src - OpenBSD base system

Age	Commit message (Collapse)	Author
2017-05-03	make the description strings match the code	Theo de Raadt

2017-05-02	the XXXfree functions being called accept NULL, so don't check first.	Theo de Raadt
	ok beck
2017-05-02	use freezero() instead of memset/explicit_bzero + free. Substantially	Theo de Raadt
	reduces conditional logic (-218, +82). MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c wasn'tt quite right. Two other tricky bits with ASN1_STRING_FLAG_NDEF and BN_FLG_STATIC_DATA where the condition cannot be collapsed completely. Passes regress. ok beck
2017-05-01	Document that wait3/waitpid can receive SIGCHILD when wpid does	Todd C. Miller
	not exist or is not a child of the calling process. Document what happens when SIGCHLD is ignored or SA_NOCLDWAIT is set in sa_flags (this part from FreeBSD). OK guenther@
2017-04-30	No original OpenSSL code remains in this file. Relicense	Bob Beck

2017-04-30	Add futex(2) shim, bump minor.	Martin Pieuchot
	Inputs from guenther@, ok kettenis@, visa@
2017-04-30	Make BIO_get_host_ip just yet another getaddrinfo wrapper	Bob Beck

2017-04-30	Rework BIO_accept to be more like modern code.	Bob Beck
	ok jsing@
2017-04-30	Only enable -Werror on libcrypto/libssl/libtls if we are building with	Joel Sing
	gcc4. This should avoid failed builds while transitioning compilers. While here also make the CFLAGS blocks consistent across makefiles. Discussed with deraadt@, ok beck@
2017-04-30	Switch back to freezero() and explicitly initialise data_len to zero. The	Joel Sing
	previous code was safe since data would always be NULL if data_len was uninitialised, however compilers cannot know this.
2017-04-30	Microsoft Windows hates BIO_get_accept_socket in portable. Fix it to	Bob Beck
	not be awful or have any claims on supporting ipv6 when it does so very badly ok jsing@
2017-04-30	Add a tls_keypair_clear_key() function that uses freezero() to make key	Joel Sing
	material inaccessible, then call it from the appropriate places. ok beck@
2017-04-29	Fix a bug caused by the return value being set early to signal successful	Joel Sing
	DTLS cookie validation. This can mask a later failure and result in a positive return value being returned from ssl3_get_client_hello(), when it should return a negative value to propagate the error. Ironically this was introduced in OpenSSL 2e9802b7a7b with the commit message "Fix DTLS cookie management bugs". Fix based on OpenSSL. Issue reported by Nicolas Bouliane <nbouliane at jive dot com>. ok beck@
2017-04-29	Revert previous - we still want to do this, but I forgot about the installer	Bob Beck
	and want to avoid the wrath of theo when he arrives home in a couple of hours :)
2017-04-29	We now require you to have a working libpthread	Bob Beck

2017-04-29	Make it safe to call SSL_library_init more than once.	Bob Beck
	We are basically admitting that pthread is everywhere, and we will be using it for other things too. ok jsing@
2017-04-29	Stop calling OPENSSL_init() internally, since it is a no-op. Also place	Joel Sing
	it under #ifndef LIBRESSL_INTERNAL. ok beck@
2017-04-29	Switch Linux getrandom() usage to non-blocking mode, continuing to	Bob Beck
	use fallback mechanims if unsuccessful. The design of Linux getrandom is broken. It has an uninitialized phase coupled with blocking behaviour, which is unacceptable from within a library at boot time without possible recovery. ok deraadt@ jsing@
2017-04-28	Revert previous change that forced consistency between return value and	Bob Beck
	error code, since this breaks the documented API. Under certain circumstances this will result in incorrect successful certiticate verification (where a user supplied callback always returns 1, and later code checks the error code to potentially abort post verification)
2017-04-28	revert previous accidental commit	Bob Beck

2017-04-28	* empty log message *	Bob Beck

2017-04-28	Reference the "Futexes Are Tricky" paper.	Martin Pieuchot
	With schwarze@
2017-04-28	errant space;	Jason McIntyre

2017-04-28	Document futex(2) with a lot of inputs from schwarze@	Martin Pieuchot

2017-04-27	ntohl() returns uint32_t so it cannot be < 0. Since we're storing	Todd C. Miller
	the result in an int check for > INT_MAX instead. OK bluhm@
2017-04-27	Remove "len < 0" check; len is socklen_t (uint32_t) so can't be	Todd C. Miller
	negative. Quiets a warning from clang. OK bluhm@
2017-04-27	tls_free(3) and tls_config_free(3) accept NULL;	Ingo Schwarze
	patch from Matthew Martin <phy1729 at gmail dot com>, slightly tweaked by me
2017-04-27	Remove the "volatile" attribute from bpf_error(). The "volatile"	Todd C. Miller
	attribute is an obsolete way of saying "noreturn". clang doesn't recognize it and the function is already marked __dead so it is superfluous anyway.
2017-04-27	Remove useless check for ks_env_table being NULL. Since ks_env_table	Todd C. Miller
	is an array embedded in struct keynote_session it can never be NULL. Quiets a clang warning.
2017-04-23	Rearrange text a bit to make it clear what "discarded" means; ok jmc@ deraadt@	Otto Moerbeek

2017-04-22	For small allocations (chunk) freezero only validates the given	Otto Moerbeek
	size if canaries are enabled. In that case we have the exact requested size of the allocation. But we can at least check the given size against the chunk size if C is not enabled. Plus add some braces so my brain doesn't have to scan for dangling else problems when I see this code.
2017-04-20	add previous to NAME;	Jason McIntyre

2017-04-20	Add getptmfd(), fdopenpty(), fdforkpty() functions. These allow programs	Nicholas Marriott
	to separate the open(/dev/ptm) from the ioctl(PTMGET) for privilege separation or pledge(). Based on a diff from reyk@. ok deraadt millert
2017-04-20	Fix previous.	Visa Hankala

2017-04-20	Get TCB address using the RDHWR instruction instead of __get_tcb().	Visa Hankala
	This gives fast access to the address on systems that implement the UserLocal register. TCB caching is still used when running in the single-threaded mode in order not to penalize old systems. The kernel counterpart of this change must be in place before using this diff! With guenther@
2017-04-19	Switch base tools from /dev/bpf0 to /dev/bpf. Now that /dev/bpf has been	Martin Natano
	around for two releases, it should be safe to do so. ok bluhm deraadt sthen tb yasuoka
2017-04-18	don't forget to fill in canary bytes for posix_memalign(3); reported by	Otto Moerbeek
	and ok jeremy@
2017-04-18	Add sparc64 support.	Mark Kettenis

2017-04-18	wipe some more macros that do not belong in C++ forwarding headers.	Marc Espie
	(breaks lincity-ng) okay kettenis@
2017-04-18	use freezero() instead of explicit_bzero+free	Theo de Raadt

2017-04-17	use freezero()	Theo de Raadt

2017-04-17	consictently use .Dv NULL and a few other tweaks; ok schwarze@	Otto Moerbeek

2017-04-17	whitespace fixes	Otto Moerbeek

2017-04-17	Change build infrastructure to allow building both gcc and clang. This	Mark Kettenis
	doesn't actually flip the switch yet, so aarch64 continues to be the only architecture for which we build clang. ok jsg@, deraadt@
2017-04-16	Always return nonzero from _longjmp too.	Mark Kettenis
	ok jsg@
2017-04-16	backout previous, data_len is not always initialized	Otto Moerbeek

2017-04-15	Document RB_TIMEBAD; delete RB_* that are obsolete/unimplemented	Philip Guenther
	ok visa@ deraadt@
2017-04-14	Use freezero(3) when cleaning up session tickets - not only does it require	Joel Sing
	less code, but there is also a potential performance gain since they can be larger allocations.
2017-04-14	Use freezero(3) to clean up the X25519 keys - simpler, cleaner code.	Joel Sing

2017-04-14	Use freezero(3) in the CBB clean up path, since this could hold sensitive	Joel Sing
	information (such as master keys).