Age | Commit message (Collapse) | Author |
|
this reduces the output that mpw interfaces generate from 3 lines
to the one generic mpls and pwe3 line.
mpw can be configured with the individual ioctls, and gains the
ability to do flow aware transport.
|
|
this allows individual configuration of the use of control words,
flow aware tranport labels, and the local and remote label plus
neighbor individually.
discussed with claudio@ at a2k19
ok mpi@
|
|
|
|
when setting new address.
That change needs specific consideration rather than inadvertant
inclusion, especially after claiming no functional change was
being made.
Change and related problems noted and reversion tested by Kurt
Mosiejczuk.
|
|
it could get stuck in an endless loop. After sensors sysctl(2)
fails, do not continue using uninitialized memory. Catch the error,
print a warning, and skip the sensors.
OK benno@ visa@ deraadt@
|
|
|
|
ok deraadt@
|
|
Alfred Morgan
|
|
ok patrick@ mpi@
|
|
|
|
- show an example sed to substitute the $ENV::CERTIP/CERTFQDN strings
while copying /etc/ssl/x509v3.cnf to a temp file
- don't use /etc/ssl/x509v3.cnf on the command line when we've just
told people to copy and edit
- fix an instance of CERTIP that should have been CERTFQDN
based on diffs from Sevan Janiyan, feedback/ok jmc@
|
|
|
|
pfioc_src_nodes to size_t. This avoids integer truncation by casts
to unsigned. As the types of DIOCGETSTATES and DIOCGETSRCNODES
ioctl(2) arguments change, pfctl(8) and systat(1) should be updated
together with the kernel. Calculate number of pf(4) states as
size_t in userland.
OK sashan@ deraadt@
|
|
imsg.hdr.len and shorten code.
Input & OK pamela
|
|
changed we need to fix the TTL to the value we would get from the root
for the ksk DNSKEY (currently 2 days). Otherwise we would interpret a
lowerd TTL from a cache as changed trust anchor.
Use the same define everywhere.
(Considering the glacial speed with which the root ksk rotates this should
be fine for the forseable future.)
|
|
DoT resolver.
|
|
|
|
|
|
proposal to ensure the new lease is applied to the interface.
|
|
larger types really is a range reduction...
Almost any cast to (unsigned) is a bug.
ok millert tb benno
|
|
|
|
message is about to be displayed on the console.
|
|
DHCP knowledge and interface manipulation.
Unprivileged process now sends proposal derived from the accepted
lease to the privileged process rather than individual interface
manipulation requests.
The only intended functional change is that /etc/resolv.conf.tail is
not re-read each time a new proposal is implemented, rather than once
at dhclient startup.
|
|
directory writable by group _unwind. Move the on-disk trustanchor to
/var/db/unwind.key.
OK sthen
|
|
Noticed by deraadt@
|
|
Hints and wording from jmc@
|
|
|
|
The parser would allow bogus input and sometimes even produce invalid rules
on empty anchor names, so error out immediately.
OK sashan
|
|
For anchor names, make `load anchor' use the same grammar as `anchor' and
merge unique checks from both places so that anchor names are validated
regardless of the specific rule at hand.
OK sashan
|
|
Open trust anchor file for reading and writing on startup and pass it
to the frontend process. The frontend process seeks and truncates the
file apropriately when writing out new trust anchors learned via DNS
but never closes the file. On error the file is truncated to zero
length.
This is in turn handled on startup by switching to the built in trust
anchor when no trustanchor can be read from disk.
This side steps the need for an unveil'ed directory with "c" permission
and also removes the wpath and cpath pledges from the parent process.
deraadt@ pointed out that my previous design didn't make sense and I
had confused myself along the way. (It did work, but was too
complicated for no good reason).
While here validate that we actually read a trust anchor from disk by
trying to parse it and checking that it is a DNSKEY. Unfortunately
ub_ctx_add_ta() accepts just any string as a trust anchor without any
validation.
|
|
Shouldn't affect unwind but keeping in sync.
r5108 | wouter | 2019-02-08 15:05:24 +0000 (Fri, 08 Feb 2019) | 3 lines
- Fix #4225: clients seem to erroneously receive no answer with
DNS-over-TLS and qname-minimisation.
|
|
/usr/src/usr.sbin/unbound, diff from florian@
|
|
The captive portal process needs to receive sockets from the main
process to speak http to.
|
|
Do not use the libunbound's auto trust anchor file feature since it
then the resolver process needs rpath, wpath, and cpath pledges and
permission on the trust anchor file.
Instead configure the trust anchor as resource record strings. The
parent process opens the file, passes a filedescriptor to the frontend
process to parse the file and then passes trust anchors to the
resolver process to (re-) configure the resolver contexts.
The resolver process periodically probes for new trust anchors (DNSKEY
records of the root zone) and passes those to the frontend process.
This in turn requests a file descripter for writing from the parent
process. Once the trust anchors have been written the parent process
renames the tmp file to the final location.
Also provide a built in trust anchor for boot strapping purposes if no
file is found on disk. That way we can get rid of unbound-anchor in
unwind's rc.d script.
|
|
Same fix as in fsck_ffs. OK deraadt@ tb@
|
|
Found the hard way and OK tb@
|
|
|
|
|
|
|
|
decomposition into major and minor is unsigned, so we should print them
with %u instead of %d.
ok guenther
|
|
ok florian
|
|
This requires quite a bit of yak shaving until we can pick up nameservers
from router advertisements.
Pointed out by sthen & kn
|
|
|
|
ok sthen
|
|
it will crash when it sees a -1 FD.
Found the hard way by solene on a box without ::1
|
|
|
|
Contrary to other rules accepting a single port, this one only works with
numerical values. Fix it by simply using the proper grammar.
Port ranges are not accepted, but an error message on a range without start
was missing in general, so add it while here.
OK bluhm
|
|
ok florian@
|
|
tweaks and ok florian@
|
|
ok florian@
|