| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Phoenix 2 parts include both Zen4 and Zen4c cores
used by Ryzen Z1, Ryzen 5 7545U, Ryzen 3 7440U with cpuid 19-78-00
|
|
ober_scanf_elements(). This allows us to move down and back up multiple
levels in with nested sequences and sets.
While here, on failure, make sure we free (and unlink if needed) all
elements we created.
OK claudio@, tb@
|
|
Turn [-U username] into [-U user] to match top(1)/pgrep(1)/fstat(1) -U/-u
taking both "root" and "0".
Feedback OK millert
|
|
from markus@
|
|
flakiness.
|
|
OK kn@ jmc@
|
|
Since cheloha@ has implemented timeout processes that do not grab
the kernel lock, start using TIMEOUT_MPSAFE for arptimer().
OK kn@ mvs@
|
|
|
|
This is a straightforward conversion because I'm not going to start a
cleanup here. Explain why this is not using X509_ALGOR_set_md(). See
below.
ok jca
Let me include a beautiful note from RFC 5754 in its entirety:
NOTE: There are two possible encodings for the AlgorithmIdentifier
parameters field associated with these object identifiers. The two
alternatives arise from the loss of the OPTIONAL associated with the
algorithm identifier parameters when the 1988 syntax for
AlgorithmIdentifier was translated into the 1997 syntax. Later, the
OPTIONAL was recovered via a defect report, but by then many people
thought that algorithm parameters were mandatory. Because of this
history, some implementations encode parameters as a NULL element
while others omit them entirely. The correct encoding is to omit the
parameters field; however, when some uses of these algorithms were
defined, it was done using the NULL parameters rather than absent
parameters. For example, PKCS#1 [RFC3447] requires that the padding
used for RSA signatures (EMSA-PKCS1-v1_5) MUST use SHA2
AlgorithmIdentifiers with NULL parameters (to clarify, the
requirement "MUST generate SHA2 AlgorithmIdentifiers with absent
parameters" in the previous paragraph does not apply to this
padding).
|
|
Drop "wpath cpath fattr dpath" in read-only:
- cpio -i -t < test.tar
- pax < test.tar
- tar -t -f test.tar
Drop "cpath fattr dpath" in read-write:
- echo foo | cpio -o -A -H ustar -O test.tar
- tar -r -f test.tar foo
- pax -w -a -f test.tar foo
Other modes remain unchanged and thus can create or modify files.
Feedback OK millert
|
|
pflogd uses blocking bpf reads, but installs a bunch of signal
handlers to handle cleanly closing and (re)opening the log file.
signal() by default sets the handlers up so they're restartable.
this has the effect that when pflogd receives a signal while waiting
in bpfread, the signal handler runs and sets a flag saying the file
should be rotated or closed or whatever, but then the kernel restarts
the read.
when pflogd used a bpf read timeout, pflogd would run it's "event"
loop every time the read timeout expired. this meant even though
the bpf read was restarted, by having the read timeout expire every
500ms the flag the signal handlers set would be processed in a
relatively short period of time.
after moving bpf to a wait timeout, pflogd basically has to wait
for a packet to be captured before the bpf read will return. if
you're trying to kill pflogd on an idle firewall then you're basically
stuck.
making the signal handlers not restartable allows bpfread to fail
with EINTR so pflogd can go around it's even loop and exit as
expected.
reported by Mikhail on bugs@
ok claudio@
pflogd needs a rewrite though.
|
|
ftp(1) has "proc exec" to run sh(1) on interactive ! commands and filenames
starting with "|"; this is orthogonal to continuing transfers using the
existing file size as offsets.
There seems to be no case where a) the argument is an URL, i.e. we pledge,
and b) a shell is spawned somehow, so avoid these promises when resuming.
bsd.port.mk(5) FETCH_CMD uses -C by default.
OK millert
|
|
[-p pid] requires knowing the PIDs beforehand, sieving through big
dumps by argv[0] strings is more ergonomic.
OK deraadt
|
|
All combos of no/CRYPTO softraid, old/new ofwboot, old/new kernel do boot.
