src - OpenBSD base system

Age	Commit message (Collapse)	Author
2017-08-12	allow filter rules to be written that affect ibgp or ebgp neighbors	Peter Hessler
	discussed with henning@ OK claudio@, benno@, job@
2017-08-12	Make not yet implemented pledges more visible in grep output.	Florian Obser
	input benno, deraadt, tedu also standardize on #if 0 since it makes tedu's editor vomit. OK benno, pirofti on a previous version
2017-08-12	bring ospf6d's log.c in sync with ospfd and bgpd	Sebastian Benoit
	ok florian@ claudio@
2017-08-12	update to unbound 1.6.4, ok florian@	Stuart Henderson

2017-08-12	add a new option to set limits on max-sessions each IPCP.	Kazuya Goda
	It can set limits on different max-sessions if there're using several protocols such as PPPoE and L2TP/IPsec. ok yasuoka@
2012-03-26	Import Unbound 1.4.16 to work on in-tree (not yet linked to the build).	Stuart Henderson
	These are the direct sources from NLnet Labs upstream, minus these: compat contrib libunbound/python pythonmod testcode testdata winrc ok deraadt@ jakob@
2017-08-12	No need to constantly re-open a socket. Just open it up front and keep	Florian Obser
	it around. OK jca
2017-08-12	Initial pledge for snmpd. snmpe remains unpledged. Regression tests pass.	rob
	Ok benno@, jca@.
2017-08-12	stop pretending that qnames are always strings. treat everything as a	Ted Unangst
	dname always.
2017-08-11	punctuation;	Jason McIntyre

2017-08-11	zero out sockaddr_in before use; fixes use of stack garbage as port number	Christian Weisgerber
	in "query from"; ok phessler@ job@
2017-08-11	Convert httpd to tls_config_set_ecdhecurves(), allowing a list of curves	Joel Sing
	to be specified, rather than a single curve. ok beck@
2017-08-11	add a new option to set limits on user-max-sessions each AUTHENTICATION.	Kazuya Goda
	It can set limits on different user-max-sessions if there're using several protocols such as PPPoE and L2TP/IPsec. ok yasuoka@
2017-08-11	Use vmd's process rdomain via getrtable() instead of 0 by default.	Reyk Floeter
	This allows to run "route -T 1 exec vmd" to get rdomain 1 tap(4) and bridge interfaces by default. ok mlarkin@
2017-08-11	display MRU each sessions in npppctl session command	Kazuya Goda
	ok yasuoka@
2017-08-11	softreconfig in and out are on by default for ever and machines now have	Claudio Jeker
	enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
2017-08-11	missed in previous	Florian Obser

2017-08-11	regen	Florian Obser

2017-08-11	update to 4.1.17	Florian Obser
	OK sthen
2017-08-10	naddy@ reported confusion on why "query from" seemed to be ignored in	job
	some cases. OK naddy@ henning@
2017-08-10	don't have cu try to open '/dev', instead check if there's a valid tty	Jasper Lievisse Adriaanse
	associated with the vm upfront as discussed with and ok mlarkin@ pd@
2017-08-10	No need to handle multiple routing messages here.	Jeremie Courreges-Anglas
	route(4) sockets only ever ship a single routing message per read(2) call, so simplify this. Mostly mechanical diff for now, some further cleanups will follow. ok rob@ florian@
2017-08-10	vmd: partially back out a change committed yesterday regarding guest	Mike Larkin
	changing IRQs. After discussing with kettenis, that wasn't the right way to do things, and this diff fixes that. ok kettenis
2017-08-10	whitespace	Mike Larkin

