According to the OpenBSD man page, "A Replacement Call for Random". It
offers high quality random numbers derived from input data obtained by
the OpenBSD specific getentropy() system call which is declared in
<unistd.h> and must be implemented for each Newlib port externally. The
arc4random() functions are used for example in LibreSSL and OpenSSH.
Cygwin provides currently its own implementation of the arc4random
family. Maybe it makes sense to use this getentropy() implementation:
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libcrypto/crypto/getentropy_win.c?rev=1.4&content-type=text/x-cvsweb-markup
* libc/include/stdlib.h (arc4random): Declare if __BSD_VISIBLE.
(arc4random_buf): Likewise.
(arc4random_uniform): Likewise.
* libc/include/sys/unistd.h (getentropy): Likewise.
* libc/include/machine/_arc4random.h: New file.
* libc/stdlib/arc4random.c: Likewise.
* libc/stdlib/arc4random.h: Likewise.
* libc/stdlib/arc4random_uniform.c: Likewise.
* libc/stdlib/chacha_private.h: Likewise.
* libc/sys/rtems/include/machine/_arc4random.h: Likewise.
* libc/stdlib/Makefile.am (EXTENDED_SOURCES): Add arc4random.c
and arc4random_uniform.c.
* libc/stdlib/Makefile.in: Regenerate.
This function is used by LibreSSL and OpenSSH and is provided by the
OpenBSD libc.
* libc/include/string.h (timingsafe_memcmp): Declare.
* libc/string/timingsafe_memcmp.c: New file.
* libc/string/Makefile.am: Add new file.
* libc/string/Makefile.in: Regenerate.
This function is used by LibreSSL and OpenSSH and is provided by the
OpenBSD libc.
* libc/include/string.h (timingsafe_bcmp): Declare.
* libc/string/timingsafe_bcmp.c: New file.
* libc/string/Makefile.am: Add new file.
* libc/string/Makefile.in: Regenerate.
This function is used by LibreSSL and OpenSSH and is provided by the
OpenBSD libc.
* libc/include/string.h (explicit_bzero): Declare.
* libc/string/explicit_bzero.c: New file.
* libc/string/Makefile.am: Add new file.
* libc/string/Makefile.in: Regenerate.
This guard is used by FreeBSD <sys/socket.h> for example. The FreeBSD
network stack is used in RTEMS.
* newlib/libc/include/sys/types.h (ssize_t): Guard by
_SSIZE_T_DECLARED.
The bswap_* "functions" are macros in glibc, so they may be tested for
by the preprocessor (e.g. #ifdef bswap_16).
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
The u_int/u_char/etc. BSD types are needed by Cygwin's netinet/*.h
headers, so they always need to be available.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
The inclusion of <sys/select.h> is required also by POSIX.1-2001.
setitimer is XSI, and futimesat is GNU.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
Replace all !_POSIX_SOURCE with BSD. All *at functions depend on
ATFILE; futimens is POSIX.1-2008.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
Throughout, use proper internal macros for functions, including those
marked as target-specific. Use ATFILE for all *at functions.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
Throughout, remove __STRICT_ANSI__ and use the proper internal macros.
bcmp, bcopy, bzero, index, and rindex were in POSIX prior to 2008.
memrchr is GNU.
strdup and strndup are POSIX.1-2008.
The int-returning form of strerror_r is POSIX.1-2001.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
Throughout, simplify the C99/C11 conditionals, and replace
__STRICT_ANSI__ with the proper internal POSIX macros. The _*_r
reentrant functions need not be guarded (and most haven't been) because
such names in the global scope are reserved to the implementation.
atoff is unique to newlib.
dtoa is not actually exported (_dtoa_r is used internally), is
nonstandard, and the declaration conflicts with the code included in
MySQL, NSPR, and SpiderMonkey.
mktemp was removed in POSIX.1-2001.
The qsort_r declarations are reordered so that the GNU version retains
precedence.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
Throughout, remove references to __STRICT_ANSI__ and use the proper
internal macros and versions for C99, POSIX, ATFILE for the various *at
functions, or LARGEFILE for fseeko and ftello.
[v]asprintf are GNU extensions, but the *iprintf, *iscanf, and
*asnprintf functions are unique to newlib.
getw and putw were removed from POSIX.1-2001. funopen is BSD, and
fopencookie is GNU.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
Use proper internal macros for BSD sig_t and GNU sighandler_t.
sigaltstack and friends are XSI even in SUSv4 but in glibc are
nonetheless handled as POSIX.1-2008 (not 2001).
The requirement for the ucontext_t typedef in signal.h was XSI prior to
POSIX.1-2008.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
Simplify the C99 conditionals. Mark the drem and gamma functions as
BSD|SVID, the Bessel double functions also XSI and the floats also SUSv3.
signgam is BSD|SVID|XSI, and matherr is SVID. Finally, use the internal
macros to control the symbolic constants.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
_PATH_GROUP is a BSDism. getgr*_r are BSD|SVID|POSIX, and the *grent
functions are BSD|SVID|XPG4v2.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
Most of the !_POSIX_SOURCE code is BSD, although ironically some were
added to POSIX.1-2001.
Use the ATFILE conditional for most of the *at functions, except
futimesat which is GNU.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
MAXNAMLEN is a BSDism.
Use the proper internal macros instead of !_POSIX_SOURCE. telldir and
seekdir are XSI, scandir and alphasort are POSIX.1-2008, and scandirat
is GNU.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
This is the complete rework of the feature tests macros for better
compatibility with GNU libc, primarily based on the Linux man pages
documentation:
http://man7.org/linux/man-pages/man7/feature_test_macros.7.html
The previous implementation was flawed in its approach that macros were
often used to hide symbols if defined (e.g. !defined __STRICT_ANSI__ or
!defined _POSIX_SOURCE), whereas the approach of glibc is that these macros
make symbols available when defined (e.g. defined _BSD_SOURCE, or as used
internally, #if __BSD_VISIBLE). As much open-source software is written
with glibc in mind, this necessitated patching numerous packages just to
compile.
In particular, __STRICT_ANSI__ (which is defined by gcc -ansi or -std=c*)
was given too much importance. This implementation limits the influence
of __STRICT_ANSI__ to controlling the default when no other feature test
macros are defined, and to the inclusion of <alloca.h> in <stdlib.h> as
documented. These are the only places where __STRICT_ANSI__ should be
tested.
The following macros are now accepted: _ATFILE_SOURCE, _BSD_SOURCE,
_DEFAULT_SOURCE, _ISOC99_SOURCE, _ISOC11_SOURCE, _LARGEFILE_SOURCE,
_SVID_SOURCE, _XOPEN_SOURCE_EXTENDED.
The existing __*_VISIBLE internal macros have been kept mostly
compatible with the original BSD implementation, with some changes to
the criteria which controls them. Several more macros in this style
have been added where needed for concision or accuracy.
Enabling C++11 or newer in the compiler also enables C99 and C11
functions. Doing so should help move away from the need to define
_GNU_SOURCE in g++ for _GLIBCXX_USE_C99 support as on Linux:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=51749
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
* ssp.c (lookup_thread_id): Consistently check if tix is a null
pointer.
(run_program): Annotate that STATUS_BREAKPOINT falls-through to
STATUS_SINGLE_STEP case.
(main): Guard against high_pc-low_pc overflow and malloc failure.
Signed-off-by: Jon Turney <jon.turney@dronecode.org.uk>
Add experimental code to workaround the issue described in the thread
starting at
https://cygwin.com/ml/cygwin/2015-07/msg00350.html
There's a hint in https://communities.vmware.com/message/2577858#2577858
that this problem is related to using the AI_ALL flag.
This patch checks if GetAddrInfoW returned with WSANO_RECOVERY and if
the AI_ALL flag was set, it retries GetAddrInfo without the AI_ALL flag.
* net.cc (cygwin_getaddrinfo): Add experimental code to retry
GetAddrInfoW without AI_ALL flag if it returned with WSANO_RECOVERY.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
If the ACL is supposed to reflect only standard POSIX permissions,
and if the permissions are so that user has more perms than group
and group has more perms than other, we don't really need the NULL
SID ACE. If the permissions are that simple, get_posix_access will
not call AuthZ.
* sec_acl.cc (set_posix_perms): Don't write NULL SID ACE if it's
not required. Explain why.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Change the type of the stack pointers to enable pointer calculations at byte
granularity, which is needed for the calculation of _or1k_stack_core[c] and
_or1k_exception_stack_core[c] with _or1k_stack_size and
_or1k_exception_stack_size. (util.c:53-54)
Newlib's setvbuf function is very old and has two bugs:
- It sets the SRD/SWR flags incorrectly in case of files opened for
reading and writing.
See https://cygwin.com/ml/cygwin/2016-03/msg00180.html
for a desription of the effect.
- It always sets the buffer size to BUFSIZ if it's not provided by
the application, independent of the optimal blocksize for the
underlying IO device.
Update setvbuf to latest code from OpenBSD to fix both problems.
* libc/stdio/setvbuf.c (setvbuf): Import latest OpenBSD
implementation.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
To fix a long-standing setvbuf bug, import __swhatbuf function from
OpenBSD and only slightly rearrange for newlib.
* libc/stdio/local.h (__swhatbuf_r): Declare.
* libc/stdio/makebuf (__smakebuf_r): New function.
(__smakebuf_r): Drop file handling code and call __smakebuf_r.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Per the preceeding comment this inline code is disabled since 1993(!)
because of a bug in GCC at the time. This is long gone and the equivalent
inline code is used in the BSDs for quite some time. Enable this code for
newlib as well.
* libc/include/stdio.h (__sputc_r): Enable GCC inline code. Add
handling for targets defining __SCLE.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
When using RFC2307 uid/gid-mapping on Samba shares, the POSIX ACL contains
the Windows SIDs. When writing back such an ACL we have to map the
Windows SIDs back to the corresponding Samba SIDs representing the UNIX
uid/gid value. When reading Samba SIDs, make sure never to evaluate a
UNIX user account as group.
* sec_acl.cc (set_posix_access): Convert Windows SIDs to
RFC2307-mapped Sambe UNIX SIDs.
* sec_helper.cc (cygpsid::get_id): Skip UNIX user accounts when
trying to evaluate a SID as group. Skip UNIX group accounts when
trying to evaluate a SID as user.
* cygheap.h (cygheap_ugid_cache::reverse_get): New method to
get nfs id from cygwin id.
(cygheap_ugid_cache::reverse_get_uid): Wrapper for uids.
(cygheap_ugid_cache::reverse_get_gid): Wrapper for gids.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
So far creating cygsids requires to generate an "S-1-..." string
which is then converted to a SID by cygsid::getfromstr.
Add two new methods:
- cygsid::create (DWORD auth, DWORD subauth_count, ...)
... is a variable length list of subauth_count DWORD values being
the actual subauths.
- cygsid::append (DWORD rid)
allows to append a single RID to an alreaday constituted SID.
* security.h (cygsid::create): Declare public.
(cygsid::append): Ditto.
* sec_helper.cc (cygsid::create): Implement.
(cygsid::append): Implement.
* uinfo.cc (pwdgrp::fetch_account_from_windows): Use both new
methods as appropriate. Drop setting csid from string. Create
SID strings for printing SIDs only.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
gmonparam::state is used in calls to Win32 Interlocked functions.
Having this defined as int breaks the build on i686. Redefine as
LONG (same size and correct type on all platforms) to make gcc happy.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>