Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
221,620 Commits 606 Branches 0 Tags 3.1 GiB
83c3d19b88
Commit Graph

2419 Commits

Author SHA1 Message Date
christos
6cced2a43a make sure alloca is undefed on SSP 2012-07-30 17:16:23 +00:00
christos
f87f89779c only use alloca if not __SSP__ 2012-07-30 17:15:45 +00:00
martin
a1e40c3f35 Do not use dots in identifiers (replace by _) 2012-07-30 15:00:39 +00:00
matt
fcff60e41a Add sparccpuid.S 2012-07-30 13:53:19 +00:00
christos
c77791c047 fix the generation 2012-07-30 10:25:24 +00:00
matt
72331d9777 Fix init call to OPENSSL_cpuid_setup. 
XXX why are using a globally visible routine in a constructor?
 2012-07-29 13:17:53 +00:00
christos
4364423588 make sure that the PLT change is not lost 2012-07-28 19:21:57 +00:00
matt
fec343bc7e Call OPENSSL_cpuid_setup through PLT to avoid DT_TEXTREL 2012-07-28 18:06:08 +00:00
matt
8a64184d2a Get new openssl to work on powerpc. 2012-07-27 23:01:23 +00:00
christos
c359006f4e This cannot be used because we are compiling with __ARM_ARCH_3__ and it needs 
a minimum of 4
 2012-07-27 21:28:24 +00:00
christos
371fb85ca8 remove extra parens that make clang bitchy. 2012-07-27 21:22:55 +00:00
christos
abb96b5702 Instead of leaving the file directive which is inconsistent and may contains 
paths, instead include our assembly macros
 2012-07-27 19:34:13 +00:00
christos
662e5a1b5f avoid an alloca for SSP 2012-07-27 18:35:57 +00:00
christos
20d591e2dc regen for the new version 2012-07-27 18:22:59 +00:00
christos
25f2218e23 more assembly munging 2012-07-27 18:16:53 +00:00
christos
fc700fffcd provide OPENSSL_cpuid_setup to the haves and the havenots 
[still there are other platforms ia64, s370, powerpc64] where we can do better.
 2012-07-27 18:10:40 +00:00
christos
59b796f522 undo previous: some ports don't have it in the constructor! 2012-07-27 17:45:59 +00:00
christos
5f605781bc don't do cpuid anymore. 2012-07-27 17:27:43 +00:00
christos
414b1de06c only x86 has AESNI 2012-07-27 16:05:27 +00:00
christos
c0ab76c295 make OPENSSL_cpuid_setup global again 2012-07-27 16:04:30 +00:00
christos
2c88e265bf make this compile. 2012-07-26 21:23:13 +00:00
christos
2131695062 Don't do the PLTGOT for local labels, limit it to OPENSSL_ global symbols. 2012-07-26 21:22:47 +00:00
christos
11b09fe68b put back support for AES-NI. 2012-07-26 20:21:20 +00:00
christos
e3d33c0426 merge openssl-1.0.1c 2012-07-26 19:58:36 +00:00
christos
32daad53f7 from ftp.openssl.org 2012-07-26 14:58:16 +00:00
christos
443e5cbbb2 remove mdc2 and idea handling 2012-07-13 19:32:51 +00:00
christos
0909c5ab7c oops, add all the files 2012-07-12 18:44:49 +00:00
christos
d9a6861d6d no need for MKCRYPTO_IDEA 2012-07-11 19:01:02 +00:00
christos
e6f6cceebd remove unneeded libraries 2012-07-11 18:50:23 +00:00
christos
6a574bf521 Enable ciphers with expired patents: 
mdc2 4,908,861 (expired August 28, 2007)
idea 5,214,703 (expired January 7, 2012)
 2012-07-11 18:48:27 +00:00
christos
f5b2f99aea - centralize WARNS=4, no need for WARNS=0 for the linker errors 
(linking against) dummy idea
- add MKCRYPTO_IDEA support. Alas the code does not seem work accept my
  passphrase on the idea key. A bug?
 2012-07-10 19:38:17 +00:00
christos
0c8e933f1b reflect reality. We don't need .a libraries to link against anymore, and 
we are not aboting, but exiting.
 2012-07-10 19:35:58 +00:00
christos
1a12a170b1 Enable shared libraries for patented cyphers. 
Needed since netpgp.so must include them before -lcrypto to enable.
 2012-07-10 18:59:21 +00:00
jdf
84bfda063b Change little wording error (s/associate/associated/) and formatting error. 
Patch proposal was sent upstream to Heimdal as well.
Patch by jklowden in PR lib/46651.
 2012-07-04 20:46:14 +00:00
njoly
0e4029fbef Small spacing fix. Unbreaks section in xref. 2012-06-04 14:24:03 +00:00
drochner
4c2e6ed1da pull in upstream rev.22547: 
Sanity check record length before skipping explicit IV in TLS 1.2, 1.1
and DTLS to fix DoS attack.
(CVE-2012-2333)
 2012-05-11 18:07:33 +00:00
christos
845f0e2763 bump 2012-05-02 02:41:13 +00:00
christos
091c4109a8 merge OpenSSH 6.0 
Features:

