summaryrefslogtreecommitdiff
path: root/openbsd-compat
AgeCommit message (Collapse)Author
2015-01-15kludge around tun API mismatch bettererDamien Miller
2015-01-15unbreak across API changeDamien Miller
2015-01-15support --without-openssl at configure timeDamien Miller
Disables and removes dependency on OpenSSL. Many features don't work and the set of crypto options is greatly restricted. This will only work on system with native arc4random or /dev/urandom. Considered highly experimental for now.
2015-01-14support --without-openssl at configure timeDamien Miller
Disables and removes dependency on OpenSSL. Many features don't work and the set of crypto options is greatly restricted. This will only work on system with native arc4random or /dev/urandom. Considered highly experimental for now.
2014-12-30avoid uninitialised free of ldns_resDamien Miller
If an invalid rdclass was passed to getrrsetbyname() then this would execute a free on an uninitialised pointer. OpenSSH only ever calls this with a fixed and valid rdclass. Reported by Joshua Rogers
2014-12-29pull updated OpenBSD BCrypt PBKDF implementationDamien Miller
Includes fix for 1 byte output overflow for large key length requests (not reachable in OpenSSH). Pointed out by Joshua Rogers
2014-12-18upstream libc changeDamien Miller
revision 1.2 date: 2014/12/08 03:45:00; author: bcook; state: Exp; lines: +2 -2; commitid: 7zWEBgJJOCZ2hvTV; avoid left shift overflow in reallocarray. Some 64-bit platforms (e.g. Windows 64) have a 32-bit long. So, shifting 1UL 32-bits to the left causes an overflow. This replaces the constant 1UL with (size_t)1 so that we get the correct constant size for the platform. discussed with tedu@ & deraadt@
2014-12-10Add reallocarray to compat libraryDarren Tucker
2014-10-01 - (djm) [openbsd-compat/Makefile.in openbsd-compat/kludge-fd_set.c]Damien Miller
[openbsd-compat/openbsd-compat.h] Kludge around bad glibc _FORTIFY_SOURCE check that doesn't grok heap-allocated fd_sets; ok dtucker@
2014-09-04 - (djm) [openbsd-compat/arc4random.c] Zero seed after keying PRNGDamien Miller
2014-08-30 - (djm) [openbsd-compat/openssl-compat.h] add include guardDamien Miller
2014-08-30 - (djm) [openbsd-compat/openssl-compat.h] addDamien Miller
OPENSSL_[RD]SA_MAX_MODULUS_BITS defines for OpenSSL that lacks them
2014-08-27 - (djm) [openbsd-compat/explicit_bzero.c] implement explicit_bzero()Damien Miller
using memset_s() where possible; improve fallback to indirect bzero via a volatile pointer to give it more of a chance to avoid being optimised away.
2014-08-22 - (djm) [openbsd-compat/bsd-snprintf.c] Fix compilation failure (prototype/Damien Miller
definition mismatch) and warning for broken/missing snprintf case.
2014-07-21- (dtucker) [cipher.c openbsd-compat/openssl-compat.h] Restore the bitsDarren Tucker
needed to build AES CTR mode against OpenSSL 0.9.8f and above. ok djm
2014-07-18 - (tim) [openbsd-compat/port-uw.c] Include misc.h for fwd_opts, usedTim Rice
in servconf.h.
2014-07-02 - djm@cvs.openbsd.org 2014/06/24 01:13:21Damien Miller
[Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c [sshconnect2.c sshd.c sshkey.c sshkey.h [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h] New key API: refactor key-related functions to be more library-like, existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago. NB. This commit also removes portable OpenSSH support for OpenSSL <0.9.8e.
2014-06-17 - (dtucker) [entropy.c openbsd-compat/openssl-compat.{c,h}Darren Tucker
openbsd-compat/regress/{.cvsignore,Makefile.in,opensslvertest.c}] Move the OpenSSL header/library version test into its own function and add tests for it. Fix it to allow fix version upgrades (but not downgrades). Prompted by chl@ via OpenSMTPD (issue #462) and Debian (bug #748150). ok djm@ chl@
2014-06-11 - (dtucker) [openbsd-compat/arc4random.c] Use explicit_bzero instead of anDarren Tucker
assigment that might get optimized out. ok djm@
2014-05-27 - (djm) [configure.ac openbsd-compat/bsd-cygwin_util.c]Damien Miller
[openbsd-compat/bsd-cygwin_util.h] On Cygwin, determine privilege separation user at runtime, since it may need to be a domain account. Patch from Corinna Vinschen.
2014-02-13 - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add compatDarren Tucker
code for older OpenSSL versions that don't have EVP_MD_CTX_copy_ex.
2014-02-06 - (dtucker) [openbsd-compat/bsd-poll.c] Don't bother checking for non-NULLDarren Tucker
before freeing since free(NULL) is a no-op. ok djm.
2014-02-04 - (djm) [openbsd-compat/Makefile.in] Add missing explicit_bzero.oDamien Miller
2014-02-04 - tedu@cvs.openbsd.org 2014/01/31 16:39:19Damien Miller
[auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c] [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c] [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c] [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c] [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h] replace most bzero with explicit_bzero, except a few that cna be memset ok djm dtucker
2014-01-22 - (djm) [openbsd-compat/setproctitle.c] Don't fail to compile if aDamien Miller
platform that is expected to use the reuse-argv style setproctitle hack surprises us by providing a setproctitle in libc; ok dtucker
2014-01-18 - (dtucker) [openbsd-compat/bsd-cygwin_util.h] Add missing functionDarren Tucker
declarations that stopped being included when we stopped including <windows.h> from openbsd-compat/bsd-cygwin_util.h. Patch from vinschen at redhat.com.
