introduce two new APIs for requesting strong random numbers:
arc4random_buf() - fill an arbitrary memory range with random numbers
arc4random_uniform() - return a uniformly distributed random number
below
a specified upper bound, avoiding the bias that comes from a naive
"arc4random() % upper_bound" construction.
these mirror similarly-named functions in the kernel;
lots of discussion deraadt@ mcbride@
isolate its usage to libpthread only and replace with generic non-static
mutex support in the one place it is needed:
- remove _FD_LOCK/UNLOCK from lseek and ftruncate in libc and make the
functions weak so that libpthread can override with its own new
versions that do the locking.
- remove _thread_fd_lock/unlock() weak functions from libc and adjust
libpthread for the change.
- add generic _thread_mutex_lock/unlock/destroy() weak functions in libc
to support non-static mutexes in libc and add libpthread and librthread
implementations for them. libc can utilize non-static mutexes via the
new _MUTEX_LOCK/UNLOCK/DESTROY() macros. Actually these new macros can
support both static and non-static mutexes but currently only using
them for non-static.
- make opendir/closedir/readdir/readdir_r/seekdir/telldir() thread-safe
for both thread libraries by using a non-static mutex in the struct
_dirdesc (typedef DIR), utilizing it in the *dir functions and remove
remaining and incorrect _FD_LOCK/UNLOCK() use in libc.
- add comments to both thread libraries to indicate libc depends on the
current implementation of static mutex initialization. suggested by
marc@
- major bump libc and libpthread due to function removal, structure
change and weak symbol conversions.
okay marc@, tedu@
combined GCC and ISO committees managed to make out of it.
With this, gcc >= 4.3 can grok its way through it correctly.
okay kettenis@, with some help figuring stuff out.
be MI since we removed stuff that was arch-dependent). The Configure script
still rebuilds a copy of that file, and we check it for diffs.
okay millert@
- move TIMEOUT* defines to arpa/tftp.h, as they are used several times
in tftpd and tftp, and the values are part of the RFC definition.
- tftpd and tftp did count the total retransmission time in retries
instead in seconds. fixed.
- tftpd rexmt timeout was hardcoded by a define and therefore didn't
changed when the timeout option was sent. fixed.
- limit total retransmission timeout in tftp to also 255 seconds.
- replace obvious atoi()'s by strtonum().
ok claudio@
Note:
While testing the new option, we noticed that our stable tftpd has
a problem if any option is set (e.g. tsize) and you try to put a file.
This has nothing todo with our new blksize option. We fix this as
next.
ok claudio@
- Fix semantics: seekdir(pos); telldir() shoud return pos. The code
that implements this will be made faster in a later commit.
- We loose documented behaviour (after closedir() the telldir()
positions are not valid anymore). This was never in Posix, and most
other systems have nothing like it.
Diff originally from Paul Thorn, rewritten by me using some FreeBSD
code. "slap it in" deraadt@