rearrange pledge promises into the canonical order; easier to eyeball

author: deraadt <> 2017-01-20 08:57:12 +0000
committer: deraadt <> 2017-01-20 08:57:12 +0000
commit: ff6fa3ffece7ca61b2a5e2a66b4920c710d4e36b (patch)
tree: 2d20c8800211c4286dbb8a45bc5377c8e2454c76
parent: eea69a07c7dcf385b4a8948a88fa99794490b8d9 (diff)
download: openbsd-ff6fa3ffece7ca61b2a5e2a66b4920c710d4e36b.tar.gz
openbsd-ff6fa3ffece7ca61b2a5e2a66b4920c710d4e36b.tar.bz2
openbsd-ff6fa3ffece7ca61b2a5e2a66b4920c710d4e36b.zip
39 files changed, 77 insertions, 77 deletions
diff --git a/src/usr.bin/openssl/asn1pars.c b/src/usr.bin/openssl/asn1pars.c
index 4fbae55861..fe66b35937 100644
--- a/src/usr.bin/openssl/asn1pars.c
+++ b/src/usr.bin/openssl/asn1pars.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: asn1pars.c,v 1.6 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: asn1pars.c,v 1.7 2017/01/20 08:57:11 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -248,7 +248,7 @@ asn1parse_main(int argc, char **argv)
        ASN1_TYPE *at = NULL;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/ca.c b/src/usr.bin/openssl/ca.c
index 04d7c5ceaa..a3e779da33 100644
--- a/src/usr.bin/openssl/ca.c
+++ b/src/usr.bin/openssl/ca.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ca.c,v 1.22 2016/08/31 11:42:09 deraadt Exp $ */
+/* $OpenBSD: ca.c,v 1.23 2017/01/20 08:57:11 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -285,7 +285,7 @@ ca_main(int argc, char **argv)
        DB_ATTR db_attr;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath tty", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/certhash.c b/src/usr.bin/openssl/certhash.c
index 842c184ad1..fdd719ea48 100644
--- a/src/usr.bin/openssl/certhash.c
+++ b/src/usr.bin/openssl/certhash.c
@@ -649,7 +649,7 @@ certhash_main(int argc, char **argv)
        int i, cwdfd, ret = 0;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/crl.c b/src/usr.bin/openssl/crl.c
index 9c9efa02a0..bb7ff62775 100644
--- a/src/usr.bin/openssl/crl.c
+++ b/src/usr.bin/openssl/crl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: crl.c,v 1.9 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: crl.c,v 1.10 2017/01/20 08:57:11 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -231,7 +231,7 @@ crl_main(int argc, char **argv)
        char *digest_name = NULL;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/crl2p7.c b/src/usr.bin/openssl/crl2p7.c
index 5ce4e97c60..9fceee8098 100644
--- a/src/usr.bin/openssl/crl2p7.c
+++ b/src/usr.bin/openssl/crl2p7.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: crl2p7.c,v 1.6 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: crl2p7.c,v 1.7 2017/01/20 08:57:11 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -170,7 +170,7 @@ crl2pkcs7_main(int argc, char **argv)
        int ret = 1;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/dgst.c b/src/usr.bin/openssl/dgst.c
index a03409e212..ce50e08b53 100644
--- a/src/usr.bin/openssl/dgst.c
+++ b/src/usr.bin/openssl/dgst.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dgst.c,v 1.9 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: dgst.c,v 1.10 2017/01/20 08:57:11 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -124,7 +124,7 @@ dgst_main(int argc, char **argv)
        STACK_OF(OPENSSL_STRING) * sigopts = NULL, *macopts = NULL;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath tty", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/dh.c b/src/usr.bin/openssl/dh.c
index e3d8eca5f9..eb51b4b12f 100644
--- a/src/usr.bin/openssl/dh.c
+++ b/src/usr.bin/openssl/dh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh.c,v 1.8 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: dh.c,v 1.9 2017/01/20 08:57:11 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -159,7 +159,7 @@ dh_main(int argc, char **argv)
        int ret = 1;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/dhparam.c b/src/usr.bin/openssl/dhparam.c
index 1f8bdaed2a..7c3bfb44c8 100644
--- a/src/usr.bin/openssl/dhparam.c
+++ b/src/usr.bin/openssl/dhparam.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dhparam.c,v 1.8 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: dhparam.c,v 1.9 2017/01/20 08:57:11 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -244,7 +244,7 @@ dhparam_main(int argc, char **argv)
        int i;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/dsa.c b/src/usr.bin/openssl/dsa.c
index 3ca174a1e9..5e0301c734 100644
--- a/src/usr.bin/openssl/dsa.c
+++ b/src/usr.bin/openssl/dsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa.c,v 1.8 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: dsa.c,v 1.9 2017/01/20 08:57:11 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -241,7 +241,7 @@ dsa_main(int argc, char **argv)
