| Age | Commit message (Collapse) | Author |
|---|
|
From Nirmoy Das
f175665385fe9fdd996080806aa67e666475d3d8 in linux-6.1.y/6.1.59
128c20eda73bd3e78505c574fb17adb46195c98b in mainline linux
|
|
|
|
|
|
Now that syslogd handles delayed DNS lookups, also count dropped
packets to UDP loghosts. Although not every outgoing UDP packet
dropped along the path can be detected, the message makes the admin
aware that there is a local blind spot during startup.
Improve debug and log messages, especially if UDP logging is shut
down permanently. Also do not print 'last message repeated' if the
message was dropped.
OK deraadt@
|
|
This matches what other pages use. Also rewrite the definition of the
modular inverse to be less ugly.
|
|
|
|
Reducing the risk tests conflicting with each other.
ok bluhm@
|
|
|
|
ECDSA signatures are much smaller than RSA signatures while offering
similar security. Adding support for P-256 now allows CA developers
to test their implementations, and paving the way for signers in the
production environment in the future to take advantage of ECDSA.
OK tb@
|
|
Tested on amd64 and sparc64.
Also tested by bluhm@.
ok bluhm@
|
|
|
|
is still better to check for error.
OK tb@
|
|
More yak shaving required which will follow.
OK tb@
|
|
If they ever had any meaning, that's long been lost.
Requested by jsing
|
|
|
|
This is basically the same fix as the one applied in BN_mod_exp_simple().
|
|
Reported and reminded by Guido Vranken in OpenSSL issue #21110
ok jsing
|
|
These are expected failures for BN_mod_exp_simple() and the internal
BN_mod_exp_recp(), which will be fixed shortly.
|
|
OK tb@
|
|
The font is 2-Clause BSD licensed and is my original creation.
OK miod@
|
|
This section about ports/packages really wants a revamp, though...
|
|
Extend the yes/no question to no/passphrase/keydisk and have users pick an
existing, preformated RAID partition; no support (yet) for creating one.
OK tb afresh1
|
|
read-only instead. This means that writing to the filesystem will fail.
As a consequence chmod'ing of files in the bootloader will fail, but that
will fix itself on the next clean boot.
ok kn@
|
|
server has terminated before examining the outcome.
|
|
|
|
This function was the unfortunate protagonist in a series of tragic merge
errors resulting in only a short stint of a year and nine months between
OpenSSL 0.9.8j and 1.0.0a actually present in OpenBSD. Then it said good
bye for good, but somehow a prototype came back with 1.0.1g, a famous
version released when there were slightly more pressing things to be
taken care of than a function supporting a config knob whose only purpose
was to turn off fips mode or to error.
from schwarze
PS: The mechanism that it was supposed to provide is still documented in
openssl.cnf(5). I am going remove the relevant bit at some point, but not
today.
|
|
pages that Alejandro Colomar recommends in the "Lists" subsection of
https://man7.org/linux/man-pages/man7/man-pages.7.html#STYLE_GUIDE .
For example, this will improve HTML formatting of the first list in
the subsection "Feature test macros understood by glibc" on the page
https://manpages.debian.org/bookworm/manpages/ftm.7.en.html .
Issue reported by Alejandro Colomar <alx at kernel dot org>.
|
|
and the purpose and limitations of the embedded stylesheet.
Triggered by a conversation with Alejandro Colomar <alx at kernel dot org>.
|
|
Found with hints from kettenis@
Tested on Sun-Fire-V215.
Also tested on U2 and UltraBook IIe by miod@
ok miod@
|
|
|
|
|
|
before.
Noted by Marko Cupac, thanks.
|
|
Contrary to X509_ALGOR_set_md() this allows for error checking. Avoid
local complications by freeing in the exit path and use a const version
of X509_ALGOR for walking a STACK_OF() to avoid a bad free.
Clean up includes
ok jsing
|
|
Our internal version allows for error checking and this avoids a silent
failure leading to corruption later on.
Clean up includes while there.
ok jsing
|
|
|
|
While alphabetic order makes sense, having inherit between individual
AS and IP entries and ranges makes little sense. Use the order that we
have elsewhere.
ok claudio job
|
|
Avoid conditional early returns and significantly simplify the printing
of ip addresses/ranges by using the new ip_warn(). This also eliminates
an extremely weird usage of the comma operator and reduces noise levels
quite a bit.
ok claudio job
|
|
Avoid early returns and use a single copy of the warning by reworking
the control flow through two nested switches.
ok claudio job
|
|
"Sure." miod@
|
|
|
|
From Mario Limonciello
d2894c4f473ab71cd68ef0f9b086148bb2c02132 in linux-6.1.y/6.1.57
2a1fe39a5be785e962e387146aed34fa9a829f3f in mainline linux
|
|
From Mario Limonciello
c8bd3e12b3291e632ae189619169914743ba77d1 in linux-6.1.y/6.1.57
134b8c5d8674e7cde380f82e9aedfd46dcdd16f7 in mainline linux
|
|
With the update to ncurses 6.4-20230826 /etc/termcap now needs at
least a 36 deep search. Instead, we'll just bump to 64. It seems
32 has been enough since perl 5.001 in 1995, so hopefully this buys
us at least another 28 years.
"please commit that" deraadt@
|
|
From Wayne Lin
71472872932b11ca2591104eb73255fecaae9d33 in linux-6.1.y/6.1.57
ec5fa9fcdeca69edf7dab5ca3b2e0ceb1c08fe9a in mainline linux
|
|
|
|
Also reorder the RTF_HOST vs netmask check. RTF_HOST wins if both are set.
Makes the code a bit neater.
OK tb@
|
|
OK tb@
|
|
|
|
|
|
which allows ncurses to validate the capabilities correctly.
|
