summaryrefslogtreecommitdiffstats
path: root/lib/libc (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* mop up resolver.3 rename; ok deraadtjmc2019-08-305-15/+15
|
* mop up for inet_net rename; ok deraadtjmc2019-08-303-9/+9
|
* adapt to bitstring(3) renaming, and look at that bit_ffs(3) is the actualderaadt2019-08-301-3/+3
| | | | | name we want to Xr... ok jmc
* Move 4 manual pages from not-a-function filenames to a correct filename,deraadt2019-08-306-16/+16
| | | | | and correct Xr. ok jmc
* there is no function called uuid(3), so this should be installed asderaadt2019-08-302-4/+4
| | | | | uuid_compare(3) ok jmc
* sysctl(2): add kern.utc_offset: successor to the DST/TIMEZONE options(4)cheloha2019-08-211-1/+18
| | | | | | | | | | | | | | | | | | | | | The DST and TIMEZONE options(4) are incompatible with KARL, so we need some other way to compensate for an RTC running with a known offset. Enter kern.utc_offset, an offset in minutes East of UTC. TIMEZONE has always been minutes West, but this is inconsistent with how everyone else talks about timezones, hence the flip. TIMEZONE has the advantage of being compiled into the binary. Our new sysctl(2) has no such luck, so it needs to be set as early as possible in boot, from sysctl.conf(5), so we can correct the kernel clock from the RTC's local time to UTC before daemons like ntpd(8) and cron(8) start. To encourage this, kern.utc_offset is made immutable after the securelevel(7) is raised to 1. Prompted by yasuoka@. Discussed with deraadt@, kettenis@, yasuoka@. Additional testing by yasuoka@. ok deraadt@, yasuoka@
* Remove support for semantically opace interface identifiers (RFC 7217)florian2019-08-211-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | for IPv6 link local addresses. Some hosting and VM providers route customer IPv6 prefixes to link local addresses derived from ethernet MAC addresses (RFC 2464). This leads to hard to debug IPv6 connectivity problems and is probably not worth the effort. RFC 7721 lists 4 weaknesses: 3.1. Correlation of Activities over Time & 3.2. Location Tracking These are still possible with RFC 7217 addresses for an adversary connected to the same layer 2 network (think conference wifi). Since the link local prefix stays the same (fe80::/64) the link local addresses do not change between different networks. An adversary on the same layer 2 network can probably track ethernet MAC addresses via different means, too. 3.3. Address Scanning & 3.4. Device-Specific Vulnerability Exploitation These now become possible, however, as noted above a layer 2 adversary was probably able to do this via different means. People concerned with these weaknesses are advised to use ifconfig lladdr random. OK benno input & OK kn
* Document ip.arpq and remove ip, ip6 and mpls ifq.denis2019-08-111-45/+27
| | | | ok deraadt@
* No specific called "exec(3)", so move primary manpage to a name whichderaadt2019-08-116-24/+20
| | | | | | | | does exist -- execv(3). Still call this a family but without "Nm". Adjust Xr in various pages to refer to the precise function used rather than the family, in most cases the semantics of execve(2) are being referenced, so change the Xr. ok jmc
* correct mispellings of EACCES; from Kris Katterjohnderaadt2019-07-293-9/+9
|
* Replace cross-references to sigvec(3) with sigaction(2).millert2019-07-261-5/+3
| | | | OK guenther@
* Basic macro cleanup, mostly .Nm -> .Fn because .Nm is not a thingschwarze2019-07-251-11/+13
| | | | in section 2 and 3; bluhm@ drew my attention to this.
* basic macro cleanupschwarze2019-07-251-41/+41
|
* Show unveil(2) violators in lastcomm(1) output and daily mail.bluhm2019-07-251-2/+8
| | | | input Janne Johansson, schwarze@; OK deraadt@ millert@
* Fix comment typo; from OpenSSH Portabledtucker2019-07-231-2/+2
|
* implement SO_DOMAIN and SO_PROTOCOL so that the domain and the protocolrobert2019-07-221-3/+15
| | | | | | | | can also be retrieved with getsockopt(3) it looks like these will also be in the next issue of posix: http://austingroupbugs.net/view.php?id=840#c2263 ok claudio@, sthen@
* Update POSIX reference to the 2008 version and correct the list ofschwarze2019-07-191-6/+11
| | | | | | | | conversion specifications that are extensions; issues reported by Andras Farkas <deepbluemistake at gmail dot com> on misc@. While here, note that alternative conversion modifiers have no effect and that flags and field width specifications are not supported.
