| Age | Commit message (Collapse) | Author |
|---|
|
just until one accepts the TCP connection. In multi server environments,
this makes ypldap more resilient when some servers are misbehaving.
While here, add the server address to log messages relating to connection
errors to make it easier to identify which server is failing.
ok tb@
|
|
|
|
accordingly, load it "just in time" in State.
Most calls get simplified, and we can save more state for later.
|
|
export part, and be explicit about how we call code refs.
|
|
instead of defined/undefined, so that the code sub is called with
the right number of parameters.
|
|
|
|
on a BSD system anyhow (duh moment, thx semarie@)
|
|
pathname and junk are both optional, but indipendently so.
ok aisha, millert
|
|
|
|
|
|
|
|
Use execv(3) instead of system(3) to run external commands.
This avoids problems with whitespace and shell metacharacters
in path names. OK op@
|
|
|
|
|
|
(for try/catch)
signatures will be much more powerful once I move to 5.36
|
|
$r2 computation was wrong, led to an undef, which autovivification promptly
masked
|
|
There are some minor semantic differences but nothing that should
affect files in /etc/skel. OK op@
|
|
errno doesn't generally contains anything useful after libtls functions,
and in most cases it's explicitly cleared to avoid misuse, so change a
few fatal() calls to fatalx() when logging libtls failures. Also, add
the real error string, via tls_error() or tls_config_error(), that was
missing before.
ok millert@
|
|
fail the transfer and fall back to rsync.
When more than one publish element for the same file exist the RP does
not know which one to choose. Lets fail the RRDP transfer in this case
and fall back to rsync. CA that publish a file more than once are buggy
and need to be fixed.
OK job@ tb@
|
|
|
|
and having a forwarder for system for ONE use is a bit much !
|
|
|
|
|
|
|
|
|
|
document a few useful details
introduce a less confusing set_destdir inteface for later
|
|
we never know when we may need to change crypto-hashes!
|
|
the inheritance hierarchy or the exact interface for ->add
|
|
|
|
|
|
mimicing perl base syntax on fh objects and the likes), so use the
more consistent class->method calling method in examples (and in code)
|
|
|
|
|
|
would break scripts, go figure), highlight the staging servers so that
people with non-standard configurations (challenge/response) get a chance
at figuring things out.
okay tb@
|
|
All callers of memsave() pass strlen(s) as the size argument.
We can eliminate the size argument and just use strdup(3) instead.
OK tb@
|
|
while here adjust the spacing in some of the touched lines.
requested by deraadt@, ok tb@
|
|
While splitting out emulated virtio network and block devices into
separate processes, I originally used named mappings via shm_mkstemp(3).
While this functionally achieved the desired result, it had two
unintended consequences:
1) tearing down a vm process and its child processes required
excessive locking as the guest memory was tied into the VFS layer.
2) it was observed by mlarkin@ that actions in other parts of the
VFS layer could cause some of the guest memory to flush to storage,
possibly filling /tmp.
This commit adds a new vmm(4) ioctl dedicated to allowing a process
request the kernel share a mapping of guest memory into its own vm
space. This requires an open fd to /dev/vmm (requiring root) and
both the "vmm" and "proc" pledge(2) promises. In addition, the caller
must know enough about the original memory ranges to reconstruct them
to make the vm's ranges.
Tested with help from Mischa Peters.
ok mlarkin@
|
|
vm_instance was using the wrong vm instance for checking the
vm_kernel_path member. Switch to using the value from the parent
vm instance in the check for if a kernel is known.
Issue reported by kn@. OK mlarkin@, kn@.
|
|
Adding in the ability to override the boot kernel created an edge
case in the ipc message handling logic for the parent process (vmd)
when receiving a "start vm" request. Result was incorrectly responding
to the control process, and as a result the vmctl client, with a
bogus "start vm response" reply with an empty tty name.
This commit rewrites the logic of how vmd goes about processing the
"start vm" request with the aim of making it simpler to understand
while addressing the edge case.
Issue reported by kn@. OK mlarkin@.
|
|
This only works for a single static binary where everything was compiled
with -fno-omit-frame-pointer since the stack unwinder requires the
frame-pointer.
A possible btrace script to capture performace of a single process is:
profile:hz:100 / pid == $1 / {
@[ustack] = count();
}
Then using btrace -p program uprofile.bt `pgrep program` will collect
the information for program.
This is far from perfect but should allow other people to play with this
and hopefully improve work.
OK mpi@
|
|
vmd looks at hw.ncpuonline not hw.ncpu[found], which can differ w/o SMT.
|
|
mismatches
This makes it easier to understand "when" certain error conditions arose.
OK tb@
|
|
it is done for CERT_AS_INHERIT.
Without this inheritance of IP address resources does not work. Problem
noticed by Ties de Kock (tdekock (at) ripe.net)
OK job@ tb@ benno@
|
|
the next connect will immediatly timeout again which is not intended.
It does not matter in the other case since the connection is destroyed anyway.
Problem noticed by job@ and Jelle (jelle (at) luteijn.email)
OK job@ tb@
|
|
spotted while diffing with -portable, where tz is marked as const.
ok tb@
|
|
ok millert@
|
|
ok millert@
|
|
|
|
This does not change the query string argument. We may do this
at a later stage.
OK tb@
|
|
'invalid' conflicts with the 'in' keyword and the parser is not smart
enough to handle this. As a secondary benefit the term 'invalid' is
less overloaded. There are various reasons why prefixes are not eligible
in the route decision process calling them all 'invalid' is a bit harsh.
job@, tb@ and benno@ agree
|
