IABSD.fr/src/lib/libutil

Branch :


Log

Author Commit Date CI Message
8455d632 2021-10-31 16:42:32 bump major after struct size change
48b76637 2021-10-31 16:42:08 Bump BER_MAX_OID_LEN to 128 From martijn, discussed with claudio, ok sthen
b7041c07 2021-10-24 21:24:15 For open/openat, if the flags parameter does not contain O_CREAT, the 3rd (variadic) mode_t parameter is irrelevant. Many developers in the past have passed mode_t (0, 044, 0644, or such), which might lead future people to copy this broken idiom, and perhaps even believe this parameter has some meaning or implication or application. Delete them all. This comes out of a conversation where tb@ noticed that a strange (but intentional) pledge behaviour is to always knock-out high-bits from mode_t on a number of system calls as a safety factor, and his bewilderment that this appeared to be happening against valid modes (at least visually), but no sorry, they are all irrelevant junk. They could all be 0xdeafbeef. ok millert
893ac8ce 2021-10-21 08:17:33 Sync ober_oid_cmp with ax_oid_cmp from libagentx. This flips the returned signedness and adds the weight of 2 for parent-child relationship in both direction. This makes ober_oid_cmp consistent with the rest of the *_cmp based functions. OK tb@
62cb8703 2021-08-29 19:00:20 fix an obvious mixup regarding the order of lines in the SYNOPSIS, and an omission below HISTORY
63beb567 2021-08-29 13:27:11 Add ober_dup. Needed for upcoming SNMPv3 support for trap receiver in snmpd(8). OK jmatthew@ OK deraadt@ for bumping libutil now.
f4be339c 2021-06-20 14:08:42 scan_scaled: fix rescaling for negative numbers As found by djm by fuzzing ssh, scan_scaled can overflow for negative numbers when rescaling is needed. This is because the rescaled fractional part is added without taking the sign into account. ok ian jca
f0a07bbb 2021-03-31 19:31:35 tweak column widths of a .Bl -column table and avoid an over-long source line while here; OK martijn@ jmc@
2325ad59 2021-03-31 17:42:24 change the barrier so that fd's are always passed and received with the first byte of the imsg they belong to. idea, tweaks and ok claudio@
afa7f157 2021-03-12 07:24:49 fix previous
c5d247d8 2021-03-12 05:18:00 spelling
7af96dc2 2021-03-05 07:34:46 Stop abusing display blocks under the authors section in order to respect literal line breaks. This has the unwanted side effect of rendering the authors section using a monospace font over at man.openbsd.org. Instead use br macros to force line breaks. With help from and ok jmc@
4e0a17bc 2021-03-03 20:15:54 s/byte/character Discussed with claudio@ Feedback jmc@
561e0011 2021-02-22 17:15:02 Make the ober_get_* set of function to accept a NULL-pointer. This allows us to do ber-type checking inside ober_scanf_elements, which will allow for stricter ASN.1 parsing in the future. Manpage feedback and OK claudio@, jmc@ OK claudio@
b8d19846 2021-01-28 19:56:33 Add '$' to ober_scanf_elements(). This allows us to enforce end of sequence/set without having to manually check be_next for NULL. No lib bump needed according to millert@ OK millert@ rob@
f273e380 2021-01-22 18:27:52 Gracefully handle any erroneous closing bracket/brace trailers in ober_scanf_elements(). OK martijn@
68ec4783 2021-01-22 03:20:56 Valid integer and enumerated types always have non-zero length. Perform check to ensure we avoid a possible (undefined) negative shift. Found with clang static analyzer. Tweaked and OK martijn@
692fa786 2021-01-13 09:56:28 Make imsg.h a bit more self-contained by prototyping struct iovec. OK martijn@ mvs@ deraadt@
8f6effc9 2020-12-15 13:40:22 typo fix from aisha tammy; ok nicm
00183df2 2020-10-16 09:29:04 double word fixes; from varik valefor
87afc19e 2020-10-12 22:08:32 make fixed-sized fixed-value mib[] arrays be const ok guenther tb millert
7c0d3159 2020-09-04 06:17:57 Create ERRORS section for ober_read_elements. Tweaks and OK tb@ OK jmc@
00f4a9fb 2020-09-03 19:09:57 Missed one case of errno not being set in previous. double check and OK tb@
1f7940ee 2020-09-03 17:01:15 Make sure ober_read_elements sets errno on every case where NULL is returned. OK deraadt@ tb@
278b6199 2020-08-02 18:35:48 Squelch warning by using idiom from libc bcrypt(3) Clang 10 warns about the expression sizeof(cdata) / sizeof(uint64_t) as cdata is an array of uint32_t and it expects that the intent of this is to compute the number of array elements. Use BCRYPT_WORDS / 2 instead. Same diff as millert's commit sys/lib/libsa/bcrypt_pbkdf.c -r1.2, which was ok kettenis. deraadt confirms that this satisfies clang 10.