        char *passin = NULL, *passout = NULL;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath tty", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/dsaparam.c b/src/usr.bin/openssl/dsaparam.c
index 37b9a68693..46efd5d453 100644
--- a/src/usr.bin/openssl/dsaparam.c
+++ b/src/usr.bin/openssl/dsaparam.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsaparam.c,v 1.7 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: dsaparam.c,v 1.8 2017/01/20 08:57:12 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -169,7 +169,7 @@ dsaparam_main(int argc, char **argv)
        char *strbits = NULL;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/ec.c b/src/usr.bin/openssl/ec.c
index fe58e1357d..e557990cb9 100644
--- a/src/usr.bin/openssl/ec.c
+++ b/src/usr.bin/openssl/ec.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec.c,v 1.8 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: ec.c,v 1.9 2017/01/20 08:57:12 deraadt Exp $ */
 /*
 * Written by Nils Larsch for the OpenSSL project.
 */
@@ -278,7 +278,7 @@ ec_main(int argc, char **argv)
        char *passin = NULL, *passout = NULL;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath tty", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/ecparam.c b/src/usr.bin/openssl/ecparam.c
index a4a400f88a..6c497bd355 100644
--- a/src/usr.bin/openssl/ecparam.c
+++ b/src/usr.bin/openssl/ecparam.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecparam.c,v 1.15 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: ecparam.c,v 1.16 2017/01/20 08:57:12 deraadt Exp $ */
 /*
 * Written by Nils Larsch for the OpenSSL project.
 */
@@ -260,7 +260,7 @@ ecparam_main(int argc, char **argv)
        int i, ret = 1;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/enc.c b/src/usr.bin/openssl/enc.c
index 4c6de096fd..195dc2fc44 100644
--- a/src/usr.bin/openssl/enc.c
+++ b/src/usr.bin/openssl/enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: enc.c,v 1.11 2016/04/07 20:02:19 jmc Exp $ */
+/* $OpenBSD: enc.c,v 1.12 2017/01/20 08:57:12 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -339,7 +339,7 @@ enc_main(int argc, char **argv)
        int i;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath tty", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/gendh.c b/src/usr.bin/openssl/gendh.c
index 235fbdee38..7c037f44e1 100644
--- a/src/usr.bin/openssl/gendh.c
+++ b/src/usr.bin/openssl/gendh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: gendh.c,v 1.7 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: gendh.c,v 1.8 2017/01/20 08:57:12 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -135,7 +135,7 @@ gendh_main(int argc, char **argv)
        char *strbits = NULL;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/gendsa.c b/src/usr.bin/openssl/gendsa.c
index c73aa34399..5aeb294e7f 100644
--- a/src/usr.bin/openssl/gendsa.c
+++ b/src/usr.bin/openssl/gendsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: gendsa.c,v 1.7 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: gendsa.c,v 1.8 2017/01/20 08:57:12 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -86,7 +86,7 @@ gendsa_main(int argc, char **argv)
        const EVP_CIPHER *enc = NULL;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath tty", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/genpkey.c b/src/usr.bin/openssl/genpkey.c
index 174ca5e4ba..cae7eacd4e 100644
--- a/src/usr.bin/openssl/genpkey.c
+++ b/src/usr.bin/openssl/genpkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: genpkey.c,v 1.8 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: genpkey.c,v 1.9 2017/01/20 08:57:12 deraadt Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2006
 */
@@ -87,7 +87,7 @@ genpkey_main(int argc, char **argv)
        int do_param = 0;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath tty", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/genrsa.c b/src/usr.bin/openssl/genrsa.c
index 951da4c7a7..4fa5747b28 100644
--- a/src/usr.bin/openssl/genrsa.c
+++ b/src/usr.bin/openssl/genrsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: genrsa.c,v 1.8 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: genrsa.c,v 1.9 2017/01/20 08:57:12 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -101,7 +101,7 @@ genrsa_main(int argc, char **argv)
        RSA *rsa = NULL;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath tty", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/nseq.c b/src/usr.bin/openssl/nseq.c
index be64668da0..4669147416 100644
--- a/src/usr.bin/openssl/nseq.c
+++ b/src/usr.bin/openssl/nseq.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: nseq.c,v 1.6 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: nseq.c,v 1.7 2017/01/20 08:57:12 deraadt Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 1999.
