| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2015-02-10 | Add support for "constraints": when configured, ntpd(8) will query the | Reyk Floeter | |
| time from HTTPS servers, by parsing the Date: header, and use the median constraint time as a boundary to verify NTP responses. This adds some level of authentication and protection against MITM attacks while preserving the accuracy of the NTP protocol; without relying on authentication options for NTP that are basically unavailable at present. This is an initial implementation and the semantics will be improved once it is in the tree. Discussed with deraadt@ and henning@ OK henning@ | |||
| 2015-02-04 | Typo | Florian Obser | |
| From Michael (lesniewskister AT gmail), thanks! | |||
| 2015-01-26 | Rename miniroot-sunxi to miniroot-cubie as the u-boot included | Jonathan Gray | |
| in the image is for Cubieboard1. Discussed with bmercer@ While here switch from using the separate spl and u-boot images to the combined spl and u-boot 'u-boot-sunxi-with-spl.bin'. | |||
| 2015-01-22 | Use /etc/services names in all the default pf rules (most already | Kenneth R Westerback | |
| did). This allows any local changes to /etc/services to be effective if all you have is the default. Issue pointed out by Brian S. Vangsgaard on bugs@. Thanks! ok phessler@ deraadt@ | |||
| 2015-01-20 | Do not use /usr/ports/infrastructure/man/ by default because this | Ingo Schwarze | |
| directory is not contained in OpenBSD base, and because even people having the directory often don't understand that they need to run makewhatis(8) - and instead complain about the resulting warnings. This commit reverts revisions 1.17 and 1.21. Requested by deraadt@ millert@ kettenis@ who argue that people using /usr/ports/infrastructure/bin/ already need to set PATH, so editing man.conf (or, though more fragile, setting MANPATH) should not be a big deal for them. | |||
| 2015-01-20 | increase limits for staff (user created at install time is in staff) | Theo de Raadt | |
| 2015-01-20 | Change the machdep.lidsupsend example now that the default setting has been | Theo de Raadt | |
| inverted. | |||
| 2015-01-20 | Change the machdep.lidsupsend example now that the default setting has been | Miod Vallat | |
| inverted. | |||
| 2015-01-12 | Due to recent savings with instbin, we can take i386 to one install | Theo de Raadt | |
| floppy. A few drivers are missing, but the world has moved on (the drivers included are always a work in progress) Speeds up make release substantially, of course. | |||
| 2015-01-07 | 5.8 packages key | Christian Weisgerber | |
| 2015-01-06 | add 5.8 base key | Theo de Raadt | |
| 2015-01-06 | firmware key for 5.8 | Stuart Henderson | |
| 2015-01-02 | Fix dow and apply the usual easter egg. | Miod Vallat | |
| 2015-01-02 | Fix return code of _rc_quirks(). | Antoine Jacoutot | |
| ok robert@ | |||
| 2015-01-02 | adjust date | Theo de Raadt | |
| 2015-01-02 | Add a comment about the default values being duplicated in rcctl(8). | Antoine Jacoutot | |
| discussed with schwarze@ | |||
| 2015-01-01 | move to 5.7-beta | Theo de Raadt | |
| 2014-12-31 | add entries for xmpp, mdns and puppet | Jasper Lievisse Adriaanse | |
| ok aja@ | |||
| 2014-12-30 | Add syslog-tls 6514/tcp to etc/services. | Alexander Bluhm | |
| OK jasper | |||
| 2014-12-29 | regen | Kenji Aoyama | |
| 2014-12-29 | Add audio(4) related entries. | Kenji Aoyama | |
| ok miod@ | |||
| 2014-12-29 | Add line continuation to be consistent with rc_pre(); ok sthen@ | Antoine Jacoutot | |
| 2014-12-29 | pexp is not needed; ok sthen@ | Antoine Jacoutot | |
| 2014-12-28 | Change the default ext_addr from "egress" to "*". Listening on the | Reyk Floeter | |
| egress group only works if you have a default route; this confused some people. | |||
| 2014-12-26 | the kvm.db is now kmem owned. noticed by Steven Roberts | Ted Unangst | |
| 2014-12-22 | dickman noticed /var/rwho keeps coming back. remove it. | Ted Unangst | |
| 2014-12-22 | Out out you evil network daemon. | Florian Obser | |