2014-01-17 - (dtucker) [openbsd-compat/bsd-statvfs.h] Only start including headers if weDarren Tucker
need them to cut down on the name collisions.
2014-01-17 - (dtucker) [configure.ac openbsd-compat/bsd-statvfs.cDarren Tucker
openbsd-compat/bsd-statvfs.h] Implement enough of statvfs on top of statfs to be useful (and for the regression tests to pass) on platforms that have statfs and fstatfs. ok djm@
2014-01-17 - (dtucker) Fix typo in #ifndef.Darren Tucker
2014-01-17 - (dtucker) [configure.ac digest.c openbsd-compat/openssl-compat.cDarren Tucker
openbsd-compat/openssl-compat.h] Add compatibility layer for older openssl versions. ok djm@
2014-01-17 - (dtucker) [openbsd-compat/bcrypt_pbkdf.c] Wrap stdlib.h include insideDarren Tucker
#ifdef HAVE_STDINT_H.
2013-12-08 - (djm) [openbsd-compat/bsd-setres_id.c] Missing header; from CorinnaDamien Miller
Vinschen
2013-12-07 - (djm) [ed25519.c ssh-ed25519.c openbsd-compat/Makefile.in]Damien Miller
[openbsd-compat/bcrypt_pbkdf.c] Make ed25519/new key format compile on Linux
2013-12-07 - [configure.ac openbsd-compat/Makefile.in openbsd-compat/bcrypt_pbkdf.c]Damien Miller
[openbsd-compat/blf.h openbsd-compat/blowfish.c] [openbsd-compat/openbsd-compat.h] Start at supporting bcrypt_pbkdf in portable.
2013-11-08 - (dtucker) [openbsd-compat/bsd-poll.c] Add headers to prevent compileDarren Tucker
warnings.
2013-11-08 - (dtucker) [openbsd-compat/openbsd-compat.h] Add null implementation ofDarren Tucker
arc4random_stir for platforms that have arc4random but don't have arc4random_stir (right now this is only OpenBSD -current).
2013-11-03 - (dtucker) [openbsd-compat/setproctitle.c] Handle error case form the 2ndDarren Tucker
vsnprintf. From eric at openbsd via chl@.
2013-11-03 - (dtucker) [openbsd-compat/bsd-misc.c] Include time.h for nanosleep.Darren Tucker
From OpenSMTPD where it prevents "implicit declaration" warnings (it's a no-op in OpenSSH). From chl at openbsd.
2013-10-09 - (djm) [openbsd-compat/Makefile.in openbsd-compat/arc4random.c]Damien Miller
[openbsd-compat/bsd-arc4random.c] Replace old RC4-based arc4random implementation with recent OpenBSD's ChaCha-based PRNG. ok dtucker@, tested tim@
2013-10-09 - (djm) [openbsd-compat/arc4random.c openbsd-compat/chacha_private.h] PullDamien Miller
in OpenBSD implementation of arc4random, shortly to replace the existing bsd-arc4random.c
2013-08-28 - (djm) [openbsd-compat/bsd-snprintf.c] #ifdef noytet for intmax_t bitsDamien Miller
until we have configure support.
2013-08-28 - (djm) [openbsd-compat/bsd-snprintf.c] teach our local snprintf code theDamien Miller
'j' (intmax_t/uintmax_t) and 'z' (size_t/ssize_t) conversions in case we start to use them in the future.
2013-08-04 - (dtucker) [auth-krb5.c configure.ac openbsd-compat/bsd-misc.h] Add supportDarren Tucker
for building with older Heimdal versions. ok djm.
2013-06-06 - (dtucker) [configure.ac sftp.c openbsd-compat/openbsd-compat.h] Cater forDarren Tucker
platforms that don't have multibyte character support (specifically, mblen).
2013-06-02 - (dtucker) [M auth-chall.c auth-krb5.c auth-pam.c cipher-aes.c cipher-ctr.cDarren Tucker
groupaccess.c loginrec.c monitor.c monitor_wrap.c session.c sshd.c sshlogin.c uidswap.c openbsd-compat/bsd-cygwin_util.c openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/port-aix.c openbsd-compat/port-linux.c] Replace portable-specific instances of xfree with the equivalent calls to free.
2013-06-02 - (dtucker) [configure.ac openbsd-compat/xcrypt.c] bz#2112: fall back toDarren Tucker
using openssl's DES_crpyt function on platorms that don't have a native one, eg Android. Based on a patch from Nathan Osman.
2013-05-30 - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] bz#2087: Add a nullDarren Tucker
implementation of endgrent for platforms that don't have it (eg Android). Loosely based on a patch from Nathan Osman, ok djm
2013-05-17 - (dtucker) [openbsd-compat/getopt.h] Remove unneeded bits.Darren Tucker
2013-05-16 - (dtucker) [configure.ac readconf.c servconf.cDarren Tucker
openbsd-compat/openbsd-compat.h] Add compat bits for scan_scaled.
2013-05-10- (dtucker) [openbsd-compat/getopt.h openbsd-compat/getopt_long.cDarren Tucker
openbsd-compat/openbsd-compat.h] pull in getopt.h from openbsd and plumb in to use it when we're using our own getopt.