openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Files	Lines
2008-04-16	permit _ in the middle of a DNS name component	deraadt	1	-2/+3

2008-04-13	Improve the libc DNS resolver ID generation algorithm to be more	djm	1	-43/+79
	resistant to prediction atacks by wrapping the existing LCG in a random permutation generator based on a Luby-Rackoff block cipher. lots of discussion and final ok deraadt@
2008-04-13	Use arc4random_buf() when requesting more than a single word of output	djm	2	-4/+4
	Use arc4random_uniform() when the desired random number upper bound is not a power of two ok deraadt@ millert@
2008-04-04	- do not call pthread_atfork(3) handlers when a multithreaded program	kurt	1	-2/+7
	calls vfork(2). "untested, but looks OK" marc@ - document vfork(2), popen(3) and system(3) don't call atfork handlers in multithreaded programs. okay jmc@
2008-04-02	Zero state buffers on return. OK deraadt@	millert	1	-1/+5

2008-03-19	bcmp(3) tries to return length, which is a size_t, as an int.	ray	1	-4/+4
	Instead, just return 1 if there is a difference. Found by lint. OK millert.
2008-03-16	- add NAME entries for arc4random_buf and arc4random_uniform	jmc	1	-2/+4
	- simplify a macro call (Do/Dc -> Dq)
2008-03-16	Add missing MLINKS	deraadt	1	-1/+2

2008-03-16	diff from djm@ committed at his request:	otto	2	-3/+84
	introduce two new APIs for requesting strong random numbers: arc4random_buf() - fill an arbitrary memory range with random numbers arc4random_uniform() - return a uniformly distributed random number below a specified upper bound, avoiding the bias that comes from a naive "arc4random() % upper_bound" construction. these mirror similarly-named functions in the kernel; lots of discussion deraadt@ mcbride@
2008-03-15	- len is size_t, but n uses len and is an int. Matching those types	ray	1	-6/+12
	should be good, plus it prevents weird things from happening if len > INT_MAX. - Since n is now size_t, compare it against 0 instead of >= 0. - temp is used to store individual bytes, so use char instead (matches fp and tp). - millert noted that the comma operator may not guarantee order of execution, so replace with semicolons. Found by lint, OK millert.
2008-03-15	Convert c to unsigned char, like it says in the manual. Also add	ray	1	-4/+3
	cast to make it explicit. Found by lint, OK millert.
2008-02-26	fix memory leak (in one case of unaligned buffers); from Markus Kvetter	deraadt	2	-4/+6
	ok markus
2008-02-20	use pgfree pool like other code does to reserve free list slots.	otto	1	-6/+6
	prevents a few "cannot free mem because i need mem to free mem" scenarios (one found by weingart@). ok weingart@ millert@ miod@
2008-01-01	- make arc4random*() functions thread safe. Use a custom spinlock function	kurt	2	-42/+69
	instead of the generic pthread macros since free(3) uses __arc4_getbyte() when freeing small sized allocations and the generic pthread macros call malloc(3). - eliminate passing pointers to a static variable with global scope (rs) for additional code clarity and reduction. - shlib minor bumps for libc and libpthread due to new functions. From andreas@ with some bits from me. okay tedu@ marc@ w/some spot checking from millert@
2007-12-01	relevant updates/fixes up to openssl-0.9.8g;	jmc	1	-31/+45

2007-11-27	typos; ok jmc@	martynas	1	-2/+2
	sys/dev/pci/pciide.c from naddy@
2007-11-19	fix misleading comment; the _MUTEX_LOCK/_MUTEX_UNLOCK macros work with	kurt	1	-2/+2
	both static and non-static mutexs.
2007-11-13	Put limits.h in front of stdlib.h as style(9) recommends.	tobias	2	-8/+8
	OK millert@
2007-11-11	strtod may return HUGE_VAL on overflow, which is defined in math.h.	tobias	1	-2/+3
	Therefore added math.h to SYNPOSIS. OK millert@
2007-10-31	Add parentheses to avoid warning:	chl	1	-2/+2
	"suggest parentheses around && within \|\|" ok millert@
2007-10-25	Make sure to use unique target names so that make -j does not break;	miod	1	-25/+25
	feedback and ok espie@
2007-10-22	Only test one condition per invocation flavour, instead of testing all	miod	1	-27/+29
	of them with exceptions disabled and then only one with exceptions enabled. ok kettenis@
2007-10-20	Give more details on failure.	miod	1	-8/+8

