summaryrefslogtreecommitdiff
path: root/libexec
AgeCommit message (Collapse)Author
2015-01-19Does not need netinet/ip_ipsp.hTheo de Raadt
2015-01-19gcc does not understand that the loop conditionally sets bsod beforeTheo de Raadt
using it, so it warns... Copy the warning silencing code from the same function in ../ld.so
2015-01-19CMASK went out of scope with the recent <sys/param.h> removal. But ohTheo de Raadt
golly gee, ftpd can handle that itself due to the glorious old practice of #ifndef #define. Remove that junk. ok guenther
2015-01-18do not require <a.out.h>Theo de Raadt
2015-01-17eliminate strcpy & strcat, by using strlcpy, strlcat or snprintf whereTheo de Raadt
suitable. ok jsg
2015-01-16<sys/param.h> to <limits.h> conversion. Verified binariesTheo de Raadt
ok millert, thanks to doug for process advice
2015-01-16Replace <sys/param.h> with <limits.h> and other less dirty headers whereTheo de Raadt
possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
2015-01-16adjust to HOST_NAME_MAX+1 & LOGIN_NAME_MAXTheo de Raadt
2015-01-15remove .Tn; from Jan Stary <hans at stare dot cz>Ingo Schwarze
2015-01-14Replace "errx(1, "malloc failed")" with "err(1, NULL)" to getTodd C. Miller
standard "Cannot allocate memory" message.
2015-01-13Move debug printf for duplicate af to correct location.Todd C. Miller
2015-01-13Remove bogus getopt.h include.Todd C. Miller
2015-01-13Fix printing of number of whitelist entries in debug mode.Todd C. Miller
2015-01-13Use address-family specific lists of addr/mask entries instead ofTodd C. Miller
a union that can store either ipv4 or ipv6. The old method used 4x as much memory as was really needed for ipv4. The spamd-setup protocol has changed from: tag;message;a/m;a/m;a/m...\n to :tag;message;af;count;a/m;a/m;a/m...[af;count;a/m;a/m;a/m]\n OK phessler@ "nice" beck@
2015-01-08Avoid a crash (free of bogus pointer) when there is a syntax errorTodd C. Miller
reading the config socket by clearing the entire blacklist struct instead of just the tag string. Also avoid holes in the blacklist array on error since the code can't cope with them. OK beck@
2014-12-30Use a 1MB realloc() increment instead of an 8KB one for the configTodd C. Miller
connection buffer. Significantly speeds up spamd-setup for lage blacklists. Also free the buffer when we are done with it so memory can be returned to the system (as it can grow quite large). OK deraadt@
2014-12-30self-relocating crt0 bits for sh, and enable static pie by default. With someMiod Vallat
archdep.h help from kettenis@
2014-12-30Clean up and optimize _dl_start a bit by using immediate addressing forMiod Vallat
the constants whenever they fit, and avoiding saving and restoring registers we don't need to preserve.
2014-12-30Fix handling of R_MIPS_REL32_64 relocations that reference a symbol.Mark Kettenis
Fixes remaining problems with static PIE on mips64.
2014-12-29Minor cleanup:Todd C. Miller
o doreply() just calls build_reply() o remove a few dead stores and useless variables o use the asprintf() return value OK deraadt@
2014-12-27Static PIE for mips64. Still something not quite right as a full make buildMark Kettenis
fails. ok kurt@
2014-12-27Make ld.so process only R_ALPHA_RELATIVE relocations during early GOTMark Kettenis
relocation in _reloc_alpha_got(), and teach RELOC_RELA() to skip R_ALPHA_NONE relocations (which are just nops used to fill out the relocation table). Handling R_ALPHA_NONE relocations will be necessary for static PIE support and it is not inconceivable that ld.so will end up with such relocations at some point. ok kurt@
2014-12-24Expand Elf_Rel relocations to include DT_JMPREL. Inspect DT_PLTREL valueKurt Miller
to determine if DT_JMPREL relocations are REL or RELA and conditionally perform DT_JMPREL in either REL or RELA as needed (idea from kettenis@). Remove unneeded i386 RELA implementation. i386 static pie working now. okay kettenis@
2014-12-22Self-relocation code for i386.Kurt Miller
2014-12-22Static PIE has been delayed for quite a while. By pushing hard with pascalTheo de Raadt
towards a wimpy (but sufficient) model, kurt and kettenis got upset enough to do it the right way, right away before we got out of hand. Bravo! We no longer need /sbin/ld.so on the new roadmap.