 */
@@ -110,7 +110,7 @@ nseq_main(int argc, char **argv)
        int i, ret = 1;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/ocsp.c b/src/usr.bin/openssl/ocsp.c
index 82ea07aeee..47f9817c36 100644
--- a/src/usr.bin/openssl/ocsp.c
+++ b/src/usr.bin/openssl/ocsp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ocsp.c,v 1.10 2017/01/20 08:14:55 beck Exp $ */
+/* $OpenBSD: ocsp.c,v 1.11 2017/01/20 08:57:12 deraadt Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2000.
 */
@@ -147,7 +147,7 @@ ocsp_main(int argc, char **argv)
        const char *errstr = NULL;
        if (single_execution) {
-                if (pledge("stdio inet dns rpath wpath cpath tty", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath inet dns tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/openssl.c b/src/usr.bin/openssl/openssl.c
index 0ac9bc08b8..346b1d83c7 100644
--- a/src/usr.bin/openssl/openssl.c
+++ b/src/usr.bin/openssl/openssl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: openssl.c,v 1.24 2016/09/04 18:19:53 beck Exp $ */
+/* $OpenBSD: openssl.c,v 1.25 2017/01/20 08:57:12 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -435,7 +435,7 @@ main(int argc, char **argv)
        arg.data = NULL;
        arg.count = 0;
-        if (pledge("stdio inet dns rpath wpath cpath proc flock tty", NULL) == -1) {
+        if (pledge("stdio cpath wpath rpath inet dns proc flock tty", NULL) == -1) {
                fprintf(stderr, "openssl: pledge: %s\n", strerror(errno));
                exit(1);
        }
diff --git a/src/usr.bin/openssl/passwd.c b/src/usr.bin/openssl/passwd.c
index 04da52ee68..af5360448c 100644
--- a/src/usr.bin/openssl/passwd.c
+++ b/src/usr.bin/openssl/passwd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: passwd.c,v 1.7 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: passwd.c,v 1.8 2017/01/20 08:57:12 deraadt Exp $ */
 #if defined OPENSSL_NO_MD5
 #define NO_MD5CRYPT_1
@@ -146,7 +146,7 @@ passwd_main(int argc, char **argv)
        int ret = 1;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath tty", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/pkcs12.c b/src/usr.bin/openssl/pkcs12.c
index 51a5747b4e..69d2d0a950 100644
--- a/src/usr.bin/openssl/pkcs12.c
+++ b/src/usr.bin/openssl/pkcs12.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pkcs12.c,v 1.8 2016/12/30 15:59:58 jsing Exp $ */
+/* $OpenBSD: pkcs12.c,v 1.9 2017/01/20 08:57:12 deraadt Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project.
 */
@@ -125,7 +125,7 @@ pkcs12_main(int argc, char **argv)
        char *CApath = NULL, *CAfile = NULL;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath tty", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/pkcs7.c b/src/usr.bin/openssl/pkcs7.c
index 382a8bfa2c..32d1682ff1 100644
--- a/src/usr.bin/openssl/pkcs7.c
+++ b/src/usr.bin/openssl/pkcs7.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pkcs7.c,v 1.8 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: pkcs7.c,v 1.9 2017/01/20 08:57:12 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -155,7 +155,7 @@ pkcs7_main(int argc, char **argv)
        int i;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/pkcs8.c b/src/usr.bin/openssl/pkcs8.c
index 9c620c8619..5d1c2023af 100644
--- a/src/usr.bin/openssl/pkcs8.c
+++ b/src/usr.bin/openssl/pkcs8.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pkcs8.c,v 1.9 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: pkcs8.c,v 1.10 2017/01/20 08:57:12 deraadt Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 1999-2004.
 */
@@ -227,7 +227,7 @@ pkcs8_main(int argc, char **argv)
        int ret = 1;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath tty", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/pkey.c b/src/usr.bin/openssl/pkey.c
index 9c38d0ee3c..e91bc79090 100644
--- a/src/usr.bin/openssl/pkey.c
+++ b/src/usr.bin/openssl/pkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pkey.c,v 1.8 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: pkey.c,v 1.9 2017/01/20 08:57:12 deraadt Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2006
 */
@@ -80,7 +80,7 @@ pkey_main(int argc, char **argv)
        int ret = 1;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath tty", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/pkeyparam.c b/src/usr.bin/openssl/pkeyparam.c
index a8a40d2b4f..698c105141 100644
--- a/src/usr.bin/openssl/pkeyparam.c
+++ b/src/usr.bin/openssl/pkeyparam.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pkeyparam.c,v 1.9 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: pkeyparam.c,v 1.10 2017/01/20 08:57:12 deraadt Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2006
 */
@@ -119,7 +119,7 @@ pkeyparam_main(int argc, char **argv)
        int ret = 1;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/pkeyutl.c b/src/usr.bin/openssl/pkeyutl.c
index 4bfb5420f9..4752b4c79a 100644
--- a/src/usr.bin/openssl/pkeyutl.c
+++ b/src/usr.bin/openssl/pkeyutl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pkeyutl.c,v 1.10 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: pkeyutl.c,v 1.11 2017/01/20 08:57:12 deraadt Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2006.
 */
@@ -101,7 +101,7 @@ pkeyutl_main(int argc, char **argv)
        int ret = 1, rv = -1;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath tty", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/rand.c b/src/usr.bin/openssl/rand.c
index 5f21bbc11c..04105bc46e 100644
--- a/src/usr.bin/openssl/rand.c
+++ b/src/usr.bin/openssl/rand.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rand.c,v 1.10 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: rand.c,v 1.11 2017/01/20 08:57:12 deraadt Exp $ */
 /* ====================================================================
 * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
 *
@@ -110,7 +110,7 @@ rand_main(int argc, char **argv)
        BIO *out = NULL;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/req.c b/src/usr.bin/openssl/req.c
index e264870374..352e38b226 100644
--- a/src/usr.bin/openssl/req.c
+++ b/src/usr.bin/openssl/req.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: req.c,v 1.13 2015/11/14 14:53:14 miod Exp $ */
+/* $OpenBSD: req.c,v 1.14 2017/01/20 08:57:12 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -177,7 +177,7 @@ req_main(int argc, char **argv)
        unsigned long chtype = MBSTRING_ASC;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath tty", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/rsa.c b/src/usr.bin/openssl/rsa.c
index 54482ab9f0..7ad1da13b2 100644
--- a/src/usr.bin/openssl/rsa.c
+++ b/src/usr.bin/openssl/rsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa.c,v 1.8 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: rsa.c,v 1.9 2017/01/20 08:57:12 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -269,7 +269,7 @@ rsa_main(int argc, char **argv)
        char *passin = NULL, *passout = NULL;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath tty", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/rsautl.c b/src/usr.bin/openssl/rsautl.c
index 3a5290845a..48f739135a 100644
--- a/src/usr.bin/openssl/rsautl.c
+++ b/src/usr.bin/openssl/rsautl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsautl.c,v 1.10 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: rsautl.c,v 1.11 2017/01/20 08:57:12 deraadt Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2000.
 */
@@ -99,7 +99,7 @@ rsautl_main(int argc, char **argv)
        int ret = 1;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath tty", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/s_client.c b/src/usr.bin/openssl/s_client.c
index 78909873b8..f335da66e0 100644
--- a/src/usr.bin/openssl/s_client.c
+++ b/src/usr.bin/openssl/s_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s_client.c,v 1.29 2016/12/30 17:25:48 jsing Exp $ */
+/* $OpenBSD: s_client.c,v 1.30 2017/01/20 08:57:12 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -365,7 +365,7 @@ s_client_main(int argc, char **argv)
        long socket_mtu = 0;
        if (single_execution) {
-                if (pledge("stdio inet dns rpath wpath cpath tty", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath inet dns tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/s_server.c b/src/usr.bin/openssl/s_server.c
index a3200c8e9f..d73a11799b 100644
--- a/src/usr.bin/openssl/s_server.c
+++ b/src/usr.bin/openssl/s_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s_server.c,v 1.24 2015/12/23 20:43:42 mmcc Exp $ */
+/* $OpenBSD: s_server.c,v 1.25 2017/01/20 08:57:12 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -605,7 +605,7 @@ s_server_main(int argc, char *argv[])
        tlsextalpnctx alpn_ctx = { NULL, 0 };
        if (single_execution) {
-                if (pledge("stdio inet dns rpath tty", NULL) == -1) {
+                if (pledge("stdio rpath inet dns tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/s_time.c b/src/usr.bin/openssl/s_time.c
index a88df1bfe2..3644e108f8 100644
--- a/src/usr.bin/openssl/s_time.c
+++ b/src/usr.bin/openssl/s_time.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s_time.c,v 1.16 2016/08/30 14:34:59 deraadt Exp $ */
+/* $OpenBSD: s_time.c,v 1.17 2017/01/20 08:57:12 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -254,7 +254,7 @@ s_time_main(int argc, char **argv)
        int ver;
        if (single_execution) {
-                if (pledge("stdio inet rpath", NULL) == -1) {
+                if (pledge("stdio rpath inet", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/sess_id.c b/src/usr.bin/openssl/sess_id.c
index d0f367d4b7..3670f5404f 100644
--- a/src/usr.bin/openssl/sess_id.c
+++ b/src/usr.bin/openssl/sess_id.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sess_id.c,v 1.7 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: sess_id.c,v 1.8 2017/01/20 08:57:12 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -159,7 +159,7 @@ sess_id_main(int argc, char **argv)
        BIO *out = NULL;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/smime.c b/src/usr.bin/openssl/smime.c
index 92027ba99a..847ee133b6 100644
--- a/src/usr.bin/openssl/smime.c
+++ b/src/usr.bin/openssl/smime.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: smime.c,v 1.7 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: smime.c,v 1.8 2017/01/20 08:57:12 deraadt Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project.
 */
@@ -113,7 +113,7 @@ smime_main(int argc, char **argv)
        X509_VERIFY_PARAM *vpm = NULL;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath tty", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/spkac.c b/src/usr.bin/openssl/spkac.c
index 426ea13431..77f3e3479c 100644
--- a/src/usr.bin/openssl/spkac.c
+++ b/src/usr.bin/openssl/spkac.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: spkac.c,v 1.8 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: spkac.c,v 1.9 2017/01/20 08:57:12 deraadt Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 1999. Based on an original idea by Massimiliano Pala
 * (madwolf@openca.org).
@@ -182,7 +182,7 @@ spkac_main(int argc, char **argv)
        EVP_PKEY *pkey = NULL;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath tty", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/ts.c b/src/usr.bin/openssl/ts.c
index 781ab33368..28462430a2 100644
--- a/src/usr.bin/openssl/ts.c
+++ b/src/usr.bin/openssl/ts.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ts.c,v 1.13 2015/10/17 15:00:11 doug Exp $ */
+/* $OpenBSD: ts.c,v 1.14 2017/01/20 08:57:12 deraadt Exp $ */
 /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
 * project 2002.
 */
@@ -150,7 +150,7 @@ ts_main(int argc, char **argv)
        int token_out = 0;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath tty", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
diff --git a/src/usr.bin/openssl/x509.c b/src/usr.bin/openssl/x509.c
index 3daea89141..f43b015684 100644
--- a/src/usr.bin/openssl/x509.c
+++ b/src/usr.bin/openssl/x509.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509.c,v 1.13 2016/12/30 16:28:53 jsing Exp $ */
+/* $OpenBSD: x509.c,v 1.14 2017/01/20 08:57:12 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -199,7 +199,7 @@ x509_main(int argc, char **argv)
        const char *errstr = NULL;
        if (single_execution) {
-                if (pledge("stdio rpath wpath cpath tty", NULL) == -1) {
+                if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }
author	deraadt <>	2017-01-20 08:57:12 +0000
committer	deraadt <>	2017-01-20 08:57:12 +0000
commit	ff6fa3ffece7ca61b2a5e2a66b4920c710d4e36b (patch)
tree	2d20c8800211c4286dbb8a45bc5377c8e2454c76
parent	eea69a07c7dcf385b4a8948a88fa99794490b8d9 (diff)
download	openbsd-ff6fa3ffece7ca61b2a5e2a66b4920c710d4e36b.tar.gz openbsd-ff6fa3ffece7ca61b2a5e2a66b4920c710d4e36b.tar.bz2 openbsd-ff6fa3ffece7ca61b2a5e2a66b4920c710d4e36b.zip