summaryrefslogtreecommitdiff
path: root/libexec
AgeCommit message (Collapse)Author
2015-10-10normalize a few more tame request orderings, to help reviewTheo de Raadt
2015-10-09With nfs spool (fork + seteuid/setuid balony) support gone, it becomesTheo de Raadt
possible to pledge "stdio rpath wpath tty proc" Noone uses this code anymore. This is a demonstration...
2015-10-09remove NFS spool support; it stands in the way of pledge(2)Theo de Raadt
2015-10-09this cpp operates file using pledge "stdio rpath wpath cpath"Theo de Raadt
2015-10-05Use explicit_bzero() instead of memset() for zeroing out secrets.Todd C. Miller
OK deraadt@
2015-10-05KNF a switch statement, moving a local variable up a frame as well -Theo de Raadt
carefully.
2015-10-05Remove unused errstr variable.Todd C. Miller
2015-10-04fix custom popen to return pid to caller instead of tracking in a giantTed Unangst
array. this implies we can't use a function pointer for close, but also means we get to repair some abuse of the comma operator. ok miod
2015-10-02Talk about 'RADIUS server' in most cases, rather than referring specificallyStuart Henderson
to radiusd(8) (which doesn't support everything that login_radius(8) talks about) - theo buehler (who provided previous diff) agrees with this. Capitalise RADIUS as per the naming in the RFC. Add STANDARDS section referring to the RFC. Discussed with/suggestions from jmc.
2015-10-01some radiusd updates, from theo buehlerJason McIntyre
2015-09-23Don't be too agressive write-protecting the GOT and PLT. If we have no clueMark Kettenis
where they end, there is a good chance they are sharing a page with .data, which obviously needs to remain writable. So only attempt to make them read-only if we know they have a non-zero size. Original diff from guenther@ based on an earlier diff from me. Fixes ld -Z on alpha. ok miod@, guenther@
2015-09-22Use explicit_bzero() to zero out the password. From Michael McConville.Todd C. Miller
2015-09-19kbind has eliminated the need for and use of the bind lock. Delete it, thePhilip Guenther
the callback, and the sigprocmask stub. Keep around the DL_SETBINDLCK case until libpthread stops using it. discussed with miod@ at l2k15 ok kettenis@
2015-09-19Remove PROT_EXEC bit from GOT_PERMS. ld.so doesn't need it anymore, andMark Kettenis
rcrt0.o will add it for BSS-PLT binaries if necessary. ok guenther@
2015-09-19Make bootstrapping code compatible with the Secure-PLT ABI.Mark Kettenis
ok guenther@
2015-09-13Rename __sysctl syscall to just sysctl, as the userland wrapper is no longerPhilip Guenther
necessary ok deraadt@ jsing@
2015-09-12Use kbind for lazy binding GOT/PLT updates on arm.Philip Guenther
While here add some gcc __predict hints. Much testing, discussion, pondering, and flailing from miod and deraadt ok miod@
2015-09-11add some missing .Cm macros and drop some redundant .Bk while hereIngo Schwarze
2015-09-10read, tls_read, and tls_write return ssize_tBob Beck
jointly with jsing@
2015-09-10fix after libtls api changesBob Beck
ok jsing@
2015-09-09Some explicit iflush instructions after the kbind() call are still neededMiod Vallat
for now; misunderstanding between guenther@ and me.
2015-09-06Check strdup return value for NULL.Tobias Stoeckmann
ok millert@
2015-09-01test pointers with NULL not '\0'Jonathan Gray
2015-09-01Use kbind for lazy binding GOT/PLT updates on m88k and sparc.Philip Guenther
Much discussion with and assistance from miod and deraadt ok miod@
2015-08-31Add framework for resolving (pun intended) libc namespace issues, usingPhilip Guenther
wrapper .h files and asm labels to let internal calls resolve directly and not be overridable or use the PLT. Then, apply that framework to most of the functions in stdio.h, string.h, err.h, and wchar.h. Delete the should-have-been-hidden-all-along _v?(err|warn)[cx]? symbols while here. tests clean on i386, amd64, sparc64, powerpc, and mips64 naming feedback from kettenis@ and millert@ ok kettenis@
2015-08-28Use kbind for lazy binding GOT/PLT updates on sh (i.e. landisk)Philip Guenther
Much discussion with and assistance from miod and deraadt ok deraadt@
2015-08-28remove excess tab at end of line (how did they afford the extra bytes inTheo de Raadt
the dark ages?)
