sync with OpenBSD -current
This commit is contained in:
parent
c0bca71075
commit
4d0363822b
GPG Key ID:
F42C07F07E2E35B7
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: unistd.h,v 1.110 2024/08/02 01:53:21 guenther Exp $ */
|
||||
/* $OpenBSD: unistd.h,v 1.111 2024/08/02 22:14:54 guenther Exp $ */
|
||||
/* $NetBSD: unistd.h,v 1.26.4.1 1996/05/28 02:31:51 mrg Exp $ */
|
||||
|
||||
/*-
|
||||
@ -474,6 +474,12 @@ int unlinkat(int, const char *, int);
|
||||
#if __POSIX_VISIBLE >= 202405 || __BSD_VISIBLE
|
||||
int getentropy(void *, size_t);
|
||||
#endif
|
||||
#if __XPG_VISIBLE >= 800 || __BSD_VISIBLE
|
||||
int getresgid(gid_t *, gid_t *, gid_t *);
|
||||
int getresuid(uid_t *, uid_t *, uid_t *);
|
||||
int setresgid(gid_t, gid_t, gid_t);
|
||||
int setresuid(uid_t, uid_t, uid_t);
|
||||
#endif
|
||||
|
||||
#if __BSD_VISIBLE
|
||||
int dup3(int, int, int);
|
||||
@ -492,8 +498,6 @@ int getdomainname(char *, size_t)
|
||||
int getdtablecount(void);
|
||||
int getgrouplist(const char *, gid_t, gid_t *, int *);
|
||||
mode_t getmode(const void *, mode_t);
|
||||
int getresgid(gid_t *, gid_t *, gid_t *);
|
||||
int getresuid(uid_t *, uid_t *, uid_t *);
|
||||
pid_t getthrid(void);
|
||||
int getthrname(pid_t, char *, size_t);
|
||||
char *getusershell(void);
|
||||
@ -523,8 +527,6 @@ int sethostname(const char *, size_t);
|
||||
int setlogin(const char *);
|
||||
void *setmode(const char *);
|
||||
int setpgrp(pid_t _pid, pid_t _pgrp); /* BSD compat version */
|
||||
int setresgid(gid_t, gid_t, gid_t);
|
||||
int setresuid(uid_t, uid_t, uid_t);
|
||||
int setthrname(pid_t, const char *);
|
||||
void setusershell(void);
|
||||
int strtofflags(char **, u_int32_t *, u_int32_t *);
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
.\" $OpenBSD: setresuid.2,v 1.9 2015/09/10 17:55:21 schwarze Exp $
|
||||
.\" $OpenBSD: setresuid.2,v 1.10 2024/08/02 22:14:54 guenther Exp $
|
||||
.\"
|
||||
.\" Copyright (c) 2000
|
||||
.\" Sheldon Hearn. All rights reserved.
|
||||
@ -21,7 +21,7 @@
|
||||
.\"
|
||||
.\" $FreeBSD: src/lib/libc/sys/setresuid.2,v 1.12 2001/10/01 16:09:02 ru Exp $
|
||||
.\"
|
||||
.Dd $Mdocdate: September 10 2015 $
|
||||
.Dd $Mdocdate: August 2 2024 $
|
||||
.Dt SETRESUID 2
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -31,7 +31,6 @@
|
||||
.Nm setresuid
|
||||
.Nd get or set real, effective and saved user or group ID
|
||||
.Sh SYNOPSIS
|
||||
.In sys/types.h
|
||||
.In unistd.h
|
||||
.Ft int
|
||||
.Fn getresgid "gid_t *rgid" "gid_t *egid" "gid_t *sgid"
|
||||
@ -89,10 +88,13 @@ was invalid.
|
||||
.Xr setreuid 2 ,
|
||||
.Xr setuid 2
|
||||
.Sh STANDARDS
|
||||
These functions are not part of the
|
||||
.St -p1003.1
|
||||
specification.
|
||||
While they are not completely portable, they are the least ambiguous way to
|
||||
manage user and group IDs.
|
||||
The
|
||||
.Fn getresgid ,
|
||||
.Fn getresuid ,
|
||||
.Fn setresgid ,
|
||||
and
|
||||
.Fn setresuid
|
||||
functions conform to the X/Open System Interfaces option of
|
||||
.St -p1003.1-2024 .
|
||||
.Sh HISTORY
|
||||
These functions first appeared in HP-UX.
