Age | Commit message (Expand) | Author |
2015-12-29 | Don't assume fprintf() will set the FILE * error condition. | Todd C. Miller |
2015-12-19 | No need for an extra log.h | Reyk Floeter |
2015-12-19 | Switch and sync to the log.c variant from httpd/relayd/iked/snmpd/vmd. | Reyk Floeter |
2015-12-19 | Move log_sockaddr() to from log.c to util.c as it is a local addition | Reyk Floeter |
2015-12-05 | EAGAIN handling for imsg_read. OK henning@ benno@ | Claudio Jeker |
2015-11-24 | Cache values from getpwnam() done at initialization, which need to be | Theo de Raadt |
2015-11-20 | use RMS for jitter. we're linking with enough libraries that libm is tiny. | Ted Unangst |
2015-11-19 | Simplify all instances of get_string() and get_data() using malloc() and | mmcc |
2015-11-17 | fix memory leak; from David CARLIER | Theo de Raadt |
2015-10-31 | fully revert some parts introduced with the original server rtable support, | Christian Weisgerber |
2015-10-30 | drop unused define; ok reyk@ | Christian Weisgerber |
2015-10-30 | Remove support for sending status reports to syslog on SIGINFO; | Reyk Floeter |
2015-10-25 | the DNS process was not discarding & redirecting stdin/out/err to | Theo de Raadt |
2015-10-23 | Rather than re-opening the driftfile to write, keep it open; rewinding | Theo de Raadt |
2015-10-23 | Allowing upstream servers of ntp being in multiple routing tables is | Peter Hessler |
2015-10-12 | Move execution of the constraints from the ntp to the parent process. | Reyk Floeter |
2015-10-10 | pledge "dns rw" is not a reliable pattern. This means malloc() and other | Theo de Raadt |
2015-10-09 | the ntp engine can run with "stdio inet proc". For many reasons, | Theo de Raadt |
2015-10-09 | Once the constraint engine process is running, it only needs | Theo de Raadt |
2015-10-09 | Change all tame callers to namechange to pledge(2). | Theo de Raadt |
2015-10-05 | this process deserves -fstack-protector-all | Theo de Raadt |
2015-10-03 | the ntp dns process only needs tame "dns rw" to operate. at least, | Theo de Raadt |
2015-10-03 | In the ntpctl(1) case, after it has connect()'d to ntpd we can tame "stdio" | Theo de Raadt |
2015-09-10 | fix type and return check for tls_read/write. | Bob Beck |
2015-09-10 | fix after libtls api changes | Bob Beck |
2015-09-09 | Fix memory leak in error path when max length exceeded. | Todd C. Miller |
2015-08-28 | Xr ntpctl; from Rob Pierce | Theo de Raadt |
2015-08-14 | When checking whether we should scan the sensors again use <= rather | Todd C. Miller |
2015-07-18 | Handle short writes and TLS_{READ,WRITE}_AGAIN around tls_write(). | Alexander Bluhm |
2015-07-18 | prevent the tls constraint state machine from getting hung on STATE_INVALID | Brent Cook |
2015-07-18 | replace _PATH_DEVNULL with "/dev/null", assume it will not move | Brent Cook |
2015-07-18 | replace bzero with memset | Brent Cook |
2015-05-28 | detect crashes from constraint sub-processes, instead of ignoring them. | Theo de Raadt |
2015-05-25 | only scan sensors if they are configured | Theo de Raadt |
2015-05-21 | No need to call tzset() and log_init() in the forked constraint | Reyk Floeter |
2015-05-20 | Remove hotplug(4) sensor support: the code has been disabled by | Reyk Floeter |
2015-05-19 | Get the rdomain from the newly exposed ifi_rdomain field in if_data | Reyk Floeter |
2015-05-18 | Currently, after 4 failed constraint checks, we suspect the constraint | Reyk Floeter |
2015-05-18 | Simplify example constraints URL to reduce load on the server side. | Darren Tucker |
2015-05-17 | When resolving the "constraint" (singular), store all returned IP | Reyk Floeter |
2015-04-21 | fix a memory leak if tls_read() fails. ok henning@ | Jonathan Gray |
2015-03-28 | Avoid overflow on 32-bit time_t systems converting timeval to NTP time. | Brent Cook |
2015-03-26 | do not encourage random uppercasing; | Jason McIntyre |
2015-03-24 | instead of routing SIGHUP thru sighdlr_dns() which then ignores it, | Henning Brauer |
2015-03-14 | remove unused 'cause' string when checking child status | Brent Cook |
2015-03-14 | mention TLS HTTPS here also; ok bcook | Theo de Raadt |
2015-03-11 | -s is not optional, sadly; | Jason McIntyre |
2015-03-02 | remove unused variable | Brent Cook |
2015-02-22 | Rename tls_config_insecure_noverifyhost() to | Joel Sing |
2015-02-22 | Set the TLS ciphers to "compat" mode, restoring the previous behaviour. | Joel Sing |