| Age | Commit message (Collapse) | Author |
|---|
|
ok florian@
|
|
configuration file.", but occasionally something else fit better; at the
same time, try to make the format for FILES more consistent;
original diff from clematis
|
|
OK kettenis@
|
|
OK remi@
|
|
OK remi@
|
|
|
|
In pf(4), the pf_status.since timestamp is set with time_uptime(9).
This is a low-res snapshot of nanouptime(9). nanouptime(9) is used to
implement CLOCK_BOOTTIME for clock_gettime(2). It is not used to
implement CLOCK_UPTIME, though. The names are misleading.
Switch to CLOCK_BOOTTIME in places in userspace where we use
pf_status.since so we are working with the right clock.
Technically CLOCK_MONOTONIC is equivalent, but we shouldn't use that
here. CLOCK_MONOTONIC is not necessarily the "time since boot": the
standard says its absolute value is meaningless.
ok patrick@ bluhm@
|
|
|
|
with the help from tb@ jsing@; ok tb@
|
|
preserve symbolic links in the repositories.
From Robert Scheck < robert at fedoraproject.org >
|
|
Testing & OK sthen
|
|
Bring in the mission changes up to 4.2.4.
Also bring in doc/RELNOTES.
Both changes ease the process of syncing with upstream.
OK sthen
|
|
|
|
NULL so there is no need to change action in those cases. This was used some
time ago by the show rib code.
OK kn@, sthen@, benno@, deraadt@
|
|
charactars. Also fix a long line.
OK benno@ deraadt@
|
|
debug > 1 (-dd) since it adds a lot of noise to the output.
In syslog_debug do not check for the debug variable instead let syslog
handle it. Currently syslog_debug() would never print anything since it
is only called with debug = 0 (debug > 0 implies the console logger).
OK florian@
|
|
OK benno@ phessler@
|
|
challenge objects that the server hopefully provides.
input & OK deraadt
OK beck, benno
|
|
|
|
to be more generic, then change 'reload' to take take a '[reason]' also,
which will be logged by bgpd.
ok kn claudio
|
|
name, by adding a new (optional) config option "domain name".
This can be used to create a rsa and an ecdsa key for the same domain
name.
The old domain name in the 'title' line continues to be used as domain
name in the abscence of the domain name argument, i.e. the change is
backward compatible with current config files.
tested by sthen@
ok florian@ sthen@
|
|
Fix synced from unwind/libunbound.
unwind(8) crash on landisk (strict alignement arch) reported by otto@,
original diff ok deraadt@ otto@
|
|
and also not needed. This just needs a char lookup ('{') like it is done
in all the other rules with '{'. With this parse.y can be compiled with
bison.
OK otto@ benno@
|
|
OK florian@
|
|
From gilles@, OK deraadt@ jung@
|
|
Do not use the pointer returned by ibuf_reserve() after calling another
ibuf function. After the call the internal buffer may have moved by realloc()
and so the pointer is invalid. Instead use ibuf_size() to get the current
offset in the buffer and use ibuf_seek() later on to write back the updated
lsa age into the buffer at the right spot.
This fixes an issue seen by Richard Chivers on routers with many passive
interfaces.
OK stsp@ denis@ deraadt@ also tested by sthen@
|
|
ibuf function. After the call the internal buffer may have moved by realloc()
and so the pointer is invalid. Instead use ibuf_size() to get the current
offset in the buffer and use ibuf_seek() later on to write back the updated
lsa age into the buffer at the right spot.
This fixes an issue seen by Richard Chivers on routers with many passive
interfaces.
OK stsp@ deraadt@
|
|
preserve symbolic links. Instead just ignore them.
OK benno@ deraadt@
|
|
cast in the printf to unsigned long long or just use unsigned long long
from the start. In this case it is better to switch the type. Similar
changes had been done before.
OK deraadt@
|
|
A large number of redistributed routes make ospf6d crash.
OK remi@, sthen@
|
|
ok job, input claudio benno
|
|
ok job
|
|
Also include the group name in the general neighbor description.
Both issues reported by Patrick Velder
OK deraadt@
|
|
configure EDH-based cipher suites with Perfect Forward Secrecy (PFS)
for older clients that do not support ECDHE. Problem noticed and
initial diff by Jesper Wallin, thanks!
ok kn@
|
|
|
|
the output structures may still change but it should be a good starting
point for poeple to start playing with it.
OK benno@, job@, deraadt@
|
|
about the flags of the attribute. Part of the JSON output diff.
OK job@, benno@, deraadt@
|
|
can be changed easily. This will be used later on to add JSON output.
OK benno@, job@, deraadt@
|
|
community.
Issue reported by Steven Surdock ssurdock <at> engineered-net <dot> com
OK deraadt@ claudio@ sthen@
|
|
values only if the session is established or show it unconditonally (for
shutdown message and last notficiation error codes. Adjust show_attr()
a bit, print ORIGIN as string and add support for AID_VPN_IPv6.
General add some warning if length checks fail.
OK job@, benno@, deraadt@ as part of a bigger diff
|
|
Make it a log_debug() instead to reduce the noise seen on most full feeds.
The DFZ is currently not clean enough to properly drop AS 0 in that case.
OK job@ deraadt@
|
|
OK deraadt@
|
|
ok job benno claudio
|
|
Instead of a round about way of sending a message to vmm that 'send is
successful' and terminating by vm_remove from vmm, we can send the imsg and
exit in the vm process. The sigchld handler in vmm will vm_remove it from its
structures. This is how a normal vm is terminated as well.
Previously, vm_remove was called in vmm_dispatch_vm (ie. the event handler to
receive messages from vm process) when hanlding the IMSG_VMDOP_SEND_VM_RESPONSE
(ie. the vm process has written the vm state to the fd passed on by vmctl
send). This is not how vm_remove was intented to be used as it does a
free(vm). The vm struct holds the buffers for imsg and so after handling this
IMSG_VMDOP_SEND_VM_RESPONSE message, vmm_dispatch_vm loops again to do
imsg_get(ibuf, &imsg) to read the next message (and we had just freed this
*ibuf when we freed the vm struct) causing it to segfault.
reported by kn@
ok kn@
|
|
|
|
usernames, but only for email addresses. fixes an issue where
usernames always expand to the @ wildcard if defined in the virtual
alias file.
discussed with Gilles Chehade
ok millert@
|
|
more readable.
|
|
|
|
comments.
ok claudio job
|
|
|
