Age | Commit message (Collapse) | Author | |
---|---|---|---|
2015-10-10 | normalize a few more tame request orderings, to help review | Theo de Raadt | |
2015-10-09 | With nfs spool (fork + seteuid/setuid balony) support gone, it becomes | Theo de Raadt | |
possible to pledge "stdio rpath wpath tty proc" Noone uses this code anymore. This is a demonstration... | |||
2015-10-09 | remove NFS spool support; it stands in the way of pledge(2) | Theo de Raadt | |
2015-10-09 | this cpp operates file using pledge "stdio rpath wpath cpath" | Theo de Raadt | |
2015-10-05 | Use explicit_bzero() instead of memset() for zeroing out secrets. | Todd C. Miller | |
OK deraadt@ | |||
2015-10-05 | KNF a switch statement, moving a local variable up a frame as well - | Theo de Raadt | |
carefully. | |||
2015-10-05 | Remove unused errstr variable. | Todd C. Miller | |
2015-10-04 | fix custom popen to return pid to caller instead of tracking in a giant | Ted Unangst | |
array. this implies we can't use a function pointer for close, but also means we get to repair some abuse of the comma operator. ok miod | |||
2015-10-02 | Talk about 'RADIUS server' in most cases, rather than referring specifically | Stuart Henderson | |
to radiusd(8) (which doesn't support everything that login_radius(8) talks about) - theo buehler (who provided previous diff) agrees with this. Capitalise RADIUS as per the naming in the RFC. Add STANDARDS section referring to the RFC. Discussed with/suggestions from jmc. | |||
2015-10-01 | some radiusd updates, from theo buehler | Jason McIntyre | |
2015-09-23 | Don't be too agressive write-protecting the GOT and PLT. If we have no clue | Mark Kettenis | |
where they end, there is a good chance they are sharing a page with .data, which obviously needs to remain writable. So only attempt to make them read-only if we know they have a non-zero size. Original diff from guenther@ based on an earlier diff from me. Fixes ld -Z on alpha. ok miod@, guenther@ | |||
2015-09-22 | Use explicit_bzero() to zero out the password. From Michael McConville. | Todd C. Miller | |
2015-09-19 | kbind has eliminated the need for and use of the bind lock. Delete it, the | Philip Guenther | |
the callback, and the sigprocmask stub. Keep around the DL_SETBINDLCK case until libpthread stops using it. discussed with miod@ at l2k15 ok kettenis@ | |||
2015-09-19 | Remove PROT_EXEC bit from GOT_PERMS. ld.so doesn't need it anymore, and | Mark Kettenis | |
rcrt0.o will add it for BSS-PLT binaries if necessary. ok guenther@ | |||
2015-09-19 | Make bootstrapping code compatible with the Secure-PLT ABI. | Mark Kettenis | |
ok guenther@ | |||
2015-09-13 | Rename __sysctl syscall to just sysctl, as the userland wrapper is no longer | Philip Guenther | |
necessary ok deraadt@ jsing@ | |||
2015-09-12 | Use kbind for lazy binding GOT/PLT updates on arm. | Philip Guenther | |
While here add some gcc __predict hints. Much testing, discussion, pondering, and flailing from miod and deraadt ok miod@ | |||
2015-09-11 | add some missing .Cm macros and drop some redundant .Bk while here | Ingo Schwarze | |
2015-09-10 | read, tls_read, and tls_write return ssize_t | Bob Beck | |
jointly with jsing@ | |||
2015-09-10 | fix after libtls api changes | Bob Beck | |
ok jsing@ | |||
2015-09-09 | Some explicit iflush instructions after the kbind() call are still needed | Miod Vallat | |
for now; misunderstanding between guenther@ and me. | |||
2015-09-06 | Check strdup return value for NULL. | Tobias Stoeckmann | |
ok millert@ | |||
2015-09-01 | test pointers with NULL not '\0' | Jonathan Gray | |
2015-09-01 | Use kbind for lazy binding GOT/PLT updates on m88k and sparc. | Philip Guenther | |
Much discussion with and assistance from miod and deraadt ok miod@ | |||
2015-08-31 | Add framework for resolving (pun intended) libc namespace issues, using | Philip Guenther | |
wrapper .h files and asm labels to let internal calls resolve directly and not be overridable or use the PLT. Then, apply that framework to most of the functions in stdio.h, string.h, err.h, and wchar.h. Delete the should-have-been-hidden-all-along _v?(err|warn)[cx]? symbols while here. tests clean on i386, amd64, sparc64, powerpc, and mips64 naming feedback from kettenis@ and millert@ ok kettenis@ | |||
