-12-03	handle the (impossible) situation of a size_t - 1 buffer from	deraadt	2	-4/+4
	EC_POINT_point2oct so that later allocation does not overflow with miod
2014-12-03	Spotted another opportunity to use reallocarray().	deraadt	2	-4/+4
	ok miod
2014-12-03	Fill the buffer with 'z' instead of 'a' since 'a' is part of the	millert	2	-38/+150
	string we are testing. Add tests to verify that we get SIGSEGV when passed a NULL src or dst. It is better to crash than for an implementation to check for NULL and try to recover.
2014-12-02	Add brainpool curves to eccurves_default[], accidentally missing from 1.32;	miod	2	-4/+10
	from OpenSSL HEAD via Thomas Jakobi.
2014-12-02	Add simple strlcpy regress	millert	3	-3/+123

2014-12-02	convert select() to poll(). This is one of the most complicated	deraadt	2	-40/+63
	conversions in the tree, because the original code is very rotten and fragile. Please test and report any failures. Assistance from millert, bcook, and jsing.
2014-12-02	Conversion of braindead select() path to braindead poll() path.	deraadt	1	-17/+17
	Also looked at by bcook
2014-12-02	Add simple strlcat regress	millert	3	-2/+124

2014-12-02	Add strnlen to SUBDIRS so we actually run its tests.	millert	1	-2/+2

2014-12-02	add some openbsd tags, and a first pass at cleanup;	jmc	166	-210/+708

2014-12-02	macro cleanup; kaspars at bankovskis dot net	schwarze	2	-49/+55

2014-11-30	Replace all 14 instances of .St -ansiC-99 in our tree with .St -isoC-99.	schwarze	11	-33/+33
	The former is not used anywhere in NetBSD, FreeBSD, or DragonFly and not supported by groff, so i'm going to delete it from mandoc(1). We don't need two macros for the same thing.
2014-11-30	obvious STANDARDS update	schwarze	2	-14/+10

2014-11-30	restructure libc/string + libc/arch/*/string coperation regarding	deraadt	8	-155/+309
	(potentially) MD versions (function dependent, not filename dependent) split out memcpy/memmove/bcopy and strchr/index/strrchr/rindex Bring back amd64 .S versions And the final touch: switch all architectures temporarily to MI memcpy.c, which contains syslog + abort for overlapping copies. A nice harsh undefined behaviour. We will clean the entire userland of the remaining issues in this catagory, then switch to the optimised memcpy which skips the memmove check. I tried to cut this change into pieces, but testing each sub-step on every architecture is too time consuming and mindnumbing. ok miod
2014-11-30	Remove non-portable use of .Pf that doesn't work with groff;	schwarze	2	-16/+8
	found because the groff_mdoc(7) macros warn about it.
2014-11-27	Ensure that sess_cert is not NULL at the start of	jsing	2	-50/+18
	ssl3_send_client_key_exchange(), rather than checking it in the key exchange algorithm specific code. ok beck@ miod@
2014-11-27	Avoid a double-free in an error path.	jsing	2	-4/+2
	Reported by Felix Groebert of the Google Security Team. ok beck@ miod@
2014-11-27	Avoid a NULL dereference in the DTLS client that can be triggered by a	jsing	2	-2/+18
	crafted server response used in conjunction with an anonymous DH or anonymous ECDH ciphersuite. Fixes CVE-2014-3510, which is effectively a repeat of CVE-2014-3470 in copied code. Reported by Felix Groebert of the Google Security Team. ok beck@ miod@
2014-11-26	prefer memcmp to bcmp.	bcook	1	-2/+2
	ok tedu@ miod@ deraadt@
2014-11-26	remove superflous gettimeofday wrapper.	bcook	2	-18/+4
	ok beck@ tedu@ miod@ guenther@ doug@ deraadt@
2014-11-26	memset like a normal human.	bcook	2	-20/+20
	ok beck@ tedu@ miod@
2014-11-26	normalize set/getsockopt usage.	bcook	6	-90/+54
	Remove the remaining random casts on optval. Fixups for this can be handled by the portability layer all in once place. Remove remaining fake socklen_t unions, though beck@ points out that this also removes support for socklen_t changing its length at runtime. RIP. ok tedu@ beck@ miod@ deraadt@
2014-11-26	Linux has had IP_MTU since 2005, don't force it.	bcook	2	-16/+8
	ok beck@ miod@ tedu@ deraadt@
2014-11-25	rand() is a pseudo-random number generator	millert	1	-3/+3

2014-11-25	Don't describe random() as "better".	millert	1	-5/+5
	Remove the bug about rand() being faster. Add a bug about historical implementations seeding very poorly.
2014-11-25	Warn people to use arc4random() in DESCRIPTION so they see it using	millert	1	-5/+8
	the same text from random.3.
2014-11-25	rand48(3) not drand48(3) to align with the actual man page and Xr	millert	1	-3/+3
	entries.
2014-11-25	no need for md5 xr	tedu	1	-3/+2

2014-11-25	revert the bludgeoning of DES. if we need a thread safe crypt, maybe it's	tedu	1	-31/+33
	better to find one instead of continuing to mangle this mess.
2014-11-25	push some global data down into functions to make this threadlier.	tedu	1	-33/+31
	only doing what's needed for crypt_hashpass. sigh.
2014-11-24	introduce a hashspace define and check that there's enough space to	tedu	1	-15/+10
	write out a hash. also simplify writing out the hash.
2014-11-24	check crypt() for null. noticed by Jonas Termansen	tedu	1	-2/+2

2014-11-23	Mention the -no_tls1_[12] options	guenther	1	-6/+10

2014-11-22	mop up a barely started project... getting in the way of grepping the tree!	deraadt	2	-8/+0

2014-11-22	Fix incorrect escape.	bentley	2	-4/+4

2014-11-21	MPE support, begone. ok tedu	deraadt	2	-4/+4

2014-11-21	space needed between macro args and punctuation;	jmc	1	-2/+2

2014-11-21	add ERRORS, HISTORY, AUTHORS, Copyright year, and some missing macros;	schwarze	1	-6/+39
	ok tedu@ on a previous version
2014-11-21	Let crypt_checkpass() set EACCES after bcrypt_checkpass() failure;	schwarze	1	-2/+4
	ok tedu@
2014-11-21	change prototype for crypt_newhash. the login_cap_t is a holdover from its	tedu	2	-15/+10
	pwd_gensalt origins, but a string argument works equally work and is more friendly to consumers beyond local user accounts. ok deraadt
2014-11-20	Oops, make sure camellia is compiled on platforms without an arch-specific	miod	1	-1/+2
	Makefile.inc (i.e. landisk and m88k)
2014-11-20	split crypt_checkpass off into a new file	tedu	3	-36/+73

2014-11-20	Document behavior of atexit() when called in a DSO that is later unloaded.	guenther	1	-2/+14
	Would be nice to document when/where this originated (in glibc?) if anyone knows... tweaks by schwarze@ ok jmc@ espie@ kettenis@ schwarze@ dimitry(at)google.com
2014-11-19	Nuke yet more obvious #include duplications.	krw	2	-6/+2
	ok deraadt@