remember to set EACCES in bcrypt_checkpass for hash differences.
the higher level crypt_checkpass function will reset errno to EACCES in
all cases, which is probably the right behavior, but this change gives code
working with the lower level functions the correct errno if they care.
use global data. The simplest fix is to only check blowfish passwords,
and implicitly lock out DES passwords.
crypt_checkpass is currently only used in one place, passwd, to verify
the local user's password, so this is probably acceptable.
Gives people a little more time to migrate away from DES before introduing
checkpass into more places.
the same thingies. Therefore these "lists of functions" man pages can go
away.
Hurray! I've wanted these pages to die for around 10 years!
ok ingo (and i think jmc)
to returning strong random by default, source from arc4random(3).
Parameters to the seeding functions are ignored, and the subsystems remain
in strong random mode. If you wish the standardized deterministic mode,
call srand_deterministic(), srandom_determistic(), srand48_deterministic(),
seed48_deterministic() or lcong48_deterministic() instead.
The re-entrant functions rand_r(), erand48(), nrand48(), jrand48() are
unaffected by this change and remain in deterministic mode (for now).
Verified as a good roadmap forward by auditing 8800 pieces of software.
Roughly 60 pieces of software will need adaptation to request the
deterministic mode.
Violates POSIX and C89, which violate best practice in this century.
ok guenther tedu millert
Some 64-bit platforms (e.g. Windows 64) have a 32-bit long. So, shifting
1UL 32-bits to the left causes an overflow. This replaces the constant 1UL with
(size_t)1 so that we get the correct constant size for the platform.
discussed with tedu@ & deraadt@
breaking the hardlink between file system entries, confusing apropos(1).
Split malloc.conf(5) out of malloc(3) as suggested by deraadt@.
Feedback and OK jmc@, OK deraadt@ tedu@ jasper@.
The former is not used anywhere in NetBSD, FreeBSD, or DragonFly
and not supported by groff, so i'm going to delete it from mandoc(1).
We don't need two macros for the same thing.
(potentially) MD versions (function dependent, not filename dependent)
split out memcpy/memmove/bcopy and strchr/index/strrchr/rindex
Bring back amd64 .S versions
And the final touch: switch all architectures temporarily to MI
memcpy.c, which contains syslog + abort for overlapping copies. A nice
harsh undefined behaviour. We will clean the entire userland of the
remaining issues in this catagory, then switch to the optimised memcpy
which skips the memmove check.
I tried to cut this change into pieces, but testing each sub-step on
every architecture is too time consuming and mindnumbing.
ok miod
tedu