src - OpenBSD base system

Age	Commit message (Collapse)	Author
2015-01-16	change to <limits.h> universe. The only changes in the binary are due	Theo de Raadt
	to the heavy use of assert. ok millert
2014-11-20	Don't allow embedded nul characters in strings.	Jonathan Gray
	Fixes a pfctl crash with an anchor name containing an embedded nul found with the afl fuzzer. pfctl parse.y patch from and ok deraadt@
2014-11-16	Convert the logic in the error function of the ldap schema parser.	Alexander Bluhm
	Instead of creating a temporary format string, create a temporary message. OK doug@
2014-11-14	Add gcc printf format attributes to yyerror() in parse.y files.	Doug Hogan
	No yyerror() calls needed to be changed. ok bluhm@
2014-11-03	Convert the logic in yyerror(). Instead of creating a temporary	Alexander Bluhm
	format string, create a temporary message. OK claudio@
2014-09-21	eliminate the use of a gcc C extension (conditionals with omitted	Daniel Dickman
	operands). ok deraadt@
2014-09-13	Replace all queue *_END macro calls except CIRCLEQ_END with NULL.	Doug Hogan
	CIRCLEQ_* is deprecated and not called in the tree. The other queue types have _END macros which were added for symmetry with CIRCLEQ_END. They are defined as NULL. There's no reason to keep the other _END macro calls. ok millert@
2014-08-25	Delete secret or secret-derived data with explicit_bzero.	Doug Hogan
	concept ok deraadt@ diff looks ok tedu@
2014-08-11	add a caveat about databases;	Jason McIntyre
	From: Matthew Weigel ok gilles
2014-07-16	zap trailing newlines; "go for it" deraadt	Okan Demirmen

2014-07-13	When the three possible return values are -1, 0, and 1, != 1 is the same	Kenneth R Westerback
	as <= 0. And the latter is the normal idiom so use that. ok claudio@ henning@
2014-07-11	add additional includes required to build with -DOPENSSL_NO_DEPRECATED	Jonathan Gray

2014-06-11	rfc 4512, not 4712;	Jason McIntyre
	From: route dylanharris org
2014-04-15	Remove workarounds for ld reaching MAXDSIZ on vax, now that MAXDSIZ is	Miod Vallat
	more comfortable. Reminded by brad@
2014-01-22	relax the cfg file secrecy check slightly to allow group readability	Henning Brauer
	default permissions and mtree NOT changed. prodded by benno, ok phessler benno jmatthew theo pelikan florian
2013-11-26	deal with msgbuf_write EAGAIN, ok gilles benno	Henning Brauer

2013-11-25	use u_char for buffers in yylex, for ctype calls	Sebastian Benoit
	found by millert@, ok deraadt@
2013-11-23	unsigned char casts for ctype	Theo de Raadt
	ok jca
2013-11-02	bunch of format string cleanups, removing %i, signed vs unsigned, and even	Theo de Raadt
	a few long long's ok jmatthew
2013-09-07	Change default ciphers to HIGH:!aNULL.	Federico G. Schwindt
	reyk@ ok
2013-08-20	replace a predefined string with a mdoc macro; ok jmc, schwarze, sobrado	Mike Belopuhov

2013-08-14	some Bx/Ox conversion;	Jason McIntyre
	From: Jan Stary
2013-08-06	Switch vax to gcc 3.3.6.	Miod Vallat

2013-07-16	use .Mt for email addresses; from Jan Stary <hans at stare dot cz>; ok jmc@	Ingo Schwarze

2013-06-29	do not use Sx for sections outwith the page;	Jason McIntyre
	man4 still to go...
2013-01-28	ssl.c is a very old copy of smtpd's and didn't catch up the bump of the	Gilles Chehade
	DH prime parameter. bring the update from smtpd... openldap client now accepts to connect to a ssl-enabled ldapd server, issue reported by Joel Carnat and Vadim Agarkov diff ok mikeb@ and martinh@
2012-11-12	fix a potential memory leak; OK martinh@ sthen@	Gleydson Soares

