Age | Commit message (Collapse) | Author |
|
and for their modifiers, written from scratch.
|
|
This was removed from libssl a very long time ago...
|
|
|
|
With the pipefail option set, the exit status of a pipeline is 0 if all
commands succeed, or the return status of the rightmost command that
fails. This can help stronger error checking, but is not a silver
bullet. For example, commands will exhibit a non-zero exit status if
they're killed by a SIGPIPE when writing to a pipe. Yet pipefail was
considered useful enough to be included in the next POSIX standard.
This implementation remembers the value of the pipefail option when
a pipeline is started, as described as option 1) in
https://www.austingroupbugs.net/view.php?id=789#c4102
Requested by ajacoutot@, ok millert@
|
|
ok stsp
|
|
This diff exposes parts of clock_gettime(2) and gettimeofday(2) to
userland via libc eliberating processes from the need for a context
switch everytime they want to count the passage of time.
If a timecounter clock can be exposed to userland than it needs to set
its tc_user member to a non-zero value. Tested with one or multiple
counters per architecture.
The timing data is shared through a pointer found in the new ELF
auxiliary vector AUX_openbsd_timekeep containing timehands information
that is frequently updated by the kernel.
Timing differences between the last kernel update and the current time
are adjusted in userland by the tc_get_timecount() function inside the
MD usertc.c file.
This permits a much more responsive environment, quite visible in
browsers, office programs and gaming (apparently one is are able to fly
in Minecraft now).
Tested by robert@, sthen@, naddy@, kmos@, phessler@, and many others!
OK from at least kettenis@, cheloha@, naddy@, sthen@
|
|
|
|
since this is expected to fail on most 32-bit PowerPC CPUs given the
lack of a proper permission bit.
|
|
ok job
|
|
This makes the regress work correctly again - this was previously masked
by the fact that tls_close() (and hence SSL_shutdown()) was draining the
circular buffer, whereas now we're leaving data behind from a previous
test, resulting in the ordering test failing.
|
|
This is the name the other BSDs use for this, there is no reason to
be different, the IPv6 RFCs call these addresses temporary, and some
software in ports wants to use this as well.
Most recently pointed out for firefox by landry.
OK claudio, sthen
|
|
ok beck jsing
|
|
|
|
|
|
|
|
aarch64/powerpc/powerpc64, making use of the count leading
zeros instruction. Also add a brief regression test.
ok deraadt@ kettenis@
|
|
|
|
|
|
|
|
|
|
|
|
example HTML/JS to generate webauthn signatures in SSH formats
(also used to generate the testdata/* for the test).
|
|
|
|
command (ie "ssh-agent command"). Would have caught bz#3181.
|
|
|
|
verification only so far
|
|
|
|
with EPROTONOSUPPORT.
ok mpi@
|
|
|
|
|
|
section 4.1.2 to ensure subsequent ClientHello messages after a
HelloRetryRequest messages must be unchanged from the initial
ClientHello.
ok tb@ jsing@
|
|
failure rather than silently constructing a broken X509_ATTRIBUTE object
that might cause NULL pointer accesses later on. This matters because
X509_ATTRIBUTE_create() is used by documented API functions like
PKCS7_add_attribute(3) and the NID comes straight from the user.
This fixes a bug found while working on documentation.
OK tb@ and "thanks" bluhm@
|
|
xfail for now. Arguably, the expected decode_error is more appropriate
than the decrypt_error that we send at the moment.
|
|
three tests that fail due to a BIO_gets() bug.
|
|
|
|
Issue reported with initial patch by enh@google.com.
ok deraadt@
|
|
|
|
expansion in various keywords (bz#3140). ok djm@
|
|
|
|
directives are processed correctly and handling of Include directives
that appear before Match. Both tests currently fail.
bz#3122 and bz#3169 - patch from Jakub Jelen
|
|
OK martijn@
|
|
Use FFS1 for newfs as the file system size is below the FFS2 minimum.
|
|
send UDP packets.
|
|
|
|
|
|
|
|
the test to fail. Neuter it for now and just assume we do TLSv1.3.
I have been intending to purge this version detection hack once I'm
sure we can leave the 1.3 server enabled but I'll leave it here for
now.
|
|
|
|
Correct SNI alerts to differentiate between illegal parameter
and an unknown name.
ok tb@`
|
|
while using option e.
|