summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2019-12-19The previous fix for creating isakmpd(8) IKE pcap file, weakenedAlexander Bluhm
the path sanitizer in the privsep parent. Bring back the checks in a way that works with new realpath(3). tested and OK hshoexer@
2019-12-19Start protecting the pipe_peer member of `struct pipe' using theanton
pipe_lock. This add a potential sleeping point in the kqueue filter routines which should be fine by now thanks to changes made to the kqueue subsystem by visa. ok visa@
2019-12-19In ndp(8) the scope ID was not set correctly so it touches the wrongAlexander Bluhm
route. In parse_host() s6_addr is type u_int8_t, but we have to write a 16 bit value. Add a cast to fix ndp -c. reported by Matthias Pitzl; OK kn@
2019-12-19Convert boolean_t/TRUE/FALSE to int/1/0 for coherency with the rest ofMartin Pieuchot
the kernel. ok patrick@
2019-12-19Convert boolean_t/TRUE/FALSE to int/1/0 for coherency with the rest ofMartin Pieuchot
the kernel. ok mlarkin@, visa@
2019-12-19Convert boolean_t/TRUE/FALSE to int/1/0 for coherency with the rest ofMartin Pieuchot
the kernel. ok mlarkin@, visa@
2019-12-19Convert infinite sleeps to {m,t}sleep_nsec(9).Martin Pieuchot
ok visa@
2019-12-19wider list width to adjust for previous;Jason McIntyre
2019-12-19Validate auth_offset before using it. If it's too big ripd will crash.remi
RFC 2082, chapter 3.1 sys about the offset: A 16 bit offset from the RIP-2 header to the MD5 digest (if no other trailer fields are ever defined, this value equals the RIP-2 Data Length). Problem reported by Hiltjo Posthuma. OK claudio@ deraadt@ benno@
2019-12-19Fix output loop to not stop when the first unused output format isClaudio Jeker
encountered. Fixes rpki-client -j which did not produce any output before. Found by and OK job@
2019-12-19Document that security key-hosted keys can act as host keys.Christian Weisgerber
Update the list of default host key algorithms in ssh_config.5 and sshd_config.5. Copy the description of the SecurityKeyProvider option to sshd_config.5. ok jmc@
2019-12-19Align man file with realityjob
2019-12-19tweak previous;Jason McIntyre
2019-12-19poll handlers must return a poll(2) revents value, not errno(2) values.Reyk Floeter
Some drivers have returned ENXIO (6) if the device is not available which incorrectly translates into POLLPRI|POLLOUT (2|4) in userland. Change it to POLLERR for now, but it might as well be POLLHUP. OK mpi@
2019-12-19Add size for free() in vio(4).Frederic Cambus
There is an existing allocsize variable tracking size of allocations, turns out we can pass it to free in the error path. OK florian@, mpi@
2019-12-19Spell "mount point" as other man pages do, with a space.Anthony J. Bentley
ok jmc@
2019-12-19When adding a list with multiple commands to the queue, the next item toNicholas Marriott
insert after needs to be the last one added, not the first. Reported by Jason Kim in GitHub issue 2023.
2019-12-19Use bus_size_t as the type for the base address.Mark Kettenis
ok deraadt@, dlg@
2019-12-19Change the way individual show functions are called. Up until now an imsgClaudio Jeker
was passed to each function and output happened based on the imsg type. Now show() will look at the imsg and based on the type call the right function to output this type. Because of this every show function is now only displaying one specific object. OK benno@
2019-12-19Do not need the getudpportrange functions. We don't need to perform anyTheo de Raadt
crazy random port allocation for dns 'security' in USERLAND because the KERNEL has automatically done port-randomization since 1996 (wow the year of BSE in Britain)
2019-12-19"Forward security" -> "Forward secrecy" since that's the correct term.Darren Tucker
Add "MAC" since we use that acronym in other man pages. ok naddy@
2019-12-19Prevent redirections to file: URLsJeremie Courreges-Anglas
Report and fix from Hiltjo Posthuma, input from and ok deraadt@
2019-12-18unifdef _AIXStuart Henderson
2019-12-18remove HTMLPAGES components, not usedTheo de Raadt
2019-12-18dig not DiGTheo de Raadt
2019-12-18do not need theseTheo de Raadt
2019-12-18about time unwind got a namecheck;Jason McIntyre
2019-12-18move -h description into .Bl list rather than main bodyTheo de Raadt
2019-12-18-h for help can be discovered other waysTheo de Raadt
2019-12-18spell "name server" consistently; i kind of prefer "nameserver", but this wayJason McIntyre
is much less work;
2019-12-18Set vm_map's pmap in uvm_map_setup().Visa Hankala
OK guenther@, kettenis@, mpi@
2019-12-18Workaround unbound github issue #99.Florian Obser
https://github.com/NLnetLabs/unbound/issues/99 ub_ctx_delete would free the passed in event_base leading to use-after-free since libunbound never allocated the memory and unwind expects to continue using the event_base.
2019-12-18Update to libunbound 1.9.6Florian Obser
Heavy lifting by sthen with updating in-tree unbound(8).
2019-12-18use "Currently" in the doc for "openssl enc" when talking about defaultStuart Henderson
md, to hint that it might not always be the case (e.g. if dealing with files from a different version of the tool). ok tb@
2019-12-18merge Unbound 1.9.6Stuart Henderson
2019-12-18import Unbound 1.9.6, ok tb florianStuart Henderson
2019-12-18add the changelogStuart Henderson
2019-12-18remove, not useful hereStuart Henderson
2019-12-18merge NSD 4.2.4Stuart Henderson
2019-12-18import NSD 4.2.4, ok florianStuart Henderson
2019-12-18Mask high bits of iwm(4) firmware SYSASSERT codes before matchingStefan Sperling
against codes in the known-codes table, like Linux does it. Mark the known-codes table static so it won't ever collide with symbols declared elsewhere in the kernel. Also add some more cause codes found in iwlwifi. I still keep hitting firmware SYSASSERT codes that aren't declared in this table, though :( These changes only affect IWM_DEBUG builds.
2019-12-18no need for double Cm;Jason McIntyre
2019-12-18give a better name to a couple functions and struct fields related toGilles Chehade
filters, no functional change
2019-12-18Re-enable firmware-based Tx retries at lower rates for iwm(4).Stefan Sperling
Firmware-based Tx retries were disabled when it was found that MiRA makes better choices while probing with a constant Tx retry rate. Before that change, high Tx rates looked better than they actually were. The change resulted in less retries and thus higher throughput because a lower, but actually working, initial Tx rate eventually became the preferred choice. However, disallowing retries at lower rates also resulted in increased amounts of observable packet loss, especially while the connection to the AP was still fresh and bad Tx rates had not been discovered yet. To get the best of both worlds, use a constant Tx rate for retries while MiRA is probing and otherwise allow firmware fallback to lower rates. tested by Tracey Emery, pamela, jasper, and myself, on 7265/8265/9260
2019-12-18Implement unwindctl status memory to show chache memory usage.Florian Obser
testing by otto & pamela as part of a larger diff
2019-12-18Rework unified cache handling to be able to unify key and neg caches.Florian Obser
testing by otto & pamela as part of a larger diff
2019-12-18Use neg and key cache from the passed in environment if initialized so thatFlorian Obser
unwind can share caches between strategies. testing by otto & pamela as part of a larger diff
2019-12-18Allow pagefault_disable() to be called recursively, something that may happenMark Kettenis
in inteldrm(4). ok guenther@
2019-12-18Use separate rwlock initializations for userland ("vmspace") and kernelMark Kettenis
maps. This lets witness know that these really are different classes avoiding false positives when detecting lock order reversals. ok guenther@, visa@, mpi@
2019-12-18teach relay action how to do domain-based relay host, this allows declaringGilles Chehade
a single relay action with a mapping of relay hosts per domain. ok eric@
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-26 08:57:09 +0000