 * ssh-keygen(1): Add optional checkpoints for moduli screening
 * ssh-add(1): new -k option to load plain keys (skipping certificates)
 * sshd(8): Add wildcard support to PermitOpen, allowing things like
   "PermitOpen localhost:*".  bz #1857
 * ssh(1): support for cancelling local and remote port forwards via the
   multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host"
   to request the cancellation of the specified forwardings
 * support cancellation of local/dynamic forwardings from ~C commandline

Bugfixes:

 * ssh(1): ensure that $DISPLAY contains only valid characters before
   using it to extract xauth data so that it can't be used to play local
   shell metacharacter games.
 * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports
 * scp(1): uppress adding '--' to remote commandlines when the first
   argument does not start with '-'. saves breakage on some
   difficult-to-upgrade embedded/router platforms
 * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class,
   but there is an "AF21" class
 * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during
   rekeying
 * ssh(1): skip attempting to create ~/.ssh when -F is passed
 * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943
 * sshd(1): send tty break to pty master instead of (probably already
   closed) slave side; bz#1859
 * sftp(1): silence error spam for "ls */foo" in directory with files;
   bz#1683
 * Fixed a number of memory and file descriptor leaks
 2012-05-02 02:41:08 +00:00
tls
011988ad52 Add new "SendVersionFirst" option to OpenSSH client. This option makes 
the client send its version string first if it is configured to speak
v2 only (the old hack of waiting to see the server version is only
really useful if you might be speaking v1 to some servers).  The option
is on by default but can be disabled from the config file.

This aligns the OpenSSH client behavior with most other implementations
and eliminates a major source of connection delays and failures when
speaking SSH through particularly stupid proxies, of which, sadly, there
are many.

This change has also been submitted to OpenSSH as their bug #1999.
 2012-04-27 15:45:37 +00:00
drochner
b0eecc93cf fix for previous fix: correct error code (upstream rev.22474) 2012-04-25 11:02:46 +00:00
drochner
c89bad5193 pull in upstream SVN rev. 22439: 
check for potentially exploitable overflows in asn1_d2i_read_bio
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean. (CVE-2012-2110)
 2012-04-19 20:20:56 +00:00
christos
07636659d9 Minimize diffs. 2012-04-14 01:34:37 +00:00
christos
4dd26a2880 use getpassfd() 2012-04-13 23:57:08 +00:00
tls
36a4733e75 Fix applications that call RAND_bytes() before any other RAND function. 
Last change was...a bit too simple.
 2012-03-07 10:17:47 +00:00
tls
48b3ca7292 Patch OpenSSL RNG to allow explicit initial seeding. Patch OpenSSH to 
explicitly seed the OpenSSL RNG in each new process rather than letting
it repeatedly open /dev/urandom to reseed, which depletes entropy severely.

Note that the OpenSSH part of this fix works better on NetBSD than it would
on many other platforms because on NetBSD, if you don't reopen /dev/urandom,
repeated reads don't deplete entropy.  On other platforms, some other
approach might be required.

