summaryrefslogtreecommitdiff
path: root/libexec
AgeCommit message (Collapse)Author
2015-10-22Add pledge support to login_yubikey. Much feedback and OK millert@Brandon Mercer
2015-10-22use crypt_checkpass("password", NULL) to fake a login instead of bcryptTed Unangst
2015-10-22use crypt_checkpass to check passwordTed Unangst
2015-10-22use crypt_checkpass instead of doing things the hard way with crypt.Ted Unangst
2015-10-19Delete the empty example file "ftpchroot"; no example is needed.Ingo Schwarze
Move the one useful bit of information contained in the file ("one user name per line") to the ftpd(8) manual page where it belongs. OK deraadt@ sthen@
2015-10-17login_token needs pledge "flock" now.Alexander Bluhm
OK millert@
2015-10-16Hoist clearing of FIOASYNC to much earlier, then getty can useTheo de Raadt
pledge "stdio rpath fattr proc exec tty".
2015-10-16Implement real "flock" request and add it to userland programs thatTodd C. Miller
use pledge and file locking. OK deraadt@
2015-10-15Pledge login_token with "stdio rpath wpath cpath fattr getpw tty".Alexander Bluhm
OK deraadt@
2015-10-14Check mmap and read return values. While at it, remove unused duplicated file.Tobias Stoeckmann
ok millert@
2015-10-14pledge "stdio rpath" is good enough for these mainline BSD auth loginTheo de Raadt
programs. (I am very surprised pledge ended up working for programs like this) ok semarie millert
2015-10-13pledge "stdio rpath wpath cpath fattr"; fattr due to locking code borrowedTheo de Raadt
from mail.local
2015-10-12Call pledge(2) after initial getsockname(2) to avoid "inet" addition.Masao Uebayashi
From & OK deraadt@
2015-10-10normalize a few more tame request orderings, to help reviewTheo de Raadt
2015-10-09With nfs spool (fork + seteuid/setuid balony) support gone, it becomesTheo de Raadt
possible to pledge "stdio rpath wpath tty proc" Noone uses this code anymore. This is a demonstration...
2015-10-09remove NFS spool support; it stands in the way of pledge(2)Theo de Raadt
2015-10-09this cpp operates file using pledge "stdio rpath wpath cpath"Theo de Raadt
2015-10-05Use explicit_bzero() instead of memset() for zeroing out secrets.Todd C. Miller
OK deraadt@
2015-10-05KNF a switch statement, moving a local variable up a frame as well -Theo de Raadt
carefully.
2015-10-05Remove unused errstr variable.Todd C. Miller
2015-10-04fix custom popen to return pid to caller instead of tracking in a giantTed Unangst
array. this implies we can't use a function pointer for close, but also means we get to repair some abuse of the comma operator. ok miod
2015-10-02Talk about 'RADIUS server' in most cases, rather than referring specificallyStuart Henderson
to radiusd(8) (which doesn't support everything that login_radius(8) talks about) - theo buehler (who provided previous diff) agrees with this. Capitalise RADIUS as per the naming in the RFC. Add STANDARDS section referring to the RFC. Discussed with/suggestions from jmc.