| OK deraadt@ some time ago | |||
| 2014-12-19 | Add rdp/rfb/vnc. | Antoine Jacoutot | |
| no objection from deraadt@ | |||
| 2014-12-13 | Install netboot.mop | Miod Vallat | |
| 2014-12-12 | Like previously done in relayd, change the keyword "ssl" to "tls" to | Reyk Floeter | |
| reflect reality. OK benno@ | |||
| 2014-12-12 | Change the keyword "ssl" to "tls" to reflect reality since we | Reyk Floeter | |
| effectively disabled support for the SSL protocols. SSL remains a common term describing SSL/TLS, there is some controvery about this change, and the name really doesn't matter, but I feel confident about it now. (btw., sthen@ pointed out some historical context: http://tim.dierks.org/2014/05/security-standards-and-name-changes-in.html) OK benno@, with input from tedu@ | |||
| 2014-12-11 | regen | Ted Unangst | |
| 2014-12-11 | remove urio | Ted Unangst | |
| 2014-12-11 | remove urio | Ted Unangst | |
| 2014-12-09 | If it exists, use /usr/ports/infrastructure/man/ by default for apropos(1); | Ingo Schwarze | |
| we already used it by default for man(1) before. While here, fix the order of Xenocara and ports. ok millert@ sthen@ | |||
| 2014-12-03 | Unhook rtsol(8) and rtsold(8) from the build. | Florian Obser | |
| OK deraadt@ | |||
| 2014-12-03 | The kernel handles rtsol(8) functionality since some time now. | Florian Obser | |
| Treat rtsol in hostname.if as a keyword like dhcp and call ifconfig inet6 autoconf. "reads good" todd@ OK krw@ (who is *not* an IPv6 person), but I recruited him in his capacity as an installer person. | |||
| 2014-11-30 | Fix comment: We don't use RC4 anymore, it's better to be more | David Coppa | |
| generic. ok miod@ | |||
| 2014-11-27 | Remove ofwbootfd from sparc64 release dir since nobody will need it. | Stefan Sperling | |
| Requested by deraadt. | |||
| 2014-11-26 | Add ofwbootfd to list of sparc64 release files to checksum. | Stefan Sperling | |
| 2014-11-24 | Remove another sparc64 md installboot reference that was hiding in here. | Stefan Sperling | |
| ok deraadt | |||
| 2014-11-22 | /dev/random has created the same effect as /dev/arandom (and /dev/urandom) | Theo de Raadt | |
| for quite some time. Mop up the last few, by using /dev/random where we actually want it, or not even mentioning arandom where it is irrelevant. | |||
| 2014-11-17 | Make /var/tmp a symbolic link to /tmp. The creation of /var/tmp in the | Theo de Raadt | |
| often space-constrained /var filesystem was a historical mistake. There are big implications for the daemons which assume they won't run out of space, and this is a first step towards trying to improve the situation. Move /tmp to the same 7-day expiration rules that /var/tmp had. vi.recover works just as well as before, except on memory filesystems; indicating that vi should be repaired to write files into homedirs or something. done with rpe ok many | |||
| 2014-11-17 | "reload" should fail if the service is not running in the first place. | Antoine Jacoutot | |
| ok robert@ sthen@ | |||
| 2014-11-07 | add svn, fix sort-order of iscsi. ok ajacoutot@ dcoppa@ phessler@ | Stuart Henderson | |
| 2014-11-05 | When clearing /tmp, use "-maxdepth -1" instead of "-type d -prune". | Todd C. Miller | |
| This is easier to understand and fixes a bug where the "-type d -prune" was misplaced as noticed by pirofti@. OK deraadt@ | |||
| 2014-10-21 | Remove SSLv2 and SSLv3 references from the example relayd.conf and the | Lawrence Teo | |
| relevant example snippet in the relayd.conf(5) man page. Change the default SSL protocols in the example file/man page to "no tlsv1.0" (suggested by sthen@), which will enable the TLSv1.1 and TLSv1.2 protocols only. feedback/ok jsing@ reyk@ sthen@ | |||
| 2014-10-17 | Drop the _lkm group. | Antoine Jacoutot | |
| ok dcoppa@ deraadt@ | |||
| 2014-10-09 | regen | Ted Unangst | |
| 2014-10-09 | delete all the cry devices too. missed by mikeb previously. | Ted Unangst | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |