Branch :
| Author | Commit | Date | CI | Message |
|---|---|---|---|---|
| 4bc7f070 | 2019-11-21 16:13:39 | zero tmpout too. reminded by related diff from tim | ||
| 0912caf5 | 2019-11-21 16:07:24 | overwrite the key in failure modes in case the caller doesn't check. ok deraadt | ||
| 11ff2ca8 | 2019-10-25 04:00:10 | Adjust whitespace, so Ta macros are aligned vertically as already done in ober_add_string.3 and as it was before the ber -> ober rename. | ||
| 696b5899 | 2019-10-24 12:39:26 | The ber_* namespace is used by liblber since time immemorial, so move our BER API to the unused ober_* prefix to avoid some breakage in ports. Problem diagnosed by jmatthew with ber_free() in samba, but there are many others as pointed out by sthen. tests & ok rob ok sthen (who had an almost identical diff for libutil) "go head hit it" deraadt | ||
| 44946945 | 2019-08-30 03:57:56 | uucplock(3) is incorrectly named in some places, it is actually uu_lock(3) (more unclear is if anything in ports uses this, as our base no longer does) | ||
| 2b859d28 | 2019-08-15 06:11:18 | Revert previous. There were some users of the quirky behaviour that were missed during code scan. | ||
| 5cb64af1 | 2019-08-14 19:08:03 | Fix argument list for ber_set_writecallback OK claudio@ | ||
| 39b98972 | 2019-08-14 17:36:04 | wonky comma; | ||
| c32b9c34 | 2019-08-14 17:21:42 | Document that ber_scanf_elements' 'p' and 't' attribute don't eat the current ber element. OK claudio@ Seems sensible to deraadt@ | ||
| 2e9eee5b | 2019-08-14 17:20:41 | Make ber_scanf_elements's 'e' attribute eat the element. Right now all consumers use 'e' at the end of the list, so no regressions should be introduced. OK claudio@ Seems sensible to deraadt@ | ||
| 497d37e3 | 2019-08-14 04:48:13 | Make sure that ber in ber_scanf_elements is not NULL before parsing format where ber is utilized. This also allows us to remove the ber->be_next check, which can cause weird behaviour, because a NULL be_next would result in parsing the last element twice. OK claudio@ on previous version OK rob@ | ||
| f6a2c1a0 | 2019-08-05 12:38:14 | Don't use a 0 element to determine the end of an OID when comparing two OIDS. This can result in false equality matches. OK claudio@ | ||
| a93a062f | 2019-08-05 12:30:50 | There's no reason why the first digit of an OID can't be 0. OK claudio@ "Good find" deraadt@ | ||
| 515e489c | 2019-07-03 03:24:01 | snprintf/vsnprintf return < 0 on error, rather than -1. | ||
| 80e53f5b | 2019-06-28 14:20:40 | Actually, the C standard only guarantees that atexit(3) returns non-zero on error, so tweak previous to test "atexit(...) != 0" for portability. "OK ok ok sorry backwards" deraadt@ | ||
| df69c215 | 2019-06-28 13:32:41 | When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future. | ||
| abcdd362 | 2019-06-28 05:33:35 | atexit() returns -1 on failure | ||
| 260378df | 2019-06-01 19:40:05 | Limit maximum number of length octets to platform independent sizeof(int32_t). Problem noticed by bluhm@. Discussed on hackers. ok claudio@ | ||
| 285652d4 | 2019-05-21 13:29:44 | whitespace | ||
| 8ee14a61 | 2019-05-21 12:30:07 | Cleanup some residual markup from the ber.3 days. ok jmc@, schwarze@ | ||
| 2c903577 | 2019-05-17 14:40:59 | add various missing information and remove the lie that these functions would set errno; tweaks and OK jmc@; OK rob@ on the previous version | ||
| ff8cfb38 | 2019-05-16 21:12:33 | Add XXX to a comment. | ||
| 97f38bf2 | 2019-05-16 17:39:21 | Correct errno markup. Noticed by schwarze. Discussed with schwarze and jmc. ok schwarze | ||
| 0ee0a805 | 2019-05-15 18:42:30 | sort SEE ALSO; | ||
| a8bdd790 | 2019-05-15 18:25:29 | add substantial amounts of missing information; OK rob@ | ||
| caa7014e | 2019-05-15 18:18:21 | Consistently make errno a .Vt | ||
| c7ddfa02 | 2019-05-15 09:49:32 | delete some duplicate words | ||
