summaryrefslogtreecommitdiffstats
path: root/usr.sbin (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Remove superflouus mmcpy()dv2021-04-021-2/+1
| | | | Reported by Preben Guldberg. ok mlarkin@
* In http_connect() if the connect was actually successful break out of theclaudio2021-04-021-6/+17
| | | | | | for loop. Also in http_finish_connect() if the connect was successful cleanup the addrinfo struct. It is no longer needed. Found with deraadt@
* info gotten via getnameinfo in http_connect() is not used anymore, it isderaadt2021-04-021-7/+1
| | | | | old debugging gunk ok claudio
* Include the default cert.pem file path in tls_load_file error message.claudio2021-04-021-2/+2
| | | | Should help for -portable where sometimes the cert.pem is missing.
* Don't leak the uri of a delta with duplicate serial.tb2021-04-021-1/+3
| | | | ok claudio deraadt
* configyyrename.h is no longer needed with the switch to flex -P c_.florian2021-04-021-124/+0
| | | | | This was also removed upstream. OK sthen
* if cipher list is not specified for a relay action, use the globaleric2021-04-021-3/+6
| | | | | | cipher list if defined. otherwise fallback to libtls default. ok millert@
* fix sentence structure;jmc2021-04-021-3/+3
|
* fix typo + some whitespacetb2021-04-021-5/+5
|
* Indent struct members like everywhere else.tb2021-04-021-6/+6
|
* Update manpage about RRDPjob2021-04-011-4/+10
| | | | OK claudio@
* sort options list;jmc2021-04-011-6/+6
|
* spellingderaadt2021-04-011-2/+2
|
* Sort usage: rR -> Rrtb2021-04-011-2/+2
|
* RRDP is currently off by default.claudio2021-04-011-1/+2
|
* Initial commit of RRDP (The RPKI Repository Delta Protocol - RFC8182) supportclaudio2021-04-0110-450/+3252
| | | | | | | | | | | | | | | | in rpki-client. For now it is off by default. All XML processing is done in its own process with minimal pledge rights. It uses the already present https process to fetch the xml files and uses the master porcess to handle the file IO into the repositories. RRDP data is stored in the cache under ./rrdp/ and the first directory is the SHA256 hash of the notify URI. Fetching snapshots and deltas works to bring the cache up to date. If something goes wrong rpki-client will fall back to rsync. RRDP was implemented by Nils Fisher and integrated into rpki-client by myself. "Time to get it in" deraadt@
* Remove extraneous call of vm_getbyvmid during pause eventdv2021-04-011-2/+1
| | | | The vm is already being assigned by a call in the if-condition.
* Abate superfluous lines from remote serversjob2021-04-011-1/+2
| | | | OK claudio@
* merge NSD 4.3.6rc1sthen2021-04-0138-653/+995
|
* import NSD 4.3.6rc1, tested by me and florian@sthen2021-04-012-15/+34
|
* Make build_crls() behave like build_chain(). If there is not auth dataclaudio2021-04-011-9/+12
| | | | | | just NULL the STACK_OF() pointer since libcrypto calls can handle that. Update comments to be more accurate. With and OK tb@
* Do a better job at cleaning up. Remove empty directories, scan not only theclaudio2021-04-012-47/+78
| | | | | | known repositories but also clean up no longer known repositories. With this rpki-client keeps its cache nice and shiny. With and OK job@
* Move base64 and hex encoding functions into their own place.claudio2021-04-015-68/+103
| | | | OK tb@
* turn log_trace() into a macro to prevent evaluating the format stringeric2021-03-312-10/+9
| | | | | | parameters when tracing is not enabled. ok millert@
* allow to specify tls protocols and ciphers on relay actionseric2021-03-314-10/+46
| | | | ok espie@ sthen@ tb@
* Set the process title for the rpki-client subprocesses so they can beclaudio2021-03-311-1/+4
| | | | | identified more easily. OK deraadt@
* Make http_new() take care of all the error handling. By closing theclaudio2021-03-301-5/+5
| | | | | | | outfd and sending back the failure report via http_fail(). This was partially done in the failure case of http_resolv() and resulted in double failure reports in that case. With and OK tb@, previous version OK deraadt@
* Propagate host-side tap(4) lladdr to guest vm process to allow unicast dhcpdv2021-03-299-12/+124
