IABSD.fr/src/lib/libutil

Branch :


Log

Author Commit Date CI Message
4bc7f070 2019-11-21 16:13:39 zero tmpout too. reminded by related diff from tim
0912caf5 2019-11-21 16:07:24 overwrite the key in failure modes in case the caller doesn't check. ok deraadt
11ff2ca8 2019-10-25 04:00:10 Adjust whitespace, so Ta macros are aligned vertically as already done in ober_add_string.3 and as it was before the ber -> ober rename.
696b5899 2019-10-24 12:39:26 The ber_* namespace is used by liblber since time immemorial, so move our BER API to the unused ober_* prefix to avoid some breakage in ports. Problem diagnosed by jmatthew with ber_free() in samba, but there are many others as pointed out by sthen. tests & ok rob ok sthen (who had an almost identical diff for libutil) "go head hit it" deraadt
44946945 2019-08-30 03:57:56 uucplock(3) is incorrectly named in some places, it is actually uu_lock(3) (more unclear is if anything in ports uses this, as our base no longer does)
2b859d28 2019-08-15 06:11:18 Revert previous. There were some users of the quirky behaviour that were missed during code scan.
5cb64af1 2019-08-14 19:08:03 Fix argument list for ber_set_writecallback OK claudio@
39b98972 2019-08-14 17:36:04 wonky comma;
c32b9c34 2019-08-14 17:21:42 Document that ber_scanf_elements' 'p' and 't' attribute don't eat the current ber element. OK claudio@ Seems sensible to deraadt@
2e9eee5b 2019-08-14 17:20:41 Make ber_scanf_elements's 'e' attribute eat the element. Right now all consumers use 'e' at the end of the list, so no regressions should be introduced. OK claudio@ Seems sensible to deraadt@
497d37e3 2019-08-14 04:48:13 Make sure that ber in ber_scanf_elements is not NULL before parsing format where ber is utilized. This also allows us to remove the ber->be_next check, which can cause weird behaviour, because a NULL be_next would result in parsing the last element twice. OK claudio@ on previous version OK rob@
f6a2c1a0 2019-08-05 12:38:14 Don't use a 0 element to determine the end of an OID when comparing two OIDS. This can result in false equality matches. OK claudio@
a93a062f 2019-08-05 12:30:50 There's no reason why the first digit of an OID can't be 0. OK claudio@ "Good find" deraadt@
515e489c 2019-07-03 03:24:01 snprintf/vsnprintf return < 0 on error, rather than -1.
80e53f5b 2019-06-28 14:20:40 Actually, the C standard only guarantees that atexit(3) returns non-zero on error, so tweak previous to test "atexit(...) != 0" for portability. "OK ok ok sorry backwards" deraadt@
df69c215 2019-06-28 13:32:41 When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
abcdd362 2019-06-28 05:33:35 atexit() returns -1 on failure
260378df 2019-06-01 19:40:05 Limit maximum number of length octets to platform independent sizeof(int32_t). Problem noticed by bluhm@. Discussed on hackers. ok claudio@
285652d4 2019-05-21 13:29:44 whitespace
8ee14a61 2019-05-21 12:30:07 Cleanup some residual markup from the ber.3 days. ok jmc@, schwarze@
2c903577 2019-05-17 14:40:59 add various missing information and remove the lie that these functions would set errno; tweaks and OK jmc@; OK rob@ on the previous version
ff8cfb38 2019-05-16 21:12:33 Add XXX to a comment.