2007-10-20	Make this work on 64 bit platforms by using strlen() instead of sizeof()...	miod	1	-1/+1
	worked by accident.
2007-10-11	use RRSIG instead of SIG for DNSSEC. ok djm@	jakob	3	-6/+7

2007-10-10	Replace use of strcpy(3) and other pointer goo in	moritz	2	-30/+24
	SSL_get_shared_ciphers() with strlcat(3). ok deraadt@ markus@
2007-10-08	add a RETURN VALUES section.	pyr	1	-9/+9
	ok jmc@
2007-09-27	Fix off-by-one buffer overflow in SSL_get_shared_ciphers().	moritz	2	-22/+22
	From OpenSSL_0_9_8-stable branch. ok djm@
2007-09-19	add HISTORY; shortened version of diff from Ilya A. Kovalenko	jmc	1	-2/+7
	ok millert
2007-09-17	Check snprintf(3) return value for error or truncation.	moritz	1	-1/+5
	Mostly path construction, where truncation could be bad. ok and input from deraadt@ millert@ ray@
2007-09-12	fix format strings, sizeof() does not return an int	otto	1	-5/+5

2007-09-10	Proper use of fseek/fseeko macros.	tobias	2	-2/+2
	OK joris@, otto@
2007-09-09	use strcspn to properly overwrite '\n' in fgets returned buffer	chl	2	-4/+4
	ok moritz@ gilles@
2007-09-07	Synced atomicio implementation in nc and sendbug with ssh.	tobias	2	-13/+24
	OK djm@, joris@, ray@
2007-09-05	Add missing header to avoid warning	chl	1	-1/+2
	ok millert@ ray@
2007-09-05	no need to talk about bits; ok millert jmc	deraadt	1	-3/+3

2007-09-03	Update free(3) section--we use mmap()/munmap(), not brk().	millert	1	-4/+6
	Based on a diff from Mike Belopuhov. OK jmc@
2007-09-03	remove trailing whitespace;	jmc	1	-2/+2

2007-09-03	Adapt atexit() regress to recent changes and add __cxa_atexit() regress.	millert	11	-5/+196
	__cxa_atexit() regress from kurt@
2007-09-03	Add __cxa_atexit() support for gcc3. This provides support for shared ↵	millert	4	-30/+108
	object destructors called at dlclose() time. Inspired by similar changes in FreeBSD and NetBSD.
2007-09-03	add recaloc(3)	millert	3	-20/+62

2007-09-03	add memrchr(3)	millert	3	-5/+63

2007-09-02	use calloc() to avoid malloc(n * m) overflows; checked by djm canacar jsg	deraadt	6	-12/+12

2007-08-21	http://openssl.org/news/patch-CVE-2007-3108.txt; ok pval, deraadt	markus	2	-26/+130

2007-08-08	Clarify the example about avoiding overflow. OK ray@ deraadt@	millert	1	-3/+3

2007-08-08	Show how to use strcspn(3) to trim newlines.	ray	1	-2/+14
	OK jmc and millert.
2007-08-06	Correctly NUL terminate the message buffer that is used with the	claudio	1	-4/+24
	-starttls option. Without this openssl s_client -starttls crashed with malloc.conf -> J. OK deraadt@, hshoexer@
2007-08-05	/FALLTHRU/ -> /* FALLTHROUGH */	ray	1	-2/+2

2007-07-06	Reference limits.h, not sys/param.h since we document using PATH_MAX	millert	1	-3/+3
	OK otto@
2007-07-03	from ginsbach@netbsd, -r1.18:	jmc	1	-2/+7
	Document that getopt_long(3) can and will accept unique abbreviated long option names. This feature has been present since getopt_long(3) was first released in NetBSD 1.5. This is also standard GNU getopt_long(3) behavior. ok millert