| Age | Commit message (Collapse) | Author |
|---|
|
whose DNS name resolves to more than one address. The previous behaviour
was to try the first address and give up.
Reported by stig AT venaas.com in bz#343
great feedback and ok markus@
|
|
|
|
for pf(4) diverted packets; based on patch by Scot Loach; ok beck@
|
|
The option allows a socket to be bound to addresses which are not
local to the machine. In order to receive packets for these addresses
SO_BINDANY needs to be combined with matching outgoing pf(4) divert
rules, see pf.conf(5).
ok beck@
|
|
makes transparent proxies much easier; ok beck@, feedback claudio@
|
|
|
|
relevant kernel variables via kvm(3)
ok dlg@ deraadt@
|
|
No need to preload the arp table anymore. hai norby@
|
|
devices using 'sdopen'. PR#5810 from Jozef Hatala.
ok beck@
|
|
|
|
|
|
ok damien@
|
|
with eopnotsupp() instead;
ok blambert@
|
|
anymore.
|
|
provided any information not present in the actual man pager. Now
that types are also present in inttypes.h and stdint.h this file
is even less relevant. OK deraadt@ miod@
|
|
|
|
ok kjc@
|
|
|
|
``Microsoft Notebook Optical Mouse 3000 Model 1049''. From FreeBSD.
|
|
|
|
|
|
16 byte boundaries for maximum portability (somewhat similar to CMSG's)
ok beck
|
|
|
|
ELF image being loaded.
ok miod@
|
|
this device bends the uhid specs backwards, it is also completely unusable
for left-handed people due to its shape.
Tested on actual hardware thanks to a donation from Maxim Belooussov.
|
|
|
|
|
|
with "important" channel requests that fail, in particular command exec,
shell and subsystem requests. Previously we would optimistically assume
that the requests would always succeed, which could cause hangs if they
did not (e.g. when the server runs out of fds) or were unimplemented by
the server (bz #1384)
Also, properly report failing multiplex channel requests via the mux
client stderr (subject to LogLevel in the mux master) - better than
silently failing.
most bits ok markus@ (as part of a larger diff)
|
|
a sshd_config MaxSessions knob. This is useful for disabling
login/shell/subsystem access while leaving port-forwarding working
(MaxSessions 0), disabling connection multiplexing (MaxSessions 1) or
simply increasing the number of allows multiplexed sessions.
Because some bozos are sure to configure MaxSessions in excess of the
number of available file descriptors in sshd (which, at peak, might be
as many as 9*MaxSessions), audit sshd to ensure that it doesn't leak fds
on error paths, and make it fail gracefully on out-of-fd conditions -
sending channel errors instead of than exiting with fatal().
bz#1090; MaxSessions config bits and manpage from junyer AT gmail.com
ok markus@
|
|
mechanism. Each channel maintains a queue of callbacks, which will
be drained in order (RFC4253 guarantees confirm messages are not
reordered within an channel).
Also includes a abandonment callback to clean up if a channel is
closed without sending confirmation messages. This probably
shouldn't happen in compliant implementations, but it could be
abused to leak memory.
ok markus@ (as part of a larger diff)
|
|
|
|
|
|
|
|
requested by reyk, ok reyk mpf
|
|
shows that 3 developers screwed this up. look carefully at this diff
and learn how to avoid wasting memory. on a 64 bit architecture, each
of these was using 40 bytes instead of 32.
ok henning
|
|
at the first one
|
|
matters for stuff like the HoldTimer that gets reset often
|
|
timer, just get the first off the queue and check wether it is due
|
|
wemust stop walking the list once werun into a stopped timer, or
eventually all stopped timers will queue up at the very front (instead of
at the tail)
|
|
blocks, as requested by reyk; ok reyk mpf henning
|
|
|
|
routing priority. hai norby@
|
|
|
|
|
|
~10% speedup for localhost-scp; ok djm@
|
|
so that the timer that will expire first is always the first element,
and so on). will make the checking a bit faster and moreelegant and more
conveniant. ok claudio
|
|
Don't display out label interface in the second column.
ok claudio@
|
|
ok claudio@
|
|
|
|
namely, the "no such neighbor" case was missing.
problem spotted by martin,ok claudio
|
