| Commit message (Collapse) | Author | Files | Lines | ||
|---|---|---|---|---|---|
| 2009-06-25 | typo; | jmc | 1 | -3/+3 | |
| 2009-06-21 | fix rcs ids. ok sthen@ | martynas | 1 | -1/+1 | |
| 2009-06-21 | abs conforms c99 -> imaxabs conforms c99. ok millert@ | martynas | 1 | -3/+3 | |
| 2009-06-09 | make the regress target build the program before using it. | phessler | 1 | -2/+2 | |
| OK millert@, deraadt@ | |||||
| 2009-06-09 | Update to handle the default resolv order behavior. | phessler | 2 | -17/+24 | |
| Add a note that the regress depends on the "family" keyword in resolv.conf OK millert@, deraadt@ | |||||
| 2009-06-08 | quieten compiler by converting pointers to uintptr_t before truncating them | deraadt | 1 | -5/+5 | |
| to u_int32_t to do integer math with (in a situation where that is legit) ok otto millert | |||||
| 2009-06-05 | compare and shift buffer against a fixed length not strlen derived values. | pyr | 1 | -6/+6 | |
| ok otto@ | |||||
| 2009-06-05 | tweak -V; | jmc | 1 | -2/+3 | |
| 2009-06-05 | The networking swissarmy knife needs to work on alternate domains as well. | claudio | 2 | -6/+29 | |
| Again -V can be used to specify the domain. | |||||
| 2009-06-04 | simplify the 'family' option parser and make it more evident what we're | pyr | 2 | -25/+18 | |
| now doing. ok deraadt@ | |||||
| 2009-06-04 | Don't assume that we can overwrite strings in the environment. | millert | 1 | -1/+3 | |
| Someone may have passed a read-only string to putenv() (I'm looking at you cron!). | |||||
| 2009-06-04 | Add a resolv.conf option to specify the order in which getaddrinfo | pyr | 2 | -8/+63 | |
| PF_UNSPEC queries are made. While there change the default from inet6 first then inet4 to inet4 first then inet6, this prevents the many people with IPv4 only connectivity from constantly trying to contact IPv6 addresses, and also unbreaks many ports who don't use getaddrinfo right. ok deraadt@, plenty of cheering in the room wrt the idea, not loud enough complaining from the v6 crowd. | |||||
| 2009-06-03 | Make putenv(), setenv() and unsetenv() standards compliant. The | millert | 5 | -86/+117 | |
| standard explicitly disallows passing setenv a name with a '=' in it but historic BSD behavior is to allow this but to ignore the '=' and anything after it. | |||||
| 2009-06-02 | - define EAI_OVERFLOW, as per IEEE Std 1003.1-2001(Interpretation #13) | jasper | 2 | -3/+7 | |
| hint from claudio@, ok millert@ | |||||
| 2009-05-25 | add ipsCA as a valid authority. | dlg | 1 | -0/+51 | |
| ok beck@ | |||||
| 2009-05-06 | Document AI_NUMERICSERV; feedback and ok millert@ | jacekm | 1 | -2/+9 | |
| 2009-04-19 | update protocols for s_client;s -starttls; from brad | jmc | 1 | -5/+8 | |
| 2009-04-12 | document that no leading whitespace is permitted between the option and | okan | 1 | -3/+5 | |
| argument if the argument is deemed to be optional ('::'). feedback and ok jmc@ and millert@ | |||||
| 2009-04-10 | resync libssl/libcrypto pod documentation - quite a few more pages and | djm | 1 | -27/+242 | |
| MLINKS; feedback and ok jmc@ | |||||
| 2009-04-06 | sync with 0.9.8k; | jmc | 1 | -9/+19 | |
| 2009-04-06 | crankus majoris | djm | 3 | -3/+3 | |
| 2009-04-06 | resolve conflicts | djm | 79 | -245/+430 | |
| 2009-04-06 | import of OpenSSL 0.9.8k | djm | 51 | -156/+15047 | |
| 2009-04-06 | import of OpenSSL 0.9.8k | djm | 75 | -194/+356 | |
| 2009-04-06 | import of OpenSSL 0.9.8k | djm | 39 | -149/+18486 | |
| 2009-03-17 | correct argument type for swap64(); from Thomas Pfaff | jmc | 1 | -3/+3 | |
| 2009-02-18 | Test to show glob bug introduced with POSIX char class support. | millert | 1 | -0/+3 | |
| 2009-02-18 | Add missing CURDIR | millert | 1 | -2/+2 | |
| 2009-02-13 | kill whitespace at eol; | jmc | 1 | -2/+2 | |
| 2009-02-13 | decribe 'F' better and mention flags are debugging aids; ok tedu@ jmc@ | otto | 1 | -8/+10 | |
| 2009-02-10 | correct function definitions; from Markus Bergkvist | jmc | 1 | -4/+4 | |
| 2009-01-30 | missing ssl_sock_init() call in init_client() (used by | djm | 1 | -3/+10 | |
| "openssl s_client"), fix an unlikely memory leak | |||||
| 2009-01-30 | remove some gratuitous changes that do nothing other than inrease | djm | 1 | -2/+1 | |
| the size of the diff against openssl mainline | |||||
| 2009-01-12 | convert a strdup (into a purpose-allocated buffer) in libcrypto to a | djm | 2 | -4/+6 | |
| memcpy to avoid linker deprecation warnings; pointed out by dkrause@ | |||||
| 2009-01-09 | openssl-0.9.8j enables RFC3546 TLS extensions by default (e.g. the very | djm | 13 | -39/+0 | |
| useful "server name indication" that allows multihomed TLS server), so remove the #define to disable it here | |||||
| 2009-01-09 | adjust Makefile and crank major for openssl-0.9.8j | djm | 17 | -16/+56 | |
| 2009-01-09 | resolve conflicts | djm | 538 | -7811/+10571 | |
| 2009-01-09 | import openssl-0.9.8j | djm | 263 | -2494/+3222 | |
| 2009-01-09 | import openssl-0.9.8j | djm | 532 | -8743/+31783 | |
| 2009-01-09 | import openssl-0.9.8j | djm | 79 | -606/+3434 | |
| 2009-01-08 | Add a missing MLINK for BIO_new_socket. | oga | 1 | -1/+2 | |
| Noticed by blambert@. Ok jmc@. | |||||
| 2009-01-05 | This commit was manufactured by cvs2git to create branch 'OPENSSL'. | cvs2svn | 4 | -0/+2088 | |
| 2009-01-05 | update to openssl-0.9.8i; tested by several, especially krw@ | djm | 190 | -3245/+5824 | |
| 2009-01-03 | reintroduce extra malloc protections, but avoiding the use of | djm | 1 | -164/+229 | |
| PAGE_(SIZE|SHIFT|MASK) defines that evaluate to variables on the sparc architecture; ok otto@ tested on my reanimated ss20 | |||||
| 2008-12-31 | PAGE_SIZE is not a valid symbol to use in that way. In particular, | deraadt | 1 | -235/+164 | |
| on sparc, it expands to something that just plain does not work, because the page size can be variable. Sorry we didn't spot this before. Backing it all out to allow sparc to build; please find a different way to fix it. | |||||
| 2008-12-30 | Remove mprotecting of struct dir_info introduced in previous commit | djm | 2 | -46/+4 | |
| (MALLOC_OPTIONS=L). It was too slow to turn on by default, and we don't do optional security. requested by deraadt@ grumbling ok otto@ | |||||
| 2008-12-29 | extra paranoia for malloc(3): | djm | 2 | -165/+278 | |
| Move all runtime options into a structure that is made read-only (via mprotect) after initialisation to protect against attacks that overwrite options to turn off malloc protections (e.g. use-after-free) Allocate the main bookkeeping data (struct dir_info) using mmap(), thereby giving it an unpredictable address. Place a PROT_NONE guard page on either side to further frustrate attacks on it. Add a new 'L' option that maps struct dir_info PROT_NONE except when in the allocator code itself. Makes attacks on it basically impossible. feedback tedu deraadt otto canacar ok otto | |||||
| 2008-12-23 | repair the ARC4 story; ok jmc djm millert | deraadt | 1 | -5/+7 | |
| 2008-12-22 | The example for detecting malicious PTR records could be easily misinterpreted. | jacekm | 1 | -5/+4 | |
| Make it less ambiguous; ok gilles@ claudio@ | |||||
| 2008-12-15 | shave off more bytes than you expect by declaring a few const local arrays | otto | 1 | -4/+4 | |
| as static const | |||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |