Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
221,313 Commits 606 Branches 0 Tags 3.1 GiB
Commit Graph

2417 Commits

Author SHA1 Message Date
joerg 975a152cfc If a library needs a symbol from another library, pull that library in 
explicitly, even if the DT_NEEDED closure would normally already ensure
the presence.
 2013-09-11 23:04:09 +00:00
joerg a7c89b6e01 Add dependency on libz and libbz2. 2013-09-11 09:57:09 +00:00
riastradh 1239c2bb08 Publish explicit_memset and consttime_memequal in userland libc. 
Remove the double-underscore from the userland versions, and do the
weak alias dance instead, now that these are public parts of libc.

As discussed on tech-userlevel:

https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
(option 3)
 2013-08-28 17:47:07 +00:00
riastradh cc79193075 Fix sense of consttime_memequal and update all callers. 
Now it returns true (nonzero) to mean equal and false (zero) to mean
inequal, as the name suggests.

As promised on tech-userlevel back in June:

https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
 2013-08-28 15:24:41 +00:00
joerg 44ed6e91de Prefer "." for the current address and not the PPC specific "$". 2013-08-04 17:15:21 +00:00
tls 14b0477b50 Re-check the entropy level after we call RAND_poll(), so that we do 
not continuously suck data out of /dev/urandom if we receive a stream
of requests larger than the initial-entropy threshold (hi Roland!).
 2013-07-28 14:13:29 +00:00
wiz a5684d07dd Use Mt for email addresses. 2013-07-20 21:39:55 +00:00
tteras 2d9f2eda4f From Rainer Weikusat <rweikusat@mobileactivedefense.com>: Export phase1 
remote address as Radius Calling-Station-Id.
 2013-07-19 10:54:52 +00:00
christos a2f4868d2a add RTM_LOSING, RTM_REDIRECT 2013-07-18 17:02:58 +00:00
tteras 4595769cee From Sven Vermeulen <sven.vermeulen@siphos.be>: Moves ploginit() up, 
allowing logging events from init_avc() to show up as well.
 2013-07-12 13:11:50 +00:00
joerg 9e69720425 Fix violations of the sequence point rule. 2013-06-28 15:04:35 +00:00
riastradh 82db4b9858 Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset. 
consttime_memequal is the same as the old consttime_bcmp.
explicit_memset is to memset as explicit_bzero was to bcmp.

