Age | Commit message (Collapse) | Author | |
---|---|---|---|
2019-02-13 | Xr the byteorder funcs; from tim kuijsten | Jason McIntyre | |
2019-01-25 | I am retiring my old email address; replace it with my OpenBSD one. | Todd C. Miller | |
2019-01-14 | There are cases where a program doing dns requests wants to set the | Otto Moerbeek | |
Checking Disabled flag. Introduce a RES flag to do so. ok krw@ deraadt@ eric@ | |||
2018-11-09 | Remove ethers(5) YP support bits from libc as it makes it difficult to | Bryan Steele | |
effectively use pledge(2) in some programs. approval from many, thanks! idea by & ok deraadt@ | |||
2018-05-10 | Fix typo in RFC number. | Theo Buehler | |
ok benno | |||
2018-04-28 | reference hosts(5) instead of networks(5) | Ingo Schwarze | |
2018-04-28 | Remove references to the obsolete getnetent(3) and networks(5). | Ingo Schwarze | |
2018-04-28 | Stop talking about /etc/networks, which is no longer used, | Ingo Schwarze | |
and reference gethostby*(3) and /etc/hosts instead. Say that setnetent(3), getnetent(3), and endnetent(3) now do nothing. With feedback from guenther and significant help from deraadt@. | |||
2018-04-28 | Say that sethostent(3), gethostent(3), and endhostent(3) do nothing. | Ingo Schwarze | |
While here, stop implying plans to support additional address families in the future, and do not call gethostbyname2(3) "advanced". OK deraadt@ guenther@ | |||
2018-04-28 | To allow us to get rid of /etc/networks, make setnetent(3), | Ingo Schwarze | |
getnetent(3), and endnetent(3) do nothing, just like sethostent(3), gethostent(3), and endhostent(3) years ago. OK deraadt@ guenther@ | |||
2018-01-12 | Adjust references for sysctl(3) to sysctl(2) | Theo de Raadt | |
2017-11-28 | Add the missing STANDARDS section (kettenis@ noticed that these are | Ingo Schwarze | |
POSIX functions) and turn the weird DIAGNOSTICS section into a normal RETURN VALUES section while here. | |||
2017-07-08 | update the little endian processor list to give it a chance of matching | Ted Unangst | |
what the reader is using. | |||
2017-05-03 | make the description strings match the code | Theo de Raadt | |
2017-04-27 | Remove "len < 0" check; len is socklen_t (uint32_t) so can't be | Todd C. Miller | |
negative. Quiets a warning from clang. OK bluhm@ | |||
2017-03-06 | size is unsigned so using ==0 not <=0 when checking for buffer exhaustion | Todd C. Miller | |
2017-03-06 | Pull in a change from the bind 8 resolver that fixes a potential | Todd C. Miller | |
crash when given a large hex number as part of the dotted quad. OK deraadt@ jsg@ | |||
2017-02-27 | Add support for RES_USE_DNSSEC | Jeremie Courreges-Anglas | |
RES_USE_DNSSEC is implemented by setting the DNSSEC DO bit in outgoing queries. The resolver is then supposed to set the AD bit in the reply if it managed to validate the answer through DNSSEC. Useful when the application doesn't implement validation internally. This scheme assumes that the validating resolver is trusted and that the communication channel between the validating resolver and and the client is secure. ok eric@ gilles@ | |||
2017-02-18 | Add EDNS0 support. | Jeremie Courreges-Anglas | |
EDNS allows for various DNS extensions, among which UDP DNS packets size bigger than 512 bytes. The default is still to not advertize anything. ok eric@ | |||
2017-01-24 | in resolver(3), document that _EDNS0 and _DNSSEC are no ops; | Jason McIntyre | |
diff from kirill miazine while here, bump all the no op texts to one standard blurb; help/ok jca | |||
2016-12-16 | Eliminate some gcc warnings about 'unused variables', mostly by | Kenneth R Westerback | |
adding appropriate #ifdef's around declarations. ok millert@ (with a tweak I will commit separately) | |||
2016-12-15 | Nuke some trailing tabs. | Kenneth R Westerback | |
2016-12-08 | Fix regressions introduce in the fix for CVE-2016-6559. | Todd C. Miller | |
From FreeBSD (glebius) | |||
2016-12-07 | Fix a typo, decrement rem, don't increment for single digit hex bytes. | Todd C. Miller | |
From Henri Kemppainen | |||
2016-12-06 | CVE-2016-6559: fix potential buffer overflow(s) in link_ntoa(3). | Todd C. Miller | |
