| Age | Commit message (Collapse) | Author |
|---|
|
|
|
host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer
better performance than plain DH and DSA at the same equivalent symmetric
key length, as well as much shorter keys.
Only the mandatory sections of RFC5656 are implemented, specifically the
three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and
ECDSA. Point compression (optional in RFC5656 is NOT implemented).
Certificate host and user keys using the new ECDSA key types are supported.
Note that this code has not been tested for interoperability and may be
subject to change.
feedback and ok markus@
|
|
|
|
string extracted from the buffer contains no embedded \0 characters*
This prevents random (possibly malicious) crap from being appended to
strings where it would not be noticed if the string is used with
a string(3) function.
Use the new API in a few sensitive places.
* actually, we allow a single one at the end of the string for now because
we don't know how many deployed implementations get this wrong, but don't
count on this to remain indefinitely.
|
|
|
|
It is OK to return 0 in that case, but it is not OK to print a
diagnostic.
|
|
config_activate_children
|
|
|
|
We call the activate functions at splhigh; unfortunately we cannot suspend a
zaurus at splhigh because on resume the clock is hosed. We accept this bug
for now... perhaps someone can find it?
(The powerhooks remain in place in the drivers, and will be roto-tilled once
we all the other powerhook-using architectures have switched over)
testing by myself and jakemsr; proof reading by oga
|
|
Of note: lcd stubs get pulled up to the parent; zts has to keep track of
whether it is in use or not
testing by myself and jakemsr; proof reading by oga
|
|
vs activate. It compiles.
|
|
functions
ok kettenis
|
|
|
|
|
|
model so that DVACT_SUSPEND methods call sub-drivers with DVACT_SUSPEND
not DVACT_DEACTIVATE, and such. This creates a whole bunch of fallout,
which needs fixing.
wdc(4), ne(4), and wi(4) have been fully tested and actually work better
than they ever have before (no more wdc timeouts on resume!)
malo(4) has some other nasty bug which has not yet been spotted which
causes crazy panics.
The other drivers are more rare and will be fixed if people show up
with hardware; for now at least they have been adapted to the new model.
ok kettenis
|
|
|
|
|
|
where disks can be on alldevs, however they are not yet initialised and
have not yet called disk_attach() (in particular this means that dk_label
is a null pointer). Also, if we sleep restart the scan from the top of
the disklist in case things have changed whilst we slept.
ok marco@
|
|
here also expose disklist for future use.
ok deraadt@ miod@
|
|
summary database.
Fixed in NetBSD, and pointed out on ICB by deraadt@.
|
|
- remove HAG; ypenburg airport hasn't been a civil airport since '55.
and the airbase been abandoned since '92.
|
|
eval craziness in install_url().
ok krw@
|
|
|
|
was not being done for poll and select, so after fork they would remain
using the same socketpair for signal notification, leading to a race
between the two processes to read from it and hangs.
Problem originally reported by kili@.
ok gilles
|
|
ok and suggestion from jmc@ ok tobias@
|
|
cmd->opcode through the type casted command pointer rather than
through xs->cmd->opcode.
Requested by deraadt@; ok krw@.
|
|
|
|
back from the chip on a command then the command completely failed.
MFI_STAT_SCSI_DONE_WITH_ERROR really means the command completed
fine, but there's some sense data too. this tweaks the handling to
be more appropriate, as per the linux and solaris drivers.
timed out waiting for beck@
putting this in cos its obviously more correct than the current code.
|
|
|
|
config_activate_children (same change made to wdc.c and wdcvar.h)
ok kettenis
|
|
ok miod@
|
|
|
|
|
|
them from the powerhook. Fix a few quibbles about the things done for
the IFF_RUNNING and IFF_UP cases
ok kettenis
|
|
|
|
which reports Fn as a regular key.
|
|
ok miod@
|
|
ok jsg@ krw@
|
|
architectures, just like what is done for global ones. This isn't
just an optiization. There is a long tradition of building packets in
arrays of chars on the stack by using casts to types that require
stricter alignment. Ignore the language lawyers say it isn't
explicitly allowed by the C standard. Historically many (all?) C
compilers have handled that just fine, so it is stupid to break this.
Thanks to mikeb@ for finding the GCC bug report against upstream GCC
4.2.1. This fixes hppa/hppa64 and sparc/sparc64 as discuessed with
miod@ (upstream only fixed sparc/sparc64). Other strict alignment
architectures will need similar fixes.
ok deraadt@, mikeb@, miod@
|
|
OK: claudio@, bob@, sthen@, thib@
|
|
how did noone notice for so long? tsk, tsk, tsk. of course, I broke it.
tested by jakemsr
|
|
|
|
|
|
|
|
from Tim van der Molen
ok miod
|
|
ok miod@; "please go ahead" jsing@
|
|
here already for the activate/powerhook cleanup
|
|
activate function
ok kettenis
|
|
|
|
Zavisa Nikac (firstname dot lastname at inet dot hr)
|
