| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
a Content-Length header). HTTP RFC 7231 section 4.3.2.
found by niklas@, claudio@ agrees.
|
| | |
|
| |
|
|
| |
ok kn@
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
This is in the SSL_HANDSHAKE struct and is what we're currently
negotiating, so there is really nothing more "new" about the cipher
than there is the key block or other parts of the handshake data.
ok inoguchi@ tb@
|
| |
|
|
|
|
| |
Move TLSv1.2 specific components over from SSL_HANDSHAKE.
ok inoguchi@ tb@
|
| |
|
|
|
|
|
|
|
| |
Revision 1.29 of wstpad.c has removed the 'maxdist' checks
for multi-finger taps. While this change makes tap detection
more reliable, and does not affect inputs intended for pointer
movement, it might interfere with short scroll gestures.
This version reorganizes the filtering code, and reintroduces
a weaker version of those checks for MT touchpads.
|
| |
|
|
|
|
|
|
| |
It makes clearer which vop functions are real fileystem-implementations and which one are only stubs.
No functional changes are intented.
ok visa@
|
| |
|
|
| |
ok mpi@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
map was the wrong way around. The && prevented an EFAULT error and
could pass userland addresses as kernel source to copyout(9). The
kernel could crash with protection fault due to an invalid offset
when reading /dev/kmem.
Also make the range checks stricter. Not only the start address
must be valid, but also the end address must be within the region
to be copied.
Note that sysctl kern.allowkmem=0 makes the bug unreachable by
default.
OK deraadt@
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Apply new option handling to openssl(1) x509.
To handle incremental order value, using newly added OPTION_ORDER.
I left the descriptions for -CAform, -inform, and -outform as it was,
for now. These description would be fixed.
And digest option handler could be consolidated to one between
some subcommands in the future.
ok and comments from tb@,
and "I'd move forward with your current plan." from jsing@
|
| |
|
|
|
|
|
|
|
|
| |
To handle incremental order value, added new option type OPTION_ORDER.
openssl(1) x509 requires this option handling, since,
- -CA and -signkey require to set both filename and incremental 'num'.
- -dates requires to set two variables in a row, startdate and enddate.
and this couldn't be solved by OPTION_FLAG_ORD.
ok tb@ and "I'd move forward with your current plan." from jsing@
|
| |
|
|
|
|
|
|
|
| |
In order to distinguish tap gestures from short movements, the mechanism
checks whether the distance between the first and the last position of a
touch exceeds the 'maxdist' limit. Some touchpads provide unreliable
coordinates when more than one contact is being made simultaneously, and
in this case the filter may be too strong - and superfluous, because only
one-finger contacts should trigger pointer movement.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
all times, before the device is enabled and after the device is
disabled by wscons.
This was originally needed by umt for the Microsoft Surface Type
Cover to avoid it resetting (or at least detaching and reattaching)
when the touchpad was touched while at the console.
A similar problem occurs with the Pinebook Pro's keyboard when
switching from X to the console due to the touchpad getting
disabled, so add it to ums as well.
with and ok kurt
|
| | |
|
| |
|
|
| |
from kurt
|
| |
|
|
|
| |
comp set), as it is supposed to be hard-linked.
found by Yoshihiro Kawamata
|
| |
|
|
| |
OK sthen@
|
| |
|
|
|
|
| |
changes.
OK sthen@
|
| |
|
|
|
|
|
| |
'enforcesingleikesa'. Fixes an interop problem with strongswan
if make-before-break is enabled.
ok patrick@
|
| |
|
|
| |
ok inoguchi
|
| |
|
|
|
|
|
|
|
|
| |
textual-convention so is sometimes printed as hex dump) to DisplayString
(ascii).
likewise change pfLabelName and pfTblName to SnmpAdminString (UTF-8
textual-convention).
feedback/tweaks (notably pointing out UTF-8)/ok martijn@
|
| |
|
|
| |
consistantly.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
readable output for very long timeouts to prevent overflow.
While here add years and days.
Days might actually show up in normal leases. Years is to catch
"infinity" which is encoded as UINT32_MAX and used by vmd(8).
Previously we would overflow, wrap to negative which then got
transformed to 0s.
Pointed out by Dave Voutila while working on the vmd(8) dhcp code.
|
| |
|
|
|
|
| |
path. These have to be dropped or every subsequent call will cause decrypt
errors. Use a sequence number cookie to keep the systems in sync.
Diff from niklas@ with some minor adjustments by myself.
|
| |
|
|
| |
OK kn@
|
| |
|
|
| |
because it is numerical.
|
| |
|
|
| |
Patch from Josh Rickmar. Ty jrick!
