IABSD.fr/src/lib

Branch :


Log

Author Commit Date CI Message
09eb601a 2023-01-08 04:54:50 Add getthrname(2) manpage ok jmc@ schwarze@
a11cae13 2023-01-07 16:17:29 Rewrite/simplify BN_free(). ok tb@
f949966c 2023-01-07 16:13:46 Flip BN_clear_free() and BN_free() All of our BIGNUMs are cleared when we free them - move the code to BN_free() and have BN_clear_free() call BN_free(), rather than the other way around. ok tb@
0d1c5e62 2023-01-07 16:09:18 Use calloc() in BN_new(), rather than malloc() and then manually zeroing. ok tb@
cef5a146 2023-01-07 05:24:58 Add {get,set}thrname(2) for putting thread names in the kernel and exposed in a new field returned by sysctl(KERN_PROC). Update pthread_{get,set}_name_np(3) to use the syscalls. Show them, when set, in ps -H and top -H output. libc and libpthread minor bumps ok mpi@, mvs@, deraadt@
14a120fb 2023-01-05 04:51:13 Rewrite BN_rshift() This improves readability and eliminates special handling for various cases, making the code cleaner and closer to constant time. Basic benchmarking shows a performance gain on modern 64 bit architectures, while there is a decrease on legacy 32 bit architectures (i386), particularly for the zero bit shift case (which is now handled in the same code path). ok tb@
893695ce 2023-01-04 13:00:11 Christos Zoulas agreed to rescind clause 3 and 4 in NetBSD fsck.8 rev 1.35 fsutil.h rev 1.14 pathnames.h rev 1.2 netgroup_mkdb.8 rev 1.9 netgroup_mkdb.c rev 1.18 str.c rev 1.7 str.h rev 1.4 rdate.8 rev 1.11 rdate.c rev 1.19 extern.h rev 1.14 getnetgrent.c rev 1.41 netgroup.h rev 1.10 fparseln.3 rev 1.4 fparseln.c rev 1.10 our stringlist.c/stringlist.h are derived from getnetgrent.c rfc868time.c from rdate.c newfs/pathnames.h from fsck/pathnames.h https://mail-index.netbsd.org/source-changes/2009/10/21/msg002182.html Not all files are covered as some had copyright assigned to TNF in 1998.
108b671b 2023-01-04 10:59:34 Leo Weppelman agreed to rescind clause 3 and 4 in NetBSD kvm_dump.3 rev 1.15 kcore.h rev 1.3 https://mail-index.netbsd.org/source-changes/2009/10/20/msg002169.html
033eadae 2023-01-01 16:58:23 Add explicit LL suffixes to large constants to appease some compilers on 32-bit platforms; NFCI ok tb@
63820b0f 2022-12-31 03:36:12 crank libfido2 major version, it depends on libcbor and it just cranked. ok tb@
4dcc46c4 2022-12-31 03:35:21 update to upstream libcbor v.0.10.0 and crank major. Also includes e308674c5d to fix PR259. This release includes a number of memory leak fixes. Disable the upsteam custom allocators feature. Feedback/ok tb@ Thanks also to Pedro Martelletto for pointing out the new release as well as PR259.
