Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
226,050 Commits 606 Branches 0 Tags 3.1 GiB
c0559412e4
Commit Graph

2486 Commits

Author SHA1 Message Date
apb
4840a75dea sizeof(array - 1) decays to sizeof(pointer), but (sizeof(array) - 1) 
was actually wanted.

The effect of this bug is that only a few bytes of the hostname are mixed
into the random seed, instead of using the entire hostname.
 2014-03-27 16:26:22 +00:00
apb
ae56564c55 Fix sizeof errors in memset calls in heimdal. 2014-03-27 16:10:45 +00:00
christos
6c197e6572 bump for previous 2014-03-21 16:59:14 +00:00
wiz
035466f565 Add d1_meth.c to build to fix problems with missing symbol DTLSv1_method. 
Addresses asterisk build problems, idea for fix from martin.
 2014-03-21 13:07:57 +00:00
riastradh
6cb10275d0 Merge riastradh-drm2 to HEAD. 2014-03-18 18:20:35 +00:00
joerg
84c4c059a1 It's nonliteral format strings it should not warn about. 2014-03-13 12:54:49 +00:00
martin
3f5160ac62 Older gcc does not support -Wno-format-literal 2014-03-13 08:13:21 +00:00
agc
99d1495f9e Turn off literal format string warnings for one file 
A better fix is coming
 2014-03-12 06:38:56 +00:00
agc
58fcf20a86 Add portability definitions in case they're not already defined 
XXX - these need to be consolidated in one single header
 2014-03-11 17:48:31 +00:00
agc
5cda552c66 cast arguments to the correct type for format strings 2014-03-11 17:38:48 +00:00
joerg
e0282860c8 Annotate format strings. Remove string constant in front of real format 
string.
 2014-03-11 17:21:05 +00:00
joerg
75578d8a5c Mark assertion handler as dead. 2014-03-11 17:20:23 +00:00
agc
a01b2fe1d8 fix typo in previous commit 2014-03-10 17:00:53 +00:00
christos
736fcb9065 fix unused 2014-03-09 07:01:42 +00:00
christos
31641c3398 WARNS=6 is impossible for this code :-) 2014-03-09 07:00:52 +00:00
christos
76cc06c46c proper include 2014-03-09 06:57:58 +00:00
agc
c741b30f89 get rid of the old reachover directory 2014-03-09 00:41:41 +00:00
agc
ac7f7113d1 Put hkpd in the right place in the reachover infrastructure 2014-03-09 00:40:30 +00:00
agc
9624f25caf Move hkpc and hkpd into the correct place in the reachover insfrastructure 2014-03-09 00:39:31 +00:00
agc
da39824b72 Move netpgpkeys into the correct place in the reachover insfrastructure 2014-03-09 00:33:50 +00:00
agc
394c4afedd Install the binary in the correct location 2014-03-09 00:27:54 +00:00
agc
9e49a71f17 Move the netpgp directory (for the executable) under the bin reachover 
directory
 2014-03-09 00:24:47 +00:00
agc
6ea7b9ad15 Clean up the reachover infrastructure - the programs now live under the 
bin subdirectory
 2014-03-09 00:18:29 +00:00
agc
e6b8b580e4 Add the config.h file as part of the reachover infrastructure 2014-03-09 00:17:28 +00:00
agc
25f78d9123 Bring over the standalone netpgpverify sources from 
pkgsrc/security/netpgpverify.

No functional change.
 2014-03-09 00:15:45 +00:00
joerg
a369f38ac1 Disable abs() checking, a lot of computations get implicit truncations 
or use unsigned values.
 2014-03-04 21:08:08 +00:00
agc
ed05b112a5 check the correct field in the structure in dsa_verify - pointed out by 
joerg - thanks!
 2014-03-04 17:29:06 +00:00
nakayama
1d4618fbd6 Use assembler code for 32-bit sparc compat library on sparc64. 2014-03-02 09:02:43 +00:00
nakayama
76c38c2772 Use more assembler code on sparc64. 
bn-sparcv9.S and OPENSSL_BN_ASM_MONT don't work well since they
assume BN_ULONG is 32-bit, so don't use them.
 2014-03-02 08:58:02 +00:00
nakayama
44b7548b4a Fix assembler code generation: pass option -m64 properly, and 
generate more code.
 2014-03-02 08:50:34 +00:00
tteras
a96c32cedb From Adam Majer <adamm@zombino.com>: Support IPv6 in X509 subjectAltName 2014-02-27 08:37:58 +00:00
agc
08dd6cefdd Update to version 20140220 
Changes from previous version:

+ portability fixes from xtraeme for his Linux distribution:
	+ add search for ar(1) into autoconf
	+ define __printflike if it's not already defined
	+ fix missing asprintf (I fixed this differently)
 2014-02-21 01:55:10 +00:00
gson
057af89a0a Don't print an empty line after the debug message "Enabled Dynamic 
Window Scaling".
 2014-02-20 08:20:05 +00:00
agc
c04135dc77 Avoid a warning on Gentoo Linux about fwrite(3) -- their glibc 
declares fwrite(3) with the warn_unused_result attribute, from Razvan
Cojocaru
 2014-02-17 07:39:19 +00:00
agc
cdcd95784d Manual page fixes from Anthony J. Bentley, with many thanks! 
Addresses PR/48395
 2014-02-17 07:23:18 +00:00
agc
cb8800fa14 Update the autoconf-based infrastructure for another release. 
The main change in this infrastructure is to get rid of the
libnetpgp-based netpgpverify.  This functionality is provided by the
standalone netpgpverify and libnetpgpverify in pkgsrc, and
verification can also be performed using "netpgp -v".
 2014-02-17 06:38:07 +00:00
agc
7302906d58 When building up a PGP public key from an ssh key, do not use the key 
file's mtime as the birthtime of the signature - rather, just zero
this value (the key birthtime is an inherent part of calculating the
key id)

This allows public key files to be copied to other file systems, machines
or directories, and still produce the same key id.
 2014-02-04 01:46:38 +00:00
martin
9aa79cfeb3 Mark a potentially unused variable (depending on #ifdef) 2014-01-28 22:06:39 +00:00
apb
85defa7795 Use basename(filename) in "Generated from %s" comments in output files, 
to avoid embedding the path to the build tree.
 2014-01-18 09:20:36 +00:00
christos
2b043c75b6 eliminate use of bsd.sys.mk from Makefiles 2014-01-16 01:15:32 +00:00
christos
4ef251b9dd merge conflicts 2014-01-11 18:34:36 +00:00
christos
f38532950d regen 2014-01-11 18:21:45 +00:00
christos
363ca3aa58 zero %exc 2014-01-11 18:20:06 +00:00
christos
6d19262895 Changes between 1.0.1e and 1.0.1f [6 Jan 2014] 
*) Fix for TLS record tampering bug. A carefully crafted invalid
     handshake could crash OpenSSL with a NULL pointer exception.
     Thanks to Anton Johansson for reporting this issues.
     (CVE-2013-4353)

  *) Keep original DTLS digest and encryption contexts in retransmission
     structures so we can use the previous session parameters if they need
     to be resent. (CVE-2013-6450)
     [Steve Henson]

  *) Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which
     avoids preferring ECDHE-ECDSA ciphers when the client appears to be
     Safari on OS X.  Safari on OS X 10.8..10.8.3 advertises support for
     several ECDHE-ECDSA ciphers, but fails to negotiate them.  The bug
     is fixed in OS X 10.8.4, but Apple have ruled out both hot fixing
     10.8..10.8.3 and forcing users to upgrade to 10.8.4 or newer.
     [Rob Stradling, Adam Langley]
 2014-01-11 18:11:10 +00:00
joerg
ba96826bca Format string checks for do_log. 2014-01-07 02:13:39 +00:00
htodd
d423ddd359 Fix build (cast to const char *). 2014-01-06 23:23:10 +00:00
joerg
3fce799b21 Move __printflike to the prototype. Add explicit cast for void * -> 
char * to make GCC happy.
 2014-01-06 22:59:10 +00:00
joerg
8a78d908fb Add __printflike. 2014-01-06 21:15:15 +00:00
joerg
e371cb1bb3 Add __printflike where necessary. 2014-01-06 21:12:19 +00:00
njoly
fa8cf4e111 Remove extra trailing spaces in functions arguments. 2014-01-06 13:59:00 +00:00