summaryrefslogtreecommitdiff
path: root/src/lib/libc/net (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Add support for RES_USE_DNSSECjca2017-02-271-5/+2
| | | | | | | | | | | | RES_USE_DNSSEC is implemented by setting the DNSSEC DO bit in outgoing queries. The resolver is then supposed to set the AD bit in the reply if it managed to validate the answer through DNSSEC. Useful when the application doesn't implement validation internally. This scheme assumes that the validating resolver is trusted and that the communication channel between the validating resolver and and the client is secure. ok eric@ gilles@
* Add EDNS0 support.jca2017-02-181-4/+3
| | | | | | | EDNS allows for various DNS extensions, among which UDP DNS packets size bigger than 512 bytes. The default is still to not advertize anything. ok eric@
* in resolver(3), document that _EDNS0 and _DNSSEC are no ops;jmc2017-01-241-6/+17
| | | | | | | diff from kirill miazine while here, bump all the no op texts to one standard blurb; help/ok jca
* Eliminate some gcc warnings about 'unused variables', mostly bykrw2016-12-161-2/+2
| | | | | | adding appropriate #ifdef's around declarations. ok millert@ (with a tweak I will commit separately)
* Nuke some trailing tabs.krw2016-12-151-3/+3
|
* Fix regressions introduce in the fix for CVE-2016-6559.millert2016-12-081-6/+5
| | | | From FreeBSD (glebius)
* Fix a typo, decrement rem, don't increment for single digit hex bytes.millert2016-12-071-2/+2
| | | | From Henri Kemppainen
* CVE-2016-6559: fix potential buffer overflow(s) in link_ntoa(3).millert2016-12-061-19/+35
| | | | | | | A specially crafted struct sockaddr_dl argument can trigger a stack overflow of a static buffer in libc. An attacker may be able to use this to write to arbitrary locations in the data segment. From FreeBSD (glebius); OK deraadt@ mestre@
* Delete casts to off_t and size_t that are implied by assignmentsguenther2016-09-214-11/+10
| | | | | | | or prototypes. Ditto for some of the char* and void* casts too. verified no change to instructions on ILP32 (i386) and LP64 (amd64) ok natano@ abluhm@ deraadt@ millert@
* Obvious minor fixes:schwarze2016-08-052-36/+57
| | | | | | | | * Add missing .Dv, .Ev, and .Fa macros. * Delete deprecated .Tn macros. * Mark up global variable names with .Va, not with .Fa or .Li. * Mark up config file commands with .Ic, not with .Fa. * Fix HISTORY, trivial to verify from the CSRG archive CD.
* Make RES_OPTIONS point directly to resolv.conf(5) instead of going throughmartijn2016-08-051-3/+3
| | | | | | resolver(3). OK jmc@
* Prefer AF_* over PF_* and 'address family' over 'protocol family'guenther2016-05-291-9/+9
| | | | ok jung@
* rcmd(3) and rcmdsh(3) use getaddrinfo(3) not gethostbyname(3).millert2016-05-282-9/+9
|
* Use getaddrinfo() instead of the non-standard gethostbyname2().millert2016-05-281-5/+14
| | | | OK deraadt@ jca@ jung@ florian@
* Remove iruserok(_sa)? and __ivaliduser(sa)?guenther2016-05-232-90/+20
| | | | ok millert@ deraadt@
* Eliminate __check_rhosts_file and __rcmd_errstr: they were only used byguenther2016-05-231-5/+1
| | | | | | rlogind and rshd (remember them?) ok deraadt@
* Remove old NeXT-specific cruft. From mmcc@millert2016-05-011-13/+1
|
* Prefer _MUTEX_*LOCK over _THREAD_PRIVATE_MUTEX_*LOCK() when thread-specificguenther2016-04-051-4/+4
| | | | | | data isn't necessary. ok mpi@, ok&tweak natano@
* for some time now mandoc has not required MLINKS to functionjmc2016-03-301-54/+1
| | | | | | | | | | | | correctly - logically complete that now by removing MLINKS from base; authors need only to ensure there is an entry in NAME for any function/ util being added. MLINKS will still work, and remain for perl to ease upgrades; ok nicm (curses) bcook (ssl) ok schwarze, who provided a lot of feedback and assistance ok tb natano jung
* un-vax;jmc2016-03-101-3/+3
|
* Remove NULL-checks before free() and a few related dead assignments.mmcc2015-12-281-3/+2
| | | | ok and valuable input from millert@
* gethostbyname2() and gethostbyaddr() need <sys/socket.h>; discussed withtim2015-12-191-6/+8
| | | | millert@
* tweak previous;jmc2015-12-162-4/+5
|
* Remove support for HOSTALIASES from the resolver. This "open and parsederaadt2015-12-162-15/+6