* obvious bugfix: if the queue is removed while message transmission isschwarze2019-07-182-4/+4
| | | | | blocked, POSIX requires EIDRM rather than EINVAL, and that's what our implementation does and what the ERRORS section already says, too
* add STANDARDS, improve HISTORY, and basic macro cleanup:schwarze2019-07-183-54/+75
| | | | use .Vt for struct names and and .Fa for struct fields
* State that mtype < 1 causes EINVAL as required by POSIXschwarze2019-07-181-12/+22
| | | | | | | | and as implemented by OpenBSD since sysv_msg.c rev. 1.35. Diff from Moritz Buhl <mbuhl at moritzbuhl dot de> requested by bluhm@. While here, add STANDARDS, improve HISTORY, and use the customary .Fa for struct fields rather than .Va.
* Unlike gas, clang's assembler complains about duplicate symbol assignments.guenther2019-07-141-2/+2
| | | | | | Tweak the PSEUDO() macro to avoid that. problem noted and tested by kettenis@
* fix typo: RCF -> RFCtb2019-07-081-3/+3
| | | | From Evan Silberman
* Get rid of an old convention of wrapping preprocessor constants in curlyanton2019-07-083-10/+10
| | | | | | braces. no objection from jmc@ and schwarze@
* improve verb-tense for explaining the calling convention of __deraadt2019-07-052-6/+6
| | | | ok guenther jmc
* The last consumer of pre-posix realpath behaviour has stoppedderaadt2019-07-051-34/+3
| | | | | | | | requiring it (sftp-server). Remove the /exists///// behaviour from here. The /nonexistant behaviour remains in the kernel and needs to be shot next. There may be ports fallout, but we doubt it. ok beck djm
* snprintf/vsnprintf return < 0 on error, rather than -1.deraadt2019-07-038-23/+23
|
* The "always hint that getpw operation is happening with access() the YPderaadt2019-07-023-3/+16
| | | | | | | lock file" would trash errno, creating confusion. One instance found by richardipsum@fastmail, other two identified from original commit ok millert
* kevent(2): remove 24hr timeout limitcheloha2019-07-011-7/+2
| | | | | | | | | | As with nanosleep(2), poll(2), and select(2), here we can chip away at the timespec until it's empty. This lets us support the full range of the timespec regardless of the kernel's HZ. Update the manpage accordingly. ok visa@
* tweak previous; ok guentherjmc2019-06-302-10/+12
|
* Document that getcwd() and realpath() are built on system calls thatguenther2019-06-292-4/+33
| | | | | | | have a different calling convention than the standard function...as seen in kdump output. ok deraadt@ schwarze@
* two more syscall == -1 checksderaadt2019-06-292-7/+7
|
* Specify that {v,}asprintf(3) returns precisely -1 on failure,schwarze2019-06-281-7/+11
| | | | | | | | | and that the ret pointer is either unchanged or set to NULL in this case. Since these two functions are not standardized by POSIX, documenting the actual behaviour is the way to go, and the above matches all non-buggy implementations we are aware of. OK millert@ deraadt@
* When system calls indicate an error they return -1, not some arbitraryderaadt2019-06-2840-124/+125
| | | | | | value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
* delete duplicate .Xr below SEE ALSOschwarze2019-06-281-3/+2
|
* The C89 standard only requires that atexit(3) returns a non-zero valueschwarze2019-06-271-5/+12
| | | | | | on error, so checking for -1 only is potentially non-portable. Also mention that the C89 standard does not require errno to be set. OK deraadt@ millert@
* Simplify the description of [v]snprintf(3), move the descriptionschwarze2019-06-271-19/+18
| | | | | | of the return values to RETURN VALUES, deprecate [v]sprintf(3) and fix a punctuation typo. Joint work with and OK millert@.
