openbsd
6 years agoSwitch authorized_keys example from ssh-dss to ssh-rsa since the former
dtucker [Sun, 22 Jul 2018 12:16:59 +0000 (12:16 +0000)]
Switch authorized_keys example from ssh-dss to ssh-rsa since the former
is no longer enabled by default.  Pointed out by Daniel A. Maierhofer,
ok jmc

6 years agoFix arguments of pf_purge_expired_{src_nodes,rules}()
sf [Sun, 22 Jul 2018 09:09:18 +0000 (09:09 +0000)]
Fix arguments of pf_purge_expired_{src_nodes,rules}()

Due to the missing "void", this

   extern void pf_purge_expired_src_nodes();

is no prototype but a declaration. It is enough to suppress the
'implicit declaration' warning but it does not allow the compiler to
check the arguments passed to the calls of the function.

Fix the prototypes and don't pass the waslocked argument anymore. It has
been removed a year ago.

ok sashan henning

6 years agoTweak comment about truncating NULs to reflect new
krw [Sun, 22 Jul 2018 08:59:56 +0000 (08:59 +0000)]
Tweak comment about truncating NULs to reflect new
reality.

6 years agoWhen finished pulling an option out of a buffer, skip directly to the
krw [Sun, 22 Jul 2018 08:43:01 +0000 (08:43 +0000)]
When finished pulling an option out of a buffer, skip directly to the
next option. Don't rely on truncated NULs being ignored because
NUL == DHO_PAD.

ok tb@

6 years agohook up fchown
anton [Sun, 22 Jul 2018 06:39:46 +0000 (06:39 +0000)]
hook up fchown

6 years agoAdd regress covering the recently fixed NULL pointer deref in fchown().
anton [Sun, 22 Jul 2018 06:37:46 +0000 (06:37 +0000)]
Add regress covering the recently fixed NULL pointer deref in fchown().

6 years agoAvoid a NULL pointer deref when calling fchown() on a file descriptor belonging
anton [Sun, 22 Jul 2018 06:31:17 +0000 (06:31 +0000)]
Avoid a NULL pointer deref when calling fchown() on a file descriptor belonging
to a cloned device.

ok kettenis@

6 years agoAdjust a log message and make sure that the data pointer is never increased
claudio [Sun, 22 Jul 2018 06:03:17 +0000 (06:03 +0000)]
Adjust a log message and make sure that the data pointer is never increased
beyond the end. There was no access to it but still bad style.
OK tb@

6 years agoReading past the end of a buffer is bad, Even if the
krw [Sat, 21 Jul 2018 15:24:55 +0000 (15:24 +0000)]
Reading past the end of a buffer is bad, Even if the
extra byte is always there. Even if the byte contains
innocuous data that isn't used. Eeven if a particular
level of optimization of a particular compiler avoids
it by processing things backwards. Bad.

So simplify and correct logic. Perhaps even proof the
code against future generations of clever compilers.

Pointed out by Brandon Falk. Thanks!

ok millert@ tb@

6 years agocomment out a dead Xr;
jmc [Sat, 21 Jul 2018 09:39:25 +0000 (09:39 +0000)]
comment out a dead Xr;

6 years agosort;
jmc [Sat, 21 Jul 2018 09:35:50 +0000 (09:35 +0000)]
sort;

6 years agoInclude the vnode type in the panic message in ffs_write(), just like ffs_read()
anton [Sat, 21 Jul 2018 09:35:08 +0000 (09:35 +0000)]
Include the vnode type in the panic message in ffs_write(), just like ffs_read()
does.

ok deraadt@ kettenis@

6 years agoThere is no need to initialise global and static local variables to zero,
claudio [Sat, 21 Jul 2018 07:27:54 +0000 (07:27 +0000)]
There is no need to initialise global and static local variables to zero,
they are like that by default.
OK florian@

6 years agoRemove the "got meltdown?" conditional from INTRENTRY by doing it
guenther [Sat, 21 Jul 2018 02:19:54 +0000 (02:19 +0000)]
Remove the "got meltdown?" conditional from INTRENTRY by doing it
 unconditionally and codepatching it out on CPUs that don't need/do
 the mitigation.
Align the from-{kernel,userspace} targets in INTRENTRY with _ALIGN_TRAPS
Align x2apic_eoi using KUENTRY() instead of the artisinal
 segment+label+.globl bits it uses currently
s/testq/testb/ for SEL_RPL checks

ok kettenis@ mlarkin@

6 years agoThe newly added realpath(3) in vmd's parse.y checks whether the
bluhm [Fri, 20 Jul 2018 22:18:49 +0000 (22:18 +0000)]
The newly added realpath(3) in vmd's parse.y checks whether the
directories exist.  Create the path and file for test
vmd-fail-disk-path-too-long.

6 years agoListen on 127.0.0.1 and ::1 in the regress config since the test use localhost
claudio [Fri, 20 Jul 2018 21:59:53 +0000 (21:59 +0000)]
Listen on 127.0.0.1 and ::1 in the regress config since the test use localhost
which can be resolved to either of the two values.
OK bluhm@

6 years agoRemove a few leftovers from the days of emulation, which could result in
deraadt [Fri, 20 Jul 2018 21:57:26 +0000 (21:57 +0000)]
Remove a few leftovers from the days of emulation, which could result in
a bad/corrupt binary not returning ENOEXEC but some other error.
ok guenther kettenis bluhm

6 years agoFail if a PT_LOAD segment has a memory size of 0. This prevents a panic
kettenis [Fri, 20 Jul 2018 21:48:27 +0000 (21:48 +0000)]
Fail if a PT_LOAD segment has a memory size of 0.  This prevents a panic
later on, and it makes no sense for a binary to have such a segment.

ok bluhm@, guenther@

6 years agoadd pledge(2), it only needs rpath if reading from a file
mestre [Fri, 20 Jul 2018 21:47:07 +0000 (21:47 +0000)]
add pledge(2), it only needs rpath if reading from a file

hint from tb@ and OK ratchov@

6 years agozap whitespaces
mestre [Fri, 20 Jul 2018 21:44:41 +0000 (21:44 +0000)]
zap whitespaces

6 years agoNo need to copy rdns_lifetime around with an IMSG, it gets send to the
florian [Fri, 20 Jul 2018 20:35:00 +0000 (20:35 +0000)]
No need to copy rdns_lifetime around with an IMSG, it gets send to the
engine end frontend as part of ra_iface_conf.

Spotted after explaining to bket@ that a similar pattern is not needed
for the mtu option.

6 years agoFix mem leaks on config reload:
florian [Fri, 20 Jul 2018 20:34:18 +0000 (20:34 +0000)]
Fix mem leaks on config reload:
- always free struct ra_iface_conf with free_ra_iface_conf()
- free_ra_iface_conf() needs to free the recently added
nameserver and search list

6 years agofix mem leak: missing freeifaddrs
florian [Fri, 20 Jul 2018 20:33:29 +0000 (20:33 +0000)]
fix mem leak: missing freeifaddrs

6 years agoIntroduce MTU option.
bket [Fri, 20 Jul 2018 17:55:09 +0000 (17:55 +0000)]
Introduce MTU option.

The MTU option is used in Router Advertisement messages to ensure that
all nodes on a link use the same MTU value in those cases where the link
MTU is not well known.

Feedback (thank you!) and OK from florian@

6 years agoWe need to track the auto prefix in ra_prefix_conf otherwise we can't
florian [Fri, 20 Jul 2018 17:48:58 +0000 (17:48 +0000)]
We need to track the auto prefix in ra_prefix_conf otherwise we can't
configure its options. Trying so lead to a crash.
Found the hard way by & OK sthen

6 years agoNow that aliases in smtpd.conf default to plain text files and not
millert [Fri, 20 Jul 2018 15:35:33 +0000 (15:35 +0000)]
Now that aliases in smtpd.conf default to plain text files and not
db files we don't want to tell people to run makemap instead of
newaliases.  OK deraadt@ jmc@

6 years agoMove the nlri_get_prefix functions to util.c so that bgpctl can use them too.
claudio [Fri, 20 Jul 2018 14:58:20 +0000 (14:58 +0000)]
Move the nlri_get_prefix functions to util.c so that bgpctl can use them too.

6 years agoRename rde_update_get_prefix and friends to nlri_get_prefix. Will be moved
claudio [Fri, 20 Jul 2018 14:49:15 +0000 (14:49 +0000)]
Rename rde_update_get_prefix and friends to nlri_get_prefix. Will be moved
to util.c shortly so that bgpctl can use those functions too.

6 years agoRename rde_update_extract_prefix to extract_prefix and make it static.
claudio [Fri, 20 Jul 2018 14:14:43 +0000 (14:14 +0000)]
Rename rde_update_extract_prefix to extract_prefix and make it static.
This is just an internal of the the rde_update_get_prefix functions.

6 years agoRename "resolver" to "nameserver" in the configuration file.
florian [Fri, 20 Jul 2018 13:17:02 +0000 (13:17 +0000)]
Rename "resolver" to "nameserver" in the configuration file.

resolv.conf(5) and dhclient(8) are using the term nameserver for many
years, there is no good reason to be different here.

Pointed out by deraadt

6 years agoPrint the timestamp embedded in mrt files for update and status messages.
claudio [Fri, 20 Jul 2018 12:49:49 +0000 (12:49 +0000)]
Print the timestamp embedded in mrt files for update and status messages.
Also implemented the extended precision format so microseconds are printed
as well when available. The output is relative to the previous message and
follows what kdump does.
OK benno@

6 years agoThere is no need to have bgpd running when running bgpctl show mrt.
claudio [Fri, 20 Jul 2018 12:42:45 +0000 (12:42 +0000)]
There is no need to have bgpd running when running bgpctl show mrt.
The first thing the code actually does is closing the socket. Instead
move the code up to where currently the IRR filter code is.
Additionally change the late pledges to just stdio since nothing after
that needs rpath or wpath.
OK benno@

6 years agoAdd missing RCS Id.
helg [Fri, 20 Jul 2018 12:05:08 +0000 (12:05 +0000)]
Add missing RCS Id.

6 years agoStop checking table commands for `create'
kn [Fri, 20 Jul 2018 11:16:55 +0000 (11:16 +0000)]
Stop checking table commands for `create'

Tiny left over from 2003 when it was removed. Twist the logic by checking
for `show' and `test' to make it even simpler.

OK sashan henning

6 years agoadd regress test for "bypassunveil" where a path should be unveil'd by
robert [Fri, 20 Jul 2018 10:47:37 +0000 (10:47 +0000)]
add regress test for "bypassunveil" where a path should be unveil'd by
specific pledge(2) calls

ok beck@

6 years agoinform that diagnostics in functions won't work, but don't error out
espie [Fri, 20 Jul 2018 10:02:03 +0000 (10:02 +0000)]
inform that diagnostics in functions won't work, but don't error out
flatly.

this will help sparc64 compile code without needing to patch away recent
pragma diagnostic use.

problem found by landry@

okay kettenis@, guenther@

6 years agoCorrectly copy across unveil's from parent to child process on fork().
beck [Fri, 20 Jul 2018 07:28:36 +0000 (07:28 +0000)]
Correctly copy across unveil's from parent to child process on fork().

6 years agomatch on marvell,armada-38x-uart linux >= 4.18-rc1 changed the compat
jsg [Fri, 20 Jul 2018 05:37:06 +0000 (05:37 +0000)]
match on marvell,armada-38x-uart linux >= 4.18-rc1 changed the compat
string from snps,dw-apb-uart in b7639b0b15ddd1a4686b0142e70dfb122eefc88f

ok patrick@

6 years agoslightly-clearer description for AuthenticationMethods - the lists
djm [Fri, 20 Jul 2018 05:01:10 +0000 (05:01 +0000)]
slightly-clearer description for AuthenticationMethods - the lists
have comma-separated elements; bz#2663 from Hans Meier

6 years agoremove unused zlib.h
djm [Fri, 20 Jul 2018 03:46:34 +0000 (03:46 +0000)]
remove unused zlib.h

6 years agoMissed a 'ksi' -> '*ksip' change in previous commit
guenther [Fri, 20 Jul 2018 01:30:30 +0000 (01:30 +0000)]
Missed a 'ksi' -> '*ksip' change in previous commit

6 years agoFix typo in comment. From Alexandru Iacob via github.
dtucker [Thu, 19 Jul 2018 23:03:16 +0000 (23:03 +0000)]
Fix typo in comment.  From Alexandru Iacob via github.

