summaryrefslogtreecommitdiff
path: root/src/lib (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* | | | After a certain amount of fighting with the mbstowcs API, remove L fromnicm2011-07-081-4/+12
| | | | | | | | | | | | | | | | | | | | | | | | the wcsdup example. ok stsp
* | | | Pass CFLAGS (which contains -DOPENSSL_IA32_SSE2) to the perlasmmpf2011-07-081-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | build on i386. This enables SSE2 optimizations for bignum multiplications, Montgomery multiplications and sha512. This speeds up Diffie-Hellman operations in isakmpd and iked quite a bit. OK djm@, markus@, mikeb@
* | | | no more math(3);jmc2011-07-079-32/+23
| | | |
* | | | Fix some awful code in the example, pointed out by millert@.nicm2011-07-051-3/+3
| | | |
* | | | Add wcsdup(), from NetBSD.nicm2011-07-043-3/+120
| | | | | | | | | | | | | | | | ok deraadt matthew
* | | | switch to installing source manuals (base part)schwarze2011-06-231-262/+246
| | | | | | | | | | | | | | | | | | | | discussed with lots of people, tested by naddy@, "move fast" deraadt@
* | | | as man page states, lower case undoes upper case. add support for little s,tedu2011-06-201-1/+5
| | | | | | | | | | | | | | | | | | | | no security, for consistency. use of this option is discouraged. :) ok deraadt guenther millert
* | | | Add the following certs:dhill2011-06-151-0/+563
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | DigiCert High Assurance CA-3 Go Daddy Secure Certification Authority/serialNumber=07969287 Equifax Secure Certificate Authority VeriSign Class 3 Public Primary Certification Authority - G5 Entrust Certification Authority - L1C Entrust.net Secure Server Certification Authority ok mikeb@ beck@ fgsch@ constant prodding by marco@
* | | | fix wcscasecmp() parameters; <wchar.h> was correctnaddy2011-06-011-2/+2
| | | |
* | | | tweak previous (my fault);jmc2011-05-281-4/+4
| | | |
* | | | wcs(n)casecmp support, manpage comments from jmc@, okay deraadt@espie2011-05-283-5/+82
| | | |
* | | | remove hack to test and create /usr/lib/pkgconfig/ if needed, it's been sixjasper2011-05-261-3/+1
| | | | | | | | | | | | | | | | | | | | | | | | months since it was introduced so it's safe to assume people have this dir now. ok deraadt@
* | | | save errno dance in wrterror() and malloc_dump(); prompted by and ok deraadt@otto2011-05-201-2/+6
| | | |
* | | | introduce symbolic constant for initial number of regionsotto2011-05-181-2/+3
| | | |
* | | | zap regions_bits and rework MALLOC_MAXSHIFT a bit; ok djm@otto2011-05-181-14/+8
| | | |
* | | | Avoid fp computations for stats, this make calling malloc_dump() safe in moreotto2011-05-121-10/+7
| | | | | | | | | | | | | | | | cases.
* | | | fix comment, the bitmap is an array of u_short nowotto2011-05-121-2/+2
| | | |
* | | | Introduce leak detection code for MALLOC_STATSotto2011-05-121-25/+165
| | | |
* | | | Move MALLOC_STATS code to bottom of file, so the real stuff is more at the top.otto2011-05-081-137/+141
| | | |
* | | | Make this script more generic and minimize differences betweenjasper2011-05-051-8/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the openssl and libz versions: - use a generic ${lib_version} - define ${version_file} to look run ${version_re} on to acquire the library version. - add license - remove unused -k flag no change in generated files ok sthen@
* | | | Up until now, malloc scanned the bits of the chunk bitmap fromotto2011-05-051-32/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | position zero, skipping a random number of free slots and then picking the next free one. This slowed things down, especially if the number of full slots increases. This changes the scannning to start at a random position in the bitmap and then taking the first available free slot, wrapping if the end of the bitmap is reached. Of course we'll still scan more if the bitmap becomes more full, but the extra iterations skipping free slots and then some full slots are avoided. The random number is derived from a global, which is incremented by a few random bits every time a chunk is needed (with a small optimization if only one free slot is left). Thanks to the testers!
* | | | Adjust to explicitly list ${libdir}.jasper2011-05-031-4/+4
| | | | | | | | | | | | | | | | ok sthen@
* | | | Now that we use an array of u_short for the chunk bitmap change a fewotto2011-04-301-5/+5
| | | | | | | | | | | | | | | | 1UL to 1U.
* | | | More efficient scanning for free chunks while not losing any randomization;otto2011-04-301-21/+25
| | | | | | | | | | | | | | | | thanks to all testers.
* | | | Tweak the description of the optional parts around =. Found this in myotto2011-04-271-5/+7
| | | | | | | | | | | | | | | | tree, no idea where it came from; ok millert@ jmc@
* | | | Fix spacing nit.matthew2011-04-191-3/+3
| | | | | | | | | | | | | | | | ok jmc@
* | | | Add AI_FQDN flag to getaddrinfo(3). Prompted by discussions with djm@matthew2011-04-052-22/+46
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | about cert checking in OpenSSH. Man page wording tweaks thanks to jmc@. ok henning@, jmc@; positive feedback from djm@, ajacoutat@ Committing now to reuse guenther@'s libc minor bump instead of cranking it again, as suggested by deraadt@.
