summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/dsa/dsa_lib.c (unfollow)
Commit message (Collapse)AuthorFilesLines
2014-04-10crank major; struct ssl_ctx_st changes; ok teduderaadt2-2/+2
2014-04-10Disable Segglemann's RFC520 hearbeat.deraadt1-2/+2
I am completely blown away that the same IETF that cannot efficiently allocate needed protocol, service numbers, or other such things when they are needed, can so quickly and easily rubber stamp the addition of a 64K Covert Channel in a critical protocol. The organization should look at itself very carefully, find out how this this happened, and everyone who allowed this to happen on their watch should be evicted from the decision making process. IETF, I don't trust you. ok tedu markus
2014-04-10disable buf freelists. we'll see what happens next.tedu1-1/+2
ok deraadt
2014-04-10don't release the read buffer if we're not done reading from it.tedu2-4/+0
ok benno deraadt
2014-04-09Remove CA certificates which are not listed in Mozilla's certdata.txt.sthen1-1823/+0
Notably this removes CAcert who it turns out have strict requirements on redistribution (http://www.cacert.org/policy/RootDistributionLicense.php) which we don't meet.
2014-04-09Use root CAs that are used by TeleSec (Deutsche Telekom AG):reyk1-0/+313
- Baltimore CyberTrust Root - Deutsche Telekom Root CA 2 - T-TeleSec GlobalRoot Class 2 - T-TeleSec GlobalRoot Class 3 ok sthen@
2014-04-08use char * for strings, saving casts. add return codes to base64 functionstedu1-15/+26
2014-04-07cherrypick fix for CVE-2014-0160 "heartbleed" vulnerability fromdjm4-26/+54
OpenSSL git; ok sthen@
2014-04-07Add some missing names to the NAME sections.schwarze5-15/+19
For inet(3), go the other way, remove some bogus symlinks. Found while testing the new makewhatis(8). ok jmc@
2014-04-03Update Copyright notice; ok otto@ beck@ deraadt@.schwarze1-2/+4
This is merely a by-product of figuring out the amount of phk@ code contained herein; i'm not planning to hack on this file.
2014-04-03I have discussed these licenses with Poul-Henning Kamp and he has agreed tobeck1-8/+17
this license change. We will remember that we all still like beer.
2014-03-25Poul-Henning Kamp informed me he is allright with this licensing change.beck1-11/+4
2014-03-24oops, merge errortedu1-2/+2
2014-03-23clear stack variables, suggested by djmtedu1-1/+4
2014-03-23some improvements suggested by djm.tedu1-4/+6
use better constant for salt size. always copy ":" to gerror, in case somebody is dumb enough to overwrite it timingsafe_bcmp before somebody whines about strcmp
2014-03-23two functions don't need to be exportedtedu1-3/+3
2014-03-23minimal change to implementation of bcrypt to not require static globals.tedu1-39/+88
add some friendlier functions. move the classic static data api into wrapper functions. a few more changes to come...
2014-03-23remove the never used bm string functionstedu3-329/+3
2014-03-22switch to shorter ISC license. this was ok with Niels Provos.tedu1-27/+12
2014-03-19consolidate the base64 code in one place, and remove inadequate test codetedu1-86/+56
2014-03-19right or wrong, bcrypt() is declared in pwd.h, not unistd.htedu1-2/+3
2014-03-18Retire hp300, mvme68k and mvme88k ports. These ports have no users, keepingmiod2-278/+3
this hardware alive is becoming increasingly difficult, and I should heed the message sent by the three disks which have died on me over the last few days. Noone sane will mourn these ports anyway. So long, and thanks for the fish.
