| #
b9bb04c1 |
|
27-Dec-2023 |
Jose Luis Duran <jlduran@gmail.com> |
libcasper: Fix typo (triple T)
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/954
|
| #
a2f733ab |
|
24-Nov-2023 |
Warner Losh <imp@FreeBSD.org> |
lib: Automated cleanup of cdefs and other formatting
Apply the following automated changes to try to eliminate
no-longer-needed sys/cdefs.h includes as well as now-empty
blank lines in a row.
Remove /^#if.*\n#endif.*\n#include\s+<sys/cdefs.h>.*\n/
Remove /\n+#include\s+<sys/cdefs.h>.*\n+#if.*\n#endif.*\n+/
Remove /\n+#if.*\n#endif.*\n+/
Remove /^#if.*\n#endif.*\n/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/types.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/param.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/capsicum.h>/
Sponsored by: Netflix
|
| #
afd74c40 |
|
23-Oct-2023 |
Mariusz Zaborski <oshogbo@FreeBSD.org> |
cap_net: correct capability name from addr2name to name2addr
Previously, while checking name2addr capabilities, we mistakenly used
the addr2name set. This error could cause a process to inadvertently
reset its limitations.
Reported by: Shawn Webb <shawn.webb@hardenedbsd.org>
|
| #
1d386b48 |
|
16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: one-line .c pattern
Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/
|
| #
7ee4066d |
|
27-Apr-2023 |
Mark Johnston <markj@FreeBSD.org> |
cap_net tests: Skip tests if there is no connectivity
When testing cap_connect() and name/addr lookup functions, skip tests if
we fail and the error is not ENOTCAPABLE. This makes the tests amenable
to running in CI without Internet connectivity.
Reviewed by: oshogbo
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D39242
|
| #
179bffdd |
|
30-Mar-2023 |
Eric van Gyzen <vangyzen@FreeBSD.org> |
cap_dns, cap_net: fix host and service buffer handling
If a malicious casper process sent a host or service string that was
too long, cap_getnameinfo would overrun the caller's buffer by one byte.
The backends for this function needlessly allocated one extra byte
for these buffers. This was harmless, but could be confusing to readers.
Reported by: Coverity (an internal run at Dell)
Reviewed by: oshogbo, emaste
MFC after: 1 week
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D39347
|
| #
34535dac |
|
03-Jan-2021 |
Mariusz Zaborski <oshogbo@FreeBSD.org> |
cap_net: CAPNET_CONNECT and CAPNET_CONNECTDNS are not mutually exclusive
Fix the for the CAPNET_CONNECT and CAPNET_CONNECTDNS.
Add test to ensure that this is possible.
|
| #
b7876aec |
|
03-Jan-2021 |
Mariusz Zaborski <oshogbo@FreeBSD.org> |
cap_net: allow to use the service without setting the limits
Add test to ensure that this is possible.
|
| #
832dc76b |
|
16-Aug-2020 |
Mariusz Zaborski <oshogbo@FreeBSD.org> |
libcasper: Introduce cap_net a network service for Casper.
Reviewed by: emaste, markj (previous version), bcr (man page)
Differential Revision: https://reviews.freebsd.org/D24688
|