* If we don't receive a reply packet the res_send subquery will already havemartijn2019-06-271-7/+5
| | | | | | | | | | | set subq_h_errno and ar_count. Remove the ar_datalen == -1 check, so we set ar_h_errno and don't have to (wrongly) guess that ar_h_errno = HOST_NOT_FOUND. This makes sure that if no nameserver responds the h_errno value is set to TRY_AGAIN instead of HOST_NOT_FOUND. OK eric@, deraadt@
* an -> a;jmc2019-06-261-2/+2
|
* The POSIX-compatible way of checking for {v,}{f,s,sn,d}printf(3)deraadt2019-06-261-4/+5
| | | | | failure is with < 0, not the more specific -1 from C discussed at length with millert, nicm, schwarze
* Use the same text for EOPNOTSUPP as we do in fcntl(2) and lockf(3).millert2019-06-251-3/+5
| | | | | In fcntl(2) and lockf(3) the error is EINVAL but the condition is the same. OK anton@
* POSIX.1-2008 TC3 is going to clarify how newlocale(3) uses oldloc.schwarze2019-06-251-3/+4
| | | | | | | | | Explicitly state that our implementation now complies with the stricter requirements of TC3 because the newlocale(3) in old OpenBSD releases only complied with the weaker requirements of the old text of the standard. The complaints from our users resulted in both our implementation and the standard being improved. For details, see: http://austingroupbugs.net/view.php?id=1243#c4347
* add missing RETURN VALUES section;schwarze2019-06-241-2/+4
| | | | also checked that POSIX requires exactly this behaviour
* Fix conversions to long double on sparc64jca2019-06-212-12/+12
| | | | | | | | | | | | | | | | | | | | | | | Bug exposed by erratic sqlite3 behavior used in ports/devel/proj, as pointed out by landry@. Richard Hipps (SQLite) pointed at the culprit (_Qp_div), many thanks. Adapted from FreeBSD revision 146673 by Stephen Paskaluk and stefanf@FreeBSD. FreeBSD commit message: """ Fix long (and long long) to long double, unsigned to long double and unsigned long (and unsigned long long) to long double conversions. - Add a parameter that specifies the position of the sign bit to the _QP_TTOQ macro, previously it always looked at bit 31. Pass a negative number to disable sign inspection for unsigned types. This fixes _Qp_xtoq(), _Qp_uitoq() and _Qp_uxtoq(). - In the functions __fpu_itof() and __fpu_xtof(), look at the sign bit to decide whether we're doing a conversion from an unsigned type. If so, don't negate the mantissa if the integer exceeds the biggest signed number. """ ok deraadt@
* sockatmark(3), recv(2), getsockopt(2), and connect(2) return specificallyderaadt2019-06-202-8/+8
| | | | | -1 to mark failure, not arbitrary values < 0. I believe manual pages should follow the described contract precisely and accurately.
* Allow setting of retransmission intervasl via _res.retrans. Ugly API butotto2019-06-171-1/+4
| | | | it's all we got. ok jca@
* Remove old realpath(3), and the userland-vs-kernel realpath verificationderaadt2019-06-171-334/+44
| | | | | | | | code. We now user the simple userland wrapper on top of __realpath(2). The non-POSIX behaviour still remains, that is the next component to fix. From a diff by beck, but I managed to chainsaw it a bit further. Tested in snaps for a couple of days. ok beck
* oops - missing .El in previous;jmc2019-06-151-1/+2
|
* realpath(3) doesn't use lstat(2), readlink(2), or getcwd(3) anymore,deraadt2019-06-151-21/+39
| | | | | | it is a thin wrapper over the syscall __readlink(2). Improve the list of possible errors. ok millert beck jmc
* Cast bitcount to u_in64_t before bit shifting to prevent integer overflowdtucker2019-06-072-5/+5
| | | | | | on 32bit platforms which cause incorrect results when adding a block >=512M in size. sha1 patch from ante84 at gmail.com via openssh github, sha2 with djm@, ok tedu@
* Complete the ld.so boot cleanup: move most libc initialization fromguenther2019-06-028-50/+153
| | | | | | | | | | | | | | | | | _csu_finish() to _libc_preinit(), which is an .init_array function in shared libc (and mark it INITFIRST) or a .preinit_array function in static libc, grabbing the _dl_cb callback there from ld.so. Then in _csu_finish(), invoke the dl_clean_boot() callback to free ld.so's startup bits before main() gets control. Other cleanups this permits: - move various startup structures into .data.rel.ro - the dl* stubs in libc can be strong and call the callbacks provided via _dl_cb - no longer need to conditionalize dlctl() calls on presence of _DYNAMIC original concept and full diff ok kettenis@ ok deraadt@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.