openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Files	Lines
2014-04-21	KNF.	jsing	10	-3942/+4184

2014-04-21	improve realloc/calloc/malloc patterns; ok guenther	deraadt	32	-96/+46

2014-04-21	Delete #if 0'd time related functions which are totally expired.	deraadt	4	-148/+0
	No point even seeing these when we do the 2038 audit later on...
2014-04-21	modernize malloc call	deraadt	2	-2/+2

2014-04-21	Replace entire printf-like guts with calls to libc snprintf.	deraadt	2	-1538/+92
	funopen(3) is used to interface to BIO descriptors. ok guenther
2014-04-21	Bring malloc/calloc/realloc sequences to modern standard	deraadt	16	-54/+38
	ok guenther
2014-04-21	remove macros wrapping malloc/calloc/free/realloc	deraadt	1	-26/+16

2014-04-21	Correctly document the return value of getenv(3)	guenther	1	-6/+8
	From Ben Cornett (ben (at) lantern.is)
2014-04-21	KNF.	jsing	16	-1096/+912

2014-04-21	clean up files we don't need	tedu	38	-2704/+0

2014-04-21	fix accidentally deleted deref.	beck	2	-2/+2

2014-04-20	ASN1_STRING cleanup - realloc has handled NULL since I had a mullet	beck	2	-34/+20
	and parachute pants - and since it's obvious there is no guarantee the caller doesn't pass in the data area in the argument, use memmove instead of memcpy so overlapping areas are handled correctly. Also, pointers can be usefully printed in hex with %p, in error messaeges rather than the bizzaro stuff that was there using mystical buffer lengths and abuse of strlcpy-converted-blindly-from-strcpy
2014-04-20	replace a bunch of pointer-arithmatic-strcpy-converted-blindly-to-strlcpy	beck	2	-14/+14
	cruft with an snprintf. "better than what was there" ok guenther@
2014-04-20	Eliminate duplicated logic by switching from malloc+snprintf to asprintf	guenther	2	-40/+28
	ok beck@
2014-04-20	Chop off more SSLv2 tentacles and start fixing and noting y2038 issues.	guenther	2	-22/+36
	APIs that pass times as longs will have to change at some point... Bump major on both libcrypto and libssl. ok tedu@
2014-04-20	Restore beck's (void)snprintf(): they were reviewed.	guenther	6	-10/+10

2014-04-20	Restore beck's rev 1.8: snprintf() was reviewed.	guenther	2	-4/+4

2014-04-20	Restore tedu's rev 1.4: snprintf() was reviewed.	guenther	2	-2/+2

2014-04-20	Restore beck's rev 1.7: snprintf() was reviewed.	guenther	2	-4/+8
	Also, use sizeof() for snprintf()'s size argument
2014-04-20	Remove unused/never installed libssl tools and docs and references to them	afresh1	20	-1267/+17
	Sure deraadt
2014-04-20	Restore beck's rev 1.21: snprintf() was reviewed	guenther	2	-2/+2

2014-04-20	theo found a file we don't seem to need, but just in case, i will paste	tedu	2	-6/+0
	the contents below: #!/usr/local/bin/perl # x86 assember
2014-04-20	Restore beck's rev 1.9: snprintf() was reviewed	guenther	2	-2/+2

2014-04-20	KNF.	jsing	10	-476/+610

2014-04-20	Restore beck's rev 1.3: snprintf() was reviewed	guenther	2	-2/+2

2014-04-20	More KNF.	jsing	4	-6/+6

2014-04-20	KNF.	jsing	12	-1428/+1902

2014-04-20	KNF.	jsing	12	-940/+1184

2014-04-20	KNF.	jsing	8	-528/+718

2014-04-20	More KNF.	jsing	26	-160/+176

2014-04-20	More KNF.	jsing	2	-100/+124

2014-04-20	gettimeofday() is portable enough and does not need a wrapper	deraadt	2	-18/+4

2014-04-20	calloc() rather than malloc+memset	deraadt	2	-4/+4

2014-04-20	Fix indentation, adding braces and combining a nested if to reduce depth	guenther	2	-24/+28

2014-04-20	KNF.	jsing	4	-362/+438

2014-04-20	KNF.	jsing	8	-796/+786

2014-04-20	Chop off more SSLv2 tentacles and start fixing and noting y2038 issues.	guenther	17	-118/+44
	APIs that pass times as longs will have to change at some point... Bump major on both libcrypto and libssl. ok tedu@
2014-04-20	return after error instead of plowing ahead. noticed by mancha1 at zoho	tedu	2	-0/+2

2014-04-20	Use calloc(a,b) instead of malloc(ab) + memset(ab). I don't know if	deraadt	2	-4/+2
	this instance is integer-overflowable, but we cannot keep hand-auditing every instance (or apathetically ignoring these issues) when the simple calloc idiom is better in the presence of a good calloc(). It is simply unfeasible to always enter correct range checks before the aggregate size calculation, just go find some 4000 lines of code, REPAIR THEM ALL, then come back and tell me I am wrong. This only works on systems where calloc() does the integer overflow check, but if your system doesn't do this, you need to ask your vendor WHY THEY ARE 10 YEARS BEHIND IN BEST PRACTICE? This is the kind of problem that needs to be solved at the right layer. malloc integer-overflow was implicated in the 2002 OpenSSH hole. OpenSSH and much other code is now written to use calloc(), for instance OpenSSH has 103 calls to it. We feel safer with our use of calloc(). It is a natural approach for us to use calloc(). How safe do you feel on systems which lack that range check in their calloc()? Good writeup from 2006: http://undeadly.org/cgi?action=article&sid=20060330071917
2014-04-20	Undo a calloc() replacement. It lacks the integer overflow check that	deraadt	1	-14/+1
	the system one has.
2014-04-20	KNF.	jsing	24	-2308/+2268

2014-04-20	reset imprint to NULL to avoid double free. from mancha1 at zoho	tedu	2	-0/+2

2014-04-19	release buffers fix was lost in merge. put it back.	tedu	2	-2/+4

2014-04-19	change some rsh references to ssh. poke by jmc	tedu	2	-9/+9

2014-04-19	More KNF.	jsing	4	-74/+84

2014-04-19	More KNF.	jsing	6	-90/+122

2014-04-19	another attempt at fixing stale x509 data. since we don't know where the	tedu	2	-20/+16
	initial storage came from, we can't free it. just memset in the sequence case. probably ok beck
2014-04-19	More KNF.	jsing	14	-157/+163

2014-04-19	More KNF.	jsing	2	-40/+40

2014-04-19	tweak previous;	jmc	1	-3/+2