| Age | Commit message (Collapse) | Author |
|---|
|
This allows us to use `stackcollapse-bpftrace.pl' from Brendan Gregg's
FrameGraph without pre-processing outputs.
|
|
|
|
|
|
pipex(4) sessions. We did this for prevent use after free issue caused
by pipex_timer(). By default "idle-timeout" is not set in
npppd.conf(5) and I guess this is reason for we forgot to describe this
exception in npppd.conf(5).
Since it's pppx(4) related bug description was added to BUGS section of
pppx(4) man page.
npppd.conf(5) has this exception described in "idle-timeout" section.
ok jmc@ yasuoka@
|
|
except for some minor changes in the handling of snmp_intotal{req,set}vars
no functional changes intended.
OK jan@
|
|
|
|
the WSDISPLAYIO_GETSCREENTYPE ioctl. This ensures that they always match
the currently loaded font metrics.
Previously, wsfontload(8) hardcoded the default height and width values
for the font to be loaded as 12x22 when using framebuffer consoles, and
as 8x16 when in text mode. The 12x22 value wasn't correct in case we
felt back to the smaller 8x16 font for screen widths smaller than 960px,
and wasn't valid anymore since we replaced Gallant 12x22 by Spleen 12x24
on all architectures but sparc64.
OK jcs@, mpi@
|
|
from Ross L Richardson <openbsd AT rlr DOT id DOT au>, Thanks
ok claudio@
|
|
from Ross L Richardson <openbsd AT rlr DOT id DOT au>, Thanks
ok claudio@
|
|
from Ross L Richardson <openbsd AT rlr DOT id DOT au>, Thanks
ok claudio@
|
|
from Ross L Richardson <openbsd AT rlr DOT id DOT au>, Thanks
ok claudio@
|
|
from Ross L Richardson <openbsd AT rlr DOT id DOT au>, Thanks
ok claudio@
|
|
Should hopefully fix an issue seen by Robert Scheck
OK deraadt@
|
|
Found by Ross L Richardson, Thanks.
|
|
what is used for adding other certificates.
-Don't call X509_verify on trust anchors for no reason.
-Add basic checks for TA certificate (subject can parse, cert is not expired)
-Add some useful error reporting if the TA cert we fetched is no good.
ok claudio@
|
|
Extract the notify URL from the cert if it is available and pass it back to
the parent process. The parent process can then use this info to load the
repo via RRDP instead of rsync.
OK benno@ (some long time ago)
|
|
Feedback and ok cladio@
ok patrick@, tb@
|
|
found by Ross L Richardson, thanks!
ok deraadt@
|
|
"no objection" ajacoutot@
|
|
|
|
ok landry@ robert@
|
|
|
|
not just a regular file path;
patient explanation (neccessary) and eventual ok espie
|
|
the buffer, not the number of bytes to copy. The strlcpy() return
value should be checked to verify that truncation did not occur.
OK florian@
|
|
|
|
chdir(2) before unveil(2). Use absolute config path after chdir,
also necessary for SIGHUP. /etc/sensorsd.conf.db must be unveiled,
cgetent(3) tries to open it.
OK beck@
|
|
later.
ok kettenis gkoehler
|
|
For DLT_NULL and DLT_LOOP interfaces, print-null.c passes
`caplen - NULL_HDRLEN' as length to default_print() which takes an unsigned
integer, hence if caplen is smaller than the header itself (four octets),
this difference wraps around.
Exit early in such cases and print the expected truncation marker "[|null]"
instead.
Feedback OK dlg
|
|
characters contained in a loaded font.
It's especially useful with user loaded fonts as they can contain
more than 256 characters.
OK sthen@
|
|
No object change.
|
|
While here, make messages more correct.
|
|
ok visa kettenis
|
|
ok kettenis
|
|
error out if ftp(1) or tar(1) fails; this happened to swarte@ a few months
(something to do with /home on NFS without -maproot IIRC).
Check that the signature file is at least 3 lines long (meaning that it contains
at least 1 syspatch) before entering the magic loop otherwise `grep -q' will
abort the script due to pipefail.
While here, revove a useless use of sort(1).
|
|
ok deraadt@
|
|
apmd/apm combo for -L/-H and such. (it gets all the rest of the mess too)
ok kettenis
|
|
|
|
This is built on top of maps which are currently built on top of RB-trees.
Improvements are welcome! For example the use of a hashing table as pointed
by espie@.
The following one-liner produce an histogram of power-of-two values returned
by the read(2) syscall:
btrace 'syscall:read:return { @bytes = hist(retval); }'
^C
@bytes:
[0] 19 |@@@@@@@@@@@@@@@@@@@@@@@@@@ |
[1] 26 |@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ |
[1, 2) 1 |@ |
[2, 4) 13 |@@@@@@@@@@@@@@@@@@ |
[4, 8) 4 |@@@@@ |
[8, 16) 3 |@@@@ |
[16, 32) 1 |@ |
[32, 64) 8 |@@@@@@@@@@@ |
[64, 128) 14 |@@@@@@@@@@@@@@@@@@@ |
[128, 256) 7 |@@@@@@@@@ |
[256, 512) 37 |@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@|
[512, 1K) 1 |@ |
[1K, 2K) 10 |@@@@@@@@@@@@@@ |
[2K, 4K) 11 |@@@@@@@@@@@@@@@ |
[8K, 16K) 1 |@ |
|
|
shell has been fixed by benno@; remove workaround.
ok naddy@
|
|
|
|
While here make it possible to store syscall return values in maps.
|
|
|
|
INT32_MAX by increasing the hrStorageAllocationUnits value until they fit.
Original patch from Johan Huldtgren (johan+openbsd-tech <at> huldtgren <dot> com)
OK sthen@
|
|
|
|
Prodded by and OK jmc@
|
|
snmpctl has been removed two releases ago, which makes the control
interface obsolete.
agentx support has always been quirky at best, but got completely broken
with the BER_MAX_OID_LEN increase in ber.h. This change resulted in the
oid length on the snmp side being left uninitialized because of size
difference, resulting in weird behaviour. No one reported the breakage,
even after 6.7 was released.
This change requires users to remove the socket keyword from their
snmpd.conf.
OK denis@
|
|
agentx header.
OK denis@
|
|
The -f option existed for some initial debugging work.
Thanks Weerd for review
OK claudio@
|
|
Contrary to other (single CPU) machines, the Oracle SPARC T4-2 machines
come with two CPUs/two PCIe root complexes instead of one.
ldomctl already accounts for this and interates over them but lacked a skip
condition when iterating over subdevices to avoid linking devices in one
complex to those in another.
This fixes a NULL dereference in "init-system" on T4-2 machines and makes
it produce working machine descriptions (.md files).
Testing and confirmation on a T4-1 that single PCIe root complex machines
still produce identical MDs with this from tracey, thanks!
Reminded by a report on bugs@ from Kokuma who also confirmed this fix on
their T4-2.
|
|
In analogy to guest domains requiring vcpu, memory and at least one
bootable device (vdisk, vnet or iodevice), the primary domain must not
be configured with vdisk, vnet or iodevice parameters; it does not make
sense to provide virtual disks or interfaces to it and PCIe devices not
assigned to guest domains automatically end up in the primary domain.
ldom.conf(5) also documents those explicitly for guest domains only.
OK tracey
|
