dtucker [Tue, 31 Oct 2023 04:15:40 +0000 (04:15 +0000)]
Don't try to use sudo inside sshd log wrapper. We still need to
check if we're using sudo since we don't want to chown unecessarily,
as on some platforms this causes an error which pollutes stderr.
We also don't want to unnecessarily invoke sudo, since it's running
in the context of the proxycommand, on *other* platforms it may not
be able to authenticate, and if we're using SUDO then it should
already be privileged.
dtucker [Tue, 31 Oct 2023 02:58:45 +0000 (02:58 +0000)]
Only try to chmod logfile if we have sudo. If we don't have sudo
then we won't need to chmod.
millert [Tue, 31 Oct 2023 01:08:51 +0000 (01:08 +0000)]
Update awk to Oct 30, 2023 version.
This is really just a version number bump as we already have the
fixes committed.
djm [Mon, 30 Oct 2023 23:00:25 +0000 (23:00 +0000)]
move PKCS#11 setup code to test-exec.sh so it can be reused elsewhere
millert [Mon, 30 Oct 2023 22:12:02 +0000 (22:12 +0000)]
This is the OpenBSD version of Awk.
millert [Mon, 30 Oct 2023 17:52:54 +0000 (17:52 +0000)]
Minor cosmetic changes to make our awk match my github branch.
djm [Mon, 30 Oct 2023 17:32:00 +0000 (17:32 +0000)]
tidy and refactor PKCS#11 setup code
Replace the use of a perl script to delete the controlling TTY with a
SSH_ASKPASS script to directly load the PIN.
Move PKCS#11 setup code to functions in anticipation of it being used
elsewhere in additional tests.
Reduce stdout spam
tb [Mon, 30 Oct 2023 17:15:21 +0000 (17:15 +0000)]
Add support for OpenSSL 3.1 interop tests
Until OpenSSL 3.1 has replaced OpenSSL 3.0 on most architectures, run
both tests. Installed packages of OpenSSL 3.0 will update automatically
to 3.1, so regress runners should not need to do anything.
millert [Mon, 30 Oct 2023 16:14:51 +0000 (16:14 +0000)]
Include strings.h for the strncasecmp() prototype.
From upstream.
nicm [Mon, 30 Oct 2023 16:05:30 +0000 (16:05 +0000)]
Do not allow combined UTF-8 characters that are too long, GitHub issue
3729.
bluhm [Mon, 30 Oct 2023 13:27:53 +0000 (13:27 +0000)]
Do not truncate MSG_EOR in recvmsg().
The soreceive() code depends on the fact that MSG_EOR is set on the
last mbuf of the chain. In sbappendcontrol() move MSG_EOR to the
end like sbcompress() does it. This fixes MSG_EOR handling for
SOCK_SEQPACKET sockets with control message.
bug reported by Eric Wong
analysed, tested and OK claudio@
mvs [Mon, 30 Oct 2023 12:50:59 +0000 (12:50 +0000)]
Use KERNEL_ASSERT_UNLOCKED() instead of KASSERT(!_kernel_lock_held()).
The first one defined as the second, so no functional changed.
ok claudio
claudio [Mon, 30 Oct 2023 07:13:10 +0000 (07:13 +0000)]
Use ERESTART for any single_thread_set() error in sys_execve().
If single thread is already held by another thread just unwind to userret()
wait there and retry the system call later (if at all).
OK mpi@
claudio [Mon, 30 Oct 2023 07:04:36 +0000 (07:04 +0000)]
Adjust KERNEL_ASSERT_UNLOCKED() to not assert during a panic.
KERNEL_ASSERT_UNLOCKED calls _kernel_lock_held() which returns true
if panicstr || db_active which triggers this assert. Workaround this by
checking them before.
