Age | Commit message (Collapse) | Author |
|
|
|
ok millert@
|
|
|
|
Default is now to attempt RRDP first, then try RSYNC.
If problems show up, return to rsync-only behaviour with -R, and file a report.
ok claudio
|
|
and fragment number components instead of printing the whole field in decimal.
ok sthen@ kn@ jca@
|
|
|
|
|
|
refactor the code into figuring out simple updates: if we don't have
any @execs but just @tags, we can probably do something simpler wrt
temporary files and temporary filenames, which should speed up texlive
updates significantly.
(the tempfile code is not there yet, just the check for safe updates)
|
|
in flame graph. Only when both kernel and userland are displayed,
the whole picture of system activity becomes clear. Fixes a parsing
bug in the flame graph tool where userland time was interpreted as
invalid kernel stack.
OK kn@
|
|
ok deraadt@
|
|
|
|
|
|
far better in the manual pages
ok jmc
|
|
network commands). Instead of passing the peer as argument to the tree
walker just default to peerself in network_flush_upcall().
OK benno@
|
|
everywhere.
OK benno@
|
|
switch statement. This way common code is referenced only once.
OK sthen@
|
|
are processed in the Adj-RIB-Out this is no longer needed since the passed
in pointer is still referenced and is not allowed to be freed.
Adjust the mrt code similar to how up_generate_attr() uses aspath_deflate().
OK sthen@
|
|
because it included two extra bytes (copy-paste error from graceful restart).
|
|
BEGIN and END use a fake dt(4) event, so in order to use the nsecs
var or time() it needs a timespec set. Init for BEGIN and update
at END.
ok mpi@
|
|
ok millert
|
|
ok kettenis
|
|
recorded as a new dependency. Even though ForwardDependencies normally
takes care of that, with tags, this is not enough.
(this happens only because libexecinfo was a "tight" dependency, thus
resulting in a large UpdateSet, and when some of the objects did require
tags in the new package, and when the order of things meant that BaseSystem
was considered a bit early).
Since there's no handle at this point, a dirty but efficient test vs
BaseSystem will do (which is not a valid normal package name anyhow)
tested to fix the obnoxious warning landry@ saw, which I was able to
reproduce on a box...
|
|
The original implementation of the virtio network device assumed a
driver would only provide a 2-descriptor chain for receiving packets.
The virtio spec allows for variable length chains and drivers, in
practice, construct them when they use a sufficiently large MTU.
This change lets the device use variable length chains provided by
the driver, thus allowing for drivers to set an MTU up to the
underlying host-side tap(4)'s limit of TUNMRU (16384).
Size limitations are now enforced on both tx and rx-side dropping
anything violating the underlying tap(4) min and max limits.
More work is needed to increase the read(2) buffer in use by vmd
to prevent packet truncation.
OK mlarkin@
|
|
The old defaults are just not sane anymore.
OK sthen@
|
|
things:
- Only allow SNMPv3 by default. SNMPv1 and SNMPv2c can be enabled by
setting the new snmpv* flags on the "liston on" statements.
- Remove the default community names. They're not secure to use.
- Change the default seclevel to enc.
Initial idea, help from and OK sthen@
|
|
|
|
Linux guests like to issue VIRTIO_BLK_T_GET_ID commands in attempts
to read the device serial number. It's not part of the virtio spec,
but has been part of QEMU and Bhyve for multiple years. It will be
landing in the next version of virtio (1.2), so this stubs out
handling for the request type. The added benefit is it helps squelch
log noise from Linux guests.
For now, no serial number is set and the request status is set to
VIRTIO_BLK_S_UNSUPP to tell the driver we don't support it.
While here, swap the response to VIRTIO_BLK_T_FLUSH{,_OUT} to be
also returning VIRTIO_BLK_S_UNSUPP. It's not negotiated nor
implemented. Lastly, add checks for validating the vioblk device
is only reading/writing descriptors with approrpriate read/write-only
flags per the virtio spec.
