| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
- move 'fail' label to end of function (instead of using the first
if-condition)
- merge the most simples error code paths idioms from 'cleanup+return'
to 'goto-fail'
ok mpi@
|
|
No functionnal change.
ok kettenis@
|
|
initialise a pty, run the specified file of mg commands and then exit.
This is to facilitate mg fitting into the OpenBSD regress test
framework and be able to run via a cron job.
|
|
This is a test that checks for NSS's CCS flood DoS CVE-2020-25648.
The test script currently fails on LibreSSL and OpenSSL 1.1.1j because
it sends invalid records with version 0x0300 instead of 0x0303.
We have the ccs_seen logic corresponding to NSS's fix:
https://hg.mozilla.org/projects/nss/rev/57bbefa793232586d27cee83e74411171e128361
but we do allow up to two CCS due to an interop issue with Fizz, so
at least one of the tests will likey be broken once the record version
is fixed.
|
|
this ensures more stuff is copied, in particular the flowid
information. this is also how v6 does it, which makes things more
consistent.
ok bluhm@
|
|
It is over a year old and corresponds to LLVM 8.0.0 after the
"-msvr4-struct-return" ABI change; saves 47M (on amd64).
OK deraadt
|
|
|
|
|
|
This is the same as SSL_CTX_use_certificate_chain_file() but for an
SSL object instead of an SSL_CTX object. remi found this in a recent
librelp update, so we need to provide it. The function will be exposed
in an upcoming library bump.
ok inoguchi on an earlier version, input/ok jsing
|
|
Swap -wgpeerall and wgpeer in synopsis to ease parsing.
"I'm good" - Matt Dunwoodie. "just commit" - jmc
suggestions and ok sthen@
|
|
Found the hard way by lists y42 org via an OCSP validation failure that
in turn caused pkg_add over TLS to fail. Detailed report by sthen.
ok sthen
|
|
it will show just OpenBSD while -portable will show the portable version.
OK sthen@, tb@, kn@
|
|
Using the -t option relative locations can be passed as tal locations
and so the process can not chdir until these files were read.
OK job@
|
|
Diff and (slightly tweaked) text below from
Dave Voutila < dave at sisu dot io >, thanks!
--
Since 6.7 switched to FFS2 as the default filesystem for new installs,
the ability for vmd(8) to load a kernel and boot.conf from a disk image
directly (without SeaBIOS) has been broken.
A diff from tb to add FFS2 support never mdae it into the tree.
On 5th Jan 2021, new ramdisks for amd64 have started shipping gzipped,
breaking the ability to load the bsd.rd directly as a kernel image for a vmd
guest without first uncompressing the image.
Using BIOS works, the FFS2 change happend ten months ago and few if any have
complained about the breakage. vmctl(8) is still vague about supporting it
per its man page and one still has to pass the disk image twice as a "-b"
and "-d" argument to boot an OpenBSD guest *without* BIOS.
Josh Rickmar reported the gzip issue on bugs@ and provided patches to add
support for compressed ramdisks and kernel images. The easiest way to do so
is to drop support for FFS images since they require a call to fmemopen(3)
while all the other logic uses fopen(3)/fdopen(3) calls and a file
descriptor. It is much easier to get thsoe patches merged if they don't
have to account for extracting files from disk images.
--
No objections anyone
"Removing it makes sense" reyk (who wrote the FFS module)
OK mlarkin
|
|
|
|
getifaddrs on every route message.
This also allows us to drop the route pledge since we only need to
fetch the interface state with getifaddrs on startup.
|
|
|
|
|
|
|
|
ok dtucker@
|
|
Also handle zero-length reads that are borderline nonsensical but
not explicitly banned by the spec.
Based on patch from Mike Frysinger, feedback deraadt@ ok dtucker@
|
|
from me
|
|
"This patch makes sure to clear the status/echo line after killing and
switching buffers by name. Otherwise the kill/switch prompt lingers"
|
|
ok claudio
|
|
Also prefer if (error == 0) over if (!error).
OK florian@ bluhm@
|
|
already call rtm_ifchg() and so this would just result in a duplicate message.
Noticed by deraadt@. OK florian@ bluhm@
|
|
messages. This way userland can detect if the lladdr of an interface was
changed.
OK florian@ bluhm@
|
|
error upwards since a NULL return represents a bad-URI.
Diff originally from tb@
|
|
A malformed URI such as "https://[::1/index.html" causes a NULL access
in the hosttail[1] == ":" check.
ok claudio
|
|
While the corresponding route gets removed properly, the driver's softc
kept the old label, i.e. "ifconfig mpe0" would show "mpls: label 42"
instead of "mpls: label (unset)" even though it was unset.
OK claudio
|
|
Use of the IOCTL section losely adopted from bridge(4),
the list of ioctls however is still incomplete.
mpw(4) and mpip(4) could use a reference to mpe(4) IOCTL or so,
but this is good enough for starters.
Feedback OK claudio
|
|
OK claudio
|
|
compare it to -1. Instead use a temp variable and assign to bufsz after
the -1 check.
Also add errx() calls after the switch statements in the FSM functions.
OK job@ tb@
|
|
to realize that the pids are initialized if !noop and not accessed if noop.
OK job@ tb@
|
|
anymore.
OK job@ tb@
|
|
|
|
getpagesize() will only return positive numbers (there is no negative
page size system) and it can not fail.
Should fix some compiler warnings seen in -portable projects.
OK otto@
|
|
returned by adjtime(2) from the kernel. T1 is local time when the
NTP packet is sent and T4 when the response is received. If between
these events a NTP reply from another server is received, it may
change the kernel offset with adjtime(2). Then the calulation of
the client offset was done with different bases, the result was
wrong and the system time started moving around.
So instead of correcting T1 and T4 individually at different events,
correct their sum once.
Error handling was missing if there is no timestamp in the response.
As this should not happen in our kernel, fatal() is appropriate.
tested by weerd@; OK claudio@
|
|
claiming multiple report ids once. This allows uhidpp to piggy back on
the same functionality making uhidev_unset_report_dev() redundant.
|
|
|
|
held but this path is only followed while `syslogf' socket is not set.
New `syslogf_rwlock' used to protect `syslogf' access.
ok bluhm@
|
|
found and test by Rafael Avila de Espindola
ok kettenis
|
|
DVACT_DEACTIVATE to them once when walking sc_subdevs.
Fixes a regression reported and tested by Edd Barrett.
Input from and previous version ok anton.
|
|
Code is there, noone ever used it, I guess.
This makes ifconfig(8) documentation actually hold true.
OK claudio
|
|
ok inoguchi@ tb@
|
|
|
|
ok inoguchi@ tb@
|
|
|
