| Commit message (Collapse) | Author | Files | Lines | ||
|---|---|---|---|---|---|
| 2016-11-04 | Zap extra space. |   ajacoutot | 1 | -2/+2 | |
| 2016-11-04 | enum values need to fit in 32 bits; we only use enum for numbering and |   nicm | 1 | -2/+2 | |
| Unicode characters fit in 24 bits, so we can leave key_code as 64 bits and change KEYC_BASE down to 0x10000000. | |||||
| 2016-11-04 | Make sure our filesystems are local and not read-only. | ajacoutot | 1 | -4/+18 | |
| 2016-11-04 | No need to reach libssl private headers and to define TERMIOS anymore. |   miod | 1 | -4/+1 | |
| ok bcook@ | |||||
| 2016-11-04 | Remove I386_ONLY define. It was only used to prefer a | miod | 18 | -57/+169 | |
| faster-on-genuine-80386-but-slower-on-80486-onwards innstruction sequence in the SHA512 code, and had not been enabled in years, if at all. ok tom@ bcook@ | |||||
| 2016-11-04 | In OPENSSL_wipe_cpu() on i386, which noone uses anyway, check the proper | miod | 1 | -1/+1 | |
| flag for the presence of a FPU before deciding to wipe the fpu registers. ok jsing@ | |||||
| 2016-11-04 | Use 'rm -f' to remove the rollback tarball if we have an errir; it may | ajacoutot | 1 | -2/+4 | |
| be because we have a read-only /var. | |||||
| 2016-11-04 | There's not much point having three static functions that do a cast and |   jsing | 1 | -33/+6 | |
| assign a pointer, when we can just inline the three and do one cast followed by three pointer assignments. | |||||
| 2016-11-04 | Do not mix declarations and code. | jsing | 1 | -3/+7 | |
| 2016-11-04 | Rename the internal bio related functions so that they have a common | jsing | 1 | -22/+22 | |
| prefix. Makes the code more readable and removes shadowing. | |||||
| 2016-11-04 | Add X509_up_ref, from boring |   beck | 2 | -2/+11 | |
| ok jsing@ | |||||
| 2016-11-04 | convert RSA manuals from pod to mdoc |   schwarze | 31 | -1223/+1919 | |
| 2016-11-04 | MALLOC_STATS tweaks, by default not compiled in |   otto | 1 | -13/+29 | |
| 2016-11-04 | There's not much point in casting a void * to a specific type just before | jsing | 1 | -4/+2 | |
| calling free(). ok beck@ ingo@ | |||||
| 2016-11-04 | new sentence, new line, and zap trailing whitespace; |   jmc | 1 | -3/+4 | |
| 2016-11-04 | bump minor for ocsp_require_stapling addition | beck | 1 | -1/+1 | |
| 2016-11-04 | Add ocsp_require_stapling config option for tls - allows a connection | beck | 7 | -12/+37 | |
| to indicate that it requires the peer to provide a stapled OCSP response with the handshake. Provide a "-T muststaple" for nc that uses it. ok jsing@, guenther@ | |||||
| 2016-11-03 | Don't use ce_time if we are running as a server, it won't be present. |   joris | 1 | -3/+7 | |
| 2016-11-03 | small tweak to also check canaries if F is in effect | otto | 1 | -2/+4 | |
| 2016-11-03 | small tweak to also check canaries if F is in effect | otto | 1 | -3/+5 | |
| 2016-11-03 | Remove obsolete vxlan_lookup return value handling |   mikeb | 1 | -7/+2 | |
| With input from reyk@, OK mpi | |||||
| 2016-11-03 | Support for key removal and value update operations | mikeb | 2 | -30/+87 | |
| This change makes it possible for the Host to update the value of an existing key via a Set operation as well as to remove the key completely with a Delete message. | |||||
| 2016-11-03 | Missing local. | ajacoutot | 1 | -2/+2 | |
| 2016-11-03 | Add a proper annotation for portroach documentation link |   danj | 1 | -3/+3 | |
| OK schwarze@ | |||||
| 2016-11-03 | Re-add the Xr macro to syspatch now that it's hooked up. | ajacoutot | 1 | -4/+3 | |
| 2016-11-03 | Hook up syspatch(8). | ajacoutot | 1 | -4/+4 | |
| expectations elevation encouragement from deraadt@ | |||||
| 2016-11-03 | In ssl3_read_bytes(), do not process more than three consecutive TLS | jsing | 1 | -4/+24 | |
