| Age | Commit message (Collapse) | Author |
|---|
|
OK tb@
|
|
OK tb@
|
|
OK tb@
|
|
OK tb@
|
|
imsgbuf_init, imsgbuf_clear, imsgbuf_read, imsgbuf_write and imsgbuf_flush.
This separates the imsgbuf API from the per-imsg API.
OK tb@
|
|
OK tb@
|
|
imsg_write() is just a thin wrapper around msgbuf_write(). So this is
mostly search and replace.
OK tb@
|
|
Adjust the error check that is now wrong after the inet_aton -> inet_pton
conversion.
Noticed by & OK bluhm.
OK tb
|
|
OK claudio
|
|
OK tb@
|
|
There is a long term goal to remove ibuf_seek from the public ibuf API
since the function is a bit tricky to use.
OK tb@
|
|
OK tb@
|
|
the change is not trivial and I don't have a eigrp testbed.
OK tb@
|
|
|
|
ok miod@ millert@
|
|
various *d, *conf, *ctl files (where relevant) and simple;
also makes "man -k routing" more useful;
help from claudio and florian
ok claudio florian millert
|
|
any parts of his diff not taken are noted on tech
|
|
Remove the IN_BADCLASS() check which filters out the experimental IPv4
address space. Now there are no more experiments in IPv4 and so there
is less reason for these network daemons to deny such an IP.
Everything still disallows multicast IPs (224/4) and loopback (127/8)
a few also disallow 0/8 but this is not consistent.
In any case using 240/4 in production is a really bad idea but it is
not up to this software to prevent you from being a fool.
OK deraadt@ tb@
|
|
ok guenther@
|
|
macro-build a replacement for sccsid, and was done without any concern
for namespace damage. Unfortunately this practice started infecting
other code as others were unaware they didn't need the file.
ok millert guenther
|
|
|
|
functions that take "char *" arguments. Where such chars are
assigned to int or passed to ctype functions, explicitly cast them
to unsigned char.
For OpenBSD's clang, -Wpointer-sign has been disabled by default,
but when the parse.y code was built elsewhere, the compiler would
complain.
With help from millert@
ok benno@ deraadt@
|
|
|
|
and config_clear(). Also set log_procname directly and remove the
log_procnames array.
|
|
the same thing.
|
|
control_state and ctl_conns structs into control.c nothing else
uses these structs.
|
|
|
|
before accessing anything in ifa_addr.
ok claudio@
|
|
configuration file.", but occasionally something else fit better; at the
same time, try to make the format for FILES more consistent;
original diff from clematis
|
|
|
|
manual pages that document the corresponding configuration files;
OK jmc@, and general direction discussed with many
|
|
error prone than manually editing rc.conf.local, and also works to
enable ipsec and accounting.
tweak from schwarze@ to use the \(dq\(dq syntax for quotes in '.Dl
foo_flags="" lines' instead of \&"\&".
while at it, fix a reference to a bogus /dev/dhclient.conf file that
recently snuck in.
ok jmc@ deraadt@ schwarze@
|
|
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future.
|
|
descriptor keeps CLOEXEC flag then it will be closed unexpectedly by
exec().
ok tedu florian
|
|
larger types really is a range reduction...
Almost any cast to (unsigned) is a bug.
ok millert tb benno
|
|
the prefixlen is never bigger than 128 for inet6.
OK remi@
|
|
(and other lexers too)
This commit rectifies earlier change:
in the lex... even inside quotes, a \ followed by space or tab should
expand to space or tab, and a \ followed by newline should be ignored
(as a line continuation). compatible with the needs of hoststated
(which has the most strict quoted string requirements), and ifstated
(where one commonly does line continuations in strings).
OK deraadt@, OK millert@
|
|
the eigrp instances on shutdown.
tried to contact renato@ but he didn't answer in almost 2 months
OK benno@ claudio@
|
|
"looks good" gilles@ halex@
|
|
|
|
that not deleting the unix control sockets cause no harm and this way we close
another attack surface by not allowing the daemon to create/delete any more
files.
tweak and OK florian@
|
|
previous commit.
heads up and OK tb@
|
|
unlink(2)ed from eigrpe engine process, the problem is that this proc is
chrooted and therefore the socket will never be deleted.
In order to solve it we need to bring control_cleanup() function, which calls
unlink(2), into the main proc which is not chrooted. This is the way it's
already done for several other daemons we have in our base.
Additionally we also need to move the "cpath" pledge(2) promise from the child
process to the main process in order for the latter to be allowed to delete the
socket and while here shuffle the promises into their canonical form.
OK florian@ and benno@
|
|
out of memory log_warn(). i.e. ("%s", __func__) instead of manual
function names and redundant verbiage about which wrapper detected the
out of memory condition.
ok henning@
|
|
|
|
calloc or strdup), we just need to log that we ran out of memory in a
particular function.
Recommended by florian@ and deraadt@
ok benno@ henning@ tb@
|
|
use a more general text for the sections, and avoid the catchup issue
that was trying to document how many there were;
ok benno rob
|
|
Thanks to otto@ for the initial diff.
OK benno@
|
|
ok benno@
|
|
the desync cases. OK benno@
|
