| Commit message (Collapse) | Author | Files | Lines | ||
|---|---|---|---|---|---|
| 2015-10-08 | Make sure that when trunk_port_ioctl is called to set a new |   mikeb | 1 | -5/+5 | |
| lladdr the trunk port is already on the list. OK mpi | |||||
| 2015-10-08 | Handle case where no hint is passed in. Found as a crash of fdm by jturner@ |   deraadt | 2 | -4/+4 | |
| 2015-10-08 | setsockopt has a small list of options it can set. If we find ourselves | deraadt | 1 | -1/+8 | |
| only in TAME_UNIX, stop trying after servicing SOL_SOCKET. discussion with claudio | |||||
| 2015-10-08 | Only in TAME_ROUTE, allow ioctl SIOCGIFADDR/SIOCGIFFLAGS/SIOCGIFRDOMAIN, | deraadt | 1 | -1/+12 | |
| because many routing daemon processes with this attribute need to fetch that information to work. discussed with claudio and renato | |||||
| 2015-10-08 | the -P flag overwrites files, so it needs tame "stdio rpath wpath cpath". | deraadt | 1 | -1/+9 | |
| the remaining code paths can use tame "stdio rpath cpath". One again, the "cpath" request says a path-based system call will be used to "change" filesystem pathname layout, for instance any of O_CREAT, symlink, rename, unlink... | |||||
| 2015-10-08 | Simpify some code by noting that DOSBBSECTOR is 0, so "if (n > |   krw | 2 | -12/+6 | |
| n+DOSBBSSECTOR) ..." is pointless, as is "n = n + DOSBBSECTOR;". | |||||
| 2015-10-08 | if the mbuf has a valid flowid, use it instead of using siphash24 |   dlg | 1 | -1/+4 | |
| and a bunch of header fields we have to parse the mbuf for. siphash24 is about 20% of the cost of sending a udp packet on a trunk interface with tcpbench on my box. if there's a flowid set we get all that back. ok mpi@ mikeb@ sthen@ | |||||
| 2015-10-08 | use the state id to set a flowid on an mbuf. | dlg | 1 | -1/+6 | |
| ok mpi@ mikeb@ sthen@ | |||||
| 2015-10-08 | steal some padding in mbuf pkthdrs to store a flow id. | dlg | 2 | -5/+24 | |
| the flowid roughly identifies a flow or connection that the mbuf is a part of, and can be used instead of hashing contents of the packet (like src+dst mac and ip addresses) to decide which path a packet should take. ok mpi@ mikeb@ sthen@ | |||||
| 2015-10-08 | Local route entries are always UP now, missed in previous. |   mpi | 3 | -3/+3 | |
| 2015-10-08 | Implement set_pages_array_wb() and set_pages_array_wc() for powerpc. Since |   kettenis | 1 | -5/+7 | |
| powerpc doesn't actually implement write-combining fall back to uncached mappings. ok mpi@, jsg@ | |||||
| 2015-10-08 | Add a per-page flag to indicate that all mappings of that page should be | kettenis | 2 | -5/+8 | |
| uncached. To be used in the drm code. ok mpi@ | |||||
| 2015-10-08 | allow a test to manage itself the tame(2) call. |   semarie | 1 | -10/+14 | |
| 2015-10-08 | Unlock the softnet task. | mpi | 1 | -3/+1 | |
| ok dlg@, kettenis@ | |||||
| 2015-10-08 | fix an fd leak if socket connection fails; from Carlin Bingham |   jsg | 1 | -1/+3 | |
| ok reyk@ | |||||
| 2015-10-08 | fix a typo; from Carlin Bingham | jsg | 1 | -2/+2 | |
| 2015-10-08 | Call em_start() when we detect a link state change such that packets start | kettenis | 1 | -1/+3 | |
| flowing again even if the send queue is currently full. Restores the fix made by makeb@ in rev 1.263 which was lost in making the tx completion path mpsafe. ok mikeb@ | |||||
| 2015-10-08 | Use the radix API directly and get rid of the function pointers. There | mpi | 4 | -36/+11 | |
| is no point in keeping an unused level of abstraction. ok mikeb@, claudio@ | |||||
| 2015-10-08 | add comment, suggested by reyk |   sthen | 1 | -1/+2 | |
| 2015-10-08 | Link the result of each mps_getbulkreq() to the end of the previous list | sthen | 3 | -8/+17 | |
| and not the start of it. Fixes getbulk requests for multiple OIDs. From Gerhard Roth, ok blambert@ | |||||
| 2015-10-08 | use correct return value for IP-MIB::ipForwarding, tweak/ok uebayasi@ | sthen | 1 | -2/+2 | |
| 2015-10-08 | trailing whitespace; |   jmc | 1 | -6/+6 | |
| 2015-10-08 | Try again. Both -R and -p prevent use of tame, but other cases can use it. | deraadt | 1 | -1/+9 | |
| 2015-10-08 | sync | deraadt | 1 | -0/+2 | |
