| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
ok deraadt@
|
| | |
|
| |
|
|
| |
ok markus@
|
| |
|
|
|
|
|
| |
sockets cause no harm and this way we close another attack surface by not
allowing the daemon to create/delete any more files.
OK kn@
|
| |
|
|
|
|
|
|
| |
This replaces log_verbose() and "extern int verbose" with the two functions
log_setverbose() and log_getverbose().
Pointed out by benno@
OK krw@ eric@ gilles@ (OK gilles@ for the snmpd bits as well)
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
with the SOCK_NONBLOCK flag to socket() and accept4().
OK claudio@ jung@
|
| |
|
|
|
|
|
| |
include the process name, and replace all calls of fatal*(NULL) with
fatal(__func__) for better debugging.
OK benno@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
operations. This adds pledge(2) too all processes, including the iked
parent process; the existing privsep design has been improved for
better pledgeability. There haven't been any serious problems as it
was already sane (eg. by receiving the PFKEYv2 and UDP sockets via fd
passing). The control socket moved to an independent process to
remove some abilities from the cert process.
Committed in agreement with many but nobody was brave enough to OK it.
Better testing will happen with having it in the tree.
"It's the truth" deraadt@
"Let's see what happens" benno@
|
| |
|
|
| |
OK mikeb@
|
| |
|
|
|
|
|
|
|
| |
possible. Annotate <sys/param.h> lines with their current reasons. Switch
to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change
MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where
sensible to avoid pulling in the pollution. These are the files confirmed
through binary verification.
ok guenther, millert, doug (helped with the verification protocol)
|
| | |
|
| |
|
|
| |
ok millert@
|
| |
|
|
|
|
| |
now instead of terminating the process.
ok mikeb@
|
| |
|
|
|
|
|
| |
Please note that proc.c should be kept identical in relayd, iked and
snmpd (currently without the includes).
ok benno@
|
| |
|
|
| |
ok reyk@
|
| |
|
|
| |
ok reyk@
|
| |
|
|
|
|
|
| |
we don't need the horrible debug hack anymore that disabled privdrop
and chroot to get core dumps of privsep processes. No functional
change for the normal binary, only if it is compiled with the
non-default -DDEBUG option.
|
| |
|
|
|
|
| |
Less differences, less code to audit.
ok mikeb@
|
| |
|
|
| |
ok beck reyk
|
| |
|
|
|
|
|
|
| |
arc4random_buf(seed, sizeof(seed));
RAND_seed(seed, sizeof(seed));
+ explicit_bzero(seed, sizeof(seed));
ok reyk@
|
| |
|
|
| |
ok krw, florian, henning
|
| | |
|
| | |
|
| |
|
|
| |
to 2013 while I'm here... this is my way of saying "happy new year!".
|
| | |
|
| |
|
|
|
| |
proc.c. this is the first sync to what i did for relayd but does not include
the multi-instance handling - so no functional change.
|
| | |
|
| |
|
|
| |
This removes iked-specific stuff from proc.c.
|
| | |
|
| |
|
|
|
|
| |
NULL before dereferencing. fixes an annoying crash.
ok reyk
|
|
|
iked(8) is an automatic keying daemon for IPsec, like isakmpd(8), that
IPsec creates flows and SAs automatically. Unlike isakmpd, iked(8)
implements the newer IKEv2 protocol instead of IKEv1/ISAKMP. The
daemon is still work-in-progress and not enabled in the builds, but is
already able to establish IKEv2 sessions with some other IKEv2
implementations as a responder.
with lots of help and debugging by jsg@
ok deraadt@
|
mortimer
tobhe
mestre
reyk
claudio
deraadt
millert
lteo
blambert
jsg
tedu
benno
mikeb