openssl.1 contains all of the information from the other application
manpages, and is the only one packaged in OpenBSD. So, remove the other
obsolete .1 manpages (and avoid overlapping system pages like passwd.1)
it seems that including stdarg.h is needed for defining va_list
environment is hpux 11.31(ia64) with gcc 4.7.1.
without stdarg.h, I got compilation error like this.
"error: 'va_list' undeclared (first use in this function)"
I checked with gcc -E, then I noticed that __va_list is defined but va_list is not.
"typedef __gnuc_va_list __va_list;"
with including stdarg.h, va_list is defined.
"typedef __gnuc_va_list va_list;"
* use the original name for the file from OpenSSH (remove duplicate version)
* add va_copy/__va_copy checks to configure
* incorporate proposed fixes to openssh version:
+ include more system headers directly for various definitions
+ limit the scope of va_copy/va_end to their affected vsnprintf calls
+ simplify error handling, removing a dead assignment
This is to avoid redefining prototypes from the libc headers. Also,
simplify the autoconf function checks and remove some copy/paste
errors checking for 'write'.
ok wouter@
Note that gcc chose to disable this rather than cause link issues with
older copies of Solaris 10:
https://gcc.gnu.org/ml/gcc-patches/2012-01/msg00816.html
If we want to support Solaris <10.10 (I'd rather support up-to-date
versions), getentropy_solaris would need to change.
If an OS provides an arc4random_buf implementation in its C library,
prefer it over an in-library version. This allows OS-specific
implementations to become more robust over time. It also prevents
possible link-time confusion as to which arc4random_buf implementation
is in use by an application when linked with LibreSSL.
The built-in unit tests will identify some common issues, such as fork
safety and PID wrap handling. Other elements, such as seeding
mechanisms, should be audited by the vendor or user for correctness.
ok deraadt@ beck@
The original author clarified the license, so we are fine to ship with
the PID wraparound test. Run it by default if libressl is using the
native arc4random supplied from the OS.
ok deraadt@
