| Age | Commit message (Collapse) | Author |
|---|
|
|
|
feedback cheloha deraadt
|
|
4672ff74d68766e7785c2cac4c597effccef2c5c have a zero byte prepended.
Run the secp224k1 ECDH tests and adjust this if needed.
|
|
|
|
will attempt again later, now that there is new regress
|
|
Add a KASSERTMSG() to check that strategy functions didn't screw
b_resid up too much.
ok beck@ tedu@
|
|
|
|
it's not there. This allows pwmbl(4) to attach and work on the Pinebook
Pro.
|
|
to figure out what version you were tunning before the upgrade when
you hit a bug/problem after the upgrade.
ok sthen@
|
|
the report from <Andreas dot Kahari at abc dot se> on ports@:
For a symlink, use the first of the following names that is available:
1. In -t mode, the symlink itself (unchanged).
2. When the (unresolved) symlink already resides inside the manpath,
just strip the manpath and use the rest (unchanged).
3. When prefix(es) of the unresolved symlink point to the manpath,
strip the longest such prefix and use the rest (new); this fixes
situations where the manpath or one of its parent directories is a
symlink and at the same time contains symlinks to manual pages.
4. Fall back to the fully resolved symlink, with the manpath stripped
(new); this may for example happen when the command line passes
symlinks from outside the manpath that point to manual pages inside
the manpath, or if manual page trees contain symlinks to symlinks and
not all of them are given on the command line.
The fallback (4) isn't perfect. You can construct symlink spaghetti
in such a way that this algorithm will not enter all manual page
names into the database that a human would be able to deduce. But
i do not expect such spaghetti to actually occur in practice (not
even in ports), and a full fix would require re-implementing
realpath(3) in terms of step-by-step readlink(2) calls, repeating
the complicated algorithm (3) after each step.
While here, also stop using PATH_MAX as the size of a static buffer
in filescan(); on some systems, it can be unreasonably large.
Instead, allocate path strings dynamically.
|
|
- dig(1) -p now works, as already supported by dig(1) from
ports/net/isc-bind thanks to sthen@
- "set port=..." also works in nslookup(1)
- host(1) has no support for alternate destination ports
This adds "inet" to the pledge promises of all three programs,
a compromise deemed reasonable and suggested by deraadt@; instead of
slightly more complicated patches by myself and florian@ to avoid "inet"
in the general case.
Suggested by deraadt@, ok florian@ sthen@
|
|
points in there.
okay aja@ sthen@
|
|
OP_INVISIBLE)
okay millert@
|
|
|
|
ok jsing@
|
|
okay on principle from millert@/schwarze@
The rationale is that those aren't even documented (apart from .MADE) and
the corresponding code has never been maintained (just untouched when
changing other things, so it probably doesn't work right if it ever did)
This went through a full release/bulk to make sure nobody was using that stuff.
okay millert@
|
|
Currently, only s_client has TLSv1.3 and s_server does not.
|
|
waiting for the father to do so.
okay millert@
|
|
ok tb@
|
|
OK tedu
|
|
OK tedu
|
|
OK tedu
|
|
OK jca, tedu
|
|
OK tedu
|
|
OK tedu, jca
|
|
OK jca, tedu
|
|
OK jca, tedu
|
|
OK jca, tedu
|
|
This bug caused sockets and character special devices to be accepted
as manual pages if they appeared inside manpaths, and
it caused incorrect file names to be entered into the database when
the manpath or one of its parent directories was a symbolic link.
This fixes the issues reported by <Andreas dot Kahari at abc dot se>
on ports@, but additional issues remain when symbolic links are
contained in a manpath that involves another symbolic link.
|
|
- reword MODKDE4_FIX_GETTEXT text to make it easier to read
with and ok schwarze@
|
|
during installation. This is the default value.
|
|
Noticed by sebastia@
|
|
in RFC8622; ok job@
|
|
ok jsg@
|
|
|
|
|
|
Discussed with jsing
|
|
behavior.
ok jsing
|
|
incoming method if it is a client.
This addresses the case where TLS_method() is used to initialise a SSL_CTX,
then a TLS_client_method() is then set, resulting in TLSv1.2 being used
instead of TLSv1.3. This is observable in smtpd.
ok beck@
|
|
handshake function pointer.
Fixes an isssue found by jca@ with OpenVPN.
ok beck@ tb@
|
|
traffic retries when not yet encrypting.
ok jsing@
|
|
is good enough to enable the Pinebook Pro's panel.
It would be nice to make use of the DRM's BSD-licensed panel code,
which has an extensive list of panels and its settings.
ok kettenis@
|
|
|
|
intended for shm/fd passing, but for programs that may otherwise like
filesystem access.
ok beck deraadt kettenis
|
|
|
|
|
|
no function change.
|
|
ok jsing@
|
|
ok jsing@
|
|
in OpenSSL's test suite.
|
