wireguard-openbsd - WireGuard implementation for the OpenBSD kernel

	Commit message (Collapse)	Author	Files	Lines
2019-06-17	always reset the "su" variables, which is more consistent and predictable.	tedu	2	-16/+22
	ok martijn millert
2019-06-17	It's enough to allocate the EC key once.	florian	1	-6/+3
	OK tb
2019-06-17	rpk-client.8 -> rpki-client.8	jsg	1	-2/+2

2019-06-17	One NULL-check before EVP_MD_CTX_free() was left in previous.	tb	1	-4/+2

2019-06-17	free(9) sizes.	mpi	1	-7/+8
	ok reyk@
2019-06-17	whitespace	deraadt	1	-2/+2

2019-06-17	system includes first, always.	deraadt	5	-10/+10

2019-06-17	Use bsd.prog.mk style for building	deraadt	1	-70/+8

2019-06-17	We do not need for the -portable stubs here.	deraadt	1	-1236/+0

2019-06-17	Don't do -portable in base. It is better done outside the tree.	deraadt	21	-1251/+20
	Imagine if we did it throughout the tree, how many copies of strlcpy would we have, and how much time would all the configure shell scripts and includes take? It would be ludicrous.
2019-06-17	Use non-deprecated API; from Renaud Allard, thanks!	florian	1	-9/+7
	OK tb
2019-06-17	This portable code knocking out pledge or unveil is better done	deraadt	1	-8/+1
	as a C stub, rather than #define. Anyways, this "-portable by default" approach is not the OpenBSD way.
2019-06-17	this file is not needed	deraadt	1	-14/+0

2019-06-17	should be rpki-client(8)	deraadt	1	-1/+1

2019-06-17	../../../logmessage	job	33	-0/+10362

2019-06-17	Replace spaces with tab for text indent	claudio	1	-5/+5

2019-06-17	Cleanup some spaces here as well. Again no binary change.	claudio	3	-18/+18

2019-06-17	Cleanup, remove some unneded spaces add some other where needed.	claudio	8	-35/+34
	No binary change according to clang
2019-06-17	Too much space	claudio	2	-5/+5

2019-06-17	Add unit test for new community functions. Should cover the basics.	claudio	3	-1/+760

2019-06-17	Adjust test since the community rewrite changed order of communities in sets.	claudio	1	-2/+2

2019-06-17	Implement elliptic curve account keys.	florian	7	-39/+259
	OK benno Input & OK tb
2019-06-17	The copyfault handler is supposed to store the old handler in the pcb.	patrick	1	-2/+2
	ok kettenis@
2019-06-17	Adjust comment.	claudio	1	-2/+4

2019-06-17	From Leonid Bobrov: add a condition to {beginning,end}-of-buffer to	lum	3	-6/+11
	push mark only if it's not pushed already.
2019-06-17	Make pci_intr_map_msix(9) assign an address to the BAR used by the MSI-X	kettenis	1	-3/+10
	tables if no address has been assigned yet to prevent a panic in pci_intr_establish(9) later. ok patrick@
2019-06-17	Split out the code that assigns addresses to BARs into its own function.	kettenis	2	-7/+28
	ok patrick@
2019-06-17	Adjust and sync the code with the new struct community code from bgpd.	claudio	3	-142/+266
	OK benno@
2019-06-17	Completley rewrite the community matching and handling code. All community	claudio	12	-1137/+1253
	attributes are put into a new data structure when parsing the UPDATE. The filter code can quickly lookup and modify this data structure. When creating an UPDATE the data is put back into wire format. Setups using a lot of communities benefit a lot from this. Input and OK benno@
2019-06-17	s/get1/get0/ in comments	florian	1	-3/+3