This will alter the following Syzkaller reports:
Reported-by: syzbot+169110a0815838ab5940@syzkaller.appspotmail.com
Reported-by: syzbot+3c2eced405b9de6f79c2@syzkaller.appspotmail.com
OK mpi@
jmc [Mon, 30 Oct 2023 06:11:04 +0000 (06:11 +0000)]
seperate -> separate;
deraadt [Mon, 30 Oct 2023 01:34:13 +0000 (01:34 +0000)]
make special note, right at the start, that DNS is handled seperately
from regular network. All the crummy pledge clones don't do that.
ok millert
jsg [Mon, 30 Oct 2023 01:02:30 +0000 (01:02 +0000)]
drm/amd/pm: add unique_id for gc 11.0.3
From Kenneth Feng
2a2df4f74f3746b614af686a9cbaa390d3828b09 in linux-6.1.y/6.1.60
4953856f280b2b606089a72a93a1e9212a3adaca in mainline linux
jsg [Mon, 30 Oct 2023 00:59:56 +0000 (00:59 +0000)]
drm: panel-orientation-quirks: Add quirk for One Mix 2S
From Kai Uwe Broulik
c3657e5fa7b6310a485f59ca965d12a618e0c8df in linux-6.1.y/6.1.60
cbb7eb2dbd9472816e42a1b0fdb51af49abbf812 in mainline linux
jsg [Mon, 30 Oct 2023 00:56:47 +0000 (00:56 +0000)]
drm/i915: Retry gtt fault when out of fence registers
From Ville Syrjala
add2eeda1d6e3ead1d61db70e37615e5ef6c5e75 in linux-6.1.y/6.1.60
e339c6d628fe66c9b64bf31040a55770952aec57 in mainline linux
cheloha [Sun, 29 Oct 2023 23:32:52 +0000 (23:32 +0000)]
libc: Makefile.inc: remove "sparc" from quad support list; ok deraadt@
millert [Sun, 29 Oct 2023 23:31:15 +0000 (23:31 +0000)]
Make gnu99 the default for gcc 3.3.6 and 4.2.1, not gnu89.
While these versions of gcc don't have full C99 support, it is
better than defaulting to C89 when building modern software.
OK deraadt@
millert [Sun, 29 Oct 2023 14:26:13 +0000 (14:26 +0000)]
Enable ISO C11 APIs when building libc, even with an older compiler.
Otherwise, the prototypes for timespec_get() and aligned_alloc()
are not visible. OK guenther@
millert [Sun, 29 Oct 2023 14:23:04 +0000 (14:23 +0000)]
Use clock_gettime(), not timespec_get() like other parts of ifconfig.
This makes is possible to build the base system with a C99 compiler.
OK deraadt@ mvs@
tb [Sun, 29 Oct 2023 13:22:37 +0000 (13:22 +0000)]
Fix an error exit in X509v3_addr_validate_path()
If the topmost cert is invalid, this should result in a validation failure.
Do the same dance as elsewhere permitting the verify callback to intercept
the error but ensuring that we throw an error.
ok jsing
kn [Sun, 29 Oct 2023 11:27:11 +0000 (11:27 +0000)]
Unmention/don't explain SSL, drop 9y old "ssl" keyword/deprecation warning
Switch "ssl" to "tls" in relayd.conf(5) if you haven't done so in the last
ten years, "ssl" is now an error.
Say "TLS" not "SSL/TLS" and drop the primer in the TLS RELAYS section.
OK benno
martijn [Sun, 29 Oct 2023 11:26:12 +0000 (11:26 +0000)]
Add a few tests to make sure that getnext requests on/under a registered
instance with a registered region above cause a recursion in the tree.
martijn [Sun, 29 Oct 2023 11:20:06 +0000 (11:20 +0000)]
When doing a get{next,bulk} below an instance we must move the OID to
the next sibling. Not simply copying over the value of the next to use
region, since that might be the parent and we would walk backwards in
the tree.
OK tb@
martijn [Sun, 29 Oct 2023 11:15:09 +0000 (11:15 +0000)]
Add a regress test to make sure that agentx responses equal to
searchrange.end are rejected.
martijn [Sun, 29 Oct 2023 11:12:57 +0000 (11:12 +0000)]
searchrange.end is non-inclusive. Adjust the tests for that.
