| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Reported by bket & anton
|
|
If EVP_PKEY_new() returns NULL, it would be passed to the paramgen() pmeth
which would typically dereference it. This is identical to a recent change
in keygen().
ok jsing
|
|
can have more then one interface.
This only works if ther first egress interface is a ethernet interface
(P2P interfaces have no LLADDR) but that was already buggy before this.
OK bluhm@ martijn@
|
|
Somehow I did not amend those right away when adding local _disk in r1.43
|
|
CID 492603
|
|
Lets us store longer file names, link names, finer grained timestamps,
larger archive member files, etc; at the expense of larger uncompressed
archives and less widespread support across the ecosystem. If you're
unhappy with the new defaults, you can use -F ustar. Or you can help
fix bugs / find a better middle ground.
Prodding from various including job@ and deraadt@
ok sthen@ caspar@ millert@
|
|
512 bytes isn't enough if you want to store rather large but still
useful long file names or symbolic links destinations. The best way to
size the buffer to read those records is based upon the largest paths
pax(1) can handle, and that is PAXPATHLEN.
Reported by caspar@, input and ok millert@
|
|
|
|
|
|
We want to move towards 'pax' as the default format for writing, this
option lets users downgrade to -F ustar where the 'pax' format isn't
convenient/usable (same as -x <format> in pax(1)).
-F <format> is more generic than -o/-O. -H (GNU tar) was already used
and we don't want long options so --format (NetBSD/FreeBSD) is excluded
too.
ok sthen@ caspar@ millert@
|
|
We expect that existing pax archives start with a global or extended
header. If they don't, append operations will be done using ustar
format.
Fixes append mode on pax archives where pax(1) would bail out when
appending to pax archives, falsely detecting a mismatch. Reading was
unaffected. Reported by caspar@, ok caspar@ millert@
|
|
In the ClientHello retrying the handshake after a HelloRetryRequest, the
client must send a single key share matching the group selected by the
server in the HRR. This is not necessarily the mutually preferred group.
Incorrect logic added in ssl_tlsect.c r1.134 would potentially reject
such a key share because of that.
Instead, add logic to ensure on the server side that there is a single
share matching the group we selected in the HRR.
Fixes a regress test in p5-IO-Socket-SSL where server is configured
with P-521:P-384 and the client with P-256:P-384:P-521. Since the
client sends an initial P-256 key share, a HRR is triggered which
the faulty logic rejected because it was not the mutually preferred
P-384 but rather matching the server-selected P-521.
This will need some deduplication in subsequent commits. We may also
want to consider honoring the mutual preference and request a key
accordingly in the HRR.
reported by bluhm, fix suggested by jsing
ok beck jsing
|
|
This fixes a problem in passing, reported by matthieu@ where httpd
would return 500 Internal Server Error when it could stat(2) but not
open(2) a file. The correct error code is 403.
testing matthieu
ok tobhe, tl;dr ok stsp
input & OK deraadt
|
|
improvements:
- Fix latin small letter 'u' smoothing in the 32x64 version
|
|
While here use (variable & FLAG) or !(variable & FLAG) consistently in
in6_update_ifa().
Discussed with claudio
OK denis
|
|
This results in simpler code.
Suggested by tb@ during review.
|
|
ok tb@
|
|
This will be used in an upcoming change.
ok tb@
|
|
Also change the bits type from int to size_t, since that's what the callers
are passing and we can avoid unnecessary input validation.
ok tb@
|
|
Instaed of passing a struct rtentry from ip_input() to ip_forward()
and then embed it into a struct route for ip_output(), start with
struct route and pass it along. Then the route cache is used
consistently. Also the route cache hit and missed counters should
reflect reality after this commit.
There is a small difference in the code. in_ouraddr() checks for
NULL and not rtisvalid(). Previous discussion showed that the route
RTF_UP flag should only be considered for multipath routing.
Otherwise it does not mean anything. Especially the local and
broadcast check in in_ouraddr() should not be affected by interface
link status.
When doing cache lookups, route must be valid, but after rtalloc_mpath()
lookup, use any route that route_mpath() returns.
OK claudio@
|
|
Get rip6_input() in the same shape as rip_input(). Call
soisdisconnected() from rip6_disconnect(). This means that the raw
IP socket cannot be reconnected later. Now raw IPv6 behaves like
IPv4 in this regard, KAME code is quite inconsistent here. Also
make sure that there is no race between disconnect, input and wakeup.
The inpcb fileds inp_icmp6filt and inp_cksum6 are protected by
exclusive net lock in icmp6_ctloutput(). With all that, mark raw
IPv6 sockets to handle input in parallel.
OK mvs@
|
|
|
|
bufq_init(). Similar issue as the use-after-free in mfs.
Missing call noticed by jsg@
OK deraadt@ mpi@
|
|
This fixes a use-after-free bug in bufq_quiesce() once a mfs partition
was unmounted.
OK mpi@ deraadt@
|
|
Under memory pressure allocating an amap chunk can fail. In such case it
is not possible to call amap_wipeout() because the newly allocated amap
isn't yet on the global list.
Issue reported by bluhm@, ok jsg@
|
|
|
|
|
|
These sockets are not connection oriented, they don't call pru_rcvd(),
but they have splicing ability and they set `so_error'.
Splicing ability is the most problem. However, we can hold `sb_mtx'
around `ssp_socket' modifications together with solock(). So the
`sb_mtx' is pretty enough to isspiced() check in soreceive(). The
unlocked `so_sp' dereference is fine, because we set it only once for
the whole socket life-time and we do this before `ssp_socket'
assignment.
We also need to take sblock() before splice sockets, so the sosplice()
and soreceive() are both serialized. Since `sb_mtx' required to unsplice
sockets too, it also serializes somove() with soreceive() regardless on
somove() caller.
The sosplice() was reworked to accept standalone sblock() for udp(4)
sockets.
soreceive() performs unlocked `so_error' check and modification.
Previously, we have no ability to predict which concurrent soreceive()
or sosend() thread will fail and clean `so_error'. With this unlocked
access we could have sosend() and soreceive() threads which fails
together.
`so_error' stored to local `error2' variable because `so_error' could be
overwritten by concurrent sosend() thread.
Tested and ok bluhm
|
|
OK mvs@
|
|
ramdisk versions will keep using ustar for writing.
ok millert@
|
|
|
|
ok sthen@
|
|
|
|
|
|
|
|
|
|
ok jsing
|
|
|
|
ok jsing
|
|
ok jsing
|
|
It's always good to see something called internal in the public API.
ok jsing
|
|
ok jsing
|
|
To be used in httpd(8) shortly to prevent toctu issues.
This makes __fdopendir internally accessible to avoid unnecessary
syscalls in scandirat(3). Suggested & diff by guenther
suggested by & OK millert
tweak & OK guenther
OK tb, jca
This rides the libc crank.
|
|
ok jsing
|
|
We only need the ASN.1 items.
ok jsing
|
|
ok jsing
|
|
ok jsing
|
|
ok jsing
|
|
ok jsing
|
