| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2015-11-06 | further PPP reduction, hint from sthen | Ted Unangst | |
| 2015-11-06 | remove ppplogin support. ok sthen | Ted Unangst | |
| 2015-11-06 | Fix unloading of load groups when the last reference wasn't on the | Philip Guenther | |
| load_object but rather some descendent. Detect that case in _dl_unload_shlib() and switch to unloading the entire group. Based on partial analyses by Henri Kemppainen (duclare (at) guu.fi) and Peter Hajdu (peter.ferenc.hajdu (at) gmail.com) ok millert@ | |||
| 2015-11-02 | Remove duplicate declaration | Philip Guenther | |
| 2015-11-02 | Factor out the logic for mprotecting the memory between two symbols into | Philip Guenther | |
| a new MI routine _dl_protect_segment(), and use that for protecting the GOT and--on some archs--the PLT. Amazing testing turnaround by miod@, who apparently violated relativity to get back results on some archs as fast as he did | |||
| 2015-11-02 | Fix typo: s/DT_JUMPREL/DT_JMPREL/ | Philip Guenther | |
| 2015-10-29 | remove tests for LD_HINTS_VERSION_1; ok kettenis | Theo de Raadt | |
| 2015-10-25 | No longer create /var/run/ftpd.pid in daemon mode; OK jung@ jca@ | Todd C. Miller | |
| 2015-10-25 | unifdef some oldness. (BSD not defined since removal of param.h) | Ted Unangst | |
| ok jca sthen | |||
| 2015-10-25 | No need to declare pwd_gensalt; it's unused and gone. | Antoine Jacoutot | |
| ok tedu@ | |||
| 2015-10-24 | Don't compile pwd_gensalt, it's not needed since we use crypt_checkpass. | Antoine Jacoutot | |
| ok tedu@ | |||
| 2015-10-22 | Add pledge support to login_yubikey. Much feedback and OK millert@ | Brandon Mercer | |
| 2015-10-22 | use crypt_checkpass("password", NULL) to fake a login instead of bcrypt | Ted Unangst | |
| 2015-10-22 | use crypt_checkpass to check password | Ted Unangst | |
| 2015-10-22 | use crypt_checkpass instead of doing things the hard way with crypt. | Ted Unangst | |
| 2015-10-19 | Delete the empty example file "ftpchroot"; no example is needed. | Ingo Schwarze | |
| Move the one useful bit of information contained in the file ("one user name per line") to the ftpd(8) manual page where it belongs. OK deraadt@ sthen@ | |||
| 2015-10-17 | login_token needs pledge "flock" now. | Alexander Bluhm | |
| OK millert@ | |||
| 2015-10-16 | Hoist clearing of FIOASYNC to much earlier, then getty can use | Theo de Raadt | |
| pledge "stdio rpath fattr proc exec tty". | |||
| 2015-10-16 | Implement real "flock" request and add it to userland programs that | Todd C. Miller | |
| use pledge and file locking. OK deraadt@ | |||
| 2015-10-15 | Pledge login_token with "stdio rpath wpath cpath fattr getpw tty". | Alexander Bluhm | |
| OK deraadt@ | |||
| 2015-10-14 | Check mmap and read return values. While at it, remove unused duplicated file. | Tobias Stoeckmann | |
| ok millert@ | |||
| 2015-10-14 | pledge "stdio rpath" is good enough for these mainline BSD auth login | Theo de Raadt | |
| programs. (I am very surprised pledge ended up working for programs like this) ok semarie millert | |||
| 2015-10-13 | pledge "stdio rpath wpath cpath fattr"; fattr due to locking code borrowed | Theo de Raadt | |
| from mail.local | |||
| 2015-10-12 | Call pledge(2) after initial getsockname(2) to avoid "inet" addition. | Masao Uebayashi | |
| From & OK deraadt@ | |||
| 2015-10-10 | normalize a few more tame request orderings, to help review | Theo de Raadt | |
| 2015-10-09 | With nfs spool (fork + seteuid/setuid balony) support gone, it becomes | Theo de Raadt | |
| possible to pledge "stdio rpath wpath tty proc" Noone uses this code anymore. This is a demonstration... | |||
| 2015-10-09 | remove NFS spool support; it stands in the way of pledge(2) | Theo de Raadt | |
| 2015-10-09 | this cpp operates file using pledge "stdio rpath wpath cpath" | Theo de Raadt | |
| 2015-10-05 | Use explicit_bzero() instead of memset() for zeroing out secrets. | Todd C. Miller | |
