| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2024-11-04 | Ignore extra groups that don't fit in the buffer passed to getgrouplist(3) | Jeremie Courreges-Anglas | |
| Our kernel supports 16 groups (NGROUPS_MAX), but nothing prevents an admin from adding a user to more groups. With that tweak we'll keep on ignoring them instead of potentially reading past the buffer passed to getgrouplist(3). That behavior is explicitely described in initgroups(3). ok millert@ gilles@ | |||
| 2022-02-18 | Avoid gendered language in man pages when not referring to a specific | Jonathan Gray | |
| person. Rewrite or use singular they. ok thfr@ sthen@ daniel@ ian@ job@ kmos@ jcs@ ratchov@ phessler@ and others I'm likely missing on an earlier version. feedback tj@, feedback and ok jmc@ | |||
| 2022-01-28 | When it's the possessive of 'it', it's spelled "its", without the | Philip Guenther | |
| apostrophe. | |||
| 2020-04-05 | "Protocol" keyword no longer used; from martin vahlensieck | Jason McIntyre | |
| 2019-06-28 | When system calls indicate an error they return -1, not some arbitrary | Theo de Raadt | |
| value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future. | |||
| 2018-04-26 | Use <fcntl.h> instead of <sys/file.h> for open() and friends. | Philip Guenther | |
| Delete a bunch of unnecessary #includes and sort to match style(9) while doing the above cleanup. ok deraadt@ krw@ | |||
| 2018-01-16 | Use the monotonic clock to compute the session duration. | cheloha | |
| Ensures the correct duration is logged even if the system time is changed during the session. ok jca@ | |||
| 2016-03-30 | for some time now mandoc has not required MLINKS to function | Jason McIntyre | |
| correctly - logically complete that now by removing MLINKS from base; authors need only to ensure there is an entry in NAME for any function/ util being added. MLINKS will still work, and remain for perl to ease upgrades; ok nicm (curses) bcook (ssl) ok schwarze, who provided a lot of feedback and assistance ok tb natano jung | |||
| 2016-03-29 | - Add missing goto in order to avoid a dereference of a null object | Ricardo Mestre | |
| - While here remove lint comment OK millert@ | |||
| 2015-12-08 | Remove a NULL-check before free(). | mmcc | |
| 2015-11-01 | replace "can not" with "cannot"; | Jason McIntyre | |
| 2015-01-21 | Include <netinet/in.h> before <net/pfvar.h>. In a future change when | Theo de Raadt | |
| ports is ready, <net/pfvar.h> will stop including a pile of balony. | |||
| 2015-01-15 | switch to PATH_MAX | Theo de Raadt | |
| 2014-10-08 | remove stupid cast | Theo de Raadt | |
| 2014-04-02 | use setresgid() | Theo de Raadt | |
| ok guenther millert | |||
| 2013-04-02 | Handle big time_t | Philip Guenther | |
| ok deraadt@ | |||
| 2013-01-19 | fix build with gcc 2 | Miod Vallat | |
| 2013-01-15 | Per group support for authpf rules files in /etc/authpf/groups. | Bob Beck | |
| largely by Frank Timmers <frankt@smurfnet.eu> with fixups by me and jmc@. | |||
| 2012-07-07 | Fix file descriptor leak reported by someone on the mailing list long time | Claudio Jeker | |
| ago. OK beck@ | |||
| 2010-09-02 | remove trailing spaces and tabs; no binary change. | Igor Sobrado | |
| written with help from henning@, who suggested ensuring that there are no changes in the digests for object files, thanks! ok henning@ | |||
| 2010-01-27 | tweak previous: there was a word missing, but i've just changed | Jason McIntyre | |
| the wording to match that of a similar piece of text already in this page; | |||
| 2010-01-27 | search for authpf.message in $USER dirs also | Todd T. Fries | |
| from Rafal Bisingier ravbc at man dot pozman dot pl, ok beck@ | |||
| 2009-11-23 | Make the tree compile again. Henning and I are both quite sure this is | Claudio Jeker | |
| correct. | |||