2019-06-17	Mention EM_PPC64; from jsg@	kevlo	1	-1/+3

2019-06-17	improve clock_gettime regress:	anton	2	-4/+7
	* fix compilation error due to missing cast * do not run sysctl during make clean and the other common regress cleanup targets * make it work using a separate object directory
2019-06-17	When reloading station address via TWSI is timed out, try to reload	kevlo	1	-1/+3
	station address from EEPROM. From Brad.
2019-06-17	Mention the ELF machine type EM_AARCH64.	kevlo	1	-2/+4
	ok jmc@
2019-06-17	Allow setting of retransmission intervasl via _res.retrans. Ugly API but	otto	1	-1/+4
	it's all we got. ok jca@
2019-06-17	We do support "options edns0"; ok jca@	otto	1	-5/+2

2019-06-17	Remove old realpath(3), and the userland-vs-kernel realpath verification	deraadt	1	-334/+44
	code. We now user the simple userland wrapper on top of __realpath(2). The non-POSIX behaviour still remains, that is the next component to fix. From a diff by beck, but I managed to chainsaw it a bit further. Tested in snaps for a couple of days. ok beck
2019-06-17	Add -c option for passing LOG_CONS to syslog(3).	guenther	2	-7/+14
	(Option choice matches NetBSD) ok deraadt@ jmc@ benno@ kn@
2019-06-17	dosendsyslog() must only pass ktrgenio(9) userspace buffers that it can	guenther	1	-15/+8
	use copyin() on. While here: just put the struct iovec for ktrace on the stack instead of mallocing and freeing it. problem debugged by patrick@ ok deraadt@ mpi@
2019-06-16	SYS___realpath is legitimately PLEDGE_STDIO, because the other pledge	deraadt	1	-2/+2
	feature bits checked in namei()
2019-06-16	Trade unveil(2) for chroot(2).	florian	5	-91/+70
	This uses less code and unveil(2) seems to be the better tool here. The directory one chroots into needs to be carefully setup (they are not) and comon wisedom is that root can break out of chroots. There is probably nothing wrong with the chroot code because of pledge but it still makes me feel uneasy. input & OK on previous version mestre OK on previous version deraadt bug found, input & OK benno
2019-06-16	redo the environment inheritance to not inherit. it was intended to make	tedu	4	-27/+51
	life easier, but it can be surprising or even unsafe. instead, reset just about everything to the target user's values. ok deraadt martijn Thanks to Sander Bos in particular for pointing out some nasty edge cases.
2019-06-16	finish killing PLIST_DB as noticed by some anonymous guy	espie	1	-3/+3

2019-06-16	Ignore the frame cents component in MMC relocate message.	ratchov	1	-3/+2
	As MTC requires new position to be transmitted with one frame precision and then to advance in quarter-frame steps, its not necessary to pollute out mtc position pointer with a frame cents information, care about rounding errors and so on.
2019-06-16	Say in comment why we use 1/2400 second as MTC time unit.	ratchov	1	-2/+3

2019-06-16	Do not leak rsa keys; nobody is messing with the reference behind our	florian	1	-3/+3
	back so there is no need to get a copy. Clue & probably OK tb
2019-06-16	Restrict filesystem access to read only _PATH_DEVDB and /dev through unveil(2),	mestre	1	-4/+15
	discussed by many. Additionally call ctime(3) before unveil(2) in order to avoid potential $TZ expansion and therefore avoiding opening more files that would need to be read, idea from deraadt@. While here sort the headers alphabetically. OK florian@ deraadt@
2019-06-16	Be more aggressive retrying dns while in settime mode. The constraint	otto	4	-7/+18
	engine does not know if we're in startup mode, so use a small interval the first few times there.
2019-06-16	acctkey indirection is unnecessary, just pass authority->account	florian	1	-5/+2

2019-06-16	drm/amd/display: Use plane->color_space for dpp if specified	jsg	2	-2/+6
	From Nicholas Kazlauskas 668440f6ee3f553252cb52da488d3ac3ba404382 in linux 4.19.y/4.19.51 a1e07ba89d49581471d64c48152dbe03b42bd025 in mainline linux