summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2015-01-13For non-blocking sockets tls_connect_fds() could fail with EAGAIN.Alexander Bluhm
Use the same logic from the read, write, accept functions to inform the caller wether a readable or writable socket is needed. After that event, the connect function must be called again. All the checks before connecting are done only once. OK tedu@
2015-01-13remove .Tn from stdio manuals; Kaspars Bankovskis found one of theseIngo Schwarze
2015-01-13libedit claims compatibility with readline 4.2, so provide a stub forReyk Floeter
rl_set_keyboard_input_timeout() that was added in this version. Also crank the minor version. OK krw@ yasuoka@ deraadt@
2015-01-13Remove unnecessary calls to __atexit_register_cleanup(), calling __sinit()Philip Guenther
instead where necessary. Based on a diff from enh (at) google.com ok millert@
2015-01-12Add fgetwln(3) from FreeBSD and bump libc minor revision.Todd C. Miller
2015-01-12Add a note that HOST_NAME_MAX does not include a terminating \0, unlikeNicholas Marriott
MAXHOSTNAMELEN. ok deraadt guenther
2015-01-12rename blocks to words. bcrypt "blocks" are unrelated to blowfish blocks,Ted Unangst
nor are they the same size.
2015-01-12Fix a memory leak in bss_dgram.Doug Hogan
Free data->saved_message.data. Based on OpenSSL commit: 41cd41c4416f545a18ead37e09e437c75fa07c95 except this version sets a->ptr to NULL to avoid accidental reuse and handles malloc failing. ok beck@, input + ok miod@
2015-01-09Cleanup some macros and #defines in i386 pmap. Previously committed andMike Larkin
backed out because of libkvm breakage, recommitting now with libkvm fix. ok deraadt@
2015-01-08missing , found by Dongsheng SongTheo de Raadt
2015-01-08Avoid a double-free in an error path.Doug Hogan
ok jsing@ beck@
2015-01-08declare a local version of MIN(), call it MINIMUM()Theo de Raadt
(sorry, my other changes were accidentally premature)
2015-01-08declare a local version of MIN(), call it MINIMUM()Theo de Raadt
2015-01-07Do not need sys/param.hTheo de Raadt
2015-01-07stupid me. need errno.hTed Unangst
2015-01-07set errno = EINVAL for invalid salts and hashes in most functions.Ted Unangst
remember to set EACCES in bcrypt_checkpass for hash differences. the higher level crypt_checkpass function will reset errno to EACCES in all cases, which is probably the right behavior, but this change gives code working with the lower level functions the correct errno if they care.
2015-01-07mix in more virtual memory and process informationBrent Cook
2015-01-06Backout revision 1.37. Setting ev->ev_pncalls to NULL results inAlexander Bluhm
a use after free if the callback has freed the ev. With F in malloc.conf both tmux and the regression tests triggered a segmentation fault. OK nicm@
2015-01-06add initial HP-UX getentropy/arc4random support.Brent Cook
patch from Kinichiro Inoguchi, tested on HP-UX 11.31 ok deraadt@
2015-01-06Apply commit e0e6958aa074a7714cd7c4aa779a1dfede3a03b1 from upstream.Alexander Bluhm
- Avoid deadlock when activating signals. Fixes bug 3048812. Based on patch by Nicholas Marriott. The deadlock was ultimately fixed in a different way (by disabling reinit - see event.c r1.25). Add it now for consistency but without the Windows compatibility code. Convert the fnctl() calls to SOCK_CLOEXEC | SOCK_NONBLOCK to simplify the code. OK nicm@
2015-01-06Apply commit 2d8cf0b720cdd5f9f292f174a10ff74e62a380ec from upstream.Alexander Bluhm
- Defensive programming to prevent (hopefully impossible) stack-stomping OK nicm@
2015-01-05Fix CVE-2014-6272 in Libevent 1.4 from upstream:Alexander Bluhm
- https://github.com/libevent/libevent/commit/7b21c4eabf1f3946d3f63cce1319c490caab8ecf - For this fix, we need to make sure that passing too-large inputs to the evbuffer functions can't make us do bad things with the heap. On top of that do: - Update libevent version to 1.4.15-stable. - Use SIZE_MAX from limits.h instead of a private define. - Do not declare 'size_t need' twice to avoid a compiler warning. OK sthen
2015-01-05Remove #ifdef notdef bits--we are not going to change the fgetln()Todd C. Miller
API to NUL-terminate the buffer.
2015-01-05rename kern enter/exit macros to malloc enter/leave to better reflectTed Unangst
what's going on.
