| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Remove duplicate prototype. |   bluhm | 2021-03-18 | 1 | -2/+1 |
| * | Typo in log message |   otto | 2020-02-20 | 1 | -2/+2 |
| * | If constraints are configured but do not work for whatever reason ntpd | otto | 2020-02-12 | 1 | -3/+13 |
| * | 1) Re-resolve and re-get constraints once the clock is synced. Constraints | otto | 2019-07-16 | 1 | -4/+30 |
| * | When system calls indicate an error they return -1, not some arbitrary |   deraadt | 2019-06-28 | 1 | -3/+3 |
| * | Be more aggressive retrying dns while in settime mode. The constraint | otto | 2019-06-16 | 1 | -2/+4 |
| * | Introducing autmatic settime mode: if some preconditions are met | otto | 2019-06-09 | 1 | -3/+6 |
| * | Use proper algorithm for median computation; use fabs() for computing | otto | 2019-05-30 | 1 | -13/+15 |
| * | A step in solving the bootstrap problem in a dnssec environement. | otto | 2019-05-28 | 1 | -2/+5 |
| * | Improve logging for TLS certificate validity checking. |   jsing | 2019-01-21 | 1 | -7/+34 |
| * | Explicitly check timegm() return value. | jsing | 2019-01-21 | 1 | -2/+3 |
| * | Perform manual validity checking of the X.509 certificate for constraints. | jsing | 2019-01-21 | 1 | -1/+22 |
| * | Don't use *a - *b as compare idiom, it does not work as expected for | otto | 2019-01-20 | 1 | -2/+4 |
| * | update for libtls default cert changes. |   tedu | 2018-11-29 | 1 | -2/+2 |
| * | Use TLS_CA_CERT_FILE instead of a separate define. | jsing | 2018-11-06 | 1 | -2/+2 |
| * | Be stricter with TLS configuration for ntpd constraints. | jsing | 2018-11-05 | 1 | -8/+2 |
| * | Use the stack to hold the constraint child process variables instead of |   rzalamena | 2016-12-05 | 1 | -22/+18 |
| * | Check for EAGAIN on imsg_flush() return otherwise we might be failing | rzalamena | 2016-10-18 | 1 | -5/+11 |
| * | Save the constraint process pid by getting the start_child() return value, | rzalamena | 2016-10-18 | 1 | -2/+2 |
| * | Teach ntpd(8) constraint process to use exec*() instead of just forking, | rzalamena | 2016-09-26 | 1 | -37/+76 |
| * | Add clarifications ("comments") to three places where it wasn't |   reyk | 2016-09-14 | 1 | -2/+19 |
| * | Adjust existing tls_config_set_cipher() callers for TLS cipher group | jsing | 2016-07-13 | 1 | -2/+2 |
| * | ntpd is too aggressive about retrying constraint connections. This | deraadt | 2016-06-01 | 1 | -2/+2 |
| * | Harden TLS for ntpd constraints - stop disabling server name verification, | jsing | 2016-05-21 | 1 | -11/+13 |
| * | Unconfuse things by renaming variables to match their contents. | jsing | 2016-05-06 | 1 | -20/+20 |
| * | According to RFC7231, section 7.1.1.1, the HTTP date header supports |   naddy | 2016-03-05 | 1 | -2/+2 |
| * | Don't attempt to kill() the constraint in the wrong process. The | reyk | 2016-01-27 | 1 | -6/+30 |
| * | Switch and sync to the log.c variant from httpd/relayd/iked/snmpd/vmd. | reyk | 2015-12-19 | 1 | -2/+3 |
| * | EAGAIN handling for imsg_read. OK henning@ benno@ |   claudio | 2015-12-05 | 1 | -2/+3 |
| * | Cache values from getpwnam() done at initialization, which need to be | deraadt | 2015-11-24 | 1 | -14/+11 |
| * | Simplify all instances of get_string() and get_data() using malloc() and |   mmcc | 2015-11-19 | 1 | -7/+2 |
| * | fix memory leak; from David CARLIER | deraadt | 2015-11-17 | 1 | -1/+2 |
| * | Move execution of the constraints from the ntp to the parent process. | reyk | 2015-10-12 | 1 | -123/+328 |
| * | Once the constraint engine process is running, it only needs | deraadt | 2015-10-09 | 1 | -1/+5 |
| * | fix type and return check for tls_read/write. |   beck | 2015-09-10 | 1 | -4/+4 |
| * | fix after libtls api changes | beck | 2015-09-10 | 1 | -8/+8 |
| * | Fix memory leak in error path when max length exceeded. |   millert | 2015-09-09 | 1 | -1/+2 |
| * | Handle short writes and TLS_{READ,WRITE}_AGAIN around tls_write(). | bluhm | 2015-07-18 | 1 | -7/+15 |
| * | prevent the tls constraint state machine from getting hung on STATE_INVALID |   bcook | 2015-07-18 | 1 | -3/+3 |
| * | detect crashes from constraint sub-processes, instead of ignoring them. | deraadt | 2015-05-28 | 1 | -4/+8 |
| * | No need to call tzset() and log_init() in the forked constraint | reyk | 2015-05-21 | 1 | -4/+1 |
| * | Currently, after 4 failed constraint checks, we suspect the constraint | reyk | 2015-05-18 | 1 | -2/+4 |
| * | When resolving the "constraint" (singular), store all returned IP | reyk | 2015-05-17 | 1 | -24/+35 |
| * | fix a memory leak if tls_read() fails. ok henning@ |   jsg | 2015-04-21 | 1 | -1/+2 |
| * | remove unused 'cause' string when checking child status | bcook | 2015-03-14 | 1 | -10/+3 |
| * | Rename tls_config_insecure_noverifyhost() to | jsing | 2015-02-22 | 1 | -2/+2 |
| * | Set the TLS ciphers to "compat" mode, restoring the previous behaviour. | jsing | 2015-02-22 | 1 | -1/+4 |
| * | Use ntpd's deferred DNS resolving for constraints as well. This | reyk | 2015-02-12 | 1 | -24/+118 |
| * | Be less chatty on constraint errors. | reyk | 2015-02-10 | 1 | -3/+3 |
| * | After successfully getting a constraint from an HTTPS server, there is | reyk | 2015-02-10 | 1 | -11/+21 |
