| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
write the challenge again. We can get asked to supply the same challenge multiple times.
bug found and patch tested by jmc@
patch discussed with, mangled and okayed by florian@
|
| |
|
|
|
|
|
|
|
|
|
| |
This uses less code and unveil(2) seems to be the better tool here.
The directory one chroots into needs to be carefully setup (they are
not) and comon wisedom is that root can break out of chroots.
There is probably nothing wrong with the chroot code because of pledge
but it still makes me feel uneasy.
input & OK on previous version mestre
OK on previous version deraadt
bug found, input & OK benno
|
| | |
|
| |
|
|
|
|
| |
Transformed with coccinelle.
Requested by and ok tb@
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
|
|
| |
a comparison between the expression and the constant or enum. This
significantly improves readability.
Transformed with coccinelle.
Requested by deraadt@
|
| |
|
|
| |
OK benno
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
start using the configuration file and delete command line arguments:
-a agreement -> agreement url ...
-c certdir -> domain certificate "path"
-f accountkey -> account key "path"
-k domainkey -> domain key "path"
-s authority -> sign with "name"
new argument:
-f configfile
the changes needed to use the new configuration are local to main.c for now.
While the configuration could be passed directly to netproc(), keyproc() etc,
the diff is smaller this way.
This also removes the multidir (-m) mode for now - specify different paths in
each domain {} block instead.
ok florian
|
| |
|
|
|
| |
than this.
ok florian
|
| |
|
|
|
| |
rather than doing it right afterwards.
ok florian
|
| | |
|
| | |
|
| |
|
|
|
| |
pledge directly as needed.
ok florian
|
| | |
|
|
|
OK to get it in deraadt@ (and probably beck@)
At least deraadt@, beck@ and otto@ are fine with the name and the
disagreements stopped.
|
benno
florian
naddy
jsing
deraadt