src - OpenBSD base system

Age	Commit message (Collapse)	Author
2004-01-03	put an mi wrapper around stdarg.h/varargs.h. gcc3 moved stdarg/varargs macros	Marc Espie
	to built-ins, so eventually we will have one version of these files. Special adjustments for the kernel to cope: machine/stdarg.h -> sys/stdarg.h and machine/ansi.h needs to have a _BSD_VA_LIST_ for syslog* prototypes. okay millert@, drahn@, miod@.
2004-01-02	use pool for pcb; with grange@ like netbsd; ok itojun@, cedric@	Markus Friedl

2003-12-21	change in*_pcbnotify to return numbers of matches; ok itojun, mcbride, henning	Markus Friedl

2003-12-21	use CIRCLEQ* for pcb's; ok deraadt, henning, mcbride, with help from canacar	Markus Friedl

2003-12-21	check for multicast early, remove redundant checks; ok itojun, mcbride	Markus Friedl

2003-12-18	Permit ethernet multicast addresses, as used by some HA/failover solutions. ↵	Hakan Olsson
	Suggested by and ok markus@.
2003-12-17	Change pfsync IP protocol and multicast group numbers.	Ryan Thomas McBride
	IPPROTO_PFSYNC -> 240 INADDR_PFSYNC_GROUP -> 224.0.0.240 ok deraadt@
2003-12-15	Add initial support for pf state synchronization over the network.	Ryan Thomas McBride
	Implemented as an in-kernel multicast IP protocol. Turn it on like this: # ifconfig pfsync0 up syncif fxp0 There is not yet any authentication on this protocol, so the syncif must be on a trusted network. ie, a crossover cable between the two firewalls. NOTABLE CHANGES: - A new index based on a unique (creatorid, stateid) tuple has been added to the state tree. - Updates now appear on the pfsync(4) interface; multiple updates may be compressed into a single update. - Applications which use bpf on pfsync(4) will need modification; packets on pfsync no longer contains regular pf_state structs, but pfsync_state structs which contain no pointers. Much more to come. ok deraadt@
2003-12-12	niels kindly dropped clause 3/4 from the license. tnx!	Jun-ichiro itojun Hagino

2003-12-12	previous commit included bad hunk. sorry	Jun-ichiro itojun Hagino

2003-12-12	no need to call arc4random() if we don't skip numbers in ip_randomid().	Jun-ichiro itojun Hagino
	from markus
2003-12-10	de-register. deraadt ok	Jun-ichiro itojun Hagino

2003-12-10	correct non-repetitive ID code, based on comments from niels provos.	Jun-ichiro itojun Hagino
	- seed2 is necessary, but use it as "seed2 + x" not "seed2 ^ x". - skipping number is not needed, so disable it for 16bit generator (makes the repetition period to 30000)
2003-12-08	switch to CIRCLEQ_FOREACH_REVERSE in tcpdropoldhalfopen() and	Markus Friedl
	avoid dropping youngest TCB; ok henning deraadt
2003-12-08	Mbuf tag tcp and udp packets which are translated to localhost, and	Ryan Thomas McBride
	use the the presence of this tag to reverse the match order in in{6}_pcblookup_listen(). Some daemons (such as portmap) do a double bind, binding to both * and localhost in order to differentiate local from non-local connections, and potentially granting more privilege to local ones. This change ensures that redirected connections to localhost do not appear local to such a daemon. Bulk of changes from dhartmei@, some changes markus@ ok dhartmei@ deraadt@
2003-12-06	Mark u_int64_t constants with ULL to make gcc3 happy.	Alexander Yurchenko
	ok drahn@
2003-12-03	add support for ifconfig clone; ok henning deraadt	Markus Friedl

2003-12-03	add support for ifconfig clone/destroy; ok henning deraadt	Markus Friedl

2003-12-03	add support for ifconfig clone/destroy; ok henning deraadt	Markus Friedl

2003-12-02	UDP encapsulation for ESP in transport mode (draft-ietf-ipsec-udp-encaps-XX.txt)	Markus Friedl
	ok deraadt@
2003-11-16	convert __attribute__((__packed__)) to __packed so that parsers unaware	Anil Madhavapeddy
	of gcc extensions have more of a chance. ok mcbride@, no objections from millert@, deraadt@
2003-11-16	compile without INET6	Markus Friedl

