Branch :
| Author | Commit | Date | CI | Message |
|---|---|---|---|---|
| 8455d632 | 2021-10-31 16:42:32 | bump major after struct size change | ||
| 48b76637 | 2021-10-31 16:42:08 | Bump BER_MAX_OID_LEN to 128 From martijn, discussed with claudio, ok sthen | ||
| b7041c07 | 2021-10-24 21:24:15 | For open/openat, if the flags parameter does not contain O_CREAT, the 3rd (variadic) mode_t parameter is irrelevant. Many developers in the past have passed mode_t (0, 044, 0644, or such), which might lead future people to copy this broken idiom, and perhaps even believe this parameter has some meaning or implication or application. Delete them all. This comes out of a conversation where tb@ noticed that a strange (but intentional) pledge behaviour is to always knock-out high-bits from mode_t on a number of system calls as a safety factor, and his bewilderment that this appeared to be happening against valid modes (at least visually), but no sorry, they are all irrelevant junk. They could all be 0xdeafbeef. ok millert | ||
| 893ac8ce | 2021-10-21 08:17:33 | Sync ober_oid_cmp with ax_oid_cmp from libagentx. This flips the returned signedness and adds the weight of 2 for parent-child relationship in both direction. This makes ober_oid_cmp consistent with the rest of the *_cmp based functions. OK tb@ | ||
| 62cb8703 | 2021-08-29 19:00:20 | fix an obvious mixup regarding the order of lines in the SYNOPSIS, and an omission below HISTORY | ||
| 63beb567 | 2021-08-29 13:27:11 | Add ober_dup. Needed for upcoming SNMPv3 support for trap receiver in snmpd(8). OK jmatthew@ OK deraadt@ for bumping libutil now. | ||
| f4be339c | 2021-06-20 14:08:42 | scan_scaled: fix rescaling for negative numbers As found by djm by fuzzing ssh, scan_scaled can overflow for negative numbers when rescaling is needed. This is because the rescaled fractional part is added without taking the sign into account. ok ian jca | ||
| f0a07bbb | 2021-03-31 19:31:35 | tweak column widths of a .Bl -column table and avoid an over-long source line while here; OK martijn@ jmc@ | ||
| 2325ad59 | 2021-03-31 17:42:24 | change the barrier so that fd's are always passed and received with the first byte of the imsg they belong to. idea, tweaks and ok claudio@ | ||
| afa7f157 | 2021-03-12 07:24:49 | fix previous | ||
| c5d247d8 | 2021-03-12 05:18:00 | spelling | ||
| 7af96dc2 | 2021-03-05 07:34:46 | Stop abusing display blocks under the authors section in order to respect literal line breaks. This has the unwanted side effect of rendering the authors section using a monospace font over at man.openbsd.org. Instead use br macros to force line breaks. With help from and ok jmc@ | ||
| 4e0a17bc | 2021-03-03 20:15:54 | s/byte/character Discussed with claudio@ Feedback jmc@ | ||
| 561e0011 | 2021-02-22 17:15:02 | Make the ober_get_* set of function to accept a NULL-pointer. This allows us to do ber-type checking inside ober_scanf_elements, which will allow for stricter ASN.1 parsing in the future. Manpage feedback and OK claudio@, jmc@ OK claudio@ | ||
| b8d19846 | 2021-01-28 19:56:33 | Add '$' to ober_scanf_elements(). This allows us to enforce end of sequence/set without having to manually check be_next for NULL. No lib bump needed according to millert@ OK millert@ rob@ | ||
| f273e380 | 2021-01-22 18:27:52 | Gracefully handle any erroneous closing bracket/brace trailers in ober_scanf_elements(). OK martijn@ | ||
| 68ec4783 | 2021-01-22 03:20:56 | Valid integer and enumerated types always have non-zero length. Perform check to ensure we avoid a possible (undefined) negative shift. Found with clang static analyzer. Tweaked and OK martijn@ | ||
| 692fa786 | 2021-01-13 09:56:28 | Make imsg.h a bit more self-contained by prototyping struct iovec. OK martijn@ mvs@ deraadt@ | ||
| 8f6effc9 | 2020-12-15 13:40:22 | typo fix from aisha tammy; ok nicm | ||
| 00183df2 | 2020-10-16 09:29:04 | double word fixes; from varik valefor | ||
| 87afc19e | 2020-10-12 22:08:32 | make fixed-sized fixed-value mib[] arrays be const ok guenther tb millert | ||
| 7c0d3159 | 2020-09-04 06:17:57 | Create ERRORS section for ober_read_elements. Tweaks and OK tb@ OK jmc@ | ||
