| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2019-02-26 | Move release check up front. | Antoine Jacoutot | |
| 2019-02-26 | ikectl's built-in CA command for simple configurations has a fixed certificate | Stuart Henderson | |
| validity for the ca certificate. Raise this from 365 days to 4500 as expiry means installing new CA certificates on all client machines which can cause significant pain. This doesn't change the default validity for server certificates which remains at 1 year (controlled by ikeca.cnf) - refreshing key and certificate on these can be done easily without visiting all machines. ok deraadt@ | |||
| 2019-02-26 | Add missing break; in case statement and while there check that the | Claudio Jeker | |
| filter_community type is valid. Found while looking into a gcc warning about uninitialized data. | |||
| 2019-02-26 | Some betoh64 sneaked in again, change to be64toh to be posix compliant. | Claudio Jeker | |
| 2019-02-26 | Add support for '*', local-as and neighbor-as for ext-community matching | Claudio Jeker | |
| and setting. This allows rules like: ext-community * * # delete any ext-community ext-community ovs * # delete any ext-community of specified type ext-community rt 1.2.3.4:* and ext-community rt 65001:local-as ext-community rt local-as:11111 Note: Sometimes the type of the ext-community is underspecified when using wildchars or expands. So 'ext-community rt *' or 'ext-community soo *' will match for any of the 3 possible types (2-byte AS, 4-byte AS and IP address). If local-as/neighbor-as is used as an expand of as-number like ext-community rt local-as:11111 then bgpd will default to the 4-byte AS type to encode the community. OK benno@ | |||
| 2019-02-25 | Use struct bgpd_addr instead of a union of sockaddrs to store addresses | Claudio Jeker | |
| in the mrt dump structs. This is more compatible with bgpctl since it uses struct bgpd_addr in most cases anyway. OK kn@ | |||
| 2019-02-22 | errror -> error in log messages; from alessandro gallo | Jason McIntyre | |
| 2019-02-21 | type is not used here. Still keep a comment around to keep the code | Claudio Jeker | |
| similar to all other attr parsers. | |||
| 2019-02-21 | Adjust bgpctl to the new ctl_show_interface struct that is sent instead of | Claudio Jeker | |
| the system specific struct kif. Makes this code a lot more portable but still prints the same info in the same way. OK sthen@ | |||
| 2019-02-21 | Media and link states are highly OS dependent, to make porting easier | Claudio Jeker | |
| export the interface info in a way that does not need OS specific functions to print it. Link state and media are now strings that are set by bgpd. bgpctl can just print them. Move get_linkstate and get_media_descr to kroute.c where all other system specific stuff is. OK sthen@ | |||
| 2019-02-20 | fix attribute name | denis | |
| 2019-02-20 | Forgot to set the sockaddr length field which is mandatory on the pfkey socket. | Claudio Jeker | |
| Fixes tcp-md5 issues noticed by benno@, OK benno@ | |||
| 2019-02-20 | fix a regression in the 'hostnames' mapping to select hostname based on the | Gilles Chehade | |
| IP address of a listener, it should use the listener address not the client address as a selector, otherwise it will always display the default name if you don't connect from the local host. | |||
| 2019-02-20 | Drop '-S' knob from install(1). It's the default and a no-op nowadays. | Antoine Jacoutot | |
| ok deraadt@ | |||
| 2019-02-20 | vmd(8): initialize guest %drX registers to power-on defaults on launch | Mike Larkin | |
| Initializes the %drX registers to power on defaults, and bump the VM send/recieve header to reflect same discussed with deraadt@ | |||
| 2019-02-19 | use \t instead of a literal tab in a format string | David Gwynne | |
| 2019-02-19 | convert a series of if statements checking the cap type to switch | David Gwynne | |
| 2019-02-19 | httpd(8): add support for setting custom FastCGI parameters. | Paul Irofti | |
| This commit extends the existing grammar by adding the param option to the fastcgi directive: fastcgi param name value. Example usage: fastcgi param VAR1 hello fastcgi param VAR2 world With help and OK florian@ Rogue manpage bits, feel free to modify them. | |||
| 2019-02-19 | Switch betoh64 to the posix be64toh also remove some casts since we now | Claudio Jeker | |
| use long long instead of int64_t. | |||
| 2019-02-19 | Convert some (u_)int64_t to (unsigned) long long. Makes portability a bit | Claudio Jeker | |
| nicer since it requires less casts. sigh deraadt@ | |||
| 2019-02-18 | Bring in fixes in the community parsing code done in parse.y and fix | Claudio Jeker | |
| a bug that sneaked in some time ago which broke large community parsing. Bug found by gcc on a linux box | |||
