| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
reference to it, it isn't necessary that the pane in copy mode is the
same as the one copying from. Add a -s flag to copy-mode to specify a
different pane for the source content. This means it is possible to view
two places in a pane's history at the same time in different panes, or
copy from a pane's history into an editor or shell in the same pane.
From Anindya Mukherjee.
|
|
Removing a malloc(9) with M_WAITOK reduces possible context switches which
helps when dealing with parallelism issues.
From Vitaliy Makkoveev.
|
|
ok deraadt@
|
|
ok gkoehler@
|
|
bytes in case ASN1_INTEGER_get() failed. This happens more often since
asn1/a_int.c -r1.34. Matches OpenSSL behavior.
Issue in openssl x509 -text output reported by sthen
ok jsing sthen
|
|
|
|
for Unix domain socket forwarding. Factor out the code for the config
keywords that use the most common subset of TOKENS into its own function.
bz#3014, ok jmc@ (man page bits) djm@
|
|
in place which should have been deleted entirely. As a result firmware-based
retries weren't being used in 11n mode anymore. Fix this.
I really shouldn't be committing non-trivial changes without OK...
|
|
|
|
for normal operation (UDP port 500) and one for NAT traversal (UDP 4500).
There are several command line options resulting in only one of the sockets
being created (-T, -t and -p). Add a new 'enum natt_mode' to make the
logic for those somewhat less complicated as well as some comments where
it makes sense.
From Wataru Ashihara <wataash (at) wataash (dot) com>
ok patrick@
|
|
included in the output from `openssl ciphers`.
|
|
OpenSSL has always taken the approach of enabling almost everything by
default. As a result, if you wanted to run a secure TLS client/server
you had to specify your own "secure" cipher string, rather than being
able to trust the defaults as being sensible and secure. The problem
is that with the introduction of TLSv1.3, most of these "secure" cipher
strings result in the new TLSv1.3 cipher suites being excluded.
The "work around" for this issue in OpenSSL was to add a new TLSv1.3
API (SSL_CTX_set_ciphersuites(), SSL_set_ciphersuites()) and have separate
knobs for the pre-TLSv1.3 and TLSv1.3 cipher suites. This of course means
that every application now needs to call two APIs, but it does mean that
applications that only call SSL_CTX_set_cipher_list()/SSL_set_cipher_list()
cannot remove TLSv1.3 cipher suites and prevent TLSv1.3 from working.
We've taken a different approach and have allowed TLSv1.3 cipher suites
to be manipulated via the existing SSL_set_cipher_list() API. However,
in order to avoid problems with hardcoded cipher strings, change this
behaviour so that we always include TLSv1.3 cipher suites unless the
cipher string has a specific reference to the TLSv1.3 protocol or a
TLSv1.3 cipher suite.
This means that:
$ openssl ciphers -v TLSv1.2:!TLSv1.3
still gives TLSv1.2 only cipher suites and:
$ openssl ciphers -v AEAD-CHACHA20-POLY1305-SHA256
only lists a single TLSv1.3 cipher, however:
$ openssl ciphers -v ECDHE-RSA-AES256-GCM-SHA384
now includes both TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 and all TLSv1.3
cipher suites (which also matches OpenSSL's openssl(1) behaviour).
Issue encountered by kn@ with mumble.
ok tb@
|
|
|
|
|
|
explicitly comparing against a value.
|
|
"hard-quad-float" feature is available. Add missing replacement
instruction patterns that are needed to emit alternative code for
conditional moves of quad-precision floats.
ok mortimer@
|
|
From Geoff Hill.
|
|
ok hackroom@
|
|
From Geoff Hill.
|
|
|
|
symbols that were hidden. Fixes building Mesa on hppa.
ok deraadt@
|
|
Already done by xargs(1). Pointed out by espie@, ok millert@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
attributes request and other bits that prompt a reply from the terminal.
This means that stray relies are not left on the terminal if the command
has attached and then immediately detached and tmux will not be around
to receive them. Prompted by a problem report from espie@.
|
|
Using ARG_MAX directly doesn't fly when ARG_MAX gets bumped and the
kernel and userland are not in sync, effectively breaking find -exec +.
Use sysconf(3) as already done in xargs(1).
Spotted by sthen@, ok deraadt@ millert@ sthen@
|
|
|
|
Same change as made for iwm(4) and iwx(4), but also accounts for block ack.
Avoids Tx results being reported and evaluated even if they did not correspond
to the most recently chosen rate, spoiling the data available to the rate
control algorithm.
tested by benno, jmc, and krw; no regressions seen
|
|
|
|
Missed somehow in perl update
|
|
|
|
https://metacpan.org/pod/release/SHAY/perl-5.30.2/pod/perldelta.pod
Incompatible Changes
There are no changes intentionally incompatible with 5.30.0.
Updated Modules and Pragmata
* Compress::Raw::Bzip2 has been upgraded from version 2.084 to 2.089.
* Module::CoreList has been upgraded from version 5.20191110 to 5.20200314.
Selected Bug Fixes
* printf() or sprintf() with the %n format no longer cause a panic
on debugging builds, or report an incorrectly cached length value
when producing SVfUTF8 flagged strings.
* A memory leak in regular expression patterns has been fixed.
* A read beyond buffer in grok_infnan has been fixed.
* An assertion failure in the regular expression engine has been fixed.
* (?{...}) eval groups in regular expressions no longer unintentionally
trigger "EVAL without pos change exceeded limit in regex".
Proceed when you feel comfortable. deraadt@
|
|
|
|
|
|
|
|
ok markus@
|
|
Generate an unpredictable 32-byte legacy session ID during client
initialisation, rather than when the ClientHello message is being created.
Otherwise in the case of a HelloRetryRequest the legacy session ID values
will differ between the first and second ClientHello messages, which is
not permitted by the RFC.
Fixes an issue talking TLSv1.3 to smtp.mail.yahoo.com.
ok beck@
|
|
attribute for the purpose. No functional change intended.
The purpose is to make it possible to later attach tags to text nodes.
|
|
ok patrick@, jsg@
|
|
used by default and is very useful.
|
|
|
|
rasops_init() call.
ok patrick@, jsg@
|
