| Commit message (Collapse) | Author | Files | Lines | ||
|---|---|---|---|---|---|
| 2017-01-24 | add support for multiple transmit ifqueues per network interface. |   dlg | 17 | -160/+305 | |
| an ifq to transmit a packet is picked by the current traffic conditioner (ie, priq or hfsc) by providing an index into an array of ifqs. by default interfaces get a single ifq but can ask for more using if_attach_queues(). the vast majority of our drivers still think there's a 1:1 mapping between interfaces and transmit queues, so their if_start routines take an ifnet pointer instead of a pointer to the ifqueue struct. instead of changing all the drivers in the tree, drivers can opt into using an if_qstart routine and setting the IFXF_MPSAFE flag. the stack provides a compatability wrapper from the new if_qstart handler to the previous if_start handlers if IFXF_MPSAFE isnt set. enabling hfsc on an interface configures it to transmit everything through the first ifq. any other ifqs are left configured as priq, but unused, when hfsc is enabled. getting this in now so everyone can kick the tyres. ok mpi@ visa@ (who provided some tweaks for cnmac). | |||||
| 2017-01-24 | only send the rt msg on timeout failure if bfd is not down |   phessler | 1 | -3/+5 | |
| 2017-01-24 | Fix typo in brainpool curve name within a comment. |   jsing | 1 | -2/+2 | |
| 2017-01-24 | sync |   deraadt | 1 | -1/+1 | |
| 2017-01-24 | Modernize and unify test idioms for the sake of readability and |   tb | 1 | -9/+8 | |
| consistency. Done jointly with rpe. ok deraadt, phessler, rpe; also looks good to guenther despite a slight change in semantics | |||||
| 2017-01-24 | Add /etc/installurl to changelist. |   ajacoutot | 1 | -1/+2 | |
| ok deraadt@ rpe@ | |||||
| 2017-01-24 | There is no point returning then breaking... | jsing | 1 | -2/+1 | |
| 2017-01-24 | Zap a "true ;" that is there for no good reason. | tb | 1 | -2/+1 | |
| discussed with ajacoutot | |||||
| 2017-01-24 | unifdef OPENSSL_NO_BIO - we do not support this in any form. | jsing | 1 | -15/+1 | |
| ok beck@ | |||||
| 2017-01-24 | move setting the IP TOS from the listening socket to the sending socket | phessler | 1 | -12/+12 | |
| 2017-01-24 | Unbreak $ORIGIN support when only one of DT_RUNPATH and DT_RPATH is used |   guenther | 1 | -5/+7 | |
| 2017-01-24 | Use header <sys/atomic.h> rather than <machine/atomic.h> in MI code. |   visa | 5 | -10/+10 | |
| OK mpi@ deraadt@ | |||||
| 2017-01-24 | Introduce ticket support. To enable them it is enough to set a positive |   claudio | 6 | -14/+251 | |
| lifetime with tls_config_set_session_lifetime(). This enables tickets and uses an internal automatic rekeying mode for the ticket keys. If multiple processes are involved the following functions can be used to make tickets work accross all instances: - tls_config_set_session_id() sets the session identifier - tls_config_add_ticket_key() adds an encryption and authentication key For now only the last 4 keys added will be used (unless they are too old). If tls_config_add_ticket_key() is used the caller must ensure to add new keys regularly. It is best to do this 4 times per session lifetime (which is also the ticket key lifetime). Since tickets break PFS it is best to minimize the session lifetime according to needs. With a lot of help, input and OK beck@, jsing@ | |||||
| 2017-01-24 | ssl_cert_free() checks for NULL itself. | jsing | 1 | -10/+5 | |
| 2017-01-24 | Remove a "free up if allocated" comment that exists before code that frees | jsing | 1 | -2/+1 | |
| things if they are allocated. ok captainobvious@ | |||||
| 2017-01-24 | sk_SSL_CIPHER_free() checks for NULL so do not bother doing the same from | jsing | 4 | -27/+16 | |
| the callers. | |||||
| 2017-01-24 | Fix passing &_DYNAMIC to _dl_boot_bind; makes -static -pie work. |   kettenis | 1 | -2/+3 | |
| 2017-01-24 | ssl_sess_cert_free() checks for NULL, so do not bother doing it at the | jsing | 2 | -6/+8 | |
| call sites. | |||||
| 2017-01-24 | There is no point in zeroing fields that exist within a struct that is | jsing | 1 | -3/+1 | |
| about to be explicit_bzero'd and freed. | |||||
| 2017-01-24 | Add missing documentation for tls_config_set_verify_depth | claudio | 1 | -1/+5 | |
| Done together with jsing@ | |||||
| 2017-01-24 | Whitespace. | ajacoutot | 1 | -3/+3 | |
| 2017-01-24 | The /p modifier now takes a TID, while here add a missing argument |   mpi | 1 | -5/+5 | |
| for 'show all procs'. ok guenther@ | |||||
| 2017-01-24 | Rename pfind(9) into tfind(9) to reflect that it deals with threads. | mpi | 14 | -41/+46 | |
| While here document prfind(9. with and ok guenther@ | |||||
| 2017-01-24 | Fix typo in variable name. |   bluhm | 5 | -5/+5 | |
| 2017-01-24 | Shuffle the deck chairs to bring them back in order. | claudio | 1 | -9/+9 | |
