| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
| |
MFC after: 1 month
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual
merge).
OpenBSM history for imported revision below for reference.
MFC after: 1 month
Sponsored by: Apple, Inc.
Obtained from: TrustedBSD Project
OpenBSM 1.1 beta 1
- The filesz parameter in audit_control(5) now accepts suffixes: 'B' for
Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes.
For legacy support no suffix defaults to bytes.
- Audit trail log expiration support added. It is configured in
audit_control(5) with the expire-after parameter. If there is no
expire-after parameter in audit_control(5), the default, then the audit
trail files are not expired and removed. See audit_control(5) for
more information.
- Change defaults in audit_control: warn at 5% rather than 20% free for audit
partitions, rotate automatically at 2mb, and set the default policy to
cnt,argv rather than cnt so that execve(2) arguments are captured if
AUE_EXECVE events are audited. These may provide more usable defaults for
many users.
- Use au_domain_to_bsm(3) and au_socket_type_to_bsm(3) to convert
au_to_socket_ex(3) arguments to BSM format.
- Fix error encoding AUT_IPC_PERM tokens.
|
| |
|
|
|
|
|
|
| |
CONFIG_DEBUG_SYSLOG
CONFIG_TERMINATE_ONLASTIF
EAP_SERVER
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The function pow() in libmp(3) clashes with pow(3) in libm. We could
rename this single function, but we can just take the same approach as
the Solaris folks did, which is to prefix all function names with mp_.
libmp(3) isn't really popular nowadays. I suspect not a single
application in ports depends on it. There's still a chance, so I've
increased the SHLIB_MAJOR and __FreeBSD_version.
Reviewed by: deischen, rdivacky
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
alignment requirement, while rt_msghdr has a 4 byte alignment
requirement. The root cause is that if_msghdr has an struct if_data
which has an 8-byte alignment requirement due to a time_t that's
embedded in it. On MIPS, time_t is a 64-bit number, so must be 64-bit
aligned.
Since we don't access ifm_data.ifi_epoch, a simple cast is all that's
necessary here. It is likely the case that ifi_epoch should *NOT* be
a time_t because it is an uptime (time delta) an not an absolute time
since 1970. u_long is likely sufficient there since that gives an
uptime of 136 years will suffice for the foreseeable future.
|
|
|
|
|
|
| |
part of the patch is an ugly (and hopefully temporary) hack.
Discussed with: imp@
|
|
|
|
|
| |
Approved by: so (cperciva)
Security: FreeBSD-SA-09:05.telnetd
|
|
|
|
|
|
|
|
| |
again in case the connection is interrupted and csup have to reconnect. The
lists will be freed after the collection has been completely processed.
PR: bin/131477
Tested by: dchagin
|
|
|
|
|
| |
and SetAttrs operation.
- SetAttrs and Touch were incorrectly switched.
|
|
|
|
|
|
|
|
| |
- Fix trailing comma
PR: docs/85118
Submitted by: vs
MFC after: 3 days
|
|\ |
|
| | |
|
| |
| |
| |
| |
| | |
Submitted by: scf
MFC after: 3 weeks
|
| |
| |
| |
| |
| |
| |
| |
| | |
getopt(), it is accepted through smb_ctx_init() in
lib/smb/ctx.c.
PR: 117013
Submitted by: Tom Evans <tevans.uk@googlemail.com> (original version)
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual
merge). Hook up bsm_domain.c and bsm_socket_type.c to the libbsm
build along with man pages, add audit_bsm_domain.c and
audit_bsm_socket_type.c to the kernel environment.
OpenBSM history for imported revisions below for reference.
MFC after: 1 month
Sponsored by: Apple Inc.
Obtained from: TrustedBSD Project
OpenBSM 1.1 alpha 5
- Stub libauditd(3) man page added.
- All BSM error number constants with BSM_ERRNO_.