With input from claudio@, OK mlarkin@
|
|
can be enabled with 'announce enhanced refresh yes'
Similar to graceful restart this allows to mark routes as stale, refresh
them and the flush out routes that are still stale. Enhanced route refresh
uses a begin of rr and a end of rr message to signal the various stages.
A future enhancement would be the addition of a timeout in case the EoRR
message is not sent in reasonable time.
OK denis@ job@
|
|
seems OK claudio@
|
|
and use it in the two places that need to keep in sync.
OK sthen@
|
|
rde_up_dump_upcall(). This is the 4th place up_generate_updates() is
called.
|
|
to rde_generate_updates() but forgot to add the same checks to
rde_softreconfig_out(). As a result a config reload could result in
prefixes for a not-negotiated address family to leak into the Adj-RIB-Out.
Adjust both rde_generate_updates() and rde_softreconfig_out() to use the
same filter logic.
Also adjust rde_up_flush_upcall() to pass the peer as argument instead of
using prefix_peer(). The up_generate_updates() call there does not need
any filtering since the walker runs on the Adj-RIB-Out and just withdraws
everything.
OK job@ on a previous diff
|
|
OK job@
|
|
ones being sent out. Mainly prepend the ASPATH if needed and also change
the nexthop to the one being sent.
This should make the `bgpctl show rib out` output show the values the
peer receives.
OK job@
|
|
Lots of organic growth other the years lead to unnecessary includes
(proc.h everywhere) and odd dependencies between header files. This
cleans things up a bit to help with upcoming cleanup around dhcp
code.
No functional change.
"go for it" mlarkin@
|
|
OK claudio@
|
|
For this we need to be able to handle multiple routes being sent from
the engine to the main process as well as to the control tool.
The configuration of the various cases (default route, directly
connected routes, non-default route via a gateway) was inspired by
dhclient's set_routes() and should behave the same way.
Tested by Uwe Werler
|
|
where this filtering was done in bpf but here vmd needs to make sure to
not look at non IPv4 packets.
OK florian@ and dv@
|
|
ok jung@
|
|
|
|
This check was incomplete: to correctly verify the ASN1 INTEGER holding
the version component, first the context specific explicit tag would need
to be checked.
However, the X.690 spec (section 11.5) states that if the one should not
encode a component if it is the default value. There are no RFCs specifying
new versions of ROA or MFT, so checking the content of the version component
should be skipped entirely.
Thus if the version component is present, something is wrong.
|
|
surrounding code to handle these errors gracefully. When rpki-client runs
out of space it will keep on running including the cleanup at the end.
This way the temporary and old files are removed hopfully giving back some
space. This affects mainly RRDP and the initial fetch of TA files.
OK job@
|
|
is large enough for the cache. People like to build VM images with way
too small filesystems and so warning about this situation should help.
With deraadt@ and job@
|
|
No need for each case in the switch block to have the same logic
for updating the used ring and writing the state back to the guest.
Move it outside the switch. No functional change.
ok mlarkin@
|
|
Instead of translating imsg types, update vmclt(8) to handle receiving
IMSG_VMDOP_TERMINATE_VM_EVENT messages on vm termination.
This finishes the work previously committed for supporting multiple
waiters or the cancellation of a client waiting on a vm shutdown.
vmd no longer needs to translate an IMSG_VMDOP_TERMINATE_VM_RESPONSE
into an *_EVENT.
ok mlarkin@
|
|
A sufficiently large dhcp packet can cause a stack overflow in vmd's
internal dhcp server used for providing ip addresses to local guest
interfaces. (This does not affect non-local interfaces.)
The primary changes drop larger packets and change the memory copying
logic to use a compile-time constant. The dhcp option processing
also additional prevention for out of bound reads.
While here, improve construction of the dhcp response's hostname
handling to guard against overflowing the response dhcp options.
Vulnerability reported by Maxime Villard.
ok claudio@
|
|
Special values need to be translated to longs for use with functions
like hist/lhist. Add "cpu" to conversion list.
ok mpi@
|
|
name as is done elsewhere on this page.
pointed out by jmc
|
|
|
|
|