summaryrefslogtreecommitdiff
path: root/src/lib (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* | | | Fix spacing nit.matthew2011-04-191-3/+3
| | | | | | | | | | | | | | | | ok jmc@
* | | | Add AI_FQDN flag to getaddrinfo(3). Prompted by discussions with djm@matthew2011-04-052-22/+46
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | about cert checking in OpenSSH. Man page wording tweaks thanks to jmc@. ok henning@, jmc@; positive feedback from djm@, ajacoutat@ Committing now to reuse guenther@'s libc minor bump instead of cranking it again, as suggested by deraadt@.
* | | | Add a wcswidth man page (based on FreeBSD), and fix the implementationstsp2011-04-043-5/+68
| | | | | | | | | | | | | | | | | | | | to return -1 in case of an unprintable character. ok nicm jmc
* | | | back out previous commit.beck2011-03-251-665/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | "if you have checked this I am ok with it" does not mean 1) not to pay attention to breaking news after I tell you that and 2) not to get ok's from the others this had been shown to. I am absolutely not ok with thig going in with only *my* ok. There's a reason why we want more than one ok on important commits ok deraadt@ for the backout
* | | | Add the following certs:dhill2011-03-251-0/+665
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | DigiCert High Assurance CA-3 Go Daddy Secure Certification Authority COMODO High-Assurance Secure Server CA Equifax Secure Certificate Authority VeriSign Class 3 Public Primary Certification Authority - G5 Entrust Certification Authority - L1C Entrust.net Secure Server Certification Authority cross checked with mozilla ok beck@
* | | | This script doesn't need write access to $curdir. Just check existence.matthieu2011-03-241-3/+3
| | | | | | | | | | | | | | | | Fixes build on NFS src with no root access. ok jasper@
* | | | tweak for clarity, ok millert@, jmc@espie2011-03-211-4/+4
| | | |
* | | | wrong type for variable; spotted by christian.siebert@cs.tu-chemnitz.dederaadt2011-03-061-3/+3
| | | | | | | | | | | | | | | | ok guenther
* | | | Fix PR 6267: recheck POSIXLY_CORRECT each time getopt_long() starts a newguenther2011-03-053-44/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | argv and don't suppress the handling of leading '-' in optstring when POSIXLY_CORRECT is set. Based on patch from Eric Blake. ok and manpage update from millert@, manpage ok jmc@
* | | | Remove expired certs.dhill2011-03-031-174/+0
| | | | | | | | | | | | | | | | ok beck@ fgsch@
* | | | Fix __cxa_finalize() so that calling __cxa_finalize(NULL) properlymatthew2011-03-021-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | invokes handlers registered with __cxa_atexit(). "seems right" deraadt@
* | | | fix for CVE-2011-0014 "OCSP stapling vulnerability";djm2011-02-102-2/+14
| | | | | | | | | | | | | | | | | | | | | | | | ok markus@ jasper@ miod@ AFAIK nothing in base uses this, though apache2 from ports may be affected.
* | | | Put -I${includedir} back into Cflags so configure script tests likenaddy2011-01-251-4/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | test -n "`pkg-config --cflags openssl`" don't assume that OpenSSL isn't available. ok miod@, sthen@, ajacoutot@, djm@
* | | | Correctly escape a literal colon in an enclosure;schwarze2011-01-241-3/+3
| | | | | | | | | | | | | | | | the \: roff escape is an optional line break.