| 1376e1c0 | 2019-05-15 03:11:52 | Split ber.3 into logical parts. Further tweaking will be done in tree. Discussed with and ok jmc@, schwarze@, claudio@ | ||
| d1325eac | 2019-05-12 20:25:10 | Enable support for the writting of BITSTRING by treating it as an OCTETSTRING. ok claudio@ | ||
| b0a6858b | 2019-05-12 20:13:08 | Enforce smallest number of contents octets for int (and enum). ok claudio@ | ||
| ab9737ba | 2019-05-12 19:29:41 | Mention #include of <sys/types.h> in synopsis. Discussed with claudio@ and tedu@. | ||
| e26852eb | 2019-05-12 18:11:51 | Fail early if a (universal) primitive type identifies as constructed, or if a boolean has a contents length other than 1. ok claudio@ | ||
| 9248c219 | 2019-05-12 17:50:32 | Enforce minimal number of octets for tag > 30. "sure" claudio@ | ||
| 4880bb40 | 2019-05-12 17:42:14 | In long form encoding, explicitly prohibit an initial length octet of 0xff which is reserved for future use. ok claudio@ | ||
| d4b95dc4 | 2019-05-11 17:46:02 | The BER API is currently used by ldap, ldapd, ldapctl, ypldap, snmpd, and snmpctl. Separate copies of ber.[ch] have existed and been maintained in sync in ldap, ldapd, ypldap and snmpd. This commit moves the BER API into /usr/lib/libutil. All current consumers already link libutil. ldapd and snmpd regress passes, and release builds. With help from tb@ and guenther@. ok deraadt@, tb@ | ||
| 301058f1 | 2019-04-23 18:13:11 | missing dots after ".%P pp"; the case of btree(3) was reported by Fabio Scotoni <fabio at esse dot ch>; also garbage collect one .Tn while here | ||
| bf198cc6 | 2019-01-25 00:19:25 | I am retiring my old email address; replace it with my OpenBSD one. | ||
| b13109f3 | 2019-01-20 02:50:03 | Change imsg header definitions to use standard types. ok deraadt@ claudio@ | ||
| 7ab3d2e1 | 2019-01-14 23:52:06 | Calling llabs(LLONG_MIN) is undefined behavior, llvm 7.0.1 does not work with our old code. In fmt_scaled() move the check before calling llabs(). found by regress/lib/libutil/fmt_scaled; OK deraadt@ millert@ tedu@ | ||
| a6f4f68a | 2018-09-26 09:22:52 | explicitly mention local processes; from geoff hill ok nicm | ||
| 55adf1d4 | 2018-08-10 17:03:26 | delete volatile intended to silence whiny old compilers around vfork. This variable is only used in the parent context so there is no issue. ok kettenis | ||
| 9729467d | 2018-05-14 04:39:04 | constrain fractional part to [0-9] (less confusing to static analysis); ok ian@ | ||
| 08c753b7 | 2018-02-16 07:42:07 | Fix function argument names, from Abel Abraham Camarillo Ojeda via jmc@. | ||
| aaeccf36 | 2018-01-12 04:36:44 | Adjust references for sysctl(3) to sysctl(2) | ||
| 8c897735 | 2017-12-14 09:27:44 | Make a few internal symbols static and add a Symbols.map version script to control which symbols are exported from the shared library. ok guenther@, deraadt@, jca@ | ||
| 69cc8ae2 | 2017-12-06 12:07:08 | It's the imsg_compose(3) who accepts 'fd' argument, not imsg_create(3). | ||
| 27f2d348 | 2017-05-03 15:49:10 | spacing (in EXAMPLES code) | ||
| 57f7e8ae | 2017-04-20 19:30:42 | add previous to NAME; | ||
| c2a62bf3 | 2017-04-20 17:48:30 | Add getptmfd(), fdopenpty(), fdforkpty() functions. These allow programs to separate the open(/dev/ptm) from the ioctl(PTMGET) for privilege separation or pledge(). Based on a diff from reyk@. ok deraadt millert | ||
| 1b660a29 | 2017-04-18 04:06:21 | use freezero() instead of explicit_bzero+free | ||
| f00211be | 2017-04-11 09:57:19 | Use freezero(3) for the imsg framework in imsg_free(3) and ibuf_free(3). In our privsep model, imsg is often used to transport sensitive information between processes. But a process might free an imsg, and reuse the memory for a different thing. iked uses some explicit_bzero() to clean imsg-buffer but doing it in the library with the freezero() is less error-prone and also benefits other daemons. OK deraadt@ jsing@ claudio@ | ||
