Four new OpenSSL CVE's were released today, which OpenSSL deemed to be
not of sufficient severity to warrant advance disclosure.
OpenBSD/LibreSSL is not vulnerable to two of these
On Thu, Dec 03, 2015 at 10:04:39AM +0100, Martin Pieuchot wrote:
> Now that we're good, we can get rid of this pointer. Thanks to
> everybody involved in the process of replacing rt_ifp usages with
> if_get()/if_put().
>
> ok?
>
> Index: net/route.c
>
On Thu, Dec 03, 2015 at 09:04:54AM +, Tati Chevron wrote:
> I'm trying to build the no_ada flavour of gcc 4.9 using dpb on a
> machine running 5.8-release, and it fails:
>
> # export FLAVOR=no_ada
> # dpb -D BUILD_USER=ports -D CDROM_ONLY -D FTP_ONLY -F 0 -L /portswork/logs
> -l
On 12/03/15 09:04, Tati Chevron wrote:
> I'm trying to build the no_ada flavour of gcc 4.9 using dpb on a
> machine running 5.8-release, and it fails:
>
> # export FLAVOR=no_ada
> # dpb -D BUILD_USER=ports -D CDROM_ONLY -D FTP_ONLY -F 0 -L
> /portswork/logs -l /portswork/locks lang/gcc/4.9
>
>
On Thu, Dec 03, 2015 at 06:48:28AM -0500, Ted Unangst wrote:
> Cleaner this way I think.
>
ok
>
> Index: frag6.c
> ===
> RCS file: /cvs/src/sys/netinet6/frag6.c,v
> retrieving revision 1.65
> diff -u -p -r1.65 frag6.c
> ---
Cleaner this way I think.
Index: frag6.c
===
RCS file: /cvs/src/sys/netinet6/frag6.c,v
retrieving revision 1.65
diff -u -p -r1.65 frag6.c
--- frag6.c 22 Oct 2015 10:22:53 - 1.65
+++ frag6.c 3 Dec 2015 11:44:10 -
This is pledge for ospfd's SE and RDE process. The parent can't be pledged
right now because of the same issue that bgpd has (carp demote).
Had to shuffle some code around (as a benefit rdomain check is no longer a
fatal error). Please test, running this on a test router and it seems to
be OK.
Hello,
OK
sasha
On Thu, Dec 03, 2015 at 12:29:15PM +0100, Alexander Bluhm wrote:
> On Wed, Dec 02, 2015 at 07:45:09PM +0100, Alexander Bluhm wrote:
> > Here is a new version of the diff. This is new:
>
> Now with feedback from sashan@
>
> - merge
> - no SS_ISCONNECTED check in tcp as it was
This should cover the simple free calls in pf_ioctl.
--
:wq Claudio
Index: pf_ioctl.c
===
RCS file: /cvs/src/sys/net/pf_ioctl.c,v
retrieving revision 1.296
diff -u -p -r1.296 pf_ioctl.c
--- pf_ioctl.c 3 Dec 2015 10:34:11 -
On Thu, Dec 03, 2015 at 06:48:28AM -0500, Ted Unangst wrote:
> Cleaner this way I think.
Yes, OK bluhm@
>
>
> Index: frag6.c
> ===
> RCS file: /cvs/src/sys/netinet6/frag6.c,v
> retrieving revision 1.65
> diff -u -p -r1.65 frag6.c
Hello,
OK
regards
sasha
On Thu, Dec 03, 2015 at 01:21:32PM +0100, Claudio Jeker wrote:
> This should cover the simple free calls in pf_ioctl.
>
> --
> :wq Claudio
>
> Index: pf_ioctl.c
> ===
> RCS file:
On 2.12.2015. 12:14, Jonathan Matthew wrote:
> This is mostly a backout of if_bnx.c r1.77, which introduced lists of tx
> descriptors, allocated on demand, in order to avoid allocating space per ring
> slot. These days I think we can afford a few kb of memory overhead if it
> makes the packets go
On 12/02/15 20:06, Martin Pieuchot wrote:
> On 02/12/15(Wed) 16:18, Vincent Gross wrote:
>> When fed a broadcast address, ifa_ifwitaddr() returns the unicast ifa
>> whose broadcast address match the input. This is used mainly to select
>> ifa, and there can be trouble when you have 2 ifas on the
I'm trying to build the no_ada flavour of gcc 4.9 using dpb on a
machine running 5.8-release, and it fails:
# export FLAVOR=no_ada
# dpb -D BUILD_USER=ports -D CDROM_ONLY -D FTP_ONLY -F 0 -L /portswork/logs -l
/portswork/locks lang/gcc/4.9
Fatal: Unknown flavor(s) no_ada (in test/a)
(No
Now that we're good, we can get rid of this pointer. Thanks to
everybody involved in the process of replacing rt_ifp usages with
if_get()/if_put().
ok?
Index: net/route.c
===
RCS file: /cvs/src/sys/net/route.c,v
retrieving revision
On Wed, Dec 02, 2015 at 04:40:33AM -0500, Ted Unangst wrote:
> henning points out that if you are seven levels deep when doas asks for a
> password, it can be hard to tell who is asking for what password.
>
> modify the prompt to include the program name and user@host.
> - if (pledge("stdio
Hello,
patch below introduces ip_send() function to OpenBSD kernel. ip_send()
function takes an mbuf with packet and passes to ip_output(), which
will be running in softnet task.
the patch also changes icmp_error()/icmp6_error() to dispatch the ICMP error
responses via ip_send(), so both
On 12/03/15 10:21, Vincent Gross wrote:
> On 12/02/15 20:06, Martin Pieuchot wrote:
>> On 02/12/15(Wed) 16:18, Vincent Gross wrote:
>>> When fed a broadcast address, ifa_ifwitaddr() returns the unicast ifa
>>> whose broadcast address match the input. This is used mainly to select
>>> ifa, and
On Thu, Dec 03, 2015 at 02:52:59PM +0100, Vincent Gross wrote:
> bluhm@ spotted one case where in_broadcast was needed.
>
> ok ?
OK bluhm@
>
> Index: sys/net/if.c
> ===
> RCS file: /cvs/src/sys/net/if.c,v
> retrieving revision
Hello,
so after a feedback in a hackroom here is the third version of patch. The
summary of changes is as follows:
- ip*_send() function use softnettq to dispatch packet
- ip*_output() functions running in ip*_send_dispatch() are protected
KERNEL_LOCK() and running at
thanks, commited
Brian S. Vangsgaard(b...@avalanic.dk) on 2015.10.01 13:27:12 +0200:
> Hi,
>
> Problem:
> If a client have a state entry in the relayd anchor, and the target
> server goes down, the client will be unable to "failover" for 10 sec +
> (10 sec - elapsed time since last SLA check).
ping
On Nov 12 22:21:39, h...@stare.cz wrote:
> The -r option of newsyslog(8) removes the requirement
> that newsyslog runs as root. Would it also make sense
> to not try to send the SIGHUP to syslogd in that case?
>
> Jan
>
>
> Index: newsyslog.8
>
Hello,
mikeb@ found a fundamental problem in my earlier patch. The ip_send() function
was using `softnettq` (softnet task queue) to dispatch packet via ip*_output().
Doing so it's risky business as ip*_output() is not unlocked yet.
So new patch version introduces a new task: ipsendtq. The
Hello,
below is final patch I'm going to commit. Summary of changes:
- softnettq declaration moved to net/if_var.h (by bluhm@)
- lock order swapped: KERNEL_LOCK() goes first folllowed
by spl (by bluhm@)
- long line got fixed (by bluhm@)
-
Thanks Ingo for your extensive review! It contains lots of valuable
input for me.
I have applied all your recommendations, they make a lot of sense.
> I would suggest to use uint32_t.
Just while applying this, I noticed that the file has a mix of the
types u_int32_t and uint32_t. I took
Refreshed patch against HEAD appears below,
best,
Richard.
PS. Apologies for the quoted-printable encoding...looking now for an email
client capable of 7-bit...
On 10/11/2015, at 5:18 PM, Richard Procter wrote:
> This reduces tsec(4) TX interrupts by over a factor of four per interface,
>
> On 4 Dec 2015, at 06:44, Alexandr Nedvedicky
> wrote:
>
> Hello,
>
> below is final patch I'm going to commit. Summary of changes:
> - softnettq declaration moved to net/if_var.h (by bluhm@)
> - lock order swapped: KERNEL_LOCK() goes first
On 03/12/15(Thu) 18:07, Alexandr Nedvedicky wrote:
> Hello,
>
> so after a feedback in a hackroom here is the third version of patch. The
> summary of changes is as follows:
> - ip*_send() function use softnettq to dispatch packet
> - ip*_output() functions running in
On Thu, Dec 03, 2015 at 06:07:41PM +0100, Alexandr Nedvedicky wrote:
> +#ifdef _KERNEL
> +extern struct taskq *softnettq;
> +#endif /* _KERNEL */
> #endif /* _NET_IF_H_ */
I think this should go to net/if_var.h
> +static void
> +ip_send_dispatch(void *cx)
> +{
Maybe you should pass
On Sun, 29 Nov 2015 17:45:55 +0100, Ingo Schwarze wrote:
> our wc(1) utility currently violates POSIX in two ways:
>
> 1. The -m option counts bytes instead of characters.
> The patch given below fixes that.
>
> 2. Word counting with -w only treats ASCII whitespace as word
>
30 matches
Mail list logo