pfsync doesnt know the source address in IP packets before it calls
ip_output, so the extra bpf attachment has a distorted view of what
IP packets are being sent anyway. you can tcpdump on the pfsync
syncdev if you want to see what will be on the wire.
prefixes to the update / withdraw queue if the peer is up.
For updates the Adj-RIB-Out is already updated and nothing more needs to happen.
For withdraws the prefix is unlinked and needs to be destroyed if the peer is
not up. For this to work correctly make the prefix as dead.
Right now this is a no-op since the functions are only called if the peer
is up.
OK tb@
Some firmware phy types are not being mapped to ifmedia yet.
Print a message when this happens since the driver might not
work without a known media type.
The real fix will be to get missing media types mapped properly.
It does *not* "work in the same way" as EVP_PKEY_new_raw_private_key(3)
but merely arrives at the same end result after doing lots of
cumbersome and unnecessary work - and on top of that, it only works
for EVP_PKEY_HMAC.
parameters that can be controlled with EVP_PKEY_CTX_ctrl(3).
But rather than providing a detailed despription, instead
point to what application programs should use instead and explain
why using the control constant directly would be a particularly bad
idea in this case.
and is stopped when the session comes up (ESTABLISHED state).
Right now it is used to remove cloned sessions. For that the SessionDownTimer
is also started when a clone is created.
OK tb@
The pointer passed to pt_writebuf() is bad and there is no reason to limp
further. Someone else will trip over this at a later stage so better to
do it now.
OK tb@
Rename the upcall and done callbacks:
- rde_up_adjout_force_upcall() to peer_blast_upcall() and same for done
- rde_up_dump_upcall() to peer_dump_upcall() and same for done
Introduce peer_blast() which blasts out the Adj-RIB-Out including all
the route refresh messages (BEGIN_RR, EOR and END_RR) needed.
peer_dump() now always throttles the peer before starting the table walk to
fill the Adj-RIB-Out and calls peer_blast() in all cases (either directly or
via the peer_dump_done() call.
OK tb@
There is currently no sane way of getting your hands on the common name or
subject alternative name of the peer certificate from libtls. It is possible
to extract it from the peer cert's PEM by hand, but that way lies madness.
While the common name is close to being deprecated in the webpki, it is
still the de facto standard to identify client certs. It would be nice to
have a way to access the subject alternative names as well, but this is a
lot more difficult to expose in a clean and sane C interface due to its
multivaluedness.
Initial diff from henning, with input from beck, jsing and myself
henning and bluhm have plans of using this in syslogd.
ok beck
Section 2.4.3 of the UVC 1.5 class specification states that the bulk
endpoint only supports the alternative setting of zero, which is the
default stream, and which is switched at uvideo_attach_hook.
Inside uvideo_vs_close, the code uses the same switch to the alternative
setting of zero to turn off the cam LED.
The additional uvideo_vs_set_alt inside uvideo_vs_open turns off the cam
LED in the case of the bulk endpoint cam. I see this behavior on both
available bulk endpoint cams: it flashes the LED flashes after ffplay
starts, and looks like it was turned off.
OK mglocker@ kn@