Note also that this problem does not arise on OpenBSD because OpenBSD seems
to have patched OpenSSL to seed the RAND functions from arc4random()!  That
seems dangerous, so I am not taking that approach here.
 2012-03-05 20:13:36 +00:00
christos
94fcde8eaf Fix compilation: 
kill PGP_ERROR() and make everything use a format.
XXX: Fixme to use __VA_ARGS__ instead of the silly PGP_ERROR_N() macros.
 2012-03-05 02:20:18 +00:00
agc
ddccfadc5f Use %s for the format string, as pointed out by joerg in the diff for 
__printflike attributions (on tech-userlevel, March 1st 2012).
 2012-03-04 19:52:02 +00:00
drochner
582e7c9a93 apply upstream rev.22146: Tolerate bad MIME headers in parser. 
avoids possible NULL dereference (CVE-2006-7248)
 2012-02-28 17:23:58 +00:00
agc
1ce8f15ce5 Add the --trusted-keys argument to netpgpkeys(1) to print out PGP ids in a 
machine-readable manner.
 2012-02-22 06:58:54 +00:00
agc
c636a2b399 re-order the fields that we print out in the pgp_sprint_pubkey() function 
to be more usual.

print out the name from within pgp_sprint_pubkey() rather than tagging it
onto the end of the output from the function.
 2012-02-22 06:29:40 +00:00
wiz
de33c51b97 Bump date for previous. 2012-02-18 13:51:29 +00:00
drochner
544002eb2d mention esp-udp 2012-02-18 13:42:45 +00:00
wiz
e2fe99ce62 Use the correct constant. 
From FreeBSD via Henning Petersen in PR 46005.
 2012-02-13 13:03:06 +00:00
christos
2552839412 Add configuration glue 2012-01-28 16:05:20 +00:00
christos
5936836493 Add build glue: no pkcs11 yes. 2012-01-28 16:04:12 +00:00
christos
a3508f9e3b remove stray .TP 2012-01-28 16:03:46 +00:00
christos
def4b137e5 we don't have -ldl 2012-01-28 03:05:53 +00:00
christos
9571548fef handle ctype lossage 2012-01-28 03:04:27 +00:00
christos
431955c163 import tpm-tools from sourceforge 2012-01-28 02:56:55 +00:00
christos
125dcfd019 add libtcs 2012-01-28 02:51:19 +00:00
christos
03a31f348d add build glue 2012-01-28 02:15:25 +00:00
christos
6af45b0d65 we only have <sys/endian.h> not <endian.h> 2012-01-28 02:11:18 +00:00
christos
ed30c0ec40 add && defined(__NetBSD__) 2012-01-28 02:10:12 +00:00
christos
2134a889e1 - add && defined(__NetBSS__) where appropriate. 
- we don't have <endian.h>, perhaps we should?
 2012-01-28 02:09:08 +00:00
christos
8c24f147ac add && defined(__NetBSD__) 2012-01-28 02:08:11 +00:00
christos
0924657c8e cast to long the thread id before printing 2012-01-28 02:06:51 +00:00
christos
6a35549fad add && defined(__NetBSD__) where appropriate 2012-01-28 02:05:55 +00:00
christos
139fa20f38 don't inline functions whose body is not visible in all places used. 2012-01-28 02:03:41 +00:00
christos
5a1e8d4ef0 we want our role accounts to start with _ 2012-01-28 02:00:51 +00:00
christos
77931e2b39 remove erroneous extra .TP 2012-01-28 01:58:25 +00:00
christos
2d5f7628c5 import trousers 0.3.8 from sourceforge. 
TrouSerS is the open-source TCG Software Stack
 2012-01-28 01:35:04 +00:00
christos
3cbaf51ab7 description of cpl 2012-01-28 01:30:42 +00:00
wiz
71a175ae1b Bump date for previous. 2012-01-26 21:54:26 +00:00
drochner
c51fcdeec7 also mention the aes-gcm ESP variants 2012-01-26 21:11:27 +00:00
drochner
2d831187ff pull in rev.22050 from upstream CVS, following secadv_20120118.txt: 
Fix for DTLS DoS issue introduced by fix for CVE-2011-4108 (CVE-2012-0050)
 2012-01-18 20:08:49 +00:00
tteras
aa9b8479a9 From Rainer Weikusat <rweikusat@mobileactivedefense.com>: Enhance splitnet 
environment variable string value generation.
 2012-01-10 12:07:30 +00:00
wiz
59bb0b8307 Bump date for previous. 2012-01-09 15:41:21 +00:00
drochner
4fa381bcb2 allow setkey(8) set and display the ESP fragment size in the NAT-T case, 
userland part of PR kern/44952 by Wolfgang Stukenbrock, just changed
the "frag" option name to "esp_frag", for consistency to the existing
option of similar effect in racoon(8)
 2012-01-09 15:25:13 +00:00
drochner
4352041ede also pull in patches for older security problems (secadv_20110906.txt): 
-rev.21358 for CRL verification vulnerability in OpenSSL (CVE-2011-3207)
-rev.21336 for TLS ephemeral ECDH crashes in OpenSSL (CVE-2011-3210)
 2012-01-05 18:59:51 +00:00
drochner
716cca6308 pull in some patches from upstream CVS, following secadv_20120104.txt: 
-rev.21964 for DTLS Plaintext Recovery Attack (CVE-2011-4108)
-rev.21961 for Uninitialized SSL 3.0 Padding (CVE-2011-4576)
-rev.21456+21954 for Malformed RFC 3779 Data Can Cause Assertion Failures
 (CVE-2011-4577)
 (rev.21456 is not mentioned in the advisory, but there is code overlap)
-rev.21958 for SGC Restart DoS Attack (CVE-2011-4619)
-rev.21956 for Invalid GOST parameters DoS Attack (CVE-2012-0027)
 2012-01-05 17:32:02 +00:00
wiz
8d8e2b7310 Bump date for previous. 2012-01-04 16:30:50 +00:00
drochner
8fd6dadaf8 include <netipsec/ipsec.h> rather than <netinet6/ipsec.h> from userland 
where possible, for consistency and compatibility to FreeBSD
(exception: KAME specific statistics gathering in netstat(1) and systat(1))
 2012-01-04 16:09:40 +00:00
drochner
3712f81ced -consistently use "char *" for the compiled policy buffer in the 
ipsec_*_policy() functions, as it was documented and used by clients
-remove "ipsec_policy_t" which was undocumented and only present
 in the KAME version of the ipsec.h header
-misc cleanup of historical artefacts, and to remove unnecessary
 differences between KAME ans FAST_IPSEC