2012-09-26	last stage of rfc changes, using consistent Rs/Re blocks, and moving the	Jason McIntyre
	references into a STANDARDS section;
2012-06-16	Protect against fd exhaustion when reopening database files. Only accept	Jonathan Matthew
	client or control connections when there are at least 8 fds available, and close a connection before calling imsg_read if it would be unable to accept an fd from the parent process. ok gilles@
2012-04-24	take a stab at documenting when arguments need quoted, and valid macro	Jason McIntyre
	characters; prompted by a diff from robert peichaer org thanks gilles and henning for feedback ok deraadt zinke
2012-04-11	rate limiting of accept() in various cases. Testing by jmatthew. there	Theo de Raadt
	maybe still be a corner case where it needs one more file descriptor beyond the limit..
2012-04-01	use our umask() before AF_UNIX bind() semantics; ok pyr	Theo de Raadt

2011-06-23	Use a common text explaining how the various configuration parsers using	Stuart Henderson
	the standard OpenBSD-style parse.y handle continuing lines with backslashes, paying particular attention to how comments are handled (which can cause nasty side-effects if you're not expecting it). Most wording from jmc@, with suggestions from fgsch@, marc@, Richard Toohey, patrick keshishian and Florian Obser, ok jmc@.
2011-01-28	document available authentication types and formats.	Martin Hedenfal
	with tweaks from jmc@
2011-01-08	Change detection of indefinite BER lenghts (which is not allowed). Only a	Martin Hedenfal
	length byte of 0x80 is now treated as meaning indefinite. This fixes empty sets sent by the winldap api. Makes authentication through pGina work. with william@
2010-12-17	Unbreak simple passwords with SHA and salted SHA hashes. Revision 1.7	Martin Hedenfal
	introduced a bug that reversed the check. Found by MERIGHI Marcus.
2010-11-26	Unbreak re-indexing by checking if an index entry already exists.	Martin Hedenfal

2010-11-10	Make -dvv flags produce debug traces of decoded BER messages on stderr.	Martin Hedenfal
	Also shows a hexdump of the input buffer if BER decoding fails. Useful when debugging protocol issues.
2010-11-10	Prefix debug logging on stderr with time and pid, like syslog.	Martin Hedenfal

2010-11-05	If the base DN in a search request doesn't exist, return early.	Martin Hedenfal

2010-11-05	When draining the input buffer of more than two complete requests, an	Martin Hedenfal
	additional incomplete request would be truncated. This fixes the number of bytes consumed from the input buffer.
2010-11-05	Change to read better after suggestion from jmc.	Martin Hedenfal

2010-11-04	Only LDAP version 3 is implemented.	Martin Hedenfal

2010-11-04	Document the syntax of schema files. Only a brief synopsis of the attribute	Martin Hedenfal
	type and object class syntax is given, the rest is referred to the RFC.
2010-11-04	Publish matching rules in the cn=schema subentry as the matchingRules	Martin Hedenfal
	attribute. This is an operational attribute and only returned if explicitly asked for. Required by RFC 4517.
2010-11-03	Update the internal btree documentation to reflect the current api.	Martin Hedenfal

2010-11-03	Validate matching rules against attribute syntaxes. All matching rules from	Martin Hedenfal
	RFC 4517 are recognized, except the optional wordMatch and keywordMatch. Requires a current core.schema file.
2010-11-03	caseExactIA5Match is not an appropriate matching rule for directory strings	Martin Hedenfal
	(syntax oid 1.3.6.1.4.1.1466.115.121.1.15). Use caseExactMatch instead. Prepares for upcoming validation of matching rules.
2010-11-03	An index can now also be used for a presence filter.	Martin Hedenfal

2010-11-03	Evaluate filters according to the three-valued logic of X.511, as required	Martin Hedenfal
	by RFC 4511. A filter term can now be evaluated as undefined if the attribute description is not recognized, the attribute type doesn't define the appropriate matching rule, or the filtering is not implemented. This also implements the NOT filter in the query planner.