A specially crafted struct sockaddr_dl argument can trigger a stack overflow of a static buffer in libc. An attacker may be able to use this to write to arbitrary locations in the data segment. From FreeBSD (glebius); OK deraadt@ mestre@ | |||
2016-09-21 | Delete casts to off_t and size_t that are implied by assignments | Philip Guenther | |
or prototypes. Ditto for some of the char* and void* casts too. verified no change to instructions on ILP32 (i386) and LP64 (amd64) ok natano@ abluhm@ deraadt@ millert@ | |||
2016-08-05 | Obvious minor fixes: | Ingo Schwarze | |
* Add missing .Dv, .Ev, and .Fa macros. * Delete deprecated .Tn macros. * Mark up global variable names with .Va, not with .Fa or .Li. * Mark up config file commands with .Ic, not with .Fa. * Fix HISTORY, trivial to verify from the CSRG archive CD. | |||
2016-08-05 | Make RES_OPTIONS point directly to resolv.conf(5) instead of going through | Martijn van Duren | |
resolver(3). OK jmc@ | |||
2016-05-29 | Prefer AF_* over PF_* and 'address family' over 'protocol family' | Philip Guenther | |
ok jung@ | |||
2016-05-28 | rcmd(3) and rcmdsh(3) use getaddrinfo(3) not gethostbyname(3). | Todd C. Miller | |
2016-05-28 | Use getaddrinfo() instead of the non-standard gethostbyname2(). | Todd C. Miller | |
OK deraadt@ jca@ jung@ florian@ | |||
2016-05-23 | Remove iruserok(_sa)? and __ivaliduser(sa)? | Philip Guenther | |
ok millert@ deraadt@ | |||
2016-05-23 | Eliminate __check_rhosts_file and __rcmd_errstr: they were only used by | Philip Guenther | |
rlogind and rshd (remember them?) ok deraadt@ | |||
2016-05-01 | Remove old NeXT-specific cruft. From mmcc@ | Todd C. Miller | |
2016-04-05 | Prefer _MUTEX_*LOCK over _THREAD_PRIVATE_MUTEX_*LOCK() when thread-specific | Philip Guenther | |
data isn't necessary. ok mpi@, ok&tweak natano@ | |||
2016-03-30 | for some time now mandoc has not required MLINKS to function | Jason McIntyre | |
correctly - logically complete that now by removing MLINKS from base; authors need only to ensure there is an entry in NAME for any function/ util being added. MLINKS will still work, and remain for perl to ease upgrades; ok nicm (curses) bcook (ssl) ok schwarze, who provided a lot of feedback and assistance ok tb natano jung | |||
2016-03-10 | un-vax; | Jason McIntyre | |
2015-12-28 | Remove NULL-checks before free() and a few related dead assignments. | mmcc | |
ok and valuable input from millert@ | |||
2015-12-19 | gethostbyname2() and gethostbyaddr() need <sys/socket.h>; discussed with | Tim van der Molen | |
millert@ | |||
2015-12-16 | tweak previous; | Jason McIntyre | |
2015-12-16 | Remove support for HOSTALIASES from the resolver. This "open and parse | Theo de Raadt | |
any file indicated by an environment variable" feature inside the resolver is incompatible with what pledge "dns" is trying to be. It is a misguided "feature" added way back in history which almost noone uses, but everyone has to assume the risk from. ok eric florian kettenis | |||
2015-12-14 | s/begining/beginning/g | mmcc | |
2015-11-25 | syslog() here is pointless; ok millert | Theo de Raadt | |
2015-11-24 | Use reentrant versions of getpw{nam,uid} and getgr{nam,gid} within | Todd C. Miller | |
libc to avoid reusing the static buffers returned by the non-reentrant versions. Since this is inside libc we can use constants for the buffer sizes instead of having to call sysconf(). OK guenther@ deraadt@ | |||
2015-11-21 | point to netintro(4) rather than (now removed) networking(4); | Jason McIntyre | |
2015-11-10 | update NAME section to include all documented functions, | Jason McIntyre | |
or otherwise change Dt to reflect the name of an existing function; feedback/ok schwarze | |||
2015-11-08 | inet(4), not inet(3); | Jason McIntyre | |
2015-11-01 | delete old lint ARGSUSED comments | Philip Guenther | |
2015-10-23 | Switch if_nameindex(3) to use the new NET_RT_IFNAMES sysctl to get the | Claudio Jeker | |
list of interface names. At the same time switch if_nametoindex(3) and if_indextoname(3) to use if_nameindex(3) instead of getifaddrs(3). if_nameindex(3) exposes much less then getifaddrs(3) and is allowed by pledge(2). With and OK deraadt@ | |||
2015-10-23 | Use waitpid() instead of wait() to avoid returning early from another child | Philip Guenther | |
exiting, and loop the waitpid() on EINTR ok deraadt@ millert@ |