summaryrefslogtreecommitdiff
path: root/src (unfollow)
Commit message (Expand)AuthorFilesLines
2016-06-30bump to 2.4.2bcook2-6/+6
2016-06-30adapt S option: add C, rm F (not relevant with 0 cache and disablesotto1-3/+3
2016-06-30Remove flags for disabling constant-time operations.bcook18-424/+207
2016-06-28Add -M and -m options to specify the outgoing and incoming minimum TTLjca2-9/+52
2016-06-28Back out previous; otto saw a potential race that could lead to atb1-32/+23
2016-06-28If an error path if close() is called, save errno so that original errorderaadt1-5/+13
2016-06-27Be more careful initializing and tracking socket s through main, this isderaadt1-7/+6
2016-06-27defer munmap to after unlocking malloc. this can (unfortunately) be antedu1-23/+32
2016-06-27whitespacederaadt1-2/+2
2016-06-26increase the minimum for auto rounds to 6. that was the previous low boundtedu1-2/+2
2016-06-25Fix from kinichiro.inoguchi@gmail.com to ensure that OCSP usesbeck2-4/+4
2016-06-25Fix the ocsp code to actually check for errors when comparing time valuesbeck2-14/+62
2016-06-21Disable DSA_FLAG_NO_EXP_CONSTTIME, always enable constant-time behavior.bcook6-176/+92
2016-06-21Fix a bug loading the default certificate path locations.bcook1-9/+7
2016-06-06Set BN_FLG_CONSTTIME on the correct variable. beck committed wrong fix.libressl-v2.4.1tedu2-4/+4
2016-06-06Correct a problem that prevents the DSA signing algorithm from runningbeck2-8/+12
2016-06-06LibreSSL 2.4.1bcook2-6/+6
2016-06-02Fix typo; the period should be outside the parens. From Michael McConvillemillert1-3/+3
2016-06-02Let netcat support the use of service names instead of port numbers.beck2-18/+34
2016-05-30Gix misleading indent pointed out by GCC 6.1.libressl-v2.4.0bcook1-4/+4
2016-05-30deprecate internal use of EVP_[Cipher|Encrypt|Decrypt]_Final.beck8-24/+40
2016-05-30The icdb magic number doesn't need to be visible to static linksguenther1-2/+2
2016-05-29Remove dead support for changing BDB hash algorithm and cache of alternativesguenther1-5/+4
2016-05-29Nuke sigret.cbeck2-198/+0
2016-05-29We don't have sigreturn anymorebeck1-2/+2
2016-05-29Prefer AF_* over PF_* and 'address family' over 'protocol family'guenther1-9/+9
2016-05-28Fix pledge violation with -P s used and we need to supply a passwordbeck1-3/+12
2016-05-28Fix nc -verbose mode when used on a unix domain socket.beck1-5/+11
2016-05-28rcmd(3) and rcmdsh(3) use getaddrinfo(3) not gethostbyname(3).millert2-9/+9
2016-05-28Use getaddrinfo() instead of the non-standard gethostbyname2().millert1-5/+14
2016-05-27Rename some of the internal error setting functions to more closely followjsing3-14/+48
2016-05-27Avoid leaking ca_mem when freeing a tls_config.jsing1-1/+2
2016-05-27Fix function parameters that do not have an underscore prefix.jsing1-10/+10
2016-05-27typo fixes; Anthony Coultersthen1-3/+3
2016-05-26The destination string is declared as "s" but referred to as "dst"millert1-5/+5
2016-05-26tests for the two segfaults in backref() that were just fixedschwarze1-1/+4
2016-05-26Fix an oversight that caused the test program to segfault:schwarze1-2/+2
2016-05-26systematically test all combinations of REG_STARTEND, REG_NEWLINE,schwarze1-9/+85
2016-05-26support for testing REG_STARTEND together with REG_NOTBOLschwarze1-1/+4
2016-05-25use -nameopt esc_msb so "NetLock Kft" cert has the non-asciijsg1-2/+2
2016-05-23Remove iruserok(_sa)? and __ivaliduser(sa)?guenther2-90/+20
2016-05-23Eliminate __check_rhosts_file and __rcmd_errstr: they were only used byguenther1-5/+1