MPLS support partly based on the (abandoned?) AYAME project.
Basic LSR (Label Switch Router) functionality is present, but not fully
functional yet.
It is currently possible to insert entries in the LIB (Label Information Base)
with route(8), but setting the operation type is not supported yet.
Imported to allow more people to work on this in the coming weeks.
ok claudio@ laurent@ dlg@
introduce two new APIs for requesting strong random numbers:
arc4random_buf() - fill an arbitrary memory range with random numbers
arc4random_uniform() - return a uniformly distributed random number
below
a specified upper bound, avoiding the bias that comes from a naive
"arc4random() % upper_bound" construction.
these mirror similarly-named functions in the kernel;
lots of discussion deraadt@ mcbride@
should be good, plus it prevents weird things from happening if
len > INT_MAX.
- Since n is now size_t, compare it against 0 instead of >= 0.
- temp is used to store individual bytes, so use char instead
(matches fp and tp).
- millert noted that the comma operator may not guarantee order of
execution, so replace with semicolons.
Found by lint, OK millert.
bootblocks have been moved, but we want 4.2 to be upgradeable. So
reduce the footprint of the bsd.rd by shrinking the ramdisk filesystem
because it is way too large. tested by sthen and kettenis
- rdr-anchor "relayd/*": the anchor used by relayd to load
redirections into pf.
- pass in on $ext_if proto icmp to ($ext_if): it is a bad habit to
block icmp, this example proposes to allow it by default.
ok henning@
This allows recovery after an IP address change (e.g. on dialup links).
Also move the update of "nextaction" timeout below the deadline check.
OK henning@
has been loaded. Otherwise, states that are received during the
initial bulk update mismatch the correct pf-checksum and
do not attach to the rules.
Problem identified by david@. Fix done in collaboration.
OK henning@
make the installation media's life easier:
- stop using ``Pc'' as a getty terminal type, use std.9600 instead.
- on platforms with multiple virtual consoles (alpha, amd64, i386,
zaurus), console is disabled, various ttyC* are enabled.
- on other platforms, console is enabled, all other devices are
disabled. This only changes armish, mac68k, sgi.
- default terminal for console is unknown on serial-only machines, vt220
on glass-capable machines (questionable, but done for consistency).
- minor whitespace changes.
- glass console forgotten on a couple platforms (luna88k, sparc64, vax).
eyeballed by deraadt@, ok krw@