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If ieee80211_input_ba_flush() was called when there was nothing to flush,
the (already pending) gap wait timeout was re-armed.
This is only correct if we flush at least one packet. Otherwise packets
that arrive at a constant rate of about 4-5 packets per second would
extend the gap-wait timeout until the block ack window fills up.
In extreme cases this can result in packets being queued for almost 20s.
Fix this by returning immediately from ieee80211_input_ba_flush() if
the first packet in the reordering buffer is missing.
This prevents the timeout from being re-armed.
Patch by Christian Ehrhardt. Tested by me on iwm(4) 7265.
|
| |
|
|
|
|
|
|
|
| |
ieee80211_input_ba_flush() for updating ba->ba_winend.
Required for an upcoming ieee80211_input_ba_flush() fix.
Patch by Christian Ehrhardt who found one instance of this problem in
ieee80211_input_ba_seq(). I spotted another in ieee80211_ba_move_window().
|
| |
|
|
|
|
|
|
|
|
| |
fork_return() does an additional check to send a SIGTRAP (for a debugger)
but this signal might overwrite the SIGSTOP generated by the parent doing
a PT_ATTACH before the child has a change to execute any instruction.
Prevent a race visible only on SP system with regress/sys/kern/ptrace2.
ok kettenis@
|
| |
|
|
| |
ok visa@
|
| |
|
|
|
|
|
| |
or padded, and hence e. g. the access to the PCI vendor/device id would be
broken. The structs for the other tables all seem to be packed as well.
ok kettenis@
|
| |
|
|
|
|
| |
can be removed. The only thing left to implement for smmu(4) to work
out of the box with PCIe devices is to reserve the PCIe MMIO windows.
Let's see how we can do this properly.
|
| |
|
|
| |
Reported by Ilya Shipitsin
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
typically pass the physical address, however retrieved, to our PCIe
controller code. This physical address can in practise be directly
given to the PCIe, but it is not a given that the CPU and the PCIe
controller are able to use the same physical addresses.
This is even more obvious with an smmu(4) inbetween, which can change
the world view by introducing I/O virtual addresses. Hence for this
it is indeed necessary to map those pages, which thanks to integration
with bus_dma(9) works easily.
For this we remember the PCI devices' DMA tag in the interrupt handle
during the MSI map, so that we can use the smmu(4)-hooked DMA tag to
load the physical address.
While some systems might prefer to implement "trapping" pages for MSIs,
to make sure devices cannot trigger other devices' interrupts, we only
make sure the whole page is mapped.
Having the IOMMU create a mapping for each MSI is a bit wasteful, but
for now it's the simplest way to implement it.
Discussed with and ok kettenis@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Diff from Preben Guldberg < preben at guldberg dot org>, thanks!
In "vmctl status", VMs that are being stopped but are still running
will simply show up as "running".
Give preference to showing the "stopping" state akin to how a paused
VM is handled.
Tested by Dave Voutila
OK tb
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Using the DTB from our dtb package this driver no longer attaches
(on a Pinebook Pro)due to renamed bindings:
https://github.com/torvalds/linux/blob/master/Documentation/devicetree/bindings/power/supply/cw2015_battery.yaml
Thanks to kettenis and patrick for pointing this out.
Follow upstream's rename and acccount for the monitor interval now being
milliseconds not seconds anymore.
This makes cwfg(4) export values under hw.sensors as expected when using
/usr/local/share/dtb/arm64/rockchip/rk3399-pinebook-pro.dtb .
Input patrick kettenis
OK kettenis
|
| |
|
|
|
|
|
|
|
| |
interoperable with BOOTP we should also send packets that have a
minimum size of 300.
I haven't seen a DHCP server that actually enforces this except the
one in vmd(8), but it doesn't cost us much and prevents hair pulling
later on when we find one in the wild.
OK deraadt
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
not able to properly unveil itself because you can request many files
as arguments. At the same time the sender is read-only and uses rpath
pledge() so the gain from unveil() is less of an issue.
On the receiver side all files land in one directory and this part still
uses unveil() to protect rsync to somehow walk out of the destination
directory.
From kristaps@
|
| |
|
|
| |
From kristaps@
|
| |
|
|
|
|
| |
Also the id is a strictly positve integer so this make sense.
Cleanup comments and a spacing while there.
From kristaps@
|
tobhe
tb
benno
jsing
bru
sthen
semarie
krw
bluhm
inoguchi
jcs
deraadt
martijn
lum
florian
claudio
abieber
stsp
mpi
patrick
kn
otto