| Age | Commit message (Collapse) | Author |
|---|
|
and update documentation accordingly.
Patch mostly based on an old patch from Martin Algesten he posted
2002 in apache bugzilla entry: 10772
OK, pyr@
|
|
because iPhone doesn't support modp2048.
|
|
|
|
|
|
ok claudio@
|
|
|
|
OK dlg@
|
|
used to quickly verify if two LSDBs are in sync. Other systems do the same.
OK dlg@
|
|
name choosed with help from dlg@
ok claudio@
|
|
- pipex requires unique session-id in protocol, so session-id
generation algorithm has been changed.
- change to fit the new PIPEX ioctl.
ok dlg@
|
|
|
|
syntax has settled down.
|
|
poked by claudio@. repeatedly.
|
|
|
|
|
|
OK dlg@
|
|
|
|
|
|
Currently only discovery and reload work.
OK dlg@, matthew@, deraadt@
|
|
Currently implements the absolute minimum of the protocol to make
it work against targets. Many things still in flux but we're annoyed
to work outside of the tree. Commited from a source tree on an iSCSI
disk served via iscsid but it is not yet production ready.
OK dlg@, matthew@, deraadt@
|
|
CCP is failed to be opened because the peer doesn't support MPPE. Fixed to
setup a PIPEX on such case.
|
|
ok jakob@
|
|
instead of letting hardware rings grow on every interrupt, restrict
it so it can only grow once per softclock tick. we can only punish
the rings on softclock ticks, so it make sense to only grow on
softclock tick boundaries too.
the rings are now punished after >1 lost softclock tick rather than
>2. mclgeti is now more aggressive at detecting livelock.
the rings get punished by an 8th, rather than by half.
we now allow the rings to be punished again even if the system is
already considered in livelock.
without this diff a livelocked system will have its rx ring sizes
scale up and down very rapidly, while holding the rings low for too
long. this affected throughput significantly.
discussed and tested heavily at j2k10. there are still some games
with softnet we can play, but this is a good first step.
"put it in" and ok deraadt@
ok claudio@ krw@ henning@ mcbride@
if we find out that it sucks we can pull it out again later. till then
we'll run with it and see how it goes.
|
|
ok yasuoka@
|
|
was not enabled, we use a kernel routing socket for such things.
ok yasuoka@ claudio@
|
|
copy sbin/iked/chap_ms.[ch] and fixed chap.c and eap.c to compile with it.
|
|
ok yasuoka@
|
|
addresses/ports too. ok ryan dlg
|
|
|
|
and protocol header actually fit in the common cases.
stays until canacar tells us how to do it right ;)
ok dlg ryan
|
|
SASL. This works by prefixing the userPassword attribute with {BSDAUTH},
followed by the (bsd) username. For example:
userPassword: {BSDAUTH}username
Idea by william@. Tested by william@.
|
|
in the MIB, rather than a different spelling (sensorMIBObjects).
ok martinh@
|
|
Makes my terminal happier when debugging.
|
|
attempt to expand the local delivery buffer when relaying mail, it was
kind of ok before but no longer is)
- use the same buffer for local deliveries to files and commands
tested by jmc@ and I
|
|
tables and scalar values.
Fixes system/6468 by not calling table get functions with an unexpectedly
short OID.
Also fixes system/6071. Scalar variables without an instance specified now
returns a noSuchInstance error. GetNext requests correctly returns the .0
instance.
This means you can no longer rely on
$ snmpget -v2c -c public localhost SNMPv2-MIB::sysDescr
returning the .0 instance. You need to specify it explicitly:
$ snmpget -v2c -c public localhost SNMPv2-MIB::sysDescr.0
Also return proper SNMPv2 errors per varbind instead of a noSuchName error
status, unless SNMPv1 was specified in the request.
An earlier version of this diff tested by Remi Laurent, thanks.
|
|
|
|
return an error exception value for a varbind result ("noSuchObject[0]
IMPLICIT NULL" in rfc1905).
|
|
revert that part of yesterday's diffs;
|
|
out-of-date-ed after my privilege separation work at n2k10.
|
|
|
|
|
|
allows user to undef them, and thus not to set utimes.
Use that to not set utimes for pkginfo.
fixes kili@'s bug in a nicer way wrt Ustar interface...
|
|
This gives a more compact output.
|
|
length of its expand buffer. this commit introduces a new lka_expand()
that has been simplified, that fixes the bug and that is more robust.
callers of lka_expand() can now determine that it has failed and throw
the recipient at session time.
lka_expand() rewrite by oga@, changes around it by me, tested on a few
different setups but no feedback from tech@ so ... let me know if it's
breaking something for you
|
|
|
|
|
|
by expanding them to several rules, I forgot to copy the tags to the
expanded rules. this commit unbreaks matching rules by tag.
documentation follows shortly ...
spotted and fixed by me a while ago, jacekm@ timeout
|
|
changes to lka_expand() but it looks like a bit more work :-)
|
|
%U for sender localpart
%D for sender domainpart
diff sent to tech@ by Gregory Edigarov <greg@bestnet.kharkov.ua>, timeout
by jacekm@, ok by me
|
|
resolver. if we run scarce on resources and we cannot fork a separate dns
process or we cannot socketpair() tell the caller that we have a temporary
failure rather than issueing a fatal(). message will stay in queue and be
rescheduled later ...
bug reported and bugfix tested by Sacha El Masry <lists@devilray.eu>
|