2015-01-05convert clock() to clock_gettime() for improved precision (and accuracy?)Ted Unangst
guenther suggested using thread time, which actually may improve accuracy if somebody puts this in a threaded program.
2015-01-04remove code for ancient gcc.Daniel Dickman
ok millert@, kettenis@
2015-01-03Fix incorrect OPENSSL_assert() usage.Doug Hogan
Instead of asserting, return an error code for I/O errors. This is based on OpenSSL commit 2521fcd8527008ceb3e4748f95b0ed4e2d70cfef. Added checks for two calloc()s while I'm here. ok miod@
2015-01-02Rename the tls_connect_socket() parameter 'socket' to 's' to avoidAlexander Bluhm
a compiler warning about shadowing a global declaration. OK jsing@
2015-01-01Inline the .cpsetup pseudo-statement in rcrt0 to avoid saving the "old" gpMiod Vallat
value, which we have no use for. ok kettenis@
2015-01-01Revert previous; tls_accept_socket() was intentionally undocumentedIngo Schwarze
because the API design isn't fully settled. Requested by jsing@ and tedu@.
2015-01-01minimally document tls_accept_socket();Ingo Schwarze
patch from Sunil at Nimmagadda dot net
2015-01-01Get rid of .Tn; from Kaspars at Bankovskis dot net, tweaked by me.Ingo Schwarze
While here, stop calling the Internet "the ARPA Internet".
2015-01-01Even though i personally consider 8-bit-characters in filenames unwise,Ingo Schwarze
technically, filenames are not restricted to ASCII. Patch from Kaspars at Bankovskis dot net, no opposition when shown on tech@.
2014-12-30self-relocating crt0 bits for sh, and enable static pie by default. With someMiod Vallat
archdep.h help from kettenis@
2014-12-30copy bcrypt autotune from encrypt(1) and expose via crypt_newhashTed Unangst
ok deraadt miod
2014-12-30typo in comment: ouput => outputDamien Miller
2014-12-29Make the PLT read-only on powerpc as well.Mark Kettenis
ok kurt@
2014-12-29don't leak timing info about padding errors by generating a fake keyTed Unangst
afterwards. openssl has a more complicated fix, but it's less intrusive for now to simply hoist the expensive part (fake key generation) up without sweating a branch or two. ok bcook jsing
2014-12-27Static PIE for mips64. Still something not quite right as a full make buildMark Kettenis
fails. ok kurt@
2014-12-27include netinet/in.h to define struct in6_addr.Brent Cook
Noticed while testing libtls on FreeBSD.
2014-12-27Only include "boot.h" if MD_RCRT0_START is defined. Should fix build on vax.Mark Kettenis
ok miod@
2014-12-27Static PIE support for alpha.Mark Kettenis
This adds alpha-specific first-pass GOT relocation code to boot.h. The assembly code is pure magic. The numeric register names don't make it easier to understand (or compare with the equivalent ld.so code). Unfortunately the assembler only understands a few symbolic register names. Renames the crt0.o entry point to __start. Our compiler was already using __start and the linker will soon follow. ok kurt@
2014-12-26Self-relocation code for powerpc.Kurt Miller
2014-12-25return ERANGE instead of ENOMEM, so callers can differentiate real oomSebastian Benoit
from this case where we have a static buffer and cant realloc. ok phessler, claudio, reyk
2014-12-25Use archdep.h GOT_PERMS define for mprotect of GOT. okay kettenis@Kurt Miller
2014-12-24simplify crypt_checkpass. The API promise is that this function doesn'tTed Unangst
use global data. The simplest fix is to only check blowfish passwords, and implicitly lock out DES passwords. crypt_checkpass is currently only used in one place, passwd, to verify the local user's password, so this is probably acceptable. Gives people a little more time to migrate away from DES before introduing checkpass into more places.
2014-12-24Expand Elf_Rel relocations to include DT_JMPREL. Inspect DT_PLTREL valueKurt Miller
to determine if DT_JMPREL relocations are REL or RELA and conditionally perform DT_JMPREL in either REL or RELA as needed (idea from kettenis@). Remove unneeded i386 RELA implementation. i386 static pie working now. okay kettenis@
2014-12-24Fix previos. Pointed out by kurt@.Mark Kettenis
2014-12-24Add missing argument names, and sync the argument types and names withLawrence Teo
the ones used in the code. pointed out by schwarze@
2014-12-23Use the page size passed by the kernel in the Auxilliary Vector to handleMark Kettenis
architectures with variable page size.