f8994d87 2019-12-31 10:34:14 Increase BER_MAX_OID_LEN from 32 to 64. Not every snmp OID found in the wild fits inside 32 elements, like UsmUserEntry objects. OK rob@, claudio@
4bc7f070 2019-11-21 16:13:39 zero tmpout too. reminded by related diff from tim
0912caf5 2019-11-21 16:07:24 overwrite the key in failure modes in case the caller doesn't check. ok deraadt
11ff2ca8 2019-10-25 04:00:10 Adjust whitespace, so Ta macros are aligned vertically as already done in ober_add_string.3 and as it was before the ber -> ober rename.
696b5899 2019-10-24 12:39:26 The ber_* namespace is used by liblber since time immemorial, so move our BER API to the unused ober_* prefix to avoid some breakage in ports. Problem diagnosed by jmatthew with ber_free() in samba, but there are many others as pointed out by sthen. tests & ok rob ok sthen (who had an almost identical diff for libutil) "go head hit it" deraadt
44946945 2019-08-30 03:57:56 uucplock(3) is incorrectly named in some places, it is actually uu_lock(3) (more unclear is if anything in ports uses this, as our base no longer does)
2b859d28 2019-08-15 06:11:18 Revert previous. There were some users of the quirky behaviour that were missed during code scan.
5cb64af1 2019-08-14 19:08:03 Fix argument list for ber_set_writecallback OK claudio@
39b98972 2019-08-14 17:36:04 wonky comma;
c32b9c34 2019-08-14 17:21:42 Document that ber_scanf_elements' 'p' and 't' attribute don't eat the current ber element. OK claudio@ Seems sensible to deraadt@
2e9eee5b 2019-08-14 17:20:41 Make ber_scanf_elements's 'e' attribute eat the element. Right now all consumers use 'e' at the end of the list, so no regressions should be introduced. OK claudio@ Seems sensible to deraadt@
497d37e3 2019-08-14 04:48:13 Make sure that ber in ber_scanf_elements is not NULL before parsing format where ber is utilized. This also allows us to remove the ber->be_next check, which can cause weird behaviour, because a NULL be_next would result in parsing the last element twice. OK claudio@ on previous version OK rob@
f6a2c1a0 2019-08-05 12:38:14 Don't use a 0 element to determine the end of an OID when comparing two OIDS. This can result in false equality matches. OK claudio@
a93a062f 2019-08-05 12:30:50 There's no reason why the first digit of an OID can't be 0. OK claudio@ "Good find" deraadt@
515e489c 2019-07-03 03:24:01 snprintf/vsnprintf return < 0 on error, rather than -1.
80e53f5b 2019-06-28 14:20:40 Actually, the C standard only guarantees that atexit(3) returns non-zero on error, so tweak previous to test "atexit(...) != 0" for portability. "OK ok ok sorry backwards" deraadt@
df69c215 2019-06-28 13:32:41 When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
abcdd362 2019-06-28 05:33:35 atexit() returns -1 on failure
260378df 2019-06-01 19:40:05 Limit maximum number of length octets to platform independent sizeof(int32_t). Problem noticed by bluhm@. Discussed on hackers. ok claudio@
285652d4 2019-05-21 13:29:44 whitespace
8ee14a61 2019-05-21 12:30:07 Cleanup some residual markup from the ber.3 days. ok jmc@, schwarze@
2c903577 2019-05-17 14:40:59 add various missing information and remove the lie that these functions would set errno; tweaks and OK jmc@; OK rob@ on the previous version
ff8cfb38 2019-05-16 21:12:33 Add XXX to a comment.
