schwarze
93c318776d
Update Copyright notice; ok otto@ beck@ deraadt@.
This is merely a by-product of figuring out the amount of phk@ code
contained herein; i'm not planning to hack on this file.
10 years ago
beck
c707ba23e7
I have discussed these licenses with Poul-Henning Kamp and he has agreed to
this license change. We will remember that we all still like beer.
10 years ago
millert
0d52db320e
Fix syntax error in commented out local-zone entry. OK sthen@
10 years ago
matthew
061ee1ef0f
Define intptr_t in <unistd.h> as specified by POSIX
ok millert
10 years ago
deraadt
e30606643b
increase size of iso media (try 2)
10 years ago
deraadt
64c8729c88
increase size of iso media
10 years ago
tedu
cccf6b76fc
safe to remove gets, now that's gone from cstdio too
10 years ago
gilles
22f8f414dd
do not keep hoststat and purgestat, they are pointing to the sendmail
executable and will not serve any purpose with smtpd by default
ok jmc@ tedu@
10 years ago
tedu
f57f1925af
end experimental login.conf template support. one file per machine.
ok deraadt millert
10 years ago
eric
0556b9e168
Make the asr API public. Install asr.h to /usr/include.h and manpages.
Include tweaks suggested by mpi@
ok deraadt@
10 years ago
beck
241e064849
Poul-Henning Kamp informed me he is allright with this licensing change.
10 years ago
tedu
de65ef57f7
try to put the pin back in.
removing gets means removing it from libstdc++ and guenther tells me
that will require changing version numbers.
10 years ago
tedu
ec7cabe032
no gets
10 years ago
sthen
ae00ab49ef
sum -> cksum, ok deraadt
10 years ago
kettenis
294658509f
unbreak the tree; no more libwrap
10 years ago
tedu
865935a62a
okan reminds me hosts.allow lived here too
10 years ago
ajacoutot
25a5dcaa2a
Stop monitoring apache files.
ok florian@ jung@ sthen@
10 years ago
sthen
8134aa11c6
Add /var/unbound/dev/log, it isn't needed for initial startup because Unbound
opens the log before chrooting, but this handles the case where syslogd is
restarted during Unbound's runtime.
10 years ago
tedu
ea175c36fd
oops, merge error
10 years ago
tedu
353207c9dc
more bm excision
10 years ago
tedu
edb424679c
clear stack variables, suggested by djm
10 years ago
naddy
32386fdf7d
Remove the MD4 functions.
"A collision attack published in 2007 can find collisions for full
MD4 in less than two hash operations."
ok deraadt@, man pages ok jmc@
10 years ago
tedu
c830a7ee52
some improvements suggested by djm.
use better constant for salt size.
always copy ":" to gerror, in case somebody is dumb enough to overwrite it
timingsafe_bcmp before somebody whines about strcmp
10 years ago
tedu
521978eee8
two functions don't need to be exported
10 years ago
tedu
5ca97b2032
minimal change to implementation of bcrypt to not require static globals.
add some friendlier functions.
move the classic static data api into wrapper functions.
a few more changes to come...
10 years ago
tedu
661d769f4e
remove the never used bm string functions
10 years ago
sthen
85309b05df
Remove commented-out module-config line, it is already set to "validator
iterator" by default. Pointed out by Patrik Lundin.
10 years ago
tedu
5d4103f5b3
switch to shorter ISC license. this was ok with Niels Provos.
10 years ago
ajacoutot
256de60572
Add nginx default log files to the rotation.
ok jung@ stephan@
tweaks and ok sthen@
10 years ago
sthen
4dd1a5962e
Install a /var/unbound/db directory, writable by the _unbound daemon,
and use it as the default location for the DNSSEC root key. Update default
config for this location.
With this, the only step required to enable DNSSEC validation is to
uncomment these default config entries and restart:
#module-config: "validator iterator"
#auto-trust-anchor-file: "/var/unbound/db/root.key"
There is no longer a requirement to run unbound-anchor manually to
update the root key. The rc.d script will take care of updates at boot,
and Unbound will manage the file itself at runtime.
Test with "dig test.dnssec-or-not.net txt @127.0.0.1" or similar.
10 years ago
miod
8dbd387ec6
Tell the manpage machinery to not output Xr to hd(4/vax) in MAKEDEV.8, since
such a manpage does not currently exist. Requested by jmc@
10 years ago
tedu
a3382b4cd8
no rest for the wicked. increase user blf logrounds default to 8(+2).
increase root to 9(+1).
ok deraadt (and a thank you to miod for helping to reduce the set of
architectures harmed by this)
10 years ago
tedu
2a80bbb144
consolidate the base64 code in one place, and remove inadequate test code
10 years ago
tedu
3beb8e286a
right or wrong, bcrypt() is declared in pwd.h, not unistd.h
10 years ago
miod
7766679fe4
Retire hp300, mvme68k and mvme88k ports. These ports have no users, keeping
this hardware alive is becoming increasingly difficult, and I should heed the
message sent by the three disks which have died on me over the last few days.
Noone sane will mourn these ports anyway. So long, and thanks for the fish.
10 years ago
sthen
9690bbcd18
No need to keep a manually maintained list of system daemons here, ftpd can
disallow them itself. ok deraadt@ millert@, gsoares@ and aja@ like it too.
("nobody" still needs to be listed).
10 years ago
tedu
18caccfdb7
uucp cleansing
10 years ago
sthen
4160ff8632
no more _ppp user
10 years ago
sthen
733c769ec2
ppp.log was just for ppp(8)
10 years ago
deraadt
c6fc6500f7
_ppp uid/gid will come up for recycling (but please not within a year)
10 years ago
deraadt
357cb1b33e
the userland ppp(9) code goes awa. Having too much ppp choice in the
tree results in one-true-ppp not coming into existance. This code is
essentially un-audited and quite dangerous.
ok claudio sthen
10 years ago
guenther
5ebaeabad3
lint is dead (long live the lint!), so stop using it as a cpp conditional
(namespace pollution!) or talking about its opinion on code.
ok krw@
10 years ago
sthen
85815eee50
add unbound.conf and (dnssec) root.key to changelist
10 years ago
sthen
216f65a4eb
Add _unbound user here too. Reminded by aja@
10 years ago
sthen
cc6c887d94
Enable Unbound in base, ok deraadt@
10 years ago
miod
423a89bb3d
Bump the cdXX image from 12MB to 13MB.
10 years ago
sthen
62f586f294
httpd_flags was still used here; remove it.
Add a log socket in /var/www/dev/log if nginx is enabled, it is needed as
the openlog() call is done after chrooting.
ok brad@ florian@ deraadt@
10 years ago
sthen
227e08b10e
Add a new sample config file and rc.d script for unbound, ok deraadt@
10 years ago
kettenis
68a0072e4a
regen
10 years ago
kettenis
7d3fe827b5
We no longer support the userland interface for agp(4).
10 years ago