summaryrefslogtreecommitdiff
path: root/src/regress (unfollow)
Commit message (Collapse)AuthorFilesLines
2014-04-08MFC:djm2-13/+27
cherrypick fix for CVE-2014-0160 "heartbleed" vulnerability from OpenSSL git; ok sthen@
2013-12-20MFC: Reliability fix for SHA384 SSL/TLS ciphers on strict alignmentjca1-1/+8
architectures. ok miod@ djm@
2013-02-14This commit was manufactured by cvs2git to create branch 'OPENBSD_5_3'.cvs2svn1001-357671/+0
2013-02-14cherry pick bugfixes for http://www.openssl.org/news/secadv_20130205.txtmarkus30-557/+2564
from the openssl git (changes between openssl 1.0.1c and 1.0.1d). ok djm@
2013-01-26remove ACSS, crank libcrypto major; ok markus@ deraadt@djm14-882/+4
2013-01-15Don't pull <math.h> just because it can return HUGE_VAL in themartynas1-3/+2
corner cases. OK millert@.
2013-01-01Simple tests for fmemopen(3) and open_memstream(3)mpi4-0/+175
2012-12-22Fix bug in random offset introduced in rev 1.143; random range wasotto1-3/+3
expanded, but not enough due to precedence error. Spotted by Thorsten Glaser.
2012-12-17add test case for gethostbyname() called with numeric hostnameeric1-1/+2
2012-12-16- use diff -u like most anywhere to make the output readable.jasper1-2/+2
ok phessler@
2012-12-12document RES_USE_DNSSEC; text tweaked by sthenjmc1-2/+6
ok jakob
2012-12-05Remove excessive sys/cdefs.h inclusionderaadt2-5/+2
ok guenther millert kettenis
2012-12-05no need for .Pp before lists;jmc1-3/+2
2012-12-04Rewritten posix_openpt manual that doesn't include any of the POSIXmillert1-74/+49
text. OK deraadt@
2012-12-04Use "path name" not "pathname".millert1-3/+3
2012-12-04remove some unnecessary sys/param.h inclusionsderaadt1-3/+1
2012-12-03Simple emulation of POSIX pty APIs posix_openpt(), ptsname(),millert4-6/+414
grantpt() and unlockpt() using /dev/ptm. Man pages from FreeBSD. OK kettenis@ deraadt@ beck@ ajacoutot@ naddy@
2012-12-03New CA root certificates, ok beck@.sthen1-99/+1705
- additional cert's from GlobalSign. - additional cert's from VeriSign and replace existing ones with 'Signature Algorithm: md2WithRSAEncryption' with their currently distributed sha1WithRSAEncryption versions. - new CAs: AddTrust (root for most Comodo certificates also heavily used in academic networks), Comodo (most of their certs are rooted in AddTrust but TERENA use the Comodo AAA Certificate Services root for some things so add that separately), UserTrust Network/UTN (part of Comodo) and Starfield (part of Go Daddy).
2012-12-01Additional CA root certificates: GeoTrust/Equifax, Go Daddy, StartCom, thawte.sthen1-0/+1187
ok beck@ william@ todd@
2012-11-30Regenerate the text information for all certificates with recent opensslsthen1-439/+465
and include sha1 signatures for all certs (some were missing). No certificate changes, this is just for consistency. ok beck@
2012-11-30Remove retired Thawte/Verisign certificates.sthen1-499/+0
Remove intermediate GoDaddy certificate, this file should just contain roots. ok beck@ phessler@
2012-11-30Document a known bug in the DES crypt cipher implementation which we'restsp1-2/+6
not going to fix in order to stay compatible with legacy password data. Nobody should use DES crypt anyway these days. See http://www.freebsd.org/security/advisories/FreeBSD-SA-12:02.crypt.asc for details about this bug. Discussed with deraadt and beck about half a year ago (I'm pruning Ms from my tree).
