src - OpenBSD base system

Age	Commit message (Collapse)	Author
9 days	Take into account how long the dns probe takes before decding to	Otto Moerbeek
	punt. A single res_query() call can return immediately (e.g. success or the nameservers are unreachable), or take quite some time, depending on how many nameservers are configured. So measure the actual time it takes and decide wat to do based on that. Early version from beck@; ok claudio@ deraadt@
2023-04-19	remove duplicate includes	Jonathan Gray

2021-10-24	For open/openat, if the flags parameter does not contain O_CREAT, the	Theo de Raadt
	3rd (variadic) mode_t parameter is irrelevant. Many developers in the past have passed mode_t (0, 044, 0644, or such), which might lead future people to copy this broken idiom, and perhaps even believe this parameter has some meaning or implication or application. Delete them all. This comes out of a conversation where tb@ noticed that a strange (but intentional) pledge behaviour is to always knock-out high-bits from mode_t on a number of system calls as a safety factor, and his bewilderment that this appeared to be happening against valid modes (at least visually), but no sorry, they are all irrelevant junk. They could all be 0xdeafbeef. ok millert
2020-04-12	If all addresses are numeric no use for dns probe; ok florian@ sthen@	Otto Moerbeek

2020-04-11	Zap double definition of conf and make ibuf_dns static to avoid double	Otto Moerbeek
	definition; from Michael Forney
2019-06-27	Allow logging to both stderr and syslog; don't reset the log level if	Otto Moerbeek
	the log destination changes. ok claudio@ benno@
2019-06-20	Do a quick DNS probe to decide to stay in the forground and attempt	Otto Moerbeek
	an (auto) settime or give up. 15s timeout is still in effect. ok florian@
2019-06-12	Fix init of syslog for childs and teach dns process about synced state.	Otto Moerbeek
	ok benno@
2019-05-28	A step in solving the bootstrap problem in a dnssec environement.	Otto Moerbeek
	If the time is wrong, we cannot validate dnssec, leading to failed DNS lookups, so we cannot adjust or set the time. Work around this by repeating a failed DNS lookup with a lookup with the DC (check disabled) bit set. ok florian@
2017-04-17	don't manipulate hdr.len, it's used internally by libutil now; ok florian@	Otto Moerbeek

2016-09-26	Teach ntpd(8) how to use socket status to shutdown the daemon. While at	Rafael Zalamena
	it, remove some verbose shutdown messages that we had before with pipe close. ok reyk@
2016-09-14	Teach ntpd(8) how to fork+exec.	Rafael Zalamena
	ok reyk@, bcook@
2016-09-03	Remove the oh so funny "LOSS OF MIND" from the diclaimer that was not	Reyk Floeter
	part of the original ISC license that we use in OpenBSD. Done for files were Henning is the original author. OK henning@ deraadt@
2015-12-19	Switch and sync to the log.c variant from httpd/relayd/iked/snmpd/vmd.	Reyk Floeter
	OK bcook@ jung@
2015-12-05	EAGAIN handling for imsg_read. OK henning@ benno@	Claudio Jeker

2015-10-25	the DNS process was not discarding & redirecting stdin/out/err to	Theo de Raadt
	/dev/null. copy the code from the ntp engine.
2015-10-10	pledge "dns rw" is not a reliable pattern. This means malloc() and other	Theo de Raadt
	types of functions (perhaps required by 'stdio' or 'libevent' will not become available unless DNS suceeds. Replace it with "stdio dns".
2015-10-09	Change all tame callers to namechange to pledge(2).	Theo de Raadt

2015-10-03	the ntp dns process only needs tame "dns rw" to operate. at least,	Theo de Raadt
	that's the case after kernel code got fixed to handle inet6 for dns...
2015-03-24	instead of routing SIGHUP thru sighdlr_dns() which then ignores it,	Henning Brauer
	ignore it directly. no functional change. Rafael Neves rafaelneves at gmail
2015-02-12	Use ntpd's deferred DNS resolving for constraints as well. This	Reyk Floeter
	allows to get constraint addresses even if network/DNS is not available at startup (or system boot). thumbs up & OK henning@
2015-01-21	Fix deferred host DNS lookups.	Brent Cook
	If the network is unreachable when ntpd starts and host_dns fails, be sure that we still close the HOST_DNS imsg. Thanks to Paul de Weerd <weerd at weirdnet dot nl> for reporting this. ok beck@
2015-01-13	fix some memory leaks in dns handling.	Brent Cook
	- Nothing seems to free the result of host_dns(), so add host_dns_free() and call after each query. - If imsg_add() fails, it frees buf. Avoid subsequently dereferencing the freed buf in imsg_close(). ok millert@ deraadt@
2015-01-09	remove excessive/wrong use of sys/param.h	Theo de Raadt
	peanuts -- but all work has to start somewhere.
2014-02-10	Run the serving and privileged ntpd processes at high priority and the	Darren Tucker
	dns process at normal priority. Should improve latency on loaded machines. ok henning@
2013-11-13	from sthen: handle msgbuf_write() returning EAGAIN	Sebastian Benoit
	ok krw
2010-05-26	Rename some imsg bits to make namespace collisions less likely buf to	Nicholas Marriott
	ibuf, buf_read to ibuf_read, READ_BUF_SIZE to IBUF_READ_SIZE. ok henning gilles claudio jacekm deraadt
2009-02-10	endservent() not needed here; ok henning@	Kevin Steves

2008-09-12	move dns lookups to its own (privilege revoking, not chrooting) process.	Henning Brauer
	reason: the parent process must never ever block, but the dns routines can. last not least this fixes ntpd -s 'hanging' for a long time. tested by a couple of people