glibc's closefrom implementation does not work in a chroot when the kernel
does not have close_range. It tries to read from /proc/self/fd and when
that fails dies with an assertion of sorts. Instead, call close_range
ourselves from our compat code and fall back if that fails. bz#3349,
with william.wilson at canonical.com and fweimer at redhat.com.
HP-UX 10.x has a getline() implementation in libc that does not behave
as we expect so don't use it. With correction from Thorsten Glaser and
typo fix from Larkin Nickle.
Users of MD5-hashed password should arrange for ./configure to link
against libxcrypt or similar. Though it would be better to avoid use
of MD5 password hashing entirely, it's arguably worse than DEScrypt.
feedback and ok dtucker@
If we have to increase nfds because startup_pipe[0] is above any of the
descriptors passed in the fd_sets, we also need to add 1 to nfds since
select takes highest FD number plus one. bz#3345 from yaroslav.kuzmin
at vmssoftware.com.
On the second and subsequent calls to pselect the notify_pipe was not
added to the select readset, opening up a race that om G. Christensen
discovered on multiprocessor Solaris <=9 systems.
Also reinitialize notify_pipe if the pid changes. This will prevent a
parent and child from using the same FD, although this is not an issue
in the current structure it might be in future.
On platforms where closefrom returns void (eg glibc>=2.34) the prototype
for closefrom in its compat tests would cause compile errors. Remove
this and have the tests pull in the compat headers in the same way as
the main code. bz#3336.
This is basically the existing notify_pipe kludge from serverloop.c
moved behind a pselect interface. It works by installing a signal
handler that writes to a pipe that the select is watching, then calls
the original handler.
The select call in serverloop will become pselect soon, at which point the
kludge will be removed from thereand will only exist in the compat layer.
Original code by markus, help from djm.
In -portable, defines.h ensures that these are defined, so redefining
potentially causes a warning. We don't just delete it to make any
future code syncs a little but easier. bz#3293.
This ensures that the macros in log.h are defined in the case where
either of --with-solaris-projects or --with-solaris-privs are used
without --with-solaris-contracts. bz#3278.
FreeBSD has login_getpwclass() that does some special magic for
UID=0. Prefer this to login_getclass() as its easier to emulate
the former with the latter.
Based on FreeBSD PR 37416 via Ed Maste; ok dtucker@
We needed a mkdtemp() that accepted template paths that did not
end in XXXXXX a long time ago for KRB4, but that code is long
deprecated. We no longer need to replace mkdtemp() for strictly
following POSIX. ok dtucker@
Prevents following warning from clang 10:
bcrypt_pbkdf.c:94:40: error: expression does not compute the number of
elements in this array; element type is ´uint32_tÂ[...]
place parentheses around the ´sizeof(uint64_t)´ expression to
silence this warning
The point of the dummy declaration is so that MAKE_CLONE(...) can have
a trailing semicolon without introducing an empty declaration. So,
the macro replacement text should *not* have a trailing semicolon,
just like DEF_WEAK.
sigaction(2). This wrapper blocks all other signals during the handler
preventing races between handlers, and sets SA_RESTART which should reduce
the potential for short read/write operations.
OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519
If the system (or one of the dependencies) implements memmem but does
not define the header, we would not declare it either resulting in
compiler warnings. Check for declaration explicitly. bz#3102.
revision 1.48
date: 2019/02/04 16:45:40; author: millert; state: Exp; lines: +16 -17; commitid: cpNtVC7erojNyctw;
Make gl_pathc, gl_matchc and gl_offs size_t in glob_t to match POSIX.
This requires a libc major version bump. OK deraadt@
revision 1.47
date: 2017/05/08 14:53:27; author: millert; state: Exp; lines: +34 -21; commitid: sYfxfyUHAfarP8sE;
Fix exponential CPU use with repeated '*' operators by changing '*'
handling to be interative instead of recursive.
Fix by Yves Orton, ported to OpenBSD glob.c by Ray Lai. OK tb@
revision 1.46
date: 2015/12/28 22:08:18; author: mmcc; state: Exp; lines: +5 -9; commitid: 0uXuF2O13NH9q2e1;
Remove NULL-checks before free() and a few related dead assignments.
ok and valuable input from millert@
revision 1.43
date: 2015/06/13 16:57:04; author: deraadt; state: Exp; lines: +4 -4; commitid: zOUKuqWBdOPOz1SZ;
in glob() initialize the glob_t before the first failure check.
from j@pureftpd.org
ok millert stsp
revision 1.42
date: 2015/02/05 12:59:57; author: millert; state: Exp; lines: +2 -1; commitid: DTQbfd4poqBW8iSJ;
Include stdint.h, not limits.h to get SIZE_MAX. OK guenther@
revision 1.40
date: 2013/09/30 12:02:34; author: millert; state: Exp; lines: +14 -15;
Use PATH_MAX, NAME_MAX and LOGIN_NAME_MAX not MAXPATHNAMELEN,
MAXNAMLEN or MAXLOGNAME where possible. OK deraadt@
revision 1.39
date: 2012/01/20 07:09:42; author: tedu; state: Exp; lines: +4 -4;
the glob stat limit is way too low. bump to 2048.
while here, failed stats should count against the limit too.
ok deraadt sthen stsp
This makes mysignal implement reliable BSD semantics according to
Stevens' APUE. This was first attempted in 2001 but was reverted
due to problems with HP-UX 10.20 and select() and possibly grantpt().
Modern systems should be fine with it, but if any current platforms have
a problem with it now we can disable it just for those. ok djm@
Dropping this privilege removes the ability to create hard links to
files owned by other users. This is required for the legacy sftp rename
operation.
bz#3036; approach ok Alex Wilson (the original author of the Solaris
sandbox/pledge replacement code)
Rather than attempt to apply 14 years' worth of changes to OpenBSD's sha2
I imported the current versions directly then re-applied the portability
changes. This also allowed re-syncing digest-libc.c against upstream.
Darren Tucker
Damien Miller
Tim Rice
David Carlier
Michael Forney
dtucker@openbsd.org