| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
| |
give them names that really exist.
This also helps jmc@'s ongoing work on improving NAME sections.
|
| |
|
|
|
|
| |
entry for them;
feedback/ok schwarze
|
| |
|
|
|
| |
I found drafts of these in my tree, probably originally from
Max Fillinger, that just needed minor polishing.
|
| |
|
|
| |
Already some time ago, bcook@ said these can be installed.
|
| |
|
|
|
|
| |
or otherwise change Dt to reflect the name of an existing function;
feedback/ok schwarze
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
stubs for the executable from crtbegin.o into libc, which lets them be
excluded from static links that don't use them.
For this, drop the normal crt{begin,end}S.o from libc.so: the .init and .fini
sections for libc aren't called at the right times anyway, so it's good that
they're unused. libc.so just needs __guard_local and the .note.openbsd.ident
section, so add them to stack_protector.c for now (this will be improved)
"good time" deraadt@
|
| |
|
|
| |
ok jsing
|
| | |
|
| |
|
|
| |
reported by Ruslan Babayev.
|
| |
|
|
|
|
|
|
|
| |
24 bits; if we don't, Td4[] gets cast to signed int, and according to C>=99
6.5.7, signed int shifted by enough bits to cause a the sign bit to be set
is an UB.
Reported by Pascal Cuoq on behalf of the trust-in-soft.com mafia I am
{partial,slightly related} to.
|
| |
|
|
|
| |
CAST_KEY is constructed. This is expected to reduce blood pressure in
auditors.
|
| |
|
|
|
|
| |
Suggested by WubTheCaptain so the same comparison code can be used with
LibreSSL.
https://www.openssl.org/docs/manmaster/crypto/OPENSSL_VERSION_NUMBER.html
|
| | |
|
| |
|
|
| |
OK jsing@
|
| |
|
|
|
|
|
|
|
| |
"ChaCha20 and Poly1305 for IETF Protocols", introduced a modified AEAD
construction that is incompatible with the common style that has been
already used in TLS with EVP_aead_chacha20_poly1305(). The IETF
version also adds a constant (salt) that is prepended to the nonce.
OK mikeb@ jsing@
|
| | |
|
| |
|
|
|
| |
relying upon previously included headers to do this, to enhance portability;
from Pascal Cuoq, libressl github pull request #52
|
| |
|
|
|
|
| |
doesn't get pulled into all static executables
ok millert@ jca@
|
| |
|
|
|
|
|
|
| |
Wrap __cxa_{atexit,finalize}() so the call from exit() goes direct
Switch regress/lib/libc/atexit/ to be built with -static so that it can
still access __atexit*
ok millert@ jca@
|
| | |
|
| |
|
|
|
|
| |
For backward compatibility, the flags are redefined as 0.
ok jsing@
|
| |
|
|
|
|
| |
No part of LibreSSL checks for this flag any longer.
ok jsing@
|
| |
|
|
|
|
|
|
|
|
| |
ssl23_get_client_hello sets type=1 on error and continues processing.
It should return an error immediately to simplify things. This also
allows us to start removing the last of SSL_OP_NO_SSL*.
Added extra paranoia for s->version to make sure it is set properly.
ok jsing@
|
| |
|
|
|
|
|
|
|
| |
are the errno messages and signal names. Everything else is in
English. We are not planning to translate more text. Running a
mixed system with less than 1% of the text in native language makes
no sense. So remove the NLS support from libc messages. The
catopen(3) functions stay as they are.
OK stsp@ mpi@
|
| |
|
|
|
|
|
| |
wrappers. To keep uses from crawling back in, mark signal() as
deprecated inside libc.
ok deraadt@
|
| |
|
|
|
|
|
|
| |
list of interface names. At the same time switch if_nametoindex(3) and
if_indextoname(3) to use if_nameindex(3) instead of getifaddrs(3).
if_nameindex(3) exposes much less then getifaddrs(3) and is allowed by
pledge(2).
With and OK deraadt@
|
| |
|
|
|
|
| |
exiting, and loop the waitpid() on EINTR
ok deraadt@ millert@
|
| |
|
|
|
|
|
| |
SIGINT and SIGQUIT with sigaction() instead of signal() so that all bits
are preserved.
ok deraadt@ millert@
|
| |
|
|
|
|
|
|
|
| |
into libc, and move pthread_sigmask() as well (just a trivial wrapper).
This provides consistent handling of SIGTHR between single- and multi-threaded
programs and is a step in the merge of all the libpthread overloads, providing
some ASM and Makefile bits that the other wrappers will need.
ok deraadt@ millert@
|
| |
|
|
| |
ok guenther@
|
| |
|
|
|
|
|
| |
ASN1_{GENERALIZED,UTC}TIME_set_string(), which allows it to be called
with a NULL pointer.
ok beck@
|
| |
|
|
|
|
|
|
| |
ASN1_{GENERALIZED,UTC,}TIME_set_string() to be called with a NULL pointer.
Found the hard way by @kinichiro on github.
ok beck@
|
| |
|
|
|
|
|
|
| |
becoming negative in probable_prime_dh_safe(). Reported by Franck Denis who
noticed `openssl gendh 0' would segfault.
Fix adapted from OpenSSL RT#2701.
ok beck@ jsing@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
will end up doing a read and write of up to 7 bytes beyond the specified
length. This is effectively a non-issue since we read and write back the
same data and due to alignment it is within a page boundary.
Regardless, avoid this by removing the "special" handling for the remaining
length and allow the standard (non-chunk) code to process the remaining
bytes, which does not result in overrun.
Reported by Pascal Cuoq <cuoq at trust-in-soft.com> - thanks!
ok beck@ miod@
|
| | |
|
| |
|
|
| |
ok jsing@
|
| |
|
|
|
|
| |
utctime and gentime wrappers accordingly. Along with some other cleanup.
this also removes the need for timegm.
ok bcook@ sthen@ jsing@
|
| |
|
|
| |
few lines above.
|
| |
|
|
| |
macros. The only change in the generated assembly is due to line numbering.
|
| |
|
|
|
| |
DECLARE_ASN1_FUNCTIONS_const already includes this macro so using both
means we end up with duplicate function prototypes and externs.
|
| |
|
|
| |
ok bcook@
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
buf is at all times kept nul terminated, so there is no need to enforce
this again upon exit. (no need to move buf around after we exahust space.)
ok beck miod
|
| |
|
|
| |
ok miod@
|
| |
|
|
|
|
| |
move the bndec variable in tighter since it's not used elsewhere in the
loop, then always free it after use.
ok bcook miod
|
| |
|
|
| |
ok bcook@ deraadt@
|
| | |
|
