src - OpenBSD base system

Age	Commit message (Collapse)	Author
2004-05-17	extend filter language to allow basic setting of COMMUNITIES attribute.	Damien Miller
	ok claudio@
2004-05-16	Use arc4random(3) to compute random numbers, instead of using rand()	Otto Moerbeek
	to produce a double, snprintf()ing that into a buffer and then converting the string to an int with atoi(). ok millert@ henning@
2004-05-16	Use arc4random(3) instead of rand(3) to compute random numbers.	Otto Moerbeek
	ok millert@ henning@
2004-05-15	Workaround to work with the new multipath support. Do a RTM_GET first to	Claudio Jeker
	decide if a RTM_ADD or a RTM_CHANGE needs to be done when adding new routes. tested and OK henning@
2004-05-15	Naming consistency. From Alexander Guy. ok canacar@	Otto Moerbeek

2004-05-14	Fix pppoe server mode. pppoe no longer chroots in server mode.	Can Erkin Acar
	the command 'allow users _ppp' must be added to the relevant section in ppp.conf. Found, tested and help claudio@ put that pppoe in deraadt@
2004-05-13	as the authpf manpage describes, the connecting user's shell can be	Henning Brauer
	overloaded via login.conf. When verifying that the user's login shell is indeed authpf it is not sufficient to look at (struct passwd)->pw_shell, we also have to use login_getclass etc to check wether the shell gets overloaded. ok millert@ beck@
2004-05-13	Pasto, change a cast from uid_t to gid_t (no real change...)	Todd C. Miller

2004-05-13	Set close on exec flag for cron's socket. Jarno Huuskonen	Todd C. Miller

2004-05-13	If we get EAGAIN reading from the cron socket check both cron and	Todd C. Miller
	at databases for jobs to run. Jarno Huuskonen.
2004-05-13	Unswap the vhid and advskew values.	Ryan Thomas McBride

2004-05-12	tzset	Henning Brauer

2004-05-12	tzset	Henning Brauer

2004-05-12	like always I missed tzset(); Ben Lovett <ben@tilderoot.com>	Henning Brauer

2004-05-11	knf	Theo de Raadt

2004-05-10	write filter and lock bpf descriptor before dropping privileges,	Can Erkin Acar
	with help from otto@, tested by mickey@ and jolan@, ok deraadt@
2004-05-10	Check return value of fclose() calls after writing.	Otto Moerbeek
	ok deraadt@ tdeval@
2004-05-10	Do not always print banner page.	Otto Moerbeek
	ok henning@ millert@
2004-05-10	Make the accept socket non-blocking. Should not matter since we	Todd C. Miller
	use select anyway but seems like a good idea since we really don't want cron to block...
2004-05-10	when adding a new group to /etc/groups, place it just before the first	Theo de Raadt
	+ entry. assistance from tdeval and otto. this is the first half of pr 3727, brendan@cs.uchicago.edu
2004-05-09	pretty	Theo de Raadt

2004-05-08	off by one in key too long detection	Henning Brauer

2004-05-08	fix redefinition detection with manual keyes ipsec	Henning Brauer

2004-05-08	with manual keyed ipsec, we need keys and spis for both directions -	Henning Brauer
	enforce that
2004-05-08	Filter bpf writes and lock descriptor. tested by hshoexer@	Can Erkin Acar
	ok henning@ deraadt@
2004-05-08	as bloody attempt to document neighbor cloning	Henning Brauer

2004-05-08	lots of munging about; canacar ok, tested by pb, looked at by various others	Theo de Raadt

2004-05-08	a bloody attempt at documenting the ipsec fluff.	Henning Brauer
	this needs to be fleshed out and polished, but at least it is somewhat documented now...
2004-05-08	KNF	Henning Brauer

2004-05-08	break out the consistency checking for neighbors in its own function,	Henning Brauer
	and verify that peers with ipsec have local-address specified (needed to set up the flows...)
2004-05-08	do not omit the IPv6 listening address	Henning Brauer

2004-05-08	provide log_sockaddr, which uses getnameinfo(), and use it in	Henning Brauer
	log_conn_attempt
2004-05-08	allow for neighbor statements without { parameters } block; everything	Henning Brauer
	can be inherited from the group
2004-05-08	add support for ipsec ah with manual keys, pfkey part already does so, and	Henning Brauer
	flesh parser out a bit. also add support for printing ipsec ah with manual keys in printconf
2004-05-08	factor out the string -> key conversion code used for md5sig and twice for ipsec	Henning Brauer

2004-05-08	remove unused argument to control_dispatch_msg(), lint	Henning Brauer

2004-05-08	remove hostname lookup stuff, done at parse time now, ok theo	Henning Brauer

2004-05-08	resolve hostnames at parse time, solves PR3771, ok theo	Henning Brauer

2004-05-08	implement and use prefixlen2mask() instead of doing it by hand 3 times	Henning Brauer

2004-05-08	Pass the length of what was captured to pfsync_print, not the length	Ryan Thomas McBride
	of the original packet. ok beck@
2004-05-07	This makes afsd drop priviledge to user _afs inside a chroot (the	Bob Beck
	cache directory). This is privledge dropping, not full privsep.
2004-05-07	Fix some sizeof(ptr) bugs based on diffs from aaron@.	Todd C. Miller
	Note that this is not code that actually gets compiled.
2004-05-07	add a filter option to dump prefixes learned in UPDATEs into a PF table,	Damien Miller
	intended for building realtime BGP blacklists (e.g. with spamd); ok claudio & henning
2004-05-06	spacing	Theo de Raadt

2004-05-06	knf and other cleanups	Theo de Raadt

2004-05-06	pppoe now drops privileges to user _ppp and chroots after setting	Can Erkin Acar
	write filters and locking its bpf descriptor. ok deraadt@
2004-05-06	debug.c not used	Theo de Raadt

2004-05-06	actually reset p->auth_established to 0 in pfkey_[md5sig\|ipsec]_remove	Henning Brauer

2004-05-06	we need a seperate field for the md5 key len, can't use strlen, noticed	Henning Brauer
	by markus some time ago
2004-05-06	oups, spaces	Henning Brauer