krw
cff2cddef6
Fix ba# attribute in rdroot entry. It should be 4096 (a valid size for
a FFS block), not 4480 (the size of the partition).
ok millert@
9 years ago
tedu
a295a8a9de
call it bcrypt in the man page too
9 years ago
tedu
1b0313eadb
permit "bcrypt" as an alias for "blowfish". this is, after all, what
99% of the world calls it.
allow just "bcrypt" without params to mean auto-tune ("bcrypt,a").
default remains 8 rounds (for now)
ok deraadt
9 years ago
sthen
2d23f289ed
add doas.conf to mtree (from Theo Buehler) and changelist. ok phessler@
9 years ago
yasuoka
20292b2bf2
Build and install libradius as default.
ok deraadt
9 years ago
dtucker
c11ab06678
Generate new moduli.
9 years ago
ajacoutot
fedd8f8a4a
Add the _radiusd user.
ok sthen@
9 years ago
yasuoka
a0900f08ec
Add radiusd(8) and radiusctl(8). They are WIP. radiusd(8) is a RADIUS
server and radiusctl(8) is to control the server. radiusd(8) currently
supports bsdauth and radius (upstream radius servers) as authentication
backends.
fixes from jsg blambert
ok deraadt
9 years ago
yasuoka
373a8b4402
Add _radius to etc/master.passwd and etc/group for coming radiusd.
ok deraadt
9 years ago
sthen
0f204b21fa
add class used by the _pbuild user for DPB, ok ajacoutot@
9 years ago
rpe
ee8831258e
Disable Strict Bourne shell mode for /etc/rc and /etc/netstart to be
able to use ksh syntax within these scripts. This way init doesn't
need to be changed, which starts /etc/rc using /bin/sh and people
can still use "sh /etc/netstart ifname".
Idea from and OK halex@
OK deraadt@ krw@ guenther@
9 years ago
millert
b7048f2268
Add VIS_DQ to escape double quotes. OK deraadt@ semarie@ reyk@
9 years ago
florian
3b01a896de
Bring up pflow last as it might send with a source address that is on
any of the other interfaces.
OK deraadt, phessler, benno
9 years ago
doug
bb4ad98053
Remove OpenSSL engine RSAX.
OpenSSL stopped building it last year and removed it this year.
Based on OpenSSL commit c436e05bdc
.
Also cranked major version in libcrypto, libssl and libtls.
"fine with me" bcook@ miod@
9 years ago
rpe
df23259f18
Always source rc.subr to be able to use the rc.conf parsing routine
to get the network related vars from rc.conf. This is even necessary
if netstart is run from within /etc/rc. Remove test of $INRC which
unintentionally evaluated always to true.
problem with previous change found by nigel@
OK sthen@ aja@ halex@
9 years ago
martynas
d17d076200
Define new C99 macros:
- MATH_ERRNO, MATH_ERREXCEPTION and math_errhandling
- Optional FP_FAST_FMA{,F,L} macros if fma() executes as fast or faster
than (x * y) + z; which in practice is achievable if gcc implements
__FP_FAST_FMA{,F,L}
Reported by John Marino @ DragonFlyBSD.
9 years ago
sthen
7d2fd17dc7
remove code from unbound's rc script that generates control keys/certs if
control-enable is used, our standard configuration is using unix domain sockets
without certs. existing setups with already-created certificates are ok, if
somebody needs remote+certs they can generate keys themself. ok florian@
9 years ago
sthen
18a950b9e6
change default unbound config to enable the control socket, without using
keys/certificates for auth. ok florian@
9 years ago
ajacoutot
3c5648004f
Revert 1.148 for now until I can talk to rpe@
It introduced a regression reported by nigel@
9 years ago
nicm
0f67cd6d58
Handle malloc(0) returning NULL (which can happen on some other
platforms) by explicitly making imsg->data = NULL when there is no
data. ok deraadt
9 years ago
rpe
0dbfdf1513
Replace test command with [].
OK halex@ krw@
9 years ago
rpe
52fcd40cbb
Ensure, that we source rc.subr and parse rc.conf ONLY if we are not
inside /etc/rc.
