src - OpenBSD base system

Age	Commit message (Collapse)	Author
2011-12-03	pfctl_set_hostid always returns 0; don't pretend otherwise and make it a	Ryan Thomas McBride
	void function instead. ok dlg
2011-12-03	Avoid loading garbage hostid and other values not always initialised,	Ryan Thomas McBride
	by bzero()ing the 'struct pfsync' properly. ok dlg mpf
2011-12-01	Fix negating of unsigned d_secsize. FIRST, cast to signed type,	Kenneth R Westerback
	THEN negate. Fixes issues with 'b' and 'k' size suffixes. Make error message more clear while here. Found, and fix provided, by David Imhoff via bugs@. Thanks!
2011-11-27	Manpage bits for the recent changes in vlan(4) prio handling.	Christiano F. Haesbaert
	ok jmc henning sthen claudio
2011-11-26	Tie the 802.1p (CoS) value in vlan(4) with the new prio scheme in pf.	Christiano F. Haesbaert
	When transmitting through vlan(4), it will now use the prio value in pf packet header. When receiving, we save the incoming Cos in the same place, this gives us the hability to preserve the CoS value across two different vlan interfaces. This kills the SIOC[GS]VLANPRIO ioctls and removes the corresponding buttons from ifconfig(8). ok henning@ claudio@ mcbride@
2011-11-23	print ports as numbers by default; -P prints names instead	Henning Brauer
	2/2 from Lawrence Teo <lteo at devio dot us> ok sthen dlg and myself
2011-11-23	print_rule: rename opts -> ropts, no binary change	Henning Brauer
	1/2 from Lawrence Teo <lteo at devio dot us> ok sthen dlg myself and gcc
2011-11-13	provide a specific section reference; from Lawrence Teo	Jason McIntyre

2011-11-11	A zero-length partition is a non-partition, so reject a partition	Kenneth R Westerback
	length of 0. And anyway PRT_fix_CHS() writes garbage when length is zero. Refresh the in-memory copy to reflect any data that was written out, so you can see that your changes have taken effect. Surprise behaviours noted by matthew@ at c2k11.
2011-11-08	Fixup skip step printout: rdomains come after direction; ok mcbride, henning	Mike Belopuhov

2011-11-08	- put -i in the right place	Jason McIntyre
	- prevent an erroneous space in the formatting of -D
2011-11-08	mention default fifo path, sthen. previous manpage changes were ok jmc, plus	Henning Brauer
	reminder to adjust synopsis and usage (again...)
2011-11-08	allow the path to isakmpd's fifo to be specified (aka changed) on the	Henning Brauer
	command line, ok mikeb sthen
2011-11-02	Properly document hwfeatures.	Christiano F. Haesbaert
	ok jcm@ henning@
2011-11-02	this list is sorted alphabetically;	Jason McIntyre

2011-11-02	Expose if_capabilities to userland so that ifconfig can display the	Christiano F. Haesbaert
	device hardware features. Tune ifconfig to show them with 'hwfeatures' argument. While here, kill some old unused capabilities and respect 80 columns in brconfig.h. ok mcbride@, henning@, mpf@.
2011-10-25	document some limits of "group-name"; from Steffen Daode Nurpmeso	Jason McIntyre
	ok henning
2011-10-20	For NAT-T with transport mode, use the ISAKMP's SA addresses for the	YASUOKA Masahiko
	flow instead of the ID payload. This will fix a part of problems of L2TP/IPsec from NAT'd clients. ok markus@ tested by markus@ and myself.
2011-10-13	pfctl change for af-to / NAT64 support.	Claudio Jeker
	The general syntax is: pass in inet from any to 192.168.1.1 af-to inet6 from 2001::1 to 2001::2 In the NAT64 case the "to" is not needed in af-to and the IP is extraced from the IPv6 dst (assuming a /64 prefix). Again most work by sperreault@, mikeb@ and reyk@ OK mcbride@, put it in deraadt@
2011-10-12	default snaplen is 160 these days	Henning Brauer
	From: giovanni <qgiovanni at gmail dot com>
2011-10-06	no more ccd(4);	Jason McIntyre