| OK deraadt@ | |||
| 2015-10-05 | KNF a switch statement, moving a local variable up a frame as well - | Theo de Raadt | |
| carefully. | |||
| 2015-10-05 | Remove unused errstr variable. | Todd C. Miller | |
| 2015-10-04 | fix custom popen to return pid to caller instead of tracking in a giant | Ted Unangst | |
| array. this implies we can't use a function pointer for close, but also means we get to repair some abuse of the comma operator. ok miod | |||
| 2015-10-02 | Talk about 'RADIUS server' in most cases, rather than referring specifically | Stuart Henderson | |
| to radiusd(8) (which doesn't support everything that login_radius(8) talks about) - theo buehler (who provided previous diff) agrees with this. Capitalise RADIUS as per the naming in the RFC. Add STANDARDS section referring to the RFC. Discussed with/suggestions from jmc. | |||
| 2015-10-01 | some radiusd updates, from theo buehler | Jason McIntyre | |
| 2015-09-23 | Don't be too agressive write-protecting the GOT and PLT. If we have no clue | Mark Kettenis | |
| where they end, there is a good chance they are sharing a page with .data, which obviously needs to remain writable. So only attempt to make them read-only if we know they have a non-zero size. Original diff from guenther@ based on an earlier diff from me. Fixes ld -Z on alpha. ok miod@, guenther@ | |||
| 2015-09-22 | Use explicit_bzero() to zero out the password. From Michael McConville. | Todd C. Miller | |
| 2015-09-19 | kbind has eliminated the need for and use of the bind lock. Delete it, the | Philip Guenther | |
| the callback, and the sigprocmask stub. Keep around the DL_SETBINDLCK case until libpthread stops using it. discussed with miod@ at l2k15 ok kettenis@ | |||
| 2015-09-19 | Remove PROT_EXEC bit from GOT_PERMS. ld.so doesn't need it anymore, and | Mark Kettenis | |
| rcrt0.o will add it for BSS-PLT binaries if necessary. ok guenther@ | |||
| 2015-09-19 | Make bootstrapping code compatible with the Secure-PLT ABI. | Mark Kettenis | |
| ok guenther@ | |||
| 2015-09-13 | Rename __sysctl syscall to just sysctl, as the userland wrapper is no longer | Philip Guenther | |
| necessary ok deraadt@ jsing@ | |||
| 2015-09-12 | Use kbind for lazy binding GOT/PLT updates on arm. | Philip Guenther | |
| While here add some gcc __predict hints. Much testing, discussion, pondering, and flailing from miod and deraadt ok miod@ | |||
| 2015-09-11 | add some missing .Cm macros and drop some redundant .Bk while here | Ingo Schwarze | |
| 2015-09-10 | read, tls_read, and tls_write return ssize_t | Bob Beck | |
| jointly with jsing@ | |||
| 2015-09-10 | fix after libtls api changes | Bob Beck | |
| ok jsing@ | |||
| 2015-09-09 | Some explicit iflush instructions after the kbind() call are still needed | Miod Vallat | |
| for now; misunderstanding between guenther@ and me. | |||
| 2015-09-06 | Check strdup return value for NULL. | Tobias Stoeckmann | |
| ok millert@ | |||
| 2015-09-01 | test pointers with NULL not '\0' | Jonathan Gray | |
| 2015-09-01 | Use kbind for lazy binding GOT/PLT updates on m88k and sparc. | Philip Guenther | |
| Much discussion with and assistance from miod and deraadt ok miod@ | |||
| 2015-08-31 | Add framework for resolving (pun intended) libc namespace issues, using | Philip Guenther | |
| wrapper .h files and asm labels to let internal calls resolve directly and not be overridable or use the PLT. Then, apply that framework to most of the functions in stdio.h, string.h, err.h, and wchar.h. Delete the should-have-been-hidden-all-along _v?(err|warn)[cx]? symbols while here. tests clean on i386, amd64, sparc64, powerpc, and mips64 naming feedback from kettenis@ and millert@ ok kettenis@ | |||
| 2015-08-28 | Use kbind for lazy binding GOT/PLT updates on sh (i.e. landisk) | Philip Guenther | |
| Much discussion with and assistance from miod and deraadt ok deraadt@ | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |