| Age | Commit message (Collapse) | Author |
|---|
|
Sven Wolf noticed that scans on ral(4) are buggy ever since I added a new
field to this struct. Turns out a lot of drivers were initializing fields
one-by-one, leaving any newly added fields uninitialized by default.
Affected drivers may report wrong channel numbers for received beacons.
The net80211 stack will discard such beacons, assuming they were received
on the wrong channel due to signal leakage. Scanning is broken as result.
ok miod@
|
|
ok millert deraadt
switchd(8) was removed back in November. Commit message was:
Retire switchd and switchctl. While interesting they never managed to
really get into a usable state. The OpenFlow API is mostly superseeded
by P4 and so this is a bit of a dead end.
|
|
ok sthen@, tb@
|
|
dump_tables and vmm to the build. Adopt all makefiles to skip tests
on non amd64 machines.
OK dv@
|
|
|
|
Other users of qp->output already include a NULL check.
Avoids a crash when cursor key support is disabled in cl/cl_term.c.
From Jeremy Mates. OK tb@
|
|
of snapshots is to allow pfsync(4) to move items from global lists
to local lists (a.k.a. snapshots) under a mutex protection. Snapshots
are then processed without holding any mutexes. Such idea does not fly
well if link entry is currently used for global lists as well as snapshots.
Feedback by bluhm@ Credits also goes to hrvoje@ for extensive testing.
OK bluhm@
|
|
a warning and no fuss.
|
|
proc_parser_cert_validate() and proc_parser_root_cert() adjust
parse_load_certchain() and parse_load_ta() respectivly.
Also cleanup the functions in parser.c and make it possible to call
ta_parse and cert_parse with a NULL cert.
OK tb@
|
|
From Matt Roper
14785927a1d46817b1648806ed5124be049bea75 in linux 5.15.y/5.15.35
1acb34e7dd7720a1fff00cbd4d000ec3219dc9d6 in mainline linux
|
|
From Tomasz Mon
2dd7d2eddf8e1ff3556e333979af99e4c167a7b5 in linux 5.15.y/5.15.35
4593c1b6d159f1e5c35c07a7f125e79e5a864302 in mainline linux
|
|
From Melissa Wen
804c096d640ece718d6505c5252eb66544bbc2c9 in linux 5.15.y/5.15.35
e4f1541caf60fcbe5a59e9d25805c0b5865e546a in mainline linux
|
|
From Roman Li
6a03581ccffa571bfa1a9f3a097e1a4d7164fd2d in linux 5.15.y/5.15.35
f4346fb3edf7720db3f7f5e1cab1f667cd024280 in mainline linux
|
|
makes sense to totally split it out. Duplicate proc_parser_cert_validate()
and proc_parser_root_cert() for now.
The valid_x509() plus the required static functions are moved to validate.c.
The crl_tree code moved into crl.c similar to the auth_tree handling in
cert.c. All the proc functions are now tagged with __attribute(noreturn)
which allows to remove the errx() after them.
OK tb@
|
|
From Martin Leung
ac2eb310af0582428400186173d070320a8bfd6f in linux 5.15.y/5.15.35
b2075fce104b88b789c15ef1ed2b91dc94198e26 in mainline linux
|
|
From Roman Li
eab8e585840f84c6a352eaab70e5495eda7ebb6f in linux 5.15.y/5.15.35
58e16c752e9540b28a873c44c3bee83e022007c1 in mainline linux
|
|
From QintaoShen
f2658d5966bcee8c3eb487875f459756d4f7cdfc in linux 5.15.y/5.15.35
ebbb7bb9e80305820dc2328a371c1b35679f2667 in mainline linux
|
|
From Tianci Yin
9f0fabf30b486e3d5c9b578073cea369ffc05c43 in linux 5.15.y/5.15.35
6ea239adc2a712eb318f04f5c29b018ba65ea38a in mainline linux
|
|
From Tushar Patel
25efb191d86b108f100f82f414229f8269d00b28 in linux 5.15.y/5.15.35
b7dfbd2e601f3fee545bc158feceba4f340fe7cf in mainline linux
|
|
From Leo (Hanghong) Ma
7a3bc11a40346987649018ecd82caa744117c347 in linux 5.15.y/5.15.35
c9fbf6435162ed5fb7201d1d4adf6585c6a8c327 in mainline linux
|
|
From Chiawen Huang
92951699a5f11043b9d1402ea21787f420b36094 in linux 5.15.y/5.15.35
7d56a154e22ffb3613fdebf83ec34d5225a22993 in mainline linux
|
|
From Charlene Liu
b054e8183fbdec15955311956df8a9ce47e0ab6d in linux 5.15.y/5.15.35
5e8a71cf13bc9184fee915b2220be71b4c6cac74 in mainline linux
|
|
From Alex Deucher
37bc29a445384f4bdfc734dfe7f763ede604acfe in linux 5.15.y/5.15.35
b818a5d374542ccec73dcfe578a081574029820e in mainline linux
|
|
From Guchun Chen
5a3b56a4a1c79111bc4aaa9caba5eb5e9cfaeaeb in linux 5.15.y/5.15.35
2d505453f38e18d42ba7d5428aaa17aaa7752c65 in mainline linux
|
|
From Aurabindo Pillai
6dded62e5aa6e29f18a1079002109cb6068e9bf6 in linux 5.15.y/5.15.35
c5c948aa894a831f96fccd025e47186b1ee41615 in mainline linux
|
|
because rc.subr has special-casing for spamd/spamlogd.
Teach the script to detect the pflog interface from spamlogd flags and
create the correct interface if needed.
ok jturner@
|
|
From Nicholas Kazlauskas
8e663865f5284124196bc04e010e7344d8a278f3 in linux 5.15.y/5.15.35
3107e1a7ae088ee94323fe9ab05dbefd65b3077f in mainline linux
|
|
From Nicholas Kazlauskas
685a19fa6ae99dc7a18a9af2a7626162e1db7aff in linux 5.15.y/5.15.35
e7031d8258f1b4d6d50e5e5b5d92ba16f66eb8b4 in mainline linux
|
|
|
|
caused no tag was sent on the outgoing packet.
Bug reported and the fix tested by Andrew Laramore.
|
|
Requested by jsing
|
|
X509v3_{addr,asid}_is_canonical() check that the ipAddrBlocks and
autonomousSysIds extension conform to RFC 3779. These checks are not
cheap. Certs containing non-conformant extensions should not be
considered valid, so mark them with EXFLAG_INVALID while caching the
extension information in x509v3_cache_extensions(). This way the
expensive check while walking the chains during X509_verify_cert() is
replaced with a cheap check of the extension flags. This avoids a lot
of superfluous work when validating numerous certs with similar chains
against the same roots as is done in rpki-client.
Issue noticed and fix suggested by claudio
ok claudio inoguchi jsing
|
|
Ensure that EXFLAG_INVALID is set on X509_get_purpose() failure.
ok inoguchi jsing
|
|
exit so retrieve the pid via controlmaster and use that.
|
|
that the partition entry table associated with the primary GPT
header at sector 1 doesn't overwrite the header or intrude into
the sectors available for partitions.
Similarly ensure that the partition entry table associated with
the alternate header does not overwrite that header or intrude
into the sectors available for partitions.
|
|
custom implementation that only allowed matching all files in a
directory.
ok millert
|
|
Assertions should be active and rely on #ifdef DIAGNOSTIC. Retire
PFSYNC_DEBUG.
OK sashan@ dlg@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
From Martin Vahlensieck.
|
|
We need stdlib.h for malloc(3) and stdint.h for SIZE_MAX.
Unlike the other xmss files, ssh-xmss.c does not include xmss_commons.h
so ssh-xmss.c must include those headers itself.
From Martin Vahlensieck
|
|
Since match_pattern() doesn't modify its arguments (they are const),
there is no need to make an extra copy of the strings in options->send_env.
From Martin Vahlensieck
|
|
logic into GPT_get_name(), string_to_name() and name_to_string()
functions. Remove unnecessarily abstract functions ask_string(),
utf16le_to_string() and string_to_utf16le().
No intentional functional change.
|
|
|
|
|
|
This replaces a strange hack that sets TZ=UTC and calls localtime().
Tweak format string to keep printing UTC.
ok claudio
|