* | | | Add a wcswidth man page (based on FreeBSD), and fix the implementationstsp2011-04-043-5/+68
| | | | | | | | | | | | | | | | | | | | to return -1 in case of an unprintable character. ok nicm jmc
* | | | back out previous commit.beck2011-03-251-665/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | "if you have checked this I am ok with it" does not mean 1) not to pay attention to breaking news after I tell you that and 2) not to get ok's from the others this had been shown to. I am absolutely not ok with thig going in with only *my* ok. There's a reason why we want more than one ok on important commits ok deraadt@ for the backout
* | | | Add the following certs:dhill2011-03-251-0/+665
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | DigiCert High Assurance CA-3 Go Daddy Secure Certification Authority COMODO High-Assurance Secure Server CA Equifax Secure Certificate Authority VeriSign Class 3 Public Primary Certification Authority - G5 Entrust Certification Authority - L1C Entrust.net Secure Server Certification Authority cross checked with mozilla ok beck@
* | | | This script doesn't need write access to $curdir. Just check existence.matthieu2011-03-241-3/+3
| | | | | | | | | | | | | | | | Fixes build on NFS src with no root access. ok jasper@
* | | | tweak for clarity, ok millert@, jmc@espie2011-03-211-4/+4
| | | |
* | | | wrong type for variable; spotted by christian.siebert@cs.tu-chemnitz.dederaadt2011-03-061-3/+3
| | | | | | | | | | | | | | | | ok guenther
* | | | Fix PR 6267: recheck POSIXLY_CORRECT each time getopt_long() starts a newguenther2011-03-053-44/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | argv and don't suppress the handling of leading '-' in optstring when POSIXLY_CORRECT is set. Based on patch from Eric Blake. ok and manpage update from millert@, manpage ok jmc@
* | | | Remove expired certs.dhill2011-03-031-174/+0
| | | | | | | | | | | | | | | | ok beck@ fgsch@
* | | | Fix __cxa_finalize() so that calling __cxa_finalize(NULL) properlymatthew2011-03-021-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | invokes handlers registered with __cxa_atexit(). "seems right" deraadt@
* | | | fix for CVE-2011-0014 "OCSP stapling vulnerability";djm2011-02-102-2/+14
| | | | | | | | | | | | | | | | | | | | | | | | ok markus@ jasper@ miod@ AFAIK nothing in base uses this, though apache2 from ports may be affected.
* | | | Put -I${includedir} back into Cflags so configure script tests likenaddy2011-01-251-4/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | test -n "`pkg-config --cflags openssl`" don't assume that OpenSSL isn't available. ok miod@, sthen@, ajacoutot@, djm@
* | | | Correctly escape a literal colon in an enclosure;schwarze2011-01-241-3/+3
| | | | | | | | | | | | | | | | the \: roff escape is an optional line break.
* | | | - simplify, krb5 handling is not needed.jasper2011-01-212-27/+8
| | | | | | | | | | | | | | | | prompted by brad
* | | | superceded -> superseded;jmc2011-01-141-3/+3
| | | |
* | | | - adjust krb5 directoriesjasper2011-01-031-8/+5
| | | | | | | | | | | | | | | | - zap a trailing tab
* | | | - ensure ${DESTDIR}/usr/lib/pkgconfig/ as running make distrib-dirs is notjasper2010-12-281-2/+3
| | | | | | | | | | | | | | | | common/encouraged practice
* | | | - generate and install pkg-config files for openssl, which more and morejasper2010-12-282-1/+122
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | projects depend on being present (e.g. various ports). as discussed with various porters in a hungarian spa help/feedback from ingo@ and also OK halex@ no objections from djm@
* | | | remove comment that hasn't been true for quite a while now;otto2010-12-221-6/+1
| | | | | | | | | | | | | | | | ok deraadt@ djm@
* | | | avoid pointer arithmetic on void *dhill2010-12-161-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | tested for a while by me. ok otto@
* | | | move CRYPTO_VIAC3_MAX out of cryptodev.h and into the onlyjsg2010-12-162-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | file it will be used from. requested by/ok mikeb@
* | | | The VIA ciphers are added to an array of CRYPTO_ALGORITHM_MAX lengthjsg2010-12-162-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | which should have been declared as CRYPTO_ALGORITHM_MAX + 1, fix this and reserve enough space for the VIA additions as well. ok/comments from mikeb & deraadt
* | | | Security fix for CVE-2010-4180 as mentioned in ↵jasper2010-12-154-0/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | http://www.openssl.org/news/secadv_20101202.txt. where clients could modify the stored session cache ciphersuite and in some cases even downgrade the suite to weaker ones. This code is not enabled by default. ok djm@
* | | | involes -> involves; from Carlos Alberto Pereira Gomesjmc2010-11-301-1/+1
| | | |
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-28 05:23:51 +0000