6 years agoi found a nicer way to describe -join;
jmc [Thu, 19 Jul 2018 19:16:36 +0000 (19:16 +0000)]
i found a nicer way to describe -join;

6 years agoEnable kernel profiling on arm64
drahn [Thu, 19 Jul 2018 17:38:12 +0000 (17:38 +0000)]
Enable kernel profiling on arm64
sigcode() runs in user land context, so should not call mcount.
Without the symbol type on the exception entry functions, gprof
doesn't correctly identify the caller for exception entry symbols.
ok kettenis@

6 years agoattach RTL8188EU under AboCom's vendor id. From FreeBSD via Mikhail <mp39590 at gmail>
sthen [Thu, 19 Jul 2018 17:34:22 +0000 (17:34 +0000)]
attach RTL8188EU under AboCom's vendor id. From FreeBSD via Mikhail <mp39590 at gmail>

6 years agosync
sthen [Thu, 19 Jul 2018 17:33:42 +0000 (17:33 +0000)]
sync

6 years agoAdd RTL8188EU under AboCom's vendor id. From FreeBSD via Mikhail <mp39590 at gmail>
sthen [Thu, 19 Jul 2018 17:33:26 +0000 (17:33 +0000)]
Add RTL8188EU under AboCom's vendor id. From FreeBSD via Mikhail <mp39590 at gmail>

6 years agoReuse implicit padding to export the port number of a USB device in
mpi [Thu, 19 Jul 2018 12:35:14 +0000 (12:35 +0000)]
Reuse implicit padding to export the port number of a USB device in
USB_DEVICEINFO.

devel/libusb1 requires this piece of information.

ok jcs@, mikeb@, jasper@, sthen@

6 years agoDeprecate UsePrivilegedPort now that support for running ssh(1)
dtucker [Thu, 19 Jul 2018 10:28:47 +0000 (10:28 +0000)]
Deprecate UsePrivilegedPort now that support for running ssh(1)
setuid has been removed, remove supporting code and clean up
references to it in the man pages

We have not shipped ssh(1) the setuid bit since 2002.  If ayone
really needs to make connections from a low port number this can
be implemented via a small setuid ProxyCommand.

ok markus@ jmc@ djm@

6 years agorevert previous, something isn't quite right as clients see ntpd
sthen [Thu, 19 Jul 2018 10:20:09 +0000 (10:20 +0000)]
revert previous, something isn't quite right as clients see ntpd
as unsynced. reported by naddy, also seen by me (I noticed because
monitoring-plugins check_ntp complained). ok claudio henning

6 years agoieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always
florian [Thu, 19 Jul 2018 09:16:17 +0000 (09:16 +0000)]
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always
false so we always selected the first wifi available, not the best
one.

While here shuffle some deck chairs to make it clearer that anything is
better than nothing.

tweak & OK phessler

6 years agoAdd regress test for inheritance of unveil's across fork to children
beck [Thu, 19 Jul 2018 06:40:22 +0000 (06:40 +0000)]
Add regress test for inheritance of unveil's across fork to children

6 years agoRemove the unused leftovers of the 4.4BSD libm, which was only used
naddy [Wed, 18 Jul 2018 20:21:12 +0000 (20:21 +0000)]
Remove the unused leftovers of the 4.4BSD libm, which was only used
on non-IEEE platforms.  Since the VAX port was discontinued, all
our remaining architectures use IEEE floating point, as will any
future ones.
ok millert@ tb@

6 years agoConvert from fgetln(3) to getline(3). Based on a diff from Lauri Tirkkonen.
millert [Wed, 18 Jul 2018 17:20:54 +0000 (17:20 +0000)]
Convert from fgetln(3) to getline(3).  Based on a diff from Lauri Tirkkonen.
With a tweak and OK from schwarze@

6 years agoRevert the change that delivers process signals to any threads. As
bluhm [Wed, 18 Jul 2018 16:55:17 +0000 (16:55 +0000)]
Revert the change that delivers process signals to any threads.  As
side effect pending signals specifically sent to the main thread
were handled by other threads.  This made gcj in textproc/pdftk
port build stall.
Noticed and tested by espie@.

6 years agoBob's license was missing, add it.
tb [Wed, 18 Jul 2018 16:24:16 +0000 (16:24 +0000)]
Bob's license was missing, add it.

ok beck

6 years agoreplace manual zero initialization of various fields with memset;
florian [Wed, 18 Jul 2018 15:46:49 +0000 (15:46 +0000)]
replace manual zero initialization of various fields with memset;
makes the code shorter and easier to read.
suggested by & OK claudio

6 years agoStop our own router advertisements from looping back to us.
florian [Wed, 18 Jul 2018 14:43:34 +0000 (14:43 +0000)]
Stop our own router advertisements from looping back to us.
Pointed out by semarie@

6 years agotidy up the flags section a little: supply a little more indent, and reduce
jmc [Wed, 18 Jul 2018 14:06:30 +0000 (14:06 +0000)]
tidy up the flags section a little: supply a little more indent, and reduce
the amount of modal verbs going on;

6 years agoWhen running flood ping with count packets (-c) set an alarm after
florian [Wed, 18 Jul 2018 13:55:39 +0000 (13:55 +0000)]
When running flood ping with count packets (-c) set an alarm after
sending all packets otherwise ping will wait forever to see all
answers - which might not arrive on lossy links.