| | | | | | | | any file indicated by an environment variable" feature inside the resolver is incompatible with what pledge "dns" is trying to be. It is a misguided "feature" added way back in history which almost noone uses, but everyone has to assume the risk from. ok eric florian kettenis
* s/begining/beginning/gmmcc2015-12-141-2/+2
|
* syslog() here is pointless; ok millertderaadt2015-11-251-2/+0
|
* Use reentrant versions of getpw{nam,uid} and getgr{nam,gid} withinmillert2015-11-242-7/+10
| | | | | | | libc to avoid reusing the static buffers returned by the non-reentrant versions. Since this is inside libc we can use constants for the buffer sizes instead of having to call sysconf(). OK guenther@ deraadt@
* point to netintro(4) rather than (now removed) networking(4);jmc2015-11-212-6/+6
|
* update NAME section to include all documented functions,jmc2015-11-104-12/+12
| | | | | | or otherwise change Dt to reflect the name of an existing function; feedback/ok schwarze
* inet(4), not inet(3);jmc2015-11-081-3/+3
|
* delete old lint ARGSUSED commentsguenther2015-11-011-2/+1
|
* Switch if_nameindex(3) to use the new NET_RT_IFNAMES sysctl to get theclaudio2015-10-233-88/+73
| | | | | | | | list of interface names. At the same time switch if_nametoindex(3) and if_indextoname(3) to use if_nameindex(3) instead of getifaddrs(3). if_nameindex(3) exposes much less then getifaddrs(3) and is allowed by pledge(2). With and OK deraadt@
* Use waitpid() instead of wait() to avoid returning early from another childguenther2015-10-231-2/+3
| | | | | | exiting, and loop the waitpid() on EINTR ok deraadt@ millert@
* Cast ctype function arguments to unsigned char.mmcc2015-10-221-2/+2
| | | | ok guenther@
* Wrap <resolv.h> so that internal calls go directguenther2015-10-053-5/+11
| | | | ok millert@
* wrap __ivaliduser_sa() so the internal call is direct (at least until weguenther2015-10-041-0/+2
| | | | stop exporting it)
* recv() and send() aren't overriden by libpthread (vs recvfrom() and sendto()!)guenther2015-10-042-2/+4
| | | | so wrap them to make internal calls go direct
* Wrap <ifaddrs.h>, <netinet/in.h>, and <netinet/if_ether.h> so internalguenther2015-09-143-3/+7
| | | | calls go direct and all the symbols are weak
* Wrap <net/if.h> and <net/if_dl.h> so internal calls go direct and all theguenther2015-09-142-2/+4
| | | | symbols are weak
* Finish wrapping <netdb.h> so that calls go direct and the symbols are all weakguenther2015-09-149-9/+24
|
* Wrap <arpa/inet.h> and <arpa/nameser.h> so that calls go direct and theguenther2015-09-135-5/+11
| | | | symbols without underbar prefix are all weak
* Wrap <unistd.h> so that internal calls go direct and they're all weak symbolsguenther2015-09-124-2/+6
| | | | Delete unused 'fd' argument from internal function oldttyname()
* _getnetbyaddr and _getnetbyname appear to be historical accidents inderaadt2015-09-113-103/+2
| | | | our tree. ok guenther miod
* tweak Nd after previous; ok mpijmc2015-09-101-2/+2
|
* Remove link_addr(3). A function to encode the name of an interface inmpi2015-09-103-136/+8
| | | | | | | | | | | | a sockaddr_dl is a questionnable interface. But now it makes it harder to properly reference ifp becauses of this. Set sdl_index to the index of the corresponding interface when constructing a routing message. Ridding previous libc crank. ok guenther@, deraadt@, dlg@
* Use nanosleep instead of sleep to avoid the extra layer and simplify laterguenther2015-08-301-5/+8
| | | | | | symbol hiding ok w/tweak deraadt@
* force reseeding if pid has changed.eric2015-06-041-2/+7
| | | | ok deraadt@
* rev 1.3 introduced a check to an if statement without adding braces.jsg2015-05-141-3/+1
| | | | | | | Claudio points out the size is checked by an earlier test so just remove it to restore the original handling of the partial octet case. Discussed with claudio and gilles.
* Make rcmdsh(3) not fail if it is passed a non resolvable hostname.halex2015-03-233-20/+16
| | | | | | | Instead, silently ignore the fact and instead let the underlying ssh (or $RSH) command handle it. ok millert@
* differentiate between a failed read, returning -1, and encounteringhalex2015-03-221-2/+4
| | | | | | | end-of-file, returning 0, in order not to print an unrelated strerror(errno) in the latter case ok millert@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 10:38:22 +0000