2015-08-28 | Use kbind for lazy binding GOT/PLT updates on sh (i.e. landisk) | Philip Guenther | |
Much discussion with and assistance from miod and deraadt ok deraadt@ | |||
2015-08-28 | remove excess tab at end of line (how did they afford the extra bytes in | Theo de Raadt | |
the dark ages?) | |||
2015-08-28 | Use ELF_LDFLAGS to pass the --version-script argument such that we actually | Mark Kettenis | |
hide symbols on all our architectures; hppa, hppa64 and sh override LDADD. LDADD isn't really the proper variable for passing linker flags anyway. ok guenther@, deraadt@ | |||
2015-08-27 | If we take the address of a function pointer, we might get a pointer to | Mark Kettenis | |
a plabel instead of the entry-point address. In that case, get the entry-point address from the plabel. Makes ld.so work on hppa when _dl_bind_start gets hidden by the version script. ok miod@ | |||
2015-08-27 | Use kbind for lazy binding GOT/PLT updates on hppa. | Philip Guenther | |
Much discussion with and assistance from miod and deraadt ok deraadt@ | |||
2015-08-26 | Kbind 3: The Legend Continues! | Philip Guenther | |
Use kbind for lazy binding GOT/PLT updates on alpha and mips64. While here add some gcc __predict hints. Much discussion with and assistance from miod and deraadt ok deraadt@ | |||
2015-08-25 | Use kbind for lazy binding GOT/PLT updates on i386 and powerpc; still others | Philip Guenther | |
to follow. While here add some gcc __predict hints. Much discussion with and assistance from miod and deraadt ok deraadt@ | |||
2015-08-23 | Apply a symbol export list to ld.so with just the expected dl*() and the | Philip Guenther | |
two symbols needed by gdb. Remember: ld.so exports override those in shared libs. ok deraadt@ | |||
2015-08-23 | Use kbind for lazy binding GOT/PLT updates on amd64 and sparc64; others | Philip Guenther | |
to follow. While here add some gcc __predict hints. Much discussion with and assistance from miod and deraadt ok deraadt@ | |||
2015-08-23 | Add support for the Secure-PLT ABI variant. This will give us better W^X | Mark Kettenis | |
support on powerpc as it uses a non-executable GOT and PLT. "start slamming stuff in" deraadt@ | |||
2015-08-23 | spaces | Theo de Raadt | |
2015-08-23 | huge amount of spaces | Theo de Raadt | |
2015-08-18 | calloc() is prototyped; do not cast result | Theo de Raadt | |
2015-08-18 | _dl_malloc() proto exists, do not cast result | Theo de Raadt | |
2015-08-17 | Add missing 'extern's to avoid introducing commons into *crt0.o | Philip Guenther | |
ok miod@ kettenis@ | |||
2015-08-12 | start replacing some \*([GL]t; | Jason McIntyre | |
2015-08-12 | divert-to a table needs an address family; | Jason McIntyre | |
from steve shockley ok sthen | |||
2015-07-27 | use file system path (.Pa) semantic markup macros where appropriate. | Igor Sobrado | |
ok jmc@ | |||
2015-07-26 | Reenable the ld.so pre-install test; the "am I cross-compiling" test was | Philip Guenther | |
too loose. Update the test to try to exercise the printf binding twice. ok miod@ | |||
2015-07-26 | Copy relocations can't be jump-slot relocations, so delete the test for that. | Philip Guenther | |
ok miod@ | |||
2015-07-21 | When reading untrusted user files, don't risk blocking, such that | Ingo Schwarze | |
users can't mount a DOS attack against security(8), and for additional safety against race attacks, make sure they are regular files after opening and before actually reading them. Issue originally hinted at by Sevan Janiyan <venture37 at geeklan dot com dot uk> based on a NetBSD commit message, then commented on by tedu@, problem finally confirmed by guenther@, who also provided feedback on the actual patch. | |||
2015-07-18 | remove note in BUGS about the he capability; | Jason McIntyre | |
2015-07-16 | remove mention of hostname editing | Ted Unangst | |
2015-07-16 | remove ancient support for edited hostnames. ok deraadt (long ago) | Ted Unangst | |
2015-07-06 | Trim trailing whitespace from the comsat message before calling | Todd C. Miller | |
strtonum() to parse the offset since mail.local writes a trailing newline. Otherwise comsat just discards the message. OK deraadt@ |