summaryrefslogtreecommitdiffstats
path: root/lib (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Switch from calling obsolete sig{block,setmask} to directly using theguenther2016-09-223-76/+42
| | | | | | | | sigprocmask syscall. abort() can't return, so simplify the call, and use the internal name to avoid the PLT. no-return observation by Miod Vallat, testing by aoyama@
* m88k switched to RELROguenther2016-09-221-6/+0
|
* Simplify __cerror now that %r27 is always the TCB pointer.guenther2016-09-223-54/+40
| | | | | | | Don't need a PLT relocation for __cerror. Move macros for doing internal aliases in ASM from SYS.h to DEFS.h __cerror tweaks by Miod Vallat, testing by aoyama@
* Improve on code from the previous commit.jsing2016-09-221-7/+5
| | | | ok bcook@
* Avoid unbounded memory growth, which can be triggered by a clientjsing2016-09-221-9/+20
| | | | | | repeatedly renegotiating and sending OCSP Status Request TLS extensions. Fix based on OpenSSL.
* Check for packet with truncated DTLS cookie.guenther2016-09-221-12/+17
| | | | | | | | | | | Flip pointer comparison logic to avoid beyond-end-of-buffer pointers to make it less likely a compiler will decide to screw you. Based on parts of openssl commits 6f35f6deb5ca7daebe289f86477e061ce3ee5f46 and 89c2720298f875ac80777da2da88a64859775898 ok jsing@
* Improve ticket validity checking when tlsext_ticket_key_cb() callbackguenther2016-09-221-4/+25
| | | | | | | | | | | chooses a different HMAC algorithm. Avert memory leaks if the callback preps the HMAC in some way. Based on openssl commit 1bbe48ab149893a78bf99c8eb8895c928900a16f but retaining a pre-callback length check to guarantee the callback is provided the buffer that the API claims. ok bcook@ jsing@
* revert documentation update for the clearning behavior we already revertedbcook2016-09-221-5/+1
|
* no more KERN_ARND; ok deraadtjmc2016-09-211-10/+2
|
* Delete casts to off_t and size_t that are implied by assignmentsguenther2016-09-2135-114/+106
| | | | | | | or prototypes. Ditto for some of the char* and void* casts too. verified no change to instructions on ILP32 (i386) and LP64 (amd64) ok natano@ abluhm@ deraadt@ millert@
* When _LIBUNWIND_ARM_EHABI is defined, include <link.h> to get thekettenis2016-09-201-0/+1
| | | | | | dl_unwind_find_exidx prototype. ok guenther@
* Add $OpenBSD tagguenther2016-09-201-0/+1
|
* Avoid selecting weak digests for (EC)DH when using SNI.bcook2016-09-201-3/+12
| | | | | | | | | | | from OpenSSL: SSL_set_SSL_CTX is normally called for SNI after ClientHello has received and the digest to use for each certificate has been decided. The original ssl->cert contains the negotiated digests and is now copied to the new ssl->cert. noted by David Benjamin and Kinichiro Inoguchi
* Add check_sym, a utility for checking shared libraries for symbol changesguenther2016-09-201-0/+268
| | | | | | | that may require version bumps...or fixing. Details in comments at the top of the script. ok mpi@ millert@ deraadt@
* We don't need cross-unwinding support,kettenis2016-09-191-1/+2
| | | | ok patrick@, tom@
* We definitely want to use arc4random() on OpenBSD.kettenis2016-09-191-1/+1
| | | | ok patrick@
* gmtime_r() should return NULL on failure, not the struct tm * resultmillert2016-09-191-3/+2
| | | | parameter that was passed in. From Carlin Bingham.
* Don't build saveFP/restFP for powerpc. Not needed on OpenBSD.pascal2016-09-191-4/+2
| | | | ok kettenis@
* Add non-VFP arm-specific code.kettenis2016-09-191-1/+48
| | | | ok patrick@
* Add -nostdinc++ like the original CMakeLists.txt does. Fixes bulding withkettenis2016-09-191-2/+2
| | | | | | clang++. ok pascal@, patrick@
* Add -nostdinc++ like the original CMakeLists.txt does. Fixes bulding withkettenis2016-09-191-2/+2
| | | | | | clang++. ok pascal@, patrick@
* Update ld search path for libssl/libcrypto, fixes cross-build after source moved.bcook2016-09-192-6/+6
| | | | from Patrick Wildt
* move page junking tp unmap(), right before we stick the region in the cache;otto2016-09-181-6/+6
| | | | ok tedu@
* Go down the right path in the _LIBUNWIND_ARM_EHABI case.kettenis2016-09-181-1/+1
| | | | ok patrick@
* Use unified syntax such that this compiles with both gcc and clang.kettenis2016-09-181-2/+4
| | | | ok jsg@
* unbreak the build by including stddef.h for the definition of NULLjsg2016-09-181-1/+2
| | | | fix suggested by and ok guenther@
* Add an interface to find the ARM.exidx table for use by the ARM EHABI unwinder.kettenis2016-09-175-2/+88
| | | | | | Makes exceptions work in C++ code work again om armv7. ok guenther@
* Restore warnings about multiple process waiting on same fdguenther2016-09-172-4/+16
| | | | | requested by mpf@ ok deraadt tedu@
* Include the legacy_coding(3) page which documents use_legacy_coding(),nicm2016-09-162-2/+84
| | | | | probably missed at one update or another. Reported by Anthony Coulter, discussed with jmc.
