unwind can be started (silently) before pf is configured (for those
few weirdos who use hostnames in pf.conf...). Other unidentified concerns
may be improved by this startup re-ordering, so let's give it a try.
discussed with florian.
any MITM protection checks. We've had constraint checks for MITM protection
for some time. Recent work changed the default mode to rapidly check NTP packets against constraint validation, as the default mode.
In environments where https traffic doesn't work, ethernet-near servers can
be labelled as "trusted". trusted sensor support is also coming.
We have reasons to immediately move people away from the -s mode.
ok otto
server is wired up such that non MITM attacks are possible, and NTP
packets can be trusted. Therefore constraint validity is not required,
and during boot ntpd can spin-up correct time faster.
with otto, ok jmc schwarze
- do not restart settime timeout interval if something happens in the main
event loop
- apply a tight loop protection; it can be painfull on a single
core machine since the process runs at maximum priority. Should only
happen when a bug is introduced while developing, but prevents having to
machine taken over by ntpd.
dnssec the sysadmin has some idea what's going on in logs, and
"aggressive-nsec: yes", if we're using dnssec anyway we might as well
get the benefits. These were both enabled last time dnssec was enabled
in this sample unbound.conf.
ok florian@
so move our BER API to the unused ober_* prefix to avoid some
breakage in ports.
Problem diagnosed by jmatthew with ber_free() in samba, but
there are many others as pointed out by sthen.
tests & ok rob
ok sthen (who had an almost identical diff for libutil)
"go head hit it" deraadt
things and can easily exceed the previous 1.5GB limit.
(obviously, as with amd64, machines with less physical RAM won't cope with
building the largest ports).
ok deraadt phessler millert kettenis
as found the hard way by d.rauschenb@gmail on an old fujitsu siemens
machine, reading all of hw (notable hw.setperf) can have unexpected
side-effects. ok deraadt
as a one-shot at boot without more complex kernel work, and also includes
some serial numbers/guids which may add a little more entropy e.g. for
systems where /etc/random.seed may be known (e.g. cloned disk images).
"why not" deraadt@
violations in system accounting. This will help to find missbehaving
programs and possible attacks. The flags bit field is full, so
recycle the PDP-11 compatibility on VAX. lastcomm(1) prints the
AMAP flag as 'M'. daily(8) prints a list of affected processes.
OK deraadt@
schwarze