| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
list of interface names. At the same time switch if_nametoindex(3) and
if_indextoname(3) to use if_nameindex(3) instead of getifaddrs(3).
if_nameindex(3) exposes much less then getifaddrs(3) and is allowed by
pledge(2).
With and OK deraadt@
|
| | |
|
| |
|
|
|
|
|
| |
in a socket option can be pretty scary and there is no better interface for this.
so if the -V option is used you get no pledge at all.. Otherwise, do what
works for the various options. Still needs refinement for tls to drop rpath,
and a better solution for the routing table stuff
|
| |
|
|
|
|
| |
exiting, and loop the waitpid() on EINTR
ok deraadt@ millert@
|
| |
|
|
|
|
|
| |
SIGINT and SIGQUIT with sigaction() instead of signal() so that all bits
are preserved.
ok deraadt@ millert@
|
| |
|
|
|
|
|
|
|
| |
into libc, and move pthread_sigmask() as well (just a trivial wrapper).
This provides consistent handling of SIGTHR between single- and multi-threaded
programs and is a step in the merge of all the libpthread overloads, providing
some ASM and Makefile bits that the other wrappers will need.
ok deraadt@ millert@
|
| |
|
|
| |
ok guenther@
|
| | |
|
| |
|
|
|
|
|
| |
ASN1_{GENERALIZED,UTC}TIME_set_string(), which allows it to be called
with a NULL pointer.
ok beck@
|
| |
|
|
|
|
|
|
| |
ASN1_{GENERALIZED,UTC,}TIME_set_string() to be called with a NULL pointer.
Found the hard way by @kinichiro on github.
ok beck@
|
| |
|
|
|
|
|
| |
pointer - because, you know, you might want to set a string on a NULL
object. The previous implementation apparently allowed this as a way of
testing if the string was valid... probably because the *_check() functions
are only useable after the string has already been set.
|
| |
|
|
| |
ASN1_UTCTIME_set_string() twice instead.
|
| | |
|
| |
|
|
|
|
|
|
| |
becoming negative in probable_prime_dh_safe(). Reported by Franck Denis who
noticed `openssl gendh 0' would segfault.
Fix adapted from OpenSSL RT#2701.
ok beck@ jsing@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
will end up doing a read and write of up to 7 bytes beyond the specified
length. This is effectively a non-issue since we read and write back the
same data and due to alignment it is within a page boundary.
Regardless, avoid this by removing the "special" handling for the remaining
length and allow the standard (non-chunk) code to process the remaining
bytes, which does not result in overrun.
Reported by Pascal Cuoq <cuoq at trust-in-soft.com> - thanks!
ok beck@ miod@
|
| | |
|
| |
|
|
| |
ok jsing@
|
| |
|
|
|
|
| |
utctime and gentime wrappers accordingly. Along with some other cleanup.
this also removes the need for timegm.
ok bcook@ sthen@ jsing@
|
| | |
|
| | |
|
| |
|
|
| |
ok semarie@
|
| |
|
|
|
|
|
|
|
|
|
| |
it is needed in order to let libssl UI_* function plays with echo on/off when
asking for password on terminal.
passwd subcommand needs additionnal "wpath cpath" in order to let it calls
fopen("/dev/tty", "w") (O_WRONLY with O_CREAT | O_TRUNC).
problem reported by several
with and ok doug@
|
| |
|
|
| |
few lines above.
|
| |
|
|
| |
macros. The only change in the generated assembly is due to line numbering.
|
| |
|
|
|
| |
DECLARE_ASN1_FUNCTIONS_const already includes this macro so using both
means we end up with duplicate function prototypes and externs.
|
| |
|
|
| |
ok bcook@
|
| | |
|
| | |
|
| |
|
|
| |
use pledge and file locking. OK deraadt@
|
| | |
|
| |
|
|
|
|
| |
buf is at all times kept nul terminated, so there is no need to enforce
this again upon exit. (no need to move buf around after we exahust space.)
ok beck miod
|
| |
|
|
| |
ok miod@
|
| |
|
|
|
|
| |
move the bndec variable in tighter since it's not used elsewhere in the
loop, then always free it after use.
ok bcook miod
|
| |
|
|
| |
ok bcook@ deraadt@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The "authenticated encryption with additional data" API is used for
ciphers like AES-GCM or ChaCha20-Poly1305. The manpage is a beginning
and certainly needs more work, especially improvements in the EXAMPLES
section.
Based on agl's source code comments.
Converted from pod to mandoc by schwarze@
OK schwarze@ jsing@
|
| |
|
|
|
|
| |
the truncation check immediately following it was not updated to
match. Not an issue in practice since the buffers are the same
size. OK deraadt@
|
| | |
|
| |
|
|
|
|
| |
actual function. This removes the last ASN1_dup_of usage from the tree.
Feedback from doug@ and miod@
|
| |
|
|
|
|
| |
ASN1_item_{d2i,i2d}_{bio,fp}() function calls.
ok beck@ doug@
|
| | |
|
| | |
|
| |
|
|
| |
changes.
|
| |
|
|
| |
DSAPublicKey, DSAPrivateKey and DSAparams ASN1_ITEMs.
|
| |
|
|
|
|
|
|
| |
error was present in the original 2004 commit, so it hasn't been used in
over 11 years, thus exceeding our deprecation requirements by over a decade.
OpenSSL has chosen to *fix it*; we'll gladly watch it burn
ok jsing@
|
| |
|
|
|
|
| |
sizeof(struct sockaddr_un), so do the simple, portable thing
ok beck@ deraadt@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
openssl(1) has two mechanisms for operating: either a single execution
of one command (looking at argv[0] or argv[1]) or as an interactive
session than may execute any number of commands.
We already have a top level pledge that should cover all commands
and that's what interactive mode must continue using. However, we can
tighten up the pledges when only executing one command.
This is an initial stab at support and may contain regressions. Most
commands only need "stdio rpath wpath cpath". The pledges could be
further restricted by evaluating the situation after parsing options.
deraadt@ and beck@ are roughly fine with this approach.
|
| |
|
|
|
|
|
| |
which i have put in that order). this is not important, but helps look
for outliers which might be strange. it hints that "ioctl" should be
reassessed in a few places, to see if "tty" is better; that "unix" may
be used in some places where "route" could now work.
|
| |
|
|
|
| |
through and trying to bind failed v6 connects.
ok guenther
|
| | |
|
