| Age | Commit message (Collapse) | Author |
|---|
|
While we are behind a captive portal we have to ask the dhcp provided
resolvers. However it is possible that those resolvers do not like
to talk to unwind because of EDNS0.
Unwind handles this case by closing its listening socket and hands
over to asr. Except for the resolving of the captive portal host which
it still tries to resolve via libunbound.
Turns out there is no need for this we can just use getaddrinfo_async
from asr which then either hits unwind which does the right thing or
unwind closed its listening socket and asr moves on to talk directly
to the dhcp resolvers.
|
|
Fix a regression of revision 1.326 "Zap v4mask and v6mask in host()" which
allowed CIDR networks with more than one "/" to be loaded into tables.
I took care of this code path with regard to rules coming the ruleset
parser, which aborts earlier on such invalid specifications, but missed
`-T add 1/2/3' and the like.
Analyzed and fixed by Petr Hoffmann <petr dot hoffmann at oracle dot com>,
thanks!
OK deraadt
|
|
Brainfart pointed out by tb
|
|
|
|
|
|
users to know the size of the currently used font.
Based on a diff from Artturi Alm, thanks!
OK sthen@, kettenis@, tedu@, jcs@
|
|
only two older cards currently attempt to set this, and it
should not be neccessary anyway;
i've added in a some (commented) info to explain this;
discussed with and ok stsp
|
|
disable this), and provide a little more info on "duration";
some driver-specific notes hopefully to follow...
help/ok stsp
|
|
seeing what is going on.
There is still a lot to do wrt logging but it's not a priority yet.
|
|
|
|
pointless.
Trigger a check
- on startup
- when forwarders change on config reload
- when dhcp provided forwarders change
- on network interface state change
When a check finishes and the checked resolver cannot resolve anything
configure a timer to run another check in the future using an
exponential backoff for the timeout.
|
|
|
|
|
|
of WIP escaped into the wild and broke parsing of domain-search.
Reported by Greg Steuck and Raf Czlonka. Fix tested by Greg.
|
|
We still want to log other causes when failing to open the lease file,
but then do so with a more helpful error message.
ok florian@
|
|
|
|
it would be so much easier.
|
|
Zap insidious trailing space.
|
|
the option data cannot be prepended or appended to. Instead, treat
"prepend" as "supersede" and "append" as "default". This preserves the
safe aspects of current behaviour. Issue a parsing warning when
appropriate to encourage people to fix their configuration files.
Eliminate egregious repeated code by abstracting merge_option_data().
|
|
offending line. It is fruitless to try to position the "^" at a
character more than 80 characters from the start of the line.
|
|
traceroute bits from benno.
ok benno claudio
|
|
|
|
pretty_print_classless_routes(), making both of them local to
options.c.
Avoids a double pretty print of DHO_DOMAIN_SEARCH, eliminates an
unneeded 1024 byte static array.
Shrinks size of upcoming diff to implement parsing of domain search
option in leases and dhclient.conf.
|
|
field being memcpy()'d into.
Tweak DHO_ROUTERS handling to be similar to the other cases populating
proposal->rtstatic, including a warning when things go wrong.
|
|
BIOCSFILDROP used to just be a flag, ie, any non-zero value was
treated the same, but i'm changing it so different values do different
things. this way the programs should keep working even if i decide
to change the values for these macros.
|
|
Only accept a new config reload if it's not currently running and
on accept a config reload end if one is currently running.
OK pamela
|
|
OK pamela
|
|
mean we should no longer trust processes, so we call fatal(x). The
control socket is the exception, where we ignore rather than allow
crashes due to data from the outside.
suggestion/input and OK florian@
|
|
|
|
|
|
input and OK florian@
|
|
going on so use log_warnx to not print a useless 2nd error message.
OK pamela
|
|
instead of an mpe and mpw section, have an MPLS section that talks
about mpe, mpw, and mpip.
|
|
no functional change
|
|
patch from Alessandro dot Gallo at syssegv dot org
|
|
-F or -f is required;
ok krw
|
|
|
|
Left behind in pfctl_parser.h revision 1.91
"First pass at removing the 'pf_pool' mechanism [...]"
These functions don't exist anymore, no object change.
OK procter
|
|
parse.y revision 1.682 from 16.07.2018 errornously allowed `match once' and
`anchor "a" once'.
Fix both by checking for PF_DROP not PF_MATCH and creating anchors in the
parser already such that they can be used to distinguish anchor rules in
the same check as well.
Found and fixed by Petr Hoffmann <petr.hoffmann at oracle dot com>, thanks!
While here, remove an unneeded cast and make pfctl_add_rule() void as it
always returned 0.
OK sashan
|
|
those signals, so remove unnecessary signal handling code.
pointed at and OK florian@
|
|
case-insensitive.
Pointed out by "Wolf" ( wolf at wolfsden.cz ) for acme-client, thanks!
|
|
breaks config reload.
We cannot simply unveil the config file since it might appear after startup
and the config file syntax allows to include other files.
This is a problem with all the other parse.y based privsep'ed daemons
as well.
pledge("rpath") has to be enough for now.
|
|
imsg.hdr.len to shorten and simplify code.
correction and OK florian@
|
|
|
|
the obj directory. Previously this was solved by keeping the libunbound
file name (to be able to keep in sync with upstream) and prefixing
the source filename of colliding .o files in unwind with uw_.
However, these files are shared through out our tree (namely parse.y,
log.c and log.h) and we try to keep them in sync.
Move files back to their original name and instead symlink colliding source
files in libunbound to unique filenames by prefixing them with the directory
they live in:
obj/sldns_parse.c -> /usr/src/sbin/unwind/libunbound/sldns/parse.c
obj/util_log.c -> /usr/src/sbin/unwind/libunbound/util/log.c
Idea to use symlinks deraadt@ via jsg@
OK benno
|
|
|
|
confirmed by and ok krw
|
|
IKEV2_CFG_INTERNAL_IP6_DHCP and IKEV2_CFG_INTERNAL_IP6_SERVER by using
the correct member in the iked_addr struct for the address.
From Aram Havarnean
|
|
this reduces the output that mpw interfaces generate from 3 lines
to the one generic mpls and pwe3 line.
mpw can be configured with the individual ioctls, and gains the
ability to do flow aware transport.
|
|
this allows individual configuration of the use of control words,
flow aware tranport labels, and the local and remote label plus
neighbor individually.
discussed with claudio@ at a2k19
ok mpi@
|
