src - OpenBSD base system

Age	Commit message (Collapse)	Author
2017-03-01	add missing rcsid	Gleydson Soares

2017-03-01	move up getpid() and getpwnam(LDAP USER) checks	Gleydson Soares
	to fail earlier and also make them consistent with other daemons. while here: - fix getpwnam(LDAPD_USER) errx() - no need to skip_chroot ok jmatthew@
2017-02-24	Implement fork+exec model	Gleydson Soares
	OK jmatthew@
2017-02-22	print a formatted errx() string instead of segfault,	Gleydson Soares
	by checking argc correctly. ok guenther@
2017-02-11	Correct handling of requests to delete individual attribute values.	Philip Guenther
	reported by ZHANG Huangbin (zhb (at) iredmail.org) fix by Robert Klein (roklein (at) roklein.de)
2017-01-20	unbreak tree	Sebastian Benoit

2017-01-20	work on making log.c similar in all daemons:	Sebastian Benoit
	move daemon-local functions into new logmsg.c, and reduce the (mostly whitespace) differences so that log.c's can be diffed easily. ok krw@ jmatthew@
2017-01-20	Correctly list all libraries required.	Theo de Raadt

2017-01-17	Nuke some whitespace that keeps poking me in the eye as I try to	Kenneth R Westerback
	steal code.
2017-01-09	Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with	Kenneth R Westerback
	TAILQ_FOREACH(). No intentional functional change. ok reyk@
2017-01-05	Replace hand-rolled for(;;) emptying of 'symhead' TAILQ with more	Kenneth R Westerback
	modern TAILQ_FOREACH_SAFE(). No intentional functional change. ok millert@ bluhm@ gilles@
2017-01-05	Replace symset()'s hand-rolled for(;;) traversal of 'symhead' TAILQ	Kenneth R Westerback
	with more modern TAILQ_FOREACH(). This what symget() was already doing. Add paranoia '{}' around body of symget()'s TAILQ_FOREACH(). No intentional functional change. ok bluhm@ otto@
2016-12-02	Fix leaks by freeing 'path' and 'lru_queue' in btree_close().	Jonathan Matthew
	From Jon Mayo, via Tim Kuijsten ok mikeb@
2016-11-30	Check return value of tls_config_set_protocols(3) and bail out in case of	Ricardo Mestre
	failure Feedback and OK jsing@
2016-10-17	Tweak /etc/ldap/certs/ FILES entry.	Jeremie Courreges-Anglas

2016-10-17	In FILES mention /etc/ldapd.conf first, then /etc/ldap/ entries	Jeremie Courreges-Anglas

2016-10-17	Fix a few mistakes and add a FILES entry for /etc/ldap/certs	Jeremie Courreges-Anglas
	From Rob Pierce, help & ok jmc@
2016-08-27	Pull in <sys/time.h> for gettimeofday()	Philip Guenther
	ok deraadt@
2016-07-13	Adjust existing tls_config_set_cipher() callers for TLS cipher group	Joel Sing
	changes - map the previous configuration to the equivalent in the new groups. This will be revisited post release. Discussed with beck@
2016-06-21	do not allow whitespace in macro names, i.e. "this is" = "a variable".	Sebastian Benoit
	change this in all config parsers in our tree that support macros. problem reported by sven falempin. feedback from henning@, stsp@, deraadt@ ok florian@ mikeb@
2016-05-01	convert ldapd to use the libtls api, bringing in a copy of the evbuffer_tls	Jonathan Matthew
	code from syslogd. ok beck@ benno@
2016-03-20	Currently we have about a 50/50 split over fcntl(n, F_GETFL [,0])	Kenneth R Westerback
	idioms. Adopt the more concise fcntl(n, F_GETFL) over fcntl(n, F_GETFL, 0) where it is obvious further investigation will not yield and even better way. Obviousness evaluation and ok guenther@
2016-02-04	Minor ldapd -r tweaks	Jeremie Courreges-Anglas
	- fix style - the string pointed to by datadir shouldn't be modified, use const - initialize datadir at compile time - in namespace.c, move the extern datadir decl above local decls
2016-02-02	use stat(2) instead of chdir(2) to check if given the directory is valid.	Gleydson Soares
	OK landry@ jca@
2016-02-01	some -r fixes;	Jason McIntyre

2016-02-01	Add -r argument to ldapd, to specify an alternative directory to	Landry Breuil
	store/read the database, still defaulting to /var/db/ldap. This will allow running totally separate instances, to be used by an upcoming regress suite for example. With a tweak from gsoares@ to check that the directory exists. ok dlg@ semarie@ jca@
2016-01-17	Properly remove unix sockets (control & listening) upon exit of the	Landry Breuil
	parent process. Child process was killed by pledge because it tried to remove the control socket and didnt have cpath - anyway it couldnt remove it since it had chrooted.. ok jmatthew@ deraadt@
2015-12-30	SSL_CTX_free() and SSL_free() check for null so dont do it in ldapd	Sebastian Benoit
	ok jung@ tedu@ deraadt@
2015-12-24	bzero -> memset. No binary change.	mmcc

2015-12-24	use strndup instead of malloc/strncpy/nul	mmcc
	ok krw@
2015-12-22	commiting -> committing	mmcc

2015-12-10	Remove NULL-checks before free(). ok tb@	mmcc

2015-12-05	#include <string.h> not strings.h	Claudio Jeker

2015-11-02	use SOCK_NONBLOCK instead of fcntl	Jonathan Matthew
	ok dlg@
2015-11-02	Both ldapd processes need "stdio" to talk to clients and each other.	Jonathan Matthew
	The parent process opens database files ("rpath wpath cpath"), sends fds to the child ("sendfd"), and does bsd auth on behalf of the child ("getpw proc exec"). The child process accepts client connections ("inet unix"), receives fds from the parent ("recvfd") and locks database files ("flock"). ok deraadt@
2015-10-11	The <ctype.h> is*() interfaces expect EOF or an unsigned char; cast to	Philip Guenther
	(unsigned char) as required found by Michael McConville (mmcconv1 (at) sccs.swarthmore.edu) w/Coccinelle
2015-06-03	Do not assume that asprintf() clears the pointer on failure, which	Todd C. Miller
	is non-portable. Also add missing asprintf() return value checks. OK deraadt@ guenther@ doug@
2015-02-12	ber_printf_elements should return NULL if any of its parts fail.	Martin Pelikan
	Leave the error handling up to its callers. ok reyk
2015-02-11	initialize a variable in case "goto done" makes us compare it	Martin Pelikan
	found by clang, ok henning
2015-01-28	Remove ssl_by_mem_ctrl() and x509_mem_lookup to unbreak the build. It	Reyk Floeter
	caused a conflict with a new function in LibreSSL but wasn't even used by ldapd. No functional change. OK deraadt@
2015-01-16	change to <limits.h> universe. The only changes in the binary are due	Theo de Raadt
	to the heavy use of assert. ok millert
2014-11-20	Don't allow embedded nul characters in strings.	Jonathan Gray
	Fixes a pfctl crash with an anchor name containing an embedded nul found with the afl fuzzer. pfctl parse.y patch from and ok deraadt@
2014-11-16	Convert the logic in the error function of the ldap schema parser.	Alexander Bluhm
	Instead of creating a temporary format string, create a temporary message. OK doug@
2014-11-14	Add gcc printf format attributes to yyerror() in parse.y files.	Doug Hogan
	No yyerror() calls needed to be changed. ok bluhm@
2014-11-03	Convert the logic in yyerror(). Instead of creating a temporary	Alexander Bluhm
	format string, create a temporary message. OK claudio@
2014-09-21	eliminate the use of a gcc C extension (conditionals with omitted	Daniel Dickman
	operands). ok deraadt@
2014-09-13	Replace all queue *_END macro calls except CIRCLEQ_END with NULL.	Doug Hogan
	CIRCLEQ_* is deprecated and not called in the tree. The other queue types have _END macros which were added for symmetry with CIRCLEQ_END. They are defined as NULL. There's no reason to keep the other _END macro calls. ok millert@
2014-08-25	Delete secret or secret-derived data with explicit_bzero.	Doug Hogan
	concept ok deraadt@ diff looks ok tedu@
2014-08-11	add a caveat about databases;	Jason McIntyre
	From: Matthew Weigel ok gilles
2014-07-16	zap trailing newlines; "go for it" deraadt	Okan Demirmen