OK tb@
martijn [Sun, 29 Oct 2023 11:10:07 +0000 (11:10 +0000)]
Add a test to the end of agentx_varbind_finalize(), after completing the
full OID, that checks if we're >= searchrange.end. If so, just make it
an endOfMIBView.
OK tb@
dtucker [Sun, 29 Oct 2023 06:22:07 +0000 (06:22 +0000)]
Only try to chown logfiles that exist to prevent spurious errors.
millert [Sat, 28 Oct 2023 22:38:22 +0000 (22:38 +0000)]
substr: fix buffer overflow with utf-8 strings
We need to use u8_strlen(), not strlen(), to compute the length.
Otherwise, there may be an out of bounds write when writing the NUL
terminator to set the length of the substring.
https://github.com/onetrueawk/awk/pull/205
millert [Sat, 28 Oct 2023 00:25:18 +0000 (00:25 +0000)]
Back out change to make the default -std=gnu99 for now.
There has been some unexpected fallout. Requested by deraadt@.
jan [Fri, 27 Oct 2023 20:56:47 +0000 (20:56 +0000)]
Forward TCP LRO disabling to parent devices.
Also disable TCP LRO on bridged vlan(4) and default for bpe(4), nvgre(4) and
vxlan(4).
ok bluhm@
mpi [Fri, 27 Oct 2023 19:18:53 +0000 (19:18 +0000)]
Make out-of-swap checks more robust.
Consider that the swap space is full when 99% of it is filled with pages that
are no longer present in memory. This prevents deadlocks when out-of-swap if
some swap ranges had I/O errors and have been marked as 'bad', or if some
pages are unreachable by the pagedaemon and still holding some slots.
Also introduce uvm_swapisfilled() to check if there are some free slots in
the swap. Note that we consider the swap space completly filled if it is not
possible to write a full cluster. This prevents deadlocks if a few slots are
never allocated.
ok miod@
mpi [Fri, 27 Oct 2023 19:13:51 +0000 (19:13 +0000)]
Do not decrement the swap counter if the anon is associated to a "bad" slot.
When such anon is freed its content is obviously not living in swap.
ok miod@
claudio [Fri, 27 Oct 2023 14:22:43 +0000 (14:22 +0000)]
Simplify the handling of optparamlen and RFC9072 support.
Use the ibuf_size() of the optional params (opb) when writing the various
headers. Only use optparamlen to write the Opt Parm Len field of the OPEN
message. Since there the size could be forced to 255 in case of a RFC9072
exended header. Also use size_t for optparamlen since the new ibuf API
no longer depends on using the right sized type.
OK tb@
martijn [Fri, 27 Oct 2023 10:32:11 +0000 (10:32 +0000)]
If an invalid varbindlist was returned by a backend we would call
appl_request_upstream_resolve() twice where the first call would already
return a reply and free the upstream request, leading to a use after
free.
Make appl_request_downstream_free() call appl_request_upstream_resolve()
unconditionally and remove the call from appl_response().
OK tb@
martijn [Fri, 27 Oct 2023 10:26:20 +0000 (10:26 +0000)]
Add a test that would cause a use after free previously by sending a
protocol error-ed message and immediately followed up by a connection
close.
OK tb@
martijn [Fri, 27 Oct 2023 10:23:58 +0000 (10:23 +0000)]
Use event_add(), instead of calling appl_agentx_send() directly. If an
error occurs the connection will be freed and if the caller uses the
connection afterwards it will lead to a use after free.
OK tb@
claudio [Fri, 27 Oct 2023 09:40:27 +0000 (09:40 +0000)]
The holdtime is added to the ibuf with ibuf_add_n16() so no need to
htons() the value before.