4970e247 2022-12-30 23:12:12 add history for getpid(2) and getppid(2) getpid() appeared (undocumented) in v5. Between v6 and v7 there is an extra return value for the parent process ID. getppid() did not appear in v7, it appeared in 32v libc. But getppid() predates 32v. It seems to have been in earlier USG releases such as Generic 3 (PG-1C300 Issue 3) as the MERT Release 0 manual references it. getppid() didn't become a system call until 4.3BSD-Reno omit most of these details and just mention v5 and 32v with and ok schwarze@
6c9d614b 2022-12-30 21:21:25 pause.3: miscellaneous rewrites, cleanup Eliminate some redundant or extraneous pieces from the pause.3 page. Say the "thread" "blocks", don't say the "process" "pauses". No need to enumerate the ways a signal can be delivered. Add a few relevant cross-references. With input from millert@ and schwarze@. Link: https://marc.info/?l=openbsd-tech&m=166801212316670&w=2 ok millert@ schwarze@
c6206b64 2022-12-29 14:56:48 HISTORY: clarify that unmount(2) used to be called umount(2) from v1 to Tahoe; joint work with and OK jsg@
cc650db0 2022-12-29 05:00:12 profil(2) first appeared in fifth edition tuhs/Distributions/Research/Dennis_v4/v4man.tar.gz has manx/profil.2 but no man2/profil.2 the nsys sysent.c has '&nullsys, /* 44 = prof */' https://minnie.tuhs.org/cgi-bin/utree.pl?file=V4/nsys/ken/sysent.c profil(2) is first listed as v5 in the Combined Tables of Contents from McIlroy's A Research UNIX Reader. https://marc.info/?l=tuhs&m=158099986005023&w=2 and is present in tuhs/Distributions/Research/Dennis_v5/v5man.pdf ok schwarze@
7f063f20 2022-12-29 02:12:41 fcntl(2) first appeared in System III ok schwarze@
388ee0bd 2022-12-28 07:59:13 succcess -> success
949b353c 2022-12-27 23:05:55 spelling fixes; from paul tagliamonte ok nicm
e70a8168 2022-12-27 17:31:09 Change the way malloc_init() works so that the main data structures can be made immutable to provide extra protection. Also init pools on-demand: only pools that are actually used are initialized. Tested by many
87ef6183 2022-12-27 17:13:04 Revert spelling fixes. Please report them upstream.
2c53affb 2022-12-27 17:10:05 spelling fixes; from paul tagliamonte any changes not taken noted on tech, but chiefly here i did not take the cancelation - cancellation changes;
53971c37 2022-12-26 16:00:36 Prepare to provide X509_CRL_get0_sigalg() This is an obvious omission from the OpenSSL 1.1 and OpenSSL 3 API which does not provide a way to access the tbs sigalg of a CRL. This is needed in security/pivy. From Alex Wilson ok jsing
d00d8798 2022-12-26 10:54:47 fix another typo in comment in a line touched by the last commit (this one wouldn't have triggered a spell checker though)
40ca958b 2022-12-26 07:31:44 spelling fixes; from paul tagliamonte ok tb
71743258 2022-12-26 07:18:50 spelling fixes; from paul tagliamonte i removed the arithmetics -> arithmetic changes, as i felt they were not clearly correct ok tb
f06b843a 2022-12-24 10:50:40 Build libc with executable-only .text on arm64. ok deraadt@
025eba8f 2022-12-24 10:49:19 Don't use a literal pool in .text to load the setjmp magic value as this is incompatible with executable-only code. ok deraadt@, guenther@
ff25319c 2022-12-24 10:47:22 Use the correct instruction to clear the frame pointer. ok guenther@, deraadt@
ae3e02d6 2022-12-24 07:12:09 Zap trailing whitespace in license and add some empty lines
c3b5c70f 2022-12-23 23:23:02 Add the missing Copyright and license headers in the libcrypto/comp directory. Requested some time ago by tb@. According to OpenSSL git history, the original version of this code appeared in SSLeay 0.9.1b (July 6, 1998). The LICENSE file in that release states that the Copyright of SSLeay belongs to Eric Young, and we believe that Eric still maintained SSLeay himself at that time. We have seen a small number of examples where Eric credited outside contributors for code that he included in his distribution, including citing Copyright notices and license headers as appropriate. We found no such hints regarding this code, so it is reasonable to assume that he wrote this code himself. Regarding subsequent changes and additions, i inspected the OpenSSL git repository. No code change; only Copyright and license comments are added.
b76794fb 2022-12-23 17:52:32 Document the deprecated wrappers BIO_set_app_data(3) and BIO_get_app_data(3). Some code roams the wild still calling them.
62cec4ff 2022-12-23 17:27:53 Mark BIO_buffer_get_num_lines(3) as intentionally undocumented. Contrary to what bio.h says, it does not *not* retrieve some "IO type", whatever that is supposed to be, but it is a NOOP, and nothing uses it. Despite its name, it is unrelated to BIO_f_buffer(3), and please be careful to not confuse it with BIO_get_buffer_num_lines(3).