* | | | - simplify, krb5 handling is not needed.jasper2011-01-212-27/+8
| | | | | | | | | | | | | | | | prompted by brad
* | | | superceded -> superseded;jmc2011-01-141-3/+3
| | | |
* | | | - adjust krb5 directoriesjasper2011-01-031-8/+5
| | | | | | | | | | | | | | | | - zap a trailing tab
* | | | - ensure ${DESTDIR}/usr/lib/pkgconfig/ as running make distrib-dirs is notjasper2010-12-281-2/+3
| | | | | | | | | | | | | | | | common/encouraged practice
* | | | - generate and install pkg-config files for openssl, which more and morejasper2010-12-282-1/+122
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | projects depend on being present (e.g. various ports). as discussed with various porters in a hungarian spa help/feedback from ingo@ and also OK halex@ no objections from djm@
* | | | remove comment that hasn't been true for quite a while now;otto2010-12-221-6/+1
| | | | | | | | | | | | | | | | ok deraadt@ djm@
* | | | avoid pointer arithmetic on void *dhill2010-12-161-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | tested for a while by me. ok otto@
* | | | move CRYPTO_VIAC3_MAX out of cryptodev.h and into the onlyjsg2010-12-162-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | file it will be used from. requested by/ok mikeb@
* | | | The VIA ciphers are added to an array of CRYPTO_ALGORITHM_MAX lengthjsg2010-12-162-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | which should have been declared as CRYPTO_ALGORITHM_MAX + 1, fix this and reserve enough space for the VIA additions as well. ok/comments from mikeb & deraadt
* | | | Security fix for CVE-2010-4180 as mentioned in ↵jasper2010-12-154-0/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | http://www.openssl.org/news/secadv_20101202.txt. where clients could modify the stored session cache ciphersuite and in some cases even downgrade the suite to weaker ones. This code is not enabled by default. ok djm@
* | | | involes -> involves; from Carlos Alberto Pereira Gomesjmc2010-11-301-1/+1
| | | |
* | | | - Apply security fix for CVE-2010-3864 (+commit 19998 which fixes the fix).jasper2010-11-172-36/+84
| | | | | | | | | | | | | | | | ok djm@ deraadt@
* | | | remove skipjack and cast from the libc; ok deraadtmikeb2010-10-283-1053/+2
| | | |
* | | | print the pointer value that caused the error (if available); okotto2010-10-211-47/+54
| | | | | | | | | | | | | | | | deraadt@ nicm@ (on an earlier version)
* | | | Disable use of dladdr() on a.out arches, they do not provide it (yet); ok djm@miod2010-10-182-2/+2
| | | |
* | | | OpenSSL grows another undocumented header, apparently needed on armishdjm2010-10-071-1/+2
| | | |
* | | | More OpenSSL fixes:djm2010-10-067-26/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Update local engines for the EVP API change (len u_int => size_t) - Use hw_cryptodev.c instead of eng_cryptodev.c - Make x86_64-xlate.pl always write to the output file and not stdout, fixing "make -j" builds (spotted by naddy@) ok naddy@
* | | | Retire Skipjackmikeb2010-10-064-4/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There's not much use for the declassified cipher from the 80's with a questionable license these days. According to the FIPS drafts, Skipjack reaches its EOL in December 2010. The libc portion will be removed after the ports hackathon. djm and thib agree, no objections from deraadt Thanks to jsg for digging up FIPS drafts.
* | | | Our make already uses sh -e when executing commands.naddy2010-10-041-7/+7
| | | | | | | | | | | | | | | | Revert the "set -e" additions and kill unneeded subshells. ok djm@
* | | | DES_LONG should be u_int on all platforms, it was spuriouslydjm2010-10-031-1/+1
| | | | | | | | | | | | | | | | u_long on i386. suggested by deraadt@ and kettenis@
* | | | percolate up errors from perl asm scripts, correctly enable SHA-256 asm ondjm2010-10-021-9/+9
| | | | | | | | | | | | | | | | amd64
* | | | fix -Wall due to API changedjm2010-10-012-6/+6
| | | |
* | | | update supporting files, crank library majorsdjm2010-10-0118-274/+621
| | | |
* | | | add missing; yay for cvs!djm2010-10-015-0/+607
| | | |
* | | | resolve conflicts, fix local changesdjm2010-10-011649-188904/+70184
| | | |
* | | | This commit was generated by cvs2git to track changes on a CVS vendordjm2010-10-01189-4739/+34138
|\ \ \ \ | | |/ / | |/| | branch.
| * | | import OpenSSL-1.0.0adjm2010-10-01569-17816/+61097
| | | |
| * | | This commit was manufactured by cvs2git to create branch 'unlabeled-1.1.1'.cvs2svn2010-07-011-0/+992
| | | |
* | | | This commit was generated by cvs2git to track changes on a CVS vendordjm2010-10-01121-3204/+4684
|\ \ \ \ | | |_|/ | |/| | branch.
| * | | import OpenSSL-1.0.0adjm2010-10-01798-31734/+48478
| | | |
* | | | This commit was generated by cvs2git to track changes on a CVS vendordjm2010-10-01339-5051/+49844
|\ \ \ \ | | |_|/ | |/| | branch.
| * | | import OpenSSL-1.0.0adjm2010-10-01373-6688/+55495
| | | |
| * | | This commit was manufactured by cvs2git to create branch 'OPENSSL'.cvs2svn2010-07-011-0/+992
| | | |
* | | | Make gcvt() better match printf("%g") behavior, it now passes regress.millert2010-09-251-11/+23
| | | | | | | | | | | | | | | | OK deraadt@
* | | | Add timingsafe_bcmp(3) to libc, mention that it's already in thematthew2010-09-243-5/+62
| | | | | | | | | | | | | | | | | | | | | | | | kernel in kern(9), and remove it from OpenSSH. ok deraadt@, djm@
* | | | Implement if_freenameindex() as a real function as required by posix.claudio2010-09-241-1/+7
| | | | | | | | | | | | | | | | OK deraadt@, millert@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-19 11:32:34 +0000