| Age | Commit message (Collapse) | Author |
|---|
|
desired name of the MX not being present in the certificate, log that
this is he reason for the failure and the name we couldn't find in
the cert.
ok millert@ martijn@
|
|
From Geoff Hill.
|
|
This exposes VMM_IOC_MPROTECT_EPT which can be used by vmd to lock in physical
pages. Currently, vmd just terminates the vm in case it gets a protection fault
in the future.
This feature is used by solo5 which uses vmm(4) as a backend hypervisor.
ok mpi@
Patch from Adam Steen <adam@adamsteen.com.au>
|
|
|
|
an unusually long uid.
Reported by Adarsh Dinesh. Thanks!
|
|
OK remi@
|
|
|
|
open error can be better logged to the operator. The cryptowarnx function
logs warnings is a less optimal way (mainly because of OpenSSL error stacks).
OK benno@ deraadt@
|
|
to check all files in a mft before failing and also the check is now done
after the embedded cert was checked.
This refactor was triggered because of a bug in mft_parse_econtent().
check_validity() altered rc but later failure code assumed that goto out
is good enough to return an error (rc == -1) but since rc was 1 success
was returned. This bug is now also fixed.
Bug report and OK job@
|
|
function name. Also AKI (authority key identifier) should be capitalized
and use duplicated instead of dup. There was a case where this error got hit
so better make it pretty.
|
|
This is necessary to not silently continue if pppx_ioctl() returns an
error.
Found out by and diff from Vitaliy Makkoveev.
ok yasuoka@
|
|
|
|
4861. No binary change.
While here consistently use #define<tab> instead of #define<space>.
|
|
checked. This way all corrupted or missing files should show up in a
single run. This should help operators to get a better idea what and how
much is broken.
OK benno@
|
|
on. In case the file hash does not match or the file does not exist the full
MFT is considered invalid and dropped. With this partial ROA updates based
on a corrupt data set will produce less likely inconsistencies in the VRP
output.
With and OK job@
|
|
|
|
Also change get_net_link() and get_rtr_link() to work like ospfd(8)
couterpart.
OK remi@
|
|
|
|
The size is first rounded up in case where the input string length is not
a multiple of 4.
Reported by kristaps@
|
|
|
|
We already supported "beta" releases but not "alpha", probably to
discourage people from pushing "alpha-quality" software in the ports
tree.
We have 30 ports with distfiles matching "alpha", and people just work
around the lack of explicit support for "alpha" releases with mixes of
crafted PKGNAME and REVISION/EPOCH. This looks needlessly complicated
and a bit unfair when compared to GH_COMMIT support.
Pointers from landry@ and sthen@, lgtm landry@, no objection from espie@
|
|
|
|
Fix build on at least sparc64
|
|
|
|
This allows to use oneliners like:
# btrace -e 'profile:hz:99 { @[tid] = count(); }'
ok kn@
|
|
ok jasper@ mpi@
|
|
negotiated IKE SAs, their Child SAs and resulting IPsec flows.
ok patrick@
|
|
|
|
While here, reword existing function descriptions a little.
Feedback OK mpi jmc
|
|
Rewrite some functions to return a string instead of calling printf directly.
OK benno@
|
|
|
|
|
|
|
|
The following is now possible but won't print anything by default:
# btrace -e 'profile:hz:99 { @[kstack] = count() }'
ok patrick@, tobhe@
|
|
key of a map.
This makes map indexed by stack traces work. For example to know where
the sleeps are coming from:
tracepoint:sched:sleep {
@map[kstack] = count();
}
ok patrick@, tobhe@
|
|
matching destination ID.
ok patrick@ markus@
|
|
OK mpi
|
|
ok millert@
|
|
|
|
Names help identify the right iodevice to be assigned in ldom.conf(5);
they directly match the structure seen in the iLOM shell, and the output
format is similar to Solaris "ldm list-io".
OK kettenis
|
|
strlen().
ok millert@
|
|
Otherwise, if neither -r nor -u is specified, it will be used uninitialized.
Found by tobhe@; OK tobhe@ deraadt@
|
|
ok eric@ deraadt@
|
|
once in the input file is not correct. I thought the RPKI validators would
aggreagte these entries but that is not necessarily the case.
There are cases where prefixes show up with the same source-as multiple times
with different maxlen lenght. In those cases merge these multiple entries
and keep the one entry with the longest maxlen length since that is the VRP
which covers all others.
Found by job@ OK benno@
|
|
From tom@
|
|
From Hiltjo Posthuma
|
|
This prevents your laptop from immediately going back to sleep after
resume, leaving you some time to look up stuff or even stop apmd in
case you need the machine RIGHT NOW.
Blocking autoaction until the laptop resumes prevents spurious
suspend/resume cycles.
Advices from cheloha@
|
|
from Matt Schultz
|
|
This also prevents the access of an initialized pointer in
traphandler_fork_handler as found by jan@.
OK jan@
|
|
Also make the outputs table const.
Based on a suggestion from claudio@, ok deraadt@ claudio@
|