* handle fallout of moving the address maps to RBT code.dlg2016-09-161-4/+8
| | | | | | because userland doesnt have subr_tree, and the tree traversal in this file is simple, this inlines the logic that the functions in the kernel do.
* we do not build the curses _memleaks and _trace stuff apparently,jmc2016-09-151-14/+2
| | | | | | | | so remove mentions of them; from anthony coulter nicm thinks it's worth making the changes, even though these pages are 3rd party;
* Set callbacks on the right tls ctx on accept.bcook2016-09-141-2/+2
| | | | From Tobias Pape
* Handle the FLUSH BIO cntl, that happens at the end of SSL handshakes.bcook2016-09-141-1/+2
| | | | from Tobias Pape
* Allow callback read/write functions to set TLS_WANT_POLLOUT/POLLIN.bcook2016-09-141-3/+21
| | | | from Tobias Pape
* Generate pkg-config files at build time like everything else. Thisnatano2016-09-145-10/+15
| | | | | | | avoids permission problems due to the build and install stages being run by different users. ok deraadt jasper
* spelling; from Frank Schoepderaadt2016-09-131-4/+4
|
* add a little more typing to the first callback argument.tedu2016-09-132-7/+7
| | | | it's always a tls context.
* Reduce libm's exports and make internal calls go direct.guenther2016-09-12293-563/+1511
| | | | | | All dependencies on libc are now via reserved/standardized names. ok kettenis@ millert@ deraadt@
* Don't declare select() in <unistd.h>guenther2016-09-121-2/+1
| | | | ok deraadt@ millert@
* Per fpclassify(3): isinff(), isnanf(), finite(), and finitef() are deprecatedguenther2016-09-1225-81/+81
| | | | | | in favor of isinf(), isnan(), and isfinite(). ok tb@ martynas@
* Use fe*() routines from <fenv.h> instead of fp*() routines from <ieeefp.h>guenther2016-09-121-10/+11
| | | | ok tb@ martynas@
* document that running a W^X violating binary from file system mountedschwarze2016-09-121-2/+11
| | | | without wxallowed causes EACCES
* Install sqlite3 header files with correct ownership. "Morituri tenatano2016-09-111-2/+3
| | | | | | salutant." ok deraadt
* Files in /etc/ssl belong to root. ok deraadtnatano2016-09-111-4/+4
|
* Clang ignores a .weak directive before a function is actually defined. Sokettenis2016-09-102-4/+4
| | | | | | | move it from before ENTRY() to after END(). Keeps brk(2) and sbrk(2) weak when comping libc with clang. ok guenther@
* missing space after commatb2016-09-091-2/+2
| | | | | | (this was apparently lost during the repo surgery) ok bcook
* back out calls to EVP_CIPHER_CTX_cleanup() in EVP_Cipher/Encrypt/DecryptFinalbcook2016-09-091-4/+1
| | | | | Software that refers to ctx after calling Final breaks with these changes. revert parts of 1.31 and 1.32
* Implement self-relocation for -static -pie on arm. Also removes somekettenis2016-09-081-9/+54
| | | | | | | unecessary code from the normal startup code and do some general cleanup to make the code more readable. ok guenther@, jsg@
* Fix fuse node lookups. Currently fusefs nodes in the kernel remember thenatano2016-09-073-26/+69
| | | | | | | | | | | | | | | | | | | | parent inode number for ".." lookups. This only works until the kernel starts to reuse vnodes and the parent's vnode is reclaimed and the ino to path mapping is removed from the userland process by libfuse. Fix this by using reference counting in libfuse, so that parent mapping are retained as long as a child uses them. Also, don't free the root node. This commit resolves following issue: $ doas fuse-zip ~/Downloads/foo.zip /mnt $ ls /mnt openbsd-www $ grep -IR foo /usr/src > /dev/null # force vfs to reclaim vnodes $ ls /mnt ls: /mnt: No such file or directory $ ok tedu
* Remove usermount remnants. ok tedunatano2016-09-071-5/+2
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.