Age | Commit message (Collapse) | Author | |
---|---|---|---|
2015-10-25 | Remove last vestige of SSL_OP_NO_SSLv3 support. | Doug Hogan | |
No part of LibreSSL checks for this flag any longer. ok jsing@ | |||
2015-10-25 | Simplify ssl23_get_client_hello error handling. | Doug Hogan | |
ssl23_get_client_hello sets type=1 on error and continues processing. It should return an error immediately to simplify things. This also allows us to start removing the last of SSL_OP_NO_SSL*. Added extra paranoia for s->version to make sure it is set properly. ok jsing@ | |||
2015-10-25 | Decapitalize yyparse tag name here. | Vadim Zhukov | |
okay jmc@ | |||
2015-10-25 | strvis directory names in ps | Dmitrij Czarkoff | |
OK stsp@ | |||
2015-10-25 | Simple sizes for free(9). | Martin Pieuchot | |
ok claudio@ | |||
2015-10-25 | do not expose nd6 randomid's to userland via ioctl. | Theo de Raadt | |
ok claudio mpi florian | |||
2015-10-25 | Trivial rt_ifp->if_index -> rt_ifidx conversions. | Martin Pieuchot | |
2015-10-25 | Sync after recent rtable_insert() change. | Martin Pieuchot | |
2015-10-25 | Merge rtable_mpath_conflict() into rtable_insert(). | Martin Pieuchot | |
ok claudio@ | |||
2015-10-25 | IPV6_NEXTHOP is gone, remove -g option which used this. | Florian Obser | |
kill it mpi@ | |||
2015-10-25 | Remove IPV6_NEXTHOP implementation. Source routing is considered to be | Florian Obser | |
a bad idea these days. kill it mpi@ general agreement in the network hackers room at u2k15 | |||
2015-10-25 | Kill unused local var, and reorder while here. | Jeremie Courreges-Anglas | |
2015-10-25 | Be more consisten with rtmsgs. Always set rtm_index (even in the RTM_GET | Claudio Jeker | |
case) and always set rtm_pid to the pid of the requestor (even in the sysctl code path). OK mpi@ | |||
2015-10-25 | We don't care about lack of source route support for IPv6. | Jeremie Courreges-Anglas | |
ok sthen@ guenther@ mpi@ millert@ | |||
2015-10-25 | Kill IP Source Route support, unusable since 1998. | Jeremie Courreges-Anglas | |
ok sthen@ guenther@ mpi@ millert@ | |||
2015-10-25 | Use the "modern" way to check if a route entry correspond to a local | Martin Pieuchot | |
address. Fix a regression introduced when removing the lo0 hack. ok florian@ | |||
2015-10-25 | Do not overwrite if_rtrequest() if the driver specified it *before* | Martin Pieuchot | |
calling if_attach(). | |||
2015-10-25 | arp_ifinit() is no longer needed. | Martin Pieuchot | |
2015-10-25 | arp_ifinit() is no longer needed and almost dead. | Martin Pieuchot | |
2015-10-25 | zap trailing whitespace; | Jason McIntyre | |
2015-10-25 | tweak previous; | Jason McIntyre | |
2015-10-25 | arp_ifinit() is no longer needed. | Martin Pieuchot | |
2015-10-25 | ifa is no longer used. | Martin Pieuchot | |
2015-10-25 | arp_ifinit() is no longer needed. | Martin Pieuchot | |
2015-10-25 | Implement ping(8)'s -L option in ping6: | Florian Obser | |
Disable the loopback, so the transmitting host doesn't see the ICMP requests. For multicast pings. OK benno@ | |||
2015-10-25 | arp_ifinit() is no longer needed. | Martin Pieuchot | |
2015-10-25 | arp_ifinit() is no longer required. | Martin Pieuchot | |
2015-10-25 | Missing initializer; spotted by coverity. | Miod Vallat | |
2015-10-25 | Introduce if_rtrequest() the successor of ifa_rtrequest(). | Martin Pieuchot | |
L2 resolution depends on the protocol (encoded in the route entry) and an ``ifp''. Not having to care about an ``ifa'' makes our life easier in our MP effort. Fewer dependencies between data structures implies fewer headaches. Discussed with bluhm@, ok claudio@ | |||
2015-10-25 | Introduce if_rtrequest() the successor of ifa_rtrequest(). | Martin Pieuchot | |
L2 resolution depends on the protocol (encoded in the route entry) and an ``ifp''. Not having to care about an ``ifa'' makes our life easier in our MP effort. Fewer dependencies between data structures implies fewer headaches. Discussed with bluhm@, ok claudio@ | |||
2015-10-25 | backout; many issues remain... | Theo de Raadt | |
2015-10-25 | reorder some checks in pledge_namei() in order to properly work. | Sebastien Marie | |
mainly move read/write whitelisted paths that should be *before* checking if you have PLEDGE_WPATH. with and ok deraadt@ | |||
2015-10-25 | the DNS process was not discarding & redirecting stdin/out/err to | Theo de Raadt | |
/dev/null. copy the code from the ntp engine. | |||
2015-10-25 | ps(1) needs sysctl KERN_PROC_CWD exposed as well in the pledge "ps" set. | Theo de Raadt | |
hit by czarkoff | |||
2015-10-25 | The only thing that was translated into multiple languages in OpenBSD | Alexander Bluhm | |
are the errno messages and signal names. Everything else is in English. We are not planning to translate more text. Running a mixed system with less than 1% of the text in native language makes no sense. So remove the NLS support from libc messages. The catopen(3) functions stay as they are. OK stsp@ mpi@ | |||
2015-10-25 | Use 'fdisk -i', instead of 'fdisk -e' with a here document of | Kenneth R Westerback | |
'reinit;update;write;quit'. They've done the same thing for some time now. Tweaks & test from rpe@. ok rpe@ deraadt@ | |||
2015-10-25 | Instead of doing the the if_get() dance for rt_missmsg(), change the | Alexander Bluhm | |
function to take an interface index. discussed with mpi@; OK claudio@ | |||
2015-10-25 | sync | Miod Vallat | |
2015-10-25 | need "getpw" pledge; spotted by matthieu | Theo de Raadt | |
2015-10-25 | route flush cannot pledge before sysctl for NET_RT_DUMP; defer the act. | Theo de Raadt | |
issue spotted by matthieu | |||
2015-10-25 | just dump the help on stdout with messing about with a pager. | Ted Unangst | |
makes pledge much simpler. from jan stary | |||
2015-10-25 | Pass output from jobs through format_expand() so they are expanded again | Nicholas Marriott | |
(this was the previous behaviour). | |||
2015-10-25 | No need to declare pwd_gensalt; it's unused and gone. | Antoine Jacoutot | |
ok tedu@ | |||
2015-10-25 | pledge the main usage patterns similar to arp(8). Some akkorokamui | Theo de Raadt | |
prevent doing this better, someone should try to refactor this more like arp... also figure out what dawn-of-ipv6 options can be removed. ok benno | |||
2015-10-25 | Let's see if anyone screams about not being able to specify $TMPDIR | Theo de Raadt | |
for their tmux sockets. (Over the years, I have seen $TMPDIR set up worse than /tmp many times, and don't know how this practice infected other parts of the system. Nothing uses tmpdir(3), nor a huge-temporary-file program like sort.) ok nicm | |||
2015-10-25 | pledge bind(1), dig(1), and nslookup(1). This modifies the underlying | Theo de Raadt | |
ISC library to use socket(2) with the SOCK_DNS flag. As a result, the port commands are disabled (such practice is rare in the wild these days, and pretty incompatible with the DNS vs regular socket concept in pledge..) ok bluhm phessler reyk, etc | |||
2003-01-20 | ISC BIND version 9.2.2rc1 | Jakob Schlyter | |
2015-10-25 | Use sigaction() instead of signal() to avoid pulling in unnecessary | Philip Guenther | |
wrappers. To keep uses from crawling back in, mark signal() as deprecated inside libc. ok deraadt@ | |||
2015-10-25 | Use dprintf() instead of fprintf() in the signal handler | Philip Guenther | |
2015-10-25 | POSIX says that you can't capture the return value of sigsetjmp(). | Philip Guenther | |
Fortunately, we don't need it as we only pass siglongjmp() a single value. ok deraadt@ |