97f38bf2 2019-05-16 17:39:21 Correct errno markup. Noticed by schwarze. Discussed with schwarze and jmc. ok schwarze
0ee0a805 2019-05-15 18:42:30 sort SEE ALSO;
a8bdd790 2019-05-15 18:25:29 add substantial amounts of missing information; OK rob@
caa7014e 2019-05-15 18:18:21 Consistently make errno a .Vt
c7ddfa02 2019-05-15 09:49:32 delete some duplicate words
1376e1c0 2019-05-15 03:11:52 Split ber.3 into logical parts. Further tweaking will be done in tree. Discussed with and ok jmc@, schwarze@, claudio@
d1325eac 2019-05-12 20:25:10 Enable support for the writting of BITSTRING by treating it as an OCTETSTRING. ok claudio@
b0a6858b 2019-05-12 20:13:08 Enforce smallest number of contents octets for int (and enum). ok claudio@
ab9737ba 2019-05-12 19:29:41 Mention #include of <sys/types.h> in synopsis. Discussed with claudio@ and tedu@.
e26852eb 2019-05-12 18:11:51 Fail early if a (universal) primitive type identifies as constructed, or if a boolean has a contents length other than 1. ok claudio@
9248c219 2019-05-12 17:50:32 Enforce minimal number of octets for tag > 30. "sure" claudio@
4880bb40 2019-05-12 17:42:14 In long form encoding, explicitly prohibit an initial length octet of 0xff which is reserved for future use. ok claudio@
d4b95dc4 2019-05-11 17:46:02 The BER API is currently used by ldap, ldapd, ldapctl, ypldap, snmpd, and snmpctl. Separate copies of ber.[ch] have existed and been maintained in sync in ldap, ldapd, ypldap and snmpd. This commit moves the BER API into /usr/lib/libutil. All current consumers already link libutil. ldapd and snmpd regress passes, and release builds. With help from tb@ and guenther@. ok deraadt@, tb@
301058f1 2019-04-23 18:13:11 missing dots after ".%P pp"; the case of btree(3) was reported by Fabio Scotoni <fabio at esse dot ch>; also garbage collect one .Tn while here
bf198cc6 2019-01-25 00:19:25 I am retiring my old email address; replace it with my OpenBSD one.
b13109f3 2019-01-20 02:50:03 Change imsg header definitions to use standard types. ok deraadt@ claudio@
7ab3d2e1 2019-01-14 23:52:06 Calling llabs(LLONG_MIN) is undefined behavior, llvm 7.0.1 does not work with our old code. In fmt_scaled() move the check before calling llabs(). found by regress/lib/libutil/fmt_scaled; OK deraadt@ millert@ tedu@
a6f4f68a 2018-09-26 09:22:52 explicitly mention local processes; from geoff hill ok nicm
55adf1d4 2018-08-10 17:03:26 delete volatile intended to silence whiny old compilers around vfork. This variable is only used in the parent context so there is no issue. ok kettenis
9729467d 2018-05-14 04:39:04 constrain fractional part to [0-9] (less confusing to static analysis); ok ian@
08c753b7 2018-02-16 07:42:07 Fix function argument names, from Abel Abraham Camarillo Ojeda via jmc@.
aaeccf36 2018-01-12 04:36:44 Adjust references for sysctl(3) to sysctl(2)
8c897735 2017-12-14 09:27:44 Make a few internal symbols static and add a Symbols.map version script to control which symbols are exported from the shared library. ok guenther@, deraadt@, jca@
69cc8ae2 2017-12-06 12:07:08 It's the imsg_compose(3) who accepts 'fd' argument, not imsg_create(3).
27f2d348 2017-05-03 15:49:10 spacing (in EXAMPLES code)
57f7e8ae 2017-04-20 19:30:42 add previous to NAME;
c2a62bf3 2017-04-20 17:48:30 Add getptmfd(), fdopenpty(), fdforkpty() functions. These allow programs to separate the open(/dev/ptm) from the ioctl(PTMGET) for privilege separation or pledge(). Based on a diff from reyk@. ok deraadt millert
1b660a29 2017-04-18 04:06:21 use freezero() instead of explicit_bzero+free
f00211be 2017-04-11 09:57:19 Use freezero(3) for the imsg framework in imsg_free(3) and ibuf_free(3). In our privsep model, imsg is often used to transport sensitive information between processes. But a process might free an imsg, and reuse the memory for a different thing. iked uses some explicit_bzero() to clean imsg-buffer but doing it in the library with the freezero() is less error-prone and also benefits other daemons. OK deraadt@ jsing@ claudio@
303db1f0 2017-03-24 09:34:12 Use C99 types (uint32_t) instead of BSD (u_int32_t) - the former are more portable. Add stdint.h to the headers in imsg_init(3). No objections from millert@.