| 303db1f0 | 2017-03-24 09:34:12 | Use C99 types (uint32_t) instead of BSD (u_int32_t) - the former are more portable. Add stdint.h to the headers in imsg_init(3). No objections from millert@. | ||
| c6a25008 | 2017-03-17 14:51:26 | Grow buffers using recallocarray, to avoid the potential dribble that the standard realloc*() functions can leave behind. imsg buffers are sometimes used in protocol stacks which require some secrecy, and layering violations would be needed to resolve this issue otherwise. Discussed with many. | ||
| 131c0d40 | 2017-03-16 02:40:46 | Fix overly-conservative overflow checks on mulitplications and add checks on additions. This allows scan_scaled to work up to +/-LLONG_MAX (LLONG_MIN will still be flagged as a range error). ok millert@ | ||
| 85e15f6f | 2017-03-15 05:25:56 | Collapse underflow and overflow checks into a single block. ok djm@ millert@ | ||
| ab2f1879 | 2017-03-15 00:13:18 | Catch integer underflow in scan_scaled reported by Nicolas Iooss. ok deraadt@ djm@ | ||
| 73ae9844 | 2017-03-11 23:37:23 | fix signed integer overflow in scan_scaled. Found by Nicolas Iooss using AFL against ssh_config. ok deraadt@ millert@ | ||
| 9b2788cc | 2016-10-15 12:33:22 | zap trailing whitespace; | ||
| a0a7f51d | 2016-10-10 17:15:30 | Fixup the example for msgbuf_write() and imsg_read() to check the error cases for -1 and 0 explicitly (it initially only checked for -1, I updated it to also check for 0, and rzalamena@ figured out that 0 has to be checked in a differently). OK millert@ rzalamena@ | ||
| da975fa8 | 2016-08-30 14:52:09 | Use a constant format string and output the variable part with %s ok krw@ millert@ | ||
| 478ad52b | 2016-08-30 14:44:45 | Use O_CLOEXEC when opening fds local to a function ok jca@ krw@ | ||
| 07c8d458 | 2016-08-27 03:54:20 | Pull in <stdio.h> for NULL ok deraadt@ | ||
| 765b8f74 | 2016-08-14 14:57:15 | Refer to /etc/passwd consistently as the "legacy password file" and remove some references to differences between versions 6 and 7. ok jmc, millert, tedu | ||
| 51914d64 | 2016-07-16 16:10:44 | Fix example: long long should be print with %lld | ||
| fca11a50 | 2016-05-18 00:58:40 | Remove obsolete caveat. OK deraadt@ | ||
| faa33665 | 2016-03-30 06:38:40 | for some time now mandoc has not required MLINKS to function correctly - logically complete that now by removing MLINKS from base; authors need only to ensure there is an entry in NAME for any function/ util being added. MLINKS will still work, and remain for perl to ease upgrades; ok nicm (curses) bcook (ssl) ok schwarze, who provided a lot of feedback and assistance ok tb natano jung | ||
| e81f2c1b | 2015-12-29 18:05:23 | mention that ibuf_free() does not need a NULL check. | ||
| fc0d8634 | 2015-12-29 18:05:01 | check for NULL in ibuf_free(). ok and slight improvement, mmcco@ ok semarie@ and encouragement tedu@ krw@ | ||
| 27c829c3 | 2015-12-28 20:11:36 | Switch login(3) from lseek+read/write to pread/pwrite and only do the pread() if the data is needed. Use O_CLOEXEC on the internal fd as MT paranoia. Fix cast in offset calculation; delete register keyword; prefer memset() over bzero() ok millert@ | ||
| 44baa17f | 2015-12-09 11:54:12 | Add a cast to silence a compiler warning by clang on FreeBSD. From Craig Rodrigues. ok tedu@ | ||
| c647c61c | 2015-12-05 13:06:52 | Do not loop on EAGAIN in imsg_read(). Better to return the error to the caller and let him do another poll loop. This fixes spinning relayd processes seen on busy TLS relays. OK benno@ henning@ | ||
| 18e2b3b1 | 2015-11-27 01:57:59 | Remove three NULL-checks before free(). ok millert@ | ||
| 1e50994a | 2015-11-26 23:32:52 | Use the backchannel for all error messages instead of syslog(3). OK deraadt@ beck@ | ||
| f24baa2d | 2015-11-11 01:12:09 | creat() -> open equiv; from Frederic Nowak | ||
