| Age | Commit message (Collapse) | Author |
|---|
|
since the addition of that class
ok deraadt@
|
|
The IANA IPv6 Global Unicast Address Assignments registry has been
updated to reflect the allocation of the following block to APNIC:
2410::/12 APNIC 2024-11-01
the registry is at:
https://www.iana.org/assignments/ipv6-unicast-address-assignments/
OK sthen@
|
|
|
|
ok deraadt@
|
|
From Josiah Frentsos <jfrent AT tilde.team>
OK tb
|
|
|
|
|
|
this class will be required for the upcoming llvm update
that requires bumped datasize because of llvm-tblgen
ok deraadt@
|
|
This tool knows our default config path and '-o auto-trust-anchor-file'
prints the actually set path, if any, regardless of whether exists.
Use that to generate it rather than a best-effort grep/hardcoded path.
OK sthen
|
|
|
|
OK input lucas
|
|
iked and isakmpd guard against themselves with "return 0" as rc.subr(8)
checks rc_pre()'s return code and aborts daemo start iff non-zero, but
that isn't needed if we use ksh properly.
|
|
unbound-checkconf(8) itself exits 1 on error already.
|
|
|
|
|
|
|
|
To call ioctl(2) for the platform security processor (PSP), vmd(8)
needs a device file. It is currently linked to the cryptographic
co-processor ccp(4). We may split this into a separate psp(4)
device.
from hshoexer@; input jsg@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
OK jca@
|
|
"In SRv6, SR source nodes initiate packets with a segment identifier in
the Destination Address of the IPv6 header, and SR segment endpoint
nodes process a local segment present in the Destination Address of an
IPv6 header."
https://www.iana.org/assignments/iana-ipv6-special-registry/
https://datatracker.ietf.org/doc/html/draft-ietf-6man-sids
OK phessler@
|
|
Per https://www.iana.org/assignments/iana-ipv6-special-registry/
and https://datatracker.ietf.org/doc/html/draft-ietf-v6ops-rfc3849-update
OK phessler@ claudio@
|
|
|
|
bridge(4) has weird interactions with traffic crossing the bridge.
Missing change after updating the faq pointed out by ajacoutot
OK dv
|
|
Stop daily(8) mails with false information on rogue services.
OK florian@, solene@
|
|
always-running-in-background dhcpleased(8) for a while, which is
activated per-interface with "ifconfig $if autoconf', or
"ifconfig $if inet autoconf", or with "inet autoconf" in /etc/hostname.$if
dhclient(8) has done execve(3) of ifconfig(8) to handle this for a while,
so everyone has moved to the dhcpleased(8) method
ok florian
|
|
registered at IANA since last august for Matrix Federation Protocol
https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?search=8448
ok djm@ solene@
|
|
looks correct to deraadt
|
|
looks correct to deraadt
|
|
typo spotted by ccappuc
Input & OK deraadt
|
|
like is already done for /tmp/*.shm used by libc.
ok millert@ tb@, same diff landry@
|
|
|
|
but not enabled in rc.conf.local(8)
wording by jmc@
ok schwarze@ florian@
|
|
- for lidaction, document the value 0
- for lidaction, adjust the description to a format similar
to that of pwraction
ok kettenis deraadt
|
|
Turns out that registry at https://www.iana.org/assignments/as-numbers/as-numbers.xml
is an incomplete one, where only 'new' assignments are listed. In the
past this registry used to list all ASNs, but the RIRs asked IANA to
revert to not being very detailed...
There is another source of truth, the 'nro-delegated-stats' file at
https://ftp.ripe.net/pub/stats/ripencc/nro-stats/latest/nro-delegated-stats
this is updated daily and composed of information from each RIR.
Summary of changes:
* LACNIC manages a more ASNs than previously known:
- allow those ASNs for LACNIC
- deny those for RIPE, APNIC, ARIN
* AFRINIC's allow list was good (compared to nro-delegated-stats), but the
full set of AfriNIC ASNs wasn't denylisted for RIPE, ARIN, APNIC.
OK tb@
|
|
with Allwinner SoCs and the presence of this particular miniroot is making
it hard to update U-Boot.
ok jsg@
|
|
|
|
|
|
|
|
For sshd (the only relinked program at the moment), this file is created
in an extremely nasty way. It'll be better if we have a proper clean
install.sh script, which I've built for sshd. But let's first commit the
change to /etc/rc which will handle that in the near future.
ok djm
|
|
|
|
LACNIC received a new block of ASNs from IANA
https://mail.lacnic.net/pipermail/lacnog/2024-March/009690.html
OK tb@
|
