| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
done in sd. Make names consistant across all three.
ok dlg@ tested (cd) & ok beck@
|
|
from and ok claudio@
|
|
from and ok claudio@
|
|
uio_off. Prevents crap being passed as the starting offset to
getdirentries(), which could lead to various kinds of confusion
when trying to process cd9660 directory entries.
Problem seen by jsg@, who also found the fix in FreeBSD.
ok beck@
|
|
like several other things in the tree.
ok reyk@ looks fine claudio@
|
|
|
|
conf.listen_addr is actually valid before deref.
|
|
invalid offsets and sizes: reject the i/o.
ok deraadt@ beck@
|
|
reason the open failed to debug.
bz #1693, found by tj AT castaglia org, ok djm@
|
|
is the granularity of the windows provided by the CardBus bridge. A smaller
alignment may result in those windows covering address space used by other
PCI devices in the machines. Fixes CardBus xl(4) n naddy's X40.
|
|
ppp sessions as a server. It supports L2TP, PPTP and PPPoE as
tunneling.
ok mcbride@ dlg@ deraadt@ reyk@.
|
|
need two state keys (NAT case), and we succeed allocating the first one
but fail getting the second we'd leak the first one. obvious and thus ok'd
by dlg ryan and theo within seconds
|
|
lookahead in the parser
ok reyk
|
|
over the last couple of weeks (ever since I found it): when we are out of
memory for the state keys we leak the state. oh the irony.
instead of just fixing that one case rework the error handling in the entire
function. verified painfully by yours truly by forcefully exercising each
and every error path in there. ryan ok
|
|
intercept the ccb_done handling so polled commands set a flag that mpi_poll
tests on. when ccb_done sets the variable, the poll loop breaks and
mpi_poll runs the original ccb_done handler for the ccb completion.
this is a lot simpler than the previous implementation and removes a
mutex.
ok beck@
|
|
acceleration for PPP access concentrator.
ok mcbride@ dlg@ deraadt@ reyk@.
|
|
lookahead in the parser
ok henning
|
|
|
|
Note: it did not work before because the checksum offloading was
taking care about TCP and UDP but forgot about IP fragments and other
IP protocols. We need to take care that IP fragments are handled
correctly when we do IP/TCP/UDP offloading.
ok jsg@ deraadt@, discussed with others
|
|
|
|
port forward on the server. This allows, for example, using ssh as
a ProxyCommand to route connections via intermediate servers.
bz #1618, man page help from jmc@, ok markus@
|
|
prefixlen that is not a multiple of 8. Found while reading the RFC.
OK henning@
|
|
st's queue manipulations. i.e. ensure b_actb is correctly updated as the
queue becomes empty or has an i/o requeued on it.
Tested on claudio@'s backup crashing box.
ok dlg@ beck@
|
|
|
|
one thread will be grabbing xs's at a time and dequeuing work, but avoids
a race between notification there is work to do and exiting the loop
releasing the xs's.
Fixes problem noticed by claudio where usb disks would hang with the new
minty dlg midlayer.
ok krw@, dlg@, tested by claudio@
|
|
possible references to xs which has been recycled. Slight tweak to
dlg's previous fix for atapiscsi.
ok dlg@ 'looks safe' miod@
|
|
length of its message in dwords. multiply that by the count of the messages
to figure out how to skip to the next subheader.
"old" code still thinks the len field is a pad, which it doesnt look at, so
new messages with a filled in len are still parsed correctly by "old" code.
input and ok mcbride@
sounds good! Simon Perreault
|
|
lookahead in the parser
ok henning otto
|
|
logic to eliminate FALLTHROUGH craziness.
ok marco@ dlg@
|
|
|
|
underuns and overruns; such bugs are hard to debug with ktrace
or a debugger. They are also handy to debug or monitor code
using aucat.
To enable traces, compile aucat with ``make DEBUG=-DDEBUG'' and
use the -d option multiple times.
ok jakemsr
|
|
-F keyword heavily).
|
|
and assuming message is not in processing/scheduled state
- teach smtpctl how to request message removal from runner
discussed with todd@, idea ok jacekm@
|
|
|
|
remove double check in update that properly belongs in pkg_add
replace has_new_sig by has_different_sig, with better diagnostic messages.
|
|
"reads alright" oga@, ok matthieu@ todd@
|
|
mcbride
|
|
doesn't exist.
ok stsp@ deraadt@
|
|
on error as the spec requires. This triggers kernel assertion
error because zero is read from the register and wrong ccb is picked
from the queue. To cope with it if there's only one outstanding
command get its slot number from the active commands mask, otherwise
fail all active commands.
ok krw@ dlg@
|
|
|
|
(1) use correct (message) block size of 128 byte (instead of 64
bytes) for HMAC-SHA512/384 (RFC4634).
(2) RFC4868 specifies that HMAC-SHA-{256,384,512} is truncated to
nnn/2 bits, while we still use 96 bits. 96 bits have been
specified in draft-ietf-ipsec-ciph-sha-256-00 while
draft-ietf-ipsec-ciph-sha-256-01 changed it to 128 bits.
WARNING: this change makes IPsec with SHA-256 (the default)
incompatible with older OpenBSD versions and other IPsec-implementations
that share this bug.
ok+tests naddy, fries; requested by reyk/deraadt
|
|
|
|
and/or ASN1-DNs get not parsed correctly; with and ok krw@; ok reyk@
|
|
something very bad happened.
|
|
when compiling boost 1.41.
From http://gcc.gnu.org/bugzilla/show_bug.cgi?id=17327 via
Markus Hennecke <markus-hennecke at markus-hennecke dot de>.
miod@ tested and ok
|
|
-e ?
|
|
new test for signature comparison checks
|
