summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* syncsthen2021-03-312-54/+54
|
* Remove redundant "HUAWEI Mobile" in usbdevs strings, mention radiosthen2021-03-311-26/+26
| | | | technology where known. ok deraadt
* Introduce UAO_USES_SWHASH() and use tabs instead of spaces in #defines.mpi2021-03-311-25/+26
| | | | | | No functionnal change, reduce the difference with NetBSD. ok jmatthew@
* Do not exit if cannot write to normal log file, GitHub issue 2630.nicm2021-03-311-7/+8
|
* document trusted_snapshotespie2021-03-311-2/+8
|
* fix typos in commentssthen2021-03-301-3/+3
|
* In HTML output, correctly render .Bd -unfilled in proportionally-spacedschwarze2021-03-303-5/+9
| | | | | | | | | | | font, rather than with the monospace font appropriate for .Bd -literal. This fixes a minibug reported by anton@. Implemented by no longer relying on the typical browser default of "pre { font-family: monospace }" but instead letting <pre> elements inherit the font family from their parent, then adding an explicit CSS .Li class only for those displays where the manual page author requested it by using the -literal option on the .Bd macro.
* Handle systems, such as the Dell Precision 3640, that accesskettenis2021-03-301-19/+87
| | | | | | | | | | GenericSerialBus operating regions witout checking whether they're really available. This needs to work on RAMDISK kernels as well. Since we don't want to pull in the i2c subsystem on those, provide a separate and much simpler dummy implementation of the GenericSerialBus access code when SMALL_KERNEL is defined. ok tb@
* Register the PCI variant of dwiic(4) with acpi(4).kettenis2021-03-301-2/+7
| | | | ok tb@
* Make http_new() take care of all the error handling. By closing theclaudio2021-03-301-5/+5
| | | | | | | outfd and sending back the failure report via http_fail(). This was partially done in the failure case of http_resolv() and resulted in double failure reports in that case. With and OK tb@, previous version OK deraadt@
* Some cards announce support for the NTB16 format, but that support does notpatrick2021-03-303-41/+167
| | | | | | | | | | work. Hence, add support for NTB32 in the transmit path. We already have support for NTB32 in the receive path. We detect the supported format on boot and can then decide on transmit which format to use. From ehrhardt@ with gerhard@ Tested by jan@ ok sthen@
* Some umb(4) devices require the NDP pointer behind the NDP datagram.patrick2021-03-302-36/+59
| | | | | From gerhard@ "broadly OK" sthen@
* [ICMP] IP options lead to malformed replysashan2021-03-304-9/+53
| | | | | | | | | icmp_send() must update IP header length if IP optaions are appended. Such packet also has to be dispatched with IP_RAWOUTPUT flags. Bug reported and fix co-designed by Dominik Schreilechner _at_ siemens _dot_ com OK bluhm@
* Move tx/rx descriptors into their own structs.kevlo2021-03-302-188/+509
| | | | | | | | | This is a first step toward making rge work with multiple queues and interrupts. Only one queue is currently used. While here, update the RTL8125B microcode. ok jmatthew@
* Propagate host-side tap(4) lladdr to guest vm process to allow unicast dhcpdv2021-03-299-12/+124
| | | | | | | | | | and bootp renewals with vmd(8)'s built-in dhcp server. Previous behavior ignored did not intercept these packets and instead transmitted them. This should make vmd(8)'s dhcp behave more as a true dhcp server should and allows it to work properly with the new dhcpleased(8) attempting a renewal. OK mlarkin@
* Install apm(8) and and apmd(8) under MI MANPATHkn2021-03-293-16/+4
| | | | | | | powerpc64 was lacking manual pages; instead of shipping yet another identical MD manual, merge them under MI MANPATH as usual. Input OK deraadt
* whitespace nitstb2021-03-291-4/+4
|
* Prepare documenting EVP_PKEY_new_CMAC_key(3)tb2021-03-291-2/+54
| | | | Based on some text in OpenSSL 1.1.1's EVP_PKEY_new.pod.
