summaryrefslogtreecommitdiff
AgeCommit message (Expand)Author
2015-10-02Curve25519 is now specified in draft-ietf-ipsecme-safecurves-00 (alongReyk Floeter
2015-10-02make a && && & block more readable. no binary change.Theo de Raadt
2015-10-02I see no evidence that lstat() is being done for /etc/resolv.conf, norTheo de Raadt
2015-10-02kern_tame.cTheo de Raadt
2015-10-02update the -t args list; ok guentherJason McIntyre
2015-10-02use limits.h instead of sys/param.h to get PATH_MAXTheo de Raadt
2015-10-02avoid sys/param.h, by using PATH_MAXTheo de Raadt
2015-10-02regenMark Kettenis
2015-10-02RFC7634 specifies ChaCha20-Poly1305 for IKEv2 and IPsec and IANAReyk Floeter
2015-10-02Revert previous commit; something is not quite right yet in the bowels of uvmMark Kettenis
2015-10-02Remove MD5 from the default proposals. At least SHA1 seems to be theReyk Floeter
2015-10-02If the policy certreqtype is 0, use the global one instead.Reyk Floeter
2015-10-02fix emailTheo de Raadt
2015-10-02missing ) in COMPAT_LINUX blockTheo de Raadt
2015-10-02Add another invalid time, which is currently accepted.Joel Sing
2015-10-02Make 'pfctl -s all' show queues. pfctl(8) says it does, and 5.4Kenneth R Westerback
2015-10-02replace vxlan port number by its official service name; while here,Igor Sobrado
2015-10-02Flense the greasy black guts of unreadble string parsing code out of three areasBob Beck
2015-10-02s/ssl3_client_kex/ssl3_send_client_kex/ for consistency with the caller.Joel Sing
2015-10-02Talk about 'RADIUS server' in most cases, rather than referring specificallyStuart Henderson
2015-10-02Adopt smtpd's imsg_read_nofd() to mitigate the risk of user-injectedReyk Floeter
2015-10-02Replace %s in the format string, with its value (macro).Alexandre Ratchov
2015-10-02use macros for cookie path and temp file template insteadAlexandre Ratchov
2015-10-02add a comment above the rfc1948 code that mentions the rfc so it's easy to findTed Unangst
2015-10-02Validate that midi and audio device numbers are integers.Alexandre Ratchov
2015-10-02As device path is known, use its size instead of PATH_MAXAlexandre Ratchov
2015-10-02Use macros for audio and midi device paths rather than hardcodedAlexandre Ratchov
2015-10-02As the socket path is known, use its size rather that PATH_MAX.Alexandre Ratchov
2015-10-02fix typo in debug messageAlexandre Ratchov
2015-10-02fix typo.Igor Sobrado
2015-10-02typos.Igor Sobrado
2015-10-02fix typo.Igor Sobrado
2015-10-02use macros instead of hard-coded strings for unix sockets pathsAlexandre Ratchov
2015-10-02fix spacingAlexandre Ratchov
2015-10-02remove unused DEFAULT_OPT macroAlexandre Ratchov
2015-10-02add missing El;Jason McIntyre
2015-10-02zap an unneccessary Ev; from michael reedJason McIntyre
2015-10-02Actually, open of /etc/spwd.db must be handled by returning EPERM, notTheo de Raadt
2015-10-02Add ktracing of argv and envp to execve(2), with envp not traced by defaultPhilip Guenther
2015-10-02Controller for the recently imported eigrpd(8) daemon.Renato Westphal
2015-10-02Welcome eigrpdRenato Westphal
2015-10-02mention these pathname calls are checked in nameiTheo de Raadt
2015-10-02remove some debug printf no longer neededTheo de Raadt
2015-10-02changed my mind; block spwd.db, force drop-through to pwd.db for processes un...Theo de Raadt
2015-10-02a sandbox using tameTheo de Raadt
2015-10-02re-order system calls in order of risk, ok i'll be honest, ordered thisTheo de Raadt
2015-10-02oh no, a KERBEROS lefover; from Ilya KalimanTheo de Raadt
2015-10-02detect that a certificate chain will not fit in imsg calls before passingGilles Chehade
2015-10-02in secure_file(), make uid checking on .forward files more strict to avoidGilles Chehade
2015-10-02prevent users from playing hardlink/symlink/mkfifo games with their offlineGilles Chehade
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-26 15:00:23 +0000