| Age | Commit message (Collapse) | Author |
|---|
|
maybe one day we come up with a good reason for bgpd to use multipath
routes, but for now it doesn't make any sense - bgpd inserts the "best"
path fr a prefix, there's no point in inserting more than one. one is
always the "best" one by bgp metrics.
with claudio
|
|
mdoc tutoring and ok jfb@
|
|
more than once
|
|
|
|
the status of vnode disks, ok millert@
|
|
just plain close
|
|
- bad format string "\%s" -> "%s" in print-ike.c
fixes parsing using CIL, discussed with millert@ niklas@
|
|
it to let the main process to prepare new listening sockets (socket() and
bind()) on behalf of the session engine, which of course cannot bind() to
ports < 1024 any more once it dropped privileges. with some help from theo,
claudio ok
|
|
From: Marco Munari <mar@i.am> in PR3824
|
|
from popa3d patch by kame
|
|
|
|
limit on OPEN_MAX, modeled after bgpd
|
|
|
|
|
|
Remove unused macros Skip_Line and MkLower
Remove trailing whitespace
|
|
context-dependent usage help
|
|
hook the descriptors into the main poll and such.
we're not doing anything with the reply we recive yet, tho.
mostly hacked on the Frankfurt->Montreal flight, as batteries and those
horrible air canada seats permitted...
|
|
|
|
|
|
|
|
|
|
from Girish Venkatachalam. ok millert@
|
|
fields in passwd(5)). OK otto@ a while ago.
|
|
|
|
|
|
Reject responses from a remote server if sent an invalid (negative)
Content-Length. [Mark Cox]
|
|
*) Fix buffer overflow in "SSLOptions +FakeBasicAuth" implementation
if the Subject-DN in the client certificate exceeds 6KB in length.
(CVE CAN-2004-0488).
*) Handle the case of OpenSSL retry requests after interrupted system
calls during the SSL handshake phase.
*) Remove some unused functions.
|
|
timezones.
ok canacar@
|
|
we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit
as OPEN_MAX is _not_ the max # of open fds we can have, but just a default
for that setting.
in the same move we have to allocate the peer_l array, basically there
for pfd-index to peer pointers to prevent peer list scans all time,
dynamiccaly to. we overallocate a little and use that reserve until we
have to realloc again later to prevent reallocs for every single control
connection or a single flapping peer.
help & ok claudio
|
|
* More robust handling of NTP error conditions (e.g. host or
service unreachable).
* Improve the detection of stale and/or spoofed NTP responses
from servers.
* Add support for getaddrinfo(3)'s multiple host support if
error conditions occur (e.g. round-robin DNS, and the first
NTP server isn't responding, try the next host in line).
* Minor formatting/code cleanup.
ok henning@
|
|
ok millert@
|
|
and simplyfy the prefix production error handling slightly
from Mr. Memleak Terminator Patrick Latifi <pat@eyeo.org>, kickass!
|
|
noticed by die tuere;
ok beck@
|
|
help from, tweaks, and ok's: dhartmei@ otto@ millert@
|
|
by using a AuthNonce secret.
CAN-2003-0987
ok henning@
|
|
could make it easier for attackers to insert those sequences into terminal
emulators containing vulnerabilities related to escape sequences.
CAN-2003-0020
ok henning@
|
|
ok drahn@ henning@
|
|
|
|
|
|
supported address familiy, keep a tailq of an arbitary number of them.
the new struct listen_addr contains the sockaddr and the fd.
this fixes quite some nasty behaviour which was a consequence of the previous
model.
looks right deraadt@, and discussed with claudio
|
|
ok jakob@, henning@
|
|
ok henning@
|
|
expiry flag. Resolves PR 3792, though not by changing code, but by
changing docs, comments and an error message or two.
ok jmc@ millert@
|
|
ok grange@
|
|
|
|
Check return values for setgid, initgroups and setuid in code we don't compile.
Print the correct filename for the at job in mail sent.
Add some #if DEBUGGING in cron.c's usage().
Set sunlen each time before using it in accept().
Don't send mail at all if MAILTO is set but empty.
|
|
|
|
The gpioctl program allows to manipulate GPIO devices pins
Quick start for the Soekris net4801 users:
# gpioctl -c 20 out pp
# gpioctl 20 1
This will turn on the red error led.
If you want to use JP5 I/O pins, just use the /dev/gpio1 device.
Quick start for the PC Engines WRAP.1C users:
# gpioctl 40
This will read the state of the button (0 means pressed).
# gpioctl -c 2 pp out
This will turn the first led on, to turn off write 1 to the pin,
it's reversed. For the second and the third leds use pins 3 and 18.
ok deraadt@
|
|
are mode 0400 too. From Walt Howard.
|
|
be logged by the subsequent block, aborting evaluation when matching.
Useful to log some daemons to dedicated files only (not polluting standard
files with their messages). ok beck@, henning@, millert@
|
