<feed xmlns='http://www.w3.org/2005/Atom'>
<title>ouroboros, branch be</title>
<subtitle>Ouroboros main repository</subtitle>
<id>http://133.ip-51-38-114.eu/cgit/ouroboros/atom?h=be</id>
<link rel='self' href='http://133.ip-51-38-114.eu/cgit/ouroboros/atom?h=be'/>
<link rel='alternate' type='text/html' href='http://133.ip-51-38-114.eu/cgit/ouroboros/'/>
<updated>2026-07-08T09:02:25+00:00</updated>
<entry>
<title>ipcpd: Store local names before DHT peering</title>
<updated>2026-07-08T09:02:25+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-07-05T16:43:19+00:00</published>
<link rel='alternate' type='text/html' href='http://133.ip-51-38-114.eu/cgit/ouroboros/commit/?id=42d3c0735624f692257f570fd986c86beb3e637f'/>
<id>urn:sha1:42d3c0735624f692257f570fd986c86beb3e637f</id>
<content type='text'>
A name registered before the DHT had a peer stayed unpublished until
it neared its expiry deadline. Make a never-stored local value (t_repl
== 0) eligible for replication immediately, and flush replication once
when the worker starts so such names are published as soon as the DHT
is enrolled.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>ipcpd: Fix DHT bootstrap re-seeding</title>
<updated>2026-07-08T09:02:24+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-07-05T16:40:25+00:00</published>
<link rel='alternate' type='text/html' href='http://133.ip-51-38-114.eu/cgit/ouroboros/commit/?id=1268d6124a5cbc2cd451e5a1ae16d3a4b7cdc423'/>
<id>urn:sha1:1268d6124a5cbc2cd451e5a1ae16d3a4b7cdc423</id>
<content type='text'>
The bootstrap seeder reported success as soon as the query was
sent. Only skip seeding once the peer is in a bucket, and return
-EAGAIN until it actually appears so the caller keeps retrying rather
than assuming bootstrap completed.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>ipcpd: Report eth socket egress queue in RIB</title>
<updated>2026-07-08T09:02:24+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-07-05T16:36:25+00:00</published>
<link rel='alternate' type='text/html' href='http://133.ip-51-38-114.eu/cgit/ouroboros/commit/?id=73394044b300c90548fa92f57748996df324a180'/>
<id>urn:sha1:73394044b300c90548fa92f57748996df324a180</id>
<content type='text'>
Add the raw socket's SIOCOUTQ egress backlog to the eth RIB and
relabel the existing FIONREAD RIB entry as ingress.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>ipcpd: Minimize ipcpd-eth send buffer</title>
<updated>2026-07-08T09:02:24+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-07-05T16:32:03+00:00</published>
<link rel='alternate' type='text/html' href='http://133.ip-51-38-114.eu/cgit/ouroboros/commit/?id=11d3d58a8f60a16485e89582c1c12a224e11152b'/>
<id>urn:sha1:11d3d58a8f60a16485e89582c1c12a224e11152b</id>
<content type='text'>
The eth send buffer needs to block quickly so we can mark congestion
correctly in the upper layer buffers.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>lib: Fix locking on flow read</title>
<updated>2026-07-08T09:02:24+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-07-05T16:29:18+00:00</published>
<link rel='alternate' type='text/html' href='http://133.ip-51-38-114.eu/cgit/ouroboros/commit/?id=fd7404d927277a623b7c24e62bd564aa6853f9d8'/>
<id>urn:sha1:fd7404d927277a623b7c24e62bd564aa6853f9d8</id>
<content type='text'>
Reading a deallocated flow could cause an assert on a negative id. The
raw-flow path now holds proc.lock across flow_rx_spb rather than
dropping it first, and the FRCT loop no longer releases and reacquires
the lock on every iteration.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>lib: Prefer writers on the proc flow lock</title>
<updated>2026-07-08T09:02:24+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-07-05T16:10:50+00:00</published>
<link rel='alternate' type='text/html' href='http://133.ip-51-38-114.eu/cgit/ouroboros/commit/?id=2e5391e78c3c145e402bff1efef0a4160002b418'/>
<id>urn:sha1:2e5391e78c3c145e402bff1efef0a4160002b418</id>
<content type='text'>
FRCT readers hold proc.lock in a rdlock loop and could starve a
pending flow accept waiting for the wrlock. Initialise the lock with
the writer-nonrecursive kind on Linux with glibc, so writers are not
indefinitely delayed.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>lib: Clean up on cancelled blocking read</title>
<updated>2026-07-08T09:02:24+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-07-05T16:07:42+00:00</published>
<link rel='alternate' type='text/html' href='http://133.ip-51-38-114.eu/cgit/ouroboros/commit/?id=0562337b7aaee1c50fa840e220eba4f7478a9e82'/>
<id>urn:sha1:0562337b7aaee1c50fa840e220eba4f7478a9e82</id>
<content type='text'>
Cancelling a thread that was blocked in ssm_rbuff_read_b/write_b
didn't clean up the n_users reference. If it was in flow_rx_one it
didn't unlock the process lock.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>lib: Separate rekey replay from epoch conflict</title>
<updated>2026-07-08T09:02:24+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-07-02T17:05:25+00:00</published>
<link rel='alternate' type='text/html' href='http://133.ip-51-38-114.eu/cgit/ouroboros/commit/?id=942e4c64ad03e537a77366c6bf1309241b71f1e8'/>
<id>urn:sha1:942e4c64ad03e537a77366c6bf1309241b71f1e8</id>
<content type='text'>
keyrot_rekey() treated any re-key attempt against a live epoch
(current or previous) the same way, whether the offered root key
matched the live one (a replay) or was genuinely different (a
conflict). Compare the offered key against the live batch's root
and return -EREPLAY for a match, keeping -1/-ECRYPT for an actual
conflict, so callers can handle replayed re-keys distinctly from
real ones.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>irmd: Move AUTH test macros to OAP common.h</title>
<updated>2026-07-08T09:02:24+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-07-02T06:09:16+00:00</published>
<link rel='alternate' type='text/html' href='http://133.ip-51-38-114.eu/cgit/ouroboros/commit/?id=fca717aba18850d2e32a069905f03314cd836c17'/>
<id>urn:sha1:fca717aba18850d2e32a069905f03314cd836c17</id>
<content type='text'>
The ML-DSA OAP test defined CLI_AUTH/NO_CLI_AUTH and passed them for
the srv_auth parameters of the re-key tests. Rename to the neutral
AUTH/NO_AUTH already used by oap_test.c and move the pair to the
shared common.h.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>irmd: Test OAP KEM re-key floor</title>
<updated>2026-07-08T09:02:23+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-07-01T23:25:40+00:00</published>
<link rel='alternate' type='text/html' href='http://133.ip-51-38-114.eu/cgit/ouroboros/commit/?id=08a3828af7416326e8deb84c44da030b64fc5464'/>
<id>urn:sha1:08a3828af7416326e8deb84c44da030b64fc5464</id>
<content type='text'>
Add tests for two client-encap KEM properties the server enforces:
reject a client KDF below the server floor, and confirm a re-key
forces ephemeral server-encap.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
</feed>
