| Age | Commit message (Collapse) | Author |
|---|
|
version require these flags to accept the X.509 certificates from the
gateway or client; I just add both flags to make it work in both cases
and verified it with win7, for example when authenticating against iked.
go ahead beck@
|
|
in the PHY instead of the MAC like ICH8.
|
|
kernel, just like isakmpd does it. In difference to isakmpd, the Id
type is printed in capital letters, eg. FQDN/foo.example.com, because
it is using the existing print_map() API. For consistency, rename a
few Id types in grammar and code from the RFC-names to the
OpenBSD-style names; including RFC822_ADDR to UFQDN, IPV4_ADDR to just
IPV4, DER_ASN1_DN to ASN1_DN etc.
|
|
while here, change ping6 to use strtonum instead of strtol.
OK claudio@
|
|
so they can only be set to 1 or 0. Caught by gcc4.
ok mcbride@ pyr@
|
|
after the command is executing is bogus because it may still be needed if the
same command is going to be executed again (for example if you "bind-key a
bind-key b ..."). Making a copy is hard, so instead add a reference count to
the cmd_list.
While here, also print bind-key -n and the rest of the flags properly.
Fixes problem reported by mcbride@.
|
|
warnings from gcc4)
os claudio@
|
|
* bug fixes:
- interaction of ASCII_HYPH with special chars (found by Ulrich Spoerlein)
- handling of roff conditionals (found by Ulrich Spoerlein)
- .Bd -offset will no more default to 6n
* maintenance:
- more caching of .Bd and .Bl arguments for efficiency
- deconstify man(7) validation routines
- add FreeBSD library names (provided by Ulrich Spoerlein)
* start PostScript font-switching
|
|
ok kettenis@
|
|
ok deraadt nicm
|
|
ok ryan theo reyk
|
|
ok ryan theo & herr reyksminister
|
|
Make dired more sane (and emacslike):
* Position cursor at first filename after ..
* Don't reposition cursor on reopening
* Check for permission before attempting to open directory
I took forever to get this in. Thanks, Logan for being patient!
|
|
on resume. Fail early if this is detected, so that we have a chance to
catch it.
ok kettenis@, deraadt@
|
|
|
|
ok kettenis@, pirofti@, marco@
|
|
*scsi_generic. Change xs->cmd[0] references in sii.c to xs->cmd->opcode
and do (caddr_t) arithmetic when copying chunks into the adw adapter
struct.
Found by Matthew Dempsky, diff tweaked and tested by me.
|
|
|
|
|
|
sleep and wake up on another CPU.
ok kettenis@
|
|
ok kettenis@
|
|
|
|
|
|
|
|
|
|
it is violating the transactional model we have and made stronger in
pf, it is broken in some cases and since some options are passed to the
kernel while some are userland only and affect how the rules are
parsed it is complete bullshit anyway - obviously, changing options
that affect ruleset parsing without reloading and thus reparsing the
ruleset cannot work. so stop pretending it could and cut the crap.
ok dlg krw deraadt
|
|
authentication cookies to avoid fallback in X11 code to fully-trusted
implicit authentication using SO_PEERCRED described at:
http://lists.x.org/archives/xorg-devel/2010-May/008636.html
After the X11ForwardTimeout has expired the client will now refuse
incoming X11 channel opens.
based on patch from Tavis Ormandy; "nice" markus@
|
|
after authentication is successful to mitigate "phishing" attacks by
servers with trusted keys that accept authentication silently and
automatically before presenting fake password/passphrase prompts;
"nice!" markus@
|
|
|
|
|
|
don't create names list to recreate handles list
|
|
|
|
|
|
|
|
|
|
|
|
fix a buglet in vsystem
|
|
locally
|
|
this requires exporter for now.
|
|
rework options into state
|
|
rework handle_options to be code in state proper, so that I can remove
a class that's actually useless.
reuse the export code from getopt so that legacy code still get opt_x
working.
|
|
and thus can eventually be used to create repositories, print messages,
etc.
|
|
allow prepend as well as add
|
|
|
|
PermitEmptyPasswords=no;
|
|
results in a use after free(). Catched by jakemsr@ with MALLOC_OPTIONS=J
|
|
internal-sftp accidentally introduced in r1.253 by removing the code
that opens and dup /dev/null to stderr and modifying the channels code
to read stderr but discard it instead; ok markus@
|
|
forwards per direction; ok markus@ stevesk@
|
|
same changes in cd and sd.
tested by and ok krw@
|
|
ok thib@ deraadt@
|