Problem pointed out by, input & OK claudio

6 years agomake the logic for deleting first slightly more obvious
espie [Wed, 18 Jul 2018 13:06:23 +0000 (13:06 +0000)]
make the logic for deleting first slightly more obvious
in particular, there's nothing to try if we don't have older packages

6 years agoRemove support for running ssh(1) setuid and fatal if attempted.
dtucker [Wed, 18 Jul 2018 11:34:04 +0000 (11:34 +0000)]
Remove support for running ssh(1) setuid and fatal if attempted.
Do not link uidwap.c into ssh any more.  Neuters UsePrivilegedPort,
which will be marked as deprecated shortly. ok markus@ djm@

6 years agoReplace VATTR_NULL() with memset(3) in fusefs_getattr(). VATTR_NULL()
helg [Wed, 18 Jul 2018 10:47:02 +0000 (10:47 +0000)]
Replace VATTR_NULL() with memset(3) in fusefs_getattr(). VATTR_NULL()
sets all members of struct vattr to VNOVAL (-1) instead of 0, which is
what is appropriate here. The VATTR_NULL() macro is intended for
initialising struct vattr when setting attributes.

ok mpi@

6 years agoDon't log_warn on normal conditions, it should be log_debug.
florian [Wed, 18 Jul 2018 09:10:50 +0000 (09:10 +0000)]
Don't log_warn on normal conditions, it should be log_debug.
Pointed out by semarie@

6 years agostop assuming prefix lengths, remove inet6_makenetandmask()
kn [Tue, 17 Jul 2018 20:57:27 +0000 (20:57 +0000)]
stop assuming prefix lengths, remove inet6_makenetandmask()

This removes any logic that implies IPv6 destination host addresses to be
/64 subnets so they are taken as is.
RFC 3587 deprecated this in 2003 and our manual page actually states:

  The route is assumed to be to a network if any of the following apply to
  destination:

  *   [...]
  *   it is an IPv6 address with a “/XX” suffix (where XX is the number of
      bits in the network portion of the address and is less than 128)
  *   [...]

  If destination is a valid IP address or host name, it is presumed to be a
  route to a host.

Stripping relevant code from `inet6_makenetandmask()' left the function as
dummy wrapper around `prefixlen()', so zap it completely.

Discussed with and positive feedback from many, OK benno henning

6 years agoTX packets, which can be either Ethernet or control packets, must be
patrick [Tue, 17 Jul 2018 19:44:38 +0000 (19:44 +0000)]
TX packets, which can be either Ethernet or control packets, must be
sent in order.  Otherwise it is possible that the key is set before
we send out the EAPOL packet, or that packets are sent out before
the key is set.  Thus modify the SDIO backend to put both types into
the same internal TX queue, which will be sent asynchronously.

Discussed with bluhm@

6 years agoWhen a key isn't in the first table, we need to try the same key again
nicm [Tue, 17 Jul 2018 18:02:40 +0000 (18:02 +0000)]
When a key isn't in the first table, we need to try the same key again
not the any key. Also rename some labels. Fixes GitHub issue 1406
reeported by Mark Kelly.

6 years agosome more style fixes
tb [Tue, 17 Jul 2018 17:10:04 +0000 (17:10 +0000)]
some more style fixes

6 years agoAdd missing $OpenBSD$ markers.
tb [Tue, 17 Jul 2018 17:06:49 +0000 (17:06 +0000)]
Add missing $OpenBSD$ markers.

