Age | Commit message (Collapse) | Author | |
---|---|---|---|
2009-02-09 | ignore evironment variables if the program is setuid or setgid | Alexandre Ratchov | |
explained by deraadt, ok miod, ok millert | |||
2009-02-04 | update the default socket paths, to reflect recent aucat changes | Alexandre Ratchov | |
2009-02-04 | Tag ELF shared libraries as OpenBSD. | Mark Kettenis | |
ok kurt@, drahn@, miod@ | |||
2009-02-04 | explain that it's ok if we get a slightly different rate than | Alexandre Ratchov | |
the one we asked for, from Thomas Pfaff <tpfaff(at)tp76.info> with tweaks from jmc@ | |||
2009-02-04 | Programs have no direct access do the device file descriptor. So, if | Alexandre Ratchov | |
the programs calls execvp(2), the new image can't use the device, which stays open, so other programs get EBUSY. Set the close-on-exec flag to avoid this. ok jakemsr | |||
2009-02-03 | in server mode, create /tmp/aucat-userid/ directory with | Alexandre Ratchov | |
permissions 0700, and create sockets in it. This prevents one local user to eavesdrop or disturb audio programs of other users. if you're using the ``-s socket'' option with an absolute path as argument, please update it to use a socket name. requested by many, bits from jakemsr and otto ok jakemsr | |||
2009-01-31 | fix typo | Pierre-Yves Ritschard | |
ok jmc@ | |||
2009-01-30 | Change section: we're talking about the symlink system call, not the | Philip Guenthe | |
generic symlink info ok jmc@ | |||
2009-01-30 | tweak previous; | Jason McIntyre | |
2009-01-30 | missing ssl_sock_init() call in init_client() (used by | Damien Miller | |
"openssl s_client"), fix an unlikely memory leak | |||
2009-01-30 | remove some gratuitous changes that do nothing other than inrease | Damien Miller | |
the size of the diff against openssl mainline | |||
2009-01-29 | Update to reflect renaming of the st_[acm]timespec members to st_[acm]tim | Philip Guenthe | |
per the POSIX 1003.1-2008 spec. Also, tweak the information about what system calls hit which timestamps ok jmc@ | |||
2009-01-29 | from Yoshihiko Sarumaru, freebsd pr #76333: fseek(3) can clear EOF too; | Jason McIntyre | |
ok millert | |||
2009-01-21 | fix bugs section: clarify that sio_start() and sio_stop() should | Alexandre Ratchov | |
not be used if blocking is not desirable. | |||
2009-01-21 | explain what ``frame'' does mean | Alexandre Ratchov | |
from Thomas Pfaff <tpfaff(at)tp76.info>, thanks! ok jmc | |||
2009-01-21 | All operation on live kernels uses sysctl interface, there is no reason to | Miod Vallat | |
access the swap area. Change kvm_open() to no longer require a swap area, and to not consider failure to open() it as fatal. Post-mortem analysis would need an image of the swap area at the time of the crash, anyway. | |||
2009-01-21 | make declarations "C" to allow c++ code to compile | Alexandre Ratchov | |
discussed with espie@, ok jakemsr@ and millert@ | |||
2009-01-17 | cleanup: remove prototypes of inexistent functions, move few private | Alexandre Ratchov | |
functions into private header file. suggested by espie@ | |||
2009-01-15 | Remove support for kerb4 '.' instance separator, kerb4 is dead. OK jacekm@ | Todd C. Miller | |
2009-01-14 | Re-enable pie support on macppc (still off by default but usable | Kurt Miller | |
again). Due to the way executable sections are loaded by the kernel, a one page .got section with the blrl instruction may be in the data cache and not flushed causing random crashes upon process startup. Flush the data cache before ___start() jumps there. Also mprotect the .got section to be read/exec instead of read/write/exec. ld.so knows how to cope and static binaries don't write to .got. written by and okay drahn@ | |||
2009-01-13 | Man page for wcstof(3), wcstod(3) and wcstold(3). | Mark Kettenis | |
2009-01-13 | Crank minor because of addition of wcsto* functions. | Mark Kettenis | |
2009-01-13 | Add wcstof(3) and wcstold(3). | Mark Kettenis | |
ok miod@ | |||
