jsg [Thu, 19 Sep 2024 04:11:20 +0000 (04:11 +0000)]
drm: panel-orientation-quirks: Add quirk for Ayn Loki Zero
From Bouke Sybren Haarsma
7d42d19973cbe1fa30b6f2aad7d06189ec0ef2e8 in linux-6.6.y/6.6.52
b86aa4140f6a8f01f35bfb05af60e01a55b48803 in mainline linux
jsg [Thu, 19 Sep 2024 01:05:48 +0000 (01:05 +0000)]
correct indentation
tb [Wed, 18 Sep 2024 19:12:37 +0000 (19:12 +0000)]
Enable large number of extension tests and stop skippking QUIC transport
parameter extension which we now know about
millert [Wed, 18 Sep 2024 17:05:50 +0000 (17:05 +0000)]
zic: cherrypick support for %z in time zone formats
This extends the zic input format to add support for %z, which
expands to a UTC offset in as-short-as-possible ISO 8601 format.
It's intended to better support zones that do not have an established
abbreviation already. tzdata2024b and higher require a version of
zic that supports the %z format. From upstream tzcode. OK beck@
jsg [Wed, 18 Sep 2024 14:29:10 +0000 (14:29 +0000)]
move common lines to mi
deraadt [Wed, 18 Sep 2024 11:29:55 +0000 (11:29 +0000)]
back to previous plan
job [Wed, 18 Sep 2024 10:22:36 +0000 (10:22 +0000)]
Fix a memory leak
Found by Martin Cracauer
"look right" tb@
jsg [Wed, 18 Sep 2024 05:21:19 +0000 (05:21 +0000)]
remove unneeded semicolons after switch statements
deraadt [Wed, 18 Sep 2024 02:43:54 +0000 (02:43 +0000)]
adjust date
jmatthew [Wed, 18 Sep 2024 00:03:19 +0000 (00:03 +0000)]
Remove the MSI blacklist. Now that we use MSI-X interrupts for nvme(4),
the one device we ever found that needed this treatment, the obsolete Intel
Optane Memory series, doesn't need it any more.
ok kettenis@ dlg@
jsg [Tue, 17 Sep 2024 13:45:49 +0000 (13:45 +0000)]
disable POOL_DEBUG for release
ok deraadt@
deraadt [Tue, 17 Sep 2024 13:39:17 +0000 (13:39 +0000)]
head into release
deraadt [Tue, 17 Sep 2024 12:53:15 +0000 (12:53 +0000)]
getdents(2) was pushed into rpath because it exposes pathname
information, similar to getcwd(2). Move it to the right place, and
also say why.
report from henryfordkjv@gmail.com
jsg [Tue, 17 Sep 2024 10:19:54 +0000 (10:19 +0000)]
update install.md path
jsg [Tue, 17 Sep 2024 10:13:50 +0000 (10:13 +0000)]
update list file paths
sf [Tue, 17 Sep 2024 09:00:14 +0000 (09:00 +0000)]
vio: Reduce code duplication in control queue handling
Pull the common parts of all the control queue operations into separate
functions.
While there, avoid setting sc_ctrl_inuse FREE if it was RESET, except in
vio_stop. Doing so could lead to more race conditions.
ok bluhm@
tb [Tue, 17 Sep 2024 08:47:37 +0000 (08:47 +0000)]
tlsfuzzer: add a start-server convenience target for interactive testing
tb [Tue, 17 Sep 2024 06:12:06 +0000 (06:12 +0000)]
Replace OpenSSL 3.1 (which no longer is in ports) with 3.3
jsg [Tue, 17 Sep 2024 04:12:57 +0000 (04:12 +0000)]
spelling
bluhm [Mon, 16 Sep 2024 22:30:01 +0000 (22:30 +0000)]
Mention psp(4) in vm.conf(5) man page.
from hshoexer@; OK mlarkin@
bluhm [Mon, 16 Sep 2024 22:15:43 +0000 (22:15 +0000)]
Document ioctl(2) interface provided by psp(4) device.
from hshoexer@; OK mlarkin@
nicm [Mon, 16 Sep 2024 20:46:58 +0000 (20:46 +0000)]
Add copy mode commands which were missed when descriptions were added,
from Julian Prein, GitHub issue 4121.
nicm [Mon, 16 Sep 2024 20:38:48 +0000 (20:38 +0000)]
Change the behaviour of extended-keys always slightly so that
applications can still enter mode 2 if they want, they just cannot turn
extended keys off entirely. From Stanislav Kljuhhin.
nicm [Mon, 16 Sep 2024 20:28:22 +0000 (20:28 +0000)]
Add a prefix timeout option, from Conor Taylor in GitHub issue 4108.
florian [Mon, 16 Sep 2024 07:34:49 +0000 (07:34 +0000)]
Close correct file descriptor.