6 years agoremove unused, empty file
tb [Tue, 17 Jul 2018 16:55:21 +0000 (16:55 +0000)]
remove unused, empty file

6 years agoReplace getprogname() to argv[0] in bnaddsub
inoguchi [Tue, 17 Jul 2018 14:27:22 +0000 (14:27 +0000)]
Replace getprogname() to argv[0] in bnaddsub

ok tb@

6 years agoallow shell globs to match program and hostname selector tags via
djm [Tue, 17 Jul 2018 13:51:47 +0000 (13:51 +0000)]
allow shell globs to match program and hostname selector tags via
fnmatch(3); ok sthen@ bluhm@

6 years agovmd(8): fix vmctl -b option for i386 kernels.
mlarkin [Tue, 17 Jul 2018 13:47:06 +0000 (13:47 +0000)]
vmd(8): fix vmctl -b option for i386 kernels.

ok pd@

6 years agoDon't send FBT_DESTROY if the FUSE connection is still PENDING. Also
helg [Tue, 17 Jul 2018 13:12:08 +0000 (13:12 +0000)]
Don't send FBT_DESTROY if the FUSE connection is still PENDING. Also
don't attempt to determine the size of the root inode. This is because
we don't need to know the size of directories and FBT_GETATTR will also
cause a deadlock if fuse_unmount(3) is called before the file system
has a chance to process fbufs.

Add corresponding regression test.

ok mpi@

6 years agolibfuse now supports -f command line option; uncomment test.
helg [Tue, 17 Jul 2018 13:04:31 +0000 (13:04 +0000)]
libfuse now supports -f command line option; uncomment test.

6 years agounvname_new() is passed something that is always 64-bits so the
krw [Tue, 17 Jul 2018 07:43:34 +0000 (07:43 +0000)]
unvname_new() is passed something that is always 64-bits so the
parameter should be declared uint64_t and not int.

From & for semarie@ who isn't committing at the moment and ok beck@
who is on the road.

6 years agoSwitch to MSG_PROTOCOL_BGP4MP_ET formats for update and state mrt messages.
claudio [Tue, 17 Jul 2018 07:02:11 +0000 (07:02 +0000)]
Switch to MSG_PROTOCOL_BGP4MP_ET formats for update and state mrt messages.
The _ET format adds an additional microsecond time field which makes those
message dumps more informative. The various table dumps are not modified
since there the time especially between entries plays a secondary role.
OK benno@

6 years agowe have splraise() now
dlg [Tue, 17 Jul 2018 03:32:10 +0000 (03:32 +0000)]
we have splraise() now

previously the code would do a series of comparisons to IPL_FOO and
IPL_BAR, and use splfoo() and splbar() as needed, but for like a
dozen different IPl levels (i may be exaggerating). splraise() rolls
all of that up.

ok deraadt@ mpi@

6 years agoSlot 0 in the hostbased key array was previously RSA1, but that is
dtucker [Mon, 16 Jul 2018 22:25:01 +0000 (22:25 +0000)]
Slot 0 in the hostbased key array was previously RSA1, but that is
now gone and the slot is unused so remove it.  Remove two now-unused
macros, and add an array bounds check to the two remaining ones
(array is statically sized, so mostly a safety check on future changes).
ok markus@

6 years agoDocument behavior change of EC_POINTs_mul() again.
tb [Mon, 16 Jul 2018 17:37:25 +0000 (17:37 +0000)]
Document behavior change of EC_POINTs_mul() again.

6 years agoRecommit Billy Brumley's ECC constant time patch with a fix for sparc64
tb [Mon, 16 Jul 2018 17:32:39 +0000 (17:32 +0000)]
Recommit Billy Brumley's ECC constant time patch with a fix for sparc64
from Nicola Tuveri (who spotted the omission of ecp_nist.c from the PR).

discussed with jsing
tested by jsg

6 years agouse ANSI C function declaration; no binary change
jasper [Mon, 16 Jul 2018 17:05:15 +0000 (17:05 +0000)]
use ANSI C function declaration; no binary change

6 years agouse 'switch' rathan than an if-else construct to match on the netflow version to...
jasper [Mon, 16 Jul 2018 16:54:30 +0000 (16:54 +0000)]
use 'switch' rathan than an if-else construct to match on the netflow version to in pflow_get_mbuf(),
to match the rest of the file

ok benno@ florian@

6 years agoInsert the appropriate uvm_vnp_uncache(9) and uvm_vnp_setsize(9)
helg [Mon, 16 Jul 2018 16:44:09 +0000 (16:44 +0000)]
Insert the appropriate uvm_vnp_uncache(9) and uvm_vnp_setsize(9)
kernel calls to ensure that the UVM cache for memory mapped files is
up to date.

ok mpi@

6 years agoAdd support for the BCM43455 SDIO chip to bwfm(4).
patrick [Mon, 16 Jul 2018 13:46:17 +0000 (13:46 +0000)]
Add support for the BCM43455 SDIO chip to bwfm(4).

