| Age | Commit message (Collapse) | Author |
|---|
|
|
|
This should prevent a panic that bluhm@ has reported.
|
|
report id to signal that multiple ones should be claimed by the match
routines does not work. All valid report ids 1-255 cannot of course be
used and 0 which is reserved by the USB HID specification is internally
used to represents devices lacking an explicit report id.
Therefore, use presence of the claimed array to signal that multiple
report ids can be claimed.
Tested by gnezdo@
|
|
report ids conflict, extract the claim multiple report ids conditional
in order to minimize the required upcoming changes to resolve the
conflict.
Tested by gnezdo@
|
|
From Jan Stary. OK deraadt@
|
|
array. This replaces the current solution that only prints one element for
a certain value and not all elements with tha same value.
This can be further optimized but printing is not really a hot path in btrace.
OK mpi@
|
|
|
|
|
|
|
|
modes and current editing position and at the command prompt. It is
invisible but this is helpful for people using screen readers. GitHub
issue 2970.
|
|
|
|
The code assumes that the server certificate has an RSA key and bases
the calculation of the size of the ephemeral DH key on this assumption.
So instead of checking whether we have any key by inspecting the dh
part of the union, let's check that we actually have an RSA key.
While here, make sure that its length is non-negative.
ok jsing
|
|
Annotate RELOC_DYN() on non-hppa as only used in lib/csu.
Delete some inconsistent comments, adjust whitespace, and reorder
mips64's archdep.h so that the ld.so/*/archdep.h files look
(almost) the same.
ok visa@ kettenis@
|
|
as self_reloc.c only handles the former.
ok deraadt@ kettenis@
|
|
with djm
|
|
calculate the next timeout based on the rebinding time (T2), not
renewal time (T1). At this point T1 already expired and we would wait
way too long, past the lease lifetime.
Spotted while investigating a problem reported by Zack Newman on misc@
|
|
instead of CHS values. Shorter, easier to follow.
No intentional functional change.
|
|
|
|
|
|
Rename _rc_wait to _rc_wait_for_start since only "start" uses this now (to
handle rc_bg daemons).
In any situation, none of these actions should be able to hang boot or shutdown.
We should now be able to manage most corner cases out there ("most" because it's
unreasonable to assume we can cope with all the non-default
rc_{start,stop,reload} crazyness).
Several tests have been made and no obvious regression has been found.
But that doesn't mean there isn't; if some behavior changed for the worst, talk
to me.
ok robert@ sthen@
|
|
|
|
|
|
ok djm
|
|
OK deraadt
|
|
split ld.so/boot.c in 2019:
* delete extraneous #includes
* delete jmprel handling on non-hppa
* delete RELOC_GOT() and DT_PROC bits on non-mips64
ok visa@
|
|
|
|
to make things easier.
back and forth and ok; djm
|
|
to iked. Encryption keys and nonces are generated by the handshake and don't
have to be supplied in the config.
|
|
As a side effect, this also tests various aspects of ASN1_STRING_new(3),
ASN1_STRING_set(3), ASN1_STRING_length_set(3), ASN1_STRING_get0_data(3),
ASN1_STRING_length(3), and ASN1_STRING_type(3).
|
|
In case of failure, it reported the failure
but corrupted the type of the destination string.
Instead, let's make sure that in case of failure,
existing objects remain in their original state.
OK tb@
|
|
X509_V_FLAG_NO_CHECK_TIME, X509_VERIFY_PARAM_set_time(3),
X509_VERIFY_PARAM_set_flags(3), and X509_VERIFY_PARAM_clear_flags(3)
in detail because the API design is both surprising and surprisingly
complicated in this respect, and the resulting nasty traps have
already caused bugs in the past.
|
|
With LibreSSL, they can only be used internally in the library itself,
and even with OpenSSL, no real-world application code uses them.
OK tb@
|
|
verification, accepting CRLs that ought to be rejected, if an unusual
combination of verification flags was specified.
If time verification was explicitly requested with
X509_V_FLAG_USE_CHECK_TIME, it was skipped on CRLs if
X509_V_FLAG_NO_CHECK_TIME was also set, even though the former is
documented to override the latter both in the OpenSSL and in the
LibreSSL X509_VERIFY_PARAM_set_flags(3) manual page.
The same bug in x509_check_cert_time() was already fixed by beck@
in rev. 1.57 on 2017/01/20.
This syncs the beginning of the function check_crl_time() with the
OpenSSL 1.1.1 branch, which is still under a free license.
OK beck@
This teaches that having too many flags and options is bad because they
breed bugs, and even more so if they are poorly designed to override
each other in surprising ways.
|
|
These days, 8.3 filenames are often a problem, filesystems containing
firmware with long names must not truncate them -- it's also a sane default
as portable file system between OSes, anyway.
Altough undocumented in mount_msdos(8), the default for FAT32 already is to
use long filenames: ever since its import from NetBSD in 1998.
Previously, mount_msdos would ignore long filenames and default to short
filenames unless a flag was used or long ones were found on the filesystem
prior to mounting it.
Just always mount with support for long filenames (unless `-s' is used).
As various install media use FAT filesystems, adjust the remaining ones to
also pass explicit mount option reflecting the previous default.
OK deraadt
|
|
Reduce duplicate code, use getnameinfo(3) for IPv4 as well and use
gai_strerror(3) in case of failure.
This was split out as part of the previous IPv6-LL fix.
|
|
RTM_PROPOSAL's list of IP addresses does not contain scope IDs by design.
This is not a problem as the proposal is always bound to an interface,
as long as we use it...
Fill in the scope ID for link-local IPs and replace inet_ntop(3) usage with
getnameinfo(3) in the IPv6 case such that it actually turns up in the string
representation.
Otherwise resolv.conf(5) ends up with "nameserver fe80::1" entries and
libc/asr won't be able to resolve without an interface.
|
|
Discussed with mestre
|
|
|
|
www/mozilla is a module, www/mozilla-firefox is an actual port.
OK sthen
|
|
ok kettenis@, anton@
|
|
|
|
This makes it possible to attach pipe, socket and kqueue event filters
without acquiring the kernel lock. Event filters behind vn_kqfilter()
are not MP-safe yet, so vn_kqfilter() has to take KERNEL_LOCK().
dmabuf_kqfilter() can skip locking because it has no side effects.
OK anton@, mpi@
|
|
This doesn't affect ld.so's self-reloc, which still requires DT_REL/DT_RELA
ok kettenis@
|
|
readelf to display them in a way compatible with llvm-readelf, including
the --raw-relr debugging option
ok kettenis@
|
|
ok kettenis@
|
|
and X509_V_FLAG_USE_CHECK_TIME.
While here, fix a typo and improve the wording
for X509_V_FLAG_NOTIFY_POLICY.
|
|
sigsuspend(2) only returns upon delivery of a signal: we do not expect
a wakeup(9). Indicate this by sleeping on &nowake instead of
&p->p_p->ps_sigacts. We still need to loop here to handle spurious
wakeups, though.
Spurious wakeup case pointed out by kettenis@.
ok claudio@
|
|
ok patrick@
|
|
interrupt handlers and process context.
ok patrick@
|
|
licence mere mortals can understand the terms of); will be connected to the
build on an arch-by-arch basis.
Testsuites and generated files have been intentionnaly omitted from this import.
Peer pressure and ok from at least drahn@ pirofti@ deraadt@
|
