| Age | Commit message (Collapse) | Author |
|---|
|
|
|
While FIDO/U2F keys were already supported by the generic uhid(4)
driver, this driver adds the first step to tighten the security of
FIDO/U2F access. Specifically, users don't need read/write access to
all USB/HID devices anymore and the driver also improves integration
with pledge(2) and unveil(2): It is pledge-friendly because it doesn't
require any ioctls to discover the device and unveil-friendly because
it uses a single /dev/fido/* directory for its device nodes.
It also allows to support FIDO/U2F in firefox without further
weakening the "sandbox" of the browser. Firefox does not have a
proper privsep design and many operations, such as U2F access, are
handled directly by the main process. This means that the browser's
"fat" main process needs direct read/write access to all USB HID
devices, at least on other operating systems. With fido(4) we can
support security keys in Firefox under OpenBSD without such a
compromise.
With this change, libfido2 stops using the ioctl to query the device
vendor/product and just assumes "OpenBSD" "fido(4)" instead. The
ioctl is still supported but there was no benefit in obtaining the
vendor product or name; it also allows to use libfido2 under pledge.
With feedback from deraadt@ and many others
OK kettenis@ djm@ and jmc@ for the manpage bits
|
|
|
|
responsive during packages compilation, especially on slower machines.
feedback welcome from people building ports
discussed with deraadt@
|
|
file to contain two hashes for bsd.mp, and cause later upgrade problems
spotted by afresh1
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ttyB* minor numbers change; be sure to rerun MAKEDEV if you do not
upgrade with bsd.rd
Adapted from NetBSD by miod@
|
|
|
|
|
|
raising openfiles-cur above the implicit -max value (1024 on at least the
common arch) results in the setting not being applied at all.
Earlier version OK tom@ danj@ ajacoutot@ benno@ krw@ beck@, suggestion about
openfiles= from millert@ - changes in this version are to use 1024 for -max
rather than 512 to avoid changing the existing hard limit, and just use
openfiles= for bgpd/unbound where max and cur are the same value.
|
|
|
|
matter much -- and "uucp" is just stupid in 2016.
ok rpe
|
|
|
|
|
|
|
|
While here, also remove two forgotten descriptions for long obsolete
devices.
|
|
|
|
ok deraadt@ yasuoka@ reyk@
|
|
|
|
|
|
unused for now, but I plan to convert all programs in base to use it in
a future diff. /dev/bpf0 is for compatibility with existing binaries
and is to be removed after a transition period.
ok rpe krw, for the installer part
"Let's see it hit the tree." deraadt
|
|
|
|
|
|
|
|
|
|
|
|
and pwd_gensalt.c - so remove it from the default /etc/login.conf files as well.
ok millert@
|
|
|
|
OK dlg@ mpi@
|
|
|
|
|
|
flags in the disklabel. These flags were discarded in 2006.
Remove documentation for and instances of 'ty'. Add instances of
'dt' that were missing. Use 'floppy' as the value of 'dt' for all
floppies and 'rdroot' for all boot images/miniroots.
Add 'rdroot' to dktypenames and an associated #define DTYPE_RDROOT,
since 'dt' values are parsed by matching entries in dktypenames[].
Slightly tweaked part of larger cleanup diff previously ok deraadt@.
|
|
with r1.18. 'rm' and 'il' were removed from getdiskbyname() in 2009
with r1.19. The associated disklabel fields were recycled for other
purposes.
Another 'harmless' part of the larger disklabel cleanup diff.
ok deraadt@ as part of that larger diff.
|
|
|
|
than the daemon class' default of 128. Reminded by/ok ajacoutot@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
