| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2015-10-22 | Fix some bugs in the handling of the RTM_GET and RTM_CHANGE messages | Renato Westphal | |
| found when running eigrpd(8) and ldpd(8) together. | |||
| 2015-10-22 | Revert revision 1.282: | Reyk Floeter | |
| "Allow for empty blocks for peers. While this is bad style for permant use, this is very nice to temporarily disable a peer option." This broke the grammar by introducing shift/reduce errors. OK phessler@ | |||
| 2015-10-22 | pledge "abort" left behind accidentally | Theo de Raadt | |
| 2015-10-22 | If we receive an empty route message, log it and ignore it. Happens | Peter Hessler | |
| occasionally on FreeBSD. from Melissa Jenkins OK claudio@, florian@, benno@ | |||
| 2015-10-22 | The eigrpe process also needs to pledge "cpath" for unlinking the | Renato Westphal | |
| control socket. | |||
| 2015-10-22 | delivery to maildir needs pledge fattr | Gilles Chehade | |
| from Gregor Best <gbe@unobtanium.de> | |||
| 2015-10-21 | Use SSL_CTX_set_ecdh_auto() instead of rolling our own version. | Joel Sing | |
| ok gilles@ | |||
| 2015-10-21 | Only enable SSL_VERIFY_PEER when the verify option is set on a listener. | Joel Sing | |
| Always enabling SSL_VERIFY_PEER unnecessarily increases the number of messages/bytes in the TLS handshake and increases our attack surface, since we request and then process client certificates. ok gilles@ | |||
| 2015-10-21 | Do some cleanup in syslogd ttymsg(). Add a debug message when the | Alexander Bluhm | |
| syslogd child calls fork(2) to delay blocked output. OK benno@ | |||
| 2015-10-21 | make sure ProgressMeter gets set up. Fixes some weirdness in package installs, | Marc Espie | |
| as it now must contain a proper linkback to its own state. | |||
| 2015-10-21 | Add support for route summarization. | Renato Westphal | |
| Working great but need more testing, especially with ipv6. For now we don't validate if one configured summary is inside another or the presence of duplicates. Will address these issues in a future commit. | |||
| 2015-10-21 | Minor fixes and code cleanup. | Renato Westphal | |
| 2015-10-20 | believe this will work with "stdio rpath wpath cpath inet" now that | Theo de Raadt | |
| SO_RCVBUF is permitted. It may even be possible to lose the "inet" a bit later in the code. Anyone want to test? | |||
| 2015-10-20 | After pledge "dns" has been refactored and setsockopt(SO_RCVBUF) | Alexander Bluhm | |
| has been added to it, the syslogd privsep parent does not need pledge "inet" anymore. discussed with deraadt@ | |||
| 2015-10-20 | Add an explicit check for a malformed AS segment with (segment length 0), | Stuart Henderson | |
| avoiding division by zero when deciding whether it contains 2- or 4-byte ASNs. Refactor TCHECK calls to ensure proper coverage. From Kevin Reay, ok canacar with wording tweak (I used "malformed" rather than canacar's suggested "invalid size" or Kevin's original "empty"). | |||
| 2015-10-20 | fix a use after free found by clang using an approach suggested by renato | Jonathan Gray | |
| ok renato@ | |||
| 2015-10-19 | Add pledge(2) for radiusctl(8) and radiusd(8). | YASUOKA Masahiko | |
| - radiusd: "stdio inet" - radiusd_radius: "stdio inet" - radiusd_bsdauth: - "stdio proc" for the non-priviledged process - "stdio getpw rpath proc exec" for the priviledged process - radiusctl: "stdio dns inet" "go ahead" deraadt | |||
| 2015-10-19 | Add parenthesis gcc wants and remove defined but unused label gcc | Kenneth R Westerback | |
| complains about. ok deraadt@ on parethesis | |||
| 2015-10-19 | LABELSECTOR is a DEV_BSIZE quantity. So multiply by DEV_BSIZE and not | Kenneth R Westerback | |
| d_secsize when calculating disklabel location. ok jsing@ | |||
| 2015-10-19 | Nuke unused variable. | Kenneth R Westerback | |
| 2015-10-19 | fix memory leaks in error paths | Jonathan Gray | |
| ok renato@ | |||
| 2015-10-19 | optarg and optind are declared by unistd.h | Jeremie Courreges-Anglas | |
| 2015-10-19 | Add err.h, missing after pledge() introduction. | Jeremie Courreges-Anglas | |
| 2015-10-19 | Remove a duplicated '#include <stdio.h>' line. | YASUOKA Masahiko | |
| 2015-10-19 | Fix control_imsg_forward() by changing imsg_compose() to | Reyk Floeter | |
| imsg_compose_event(). This was done by pyr@'s in relayd/control.c -r1.32 (2009/06/05, ok eric@) but somehow didn't slip into other daemons that imported control.c. | |||
| 2015-10-19 | Print control socket client fd in debug message to differentiate between | Reyk Floeter | |
| control connections. Helps to debug problems. | |||
| 2015-10-19 | Kill whitespace at eol. | Sunil Nimmagadda | |
| Ok gilles@ | |||
| 2015-10-19 | Avoid a NULL dereference when getgrnam_r() returns NULL for `result'. | YASUOKA Masahiko | |
| 2015-10-19 | Call tzset() before dropping the priviledge to use correct timezone. | YASUOKA Masahiko | |
| 2015-10-19 | Can't assert "module->fd >= 0" in radiusd_stop() since the module may | YASUOKA Masahiko | |
| be closed already when error. | |||
| 2015-10-18 | fix lmtp delivery regressions introduced in previous: | Joerg Jung | |
| - strip \r\n and add them explicitly to all DATA lines - fix DATA termination - add missing QUIT command (and check for reply) - remove free() and fclose() and use exit(3) instead of _exit(2) to handle cleanup ok sunil gilles | |||
| 2015-10-18 | Avoid integer overflow with very large files. | Tobias Stoeckmann | |
| ok millert | |||
| 2015-10-18 | Fix comments. | Robert Peichaer | |
| OK krw@ | |||
| 2015-10-18 | Add "id" pledge to syslogd privsep process. Needed for logging to pipe. | Alexander Bluhm | |
| OK deraadt@ | |||
| 2015-10-18 | Make use of pledge(2); initial diff from deraadt@ | Jeremie Courreges-Anglas | |
| As Theo says, there's probably room for stricter pledge requests, but this would involve refactoring. | |||
| 2015-10-18 | actually, it uses getaddrinfo | Theo de Raadt | |
| 2015-10-18 | Tweak previous: call fatal(), not err(3), for consistency. err.h goes away. | Jeremie Courreges-Anglas | |
| 2015-10-18 | Make sure sm_rotate_bak() is only run once. | Antoine Jacoutot | |
| 2015-10-18 | Add "dns" to the pledges. Previously these worked because of "inet", | Theo de Raadt | |
| alas "dns" is now a mandatory statement if you want to do dns! | |||
| 2015-10-18 | Use explicit_bzero() when the memory is freed directly afterward. | mmcc | |
| ok deraadt@ | |||
| 2015-10-17 | mailaddr_match() allows comparing two struct mailaddr taking into account | Gilles Chehade | |
| catchall and +-tags ok millert@ and jung@ for util.c | |||
| 2015-10-17 | makemap shout strip initial and trailing whitespaces using strip() | Gilles Chehade | |
| ok millert@, ok jung@ | |||
| 2015-10-17 | document handling of comments in makemap | Gilles Chehade | |
| ok millert@, ok sunil@, ok jung@ | |||
| 2015-10-17 | both of these are deprecated | Gilles Chehade | |
| 2015-10-17 | Convert some fgetln to getline. | Sunil Nimmagadda | |
| tested and ok gilles@ | |||
| 2015-10-17 | Cleanup and simplify LMTP code. | Sunil Nimmagadda | |
| Ok millert@ gilles@ | |||
| 2015-10-17 | LMTP delivery requires "inet unix". | Sunil Nimmagadda | |
| Ok millert@ gilles@ | |||
| 2015-10-17 | this file is deprecated | Gilles Chehade | |
| 2015-10-17 | remove unused variables | Gilles Chehade | |
| 2015-10-17 | Do no accept fds on the control socket; including the restricted socket. | Reyk Floeter | |
| OK gilles@ eric@ | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |