| Age | Commit message (Collapse) | Author |
|---|
|
ok bcook inoguchi jsing
|
|
ok bcook inoguchi jsing
|
|
ok bcook inoguchi jsing
|
|
ok bcook inoguchi jsing
|
|
ok bcook inoguchi jsing
|
|
identified more easily.
OK deraadt@
|
|
Call tick_msg() at startup so it knows if the link
is up. Don't emit 'link timeout expired' messages
after the link has been up.
|
|
OK deraadt@ mpi@
|
|
|
|
technology where known. ok deraadt
|
|
No functionnal change, reduce the difference with NetBSD.
ok jmatthew@
|
|
|
|
|
|
|
|
font, rather than with the monospace font appropriate for .Bd -literal.
This fixes a minibug reported by anton@.
Implemented by no longer relying on the typical browser default of
"pre { font-family: monospace }" but instead letting <pre> elements
inherit the font family from their parent, then adding an explicit CSS .Li
class only for those displays where the manual page author requested it
by using the -literal option on the .Bd macro.
|
|
GenericSerialBus operating regions witout checking whether they're really
available. This needs to work on RAMDISK kernels as well. Since we
don't want to pull in the i2c subsystem on those, provide a separate
and much simpler dummy implementation of the GenericSerialBus access code
when SMALL_KERNEL is defined.
ok tb@
|
|
ok tb@
|
|
outfd and sending back the failure report via http_fail(). This was
partially done in the failure case of http_resolv() and resulted in
double failure reports in that case.
With and OK tb@, previous version OK deraadt@
|
|
work. Hence, add support for NTB32 in the transmit path. We already have
support for NTB32 in the receive path. We detect the supported format on
boot and can then decide on transmit which format to use.
From ehrhardt@ with gerhard@
Tested by jan@
ok sthen@
|
|
From gerhard@
"broadly OK" sthen@
|
|
icmp_send() must update IP header length if IP optaions are appended.
Such packet also has to be dispatched with IP_RAWOUTPUT flags.
Bug reported and fix co-designed by Dominik Schreilechner _at_ siemens _dot_ com
OK bluhm@
|
|
This is a first step toward making rge work with multiple queues and interrupts.
Only one queue is currently used.
While here, update the RTL8125B microcode.
ok jmatthew@
|
|
and bootp renewals with vmd(8)'s built-in dhcp server. Previous behavior
ignored did not intercept these packets and instead transmitted them.
This should make vmd(8)'s dhcp behave more as a true dhcp server should and
allows it to work properly with the new dhcpleased(8) attempting a renewal.
OK mlarkin@
|
|
powerpc64 was lacking manual pages; instead of shipping yet another
identical MD manual, merge them under MI MANPATH as usual.
Input OK deraadt
|
|
|
|
Based on some text in OpenSSL 1.1.1's EVP_PKEY_new.pod.
|
|
Adjust the region managed by the extend accordingly but avoid the first
and last page. The last page collides with the MSI address used by the
PCIe controller and not using the first page helps finding bugs.
ok patrick@
|
|
ok tb@
|
|
When server side renegotiation is triggered, the TLSv1.2 state machine
sends a HelloRequest before going to ST_SW_FLUSH and ST_OK. In this case
we do not need the transcript and currently hit the sanity check in ST_OK
that ensures the transcript has been freed, breaking server initiated
renegotiation. We do however need the transcript in the DTLS case.
ok tb@
|
|
This moves the finish_md and peer_finish_md from the 'tmp' struct to the
handshake struct, renaming to finished and peer_finished in the process.
This also allows the remaining S3I(s) references to be removed from the
TLSv1.3 client and server.
ok inoguchi@ tb@
|
|
|
|
This adds checks (based on the TLSv1.3 implementation) to ensure that the
TLS/DTLS sequence numbers do not wrap, as required by the respective RFCs.
ok inoguchi@ tb@
|
|
sebastia ran into this when attempting to update security/hcxtools.
This will be tested via wycheproof.go once the symbol is public.
ok jsing, tested by sebastia
|
|
This way the AKI and SKI printed in the tests tools look the same as before.
Requested by job@, OK job@ tb@
|
|
|
|
|
|
ok gerhard@
|
|
This cleans up events on a pause or resume, but also fixes an issue
where the vm_pipe event channels are not properly reinitialized on a
received guest leading to broken serial console.
OK pd@, mlarkin@
|
|
OK tb@
|
|
Per Intel SDM (Vol 3D, App. A.10) bit 0 should be read as a 1 if enabled.
From Adam Steen. ok mlarkin@
|
|
Since aia, aki and ski are all represented by char *, this is an
error-prone interface - as found by job. The function doesn't do
much anyway.
ok claudio
|
|
on x509_get_extensions() failure.
Fix suggested by claudio
|
|
prefer a failure rather than some sort of weird truncation
ok claudio
|
|
|
|
|
|
suggested by jsg
|
|
(rpki-client is pretty good code, couple hours of audit and I can only find
a few minor things)
|
|
|
|
truncate, but if they do, we prefer to know)
ok job claudio
|
|
ptr++
ok claudio
|