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: crypto_ex_data.c,v 1.2 2024/08/02 14:02:33 tb Exp $ */
|
||||
/* $OpenBSD: crypto_ex_data.c,v 1.4 2024/08/03 07:45:26 tb Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2023 Joel Sing <jsing@openbsd.org>
|
||||
*
|
||||
@ -19,7 +19,7 @@
|
||||
|
||||
#include <openssl/crypto.h>
|
||||
|
||||
#define CRYPTO_EX_DATA_MAX_INDEX 16
|
||||
#define CRYPTO_EX_DATA_MAX_INDEX 32
|
||||
|
||||
struct crypto_ex_data {
|
||||
int class_index;
|
||||
@ -104,7 +104,7 @@ CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
|
||||
sizeof(struct crypto_ex_data_class))) == NULL)
|
||||
goto err;
|
||||
if ((new_class->indexes = calloc(CRYPTO_EX_DATA_MAX_INDEX,
|
||||
sizeof(struct crypto_ex_data_index))) == NULL)
|
||||
sizeof(struct crypto_ex_data_index *))) == NULL)
|
||||
goto err;
|
||||
new_class->indexes_len = CRYPTO_EX_DATA_MAX_INDEX;
|
||||
new_class->next_index = 1;
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: ec_kmeth.c,v 1.13 2023/11/19 15:46:09 tb Exp $ */
|
||||
/* $OpenBSD: ec_kmeth.c,v 1.14 2024/08/03 13:06:37 tb Exp $ */
|
||||
/*
|
||||
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||
* project.
|
||||
@ -149,7 +149,7 @@ EC_KEY_new_method(ENGINE *engine)
|
||||
ret->conv_form = POINT_CONVERSION_UNCOMPRESSED;
|
||||
ret->references = 1;
|
||||
|
||||
if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data))
|
||||
if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, &ret->ex_data))
|
||||
goto err;
|
||||
if (ret->meth->init != NULL && ret->meth->init(ret) == 0)
|
||||
goto err;
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: ssl.h,v 1.7 2024/07/14 15:39:36 tb Exp $ */
|
||||
/* $OpenBSD: ssl.h,v 1.8 2024/08/03 04:50:27 tb Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
|
||||
*
|
||||
@ -105,6 +105,7 @@ LSSL_USED(SSL_CTX_set_timeout);
|
||||
LSSL_USED(SSL_CTX_get_timeout);
|
||||
LSSL_USED(SSL_CTX_get_cert_store);
|
||||
LSSL_USED(SSL_CTX_set_cert_store);
|
||||
LSSL_USED(SSL_CTX_set1_cert_store);
|
||||
LSSL_USED(SSL_CTX_get0_certificate);
|
||||
LSSL_USED(SSL_CTX_get0_privatekey);
|
||||
LSSL_USED(SSL_want);
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
.\" $OpenBSD: SSL_CTX_set_cert_store.3,v 1.7 2018/03/27 17:35:50 schwarze Exp $
|
||||
.\" $OpenBSD: SSL_CTX_set_cert_store.3,v 1.8 2024/08/03 04:53:01 tb Exp $
|
||||
.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
|
||||
.\"
|
||||
.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
|
||||
@ -48,17 +48,20 @@
|
||||
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.Dd $Mdocdate: March 27 2018 $
|
||||
.Dd $Mdocdate: August 3 2024 $
|
||||
.Dt SSL_CTX_SET_CERT_STORE 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
.Nm SSL_CTX_set_cert_store ,
|
||||
.Nm SSL_CTX_set1_cert_store ,
|
||||
.Nm SSL_CTX_get_cert_store
|
||||
.Nd manipulate X509 certificate verification storage
|
||||
.Sh SYNOPSIS
|
||||
.In openssl/ssl.h
|
||||
.Ft void
|
||||
.Fn SSL_CTX_set_cert_store "SSL_CTX *ctx" "X509_STORE *store"
|
||||
.Ft void
|
||||
.Fn SSL_CTX_set1_cert_store "SSL_CTX *ctx" "X509_STORE *store"
|
||||
.Ft X509_STORE *
|
||||
.Fn SSL_CTX_get_cert_store "const SSL_CTX *ctx"
|
||||
.Sh DESCRIPTION
|
||||
@ -73,6 +76,15 @@ object is currently set in
|
||||
.Fa ctx ,
|
||||
it will be freed.
