587 Commits (8d357258a93285eb7503d4783b4122da6aa1b2cd)

Author SHA1 Message Date
  rzalamena c82eb97e2b Fix a possible bug that will happen with dup2() when oldd == newd. In that 8 years ago
  rzalamena 4c66ab656c Teach ntpd(8) constraint process to use exec*() instead of just forking, 8 years ago
  rzalamena 4e462f2ebb Teach ntpd(8) how to use socket status to shutdown the daemon. While at 8 years ago
  rzalamena 1305c0d5de Teach ntpd(8) how to fork+exec. 8 years ago
  reyk 5ec8dcba4c Add clarifications ("comments") to three places where it wasn't 8 years ago
  reyk d7b0c49beb Fix copyright disclaimer in util.c. 8 years ago
  reyk 08ed721594 Remove the oh so funny "LOSS OF MIND" from the diclaimer that was not 8 years ago
  guenther 2f48ecaf36 Pull in <sys/time.h> for struct timespec, timeval, or clockrate 8 years ago
  jsing 9801e4d851 Adjust existing tls_config_set_cipher() callers for TLS cipher group 8 years ago
  deraadt 4bee7f5ac6 ntpd is too aggressive about retrying constraint connections. This 8 years ago
  jsing f819d84119 Harden TLS for ntpd constraints - stop disabling server name verification, 8 years ago
  jsing 74da5f732a Unconfuse things by renaming variables to match their contents. 8 years ago
  semarie 652935dc64 prepare userland for removing chroot(2) from allowed syscalls under pledge(2). 8 years ago
  krw 846730a3f8 Rename session_socket_blockmode() to session_socket_nonblockmode(), 8 years ago
  naddy 4cf98f2633 According to RFC7231, section 7.1.1.1, the HTTP date header supports 8 years ago
  sthen 4114667275 Remove setproctitle() for the parent process. Because rc.d(8) uses process 9 years ago
  reyk db00298111 Don't attempt to kill() the constraint in the wrong process. The 9 years ago
  bcook fade868be3 update ntpd log initialization to work like relayd, fix debug log levels 9 years ago
  deraadt 73313dce7f sneaky whitespace snuck in again 9 years ago
  millert e33f078c05 Don't assume fprintf() will set the FILE * error condition. 9 years ago
  reyk 0dc6f9d6e2 No need for an extra log.h 9 years ago
  reyk 97252e04ad Switch and sync to the log.c variant from httpd/relayd/iked/snmpd/vmd. 9 years ago
  reyk b8496badea Move log_sockaddr() to from log.c to util.c as it is a local addition 9 years ago
  claudio d6e39ab1f4 EAGAIN handling for imsg_read. OK henning@ benno@ 9 years ago
  deraadt 531d870924 Cache values from getpwnam() done at initialization, which need to be 9 years ago
  tedu 4c1a084e50 use RMS for jitter. we're linking with enough libraries that libm is tiny. 9 years ago
  mmcc c3ad325375 Simplify all instances of get_string() and get_data() using malloc() and 9 years ago
  deraadt adcf1148c1 fix memory leak; from David CARLIER 9 years ago
  naddy 0c7a1d49ed fully revert some parts introduced with the original server rtable support, 9 years ago
  naddy 2a9f149211 drop unused define; ok reyk@ 9 years ago
  reyk 13e2f2c777 Remove support for sending status reports to syslog on SIGINFO; 9 years ago
  deraadt 0115cb35e8 the DNS process was not discarding & redirecting stdin/out/err to 9 years ago
  deraadt a4d91af57b Rather than re-opening the driftfile to write, keep it open; rewinding 9 years ago
  phessler e4a72ca09e Allowing upstream servers of ntp being in multiple routing tables is 9 years ago
  reyk 707f923fe3 Move execution of the constraints from the ntp to the parent process. 9 years ago
  deraadt a131c912b6 pledge "dns rw" is not a reliable pattern. This means malloc() and other 9 years ago
  deraadt b8ed49dca0 the ntp engine can run with "stdio inet proc". For many reasons, 9 years ago
  deraadt b6f582f2a7 Once the constraint engine process is running, it only needs 9 years ago
  deraadt 1ca43f2c14 Change all tame callers to namechange to pledge(2). 9 years ago
  deraadt 8cf941abab this process deserves -fstack-protector-all 9 years ago
  deraadt 5138effbbd the ntp dns process only needs tame "dns rw" to operate. at least, 9 years ago
  deraadt af212fce6a In the ntpctl(1) case, after it has connect()'d to ntpd we can tame "stdio" 9 years ago
  beck 6cb36941d0 fix type and return check for tls_read/write. 9 years ago
  beck 2a9d7551ce fix after libtls api changes 9 years ago
  millert 3020bb1487 Fix memory leak in error path when max length exceeded. 9 years ago
  deraadt 89430ff568 Xr ntpctl; from Rob Pierce 9 years ago
  millert 52caae6b33 When checking whether we should scan the sensors again use <= rather 9 years ago
  bluhm 62105f16ea Handle short writes and TLS_{READ,WRITE}_AGAIN around tls_write(). 9 years ago
  bcook 1694f9ed82 prevent the tls constraint state machine from getting hung on STATE_INVALID 9 years ago
  bcook c723f066b5 replace _PATH_DEVNULL with "/dev/null", assume it will not move 9 years ago