| Age | Commit message (Collapse) | Author |
|---|
|
while here, give us support for mpls in gif on ipv6.
this moves all the gif handling into if_gif, eg, the mpls handling
is no longer in ip_etherip.c.
ok claudio@
|
|
|
|
get an alignment fault while copying the data. Turns out that since we
have .rodata in the text segment, it's very easily possible that etext
remains unaligned. Work around this by word-aligning etext. The next
step is to split .rodata out of the text segment.
ok deraadt@
|
|
Christoph Anton Mitterer.
|
|
and tail and cat(1) it together. It was maybe needed when ports needed
different contents, but now it's just a headache.
ok deraadt@
|
|
without the confusing example. Prompted by Christoph Anton Mitterer
via github and bz#2293.
|
|
|
|
If a session file is specified via the `-S session=...', ftp(1) will
attempt to resume TLS sessions based on the session data contained within
this file. Upon completion of a successful TLS handshake the session file
will be updated with new session data, if available.
Discussed with deraadt@ and beck@.
Requested by and input from espie@.
|
|
scp. sftp is already doing this. From Camden Narzt via github;
ok dtucker
|
|
|
|
we can relax the oversubscribe limit of socketbuffers a fair bit.
Instead of maxing out as sb_max * 1.125 or 2 * sb_hiwat the maximum is
increased to 8 * sb_hiwat -- which seems to be a good compromise between
memory waste and better socket buffer usage.
OK deraadt@
|
|
OK rpe, tb, naddy, sthen
|
|
OK naddy, sthen
|
|
Add soii.key to changelist (pointed out by semarie) and mtree/special
(suggest by Craig Skinner).
OK naddy, sthen, rpe, tb
|
|
OK naddy, sthen
man page bits input & OK jmc
|
|
withdraws they way other systems are doing it. Interop problem discovered
by Andrew Thrift. Tested by Andrew and job@.
|
|
strings.
this was part of a demo showing how to implement the kernel side of
sysctl(3) for setting Semantically Opaque Interface Identifier key
material (for RFC 7217), but it seems to be the most straightforward
path toward integrating soiikey handling and rc.
Originally written by dlg, who commited it some time ago on my request.
I then backed it out again, now it's time to put it back in.
ok florian@ sthen@ naddy@ tb@
Man page bits tweaked & OK jmc
|
|
Interface Identifiers with IPv6 Stateless Address Autoconfiguration."
"An IPv6 address configured using this method is stable within each
subnet, but the corresponding Interface Identifier changes when the
host moves from one network to another. This method is meant to be an
alternative to generating Interface Identifiers based on hardware
addresses."
OK naddy, sthen
|
|
Prompted by gdestuynder via github
|
|
would silently ignore errors writing the comment and terminating
newline. Prompted by github PR from WillerZ; ok dtucker
|
|
as loopback interfaces for each rdomain (including lo0). This is done when
the interface is brought up. This is now also done by default (either on
attach of lo0 or when creating the rdomain).
OK mpi@
|
|
are pushed to disk. Dangling vnodes (unlinked files still in use) and
vnodes undergoing change by long-running syscalls are identified -- and
such filesystems are marked dirty on-disk while we are suspended (in case
power is lost, a fsck will be required). Filesystems without dangling or
busy vnodes are marked clean, resulting in faster boots following
"battery died" circumstances.
Tested by numerous developers, thanks for the feedback.
|
|
|
|
the number of ->dv_parent->dv_parent chains and make this more readable.
ok deraadt@ phessler@
|
|
|
|
The keypair pubkey hash was being generated and set in the keypair when the
TLS context was being configured. This code should not be messing around
with the keypair contents, since it is part of the config (and not the
context).
Instead, generate the pubkey hash and store it in the keypair when the
certificate is configured. This means that we are guaranteed to have the
pubkey hash and as a side benefit, we identify bad certificate content
when it is provided, instead of during the context configuration.
ok beck@
|
|
|
|
functions require the conninfo passed in to be non-NULL.
|
|
|
|
A libtls client can specify a session file descriptor (a regular file
with appropriate ownership and permissions) and libtls will manage reading
and writing of session data across TLS handshakes.
Discussed at length with deraadt@ and tedu@.
Rides previous minor bump.
ok beck@
|
|
|
|
API and are now in use by various libraries and applications.
|
|
prefix or a prefix-set.
|
|
ok deraadt@
|
|
prefix in a filter rule. Initial idea hashed out with job@ in Toronto.
This is WIP, i'm commiting it now so we can work on it in the tree.
ok florian@ claudio@
|
|
|
|
to go_daemon() while waiting for the RTM_IFINFO message.
Problem spotted by Holger Mikolon.
|
|
e.g., "leave 1530" goes off closer to 15:30:00.
Timezone-related bug caught by tb@ in review.
ok tb@ tedu@
|
|
ok remi@ benno@
|
|
over a syscall for randomdata sections larger than 256B.
ok djm@ deraadt@ kettenis@
|
|
Required by and ok otto@, ok jmc@
|
|
|
|
|
|
|
|
ok gilles@
|
|
|
|
This is similar to what we do in sys_socketpair() and will allow us
to grab the KERNEL_LOCK() only after having created a socket.
ok tedu@
|
|
|
|
ether_print just prints the ether header.
|
|
ok claudio@
|