2009-01-13 | Add wcstoimax(3) and wcstoumax(3). | Mark Kettenis | |
ok miod@ | |||
2009-01-12 | replace s/routine/function/, as other manuals do | Alexandre Ratchov | |
from Thomas Pfaff <tpfaff(at)tp76.info>, thanks! ok jmc@ | |||
2009-01-12 | convert a strdup (into a purpose-allocated buffer) in libcrypto to a | Damien Miller | |
memcpy to avoid linker deprecation warnings; pointed out by dkrause@ | |||
2009-01-10 | make all private functions static | Alexandre Ratchov | |
2009-01-10 | The process number is longer used to replace trailing 'Xs'. | Tobias Stoeckmann | |
ok jmc, millert | |||
2009-01-09 | openssl-0.9.8j enables RFC3546 TLS extensions by default (e.g. the very | Damien Miller | |
useful "server name indication" that allows multihomed TLS server), so remove the #define to disable it here | |||
2009-01-09 | adjust Makefile and crank major for openssl-0.9.8j | Damien Miller | |
2009-01-09 | resolve conflicts | Damien Miller | |
2009-01-09 | import openssl-0.9.8j | Damien Miller | |
2009-01-08 | oops, i messed up tim's patch; correction from Tim van der Molen | Jason McIntyre | |
2009-01-08 | Add a missing MLINK for BIO_new_socket. | Owain Ainsworth | |
Noticed by blambert@. Ok jmc@. | |||
2009-01-08 | a little macro cleanup; from Tim van der Molen | Jason McIntyre | |
2009-01-05 | import openssl-0.9.8j | Damien Miller | |
2009-01-05 | update to openssl-0.9.8i; tested by several, especially krw@ | Damien Miller | |
2009-01-03 | reintroduce extra malloc protections, but avoiding the use of | Damien Miller | |
PAGE_(SIZE|SHIFT|MASK) defines that evaluate to variables on the sparc architecture; ok otto@ tested on my reanimated ss20 | |||
2009-01-02 | Sync _kvm_kvatop with existing pmap code: handle direct mappings and | Miod Vallat | |
level 2 large pages. | |||
2008-12-31 | PAGE_SIZE is not a valid symbol to use in that way. In particular, | Theo de Raadt | |
on sparc, it expands to something that just plain does not work, because the page size can be variable. Sorry we didn't spot this before. Backing it all out to allow sparc to build; please find a different way to fix it. | |||
2008-12-30 | Remove mprotecting of struct dir_info introduced in previous commit | Damien Miller | |
(MALLOC_OPTIONS=L). It was too slow to turn on by default, and we don't do optional security. requested by deraadt@ grumbling ok otto@ | |||
2008-12-29 | extra paranoia for malloc(3): | Damien Miller | |
Move all runtime options into a structure that is made read-only (via mprotect) after initialisation to protect against attacks that overwrite options to turn off malloc protections (e.g. use-after-free) Allocate the main bookkeeping data (struct dir_info) using mmap(), thereby giving it an unpredictable address. Place a PROT_NONE guard page on either side to further frustrate attacks on it. Add a new 'L' option that maps struct dir_info PROT_NONE except when in the allocator code itself. Makes attacks on it basically impossible. feedback tedu deraadt otto canacar ok otto | |||
2008-12-27 | Fix file descriptor leak in fts_children(); okay dhill@, millert@, | Pedro Martelletto | |
tedu@, thib@. | |||
2008-12-27 | when polling aucat(1) socket, don't set the POLLIN bit if we | Alexandre Ratchov | |
don't expect messages. Avoids busy loops in programs calling poll(2) on a stopped device. | |||
2008-12-27 | when using the aucat(1) backend, don't mask the POLLHUP bit | Alexandre Ratchov | |
even if the device is not started yet. This way, if the server is killed programs can notice it. | |||
2008-12-23 | repair the ARC4 story; ok jmc djm millert | Theo de Raadt | |
2008-12-23 | ddb.console does not override machdep.kbdreset, so don't say it does; | Jason McIntyre | |
2008-12-22 | document yp_maplist(); from Ingo Schwarze | Jason McIntyre | |
ok deraadt | |||
2008-12-22 | The example for detecting malicious PTR records could be easily misinterpreted. | Jacek Masiulaniec | |
Make it less ambiguous; ok gilles@ claudio@ | |||
2008-12-22 | Let this compile with gcc 2. | Miod Vallat | |