| Age | Commit message (Collapse) | Author |
|---|
|
the destination is 224.0.0.5 (AllSPFRouters).
RFC 2328 sys in "9.5. Sending Hello packets" that hello packets are
sent to the multicast address AllSPFRouters on broadcast and physical
point-to-point networks.
With this new check the test for AllDRouters is not needed anymore.
ok benno@
|
|
of a planned change or something bad is happening in the network.
ok benno@
|
|
|
|
|
|
using it as an index into the cumdays[] array.
Found with American Fuzzy Lop. Original diff by and OK fcambus@
|
|
noticed by freda_bundchen. ok gilles millert
|
|
isn't the default already.
ok patrick@
|
|
It seems that the CMS code is currently the only code in existence that
uses this function.
|
|
|
|
None of this code actually does TLS, hence libssl is not needed. Instead,
pull in the correct headers and call the appropriate libcrypto
initialisation functions (even this is only necessary to support OpenSSL
prior to 1.1).
While here also remove libssl/libcrypto initialisation/uninitialisation
from main() - it should only be necessary in proc_parser().
ok deraadt@ job@
|
|
truncate it and
write the challenge again. We can get asked to supply the same challenge multiple times.
bug found and patch tested by jmc@
patch discussed with, mangled and okayed by florian@
|
|
it looks like this was the last bad .Xr in *CMS*(3)
|
|
|
|
names and documenting these two functions, CMS_decrypt_set1_pkey(3)
and CMS_decrypt_set1_key(3) right here in this same page.
While here, simplify and improve some wording.
|
|
command that clears or starts a neighbor. This way an admin reset does
what people expect since it makes the session behave like a brand new one.
OK job@ deraadt@ sthen@
|
|
actually documented, so write the documentation from scratch.
|
|
The implemented reverse exponential backoff results in very long times
until a session gets back to the initial hold values. Instead just wait
for the timer to fire once and reset the settings then. In most cases
the timer is double the IdleHold time (because of the way the backoff
is implemented) which is enough to ensure that fast flapping sessions
are punished.
OK benno@
|
|
shipeed by default).
OK job@ sthen@ deraadt@
|
|
OK kettenis@
|
|
which is still under a free license:
* mention pem_password_cb in NAME and SYNOPSIS
* recommend -1 as pem_password_cb error return for OpenSSL compat
* minor improvements to the pass_cb() example code
* mention that the pass phrase is just a byte sequence
* and minor wording and markup improvements
|
|
serialized by the use of a taskq and it prevents sendmsg/endmsg from
being able to sleep. This hurts when implementing SSIF since some
i2c controllers sleep while waiting for transactions on the i2c bus to
complete.
ok jmatthew@, deraadt@
|
|
these are public files.
Agreed by deraadt@ (and florian@)
|
|
|
|
VOP_GETATTR() must still be serialized using the kernel lock since the
underlying file system implementation is not MP-safe.
no objection from deraadt@ and ok mpi@ visa@
|
|
which SA. Use IKE specific terms peer and local instead of to and from.
ok reyk@ patrick@
|
|
server stays queued instead of being bounced.
Also improve getline(3) error handling and remove unreachable code.
OK sunil@ a while ago, "please get it in" gilles@
|
|
the certificate we were requesting.
This is no longer true in v2 and we have to free the amount of
challenges the server told us to fullfill.
OK benno
|
|
Requested by deraadt@
|
|
ok visa@
|
|
for about a year now but until we have had a release with filters and until
we bring back the feedback from that release into the protocol, we will not
be version 1 of the protocol.
|
|
envelopes created by sessions that had or did not have an rDNS:
match from rdns [...] action "local"
match !from rdns [...] reject
|
|
Prodded by and OK deraadt@
|
|
and leftovers from past commands shmseg/shmmaxpg/nmbclusters
ok kettenis
|
|
|
|
|
|
licence mere mortals can understand the terms of); will be connected to the
build on an arch-by-arch basis.
Testsuites and generated files have been intentionnaly omitted from this import.
Peer pressure and ok from at least drahn@ pirofti@ deraadt@
|
|
basically the transaction must be created in the proceed function for the
mail from phase, not in the checking function, otherwise the second pass
in the check function will fail due to the tx already existing.
reported by Niklas Hallqvist <niklas@appli.se>
|
|
ok deraadt@
|
|
|
|
|
|
does exist -- execv(3). Still call this a family but without "Nm".
Adjust Xr in various pages to refer to the precise function used
rather than the family, in most cases the semantics of execve(2) are
being referenced, so change the Xr.
ok jmc
|
|
|
|
ok patrick@
|
|
|
|
|
|
|
|
to expose these sensors.
Heavily based on a diff from Krystian Lewandowski.
|
|
|
|
|
|
|
