| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
This moves the compatibility include files from include to
include/compat so we can use the awful MS C compiler
<../include/> trick to emulate the GNU #include_next extension.
This also removes a few old compat files we do not need anymore.
|
| |
|
|
|
|
|
| |
Mirror the patch to ui_openssl.c, also fix the broken conditional that
made it not actually turn off echo in the first place.
ok guenther@
|
| | |
|
| | |
|
| |
|
|
| |
this also adds a rename shim that allows overwrites
|
| |
|
|
|
|
|
|
|
|
|
| |
From deraadt@ upstream:
Remove all getenv() calls, especially those wrapped by issetugid().
getenv()'s wrapped by issetugid() are safe, but issetugid() is ...
difficult to impliment on many operating systems. By accident, a grand
experiment was run over the last year, where issetugid() returned 1 (the
safe value) on a few operating systems. Noone noticed & complained that
certain environment variables were not working.......
|
| |
|
|
|
| |
This includes a WIP failsafe issetugid for now, while research continues
on the proper way to do this in a race-free fashion in AIX.
|
| |
|
|
|
| |
Noticed while testing similar code for AIX.
ok beck@
|
| |
|
|
|
| |
Fail closed if we cannot obtain the process flags. Noticed while looking
at a similar function for AIX.
|
| |
|
|
|
|
| |
The current NetBSD release, 6.1.5, fails to reseed arc4random fork. Work
around it by providing arc4random/getentropy shims. Revisit when NetBSD
7 is available.
|
| |
|
|
|
|
|
|
|
|
| |
tested on: HP-UX 11.31 ia64,
gcc 4.7.1(HP AllianceOne version)
gcc 4.2.3(http://hpux.connect.org.uk)
HP C/aC++
HP-UX defaults to use LP32 and it treats long as 32 bit (= 4 bytes).
This build forces LP64 for treating long as 64 bit.
|
| |
|
|
|
| |
This adds a Windows-specific versions of several symbols from libcrypto
and openssl(1).
|
| |
|
|
| |
ok bcook@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The FreeBSD-native arc4random_buf implementation falls back to weak
sources of entropy if the sysctl fails. Remove these dangerous fallbacks
by overriding locally.
Unfortunately, pthread_atfork() is broken on FreeBSD (at least 9 and 10)
if a program does not link to -lthr. Callbacks registered with
pthread_atfork() simply fail silently. So, it is not always possible to
detect a PID wraparound. I wish we could do better.
This improves arc4random_buf's safety compared to the native FreeBSD
implementation. Tested on FreeBSD 9 and 10.
ok beck@ deraadt@
|
| |
|
|
| |
ok @doug
|
| |
|
|
|
|
|
|
|
| |
Simplify autoconf checks by using AC_CHECK_FUNCS/HEADERS.
Clarify some ambiguous dependencies around strnlen/strndup.
Unconditionally enable pidwraptest for all arc4random implementations.
Remove HAVE_VASPRINTF conditional, since asprintf requires vasprintf.
ok @doug
|
| |
|
|
|
|
|
|
|
| |
* use the original name for the file from OpenSSH (remove duplicate version)
* add va_copy/__va_copy checks to configure
* incorporate proposed fixes to openssh version:
+ include more system headers directly for various definitions
+ limit the scope of va_copy/va_end to their affected vsnprintf calls
+ simplify error handling, removing a dead assignment
|
| | |
|
| |
|
|
| |
ok deraadt@ beck@
|
| |
|
|
| |
ok deraadt@ beck@
|
| |
|
|
| |
ok deraadt@ beck@
|
| | |
|
| | |
|
| |
|
|
|
|
| |
the thread-private bits can move next
ok beck@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From kettenis@
People have suggested using pthread_atfork(3) before, but discarded
the idea because it involves linking with -lpthread, which has other
undesirable consequences. However:
* Most systems actually have pthread_atfork(3) in libc. I verified
this on OS X and Solaris. I believe this is the case on Linux
systems that use musl as well.
* On Linux systems that use glibc, this isn't the case. However,
those systems have __register_atfork(3), which is fully documented
in the "Linux Standard Base Core Specification".
ok kettenis@ deraadt@ beck@
|
| | |
|
| |
|