With help from and OK halex@, ajacoutot@
9 years ago
bluhm
62105f16ea
Handle short writes and TLS_{READ,WRITE}_AGAIN around tls_write().
input doug@; OK beck@
9 years ago
rpe
5ff4fd70b2
Put the opening curley brackets on the same line as the function name.
OK krw@ halex@
9 years ago
bcook
1694f9ed82
prevent the tls constraint state machine from getting hung on STATE_INVALID
patch from Mikolaj Kucharski
ok deraadt@
9 years ago
jeremy
a0ab23b345
Unbreak, add errno header
OK tedu@
9 years ago
bcook
c723f066b5
replace _PATH_DEVNULL with "/dev/null", assume it will not move
ok deraadt@ phessler@ claudio@
9 years ago
tedu
8cf39d5a4a
set errno in null cases, just in case.
9 years ago
tedu
ece73ab6e1
standards compliant error return (null). will make ruby happier, at least.
ok deraadt jeremy
9 years ago
bcook
cdb73978a9
replace bzero with memset
ok phessler@ deraadt@
9 years ago
rpe
1c5ec3825b
- remove trailing blanks introduced in previous commit
- no space in redirections like </foo or >$bar
- few other minor whitespaces
OK krw@
9 years ago
rpe
6cc979ddd8
Improve comments
- Add comments for functions
- Start comments with capital letters
- End comments with a full stop
- Allow comments to extend up to column 80
OK krw@
9 years ago
sthen
06c363ecd2
Add _dpb, _pbuild, _pfetch users to make it easier for people doing dpb
multi-user builds. Discussed with espie, ajacoutot, ok deraadt
9 years ago
ajacoutot
56a4837fb4
Add an example for doas(1) logging and drop sudo and chat.
ok tedu@ rep@
9 years ago
jsg
00eb18eeae
enable exynos
9 years ago
ajacoutot
e739f461a7
Drop comments; we already have a fully documented file under
/etc/examples/ntpd.conf
ok deraadt@ benno@ schwarze@
9 years ago
sobrado
f38d8c1811
typo in manual page.
ok jsing@
9 years ago
ajacoutot
41bd3eb188
Fix base rc.d scripts after the recent rc.subr change.
ok halex@
9 years ago
ajacoutot
8e30a3b2d0
By default, require an exact match of the process name and argument list.
This allows running several instances of the same rc.d(8) script by just
linking it to different name.
e.g.
ln -s ftpproxy ftpproxy6
echo 'ftpproxy6_flags=-6' >>/etc/rc.conf.local
This is likely to break some rc.d scripts in ports. I will try and fix them all
in the next few days but I'd appreciate reports if I missed some.
ok halex@
9 years ago
ajacoutot
b88e81ed5f
Always use the default flags when running !start.
This is necessary so that rc.d scripts launched with `-f' can be properly
stopped, checked and reloaded.
ok schwarze@
9 years ago
ajacoutot
7010e004e3
Merge comments.
9 years ago
millert
8fc6c5c63a
The first argument to devname(3) should be dev_t, not int.
The man page was already correct.
9 years ago
nicm
cac6c14d57
Use memset instead of bzero for better portability.
ok gilles claudio doug
9 years ago
deraadt
4db28c17f3
typo in embedded code block; from Ben Cornett
9 years ago
ajacoutot
708043a7d8
/var/unbound/db/root.key can be stored in plain text actually; that's just
the public key.
prodded by semarie@
ok sthen@
9 years ago
ajacoutot
aa80fa88a8
Only store checksums for:
/var/nsd/etc/nsd.conf (may contain a key)
/var/unbound/db/root.key (fix path as well)
from Tim van der Molen
ok millert@ sthen@
9 years ago
millert
9eb85f0322
Remove sudoers
9 years ago
brynet
1493b9464e
bzero cmsgbuf before using it, silences valgrind warnings.
henning@ "sure"
9 years ago
jsg
52f52b9d20
enable vexpress
9 years ago
jmatthew
9e79bd343f
regen
9 years ago