summaryrefslogtreecommitdiff
path: root/usr.sbin
AgeCommit message (Collapse)Author
2002-12-12until someone complains, let only root playTheo de Raadt
2002-12-12can now get _ttylist via sysctl; millert okTheo de Raadt
2002-12-11fix buffer overflow in the FIX_PRECISION macroHenning Brauer
not exploiteable; would need more programming errors to cause harm from jim@apache
2002-12-11handle snprintf < 0Theo de Raadt
2002-12-11typos in comments; David KrauseHenning Brauer
2002-12-10Add 2 missing pw_abort() calls when pw_mkdb() fails and remove theTodd C. Miller
void cast from pw_abort() since it is already void. From NetBSD via Brian Poole.
2002-12-10-O1 on alpha for nowHenning Brauer
ok theo
2002-12-09Use strlcpy rather than unsafe string functions, especially in unreadable code.Miod Vallat
Spotted by deraadt@
2002-12-09knfTheo de Raadt
2002-12-09KNFTheo de Raadt
2002-12-09KNFTheo de Raadt
2002-12-09From Andrushock, s/sucess/success/gTodd C. Miller
2002-12-08GNU semantics say that if optstring begins with '-' thenTodd C. Miller
each non-option shall be treated as arguments to option '\1'. BSD getopt match '-' in optstring with a '-' on the command line. This is used to support deprecated options like "su -" that would otherwise prevent the use of getopt(). Resolving this simply requires that the leading '-' be moved somewhere else (I moved it to the end of optstring) since position within optstring is not meaningful.
2002-12-08Avoid setting optind to 0; drahn@ OKTodd C. Miller
2002-12-07typo, henning okAnil Madhavapeddy
2002-12-06unkown; torh@bogus.netTheo de Raadt
2002-12-06Introduce anchors and named rule sets, allowing to load additional ruleDaniel Hartmeier
sets with pfctl and evaluate them from the main rule set using a new type of rule (which will support conditional evaluation soon). Makes maintenance of sub-rulesets simpler for pfctl and daemons. Idea and ok deraadt@
2002-12-05typo in error message; Tor HoughtonHenning Brauer
2002-12-04typo; torh@bogus.netTheo de Raadt
2002-12-04catch up to -v -v change in pfctl(8)Theo de Raadt
2002-12-03print the interface related to the arp entry; several ppl ok.Federico G. Schwindt
2002-12-03Compile wsmoused on alpha, as it can be used on vga displays.Miod Vallat
2002-12-01KNFHenning Brauer
2002-12-01Match pf_ioctl.c cleanup; if we're doing a DIOCCHANGE* operation which usesRyan Thomas McBride
old*, we need to call DIOCBEGINADDRS twice: once for the old rule/rdr/nat, and once for the new one. ok dhartmei@ henning@
2002-12-01Grammar nitpicking.margarida
Closes PR 3005. fgsch@ ok
2002-12-01Add ndc(8).margarida
Closes PR 3004. fgsch@ ok
2002-11-30be better about the STT_NOTYPE symbols, not all become N_UNDEF this way; ↵Michael Shalayeff
pefo@ ok
2002-11-30pfsync support; deraadt@ okMichael Shalayeff
2002-11-30stop breaking the damn tree mickeyTheo de Raadt
2002-11-29tcpdump support for pfsync; henning@ okMichael Shalayeff
2002-11-28Check for invalid ICMP6 option length, ok itojun@Daniel Hartmeier
2002-11-25"successful" spelling fixes in comments & documentationPeter Valchev
2002-11-23bye byeTheo de Raadt
2002-11-23Correct href, from Francesco Toscan <francesco@toscan.biz>margarida
henning@
2002-11-23don't try to do ioctl with PF_OPT_NOACTIONRyan Thomas McBride
does not impact fuction of authpf, but make it consistent with the rest of the add_* family ok dhartmei@
2002-11-23add code to load lists of redirection addresses for nat/rdr/route-to/etc.Ryan Thomas McBride
2002-11-22Disallow non-interactive sessions, to avoid problem of users scp'ingBob Beck
to authpf gateway - noticed by Devan Reade <gdr@gno.org>, ok henning
2002-11-22fix fd handling, so 'make build >log 2>fixme' really worksPhilipp Buehler
henning@ ok
2002-11-22honor COPTS; ok henning@Christian Weisgerber
2002-11-22Add some .Xr's that have been sitting in my treeTodd C. Miller
2002-11-21Rename shadow group to _shadowTodd C. Miller
This means the instructions in the previous commit are now wrong (replace shadow with _shadow and all will be well).
2002-11-21Add a "shadow" group and make the shadow passwd db readable by thatTodd C. Miller
group. This changes getpw* to always try the shadow db first and then fall back to the db w/o password hashes. In the future, /usr/libexec/auth/login_passwd (and others) will be setgid shadow instead of setuid root. OK deraadt@ If you track -current you should do the following: o add group shadow to /etc/group o chgrp shadow /etc/spwd.db o chmod 640 /etc/spwd.db o rebuild and install src/usr.sbin/pwd_mkdb You do not need to rebuild libc yet, but it would't hurt to do so.
2002-11-21third person; margaridaTheo de Raadt
2002-11-21crap in getopt; margaridaTheo de Raadt
2002-11-21Add -n option to print message source addresses numerically rather thanChad Loder
symbolically. This saves address->name lookups, which is nice on log servers without a DNS cache. millert@, jakob@ ok
2002-11-19be more preciseTheo de Raadt
2002-11-19hacks to make the tree build; henning gets a carrot up the nose next time i ↵Theo de Raadt
meet him
2002-11-18fix typos; Jon BernardTodd C. Miller
2002-11-18kill unused #define which was a workaround with old OpenSSL versionsHenning Brauer
from David Krause, Thanks!
2002-11-18kill duplicate int retry; from David Krause, Thanks!Henning Brauer