| 2009-10-26 | "rdr" -> "match in...rdr-to" in example. | Stuart Henderson | |
| 2009-09-08 | Replace remaining occurrence of old PF syntax with "match...nat-to", | Stuart Henderson | |
| and just talk about "rules" rather than "filter and translation rules". Spotted by/ok jmc@ | |||
| 2009-09-08 | Remove some nat-anchor, binat-anchor, rdr-anchor. Noticed by jmc@. | Stuart Henderson | |
| ok henning@ | |||
| 2009-01-10 | Uninitialized variable introduced in 1.110. | Miod Vallat | |
| 2009-01-10 | variable declaration before use, found by vax, no cookie | Todd T. Fries | |
| 2009-01-06 | Support group and login class in authpf.allow (%<group>, @<class>) | Ryan Thomas McBride | |
| ok beck | |||
| 2008-10-07 | protect better against races from incoming signals; slightly changed | Theo de Raadt | |
| from 5394 by tracking the fd instead of the fp. ok beck | |||
| 2008-10-05 | grammar; PR 5394 | Theo de Raadt | |
| 2008-03-18 | Fix mention of authpf_users table (s/authpf users/authpf_users/). | Michael Erdely | |
| ok jmc@, mcbride@ | |||
| 2008-02-14 | Add authpf-noip, which allows multiple users to connect from a single IP; | Ryan Thomas McBride | |
| forces users to write sane rulesets for this by not providing $user_ip or updating the authpf table. testing and prodding by mtu, manpage heavily worked over by jmc ok beck dhartmei henning | |||
| 2008-02-01 | Clean anchors recursively and directly via ioctls rather than using pfctl | Ryan Thomas McBride | |
| with '-f /dev/null'. Properly clears the user's anchor even when anchors are nested inside it (And avoids having to fork() on exit to run pfctl) ok beck@, with testing by mtu@ | |||
| 2007-09-25 | handle empty strings returned by fgets | Charles Longeau | |
| ok ray@ | |||
| 2007-05-31 | convert to new .Dd format; | Jason McIntyre | |
| 2007-02-24 | exit right away if the config file isn't there, rather than | Bob Beck | |
| doing a whole bunch of needless screwing around noticed by Stefan Krah <stefan-usenet@bytereef.org> | |||
| 2007-02-24 | license + copyright | Bob Beck | |
| 2007-02-24 | Pr 5395 from Stefan Krah <stefan-usenet@bytereef.org> | Bob Beck | |
| cleanup: remove unused arg no need to clear locals return -1 to allow pid cleanup to happen if fork fails | |||
| 2007-02-22 | this ftruncate is really not needed now, if we're just unlinking. | Bob Beck | |
| ok millert@ | |||
| 2007-02-22 | close 5389 and 5390, | Bob Beck | |
| unused variable and a chance to unlink the pidfile without lock if we couldn't kill a preexisting authpf process. spotted by Stefan Krah <sfk1@bigfoot.com>. | |||
| 2006-10-23 | no need to use "keep state" and "flags S/SA" in pf rules, | Jason McIntyre | |
| now that it is the default; ok henning mcbride camield (ftp-proxy bits) deraadt | |||
| 2006-08-09 | handle SIGQUIT instead of SIGSTOP, from Stefan Krah | Daniel Hartmeier | |
| 2006-03-17 | FILE * leak | Theo de Raadt | |
| 2006-03-14 | fix incorrect sizeof(), spotted by ckuethe | Bob Beck | |
| ok deraadt@ | |||
| 2006-01-07 | expand the section on ssh tunnelling machanisms; | Jason McIntyre | |
| from michael knudsen | |||
| 2005-12-12 | correct err() usage and remove the do_death which is unneeded in | Bob Beck | |
| the child proceess, (as noticed by <evol@online.ptt.ru>) | |||
| 2005-12-12 | Backout previous change back to 1.92 - My fault, committed diff | Bob Beck | |
| from unclean tree. | |||
| 2005-12-09 | Mine, so modernize license | Bob Beck | |
| 2005-12-09 | calling do_death() after err makes us exit is not smart, and is in | Bob Beck | |
| fact unnecessary, my usage of err() here also repeated the formatted error message twice. - We don't need do_death() here, and fix err to print the message a bit more sanely. Noticed by Andrey Matveev <evol@online.ptt.ru> - Thanks | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |