openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Files	Lines
2009-04-08	MFC: fixes for OpenSSL ASN.1 invalid memory accesses (CVE-2009-0590 andOPENBSD_4_4	djm	3	-2/+16
	CVE-2009-0789).
2009-01-09	Fix CVE-2008-5077: Incorrect checks for malformed signatures	djm	9	-12/+11

2008-07-28	This commit was manufactured by cvs2git to create branch 'OPENBSD_4_4'.	cvs2svn	692	-180302/+0

2008-07-28	Install man pages for the BIO_* libcrypto functions, but not bio.3	jsg	1	-1/+126
	as the page doesn't directly describe any functions. ok deraadt@
2008-07-28	man page bits for new malloc; ok jmc@	otto	1	-43/+33

2008-07-28	Almost complete rewrite of malloc, to have a more efficient data	otto	1	-1443/+835
	structure of tracking pages returned by mmap(). Lots of testing by lots of people, thanks to you all. ok djm@ (for a slighly earlier version) deraadt@
2008-07-25	i have to crank this for a ridiculous reason, to save me about 4 hours of work	deraadt	1	-1/+1

2008-06-26	First pass at removing clauses 3 and 4 from NetBSD licenses.	ray	4	-33/+5
	Not sure what's more surprising: how long it took for NetBSD to catch up to the rest of the BSDs (including UCB), or the amount of code that NetBSD has claimed for itself without attributing to the actual authors. OK deraadt@
2008-06-14	remove _thread_malloc_init prototype	otto	1	-2/+1

2008-06-13	grammar fixes;	jmc	1	-3/+3

2008-06-13	remove _MALLOC_LOCK_INIT; major bump; ok deraadt@	otto	2	-8/+2

2008-06-13	Add strtof() to libc, some ports seem to like it. Currently it's a simple	landry	3	-9/+64
	call to strtod() with bounding check. Discussed with pyr@ and otto@ ok otto@ deraadt@
2008-06-09	fix an Xr, and use a more appropriate macro;	jmc	1	-4/+4

2008-06-08	arc4random_stir() does not use /dev/arandom anymore, but sysctl kern.arandom	deraadt	1	-4/+6

2008-06-04	fix math screwup that reintroduced a bias for upper_bounds in range	djm	1	-2/+2
	(2^30,2^31). Nothing in the tree yet requests random numbers bounded by this range. report jakob!deraadt; ok deraadt@
2008-05-30	-salt is default for "openssl enc"; from djm	jmc	1	-29/+19
	tweaked with some help from Matthew Dempsky and djm ok djm
2008-05-20	kill an Xr to a non-existent man page, ulimit(1);	jmc	1	-5/+3

2008-05-19	remove recalloc(3); it is buggy and impossible to repair without big	otto	3	-62/+20
	costs; ok jmc@ for the man page bits; ok millert@ deraadt@
2008-05-11	garbage collect the portability bits for the removed select() support.	brad	1	-11/+1
	ok djm@ deraadt@
2008-05-09	try SO_BINDANY for -s, but do not insist; ok bob, reyk	markus	1	-2/+4

2008-05-07	remove duplicates; remove des_random_key; remove unused; sort MLINKS; ok jmc@	markus	1	-113/+8

2008-05-06	- put the description of -O in the right place	jmc	1	-6/+6
	- shorten the argument names to -IO
2008-05-06	allow setting of TCP send/receive buffer sizes; ok markus@	djm	2	-5/+38

2008-04-18	convert select() => poll(), saves a runtime malloc+free per retry	djm	1	-23/+16
	feedback deraadt@ drahn@; ok deraadt@
2008-04-16	permit _ in the middle of a DNS name component	deraadt	1	-2/+3

2008-04-13	Improve the libc DNS resolver ID generation algorithm to be more	djm	1	-43/+79
	resistant to prediction atacks by wrapping the existing LCG in a random permutation generator based on a Luby-Rackoff block cipher. lots of discussion and final ok deraadt@
2008-04-13	Use arc4random_buf() when requesting more than a single word of output	djm	2	-4/+4
	Use arc4random_uniform() when the desired random number upper bound is not a power of two ok deraadt@ millert@
2008-04-04	- do not call pthread_atfork(3) handlers when a multithreaded program	kurt	1	-2/+7
	calls vfork(2). "untested, but looks OK" marc@ - document vfork(2), popen(3) and system(3) don't call atfork handlers in multithreaded programs. okay jmc@
2008-04-02	Zero state buffers on return. OK deraadt@	millert	1	-1/+5

2008-03-19	bcmp(3) tries to return length, which is a size_t, as an int.	ray	1	-4/+4
	Instead, just return 1 if there is a difference. Found by lint. OK millert.
2008-03-16	- add NAME entries for arc4random_buf and arc4random_uniform	jmc	1	-2/+4
	- simplify a macro call (Do/Dc -> Dq)
2008-03-16	Add missing MLINKS	deraadt	1	-1/+2

2008-03-16	diff from djm@ committed at his request:	otto	2	-3/+84
	introduce two new APIs for requesting strong random numbers: arc4random_buf() - fill an arbitrary memory range with random numbers arc4random_uniform() - return a uniformly distributed random number below a specified upper bound, avoiding the bias that comes from a naive "arc4random() % upper_bound" construction. these mirror similarly-named functions in the kernel; lots of discussion deraadt@ mcbride@
2008-03-15	- len is size_t, but n uses len and is an int. Matching those types	ray	1	-6/+12
	should be good, plus it prevents weird things from happening if len > INT_MAX. - Since n is now size_t, compare it against 0 instead of >= 0. - temp is used to store individual bytes, so use char instead (matches fp and tp). - millert noted that the comma operator may not guarantee order of execution, so replace with semicolons. Found by lint, OK millert.
2008-03-15	Convert c to unsigned char, like it says in the manual. Also add	ray	1	-4/+3
	cast to make it explicit. Found by lint, OK millert.
2008-02-26	fix memory leak (in one case of unaligned buffers); from Markus Kvetter	deraadt	2	-4/+6
	ok markus
2008-02-20	use pgfree pool like other code does to reserve free list slots.	otto	1	-6/+6
	prevents a few "cannot free mem because i need mem to free mem" scenarios (one found by weingart@). ok weingart@ millert@ miod@
2008-01-01	- make arc4random*() functions thread safe. Use a custom spinlock function	kurt	2	-42/+69
	instead of the generic pthread macros since free(3) uses __arc4_getbyte() when freeing small sized allocations and the generic pthread macros call malloc(3). - eliminate passing pointers to a static variable with global scope (rs) for additional code clarity and reduction. - shlib minor bumps for libc and libpthread due to new functions. From andreas@ with some bits from me. okay tedu@ marc@ w/some spot checking from millert@
2007-12-01	relevant updates/fixes up to openssl-0.9.8g;	jmc	1	-31/+45

2007-11-27	typos; ok jmc@	martynas	1	-2/+2
	sys/dev/pci/pciide.c from naddy@
2007-11-19	fix misleading comment; the _MUTEX_LOCK/_MUTEX_UNLOCK macros work with	kurt	1	-2/+2
	both static and non-static mutexs.
2007-11-13	Put limits.h in front of stdlib.h as style(9) recommends.	tobias	2	-8/+8
	OK millert@
2007-11-11	strtod may return HUGE_VAL on overflow, which is defined in math.h.	tobias	1	-2/+3
	Therefore added math.h to SYNPOSIS. OK millert@
2007-10-31	Add parentheses to avoid warning:	chl	1	-2/+2
	"suggest parentheses around && within \|\|" ok millert@
2007-10-25	Make sure to use unique target names so that make -j does not break;	miod	1	-25/+25
	feedback and ok espie@
2007-10-22	Only test one condition per invocation flavour, instead of testing all	miod	1	-27/+29
	of them with exceptions disabled and then only one with exceptions enabled. ok kettenis@
2007-10-20	Give more details on failure.	miod	1	-8/+8

2007-10-20	Make this work on 64 bit platforms by using strlen() instead of sizeof()...	miod	1	-1/+1
	worked by accident.
2007-10-11	use RRSIG instead of SIG for DNSSEC. ok djm@	jakob	3	-6/+7

2007-10-10	Replace use of strcpy(3) and other pointer goo in	moritz	2	-30/+24
	SSL_get_shared_ciphers() with strlcat(3). ok deraadt@ markus@