| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2017-05-04 | Merge headers defining identifiers from sysctl.8 into sysctl.3. Shorten and | Theo Buehler | |
| update their descriptions. In sysctl.8 refer to /etc/sysctl.conf in FILES. discussed with and ok jmc | |||
| 2017-04-14 | whitespace | Theo de Raadt | |
| 2017-04-14 | correct path; from Klemens Nanni | Theo de Raadt | |
| 2017-03-17 | recallocarray() the string buffer, to avoid leaving such contents | Theo de Raadt | |
| around in the address space. Don't bother doing so for the buffer which contains aslr'd pointers... ok millert | |||
| 2017-03-16 | sync the vfs bits as best i can; | Jason McIntyre | |
| 2017-03-16 | bit more consistent; | Jason McIntyre | |
| 2017-03-13 | - no KERN_RND: from schwarze | Jason McIntyre | |
| - remove some XXX i no longer need | |||
| 2017-03-13 | for each sysctl name, attach the variable name as seen by sysctl(8); | Jason McIntyre | |
| includes some fixes from schwarze, as well as some general tweaking; ok deraadt schwarze | |||
| 2017-02-15 | Style improvement, no functional change. | Ingo Schwarze | |
| As reported by Yuri Pankov, some versions of GCC whine that "tmp" might be used uninitialized in fts_open(3). Clearly, that cannot actually happen, but explicitly setting it to NULL is safer anyway. While here, rename the badly named variable "tmp" and make the inner "if" easier to understand. Feedback and OK guenther@ | |||
| 2016-12-25 | gcc says "if you define labels and don't use them, I will whine." | Kenneth R Westerback | |
| ok tom@ | |||
| 2016-11-09 | Fix a use after free error introduced in rev 1.18 by only calling | Todd C. Miller | |
| closedir() outside the loop. OK deraadt@ guenther@ markus@ | |||
| 2016-10-19 | Use the reentrant strerror_r() instead of strerror() to expand %m. | Todd C. Miller | |
| Previously, syslog_r() would avoid calling strerror() since the latter is not reentrant. OK bluhm@ | |||
| 2016-10-18 | Avoid generate SIGTTOU when restoring the terminal mode. If we get | Todd C. Miller | |
| SIGTTOU it means the process is not in the foreground process group which, in most cases, means that the shell has taken control of the tty. Requiring the user the fg the process in this case doesn't make sense and can result in both SIGTSTP and SIGTTOU being sent which can lead to the process being suspended again immediately after being brought into the foreground. | |||
| 2016-10-07 | sort; | Jason McIntyre | |
| 2016-10-07 | introduce a sysctl to hijack dns sockets. when set to a port number, | Ted Unangst | |
| all dns socket connections will be redirected to localhost:port. this could be a sockopt on the listening socket, but sysctl is an easier interface to work with right now. ok deraadt | |||
| 2016-09-28 | use the same template for describing securelevel interaction; | Jason McIntyre | |
| 2016-09-28 | document kern.allowkmem; ok deraadt | Jason McIntyre | |
| 2016-09-24 | Fix matching when all of user, host and domain are specified. | Todd C. Miller | |
| OK guenther@ | |||
| 2016-09-21 | no more KERN_ARND; ok deraadt | Jason McIntyre | |
| 2016-09-21 | Delete casts to off_t and size_t that are implied by assignments | Philip Guenther | |
| or prototypes. Ditto for some of the char* and void* casts too. verified no change to instructions on ILP32 (i386) and LP64 (amd64) ok natano@ abluhm@ deraadt@ millert@ | |||
| 2016-09-07 | Remove usermount remnants. ok tedu | Martin Natano | |
| 2016-09-03 | tweak previous; | Jason McIntyre | |
| 2016-09-03 | note that getpass is obsolete. removed from posix in 2001. | Ted Unangst | |
| 2016-09-01 | Mention explicit_bzero(3); ok jmc | Martin Natano | |
| 2016-08-27 | Pull in <stdio.h> for NULL | Philip Guenther | |
| ok deraadt@ | |||
| 2016-08-14 | Refer to /etc/passwd consistently as the "legacy password file" and | Theo Buehler | |
| remove some references to differences between versions 6 and 7. ok jmc, millert, tedu | |||
| 2016-07-20 | Make the size for the syn cache hash array tunable. As we are | Alexander Bluhm | |
