| Age | Commit message (Collapse) | Author |
|---|
|
Hints and wording from jmc@
|
|
|
|
FreeBSD/powerpc. From George Koehler.
ok millert@, deraadt@, visa@
|
|
instead
From Pamela Mosiejczuk, many thanks!
OK phessler@ deraadt@
|
|
so it can ask for the smartcards PIN.
ok markus@
|
|
The parser would allow bogus input and sometimes even produce invalid rules
on empty anchor names, so error out immediately.
OK sashan
|
|
For anchor names, make `load anchor' use the same grammar as `anchor' and
merge unique checks from both places so that anchor names are validated
regardless of the specific rule at hand.
OK sashan
|
|
Open trust anchor file for reading and writing on startup and pass it
to the frontend process. The frontend process seeks and truncates the
file apropriately when writing out new trust anchors learned via DNS
but never closes the file. On error the file is truncated to zero
length.
This is in turn handled on startup by switching to the built in trust
anchor when no trustanchor can be read from disk.
This side steps the need for an unveil'ed directory with "c" permission
and also removes the wpath and cpath pledges from the parent process.
deraadt@ pointed out that my previous design didn't make sense and I
had confused myself along the way. (It did work, but was too
complicated for no good reason).
While here validate that we actually read a trust anchor from disk by
trying to parse it and checking that it is a DNSKEY. Unfortunately
ub_ctx_add_ta() accepts just any string as a trust anchor without any
validation.
|
|
in the same way as the http authenticated username is loged.
From Karel Gardas, gardask at gmail dot com, Thanks!
ok florian@
|
|
There are various points where we need the hash of all messages prior to
the current message. Support this by having the handshake code preserve
the transcript hash prior to recording the current message, which avoids
the need to sprinkle this throughout multiple handlers.
ok inoguchi@ tb@
|
|
what is used by more recent Linux kernels.
Partly from SASANO Takayoshi.
|
|
error messages if a card is absent from the slot, but other workarounds
are much more complicated.
From SASANO Takayoshi.
|
|
"where is the kaboom?" deraadt@
|
|
client requested, be prepared to handle shell-style brace alternations,
e.g. "{foo,bar}".
"looks good to me" millert@ + in snaps for the last week courtesy
deraadt@
|
|
when ForceCommand=internal-sftp is in effect; bz2960; ok dtucker@
|
|
|
|
|
|
It appears the flag combination -S -p not only preserved the modification
time as documented, but also the file mode unless the file content changed,
so with the change in rev. 1.68, the flag -p no longer applies the given
file mode if the file content does not change.
Regression in the lang/go-boostrap build system reported by espie@.
|
|
connects to the horizontally adjacent vertical line or cell;
fixing a bug reported by bentley@.
|
|
|
|
in UTF-8 output; suggested by bentley@
|
|
fixing a minibug reported by bentley@
|
|
ok jsing@ tb@
|
|
ok inoguchi@ tb@
|
|
While handshake hash is correct (in as far as it is a hash of handshake
messages), using tls1_transcript_hash*() aligns them with the naming of the
tls1_transcript*() functions. Additionally, the TLSv1.3 specification uses
Transcript-Hash and "transcript hash", which this matches.
ok inoguchi@ tb@
|
|
This allows ctx->hs to be used throughout the TLSv1.3 code, rather than
S3I(ctx->ssl)->hs_tls13.
ok inoguchi@ tb@
|
|
repository and will not be in the next major release.
Switch to the am335x_evm target a FIT image for multiple am335x boards
including the BeagleBone Black.
u-boot-arm >= 2019.01p2 is now required to build armv7 releases.
ok deraadt@ phessler@
|
|
ok tb@ jsing@
|
|
ok deraadt@
|
|
|
|
ok schwarze@
|
|
Shouldn't affect unwind but keeping in sync.
r5108 | wouter | 2019-02-08 15:05:24 +0000 (Fri, 08 Feb 2019) | 3 lines
- Fix #4225: clients seem to erroneously receive no answer with
DNS-over-TLS and qname-minimisation.
|
|
the checksum's width
ok dlg@
|
|
from NetBSD; OK deraadt@ visa@
|
|
understands.
ok mpi@, visa@
|
|
with O_CREAT|O_EXCL; instead, always create it with a temporary name,
then rename(2) it into place atomically. For example, the race caused
failures in parallel builds that (foolishly) install the same file twice.
This patch makes the -S option a no-op,
making install(1) always behave like -S used to.
Based on a minimally different patch
from Lauri Tirkkonen <lotheac at iki dot fi>,
and including a manual page tweak from deraadt@.
OK deraadt@; "seems the right thing to do" tedu@.
|
|
in struct ps_strings.
from NetBSD; OK deraadt@ guenther@ visa@
|
|
addition to UNIX domain sockets.
Prompted by a mail from Daniel Gracia ( paladdin AT gmail ) pointing out
that we are not documenting TCP support at all, thanks!
Prodding by and with jmc@
|
|
|
|
/usr/src/usr.sbin/unbound, diff from florian@
|
|
|
|
|
|
The captive portal process needs to receive sockets from the main
process to speak http to.
|
|
|
|
|
|
ok schwarze@
|
|
correctly itself now. At leat considering the end of life times of
OpenBSD releases and the speed at which the root key signing key (KSK)
rolls.
On the other hand, unbound-anchor assumes a certain network quality
which we cannot guarantee in places where we want to run unwind(8).
This in turn can lead to unbound-anchor stalling the boot process.
|
|
Do not use the libunbound's auto trust anchor file feature since it
then the resolver process needs rpath, wpath, and cpath pledges and
permission on the trust anchor file.
Instead configure the trust anchor as resource record strings. The
parent process opens the file, passes a filedescriptor to the frontend
process to parse the file and then passes trust anchors to the
resolver process to (re-) configure the resolver contexts.
The resolver process periodically probes for new trust anchors (DNSKEY
records of the root zone) and passes those to the frontend process.
This in turn requests a file descripter for writing from the parent
process. Once the trust anchors have been written the parent process
renames the tmp file to the final location.
Also provide a built in trust anchor for boot strapping purposes if no
file is found on disk. That way we can get rid of unbound-anchor in
unwind's rc.d script.
|
|
OK cheloha@ jmc@
|
|
ok bcook@ tb@
|