OK tb@
anton [Fri, 27 Oct 2023 07:33:06 +0000 (07:33 +0000)]
Include wait(2) status in error message, in the hopes of providing clues
on why this occasionally fails.
naddy [Thu, 26 Oct 2023 21:30:52 +0000 (21:30 +0000)]
sync
naddy [Thu, 26 Oct 2023 19:28:30 +0000 (19:28 +0000)]
do not create /usr/local/share/nls and subdirectories by default
The share/nls/<locale> paths are unused.
ok miod@ deraadt@
anton [Thu, 26 Oct 2023 18:52:45 +0000 (18:52 +0000)]
make use of bsd.regress.mk in extra and interop targets; ok dtucker@
millert [Thu, 26 Oct 2023 18:46:42 +0000 (18:46 +0000)]
Fix a typo spotted by miod@.
otto [Thu, 26 Oct 2023 17:59:16 +0000 (17:59 +0000)]
A few micro-optimizations; ok asou@
millert [Thu, 26 Oct 2023 17:33:35 +0000 (17:33 +0000)]
Make gnu99 the default for gcc 3.3.6 and 4.2.1, not gnu89.
While these versions of gcc don't have full C99 support, it is
better than defaulting to C89 when building modern software.
OK deraadt@
deraadt [Thu, 26 Oct 2023 17:13:50 +0000 (17:13 +0000)]
the dependency should have been moved down
deraadt [Thu, 26 Oct 2023 16:26:01 +0000 (16:26 +0000)]
whitespace cleanup my fingers couldn't avoid doing while i was re-reading
the parsing code
deraadt [Thu, 26 Oct 2023 14:34:15 +0000 (14:34 +0000)]
delete incorrect dependency
deraadt [Thu, 26 Oct 2023 14:29:13 +0000 (14:29 +0000)]
install CDs now available. (these are EFI-only)
deraadt [Thu, 26 Oct 2023 14:27:01 +0000 (14:27 +0000)]
construct EFI bootable cdXX.iso and instalXX.iso files
jsg [Thu, 26 Oct 2023 14:13:37 +0000 (14:13 +0000)]
add cd9660
jsg [Thu, 26 Oct 2023 14:08:48 +0000 (14:08 +0000)]
make efi_getdisklabel_cd9660() handle a block size of 512 and simplify
ok yasuoka@
dtucker [Thu, 26 Oct 2023 12:44:07 +0000 (12:44 +0000)]
Skip conch interop tests when not enabled instead of fatal.
tb [Thu, 26 Oct 2023 09:08:57 +0000 (09:08 +0000)]
Tidy includes
tb [Thu, 26 Oct 2023 08:01:56 +0000 (08:01 +0000)]
Hide X509_ALGOR_set_md() for LIBRESSL_INTERNAL
tb [Thu, 26 Oct 2023 08:01:38 +0000 (08:01 +0000)]
Provide prototype for X509_ALGOR_set_md()
Once we remove X509_ALGOR_set_md() we can link this test statically and use
X509_ALGOR_set_evp_md() but for now make sure the documented workaround for
this garbage API works.
tb [Thu, 26 Oct 2023 07:57:54 +0000 (07:57 +0000)]
Rework the MD setting in the RSA ASN.1 method
This streamlines the code to use safer idioms, do proper error checking
and be slightly less convoluted. Sprinkle a few references to RFC 8017
and explain better what we are doing and why. Clarify ownership and use
more consistent style.
This removes the last internal use of X509_ALGOR_set_md().
ok jsing
bluhm [Wed, 25 Oct 2023 20:05:43 +0000 (20:05 +0000)]
Fix unveil(2) in patch(1) with explicit patchfile.
A backup file should be created in the directory of the original
file, but only the current directory was unveiled. Then the patched
file was created in /tmp and did not replace the original patchfile
in place. If a patchfile is passed in argv[0], unveil its directory
instead of current directory.
OK florian@ deraadt@ millert@
deraadt [Wed, 25 Oct 2023 15:51:45 +0000 (15:51 +0000)]
typo; from katagawa gmail
dv [Wed, 25 Oct 2023 12:44:28 +0000 (12:44 +0000)]
vmd(8): stop toggling irq deassert for edge triggered devs.
For edge-triggered devices, there's no need to deassert an irq given
how vmd(8) emulates a pic. Deassertion grabs a lock and can trigger
the ioctl for toggling pending interrupts causing a race condition.
This results in a storm of vm-exits and guest vcpu becoming
unresponsive.
The original sign of this issue is guest "pauses" when pasting text
into a serial console connection in something like xterm(1).
Tested by mbuhl@, cheloha@, sashan@, kn@, and mlarkin@.
"go for it", mlarkin@
espie [Wed, 25 Oct 2023 11:14:42 +0000 (11:14 +0000)]
okay, that one ought to work.
Recognize + only right before =
mvs [Wed, 25 Oct 2023 09:36:47 +0000 (09:36 +0000)]
Make `vscsi_filtops' mpsafe. filt_vscsiread() checks `sc_ccb_i2t'
protected by `sc_state_mtx' mutex(9), so use it to protect `sc_klist'
knotes list too.
ok claudio
anton [Wed, 25 Oct 2023 08:01:59 +0000 (08:01 +0000)]
ssh conch interop tests requires a controlling terminal; ok dtucker@
dtucker [Wed, 25 Oct 2023 05:38:08 +0000 (05:38 +0000)]
Import regenerated moduli.
deraadt [Wed, 25 Oct 2023 00:21:02 +0000 (00:21 +0000)]
sync
schwarze [Tue, 24 Oct 2023 20:30:49 +0000 (20:30 +0000)]
Implement the man(7) .MR macro, a 2023 GNU extension.
The syntax and semantics is almost identical to mdoc(7) .Xr.
This will be needed for reading the groff manual pages once our port
will be updated to 1.23, and the Linux Manual Pages Project is also
determined to start using it sooner or later. I did not advocate for
this new macro, but since we want to remain able to read all manual
pages found in the wild, there is little choice but to support it.
At least it is easy to do, they basically copied .Xr.
martijn [Tue, 24 Oct 2023 18:27:26 +0000 (18:27 +0000)]
Make hrSWRunPath use argv[0], instead of p_comm. hrSWRunName is supposed
to be a descriptive name, where hrSWRunPath should give the full path to
the binary. While argv[0] can contain any of a simple binary name, the
full path, or a custom name given by the application itself, it gives us
the option to retrieve both pieces of information. This is also the
same distinction made by netsnmp.
This also keeps the default command column from top(1) and snmptop in
sync, and now allows for identical output in the column between `top -C`
and `snmptop -Cpa`
OK tb@
martijn [Tue, 24 Oct 2023 18:16:05 +0000 (18:16 +0000)]
Add support for HOST-RESOURCES-MIB:hrSWRunPerfTable by adding
hrSWRunPerfCPU and hrSWRunPerfMem. This allows snmptop to work with
snmpd(8). Math copied from top(1).
OK tb@
naddy [Tue, 24 Oct 2023 18:03:53 +0000 (18:03 +0000)]
add fallback IPv6 address for ftplist1.openbsd.org; ok phessler@
martijn [Tue, 24 Oct 2023 14:34:40 +0000 (14:34 +0000)]
Add a new regression framework for snmpd.
There are still many test cases left to write, so leave snmpd.sh in place
to test for cases not yet implemented by the new code.
martijn [Tue, 24 Oct 2023 14:21:58 +0000 (14:21 +0000)]
FC3416 section 4.2.1 (and others) tells us that if an error occurs the
varbindlist in the response must be identical to the original request.
OK tb@
martijn [Tue, 24 Oct 2023 14:19:44 +0000 (14:19 +0000)]
Certain error codes are only intended for certain request-types. Add an
appl_error_valid() function to test for this.
OK tb@
martijn [Tue, 24 Oct 2023 14:17:20 +0000 (14:17 +0000)]
If a backend registers as an instance it must never return OIDs below
their registration. Add a test for this in appl_varbind_valid().
OK and minor nit tb@
martijn [Tue, 24 Oct 2023 14:11:14 +0000 (14:11 +0000)]
set ab_range explicitly to 1 for appl_agentx_session instead of relying
on malloc random garbage.
OK tb@
martijn [Tue, 24 Oct 2023 14:06:00 +0000 (14:06 +0000)]
When returning an endOfMibView we must always set it on the requested OID.
OK tb@
claudio [Tue, 24 Oct 2023 14:05:23 +0000 (14:05 +0000)]
Require callers to use ibuf_fd_get() to extract the passed fd from an ibuf.
In imsg_free() close any fd that was not claimed automatically to prevent
filedescriptor leaks. In ibuf_dequeue() remvoe code which is now part of
imsg_free().
OK tb@
martijn [Tue, 24 Oct 2023 14:02:52 +0000 (14:02 +0000)]
When opening 2 sessions on an agentx connection and registering 2
overlapping regions on the different sessions, e.g. by differing in
priority and we close the underlying connection with an outstanding
request to the dominant region we will call appl_agentx_free(), which
sequentially closes all sessions. If the session with the outstanding
request is closed before the second session the request is retried
before said session is cleaned up and it will try to send it over a
conn_ax which at that point has been set to NULL, resulting in a
SIGSEGV.
Simply return early and let this second request be cancelled by the
cleanup of the second session.
OK tb@
fcambus [Tue, 24 Oct 2023 13:52:49 +0000 (13:52 +0000)]
Remove bold8x16 font.
Since we have imported the IBM encoded version of "Spleen 8x16" as a
replacement, there is no reason to keep it anymore.
OK miod@
martijn [Tue, 24 Oct 2023 13:50:47 +0000 (13:50 +0000)]
Fix appl_unregister() when called with range_subid set to !0.
OK tb@
martijn [Tue, 24 Oct 2023 13:46:11 +0000 (13:46 +0000)]
Fix appl_register() when called with range_subid set to !0.
OK tb@
martijn [Tue, 24 Oct 2023 13:41:16 +0000 (13:41 +0000)]
RFC2741 section 6.2.2 says that reasonByManager can only be used by the
agentx master. Treat this reason as a parseerror.
OK tb@
martijn [Tue, 24 Oct 2023 13:37:02 +0000 (13:37 +0000)]
appl_agentx_free() closes any open sessions before freeing everything up.
Up until now all sessions were closed with reasonShutdown, which is not
accurate for every situation. Give it an additional reason argument that
propagates to appl_agentx_forceclose().
OK tb@
naddy [Tue, 24 Oct 2023 13:28:43 +0000 (13:28 +0000)]
revert Subst.pm r1.24 again, it breaks package creation
'+' is a widely used character in LIBxxx_VERSION, e.g. LIBFLAC++_VERSION.
Making it illegal breaks numerous packages.
martijn [Tue, 24 Oct 2023 13:28:11 +0000 (13:28 +0000)]
Always check if the context is available inside appl_agentx_recv().
Not every PDU goes through application.c.
OK tb@
claudio [Tue, 24 Oct 2023 13:20:09 +0000 (13:20 +0000)]
Normally context switches happen in mi_switch() but there are 3 cases
where a switch happens outside. Cleanup these code paths and make the
machine independent.
- when a process forks (fork, tfork, kthread), the new proc needs to
somehow be scheduled for the first time. This is done by proc_trampoline.
Since proc_trampoline is machine dependent assembler code change
the MP specific proc_trampoline_mp() to proc_trampoline_mi() and make
sure it is now always called.
- cpu_hatch: when booting APs the code needs to jump to the first proc
running on that CPU. This should be the idle thread for that CPU.
- sched_exit: when a proc exits it needs to switch away from itself and
then instruct the reaper to clean up the rest. This is done by switching
to the idle loop.
