| Age | Commit message (Collapse) | Author |
|---|
|
cases x is just used as a temp variable. Main offender is rn_addmask()
which sets x once at the top uses it then late in the function and then
starts reuing it for various other stuff. While there fix some for loops
to while ones and fix one strange do { } while() loop.
And since rn_search() can not return NULL remove one extra check.
OK mpi@
|
|
table if flowsrc is not set. Now works with new udp checksum code.
From Nathanael Rensen (nathanael.openbsd AT list DOT polymorpheus DOT
com), tweak and ok florian@
|
|
(unplugged). Even if it makes no sense to keep them around if the
interface is no more, we cannot safely remove them since pcb multicast
options might keep a pointer to them.
Fixes a user after free introduced by the multicast address linking
rewrite and reported by Alexey Suslikov, thanks!
ok claudio@
|
|
ok claudio@, henning@
|
|
pfi_kif_get annotates the kif with a flag indicating it is the "any" match
pfi_kif_match obeys that flag
ok benno
|
|
from multiple inclusion. OK mpi@
|
|
Also remove a memset that is already happeing because we use PR_ZERO on
the allocation. Move two memmove to memcpy because the addrs can not
overlap. Make some simple helper functions static __inline and remove one
of the explicit rn_search inlines.
OK mpi@
|
|
5.5 release.
OK claudio@
|
|
|
|
|
|
No functional change.
ok deraadt
|
|
to set multipath routes. So since more then 2 month multipath was broken.
|
|
radix_mask pool. With input and OK mikeb@ and henning@
|
|
change during M_WAITOK (note: no driver does this at the moment), then
be careful to not copyout a truncated media word list, but return E2BIG.
ok mikeb guenther kettenis
|
|
since ages so remove the bits used for userland compiles. OK mikeb@
|
|
member directly.
ok mikeb@
|
|
consistent with struct ifaddr "ifa" and struct in_ifaddr "ia".
OK mpi@
|
|
for easy switching to static functions. But we don't usually have static
functions in the kernel.
ok deraadt mpi mikeb
|
|
sprinkle 0 -> NULL where obvious
ok millert mpi
|
|
|
|
OK mikeb@
|
|
reduce stack space requirements.
ok mikeb mpi
|
|
Really change the link-local address in the unlikely event of an IFID
collision, instead of going into an infinite conf-nak loop with the peer.
To make the netinet6 code use the IPv6CP IFID in a new link-local address,
in6_ifattach_linklocal() must accept a provided IFID. Replace the unused
'altifp' parameter with a new 'ifid' parameter for this purpose.
Always use the latest suggested address in IPv6CP replies, even if
the task to update the interface's address hasn't run yet.
Also, clear the ifindex (KAME hack) in addresses sent during IPv6CP.
ok mpi
|
|
ok millert
|
|
ok henning, "looks fine" mikeb, input from guenther.
|
|
ok henning
|
|
ok henning
|
|
fixes negative timeout panics. tested by sthen.
|
|
ok florian
|
|
encounter with "timeout_add: to_ticks (-1) < 0". Pointed out by RD
Thrush.
|
|
hand-rolled loop was converted to memcmp(). From Kieran Devlin.
OK markus@
|
|
we're about to send. Should a bug on big-endian LP64 archs reported by
James MacMahon (jwm at operand dot ca). ok millert@
|
|
|
|
send it back in the Attic.
|
|
Instead of linking multicast records to the first configured address of
the corresponding protocol, making this address and its position in the
global list special, add them to a new list directly linked to the
interface descriptor.
This new multicast address list is similar to the address list, all its
elements contain a protocol agnostic part. This design allows us to
be able to join a multicast group without necessarily having a configured
address. That means IPv6 multicast kludges are no longer needed.
Another benefit is to be able to add and remove an IP address from an
interface without worrying about multicast records. That means that the
global IPv4 list is no longer needed since the first configured address
of an interface is no longer special.
This new list might also be extended in the future to contain the
link-layer addresses used to configure hardware filters.
Tested by sthen@ and weerd@, ok mikeb@
|
|
ok mikeb@, henning@, claudio@
|
|
which allows us to modify ifnet structure in a relatively safe way;
discussed with deraadt, ok mpi
|
|
ok deraadt@
|
|
|
|
ok deraadt
|
|
ok mikeb@, henning@, deraadt@, brad@, miod@
|
|
Found by LLVM/Clang Static Analyzer.
ok benno@ henning@
|
|
rule even if the latter had no prio flag. Fix match rules with
prio to work as expected.
Found by Roman Kravchuk; reported and tested by Alexey Suslikov;
OK henning@
|
|
ok tedu
|
|
While here add a comment explaining detach hooks' order of execution when
destroying/detaching an interface.
|
|
|
|
Found by LLVM/Clang Static Analyzer.
ok henning@ mikeb@ bluhm@
|
|
more like the original conditional.
if this doesnt fix rd thrushs panic, then this should be reverted to
r1.85.
|
|
kernel diagnostic assertion \"sotoinpcb(inp->inp_socket) == inp\"
failed: file "../../../../netinet/tcp_input.c", line 646
Will think of a better fix.
|
|
stack should still scan for IPv6 type 0 routing headers. There are
OpenBSD routers running without pf and there are plenty of legacy
implementations supporting RH0.
Bring back the function ip6_check_rh0hdr() that I removed a month
ago. As an improvement to the prevoius solution, only scan the
header chain in ip6_input() if the packet has not been inspected
by pf. Both implementations drop packets with RH0 anywhere in the
extension header chain.
OK mikeb@ henning@
|