- Interfaces to convert between local and BSM socket types and protocol
families have been added: au_bsm_to_domain(3), au_bsm_to_socket_type(3),
au_domain_to_bsm(3), and au_socket_type_to_bsm(3), along with definitions
of constants in audit_domain.h and audit_socket_type.h. This improves
interoperability by converting local constant spaces, which vary by OS, to
and from Solaris constants (where available) or OpenBSM constants for
protocol domains not present in Solaris (a fair number). These routines
should be used when generating and interpreting extended socket tokens.
- Fix build warnings with full gcc warnings enabled on most supported
platforms.
- Don't compile error strings into bsm_errno.c when building it in the kernel
environment.
- When started by launchd, use the label com.apple.auditd rather than
org.trustedbsd.auditd.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Correct BIND DNSSEC incorrect checks for malformed signatures
[SA-09:04].
Security: FreeBSD-SA-09:03.ntpd
Security: FreeBSD-SA-09:04.bind
Obtained from: ISC [SA-09:04]
Approved by: so (simon)
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
long commands into multiple requests. [09:01]
Fix incorrect OpenSSL checks for malformed signatures due to invalid
check of return value from EVP_VerifyFinal(), DSA_verify, and
DSA_do_verify. [09:02]
Security: FreeBSD-SA-09:01.lukemftpd
Security: FreeBSD-SA-09:02.openssl
Obtained from: NetBSD [SA-09:01]
Obtained from: OpenSSL Project [SA-09:02]
Approved by: so (simon)
|
| | | |
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | | |
fetch a complete CVS repository. Support for rsync update of regular files are
also included, but are not yet enabled. The change should not have an impact on
existing csup usage, as little of the existing code has changed.
|
| | | |
| | | |
| | | |
| | | | |
files have the wrong date.
|
| | | | |
|
| | | |
| | | |
| | | |
| | | | |
- Remove old comments.
|
| | | |
| | | |
| | | |
| | | | |
- Sort branches when inserting them.
|
| | | |
| | | |
| | | |
| | | | |
same date.
|
| | | |
| | | |
| | | |
| | | | |
stripped before encoding the expansion mode.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
details to the cvsup server. The deltatext does not need parsing, and some
parts of the rcsfile data structure doesn't need to be set up.
- Fix a bug where the RCS expansion mode is not written out.
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | | |
| | | |
| | | | |
Submitted by: naddy
|
| | | |
| | | |
| | | |
| | | | |
Pointed out by: Christian Weisgerber <naddy -at- mips.inka.de>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- Instead of including protocol info in diffs, strip them before adding
deltatext and take this into account when applying the diff later.
- Don't use strlen when the string in the RCS file may contain garbage. This got
caught in the checksumming before, but was not fixed until now. Instead of
using strlen, pass the token length when adding log and text entries to a
delta. Add an extra length parameter to duptext() to record the token length.
- When adding new branches to a file, add them in at the tail instead of the
head of the list to get correct ordering when writing out.
- Input stream when diffing was opened twice.
- Don't expand keywords in diffs between deltas.
|
| | | |
| | | |
| | | |
| | | | |
instead of after.
|
| | | | |
|
| | | |
| | | |
| | | |
| | | | |
information.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- Handle the case where a repository may have been copied, and the symlinks have
not been preserved. CVSup removes the files and creates the symlinks, so
enable this behaviour in csup as well.
- While there, fix comments and style issues.
|
| | | |
| | | |
| | | |
| | | | |
file if it is up to date.
|
| | | |
| | | |
| | | |
| | | |
| | | | |
- Fix a lot of style issues remaining and old debugging output.
- Update comments where needed.
|
| | | |
| | | |
| | | |
| | | | |
often used, but were quite simple to implement anyway.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- Fix compiler warnings and symbol overlaps.
- Don't build code that is not used yet.
- Fix types and format strings.
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- Use internal xmalloc instead of malloc.
- Include missing header after warnings.
- Fix unneeded printouts.
- Fix a bug when checking the CO_NORSYNC flag.
|
| | | | |
|
| | | |
| | | |
| | | |
| | | | |
memory.
|