97f38bf2 2019-05-16 17:39:21 Correct errno markup. Noticed by schwarze. Discussed with schwarze and jmc. ok schwarze
0ee0a805 2019-05-15 18:42:30 sort SEE ALSO;
a8bdd790 2019-05-15 18:25:29 add substantial amounts of missing information; OK rob@
caa7014e 2019-05-15 18:18:21 Consistently make errno a .Vt
c7ddfa02 2019-05-15 09:49:32 delete some duplicate words
1376e1c0 2019-05-15 03:11:52 Split ber.3 into logical parts. Further tweaking will be done in tree. Discussed with and ok jmc@, schwarze@, claudio@
d1325eac 2019-05-12 20:25:10 Enable support for the writting of BITSTRING by treating it as an OCTETSTRING. ok claudio@
b0a6858b 2019-05-12 20:13:08 Enforce smallest number of contents octets for int (and enum). ok claudio@
ab9737ba 2019-05-12 19:29:41 Mention #include of <sys/types.h> in synopsis. Discussed with claudio@ and tedu@.
e26852eb 2019-05-12 18:11:51 Fail early if a (universal) primitive type identifies as constructed, or if a boolean has a contents length other than 1. ok claudio@
9248c219 2019-05-12 17:50:32 Enforce minimal number of octets for tag > 30. "sure" claudio@
4880bb40 2019-05-12 17:42:14 In long form encoding, explicitly prohibit an initial length octet of 0xff which is reserved for future use. ok claudio@
d4b95dc4 2019-05-11 17:46:02 The BER API is currently used by ldap, ldapd, ldapctl, ypldap, snmpd, and snmpctl. Separate copies of ber.[ch] have existed and been maintained in sync in ldap, ldapd, ypldap and snmpd. This commit moves the BER API into /usr/lib/libutil. All current consumers already link libutil. ldapd and snmpd regress passes, and release builds. With help from tb@ and guenther@. ok deraadt@, tb@
301058f1 2019-04-23 18:13:11 missing dots after ".%P pp"; the case of btree(3) was reported by Fabio Scotoni <fabio at esse dot ch>; also garbage collect one .Tn while here
bf198cc6 2019-01-25 00:19:25 I am retiring my old email address; replace it with my OpenBSD one.
b13109f3 2019-01-20 02:50:03 Change imsg header definitions to use standard types. ok deraadt@ claudio@
7ab3d2e1 2019-01-14 23:52:06 Calling llabs(LLONG_MIN) is undefined behavior, llvm 7.0.1 does not work with our old code. In fmt_scaled() move the check before calling llabs(). found by regress/lib/libutil/fmt_scaled; OK deraadt@ millert@ tedu@
a6f4f68a 2018-09-26 09:22:52 explicitly mention local processes; from geoff hill ok nicm
55adf1d4 2018-08-10 17:03:26 delete volatile intended to silence whiny old compilers around vfork. This variable is only used in the parent context so there is no issue. ok kettenis
9729467d 2018-05-14 04:39:04 constrain fractional part to [0-9] (less confusing to static analysis); ok ian@
08c753b7 2018-02-16 07:42:07 Fix function argument names, from Abel Abraham Camarillo Ojeda via jmc@.
aaeccf36 2018-01-12 04:36:44 Adjust references for sysctl(3) to sysctl(2)
8c897735 2017-12-14 09:27:44 Make a few internal symbols static and add a Symbols.map version script to control which symbols are exported from the shared library. ok guenther@, deraadt@, jca@
69cc8ae2 2017-12-06 12:07:08 It's the imsg_compose(3) who accepts 'fd' argument, not imsg_create(3).
27f2d348 2017-05-03 15:49:10 spacing (in EXAMPLES code)
57f7e8ae 2017-04-20 19:30:42 add previous to NAME;
c2a62bf3 2017-04-20 17:48:30 Add getptmfd(), fdopenpty(), fdforkpty() functions. These allow programs to separate the open(/dev/ptm) from the ioctl(PTMGET) for privilege separation or pledge(). Based on a diff from reyk@. ok deraadt millert
1b660a29 2017-04-18 04:06:21 use freezero() instead of explicit_bzero+free
f00211be 2017-04-11 09:57:19 Use freezero(3) for the imsg framework in imsg_free(3) and ibuf_free(3). In our privsep model, imsg is often used to transport sensitive information between processes. But a process might free an imsg, and reuse the memory for a different thing. iked uses some explicit_bzero() to clean imsg-buffer but doing it in the library with the freezero() is less error-prone and also benefits other daemons. OK deraadt@ jsing@ claudio@
303db1f0 2017-03-24 09:34:12 Use C99 types (uint32_t) instead of BSD (u_int32_t) - the former are more portable. Add stdint.h to the headers in imsg_init(3). No objections from millert@.
c6a25008 2017-03-17 14:51:26 Grow buffers using recallocarray, to avoid the potential dribble that the standard realloc*() functions can leave behind. imsg buffers are sometimes used in protocol stacks which require some secrecy, and layering violations would be needed to resolve this issue otherwise. Discussed with many.
