| Age | Commit message (Collapse) | Author |
|---|
|
possible, and remove the failed previous attempts at sharing
in ./miniroot and ./ramdisk. maybe now that differences are
eliminated we can start a new sharing effort? i dunno..
|
|
there is no downside for others.
|
|
knweiss at gmail.com via -portable.
|
|
addresses about every 10 - 30 seconds. Reduce log level to debug to
stop the syslog spam.
OK reyk
|
|
ok guenther@ yasuoka@
|
|
clean up the possible nexthop overrides to better match the RFC.
- set nexthop self is still overriding all other decisions
- set nexthop no-modify has only relevance for ebgp multihop links
Instead of using the router locall address the nexthop is passed unmodified
- set nexthop <address> depends on BGP session type
* for IBGP sessions the address will be used unless it is the same as the
remote peers address
* for directly connected EBGP sessions the address is only used if the IP
is part of the connected network (no matter what other flags are used).
* for multihop EBGP sessions it depends if no-modify was also set
Adjust manual page to explain this properly.
"probably OK" job@
|
|
|
|
(ACME)" to be able to talk to the v02 Let's Encrypt API.
With this acme-client(1) will no longer be able to talk to the v01
API. Users must change the api url in /etc/acme-client.conf to
https://acme-v02.api.letsencrypt.org/directory
Existing accounts (and certs of course) stay valid and after the url
change acme-client will be able to renew certs.
Tested by Renaud Allard and benno
Input & OK benno
|
|
The additions help while developing mg by not having to go into gdb to
see somethings mg believes about itself. The extra data shown could be
removed in future, but it is benign so perhaps it could stay.
Also, do not fake a '\n' on the end of buffer. It is confusing.
However do not change the lie about '\n' being on the end of every
line within the buffer. Hopefully, one day, that will no longer be a
lie.
|
|
this puts the timestamp, rx drops, and hash fields in the right place.
ok jmatthew@
|
|
this is instead of passing a pointer to the counter.
while here use byte swapping loads and stores, which is mostly a
nop cos i dont think we have an LE arch with swapping memory
operations.
ok jmatthew@
|
|
|
|
ok remi@ (who did the same change to ospfctl, ospf6d, and ospf6ctl)
ok denis@
some grumbling from sthen@ and bluhm@ who didn't want output changed.
|
|
tested by and ok patrick@
|
|
to work without a path in addition to with one. bz#2999, ok djm@
|
|
- Adapt openssl(1) gendsa command to new option handling.
- Add lacking ciphers and passout description in openssl.1 manpage.
- Describe paramfile as argument in openssl.1 manpage.
ok bcook@
|
|
systems. There is no guarantee that the TSCs on different cores are
synchronized when the OpenBSD kernel boots and we don't have code to
synchronize them ourselves. This affects both AMD and Intel CPUs and
even cores on the same socket can by out of sync.
ok deraadt@, sthen@
|
|
|
|
|
|
|
|
Prepares for changes in the way malloc is initialized. ok guenther@ dtucker@
|
|
|
|
Apparently the boot rom on some cards leaves an interrupt vector set up,
which will be run on completion of the first command after we set up the
event queue, causing kernel crashes. chris@ reported this a while ago.
|
|
group pages, and these link on to all their second-level subpages.
Only a handful of second-level pages have third-level subpages.
So all crypto pages can now be reached from the www.libressl.org
frontpage via at most four clicks, in most cases three clicks.
Also link back from leaf pages to their respective group pages
and add a couple of additional links between related pages.
Triggered by a question from deraadt@.
OK jmc@ tb@
|
|
|
|
|
|
repeated incremental search in copy mode, reported by Kaushal Modi in
GitHub issue 1780.
|
|
|
|
ok tb@, jsing@, sthen@
|
|
with bad address flags.
OK bluhm@ sthen@
|
|
RSA privsep engine to isolate private keys in the ca process. ECDSA support
in smtpd is become a frequent request so here's an ECDSA privsep engine and
the code required for smtpd to load ECDSA certificates and use them.
|
|
|
|
delete those rather than blindly deleting everything, which also means we
don't need to check against a specific syndrome code to ignore errors we get
deleting entries that aren't there.
|
|
|
|
|
|
OK mpi@
|
|
OK mpi@
|
|
|
|
|
|
of ckinv.
Pointed out and fix suggested by David Schrammel and Samuel Weiser
ok jsing
|
|
|
|
of kinv.
Pointed out and fix suggested by David Schrammel and Samuel Weiser
ok jsing
|
|
mrt{6,}_ioctl. Calling shutdown(2) on the socket prior to the ioctl
command can cause it to be NULL.
ok bluhm@ claudio@
Reported-by: syzbot+bdc489ecb509995a21ed@syzkaller.appspotmail.com
Reported-by: syzbot+156405fdea9f2ab15d40@syzkaller.appspotmail.com
|
|
|
|
missing from the SP variant of mtx_enter() and mtx_enter_try().
mtx_leave() was correct already.
Prompted by and OK patrick@
|
|
ok kettenis@
|
|
ok kettenis@
|
|
for consistency with all the other X509_STORE_*(3) manual pages
|
|
one function with a single address.
|
|
and add a sentence pointing to the detailed description
in RSA_get_ex_new_index(3), worded like in DH_get_ex_new_index(3).
|
