src - OpenBSD base system

Age	Commit message (Collapse)	Author
2004-09-10	mention that the used cipher is Blowfish, from Jonathan Gray, ok tedu@	Pedro Martelletto

2004-09-10	expand @@ServerRoot@@ variable	David Krause

2004-09-09	correctly track peer count. fixes a memory corruption.	Henning Brauer
	exactly the same bug as in ntpd, but caused completely different... strange issues seen by arvid goetting who helped a lot in debugging, bug found after an ntpd issue showed up and I saw the relation. hunting with & ok claudio, otto, millert, ok deraadt
2004-09-09	correctly track peer count. fixes a memory corruption.	Henning Brauer
	with & ok otto millert claudio, ok deraadt canacar
2004-09-09	Add missing section heading "DESCRIPTION".	Tom Cosgrove
	ok jmc@ millert@ deraadt@
2004-09-09	Avoid following a NULL pointer if a hostname lookup fails and	Todd C. Miller
	remove an extraneous "exiting" when there is a config file error. OK henning@ and mcbride@
2004-09-08	security fix:	Henning Brauer
	Apache's mod_rewrite module can be made to write one zero byte in an arbitrary memory position outside of a char array, causing DoS or possibly buffer overflows. The function lookup_map_dbmfile() in modules/mappers/mod_rewrite.c copies data from a DBM file to the char array buf in a _secure_ manner, but it zero-terminates the array afterwards in an _insecure_ manner. If the key that is looked up has an n bytes long value, a zero byte will be written in the memory position n bytes from the start of the char array buf. exploiting would require enabling dbm for mod_rewrite and getting it to use a malicious dbm file. reported by Ulf.Harnhammar.9485@student.uu.se fix by me ok otto, deraadt
2004-09-07	ignore ntp_sendmsg()s return value in server_dispatch. could result in	Henning Brauer
	ntpd exiting on sendmsg() failures, which is not desired.
2004-09-06	Reset signal mask in the rate limiting case; check for interrupted	Otto Moerbeek
	waits. Fixes zombies getting reaped late and other ignored signals. Reported by mpech@; fix by millert@ with help from me. Commit requested by deraadt@. ok mpech@
2004-09-03	sleep instead of busy waiting on ENOBUFS. reduces cpu time.	Ted Unangst
	pr3900. ok canacar@ deraadt@ matthieu@ millert@
2004-08-30	don't forget to set *hn... theo ok	Henning Brauer

2004-08-30	skip early DNS lookups -- they are deferred to later; ok otto ho henning	Theo de Raadt

2004-08-30	ENOBUFS, EHOSTUNREACH, ENETDOWN and EHOSTDOWN are bad reasons to log; ok ↵	Theo de Raadt
	otto henning
2004-08-27	make sure pkg_create keeps track of cwd.	Marc Espie
	okay naddy, pvalchev, millert.
2004-08-26	updates for openssl verify;	Jason McIntyre

2004-08-25	typos from -f (PR #3908);	Jason McIntyre

2004-08-25	typos from -f (PR #3907);	Jason McIntyre

2004-08-24	Add missing config statements -- route-reflector and enforce neighbor-as.	Claudio Jeker
	Now printconf is in sync with the man page. OK henning@
2004-08-24	don't do the pftable_exists() check if we are running -n, needs root	Henning Brauer

2004-08-24	correctly inherit conf->opts from xconf->opts in parse_config(),	Henning Brauer
	foudn by claudio
2004-08-24	don't fatal() if getaddrinfo() returns EAI_NONAME	Henning Brauer

2004-08-24	back out rev. 1.136. I commited that unintentionally and it does not work	Claudio Jeker
	without other nastier changes in parse.y.
2004-08-24	missing space in log message.	Claudio Jeker

2004-08-24	Forgot to update printconf.c once again. foobar-AS is now foobar-as.	Claudio Jeker

