| Age | Commit message (Collapse) | Author |
|---|
|
to privsep_procid.
ok mortimer
|
|
configuration file.", but occasionally something else fit better; at the
same time, try to make the format for FILES more consistent;
original diff from clematis
|
|
manual pages that document the corresponding configuration files;
OK jmc@, and general direction discussed with many
|
|
so move our BER API to the unused ober_* prefix to avoid some
breakage in ports.
Problem diagnosed by jmatthew with ber_free() in samba, but
there are many others as pointed out by sthen.
tests & ok rob
ok sthen (who had an almost identical diff for libutil)
"go head hit it" deraadt
|
|
by ber_scanf_elements must exist.
aldap.c apparently abused the old behaviour by always trying to retrieve
the referral element, which according to RFC4511 section 4.1.9 is optional.
This diff only requests the referral element if we get a referral response.
OK rob@
|
|
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future.
|
|
snmpctl. Separate copies of ber.[ch] have existed and been maintained in sync
in ldap, ldapd, ypldap and snmpd.
This commit moves the BER API into /usr/lib/libutil. All current consumers
already link libutil. ldapd and snmpd regress passes, and release builds.
With help from tb@ and guenther@.
ok deraadt@, tb@
|
|
fixes a problem when handling large negative integers.
ok claudio@
|
|
larger types really is a range reduction...
Almost any cast to (unsigned) is a bug.
ok millert tb benno
|
|
|
|
bonus: this exposed a few missing const qualifiers.
|
|
OK claudio@
|
|
Found via snmpctl snmp walk 127.0.0.1 oid 1
OK claudio@
|
|
ok beck@ bluhm@ tb@
|
|
(and other lexers too)
This commit rectifies earlier change:
in the lex... even inside quotes, a \ followed by space or tab should
expand to space or tab, and a \ followed by newline should be ignored
(as a line continuation). compatible with the needs of hoststated
(which has the most strict quoted string requirements), and ifstated
(where one commonly does line continuations in strings).
OK deraadt@, OK millert@
|
|
"looks good" gilles@ halex@
|
|
ok claudio@
|
|
possible stack overflow due to recursion in ber_free_elements().
ok claudio@
|
|
ok claudio@
|
|
ok claudio@
|
|
This way the size is the same on all archs and 32bit should be good enough.
OK rob@
|
|
api uses read and write buffers (byte streams) that are utilized by calling
applications which may or may not use sockets.
ok claudio@
buffer byte streams that applications then use for
|
|
ok claudio@, jca@
|
|
out of memory log_warn(). i.e. ("%s", __func__) instead of manual
function names and redundant verbiage about which wrapper detected the
out of memory condition.
ok henning@
|
|
calloc or strdup), we just need to log that we ran out of memory in a
particular function.
Recommended by florian@ and deraadt@
ok benno@ henning@ tb@
|
|
After the removal of fd-based read/writes I could have trimmed the code
further.
- no socket-based reads so ber_read() doesn't need to loop until it gets
the desired amount of data
- return either the requested amount of data or -1/ECANCELED, the caller
shouldn't have to handle partial reads itself
- inline ber_readbuf() into ber_read()
ok rob@ claudio@ tb@
|
|
running out of memory.
Next step, be correct *and* consistent.
ok dennis@ tb@ benno@ schwarze@
|
|
|
|
|
|
can call ber_readbuf() in all cases. This resolves a problem previously
encountered with SNMPv3 authentication, simplifies the code, and completes a
full synchronization of all ber instances.
Proposed by claudio@. Problematic use case in snmpd tested by sthen@ and me.
ldap(s) appear happy as well.
looks good to claudio@
|
|
See usr.sbin/snmpd/ber.c revision 1.24 commit log for a summary of these
changes (e.g. SNMPv2 traps, User-based Security Model, callback for USM HMAC
calculations).
There is one final ber piece to copy from the snmpd instance related to
ber_getc() which will be done in a separate diff.
"looks good to me" deraadt@
|
|
|
|
Ok reyk@
|
|
with snmpd. More tweaks to come once things are fully synchronized.
Feedback from claudio and Robert Klein.
Ok claudio@
|
|
|
|
Ok claudio@, "looks right" gsoares@
|
|
passwords. A similar fix was applied to snmpd in 2010 (rev 1.23).
Pointers from Reyk.
Ok claudio@
|
|
This also fixes the _url functions that was previously #ifdef'ed out.
OK claudio@
|
|
use a more general text for the sections, and avoid the catchup issue
that was trying to document how many there were;
ok benno rob
|
|
Thanks to otto@ for the initial diff.
OK benno@
|
|
ok benno@
|
|
This mechanism is already unused and annotated with lots of XXX's, no
need to keep it around. ok claudio@
|
|
ok zhuk@ deraadt@
|
|
is not needed anymore.
okay jmatthew@
|
|
so just make it void.
okay jmatthew@
|
|
okay jmatthew@
|
|
|
|
Off-by-one pointed out by and diff from Kris Katterjohn katterjohn AT
gmail, thanks!
chris@ pointed out that more than httpd(8) is effected.
OK gilles@
|
|
Helps people testing new configurations. From Kurt Mosiejczuk
|
|
instead of CLEANFILES += y.tab.h
okay millert@
|
