| Age | Commit message (Collapse) | Author |
|---|
|
LT::UList->new() instead of calling tie() manually. As a bonus, few
extra lines in actual code go away.
okay espie@ who still thinks that I test things _before_ commit
|
|
|
|
when it is created. That way the config params from the config file have
a chance to stick.
|
|
the NULL terminator at the end). Now iscsid does proper LoginOperational
negotiation (which will bump the MaxRecvDataSegmentLength to 64k)
|
|
|
|
|
|
|
|
ok henning@
|
|
remove trailing whitespace and blanks before tabs, improve some indenting;
no functional change
|
|
|
|
|
|
|
|
|
|
|
|
destination buffer instead of the source buffer as the argument.
|
|
|
|
|
|
option set. Remove the second request, which does not provide the
host-name option. The client supplied hostname is used in certain
setups by DHCP servers to update DNS records on behalf of clients
and ensures that the hostname information is in the lease db.
discussed with deraadt
ok krw@ halex@
|
|
|
|
ok claudio reyk
|
|
|
|
carp_rewrite_lladdr to overwrite the src lladdr, get the intended src
lladdr before assembling the ethernet header.
carp_rewrite_lladdr -> carp_get_srclladdr
ok reyk claudio
|
|
src lladdr just to copy it from the esrc buffer into the ethernet header
a few lines later, use an esrc pointer to figure out where to copy the
src lladdr from. ok claudio reyk
|
|
process to process imsg communication. It became a maze after we
added support for multiple relay processes and even worse with the ca
processes. This change makes it easier to understand. Now it only
opens socketpairs that are needed - the code previously wasted lots of
fds.
ok blambert@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
APIs that pass times as longs will have to change at some point...
Bump major on both libcrypto and libssl.
ok tedu@
|
|
|
|
|
|
RB lookup tree because the rdomain id is part of the lookup key.
Without this the RB tree gets corrupted and in the worst case a use after
free can happen when the interface is destroyed.
Why the sadl addresses are added to the tree in the first place is something
to reconsider.
OK henning@, mpi@, sthen@
|
|
OK krw@
|
|
because it is added to a list on the handle and eventually released
later with the handle itself. This confuses leak detection tools like
clang, so at least add a comment that it is not a leak.
ok blambert@
|
|
|
|
this instance is integer-overflowable, but we cannot keep hand-auditing
every instance (or apathetically ignoring these issues) when the simple
calloc idiom is better in the presence of a good calloc(). It is simply
unfeasible to always enter correct range checks before the aggregate
size calculation, just go find some 4000 lines of code, REPAIR THEM ALL,
then come back and tell me I am wrong.
This only works on systems where calloc() does the integer overflow
check, but if your system doesn't do this, you need to ask your vendor
WHY THEY ARE 10 YEARS BEHIND IN BEST PRACTICE? This is the kind of
problem that needs to be solved at the right layer.
malloc integer-overflow was implicated in the 2002 OpenSSH hole. OpenSSH
and much other code is now written to use calloc(), for instance OpenSSH
has 103 calls to it. We feel safer with our use of calloc(). It is a
natural approach for us to use calloc(). How safe do you feel on systems
which lack that range check in their calloc()?
Good writeup from 2006: http://undeadly.org/cgi?action=article&sid=20060330071917
|
|
loop ports and other fabric ports that have logged in to us, and check
that we're still logged in to other fabric ports. Rearrange the update
processing loop so we attach and detach targets last, since we need to get
all the way through before we've identified what's gone missing. Handle
fabric port login errors a bit more usefully too.
|
|
the system one has.
|
|
nothing except in_proto_cksum_out() uses it any more, and that's a good
thing. was on tech for 3 months, discussed with many
|
|
don't we all love functions implemented in header files? was under #ifdef
_KERNEL at least.
incremental checksum updates don't really make sense any more, this is
incredibly hard to get right, and doesn't fit the way our kernel deals
with the checksums these days. consequently, nothing uses in_cksum_addword
any more.
was on tech for 3 months, tested by & discussed with many.
|
|
from Daniel Dickman
|
|
|
|
OK from djm@
|
|
|
|
|