Passes amd64 release and i386/ALL, but I'm sure I missed some spots,
so please let me know.
 2013-06-24 04:21:19 +00:00
christos c59ba37534 Add an option --enable-wildcard-match to enable wildcard matching and explain 
why we might want it and why it is a bad idea in general that's why it is
not enabled by default. ok tteras@, manu@
 2013-06-20 15:41:18 +00:00
tteras 4f62ef74bd From Paul Barker: Remove redundant memset after calloc that caused compile 
failures with gcc 4.8 due to error: argument to 'sizeof' in 'memset' call
is the same expression as the destination; did you mean to dereference.
 2013-06-18 05:39:50 +00:00
christos 54da44c072 Accept - as stdin 
Be nice and let the user know which file it could not open.
 2013-06-14 16:29:14 +00:00
tteras 05fbc8efab From Alexander Sbitnev <alexander.sbitnev@gmail.com>: fix admin port 
establish-sa for tunnel mode SAs.
 2013-06-03 05:49:31 +00:00
tteras fdd5bac4fc From Rainer Weikusat <rweikusat@mobileactivedefense.com>: Fix 
SADB_X_EALG_CASTCBC definition to use system definition (which
differs at least on Linux).
------------------------
 2013-05-23 05:42:29 +00:00
elric 3966285084 AUTHCID is optional for the GSSAPI mechanism. 2013-05-16 13:02:12 +00:00
elric cdfc977bf0 principals have principles. 2013-05-14 15:33:21 +00:00
mlelstv 34b99be967 The previous patch didn't apply cleanly, because our code doesn't 
use #ifdef OPENSSL_HAS_ECC.
Apply manually.
Drop now unused len variable.
 2013-05-14 05:18:11 +00:00
christos c8fbe6c64a use explicit_bzero instead of memset to zero memory 2013-05-10 16:39:25 +00:00
christos 6fd620669a remove error(1) output. 2013-05-10 16:38:47 +00:00
mbalmer b1090dff8a racoon default config is in /etc/racoon/racoon.conf 2013-05-08 20:03:02 +00:00
mlelstv e976afb5c5 Identityfile warnings fixes. 
https://bugzilla.mindrot.org/show_bug.cgi?id=2084
 2013-04-29 17:59:50 +00:00
christos 90a83642c1 restore logging behavior: don't treat user disconnect messages as errors, 
just log them.
 2013-04-25 20:10:28 +00:00
joerg 8d7f62402c Use __dead. 2013-04-12 18:09:30 +00:00
joerg e29eeb0057 Add __printflike. 2013-04-12 18:09:19 +00:00
joerg f1ca729c04 Don't force pthread linkage. 2013-04-12 18:08:10 +00:00
tteras 32d6075c95 From Rainer Weikusat <rweikusat@mobileactivedefense.com>: Do not send out 
illegal zero length MODE_CFG attributes.
 2013-04-12 10:03:45 +00:00
tteras 3d2760a386 Some logging improvements. 2013-04-12 09:53:10 +00:00
christos ce11a51f1d welcome to openssh-6.2 2013-03-29 16:19:44 +00:00
christos d2a9b9efd7 from openbsd 2013-03-29 14:52:38 +00:00
agc ca99397396 fix some lint on i386, noticed by Greg Troxel, thanks! 2013-03-19 01:00:16 +00:00
riastradh 6641d1f9ad Touch e_aes.c to force a rebuild with new compiler flags for AES-NI. 2013-02-18 21:20:50 +00:00
riastradh 249c85457d Fix build goo for OpenSSL AES-NI support. 
OpenSSL now supports AES-NI in evp, not in an engine.  We can now get
rid of the no longer maintained aesni engine, which was broken last
summer.  Not only can OpenSSL now use AES-NI for everything it did
before we broke it last summer, but it can also use AES-NI for more
encryption modes than before, such as CTR.

Tested on amd64, both vanilla and in an i386 chroot.

ok christos
 2013-02-18 21:15:25 +00:00
christos 82e8c5f133 need bsd.own.mk 2013-02-12 20:55:37 +00:00
christos b261027db1 mv the MKCRYPTO protection higher; ideally should be at the top for this 2013-02-12 20:31:13 +00:00
christos a7c38cbf62 merge in 1.0.1e 2013-02-12 19:52:11 +00:00
christos 5f71164a5e Changes between 1.0.1d and 1.0.1e [11 Feb 2013] 
*) Correct fix for CVE-2013-0169. The original didn't work on AES-NI
     supporting platforms or when small records were transferred.
     [Andy Polyakov, Steve Henson]
 2013-02-12 19:10:49 +00:00
christos fdbbeac71e remove obsolete file 2013-02-08 22:37:14 +00:00
christos 6b8892b719 fix generation 2013-02-08 15:22:03 +00:00
matt e67266a84f Change bclr 14,2 to beqlr 2013-02-08 03:05:43 +00:00
christos 1e387e93ca descend! 2013-02-08 01:54:20 +00:00
christos a6b0cd16cd commit the new man page. 2013-02-07 17:30:08 +00:00
christos 0e9a2dbd88 one more page 2013-02-07 16:48:28 +00:00
christos f496c772c6 reorg and add missing file. 2013-02-06 17:03:51 +00:00
christos ffecf7319c bump and add extra file 2013-02-05 23:38:46 +00:00
christos 523f268b9f merge changes 2013-02-05 21:31:23 +00:00
christos 85e90c0ff3 regen 2013-02-05 19:21:27 +00:00
christos 44ce355adb regen! 2013-02-05 19:18:41 +00:00