Refactor dtls1_do_write_handshake_message().
If the call to dtls1_write_bytes() fails, handle the potential MTU update
and return/continue, which allows for the remainder to be moved out of an
else statement.
ok kenjiro@ tb@
update to exim-4.99.2 in 7.8-stable (at this point in the release cycle
-stable ports updates are mostly not possible as they'll interfere with
updates to 7.9, however this has been removed in -current so that doesn't
apply here).
this brings recent cve fixes, plus other older ones from 4.99.1 that
didn't get into -stable yet.
also update MESSAGE to warn about removal in 7.9.
ok phessler renaud
bgpctl: add log.c for bgpctl
This provides log_{warn{,x},info,debug}() and fatal{,x}() implementations
that wrap the err.h API. They are API compatile with bgpd's log.h and will
help undo some contortions where we had to put log calls into weird spots
because of code sharing between bgpd and bgpctl.
ok claudio
Split dtls1_do_write() into handshake message and CCS handling.
dtls1_do_write() is currently a single function that handles both handshake
messages and CCS. This is a strange mix that only serves to complicate the
code - handshake messages have their own headers and may need to be
fragmented, while CCS must be sent verbatim (and only contain a single
byte). Pull the CCS part out into a separate function, simplifying the
code. By definition, when sending a CCS message the MTU will already be
set appropriately.
ok kenjiro@ tb@
Avoid unnecessary lookups in dtls1_retransmit_message().
dtls1_retransmit_buffered_messages() is iterating over the sent_messages
pqueue, only to pass dtls1_retransmit_message() a sequence number that it
turns back into a priority, to then do a lookup on the sent_messages pqueue.
This is pointless given that we already have the message that we need to
retransmit - just pass that to dtls1_retransmit_message() directly.
ok kenjiro@ tb@
Make dtls1_retransmit_message() static.
This function is only called from dtls1_retransmit_buffered_messages().
Make it static and move it above the caller.
ok kenjiro@ tb@
Inline dtls1_fix_message_header().
This is only used in one place and it makes no sense to have it as a
separate function. Furthermore, pull up an assertion so that we check
before assigning frag_len.
ok kenjiro@ tb@
rpki-client: properly ignore missing unsupported files in -n mode
RFC 9286 section 6.5 mandates that we fetch all the files in a manifest
fileList and validate their hashes. By design, RRDP will ship all the
available files whereas in rsync we decided to fetch only the files of
types we explicitly support. While we check the hashes of unsupported
files, they won't be copied into the cache of validated files.
Since unsupported files are not in the validated cache and may or may
not be present in the temporary directory of fetched objects, there is
logic that ensures that the hashes of all available files are correct
and attempts to avoid an error for files absent from both directories.
Whether all the above decisions in both, standards and our code, are
fully sound is not entirely clear.
Be that as it may, Job observed that this logic was incorrect in noop mode
where no temporary directory is available. This resulted in rejecting the
one manifest that still lists a Ghostbuster's record (RFC 6493) and as a
[7 lines not shown]
The dual-pool form of the af-to action, af-to af FROM redirpool pool_opts
TO redirpool pool_opts was writing the TO side options in the FROM side.
OK sashan@
Fix possible reload bug that leave old filters on a peer.
In rde_reload_done() the code handling the peer->reconf_rib case has a
continue which skips the code path that actually reapplies the outbound
filters. The result is that such a peer keeps on running with the old
filters -- a subsequent reload will then fix this.
Removing the continue changes the way peer->reconf_rib and peer->reconf_out
interact. Now reconf_rib needs to be checked before reconf_out since it
is possible for both to be set. Adjust the code in rde_softreconfig_in_done()
accordingly.
OK tb@
rdate: remove -c option, we don't install the "right" zone files
This option was non-functional since OpenBSD does not ship with the
/usr/share/zoneinfo/right time zone files, which include leap
seconds. OK dgl@
drm/amdgpu: replace PASID IDR with XArray
From Mikhail Gavrilov
b7cddf6c017510cd0c79980ea551e7bcdf0edc7e in linux-6.18.y/6.18.25
3c863ff920b45fa7a9b7d4cb932f466488a87a58 in mainline linux
