summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2015-09-05This is probably what guenther@ had in mind.Miod Vallat
2015-09-05off-by-one for the previous patch. the limit is inclusive: 0x10ffff is a ↵Sebastien Marie
valid codepoint. ok stsp@
2015-09-05Hide some YP internals. Annotate a few private hooks currently usedTheo de Raadt
by ypserv, passwd, or chpass... maybe we can use different tricks to interface with libc...
2015-09-05rather than assuming stderr is alive, open + dprintf to /dev/ttyTheo de Raadt
ok guenther millert
2015-09-05check for limiting the range of UTF-8 to 0x10FFFF, as requested by RFC 3629.Sebastien Marie
ok stsp@
2015-09-05Delete duplicated CVS $foo tagsPhilip Guenther
2015-09-05Use new framework for wrapping dbopen()Philip Guenther
Move internal declarations from <db.h> to libc's hidden/db.h ok kettenis@
2015-09-05Use new framework for wrapping cat{open,gets,close}(), eliminatingPhilip Guenther
_cat* in the process. ok kettenis@
2015-09-05Adds hidden _libc_FOO aliases for the system call stubs.Philip Guenther
Stop generating _brk and _sbrk symbols: they've already been hidden. Set the ELF symbol size on the syscall stubs. Give the __{min,cur}brk symbols a size and type, and hide more jump labels. ok deraadt@
2015-09-04Add missing information to the socket splicing man page to make itAlexander Bluhm
more comprehensible. OK jmc@ tedu@
2015-09-04word fix; from henning petersen (netbsd pr/49641, -r1.18)Jason McIntyre
ok millert
2015-09-04fix a race when fetching files from the kernel. the number of filesDavid Gwynne
might have increased between when we got the number of files and when we requested that number of files. now we allocate another 10ish percent on top of what the kernel says we need, and retry if that still isnt enough. while here use realloc instead of constantly going through free/malloc sequences. with input from claudio@ deraadt@ ok millert@ guenther@
2015-09-04add kvm_realloc() as a private function.David Gwynne
part of a larger diff ok millert@ guenther@
2015-09-03no more gcc2.Daniel Dickman
ok deraadt@
2015-09-02Replace dtls1_client_hello() with ssl3_client_hello() - both are basicallyJoel Sing
the same code, with two slight differences for DTLS handling. Also, make use of send_cookie to determine if the client random needs to be preserved, rather than testing if it is zeroed (hopefully your random number generator never returned all zeros, since the existing code would break). Inspired by BoringSSL. ok doug@
2015-09-02Fewer magic numbers - we already have defines for the header lengths, soJoel Sing
make use of them. ok doug@
2015-09-02use _PATH_RESCONFTheo de Raadt
2015-09-02Delete 3 more stderr messages, right before returning a proper error.Theo de Raadt
Code from way in the past.
2015-09-02do not printf() on error from libc; ok millertTheo de Raadt
2015-09-01Remove all bogus writes to stderr. Only explicit requests shouldTheo de Raadt
go that way. ok miod beck
2015-09-01Remove calls to perror(); the error returns are sufficient, and theseTheo de Raadt
library may not assume stderr is useable. ok millert miod beck
2015-09-01Remove duplicate prototype for SSL_get_selected_srtp_profile().Joel Sing
From Aaron Burghardt.
2015-09-01Remove the ssl_prepare_{client,server}hello_tlsext() functions, which areJoel Sing
now nothing more than noops. ok bcook@ doug@
2015-09-01Make it always safe to call CBB_cleanup() providing that CBB_init() orJoel Sing
CBB_init_fixed() have been attempted. ok doug@
2015-09-01In static binaries, invoke kbind() once to disable it.Philip Guenther
With much assistance from miod@ ok deraadt@@
2015-08-31only 32-bit systems need the quad functions.Theo de Raadt
skipping a libc crank since unused in base on 64bit systems discussed with miod, tedu; ok kettenis
2015-08-31use #function rather than @function on armTheo de Raadt
ok guenther
2015-08-31Also add ALTEXIT_{STRONG,WEAK} to hppa64, copied from hppa. Document'em tooPhilip Guenther
ok deraadt@
2015-08-31Add ALTEXIT_{STRONG,WEAK} to support wrapping of functions using ALTENTRY.Philip Guenther
Fix memmove with that ok deraadt@
2015-08-31Add framework for resolving (pun intended) libc namespace issues, usingPhilip Guenther
wrapper .h files and asm labels to let internal calls resolve directly and not be overridable or use the PLT. Then, apply that framework to most of the functions in stdio.h, string.h, err.h, and wchar.h. Delete the should-have-been-hidden-all-along _v?(err|warn)[cx]? symbols while here. tests clean on i386, amd64, sparc64, powerpc, and mips64 naming feedback from kettenis@ and millert@ ok kettenis@
2006-10-10Preliminary userland bits for OpenBSD/landisk, many things coming fromMiod Vallat
NetBSD.