| 2017-01-24 | remove unused junk definitions | deraadt | 1 | -6/+1 | |
| 2017-01-24 | Introduce rt_report() a function that generates a route message from an | claudio | 1 | -97/+114 | |
| rt_entry. Use this function in the success case of all route commands. Reduce the goto madness in route_output and make the code hopefully a bit easier to read and work with. OK mpi@ bluhm@ | |||||
| 2017-01-24 | tls_config_add_keypair_mem is the function to add additional keypairs and | claudio | 1 | -5/+5 | |
| ocsp_staple functions set the OCSP response they don't add them (which implies you can call them multiple times). Discussed with jsing@ beck@ | |||||
| 2017-01-23 | Interpolate a 'make cleandir' if KEEPKERNELS is set to a non-empty string, | tb | 1 | -4/+6 | |
| right before building kernels. This should unbreak 'make release' for people having this setting. ok deraadt | |||||
| 2017-01-23 | File descriptor passing internalizes fd's into an mbuf-stored array of | deraadt | 2 | -33/+44 | |
| struct file *, and then externalizes back to fd upon delivery. Convert storage to array of struct fdpass, containing struct file * (and soon something else). memcpy originally intended for alignment purposes can be removed because CMSG_ALIGN is _ALIGN. There is some anxiety over changing this code, but it reads easier. ok mpi guenther kettenis | |||||
| 2017-01-23 | Mission accomplished, bgpctl is now fatal free. | claudio | 1 | -32/+1 | |
| 2017-01-23 | Kill the timer.c reacharound it is not needed. | claudio | 1 | -2/+2 | |
| 2017-01-23 | cleanup log* functions that break with bgpd reacharound |   benno | 1 | -22/+15 | |
| ok claudio@ | |||||
| 2017-01-23 | Make util.c fatal() free by allowing undefined behaviour in prefix_compare. | claudio | 1 | -6/+8 | |
| If you pass in crap then you will not get gold back. | |||||
| 2017-01-23 | Allocate all memory chunks, and potentially sleeping, before freeing | mpi | 1 | -6/+11 | |
| the old array of open files. Fix a race for multi-threaded processes reported by cheeky.m@gmx.com on bugs@ and analyzed with bluhm@. ok deraadt@, bluhm@ | |||||
| 2017-01-23 | For testing http redirect unset http_proxy, not ftp_proxy. | bluhm | 1 | -2/+2 | |
| 2017-01-23 | Rename rib pointer in struct prefix to re since it points to a rib_entry. | claudio | 3 | -21/+21 | |
| While there also remove a comment that is since a few years at least. OK gcc | |||||
| 2017-01-23 | Introduce a struct rib sitting between struct rib_desc and struct rib_tree. | claudio | 4 | -66/+77 | |
| This way the tree becomes a bit better decoupled. | |||||
| 2017-01-23 | enable bcmdog on armv7 as well |   jsg | 2 | -2/+4 | |
| 2017-01-23 | move default_passwd_cb and default_passwd_cb_userdata back into |   beck | 4 | -30/+35 | |
| the ssl_ctx from internal - these are used directly by python and openvpn and a few other things - we have the set accessors but the get accessors were added in 1.1 and these roll their own caveat OPENSSL_VERSION chickenpluckery | |||||
| 2017-01-23 | Avoid curproc dance in dupfdopen(), by passing a struct proc * | deraadt | 3 | -11/+13 | |
| ok guenther mpi | |||||
| 2017-01-23 | The ftp program is only verbose by default, if stdin is a tty. As | bluhm | 1 | -3/+4 | |
| the test greps for messages that are in the verbose output, add a ftp -v option so that make regress can be run by cron(8). | |||||
| 2017-01-23 | When run as root, fstat prints the pcb pointer instead of 0x0. | bluhm | 1 | -5/+8 | |
| Force netcat and ftp to use IPv4. Unset ftp proxy environment. | |||||
| 2017-01-23 | The function raw_input() has not been called since netiso has been | bluhm | 6 | -95/+8 | |
| removed in 2004. The comment about raw_input() above rip_input() was added in 1981, but it is wrong since 1992. After that it has been copied to rip6_input(). (*pr_input)() is never called with the parameters (mbuf, sockproto, sockaddr, sockaddr). So retire raw_input(). OK guenther@ deraadt@ | |||||
| 2017-01-23 | remove line that slipped in with rev 1.77 but doesn't belong there; ok sthen@ |   naddy | 1 | -2/+1 | |
| 2017-01-23 | Move options and mode from SSL_CTX and SSL to internal, since these can be | jsing | 12 | -66/+70 | |
| set and cleared via existing functions. | |||||
| 2017-01-23 | Enable bcmdog on RAMDISK as well so it can reboot. | jsg | 1 | -1/+2 | |
| ok kettenis@ patrick@ | |||||
| 2017-01-23 | Add bcmdog(4), a watchdog timer for the Raspberry Pi. | kettenis | 3 | -2/+163 | |
| Based on code written by patrick@ | |||||
| 2017-01-23 | Remove duplicate $OpenBSD$ tag. | kettenis | 1 | -2/+1 | |
| 2017-01-23 | Enter UKC when built with BOOT_CONFIG and -c is specified. | jsg | 1 | -1/+9 | |
| ok kettenis@ patrick@ | |||||
 |
index : wireguard-openbsd | |
| WireGuard implementation for the OpenBSD kernel | Matt Dunwoodie |
| summaryrefslogtreecommitdiffstats |