| Age | Commit message (Collapse) | Author |
|---|
|
return NULL. This happens if isakmpd is configured for the other
address family. Add a NULL pointer check and initialize rv.
ok hshoexer
|
|
|
|
|
|
the -n switch. This triggers malloc related bugs during the regress
tests.
ok hshoexer
|
|
|
|
from Stephan A. Rickauer
|
|
ok mbalmer@
|
|
ok art@,dlg@
|
|
|
|
PR #5872.
ok millert@ deraadt@
|
|
skipping bitmasks to cover the entire 65536 port space - previously
they covered 512-1024 only.
sysctl needs to be updated to cope with this change; please
"make includes" before rebuilding it.
feedback millert@ ok millert@ deraadt@ markus@
|
|
either from the disklabel or via -S, is not 512 bytes. Disklabel
partition sizes are sectors and not 512 byte blocks. One less 'block
is 512 bytes' assumption. 2^32 or so to go.
ok otto@ millert@
|
|
ok millert@, (for the change) jmc@
|
|
ok henning
|
|
ok marco@
|
|
ipsec.conf. The config created by isakmpd dynamically was different
from the config that ipsecctl generated out of ipsec.conf.
Both config formats are changed so that they match. One needs a
passive ike line and a require flow line with the same parameters
in the ipsec.conf. Then the acquire message generated by the kernel
will trigger isakmpd to generate a config that matches the one that
ipsecctl generated from the ike line.
ok hshoexer, 'sounds good' todd
|
|
of all possible addresses from DNS and not only the first one. So
during expansion, the right address family can be chosen and
regression test ike56 passes again. There localhost resolves to
127.0.0.1 and ::1.
ok hshoexer
|
|
rule, the current to address is taken as peer during expansion.
This makes the broken regress test ikefail7 obsolete as address
family mismatch cannot happen anymore.
ok hshoexer
|
|
OK deraadt, otto, krw.
|
|
and the state-related pf(4) ioctls, and make functions in state creation and
destruction paths more robust in error conditions.
All values in struct pfsync_state now in network byte order, as with pfsync.
testing by david
ok henning, systat parts ok canacar
|
|
|
|
Not sure what's more surprising: how long it took for NetBSD to
catch up to the rest of the BSDs (including UCB), or the amount of
code that NetBSD has claimed for itself without attributing to the
actual authors.
OK deraadt@
|
|
OpenBSD area and change the 'p' command to only print the boundaries
and size of the OpenBSD area and the free space within that area.
Introduce a 'l' command to print the header only. With krw@; ok krw@
deraadt@; jmc@ for the man page bits
|
|
extended DOS partition. the concept of extended partitions is very
simple, it is just another mbr at the partition offset (well, the
standard "EBR" is a linked list with a few limitations, but this diff
works with both variants).
this diff has been in the snapshots for a while.
with input from weingart@ and krw@
ok deraadt@
|
|
options left of the old tuning list, and it makes sense to have one list
now
- document -T. this was requested by todd (fries), and comes largely from
the description in netbsd's page of the same name
ok millert otto
|
|
- tweak CAVEATS, as requested by marco
ok hshoexer marco
|
|
===================================================================
RCS file: /cvs/src/sbin/growfs/growfs.c,v
retrieving revision 1.23
diff -u -p -r1.23 growfs.c
--- src/sbin/growfs/growfs.c 5 Oct 2007 13:56:14 -0000 1.23
+++ src/sbin/growfs/growfs.c 4 Jun 2008 10:10:32 -0000
@@ -2227,7 +2227,7 @@ usage(void)
DBG_ENTER;
- fprintf(stderr, "usage: growfs [-Ny] [-s size] special\n");
+ fprintf(stderr, "usage: growfs [-Nqy] [-s size] special\n");
DBG_LEAVE;
exit(1);
|
|
a few bytes off the installation media filesystems.
|
|
the kernel to be deleted.
|
|
|
|
|
|
Implementation from NetBSD. Ported via FreeBSD's version in trunk^Wlagg(4).
This is still work in progress. Tested with a HP ProCurve 3500.
OK reyk@
|
|
verification.
ok djm
|
|
even the unicast address of the remote carp peer. this especially
helps when the multicast carp advertisements are causing problems in
the network (some crappy switches don't do well with multicast), there
are conflicts with VRRP, or the policy of the network does not allow
multicast (most Internet eXchange points didn't allow carped OpenBGP
routers because of the multicast advertisements).
discussed with many
ok mpf@
|
|
able to distinguish cleanly an failing ioctl (ie. return value -1) from
trying to retrieve a KDF hint from a not yet initialized volume.
ok marco djm
|
|
to derive the password (minimum: 1000, maximum: more than you want)
ok hshoexer@
|
|
derived from Damien Bergamini's wpa-psk. This implementation is
smaller, cleaner and uses the libc SHA1 functions instead of
pulling in OpenSSL.
make bioctl.c -Wall clean too
Verified with rfc3962 test vectors and against a assembled cryptoraid;
ok hshoexer@
|
|
Makefile.
ok djm@, "get the M's out of my tree" deraadt@
|
|
No functional change yet.
ok hshoexer
|
|
crypto. It's still considered experimental!
ok djm marco
|
|
|
|
ok marco djm
|
|
|
|
as host byte order in userland. ifconfig didn't get this and always printed
the pfsync syncpeer on little endian machines because the check to prevent
printing the default address assumed the wrong byte order.
ok claudio@ rainer@
|
|
|
|
|
|
|
|
discussed with krw, kettenis & drahn
ok hshoexer
|
|
found by ckuethe, help from otto.
|
|
tested and ok hshoexer, grunk
|
