summaryrefslogtreecommitdiff
path: root/usr.sbin
AgeCommit message (Collapse)Author
2014-11-29The startup script is /etc/rc.d/nsdTodd C. Miller
OpenBSD doesn't need a /dev/log socket in the chroot for syslog to work. OK deraadt@ miod@ sthen@
2014-11-27default for interactive should match non-interactive.Marc Espie
Pointed out by krw@
2014-11-27Fix typos in comments.Tobias Stoeckmann
ok jmc, yasuoka
2014-11-26Prefer setvbuf() to setlinebuf() for portability; ok deraadt@Todd C. Miller
2014-11-26Drop sysmerge.log ; it used to be handy for batch mode but now theAntoine Jacoutot
console output is clear and clean in that mode. Since /var/tmp is now a symlink to /tmp: - directly use /tmp - if modifications were done; at the end of the run: - display our backup directory (in case we want to move it to survive a reboot) - display where and what files are still left for comparison discussed with and ok sthen@
2014-11-25evbuffer_read and evbuffer_write are wrappers around read and write,David Gwynne
so you have to check their return values in the same way and handle errors the same way. returning 0 from evbuffer_read means the other end of the socket has gone away. we should try again on both evbuffer_read and evbuffer_write if we get EAGAIN or EINTR. ok millert@ bluhm@
2014-11-25minor clean-up: the stuff not to display is tied to the set, so make theMarc Espie
current_set more explicit in the PkgAdd algorithm... and clean it up when we clean the set. Put the "tieing files" stuff into its own function so that the add code looks a bit less like a spaghetti monster
2014-11-25use correct divisor when converting microseconds to 100ths of a secondBret Lambert
found by yasuoka@
2014-11-24remove a surplus break statementJonathan Gray
2014-11-23some third-party applications generate malformed headers which we can stillGilles Chehade
parse correctly, do not reject message as malformed in this case
2014-11-23TargetPortalGroupTag is a binary 16-bit value so 0 is allowed.Claudio Jeker
Still not perfect since binary values can also be base64 encoded but one step closer.
2014-11-23Change the error handling a bit to ensure we do not double free the taskClaudio Jeker
by calling conn_task_cleanup() twice (once direct and once via conn_fail()). The error handling needs some more work but at least this fixes the crash found by jasper@
2014-11-23Clear the work in progress PDU before calling the task handler.Claudio Jeker
This ensures that we don't have multiple pointers pointing to the same PDU.
2014-11-23<sys/buf.h> isn't actually needed herePhilip Guenther
ok tedu@
2014-11-22oops, left an old line...Theo de Raadt
2014-11-22/dev/random has created the same effect as /dev/arandom (and /dev/urandom)Theo de Raadt
for quite some time. Mop up the last few, by using /dev/random where we actually want it, or not even mentioning arandom where it is irrelevant.
2014-11-22use size_t where appropriate. ok deraadt reykTed Unangst
2014-11-21white space begoneTheo de Raadt
2014-11-21a long time ago, DISPLAY and UNDISPLAY required special treatment, as theyMarc Espie
were displayed "on the fly". But prepare+log means the display happens later in any case, so they can be done as part of regular plist. Also, mark known manpage dirs for even more verbiage reduction...
2014-11-20big trim-down of MESSAGE/UNMESSAGE: just match checksums between new packagesMarc Espie
and old packages. Rationale being you don't need to display UNMESSAGE if the new package has the exact same one. And likewise, you don't need to display MESSAGE if the old package had the exact same one.
2014-11-20Yet more #include de-duplication.Kenneth R Westerback
ok deraadt@ tedu@
2014-11-20avoid some warning message, normal dirs don't have any log info registeredMarc Espie
2014-11-20theo's right. use random_name for truely random stuff.Marc Espie
rename variable and index accordingly.
2014-11-20Don't allow embedded nul characters in strings.Jonathan Gray
Fixes a pfctl crash with an anchor name containing an embedded nul found with the afl fuzzer. pfctl parse.y patch from and ok deraadt@
2014-11-20clean up some files generated during the build.Brad Smith
noticed by deraadt@
2014-11-20using ${SHELL} is nicer, ok bradTheo de Raadt
2014-11-20run the install script with sh. Come on upstream -- allow us to buildTheo de Raadt
your software on noexec filesystems...
