summaryrefslogtreecommitdiff
path: root/src/lib (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* decipher comment. ok bcook@mmcc2015-12-122-4/+4
|
* move initialization of buf up to quell warnings and make it obvious the err ↵beck2015-12-122-8/+10
| | | | | | case is ok. ok bcook@
* prevent possibly use of uninitialized variablebeck2015-12-122-4/+4
| | | | ok bcook@
* make the counter a size_t as well, which quells a warning on visual studio 2015beck2015-12-122-4/+6
| | | | ok bcook@
* tiny sanity check on file sizetedu2015-12-101-1/+3
|
* bump the major for libcrypto/ssl/tls for a CRYPTO_chacha_20 ABI changebcook2015-12-095-10/+10
| | | | ok jsing@, deraadt@, beck@
* Change the counter argument for CRYPTO_chacha_20 to be 64-bits on all platforms.bcook2015-12-094-10/+12
| | | | | | | | | | | The recently-added EVP_aead_chacha20_poly1305_ietf() function, which implements informational RFC 7539, "ChaCha20 and Poly1305 for IETF Protocols", needs a 64-bit counter to avoid truncation on 32-bit platforms. The existing TLS ChaCha20-Poly1305 ciphersuite is not impacted by this, but making this change requires an ABI bump. ok jsing@, "Looks sane" beck@
* Integrate two patches originally from Daniel Micay.tedu2015-12-091-8/+76
| | | | | | | | | | | | 1. Optionally add random "canaries" to the end of an allocation. This requires increasing the internal size of the allocation slightly, which probably results in a large effective increase with current power of two sizing. Therefore, this option is only enabled via 'C'. 2. When writing junk (0xdf) to freed chunks (current default behavior), check that the junk is still intact when finally freeing the delayed chunk to catch some potential use after free. This should be pretty cheap so there's no option to control it separately. ok deraadt tb
* Add root certificate for COMODO RSA Certification Authority, ok beck@sthen2015-12-071-0/+122
| | | | | | | In some cases sites signed by this are covered by the old "AddTrust External CA Root" that we already had, but that depends on the site sending a fairly large chain of intermediate certificates which most aren't doing (because there's no need because this newer one is in browser stores..).
* Remove SHA0 check, as we did in v1.21 of sha.h.bcook2015-12-072-4/+4
| | | | | | This enables ENGINE_get_digest to work again with SHA1. noted by NARUSE, Yui, @nurse from github
* Fix for OpenSSL CVE-2015-3195beck2015-12-042-6/+16
| | | | ok djm@ jsing@
* Fix for OpenSSL CVE-2015-3194beck2015-12-032-4/+4
| | | | ok krw@
* Phrase allocation failure more clearly. ok deraadt@mmcc2015-12-011-3/+3
|
* change Xrs from now-defunct db(3) to dbopen(3); this wasn;t ajmc2015-11-302-6/+6
| | | | | | | straight replace: thanks both to schwarze and maja for feedback on how to rewrite parts; i've snuck in an rcs id->openbsd id change in dev_mkdb too;
* Wrap <icdb.h> so that calls go direct and the symbols are all weakguenther2015-11-251-1/+12
| | | | ok tedu@
* syslog() here is pointless; ok millertderaadt2015-11-251-2/+0
|
* Use reentrant versions of getpw{nam,uid} and getgr{nam,gid} withinmillert2015-11-242-7/+10
| | | | | | | libc to avoid reusing the static buffers returned by the non-reentrant versions. Since this is inside libc we can use constants for the buffer sizes instead of having to call sysconf(). OK guenther@ deraadt@
* Correct file name, no text change (no history yet, but sorry for the churn).schwarze2015-11-242-26/+26
| | | | Issue noticed by jmc@, OK jmc@.
* Document that these functions are now in strings.h.daniel2015-11-247-19/+22
| | | | ok millert@
* Don't fake a bulleted list by prefixing items with 'o'.bentley2015-11-241-8/+8
| | | | ok jmc@
* Partial revert of revision 1.26:schwarze2015-11-211-18/+18
| | | | | Do *not* install the CMS_* manuals for now given that the code is currently disabled. Cluestick applied by jsing@.
* point to netintro(4) rather than (now removed) networking(4);jmc2015-11-212-6/+6
|
* add a version field to prevent mayhem if different data gets storedtedu2015-11-181-3/+7
|
* update for new symbols and codetedu2015-11-181-2/+2
|
* Add icdb, the internal c database. A simpler replacement for the oldtedu2015-11-181-0/+367
| | | | Berzerkeley DB code.
* add QuoVadis root certificates, present in Mozilla/Chrome/Apple/Windows/etcsthen2015-11-161-0/+722
| | | | req by and OK dlg, no objections in 5 days
* ui_new -> UI_new;jmc2015-11-151-2/+2
|
* fix references to lhash(3);jmc2015-11-152-14/+16
|
* mutli -> multimiod2015-11-142-2/+2
|
* Various *syncron* -> *synchron* typos.miod2015-11-142-2/+2
|
* Give clear directions on how to declare, PROTO_*() and DEF_*() new symbolsguenther2015-11-141-0/+97
| | | | prodded by deraadt@
* add mul and mul_add to NAME;jmc2015-11-121-0/+4
|
* update cross references after deleting the imaginary MLINKSschwarze2015-11-125-6/+6
| | | | bn_internal(3) and lhash(3)
* Convert the handful of manuals that had imaginary names,schwarze2015-11-1213-1154/+2210
| | | | | give them names that really exist. This also helps jmc@'s ongoing work on improving NAME sections.
* add missing functions to NAME, or otherwise correct the mlinkjmc2015-11-1130-56/+99
| | | | | | entry for them; feedback/ok schwarze
* Convert five more manuals from POD to mdoc.schwarze2015-11-1111-463/+638
| | | | | I found drafts of these in my tree, probably originally from Max Fillinger, that just needed minor polishing.
* Convert and enable CMS manuals.schwarze2015-11-1133-1253/+2040
| | | | Already some time ago, bcook@ said these can be installed.
* update NAME section to include all documented functions,jmc2015-11-106-18/+18
| | | | | | or otherwise change Dt to reflect the name of an existing function; feedback/ok schwarze
* SSL_CTX_sess_set_remove mlink should be SSL_CTX_sess_set_remove_cb;jmc2015-11-101-2/+2
|
* libc.so can't be unloaded, so move the hidden atexit() and pthread_atfork()guenther2015-11-101-1/+13
| | | | | | | | | | | stubs for the executable from crtbegin.o into libc, which lets them be excluded from static links that don't use them. For this, drop the normal crt{begin,end}S.o from libc.so: the .init and .fini sections for libc aren't called at the right times anyway, so it's good that they're unused. libc.so just needs __guard_local and the .note.openbsd.ident section, so add them to stack_protector.c for now (this will be improved) "good time" deraadt@
* update some client/server info; from jan klemkowjmc2015-11-091-5/+5
| | | | ok jsing
* inet(4), not inet(3);jmc2015-11-081-3/+3
|
* Fix gcc version preprocessor checks to cope with gcc 5.x and beyond;miod2015-11-062-4/+4
| | | | reported by Ruslan Babayev.
* Cast Td4[] values (which are uint8_t) to uint32_t before shifting them left bymiod2015-11-052-10/+10
| | | | | | | | | 24 bits; if we don't, Td4[] gets cast to signed int, and according to C>=99 6.5.7, signed int shifted by enough bits to cause a the sign bit to be set is an UB. Reported by Pascal Cuoq on behalf of the trust-in-soft.com mafia I am {partial,slightly related} to.
* Mention ROTL() is always invoked with a proper shift value, due to the way themiod2015-11-052-2/+4
| | | | | CAST_KEY is constructed. This is expected to reduce blood pressure in auditors.
* bump to 2.3.2, format LIBRESSL_VERSION_NUMBER like OPENSSL_VERSION_NUMBER.bcook2015-11-032-6/+6
| | | | | | Suggested by WubTheCaptain so the same comparison code can be used with LibreSSL. https://www.openssl.org/docs/manmaster/crypto/OPENSSL_VERSION_NUMBER.html
* Fix typo in comment of previous commit: "that that".reyk2015-11-022-6/+6
|
* bump minors after adding EVP_aead_chacha20_poly1305_ietf()reyk2015-11-025-5/+5
| | | | OK jsing@
* Add EVP_aead_chacha20_poly1305_ietf() - The informational RFC 7539,reyk2015-11-025-41/+256
| | | | | | | | | "ChaCha20 and Poly1305 for IETF Protocols", introduced a modified AEAD construction that is incompatible with the common style that has been already used in TLS with EVP_aead_chacha20_poly1305(). The IETF version also adds a constant (salt) that is prepended to the nonce. OK mikeb@ jsing@
* delete old lint ARGSUSED commentsguenther2015-11-011-2/+1
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-22 08:49:04 +0000