tedu
f2faceb1ea
set errno = EINVAL for invalid salts and hashes in most functions.
remember to set EACCES in bcrypt_checkpass for hash differences.
the higher level crypt_checkpass function will reset errno to EACCES in
all cases, which is probably the right behavior, but this change gives code
working with the lower level functions the correct errno if they care.
10 years ago
naddy
fb8b85f8dc
5.8 packages key
10 years ago
bcook
bfaebb4169
mix in more virtual memory and process information
10 years ago
deraadt
d06eea4bf5
add 5.8 base key
10 years ago
sthen
dddb521475
firmware key for 5.8
10 years ago
bcook
015bfd5abc
add initial HP-UX getentropy/arc4random support.
patch from Kinichiro Inoguchi, tested on HP-UX 11.31
ok deraadt@
10 years ago
tedu
06084f37f2
rename kern enter/exit macros to malloc enter/leave to better reflect
what's going on.
10 years ago
tedu
6758bf4952
convert clock() to clock_gettime() for improved precision (and accuracy?)
guenther suggested using thread time, which actually may improve accuracy
if somebody puts this in a threaded program.
10 years ago
bcook
f04311c2a3
use MAXIMUM as the canonical local MAX macro.
suggested by deraadt@ re: more general MIN/MAX cleanups
10 years ago
bcook
2b0bc47767
rename sockaddr_un variables from 'sun' to the more common 'sa'.
This avoids a namespace conflict with Solaris build environments.
discussed with deraadt@ and kettenis@
10 years ago
bcook
63d93971e4
don't rely on sys/param.h having a MAX macro.
Switch to local definitions where MAX is needed.
discussed with deraadt@
10 years ago
bcook
1f5712d8d6
Remove the unused dns_pid variable.
Nothing is done with the return value from ntp_dns, and it already calls
fatal() on failure.
ok deraadt@
10 years ago
bcook
d25ace0611
removed unused libevent header and structures in ntpd.h
ok deraadt@ phessler@
10 years ago
bcook
d33f0cc042
Add a missing include for time.h to get the definitions of clock_gettime and strftime.
ok jsing@ phessler@ naddy@
10 years ago
miod
fa37c0f6f5
Fix dow and apply the usual easter egg.
10 years ago
ajacoutot
e5c0d4b303
Fix return code of _rc_quirks().
ok robert@
10 years ago
deraadt
f006c12698
adjust date
10 years ago
ajacoutot
33a3eef999
Add a comment about the default values being duplicated in rcctl(8).
discussed with schwarze@
10 years ago
deraadt
0a2d9a6853
move to 5.7-beta
10 years ago
jasper
56237a5383
add entries for xmpp, mdns and puppet
ok aja@
10 years ago
bluhm
956d45dc9b
Add syslog-tls 6514/tcp to etc/services.
OK jasper
10 years ago
tedu
7387fe8b05
copy bcrypt autotune from encrypt(1) and expose via crypt_newhash
ok deraadt miod
10 years ago
djm
0f0ceb5483
typo in comment: ouput => output
10 years ago
aoyama
82871861a6
regen
10 years ago
aoyama
43f0b497ca
Add audio(4) related entries.
ok miod@
10 years ago
ajacoutot
f75903b301
Add line continuation to be consistent with rc_pre(); ok sthen@
10 years ago
ajacoutot
dec6c8a165
pexp is not needed; ok sthen@
10 years ago
reyk
fb658089b6
Change the default ext_addr from "egress" to "*". Listening on the
egress group only works if you have a default route; this confused
some people.
10 years ago
tedu
3d5ec16db0
the kvm.db is now kmem owned. noticed by Steven Roberts
10 years ago
benno
f0ed57e872
return ERANGE instead of ENOMEM, so callers can differentiate real oom
from this case where we have a static buffer and cant realloc.
ok phessler, claudio, reyk
10 years ago
tedu
6ae58cad45
simplify crypt_checkpass. The API promise is that this function doesn't
use global data. The simplest fix is to only check blowfish passwords,
and implicitly lock out DES passwords.
crypt_checkpass is currently only used in one place, passwd, to verify
the local user's password, so this is probably acceptable.
Gives people a little more time to migrate away from DES before introduing
checkpass into more places.
10 years ago
tedu
07f7620f99
dickman noticed /var/rwho keeps coming back. remove it.
10 years ago
florian
eafafc9e42
Out out you evil network daemon.
OK deraadt@ some time ago
10 years ago
guenther
8daac31476
$OpenBSD for our rev here
10 years ago
tedu
1b9ff6ebe7
be like the kernel and only unroll if not small
10 years ago
deraadt
0dc2c70460
i386 unrolling blows up the media in a big way, due to -Os for
ramdisk libc builds. there has to be a better way without #ifdef's
in gross places, but I don't see it yet.
10 years ago
ajacoutot
7994d20eba
Add rdp/rfb/vnc.
no objection from deraadt@
10 years ago
tedu
29c323adc2
only unroll on i386 and amd64 (where confirmed to be much faster).
naddy found sparc64 gets a little slower when unrolled.
ok deraadt
10 years ago
tedu
b3da475e6b
unroll loops. much faster on amd64. ok deraadt millert
10 years ago
sthen
fc55253b4e
typo; ok deraadt
10 years ago
deraadt
eb5fb39e0c
warn for correct symbol
10 years ago
tedu
d51fd90392
claim posix 2008 compat. apparently people look at this and get scared
when it's really old. but no actual ports fallout in espie's build.
ok deraadt
10 years ago
miod
9837a9e786
Install netboot.mop
10 years ago
schwarze
493a019ded
catch up with swab.c rev. 1.9:
update SYNOPSIS and DESCRIPTION and add STANDARDS
10 years ago
reyk
f07e9bca67
Like previously done in relayd, change the keyword "ssl" to "tls" to
reflect reality.
OK benno@
10 years ago
reyk
7e461c74c3
Change the keyword "ssl" to "tls" to reflect reality since we
effectively disabled support for the SSL protocols. SSL remains a
common term describing SSL/TLS, there is some controvery about this
change, and the name really doesn't matter, but I feel confident about
it now.
(btw., sthen@ pointed out some historical context:
http://tim.dierks.org/2014/05/security-standards-and-name-changes-in.html )
OK benno@, with input from tedu@
10 years ago
tedu
628b1ad074
update swab() to match the current posix definition. "rationale: none."
rewrite the function to be simpler as well. the compiler can unroll the
loop for us if necessary.
ok schwarze
10 years ago
tedu
afa8fec38e
regen
10 years ago
tedu
71a19d5adc
remove urio
10 years ago
jmc
ddf1617c43
Xr and Ox fixes;
10 years ago