* Turns out the PCIe DARTs support a full 32-bit device virtual address space.kettenis2021-03-291-4/+9
| | | | | | | | Adjust the region managed by the extend accordingly but avoid the first and last page. The last page collides with the MSI address used by the PCIe controller and not using the first page helps finding bugs. ok patrick@
* Remove pointless assignment in SSL_get0_alpn_selected().jsing2021-03-291-4/+1
| | | | ok tb@
* Avoid transcript initialisation when sending a TLS HelloRequest.jsing2021-03-291-4/+6
| | | | | | | | | | When server side renegotiation is triggered, the TLSv1.2 state machine sends a HelloRequest before going to ST_SW_FLUSH and ST_OK. In this case we do not need the transcript and currently hit the sanity check in ST_OK that ensures the transcript has been freed, breaking server initiated renegotiation. We do however need the transcript in the DTLS case. ok tb@
* Move finished and peer finished to the handshake struct.jsing2021-03-297-44/+44
| | | | | | | | | This moves the finish_md and peer_finish_md from the 'tmp' struct to the handshake struct, renaming to finished and peer_finished in the process. This also allows the remaining S3I(s) references to be removed from the TLSv1.3 client and server. ok inoguchi@ tb@
* Add regress coverage for TLSv1.2 record number increment.jsing2021-03-291-8/+151
|
* Move the TLSv1.2 record number increment into the new record layer.jsing2021-03-293-19/+44
| | | | | | | This adds checks (based on the TLSv1.3 implementation) to ensure that the TLS/DTLS sequence numbers do not wrap, as required by the respective RFCs. ok inoguchi@ tb@
* Prepare to provide EVP_PKEY_new_CMAC_key()tb2021-03-294-20/+84
| | | | | | | sebastia ran into this when attempting to update security/hcxtools. This will be tested via wycheproof.go once the symbol is public. ok jsing, tested by sebastia
* Add a pretty_key_id() which reinserts colons into the hex string.claudio2021-03-295-12/+53
| | | | | This way the AKI and SKI printed in the tests tools look the same as before. Requested by job@, OK job@ tb@
* Fix my email address in copyright lineclaudio2021-03-291-2/+2
|
* -B option not updated about bird1v4 & bird1v6 files; ok jobderaadt2021-03-291-3/+7
|
* combine umb_products and umb_fccauth_devs into one umb_quirks tablesthen2021-03-291-36/+51
| | | | ok gerhard@
* Cleanly teardown and restore emulated device state on vm send/receive.dv2021-03-293-5/+21
| | | | | | | | This cleans up events on a pause or resume, but also fixes an issue where the vm_pipe event channels are not properly reinitialized on a received guest leading to broken serial console. OK pd@, mlarkin@
* Introduce hex_encode() to transform the aki/ski values to a string.claudio2021-03-292-40/+40
| | | | OK tb@
* Fix IA32_EPT_VPID_CAP_XO_TRANSLATIONS specificationdv2021-03-291-2/+2
| | | | | | Per Intel SDM (Vol 3D, App. A.10) bit 0 should be read as a 1 if enabled. From Adam Steen. ok mlarkin@
* Inline x509_get_extensions() and remove ittb2021-03-295-40/+28
| | | | | | | | Since aia, aki and ski are all represented by char *, this is an error-prone interface - as found by job. The function doesn't do much anyway. ok claudio
* Pull up freeing cms in gbr_parse() after its last use to avoid a leaktb2021-03-291-2/+3
| | | | | | on x509_get_extensions() failure. Fix suggested by claudio
* Check all inet_ntop() calls, in case we screw up the parameters somehow wederaadt2021-03-291-9/+15
| | | | | prefer a failure rather than some sort of weird truncation ok claudio
* sort includestb2021-03-291-2/+2
|
* Remove accidental but justified annotationtb2021-03-291-4/+1
|
* spellingsyasuoka2021-03-2924-102/+102
| | | | suggested by jsg
* minor KNF and consistancyderaadt2021-03-293-8/+12
| | | | | (rpki-client is pretty good code, couple hours of audit and I can only find a few minor things)
* improve the naming of some intermediate buffersderaadt2021-03-291-8/+9
|
* 3 additional snprintf() range checks (inconceivable these would everderaadt2021-03-292-8/+16
| | | | | truncate, but if they do, we prefer to know) ok job claudio
* in unsafe_char(), handle %NN with array-index inspection rather than weirdderaadt2021-03-292-4/+4
| | | | | ptr++ ok claudio
* The failure mode of test-tls13-version-negotiation.py has changed.tb2021-03-281-4/+2
| | | | Update comment.
* Since ipw(4) doesn't call into net80211_newstate() the interface link statestsp2021-03-281-1/+13
| | | | | | | | | must be updated by the driver in order to get packets to flow. In case of WPA the link state was updated as a side-effect of a successful WPA handshake. This commit fixes the WEP and plaintext cases. Problem reported and fix tested by Riccardo Mottola.
* Now that the real time and monotonic time streams don'tkrw2021-03-283-22/+22
| | | | | | | cross flip CLOCK_REALTIME to CLOCK_MONOTONIC. Suggested by cheloha@, millert@, otto@ at various stages in the time_t -> timespec conversion.
* Convert remaining timers (lease renew, rebind, expiry) tokrw2021-03-282-54/+60
| | | | | | | | timespec values. Translate from the epoch values in leases to timespec values in one place. Final step to allow CLOCK_REALTIME -> CLOCK_MONOTONIC time accounting for the active lease.
* Add some restrictions to manifest object profilejob2021-03-283-5/+46
| | | | OK tb@, feedback from claudio@
* Fix duplicate SSL_is_dtls in libssl and apps.cinoguchi2021-03-281-1/+3
| | | | | | | | | | Currently, SSL_is_dtls exists in both libssl and apps.c, and one in libssl is guarded by LIBRESSL_INTERNAL and not exposed yet. This causes portable build broke with openssl(1) and optionstest. To solve this temporarily, rename SSL_is_dtls by apps.h. This temporary renaming will be removed when the SSL_is_dtls() is exposed. ok jsing@
* list Dell DW5821e as supported for umb(4)sthen2021-03-281-2/+4
|
* Add vid/pid table to umb(4) allowing matching to alternate configsthen2021-03-281-3/+64
| | | | | | | | | Some devices present multiple configurations and the one chosen by default is not always usable - for example, some have an CDC ECM config that does not work with our cdce(4) - allow overriding to a specific config in those cases. From gerhard@ with tweaks to comments by me, ok patrick@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.