Age | Commit message (Expand) | Author |
2016-05-31 | with the kernel perm check fixed, we can do this kevent after setuid, | Ted Unangst |
2016-05-13 | fix logging. | Ted Unangst |
2016-05-02 | prepare userland for removing chroot(2) from allowed syscalls under pledge(2). | Sebastien Marie |
2016-01-03 | forgot to call RB_INIT. but yet things mostly worked... | Ted Unangst |
2015-12-17 | add return code to newrequest to distinguish between cache hit and error. | Ted Unangst |
2015-12-12 | correct comment | Ted Unangst |
2015-12-11 | it's not necessary to use a tree to track requests if kevent can do this. | Ted Unangst |
2015-12-08 | more better fake replies. servfail is the correct response. | Ted Unangst |
2015-12-05 | all the signal ignoring can be done in one place | Ted Unangst |
2015-12-05 | pull the config file opening up considerably earlier to fail fast. | Ted Unangst |
2015-12-04 | refine some logging and error messages. errors will now always go to stderr | Ted Unangst |
2015-12-04 | push daemon call a little later so if the address is in use we see the | Ted Unangst |
2015-12-04 | one signal.h should suffice | Ted Unangst |
2015-12-04 | ignore SIGPIPE. i don't see any way for it to happen, but nevertheless we | Ted Unangst |
2015-12-04 | - sync usage | Gleydson Soares |
2015-12-03 | when running on a machine without net, rebound will still receive queries | Ted Unangst |
2015-12-02 | tell readers about config reloads. | Sebastian Benoit |
2015-12-01 | add missing fclose(3) | Gleydson Soares |
2015-11-27 | add getpw to pledge. rpath would normally suffice, but there's some double | Ted Unangst |
2015-11-24 | use canonical pledge argument ordering | Theo de Raadt |
2015-11-16 | improve logging slightly | Ted Unangst |
2015-11-16 | the list insertion needs to occur right after we get a valid socket, | Ted Unangst |
2015-11-10 | kill the whitespace.. kill the whitespace.. | Theo de Raadt |
2015-11-01 | chroot to pw_dir instead of the hard-coded /var/empty. Also make the | Reyk Floeter |
2015-10-30 | it is necessary to call tzset() to get syslog timestamps correct. | Ted Unangst |
2015-10-29 | put timeout nullification in correct spot | Ted Unangst |
2015-10-29 | be a little more precise about checking filters | Ted Unangst |
2015-10-29 | refold a few lines | Ted Unangst |
2015-10-29 | collect some cool stats and print them out with SIGUSR1 | Ted Unangst |
2015-10-28 | impose some limit on the cache size as well. | Ted Unangst |
2015-10-28 | if accept() fails due to fd exhaustion, stop accepting for one second. | Ted Unangst |
2015-10-28 | bug in the request tree code: requests were being added to the tree before | Ted Unangst |
2015-10-28 | twiddle with rlimit to give us a few more files. use rlimit as a hint as | Ted Unangst |
2015-10-28 | add pledge to main process, though it needs a few more options | Ted Unangst |
2015-10-28 | use an rb tree for the cache too. modelled after the reqtree. | Ted Unangst |
2015-10-28 | use an rb tree for finding requests. from Dimitris Papastamos | Ted Unangst |
2015-10-26 | one second amnesty for timeouts so we don't spin with short timeouts | Ted Unangst |
2015-10-26 | set listening sockets to nonblocking, then handle as many incoming requests | Ted Unangst |
2015-10-17 | don't need fcntl for non blocking socket, just ask for it upfront | Ted Unangst |
2015-10-16 | save some file descriptors. instead of a pipe, use kevent to watch parent | Ted Unangst |
2015-10-16 | naddy would like the child to exit when the parent dies. | Ted Unangst |
2015-10-16 | life is simpler if all requests go in the fifo, and then just remove them | Ted Unangst |
2015-10-16 | deraadt tells me i'm supposed to check if connect() actually worked. | Ted Unangst |
2015-10-16 | two phase handling for tcp so that slow connects don't stall the process | Ted Unangst |
2015-10-16 | save request length in cache. naddy noticed we weren't getting any hits. | Ted Unangst |
2015-10-16 | fine tune the logging some more | Ted Unangst |
2015-10-16 | simplify logging functions. once a daemon, always a daemon | Ted Unangst |
2015-10-16 | safety check that we're dealing with the filter we expect | Ted Unangst |
2015-10-16 | most things should be static | Ted Unangst |
2015-10-16 | exit(1) is better for the impossible condition | Ted Unangst |