| Age | Commit message (Collapse) | Author |
|---|
|
meant as a fallback if network hardware does not support TSO. Driver
support is still work in progress. TCP output generates large
packets. In IP output the packet is chopped to TCP maximum segment
size. This reduces the CPU cycles used by pf. The regular output
could be assisted by hardware later, but pf route-to and IPsec needs
the software fallback in general.
For performance comparison or to workaround possible bugs, sysctl
net.inet.tcp.tso=0 disables the feature. netstat -s -p tcp shows
TSO counter with chopped and generated packets.
based on work from jan@
tested by jmc@ jan@ Hrvoje Popovski
OK jan@ claudio@
|
|
github PR#396.
|
|
A signed integer overflow could occur after INT_MAX bad password
attempts. Check for unlimited tries first and then increment the
counter. Also consider INT_MAX to be a valid upper limit.
ok millert@
|
|
Close pipe file descriptors if fork fails.
Also do not parse exit status of child if waitpid fails.
with input by and ok millert@
|
|
On aarch64 with llvm 15, the new -Wunaligned-access emits noise on every
one of tmux's source files. This avoids this warning by moving a u_char
to the end of the struct. This does not change the size of the struct on
any architecture.
ok nicm
|
|
|
|
|
|
- braces are not commands, use 'Brq'
- markup variable and value each, leave = (like mdoc(7) 'Ns' example)
|
|
|
|
|
|
sftp/scp will ftruncate the destination file after a transfer completes,
to deal with the case where a longer destination file already existed.
We tracked the highest contiguous block transferred to deal with this
case, but our naive tracking doesn't deal with servers that reorder
requests - a misfeature strictly permitted by the protocol but seldom
implemented.
Adjust the logic to ftruncate() at the highest absolute block received
when the transfer is successful. feedback deraadt@ ok markus@
prompted by https://github.com/openssh/openssh-portable/commit/9b733#commitcomment-110679778
|
|
produce a spurious error (so 1 chance in 2^26)
It's like read/write: we need to recognize 0 as EOF and not try to checksum
a non-existing block.
while there, also make sure that we got all the signed blocks at EOF
before exit(0)
Note that none of those two bugs affect the actual security of signed
packages: the basic assertion that only signed data gets written
through the pipe is still 100% valid !
but it's a good idea to not emit spurious messages for valid files, and also
to recognize truncated files !
okay tb@ (thanks a lot)
|
|
|
|
confusing warning messages complaining about macros that don't even
appear in the input file.
As a welcome side effect, this also shortens the code...
Fixing a minibug
reported by Alejandro Colomar <alx dot manpages at gmail dot com>.
|
|
Flags are passed to the remote system but --size-only is only set
if local system is sender since this is the behaviour of rsync.
Initial diff from Martin Cracauer but mostly reimplemented and extended
by myself.
OK kn@
|
|
for a while it has used only spaces when no-tab-mode is enabled and respected
the current buffer tab width.
|
|
|
|
confirm-before. From Elias Assaf in GitHub issue 3548; prompted by an
earlier change from Yutaro Yoshii in GitHub issue 3496.
|
|
are better than exiting).
|
|
|
|
From Martin Cracauer
OK kn@
|
|
Previously ssh would incorrectly refuse to canonicalise the hostname
if ProxyJump was explicitly set to "none" when CanonicalizeHostname=yes
bz3567; ok dtucker
|
|
|
|
|
|
return value.
|
|
change what the terminal can do and need mouse sequences or similar to
be sent again, GitHub issue 3513.
|
|
|
|
compat nonsense
|
|
If no field separator is specified, default to using the comma plus space
separation, unless the compat flag is set.
Fixes an a bug with printing issuers and other things that contain UTF-8
Reported by Jean-Luc Duprat
The very simple fix ix is a joint effort by Henson and Levitte
Fixes libressl/portable issue #845
ok jsing
|
|
Since the import of mg in the tree, space_to_tabstop used curbp->w_doto
(the byte offset in the current line) as mean to deduce the current
column for indentation. This is wrong because it doesn't account for
tab, control characters and octets > 127 (which are all rendered with
more than one column.) Use instead getcolpos().
ok tb@
|
|
This makes the tab width customizable per-buffer. The new function
`set-tab-width' changes it for the current buffer or the default value
for new buffers if called with a prefix argument (or from the startup
file.)
The default tab width is still 8 column.
Together with the newly resurrected no-tab-mode, allows to use mg for a
variety of programming languages and coding styles.
Note that it's not possible to call set-tab-width with auto-execute in
the startup file due to limitations in how auto-execute and the parser
work.
ok tb@
|
|
|
|
|
|
|
|
confusing.
|
|
invalid (for example have column zero rather than one).
|
|
|
|
ok tb@
|
|
|
|
It's a mode that makes mg insert spaces up to the next tab stop upon
pressing TAB, along with the various tweaks needed in other places so
for e.g. auto-indent-mode also uses spaces.
This is not just an unifdef NOTAB: even under no-tab-mode mg should
consider literal TAB characters wide up to the next tab stop, while the
hidden code considered hard tabs to be just control character (i.e. ^I)
with width of two columns. I'm also introducing the helper function
doindent() in utils.c to de-obfuscate the insertion of tabs/spaces until
the given column.
ok tb@
|
|
|
|
malloc (leak) dump fucntion. ok semarie@
|
|
|
|
Nothing really uses the policy tree. It's desgined with built-in DoS
capabilities directly from the RFC. It will be removed from the attack
surface and replaced with something equivalent that doesn't grow
exponentially with the depth.
This removes the only reason the policy tree itself ever leaked out of
the library.
ok jsing
|
|
A conversion from X509_REQ_get_pubkey() to X509_REQ_get0_pubkey() missed
one free of pkey in an unlikely error path. After the conversion pkey is
no longer owned by us, so we mustn't free it.
ok jsing
|
|
|
|
|
|
ok dtucker@
|
|
|
|
The X9.31 standard has long been retired and deprecated and libcrypto will
drop support for it soon. This prepares userland.
ok jsing
|
