| Commit message (Collapse) | Author | Files | Lines | ||
|---|---|---|---|---|---|
| 2016-11-03 | Support for key removal and value update operations |   mikeb | 2 | -30/+87 | |
| This change makes it possible for the Host to update the value of an existing key via a Set operation as well as to remove the key completely with a Delete message. | |||||
| 2016-11-03 | Missing local. |   ajacoutot | 1 | -2/+2 | |
| 2016-11-03 | Add a proper annotation for portroach documentation link |   danj | 1 | -3/+3 | |
| OK schwarze@ | |||||
| 2016-11-03 | Re-add the Xr macro to syspatch now that it's hooked up. | ajacoutot | 1 | -4/+3 | |
| 2016-11-03 | Hook up syspatch(8). | ajacoutot | 1 | -4/+4 | |
| expectations elevation encouragement from deraadt@ | |||||
| 2016-11-03 | In ssl3_read_bytes(), do not process more than three consecutive TLS |   jsing | 1 | -4/+24 | |
| records, otherwise a peer can potentially cause us to loop indefinately. Return with an SSL_ERROR_WANT_READ instead, so that the caller can choose when they want to handle further processing for this connection. ok beck@ miod@ | |||||
| 2016-11-03 | rollback -> revert where it makes sense. | ajacoutot | 2 | -7/+7 | |
| 2016-11-03 | make OCSP_URL only show up when an OCSP url is actually present in the cert |   beck | 1 | -2/+3 | |
| 2016-11-03 | XXX match with installed sets (comp, x...)? | ajacoutot | 1 | -1/+2 | |
| 2016-11-03 | Make OCSP Stapling: only appear if there is stapling info present. | beck | 1 | -5/+3 | |
| 2016-11-03 | convert RAND manuals from pod to mdoc |   schwarze | 11 | -196/+204 | |
| 2016-11-03 | Hardlinks are properly handled; for the rest, we'll see if we need to care | ajacoutot | 1 | -3/+2 | |
| or not (XXX). | |||||
| 2016-11-03 | zap the overview manual page of the RAND subsystem | schwarze | 2 | -36/+1 | |
| that contained nothing but duplicate and misleading information; OK jsing@ | |||||
| 2016-11-03 | convert PEM and PKCS manuals from pod to mdoc | schwarze | 27 | -1380/+2231 | |
| 2016-11-03 | Fix debug message to print the presence of more flag correctly. |   rzalamena | 1 | -3/+3 | |
| ok mikeb@ | |||||
| 2016-11-03 | Add locks to key-value pair pools | mikeb | 1 | -7/+37 | |
| We need to ensure list and data consistency during concurrent accesses since the interrupt handler is not executed under the kernel lock and may add or modify entries while userland process is reading the value or traversing the list. | |||||
| 2016-11-03 | switch to using BUILDUSER and add more error checking |   robert | 1 | -33/+61 | |
| 2016-11-03 | Make sure PATCH_PATH is an URL that ftp(1) can cope with. | ajacoutot | 1 | -5/+2 | |
| 2016-11-03 | Merge ls_avail() into ls_missing(), it's only used once. | ajacoutot | 1 | -12/+8 | |
| While here, cope with a missing index.txt or other ftp(1) error. | |||||
| 2016-11-03 | Identify as an OSPlatformID 131 with a kernel version of 6 | mikeb | 1 | -6/+6 | |
| 2016-11-03 | Document the KVP interface | mikeb | 1 | -3/+26 | |
| 2016-11-03 | Split ssl3_get_key_exchange() into separate functions for DHE/ECDHE. | jsing | 1 | -205/+256 | |
| ok beck@ (who was struggling to keep lunch down while reviewing the diff) | |||||
| 2016-11-03 | Implement a Key-Value Pair exchange interface | mikeb | 2 | -8/+557 | |
| The implemented abstraction allows us to query and set little endian UTF-16 keys exchanged between the Host and the Guest via a text based pvbus(4) interface. All keys are attached to one of several key pools: Auto, Guest, External or Guest/Parameters. The hostctl(8) is able to modify values for keys in the Auto pool as well as set new keys in the Guest pool while the Host provides its keys in External and Guest/Parameters pools. Discussed with reyk@ | |||||
| 2016-11-03 | Don't do OCSP validation when we have disabled certificate verification | beck | 2 | -5/+8 | |
| or certificate validation. ok jsing@ | |||||
| 2016-11-03 | Use hw.ncpufound. | ajacoutot | 1 | -3/+2 | |
| 2016-11-03 | Simplify for loops; prompted by a comment from rpe@ | ajacoutot | 1 | -10/+7 | |
| 2016-11-03 | Let Integrated Components allocate the receive buffer themselves | mikeb | 1 | -24/+52 | |