2015-08-28Use ELF_LDFLAGS to pass the --version-script argument such that we actuallyMark Kettenis
hide symbols on all our architectures; hppa, hppa64 and sh override LDADD. LDADD isn't really the proper variable for passing linker flags anyway. ok guenther@, deraadt@
2015-08-27If we take the address of a function pointer, we might get a pointer toMark Kettenis
a plabel instead of the entry-point address. In that case, get the entry-point address from the plabel. Makes ld.so work on hppa when _dl_bind_start gets hidden by the version script. ok miod@
2015-08-27Use kbind for lazy binding GOT/PLT updates on hppa.Philip Guenther
Much discussion with and assistance from miod and deraadt ok deraadt@
2015-08-26Kbind 3: The Legend Continues!Philip Guenther
Use kbind for lazy binding GOT/PLT updates on alpha and mips64. While here add some gcc __predict hints. Much discussion with and assistance from miod and deraadt ok deraadt@
2015-08-25Use kbind for lazy binding GOT/PLT updates on i386 and powerpc; still othersPhilip Guenther
to follow. While here add some gcc __predict hints. Much discussion with and assistance from miod and deraadt ok deraadt@
2015-08-23Apply a symbol export list to ld.so with just the expected dl*() and thePhilip Guenther
two symbols needed by gdb. Remember: ld.so exports override those in shared libs. ok deraadt@
2015-08-23Use kbind for lazy binding GOT/PLT updates on amd64 and sparc64; othersPhilip Guenther
to follow. While here add some gcc __predict hints. Much discussion with and assistance from miod and deraadt ok deraadt@
2015-08-23Add support for the Secure-PLT ABI variant. This will give us better W^XMark Kettenis
support on powerpc as it uses a non-executable GOT and PLT. "start slamming stuff in" deraadt@
2015-08-23spacesTheo de Raadt
2015-08-23huge amount of spacesTheo de Raadt
2015-08-18calloc() is prototyped; do not cast resultTheo de Raadt
2015-08-18_dl_malloc() proto exists, do not cast resultTheo de Raadt
2015-08-17Add missing 'extern's to avoid introducing commons into *crt0.oPhilip Guenther
ok miod@ kettenis@
2015-08-12start replacing some \*([GL]t;Jason McIntyre
2015-08-12divert-to a table needs an address family;Jason McIntyre
from steve shockley ok sthen
2015-07-27use file system path (.Pa) semantic markup macros where appropriate.Igor Sobrado
ok jmc@
2015-07-26Reenable the ld.so pre-install test; the "am I cross-compiling" test wasPhilip Guenther
too loose. Update the test to try to exercise the printf binding twice. ok miod@
2015-07-26Copy relocations can't be jump-slot relocations, so delete the test for that.Philip Guenther
ok miod@
2015-07-21When reading untrusted user files, don't risk blocking, such thatIngo Schwarze
users can't mount a DOS attack against security(8), and for additional safety against race attacks, make sure they are regular files after opening and before actually reading them. Issue originally hinted at by Sevan Janiyan <venture37 at geeklan dot com dot uk> based on a NetBSD commit message, then commented on by tedu@, problem finally confirmed by guenther@, who also provided feedback on the actual patch.
2015-07-18remove note in BUGS about the he capability;Jason McIntyre
2015-07-16remove mention of hostname editingTed Unangst
2015-07-16remove ancient support for edited hostnames. ok deraadt (long ago)Ted Unangst
2015-07-06Trim trailing whitespace from the comsat message before callingTodd C. Miller
strtonum() to parse the offset since mail.local writes a trailing newline. Otherwise comsat just discards the message. OK deraadt@