2015-10-01some radiusd updates, from theo buehlerJason McIntyre
2015-09-23Don't be too agressive write-protecting the GOT and PLT. If we have no clueMark Kettenis
where they end, there is a good chance they are sharing a page with .data, which obviously needs to remain writable. So only attempt to make them read-only if we know they have a non-zero size. Original diff from guenther@ based on an earlier diff from me. Fixes ld -Z on alpha. ok miod@, guenther@
2015-09-22Use explicit_bzero() to zero out the password. From Michael McConville.Todd C. Miller
2015-09-19kbind has eliminated the need for and use of the bind lock. Delete it, thePhilip Guenther
the callback, and the sigprocmask stub. Keep around the DL_SETBINDLCK case until libpthread stops using it. discussed with miod@ at l2k15 ok kettenis@
2015-09-19Remove PROT_EXEC bit from GOT_PERMS. ld.so doesn't need it anymore, andMark Kettenis
rcrt0.o will add it for BSS-PLT binaries if necessary. ok guenther@
2015-09-19Make bootstrapping code compatible with the Secure-PLT ABI.Mark Kettenis
ok guenther@
2015-09-13Rename __sysctl syscall to just sysctl, as the userland wrapper is no longerPhilip Guenther
necessary ok deraadt@ jsing@
2015-09-12Use kbind for lazy binding GOT/PLT updates on arm.Philip Guenther
While here add some gcc __predict hints. Much testing, discussion, pondering, and flailing from miod and deraadt ok miod@
2015-09-11add some missing .Cm macros and drop some redundant .Bk while hereIngo Schwarze
2015-09-10read, tls_read, and tls_write return ssize_tBob Beck
jointly with jsing@
2015-09-10fix after libtls api changesBob Beck
ok jsing@
2015-09-09Some explicit iflush instructions after the kbind() call are still neededMiod Vallat
for now; misunderstanding between guenther@ and me.
2015-09-06Check strdup return value for NULL.Tobias Stoeckmann
ok millert@
2015-09-01test pointers with NULL not '\0'Jonathan Gray
2015-09-01Use kbind for lazy binding GOT/PLT updates on m88k and sparc.Philip Guenther
Much discussion with and assistance from miod and deraadt ok miod@
2015-08-31Add framework for resolving (pun intended) libc namespace issues, usingPhilip Guenther
wrapper .h files and asm labels to let internal calls resolve directly and not be overridable or use the PLT. Then, apply that framework to most of the functions in stdio.h, string.h, err.h, and wchar.h. Delete the should-have-been-hidden-all-along _v?(err|warn)[cx]? symbols while here. tests clean on i386, amd64, sparc64, powerpc, and mips64 naming feedback from kettenis@ and millert@ ok kettenis@
2015-08-28Use kbind for lazy binding GOT/PLT updates on sh (i.e. landisk)Philip Guenther
Much discussion with and assistance from miod and deraadt ok deraadt@
2015-08-28remove excess tab at end of line (how did they afford the extra bytes inTheo de Raadt
the dark ages?)
2015-08-28Use ELF_LDFLAGS to pass the --version-script argument such that we actuallyMark Kettenis
hide symbols on all our architectures; hppa, hppa64 and sh override LDADD. LDADD isn't really the proper variable for passing linker flags anyway. ok guenther@, deraadt@
2015-08-27If we take the address of a function pointer, we might get a pointer toMark Kettenis
a plabel instead of the entry-point address. In that case, get the entry-point address from the plabel. Makes ld.so work on hppa when _dl_bind_start gets hidden by the version script. ok miod@
2015-08-27Use kbind for lazy binding GOT/PLT updates on hppa.Philip Guenther
Much discussion with and assistance from miod and deraadt ok deraadt@
2015-08-26Kbind 3: The Legend Continues!Philip Guenther
Use kbind for lazy binding GOT/PLT updates on alpha and mips64. While here add some gcc __predict hints. Much discussion with and assistance from miod and deraadt ok deraadt@
2015-08-25Use kbind for lazy binding GOT/PLT updates on i386 and powerpc; still othersPhilip Guenther
to follow. While here add some gcc __predict hints. Much discussion with and assistance from miod and deraadt ok deraadt@
2015-08-23Apply a symbol export list to ld.so with just the expected dl*() and thePhilip Guenther
two symbols needed by gdb. Remember: ld.so exports override those in shared libs. ok deraadt@
2015-08-23Use kbind for lazy binding GOT/PLT updates on amd64 and sparc64; othersPhilip Guenther
to follow. While here add some gcc __predict hints. Much discussion with and assistance from miod and deraadt ok deraadt@
2015-08-23Add support for the Secure-PLT ABI variant. This will give us better W^XMark Kettenis
support on powerpc as it uses a non-executable GOT and PLT. "start slamming stuff in" deraadt@
2015-08-23spacesTheo de Raadt
2015-08-23huge amount of spacesTheo de Raadt