summaryrefslogtreecommitdiff
path: root/include
AgeCommit message (Collapse)Author
2022-02-14Mark all the rpc 'ops' vectors, for auth, client, service, and xdr,Philip Guenther
as const, moving them from .data to .data.rel.ro. The other BSDs did this a long time ago; NetBSD did a chunk in 1998, which is long enough I didn't bother to get exact dates for others. ok deraadt@ millert@
2022-02-10introduce support for storing capability databases in /etc/login.conf.d;Robert Nagy
anytime a class is looked up, the /etc/login.conf.d/${class} file will be checked first for a matching class definition; this will allow us to easily add custom login classes from packages ok millert@
2022-01-28When it's the possessive of 'it', it's spelled "its", without thePhilip Guenther
apostrophe. one from miod, other by "never just one" vibe
2022-01-05funopen(): change seekfn argument to use off_t, not fpos_tTodd C. Miller
On BSD, fpos_t is typedef'd to off_t but some systems use a struct. This means fpos_t is not a portable function argument or return value. Both FreeBSD and the Linux libbsd funopen() have switched to off_t for this--we should too. From Joe Nelson. OK deraadt@
2021-11-29Niels agreed to remove the advertising clause; switching theseDamien Miller
to 3-term BSD license.
2021-11-22Implement rfc6840 (AD flag processing) if using trusted name serversJeremie Courreges-Anglas
libc can't do DNSSEC validation but it can ask a "security-aware" resolver to do so. Let's send queries with the AD flag set when appropriate, and let applications look at the AD flag in responses in a safe way, ie clear the AD flag if the resolvers aren't trusted. By default we only trust resolvers if resolv.conf(5) only lists name servers on localhost - the obvious candidates being unwind(8) and unbound(8). For non-localhost resolvers, an admin who trusts *all the name servers* listed in resolv.conf(5) *and the network path leading to them* can annotate this with "options trust-ad". AD flag processing gives ssh -o VerifyHostkeyDNS=Yes a chance to fetch SSHFP records in a secure manner, and tightens the situation for other applications, eg those using RES_USE_DNSSEC for DANE. It should be noted that postfix currently assumes trusted name servers by default and forces RES_TRUSTAD if available. RES_TRUSTAD and "options trust-ad" were first introduced in glibc by Florian Weimer. Florian Obser (florian@) contributed various improvements, fixed a bug and added automatic trust for name servers on localhost. ok florian@ phessler@
2021-06-09Enable libexecinfo.mortimer
With some build plumbing help from jsg@ ok kettenis@ sthen@
2021-06-03secure_path(3) hasn't been called since we recognized the TOCTOU issues a fewTheo de Raadt
years back, so we can remove it. Since nothing in the ecosystem calls it, I am not cranking the libc major as required, surely another crank will come along soon. noticed by Dante Catalfamo ok millert
2021-06-02add RTLD_NODELETE supportSebastien Marie
if RTLD_NODELETE isn't POSIX, it is widely deployed: at least linux, freebsd, dragonfly, netbsd, solaris, illumos, apple, and fuchsia have it. ok kettenis@ on previous version with help from and ok guenther@ diff partially inspired from a diff from brad@
2021-01-21Rearrange variables in dump / restore to handle -fno-common.mortimer
Largely following the commit by mckusick in FreeBSD. ok naddy@
2021-01-02Move Makefiles for libc++ and libc++abi to gnu/lib in preparation for anPatrick Wildt
upcoming update to those, which will see both codebases heading into the gnu/llvm dumpster. Feedback from jsg@ ok deraadt@ kettenis@
2020-10-26Hook up agentx.h.Martijn van Duren
OK deraadt@
2020-10-20Align the basename(3) and dirname(3) prototypes with the POSIX spec:Christian Weisgerber
Both functions take a non-const parameter. Implementations may modify the passed string, even though ours do not. ok stsp@ deraadt@ millert@
2020-09-11add format string checking annotations for dprintf(3) and vdprintf(3)Christian Weisgerber
ok millert@ deraadt@
2020-09-06Use __STDC_VERSION__ instead of __ISO_C_VISIBLE to guard _Static_assert.Todd C. Miller
We need to test what the compiler supports, not what the C library provides. This prevents static_assert from being defined when compiling with the in-tree gcc (4.2.1) which does not support _Static_assert.
2020-09-05Add C11's static_assert.Anthony J. Bentley
tested in a bulk by naddy@ previously submitted by jsg@ and Martin Wanvik ok millert@
2020-07-14Fix TIB/TCB on powerpc64. Some bright sould decided that the TCB shouldMark Kettenis
be 8 bytes in the 64-bit ABI just like in the 32-bit ABI. But that means there is no "spare" word in the TCB that we can use to store a pointer to our struct pthread. So we have to treat powerpc64 special. Also recognize that the thread pointer points 0x7000 bytes after the TCB. Since the TCB is 8 bytes this means that TCB_OFFSET should be 0x7008. Pointed out by guenther@; ok deraadt@
2020-06-28Allow switching between alternate devices (-F option) with sndioctl(1)Alexandre Ratchov
2020-06-28Add a new SIOCTL_SEL control type to select one of a predefined set ofAlexandre Ratchov
mutually exclusive values. It's the same as SIOCTL_LIST except that exactly one list element may be selected.
2020-06-18Fix comments about sioctl_desc's maxval fieldAlexandre Ratchov
2020-05-10Use a double-underscore prefix for local variables declared in macrosPhilip Guenther
that have arguments. Document this requirement/recommendation in style(9) prompted by mpi@ ok deraadt@
2020-02-26Add API to control audio device parameters exposed by sndiod.Alexandre Ratchov
The API exposes controls of modern audio hardware and sndiod software volume knobs in a uniform way. Hardware knobs are exposed through sndiod. Multiple programs may use the controls at the same time without the need to continuously scan the controls. For now sndiod exposes only its own controls and the master output and input volumes of the underlying hardware (if any), i.e. those typically exposed by acpi volume keys. ok deraadt
2019-11-14RDIRS for libcbor and libfido2Damien Miller
2019-10-24Allow the caller of asr functions to create and use a specific context.Otto Moerbeek
Diff from eric@ and florian@, commiting on their behalf since they are absent and we want to ride the minor shlib bump.
2019-07-11add /usr/local/sbin. ok deraadt millertTed Unangst
2019-05-28Include pthread.h to make this header standalone (needs pthread_t and others)Jeremie Courreges-Anglas
Will get us rid of pointless patches in the ports tree. ok guenther@
2019-05-10Inroduce malloc_conceal() and calloc_conceal(). Similar to theirOtto Moerbeek
counterparts but return memory in pages marked MAP_CONCEAL and on free() freezero() is actually called.
2019-05-10ld.so boot cleanup support:Philip Guenther
- put functions and data which are only used before calling the executable's start function into their own page-aligned segments for unmapping (only done on amd64, arm64, armv7, powerpc, and sparc64 so far) - pass .init_array and .preinit_array functions an addition argument which is a callback to get a structure which includes a function that frees the boot text and data - sometimes delay doing RELRO processing: for a shared-object marked DF_1_INITFIRST do it after the object's .init_array, for the executable do it after the .preinit_array - improve test-ld.so to link against libpthread and trigger its initialization late libc changes to use this will come later ok kettenis@
2019-04-06unbreak make includes on non-clang archs after libobjc removalJonathan Gray
found the hard way by nayden@ ok deraadt@
2019-03-05Build and install a shared libLLVM, llvm-config and llvm includes.Jonathan Gray
This is required to build the radeonsi Mesa driver. ok patrick@
2019-02-04enable libelfJonathan Gray
2019-02-04add a pthread_get_name_np to match pthread_set_name_np.Ted Unangst
could be useful in ports. initial diff by David Carlier some time ago. ok jca
2019-02-04Make gl_pathc, gl_matchc and gl_offs size_t in glob_t to match POSIX.Todd C. Miller
This requires a libc major version bump. OK deraadt@
2019-01-25I am retiring my old email address; replace it with my OpenBSD one.Todd C. Miller
2019-01-14There are cases where a program doing dns requests wants to set theOtto Moerbeek
