2a85abd333
avoid memory leak. hint from Andrew Lunn
2003-11-23 08:33:13 +00:00
5451f8a14e
do not malloc(0). Andrew Lunn
2003-11-23 08:23:02 +00:00
dedf78268d
Patch OpenSSL to use opencrypto (aka /dev/crypto), if configured and
...
(per kernel policy) for crypto transforms for which hardware
acceleration is available. Affects:
crypto/dist/openssl/crypto/engine/eng_all.c
crypto/dist/openssl/crypto/engine/hw_cryptodev.c
crypto/dist/openssl/crypto/evp/c_all.c
as posted to tech-crypto for review/comment on 2003-08-21.
2003-11-20 00:55:51 +00:00
4bbfee09ca
Various typo fixes from Jonathon Gray via jmc@openbsd.
2003-11-17 11:16:10 +00:00
6de72ce0f8
typo. minoura
2003-11-13 10:35:40 +00:00
1356e8977e
pfkey_dump_sadb: when it get an error using sysctl,
...
mimic an error msg from keysock so that caller can process it correctly.
PR/23122.
2003-11-09 15:37:24 +00:00
aec01dda91
sync w/ openssl 0.9.7c. shlib minor bump for libcrypto.
...
(ERR_release_err_state_table() added)
2003-11-04 23:54:26 +00:00
385718bc5c
more unifdef
2003-11-04 23:45:56 +00:00
6b4e6697c9
openssl 0.9.7c. security changes are already in place
2003-11-04 23:25:09 +00:00
746d6bb953
bring in kame rev 1.32. PR 23122
2003-11-04 04:30:38 +00:00
1244cc6c62
Fix NULL vs 0 mixup.
2003-10-25 20:48:10 +00:00
f90a2e28b1
do not build "null ESP and no AUTH" proposal. (racoon 174) by Tom Lendacky
2003-10-23 07:23:50 +00:00
6a6c3ca82f
Don't assign NULL as an integer.
2003-10-21 03:06:55 +00:00
73d47a4f07
Don't return NULL as an integer.
2003-10-21 03:03:39 +00:00
eb3570747f
Make sure HAVE_OPENSSL is undefined, to avoid depending on both
...
libcrypto and libdes. Patch by lha@, posted to tech-userlevel.
2003-10-09 04:31:17 +00:00
ac0a546d0d
realloc error check failure; Greg Troxel, sync w/kame
2003-10-03 21:53:32 +00:00
48b0bfaad0
support policy w/o selector.
2003-10-02 19:53:01 +00:00
3c068c5948
correct unsafe realloc().
2003-10-02 19:52:43 +00:00
b3cd345741
more fixes from 0.9.7c, from openbsd
2003-10-02 02:26:17 +00:00
ae91503b5d
from openbsd:
...
Correct some off-by-ones. They currently don't matter, but this
is for future safety and consistency.
OK krw@, markus@
2003-10-02 02:25:05 +00:00
0a7cc0d7d1
Apply security fix: http://www.openssl.org/news/secadv_20030930.txt
...
Changelog from: http://cvs.openssl.org/chngview?cn=11471
2003-09-30 15:59:53 +00:00
5749c53775
Fix what is obviously a bug: valloc() -> vmalloc(). Now racoon(8) doesn't core
...
dump all the time.
2003-09-25 01:00:32 +00:00
34439bf0c9
off-by-one. from openbsd
2003-09-22 22:12:05 +00:00
28c3d43114
typo. markus@openbsd
2003-09-18 12:42:33 +00:00
841f7944e5
protect against double free; #660 ; zardoz at users.sf.net
...
from openbsd
2003-09-18 08:16:40 +00:00
c2011dbc01
missing buffer_free(&encrypted); #662 ; zardoz at users.sf.net
...
from openbsd
2003-09-18 08:16:15 +00:00
898af9fa6c
make sure we init nalloc.
2003-09-18 01:41:56 +00:00
3171afa413
fix problem in previous patch
2003-09-18 01:35:07 +00:00
d4d840dd36
More buffer size adjusted before allocation succeeded fixes. Bump to 20030917.
...
From FreeBSD (with an additional one from me).
2003-09-17 23:19:02 +00:00
51b1a61a2d
dammit, don't apply patches blindly.
2003-09-16 23:18:24 +00:00
08d244b791
bring more fixes from 3.7.1
2003-09-16 23:16:59 +00:00
5de000c8d7
crank __NETBSDSSH_VERSION for buffer.c fix
2003-09-16 17:39:32 +00:00
325fccf53f
Do not record expanded size before attempting to reallocate the associated
...
memory. From OpenBSD, via FreeBSD.
2003-09-16 13:22:57 +00:00
249c9d88ea
use sysctl to dump SAs if possible (not really tested)
2003-09-12 08:44:34 +00:00
efbe374b9f
SKEY and BSDAUTH #ifdef mixup
2003-09-08 21:00:41 +00:00
f13cb0c7b2
bzero() 2nd arg mistake. found by openbsd guys. from kame
2003-09-04 00:12:56 +00:00
ca14877c77
reject rc5/idea/mdc2 commands if OPENSSL_NO_xx is specified
2003-08-27 21:05:02 +00:00
31fd31ccf7
Make getlastlogx have the pathname to the lastlogx database as first
...
argument, to be consistent with updlastlogx.
Approved by christos, reviewed by kleink.
[The lastlogxname function should not be used any longer.]
2003-08-26 16:48:32 +00:00
d9c46578d1
update racoon to 2003/8/26 version. mostly minor bugfixes.
2003-08-26 03:31:50 +00:00
2cfb643fda
KAME racoon, as of 2003/08/26
2003-08-26 03:27:01 +00:00
b5f8b9a7c0
KAME libipsec/libpfkey, 2003/08/26
2003-08-26 03:25:29 +00:00
eb24db53ab
style; total size of buf is (num + 3)
2003-08-13 01:29:41 +00:00
658a8c458e
Fix bad use of "sizeof(pointer)" where the length of a buffer was the
...
intention. Fixes problems with least ssh's known_hosts file and factor.
Patch from Berndt Josef Wulf's PR lib/22347.
2003-08-12 03:25:24 +00:00
dc4f8c2e1a
Move UCB-licensed code from 4-clause to 3-clause licence.
...
Patches provided by Joel Baker in PR 22252, verified by myself.
2003-08-07 09:15:17 +00:00
5de5abdd3d
consistently use new DES API, re-enable des regression test
2003-07-31 08:53:58 +00:00
965395c9f3
re-enable __RCSID, sys/cdefs_elf.h rev 1.15 fixed the problem
2003-07-30 00:34:16 +00:00
f33c57af22
disable __RCSID for now, somehow it puts some of integer variables
...
into .text region
2003-07-29 23:17:39 +00:00
308bb7eb39
remove unused macro. PR 21150
2003-07-29 04:45:39 +00:00
4c43ef4ce1
xx_keylen has to return bits, not bytes. KAME-PR-488
2003-07-29 04:30:54 +00:00
3514116803
Apply patch from lha@, via OpenBSD portable SSH's revision 1.11 of this file:
...
mcc -> fcc; from Love Hörnquist Åstrand <lha@it.su.se>
otherwise the kerberos credentinal is stored in a memory cache
in the privileged sshd.
Presumably, this will also come in as part of a later OpenSSH release via
`cvs import', but this is worth having now.
2003-07-28 15:50:17 +00:00
itojun