9f71e853 2022-12-23 16:59:39 Mark BIO_f_nbio_test(3) as intentionally undocumented. It exposes absurd functionality, and according to codesearch.debian.net, it is unused except in openssl(1) s_client/s_server -nbio_test.
33dd5991 2022-12-23 15:59:34 new manual page BIO_s_datagram(3); feedback and OK tb@
b0242bda 2022-12-23 03:15:35 Simplify BN_cmp() and BN_ucmp(). The only real difference between BN_cmp() and BN_ucmp() is that one has to respect the sign of the BN (although BN_cmp() also gets to deal with some insanity from accepting NULLs). Rewrite/cleanup BN_ucmp() and turn BN_cmp() into code that handles differences in sign, before calling BN_ucmp(). ok tb@
bcc93ea7 2022-12-23 02:31:56 Consistently check for NULL early. Also be more consistent with variable naming. ok tb@
7218a23d 2022-12-23 02:27:47 Fix an unchecked strdup() in UI_create_method(). ok tb@
d533e99e 2022-12-23 02:26:16 Make UI_destroy_method() NULL safe. ok tb@
50779922 2022-12-23 02:22:58 Remove unhelpful comment. Remove a comment that tells you not to call a function that internally calls free, with a stack allocated pointer... ok tb@
fdc4606f 2022-12-23 02:20:28 Remove compatibility "glue" for des_read_pw{_string}() Nothing can be actually using these as the symbols are not exported from libcrypto... hopefully ui_compat.h can also go away entirely. ok tb@
7ee7571b 2022-12-22 21:05:48 new manual page BIO_accept(3)
4941afce 2022-12-22 20:13:45 in case of failure, always report the error with BIOerror(); OK tb@
1678ab6a 2022-12-22 16:38:45 Mark BIO_s_log(3) as intentionally undocumented. Ben Laurie invented the system logging BIO in 1999 and yet, nothing whatsoever uses it according to codesearch.debian.net. Besides, it is poorly designed and a crypto library is absolutely not the place for putting a clumsy system logging facility. Not everything needs to be a BIO!
1004d7a7 2022-12-21 15:08:37 Mark BIO_nread0(3), BIO_nread(3), BIO_nwrite0(3), and BIO_nwrite(3) as intentionally undocumented. Bodo Moeller invented this "non-copying I/O" API in 1999, but according to codesearch.debian.net, it is still completely unused by anything. On top of that, it appears to be inflexible in so far as it only supports BIO pairs and no other BIO types and fragile in so far as it exposes pointers to internal storage and runs contrary to expectations of how BIO objects are supposed to work.
a8920b3a 2022-12-20 17:59:29 add a missing .Vt macro; from Josiah Frentsos <jfrent at tilde dot team>
ca55e5ba 2022-12-20 15:34:03 Mark BIO_dump_cb(3) and BIO_dump_indent_cb(3) as intentionally undocumented. It appears Richard Levitte succumbed to everything-needs-a-callback-paranoia in 2004, but nobody is going to be surprised that nothing whatsoever wants to use this particular callback, according to codesearch.debian.net.
bbae9136 2022-12-20 14:55:45 document BIO_fd_non_fatal_error(3) and BIO_fd_should_retry(3)
36de0c91 2022-12-20 09:01:05 - some small tweaks for the text - on guenther's advice, remove NOTES: the text is either not relevant or already described correctly elsewhere ok guenther
538ecf39 2022-12-19 18:13:50 Add waitid(2) manpage, based on a first pass by espie@ and bits from FreeBSD and NetBSD. ok kettenis@ jmc@ espie@
375dfd33 2022-12-19 14:40:14 document BIO_copy_next_retry(3)
0e2f34bb 2022-12-19 03:54:17 Revert previous: unintentionally included in commit
98b84055 2022-12-19 03:49:42 Add pselect(2), recvmmsg(2), sendmmsg(2), and waitid(2) to the lists of built-in cancelation points.