2004-08-24	use session_socket_blockmode() instead of hand-rolling roughly the same	Henning Brauer
	claudio ok
2004-08-24	- describe which interfaces respect local-mac-address?; this is based	Jason McIntyre
	somewhat on a similar diff from netbsd (-r 1.4); - OpenProm -> OpenPROM - .Sh WARNINGS -> .Sh CAVEATS - put FILES in the right place, and make the list -compact much of this content is from miod@, and ok him too;
2004-08-23	update bootp example "filename" location to reflect tftp default of	Peter Valchev
	chrooting to /tftpboot (thus "filename foo" searches there); ok henning
2004-08-20	document "neighbor 1.2.3.4 clear"	Henning Brauer

2004-08-20	add support for "bgpctl neighbor 1.2.3.4 clear", takes session down & up again	Henning Brauer
	claudio ok
2004-08-20	add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it,	Henning Brauer
	claudio ok
2004-08-20	merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code,	Henning Brauer
	claudio ok
2004-08-20	Grrr. copy paste error. Dump MED and not local-pref. OK henning@	Claudio Jeker

2004-08-20	foobar-AS -> foobar-as as already done in some places. mIXeD cASe keywords	Claudio Jeker
	are not fluffy. OK henning@
2004-08-19	document use of "isakmpd -Ka" with bgpd.	Hans-Joerg Hoexer
	ok (and help) henning@ jmc@ jaredy@
2004-08-19	better diagnostics	Henning Brauer

2004-08-19	logic error: when there's changes affecting nexthop reachability,	Henning Brauer
	always notify the RDE and not only if the nexthop was previously unreachable, i.e. its validity changed. found the hard way by Arvid Grtting <arvidg@netfonds.no>, claudio ok
2004-08-17	Merge set constructs in neighbor statements. This fixes a common problem:	Claudio Jeker
	previous sets were cleared by the last one. OK henning@
2004-08-17	when sending a file descriptor, close it on the receiving side in	Henning Brauer
	buf_dequeue() instead of in msgbuf_write(). as sendmsg() might return without having written all data (we're on nonblocking sockets), we might have closed the fd before it actually got send. tracked down after (completely independent, didn't even look related at all) bug reports from Shaun O'Neil <shaun@dma.nl> and Arvid Grtting <arvidg@netfonds.no>, claudio ok
2004-08-17	Always update prefix timestamp even if nothing has changed. Without this	Claudio Jeker
	networks disappear after reload. OK henning@
2004-08-16	sync synopsis with usage	Jared Yanovich
	found by jmc
2004-08-16	Be more careful setting next and deadline, they should not both be != 0	Otto Moerbeek
	at the same time. ok henning@
2004-08-15	-p and -q are no more	Jared Yanovich
	ok deraadt
2004-08-15	document the use of "authpf/*" as anchor name for pf to process	Can Erkin Acar
	sub rulesets added by authpf. ok dhartmei@, oh yes! henning@
2004-08-13	Fix minor issues with IPv6 dumps and add a function for dumping the RIB table	Claudio Jeker
	protocol independent. This new dump format is not (yet) supported by the mrtd route_btoa tool. OK henning@
2004-08-13	Reset deadline on failed transmit. Avoids a spinning process if	Otto Moerbeek
	all sends fail. ok henning@
2004-08-13	extra check for no message case; ok markus, deraadt, hshoexer, henning	Damien Miller

2004-08-12	add missing $	Brad Smith
	ok espie@
2004-08-12	do not try to getaddrinfo() in the unprivileged process, send an imsg	Henning Brauer
	asking the privileged one to do it. sends back an imsg with the resulting addresses in a bunch of struct sockaddr_storage in the data part. this should fix all remaining issues with dns (non-)availability at ntpd startup, be it due to named on localhost or something else. tested by marco@ and Chris Paul <chris.paul@sentinare.com>
2004-08-12	ditch File::Copy so that buffering is consistent.	Marc Espie
	Problem noticed by niklas@. okay and function name suggestion by markus@
2004-08-12	Just ignore RFC2545 and the silly idea of using link local addresses as	Claudio Jeker
	nexthop. This makes the code a lot simpler. OK henning@