6 years agoIn certain modes SDIO-connected bwfm(4) chips might expect us to read
patrick [Mon, 16 Jul 2018 13:41:19 +0000 (13:41 +0000)]
In certain modes SDIO-connected bwfm(4) chips might expect us to read
another packet (even though nextlen is set to none) to issue more RX
interrupts.

6 years agoBe more explicit in FETCH_TIMEOUT description.
espie [Mon, 16 Jul 2018 13:14:06 +0000 (13:14 +0000)]
Be more explicit in FETCH_TIMEOUT description.
It only happens on the command line.
If you want to put it in a config file, it's a DEFAULT or localhost
property called fetch_timeout instead.

6 years agoImplement FBT_FSYNC, which is called on fsync(2) and fdatasync(2).
helg [Mon, 16 Jul 2018 13:10:53 +0000 (13:10 +0000)]
Implement FBT_FSYNC, which is called on fsync(2) and fdatasync(2).
Currently ignores the a_waitfor argument and always invokes the file
system's fsync implementation synchronously.

ok mpi@

6 years agothe AP sends their crypto parameters as a mask, so let us still select it
phessler [Mon, 16 Jul 2018 12:42:22 +0000 (12:42 +0000)]
the AP sends their crypto parameters as a mask, so let us still select it
in case we want WPA2 and they have WPA1 still enabled

6 years agodon't save or use auto-join when the card is not in station (aka client) mode
phessler [Mon, 16 Jul 2018 12:34:14 +0000 (12:34 +0000)]
don't save or use auto-join when the card is not in station (aka client) mode

OK stsp@

6 years agofix thinko
espie [Mon, 16 Jul 2018 12:02:45 +0000 (12:02 +0000)]
fix thinko

okay mestre@

6 years agoRe-set the pointer to the bwfm event after the strict alignment
patrick [Mon, 16 Jul 2018 11:52:26 +0000 (11:52 +0000)]
Re-set the pointer to the bwfm event after the strict alignment
check.

6 years agoRemove support for loading HostBasedAuthentication keys directly in
dtucker [Mon, 16 Jul 2018 11:05:41 +0000 (11:05 +0000)]
Remove support for loading HostBasedAuthentication keys directly in
ssh(1) and always use ssh-keysign.  This removes one of the few remaining
reasons why ssh(1) might be setuid.  ok markus@

6 years agonetwork.conf
espie [Mon, 16 Jul 2018 09:13:29 +0000 (09:13 +0000)]
network.conf

6 years agobyebye network.conf.template
espie [Mon, 16 Jul 2018 09:12:40 +0000 (09:12 +0000)]
byebye network.conf.template

6 years agoUse struct filterstate in rde_update_dispatch() and pass it down to
claudio [Mon, 16 Jul 2018 09:09:20 +0000 (09:09 +0000)]
Use struct filterstate in rde_update_dispatch() and pass it down to
functions like rde_update_update and path_update. This will allow to
move more pointers from rde_aspath to the prefix.
Looks good benno@

6 years agomake this build again after changes made in rev 1.74
jsg [Mon, 16 Jul 2018 08:53:44 +0000 (08:53 +0000)]
make this build again after changes made in rev 1.74
ok mpi@ phessler@

6 years agoAdd an "Any" key to run a command if a key is pressed that is not bound
nicm [Mon, 16 Jul 2018 08:48:22 +0000 (08:48 +0000)]
Add an "Any" key to run a command if a key is pressed that is not bound
in the current key table. GitHub issue 1404.

6 years agoreduce duplicate code, fix typo/free correct buffer
kn [Mon, 16 Jul 2018 08:29:08 +0000 (08:29 +0000)]
reduce duplicate code, fix typo/free correct buffer

In filteropts_to_rule():

* Merge `once' handling from `anchorrule' and `pfrule'
* Remove/shorten duplicate code block
* Fix typo I introduced with r1.678 that frees the wrong buffer (twice)

OK sashan

6 years agortadvd is only interested in IPv6 so limit route socket to AF_INET6.
claudio [Mon, 16 Jul 2018 07:56:04 +0000 (07:56 +0000)]
rtadvd is only interested in IPv6 so limit route socket to AF_INET6.
OK florian@