2011-10-06	mark ccd(4) deprecated in a few more places	Theo de Raadt

2011-10-06	ccd goes to the attic	Theo de Raadt
	discussed with jsing and millert
2011-09-29	ssl.8: Certifying Authority -> Certificate Authority	Jason McIntyre
	isakmpd.8: rsa:1024 -> rsa:2048 (ok markus) all: X509 -> X.509 from Lawrence Teo
2011-09-20	Prepare to add support ALPS touchpads	Alexandr Shadchin
	no objections mpi@ and matthieu@
2011-09-20	rev 1.80 added calls from the signal handler to stdio. bad bad bad!	Theo de Raadt
	use system calls directly, instead.
2011-09-19	kill prototypes for long removed functions, Rafael Sadowski <rafael at	Henning Brauer
	sizeofvoid.org>
2011-09-17	Standarize the ToS option across nc/ping/traceroute so that they'll	Christiano F. Haesbaert
	accept the same values as pf.conf. It accepts decimal, hexadecimal and the dscp/tos keywords. The ping option was ripped of in SMALL. ok mcbride@ sthen@
2011-09-16	reorder SENSOR_* in switch() and add missing cases.	Yojiro Uo
	ok deraadt@
2011-09-16	fix typo	Yojiro Uo

2011-09-16	apply following changes to sensor framework:	Yojiro Uo
	- change accuracy of SENSOR_FREQ from Hz to muHz - add SENSOR_VOLTS_AC entry to userland programs ok deraadt@
2011-09-15	Fix recognition Synaptics touchpad	Alexandr Shadchin
	from Patrick Keshishian (sidster at boxsoft dot com)
2011-09-07	Avoid possible SIGSEGV when wrong tos option.	Christiano F. Haesbaert

2011-09-04	knock out useless Pp;	Jason McIntyre

2011-09-04	grammar fix; from Martin Pelikan	Jason McIntyre

2011-09-03	make -column lists pretty again;	Jason McIntyre
	specifically, rewrite them to permit some markup in the column headers, and use "Ta" instead of literal tabs; mandoc does not currently match groff 100%, but a mandoc fix may be some time off, and we've gone enough releases with poorly formatting column lists. in some cases i have rewritten the lists as -tag, where -column made little sense.
2011-08-30	One shot rules can be used in pf.conf by specifying a "once" filter option.	Mike Belopuhov
	ok henning, mcbride
2011-08-27	Under certain circumstances iked can be tricked to bypass a signature	Mike Belopuhov
	verification caused by the incorrect check of the EVP_VerifyFinal return value. Issue was discovered and reported by Justin Ferguson, justin-dot-ferguson-at-ioactive.com. Thanks! While here, check for HMAC_* return values. ok jsg, markus
2011-08-21	Remove old wpapsk entries. Cleanup casts and use timerclear.	Christiano F. Haesbaert
	ok mcbride
2011-08-19	as with other list types, column lists generally do not need a Pp/-compact	Jason McIntyre
	construct; this also sidesteps what seems to be a problem with mandoc, in that "-column -compact" seems to mess up the formatting. thus these pages should now have their lists formatted nicely (i.e. correctly aligned and with indent applied); as a side note, the fact that headers are not properly marked up is another issue which will be addressed separately (a mandoc fix is needed, i think). i have fudged a few of these to mark up properly, since the workaround does make sense for some pages. as another side note, i haven;t fixed man7, as i need to prepare a separate diff for kristaps and ingo.
2011-08-02	add refcounting for "Configuration" section for acquire-mode SAs	Markus Friedl
	ok mikeb@
2011-08-01	Add missing closing braces in usage().	Matthieu Herrb
	Ok jmc@ (who also pointed me to the 2nd missing one) sobrado@.
2011-07-31	missing .Nm macro; ok jmc@	Ingo Schwarze

2011-07-29	Remove requirement to quote 'debug' loglevel for the 'debug' option.	Ryan Thomas McBride
	ok henning
2011-07-27	Add support for weighted round-robin in load balancing pools and tables.	Ryan Thomas McBride
	Diff from zinke@ with a some minor cleanup. ok henning claudio deraadt
2011-07-13	Force user to specify protocol when filtering on user, gid, and os	Ryan Thomas McBride
	attributes (this is now required by pf_rule_test(). ok sthen henning
2011-07-09	Add a missing prototype, fix build with WARNINGS=yes.	Nicholas Marriott

2011-07-09	tweak previous;	Jason McIntyre

2011-07-09	rmove rotten netatalk bits	Henning Brauer

2011-07-08	allow rules to specify "prio X" or "prio (X, Y)" to assign priority levels	Henning Brauer
	for the new priority queueing implementation. valid range is 0 to 7. the old trick for priorizing empty ACKs etc remains thru the latter notation ok ryan mpf sthen plus pea testing and halex and claudio reading