|
||||
.Pp
|
||||
.Fn SSL_CTX_set1_cert_store
|
||||
sets the verification storage of
|
||||
.Fa ctx
|
||||
to or replaces it with
|
||||
.Fa store .
|
||||
The
|
||||
.Fa store Ns 's
|
||||
reference count is incremented.
|
||||
.Pp
|
||||
.Fn SSL_CTX_get_cert_store
|
||||
returns a pointer to the current certificate verification storage.
|
||||
.Pp
|
||||
@ -128,3 +140,7 @@ and
|
||||
.Fn SSL_CTX_get_cert_store
|
||||
first appeared in SSLeay 0.8.1 and have been available since
|
||||
.Ox 2.4 .
|
||||
.Pp
|
||||
.Fn SSL_CTX_set1_cert_store
|
||||
first appeared in OpenSSL 1.1.1 and has been available since
|
||||
.Ox 7.6 .
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: ssl.h,v 1.239 2024/07/14 15:39:36 tb Exp $ */
|
||||
/* $OpenBSD: ssl.h,v 1.240 2024/08/03 04:50:27 tb Exp $ */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
@ -1107,6 +1107,9 @@ long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
|
||||
long SSL_CTX_get_timeout(const SSL_CTX *ctx);
|
||||
X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *);
|
||||
void SSL_CTX_set_cert_store(SSL_CTX *, X509_STORE *);
|
||||
#if defined(LIBRESSL_INTERNAL) || defined(LIBRESSL_NEXT_API)
|
||||
void SSL_CTX_set1_cert_store(SSL_CTX *ctx, X509_STORE *store);
|
||||
#endif
|
||||
X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx);
|
||||
EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx);
|
||||
int SSL_want(const SSL *s);
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: ssl_lib.c,v 1.328 2024/07/20 04:04:23 jsing Exp $ */
|
||||
/* $OpenBSD: ssl_lib.c,v 1.329 2024/08/03 04:50:27 tb Exp $ */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
@ -3403,6 +3403,16 @@ SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store)
|
||||
}
|
||||
LSSL_ALIAS(SSL_CTX_set_cert_store);
|
||||
|
||||
void
|
||||
SSL_CTX_set1_cert_store(SSL_CTX *ctx, X509_STORE *store)
|
||||
{
|
||||
if (store != NULL)
|
||||
X509_STORE_up_ref(store);
|
||||
|
||||
SSL_CTX_set_cert_store(ctx, store);
|
||||
}
|
||||
LSSL_ALIAS(SSL_CTX_set1_cert_store);
|
||||
|
||||
X509 *
|
||||
SSL_CTX_get0_certificate(const SSL_CTX *ctx)
|
||||
{
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: locore.S,v 1.147 2024/03/17 05:49:41 guenther Exp $ */
|
||||
/* $OpenBSD: locore.S,v 1.148 2024/08/02 22:24:51 guenther Exp $ */
|
||||
/* $NetBSD: locore.S,v 1.13 2004/03/25 18:33:17 drochner Exp $ */
|
||||
|
||||
/*
|
||||
@ -182,7 +182,9 @@ sigcodecall:
|
||||
.globl sigcoderet
|
||||
sigcoderet:
|
||||
int3
|
||||
1: JMP_RETPOLINE(rax)
|
||||
1: CODEPATCH_START
|
||||
JMP_RETPOLINE(rax)
|
||||
CODEPATCH_END(CPTAG_RETPOLINE_RAX)
|
||||
.globl esigcode
|
||||
esigcode:
|
||||
.globl sigfill
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: netcat.c,v 1.226 2023/08/14 08:07:27 tb Exp $ */
|
||||
/* $OpenBSD: netcat.c,v 1.227 2024/08/02 21:08:47 jan Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2001 Eric Jackson <ericj@monkey.org>
|
||||
* Copyright (c) 2015 Bob Beck. All rights reserved.
|
||||
@ -778,7 +778,7 @@ timeout_tls(int s, struct tls *tls_ctx, int (*func)(struct tls *))
|
||||
struct pollfd pfd;
|
||||
int ret;
|
||||
|
||||
while ((ret = (*func)(tls_ctx)) != 0) {
|
||||
while ((ret = func(tls_ctx)) != 0) {
|
||||
if (ret == TLS_WANT_POLLIN)
|
||||
pfd.events = POLLIN;
|
||||
else if (ret == TLS_WANT_POLLOUT)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user