| Commit message (Collapse) | Author | Files | Lines |
|---|
|
up front in add_flags(). This avoids unnecessary work, avoids setting
bogus variables, and reduces the risk of screwing up things when changing
the code. No functional change right now.
ok ajacoutot@
|
|
feedback and ok ajacoutot@
|
|
It's the only way to get daemon_flags in case it contains line
continuation... We only need to do that for enable package scripts.
original idea from Sebastien Marie
discussed with, input from and ok schwarze@
|
|
prefixes.
OK jmc@ henning@
|
|
don't access memory beyond. Make sure that the complete string
"/dev/null" can be copied.
OK henning@
|
|
command line switch and udp4:// or udp6:// loghost prefix.
|
|
iked. Both daemons share the same dh implementation, but this makes
it easier to test iked directly.
|
|
|
|
Add/drop missing/unused local variables.
no functionnal change
|
|
while "foobar_flags" is set to "NO"...
Reparse deamon_flags at the end of add_flags() since they may have been
modified by the function.
|
|
line switches. If the log server is an FQDN, DNS chooses wether
to take the IPv4 or IPv6 route. Allow to prefix the log host with
udp4:// or udp6:// to choose a protocol.
OK henning@
|
|
unsigned". Some checks got stricter. The (size_t) cast is only
done, if the argument is not negative.
OK henning@
|
|
|
|
|
|
ok dlg@
|
|
either iked or isakmpd should be synced to the other daemon. The
previous changes from iked include: plug two memory leaks, verify EC
points and add the Brainpool curves. All tests in
regress/sbin/isakmpd/dh passed OKAY.
ok markus@ mikeb@
|
|
previously been added to LibreSSL's libcrypto.
ok markus@ mikeb@
|
|
|
|
ok ajacoutot@.
For non-trivial automated text editing in sh(1), thou shalt use sed(1).
|
|
included in httpd.conf. httpd(8) now supports both mime.types
flavours with or without semicolon at the end of the line (nginx- or
apache-style).
Discussed with many, with input from halex@
OK halex@
|
|
to the vendor/make whitelist maintained by Intel so there's no
reason to start doing it now.
When syncing the driver to the FreeBSD codebase I have decided
to take this chunk as is but it appears that it breaks cheap
chinese SFP+ fiber optics modules that we all love. And while
there's still a lot of places where we check for the vendor
OUI, most of these checks are not necessary.
Issue reported and fix tested by Tony Sarendal. Thanks!
|
|
processing of router advertisements was already in the kernel.
With this rtsol{,d}(8) is no longer necessary.
The kernel starts sending solicitations with
# ifconfig $IF inet6 autoconf
or
inet6 autoconf
in /etc/hostname.$IF.
input stsp@
much help & OK mpi@
tweaks & OK bluhm@
|
|
|
|
ok reyk@
|
|
against the target hostname, not the proxy hostname. Issue reported by
dlg@, fix by Alex Wilson on tech@, tweaks by me.
No reply from tech@
|
|
The latter close is from a sweep of the tree looking for fdopen problems.
While reviewing the patch, gerhard@ fixed another leak.
ok gerhard@
|
|
concept ok deraadt@
diff looks ok tedu@
|
|
reworked from an original diff by schwarze@
|
|
|
|
code.
|
|
|
|
generic parts of the formatters some time ago, the PostScript- and
PDF-specific part of the formatters was neglected.
Now pascal@ reports that mandoc -Tps throws an assertion on perl(1),
apparently because that manual actually uses bold italic font.
So here is an overdue implementation of bold italic font support for
PostScript and PDF output.
|
|
|
|
|
|
In svc_is_avail(), this simplifies the code by getting rid of the loop.
When running "rcctl status", this allows to not run svc_is_special() -
which spawns a grep - for each and every service, resulting in a 20%
speedup. As a bonus, we get the special services listed at the end,
where they are easier to see than mixed in with the daemons.
ok ajacoutot@ jasper@
|
|
blacklisting auxiliary variables, and it makes the coupling
to rc.subr(8) less tight.
Feedback and OK ajacoutot@.
|
|
they come from. While here, there is no need to check the argument
of needs_root() before displaying it, it is always provided.
ok ajacoutot@ jasper@
|
|
* SIOCG80211ALLNODES operates on struct ieee80211_nodereq_all, not
struct ieee80211_nodereq.
* Six SIOC* from wi(4) were using same codes with generic parts of
IEEE 802.11 framework. Things worked due to the fact that size
of data struct being passed is encoded in actual SIOC*, too.
This commit means that ifconfig and some ports will need to be rebuilt,
if any of affected SIOC* codes is used. Port bumps to follow.
First part okay reyk@, whole diff okay mpi@
Heavy prodding to commit now from deraadt@
|
|
|
|
|
|
ok schwarze@
|
|
|
|
There is no intention to modify the string returned by strerror and
doing so is forbidden by the standard.
from Jonas 'Sortie' Termansen
ok tedu@ deraadt@
|
|
The crypto/bio/bss_dgram.c file assumes that another file indirectly
includes <stdlib.h> that includes <sys/time.h>.
from Jonas 'Sortie' Termansen
ok deraadt@ tedu@
|
|
These files currently depends on the wrapper <stdlib.h> file indirectly
including a header that provides select().
from Jonas 'Sortie' Termansen
ok deraadt@ tedu@
|
|
rather than passing in a fixed size buffer.
This is yet another example of a horribly designed API - if the given
buffer is NULL then SSL_CIPHER_description() allocates one for us (great!),
which we then need to free (no problem). However, if this allocation fails
it returns a pointer to a static string "OPENSSL_malloc Error" - obviously
bad things happen if we call free() with this pointer.
Unfortunately, there is no way of knowing that the function failed, other
than comparing the returned string against the string literal - so do that
before calling free()...
Joint work with beck@ during g2k14.
|
|
This bug was reported by Julian Hsiao.
ok concept deraadt@, miod@
mountd.8 diff is from jmc@. ok doug@
mountd.c diff is from me. ok miod@
|
|
ssl3_cipher_get_value() helper function, which returns the cipher suite
value for the given cipher.
ok miod@
|
|
ok ajacoutot@
|
|
ok schwarze@
|
schwarze
ajacoutot
bluhm
reyk
matthieu
deraadt
jsg
mikeb
florian
nicm
halex
jca
doug
brad
zhuk
sf
bcook
jsing