| Age | Commit message (Collapse) | Author |
|---|
|
that mkdep can fail if the compiler does.
Patch from Gerhard Roth (Gerhard_Roth at genua.de)
ok halex@
|
|
queue to be emptied first.
|
|
using the new API. By default, OpenSMTPD does not provide queue encryption,
but it can be enabled with "queue encryption [args]" and will transparently
encrypt/decrypt envelopes/messages as they hit the queue.
By default, it will use Blowfish in CBC mode with a different random IV for
each envelope and message. User provided key is expanded using sha256 but a
different cipher and digest may be specified in smtpd.conf
Queue encryption is compatible with compression and if both options are set
it will do them in correct order and transparently.
tested by chl@, a few users and myself
ok chl@ and I
|
|
-nopie to the linker if needed; ok pascal
|
|
|
|
|
|
(things link now).
|
|
|
|
can trivially regen the <=4k bit ones. ok djm@
|
|
updated gcc and ld to understand the new -nopie flag.
ok deraadt@
|
|
already exists.
5.1 and older did the right thing.
5.2 did not (mea culpa).
Now we're back to doing the right thing.
spotted by naddy. ok stsp.
|
|
|
|
|
|
different approach than the one taken in kurt@'s original diff, but deemed
better after discussion and diff exchange with kettenis@ and matthew@.
Lots of feedback by kettenis@ and matthew@, prodding and encouragement by
deraadt@.
ok kettenis@ matthew@
|
|
latter gets defined incorrectly (too small) because of include ordering
issues. Same fix as for binutils-2.17. Noticed by deraadt@.
ok matthew@
|
|
|
|
NOPIE_LDFLAGS instead. Noticed by matthew@ and deraadt@. Sorry for the
breakage ...
|
|
executable and DSO (via crtbegin.c/crtbeginS.c). Not used yet, but
needed before GCC can start emitting -fstack-protector code that uses
them instead of __guard.
|
|
|
|
|
|
- fix crash in nsd-patch if a zone has been removed from nsd.conf. (difffile.c)
- CVE-2012-2979 DOS fix, this is in optional code which is *not* used with
a standard OpenBSD build. (query.c, server.c)
|
|
provided by the IOC. Cleanup scatter-gather code and add more
comments. Tested by a "make build" and bonnie++ torturing on a
SAS2004 with an IR firmware.
|
|
|
|
ok robert@
|
|
since it will affect binutils too.
ok deraadt@
|
|
ok gilles@
|
|
1. If parent directory is read-only, make buffer read-only.
2. If parent doesn't exist; give user a message and create buffer
as readable.
Reviewed by Sunil Nimmagadda.
ok jasper@
|
|
ok miod@ deraadt@
|
|
out scary warnings if it's not there. Bump minor accordingly.
Requested by and ok dcoppa@, ok nicm@
|
|
ok gilles@
|
|
allocation strategy has changed since a long time and added to that
cp(1) should not try to be smart and guess things it shouldn't know.
ok guenther@ krw@
|
|
this is a sanity check to ensure no system user(s)/group(s) are missing.
ok sthen@
|
|
|
|
0-9a-z and add A-Z and enter the prompt when M-0 to M-9 are pressed
(like in copy mode). Prompted by request from mcbride@, help from Thomas
Adam.
|
|
|
|
|
|
ok sthen haesbaert
while here, knock out a useless .Pp, and provide a section number for
an Xr;
|
|
ok gilles@
|
|
"moui" landry@
|
|
real option -export-symbols.
Instead of blindly passing that one to the linker, error out beforehand,
so that people know the problem IS libtool usage and not our program.
(as exemplified by Todd Fries on ldns).
|
|
as found out by sebastia@ and used during 5.2 vax package build...
no ill side-effects so far, so do this as a stopgap measure
(matthieu@ reports that our libtool is not yet very good for static-only
arches).
|
|
time is checked multiple times. Add a set_timeout_interval() function
to allow setting a timeout based on an interval from current time.
Fixes issues with initial startup where the global cur_time was
always old and caused initial DHCPDISCOVER or DHCPREQUEST packets
to be sent multiple times. And probably other timeout related
oddities.
Tested by naddy@
|
|
|
|
ok deraadt@ robert@
|
|
|
|
in there. fixes issues reported by many.
ok gilles@
|
|
|
|
|
|
- rename compress_zlib.c to compress_gzip.c
with this commit it is possible to inspect a compressed queue with gzcat :)
|
|
- check gzdopen() failure
- call gzclose() whenever a failure occurs after gzdopen()
- simplify slightly some checks in compress/uncompress
- create PATH_TEMPORARY in /var/spool/smtpd, chmod 700, owned by _smtpd
- compress_zlib should use PATH_TEMPORARY instread of /tmp as we're
chrooted and this will otherwise lead to a fatal()
ok chl@
|