2017-08-10	Pledge snmpctl. Ok jca@, tb@	rob

2017-08-10	Fix a comment and line length. Noted by Dennis fondras.	Sebastian Benoit
	ok benno@
2017-08-10	replace memcpy() with assignements where the type is the same.	Sebastian Benoit
	noticed by deraadt@, ok claudio@
2017-08-10	handle extended communities in bgpctl.	Sebastian Benoit
	From Dennis Fondras, thanks! ok phessler@
2017-08-09	vmd: allow guest PCI interrupt line reassignment.	Mike Larkin
	I also added a couple config space register names to pcireg.h to try and reduce the use of magic numbers in vmd/pci.c ok pd@
2017-08-09	Use X509_pubkey_digest() like libtls to hash the keys for the TLS privsep	Claudio Jeker
	code. This fixes interception mode (since there we rewrite the CERT which would alter the hash of the cert but the keys still remain the same). OK bluhm@ and jsing@
2017-08-09	Call tls_config_skip_private_key_check() to disable the key checking in	Claudio Jeker
	the inspect case (same is done in the regular server mode). OK bluhm@ and jsing@
2017-08-09	the recent adjustment of -i means usage() fits nicely on	Jason McIntyre
	two lines now, instead of three;
2017-08-09	Remove knob and always do neighbor unreachable detection.	Florian Obser

2017-08-09	accept_rtadv doesn't do anything since some time.	Florian Obser
	OK mpi
2017-08-09	add mail.mda MDA in charge of running a third-party MDA, not linked yet	Gilles Chehade

2017-08-09	at the exception of mail.local, smtpd never executes an MDA as root.	Gilles Chehade
	the check is performed daemon-side before even forking the child process, but let's also check euid in the mda we ship in case someone executes them by hand and needs to see an explicit error message.
2017-08-08	Kernel sendsyslog(2), libc syslog(3), and syslogd(8) restrict and	Alexander Bluhm
	truncate the length of a syslog message to 8192 bytes. Use one global define LOG_MAXLINE for all of them. OK deraadt@ millert@
2017-08-08	Use configtest as one word like other network daemon man pages.	rob
	Ok benno@, jmc@
2017-08-08	Consistent use of log.c, and removal of err.h include. Makes ifstated	rob
	configtest output the same as other networking daemons. Ok jca@
2017-08-08	Do not forget to reschedule the timer when we receive a new prefix.	Jeremie Courreges-Anglas
	This way the new prefix can be advertized asap. ok florian@
2017-08-06	Improve error checking during processing of routing messages. Handling of	rob
	RTM_DESYNC encouraged by deraadt. ok jca@ benno@
2017-08-06	packet.c and parse.y no longer require err.h. ok jca@ florian@	rob

2017-08-06	Remove comma from last element since that is the terminator.	Claudio Jeker

2017-08-06	add a zeroed out element at the end of the iana_ext_comms array, so	Sebastian Benoit
	that the iteration over it actually stops. ok and feedback from florian@ phessler@ and claudio@
2017-08-06	a long time ago, we made a change to the format of envelopes and introduced	Gilles Chehade
	a function to upgrade from v1 to v2 on the fly. this was meant to stay just for the transition in one release. 3 years and 8 months later, it's finally time we remove it ;-) ok eric@, sunil@
2017-08-05	vmd: report queue size of 0 when invalid queues are requested by the guest	Mike Larkin
	Diff supplied by Nick Owens, who was kind enough to also point out the virtio spec section numbers that defined this behaviour.
2017-08-04	Only call find_pkg when we are using other options with -Q.	Aaron Bieber
	This resolves the speed issues Michael Reed <michael@michaelreed.io> reported that were introduced by my changes in 1.45. OK landry@
2017-08-04	the PURGE_EVERYTHING flag used to purge config bits was inaccurate	Gilles Chehade
	ok eric@
2017-08-04	Adjust the html index-parsing regex to cope with anchor tags that aren't	Stuart Henderson
	just '<a href="foo">'; several mirrors now include a title attribute which pkg_add can't cope with. Diff from Taylor Stearns to handle attributes following the href; tweaked by me to also handle attribute before the href. ok zhuk@
2017-08-04	Remove unused structs and defines, from Edgar Pettijohn. ok jca@	rob