BSD Commit Log Search

   Use correct bit mask for mcu command field.

   Both the vendor and Linux drivers store the mcu command in the cmd
   field of the mcu tx descriptor, which is 7 bits wide.

   ok hastings@

   attmepting -> attempting

   Export divert sockets from kernel to sysctl.

   To show divert-packet sockets in netstat(1), the kernel has to
   include the information about the divert and divert6 tables in
   sysctl KERN_FILE_BYFILE.

   reported by William B.  OK mvs@ sthen@

   rpki-regress: cert_parse() -> cert_parse_filemode()

   rpki-client: rename cert_parse() into cert_parse_filemode()

   Now that we added more specialized parsing functions, cert_parse() should
   only be used in filemode. Make this more explicit by adjusting its name.
   Keep the magic der == NUL check for now for consistency with the other API
   parsing a cert from its DER.

   ok claudio

   Move more bits around to simplify the filter_set refactor.

   Introduce rde_filter_dup() that takes care of duplicating a filter rule
   with all depenencies.

   Check that peer_apply_out_filter() does not return an old list for new
   peers. This can't happen but it is one of those where a check makes
   sense.

   Move rde_l3vpn_import() to rde_filter.c since it works on a
   struct filter_set to match against communities.

   OK tb@

   pfctl(9) with '-nvf ...' option must provide output which
   matches pfctl grammar. This change fixes that for rules that
   use source/state limiters.

   The change also makes print_rule() to print the limiter name
   instead of its numeric id to make output more human friendly.

   Feedback and improvements from dlg@

   OK dlg2

   Use const on a few more function arguments for community and nexthops.

   OK tb@

   Make OSC 52 work in popups, from gogongxt at 163 dot com in GitHub issue
   4797.

   Refresh copy mode when style changes, from Josh Cooper in GitHub issue 4830.

   Update libexpat to version 2.7.4.

   Relevant for OpenBSD are security fixes #1131 #1075, bug fixes
   #1073, other changes #1105 #1106 #1051 #1109.  Library bump is not
   necessary.  CVE-2026-24515 CVE-2026-25210

   tested and OK tb@

   preceeded -> preceded

   tweak previous:
   * make struct fuse_args argument name consistent
   * change some ellipses into complete sentences
   * add a missing word
   * use .Vt for a type name
   * use .Fa for struct member names
   * use "or" instead of "and" below RETURN VALUES
   * add the missing fuse_mount(3) below SEE ALSO

   sync

   qwx: update ni_rssi from ACK frame RSSI in tx completion

   The hardware reports ack_rssi in the tx completion status when data
   frames are acknowledged. Update ni_rssi with this value so ifconfig
   reports accurate signal strength from the data path.

   Like Linux ath11k, check WMI_TLV_SERVICE_HW_DB2DBM_CONVERSION_SUPPORT
   to determine if the value is already in dBm or needs noise floor
   adjustment. ACK frames may be sent with higher power than beacons,
   providing a more accurate RSSI reading during active data transfer.

   ok stsp@

   Document new stop command for processes.
   OK kettenis@

   Implement a ddb stop command that sends a SIGSTOP to the specified pid.

   SIGSTOP can never be caught or ignored so there is no need for any
   tricks to make sure the signal makes it. So this may work better in
   cases where exiting a process may be too harsh.

   OK kettenis@

   In server_read_httpchunks() do not blindly enable the bufferevent.

   This leads to a use-after-free since the bev->readcb() call could free
   the memory holding the bev right before the bufferevent_enable() call.

   Reported by Pontus Stenetorp.
   from clauio@; OK florian@ rsadowski@

   this is errata/7.7/019_httpd.patch.sig

   In server_read_httpchunks() do not blindly enable the bufferevent.

   This leads to a use-after-free since the bev->readcb() call could free
   the memory holding the bev right before the bufferevent_enable() call.

   Reported by Pontus Stenetorp.
   from clauio@; OK florian@ rsadowski@

   this is errata/7.8/013_httpd.patch.sig

   In server_read_httpchunks() do not blindly enable the bufferevent.

   This leads to a use-after-free since the bev->readcb() call could free
   the memory holding the bev right before the bufferevent_enable() call.

   Reported by Pontus Stenetorp.
   OK florian@ rsadowski@

   Break sorting out into a common file so formats and modes use the same
   code. Also add -O for sorting to the list commands. From Dane Jensen in
   GitHub issue 4813.

   sync

   Fix typos.

   Add low-level FUSE API man pages to Makefile.

   netstat: print pf state rather than pf state key after in_pcb.h changes

   unbreaks tree

   Refined markup, clarified function descriptions, and restored a
   functional example.

   OK schwarze@

   fix a variable name in a comment. no functional change

   improve pf_find_state lookups by checking the direction of the states.

   if we have the state from the packet coming into the stack we can
   ensure the state we look up goes in the opposite direction.

   use pf_states to link mbufs/inpcbs and forwarded connections together

   this replaces the links between pf_state_keys and mbufs/inpcbs.

   pf_states represent the actual connection tracked by pf, while
   pf_state_keys are more general since they only contain the network
   addresses. the fact that pf_state_keys exist is an implementation
   detail in pf rather than a fundamentally useful artifact to the
   rest of the system. the preference would have been to link things
   to pf_states rather than pf_state_keys in the first place, but there
   wasn't enough machinery (eg, refcounts and immutable links to
   pf_state_keys) on pf_states to link to them directly. this means
   pf still had to iterate over the states hanging off the pf_state_keys
   to get to the actual pf_state it needed anyway.

   discussed with henning@
   ok sashan@ jmatthew@

   avoid work in pf_state_insert if pf_state_key_unref didnt swap keys.

   ok sashan@ jmatthew@