 2012-01-04 15:55:35 +00:00
tteras
2713c54c73 From Rainer Weikusat <rweikusat@mobileactivedefense.com>: Fix one byte too 
short memory allocation in isakmp_unity.c:splitnet_list_2str().
 2012-01-01 17:31:42 +00:00
tteras
11e30c248c From Wolfgang Schmieder <wolfgang@die-schmieders.de>: Fix default NAT-T 
port for listen { isakmp_natt } config directive.
 2012-01-01 16:14:11 +00:00
tteras
40d768bf75 From Wolfgang Schmieder <wolfgang@die-schmieders.de>: Fix various typos in 
comments and log messages. Fix default port used in copy_ph1addresses().
 2012-01-01 15:57:31 +00:00
tteras
dbe8969919 Fix myaddr_getsport() to return -1 if no suitable address is found. This is 
used in pfkey.c:pk_recvacquire() to check if IKE negotiation should be
started or not.
 2012-01-01 15:54:51 +00:00
tteras
838cfe4724 Fix the previous commit. 2012-01-01 15:44:06 +00:00
tteras
b448c51c51 From Wolfgang Schmieder <wolfgang@die-schmieders.de>: Fix memory leaks from 
configuration reading code, and clean up error handling.
 2012-01-01 15:29:28 +00:00
agc
1dafd61846 get rid of an old merge conflict which managed to creep through 2011-11-28 06:36:14 +00:00
vanhu
0a7daa593d fixed some crashes in LIST_FOREACH where current element could be removed during the loop 2011-11-17 14:41:55 +00:00
wiz
3efedf2ce7 Bump date for new tls option. 2011-11-15 19:15:58 +00:00
tteras
c7d190f034 From Vincent Bernat <bernat@luffy.cx>: TLS support for LDAP 2011-11-15 13:51:23 +00:00
tteras
84d53e8c5d From Marcelo Leitner <mleitner@redhat.com>: do not shrink pfkey socket 
buffers (if system default is larger than what we want as minimum)
 2011-11-14 13:24:04 +00:00
joerg
e7b856ae43 Unbreak MKINET6=no 2011-11-08 22:13:58 +00:00
joerg
9fa0321aa9 Separate strings correctly with ': ', not embedded NUL. Found by 
mlelstv.
 2011-11-04 11:54:46 +00:00
christos
eaa3f157e9 Put back support for non PIC. 2011-10-21 17:57:45 +00:00
chs
ed58cde6e4 add PIC support. 2011-10-21 15:08:41 +00:00
plunky
f65a48c2ec max WARNS is 4 2011-10-13 17:23:28 +00:00
tteras
a09a6d0cd5 From Rainer Weikusat <rweikusat@mobileactivedefense.com>: Release unused 
phase2 of passive remotes after acquire.
 2011-10-11 14:50:15 +00:00
tteras
4c2f40f96a From Wolfgang Schmieder <wolfgang.schmieder@honeywell.com>: setup phase1 
port properly.
 2011-10-11 14:37:17 +00:00
christos
002b0b4308 use cleantags 2011-10-08 19:30:02 +00:00
wiz
6b97660a0d Sort sections. 2011-09-23 16:22:00 +00:00
jruoho
008d0db94d Also note /etc/saslc.d. 2011-09-23 15:24:35 +00:00
jruoho
ce1c27eb07 Build and install MLINKS for the libsaslc(3) functions. 2011-09-23 15:17:31 +00:00
joerg
a85aba86f0 Use __dead. 2011-09-16 15:36:18 +00:00
joerg
6a878ae49f Reapply formatting cleanup 2011-09-16 15:36:00 +00:00
christos
6f47b6603c merge openssh-5.9 2011-09-07 17:49:19 +00:00
christos
7c6477cfd2 new openssh: 
See http://www.openssh.com/txt/release-5.9
 2011-09-06 20:17:08 +00:00
christos
c708dfc2ea some stuff got removed in 5.9 2011-09-06 20:14:35 +00:00
joerg
90ee948ed8 Use __dead 2011-08-29 21:08:54 +00:00
elric
95bd2d4a1e Remove crypto/dist/heimdal and its associated build infrastructure as 
it has been replaced by crypto/external/bsd/heimdal.
 2011-08-28 16:21:57 +00:00
elric
9f9617f826 Change the location of version.h from the old Heimdal srcs to the 
new srcs.
 2011-08-28 11:20:16 +00:00
elric
1ea30656a2 Change the location of version.h from the old Heimdal srcs to the 
new srcs.
 2011-08-28 10:28:35 +00:00
joerg
5cfa560df9 Avoid using non-literal format strings and optimizing code a bit at the 
same time.
 2011-08-25 15:37:00 +00:00
joerg
cc096ecebe msg.c uses non-literal format strings 2011-08-25 15:30:54 +00:00
elric
0a56de1dcb This file should not have been imported. 2011-08-25 00:25:47 +00:00
dholland
84c562e368 Previous here required stdint.h. 2011-08-22 00:24:42 +00:00
tteras
cbb586e05f Allow inherited remote blocks without additional remote statements to 
be specified in a simpler way. patch by Roman Hoog Antink <rha@open.ch>
 2011-08-19 05:36:47 +00:00
christos
5434bb1cbb Remove gcc-4.5 hacks. I must have fixed them in a different pass. 2011-08-17 05:32:09 +00:00
christos
5573cb4a88 remove gcc-4.5 hacks; gcc-4.5 does not like fileno() to be unchecked, and 
produces an unhelpful out of bounds array warning, so check it.
 2011-08-17 05:30:01 +00:00
christos
0a61f86410 undo junk committed. 2011-08-16 09:43:03 +00:00
christos
6c83058fe2 kill non-literal format strings or document them. 2011-08-16 09:42:21 +00:00
christos
4e1d834d15 add extra cast for systems where sizeof(time_t) < sizeof(intmax_t) 2011-08-16 02:59:00 +00:00
elric
51efa0609e We shouldn't cast client_time to (intmax_t) because it is a char * not 
an integer.
 2011-08-16 01:14:57 +00:00
christos
b4f44e540e use intmax_t to print times. 2011-08-15 21:00:49 +00:00
christos
641b42eda3 simplify the code; this is what asprintf() is for, don't re-invent it. 2011-08-14 11:19:51 +00:00
tteras
cd00f2949d Have privilege separation child process exit if the parent exits. 2011-08-12 05:21:50 +00:00
agc
6b77872003 default the format for recovering key data to be "human", rather than hard 
coding it in the embedded calls.
 2011-08-02 07:18:13 +00:00
agc
7c7d9aa184 plug some memory leaks in error paths 2011-08-02 07:16:56 +00:00
agc
5f50489b1b when matching pubkeys, also return the first (pgp) uid for the key in the 
resultant key listing

