summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2008-06-10reduce mem usage by about 20% by packing state and type of an inode in a singleOtto Moerbeek
byte. Original diff by drahn@; twists by me; ok millert@ thib@
2008-06-10support CIDR address matching in .ssh/authorized_keys from="..." stanzasDamien Miller
ok and extensive testing dtucker@
2008-06-10Handle the closing of half connections where we don't see the fullReyk Floeter
bidirectional FIN/ACK+ACK handshake. ok henning@
2008-06-10o Avoid putting duplicate entries into the name cache,Thordur I. Bjornsson
add a function to handle cache_enter()'s for us since we need to update the appropriate timestamps so we don't miss on lookup; o Do not purge the dvp in nfs_rmdir(), since there's no need; o cache the new entry created in nfs_mkdir(); o Do caching of the access modes, this drastically reduces the amount of over the wire access RPCs we do in the NFSv3 case. This diff was written by Pedro Martelletto, sometime in 2004. A lot of people have been running with it at one time or another, this includes at least markus and matthieu. OK deraadt@, blambert@
2008-06-10Simplify code slightly; use PR_ZERO with pool_get() rather than bzero().Ryan Thomas McBride
ok mpf henning
2008-06-10Add a no-more-sessions@openssh.com global request extension that theDamien Miller
client sends when it knows that it will never request another session (i.e. when session multiplexing is disabled). This allows a server to disallow further session requests and terminate the session. Why would a non-multiplexing client ever issue additional session requests? It could have been attacked with something like SSH'jack: http://www.storm.net.nz/projects/7 feedback & ok markus
2008-06-10Arguments to fifo commands were limited to 80 bytes. That is tooAlexander Bluhm
short for IPv6. Increase the buffer size from 80 to 200 where appropriate. For the M command a buffer for 10 bytes is sufficient. ok hshoexer@ mpf@ grunk@
2008-06-10use sloppy pf state keeping for routed sessions (direct server return)Reyk Floeter
where we only see the client side of the TCP session; this removes the timeout limitations that we had before. document "route to" in the manpage since it is fully working now.
2008-06-10g/c unused defines.Brad Smith
2008-06-10Free the counters struct when we free the table entry.Ryan Thomas McBride
2008-06-10formatting knits.Brad Smith
2008-06-10Some header cleanup. Remove some unused headers and shuffle some aroundBrad Smith
for consistency between drivers. "looks good" reyk@
2008-06-10Handle a special sloppy case where we only see one half of theReyk Floeter
connection. If there is a ACK after the initial SYN without ever seeing a packet from the destination, set the connection to established. ok henning@
2008-06-10Rename pmap_remove_all() to pmap_remove_page().Miod Vallat
2008-06-10Make counters on table addresses optional and disabled by default.Ryan Thomas McBride
Use the 'counters' table option in pf.conf if you actually need them. If enabled, memory is not allocated until packets match an address. This saves about 40% memory if counters are not being used, and paves the way for some more significant cleanups coming soon. ok henning mpf deraadt
2008-06-10Fix buffer cache pending read statistics by ensuring we can identifyBob Beck
biowait() reads that do *not* come from the buffer cache - we use the B_RAW flag to identify these at art's suggestion - since it makes sense and the flag was not being used. this just flags all these buffers with B_RAW - biodone already ignores returned buffers marked B_RAW. ok art@
2008-06-10Fix a memory leak in usbf_realloc(), and make the speed configuration arrayMiod Vallat
dynamically allocated. "commit please" deraadt@
2008-06-10posix compliant permission checks for sending signals. Based on diffsHans-Joerg Hoexer
provided by christian ehrhardt (Christian_Ehrhardt@genua.de) and micky, thanks! ok deraadt millert
2008-06-10properly inherit file permissions.Joris Vink
reported & tested by phessler@ input otto@ deraadt@ ok tobias@