| swapping between two syn caches for random reseeding anyway, this feature can be added easily. When the cache is empty, there is an opportunity to change the hash size. This allows an admin under SYN flood attack to defend his machine. Suggested by claudio@; OK jung@ claudio@ jmc@ | |||
| 2016-07-14 | kern.usermount is currently a no-op; | Jason McIntyre | |
| ok deraadt | |||
| 2016-07-06 | Use fstatat() to avoid path surgery. | Philip Guenther | |
| bug catching and ok millert@ | |||
| 2016-06-30 | nptys sysctls were removed | Ted Unangst | |
| 2016-06-28 | For the EINVAL case there can be more than a single option. | Todd C. Miller | |
| 2016-06-28 | fts_open() requires that the list passed as argument to contain at least | Todd C. Miller | |
| one path. When the list is empty (contain only a NULL pointer), return EINVAL instead of pretending to succeed, which will cause a NULL pointer deference in a later fts_read() call. From FreeBSD. | |||
| 2016-06-28 | Add sysctl for arp timers: net.inet.ip.arptimeout (expire timer for resolved | Chris Cappuccio | |
| entries) and net.inet.ip.arpdown (expire timer for unresolved entries) ok mpi@ | |||
| 2016-06-28 | Do not return an error in fts_open(3) if one of the paths in argv | Todd C. Miller | |
| is empty. Otherwise, programs using fts(3) will report an error if one of the paths is empty instead of just treating it as a non-existent file. OK guenther@ | |||
| 2016-06-27 | make proper use of fstatat, as suggested by guenther@ | Marc Espie | |
| okay millert@ | |||
| 2016-06-27 | make the fallback code more accurate (in particular, it should return names | Marc Espie | |
| based on the actual device, not any kind of inode equality which won't hold for duplicates of the dev tree in a chroot) no bump as it doesn't change any API. okay and improvements guenther@ | |||
| 2016-06-18 | sort previous; | Jason McIntyre | |
| 2016-06-18 | Add net.inet.{tcp,udp}.rootonly sysctl, to mark which ports | Vincent Gross | |
| cannot be bound to by non-root users. Ok millert@ bluhm@ | |||
| 2016-06-07 | Document the net.inet.tcp.synuselimit sysctl; OK bluhm@ jmc@ | Tim van der Molen | |
| 2016-06-01 | Kill sysctl net.inet6.ip6.rr_prune | Jeremie Courreges-Anglas | |
| We don't support Router Renumbering and there are no plans to change that. ok mpi@ | |||
| 2016-05-29 | wxabort bits; ok deraadt | Jason McIntyre | |
| 2016-05-28 | The synopsis rendered very poorly because of a "Quite Ugly but | Theo Buehler | |
| syntactically correct" roff mess. Follow the mdoc style guide on function pointers to improve this a little. Neglect and remove a comment that advises against trying to fix this. guidance and ok schwarze@ | |||
| 2016-05-26 | Use S_ISDIR instead of doing it by hand. No binary change. | Todd C. Miller | |
| 2016-05-23 | Stop supporting longjmperror(); it's not used, not portable, and the checks | Philip Guenther | |
| longjmp performs can't really be relied upon, even after we got rid of the false positives... ok millert@ deraadt@ | |||
| 2016-05-19 | no more v6only; | Jason McIntyre | |
| 2016-05-18 | Reduce quadruple negation to double negation; | Ingo Schwarze | |
| from Edgar Pettijohn <edgar at pettijohn minus web dot com>. OK jmc@ deraadt@ While here, remove two instances of inconsistent future tense. | |||
| 2016-05-13 | remove extra argument; from rafael neves | Jason McIntyre | |
| 2016-05-11 | remove hppa64 port, which we never got going beyond broken single users. | Theo de Raadt | |
| hppa reverse-stack gives us a valuable test case, but most developers don't have a 2nd one to proceed further with this. ok kettenis | |||
| 2016-05-07 | stop opening the shadow database by default. only programs that request it | Ted Unangst | |
| via the _shadow functions will open now, preventing some programs running as root from accidentally loading password hashes it into their memory. ok deraadt | |||
| 2016-05-07 | Avoid a transient PLT entry for the internal __getcwd syscall stub for | Philip Guenther | |
| slightly better code on some archs | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |