| Age | Commit message (Collapse) | Author |
|---|
|
present. The latest routing stack code can now handle these situations.
Much requested by beck@ and others. Detailed discussion at s2k15
identified required routing changes.
ok claudio@
|
|
|
|
example)
ok florian jsing
|
|
after modifying them. Give this flag to `display.focus', since screen
switching is asynchronous, and reading back will return the screen we are
switching from if the switch has not completed yet.
Also, disallow -= and += syntax for display.focus, as it doesn't make any sense.
|
|
the changes for handling template files in r1.293, alloc_table became
a pointer to an array of structs (rather than the array itself), so
nitems(alloc_table) no longer returns the number of elements. As found
by sebastia@, autosize would only try the first allocation scheme,
so installation would fail on small disks. ok henning@
|
|
|
|
Correct old style entries so nothing has to be done for the admin.
diff from Manuel Giraud (manuel (at) ledu-giraud.fr) Thanks!
|
|
Pointed out by bluhm@; no object change.
OK bluhm@, krw@
|
|
No object change.
|
|
Input bluhm@, OK krw@
|
|
in get_token(). Simplifies code and shrinks future diff.
No intentional functional change.
|
|
encountering a carriage return in the input.
Found by jsg@ a long time ago in a respository far, far away.
|
|
or take a cast. Tweak error messages to also be consistant with
ping(8).
Change lower bound of '-h' to 0 from -1 at the request of florian@.
Tweaks and suggestions from, ok florian@
|
|
|
|
|
|
template gives mountpoints, min-max size ranges and percentage of disk
foremost intended for autoinstalls, installer bits to follow soon.
with input from many, ok theo
|
|
missed one. This diff is only a spacing change.
|
|
that for us.
approach seems sound deraadt@
ok claudio@ mpi@ henning@ phessler@
|
|
ok deraadt@
|
|
|
|
ok henning
|
|
a fstat() call.
ok mikeb@ markus@
|
|
to the same policy is already active. OK markus, hshoexer
|
|
> add a mac to the timestamp payload and calculate it with siphash.
>
> this lets us have some confidence that the timestamp hasnt been
> damaged or tampered with in transit.
>
> discussed with jp aumasson
> ok florian@
|
|
i dont know why i missed this before.
|
|
an unvarying payload.
each ping process generates a random key, and each packet then uses
the timestamps mac as the IV for the stream.
this allows us to have a different payload per packet that we can
recalculate and compare in the same was as the static payload was
checked before. by aggressively varying the payload we hope to
generate more opportunities for dodgy network equipment to show
errors.
note that we do siphash before chacha because we want to be strict
about the timestamp payload, but we want to be able to recognise
errors in the rest of the payload and where those errors were. doing
chacha before siphash would have us than fail the whole packet if
a checksum doesnt match.
discussed with jp aumasson
ok florian@
|
|
this lets us have some confidence that the timestamp hasnt been
damaged or tampered with in transit.
discussed with jp aumasson
ok florian@
|
|
handling along the way.
Reviews by Brendan MacDonell, Jeremy Devenport, florian, doug, millert
|
|
|
|
ok krw@
|
|
This code is largely unfinished and is not used for anything. The change
leaves identities as only objects referenced by ipsec_ref structure and
their handling requires some changes to support more advanced matching of
IPsec connections.
No objections from reyk and hshoexer, with and OK markus.
|
|
The RAID 5 implementation has been largely rewritten during the last two
hackathons in Dunedin - it now needs further testing and usage.
|
|
|
|
once inside MBR_print().
|
|
DISK_writesector() and live in disk.[ch].
|
|
|
|
and writesector(). Move them to misc.[ch]. Soon to be used for more
than MBR reading/writing.
No intentional functional change.
|
|
non-amd64 boxen.
|
|
would complicate install media. Will be used by GPT support.
|
|
|
|
|
|
to obtain GPT partition names. Tweak ask_pid() to take low/high
bounds so it can handle 1-ff (MBR) or 1000-ffff (GPT) partition
pids as required. A pid of '0' is still special and disables the
partition.
No visible or intentional functional change.
|
|
restricted to SHA1 for RSA signatures. ok mikeb@
|
|
will eventually be able to use.
|
|
to 64 bits, adjusting printf()'s, etc. as required. Preparing for
GPT partitions. Add 't' size unit. No other intentional functional
change.
|
|
ok markus, hshoexer
|
|
they do "interesting" things with APIs i want to change, and i can't
find any evidence anyone uses them anymore. instead of burning time
on changes i cant test, ill take a chance that noone will miss them.
no objections from anyone
ok mpi@ deraadt@ henning@ sthen@
|
|
> obfuscate the monotonic clock values we put on the wire by offsetting
> them with a random value.
|
|
> bump the size of the time types on the wire to 64bit, and use nsec
> instead of usec so its easier to translate to/from timespecs instead
> of timevals.
this raises the size of the default ping payload from 16 to 24bytes,
but claudio@ thinks we'll be fine with this.
|
|
them with a random value.
picking between ^ and +- as the operator for the obfuscation has
turned out to be a great bikeshed. im picking + and - cos it prevents
observers seeing high bits roll over which can indicate the magnitude
of the current clock value.
discussed with many.
|
