| Age | Commit message (Collapse) | Author |
|---|
|
Its is fully covered by bn_mod_exp_zero now.
|
|
This exercises the same corner cases as bn_mod_exp and a few more.
With input from jsing
|
|
ok tb@
|
|
|
|
|
|
|
|
Only print the sourceaddrs if no argument was passed. If arguemnts
are set make sure that either and address is present or that an ifp
was given. This make the command behave a more like other route commands.
OK deraadt@
|
|
the rtr_aspa struct so access them directly from the buf using offset
as the address of the first element.
OK tb@
|
|
warning appeared in dmesg on renoir:
[drm] psp gfx command LOAD_TA(0x1) failed and response status is (0x7)
[drm] psp gfx command INVOKE_CMD(0x3) failed and response status is (0x4)
psp_securedisplay_parse_resp_status *ERROR* Secure display: Generic Failure.
psp_securedisplay_initialize *ERROR* SECUREDISPLAY: query securedisplay TA failed. ret 0x0
This is likely related to not implementing all the HDCP paths.
Return early in psp_securedisplay_initialize() to avoid this.
I suspect the newer renoir firmware adds a TA_FW_TYPE_PSP_SECUREDISPLAY
component the older one didn't have.
reported by jmc@
|
|
ok dlg@
|
|
stops if there is a permanent error. Add EACCES generated by pf
to the list of transient errors. This restores pre-6.5 behavior
and continues logging after pf.conf has been fixed.
OK millert@ deraadt@ mvs@
|
|
|
|
|
|
manpage
with and OK tb@
|
|
|
|
|
|
This is essentially the original text with a few tweaks and fixes by me,
removing parts inapplicable to LibreSSL. There are dangling references to
EVP_CIPHER_CTX_copy(3) and EVP_CIPHER_CTX_get_cipher_data(3). This all
isn't great, but it's better than nothing. Probably good enough for these
rarely used functions.
|
|
OK tb@
|
|
|
|
|
|
|
|
based on an initial diff by jsg@
brokenness pointed out by kn@
ok jsg@
|
|
- remove "-inet|-inet6" as it is not generally meaningful
- remove the qualifier "if set": sourceaddr now works nicely in cases
where no "address is given
|
|
Originally from djm@. OK deraadt@ florian@ bluhm@
|
|
triggered by a bug report by 'kodcode', thanks.
wording adjusted by jmc@, ok phessler@
|
|
|
|
|
|
|
|
in the S/Key database. If the system hostname is longer than 126
characters this could result in NUL bytes being written past the
end of a stack buffer. There is no impact on systems with a hostname
126 characters or less. Found by Qualys. OK deraadt@
|
|
dependencies between ACPI devices.
ok dlg@, deraadt@
|
|
no objection tb@
|
|
addrs are fetched from the kernel. This needs more cleanup.
|
|
Print 'default' if no sourceaddr is set and the default algorithm is used.
With and OK kn@ deraadt@
|
|
From Guilherme G. Piccoli in amd-staging-drm-next
https://gitlab.freedesktop.org/drm/amd/-/issues/2385
This fixes amdgpu failing to init on Steam Deck after the drm 6.1 update:
[drm] failed to load ucode VCN0_RAM(0x3A) [drm] psp gfx command LOAD_IP_FW(0x6)
failed and response status is (0xFFFF0000)
[drm] *ERROR* ring vcn_dec_0 test failed (-60)
[drm] *ERROR* hw_init of IP block <vcn_v3_0> failed -60
drm:pid0:amdgpu_device_init *ERROR* amdgpu_device_ip_init failed
drm:pid0:amdgpu_attachhook *ERROR* Fatal error during GPU init
reported and tested by bentley@ on:
bios0: vendor Valve version "F7A0113" date 11/04/2022
bios0: Valve Jupiter
|
|
|
|
|
|
actually been expansion. GitHub issue 3493.
|
|
This is required behavior of the EVP_DigestSign() API, but seemingly
almost nothing uses this. Well, turns out ldns does.
Reported by Stephane. Helpful comments by sthen.
ok jsing
|
|
There's some method to this madness.
ok jsing
|
|
pull the setting of the ex_arg up, so we can do error
checking.
ok jsing
|
|
ok jsing
|
|
At least SMIME_text() relies on this. Pushing an error on the stack trips
PKCS7 regress in py-cryptography, so indicate nothing was written instead
of throwing an error.
Reported by Alex Gaynor a while back
ok jsing
|
|
A negative input to BN_mod_exp_mont_consttime() is not correctly reduced,
remaining negative (when it should be in the range [0, m)). Fix this by
unconditionally calling BN_nnmod() on the input.
Fixes ossfuzz #55997.
ok tb@
|
|
This currently fails.
|
|
|
|
|
|
"ifconfig bwfm0 [-]nwkey ..." does not work and thus the installer no longer
offers WEP, so unmention support while leaving the recommendation against it.
|
|
ok djm@
|
|
callers seem to do that, but it's worth checking. From Coverity CID
291834, ok djm@
|
|
Per RFC 6487, 4.8.7, self-signed certificates must not have an Authority
Info Access extension. In normal operation this is ensured by ta_parse()
and cert_parse(), respectively. In filemode, only partial checks are
performed, so this is not guaranteed.
Issue flagged by and ok job
|
