summaryrefslogtreecommitdiff
path: root/src (follow)
Commit message (Collapse)AuthorAgeFilesLines
* unifdef for auditability.itojun2002-08-091-112/+5
|
* Better fixes from openssl cvs; from markus@miod2002-08-052-6/+8
|
* typo; from openssl cvsmarkus2002-08-022-2/+2
|
* Back it out, it breaks something in perl (seen with spamassassin), debugdhartmei2002-07-313-87/+71
| | | | first.
* permit calloc(0, N) and calloc(N, 0) -- malloc(0) does the right thing; ↵deraadt2002-07-311-2/+2
| | | | markus miod ok
* Oops. don't forget to reformat the code after cut 'n paste.art2002-07-311-8/+8
|
* Test that longjmp from signals works. (it does)art2002-07-312-0/+31
|
* sync with http://www.openssl.org/news/patch_20020730_0_9_7.txtmarkus2002-07-308-26/+48
| | | | | (adds fix for unused kerberos and engine code, and some more assertions, as well as a 64bit integer string fix for conf_mod.c)
* apply patches from OpenSSL Security Advisory [30 July 2002],markus2002-07-3029-14/+136
| | | | http://marc.theaimsgroup.com/?l=openssl-dev&m=102802395104110&w=2
* more strlcpy; itojun okderaadt2002-07-301-4/+4
|
* return failure if integer overflow happens. sigh; too people had toderaadt2002-07-301-1/+7
| | | | help get this right.
* Replace atexit handler. mprotect() the pages so an attempt to modify thedhartmei2002-07-293-71/+87
| | | | | function pointers from the outside will segfault. Idea, hints and feedback from deraadt. ok deraadt.
* Try to modify __atexit directly and see if our function gets called.dhartmei2002-07-294-0/+152
|
* query ip6.arpa then ip6.int for IPv6 reverse lookup. follows RFC3152.itojun2002-07-291-2/+8
| | | | (need some string-manipulation cleanup near here)
* more snprintf and strlcpy; help from millertderaadt2002-07-251-13/+48
|
* kill more strcpyderaadt2002-07-254-16/+15
|
* cleanupderaadt2002-07-251-23/+26
|
* Convert to ANSI function headers and make 'ch' argument int, not char.millert2002-07-242-8/+6
| | | | Noticed by deraadt@
* have _THREAD_PRIVATE_MUTEX for DNS/YP/hosts lookup.itojun2002-07-241-3/+16
|
* remove #define crypt DES_crypt; ok deraadt@markus2002-07-192-8/+0
|
* use /bin/sh for bourne shell scripts (instead of the $SHELL env var).markus2002-07-181-1/+1
| | | | ok deraadt@
* Correct CFLAGS for vax; deraadt says ok.hugh2002-07-181-5/+2
| | | | NB future porters, default is still big endian.
* correct memset arguments; from Moritz Jodeit <moritz@jodeit.org> via PR/2822.fgsch2002-07-162-4/+4
|
* cleanderaadt2002-07-111-123/+59
|
* Disable support for the other hardware accelerators. No need to crank thederaadt2002-07-111-5/+8
| | | | major because these interfaces are really not exported (or used).
* enviroment -> environmentjufi2002-07-073-5/+5
|
* regress for getaddrinfo/getnameinfoitojun2002-07-055-2/+397
|
* correct handling of EOF on both tty input and network. for example,vincent2002-07-041-11/+15
| | | | | | | this allows stuff like nc -l 10101 < /dev/null to have nc exit automatically when it gets EOF from the network. ok ericj@
* more type pedantitojun2002-07-011-2/+2
|
* lint clean (and don't mixup signed/unsigned). from martin husemannitojun2002-07-011-12/+12
|
* define SUN_LEN if it is not already for portability.vincent2002-07-011-1/+6
| | | | millert made the same suggestion, so i guess it's ok ;)
* use SUN_LEN to calculate AF_UNIX sockaddr's length. + some stylevincent2002-07-011-22/+18
| | | | ok ericj@
* make more pedantic check on strtoul. from deraadt, sync w/kameitojun2002-07-011-8/+12
|
* correct port range check. from deraadt. sync w/kame. bind-bugs have ↵itojun2002-06-291-2/+3
| | | | already notified.
* Replace strtou?q() with the more standard strtou?ll(), using weakmillert2002-06-295-42/+108
| | | | aliases to fake up strtou?q(). espie@ OK.
* %d -> %u. mostly in #ifdef DEBUG.itojun2002-06-275-34/+34
|
* %d/%u mixup (in #ifdef DEBUG)itojun2002-06-272-5/+5
|
* ntohs() returns unsigned valueitojun2002-06-271-2/+2
|
* correct bad practice in the code - it uses two changing variablesitojun2002-06-262-26/+22
| | | | | | | to manage buffer (buf and buflen). we eliminate buflen and use fixed point (ep) as the ending pointer. this fix is NOT critical.
* avoid remote buffer overrun on hostbuf[]. From: Joost Pol <joost@pine.nl>itojun2002-06-262-43/+33
| | | | | | | | correct bad practice in the code - it uses two changing variables to manage buffer (buf and buflen). we eliminate buflen and use fixed point (ep) as the ending pointer. this fix is critical.
* remove support for RC4 via /dev/crypto, suggested by Niels; ok provos@markus2002-06-202-36/+0
|
* do not syslog from libraries!deraadt2002-06-192-20/+2
|
* KNF, -Wall, and other cleanups. still does not failover 100% correctlyderaadt2002-06-192-44/+104
| | | | for operations when /dev/crypto is missing, for instance in chroot
* stupid stupid bug ja ja ja jaderaadt2002-06-192-2/+2
|
* unbreak sshd with privsep: open /dev/crypto, keep fd, and callmarkus2002-06-182-10/+40
| | | | CRIOGET per EVP_Init(); ok niklas@, miod@
* per-evp state is now sizeof(struct dev_crypto_state) instead sizeof(struct ↵markus2002-06-182-12/+12
| | | | session_op)
* keep a FD per EVP_init, use a global FD for all asym operations;markus2002-06-132-166/+170
| | | | ok beck@
* KNFderaadt2002-06-112-38/+32
|
* add "dsa_dsa_mod_exp" - This mimics the software dsa_mod_exp funtionbeck2002-06-112-6/+74
| | | | | | | using two mod_exp operations - otherwise we use BN_mod_exp2 entirely in software, which makes dsa verifications glacially slow while signatures, (which use mod_exp) are fast. This lets cards that can only do bn_mod_exp decently offload most of dsa.
* Make DSA work now... at least for things that can do bn_mod_exp.beck2002-06-112-14/+8
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-28 15:10:21 +0000