2003-11-14	Don't include KAME link-local interface ID in HMAC.	Ryan Thomas McBride
	from itojun@
2003-11-09	No need to pass an unused struct carp_softc * into carp_input_c() from	Ryan Thomas McBride
	carp_input() and carp6_input().
2003-11-08	typos from Jonathon Gray;	Jason McIntyre

2003-11-07	Check to make sure that the packet was received on a carp-enabled interface.	Ryan Thomas McBride
	Pointed out by Marco Pfatschbacher, ok mickey@
2003-11-07	Clean up carp_iamatch() behaviour so we don't reply to arp requests when	Ryan Thomas McBride
	the interface is ifconfig'd down. Patch from Marco Pfatschbacher
2003-11-07	Add missing #ifdef INET6.	Ryan Thomas McBride
	Courtesy of markus@
2003-11-06	the previous change caused invalid checksums in some cases (rdr),	Daniel Hartmeier
	back it out temporarily, ok cedric@
2003-11-05	Cleanups.	Ryan Thomas McBride
	- Remove error variable which is not needed. - Add missing /* INET6 */ comments.
2003-11-04	add in(6)_pcblookup_listen() and replace all calls to in_pcblookup()	Markus Friedl
	with either in(6)_pcbhashlookup() or in(6)_pcblookup_listen(); in_pcblookup is now only used by bind(2); speeds up pcb lookup for listening sockets; from Claudio Jeker
2003-11-04	Add carp_setroute(), add and remove routes when the carp(4) interface	Ryan Thomas McBride
	enters and leaves MASTER state. Allows the system to connect to the common address when it is master. ok cedric@ henning@
2003-11-04	Use MGETHDR() instead of m_gethdr()	Ryan Thomas McBride
	Patch from Marco Pfatschbacher (Marco_Pfatschbacher at genua dot de)
2003-11-04	- Remove bogus function prototype	Ryan Thomas McBride
	- Put the correct address family in the BPF header Pointed out by Max Laier.
2003-11-04	kill a no longer relevant todo item	Michael Shalayeff

2003-11-04	Some cleanups from Andrey Matveev <andrushock@korovino.net>:	Ryan Thomas McBride
	- remove duplicate string; - carp_set_addr() -> carp_set_addr6() when INET6; - spacing police. Oh yeah, and we can take inet6 support off the todo list.
2003-11-03	There is no point in checking NIC capabilities before calling pf_test(),	Cedric Berger
	since pf_test() can drop the packet or route it through another NIC. ok dhartmei@ mcbride@ comment requested by markus@
2003-11-03	Cleanups:	Ryan Thomas McBride
	- missing #ifdef INET6. - fix check for interface going down in carp_send_ad(). - fix memory leak which occurs when when ifpromisc() fails. All from Max Laier, thanks.
2003-11-03	spacing	Theo de Raadt

2003-11-03	Some KNF cleanup. There's probably more to do.	Ryan Thomas McBride

2003-11-02	Typo; #ifdef INET not INET6.	Ryan Thomas McBride
	From Max Laier.
2003-10-31	Add IPv6 support to CARP.	Ryan Thomas McBride
	ok deraadt@
2003-10-27	Skew the advertisement interval correctly when we reschedule.	Ryan Thomas McBride

2003-10-27	Also check if we're going down before scheduling an advertisement	Ryan Thomas McBride
	when we fail to get an mbuf. This too is courtesy of Max Laier.
2003-10-27	Actually stop sending advertisements if we're Master and the carp(4)	Ryan Thomas McBride
	interface is brought down. Bug reported by Max Laier.
2003-10-25	additional hash for local port; improves speed of implicit bind	Markus Friedl
	from >1000K cpu cycles to 20-30K for 18000 sockets on i386; test+feedback by Claudio Jeker; ok itojun@; [make sure you rebuild netstat/systat, too]
2003-10-25	precompute most of hmac; fix size for md; ok mcbride	Markus Friedl

2003-10-23	We want to hash the whole md, not just the size of the pointer.	Ryan Thomas McBride
	Found testing CARP between sparc and sparc64.
2003-10-22	switch from keyed sha1 to hmac-sha1; ok mcbride@	Markus Friedl

2003-10-20	Fix endianness bug in carp_sha1_generate, hash the whole counter, and	Ryan Thomas McBride
	fix some whitespace nits while we're here.