when using json to format keys returned from libnetpgp, also prepare for
machine-readable format ("mr") as well as human ("human"), even though
it's not yet used.
 2011-08-02 05:36:45 +00:00
christos
18eab2817e PR/45200: : J. Hannken-Illjes: Scp hangs after sending: 
- check for vwrite() instead of read() to avoid read() being renamed by SSP
 2011-08-01 15:55:00 +00:00
plunky
84e06c949d revert previous, actually cleanup the *_asn1-template.c files 
in Makefile.rules.inc. They are generated when -one-code-file
is passed.
 2011-07-31 09:58:19 +00:00
plunky
7d2b0ea36f Clean up intermediate asn1 template files 
(this should reeally be fixed in <${HEIMBASE}/Makefile.rules.inc>
but I don't see where since they are not generated for all asn1 sources)
 2011-07-31 06:49:03 +00:00
plunky
d38e8168f4 cleanup vars.texi 2011-07-31 06:43:56 +00:00
joerg
aa1008d816 Drop @GOTPCREL when accessing local variables. For yet unknown reasons, 
our version of GNU as decides to silently ignore it. Never versions on
other systems and Clang actually keep it around and create bad object
files. The object files are identical after the changes modulo the GOT
entry in the symbol table.
 2011-07-28 20:24:36 +00:00
matt
376bdd7ba0 Workaround around make bug by using an intermediate file/rule. 2011-07-27 03:18:52 +00:00
jym
767a408b3c Get rid of the "rep ret" trick in places where it is not needed. FWIW, 
the "rep ret" trick is recommended by AMD as a branch prediction
optimization in certain circumstances (quoting their manual):

