Age | Commit message (Collapse) | Author | |
---|---|---|---|
2001-08-18 | make pfctl -s state SCREAM; frantzen is now happy | Theo de Raadt | |
2001-08-18 | careful with snprintf() == -1; ho, provos | Theo de Raadt | |
2001-08-18 | also handle snprintf() < 0 | Theo de Raadt | |
2001-08-18 | more careful with snprintf result code | Theo de Raadt | |
2001-08-18 | prettier printing of states | Theo de Raadt | |
2001-08-18 | typo. From: "Brian J. Kifiak" <bk@rt.fm> | Jun-ichiro itojun Hagino | |
2001-08-18 | Add a possibility to add a random offset to the stack on exec. This makes | Artur Grabowski | |
it slightly harder to write generic buffer overflows. This doesn't really give any real security, but it raises the bar for script-kiddies and it's really cheap. The range of the random offsets is controlled by the sysctl kern.stackgap_random (must be a power of 2). This is disabled by default right now, but we'll set it to a reasonable value (1024?) soon, after some more testing. | |||
2001-08-17 | Fix keyed HMAC where the key was longer than the blocksize | Niklas Hallqvist | |
2001-08-17 | Add test with long key, longer than common hmac blocksize | Niklas Hallqvist | |
2001-08-17 | o) {Open,Net,Free}BSD -> .{O,N,F}x; | Mike Pechkin | |
o) "start sentence on new line" issues; o) minimal -mdoc improvements; millert@ ok | |||
2001-08-17 | Rewrite to do lookups depending on ID type. IPv4 and FQDN only for now. | Hakan Olsson | |
2001-08-17 | Sony is Chip ID 2 (like in the Aibo) | Todd C. Miller | |
2001-08-16 | remove unneeded LWRESLIB definition. ok ho@ | Jakob Schlyter | |
2001-08-16 | openssl black magic. | Hakan Olsson | |
2001-08-16 | Don't right-justify this debug message. | Hakan Olsson | |
2001-08-16 | Off-by-one error in [u]fqdn cases, plus better debug messages when | Hakan Olsson | |
looking for public key files. | |||
2001-08-16 | ISAKMP ID type offset was wrong. | Hakan Olsson | |
2001-08-16 | track the line number per-token, so that we can report errors correctly | Theo de Raadt | |
2001-08-16 | do not link with lwres. ok ho@ | Jakob Schlyter | |
2001-08-16 | add support for getrrsetbyname(3) from libc. ok ho@. | Jakob Schlyter | |
2001-08-15 | Some more style... | Hakan Olsson | |
2001-08-15 | A small utility to convert between OpenSSL(1) and DNSSEC key formats. | Hakan Olsson | |
2001-08-15 | Support trusted public (RSA) keys as files too. niklas@ ok. | Hakan Olsson | |
2001-08-14 | The same msg length fix for KAME cases. | Hakan Olsson | |
2001-08-14 | Proper length for PFKEYv2 messages in IPv4-in-IPv6 / IPv6-in-IPv4 flows. | Hakan Olsson | |
2001-08-14 | Print the correct fields in a debug message. (cut'n'paste bug) | Hakan Olsson | |
2001-08-14 | optimize the flags parsing; markus@ ok | Michael Shalayeff | |
2001-08-13 | grammar fix from Joshua Stein <jcs@rt.fm> | Peter Valchev | |
2001-08-13 | use getifaddrs(3) rather than SIOCGIFCONF. in fact, if_map() does not do | Jun-ichiro itojun Hagino | |
the right thing on certain set of interface addresses. SIOCGIFCONF is the worst possible ioctl API... | |||
2001-08-13 | need to use IPV6_IPSEC_POLICY for IPv6 bypass policy setting. from the | Jun-ichiro itojun Hagino | |
country of humppa. | |||
2001-08-12 | Don't coredump if the kernel doesn't support IPv6. | Angelos D. Keromytis | |
2001-08-12 | #(endif|else) foo is incorrect, make it #endif /* foo */ | Heikki Korpela | |
deraadt@ ok | |||
2001-08-11 | Add support for ICMP errors referring to ICMP queries/replies. Fixes | Daniel Hartmeier | |
'ICMP error message for bad proto' messages. Reported by Mark Grimes and Steve Rumble. Add debugging level with ioctl interface and pfctl switch. Default is 'None'. | |||
2001-08-11 | Check socket >= 0. We should also be going through the list of cloned | Angelos D. Keromytis | |
transports and invalidating (somehow) those whose socket should not be used. | |||
2001-08-11 | When a message is received on the wildcard (default) transport, | Angelos D. Keromytis | |
re-examine the interface list; new addresses are bound to, and sockets to deleted addresses are closed. This only occurs if the Listen-to directive in isakmpd.conf is *not* used. | |||
2001-08-11 | \+\n support, and spit out cc-style error messages. the parser's line | Theo de Raadt | |
counting is lex dependent, and will need to be tweaked | |||
2001-08-11 | Add TRANSPORT_MARK, for mark-and-sweep garbage collection of transport | Angelos D. Keromytis | |
instances. | |||
2001-08-11 | Fix keynote credential case again. | Angelos D. Keromytis | |
2001-08-11 | Allocate slightly larger buffer for cert. | Angelos D. Keromytis | |
2001-08-08 | Typo: remove space before period. Spotted by Brian J. Kifiak <bk@rt.fm>. | Heikki Korpela | |
millert@ ok | |||
2001-08-07 | No need to remove /etc/nologin after killing shutdown; signal | Heikki Korpela | |
handler will take care of this. Pointed out by bk@rt.fm; millert@ ok. (Although it was millert@ who asked for it in the first place, bad me for not checking the source. :-) | |||
2001-08-07 | Document how to cancel a scheduled shutdown with kill(1). | Heikki Korpela | |
Also mention that /etc/nologin should be deleted after this if needed. ok millert@ | |||
2001-08-07 | o Fix a typo (heko@iki.fi) | Todd C. Miller | |
o Add text about default labels | |||
2001-08-06 | Update to reality based on sys/disklabel.h | Todd C. Miller | |
2001-08-05 | re-order headers as they should be | Theo de Raadt | |
2001-08-03 | o) We always closes .Bl and .Bd tags; | Mike Pechkin | |
millert@ ok | |||
2001-08-02 | pet peeve, insure vs ensure | Hugh Graham | |
insure is to indemnify against some contingency ensure is to make sure | |||
2001-08-02 | o) .Sh AUTHOR -> .Sh AUTHORS; | Mike Pechkin | |
o) .Sh EXAMPLE -> .Sh EXAMPLES; o) Delete .Sh OPTIONS. Text moved to .Sh DESCRIPTION; millert@ ok | |||
2001-08-02 | nkmempages. | Artur Grabowski | |
2001-08-02 | Let the example config use suites that actually work together. | Hakan Olsson | |