| 00f4a9fb | 2020-09-03 19:09:57 | Missed one case of errno not being set in previous. double check and OK tb@ | ||
| 1f7940ee | 2020-09-03 17:01:15 | Make sure ober_read_elements sets errno on every case where NULL is returned. OK deraadt@ tb@ | ||
| 278b6199 | 2020-08-02 18:35:48 | Squelch warning by using idiom from libc bcrypt(3) Clang 10 warns about the expression sizeof(cdata) / sizeof(uint64_t) as cdata is an array of uint32_t and it expects that the intent of this is to compute the number of array elements. Use BCRYPT_WORDS / 2 instead. Same diff as millert's commit sys/lib/libsa/bcrypt_pbkdf.c -r1.2, which was ok kettenis. deraadt confirms that this satisfies clang 10. | ||
| f8994d87 | 2019-12-31 10:34:14 | Increase BER_MAX_OID_LEN from 32 to 64. Not every snmp OID found in the wild fits inside 32 elements, like UsmUserEntry objects. OK rob@, claudio@ | ||
| 4bc7f070 | 2019-11-21 16:13:39 | zero tmpout too. reminded by related diff from tim | ||
| 0912caf5 | 2019-11-21 16:07:24 | overwrite the key in failure modes in case the caller doesn't check. ok deraadt | ||
| 11ff2ca8 | 2019-10-25 04:00:10 | Adjust whitespace, so Ta macros are aligned vertically as already done in ober_add_string.3 and as it was before the ber -> ober rename. | ||
| 696b5899 | 2019-10-24 12:39:26 | The ber_* namespace is used by liblber since time immemorial, so move our BER API to the unused ober_* prefix to avoid some breakage in ports. Problem diagnosed by jmatthew with ber_free() in samba, but there are many others as pointed out by sthen. tests & ok rob ok sthen (who had an almost identical diff for libutil) "go head hit it" deraadt | ||
| 44946945 | 2019-08-30 03:57:56 | uucplock(3) is incorrectly named in some places, it is actually uu_lock(3) (more unclear is if anything in ports uses this, as our base no longer does) | ||
| 2b859d28 | 2019-08-15 06:11:18 | Revert previous. There were some users of the quirky behaviour that were missed during code scan. | ||
| 5cb64af1 | 2019-08-14 19:08:03 | Fix argument list for ber_set_writecallback OK claudio@ | ||
| 39b98972 | 2019-08-14 17:36:04 | wonky comma; | ||
| c32b9c34 | 2019-08-14 17:21:42 | Document that ber_scanf_elements' 'p' and 't' attribute don't eat the current ber element. OK claudio@ Seems sensible to deraadt@ | ||
| 2e9eee5b | 2019-08-14 17:20:41 | Make ber_scanf_elements's 'e' attribute eat the element. Right now all consumers use 'e' at the end of the list, so no regressions should be introduced. OK claudio@ Seems sensible to deraadt@ | ||
| 497d37e3 | 2019-08-14 04:48:13 | Make sure that ber in ber_scanf_elements is not NULL before parsing format where ber is utilized. This also allows us to remove the ber->be_next check, which can cause weird behaviour, because a NULL be_next would result in parsing the last element twice. OK claudio@ on previous version OK rob@ | ||
| f6a2c1a0 | 2019-08-05 12:38:14 | Don't use a 0 element to determine the end of an OID when comparing two OIDS. This can result in false equality matches. OK claudio@ | ||
| a93a062f | 2019-08-05 12:30:50 | There's no reason why the first digit of an OID can't be 0. OK claudio@ "Good find" deraadt@ | ||
| 515e489c | 2019-07-03 03:24:01 | snprintf/vsnprintf return < 0 on error, rather than -1. | ||
| 80e53f5b | 2019-06-28 14:20:40 | Actually, the C standard only guarantees that atexit(3) returns non-zero on error, so tweak previous to test "atexit(...) != 0" for portability. "OK ok ok sorry backwards" deraadt@ | ||
| df69c215 | 2019-06-28 13:32:41 | When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future. | ||
| abcdd362 | 2019-06-28 05:33:35 | atexit() returns -1 on failure | ||
| 260378df | 2019-06-01 19:40:05 | Limit maximum number of length octets to platform independent sizeof(int32_t). Problem noticed by bluhm@. Discussed on hackers. ok claudio@ | ||
| 285652d4 | 2019-05-21 13:29:44 | whitespace | ||
| 8ee14a61 | 2019-05-21 12:30:07 | Cleanup some residual markup from the ber.3 days. ok jmc@, schwarze@ | ||
| 2c903577 | 2019-05-17 14:40:59 | add various missing information and remove the lie that these functions would set errno; tweaks and OK jmc@; OK rob@ on the previous version | ||