2012-11-29- put the various options into the same order as those in resolv.hjmc1-17/+38
- sync RES_DEBUG with resolv.conf.5 - document RES_PRIMARY, but mark it unsupported (like we already do for RES_AAAONLY) - use the exact same text (about being enabled by default) for RES_RECURSE as for the other two defaults - document RES_INSECURE{1,2} - description lifted from resolv.conf.5 - document RES_NOALIASES - mostly sync the RES_USE_EDNS0 text with resolv.conf.5 - RES_USE_DNSSEC not documented for now. something to come... ok sthen
2012-11-19remove some useless Tn and double punctuation;jmc1-16/+7
2012-11-19RES_IGNTC is no longer ignored; ok sthenjmc1-4/+4
2012-11-18Ensure that the base provided to strtol(3) is between 2 and 36 inclusive,jsing1-1/+12
or the special value of 0. ok deraadt@ otto@
2012-11-18Add a regress test for strtol, which currently fails.jsing3-2/+86
ok otto@
2012-11-10Per POSIX, fix raise() and abort() to send the signal to the current thread.guenther1-3/+5
Should make coredumps from abort() easier to debug too. ok kurt@
2012-11-02Add a new malloc option 'U' => "Free unmap" that does the guarding/djm2-18/+36
unmapping of freed allocations without disabling chunk randomisation like the "Freeguard" ('F') option does. Make security 'S' option use 'U' and not 'F'. Rationale: guarding with no chunk randomisation is great for debugging use-after-free, but chunk randomisation offers better defence against "heap feng shui" style attacks that depend on carefully constructing a particular heap layout so we should leave this enabled when requesting security options.
2012-10-31On amd64 OPENSSL_cpuid_setup and OPENSSL_ia32cap_P are now hidden so we don'tkettenis8-18/+10
have to go through the PLT/GOT to get at them anymore. In fact going through the GOT now fails since we no longer have a GOT entry for OPENSSL_ia32cap_P. Fixes the problem spotted by jasper@ and sthen@. Based on a diff from mikeb@ who did most of the actual work of tracking down the issue. ok millert@, mikeb@
2012-10-22Restore r1.10, lost during last update:miod2-2/+2
Disable use of dladdr() on a.out arches, they do not provide it (yet);
2012-10-13Makefile and header changes for OpenSSL-1.0.1cdjm20-139/+361
major cranks
2012-10-13import files that CVS missed; sighdjm10-0/+1498
2012-10-13resolve conflictsdjm504-7535/+33760
2012-10-13import OpenSSL-1.0.1cdjm339-4357/+15664
2012-10-13import OpenSSL-1.0.1cdjm248-2332/+62631
2012-10-13import OpenSSL-1.0.1cdjm359-4455/+63120
2012-09-27last stage of rfc changes, using consistent Rs/Re blocks, and moving thejmc9-88/+91
references into a STANDARDS section;
2012-09-26last stage of rfc changes, using consistent Rs/Re blocks, and moving thejmc1-19/+45
references into a STANDARDS section;
2012-09-23Make setenv(3) consistent with unsetenv(3), giving EINVAL if passedjeremy2-20/+10
an empty name, NULL pointer, or a name containing an '=' character. OK millert@, guenther@
2012-09-16remove some wacky Xo/Xc;jmc1-3/+3
2012-09-15remove tahoe-specific makefile machinery, no such hardware is known to bemiod1-5/+1
in working condition anymore (assuming there would be interest in running on it).
2012-09-15Document that strtod functions accept INF, NAN, NAN(). From Michal Mazurek.martynas1-3/+28
2012-09-13specify the bounds of the dst to strlcat (both values were static andderaadt1-2/+2
equal, but it is more correct) from Michal Mazurek
2012-09-13Fix precedence bug (& has lower precedence than !=).pirofti1-2/+2
Okay otto@. Found by Michal Mazurek <akfaew at jasminek dot net>, thanks!
2012-09-05run regress with the local env tooeric1-2/+2
2012-09-05use LDSTATIC for building static executableseric1-2/+2
2012-09-04arc4random_buf is the easy way to fill a buffer now. ok deraadttedu1-10/+3
2012-09-04remove lint leftovers; ok guenther@okan1-5/+1
2012-08-22rfc 2553 (not 2533) has been replaced by rfc 3493;jmc1-5/+6
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-19 22:18:37 +0000