2008-06-10Accidental commit. Clean up.Artur Grabowski
2008-06-10Buffer cache revampBob Beck
1) remove multiple size queues, introduced as a stopgap. 2) decouple pages containing data from their mappings 3) only keep buffers mapped when they actually have to be mapped (right now, this is when buffers are B_BUSY) 4) New functions to make a buffer busy, and release the busy flag (buf_acquire and buf_release) 5) Move high/low water marks and statistics counters into a structure 6) Add a sysctl to retrieve buffer cache statistics Tested in several variants and beat upon by bob and art for a year. run accidentally on henning's nfs server for a few months... ok deraadt@, krw@, art@ - who promises to be around to deal with any fallout
2008-06-10when walking the entire state table it makes much more sense to walkHenning Brauer
the tailq instead of the rb tree. pt out by kjell some time ago, ok ryan
2008-06-10remove a debug check& printf that should not have gone in in the firstHenning Brauer
place
2008-06-10save somespace in the state by collapsing two 8 bit ints used as booleansHenning Brauer
into one 8 bit flags field. shrinks the state structure by 4 bytes on 32bit archs ryan ok
2008-06-10set tag_new if its available so it can get passed to loginfoJoris Vink
2008-06-10use the defines, not magic constants. ok kettenis@Dale Rahn
2008-06-10sleep if the slave device of the pty(4) is not connected.Marc Balmer
problem noticed by ckuethe, solution discussed with claudio
2008-06-10clarify that Host patterns are space-separated. ok deraadtDarren Tucker
2008-06-10Add a regression test for signaling permission checks. From mickey@.Hans-Joerg Hoexer
ok deraadt
2008-06-10Omit "cannot find file" on server-side if client runs "diff" on an up-to-dateTobias Stoeckmann
file, because it won't be sent to server then. ok joris
2008-06-10Fix implementation of IN6_IS_ADDR_FULL so that IPV6_ADDR is usedAlexander Bluhm
instead of IPV6_ADDR_SUBNET where appropriate. Then isakmpd has the same behaviour for IPv6 and IPv4. ok markus@
2008-06-10do not ask the "override?" question if access fails for other resaons thanOtto Moerbeek
EACCES. From Tim van der Molen; ok millert@ ray@
2008-06-10another wee correction; ok henningJason McIntyre
2008-06-10Make get_npcus() walk the device tree to figure out the number of CPUsMark Kettenis
instead of treating "cmp" nodes specially.
2008-06-10Allow linux binaries to call setsockopt(,TCPNODELAY,) on a AF_LOCALMatthieu Herrb
socket, since some of them do that. ok deraadt@, henning@.
2008-06-10document access(2) can return EPERM; noted by Tim van der Molen; ok millert@Otto Moerbeek
2008-06-10Added support for tag and date in cvs_history_add for checkout/export.Tobias Stoeckmann
ok joris
2008-06-10better take the size of the right table; found while tinkering with fsck_ffsOtto Moerbeek
by accident the buggy expression yields the same value.
2008-06-10more characters are allowed in the symbol lists, found by tobias@Joris Vink
2008-06-10If cvs_history_add has been called for a specific file, repo must be builtTobias Stoeckmann
up from working directory of that file instead of top directory. ok joris
2008-06-10style, also don't use cvs_buf_* if it is realy not worth the effort.Tobias Stoeckmann
ok joris
2008-06-10Add quotesDarren Tucker
2008-06-10Use a more portable construct for checking if we're running a putty testDarren Tucker
2008-06-10switch back to a single log message in local mode so we are compliantJoris Vink
with a remote setup. fixes a very annoying bug with loginfo as well. ok tobias@
2008-06-10files that have been removed should be passing "NONE" to scriptsJoris Vink
as their new revision, so they can be picked up as being removed.
2008-06-10print sizeofs using %zu; ok joris@Otto Moerbeek
2008-06-10Document that our gcc on alpha has -mieee enabled by default.Michael Erdely
Suggested by and ok jmc. ok miod.
2008-06-10typo; from Tim van der MolenJason McIntyre
2008-06-10typo in -as yet- unused code.Marc Espie
2008-06-10clean up the text; ok reykJason McIntyre
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-26 03:03:20 +0000