Since the last two cases require a context switch to the idle proc factor
out the common code to sched_toidle() and use it in those places.
Tested by many on all archs.
OK miod@ mpi@ cheloha@
tb [Tue, 24 Oct 2023 13:09:54 +0000 (13:09 +0000)]
Add chacha aliases for OpenSSL compatibility
OpenSSL has the 20 in the long and short names, so add aliases to the
existing names to make things work. In particular, EVP_get_cipherbyname()
will now return EVP_chacha20() for both 'ChaCha20' and 'chacha20'.
Found by Facundo Tuesca when trying to add LibreSSL support for ChaCha20 in
https://github.com/pyca/cryptography/pull/9209
ok jsing
martijn [Tue, 24 Oct 2023 12:57:40 +0000 (12:57 +0000)]
Verify if supplied AgentX PDU header flags are valid for given PDU type
inside appl_agentx_recv().
While here clean up the logging a bit.
OK tb@
op [Tue, 24 Oct 2023 10:26:02 +0000 (10:26 +0000)]
call vttidy() in the exit path for the batch mode
Diff by Mark Willson (mark [at] hydrus.org.uk), thank you!
jsg [Tue, 24 Oct 2023 10:12:09 +0000 (10:12 +0000)]
revert rev 1.19 'drm/radeon: Fix eDP for single-display iMac11,2'
mglocker@ reports this caused the screen to stay black on iMac11,2 when
radeondrm takes over
mpi [Tue, 24 Oct 2023 10:00:22 +0000 (10:00 +0000)]
Merge two equivalent if blocks.
No functional change, ok tb@
jmatthew [Tue, 24 Oct 2023 09:13:22 +0000 (09:13 +0000)]
Delete any existing v4 address before setting a new one. This allows us
to keep a working default route when the address changes.
ok dlg@ kn@
martijn [Tue, 24 Oct 2023 09:00:53 +0000 (09:00 +0000)]
RFC2741 section 7.1.1 tells us that if a pdu can't be parsed we must
return a parseerror. Make sure we can differentiate between parseerror and
openfailed.
OK tb@
martijn [Tue, 24 Oct 2023 08:54:52 +0000 (08:54 +0000)]
According to RFC2741 section 6.1.1 an agentx-response-pdu shouldn't have
the NON_DEFAULT_CONTEXT set. Remove the argument from ax_response().
OK tb@
martijn [Tue, 24 Oct 2023 08:48:41 +0000 (08:48 +0000)]
Make sure that unpacking of an AgentX OID doesn't contain more than 128
elements.
OK tb@
martijn [Tue, 24 Oct 2023 08:41:20 +0000 (08:41 +0000)]
Remove filter-pf-addresses. This feature has been deprecated since 7.2 in
favour of 'blocklist pfTblAddrTable'.
OK tb@
schwarze [Mon, 23 Oct 2023 22:57:51 +0000 (22:57 +0000)]
Remove the statement that .TQ was "rarely used even in GNU manual pages".
It appears the Linux Manual Pages project started to quite aggressively
use .TQ ever for cases where it not only provides no value, but makes
formatting worse even when it formats as intended. It's also a bad idea
to use it that aggressively because .TQ has particularly catastrophic
formatting behaviour on formatters (other than groff and mandoc) that do
not support it: It essentially has the effect of omitting the topic of
the discussion from the formatted version of the manual page, but in
such a way that it does not become apparent to the reader that anything
is missing.
But whether this is wise or stupid is their problem and none of our
business. Either way, we should not call a thing "rarely used"
after that is no longer true.
Thanks to Alejandro Colomar <alx at kernel org org>
for making me aware that the statement is no longer true.
bluhm [Mon, 23 Oct 2023 21:59:00 +0000 (21:59 +0000)]
Do not print "retrieving revision 1.13" while doing cvs diff.
Provide shorter diffs without unnecessary debugging output.
Note that this affects cvs installed on the server side.
OK deraadt@