| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Also clean up the externs a little bit by moving experimental and noop
to extern.h.
Reminded by and OK tb@
|
|
We are using the ifra_dstaddr for this because it will always be
unused with autoconf addresses since they can't be used on P2P links.
OK bluhm
|
|
Rule 5.5: Prefer addresses in a prefix advertised by the next-hop.
For this we have to track the (link-local) address of the advertising
router per interface address and compare it with the selected route.
Rule 5.5 is useful in multi-homing setups where we have more than one
prefix and default router. We have to use the source address with the
correct default gateway otherwise traffic is likely going to be
dropped because of BCP 38.
While here refactor in6_update_ifa() a bit to make the code clearer
and consistently use (var & flag) instead of (var & flag) != 0.
Patiently reviewed by & OK bluhm.
|
|
|
|
|
|
RFC-to-be draft-ietf-sidrops-cms-signing-time updates RFC 6488 by
mandating the presence of the CMS signing-time attribute and disallowing
the use of the CMS binary-signing-time attribute in RPKI Signed Objects.
The ecosystem has behaved this way for a number of years now.
Flip from warning to erroring for non-compliant objects.
OK tb@
|
|
RFC 6487 section 8 specifies only a single CRL is issued at a time, so
error when multiple .crl files are listed in a Manifest's FileList.
The CRLDP extension identifies the location of the CRL, so the CRL's
filename must match the CA's CRLDP's 'rsync://' entry, error if that
isn't the case. (RFC 6486 section 4.8.6)
with & OK tb@
|
|
ok jsing
|
|
|
|
found in AMD Software: Adrenalin Edition 24.3.1
functionally the same as Ryzen 7040 "Phoenix"
|
|
Create 100 IP addresses and 100 multipath routes. Then the test
can expect a better distribution of routes that are actually used.
OK anton@
|
|
needs to be aligned on a 128-byte address.
This fixes an issue seen on the PCI controller, where a DMA transfer
scheduled on a odd slot will fail.
|
|
issue reported by tech3599 at posteo net via henning;
discussed with/ok henning
|
|
|
|
|
|
A internet PCB has either inp_options or inp_outputopts6. Put them
into a common anonymous union.
OK mvs@ kn@
|
|
|
|
Unfortunately, this is recommended by rfc 2623 and used by Linux
nfs-utils to mount NFS exports. So until nfs-utils switches into
using reserved ports, this is needed to mount OpenBSD file-systems
on most (all?) Linux distros.
Bits from claudio, ok millert
|
|
|
|
|
|
|
|
The case in point is the incompatibility of the very ergonomic X509_ALGOR
API with the RC2-derived API massacre that is EVP_CIPHER_asn1_to_param()
and its "inverse".
ok jsing
|
|
This makes things slightly less gross since it involves less reaching
into nested ASN.1 structures. But don't get the idea that this means
the code is now clean.
ok jsing
|
|
ok jsing
|
|
ok jsing
|
|
OK mpi@
|
|
mostly dead.
This is more like belts and suspenders since a proc in exit1() will not
receive signals anymore and so proc_stop() should not be reachable. This
is even the case when sigexit() is called and a coredump() is happening.
OK mpi@
|
|
Exiting procs will not return to userland and can not deliver signals so
it is better to not even try.
OK mpi@
|
|
From Fudongwang
50971570ba79e421e0df8785dd58f4b696c8c1b7 in linux-6.6.y/6.6.28
cf79814cb0bf5749b9f0db53ca231aa540c02768 in mainline linux
|
|
From Harry Wentland
5ca6cbd8adbedd4aa2ef7e77aa31354f6dfee573 in linux-6.6.y/6.6.28
c3e2a5f2da904a18661335e8be2b961738574998 in mainline linux
|
|
From Harry Wentland
b12c3cfd8265f69d238b4a3200d8755f609e9e58 in linux-6.6.y/6.6.28
9e61ef8d219877202d4ee51d0d2ad9072c99a262 in mainline linux
|
|
From Tim Huang
bd3105a71d1c125deedf35be11b4d79e8b84e6f2 in linux-6.6.y/6.6.28
bbca7f414ae9a12ea231cdbafd79c607e3337ea8 in mainline linux
|
|
From Alex Deucher
fa2df4aa3e3aeae02adc9b4b4f43b7b69b63e5cf in linux-6.6.y/6.6.28
65ff8092e4802f96d87d3d7cde146961f5228265 in mainline linux
|
|
From Lijo Lazar
1520bf605d2ff0d733648713b5485865dde0dea9 in linux-6.6.y/6.6.28
8b2be55f4d6c1099d7f629b0ed7535a5be788c83 in mainline linux
|
|
From Ville Syrjala
2708354ffb70c0a6ec8dd6944077ca7e50a2688b in linux-6.6.y/6.6.28
0653d501409eeb9f1deb7e4c12e4d0d2c9f1cba1 in mainline linux
|
|
From Ville Syrjala
d1742f77bdf28ffd37a9bd94934a2d261e85de33 in linux-6.6.y/6.6.28
7b1f6b5aaec0f849e19c3e99d4eea75876853cdd in mainline linux
|
|
From Ville Syrjala
04e018bd913d3d3336ab7d21c2ad31a9175fe984 in linux-6.6.y/6.6.28
3eadd887dbac1df8f25f701e5d404d1b90fd0fea in mainline linux
|
|
From Harish Kasiviswanathan
4d87f08eb75513334a85458306373d7560af1017 in linux-6.6.y/6.6.28
8bdfb4ea95ca738d33ef71376c21eba20130f2eb in mainline linux
|
|
From Ville Syrjala
f9b31dfdc0b5a04fb78cde6d2c64e54607dd316d in linux-6.6.y/6.6.28
dcd8992e47f13afb5c11a61e8d9c141c35e23751 in mainline linux
|
|
From Tim Huang
1e3b8874d55c0c28378beb9007494a7a9269a5f5 in linux-6.6.y/6.6.28
31729e8c21ecfd671458e02b6511eb68c2225113 in mainline linux
|
|
|
|
|
|
|
|
|
|
Instead of passing around u_char[4], introduce struct ipsec_level
that contains 4 ipsec levels. This provides better type safety.
The embedding struct inpcb is globally visible for netstat(1), so
put struct ipsec_level outside of #ifdef _KERNEL.
OK deraadt@ mvs@
|
|
|
|
The existing tar_opt() implements support for -o write_opt=nodir for the
old tar and ustar formats. We don't really want to support it for the
pax format, and we want to be able to implement pax format specific
options (even if there are none right now). ok millert@
|
|
|
|
ok job
|