| ff8cfb38 | 2019-05-16 21:12:33 | Add XXX to a comment. | ||
| 97f38bf2 | 2019-05-16 17:39:21 | Correct errno markup. Noticed by schwarze. Discussed with schwarze and jmc. ok schwarze | ||
| 0ee0a805 | 2019-05-15 18:42:30 | sort SEE ALSO; | ||
| a8bdd790 | 2019-05-15 18:25:29 | add substantial amounts of missing information; OK rob@ | ||
| caa7014e | 2019-05-15 18:18:21 | Consistently make errno a .Vt | ||
| c7ddfa02 | 2019-05-15 09:49:32 | delete some duplicate words | ||
| 1376e1c0 | 2019-05-15 03:11:52 | Split ber.3 into logical parts. Further tweaking will be done in tree. Discussed with and ok jmc@, schwarze@, claudio@ | ||
| d1325eac | 2019-05-12 20:25:10 | Enable support for the writting of BITSTRING by treating it as an OCTETSTRING. ok claudio@ | ||
| b0a6858b | 2019-05-12 20:13:08 | Enforce smallest number of contents octets for int (and enum). ok claudio@ | ||
| ab9737ba | 2019-05-12 19:29:41 | Mention #include of <sys/types.h> in synopsis. Discussed with claudio@ and tedu@. | ||
| e26852eb | 2019-05-12 18:11:51 | Fail early if a (universal) primitive type identifies as constructed, or if a boolean has a contents length other than 1. ok claudio@ | ||
| 9248c219 | 2019-05-12 17:50:32 | Enforce minimal number of octets for tag > 30. "sure" claudio@ | ||
| 4880bb40 | 2019-05-12 17:42:14 | In long form encoding, explicitly prohibit an initial length octet of 0xff which is reserved for future use. ok claudio@ | ||
| d4b95dc4 | 2019-05-11 17:46:02 | The BER API is currently used by ldap, ldapd, ldapctl, ypldap, snmpd, and snmpctl. Separate copies of ber.[ch] have existed and been maintained in sync in ldap, ldapd, ypldap and snmpd. This commit moves the BER API into /usr/lib/libutil. All current consumers already link libutil. ldapd and snmpd regress passes, and release builds. With help from tb@ and guenther@. ok deraadt@, tb@ | ||
| 301058f1 | 2019-04-23 18:13:11 | missing dots after ".%P pp"; the case of btree(3) was reported by Fabio Scotoni <fabio at esse dot ch>; also garbage collect one .Tn while here | ||
| bf198cc6 | 2019-01-25 00:19:25 | I am retiring my old email address; replace it with my OpenBSD one. | ||
| b13109f3 | 2019-01-20 02:50:03 | Change imsg header definitions to use standard types. ok deraadt@ claudio@ | ||
| 7ab3d2e1 | 2019-01-14 23:52:06 | Calling llabs(LLONG_MIN) is undefined behavior, llvm 7.0.1 does not work with our old code. In fmt_scaled() move the check before calling llabs(). found by regress/lib/libutil/fmt_scaled; OK deraadt@ millert@ tedu@ | ||
| a6f4f68a | 2018-09-26 09:22:52 | explicitly mention local processes; from geoff hill ok nicm | ||
| 55adf1d4 | 2018-08-10 17:03:26 | delete volatile intended to silence whiny old compilers around vfork. This variable is only used in the parent context so there is no issue. ok kettenis | ||
| 9729467d | 2018-05-14 04:39:04 | constrain fractional part to [0-9] (less confusing to static analysis); ok ian@ | ||
| 08c753b7 | 2018-02-16 07:42:07 | Fix function argument names, from Abel Abraham Camarillo Ojeda via jmc@. | ||
| aaeccf36 | 2018-01-12 04:36:44 | Adjust references for sysctl(3) to sysctl(2) | ||
| 8c897735 | 2017-12-14 09:27:44 | Make a few internal symbols static and add a Symbols.map version script to control which symbols are exported from the shared library. ok guenther@, deraadt@, jca@ | ||
| 69cc8ae2 | 2017-12-06 12:07:08 | It's the imsg_compose(3) who accepts 'fd' argument, not imsg_create(3). | ||
| 27f2d348 | 2017-05-03 15:49:10 | spacing (in EXAMPLES code) | ||
| 57f7e8ae | 2017-04-20 19:30:42 | add previous to NAME; | ||
| c2a62bf3 | 2017-04-20 17:48:30 | Add getptmfd(), fdopenpty(), fdforkpty() functions. These allow programs to separate the open(/dev/ptm) from the ioctl(PTMGET) for privilege separation or pledge(). Based on a diff from reyk@. ok deraadt millert | ||
| 1b660a29 | 2017-04-18 04:06:21 | use freezero() instead of explicit_bzero+free | ||
