| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2014-03-11 | For CA generation, go back to using a two-step procedure to create a CSR and | Stuart Henderson | |
| then self-sign it rather than using the "openssl req" shortcut. This allows us to specify -extfile and thus set the correct certificate extensions so that stricter SSL implementations will trust this as a CA cert, and matches how things are done in ssl(8). This is basically a partial revert of r1.77. Researched by chrisz@, tweak/ok jmc@ ok beck@ | |||
| 2014-03-10 | No need to pass the name of the command to the function that is | Kenneth R Westerback | |
| implementing that command, a pointer to the command arguments is the only thing needed. No need to have a pointer to the command table in every command, since there is only one table. No need for shiney new stack space for every command name and arguments parsed, since we don't recurse we can just use static memory. No intentional functional change. | |||
| 2014-03-09 | Instead of passing around 'char buf[DEV_BSIZE]' buffers, pass around | Kenneth R Westerback | |
| 'struct dos_mbr' variables, since that is what the buffers were used for. Removes need to know about DEV_BSIZE and thus include param.h from all files but one so move the param.h #include to that file (mbr.c). Nuke a bunch of local MBR #defines in favour of the disklabel.h ones. Remove a bunch of unneeded #includes, replace the odd malloc/bzero with calloc, replace equally odd bcopy's with memcpy, remove a stray duplicate MBR parsing in MBR_pcopy(). No intentional functional change. | |||
| 2014-03-08 | It's silly to check at compile time for DEV_BSIZE == 512. | Kenneth R Westerback | |
| ok deraadt@ with gritted teeth on keeping <sys/param.h> for now. | |||
| 2014-03-07 | Relieve the code of an overburden of unnecessary typedef | Kenneth R Westerback | |
| abstraction. Call a 'struct' a 'struct' and not a pony. No functional change. idea ok deraadt@ | |||
| 2014-03-07 | If allocation of 'id' fails, don't try to deref it after 'goto fail'. | Gerhard Roth | |
| ok millert@ | |||
| 2014-03-06 | tweak previous; | Jason McIntyre | |
| 2014-03-05 | fix a null test, from remco. | Ted Unangst | |
| and then modernize some other function pointer calls. | |||
| 2014-03-02 | -l disksize code, to force LBA mode. code by chris, after I suggested | Theo de Raadt | |
| wrapping rows of echo's via fdisk was silly. ok kettenis krw | |||
| 2014-02-28 | Bring back the code removed in rev1.317 used to print anchors with | Mike Belopuhov | |
| wildcard path ("ftp-proxy/*"), but make sure to call it after we're done with the ruleset for the current anchor. On one hand this repairs printing content of such anchors and on the other it allows to use a wildcard on the command line for anchors that were not initially specified with a wildcard. Makes pfctl regress happy again. OK henning, deraadt | |||
| 2014-02-26 | Try to reduce the confusion about rdomain vs rtable. More is needed but | Claudio Jeker | |
| this is a start. With input from many. | |||
| 2014-02-26 | Try to be more precise about rtable and rdomains. | Claudio Jeker | |
| 2014-02-26 | Still a lie, the default is not 0. It is inherited from the process. | Claudio Jeker | |
| OK by many | |||
| 2014-02-26 | don't policy_ref an activate policy (policy_ref/unref are assymetrical), | Markus Friedl | |
| otherwise the policy list might get corrupted; from haesbaert | |||
| 2014-02-26 | short note that the filesystem is always mounted readonly | Ted Unangst | |
| 2014-02-22 | Revert mountpoints tweaking. Needs much more serious surgery than time | Kenneth R Westerback | |
| permits before release, and is pointless without other following diffs to justify it that will not make release. Should fix segfault's during install reported by Rod Whitworth on tech@ | |||
| 2014-02-21 | support rekeying for IPCOMP; ok mikeb@ | Markus Friedl | |
| 2014-02-21 | Permit building without portmap/mountd rpc calls in the fallback nfs path | Theo de Raadt | |
| ok guenther | |||
| 2014-02-18 | check the error from ikev2_cp_setaddr | Markus Friedl | |
| 2014-02-18 | Do not create the default dhcp-client-identifier if an empty string | Kenneth R Westerback | |
| has been configured as the value. i.e. 'send dhcp-client-identifier "";' in dhclient.conf will result in no dhcp-client-identifier (option 61) being sent. Useful for testing dhcp server behaviour. | |||
| 2014-02-17 | interpret 'config address net/prefix' as a pool of addresses and | Markus Friedl | |
| randomly choose the address for CFG_REQUEST. this address will be used to replace 0.0.0.0/32 in the specified flow. e.g. > ikev2 passive esp from 192.168.1.0/24 to 0.0.0.0 \ > config address 192.168.10.200/24 will assign an address between 192.168.10.200 and 192.168.10.254 and replace 0.0.0.0 with this address. ok mikeb@ on older version of this diff. | |||
| 2014-02-17 | basic OCSP support. enable with 'set ocsp "http://10.0.0.10:8888/"' | Markus Friedl | |
| ok mikeb@ | |||
| 2014-02-17 | Fix compiler warnings in the format strings: use %zd for ssize_t and | Reyk Floeter | |
| %zu for size_t. From Andre de Oliveira With input and OK from blambert@ markus@ | |||
| 2014-02-17 | Remove a stray debug printf that crept in via one of the newqueue | Lawrence Teo | |
| commits. ok henning@ | |||
| 2014-02-16 | Further tweak to mpfree(). Don't bother setting about-to-be-freed | Kenneth R Westerback | |
| memory to NULL. | |||
| 2014-02-15 | Don't risk dereferencing NULL pointer to mountpoints array | Kenneth R Westerback | |
| when calling mpfree() with the array. | |||
| 2014-02-15 | Stop leaking mount point strings in temporary copies of the | Kenneth R Westerback | |
| mountpoints array. | |||
| 2014-02-14 | Ooops. r1.169 was supposed to add 'total sectors' to the list of | Kenneth R Westerback | |
| fields that are ignored when reading an ascii disklabel. Actually remove the parsing of 'total sectors', which was just above the line trying to skip said parsing. Spotted when halex@ forced me to read this code again. | |||
| 2014-02-14 | remove unused function that distracts from cleaning up the imsg_flush() mess | Sebastian Benoit | |
| ok krw, florian, henning | |||
| 2014-02-14 | initial support for IPComp | Markus Friedl | |
| still experimental and rekeying needs some work; ok mikeb@ | |||
| 2014-02-13 | mark up argument placeholders with .Ar; from Jan Stary <hans at stare dot cz> | Ingo Schwarze | |
| 2014-02-13 | Hard looping on EAGAIN is bad. Just fall out to outer event loop | Kenneth R Westerback | |
| when EAGAIN is encountered while trying to flush messages. | |||
| 2014-02-12 | make sure to set the msg_responded flag on the original message; ok mikeb@ | Markus Friedl | |
| 2014-02-09 | Don't use imsg_flush(), roll a local flush_unpriv_ibuf() that loops | Kenneth R Westerback | |
| on EAGAIN, sets quit to INTERNALSIG on errors (unless quit is already set to something else), and prints a consistant error message when errors other than EPIPE and end of file are encountered. Fixes failure to write resolv.conf when -L is used, and makes add_address() and add_route() also wait until imsg is in pipe. | |||
| 2014-02-09 | Nuke a couple of extraneous blank lines. | Kenneth R Westerback | |
| 2014-02-09 | Use correct function name in error message. 'cleanup' was renamed | Kenneth R Westerback | |
| 'sendhup' a while ago. | |||
| 2014-02-09 | Missing {} around multi-statement else. Malformed IMSG_HUP messages should | Kenneth R Westerback | |
| not cause privileged process to exit. | |||
| 2014-02-08 | Create dhclient lease files and dhcpd lease files with permissions 0640, | Kenneth R Westerback | |
| rather than 0000 and 0664 respectively. ok kettenis@ tedu@ | |||
| 2014-02-07 | Create -L leases files with the same 0000 permissions as regular | Kenneth R Westerback | |
| leases.IF files. Inconsistency pointed out by Jiri B. | |||
| 2014-02-07 | Log failures to fchmod() or fchown() the file written in | Kenneth R Westerback | |
| priv_write_file(). | |||
| 2014-02-07 | Nuke unused #define CLIENT_PATH. A remnant of dhclient-script. | Kenneth R Westerback | |
| 2014-02-05 | add a fstab example, with help from and ok jmc@ | Nick Holland | |
| 2014-02-05 | Always set the signature to DOSMBR_SIGNATURE when writing a MBR to | Kenneth R Westerback | |
| disk. This means skipping the '(U)pdate' command after editing the MBR will still produce something disklabel(8) will respect in the morning. Problem noted by David Vasek. ok jsing@ toby@. Moral support halex@. | |||
| 2014-01-25 | Correct parsing of dhclient.conf statements 'fixed-address' and | Kenneth R Westerback | |
| 'next-server'. Modify new lease being cloned with their values rather than overwriting original lease being cloned. | |||
| 2014-01-24 | Don't include <machine/vmparam.h> directly. Instead, get it with its necessary | Miod Vallat | |
| dependencies via <sys/sysctl.h>. Unbreaks ppc userland build. | |||
| 2014-01-24 | re-lookup the policy as soon as we have the ID of the peer (destid) | Markus Friedl | |
| ok mikeb@ | |||
| 2014-01-24 | enable format-string checks for log_*(); ok mikeb | Markus Friedl | |
| 2014-01-24 | make sure sa_lookup() can actually find SAs; ok mikeb | Markus Friedl | |
| 2014-01-24 | don't leak prv RSA key for each signature; ok mikeb | Markus Friedl | |
| 2014-01-24 | use a bit saner timer api | Mike Belopuhov | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |