| Age | Commit message (Collapse) | Author |
|---|
|
Diff from hagen@sdf.org, tweaks by me.
OK phessler
testing & OK bket
|
|
Otherwise we just end up with an ugly "Can't assign requested address"
error from sendmsg(2).
OK phessler
|
|
Form an IPv6 address even if the router announcing the prefix isn't a
default router.
Problem reported by mgraves AT brainfat.net on misc
OK denis
|
|
header fields gh_csum and gh_part_csum.
Constrain kernel to accepting only correct little-endian
checksums.
Temporarily allow fdisk(8) to read either endian GPTs so that
big-endian GPTs can be made correct by a simple 'fdisk -e' &&
'w'.
Fixes inter-architecture, inter-OS GPT portability and GPT
fdisk(8) on big-endian architectures. Broken since initial GPT
implementation.
Suggestions and ok kettenis@
|
|
from caspar schutijser
|
|
Always put '0x' prefix in front of displayed hex values,
i.e. the checksums.
Add missing letoh32() so bad endian checksum is clear.
Be consistent when displaying 'expected' and 'got' checksums,
i.e. 'expected' == calculated checksum and 'got' == checksum
found in GPT.
|
|
'EFI PART' reads better than "TRAP IFE" and
checksums are easier to read/compare when shown
in hex rather than decimal.
Prompted by recent GPT vs disklabel misc@ thread
concerning Rob Whitlock's problematic GPT.
|
|
|
|
ok tobhe@
|
|
cannot be accommodated. "not enough space" should be enough for
anyone.
Requested by deraadt@
|
|
Instead of repairing potential garbage ensure that we receive proper C
strings. Inspired by a similar diff by deraadt@ for ldapd.
|
|
ok markus@
|
|
value for -1, not buf == NULL.
ok tobhe
|
|
allocating a buffer.
ok tobhe
|
|
macro-build a replacement for sccsid, and was done without any concern
for namespace damage. Unfortunately this practice started infecting
other code as others were unaware they didn't need the file.
ok millert guenther
|
|
In the unlikely event that EC_KEY_check_key() in ec_init() fails,
the group would be freed twice: once in ec_init(), and later in
group_free().
ok tobhe
|
|
before calling *_free() functions. Use 'get0' functions where it
makes sense to avoid some frees.
Feedback and ok tb@
|
|
When we first request a lease (INIT or REBOOTING state) we run with
very short timeouts. If the dhcp server is slow to respond we already
have a new xid and ignore the server's response. This goes on until we
increase the timeout high enough. If we just stick to an xid this will
not happen and we accept "late" responses.
RFC 2131 has:
Selecting a new 'xid' for each retransmission is an implementation
decision. A client may choose to reuse the same 'xid' or select a new
'xid' for each retransmitted message.
Problem seen by phessler on german train wifi.
OK phessler
|
|
Internally this doesn't matter since we only care about equality.
This makes logging output comparable to tcpdump(8).
Pointed out by joel@
OK claudio
|
|
code more compact. No binary change.
OK claudio
|
|
any boot partition specified via '-b' or /usr/mdec/mbr; at the
power of 2 block after the first track; or immediately following
the MBR if there is only one track.
Mark any non-EFISYS boot partition created by -b as DOSACTIVE.
Suggested by kettenis@, better than a separate new option.
Brings -b behaviour into line with many uses of -e to create boot
partitions, allowing for the eventual elimination of said -e uses
in the creation of the various boot media and in the install
scripts.
|
|
requested-ip option as well as setting ciaddr.
This started with joel@ pointing out that their CPE is ignoring
RENEWING and REBINDING requests when ciaddr was not set.
RFC 2131 4.3.6, Table 4 has a good overview, we got a bunch of it
wrong.
Previously the logic for this was all over the place which made it
difficult to reason about, it is now contained in the engine process
in request_dhcp_request() and request_dhcp_discover().
Problem pointed out by, lots of testing and review as well as OK joel@
Additional testing and 50% review benno@
|
|
Fixes a bug where iked sent zero-prefixed NAT-T messages on port 500 causing
parsing errors.
ok markus@ patrick@
|
|
ok patrick@
|
|
certificates. Check if we have a matching key before using a
certificate as local to prevent cryptic error messages later
when the signature is checked.
ok markus@ patrick@
|
|
iked(8). Local certificates are always trusted and preferred over certs
received over the wire.
ok patrick@ markus@
|
|
last full cylinder. Let it extend to the end of the disk.
|
|
the initiator.
ok patrick@
|
|
the responder to match the correct policy if multiple are available.
ok patrick@
|
|
defined(__mips__)" chunk that rounded the start of the default
OpenBSD partition to a cylinder boundary. The value has been
immediately re-rounded to a power of 2 block since r1.25 in 2009.
Eliminates wasted space when no /usr/mdec/mbr partition
0 information is available.
'-b' becomes available to architectures other than amd64 and
i386, taking precedence over /usr/mdec/mbr partition 0
information. The latter being present only in macppc and loongson
/usr/mdec/mbr files.
|
|
|
|
ok jsing
|
|
|
|
options list;
|
|
ok patrick@
|
|
copies of MAXIMUM() and MINIMUM() like we have done in 50+ other places,
and also include a roundup()
ok jsg
|
|
let alone sys/param.h, which it uses to get roundup(). make a local
copy of the macro, and call it a day.
|
|
When we get a route message, for example an address being added
(RTM_NEWADDR, but the problem exists with most of the route messages)
and the interface gets unplugged at just the right moment
if_nametoindex(3) will return NULL. We will pass NULL through
update_iface() to get_xflags() which will then crash because we
dereference the NULL pointer there.
OK kn
|
|
consistently. This makes the next diff easier, also consistency is
good.
OK kn
|
|
ok patrick@
|
|
have only looked at the peer's local id, so that we can find a policy with the
matching dstid set. Hence dstid is involved in the decision making. While we
do send out our local id, which the peer will use to verify his policies, we
do not yet make a decision based on the id the peer expects us to have. If you
have two policies configured with only srcid set, we will always pick the same.
To be able to choose a policy that matches the peer's expectations, save the
local id the peer expects us to have and use it during policy lookup.
ok tobhe@
|
|
parent SA.
|
|
|
|
|
|
|
|
of _powerpc__ and __mips__, preventing the possible creation of
MBRs with overlapping partitions 0 and 3.
Don't set bootprt DOSACTIVE flag if no partition 0 information
was provided via /usr/mdec/mbr or -f. Lets octeon fdisk(8) set
DOSACTIVE on the OpenBSD partition in the default MBR like
every other fdisk(8) does.
|
|
and poll() at the same time may lead to a race that locks up the
process in recv().
ok bluhm@
|
|
ok bluhm@
|
|
Systems without RTC are likely to boot with wrong time, but pppoe(4) used
microtime(9) anyway to remember when a new session began.
(In)adequately, ifconfig(8) used gettimeofday(2) and calculated the
difference between two absoloute dates to infer the PPPoE session duration.
This goes off the rails if the wall clock jumps in between, e.g. due to NTP
kicking in.
Use getmicrouptime(9) and clock_gettime(2)/CLOCK_BOOTTIME instead to rely
on the monotonically increasing system uptime instead to fix this.
Reported and tested by Peter J. Philipp <pjp AT delphinusdns DOT org> on
some octeon box without RTC.
I've seen this on a Edgerouter 4 as well (2m uptime, 19d session).
OK claudio
|
|
ok patrick@
|