- any kind of branch (either conditional or unconditional) that has the
single-byte near-return RET instruction as its target

- a conditional branch that occurs in the code directly before the
single-byte near-return RET instruction.
 2011-07-25 19:11:49 +00:00
joerg
9c5ebc857f Works with the integrated assembler again. 2011-07-25 09:36:10 +00:00
joerg
f40b364521 Fix obvious logic error 2011-07-25 08:51:10 +00:00
christos
185c8f9719 - Merge conflicts 
- WARNS=5
 2011-07-25 03:03:09 +00:00
christos
9921411534 from ftp.openbsd.org 2011-07-24 15:08:11 +00:00
jym
714fcad23a Turn AES NI support code into something more readable. 
i386 and amd64 both tested with their own chroot. No regression observed.
 2011-07-22 22:50:55 +00:00
joerg
5158e28f3b Disable Clang's integrated assembler for the AES-NI files for now. 
Somewhere in this mess of .byte streams, corruption happens. Disassembly
only shows slightly different filling of alignment sequences, further
analysis is needed.

XXX This should be rewritten to be proper assembler code
 2011-07-17 19:48:31 +00:00
drochner
929391d8b0 remove SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION -- openssl uses 
another mechanism now, and these remainders break renogotiation with
(at least) tor and postgres
 2011-07-07 18:11:18 +00:00
spz
c22e711e00 cpuid and aesni additions for i386 2011-07-05 16:53:58 +00:00
spz
7d2aeb8d2a more pieces to enable using the assembler routines and aes-ni for amd64 2011-07-05 10:42:54 +00:00
spz
e910cee8f4 fix some define and cleanliness issues relevant when test compiling 
in dist (which we normally don't do)
 2011-07-05 10:29:22 +00:00
spz
0d71cd5d7d use aes-ni for i386 also: from jym@ 2011-07-05 10:25:45 +00:00
spz
3619dd3d7c version bump second part 2011-07-05 10:06:10 +00:00