miod
3b4e70f725
Move undocumented internal OPENSSL_DIR interface from libcrypto to libssl,
so that libssl no longer need to access the non-external headers of libcrypto
to build.
No library bump, riding upon the recent update.
10 years ago
miod
064d2ff729
Crank libcrypto minor (addition of BN_consttime_swap and CRYPTO_memcmp)
and libssl major (ssl_check_clienthello_tlsext split into two functions)
10 years ago
miod
717653a071
No longer define OPENSSL_NO_EC_NISTP_64_GCC_128 on amd64; requested by djm
10 years ago
miod
19582a6077
Move build machinery for libcrypto from libssl/crypto to libcrypto, as well
as configuration files; split manpages and .pc files between libcrypto and
libssl.
No functional change, only there to make engineering easier, and libcrypto
sources are still found in libssl/src/crypto at the moment.
ok reyk@, also discussed with deraadt@ beck@ and the usual crypto suspects.
10 years ago
tedu
659d4a87d0
use char * for strings, saving casts. add return codes to base64 functions
10 years ago
tedu
09f67ccdde
fix an error in the stride calculations. the math only works for multiples
of the stride. don't overwrite past the end of the buffer, and also save
that amount for later so the array is completely filled. ok deraadt djm
reported by Dmitry Chestnykh (dchest)
10 years ago
schwarze
87bf6d22d3
Add some missing names to the NAME sections.
For inet(3), go the other way, remove some bogus symlinks.
Found while testing the new makewhatis(8).
ok jmc@
10 years ago
miod
7d60b870ca
regen
10 years ago
miod
04aceaa3cb
Add wskbd nodes to the bsd.rd /dev posse; allows kbd -l to work as intended
in the install media. Reported by Donovan Watteau
10 years ago
beck
6760fef4ba
put $OpenBSD$ back.. notice by philip.
10 years ago
schwarze
93c318776d
Update Copyright notice; ok otto@ beck@ deraadt@.
This is merely a by-product of figuring out the amount of phk@ code
contained herein; i'm not planning to hack on this file.
10 years ago
beck
c707ba23e7
I have discussed these licenses with Poul-Henning Kamp and he has agreed to
this license change. We will remember that we all still like beer.
10 years ago
millert
0d52db320e
Fix syntax error in commented out local-zone entry. OK sthen@
10 years ago
matthew
061ee1ef0f
Define intptr_t in <unistd.h> as specified by POSIX
ok millert
10 years ago
deraadt
e30606643b
increase size of iso media (try 2)
10 years ago
deraadt
64c8729c88
increase size of iso media
10 years ago
tedu
cccf6b76fc
safe to remove gets, now that's gone from cstdio too
10 years ago
gilles
22f8f414dd
do not keep hoststat and purgestat, they are pointing to the sendmail
executable and will not serve any purpose with smtpd by default
ok jmc@ tedu@
10 years ago
tedu
f57f1925af
end experimental login.conf template support. one file per machine.
ok deraadt millert
10 years ago
eric
0556b9e168
Make the asr API public. Install asr.h to /usr/include.h and manpages.
Include tweaks suggested by mpi@
ok deraadt@
10 years ago
beck
241e064849
Poul-Henning Kamp informed me he is allright with this licensing change.
10 years ago
tedu
de65ef57f7
try to put the pin back in.
removing gets means removing it from libstdc++ and guenther tells me
that will require changing version numbers.
10 years ago
tedu
ec7cabe032
no gets
10 years ago
sthen
ae00ab49ef
sum -> cksum, ok deraadt
10 years ago
kettenis
294658509f
unbreak the tree; no more libwrap
10 years ago
tedu
865935a62a
okan reminds me hosts.allow lived here too
10 years ago
ajacoutot
25a5dcaa2a
Stop monitoring apache files.
ok florian@ jung@ sthen@
10 years ago
sthen
8134aa11c6
Add /var/unbound/dev/log, it isn't needed for initial startup because Unbound
opens the log before chrooting, but this handles the case where syslogd is
restarted during Unbound's runtime.
10 years ago
tedu
ea175c36fd
oops, merge error
10 years ago
tedu
353207c9dc
more bm excision
10 years ago
tedu
edb424679c
clear stack variables, suggested by djm
10 years ago
naddy
32386fdf7d
Remove the MD4 functions.
"A collision attack published in 2007 can find collisions for full
MD4 in less than two hash operations."
ok deraadt@, man pages ok jmc@
10 years ago
tedu
c830a7ee52
some improvements suggested by djm.
use better constant for salt size.
always copy ":" to gerror, in case somebody is dumb enough to overwrite it
timingsafe_bcmp before somebody whines about strcmp
10 years ago
tedu
521978eee8
two functions don't need to be exported
10 years ago
tedu
5ca97b2032
minimal change to implementation of bcrypt to not require static globals.
add some friendlier functions.
move the classic static data api into wrapper functions.
a few more changes to come...
10 years ago
tedu
661d769f4e
remove the never used bm string functions
10 years ago
sthen
85309b05df
Remove commented-out module-config line, it is already set to "validator
iterator" by default. Pointed out by Patrik Lundin.
10 years ago
tedu
5d4103f5b3
switch to shorter ISC license. this was ok with Niels Provos.
10 years ago
ajacoutot
256de60572
Add nginx default log files to the rotation.
ok jung@ stephan@
tweaks and ok sthen@
10 years ago
sthen
4dd1a5962e
Install a /var/unbound/db directory, writable by the _unbound daemon,
and use it as the default location for the DNSSEC root key. Update default
config for this location.
With this, the only step required to enable DNSSEC validation is to
uncomment these default config entries and restart:
#module-config: "validator iterator"
#auto-trust-anchor-file: "/var/unbound/db/root.key"
There is no longer a requirement to run unbound-anchor manually to
update the root key. The rc.d script will take care of updates at boot,
and Unbound will manage the file itself at runtime.
Test with "dig test.dnssec-or-not.net txt @127.0.0.1" or similar.
10 years ago
miod
8dbd387ec6
Tell the manpage machinery to not output Xr to hd(4/vax) in MAKEDEV.8, since
such a manpage does not currently exist. Requested by jmc@
10 years ago
tedu
a3382b4cd8
no rest for the wicked. increase user blf logrounds default to 8(+2).
increase root to 9(+1).
ok deraadt (and a thank you to miod for helping to reduce the set of
architectures harmed by this)
10 years ago
tedu
2a80bbb144
consolidate the base64 code in one place, and remove inadequate test code
10 years ago
tedu
3beb8e286a
right or wrong, bcrypt() is declared in pwd.h, not unistd.h
10 years ago
miod
7766679fe4
Retire hp300, mvme68k and mvme88k ports. These ports have no users, keeping
this hardware alive is becoming increasingly difficult, and I should heed the
message sent by the three disks which have died on me over the last few days.
Noone sane will mourn these ports anyway. So long, and thanks for the fish.
10 years ago
sthen
9690bbcd18
No need to keep a manually maintained list of system daemons here, ftpd can
disallow them itself. ok deraadt@ millert@, gsoares@ and aja@ like it too.
("nobody" still needs to be listed).
10 years ago
tedu
18caccfdb7
uucp cleansing
10 years ago
sthen
4160ff8632
no more _ppp user
10 years ago
sthen
733c769ec2
ppp.log was just for ppp(8)
10 years ago
deraadt
c6fc6500f7
_ppp uid/gid will come up for recycling (but please not within a year)
10 years ago