| Age | Commit message (Collapse) | Author |
|---|
|
OK Ingo Schwarze
|
|
|
|
--disable-idn should be --without-idn
--disable-openssl-version-check was a for some old versions of
OpenSSL with security bugs and was removed some time ago
fixes "Unrecognized options" that florian@ noticed was displayed by configure.
|
|
and move the remaining bits to dighost.c. Minus 4k lines.
OK sthen
|
|
OK sthen
|
|
This pulls out the config object (lwres_conf_t) from the context
(lwres_context_t), switches to libc functions (lwres_net_ntop vs
inet_ntop etc ) and removes a lwres_ prefix from number types
(lwres_uint8_t vs uint8_t etc).
With that we can nearly empty out lib/lwres and lose about 20k lines in
the process.
OK sthen
|
|
OK sthen
|
|
OK jmc@
|
|
|
|
|
|
|
|
|
|
"(yes/no answer instead of full list)" regarding how to use wantarray().
Flesh this out with an example and a bit of explanation to reduce the
risk of misunderstandings and misuse.
Discussed with espie@.
|
|
|
|
Since the domain name is mandatory for "ldomctl console ...",
gid is always set and guaranteed to be greater than zero.
OK kettenis
|
|
my wording after espie@ explained what he had in mind;
OK espie@
|
|
"ldomctl init-system -n ldom.conf" only parses the configuration file
and exits; it is usable as unprivileged user, no devices are opened.
OK kettenis
|
|
OK espie@
|
|
Based on a writeup that espie@ posted to misc@ with tweaks by me
and additional feedback from espie@.
|
|
is as clear, more concise, and reads better. In a few cases, it also
allows shortening text that said the same twice.
Tweak and OK jmc@.
|
|
that toggle anything. Quite to the contrary, all those touched in
this commit are idempotent.
OK florian@ jmc@
|
|
report for the authentication result, however we use a buffer that is too
small and usernames from virtual accounts may get truncated in logs.
reported by Bjorn Kalkbrenner
|
|
This moves setup code from main() into its own function so instead of
upfront it can be used only when and where needed.
With the exception of `create-vdisk' all currently open /dev/hvctl; for
that command I added a rather quirky goto to avoid this unneeded step,
but `list-io' for example does not need /dev/hvctl at all either.
So instead of adding more quirks, split as per above and clearly call
hv_config() from the commands that *do* require it.
This also effectively defers such privileged operations after all argv[]
parsing is done, that is the code fails earlier on invalid input without
file I/O for nothing.
With that in, I can easily add more commands not requiring hvctl access,
e.g. a dry-run configuration check.
OK kettenis
|
|
|
|
OK remi@
|
|
OK remi@
|
|
vmctl send always returned exit code 1
Patch by Benjamin Baier
ok kn@
|
|
is on, +dnsnegotiation is off, +timeout is 5s for UDP and 10s for TCP.
OK florian@
|
|
|
|
the explanation of what +opt does, improving both conciseness and
clarity, so let's do this in many trivial cases, and improve some
markup in the vicinity while there
|
|
use .Cm for keywords, .Ar for placeholders, .Xr for resolv.conf,
and use imperative rather than indicative
|
|
Let .so/.a print again in pkg_info -L
noticed by Mikolaj Kucharski
|
|
to export them via snmp.
Introduce option filter-pf-addresses similar to filter-routes which
prevents exporting below the OPENBSD-PF-MIB::pfTblAddrTable oid.
Other pf table statistics are uneffected by this and still available.
With this I can do a bulkwalk starting at pfMIBObjects without hitting
timeouts and without spinning the cpu at 100% for days to export 300k
prefixes.
man page input kn
OK claudio, sthen. martijn is also fine with it going in.
|
|
Mostly, move the equal sign out of .Cm and .Ar because we consider
it punctuation. Besides, use .Cm rather than .Ar for keywords
like "ixfr" and do not mark up literal integer numbers with .Ar.
|
|
usage(): drop +defname because it is merely an alias for +search
both: correct option spelling +cl -> +class, +time -> +timeout
feedback and OK sthen@, OK jmc@
|
|
Now that area is part of iface, original orig_rtr_lsa() is useless. Also
verifying that area != NULL is not needed in some cases (these are
leftovers of the previous diff).
OK remi@
|
|
"Looks fine" deraadt@
|
|
messages on a per peer queue. This queue is later processed one at a
time resulting in a fairer processing of work and avoiding big table
dumps to delay processing of other updates.
OK denis@ benno@
|
|
pattern of "###" for argument names evrywhere it makes sense, but shortened it
to "#";
|
|
|
|
Currently this needs a bit of a hack because fmt_timeframe()
does not really print a timeframe but instead needs a timestamp
relative to now. This needs to be adjusted but will be done later.
|
|
in mrt_dump_hdr_se(). Table dumps don't need time.tv_nsec like used in
the _ET formats like for message and state changes but it keeps to code
similar.
|
|
|
|
and remove some unneccessary text;
|
|
|
|
this new usage; update the description of -h accordingly; SYNOPSIS remains
unchanged, since the reader has a list of queryopts with explanations a few
screens down
|
|
repo for debug packages, but we need the full path for the handle (for now)
fixes regression noticed by bluhm@
|
|
Users must not not be able to transfer files from the local hypervisor
filesystem to VMs/LDOMs, especially since the "vmctl/ldomctl console ..."
might be run as root.
Disable all relevant escape sequences and cause cu to run under "stdio tty"
pledge by using -r.
OK deraadt mlarkin
|
|
OK remi@
|
|
ok kn
|