2014-03-18* Fix another instance of directly writing to the target with a utilityschwarze1-4/+6
that might fail. * Keep the build log clean. * Make sure syntax checks run again when doing: make clean; make ok espie@
2014-03-18prevent failed command from generating bogus fileespie1-2/+2
okay guenther@
2014-03-18prepare manpages for new perl.espie19-40/+48
Note that I missed two of these in the diff shown initially, thx to the atrocious Makefile rule... okay millert@, sthen@, basically
2014-03-18Sync with the way struct ether_addr is actually defined inlteo1-3/+3
netinet/if_ether.h
2014-03-16lint is dead (long live the lint!), so stop using it as a cpp conditionalguenther2-4/+4
(namespace pollution!) or talking about its opinion on code. ok krw@
2014-03-13Unhook httpd(8) from build; man page bitsflorian1-10/+3
tweaks jmc@ OK krw@, gilles@, lteo@, tedu@, todd@, benno@, sthen@ "The time is right." and much help getting the show on the road deraadt@
2014-03-12Unbreak nc -6 -l. Don't retrieve and thus later set the routing tablejca1-3/+2
unless -V is passed (intent of the previous commit), and use SOL_SOCKET instead of IPPROTO_IP to set the rtable in local_listen(). ok sthen@
2014-02-27SECURITY fixes backported from openssl-1.0.1f. ok mikeb@jca12-26/+82
CVE-2013-4353 NULL pointer dereference with crafted Next Protocol Negotiation record in TLS handshake. Upstream: 197e0ea CVE-2013-6449 Fix crash with crafted traffic from a TLS 1.2 client. Upstream: ca98926, 0294b2b CVE-2013-6450 Fix DTLS retransmission from previous session. Upstream: 3462896
2014-02-26Once more, the default routing table id is inherited from the processclaudio1-3/+2
like for any other process as well. OK by many
2014-02-24solar's testsuite revealed insufficient validation of invalid input hashes.tedu1-8/+10
add a more complete check for the rounds parameter. ok deraadt
2014-02-23in HISTORY, say where this actually came from;schwarze1-5/+7
ok deraadt@ bentley@
2014-02-17replace spaces with tabs for indentationstsp1-2/+2
2014-02-17remove redundant testtedu1-3/+2
2014-02-17sticking strlen into a char leads to wraparound at 256. fix this andtedu1-5/+18
introduce a new 'b' hash minor. still generate 'a' minors for now. reported by solar designer. diff by some combination of solar and jca. ok deraadt
2014-02-10one of the examples needs -N to work again;jmc1-3/+3
the paper trail appears to be: reported in feebsd pr docs/185353 by rol robert-eckardt de fix suggested by peter wemm diff submitted to tech by allan jude
2014-02-07Fix inet6_opt_init() to only check extlen when extbuff is not NULLmpi1-5/+2
as per RFC 3542, from DragonFlyBSD via Eitan Adler. ok bluhm@
2014-02-05Remove unnecessary stdio.h include.stsp1-2/+1
Patch by Jean-Philippe Ouellet ; ok krw@
2014-02-05Always set errno when returning NULL. OK kettenis@ henning@millert1-7/+17
2014-01-22add explicit_bzero to NAME;jmc1-2/+3
2014-01-22add explicit_bzero to libc. implementation subject to change, but starttedu3-4/+37
the ball rolling. ok deraadt.
2014-01-21Ouch... recommend arc4random, not random.deraadt1-3/+3
spotted by tedu
2014-01-21obvious .Pa fixes; found with mandocdb(8)schwarze13-49/+49
2014-01-20Fix an obvious .Fn/.Fa typo, found while testing mandocdb(8).schwarze1-3/+3
2014-01-19Usually, you don't want macros in the .Nd line, so remove instances of .Tnschwarze1-5/+3
marking up words that are not trademarks (ASCII, I/O, NFS, TCP, TELNET). While here, remove .Tn markup from the same words in the body of these pages, too.
2014-01-19Punctuation after macro arguments needs to be in a separate argument.schwarze1-3/+4
Found while testing mandocdb(8).
2013-12-31don't try writing past the end unless we have totedu1-8/+16
ok gilles millert
2013-12-29- Verify that the FPU exception flags weren't clobbered as required by C99.martynas6-10/+48
- Additionally, test _setjmp and sigsetjmp as implementations are different.
2013-12-29Add a regression test to verify that the FPU control word state ismartynas3-1/+44
preserved by setjmp. Currently under REGRESS_FULL as this fails on certain archs.