OK stsp
|
|
this will allow bio(4) to be used with other (non raid) related
devices.
ok krw@ kn@
|
|
|
|
|
|
The vmctl `start` command allows the user to pass an optional
"kernel" file (either a ramdisk kernel or a SeaBIOS image). This
file is opened by vmctl and the descriptor passed via imsg.
If the file provided isn't a regular file, the attempt to send the
start message to vmd(8)'s control socket will fail and results in
a the vmctl process aborting.
Check the file type after open and fail gracefully if not a regular
file.
reported by and ok gnezdo@
|
|
ok jca
|
|
ok jca
|
|
|
|
members of passed timeout structure, this delayed initialization
provides nothing but makes code weird.
ok kn
|
|
Replace X509_ALGOR_set0() with X509_ALGOR_set0_by_nid(). This way there
is no missing error checking for OBJ_nid2obj() and no nested functions.
Slightly more importantly, this plugs two long standing potential leaks
in this function (or previously rsa_cms_encrypt()) due to missing error
checking: in the unlikely event that X509_ALGOR_set0() failed, astr/ostr
would leak.
ok jsing
|
|
ok jsing
|
|
From Felix Kuehling
ff86d69b2e5004ec256a9301990acdaa282a777c in linux-6.1.y/6.1.62
316baf09d355aec1179981b6dfe28eba50c5ee5b in mainline linux
|
|
From Luben Tuikov
9f9b2ec53aca630783493a2ccc3bab0794052133 in linux-6.1.y/6.1.62
fa8391ad68c16716e2c06ada397e99ceed2fb647 in mainline linux
|
|
From Luben Tuikov
cafa191b27dd3c6199529f36a6dfddb707c240c0 in linux-6.1.y/6.1.62
eab0261967aeab528db4d0a51806df8209aec179 in mainline linux
|
|
From Karolina Stolarek
6a87b333ba4784ba23c1e74693f5c1b0268ac137 in linux-6.1.y/6.1.62
3b401e30c249849d803de6c332dad2a595a58658 in mainline linux
|
|
if we're authenticating according to RFC3414 section 2.3.
OK tb@
|
|
mps_getstr(), which after moving the SNMPv2-SMI::snmpV2 into
application_internal returned a noSuchObject. This doesn't seem to have
broken any tools that I'm aware of, but this returns the correct result.
OK tb@
|
|
and gives us a free report-pdu log line in debug mode.
OK tb@
|
|
Now that we have avi_origid it's not needed anymore and aru_pdu needs
to go.
OK tb@
|
|
snmp_message and getting rid of it is also needed for appl_report() to
gather its own information.
OK tb@
|
|
after just setting it, it's a silly idea.
OK tb@
|
|
via application_internal.
OK tb@
|
|
OK tb@
|
|
Test and assign one more instance replace a useless comment by an empty
line.
|
|
Rework the hack to avoid a use-after-free in the fastcgi code.
Since server_fcgi() can be called by server_read_httpcontent() we
can't set clt_fcgi_error to NULL. Instead, we implement a simple
reference count to track when a fastcgi session is in progress to
avoid closing the http session prematurely on fastcgi error.
Based on a diff from and OK by tb@. Reported by Ben Kallus.
|
|
In rsa_alg_set_oaep_padding() rename los to ostr for consistency with
astr, make it have function scope, free ostr in the error path and assume
X509_ALGOR_set0() success.
ok jca
|
|
OK deraadt@
|
|
|
|
|
|
|
|
Rename rv into ret and split it on its own line, move labellen a bit down
add some empty lines. To match style elsewhere.
Most of this was requested by jsing
|
|
This matches what is done for PKCS#1 1.5 and PSS. This function needs a
lot of work still, but it's easier to do that without having to tiptoe
around a lot of other garbage.
ok jsing
|
|
Use timespecisvalid(3) to check both bounds for tv_nsec.
Link: https://marc.info/?l=openbsd-tech&m=169913314230496&w=2
ok miod@
|
|
Problem reported and much testing by Christian Kujau. Thanks!
Roughly equivalent to bouyer@NetBSD changes prompted by
Christian.
ok mlarkin@ dlg@
|
|
|
|
OK espie@
|