54569cf1 2022-12-19 03:40:20 waitid(2) returns 0 on success; do post-call cancelation only if it either failed, or succeeded but didn't put a status into infop. ok millert@
e582de33 2022-12-18 22:27:10 document BIO_FLAGS_MEM_RDONLY
57ad7d3b 2022-12-18 21:45:47 document BIO_set_retry_read(3), BIO_set_retry_write(3), BIO_set_retry_special(3), BIO_clear_retry_flags(3), BIO_get_retry_flags(3), and the BIO_FLAGS_* constants
5fc43f0d 2022-12-18 20:24:52 document the interaction with BIO_dup_chain(3)
53d779ef 2022-12-18 19:35:36 new manual page BIO_dup_chain(3)
d2abd44c 2022-12-18 19:15:38 correct the prototypes of BIO_get_conn_ip(3) and BIO_get_conn_int_port(3); from Richard Levitte via OpenSSL commit 0e474b8b in the 1.1.1 branch, which is still under a freee license
d6a42141 2022-12-18 17:40:55 document BIO_number_read(3) and BIO_number_written(3)
74a4f7c0 2022-12-17 22:23:31 Merge documentation of UI_null() from OpenSSL 1.1 jsing doesn't like it, but it's better than nothing. ok jsing
a7534870 2022-12-17 22:21:24 Document BIO_set_flags(3), BIO_clear_flags(3), BIO_test_flags(3), and BIO_get_flags(3).
0ce8a7ba 2022-12-17 22:01:29 Link ui_null.c to build
a79c076a 2022-12-17 21:59:39 Prepare to provide UI_null() xmlsec needs this, nothing else. Our linkers link libxmlsec1-openssl, only warns and since nothing uses this library in ports, this wasn't noticed for a long time. Reported by Thomas Mitterfellner ok jsing
ce6fd31b 2022-12-17 15:56:25 Provide BN_zero()/BN_one() as functions and make BN_zero() always succeed. BN_zero() is currently implemented using BN_set_word(), which means it can fail, however almost nothing ever checks the return value. A long time ago OpenSSL changed BN_zero() to always succeed and return void, however kept BN_zero as a macro that calls a new BN_zero_ex() function, so that it can be switched back to the "can fail" version. Take a simpler approach - change BN_zero()/BN_one() to functions and make BN_zero() always succeed. This will be exposed in the next bump, at which point we can hopefully also remove the BN_zero_ex() function. ok tb@
fd234164 2022-12-17 12:48:53 X509_check_purpose.3: incorporate feedback from jsing
8c14bd7a 2022-12-16 23:56:57 In bio.h rev. 1.54, jsing@ and tb@ provided BIO_callback_fn_ex(3), BIO_set_callback_ex(3), BIO_get_callback_ex(3), and BIO_callback_fn(3). Document them, in part by merging from the OpenSSL 1.1.1 branch, which is still under a free license, but heavily tweaked by me, in particular: * mention that BIO_set_callback_arg(3) is misnamed; * keep our more detailed explanation of the "ret" argument; * make the list of callback invocations more readable; * and update the HISTORY section.
d5ec6605 2022-12-16 18:02:28 Document extension caching of X509_check_purpose() The overwhelming majority of callers of X509_check_purpose() in our tree pass a purpose of -1. In this case X509_check_purpose() acts as a wrapper of x509v3_cache_extensions() which makes sanity checks like non-negativity of ASN.1 integers or canonicity of RFC 3779 extensions as well as checking uniqueness of extensions. from schwarze who beat an initial diff of mine into shape
f341e97e 2022-12-16 16:02:17 add a CAVEATS section warning the user to not create cycles; OK tb@
39105ab6 2022-12-16 13:41:55 Revert BIO_push(3) cycle prevention (bio_lib.c rev. 1.42). jsing@ worries that cycle prevention might increase risk because software that is not checking return values (and indeed, not checking is likely common in practice) might silently behave incorrectly with cycle prevention whereas without, it will likely either crash right away through infinite recursion or at least hang in an infinite loop when trying to use the cyclic chain, in both cases making it likely that the bug will be found and fixed. Besides, tb@ points out that BIO_set_next(3) ought to behave as similarly as possible to BIO_push(3), but adding cycle prevention to BIO_set_next(3) would be even less convincing because that function does not provide a return value, encouraging users to expect that it will always succeed. While a safe idiom for checking the success of BIO_set_next(3) could easily be designed, let's be realistic: application software would be highly unlikely to pick up such an idiom.
beb45aa6 2022-12-15 17:20:48 In curve25519.h rev. 1.4 to 1.7, tb@ and jsing@ provided ED25519_keypair(3), ED25519_sign(3), and ED25519_verify(3). Document them.