c6a25008 2017-03-17 14:51:26 Grow buffers using recallocarray, to avoid the potential dribble that the standard realloc*() functions can leave behind. imsg buffers are sometimes used in protocol stacks which require some secrecy, and layering violations would be needed to resolve this issue otherwise. Discussed with many.
131c0d40 2017-03-16 02:40:46 Fix overly-conservative overflow checks on mulitplications and add checks on additions. This allows scan_scaled to work up to +/-LLONG_MAX (LLONG_MIN will still be flagged as a range error). ok millert@
85e15f6f 2017-03-15 05:25:56 Collapse underflow and overflow checks into a single block. ok djm@ millert@
ab2f1879 2017-03-15 00:13:18 Catch integer underflow in scan_scaled reported by Nicolas Iooss. ok deraadt@ djm@
73ae9844 2017-03-11 23:37:23 fix signed integer overflow in scan_scaled. Found by Nicolas Iooss using AFL against ssh_config. ok deraadt@ millert@
9b2788cc 2016-10-15 12:33:22 zap trailing whitespace;
a0a7f51d 2016-10-10 17:15:30 Fixup the example for msgbuf_write() and imsg_read() to check the error cases for -1 and 0 explicitly (it initially only checked for -1, I updated it to also check for 0, and rzalamena@ figured out that 0 has to be checked in a differently). OK millert@ rzalamena@
da975fa8 2016-08-30 14:52:09 Use a constant format string and output the variable part with %s ok krw@ millert@
478ad52b 2016-08-30 14:44:45 Use O_CLOEXEC when opening fds local to a function ok jca@ krw@
07c8d458 2016-08-27 03:54:20 Pull in <stdio.h> for NULL ok deraadt@
765b8f74 2016-08-14 14:57:15 Refer to /etc/passwd consistently as the "legacy password file" and remove some references to differences between versions 6 and 7. ok jmc, millert, tedu
51914d64 2016-07-16 16:10:44 Fix example: long long should be print with %lld
fca11a50 2016-05-18 00:58:40 Remove obsolete caveat. OK deraadt@
faa33665 2016-03-30 06:38:40 for some time now mandoc has not required MLINKS to function correctly - logically complete that now by removing MLINKS from base; authors need only to ensure there is an entry in NAME for any function/ util being added. MLINKS will still work, and remain for perl to ease upgrades; ok nicm (curses) bcook (ssl) ok schwarze, who provided a lot of feedback and assistance ok tb natano jung
e81f2c1b 2015-12-29 18:05:23 mention that ibuf_free() does not need a NULL check.
fc0d8634 2015-12-29 18:05:01 check for NULL in ibuf_free(). ok and slight improvement, mmcco@ ok semarie@ and encouragement tedu@ krw@
27c829c3 2015-12-28 20:11:36 Switch login(3) from lseek+read/write to pread/pwrite and only do the pread() if the data is needed. Use O_CLOEXEC on the internal fd as MT paranoia. Fix cast in offset calculation; delete register keyword; prefer memset() over bzero() ok millert@
44baa17f 2015-12-09 11:54:12 Add a cast to silence a compiler warning by clang on FreeBSD. From Craig Rodrigues. ok tedu@
c647c61c 2015-12-05 13:06:52 Do not loop on EAGAIN in imsg_read(). Better to return the error to the caller and let him do another poll loop. This fixes spinning relayd processes seen on busy TLS relays. OK benno@ henning@
18e2b3b1 2015-11-27 01:57:59 Remove three NULL-checks before free(). ok millert@
1e50994a 2015-11-26 23:32:52 Use the backchannel for all error messages instead of syslog(3). OK deraadt@ beck@
f24baa2d 2015-11-11 01:12:09 creat() -> open equiv; from Frederic Nowak