| Age | Commit message (Collapse) | Author |
|---|
|
From Nicholas Bishop
68f3a4252e9718843bd172f9761267aa288647d0 in linux 5.15.y/5.15.25
364438fd629f7611a84c8e6d7de91659300f1502 in mainline linux
|
|
From Christian Koenig
0fec53c5dca8a218e20b1d3964db23391a689dff in linux 5.15.y/5.15.25
e8ae38720e1a685fd98cfa5ae118c9d07b45ca79 in mainline linux
|
|
From Mario Limonciello
38108fd273acbc6248870a7a3e61714398af6f94 in linux 5.15.y/5.15.25
04ef860469fda6a646dc841190d05b31fae68e8c in mainline linux
|
|
From Mario Limonciello
72808bb42c87c4887c553ea8d9f4ecaf15d867d3 in linux 5.15.y/5.15.25
f52a2b8badbd24faf73a13c9c07fdb9d07352944 in mainline linux
|
|
From Mario Limonciello
64519c9e32ac548fd47cf16767f4b779a8cbdd14 in linux 5.15.y/5.15.25
a6ed2035878e5ad2e43ed175d8812ac9399d6c40 in mainline linux
|
|
moment when the default listeners are added to the config got moved into
parse_config() and so is now visible in the printed config. Showing the
listen on statements is probably a good thing.
Failure noticed by anton@
|
|
i is a silly name for BN_num_bits(dsa->q); move a comment for readability.
|
|
dsa_do_verify() has checks on dsa->p and dsa->q that ensure that p isn't
overly long and that q has one of the three allowed lengths specified in
FIPS 186-3, namely 160, 224, or 256.
Do these checks on deserialization of DSA keys without parameters. This
means that we will now reject keys we would previously deserialize. Such
keys are useless in that signatures generated by them would be rejected
by both LibreSSL and OpenSSL.
This avoids a timeout flagged in oss-fuzz #26899 due to a ridiculous
DSA key whose q has size 65KiB. The timeout comes from additional checks
on DSA keys added by miod in dsa_ameth.c r1.18, especially checking such
a humungous number for primality is expensive.
ok jsing
|
|
|
|
'sockaddr' structure with socket's address. For key management and route
domain sockets it just returns error.
ok bluhm@
|
|
dependent on __STDC__ and doesn't need the ## operator.
ok jsg@
|
|
i need to add the bridge ioctls i copes with at some point.
|
|
|
|
to see 23.2 MB text output unless when debugging a failure. And
then a logfile is better than stderr.
OK claudio@
|
|
|
|
|
|
|
|
|
|
getsockname is for connected sockets, not all sockets. dgrams need
to use some setsockopt stuff and cmsgs to get packet info like that.
suggested by K R on bugs@
|
|
TLS when TLS is also configured"
|
|
|
|
|
|
for testing. Using alternate ports does not work for session using ipsec.
OK tb@ deraadt@
|
|
|
|
|
|
|
|
|
|
Found by anton@ who has enc0 on index 1 on his arm64 regress machine.
with and OK anton@
|
|
ok guenther@
|
|
|
|
ok deraadt millert
|
|
visa@
|
|
|
|
This way we keep the size of the strings in the private struct in
sync with what the kernel gives us. OK deraadt@
|
|
from sys/param.h include lines, or remove the include lines entirely if
it this was the least requirement.
ok millert
|
|
And thus, sys/param.h is not needed either.
ok millert
|
|
from sysctl.h. This isn't a perfect transition, still thinking about
other ways to do it.
ok millert
|
|
proper strings, adapt dt's exported string in the same way.
Old/new files/tools will not work the same way.
That this interface needs to also change was pointed out by jsg
|
|
OK tb@
|
|
proper strings, adapt struct acct's ac_comm similarily. While here increase
ac_mem to 32-bits, increase ac_flag from 8 to 32 bits for future extensions,
add ac_pid for forensics, and reorder the structure to avoid compiler pads.
More work remains in the sa(8) command to use ac_pid better.
This is a flag day for the acct file format, new/old files/tools are incompatible.
ok bluhm millert
|
|
including the NUL), in all internal interafaces, and expose this
in ktrace, core, or proc.h visibility.
ok millert
|
|
because it was padded. Define it in terms of _MAXCOMLEN from syslimits.h
ok millert
|
|
have the terminating NUL). In the near future, fewer programs will use
this yucky non-string, some kernel:userland interfaces will to change to
pass a proper string.
ok millert
|
|
commits will change sys/param.h MAXCOMLEN, sys/sysctl.h KI_MAXCOMLEN,
sys/acct.h ac_comm[], dev/ic/dtvar.h DTMAXCOMLEN to use this, and also
adapt most to the included NUL correctly. This will allow us to remove
sys/param.h include from userland base.
sys/syslimits.h is chosen as the best place for this define because it
has very small namespace which is already pulled in often.
ok millert
|
|
Ok millert@
|
|
Ok millert@
|
|
ober_scanf_elements.
Found the hard way on octeon and patch tested by sebastian <at> rostwald
<dot> de
OK tb
|
|
Adapted from the NetBSD version with some changes from FreeBSD.
OK gnezdo@
|
|
Call log_init() and set debug but clear verbose afterwards with
log_setverbose(0) still the fuzzer is very verbose.
OK millert@ some time ago
|
|
EVP_PKEY_set1_EC_KEY() bumps the refcount of eckey, so eckey won't be
freed at the end of keyproc() or acctproc(), which means that secrets
aren't wiped. Move EC_KEY_free() to the out label, so that the refcount
is decremented or the key freed, as appropriate.
tested/ok claudio
|