7ad999aa 2022-12-14 22:37:07 In evp.h rev. 1.109 and 1.112, jsing@ and tb@ provided EVP_PKEY_new_raw_private_key(3), EVP_PKEY_new_raw_public_key(3), EVP_PKEY_get_raw_private_key(3), and EVP_PKEY_get_raw_public_key(3). Merge the documentation from the OpenSSL 1.1.1 branch, which is still under a free license. I tweaked the text somewhat for conciseness, and argument names for uniformity.
b03cfb73 2022-12-14 20:27:28 In asn1.h rev. 1.71 and 1.72, jsing@ and tb@ provided ASN1_buf_print(3). Document it.
6a10513e 2022-12-13 06:56:06 consistently put the Xr in "made obsolete by" in symbolic, as sigvec already does; remove the one inconsistent colon from creat(3) in this same text original diff from josiah frentsos
ff193b36 2022-12-12 14:16:58 Bump to LibreSSL 3.7.1
3847dadb 2022-12-11 20:53:27 Add a small blurb on @SECLEVEL=n
fada0977 2022-12-08 11:33:58 Fix copy-paste error that left a paragraph ending in a comma
0ee2ce67 2022-12-08 02:11:27 _C_LABEL() and _ASM_LABEL() are no longer useful in the "everything is ELF" world. Eliminate use of them in landisk code. ok deraadt@
81621933 2022-12-08 01:25:43 _C_LABEL() and _ASM_LABEL() are no longer useful in the "everything is ELF" world. Eliminate use of them in amd64, arm64, armv7, i386, macppc, mips64, and sparc64 code. ok deraadt@ jca@ krw@
6a684a04 2022-12-07 23:25:59 _C_LABEL() and _ASM_LABEL() are no longer useful in the "everything is ELF" world. Eliminate use of them in powerpc64 code. ok gkoehler@
2181dbec 2022-12-07 23:08:47 Improve the implementation of BIO_push(3) such that it changes nothing and reports failure if a call would result in a cycle. The algorithm used was originally suggested by jsing@. Feedback and OK tb@.
ded1d43d 2022-12-07 22:30:15 Add references to the BIO_{push,pop}(3) example The reader may not know what digest BIOs, Base64 BIOs and file BIOs are and the relevant function names are non-obvious, hence it's not entirely trivial to find the manuals where they are explained. With these references a reader should be able to turn the example into actual code. ok schwarze
e501d6ba 2022-12-07 17:17:29 Fix example string If you want to Base64-encode "Hello World\n" using a BIO, you had better pass "Hello World\n" into it, not something slightly different... While we're touching this, we might as well write it the way K&R did...
52d44085 2022-12-06 22:22:42 Zap extra space
cb8c034d 2022-12-06 21:13:01 Major rewrite for accuracy and clarity, and document BIO_set_next(3). Feedback and OK tb@.
