| Age | Commit message (Collapse) | Author |
|---|
|
jointly with jsing@
|
|
ok jsing@
|
|
for now; misunderstanding between guenther@ and me.
|
|
ok millert@
|
|
|
|
Much discussion with and assistance from miod and deraadt
ok miod@
|
|
wrapper .h files and asm labels to let internal calls resolve directly and
not be overridable or use the PLT. Then, apply that framework to most of
the functions in stdio.h, string.h, err.h, and wchar.h. Delete the
should-have-been-hidden-all-along _v?(err|warn)[cx]? symbols while here.
tests clean on i386, amd64, sparc64, powerpc, and mips64
naming feedback from kettenis@ and millert@
ok kettenis@
|
|
Much discussion with and assistance from miod and deraadt
ok deraadt@
|
|
the dark ages?)
|
|
hide symbols on all our architectures; hppa, hppa64 and sh override LDADD.
LDADD isn't really the proper variable for passing linker flags anyway.
ok guenther@, deraadt@
|
|
a plabel instead of the entry-point address. In that case, get the
entry-point address from the plabel. Makes ld.so work on hppa when
_dl_bind_start gets hidden by the version script.
ok miod@
|
|
Much discussion with and assistance from miod and deraadt
ok deraadt@
|
|
Use kbind for lazy binding GOT/PLT updates on alpha and mips64.
While here add some gcc __predict hints.
Much discussion with and assistance from miod and deraadt
ok deraadt@
|
|
to follow. While here add some gcc __predict hints.
Much discussion with and assistance from miod and deraadt
ok deraadt@
|
|
two symbols needed by gdb. Remember: ld.so exports override those in
shared libs.
ok deraadt@
|
|
to follow. While here add some gcc __predict hints.
Much discussion with and assistance from miod and deraadt
ok deraadt@
|
|
support on powerpc as it uses a non-executable GOT and PLT.
"start slamming stuff in" deraadt@
|
|
|
|
|
|
|
|
|
|
ok miod@ kettenis@
|
|
|
|
from steve shockley
ok sthen
|
|
ok jmc@
|
|
too loose. Update the test to try to exercise the printf binding twice.
ok miod@
|
|
ok miod@
|
|
users can't mount a DOS attack against security(8), and for additional
safety against race attacks, make sure they are regular files after
opening and before actually reading them.
Issue originally hinted at by Sevan Janiyan <venture37 at
geeklan dot com dot uk> based on a NetBSD commit message,
then commented on by tedu@, problem finally confirmed by guenther@,
who also provided feedback on the actual patch.
|
|
|
|
|
|
|
|
strtonum() to parse the offset since mail.local writes a trailing
newline. Otherwise comsat just discards the message. OK deraadt@
|
|
with an IPv6 comsat example but it would never get used. OK deraadt@
|
|
fixed everywhere but on sparc for some unknown reason (and did not cause
any havoc in real life).
|
|
|
|
|
|
is non-portable. Also add missing asprintf() return value checks.
OK deraadt@ guenther@ doug@
|
|
instead of corrupting the caller's stack by mistake.
This fixes the mysterious segfaults in __powerpc_read_tcb() reported on
earlier G3 systems - more recent processors have been luckier...
ok deraadt@
|
|
means read-only, which our ld.so already enforced, but a smaller plt section).
|
|
|
|
no change in behaviour as sizeof(char **) is the same as sizeof(char *)
ok otto@ guenther@
|
|
divert-to has many advantages over rdr-to for proxies. For example,
it is much easier to use, requires less code, does not depend on
/dev/pf, works in-band without the asynchronous lookup (DIOCNATLOOK
ioctl), saves us from additional port allocations by the rdr/NAT code,
and even avoids potential collisions and race conditions that could
theoretically happen with the lookup.
Heads up: users will have to update their spamd PF rules from rdr-to
to divert-to. spamd now also listens to 127.0.0.1 instead of "any"
(0.0.0.0) by default which should be fine with most setups but has to
be considered for some special configurations.
Based on a diff is almost two years old but got delayed several times
... beck@: "now is the time to get it in" :)
Tested by many
With help from okan@
OK okan@ beck@ millert@
|
|
ok otto@ guenther@
|
|
|
|
In that particular case, refrain from printing "diff: exit code 1"
because that exit status doesn't indicate an error condition.
Issue noticed by and patch OK'ed by ajacoutot@.
"I agree with the goal, and I suspect the diff actually achieves it" guenther@.
|
|
handling along the way.
Reviews by Brendan MacDonell, Jeremy Devenport, florian, doug, millert
|
|
|
|
|
|
|
|
two characters "on", which can for example happen for NFS mounts.
Patch from Lauri Tirkkonen <lotheac at iki dot fi> on bugs@.
|
