| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Check for EAGAIN on imsg_flush() return otherwise we might be failing |   rzalamena | 2016-10-18 | 1 | -5/+11 |
| * | Save the constraint process pid by getting the start_child() return value, | rzalamena | 2016-10-18 | 1 | -2/+2 |
| * | Teach ntpd(8) constraint process to use exec*() instead of just forking, | rzalamena | 2016-09-26 | 1 | -37/+76 |
| * | Add clarifications ("comments") to three places where it wasn't |   reyk | 2016-09-14 | 1 | -2/+19 |
| * | Adjust existing tls_config_set_cipher() callers for TLS cipher group |   jsing | 2016-07-13 | 1 | -2/+2 |
| * | ntpd is too aggressive about retrying constraint connections. This |   deraadt | 2016-06-01 | 1 | -2/+2 |
| * | Harden TLS for ntpd constraints - stop disabling server name verification, | jsing | 2016-05-21 | 1 | -11/+13 |
| * | Unconfuse things by renaming variables to match their contents. | jsing | 2016-05-06 | 1 | -20/+20 |
| * | According to RFC7231, section 7.1.1.1, the HTTP date header supports |   naddy | 2016-03-05 | 1 | -2/+2 |
| * | Don't attempt to kill() the constraint in the wrong process. The | reyk | 2016-01-27 | 1 | -6/+30 |
| * | Switch and sync to the log.c variant from httpd/relayd/iked/snmpd/vmd. | reyk | 2015-12-19 | 1 | -2/+3 |
| * | EAGAIN handling for imsg_read. OK henning@ benno@ |   claudio | 2015-12-05 | 1 | -2/+3 |
| * | Cache values from getpwnam() done at initialization, which need to be | deraadt | 2015-11-24 | 1 | -14/+11 |
| * | Simplify all instances of get_string() and get_data() using malloc() and |   mmcc | 2015-11-19 | 1 | -7/+2 |
| * | fix memory leak; from David CARLIER | deraadt | 2015-11-17 | 1 | -1/+2 |
| * | Move execution of the constraints from the ntp to the parent process. | reyk | 2015-10-12 | 1 | -123/+328 |
| * | Once the constraint engine process is running, it only needs | deraadt | 2015-10-09 | 1 | -1/+5 |
| * | fix type and return check for tls_read/write. |   beck | 2015-09-10 | 1 | -4/+4 |
| * | fix after libtls api changes | beck | 2015-09-10 | 1 | -8/+8 |
| * | Fix memory leak in error path when max length exceeded. |   millert | 2015-09-09 | 1 | -1/+2 |
| * | Handle short writes and TLS_{READ,WRITE}_AGAIN around tls_write(). |   bluhm | 2015-07-18 | 1 | -7/+15 |
| * | prevent the tls constraint state machine from getting hung on STATE_INVALID |   bcook | 2015-07-18 | 1 | -3/+3 |
| * | detect crashes from constraint sub-processes, instead of ignoring them. | deraadt | 2015-05-28 | 1 | -4/+8 |
| * | No need to call tzset() and log_init() in the forked constraint | reyk | 2015-05-21 | 1 | -4/+1 |
| * | Currently, after 4 failed constraint checks, we suspect the constraint | reyk | 2015-05-18 | 1 | -2/+4 |
| * | When resolving the "constraint" (singular), store all returned IP | reyk | 2015-05-17 | 1 | -24/+35 |
| * | fix a memory leak if tls_read() fails. ok henning@ |   jsg | 2015-04-21 | 1 | -1/+2 |
| * | remove unused 'cause' string when checking child status | bcook | 2015-03-14 | 1 | -10/+3 |
| * | Rename tls_config_insecure_noverifyhost() to | jsing | 2015-02-22 | 1 | -2/+2 |
| * | Set the TLS ciphers to "compat" mode, restoring the previous behaviour. | jsing | 2015-02-22 | 1 | -1/+4 |
| * | Use ntpd's deferred DNS resolving for constraints as well. This | reyk | 2015-02-12 | 1 | -24/+118 |
| * | Be less chatty on constraint errors. | reyk | 2015-02-10 | 1 | -3/+3 |
| * | After successfully getting a constraint from an HTTPS server, there is | reyk | 2015-02-10 | 1 | -11/+21 |
| * | Add support for "constraints": when configured, ntpd(8) will query the | reyk | 2015-02-10 | 1 | -0/+659 |
