| Age | Commit message (Collapse) | Author |
|---|
|
allusions to 'rtstatic'.
|
|
extraction function.
|
|
current usage.
|
|
|
|
|
|
routes_len, domains_len, ns_len. Removes obsolete alignment with
names of RTM_PROPOSAL fields and makes code easier to read.
No intentional functional change.
|
|
domain name servers with variable sized uint8_t chunks.
Allows larger lists of search domains and static routes while making
common situations use much less memory.
Original report of breaching the 128-byte limit for static routes from
James Cook via misc@.
Testing of various versions by Andreas Kusalananda.
|
|
unnecessary wrappers, since they all contained a single field that
could be used as is.
Suggested by claudio@
|
|
|
|
|
|
for FFS1 MFS. Problem reported by Mark Patruck and Andreas Kusalananda Kahari.
ok otto@
|
|
filesystems or ramdisks to use explicit -O 1; installer already does that.
ok sthen@
|
|
configuration file.", but occasionally something else fit better; at the
same time, try to make the format for FILES more consistent;
original diff from clematis
|
|
after the variable length data (static routes, search path, dns
servers) sizes are deteremined.
No intentional functional change. Allows potential change to variable
length proposals.
|
|
a different value to limit memcpy() is a bad thing.
Discovered & fix tested by Andreas Kahari. Thanks!
|
|
in printing the int field we store it in. i.e. '%d' not '%u.
Discovered while tracking down breakage reported by Andreas Kahari on
bugs@.
|
|
In pf(4), the pf_status.since timestamp is set with time_uptime(9).
This is a low-res snapshot of nanouptime(9). nanouptime(9) is used to
implement CLOCK_BOOTTIME for clock_gettime(2). It is not used to
implement CLOCK_UPTIME, though. The names are misleading.
Switch to CLOCK_BOOTTIME in places in userspace where we use
pf_status.since so we are working with the right clock.
Technically CLOCK_MONOTONIC is equivalent, but we shouldn't use that
here. CLOCK_MONOTONIC is not necessarily the "time since boot": the
standard says its absolute value is meaningless.
ok patrick@ bluhm@
|
|
ok patrick@
|
|
(domain search) and 't' (text) options. Enables append/prepend for the
domain-search option by inserting blanks between the domains and
ensures the presence of a terminating NUL when merging text.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Only the initiator can use 'msg_policy' to determine if the policy is supposed
to be transport mode, the responder has to check for a received USE_TRANSPORT
notify to find a matching policy during the lookup.
ok markus@
|
|
memcpy the address into a local var before comparing it with code
that reads ints using int *. at least sparc64 and landisk suffer from this.
with and ok jca@
|
|
ok markus@
|
|
No intentional functional change.
|
|
Fixes a crash on landisk (strict alignement arch) reported by otto@
ok deraadt@ otto@
|
|
does the same thing.
ok patrick@
|
|
clue
to avoid setting interface mtu.
|
|
|
|
is compared to one received via PFKEY which results in garbage.
Found by Rene Ammerlaan <rj (dot) ammerlaan (at) sungai (dot) nl>
ok patrick@
|
|
DH group (as negotiated by IKE_SA_INIT) instead of one from the configured
policy. Not doing so may result in INVALID_KE errors.
ok patrick@
|
|
interact with the per-policy active/passive options.
ok kn@
|
|
ok sthen@, patrick@
|
|
|
|
|
|
This flag restricts a wireless driver to MCS0 - MCS7 for both transmission
and reception. It can be set to work around packet loss in 11n mode caused
by unused antenna connectors on a MIMO-capable wireless network device.
man page tweak from tracey@
ok deraadt@
|
|
'key->pol_proposals' should be the peer proposal as it is derived from
a received SA payload, 'p->p_proposal' comes from a locally configured
policy.
ok patrick@
|
|
groups are not recommended to use and are only supported for backwards
compatibility.
Feedback from sthen@
ok kn@
|
|
|
|
|
|
stop trying to get an ACK from that server after 'timeout'
seconds. Give up and try to get another lease.
Possible infinite loop pointed out by Alexander Markert on tech@.
|
|
ok markus@
|
|
not be printed.
|
|
discarded. Update leases file when active lease is discarded. Discard
NAK'ed offers even if there is no active lease. Always transition to
INIT.
Issues discovered after inappropriate behaviour resported by
Alexander Markert and Pierre Emeriaud.
|
|
1.
This increases the number of volumes that can be created on a single disk
from 7 to 15. i.e. a disk can be sliced into a maximum of 225
(15 * 15) filesystems instead of a mere 105 (7 * 15).
ok deraadt@
|
|
ok patrick@
|
