| Age | Commit message (Collapse) | Author |
|---|
|
|
|
ok miod@ kettenis@
|
|
|
|
from steve shockley
ok sthen
|
|
ok jmc@
|
|
too loose. Update the test to try to exercise the printf binding twice.
ok miod@
|
|
ok miod@
|
|
users can't mount a DOS attack against security(8), and for additional
safety against race attacks, make sure they are regular files after
opening and before actually reading them.
Issue originally hinted at by Sevan Janiyan <venture37 at
geeklan dot com dot uk> based on a NetBSD commit message,
then commented on by tedu@, problem finally confirmed by guenther@,
who also provided feedback on the actual patch.
|
|
|
|
|
|
|
|
strtonum() to parse the offset since mail.local writes a trailing
newline. Otherwise comsat just discards the message. OK deraadt@
|
|
with an IPv6 comsat example but it would never get used. OK deraadt@
|
|
fixed everywhere but on sparc for some unknown reason (and did not cause
any havoc in real life).
|
|
|
|
|
|
is non-portable. Also add missing asprintf() return value checks.
OK deraadt@ guenther@ doug@
|
|
instead of corrupting the caller's stack by mistake.
This fixes the mysterious segfaults in __powerpc_read_tcb() reported on
earlier G3 systems - more recent processors have been luckier...
ok deraadt@
|
|
means read-only, which our ld.so already enforced, but a smaller plt section).
|
|
|
|
no change in behaviour as sizeof(char **) is the same as sizeof(char *)
ok otto@ guenther@
|
|
divert-to has many advantages over rdr-to for proxies. For example,
it is much easier to use, requires less code, does not depend on
/dev/pf, works in-band without the asynchronous lookup (DIOCNATLOOK
ioctl), saves us from additional port allocations by the rdr/NAT code,
and even avoids potential collisions and race conditions that could
theoretically happen with the lookup.
Heads up: users will have to update their spamd PF rules from rdr-to
to divert-to. spamd now also listens to 127.0.0.1 instead of "any"
(0.0.0.0) by default which should be fine with most setups but has to
be considered for some special configurations.
Based on a diff is almost two years old but got delayed several times
... beck@: "now is the time to get it in" :)
Tested by many
With help from okan@
OK okan@ beck@ millert@
|
|
ok otto@ guenther@
|
|
|
|
In that particular case, refrain from printing "diff: exit code 1"
because that exit status doesn't indicate an error condition.
Issue noticed by and patch OK'ed by ajacoutot@.
"I agree with the goal, and I suspect the diff actually achieves it" guenther@.
|
|
handling along the way.
Reviews by Brendan MacDonell, Jeremy Devenport, florian, doug, millert
|
|
|
|
|
|
|
|
two characters "on", which can for example happen for NFS mounts.
Patch from Lauri Tirkkonen <lotheac at iki dot fi> on bugs@.
|
|
home directory field, warn explicitly rather than stumbling
into Perl "uninitialized value" warnings.
Issue reported by Denis Lapshin <deniza at mindall dot org>.
OK afresh1@
|
|
|
|
What's worse, the tzfile.h that gets installed is over 20 years old
and doesn't match the real tzfile.h in libc/time. This makes the
tree safe for /usr/include/tzfile.h removal. The TM_YEAR_BASE
define has been moved to time.h temporarily until its usage is
replaced by 1900 in the tree. Actual removal of tzfile.h is pending
a ports build. Based on a diff from deraadt@
|
|
|
|
is embedded in each struct con so the descriptors can't get out of
sync with the pfd[] array. OK deraadt@
|
|
|
|
ok schwarze@
|
|
that includes all currently supported protocols (TLSv1.0, TLSv1.1 and
TLSv1.2). Change all users of libtls to use TLS_PROTOCOLS_ALL so that they
maintain existing behaviour.
Discussed with tedu@ and reyk@.
|
|
|
|
split it; while here, zap trailing whitespace;
|
|
Rationale: when you publish DANE records for certificate pinning, you MUST
offer TLS on the indicated service. Not offering TLS is verboten since
that would re-open the door for a MitM. This is obviously fundamentally
incompatible with having spamd in front of your mailservers - spamd kinda
is a MitM here, but intentional and utterly valid.
DANE is desirable because it allows one to not have to trust the broken
SSL CA model, and, depending on the mode chosen, even show the SSL cert
mafia the middle finger by not needing them at all.
ok reyk jsing bob
|
|
legitimately use random section variables without execve failures...
Because this section is not demand faulted, yield() every page during
the fill otherwise the costs are charged poorly.
ok tedu matthew
|
|
obsolete SIZE_T_MAX. OK miod@ beck@
|
|
|
|
ports is ready, <net/pfvar.h> will stop including a pile of balony.
|
|
so that the remaining information is more visible
ok kettenis miod
|
|
realloc() which is expensive for large blacklists.
|
|
contain "LD_TRACE_LOADED_OBJECTS" support, so this gets done by calling
RTLD_TRACE directly.
ok guenther
|
|
|
|
using it, so it warns... Copy the warning silencing code from the
same function in ../ld.so
|