Instead of closing the just received UDP socket we closed the imsg fd
thus cleanly shutting down dhcpleased(8).
Problem triggered by sf@ with something like
while :; do ifconfig vio0 -inet; done
while :; do ifconfig vio0 inet autoconf; done
The problem triggers when dhcpleased configured a lease and in just
the right moment the autoconf flag gets removed. The main process
opens a udp socket and sends it to the frontend. At the same time the
frontend learned (from the route socket), that the interface lost its
autoconf flag. When the frontend then receives the udp socket via fd
passing it tries to close it. Due to a typo it would instead close the
imsg file descriptor.
Found by me after lots of head scratching.
OK tb
djm [Mon, 16 Sep 2024 05:37:05 +0000 (05:37 +0000)]
use 64 bit math to avoid signed underflow. upstream code relies on
using -fwrapv to provide defined over/underflow behaviour, but we use
-ftrapv to catch integer errors and abort the program. ok dtucker@
deraadt [Sun, 15 Sep 2024 23:13:19 +0000 (23:13 +0000)]
Invalid pintables in ELF binaries can crash the kernel.
Fix from yufeng.gao@uq.edu.au
kn [Sun, 15 Sep 2024 19:39:26 +0000 (19:39 +0000)]
Document when vmd(8) VMs are stopped; OK mlarkin
Useful to know in setups where pkg daemons and VMs depend on each other.
yasuoka [Sun, 15 Sep 2024 11:08:50 +0000 (11:08 +0000)]
Add handling of "Class" attribute. diff from markus
ok markus
jmc [Sun, 15 Sep 2024 08:27:38 +0000 (08:27 +0000)]
minor grammar/sort fixes for refuseconnection; ok djm
jsg [Sun, 15 Sep 2024 07:14:58 +0000 (07:14 +0000)]
remove unused variables
jsg [Sun, 15 Sep 2024 05:49:05 +0000 (05:49 +0000)]
__STDC_VERSION__ not __STDC_VERSION; ok miod@
yasuoka [Sun, 15 Sep 2024 05:31:23 +0000 (05:31 +0000)]
Improve the log messages and white spaces.
yasuoka [Sun, 15 Sep 2024 05:29:11 +0000 (05:29 +0000)]
Keep the number of requests for a DAE server below 64 to avoid
congestion.
yasuoka [Sun, 15 Sep 2024 05:26:05 +0000 (05:26 +0000)]
Add "delete" command to "radiusctl ipcp". Also, send "stop" that was
missing when disconnecting all when acct-{on,off} received.
yasuoka [Sun, 15 Sep 2024 05:14:32 +0000 (05:14 +0000)]
Handle EAGAIN properly and fix the log when disconnected.
djm [Sun, 15 Sep 2024 03:09:44 +0000 (03:09 +0000)]
bad whitespace in config dump output
djm [Sun, 15 Sep 2024 02:20:51 +0000 (02:20 +0000)]
update the Streamlined NTRU Prime code from the "ref" implementation
in SUPERCOP
20201130 to the "compact" implementation in SUPERCOP
20240808. The new version is substantially faster.
Thanks to Daniel J Bernstein for pointing out the new implementation
(and of course for writing it).
tested in snaps/ok deraadt@
djm [Sun, 15 Sep 2024 01:19:56 +0000 (01:19 +0000)]
document Match invalid-user
djm [Sun, 15 Sep 2024 01:18:26 +0000 (01:18 +0000)]
add a "Match invalid-user" predicate to sshd_config Match options.
This allows writing Match conditions that trigger for invalid username.
E.g.
PerSourcePenalties refuseconnection:90s
Match invalid-user
RefuseConnection yes
Will effectively penalise bots try to guess passwords for bogus accounts,
at the cost of implicitly revealing which accounts are invalid.
feedback markus@
djm [Sun, 15 Sep 2024 01:11:26 +0000 (01:11 +0000)]
Add a "refuseconnection" penalty class to sshd_config
PerSourcePenalties
This allows penalising connection sources that have had connections
dropped by the RefuseConnection option. ok markus@
djm [Sun, 15 Sep 2024 01:09:40 +0000 (01:09 +0000)]
Add a sshd_config "RefuseConnection" option
If set, this will terminate the connection at the first authentication
request (this is the earliest we can evaluate sshd_config Match blocks)
ok markus@
djm [Sun, 15 Sep 2024 00:58:01 +0000 (00:58 +0000)]
switch sshd_config Match processing to the argv tokeniser too;
ok markus@
djm [Sun, 15 Sep 2024 00:57:36 +0000 (00:57 +0000)]
switch "Match" directive processing over to the argv string
tokeniser, making it possible to use shell-like quoting in Match
directives, particularly "Match exec". ok markus@
djm [Sun, 15 Sep 2024 00:47:01 +0000 (00:47 +0000)]
include pathname in some of the ssh-keygen passphrase prompts. Helps
the user know what's going on when ssh-keygen is invoked via other
tools. Requested in GHPR503
djm [Sun, 15 Sep 2024 00:41:18 +0000 (00:41 +0000)]
Do not apply authorized_keys options when signature verification
fails. Prevents restrictive key options being incorrectly applied
to subsequent keys in authorized_keys. bz3733, ok markus@
schwarze [Sat, 14 Sep 2024 20:15:24 +0000 (20:15 +0000)]
Drop the "Giant panda discovered" entry because it looks like
half-way between misleadingly eurocentric and urban legend.
It was so obviously suspect that it had already been marked "(?!)"
since at least 4.3BSD-Tahoe (June 1988).
Brought up by <Rob dot Schmersel at bahnhof dot se>,
additional research by <me at FletcherPorter dot com>,
see https://marc.info/?l=openbsd-bugs&m=
172634202204747 for details.
jsg [Sat, 14 Sep 2024 11:06:48 +0000 (11:06 +0000)]
vxlan.h not needed
jsg [Sat, 14 Sep 2024 09:21:13 +0000 (09:21 +0000)]
pvclock.h not needed
jsg [Sat, 14 Sep 2024 09:00:16 +0000 (09:00 +0000)]
ccp.h no longer required
tb [Sat, 14 Sep 2024 07:11:34 +0000 (07:11 +0000)]
tlsfuzzer: grammar fix missed in previous
kn [Fri, 13 Sep 2024 20:19:50 +0000 (20:19 +0000)]
rectify comment about syncing trace points letters, kdump usage has none
kdump.c r1.138 in 2019 dropped the letters list in favour of [-t trstr].
jmatthew [Fri, 13 Sep 2024 09:57:34 +0000 (09:57 +0000)]
Add sensors based on information in the SMART/health log page,
showing overall device health and temperature.