2015-08-30Use nanosleep instead of sleep to avoid the extra layer and simplify laterPhilip Guenther
symbol hiding ok w/tweak deraadt@
2015-08-29Now that SSLv3 is going away, TLS_* and SSLv23 are equivalent.Doug Hogan
Remove the TLS method data and tls_any_* functions. Point to SSLv23. ok jsing@
2015-08-29Delete s3_meth.c since it was only for SSLv3 support.Doug Hogan
ok jsing@
2015-08-29Remove SSLv3 method data structs and unlink s3_meth.c from the build.Doug Hogan
ok jsing@
2015-08-29Add Symbols.map to CLEANFILESTheo de Raadt
2015-08-28Remove lies about openpty(4) searching for a free pseudo-tty by iteratingMark Kettenis
through all existing pseudo-tty devices in /dev.
2015-08-28Rework the UNIX domain socket garbage collector, including ideas fromPhilip Guenther
{Free,Net}BSD - when a socket is closed with fds in its input, defer closing them to a task to avoid recursing. This eliminates the complicated extra reference taking which had a 37 line(!) comment explanation - move flags, counts, and links only needed for this from struct file to struct unpcb - document the flow of the mark/sweep collector much help from claudio@ who made me explain the GC to him until we trusted it ok claudio@ mpi@ deraadt@
2015-08-28Kill coverity 128475Bob Beck
ok doug@
2015-08-27Improve libtls error messages.Joel Sing
The tls_set_error() function previously stored the errno but did nothing with it. Change tls_set_error() to append the strerror(3) of the stored errno so that we include useful information regarding failures. Provide a tls_set_errorx() function that does not store the errno or include strerror(3) in the error message. Call this function instead of tls_set_error() for errors where the errno value has no useful meaning. With feedback from and ok doug@
2015-08-27Split the persistent/configuration flags from temporary state flags andJoel Sing
ensure that the temporary state flags get cleared in tls_reset(). Fixes a bug spotted by Marko Kreen whereby TLS_CONNECTING could remain on reset. While here, also move the TLS_STATE_CONNECTING check to after the TLS_CLIENT check - if TLS_STATE_CONNECTING was ever set on any other context type it would allow a bypass. ok bluhm@
2015-08-27Change AEAD out_len argument to size_t instead of ssize_t - while here,Joel Sing
rename it to out_len so that its purpose is more obvious. Also, drop two checks that are no longer possible (and have not been for a long time). Spotted by and ok doug@
2015-08-27use explicit_bzero to clear some memory that had creds in it instead ofDavid Gwynne
memset. ok deraadt@ millert@
2015-08-27fix commentPhilip Guenther
2015-08-27Make functions that are internal to tls verify static.Joel Sing
Spotted by Marko Kreen. Rides libtls major bump.
2015-08-27Crank major version for libssl and libtls due to SSLv3 removal.Doug Hogan
2015-08-27Remove SSLv3 support from LibreSSL.Doug Hogan
This is the first wave of SSLv3 removal which removes the main SSLv3 functions. Future commits will remove the rest of the SSLv3 support. Discussed the plan at c2k15. Input from jsing@, beck@, miod@, bcook@, sthen@, naddy@, and deraadt@. ok jsing@, beck@
2015-08-27ELF uberalles: remove #ifdef _NLIST_DO_ELF testsPhilip Guenther
2015-08-27Use static and __{BEGIN,ENV}_HIDDEN_DECLS to hide a bunch of internalPhilip Guenther
symbols that are not longer exported. (This improves the generated code.) ok deraadt@
2015-08-27Move the __rand48_* declarations into rand48.h, and then hide both themPhilip Guenther
and __dorand48() and __rand48_deterministic ok deraadt@