| Age | Commit message (Collapse) | Author |
|---|
|
the Listen-on directive in isakmpd.conf(5). This directive can be necessary
in multi-homed situations, and if isakmpd(8) is used with carp(4).
ok sthen@ mpi@
|
|
1. Stop telling our PID to the world: the ident values could overlap
anyway since PID space is larger than 16 bits for some time already.
2. No need for htons/ntohs dance with ident in IPv6 case.
okay benno@ deraadt@ florian@
|
|
Admins don't necessarily reside in the same timezone as the
machine. If an admin mistakenly schedules downtime for a
machine at the wrong time this could be quite bad.
Users, too, don't necessarily reside in the same timezone as the
machine. Saying the box is going down at "15:40" is potentially
ambiguous.
So, display the local timezone in all logs, broadcasts, printouts,
messages, etc. Give the admin a chance to correct the mistake; give
the user a better idea of when the box is actually going down.
This also updates the process' understanding of the present time
before printing estimates. The system's wall clock could have
changed after the shutdown was scheduled, making subsequent
broadcasts potentially misleading for users.
ok deraadt@
|
|
Improve emitted verbiage while there.
tweaks & ok otto@
|
|
array. Just point at the provided optarg like '-l' does. Also,
no need to initialize a static pointer to NULL.
|
|
ignored.
|
|
alongside 'request'.
|
|
the regression test uncovered code paths in the TS and CP payload parser
that can trigger access to invalid memory locations. This changes the
TS and CP payload parsing to add additional length checks.
With hshoexer@ and markus@; OK sthen@
|
|
NULL, on failure.
Eliminates possible "option = ;' lines in lease files.
|
|
strtonum(3) accepts a single leading '+', so if we increment timearg we
allow input with two leading pluses. If we don't increment, we still
have a valid input for strtonum(3).
While here, use errstr to say what was wrong with timearg.
Don't increase the range for offsets yet: it exposes segfaults elsewhere
in the program that need to be addressed.
ok millert@ tb@
|
|
with suggestions from jmc and ok mpi@
|
|
|
|
From Raf Czlonka, ok sthen@
|
|
| The Interface Identifier is finally obtained by taking as many
| bits from the RID value (computed in the previous step) as
| necessary, starting from the least significant bit.
Copy bits from the end of the digest array, not from the beginning.
While here initialize iid.
Problem that IPv6 addresses change while they should not pointed out
by semarie@.
OK sthen, phessler
|
|
out the "wait for mount" code into a function to see more easily
what is going on. ok visa@ tedu@
|
|
chunk, not the total amount of free space on the disk. Removes
need for 'totsecs'.
ok otto@ as part of larger diff now completely committed
|
|
end in SUN_CYLCHECK case. Fixes potential off-by-one in calculating
the number of cylinders available in a chunk.
ok otto@ as part of larger diff
|
|
goto from one to the other, just move the logic after the if/else. One
less #ifdef. Decrements total_secs in either case.
ok otto@ as part of larger diff
|
|
the space available.
ok otto@ as part of larger diff
|
|
available.
ok otto@ as part of larger diff
|
|
ok otto@ as part of larger diff
|
|
acknowledged as a failure. At the same time IPv4 classes were declared a
failure, IPv6 decided to add them back because using a mac address for
IP address configuration was easy.
Now that we have RFC7217 support we can remove this artificial limitation:
allow non-/64 prefixes to be configured by SLAAC.
Of course, if you have fewer bits for the hosts part of the address you
have fewer bits for privacy and fewer bits to avoid collisions.
OK florian@
|
|
IPv6 unicast interface identifiers are derived from IEEE link-layer
addresses. In all other cases the interface identifier should be
treated as an opaque value.
Accordingly stop fiddling with the bits for privacy addresses.
While here initialize the whole priv_in6 struct with random data,
currently no functional change but reduces amount of magic numbers,
pointed out by phessler as part of a larger diff.
OK phessler, sthen
|
|
instead of "oldval -> newval" when changing a string variable.
OK florian@
|
|
their own functions. Makes it easier to extend with other timers that
work on established SAs and re-use the functionality in other places.
Also delete the timer before adding to fix a warning on config reload
in certain circumstances.
ok sthen@
|
|
While there move local variable declaration inside the 'if' and
eliminate separate SUN_CYLCHECK block containing said local variable
declaration.
Add check for attempt to resize a partition to 0, and simplify logic a
bit by recognizing that this means the number of sectors will always
be > 0.
ok otto@
|
|
|
|
p_cpg inside get_cpg() instead of separately, much like
get_fsize() and get_bsize() work.
ok otto@
|
|
If we insert our offset into tlist[] and then process tlist[] like an
array we can eliminate many of the special cases and duplicate calls
in loop().
While we're at it, change struct interval and timewarn() to use time_t
to eliminate the need for some of the casting and add explicit long-long
suffixes to the constants in tlist[] to head off overflow if the code
wanders off.
With type-related input from tb@ and a style tweak from anton@.
ok tb@
|
|
multiplication and division. Based on a diff from otto@.
OK otto@ krw@
|
|
applied during getuint64()'s input parsing.
ok otto@
|
|
multiple of cylinder size.
Eliminate various compiler warnings by shuffling unused variables
under !SUN_CYLCHECK.
Consolidate two SUN_CYLCHECK blocks into one.
Add D_VENDOR check inside SUN_CYLCHECK block.
Tweak & ok otto@
|
|
ULLONG_MAX - 1, not <= 0. This fixes the detection of
^D and invalid values during the 'R'esize command.
ok otto@
|
|
with log_debug() so -v unleashes all debug output without having to
compile a custom dhclient.
|
|
Spotted by Pontus Lundkvis. Thanks!
|
|
this is used for mgre, which has a local address but dynamically
addresses other endpoints based on routing information.
"tunneladdr" takes a single address (where "tunnel" takes two) and
sets the destination address in the ioctl to an AF_UNSPEC destination.
tunnel status is changed so it recognises this and only outputs the
local address if the destination is AF_UNSPEC. the tunnel status
is also changed so it can tell the difference between tunnels being
unsupported on the interface (ie, ENOTTY comes back) or if there's
just no address configured yet (EADDRNOTAVAIL), which allows the
other tunnel params like ttl and df to be shown.
tested with and without -DSMALL
|
|
Ensure get_fsize() is always called before get_bsize(). And during
(R)esize only call the pair a second time when a partition is actually
shrunk.
ok otto@
|
|
ok otto@
|
|
able to do the same when 'a'dding a partition. Only in 'X'pert mode
of course.
ok otto@
|
|
We can limit the time we wait on wall(1) without the complexity
inherent to setjmp.
Actually wait (instead of waitpid) to pick up any straggler wall
processes from prior timewarn() calls.
With a tweak from millert@ to ensure we don't accidentally close
stdin before we exec wall.
ok millert@ tb@
|
|
|
|
ok otto@
|
|
domain 0.
OK phessler, henning, deraadt, stsp, benno
|
|
ok benno@
|
|
Diff from jsg, ok millert, benno
|
|
|
|
"vnetflowid" enables it on an interface, and "-vnetflowid" disables it.
a vnetid will be suffixed with + on the encap line if it an interface
reports that it is enabled.
|
|
solve that. Prevents bus error on armv7. ok naddy@ florian@
|
|
|
|
ifconfig will output "nodf" or "df" on tunnel interfaces that support
the ioctl., and accepts "tunneldf" and "-tunneldf" as options to
try and configure it.
|
