474792cd61
declare a local version of MIN(), call it MINIMUM()
9 years ago
950986b2ca
use the correct format string for refid
ok deraadt@
9 years ago
c7195d4619
Do not need sys/param.h
9 years ago
3e66a761e0
stupid me. need errno.h
9 years ago
f2faceb1ea
set errno = EINVAL for invalid salts and hashes in most functions.
remember to set EACCES in bcrypt_checkpass for hash differences.
the higher level crypt_checkpass function will reset errno to EACCES in
all cases, which is probably the right behavior, but this change gives code
working with the lower level functions the correct errno if they care.
9 years ago
fb8b85f8dc
5.8 packages key
9 years ago
bfaebb4169
mix in more virtual memory and process information
9 years ago
d06eea4bf5
add 5.8 base key
9 years ago
dddb521475
firmware key for 5.8
9 years ago
015bfd5abc
add initial HP-UX getentropy/arc4random support.
patch from Kinichiro Inoguchi, tested on HP-UX 11.31
ok deraadt@
9 years ago
06084f37f2
rename kern enter/exit macros to malloc enter/leave to better reflect
what's going on.
9 years ago
6758bf4952
convert clock() to clock_gettime() for improved precision (and accuracy?)
guenther suggested using thread time, which actually may improve accuracy
if somebody puts this in a threaded program.
9 years ago
f04311c2a3
use MAXIMUM as the canonical local MAX macro.
suggested by deraadt@ re: more general MIN/MAX cleanups
9 years ago
2b0bc47767
rename sockaddr_un variables from 'sun' to the more common 'sa'.
This avoids a namespace conflict with Solaris build environments.
discussed with deraadt@ and kettenis@
9 years ago
63d93971e4
don't rely on sys/param.h having a MAX macro.
Switch to local definitions where MAX is needed.
discussed with deraadt@
9 years ago
1f5712d8d6
Remove the unused dns_pid variable.
Nothing is done with the return value from ntp_dns, and it already calls
fatal() on failure.
ok deraadt@
9 years ago
d25ace0611
removed unused libevent header and structures in ntpd.h
ok deraadt@ phessler@
9 years ago
d33f0cc042
Add a missing include for time.h to get the definitions of clock_gettime and strftime.
ok jsing@ phessler@ naddy@
9 years ago
fa37c0f6f5
Fix dow and apply the usual easter egg.
9 years ago
e5c0d4b303
Fix return code of _rc_quirks().
ok robert@
9 years ago
f006c12698
adjust date
9 years ago
33a3eef999
Add a comment about the default values being duplicated in rcctl(8).
discussed with schwarze@
9 years ago
0a2d9a6853
move to 5.7-beta
9 years ago
56237a5383
add entries for xmpp, mdns and puppet
ok aja@
9 years ago
956d45dc9b
Add syslog-tls 6514/tcp to etc/services.
OK jasper
9 years ago
7387fe8b05
copy bcrypt autotune from encrypt(1) and expose via crypt_newhash
ok deraadt miod
9 years ago
0f0ceb5483
typo in comment: ouput => output
9 years ago
82871861a6
regen
9 years ago
43f0b497ca
Add audio(4) related entries.
ok miod@
9 years ago
f75903b301
Add line continuation to be consistent with rc_pre(); ok sthen@
9 years ago
dec6c8a165
pexp is not needed; ok sthen@
9 years ago
fb658089b6
Change the default ext_addr from "egress" to "*". Listening on the
egress group only works if you have a default route; this confused
some people.
10 years ago
3d5ec16db0
the kvm.db is now kmem owned. noticed by Steven Roberts
10 years ago
f0ed57e872
return ERANGE instead of ENOMEM, so callers can differentiate real oom
from this case where we have a static buffer and cant realloc.
ok phessler, claudio, reyk
10 years ago
6ae58cad45
simplify crypt_checkpass. The API promise is that this function doesn't
use global data. The simplest fix is to only check blowfish passwords,
and implicitly lock out DES passwords.
crypt_checkpass is currently only used in one place, passwd, to verify
the local user's password, so this is probably acceptable.
Gives people a little more time to migrate away from DES before introduing
checkpass into more places.
10 years ago
07f7620f99
dickman noticed /var/rwho keeps coming back. remove it.
10 years ago
eafafc9e42
Out out you evil network daemon.
OK deraadt@ some time ago
10 years ago
8daac31476
$OpenBSD for our rev here
10 years ago
1b9ff6ebe7
be like the kernel and only unroll if not small
10 years ago
0dc2c70460
i386 unrolling blows up the media in a big way, due to -Os for
ramdisk libc builds. there has to be a better way without #ifdef's
in gross places, but I don't see it yet.
10 years ago
7994d20eba
Add rdp/rfb/vnc.
no objection from deraadt@
10 years ago
29c323adc2
only unroll on i386 and amd64 (where confirmed to be much faster).
naddy found sparc64 gets a little slower when unrolled.
ok deraadt
10 years ago
b3da475e6b
unroll loops. much faster on amd64. ok deraadt millert
10 years ago
fc55253b4e
typo; ok deraadt
10 years ago
eb5fb39e0c
warn for correct symbol
10 years ago
d51fd90392
claim posix 2008 compat. apparently people look at this and get scared
when it's really old. but no actual ports fallout in espie's build.
ok deraadt
10 years ago
9837a9e786
Install netboot.mop
10 years ago
493a019ded
catch up with swab.c rev. 1.9:
update SYNOPSIS and DESCRIPTION and add STANDARDS
10 years ago
f07e9bca67
Like previously done in relayd, change the keyword "ssl" to "tls" to
reflect reality.
OK benno@
10 years ago
7e461c74c3
Change the keyword "ssl" to "tls" to reflect reality since we
effectively disabled support for the SSL protocols. SSL remains a
common term describing SSL/TLS, there is some controvery about this
change, and the name really doesn't matter, but I feel confident about
it now.
(btw., sthen@ pointed out some historical context:
http://tim.dierks.org/2014/05/security-standards-and-name-changes-in.html )
OK benno@, with input from tedu@
10 years ago
deraadt