| Age | Commit message (Collapse) | Author |
|---|
|
OK tb@
|
|
Just use "read error" since the code also uses "write error" for the
imsg_flush case.
OK tb@
|
|
The imsg handling in here is not quite right. It works but more by luck.
- use imsgbuf_read_one (similar code as found in a few other places)
to read the one message we expect.
- do not call imsgbuf_flush() without a child running to read the data.
With large enough requests imsgbuf_flush() may be locked forever since
there is no reader on the other side of the pipe.
OK tb@
|
|
OK tb@
|
|
OK tb@
|
|
OK tb@
|
|
imsgbuf_init, imsgbuf_clear, imsgbuf_read, imsgbuf_write and imsgbuf_flush.
This separates the imsgbuf API from the per-imsg API.
OK tb@
|
|
OK tb@
|
|
imsg_write() is just a thin wrapper around msgbuf_write(). So this is
mostly search and replace.
OK tb@
|
|
OK tb@
|
|
punt. A single res_query() call can return immediately (e.g. success
or the nameservers are unreachable), or take quite some time,
depending on how many nameservers are configured. So measure the
actual time it takes and decide wat to do based on that.
Early version from beck@; ok claudio@ deraadt@
|
|
partly checked by millert@
|
|
ok tb@
|
|
cannot be resolved, don't spam syslog like crazy. Change the
"DNS lookup tmpfail" message into a log_debug()
ok millert
|
|
found by "'&a->sin6_addr' too small (16 vs 28)" smatch error
ok jca@
|
|
pointer deref in constraint.c reported by bluhm@; ok millert@
|
|
to reply; ok florian@
|
|
OK tb@
|
|
and vice-versa; ok tb@
|
|
|
|
various *d, *conf, *ctl files (where relevant) and simple;
also makes "man -k routing" more useful;
help from claudio and florian
ok claudio florian millert
|
|
ok tb@
|
|
|
|
|
|
innocent -n;
noticed by indivc on misc@
|
|
jmc@ dislikes a comma before "then" in a conditional, so leave those
untouched.
ok jmc@
|
|
|
|
leaked; ok florian@
|
|
macro-build a replacement for sccsid, and was done without any concern
for namespace damage. Unfortunately this practice started infecting
other code as others were unaware they didn't need the file.
ok millert guenther
|
|
3rd (variadic) mode_t parameter is irrelevant. Many developers in the past
have passed mode_t (0, 044, 0644, or such), which might lead future people
to copy this broken idiom, and perhaps even believe this parameter has some
meaning or implication or application. Delete them all.
This comes out of a conversation where tb@ noticed that a strange (but
intentional) pledge behaviour is to always knock-out high-bits from
mode_t on a number of system calls as a safety factor, and his bewilderment
that this appeared to be happening against valid modes (at least visually),
but no sorry, they are all irrelevant junk. They could all be 0xdeafbeef.
ok millert
|
|
functions that take "char *" arguments. Where such chars are
assigned to int or passed to ctype functions, explicitly cast them
to unsigned char.
For OpenBSD's clang, -Wpointer-sign has been disabled by default,
but when the parse.y code was built elsewhere, the compiler would
complain.
With help from millert@
ok benno@ deraadt@
|
|
chroot (and privdrop) in the child procs at this point are all set and done so
pledge("inet id") promises are not required anymore.
analysis and OK @kn
|
|
priv_constraint_child() which is called before we reach pledge(2), therefore we
we don't need to unveil(2) that file nor having pledge("rpath") since it was
only required to read that same file.
OK kn@
|
|
As per the manual and lib/libtls/tls.c revision 1.79 from 2018
"Automatically handle library initialisation for libtls." initialisation
is handled automatically by other tls_*(3) functions.
Remove the tls_init() call to not give the impression of it being needed.
Feedback tb
OK Tests mestre
|
|
fails to report the path that the failure occured on. Suggested by
deraadt@ after some tech discussion.
Work done and verified by Ashton Fagg <ashton@fagg.id.au>
ok deraadt@ semarie@ claudio@
|
|
"shift" consistently. Merge the two offset loops in client_update()
into one. Use a simple assignment for the best value instead of
memcpy(). Use the same mechanism to loop over the offset array
everywhere to avoid an invalid best value.
tested by weerd@; OK claudio@
|
|
|
|
returned by adjtime(2) from the kernel. T1 is local time when the
NTP packet is sent and T4 when the response is received. If between
these events a NTP reply from another server is received, it may
change the kernel offset with adjtime(2). Then the calulation of
the client offset was done with different bases, the result was
wrong and the system time started moving around.
So instead of correcting T1 and T4 individually at different events,
correct their sum once.
Error handling was missing if there is no timestamp in the response.
As this should not happen in our kernel, fatal() is appropriate.
tested by weerd@; OK claudio@
|
|
|
|
incoming icmp) do not register them as replies. Also, fix a bug
introduced in the previous commit: first recompute scale, then
recompute interval, so that when the offset increases and thus the
scale is lowered both the poll interval and the check interval use
the same scale.
First issue spotted by naddy@ second one by and ok semarie@
|
|
go into unsynced mode. The existing code to check if we're unsycned
is only done on receiving an ntp packet which does not happen if
there are connectivity issues. Prodded by naddy@ ok @florian
|
|
Move log level to debug for that case and while there correct the
string, we're reding, not writing.
|
|
configuration file.", but occasionally something else fit better; at the
same time, try to make the format for FILES more consistent;
original diff from clematis
|
|
|
|
definition; from Michael Forney
|
|
|
|
does not work. Make that more clear in the log and ntpdctl -s status.
report by and ok benno@
|
|
similar to what deraadt@ recently did in other manual pages.
|
|
manual pages that document the corresponding configuration files;
OK jmc@, and general direction discussed with many
|
|
the ntp timestamp wrapping in 2036.
|
