|  | Commit message (Collapse) | Author | Age | Files | Lines | 
|---|
| ... |  | 
| | 
| 
| 
| 
| 
| 
| | resistant to prediction atacks by wrapping the existing LCG in a
random permutation generator based on a Luby-Rackoff block cipher.
lots of discussion and final ok deraadt@ | 
| | 
| 
| 
| 
| 
| 
| | Use arc4random_uniform() when the desired random number upper bound
is not a power of two
ok deraadt@ millert@ | 
| | 
| 
| 
| 
| 
| | calls vfork(2). "untested, but looks OK" marc@
- document vfork(2), popen(3) and system(3) don't call atfork handlers
in multithreaded programs. okay jmc@ | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| 
| | Instead, just return 1 if there is a difference.
Found by lint.
OK millert. | 
| | 
| 
| 
| | - simplify a macro call (Do/Dc -> Dq) | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | introduce two new APIs for requesting strong random numbers:
arc4random_buf() - fill an arbitrary memory range with random numbers
arc4random_uniform() - return a uniformly distributed random number
below
a specified upper bound, avoiding the bias that comes from a naive
"arc4random() % upper_bound" construction.
these mirror similarly-named functions in the kernel;
lots of discussion deraadt@ mcbride@ | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | should be good, plus it prevents weird things from happening if
len > INT_MAX.
- Since n is now size_t, compare it against 0 instead of >= 0.
- temp is used to store individual bytes, so use char instead
(matches fp and tp).
- millert noted that the comma operator may not guarantee order of
execution, so replace with semicolons.
Found by lint, OK millert. | 
| | 
| 
| 
| 
| 
| | cast to make it explicit.
Found by lint, OK millert. | 
| | 
| 
| 
| 
| | prevents a few "cannot free mem because i need mem to free mem"
scenarios (one found by weingart@). ok weingart@ millert@ miod@ | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | instead of the generic pthread macros since free(3) uses __arc4_getbyte()
when freeing small sized allocations and the generic pthread macros call
malloc(3).
- eliminate passing pointers to a static variable with global scope (rs)
for additional code clarity and reduction.
- shlib minor bumps for libc and libpthread due to new functions.
From andreas@ with some bits from me. okay tedu@ marc@ w/some spot
checking from millert@ | 
| | 
| 
| 
| | sys/dev/pci/pciide.c from naddy@ | 
| | 
| 
| 
| | both static and non-static mutexs. | 
| | 
| 
| 
| | OK millert@ | 
| | 
| 
| 
| 
| 
| | Therefore added math.h to SYNPOSIS.
OK millert@ | 
| | 
| 
| 
| 
| 
| | "suggest parentheses around && within ||"
ok millert@ | 
| | 
| 
| 
| | feedback and ok espie@ | 
| | |  | 
| | 
| 
| 
| | ok jmc@ | 
| | 
| 
| 
| | ok millert | 
| | 
| 
| 
| 
| 
| | Mostly path construction, where truncation could be bad.
ok and input from deraadt@ millert@ ray@ | 
| | 
| 
| 
| | ok millert@ ray@ | 
| | |  | 
| | 
| 
| 
| | Based on a diff from Mike Belopuhov.  OK jmc@ | 
| | |  | 
| | 
| 
| 
| | object destructors called at dlclose() time.  Inspired by similar changes in FreeBSD and NetBSD. | 
| | |  | 
| | |  | 
| | |  | 
| | |  | 
| | 
| 
| 
| | OK jmc and millert. | 
| | |  | 
| | 
| 
| 
| | OK otto@ | 
| | 
| 
| 
| 
| 
| 
| 
| | Document that getopt_long(3) can and will accept unique abbreviated long
option names.  This feature has been present since getopt_long(3) was first
released in NetBSD 1.5.  This is also standard GNU getopt_long(3) behavior.
ok millert | 
| | 
| 
| 
| | from FreeBSD.  With help from jmc@. | 
| | 
| 
| 
| 
| 
| 
| | is more readable than
`.' notation
zap some silly .Tn whilst here; | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | isolate its usage to libpthread only and replace with generic non-static
mutex support in the one place it is needed:
 - remove _FD_LOCK/UNLOCK from lseek and ftruncate in libc and make the
   functions weak so that libpthread can override with its own new
   versions that do the locking.
 - remove _thread_fd_lock/unlock() weak functions from libc and adjust
   libpthread for the change.
 - add generic _thread_mutex_lock/unlock/destroy() weak functions in libc
   to support non-static mutexes in libc and add libpthread and librthread
   implementations for them. libc can utilize non-static mutexes via the
   new _MUTEX_LOCK/UNLOCK/DESTROY() macros. Actually these new macros can
   support both static and non-static mutexes but currently only using
   them for non-static.
 - make opendir/closedir/readdir/readdir_r/seekdir/telldir() thread-safe
   for both thread libraries by using a non-static mutex in the struct
   _dirdesc (typedef DIR), utilizing it in the *dir functions and remove
   remaining and incorrect _FD_LOCK/UNLOCK() use in libc.
 - add comments to both thread libraries to indicate libc depends on the
   current implementation of static mutex initialization. suggested by
   marc@
 - major bump libc and libpthread due to function removal, structure
   change and weak symbol conversions.
okay marc@, tedu@ | 
| | |  | 
| | |  | 
| | 
| 
| 
| | OK jmc@. | 
| | 
| 
| 
| | OK moritz@ and jaredy@ | 
| | 
| 
| 
| 
| 
| | wrappers around fopen/fclose.  From tbert.
OK millert@, tedu@, and itojun@. | 
| | 
| 
| 
| 
| 
| 
| | to #ifdefs where they are used.  Found by lint by bret dot lambert
at gmail.
OK deraadt@. | 
| | 
| 
| 
| | OK moritz@. | 
| | 
| 
| 
| | OK moritz@ and jaredy@. | 
| | 
| 
| 
| 
| 
| | getaddrinfo reentrant.
OK millert@ and deraadt@. | 
| | |  | 
| | 
| 
| 
| | Sync the documentation in getpid with arc4random's format. | 
| | 
| 
| 
| | some time ago--it caused too many problems. |