| 2019-02-18 | Add stdlib.h since bsearch and strtoul need it. | Claudio Jeker | |
| 2019-02-18 | Initialize type and subtype because modern gcc complains about it. | Claudio Jeker | |
| 2019-02-18 | Drop netmpls/mpls.h include, not needed here. | Claudio Jeker | |
| 2019-02-18 | Use (unsigned) long long instead of (u_)int64_t since that drops the | Claudio Jeker | |
| need to do casts for printf. | |||
| 2019-02-18 | For portability use a (unsigned long long) cast for %llu / %llx formats | Claudio Jeker | |
| in printf since not all systems use unsigned long long for u_int64_t. | |||
| 2019-02-18 | Move get_mpe_config() to kroute.c so that config.c does not depend on | Claudio Jeker | |
| system specific code. | |||
| 2019-02-18 | Do not depend on the length field of struct sockaddr instead pass the | Claudio Jeker | |
| length to the various functions needing it. Helps portability. OK benno@ | |||
| 2019-02-17 | s/unwind_/uw_/ to save screen real estate | Florian Obser | |
| 2019-02-15 | Move the depend on state calculation from session.c to kroute.c. This | Claudio Jeker | |
| helps making the code more portable. OK sthen@ | |||
| 2019-02-15 | Remove stray ',' at end of a yacc rule. Noticed by bison. | Claudio Jeker | |
| 2019-02-15 | Use the posix version of betoh64() which is spelled be64toh() this is more | Claudio Jeker | |
| portable. | |||
| 2019-02-15 | Another missing endian.h | Claudio Jeker | |
| 2019-02-15 | Needs endian.h because of betoh64() | Claudio Jeker | |
| 2019-02-14 | mrt_timeout() can send out imsgs so better call it before doing the set_pollfd | Claudio Jeker | |
| this ensures that the imsgs go actually out right away. | |||
| 2019-02-14 | mrt_timeout should just return -1 when there is no timeout set instead | Claudio Jeker | |
| of some strange maximum. The poll loop in bgpd.c already limits the maximum wait time so there is no need to double it. While there switch to using time_t for the calculation. OK phessler@ | |||
| 2019-02-14 | Revert part of last commit, this stuff is unrelated. | Claudio Jeker | |
| 2019-02-14 | Use -1 instead of the less portable INFTIM for the poll timeout. | Claudio Jeker | |
| Result is the same. | |||
| 2019-02-14 | Use the portable SIZE_MAX instead of SIZE_T_MAX | Claudio Jeker | |
| 2019-02-13 | (unsigned) means (unsigned int) which on ptrdiff_t or size_t or other | Theo de Raadt | |
| larger types really is a range reduction... Almost any cast to (unsigned) is a bug. ok millert tb benno | |||
| 2019-02-12 | Handle the abnormal case of not having any neighbors defined a bit better | Claudio Jeker | |
| when it comes to handling bgpctl show requests. OK phessler@ | |||
| 2019-02-12 | Move the yyerror in case get_mpe_config fails. If bgpd -n is used just | Claudio Jeker | |
| ignore the error and move on. This helps regress tests. | |||
| 2019-02-12 | Remove extra newline when printing vpn blocks | Claudio Jeker | |
| 2019-02-12 | Remove log_debug which is no longer needed | Claudio Jeker | |
| 2019-02-11 | spelling and Xr fixes; | Jason McIntyre | |
| 2019-02-11 | Adjust to last bgpd commit changing the MPLS VPN configuration. | Claudio Jeker | |
| Sync the community handling code to be in sync with parsing code of bgpd. To inject networks into MPLS VPN it is required to specify the route distinguisher as part of the attributes. With and OK dlg@, OK denis@ | |||
| 2019-02-11 | The definition of VPNs in bgpd was never super elegant. The 'depend on | Claudio Jeker | |
| mpeX' config was a bit redundant. Also to make it more flexible (e.g. having more than one mpeX interface per rdomain the syntax was changed. To make this possible especially the network distribution logic had to be adjusted and cleaned up. This should in general make network statements well defined and conflicts between 'network A.B.C.D/N' and e.g. 'network static' are handled in a well defined way ('network A.B.C.D/N' has preference). With and OK dlg@, OK denis@ | |||
| 2019-02-10 | "non-existant" is one of those words that don't exist, so use "non-existent" | Peter Hessler | |
| instead From Pamela Mosiejczuk, many thanks! OK phessler@ deraadt@ | |||
| 2019-02-10 | log X509 peer's cert subject name when tls client authentication is used, | Sebastian Benoit | |
| in the same way as the http authenticated username is loged. From Karel Gardas, gardask at gmail dot com, Thanks! ok florian@ | |||
| 2019-02-08 | Backport r5108 from unbound upstream, pointed out by florian@. | Stuart Henderson | |
| Shouldn't affect unwind but keeping in sync. r5108 | wouter | 2019-02-08 15:05:24 +0000 (Fri, 08 Feb 2019) | 3 lines - Fix #4225: clients seem to erroneously receive no answer with DNS-over-TLS and qname-minimisation. | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |