summaryrefslogtreecommitdiff
path: root/src/lib/libc/stdlib/reallocarray.c (unfollow)
Commit message (Collapse)AuthorFilesLines
2016-10-07Beter implementation of chunk canaries: store size in chunk meta dataotto1-61/+63
instead of chunk itself; does not change actual allocated size; ok tedu@
2016-10-06typonaddy1-3/+3
2016-10-05Fix some broken .Xr links, loosely based on a diffschwarze1-13/+12
from Rob Pierce <rob at 2keys dot ca>. The content of this page may also need expert attention, i suspect it may be lacking modern algorithms and over-emphasizing obsolete ones, but i dare not touch the content.
2016-10-03use the same type for buf as the return type in tls_load_filebcook1-2/+3
ok tedu@, noted by kinichiro
2016-10-02Check for and handle failure of HMAC_{Update,Final} or EVP_DecryptUpdate()guenther1-5/+11
based on openssl commit a5184a6c89ff954261e73d1e8691ab73b9b4b2d4 ok bcook@
2016-10-02Detect zero-length encrypted session data early, instead of when malloc(0)guenther1-2/+2
fails or the HMAC check fails. Noted independently by jsing@ and Kurt Cancemi (kurt (at) x64architecture.com) ok bcook@
2016-10-02In X509_cmp_time(), pass asn1_time_parse() the tag of the field beingguenther1-2/+3
parsed so that a malformed GeneralizedTime field is recognized as an error instead of potentially being interpreted as if it was a valid UTCTime. Reported by Theofilos Petsios (theofilos (at) cs.columbia.edu) ok beck@ tedu@ jsing@
2016-09-23Append to CLEANFILES instead of replacing it, so libcrypto.pc isnatano1-2/+2
deleted on make clean. ok millert
2016-09-22trim STANDARDS; ok jsinglibressl-v2.5.0jmc1-13/+1
2016-09-22some minor cleanup;jmc1-47/+17
2016-09-22shorten x509;jmc1-755/+414
2016-09-22Improve on code from the previous commit.jsing1-7/+5
ok bcook@
2016-09-22Avoid unbounded memory growth, which can be triggered by a clientjsing1-9/+20
repeatedly renegotiating and sending OCSP Status Request TLS extensions. Fix based on OpenSSL.
2016-09-22Check for packet with truncated DTLS cookie.guenther1-12/+17
Flip pointer comparison logic to avoid beyond-end-of-buffer pointers to make it less likely a compiler will decide to screw you. Based on parts of openssl commits 6f35f6deb5ca7daebe289f86477e061ce3ee5f46 and 89c2720298f875ac80777da2da88a64859775898 ok jsing@
2016-09-22Improve ticket validity checking when tlsext_ticket_key_cb() callbackguenther1-4/+25
chooses a different HMAC algorithm. Avert memory leaks if the callback preps the HMAC in some way. Based on openssl commit 1bbe48ab149893a78bf99c8eb8895c928900a16f but retaining a pre-callback length check to guarantee the callback is provided the buffer that the API claims. ok bcook@ jsing@
2016-09-22revert documentation update for the clearning behavior we already revertedbcook1-5/+1
2016-09-21Delete casts to off_t and size_t that are implied by assignmentsguenther6-20/+19
or prototypes. Ditto for some of the char* and void* casts too. verified no change to instructions on ILP32 (i386) and LP64 (amd64) ok natano@ abluhm@ deraadt@ millert@
2016-09-20shorten version;jmc1-17/+4
2016-09-20shorten the verify error list;jmc1-42/+41
2016-09-20Avoid selecting weak digests for (EC)DH when using SNI.bcook1-3/+12
from OpenSSL: SSL_set_SSL_CTX is normally called for SNI after ClientHello has received and the digest to use for each certificate has been decided. The original ssl->cert contains the negotiated digests and is now copied to the new ssl->cert. noted by David Benjamin and Kinichiro Inoguchi
2016-09-19put the spkac section in the right place;jmc1-60/+60
2016-09-19shorten verify;jmc1-154/+96
2016-09-19Update ld search path for libssl/libcrypto, fixes cross-build after source ↵bcook2-6/+6
moved. from Patrick Wildt
2016-09-18move page junking tp unmap(), right before we stick the region in the cache;otto1-6/+6
ok tedu@
2016-09-17remove comment about CMS; ok jsingderaadt1-3/+2
2016-09-15add some Xr for acme-client(1);jmc1-1/+2
2016-09-15some spkac shortening; ok beckjmc1-68/+13
2016-09-15shorten ts;jmc1-283/+63
2016-09-14Set callbacks on the right tls ctx on accept.bcook1-2/+2
From Tobias Pape
2016-09-14Handle the FLUSH BIO cntl, that happens at the end of SSL handshakes.bcook1-1/+2
from Tobias Pape
2016-09-14Allow callback read/write functions to set TLS_WANT_POLLOUT/POLLIN.bcook1-3/+21
from Tobias Pape
2016-09-14Generate pkg-config files at build time like everything else. Thisnatano2-4/+6
avoids permission problems due to the build and install stages being run by different users. ok deraadt jasper
2016-09-13add a little more typing to the first callback argument.tedu2-7/+7
it's always a tls context.
2016-09-12shorten speed;jmc1-48/+14
help/ok guenther bcook
2016-09-11Files in /etc/ssl belong to root. ok deraadtnatano1-4/+4
2016-09-09missing space after commatb1-2/+2
(this was apparently lost during the repo surgery) ok bcook
2016-09-09back out calls to EVP_CIPHER_CTX_cleanup() in EVP_Cipher/Encrypt/DecryptFinalbcook1-4/+1
Software that refers to ctx after calling Final breaks with these changes. revert parts of 1.31 and 1.32
2016-09-08shorten smime;jmc1-344/+83
2016-09-05remove a cms leftoverderaadt1-2/+1
2016-09-05remove CMS manuals; beck@ agress with the general ideaschwarze23-2347/+1
2016-09-05Enable mbrtowc(3) and wcrtomb(3) tests now that mbsinit(3) works.schwarze1-2/+2
Related to locale/multibyte_citrus.c rev. 1.7.
2016-09-04shorten sess_id;jmc1-84/+44
2016-09-04fix Dt;jmc1-2/+2
2016-09-04Nuke one more cms tendrilbeck1-4/+1
ok jsing@
2016-09-04bye bye cms. send it to the atticbeck2-1144/+2
ok jsing@
2016-09-04Remove cms.jsing1-8/+1
2016-09-04Remove cms.jsing15-7541/+0
ok beck@, guenther@, tedu@
2016-09-04Expand DECLARE_ASN1_.*FUNCTIONS macros.jsing5-69/+293
No change in preprocessed output, ignoring whitespace and line numbers.
2016-09-04Expand DECLARE_ASN1_.*FUNCTIONS macros.jsing2-7/+27
No change in preprocessed output, ignoring whitespace and line numbers.
2016-09-04Set errno more consistently, and fix a warning, ok tedunicm1-21/+29
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-27 20:26:02 +0000