openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Age	Files	Lines
...
*	shorten the openssl dgst text; in particular, do not try to	jmc	2016-08-01	1	-53/+24
\| \| \| \|	list all the available digests;
*	use the style from the man page examples for getaddrinfo, which makes a	halex	2016-07-30	1	-21/+19
\| \| \| \| \| \|	bit more sense ok jung@ deraadt@
*	remove HISTORY: it was a nonsense;	jmc	2016-07-28	1	-25/+1
\|
*	some text cutting, after feedback from jsing;	jmc	2016-07-28	1	-12/+12
\|
*	rework crl2pkcs7; with help from jsing	jmc	2016-07-23	1	-57/+18
\|
*	rework DESCRIPTION a little: no-command seems clearer than no-XXX;	jmc	2016-07-21	1	-17/+12
\|
*	rename NOTES to COMMON SYNTAX (explains itself better); rework the	jmc	2016-07-21	1	-43/+44
\| \| \| \| \| \|	passphrase section a little; move the DER\|PEM stuff in there to help avoid text repetition, and prefer the lowercase (less keys to press); adjust ENVIRONMENT to format a little more nicely;
*	strip back openssl crl somewhat: remove the examples	jmc	2016-07-21	1	-41/+21
\| \| \| \|	and move any relevant text into the main body;
*	strip back openssl ciphers:	jmc	2016-07-20	1	-106/+60
\| \| \| \| \| \|	- rearrange the descriptions of -V and -v to read more logically - move the cipherlist text into the cipherlist description - zap examples
*	strip back openssl ca: in particular remove some excessively wordy sections,	jmc	2016-07-19	1	-337/+120
\| \| \| \| \|	move some other sections into more relevant places, and remove the example ca file;
*	strip back asn1parse; ok beck jsing	jmc	2016-07-17	1	-108/+27
\| \| \| \|	description of -out altered on jsing's advice
*	since we no longer pull source directly from openssl, the time is	jmc	2016-07-16	1	-427/+57
\| \| \| \| \| \| \| \|	right to try and trim some of the excess from this page. begin now by cutting some of the fluff from the start. the section on pass phrase arguments goes to the end of the page: it;s in the way for now.
*	Adjust existing tls_config_set_cipher() callers for TLS cipher group	jsing	2016-07-13	1	-2/+2
\| \| \| \| \| \| \|	changes - map the previous configuration to the equivalent in the new groups. This will be revisited post release. Discussed with beck@
*	Revert previous since the libtls change has been reverted.	jsing	2016-07-07	1	-16/+24
\|
*	Remove manual file loading (now that libtls does this for us) and adjust	jsing	2016-07-06	1	-24/+16
\| \| \| \| \|	pledge to match. Also use tls_config_error() to provide friendlier error messages.
*	do not uppercase "hop limit";	jmc	2016-07-02	1	-4/+4
\|
*	Simplify IP proto-specific sockopt error handling.	bcook	2016-07-01	1	-34/+26
\| \| \| \| \| \| \|	This makes error messages more specific and simplifies masking compatible sections for the portable version. ok beck@
*	Add -M and -m options to specify the outgoing and incoming minimum TTL	jca	2016-06-28	2	-9/+52
\| \| \| \|	Req by and ok blumh@
*	If an error path if close() is called, save errno so that original error	deraadt	2016-06-28	1	-5/+13
\| \| \| \| \|	is shown by errx ok millert krw
*	Be more careful initializing and tracking socket s through main, this is	deraadt	2016-06-27	1	-7/+6
\| \| \| \| \|	so complicated that a future refactoring could easily in introduce a bug. ok millert krw
*	whitespace	deraadt	2016-06-27	1	-2/+2
\|
*	Fix a bug loading the default certificate path locations.	bcook	2016-06-21	1	-9/+7
\| \| \| \| \| \| \| \| \|	The files would only be loaded if the CAfile or CApath locations were succesfully loaded first. Original patch from OpenSSL: https://github.com/openssl/openssl/commit/fe9b85c3cb79f1e29e61f01de105b34ce8177190 ok beck@
*	Let netcat support the use of service names instead of port numbers.	beck	2016-06-02	2	-18/+34
\| \| \| \| \|	based on a diff from Andras Farkas <deepbluemistake@gmail.com> ok deraadt@
*	Fix pledge violation with -P s used and we need to supply a password	beck	2016-05-28	1	-3/+12
\| \| \| \| \| \|	for an http proxy - we need tty in this case. Found and fixed by Anthony Coulter <bsd@anthonycoulter.name>. ok tb@
*	Fix nc -verbose mode when used on a unix domain socket.	beck	2016-05-28	1	-5/+11
\| \| \| \|	Noticed by and a modified version of fix from <attila@stalphonsos.com>
*	add "dns" to openssl ocsp	semarie	2016-04-26	1	-2/+2
\| \| \| \| \| \|	problem reported by Alexandre (kAworu) ok beck@ deraadt@ sthen@
*	hexidecimal->hexadecimal; from mmcc	jmc	2016-04-07	1	-4/+4
\| \| \| \|	ok beck
*	word fix from previous; ok sthen	jmc	2016-02-12	1	-3/+3
\|
*	sslv3 has been removed;	jmc	2016-02-08	1	-16/+21
\| \| \| \| \|	prompted by a mail from jiri navratil help/ok sthen
*	Use the correct values for TLS certificate / private key flags.	bcook	2016-01-04	1	-5/+5
\| \| \| \|	fix from Andreas Bartelt <obsd at bartula.de>
*	include time.h over sys/time.h for ctime(3)	bcook	2015-12-28	1	-2/+2
\| \| \| \|	ok beck@
*	more e-mail -> email	mmcc	2015-12-24	2	-5/+5
\|
*	remove NULL-check before free()	mmcc	2015-12-23	1	-3/+2
\|
*	Add missing colon after "Peer name" in verbose output. Mentioned on the	mmcc	2015-12-17	1	-2/+2
\| \| \| \|	lists recently.
*	clean up some unused variables, and add the printing of the certificate validity	beck	2015-12-16	1	-4/+7
\| \| \| \| \|	to the verbose output when using tls - from rob@2keys.ca ok mmcc@ jsing@ deraadt@
*	Specify SOCKS version in error messages. ok deraadt@	mmcc	2015-12-10	1	-3/+3
\|
*	Map SOCKS error codes to error strings. With input from deraadt@	mmcc	2015-12-10	1	-5/+61
\|
*	pledge nc better - Load the certificate into memory and then do the pledge,	beck	2015-12-08	1	-5/+21
\| \| \| \| \|	this allows us to drop the rpath fromt the nc pledge. ok deraadt@, tedu@
*	Get rid of modulo bias and replace the naive shuffle by the	tb	2015-12-07	1	-20/+16
\| \| \| \| \| \| \| \|	Knuth-Fisher-Yates shuffle to make the random sequence of ports less biased. Based on the implementation in sys/netinet/ip_id.c. With helpful input from daniel@ and beck@ ok beck@ despite eye twitching
*	s_server also needs DNS; reported by tb@	jca	2015-12-01	1	-2/+2
\|
*	Undo previous, pledge("dns") was already present. The problem was in s_server.	jca	2015-12-01	2	-4/+4
\|
*	pledge dns so openssl can use dns.. noticed and fix by todd@	beck	2015-12-01	2	-4/+4
\| \| \| \|	ok jcs@ deraadt@ theo@
*	rename variable 'sun' to allow building on Solaris	bcook	2015-11-23	1	-13/+13
\| \| \| \|	ok deraadt@
*	In pledge(), put "dns" right after "inet".	jca	2015-11-21	2	-4/+4
\|
*	Unbreak s_client, which should be allowed by pledge(2) to do DNS requests.	jca	2015-11-21	2	-4/+4
\| \| \| \|	From todd@
*	do not need sys/param.h	deraadt	2015-11-20	1	-1/+0
\|
*	mutli -> multi	miod	2015-11-14	2	-4/+4
\|
*	Since rtable was hoisted to the top with setrtable, it should have no	deraadt	2015-11-13	1	-10/+7
\| \| \| \| \|	bearing on the following pledge setups anymore. ok benno
*	with -V argument, dont set rtable on the socket, instead set if for the whole	benno	2015-11-12	1	-15/+4
\| \| \| \| \| \| \| \| \|	process, before pledge(). This way the rtable can be pledged too. the discussion about removing -V is postponed. diff from beck@, i wrote the same diff without seeing his, and various people at u2k15 agreed this is the right thing to do. ok phessler@
*	KNF; from Rob Pierce	deraadt	2015-11-01	1	-3/+3
\|