| Age | Commit message (Collapse) | Author |
|---|
|
Off-by-one pointed out by and diff from Kris Katterjohn katterjohn AT
gmail, thanks!
chris@ pointed out that more than httpd(8) is effected.
OK gilles@
|
|
OK gsoares who says that he forgot about the same diff for months and
that millert@ had OK'ed it.
|
|
has already read the buffer from kernel to user land. I have blindly
copied this code from libevent for syslogd(8) TLS, remove it together
with the bug. It caused hangs in ldapd(8).
report, analysis, testing, OK Seiya Kawashima, Robert Klein, gsoares@
|
|
Fixing the CHECK_RANGE macro in r1.4 revealed that the seconds check
accidentally relied on the macro being broken. While looking into this I
noticed that the timezone check was also wrong, treating the timezone as
optional for generalized times.
investigation and diff mostly by Seiya Kawashima.
|
|
Reported and initial diagnosis from Allan Streib, help/ok millert deraadt
|
|
needs to use "do {} while 0" idiom; all callers need repair also.
Discovered by jsg
|
|
OK jmatthew
|
|
warn with the same severity. Switch log_warn() to LOG_ERR and keep
fatal() at LOG_CRIT.
OK reyk@ florian@
|
|
4k read buffer. This can hang ldapd(8). Setting both to 16k
improves the situation.
report Seiya Kawashima; feedback Robert Klein; test and OK gsoares@
|
|
|
|
to fail earlier and also make them consistent with
other daemons.
while here:
- fix getpwnam(LDAPD_USER) errx()
- no need to skip_chroot
ok jmatthew@
|
|
OK jmatthew@
|
|
by checking argc correctly.
ok guenther@
|
|
reported by ZHANG Huangbin (zhb (at) iredmail.org)
fix by Robert Klein (roklein (at) roklein.de)
|
|
|
|
move daemon-local functions into new logmsg.c, and reduce
the (mostly whitespace) differences so that log.c's can be diffed easily.
ok krw@ jmatthew@
|
|
|
|
steal code.
|
|
TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
|
modern TAILQ_FOREACH_SAFE().
No intentional functional change.
ok millert@ bluhm@ gilles@
|
|
with more modern TAILQ_FOREACH(). This what symget() was already
doing.
Add paranoia '{}' around body of symget()'s TAILQ_FOREACH().
No intentional functional change.
ok bluhm@ otto@
|
|
From Jon Mayo, via Tim Kuijsten
ok mikeb@
|
|
failure
Feedback and OK jsing@
|
|
|
|
|
|
From Rob Pierce, help & ok jmc@
|
|
ok deraadt@
|
|
changes - map the previous configuration to the equivalent in the new
groups. This will be revisited post release.
Discussed with beck@
|
|
change this in all config parsers in our tree that support macros.
problem reported by sven falempin.
feedback from henning@, stsp@, deraadt@
ok florian@ mikeb@
|
|
code from syslogd.
ok beck@ benno@
|
|
idioms.
Adopt the more concise fcntl(n, F_GETFL) over fcntl(n, F_GETFL, 0)
where it is obvious further investigation will not yield and
even better way.
Obviousness evaluation and ok guenther@
|
|
- fix style
- the string pointed to by datadir shouldn't be modified, use const
- initialize datadir at compile time
- in namespace.c, move the extern datadir decl above local decls
|
|
OK landry@ jca@
|
|
|
|
store/read the database, still defaulting to /var/db/ldap.
This will allow running totally separate instances, to be used by an
upcoming regress suite for example.
With a tweak from gsoares@ to check that the directory exists.
ok dlg@ semarie@ jca@
|
|
parent process.
Child process was killed by pledge because it tried to remove the
control socket and didnt have cpath - anyway it couldnt remove it since
it had chrooted..
ok jmatthew@ deraadt@
|
|
ok jung@ tedu@ deraadt@
|
|
|
|
ok krw@
|
|
|
|
|
|
|
|
ok dlg@
|
|
The parent process opens database files ("rpath wpath cpath"), sends fds to
the child ("sendfd"), and does bsd auth on behalf of the child ("getpw proc
exec").
The child process accepts client connections ("inet unix"), receives fds from
the parent ("recvfd") and locks database files ("flock").
ok deraadt@
|
|
(unsigned char) as required
found by Michael McConville (mmcconv1 (at) sccs.swarthmore.edu) w/Coccinelle
|
|
is non-portable. Also add missing asprintf() return value checks.
OK deraadt@ guenther@ doug@
|
|
Leave the error handling up to its callers.
ok reyk
|
|
found by clang, ok henning
|
|
caused a conflict with a new function in LibreSSL but wasn't even used
by ldapd. No functional change.
OK deraadt@
|
|
to the heavy use of assert.
ok millert
|
