| Age | Commit message (Collapse) | Author |
|---|
|
|
|
from asr_ctx was skiped. Missed in previous commit.
OK deraadt@
|
|
creating the directory /usr/share/nls. Having a non-existing default
path in catopen(3) does not make sense, so remove it. If the user
does not specify a NLS path, better fail early than fail because
of an empty directory. Remove path form hier(7).
OK stsp@ schwarze@ jmc@
|
|
nameservers could overflow the dns search pointers. Restrict the
number, size and address family of nameservers in res_init(3). This
fixes a crash in sendmail. Only programs that use the bind resolver
internals directly are affected.
OK deraadt@ millert@
|
|
24 bits; if we don't, Td4[] gets cast to signed int, and according to C>=99
6.5.7, signed int shifted by enough bits to cause a the sign bit to be set
is an UB.
Reported by Pascal Cuoq on behalf of the trust-in-soft.com mafia I am
{partial,slightly related} to.
|
|
CAST_KEY is constructed. This is expected to reduce blood pressure in
auditors.
|
|
to the 'struct ifqueue' description for net.inet.ip.ifq to reduce chance of
them getting out of sync. ok logan, ok/tweak mikeb
|
|
|
|
|
|
|
|
Suggested by WubTheCaptain so the same comparison code can be used with
LibreSSL.
https://www.openssl.org/docs/manmaster/crypto/OPENSSL_VERSION_NUMBER.html
|
|
|
|
so long; ok guenther
|
|
|
|
|
|
|
|
OK jsing@
|
|
"ChaCha20 and Poly1305 for IETF Protocols", introduced a modified AEAD
construction that is incompatible with the common style that has been
already used in TLS with EVP_aead_chacha20_poly1305(). The IETF
version also adds a constant (salt) that is prepended to the nonce.
OK mikeb@ jsing@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
syslogd will fill it in immediately upon reception on the other side of
sendsyslog(2). Our libc only talks to our syslogd, which will fix the
timestamp before forwarding. syslog_r has done this for a long time
already.
ok tedu bluhm
|
|
relying upon previously included headers to do this, to enhance portability;
from Pascal Cuoq, libressl github pull request #52
|
|
- delete the commented out setgrfile bits, as well as the MLINK
- rename getgr{nam,gid}_r()'s 'buffer' parameters to 'buf' to be
consistent with getpwnam(3) and practically all other section 3 manpages
- we have sysconf(_SC_GETGR_R_SIZE_MAX) now, so uncomment and revise the text
For getpwnam.3:
- rename buflen to bufsize for consistency
- rewrite the description of the getpw{nam,uid}_r functions to
match the better getgr{nam,gid}_r() description, adding sysconf() bits
Add sysconf(3) to SEE ALSO for both
encouraged by schwarze@
ok millert@
|
|
|
|
|
|
the resolver.
ok millert@ deraadt@
|
|
This extension never made it to other systems. (pledge is also happy
with this. The idea of DNS @ any port collides with pledge encouraring
differentiation between DNS and non-DNS sockets)
ok phessler jung sthen kettenis
|
|
With input from jmc, zhuk, schwarze, and bentley.
ok jmc zhuk bentley
|
|
and ldexp().
ok millert@
|
|
Incorrect text pointed out by tedu@
ok deraadt@ millert@ tedu@
|
|
become responsible for calling endpwent.
ok deraadt
|
|
Strip out unnecessary #includes and use NULL instead of (struct rusage *)0
|
|
doesn't get pulled into all static executables
ok millert@ jca@
|
|
Wrap __cxa_{atexit,finalize}() so the call from exit() goes direct
Switch regress/lib/libc/atexit/ to be built with -static so that it can
still access __atexit*
ok millert@ jca@
|
|
d_packname as a simple field. Also nuke the access #defines, and
support for b0 and b1 capabilities in disktab.
ok deraadt@ miod@
|
|
|
|
For backward compatibility, the flags are redefined as 0.
ok jsing@
|
|
No part of LibreSSL checks for this flag any longer.
ok jsing@
|
|
ssl23_get_client_hello sets type=1 on error and continues processing.
It should return an error immediately to simplify things. This also
allows us to start removing the last of SSL_OP_NO_SSL*.
Added extra paranoia for s->version to make sure it is set properly.
ok jsing@
|
|
are the errno messages and signal names. Everything else is in
English. We are not planning to translate more text. Running a
mixed system with less than 1% of the text in native language makes
no sense. So remove the NLS support from libc messages. The
catopen(3) functions stay as they are.
OK stsp@ mpi@
|
|
wrappers. To keep uses from crawling back in, mark signal() as
deprecated inside libc.
ok deraadt@
|
|
|
|
several. Switch from FILENAME_MAX to PATH_MAX (it's for open(), not fopen()).
ok deraadt@ tedu@ krw@
|
|
ok jmc@
|
|
- include comment
- libc errlist
- nls C msg
- man page
OK tedu@
|
|
|
