GitLab

sdcollectd has been changed to make the parsing of incoming idle report
packets more robust.  This should squash all existing vulnerabilities on
the packet reception path.

Changes:

* NULL terminate the incoming packet buffer
* move from strcpy to strncpy.
* switch from strtoul, strtod, etc. to sscanf with explicit field lengths.
* Multi-level parsing of packets into records, then key/val pairs,
  then individual key and value parsing/checking.

We don't need to be told the AM, since we can only sign these
certs for ourselves

Look at the user's cert, rather than their credential, and allow
it to be looked up in the database rather than provided in a file

This script will generated a credential that allows a user to
override the max_sliver_lifetime value. Based on Srikanth's
genallow_extcred script, but heavily modified. genallow_extcred
should be updated to look more like this.

Change watchdog to catch HUP and reopen the log.
Add stuff to client Makefile to append a line to newsyslog.conf.

It has been removed entirely from the FreeBSD ports tree and we still need
it because it has a dhclient which takes multiple interfaces on the command
line (the current version just takes one interface). We should move to the
new version, but I am not up to that yet...

I'm sure they would respond that we are being stupid running non-raid on
an expensive raid controller...

Ugh, I am not a big fan of how we manage new OSes, but I started it!

image).

For shared lans, move the code that sets up the underlying lan into
the Experiment module, so it can be called from tbswap. This is
to fix some race conditions that can take place if two experiments
are mucking with the underlying lan at the same time.

The reason for the groups option is so that we can use this
for users that are in more the 16 groups (stupid group limit that
breaks everything!).

image_setup is run from tbprerun to verify and create image
descriptors, and then later from tbswap to actually download
and verify the image (ndz) file.

image_import does the actual work for a specific image (url).

Add global flag.

URLs, as for importing images.