| d04ba2cc | 2015-11-10 23:48:17 | update NAME section to include all documented functions, or otherwise change Dt to reflect the name of an existing function; feedback/ok schwarze | ||
| 2c47648c | 2015-10-15 19:35:24 | Don't Xr flock, since that is not the locking method used. ok millert | ||
| 5dfee228 | 2015-09-14 15:14:55 | Remove useless quoting from .Fo and .Fn function names, to prevent development of a cargo cult in case people look at existing files for examples. This achieves a consistent .Fo and .Fn quoting style across the whole tree. | ||
| 31b5c4b0 | 2015-09-14 13:45:25 | in the SYNOPSIS, make void function arguments explicit | ||
| 14e7529f | 2015-09-10 15:53:26 | reduce more .Nd to one line and kill more .Tn | ||
| e34c0550 | 2015-09-10 15:16:43 | reduce .Nd to one line and kill .Tn while here | ||
| 4e92611e | 2015-08-28 19:54:06 | Remove lies about openpty(4) searching for a free pseudo-tty by iterating through all existing pseudo-tty devices in /dev. | ||
| 0b1b9197 | 2015-08-20 21:34:04 | remove cast of malloc(), since stdlib.h is included | ||
| aa53a3a5 | 2015-07-19 07:18:59 | Handle malloc(0) returning NULL (which can happen on some other platforms) by explicitly making imsg->data = NULL when there is no data. ok deraadt | ||
| 586d02ca | 2015-07-15 15:16:59 | typo in manual page. ok jsing@ | ||
| 3c384461 | 2015-07-12 18:40:49 | Use memset instead of bzero for better portability. ok gilles claudio doug | ||
| 657b656b | 2015-07-11 16:23:59 | typo in embedded code block; from Ben Cornett | ||
| 7ab14802 | 2015-07-03 14:50:14 | bzero cmsgbuf before using it, silences valgrind warnings. henning@ "sure" | ||
| d9530a0e | 2015-06-11 19:25:53 | The correct semantic is to check msgbuf_write() for <= 0, not just < 0. Fix one occurence in imsg_flush() and clarify it the man page. Discussed with at least blambert@ jsg@ yasuoka@. OK gilles@ | ||
| aa48e8d1 | 2015-06-03 02:24:36 | Do not assume that asprintf() clears the pointer on failure, which is non-portable. Also add missing asprintf() return value checks. OK deraadt@ guenther@ doug@ | ||
| 16e2f483 | 2015-04-24 21:13:56 | Use strtonum() instead of strtoul() when parsing uid/gid so we get consistent handling of negative ids on 32bit/64bit systems. The only negative uid/gid allowed is -1 which is special-cased so it can be preserved when writing the new master.passwd file instead of being written as an unsigned number. OK deraadt@ | ||
| f7055df5 | 2015-03-15 00:41:27 | tzfile.h is an internal header that should never have been installed. What's worse, the tzfile.h that gets installed is over 20 years old and doesn't match the real tzfile.h in libc/time. This makes the tree safe for /usr/include/tzfile.h removal. The TM_YEAR_BASE define has been moved to time.h temporarily until its usage is replaced by 1900 in the tree. Actual removal of tzfile.h is pending a ports build. Based on a diff from deraadt@ | ||
| 1357284a | 2015-02-05 12:59:57 | Include stdint.h, not limits.h to get SIZE_MAX. OK guenther@ | ||
| aea60bee | 2015-01-16 16:48:51 | Move to the <limits.h> universe. review by millert, binary checking process with doug, concept with guenther | ||
| 12bc6069 | 2015-01-15 19:06:31 | remove .Tn; from Jan Stary <hans at stare dot cz> | ||
| c6555c4f | 2015-01-12 03:20:04 | rename blocks to words. bcrypt "blocks" are unrelated to blowfish blocks, nor are they the same size. | ||
| 612acb8c | 2015-01-08 01:28:56 | declare a local version of MIN(), call it MINIMUM() (sorry, my other changes were accidentally premature) | ||
| 1baefdb0 | 2015-01-08 00:30:07 | declare a local version of MIN(), call it MINIMUM() | ||
| 5051f9a6 | 2015-01-07 21:34:23 | Do not need sys/param.h | ||
| 13918886 | 2014-12-30 01:41:43 | typo in comment: ouput => output | ||
| ec2a4e0f | 2014-12-25 22:20:52 | return ERANGE instead of ENOMEM, so callers can differentiate real oom from this case where we have a static buffer and cant realloc. ok phessler, claudio, reyk |