| since they have a better clue how to size it. While here, cleanup the kernel output a bit. | |||||
| 2016-11-03 | convert configuration manuals from pod to mdoc | schwarze | 9 | -305/+340 | |
| 2016-11-03 | convert remaining ASN1 object manuals from pod to mdoc | schwarze | 5 | -175/+299 | |
| 2016-11-03 | Also ignore --no-undefined (we already ignore -no-undefined) which is | ajacoutot | 1 | -1/+2 | |
| starting to show up more and more. ok jasper@ | |||||
| 2016-11-03 | Only set an error from libssl related code, if an error has not already | jsing | 2 | -7/+47 | |
| been set by libtls code. This avoids the situation where a libtls callback has set an error, only to have it replaced by a less useful libssl based error. ok beck@ | |||||
| 2016-11-03 | convert HMAC and MD5 manuals from pod to mdoc | schwarze | 5 | -210/+393 | |
| 2016-11-03 | convert EVP manuals from pod to mdoc | schwarze | 49 | -2724/+4229 | |
| 2016-11-03 | Always call if_put() during the interface iteration on port status multipart | rzalamena | 1 | -2/+3 | |
| reply to avoid reference leaks. ok mikeb@ | |||||
| 2016-11-03 | The networking code no longer runs off software interrupts. |   mpi | 1 | -10/+1 | |
| 2016-11-03 | Fix handshake failures: | beck | 1 | -20/+26 | |
| split out internals of OCSP verification to allow callback to verify before TLS handshake is complete | |||||
| 2016-11-03 | Clean up the TLS handshake digest handling - this refactors some of the | jsing | 2 | -30/+43 | |
| code for improved readability, however it also address two issues. The first of these is a hard-to-hit double free that will occur if EVP_DigestInit_ex() fails. To avoid this and to be more robust, ensure that tls1_digest_cached_records() either completes successfully and sets up all of the necessary digests, or it cleans up and frees everything that was allocated. The second issue is that EVP_DigestUpdate() can fail - detect and handle this in tls1_finish_mac() and change the return type to an int so that a failure can be propagated to the caller (the callers still need to be fixed to handle this, in a later diff). The double-free was reported by Matthew Dillon. ok beck@ doug@ miod@ | |||||
| 2016-11-02 | sync |   sthen | 1 | -1/+1 | |
| 2016-11-02 | Add Windows 10 VMBus protocol version | mikeb | 1 | -0/+2 | |
| 2016-11-02 | Inline the macro that is used only once | mikeb | 1 | -5/+5 | |
| 2016-11-02 | when CONSPEED moved from libsa.h to Makefile it lost a leading '1', |   jasper | 1 | -2/+2 | |
| reinstate the original of 115200 spotted by brad | |||||
| 2016-11-02 | Fixup a wait channel used during VMBus channel discovery | mikeb | 1 | -3/+3 | |
| Clang static analyser has found that a tsleep was using an uninitialised pointer value as a wait channel. An associated wakeup wasn't doing the right thing either. | |||||
| 2016-11-02 | bit more cleanup; |   jmc | 1 | -9/+9 | |
| 2016-11-02 | Be verbose when reverting a patch. | ajacoutot | 1 | -1/+2 | |
| committing now to please espie@ | |||||
| 2016-11-02 | fix shadow declaration of time in parameter list. | beck | 1 | -2/+2 | |
| ok jsing@ | |||||
| 2016-11-02 | Ensure handshake is complete before processing an ocsp response for a ctx | beck | 1 | -0/+3 | |
| ok jsing@ | |||||
| 2016-11-02 | tweak previous; | jmc | 1 | -32/+26 | |
| 2016-11-02 | convert ERR manuals from pod to mdoc; while reading this, | schwarze | 23 | -705/+963 | |
| i wtfed, laughed, puked, and cried in more or less that order... | |||||
| 2016-11-02 | bump minor for ocsp api additions | beck | 1 | -1/+1 | |
| 2016-11-02 | Add OCSP client side support to libtls. | beck | 8 | -9/+641 | |
| - Provide access to certificate OCSP URL - Provide ability to check a raw OCSP reply against an established TLS ctx - Check and validate OCSP stapling info in the TLS handshake if a stapled OCSP response is provided.` Add example code to show OCSP URL and stapled info into netcat. ok jsing@ | |||||
 |
index : wireguard-openbsd | |
| WireGuard implementation for the OpenBSD kernel | Matt Dunwoodie |
| summaryrefslogtreecommitdiffstats |