Hi,
Instead of printing a debug message at the end, panic early if the
IPsec security protocol is unknown.
ok?
bluhm
Index: netinet/ipsec_input.c
===
RCS file: /data/mirror/openbsd/cvs/src/sys/netinet/ipsec_input.c,v
retrieving
> Date: Tue, 2 May 2017 15:52:56 +
> From: Visa Hankala
>
> On Mon, May 01, 2017 at 06:02:24PM +0200, Mark Kettenis wrote:
> > The futex(2) syscall needs to be able to atomically copy the futex in
> > and out of userland. The current implementation uses copyin(9) and
> >
Hi,
I recently encountered a bug in ksh(1)'s emacs mode while running from
xterm(1). How-to reproduce:
1. Insert a sequence containing at least one UTF-8 character until the
line exceeds the last column, triggering horizontal scroll.
2. Moving backwards using any motion (^A, ^B, ^[b) fails
On Thu, May 11, 2017 at 03:36:17PM +0200, Ingo Schwarze wrote:
> Hi,
>
> i checked Anton's analysis and believe it is completely correct.
> Any OKs to commit?
ok
On Thu, May 11, 2017 at 01:36:51PM +0200, Mike Belopuhov wrote:
> Maybe we should move ip_input_ipsec_fwd_check into the ipsec_input.c
> and give it a better name like ipsec_forward_check? This function
> doesn't do any IPv4 or IPv6 specific dances anyways.
There are more such functions:
Hi,
i checked Anton's analysis and believe it is completely correct.
Any OKs to commit?
See below for details.
Yours,
Ingo
Anton Lindqvist wrote on Thu, May 11, 2017 at 08:02:59AM +0200:
> I recently encountered a bug in ksh(1)'s emacs mode while running from
> xterm(1). How-to reproduce:
Hi all,
I've got a small diff which fixes a typo in the README file.
While there, I have removed a hyphen from "PD-ksh" as it does not
appear in any of the other files.
Also, the first line has been changed on purpose to highlight the
fact that BOM[0] had been introduced here, most likely by
On Mon, May 08, 2017 at 20:22 +0200, Alexander Bluhm wrote:
> Hi,
>
> IPv6 IPsec transport mode does not work if pf is enabled. The
> problem is that the decrypted packets in the input path are not
> checked with pf(4). So if you have stateful filtering on enc0 (the
> default) direction aware
On Thu, May 11, 2017 at 13:11 +0200, Alexander Bluhm wrote:
> Hi,
>
> ipv4_input() checks the IPsec policy for forwarding and local
> delivery. Such code is missing in IPv6, the behavior is different.
>
> Start using the forwarding check also in ip6_input(). While there
> avoid an ugly #ifdef
On Sat, 29 Apr 2017 23:05:45 +0900, Bryan Linton wrote:
> Is this worth deleting now that struct timezone *tzp is no longer
> used?
Actually, gettimeofday(2) will fill in struct timezone *tzp if it
is non-NULL. It is still possible to set the time zone via the
TIMEZONE kernel option. However,
I think this comment was copy-pasted as is from the comment some
lines below, but this is about hibernation, not sleep.
Ok?
Index: acpibtn.c
===
RCS file: /cvs/src/sys/dev/acpi/acpibtn.c,v
retrieving revision 1.44
diff -u -p -u -p
Hi,
ipv4_input() checks the IPsec policy for forwarding and local
delivery. Such code is missing in IPv6, the behavior is different.
Start using the forwarding check also in ip6_input(). While there
avoid an ugly #ifdef in ipv4_input().
ok?
bluhm
Index: netinet/ip_input.c
Hi,
This converts explicit_bzero+free to freezero on smtpd(8).
OK?
Index: ca.c
===
RCS file: /cvs/src/usr.sbin/smtpd/ca.c,v
retrieving revision 1.26
diff -u -p -u -r1.26 ca.c
--- ca.c9 Jan 2017 09:53:23 - 1.26
+++
13 matches
Mail list logo