| | | | | | | | | | and bootp renewals with vmd(8)'s built-in dhcp server. Previous behavior ignored did not intercept these packets and instead transmitted them. This should make vmd(8)'s dhcp behave more as a true dhcp server should and allows it to work properly with the new dhcpleased(8) attempting a renewal. OK mlarkin@
* Install apm(8) and and apmd(8) under MI MANPATHkn2021-03-292-4/+2
| | | | | | | powerpc64 was lacking manual pages; instead of shipping yet another identical MD manual, merge them under MI MANPATH as usual. Input OK deraadt
* Fix my email address in copyright lineclaudio2021-03-291-2/+2
|
* -B option not updated about bird1v4 & bird1v6 files; ok jobderaadt2021-03-291-3/+7
|
* Cleanly teardown and restore emulated device state on vm send/receive.dv2021-03-293-5/+21
| | | | | | | | This cleans up events on a pause or resume, but also fixes an issue where the vm_pipe event channels are not properly reinitialized on a received guest leading to broken serial console. OK pd@, mlarkin@
* Introduce hex_encode() to transform the aki/ski values to a string.claudio2021-03-292-40/+40
| | | | OK tb@
* Inline x509_get_extensions() and remove ittb2021-03-295-40/+28
| | | | | | | | Since aia, aki and ski are all represented by char *, this is an error-prone interface - as found by job. The function doesn't do much anyway. ok claudio
* Pull up freeing cms in gbr_parse() after its last use to avoid a leaktb2021-03-291-2/+3
| | | | | | on x509_get_extensions() failure. Fix suggested by claudio
* Check all inet_ntop() calls, in case we screw up the parameters somehow wederaadt2021-03-291-9/+15
| | | | | prefer a failure rather than some sort of weird truncation ok claudio
* sort includestb2021-03-291-2/+2
|
* Remove accidental but justified annotationtb2021-03-291-4/+1
|
* spellingsyasuoka2021-03-2924-102/+102
| | | | suggested by jsg
* minor KNF and consistancyderaadt2021-03-293-8/+12
| | | | | (rpki-client is pretty good code, couple hours of audit and I can only find a few minor things)
* improve the naming of some intermediate buffersderaadt2021-03-291-8/+9
|
* 3 additional snprintf() range checks (inconceivable these would everderaadt2021-03-292-8/+16
| | | | | truncate, but if they do, we prefer to know) ok job claudio
* in unsafe_char(), handle %NN with array-index inspection rather than weirdderaadt2021-03-291-2/+2
| | | | | ptr++ ok claudio
* Add some restrictions to manifest object profilejob2021-03-282-4/+44
| | | | OK tb@, feedback from claudio@
* Send arguments in alphabetical orderjob2021-03-273-9/+9
| | | | OK tb@
* inspect all the packets to see if they are dhcp, not just the first onederaadt2021-03-261-3/+2
| | | | | in a ring bundle. ok florian
* Simplify argument parsing of vmctl stoptb2021-03-261-15/+10
| | | | | | | | | | | | The previous argument parsing logic had at least three bugs: a copy-paste error led to an off-by-one and a printf "%s" NULL, as reported by Preben Guldberg. A previous commit led to a dead else branch and a use of uninitialized. This can all be avoided by reworking the logic so as to be readable. Prompted by a diff from Preben ok dv
* Compare filepath with strcmp() and not strcasecmp(). The URI in RPKI areclaudio2021-03-261-2/+2
| | | | | case sensitive. OK tb@
* Rewrite poll loop a bit. Put the various message queues into an arrayclaudio2021-03-261-44/+28
| | | | | | with the same order as the pollfds. This way simple for loops can be used to setup and handle all cases but POLLIN. OK tb@
* Log ioctl failureskn2021-03-251-4/+7
| | | | | | | | | | | | | | | Otherwise there is no way to determine why e.g. zzz(8) does not do anything on certain machines; macppc and arm64 for example have no suspend/resume suspend at all (for now) and loongson has partial support. This still does not make `zzz' or `apm -z' report the informative warning on standar error, but syslog now prints apmd: system suspending apmd: battery status: unknown. external power status: not known. estimated battery life 0% apmd: suspend: Operation not supported OK benno
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.