| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
| |
Printing strerror() in that case will say result too large, even if rounds is
actually too small. invalid is less specific, but less incorrect.
ok millert
|
| |
|
|
|
|
|
| |
noticed by Andre Smagin.
also check snprintf for overflow so we get better error messages if
somebody decides to pad with even more zeroes, and avoid possible
truncations.
|
| | |
|
| | |
|
| |
|
|
| |
ok reyk@
|
| |
|
|
| |
OK deraadt@
|
| |
|
|
| |
(e.g. to get visual host keys); reported by naddy@
|
| | |
|
| |
|
|
|
|
| |
Verified working by Peter Hansteen
OK deraadt@, millert@, stsp@
|
| |
|
|
| |
ineffectual wait statement
|
| |
|
|
| |
OK florian@
|
| |
|
|
|
|
|
| |
While here, correctly mark up time_t as a variable type and use prettier
double quotes.
ok schwarze@
|
| |
|
|
|
|
| |
block return 301 "http://www.example.com/$REQUEST_URI"
OK tedu@ florian@
|
| | |
|
| | |
|
| |
|
|
| |
known_hosts; bz#2342
|
| |
|
|
| |
confirmation question; reported by Herb Goldman
|
| | |
|
| |
|
|
| |
confusing messages reported by Jan Stary <hans at stare dot cz>
|
| |
|
|
|
|
|
| |
in non-location virtual hosts. Add comments clarify the
variable-length values.
OK halex@
|
| |
|
|
| |
with halex@. No binary change - it is commented out.
|
| | |
|
| |
|
|
|
|
| |
imsg buffer.
Debugging & OK halex@
|
| |
|
|
|
| |
drivers do. While here remove unused fields from struct iwm_fw_info.
test and ok brad@ phessler@
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
using *at functions is equivalent to chdir()ing, which eases portability.
Tested with mixes of absolute and relative paths.
Eliminate a FILE leak too.
prodded by jsing@
|
| | |
|
| |
|
|
| |
Discussed with/requested by deraadt@ at the conclusion of s2k15.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows for clients that willingly choose to perform a downgrade and
attempt to establish a second connection at a lower protocol after the
previous attempt unexpectedly failed, to be notified and have the second
connection aborted, if the server does in fact support a higher protocol.
TLS has perfectly good version negotiation and client-side fallback is
dangerous. Despite this, in order to maintain maximum compatability with
broken web servers, most mainstream browsers implement this. Furthermore,
TLS_FALLBACK_SCSV only works if both the client and server support it and
there is effectively no way to tell if this is the case, unless you control
both ends.
Unfortunately, various auditors and vulnerability scanners (including
certain online assessment websites) consider the presence of a not yet
standardised feature to be important for security, even if the clients do
not perform client-side downgrade or the server only supports current TLS
protocols.
Diff is loosely based on OpenSSL with some inspiration from BoringSSL.
Discussed with beck@ and miod@.
ok bcook@
|
| |
|
|
|
| |
ssl3_cipher_get_value() to get the cipher suite value that we just
put in the struct - use the cipher suite value directly.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
tls_config_insecure_noverifyname(), so that it is more accurate and keeps
inline with the distinction between DNS hostname and server name.
Requested by tedu@ during s2k15.
|
| |
|
|
| |
configuration.
|
| | |
|
| |
|
|
|
|
|
| |
be those that are TLSv1.2 with AEAD and PFS. Provide a "compat" mode that
allows the previous default ciphers to be selected.
Discussed with tedu@ during s2k15.
|
| |
|
|
|
|
|
|
|
|
|
| |
PAGE_MASK to be (~(PAGE_SIZE - 1)) where as our kernel defines it as
(PAGE_SIZE - 1). It is possible to flag a CS as wanting to use
GPU VM for cayman/aruba hardware though in practice Mesa won't
submit a CS flagged with GPU VM for these unless overriden via
RADEON_VA=true in the environment.
For Southern Islands radeons on the other hand GPU VM is required
and flagged by default.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
for debugging the problem on RS690 and coming up with an initial diff.
Align the gart table allocation to the size of the allocation (rounded
up to nearest page size by bus_dmamem_alloc). Matches the behaviour of
the original Linux code's use of
pci_alloc_consistent()/dma_alloc_coherent().
Correct PAGE_MASK usage in rs400_gart_set_page(). Linux defines
PAGE_MASK to be (~(PAGE_SIZE - 1)) where as our kernel defines it as
(PAGE_SIZE - 1). Most of the other occurances in the drm code have been
adjusted accordingly but this one seems to have been missed.
|
| |
|
|
| |
requested by deraadt@
|
| |
|
|
|
|
| |
not whine and fail if there is none
ok djm@
|
| | |
|
| |
|
|
| |
they live in $OBJ not cwd; some by Roumen Petrov
|
| | |
|
| |
|
|
| |
ok jsing
|
| |
|
|
| |
This fixes a bug naddy@ found in plan9/rc(1).
|
| |
|
|
|
| |
then iwm(4) stops passing traffic. Firmware crashes were only observed with
my local patches, not the in-tree version of the driver.
|
| |
|
|
|
| |
The number stated was incorrect and there is no real reason to mention
them in the first place. Discussed with sthen.
|
| |
|
|
| |
Pointed out by brad.
|
tedu
naddy
espie
bentley
bluhm
djm
phessler
chrisz
reyk
schwarze
stsp
deraadt
guenther
jsing
jsg
halex