2014-12-22Introduce new csu0 variant for -static -pie binaries to use calledKurt Miller
rcsu0.o where the initial 'r' is for relocatable. rcsu0.o performs self-relocation on static pie binaries by calling a slightly modified copy of ld.so's _dl_boot_bind() in boot.h. The first arch implementatation is also included for amd64 where __start calls _dl_boot_bind() and then calls ___start(). Includes parts from kettenis@ to help get R_X86_64_64 relocations working and proper handling for undefined weak symbols. This is the first part of several to get static pie self-relocating binaries working. binutils, gcc and kernel changes are forthcoming to complete the solution, then per-arch implementations are needed for MD_RCRT0_START in csu. okay kettenis@ pascal@ deraadt@
2014-12-19place the afterinstall: target correctly for static-only architecturesTheo de Raadt
2014-12-16install both ld.so with mode 444Theo de Raadt
2014-12-16Install a copy of ld.so into /sbin. Soon to be used in order to make "static"Pascal Stumpf
PIE possible. ok deraadt@ tedu@
2014-12-14Revert r1.10: properly built shared libraries will never have any DISP26Miod Vallat
relocations, but will always call public symbols through the library's PLT.
2014-12-09avoid void arithmetic. from david carlierTed Unangst
2014-12-04AnonCVS is designed to work with a user account that has no password and aIngo Schwarze
very special shell, so do not complain about that particular combination. Idea originally brought up by landry@ five years ago, repeatedly forgotten. Using feedback from sthen@ millert@ halex@; OK landry@ ajacoutot@.
2014-12-02some minor fixes from martin natano;Jason McIntyre
2014-11-25When a public symbol in a library is referenced by the main program's plt,Miod Vallat
the address of the symbol must always resolve to the entry in the main program's plt, regardless of which object the address resolution is performed for, so that addresses (pointers) can be compared reliably. However, depending on how far away library load address randomization places the library, the main program's plt address might be too far away from the library itself for its DISP26 relocations to fit in the required relative displacement range. Since DISP26 relocations can only be used in code for branches, it is safe to resolve them to the actual address within the library, and avoid producing out of bounds displacements.
2014-11-24Make the scope of the symbol caching variables added in 1.49 a bit larger soMiod Vallat
that these don't get reset for every relocation being processed (oops). ok guenther@ deraadt@
2014-11-23Delete a bunch of unnecessary #includesPhilip Guenther
Use <fcntl.h> instead of <sys/{file,fcntl}.h> ok krw@
2014-11-22/dev/random has created the same effect as /dev/arandom (and /dev/urandom)Theo de Raadt
for quite some time. Mop up the last few, by using /dev/random where we actually want it, or not even mentioning arandom where it is irrelevant.
2014-11-22mop up a barely started project... getting in the way of grepping the tree!Theo de Raadt
2014-11-20user error is not a bug. fingerd is not responsible for filtering outTed Unangst
incorrect client garbage. ok deraadt sthen
2014-11-19Nuke yet more obvious #include duplications.Kenneth R Westerback
ok deraadt@
2014-11-18Nuke some obvious #include duplications.Kenneth R Westerback
ok espie@ deraadt@ millert@ tedu@
2014-11-15Reduce instances of `` '' in manuals.Anthony J. Bentley
troff displays these as typographic quotes, but nroff implementations almost always print them literally, which rarely has the intended effect with modern fonts, even in stock xterm. These uses of `` '' can be replaced either with more semantic alternatives or with Dq, which prints typographic quotes in a UTF-8 locale (but will automatically fall back to `` '' in an ASCII locale). improvements and ok schwarze@
2014-11-15ELF files have moved up a levelPhilip Guenther
pointed out by deraadt@
2014-11-03Eliminate RTLD_PROTECT_PLT: ld.so is built with -Bsymbolic so thePhilip Guenther
PLT is empty/unused. On at least macppc and sparc64, ld.so's attempt to mprotect its PLT could instead hit its own allocated data and cause a segfault shortly there after. While here, take a shot at preventing the same issue with the GOT by checking for __got_start != __got_end. reproduction *with ktracing* by afresh1@ provided the key data ok miod@ deraadt@
2014-11-03reduce dependency on passwd. just call bcrypt_newhash to do the dummy work.Ted Unangst
2014-11-03arc4random_uniform() transformation was off, resulting in badly skewedPhilip Guenther
distribution in the placement of malloc's dir_info. ok otto@ deraadt@
2014-10-25Remove unnecessary netinet/in_systm.h include.Lawrence Teo
ok millert@
2014-10-19Revert last commit due to changed semantics found by make release.Doug Hogan
2014-10-18Better POSIX compliance in realpath(3).Doug Hogan
millert@ made changes to realpath.c based on FreeBSD's version. I merged Todd's changes into dl_realpath.c. ok millert@, guenther@
2014-10-18Convert some malloc() and realloc() calls to reallocarray().Doug Hogan
ok deraadt@