| Age | Commit message (Collapse) | Author |
|---|
|
this fixes a bug in bacula where the catalog was not properly kept
up-to-date if a tape was in a drive becuse its source slot was
unknown
based on code from FreeBSD; ok krw@
picker 0: sense: <0x00/0x00> voltag: <:0> avoltag: <:0> source: <>
slot 0: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1168L1:0> avoltag: <:0> source: <slot 0>
slot 1: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1187L1:0> avoltag: <:0> source: <slot 1>
slot 2: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1184L1:0> avoltag: <:0> source: <slot 2>
slot 3: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1195L1:0> avoltag: <:0> source: <slot 3>
slot 4: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1037L1:0> avoltag: <:0> source: <slot 4>
slot 5: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1038L1:0> avoltag: <:0> source: <slot 5>
slot 6: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1166L1:0> avoltag: <:0> source: <slot 6>
slot 7: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1167L1:0> avoltag: <:0> source: <slot 7>
slot 8: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1180L1:0> avoltag: <:0> source: <slot 8>
slot 9: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1186L1:0> avoltag: <:0> source: <slot 9>
slot 10: <ACCESS> sense: <0x00/0x00> voltag: <:0> avoltag: <:0> source: <picker 0>
slot 11: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1182L1:0> avoltag: <:0> source: <slot 11>
slot 12: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1181L1:0> avoltag: <:0> source: <slot 12>
slot 13: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1196L1:0> avoltag: <:0> source: <slot 13>
slot 14: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1169L1:0> avoltag: <:0> source: <slot 14>
slot 15: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1197L1:0> avoltag: <:0> source: <slot 15>
slot 16: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1165L1:0> avoltag: <:0> source: <slot 16>
slot 17: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1199L1:0> avoltag: <:0> source: <slot 17>
slot 18: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1189L1:0> avoltag: <:0> source: <slot 18>
slot 19: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1185L1:0> avoltag: <:0> source: <slot 19>
slot 20: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1198L1:0> avoltag: <:0> source: <slot 20>
slot 21: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1039L1:0> avoltag: <:0> source: <slot 21>
slot 22: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1035L1:0> avoltag: <:0> source: <slot 22>
slot 23: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1188L1:0> avoltag: <:0> source: <slot 23>
drive 0: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1183L1:0> avoltag: <:0> source: <slot 10>
|
|
location as the product of the corresponding Report Count and Report
Size can be greater than one.
Fixes Richard Toohey's <richardjtoohey at gmail dot com> Dell keyboard.
|
|
only happen if ucc_hid_parse() has a bug, better play it safe.
|
|
at the very least it stops the compiler omgoptimising away important
code.
tested by and ok deraadt@ jmatthew@
|
|
abieber@ reports it fails to boot on pinebook-pro-rk3399
|
|
from djm@. Make the reason for when the test is skipped a bit clearer.
|
|
non-hex digit in the last character.
Inspired by code in uuid_parse() from Ted Ts'o.
ok millert@
|
|
|
|
OK claudio@
|
|
The info and msg callbacks result in duplication - both for code that
refers to the function pointers and for the call sites. Avoid this by
providing typedefs for the function pointers and pulling the calling
sequences into their own functions.
ok inoguchi@ tb@
|
|
Don't reserve^Wignore them for unwind(8); there are non-unwind use-cases
and so far resolvd(8) always seems to do the right thing when proposing
localhost while unwind is running.
OK benno
|
|
ok inoguchi@ tb@
|
|
There is little to gain by mallocing and freeing the AEAD nonce for each
record - move to an AEAD nonce allocated for the record layer, which
matches what we do for TLSv1.3.
ok inoguchi@ tb@
|
|
Count the total number of proposals and not five per address family each.
Don't print ignored addresses by default anymore and leave that to `-v'.
OK benno
|
|
compare the data structures with the Linux code which unfortunately is
the only documentation we have for the pin numbers used by ACPI.
While there make the data structures const.
ok jcs@
|
|
in particular, this includes new text by Matt Caswell
from OpenSSL commit 721eb8f6 Nov 28 12:03:00 2019 +0000
and corrects a wrong argument type that i introduced into the SYNOPSIS;
requested by tb@
|
|
|
|
|
|
|
|
|
|
Instead of using s_client and s_server and complicated shell scripts,
we can reuse the framework from the ssl_get_shared_cipher() regress
test and inspect the verify return value directly.
Discussed with beck jan jsing
|
|
ok ingo
|
|
In amap_copy() make the new amap share the source amap's lock right in
the begining and only allocate a new one if no anon have been referenced.
Issue reported by Thomas L. <tom.longshine at web dot de> on bugs@.
ok tb@
|
|
Add debugging output for ipv6 routes. Make localhost and multicast
code aware of the print only switch. Allow netstart -n to work
also if no interface is given.
OK kn@
|
|
If a servername callback returns SSL_TLSEXT_ERR_ALERT_WARNING, this
results in a fatal error in TLSv1.3 since alert levels are implicit
in the alert type and neither close_notify nor user_canceled make
sense in this context. OpenSSL chose to ignore this, so we need to
follow suit.
Found via a broken servername callback in p5-IO-Socket-SSL which
returns a Boolean instead of SSL_TLSEXT_ERR_*. This happened to
have worked before TLSv1.3 since warning alerts are often ignored.
This "fixes" sni.t and sni-verify.t in p5-IO-Socket-SSL.
ok beck jsing
|
|
Thanks to Ben Maddison for helping create a test case
OK claudio@
|
|
OK benno
|
|
ok mpi@
|
|
OK deraadt@
|
|
suggested from tb@
|
|
ok tb@
|
|
Based on a diff from and ok dv@
|
|
ecosystem experienced a very good cleanup. Time has arrived to switch (as
planned) to syslog + abort, which will result in a coredump thus identifying
the remaining culprits in a more visible fashion.
vfprintf(3) and vfwprintf(3) man pages still require documentation changes.
with jca
|
|
Found in resolvd(8) which uses the same code.
|
|
|
|
tracts of unused memory, and the empty-space RLE scanner (uvm_page_rle)
would rescan for empty space needlessly wasting excessive cpu time
16G machine, 100sec -> 9sec
40G machine, 325sec -> 28sec
with kettenis mlarkin
|
|
unveil(NULL, NULL); if (fork() == 0) unveil("/", "rwx")
fails with EPERM.
|
|
our verifier to return 21 results in other regress failures in
ruby and perl.
|
|
parent just called unveil(NULL, NULL) and nothing else.
With and OK beck@
|
|
find leaf cert issuers. This breaks perl and ruby regress, as noticed
by tb that "we tried this before".
Jan's regress that cares about 21 vs 20 needs to change
ok tb@
|
|
back in 2019.
ok mpi@
|
|
|
|
|
|
then fix the only thing it still has complaints about which
is that we don't return the leaf version of the error code
when we can't verify the leaf (as opposed to the rest of the chain)
ok jan@ tb@
|
|
|
|
by default. It is feasible to create colliding SHA1 hashes, so we
need to deprecate its use.
RSA/SHA-256/512 remains available and will be transparently selected
instead of RSA/SHA1 for most SSH servers released in the last five+
years. There is no need to regenerate RSA keys.
The use of RSA/SHA1 can be re-enabled by adding "ssh-rsa" to the
PubkeyAcceptedAlgorithms directives on the client and server.
ok dtucker deraadt
|
|
|
|
Suggested by jca@ that kettenis@ looks at it first.
|
|
|
|
Tested by doing a full system build locally. Will work with brad@ for
upstream-ing.
OK patrick & mortimer
|
