did). This allows any local changes to /etc/services to be effective
if all you have is the default.
Issue pointed out by Brian S. Vangsgaard on bugs@. Thanks!
ok phessler@ deraadt@
instead of disk. OpenSSL didn't provide a built-in API from loading
certificates in a chroot'ed process that doesn't have direct access to
the files. X509_STORE_load_mem() provides a new backend that will be
used by libssl and libtls to implement such privsep-friendly
functionality.
Adopted for LibreSSL based on older code from relayd (by pyr@ and myself)
With feedback and OK bluhm@
If the network is unreachable when ntpd starts and host_dns fails, be sure
that we still close the HOST_DNS imsg.
Thanks to Paul de Weerd <weerd at weirdnet dot nl> for reporting this.
ok beck@
for a couple decades. Keep the OSIOCGIFCONF ioctl to support COMPAT_LINUX
but move the rest of the Linux-specific ioctl() handling into linux_socket.c
This lets struct osockaddr finally move from sys/socket.h to protocols/talkd.h
ok krw@ deraadt@ mpi@
directory is not contained in OpenBSD base, and because even people
having the directory often don't understand that they need to run
makewhatis(8) - and instead complain about the resulting warnings.
This commit reverts revisions 1.17 and 1.21.
Requested by deraadt@ millert@ kettenis@ who argue that people
using /usr/ports/infrastructure/bin/ already need to set PATH,
so editing man.conf (or, though more fragile, setting MANPATH)
should not be a big deal for them.
The latest NetBSD (6.1.5) arc4random does not appear to reseed the CRNG state
after a fork, so provide an override until the fork-safe version in CVS appears
in a release.
These are the same as the FreeBSD shims.
ok deraadt@
superflous '*' after '/*' and adding blank after terminating '$'.
Also eases parsing of the lines by simple awk scripts.
Aesthetic approval from tedu@.
This hides the unavoidably cruddy sys/param.h namespace in some programs.
Little impact, because many programs are cruddy and still get it via
other includes.
ports testing thanks to sthen and naddy
ok guenther millert
daemon.
Old drift files will be interpreted as a minuscule adjustment and
ntpd will proceed to rediscover the drift, like starting from zero
on a newly installed machine.
ok deraadt@
- Nothing seems to free the result of host_dns(), so add host_dns_free() and
call after each query.
- If imsg_add() fails, it frees buf. Avoid subsequently dereferencing the
freed buf in imsg_close().
ok millert@ deraadt@
floppy. A few drivers are missing, but the world has moved on (the drivers
included are always a work in progress)
Speeds up make release substantially, of course.
remember to set EACCES in bcrypt_checkpass for hash differences.
the higher level crypt_checkpass function will reset errno to EACCES in
all cases, which is probably the right behavior, but this change gives code
working with the lower level functions the correct errno if they care.
krw