summaryrefslogtreecommitdiff
path: root/sbin
AgeCommit message (Collapse)Author
2001-08-18prettier printing of statesTheo de Raadt
2001-08-18typo. From: "Brian J. Kifiak" <bk@rt.fm>Jun-ichiro itojun Hagino
2001-08-18Add a possibility to add a random offset to the stack on exec. This makesArtur Grabowski
it slightly harder to write generic buffer overflows. This doesn't really give any real security, but it raises the bar for script-kiddies and it's really cheap. The range of the random offsets is controlled by the sysctl kern.stackgap_random (must be a power of 2). This is disabled by default right now, but we'll set it to a reasonable value (1024?) soon, after some more testing.
2001-08-17Fix keyed HMAC where the key was longer than the blocksizeNiklas Hallqvist
2001-08-17Add test with long key, longer than common hmac blocksizeNiklas Hallqvist
2001-08-17o) {Open,Net,Free}BSD -> .{O,N,F}x;Mike Pechkin
o) "start sentence on new line" issues; o) minimal -mdoc improvements; millert@ ok
2001-08-17Rewrite to do lookups depending on ID type. IPv4 and FQDN only for now.Hakan Olsson
2001-08-17Sony is Chip ID 2 (like in the Aibo)Todd C. Miller
2001-08-16remove unneeded LWRESLIB definition. ok ho@Jakob Schlyter
2001-08-16openssl black magic.Hakan Olsson
2001-08-16Don't right-justify this debug message.Hakan Olsson
2001-08-16Off-by-one error in [u]fqdn cases, plus better debug messages whenHakan Olsson
looking for public key files.
2001-08-16ISAKMP ID type offset was wrong.Hakan Olsson
2001-08-16track the line number per-token, so that we can report errors correctlyTheo de Raadt
2001-08-16do not link with lwres. ok ho@Jakob Schlyter
2001-08-16add support for getrrsetbyname(3) from libc. ok ho@.Jakob Schlyter
2001-08-15Some more style...Hakan Olsson
2001-08-15A small utility to convert between OpenSSL(1) and DNSSEC key formats.Hakan Olsson
2001-08-15Support trusted public (RSA) keys as files too. niklas@ ok.Hakan Olsson
2001-08-14The same msg length fix for KAME cases.Hakan Olsson
2001-08-14Proper length for PFKEYv2 messages in IPv4-in-IPv6 / IPv6-in-IPv4 flows.Hakan Olsson
2001-08-14Print the correct fields in a debug message. (cut'n'paste bug)Hakan Olsson
2001-08-14optimize the flags parsing; markus@ okMichael Shalayeff
2001-08-13grammar fix from Joshua Stein <jcs@rt.fm>Peter Valchev
2001-08-13use getifaddrs(3) rather than SIOCGIFCONF. in fact, if_map() does not doJun-ichiro itojun Hagino
the right thing on certain set of interface addresses. SIOCGIFCONF is the worst possible ioctl API...
2001-08-13need to use IPV6_IPSEC_POLICY for IPv6 bypass policy setting. from theJun-ichiro itojun Hagino
country of humppa.
2001-08-12Don't coredump if the kernel doesn't support IPv6.Angelos D. Keromytis
2001-08-12#(endif|else) foo is incorrect, make it #endif /* foo */Heikki Korpela
deraadt@ ok
2001-08-11Add support for ICMP errors referring to ICMP queries/replies. FixesDaniel Hartmeier
'ICMP error message for bad proto' messages. Reported by Mark Grimes and Steve Rumble. Add debugging level with ioctl interface and pfctl switch. Default is 'None'.
2001-08-11Check socket >= 0. We should also be going through the list of clonedAngelos D. Keromytis
transports and invalidating (somehow) those whose socket should not be used.
2001-08-11When a message is received on the wildcard (default) transport,Angelos D. Keromytis
re-examine the interface list; new addresses are bound to, and sockets to deleted addresses are closed. This only occurs if the Listen-to directive in isakmpd.conf is *not* used.
2001-08-11\+\n support, and spit out cc-style error messages. the parser's lineTheo de Raadt
counting is lex dependent, and will need to be tweaked
2001-08-11Add TRANSPORT_MARK, for mark-and-sweep garbage collection of transportAngelos D. Keromytis
instances.
2001-08-11Fix keynote credential case again.Angelos D. Keromytis
2001-08-11Allocate slightly larger buffer for cert.Angelos D. Keromytis
2001-08-08Typo: remove space before period. Spotted by Brian J. Kifiak <bk@rt.fm>.Heikki Korpela
millert@ ok
2001-08-07No need to remove /etc/nologin after killing shutdown; signalHeikki Korpela
handler will take care of this. Pointed out by bk@rt.fm; millert@ ok. (Although it was millert@ who asked for it in the first place, bad me for not checking the source. :-)
2001-08-07Document how to cancel a scheduled shutdown with kill(1).Heikki Korpela
Also mention that /etc/nologin should be deleted after this if needed. ok millert@
2001-08-07o Fix a typo (heko@iki.fi)Todd C. Miller
o Add text about default labels
2001-08-06Update to reality based on sys/disklabel.hTodd C. Miller
2001-08-05re-order headers as they should beTheo de Raadt
2001-08-03o) We always closes .Bl and .Bd tags;Mike Pechkin
millert@ ok
2001-08-02pet peeve, insure vs ensureHugh Graham
insure is to indemnify against some contingency ensure is to make sure
2001-08-02o) .Sh AUTHOR -> .Sh AUTHORS;Mike Pechkin
o) .Sh EXAMPLE -> .Sh EXAMPLES; o) Delete .Sh OPTIONS. Text moved to .Sh DESCRIPTION; millert@ ok
2001-08-02nkmempages.Artur Grabowski
2001-08-02Let the example config use suites that actually work together.Hakan Olsson
2001-08-01Correct diagnostic string per PR 1981 by Kaspar Toomik.Hugh Graham
2001-07-31allow to test that flags are unset, ok dhartmei@, mickey@Peter Stromberg
2001-07-29-Wunused for KAME caseJun-ichiro itojun Hagino
2001-07-28start sentence on new line, from mpech@Daniel Hartmeier
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-18 12:52:11 +0000