| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
from miod@:
There used to be a strong reluctance to provide this cipher in LibreSSL in the
past, because the licence terms under which Cammelia was released by NTT were
free-but-not-in-the-corners, by restricting the right to modify the source
code, as well retaining the right to enforce their patents against anyone
in the future.
However, as stated in http://www.ntt.co.jp/news/news06e/0604/060413a.html ,
NTT changed its mind and made this code truly free. We only wish there had
been more visibility of this, for we could have had enabled Cammelia
earlier (-:
Licence change noticed by deraadt@. General agreement from the usual LibreSSL
suspects.
Crank libcrypto.so minor version due to the added symbols.
|
| |
|
|
|
| |
Check if we are using clang, rather than simply if we are on OS X.
Note: recent LLVM releases do not seem to need this anyway.
|
| |
|
|
| |
We need to include VERSION for it to run.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The FreeBSD-native arc4random_buf implementation falls back to weak
sources of entropy if the sysctl fails. Remove these dangerous fallbacks
by overriding locally.
Unfortunately, pthread_atfork() is broken on FreeBSD (at least 9 and 10)
if a program does not link to -lthr. Callbacks registered with
pthread_atfork() simply fail silently. So, it is not always possible to
detect a PID wraparound. I wish we could do better.
This improves arc4random_buf's safety compared to the native FreeBSD
implementation. Tested on FreeBSD 9 and 10.
ok beck@ deraadt@
|
| |
|
|
|
|
|
|
| |
While the native OS X implementation is fork-safe, it does not seed
safely, as of the latest released OS X libc sources, version 997.90.3.
It only uses weak sources of entropy if accessing /dev/urandom fails.
ok beck@ deraadt@
|
| |
|
|
| |
ok beck@ deraadt@
|
| |
|
|
|
|
|
|
| |
This allows sofware expecting OpenSSL's config script, to a limited
extent, to continue building without changes.
Thanks to technion for pointing this out and providing the initial
patch.
|
| |
|
|
| |
ok @doug
|
| |
|
|
|
|
|
|
|
| |
Simplify autoconf checks by using AC_CHECK_FUNCS/HEADERS.
Clarify some ambiguous dependencies around strnlen/strndup.
Unconditionally enable pidwraptest for all arc4random implementations.
Remove HAVE_VASPRINTF conditional, since asprintf requires vasprintf.
ok @doug
|
| |
|
|
| |
ok doug@
|
| |
|
|
|
|
| |
This removes the need to specify each one individually.
ok doug@
|
| |
|
|
|
|
| |
openssl.1 contains all of the information from the other application
manpages, and is the only one packaged in OpenBSD. So, remove the other
obsolete .1 manpages (and avoid overlapping system pages like passwd.1)
|
| |
|
|
| |
for example, asprintf/vasprintf are unmasked with _GNU_SOURCE in mingw
|
| | |
|
| | |
|
| |
|
|
| |
This allows the proper compatibility header definition to be exposed.
|
| | |
|
| |
|
|
| |
ok beck@
|
| |
|
|
| |
Add more info on how to build from source, where to download it from.
|
| |
|
|
| |
help people more easily find the code and changes
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Remove the possibility of having any bad or old manpages in releases
while still being able to cache for quick development tarballs.
|
| | |
|
| |
|
|
| |
remove bash comparison, thanks kinichiro
|
| |
|
|
|
| |
Surprisingly (or not), a lot of OpenSSL's inline assembly actually makes
things slower with a relatively modern compiler (read, gcc >= 4.x).
|
| |
|
|
| |
use default of -std=gnu99 for it to be recognized
|
| |
|
|
| |
this is the replacement for _BSD_SOURCE on newer glibc's
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
it seems that including stdarg.h is needed for defining va_list
environment is hpux 11.31(ia64) with gcc 4.7.1.
without stdarg.h, I got compilation error like this.
"error: 'va_list' undeclared (first use in this function)"
I checked with gcc -E, then I noticed that __va_list is defined but va_list is not.
"typedef __gnuc_va_list __va_list;"
with including stdarg.h, va_list is defined.
"typedef __gnuc_va_list va_list;"
|
| |
|
|
| |
from wouter@
|
| |
|
|
| |
this avoids inadvertent local merges
|
| |
|
|
|
|
| |
it is only used by strndup
prodded by Sortie@
|
| |
|
|
| |
Added OPENBSD_BRANCH to set what branch update.sh should checkout.
|
| | |
|
| |
|
|
| |
switch the sense of this check
|
| | |
|
| |
|
|
| |
ok bcook@
|
| |
|
|
|
|
|
|
|
| |
* use the original name for the file from OpenSSH (remove duplicate version)
* add va_copy/__va_copy checks to configure
* incorporate proposed fixes to openssh version:
+ include more system headers directly for various definitions
+ limit the scope of va_copy/va_end to their affected vsnprintf calls
+ simplify error handling, removing a dead assignment
|
| | |
|
| |
|
|
|
|
| |
thanks to kinichiro for pointing this out
ok deraadt@ beck@
|
| |
|
|
| |
ok deraadt@ beck@
|
| |
|
|
| |
ok deraadt@ beck@
|
| |
|
|
| |
ok deraadt@ beck@
|
| |
|
|
| |
ok deraadt@ beck@
|
| |
|
|
|
|
| |
Added AIX/IRIX compatibility for endian detection.
ok bcook@ deraadt@ beck@
|
| |
|
|
|
|
|
|
| |
This is to avoid redefining prototypes from the libc headers. Also,
simplify the autoconf function checks and remove some copy/paste
errors checking for 'write'.
ok wouter@
|