131c0d40 2017-03-16 02:40:46 Fix overly-conservative overflow checks on mulitplications and add checks on additions. This allows scan_scaled to work up to +/-LLONG_MAX (LLONG_MIN will still be flagged as a range error). ok millert@
85e15f6f 2017-03-15 05:25:56 Collapse underflow and overflow checks into a single block. ok djm@ millert@
ab2f1879 2017-03-15 00:13:18 Catch integer underflow in scan_scaled reported by Nicolas Iooss. ok deraadt@ djm@
73ae9844 2017-03-11 23:37:23 fix signed integer overflow in scan_scaled. Found by Nicolas Iooss using AFL against ssh_config. ok deraadt@ millert@
9b2788cc 2016-10-15 12:33:22 zap trailing whitespace;
a0a7f51d 2016-10-10 17:15:30 Fixup the example for msgbuf_write() and imsg_read() to check the error cases for -1 and 0 explicitly (it initially only checked for -1, I updated it to also check for 0, and rzalamena@ figured out that 0 has to be checked in a differently). OK millert@ rzalamena@
da975fa8 2016-08-30 14:52:09 Use a constant format string and output the variable part with %s ok krw@ millert@
478ad52b 2016-08-30 14:44:45 Use O_CLOEXEC when opening fds local to a function ok jca@ krw@
07c8d458 2016-08-27 03:54:20 Pull in <stdio.h> for NULL ok deraadt@
765b8f74 2016-08-14 14:57:15 Refer to /etc/passwd consistently as the "legacy password file" and remove some references to differences between versions 6 and 7. ok jmc, millert, tedu
51914d64 2016-07-16 16:10:44 Fix example: long long should be print with %lld
fca11a50 2016-05-18 00:58:40 Remove obsolete caveat. OK deraadt@
faa33665 2016-03-30 06:38:40 for some time now mandoc has not required MLINKS to function correctly - logically complete that now by removing MLINKS from base; authors need only to ensure there is an entry in NAME for any function/ util being added. MLINKS will still work, and remain for perl to ease upgrades; ok nicm (curses) bcook (ssl) ok schwarze, who provided a lot of feedback and assistance ok tb natano jung
e81f2c1b 2015-12-29 18:05:23 mention that ibuf_free() does not need a NULL check.
fc0d8634 2015-12-29 18:05:01 check for NULL in ibuf_free(). ok and slight improvement, mmcco@ ok semarie@ and encouragement tedu@ krw@
27c829c3 2015-12-28 20:11:36 Switch login(3) from lseek+read/write to pread/pwrite and only do the pread() if the data is needed. Use O_CLOEXEC on the internal fd as MT paranoia. Fix cast in offset calculation; delete register keyword; prefer memset() over bzero() ok millert@
44baa17f 2015-12-09 11:54:12 Add a cast to silence a compiler warning by clang on FreeBSD. From Craig Rodrigues. ok tedu@
c647c61c 2015-12-05 13:06:52 Do not loop on EAGAIN in imsg_read(). Better to return the error to the caller and let him do another poll loop. This fixes spinning relayd processes seen on busy TLS relays. OK benno@ henning@
18e2b3b1 2015-11-27 01:57:59 Remove three NULL-checks before free(). ok millert@
1e50994a 2015-11-26 23:32:52 Use the backchannel for all error messages instead of syslog(3). OK deraadt@ beck@
f24baa2d 2015-11-11 01:12:09 creat() -> open equiv; from Frederic Nowak
d04ba2cc 2015-11-10 23:48:17 update NAME section to include all documented functions, or otherwise change Dt to reflect the name of an existing function; feedback/ok schwarze
2c47648c 2015-10-15 19:35:24 Don't Xr flock, since that is not the locking method used. ok millert
5dfee228 2015-09-14 15:14:55 Remove useless quoting from .Fo and .Fn function names, to prevent development of a cargo cult in case people look at existing files for examples. This achieves a consistent .Fo and .Fn quoting style across the whole tree.
31b5c4b0 2015-09-14 13:45:25 in the SYNOPSIS, make void function arguments explicit
14e7529f 2015-09-10 15:53:26 reduce more .Nd to one line and kill more .Tn
e34c0550 2015-09-10 15:16:43 reduce .Nd to one line and kill .Tn while here
4e92611e 2015-08-28 19:54:06 Remove lies about openpty(4) searching for a free pseudo-tty by iterating through all existing pseudo-tty devices in /dev.
0b1b9197 2015-08-20 21:34:04 remove cast of malloc(), since stdlib.h is included
aa53a3a5 2015-07-19 07:18:59 Handle malloc(0) returning NULL (which can happen on some other platforms) by explicitly making imsg->data = NULL when there is no data. ok deraadt
586d02ca 2015-07-15 15:16:59 typo in manual page. ok jsing@
3c384461 2015-07-12 18:40:49 Use memset instead of bzero for better portability. ok gilles claudio doug
657b656b 2015-07-11 16:23:59 typo in embedded code block; from Ben Cornett
7ab14802 2015-07-03 14:50:14 bzero cmsgbuf before using it, silences valgrind warnings. henning@ "sure"
d9530a0e 2015-06-11 19:25:53 The correct semantic is to check msgbuf_write() for <= 0, not just < 0. Fix one occurence in imsg_flush() and clarify it the man page. Discussed with at least blambert@ jsg@ yasuoka@. OK gilles@
aa48e8d1 2015-06-03 02:24:36 Do not assume that asprintf() clears the pointer on failure, which is non-portable. Also add missing asprintf() return value checks. OK deraadt@ guenther@ doug@
16e2f483 2015-04-24 21:13:56 Use strtonum() instead of strtoul() when parsing uid/gid so we get consistent handling of negative ids on 32bit/64bit systems. The only negative uid/gid allowed is -1 which is special-cased so it can be preserved when writing the new master.passwd file instead of being written as an unsigned number. OK deraadt@
f7055df5 2015-03-15 00:41:27 tzfile.h is an internal header that should never have been installed. What's worse, the tzfile.h that gets installed is over 20 years old and doesn't match the real tzfile.h in libc/time. This makes the tree safe for /usr/include/tzfile.h removal. The TM_YEAR_BASE define has been moved to time.h temporarily until its usage is replaced by 1900 in the tree. Actual removal of tzfile.h is pending a ports build. Based on a diff from deraadt@
1357284a 2015-02-05 12:59:57 Include stdint.h, not limits.h to get SIZE_MAX. OK guenther@
aea60bee 2015-01-16 16:48:51 Move to the <limits.h> universe. review by millert, binary checking process with doug, concept with guenther
12bc6069 2015-01-15 19:06:31 remove .Tn; from Jan Stary <hans at stare dot cz>
c6555c4f 2015-01-12 03:20:04 rename blocks to words. bcrypt "blocks" are unrelated to blowfish blocks, nor are they the same size.
612acb8c 2015-01-08 01:28:56 declare a local version of MIN(), call it MINIMUM() (sorry, my other changes were accidentally premature)
1baefdb0 2015-01-08 00:30:07 declare a local version of MIN(), call it MINIMUM()
5051f9a6 2015-01-07 21:34:23 Do not need sys/param.h
13918886 2014-12-30 01:41:43 typo in comment: ouput => output
ec2a4e0f 2014-12-25 22:20:52 return ERANGE instead of ENOMEM, so callers can differentiate real oom from this case where we have a static buffer and cant realloc. ok phessler, claudio, reyk