Checking Disabled flag. Introduce a RES flag to do so. ok krw@ deraadt@ eric@
2018-11-22Our *int_fast{8,16}_t types are int/unsigned int, so SCN*FAST{8,16}Philip Guenther
shouldn't include 'hh' or 'h'. problem noted by Andreas Kusalananda Kähäri (andreas.kahari(at)abc.se) ok deraadt@ martijn@
2018-11-21Introducing malloc_usable_size() was a mistake. While some otherOtto Moerbeek
libs have it, it is a function that is considered harmful, so: Delete malloc_usable_size(). It is a function that blurs the line between malloc managed memory and application managed memory and exposes some of the internal workings of malloc. If an application relies on that, it is likely to break using another implementation of malloc. If you want usable size x, just allocate x bytes. ok deraadt@ and other devs
2018-11-18Implement malloc_usable_size(); ok millert@ deraadt@ and jmc@ for the man pageOtto Moerbeek
2018-11-05Implement C11's aligned_alloc(3). ok guenther@Otto Moerbeek
2018-10-30Add C11's timespec_get(3); minor bump for libc.Philip Guenther
Tweaked diff from brad@ manpage tweaks florian@ and jmc@ ok deraadt@ millert@
2018-09-13Add uid_from_user() and gid_from_group(), derived from pax's cache.c.Todd C. Miller
It replaces the existing pwcache.c functions user_from_uid(3) and group_from_gid(3) with the pax equivalents. Adapted from NetBSD (mycroft) changes from our own pax's cache.c. OK guenther@
2018-07-29Add _PATH_AUTHPROGDIR = "/usr/libexec/auth", this path will be usedTheo de Raadt
to unveil. Unfortunately the auth subsystem uses _PATH_AUTHPROG = "/usr/libexec/auth/login_", which it auth-program is appended to -- a rather gross idea which now shows lack of wisdom.
2018-07-13Unveiling unveil(2).Bob Beck
This brings unveil into the tree, disabled by default - Currently this will return EPERM on all attempts to use it until we are fully certain it is ready for people to start using, but this now allows for others to do more tweaking and experimentation. Still needs to send the unveil's across forks and execs before fully enabling. Many thanks to robert@ and deraadt@ for extensive testing. ok deraadt@
2018-05-30The open POSIX test suite reveals that sigpause(int sigmask) fromAlexander Bluhm
4.2 BSD takes a signal mask as argument while POSIX sigpause(int sig) expects a single signal. Do not expose our traditional BSD sigpause(3) to XPG/POSIX sources. OK guenther@
2018-03-16Consistently spell "IPsec" in comments and debug outputs.Martin Pieuchot
From Raf Czlonka, ok sthen@
2018-03-10Implement sicos(3), sincosf(3) and sincosl(3). These functions are commonMark Kettenis
extensions and modern compilers (such as clang) will use them to optimize separate calculations of sine and cosine. ok tom@, patrick@, deraadt@, jmc@
2018-03-05#define _MAX_PAGE_SHIFT in MD _types.h as the maximum pagesize an archTheo de Raadt
needs (looking at you sgi, but others required this before). This is for the circumstances we need pagesize known at compile time, not getpagesize() runtime. Use it for malloc storage sizes, for shm, and to set pthread stack default sizes. The stack sizes were a mess, and pushing them towards page-aligned is healthy move (which will also be needed by the coming stack register checker) ok guenther kettenis, discussion with stefan
2017-12-12pledge()'s 2nd argument becomes char *execpromises, which becomes theTheo de Raadt
pledge for a new execve image immediately upon start. Also introduces "error" which makes violations return -1 ENOSYS instead of killing the program ("error" may not be handed to a setuid/setgid program, which may be missing/ignoring syscall return values and would continue with inconsistant state) Discussion with many florian has used this to improve the strictness of a daemon
2017-11-28Add a member to be used by __cxa_thread_atexit(). Remove padding which wouldMark Kettenis
now misalign things. ok guenther@
2017-11-28Implement a DL_REFERENCE dlctl. To be used by the upcomingMark Kettenis
__cxa_thread_atexit() implementation. ok guenther@