| f00211be | 2017-04-11 09:57:19 | Use freezero(3) for the imsg framework in imsg_free(3) and ibuf_free(3). In our privsep model, imsg is often used to transport sensitive information between processes. But a process might free an imsg, and reuse the memory for a different thing. iked uses some explicit_bzero() to clean imsg-buffer but doing it in the library with the freezero() is less error-prone and also benefits other daemons. OK deraadt@ jsing@ claudio@ | ||
| 303db1f0 | 2017-03-24 09:34:12 | Use C99 types (uint32_t) instead of BSD (u_int32_t) - the former are more portable. Add stdint.h to the headers in imsg_init(3). No objections from millert@. | ||
| c6a25008 | 2017-03-17 14:51:26 | Grow buffers using recallocarray, to avoid the potential dribble that the standard realloc*() functions can leave behind. imsg buffers are sometimes used in protocol stacks which require some secrecy, and layering violations would be needed to resolve this issue otherwise. Discussed with many. | ||
| 131c0d40 | 2017-03-16 02:40:46 | Fix overly-conservative overflow checks on mulitplications and add checks on additions. This allows scan_scaled to work up to +/-LLONG_MAX (LLONG_MIN will still be flagged as a range error). ok millert@ | ||
| 85e15f6f | 2017-03-15 05:25:56 | Collapse underflow and overflow checks into a single block. ok djm@ millert@ | ||
| ab2f1879 | 2017-03-15 00:13:18 | Catch integer underflow in scan_scaled reported by Nicolas Iooss. ok deraadt@ djm@ | ||
| 73ae9844 | 2017-03-11 23:37:23 | fix signed integer overflow in scan_scaled. Found by Nicolas Iooss using AFL against ssh_config. ok deraadt@ millert@ | ||
| 9b2788cc | 2016-10-15 12:33:22 | zap trailing whitespace; | ||
| a0a7f51d | 2016-10-10 17:15:30 | Fixup the example for msgbuf_write() and imsg_read() to check the error cases for -1 and 0 explicitly (it initially only checked for -1, I updated it to also check for 0, and rzalamena@ figured out that 0 has to be checked in a differently). OK millert@ rzalamena@ | ||
| da975fa8 | 2016-08-30 14:52:09 | Use a constant format string and output the variable part with %s ok krw@ millert@ | ||
| 478ad52b | 2016-08-30 14:44:45 | Use O_CLOEXEC when opening fds local to a function ok jca@ krw@ | ||
| 07c8d458 | 2016-08-27 03:54:20 | Pull in <stdio.h> for NULL ok deraadt@ | ||
| 765b8f74 | 2016-08-14 14:57:15 | Refer to /etc/passwd consistently as the "legacy password file" and remove some references to differences between versions 6 and 7. ok jmc, millert, tedu | ||
| 51914d64 | 2016-07-16 16:10:44 | Fix example: long long should be print with %lld | ||
| fca11a50 | 2016-05-18 00:58:40 | Remove obsolete caveat. OK deraadt@ | ||
| faa33665 | 2016-03-30 06:38:40 | for some time now mandoc has not required MLINKS to function correctly - logically complete that now by removing MLINKS from base; authors need only to ensure there is an entry in NAME for any function/ util being added. MLINKS will still work, and remain for perl to ease upgrades; ok nicm (curses) bcook (ssl) ok schwarze, who provided a lot of feedback and assistance ok tb natano jung | ||
| e81f2c1b | 2015-12-29 18:05:23 | mention that ibuf_free() does not need a NULL check. | ||
| fc0d8634 | 2015-12-29 18:05:01 | check for NULL in ibuf_free(). ok and slight improvement, mmcco@ ok semarie@ and encouragement tedu@ krw@ | ||
| 27c829c3 | 2015-12-28 20:11:36 | Switch login(3) from lseek+read/write to pread/pwrite and only do the pread() if the data is needed. Use O_CLOEXEC on the internal fd as MT paranoia. Fix cast in offset calculation; delete register keyword; prefer memset() over bzero() ok millert@ | ||
| 44baa17f | 2015-12-09 11:54:12 | Add a cast to silence a compiler warning by clang on FreeBSD. From Craig Rodrigues. ok tedu@ | ||
| c647c61c | 2015-12-05 13:06:52 | Do not loop on EAGAIN in imsg_read(). Better to return the error to the caller and let him do another poll loop. This fixes spinning relayd processes seen on busy TLS relays. OK benno@ henning@ | ||
| 18e2b3b1 | 2015-11-27 01:57:59 | Remove three NULL-checks before free(). ok millert@ | ||
| 1e50994a | 2015-11-26 23:32:52 | Use the backchannel for all error messages instead of syslog(3). OK deraadt@ beck@ | ||
| f24baa2d | 2015-11-11 01:12:09 | creat() -> open equiv; from Frederic Nowak |