| 2015-10-08 | Rip the guts out of another gibbering horror of a time comparison function, and |   beck | 4 | -74/+48 | |
| mark it as #ifndef LIBRESSL_INTERNAL at least we don't use this. ok jsing@ | |||||
| 2015-10-08 | revert previous accidental commit | beck | 4 | -46/+72 | |
| 2015-10-08 | Spelling in comment | beck | 6 | -78/+50 | |
| 2015-10-08 | ah, fchflags. We will come back to this issue later | deraadt | 1 | -6/+1 | |
| 2015-10-07 | Add tls_peer_cert_notbefore and tls_peer_cert_notafter to expose peer certificate | beck | 6 | -9/+98 | |
| validity times for tls connections. ok jsing@ | |||||
| 2015-10-07 | Allow us to get cipher and version even if there is not a peer certificate. | beck | 2 | -15/+21 | |
| ok doug@ | |||||
| 2015-10-07 | In theory, bgpd should be happy with tame "stdio unix route recvfd". | deraadt | 1 | -1/+5 | |
| Let's hear from people's experiences by commiting it. | |||||
| 2015-10-07 | use new tame "route" feature when possible | deraadt | 1 | -7/+9 | |
| 2015-10-07 | use fatal() instead of err(); from benno | deraadt | 1 | -2/+2 | |
| 2015-10-07 | Split out routing sysctl's from tame "inet", and put them into the | deraadt | 2 | -45/+57 | |
| new tame "route" request. Now routing daemons and tools (such as arp), can narrowly ask for either feature. One thing remains available in both cases -- support for getifaddr()'s, since libc and programs often use that in close association with socket creation. ok benno sthen beck, some discussion with renato | |||||
| 2015-10-07 | Use getline(3) rather than fgetln(3). OK gilles@ |   millert | 1 | -5/+7 | |
| 2015-10-07 | one simple free, ok mpi | deraadt | 1 | -4/+4 | |
| another not so simple free, repaired by mpi | |||||
| 2015-10-07 | Add initial support for UEFI/GPT installs to install script. Original | krw | 2 | -4/+21 | |
| diff from rpe@. ok deraadt@ yasuoka@ | |||||
| 2015-10-07 | use tame "stdio rpath tty", for ttyname(). from Rob Pierce, who chose to | deraadt | 1 | -2/+5 | |
| do this using ktrace step by step. not the method i recommend, because it requires 100% coverage via feature tests. better to read the code and understand everything being called, then make decisions. | |||||
| 2015-10-07 | "..." implies optional, so no need for []; from michael reed | jmc | 6 | -16/+15 | |
| 2015-10-07 | from previous commit: "ioctl" is used for grab ttyname(0) | semarie | 1 | -2/+2 | |
| with a function's name like that "tty" should be a better request (more strict) pointed by and ok deraadt@ | |||||
| 2015-10-07 | Be explicit that the user is responsible for freeing the line buffer | millert | 1 | -4/+10 | |
| and show this in the example. | |||||
| 2015-10-07 | enable tame(2) in who(1). | semarie | 1 | -9/+21 | |
| some refactor to grab ttyname(0) early and use it later. gradually drop tame requests when no more needed. "ioctl" is used for grab ttyname(0) "rpath" is for -T and -u flag, that used stat(2) to get terminal status initial patch from deraadt with help from guenther ok deraadt@ | |||||
| 2015-10-07 | include PubkeyAcceptedKeyTypes in ssh -G config dump |   djm | 1 | -1/+2 | |
| 2015-10-07 | tame "stdio cpath". The cpath is for rmdir(). Tame bundles all the system | deraadt | 1 | -1/+4 | |
| calls that create/destroy filesystem paths in the "cpath" request. | |||||
| 2015-10-07 | We cannot tame if -R is specified, because mknod and mkfifo may be called. | deraadt | 1 | -1/+6 | |
| But in other cases, we can use tame "stdio rpath wpath cpath fattr", including for the historical -r option. | |||||
| 2015-10-07 | easy size for free(); ok mpi | deraadt | 1 | -2/+4 | |
| 2015-10-07 | easy free sizes; ok mpi | deraadt | 2 | -5/+5 | |
| 2015-10-07 | UsePrivilegeSeparation defaults to sandbox now. |   sobrado | 1 | -4/+9 | |
| ok djm@ | |||||
| 2015-10-07 | tame "stdio rpath wpath cpath" to support use of freopen() with "w" | deraadt | 1 | -1/+4 | |
| 2015-10-07 | tame "stdio inet rpath wpath cpath" supports all the functions of tftp. | deraadt | 1 | -1/+4 | |
 |
index : wireguard-openbsd | |
| WireGuard implementation for the OpenBSD kernel | Matt Dunwoodie |
| summaryrefslogtreecommitdiffstats |