| records, otherwise a peer can potentially cause us to loop indefinately. Return with an SSL_ERROR_WANT_READ instead, so that the caller can choose when they want to handle further processing for this connection. ok beck@ miod@ | |||||
| 2016-11-03 | rollback -> revert where it makes sense. | ajacoutot | 2 | -7/+7 | |
| 2016-11-03 | make OCSP_URL only show up when an OCSP url is actually present in the cert | beck | 1 | -2/+3 | |
| 2016-11-03 | XXX match with installed sets (comp, x...)? | ajacoutot | 1 | -1/+2 | |
| 2016-11-03 | Make OCSP Stapling: only appear if there is stapling info present. | beck | 1 | -5/+3 | |
| 2016-11-03 | convert RAND manuals from pod to mdoc | schwarze | 11 | -196/+204 | |
| 2016-11-03 | Hardlinks are properly handled; for the rest, we'll see if we need to care | ajacoutot | 1 | -3/+2 | |
| or not (XXX). | |||||
| 2016-11-03 | zap the overview manual page of the RAND subsystem | schwarze | 2 | -36/+1 | |
| that contained nothing but duplicate and misleading information; OK jsing@ | |||||
| 2016-11-03 | convert PEM and PKCS manuals from pod to mdoc | schwarze | 27 | -1380/+2231 | |
| 2016-11-03 | Fix debug message to print the presence of more flag correctly. |   rzalamena | 1 | -3/+3 | |
| ok mikeb@ | |||||
| 2016-11-03 | Add locks to key-value pair pools | mikeb | 1 | -7/+37 | |
| We need to ensure list and data consistency during concurrent accesses since the interrupt handler is not executed under the kernel lock and may add or modify entries while userland process is reading the value or traversing the list. | |||||
| 2016-11-03 | switch to using BUILDUSER and add more error checking |   robert | 1 | -33/+61 | |
| 2016-11-03 | Make sure PATCH_PATH is an URL that ftp(1) can cope with. | ajacoutot | 1 | -5/+2 | |
| 2016-11-03 | Merge ls_avail() into ls_missing(), it's only used once. | ajacoutot | 1 | -12/+8 | |
| While here, cope with a missing index.txt or other ftp(1) error. | |||||
| 2016-11-03 | Identify as an OSPlatformID 131 with a kernel version of 6 | mikeb | 1 | -6/+6 | |
| 2016-11-03 | Document the KVP interface | mikeb | 1 | -3/+26 | |
| 2016-11-03 | Split ssl3_get_key_exchange() into separate functions for DHE/ECDHE. | jsing | 1 | -205/+256 | |
| ok beck@ (who was struggling to keep lunch down while reviewing the diff) | |||||
| 2016-11-03 | Implement a Key-Value Pair exchange interface | mikeb | 2 | -8/+557 | |
| The implemented abstraction allows us to query and set little endian UTF-16 keys exchanged between the Host and the Guest via a text based pvbus(4) interface. All keys are attached to one of several key pools: Auto, Guest, External or Guest/Parameters. The hostctl(8) is able to modify values for keys in the Auto pool as well as set new keys in the Guest pool while the Host provides its keys in External and Guest/Parameters pools. Discussed with reyk@ | |||||
| 2016-11-03 | Don't do OCSP validation when we have disabled certificate verification | beck | 2 | -5/+8 | |
| or certificate validation. ok jsing@ | |||||
| 2016-11-03 | Use hw.ncpufound. | ajacoutot | 1 | -3/+2 | |
| 2016-11-03 | Simplify for loops; prompted by a comment from rpe@ | ajacoutot | 1 | -10/+7 | |
| 2016-11-03 | Let Integrated Components allocate the receive buffer themselves | mikeb | 1 | -24/+52 | |
| since they have a better clue how to size it. While here, cleanup the kernel output a bit. | |||||
| 2016-11-03 | convert configuration manuals from pod to mdoc | schwarze | 9 | -305/+340 | |
| 2016-11-03 | convert remaining ASN1 object manuals from pod to mdoc | schwarze | 5 | -175/+299 | |
 |
index : wireguard-openbsd | |
| WireGuard implementation for the OpenBSD kernel | Matt Dunwoodie |
| summaryrefslogtreecommitdiffstats |