| Age | Commit message (Collapse) | Author |
|---|
|
log updates|all
with
log state changes
log host checks
log connection [errors]
The first two control the logging of host check results: either changes in host state only or
all checks.
The third option controls logging of connections in relay mode:
Either log all connections, or only errors.
Additionaly, errors will be logged with LOG_WARN and good connections
will be logged with LOG_INFO, so they can be differentiated in syslog.
ok and feedback from claudio@
|
|
that, the macro used was password and if we changed it to something like
pass="secret" it would log it if the daemon was ran in verbose mode.
Hint and OK claudio@
|
|
a password and that way it would log it when the daemon is ran in verbose mode.
Hint and OK claudio@
|
|
it. We should not trust this input too much as found by Pierre Emeriaud.
OK benno@
|
|
Status codes and reason codes are separate things listed in distinct tables.
This debug message made me look at the wrong table and scratch my head.
|
|
auto-join
with feedback from florian and stsp
ok florian@ phessler@ (on previous versions of the diff) stsp@
|
|
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly
from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such
instead of treating them like strings.
ok florian phessler
|
|
arm_intr_* prefix with fdt_intr_*.
ok kettenis@
|
|
the nwid. It will not have changed in the meantime.
OK stsp
|
|
|
|
|
|
|
|
sockets cause no harm and this way we close another attack surface by not
allowing the daemon to create/delete any more files.
OK kn@
|
|
Discussed with and OK tb@
OK cheloha@ on previous version
|
|
firmware loads. The namei operations are being performed are on behalf
of the kernel not process, so use BYPASSUNVEIL.
spotted by sthen, ok beck
|
|
ok patrick@
|
|
|
|
|
|
to the namei args. This fixes a bug where chmod would be allowed when
with only READ. This also allows some further cleanup of some awkward
things like PLEDGE_STAT that will follow
Lots of assistence from semarie@ - thanks!
ok semarie@
|
|
sk_BY_DIR_HASH_find already does it, removing ambiguity later in the function.
ok tb@
|
|
sane.
ok kettenis@
|
|
Found by Coverity.
Feedback and ok tb@
|
|
from Martin Kopta <martin at kopta dot eu>
|
|
ok tb@
|
|
|
|
ok jmc
|
|
ok jmc
|
|
Simplify parameter checks since this is only called from one place.
Found by Coverity, CID 183502.
ok beck@
|
|
ok jmc
|
|
be shortened by 1.
OK florian@
|
|
sockets cause no harm and this way we close another attack surface by not
allowing the daemon to create/delete any more files.
While here also scramble pledge promises to their canonical form.
OK florian@
|
|
|
|
|
|
|
|
|
|
sockets cause no harm and this way we close another attack surface by not
allowing the daemon to create/delete any more files.
OK florian@
|
|
sockets cause no harm and this way we close another attack surface by not
allowing the daemon to create/delete any more files.
OK akoshibe@ florian@
|
|
that not deleting the unix control sockets cause no harm and this way we close
another attack surface by not allowing the daemon to create/delete any more
files.
tweak and OK florian@
|
|
and move the documentation of which are relevant to the restricted mode
(-r) description;
from kris katterjohn
while here, replace some Gt/Lt escapes;
|
|
|
|
pointed out by Andre Stoebe <as at nul not space>
|
|
__dead void usage, return from main and return is not a function,
err(1, NULL) after malloc failure, and garbage collect (void) casts
on functions that usually do not need return value checks
|
|
ok kevlo@
|
|
(problem noticed by semarie@ - fix forthcoming)
|
|
In part based on a diff from Lauri Tirkkonen <lotheac at iki dot fi>.
While here, significantly simplify sequential().
No objection when shown on tech@.
|
|
|
|
uses of getuint64(). No change to executable.
|
|
or three cells. Handle both cases, but ignore the minimum and maximum
values if they are provided in the case where we have three cells.
ok patrick@
|
|
harm if not deleted after the daemon is shutdown and at the same time we also
tackle another attack surface by not allowing the program to create/delete
any more files (by removing "cpath" promise from pledge(2)).
Discussion initiated by a question from deraadt@ OK florian@
|
|
On the other hand it is much more powerful to get rid of cpath; rad is
no longer allowed to change anything on the filesystem.
Triggered by mestre@'s work to fix unlinking in other daemons and a
question from deraadt@
OK mestre
|
