|  | Commit message (Collapse) | Author | Age | Files | Lines | 
|---|
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | This diff exposes parts of clock_gettime(2) and gettimeofday(2) to
userland via libc eliberating processes from the need for a context
switch everytime they want to count the passage of time.
If a timecounter clock can be exposed to userland than it needs to set
its tc_user member to a non-zero value. Tested with one or multiple
counters per architecture.
The timing data is shared through a pointer found in the new ELF
auxiliary vector AUX_openbsd_timekeep containing timehands information
that is frequently updated by the kernel.
Timing differences between the last kernel update and the current time
are adjusted in userland by the tc_get_timecount() function inside the
MD usertc.c file.
This permits a much more responsive environment, quite visible in
browsers, office programs and gaming (apparently one is are able to fly
in Minecraft now).
Tested by robert@, sthen@, naddy@, kmos@, phessler@, and many others!
OK from at least kettenis@, cheloha@, naddy@, sthen@ | 
| | |  | 
| | |  | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| 
| 
| | allocate pages, don't call abort() because of corefile data leakage
concerns, but simply _exit().  The reasoning is _rs_init() will only
fail if someone finds a way to apply specific pressure against this
failure point, for the purpose of leaking information into a core which
they can read.  We don't need a corefile in this instance to debug that.
So take this "lever" away from whoever in the future wants to do that. | 
| | 
| 
| 
| | ok deraadt@ tedu@ | 
| | |  | 
| | |  | 
| | 
| 
| 
| | ok deraadt@ | 
| | 
| 
| 
| | for login.conf, and we don't want to go lower. | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | correctly - logically complete that now by removing MLINKS from base;
authors need only to ensure there is an entry in NAME for any function/
util being added. MLINKS will still work, and remain for perl to ease
upgrades;
ok nicm (curses) bcook (ssl)
ok schwarze, who provided a lot of feedback and assistance
ok tb natano jung | 
| | 
| 
| 
| 
| 
| | or otherwise change Dt to reflect the name of an existing function;
feedback/ok schwarze | 
| | 
| 
| 
| | Hide bcrypt_autorounds(), prefixing with an underbar for static builds. | 
| | 
| 
| 
| 
| | verified that they are there via isdigit() so we can convert from
ASCII to an int without using atoi().  OK guenther@ deraadt@ | 
| | 
| 
| 
| 
| 
| | C standard are all weak.
Apply __{BEGIN,END}_HIDDEN_DECLS to gdtoa{,imp}.h, hiding the
arch-specific __strtorx, __ULtox_D2A, __strtorQ, __ULtoQ_D2A symbols. | 
| | 
| 
| 
| | Delete unused 'fd' argument from internal function oldttyname() | 
| | 
| 
| 
| | ok deraadt@ | 
| | 
| 
| 
| 
| 
| 
| | By default, MSVC's stdlib.h defines min(), so we need to spell out something
less common to avoid picking it up.
ok deraadt@ beck@ miod@ | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| | 99% of the world calls it.
allow just "bcrypt" without params to mean auto-tune ("bcrypt,a").
default remains 8 rounds (for now)
ok deraadt | 
| | 
| 
| 
| | OK tedu@ | 
| | |  | 
| | 
| 
| 
| | ok deraadt jeremy | 
| | 
| 
| 
| 
| | of some undefined value.
OK tedu@ | 
| | |  | 
| | |  | 
| | 
| 
| 
| 
| 
| | Printing strerror() in that case will say result too large, even if rounds is
actually too small. invalid is less specific, but less incorrect.
ok millert | 
| | 
| 
| 
| | to avoid swamping it; | 
| | |  | 
| | 
| 
| 
| | friendlier for users. requested by deraadt | 
| | 
| 
| 
| | review by millert, binary checking process with doug, concept with guenther | 
| | 
| 
| 
| | ok tedu@ | 
| | 
| 
| 
| | other systems to fit into the same mold, so add copyright | 
| | 
| 
| 
| | nor are they the same size. | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| | remember to set EACCES in bcrypt_checkpass for hash differences.
the higher level crypt_checkpass function will reset errno to EACCES in
all cases, which is probably the right behavior, but this change gives code
working with the lower level functions the correct errno if they care. | 
| | 
| 
| 
| 
| | guenther suggested using thread time, which actually may improve accuracy
if somebody puts this in a threaded program. | 
| | 
| 
| 
| | ok deraadt miod | 
| | 
| 
| 
| 
| 
| 
| 
| 
| | use global data. The simplest fix is to only check blowfish passwords,
and implicitly lock out DES passwords.
crypt_checkpass is currently only used in one place, passwd, to verify
the local user's password, so this is probably acceptable.
Gives people a little more time to migrate away from DES before introduing
checkpass into more places. | 
| | |  | 
| | 
| 
| 
| | ok deraadt naddy | 
| | |  | 
| | 
| 
| 
| | entries. | 
| | |  | 
| | 
| 
| 
| | better to find one instead of continuing to mangle this mess. | 
| | 
| 
| 
| | only doing what's needed for crypt_hashpass. sigh. | 
| | 
| 
| 
| | write out a hash. also simplify writing out the hash. | 
| | |  | 
| | |  | 
| | 
| 
| 
| | ok tedu@ on a previous version |