Age | Commit message (Collapse) | Author |
|
Pointed out by dickman@.
ok sthen@ phessler@
|
|
|
|
No change to generated assembly.
|
|
|
|
in the report functions instead of letting the stack do it magically for
us.
Reviewed and tested by David Higgs, thanks!
|
|
From Fabian Raetz.
|
|
|
|
the internal and long-serving ssl_ctx_load_verify_memory() function
with a call to the SSL_CTX_load_verify_mem() API function. The
ssl_privsep.c file with hacks for using OpenSSL in privsep'ed
processes can now go away; portable versions of smtpd and relayd
should start depending on LibreSSL or they have to carry ssl_privsep.c
in openbsd-compat to work with legacy OpenSSL. No functional change.
Based on previous discussions with gilles@ bluhm@ and many others
OK bluhm@ (as part of the libcrypto/libssl/libtls diff)
|
|
specifying a file. This enables CA verification in privsep'ed
processes that are running chroot'ed without direct access to the
certificate files.
With feedback, tests, and OK from bluhm@
|
|
access to the certificates. SSL_CTX_load_verify_mem() is a frontend
to the new X509_STORE_load_mem() function that allows to load the CA
chain from a memory buffer that is holding the PEM-encoded files.
This function allows to handle the verification in privsep'ed code.
Adopted for LibreSSL based on older code from relayd (by pyr@ and myself)
With feedback and OK bluhm@
|
|
instead of disk. OpenSSL didn't provide a built-in API from loading
certificates in a chroot'ed process that doesn't have direct access to
the files. X509_STORE_load_mem() provides a new backend that will be
used by libssl and libtls to implement such privsep-friendly
functionality.
Adopted for LibreSSL based on older code from relayd (by pyr@ and myself)
With feedback and OK bluhm@
|
|
|
|
ok bcook@
|
|
Prevents indent from inserting a space which broke the build of the
development version of Mesa.
ok millert@ deraadt@
|
|
the items address is within the page. it does that by masking the
item address with the page mask and comparing that to the page
address.
however, if we're using large pages with external page headers, we
dont request that the large page be aligned to its size. eg, on an
arch with 4k pages, an 8k large page could be aligned to 4k, so
masking bits to get the page address wont work.
these incorrect checks were distracting while i was debugging large
pages on landisk.
this changes it to do range checks to see if the item is within the
page. it also checks if the item is on the page before checking if
its magic values or poison is right.
ok miod@
|
|
Change the runtime check for whether a long is smaller than a pointer to a
compile-time check. Replace the silly hash for LLP64 platforms.
ok tedu@
|
|
Regenerate the amd's NFS RPC stubs with a current rpcgen, automating the
post-generation tweaks to the svc stubs. However, do follow the modern
naming style where the svc stubs have a _svc suffix.
As a side benefit, this eliminates the need to #include <nfs/nfsproto.h>
This is all a prelude to updating amd to talk NFSv3 with the kernel for
its own "toplvl" mounts, to squash another y2038 issue.
|
|
pass the size of the softc to free.
this time we only dereference the cfattach structure if we actually
need it once the refcount has dropped to 0.
tested by krw@ who found the original panic r1.80 was backed out for.
putting this in again so i can find out when else will break.
|
|
on my old sparc64.
|
|
doing so.
|
|
|
|
|
|
from Fabian Raetz
|
|
|
|
|
|
|
|
practice, be pragmatic and #include <sys/timeout.h> for
struct tcpb (glorious namespace violation)
ok kettenis millert sthen
|
|
Pointed out by florian@
|
|
needed by its ancestor. jsg@, include-what-you-use, and some manual
review helped to cleanup the headers (take iwyu with a grain of salt).
Based on common practice, httpd.h now also includes the necessary
headers for itself.
OK florian@
|
|
ports is ready, <net/pfvar.h> will stop including a pile of balony.
|
|
OK mpi@
|
|
This is of some relevance because the pod2man(1) preamble abuses it
for the icelandic letter Thorn, instead of simply using \(TP and \(Tp.
Missing feature found by sthen@ in DateTime::Locale::is_IS(3p).
|
|
ok deraadt@
|
|
narrower one, center the latter horizontally. After a group of
characters printed in the same position, advance by the width of
the widest one among them.
|
|
the conditional operator. Adapted from NetBSD. ok miod@
|
|
information also makes it through. This is a compromise to cope with
the absolutely ridiculous setprogname() API.
ok various discussions
|
|
and compatibility with other BSDs. Adapted from FreeBSD.
Still permit the combination "-hp" as requested by many.
ok sthen@
|
|
kernel, so update pmap_extract() accordingly and save a VP lookup.
While here unify pted checks after the VP lookups.
ok miod@
|
|
not a PCjr bios will help diagnose any problems.
ok deraadt kettenis
|
|
one run out of inetd.
the libexec tftp-proxy had the same problems as the libexec tftpd, in that
it didnt scale as well as we needed. it also had a bunch of interesting
races with states and addresses on sockets.
manpage is coming.
ok deraadt@ sthen@ henning@ matthew@
|
|
because the HC has been shut down (during suspend/hibernate) or
removed (PCIe card).
In both cases the hardware wont complete the commands, resulting in
timeouts. Instead just do the software part of the abort process.
Unbreak suspend/resume with USB a device connected to xhci(4) as
reported by Fabian Raetz on bugs@.
|
|
|
|
overrunning status-right-length with long window titles. Allow for the extra
space so the last digit of the year isn't lost. ok nicm@
|
|
|
|
|
|
The half-backed logic to find a parent interface before configuring an
address on a carp(4) interface is responsible for too many layers of
complexity resulting in various breakages everytime something change in
the stack.
So make carp(4) a bit less special. It now requires a parent interface
like all the other pseudo-devices.
ok mikeb@, dlg@, florian@, henning@
|
|
|
|
to pad short frames.
|
|
ABI change, so roll the RPC protocol version; how about 57 for OpenBSD 5.7?
|
|
|