2014-11-20better length handling. Fixes a crash found with the afl fuzzer.Jonathan Gray
slightly tweaked version of an earlier diff ok'd by djm@ and miod@
2014-11-20sanity check the length of the packet in the pcap headerJonathan Gray
fixes a crash found by the afl fuzzer ok djm@ miod@
2014-11-20Make ip6_print() take an unsigned length matchingJonathan Gray
ip_print() and others. Allows code deciding on a minimum length to memmove() to work as intended, preventing various crashes found with the afl fuzzer. Callers of ip6_print() should of course be fixed to provide sane lengths as well. ok deraadt@ djm@
2014-11-20remove nt and lanman functions which aren't used. ok reyk yasuokaTed Unangst
2014-11-20Merge in some commits from upstream..Brad Smith
- Removed 'increased limit open files' log message that is written to console. It is only written on verbosity 4 and higher. This keeps system bootup console cleaner. - Fix #627: SSL_CTX_load_verify_locations return code not properly checked. - Fix that CD flag disables DNS64 processing, returning the DNSSEC signed AAAA denial. - Fix cdflag dns64 processing. ok sthen@
2014-11-20merge conflictsBrad Smith
2014-11-20update to Unbound 1.5.0, ok sthen@Brad Smith
2012-03-26Import Unbound 1.4.16 to work on in-tree (not yet linked to the build).Stuart Henderson
These are the direct sources from NLnet Labs upstream, minus these: compat contrib libunbound/python pythonmod testcode testdata winrc ok deraadt@ jakob@
2014-11-19reduce redundant strlen calls by calling it once and saving the valueTed Unangst
2014-11-19delete the KERN_VNODE sysctl. it fails to provide any isolation from theTed Unangst
kernel struct vnode defintion, and the only consumer (pstat) still needs kvm to read much of the required information. no great loss to always use kvm until there's a better replacement interface. ok deraadt millert uebayasi
2014-11-19move to stravis so doug@ will stop laughing at my misuse of strnvis.David Gwynne
ok doug@ millert@
2014-11-19file overlooked in previous snmpd commitBret Lambert
2014-11-19Support exporting relayd statistics via AgentX/snmpdBret Lambert
This should be equivalent to the statistics available via the various relaydctl show commands okay benno@ reyk@
2014-11-19add support for AgentX subagents in snmpdBret Lambert
snmp requests are now packaged into pseudo-continuations to allow for being dispatched to seperate processes; lightly tested for interoperability with NetSNMP, but doesn't implement the complete set of AgentX messages while here, clean up return types of mps_get* functions, and make smi_insert refuse to insert duplicate OIDs okay benno@ reyk@
2014-11-19two obvious markup fixes; from frankgroeneveld dot nlIngo Schwarze
2014-11-18Nuke more obvious #include duplications.Kenneth R Westerback
ok deraadt@ millert@ tedu@
2013-11-26import NSD 4.0.0, tests from Dorian Büttner, Patrik Lundin, requested by ↵Stuart Henderson
brad@
2014-11-17CAVEATS was removed (no more INSTALL/DEINSTALL scripts, so it's OK forStuart Henderson
PKG_TMPDIR to be on a fs mounted with noexec); remove a reference to CAVEATS from the section talking about PKG_TMPDIR. ok espie@
2014-11-17Always free "ps" after usage.Tobias Stoeckmann
ok stsp
2014-11-17show super speed status in verbose outputJonathan Gray
2014-11-16use sa_family instead of hard coded inet. from Yury KonovalovTed Unangst
2014-11-16Convert the logic in yyerror(). Instead of creating a temporaryAlexander Bluhm
format string, create a temporary message. OK doug@
2014-11-16Convert the logic in the error function of the ldap schema parser.Alexander Bluhm
Instead of creating a temporary format string, create a temporary message. OK doug@