5746cf29 2022-12-06 18:50:59 _C_LABEL() and _ASM_LABEL() are no longer useful in the "everything is ELF" world. Eliminate use of them in m88k code. ok aoyama@
46665642 2022-12-06 17:59:21 Make sure BIO_push(3) always preserves all invariants of the prev_bio and next_bio fields of all BIO objects in all affected chains, no matter what the arguments are. In particular, if the second argument (the one to be appended) is not at the beginning of its chain, properly detach the beginning of its chain before appending. We have weak indications that this bug might affect real-world code. For example, in FreeRDP, file libfreerdp/crypto/tls.c, function bio_rdp_tls_ctrl(), case BIO_C_SET_SSL, BIO_push(3) is definitely called with a second argument that is *not* at the beginning of its chain. Admittedly, that code is hard to fathom, but it does appear to result in a bogus prev_bio pointer without this patch. The practical impact of this bug in this and other software remains unknown; the consequences might possibly escalate up to use-after-free issues if BIO_pop(3) is afterwards called on corrupted BIO objects. OK tb@
0dc4ae82 2022-12-06 16:10:55 Improve the poorly designed BIO_set_next(3) API to always preserve all invariants of the prev_bio and next_bio fields of all BIO objects in all involved chains, no matter which arguments this function is called with. Both real-world uses of this function (in libssl and freerdp) have been audited to make sure this makes nothing worse. We believe libssl behaves correctly before and after the patch (mostly because the second argument is NULL there), and we believe the code in freerdp behaves incorrectly before and after the patch, leaving a prev_bio pointer in place that is becoming bogus, only in a different object before and after the patch. But after the patch, that bogus pointer is due to a separate bug in BIO_push(3), which we are planning to fix afterwards. Joint work with and OK tb@.
6ae54a3b 2022-12-06 02:12:05 arithmethic -> arithmetic
447c6881 2022-12-04 08:22:13 Fix warnings about binding changed to STB_WEAK on i386 Compiling libc on i386 results in compiler warnings for bcmp, bzero, bcopy, brk, and sbrk. Use ENTRY_NB instead of ENTRY to avoid this. ok jca millert
abb018e1 2022-12-03 15:02:30 Add ENTRY_NB() and use it for brk.S and sbrk.S on riscv64 NB for "No Binding". This gets us rid of clang-13 warnings about a global symbol redefined as weak. Mostly a copy of what guenther@ already implemented on other archs. ok guenther@ tb@
f63f57b6 2022-12-02 22:58:56 Drop 'perhaps a little', plus grammar and spelling nits BIO_push() and BIO_pop() are misnamed. No need to gently and politely suggest that their 'names [...] are perhaps a little misleading'.
66c15192 2022-12-02 19:44:04 Revert bio_prev removal As schwarze points out, you can pop any BIO in a chain, not just the first one (bonus points for a great name for this API). The internal doubly linked was used to fix up the BIO chain bio was part of when you BIO_pop() a bio that wasn't in the first position, which is explicitly allowed in our documentation and implied by OpenSSL's.
96b95d32 2022-12-02 12:27:08 Drop _C_LABEL() uses in riscv64-specific code _C_LABEL() was useful in the a.out->ELF transition days, way before RISC-V was a thing. Also drop uses of _ASM_LABEL() while here, suggested by guenther@ ok guenther@
af021b53 2022-12-02 10:57:12 When checking if we're implied we must also check if we're working on a string or an oid, else we can generate invalid OIDs. Found by bluhm@ on powerpc64 OK bluhm@
3422461a 2022-12-01 21:59:54 Update reference to table generation
8a0b2fe2 2022-12-01 05:33:55 Mark the X509_V_FLAG_CB_ISSUER_CHECK flag as deprecated
79abbea6 2022-12-01 05:27:04 Annotate X509_V_FLAG_CB_ISSUER_CHECK as deprecated and unused
89e62afd 2022-12-01 05:20:30 Retire X509_V_FLAG_CB_ISSUER_CHECK This flag has been deprecated in OpenSSL 1.1 and has not had an effect since. This way we can simplify the default check_issued() callback, which helpfully has its arguments reversed compared to the public API X509_check_issued(). ok jsing
43f73684 2022-12-01 05:16:08 Getters and setters for the check_issued() callback Open62541 uses X509_STORE_CTX_get_check_issued(), so provide it along with X509_STORE_{get,set}_check_issued(). As you would expect, they all return or take an X509_STORE_CTX_check_issued_fn. The getters aren't const in OpenSSL 1.1, but they now are in OpenSSL 3... These will be made available in the next minor bump and will ship in the stable release of LibreSSL 3.7 Part of OpenSSL commit 1060a50b See also https://github.com/libressl-portable/portable/issues/748 ok beck jsing
dd1a6ee8 2022-12-01 02:58:31 BN_one() can fail, check its return value. ok tb@