tested by many (a while ago)
tweaks from gkoehler@ kettenis@ dv@
ok kettenis@ jca@ (earlier version), dlg@
tb [Fri, 13 Sep 2024 05:58:17 +0000 (05:58 +0000)]
typo: troups -> groups
jsg [Thu, 12 Sep 2024 23:54:17 +0000 (23:54 +0000)]
drm/i915/fence: Mark debug_fence_free() with __maybe_unused
From Andy Shevchenko
60d54a45dbbbac8af9f3352042bd30b527995aef in linux-6.6.y/6.6.51
f99999536128b14b5d765a9982763b5134efdd79 in mainline linux
jsg [Thu, 12 Sep 2024 23:52:33 +0000 (23:52 +0000)]
drm/i915/fence: Mark debug_fence_init_onstack() with __maybe_unused
From Andy Shevchenko
a65ebba8733727ffd9d0de78899ea6ef1791ebc7 in linux-6.6.y/6.6.51
fcd9e8afd546f6ced378d078345a89bf346d065e in mainline linux
jsg [Thu, 12 Sep 2024 23:50:02 +0000 (23:50 +0000)]
drm/amdgpu: handle gfx12 in amdgpu_display_verify_sizes
From Marek Olsak
302ba299c31e0de54cea431ac1d281dbab7fd0b5 in linux-6.6.y/6.6.51
8dd1426e2c80e32ac1995007330c8f95ffa28ebb in mainline linux
jsg [Thu, 12 Sep 2024 23:45:02 +0000 (23:45 +0000)]
drm/amd: Add gfx12 swizzle mode defs
From Aurabindo Pillai
5f2a2bf25395f50b1b2cb7c04ae2d5986520be5f in linux-6.6.y/6.6.51
7ceb94e87bffff7c12b61eb29749e1d8ac976896 in mainline linux
jsg [Thu, 12 Sep 2024 23:42:34 +0000 (23:42 +0000)]
drm/amdgpu: reject gang submit on reserved VMIDs
From Christian Koenig
6922ab2932622dbc638620aae0e2f6b8eb22940c in linux-6.6.y/6.6.51
320debca1ba3a81c87247eac84eff976ead09ee0 in mainline linux
jsg [Thu, 12 Sep 2024 23:39:51 +0000 (23:39 +0000)]
drm/amdgpu: Set no_hw_access when VF request full GPU fails
From Yifan Zha
077c7e5fee4b4b3fea29fd3a951a6b01f2802d9e in linux-6.6.y/6.6.51
33f23fc3155b13c4a96d94a0a22dc26db767440b in mainline linux
jsg [Thu, 12 Sep 2024 23:38:36 +0000 (23:38 +0000)]
drm/amdgpu: check for LINEAR_ALIGNED correctly in check_tiling_flags_gfx6
From Marek Olsak
9a41def4c48f92d386fdadc332a91c379257aa6a in linux-6.6.y/6.6.51
11317d2963fa79767cd7c6231a00a9d77f2e0f54 in mainline linux
jsg [Thu, 12 Sep 2024 23:36:35 +0000 (23:36 +0000)]
drm/amd/display: Check denominator pbn_div before used
From Alex Hung
dfafee0a7b51c7c9612edd2d991401294964d02f in linux-6.6.y/6.6.51
116a678f3a9abc24f5c9d2525b7393d18d9eb58e in mainline linux
jsg [Thu, 12 Sep 2024 23:34:57 +0000 (23:34 +0000)]
drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts
From Danijel Slivka
2521ba3cfa1d1c541e1ba1a32d1b43ad5a8e412f in linux-6.6.y/6.6.51
afbf7955ff01e952dbdd465fa25a2ba92d00291c in mainline linux
jsg [Thu, 12 Sep 2024 23:32:30 +0000 (23:32 +0000)]
drm/amdgpu: Fix smatch static checker warning
From Hawking Zhang
8bc7b3ce33e64c74211ed17aec823fc4e523426a in linux-6.6.y/6.6.51
bdbdc7cecd00305dc844a361f9883d3a21022027 in mainline linux
jsg [Thu, 12 Sep 2024 23:31:07 +0000 (23:31 +0000)]
drm/amd/display: Check HDCP returned status
From Alex Hung
1bd1fe1109fcd9213494283b01d9421f58e0b6c5 in linux-6.6.y/6.6.51
5d93060d430b359e16e7c555c8f151ead1ac614b in mainline linux
jsg [Thu, 12 Sep 2024 23:28:44 +0000 (23:28 +0000)]
drm/amd/display: Run DC_LOG_DC after checking link->link_enc
From Alex Hung
874e3bb302f97b94ac548959ec4f925b8e7b45e2 in linux-6.6.y/6.6.51
3a82f62b0d9d7687eac47603bb6cd14a50fa718b in mainline linux
jsg [Thu, 12 Sep 2024 23:26:26 +0000 (23:26 +0000)]
drm/i915: Do not attempt to load the GSC multiple times
From Daniele Ceraolo Spurio
337266ada863a4232c9f8634deedc298a145521c in linux-6.6.y/6.6.51
59d3cfdd7f9655a0400ac453bf92199204f8b2a1 in mainline linux
jsg [Thu, 12 Sep 2024 23:22:10 +0000 (23:22 +0000)]
Revert "drm/amdgpu: align pp_power_profile_mode with kernel docs"
From Alex Deucher
94479011f4f551b4b1e010776a131512402b27bc in linux-6.6.y/6.6.51
1a8d845470941f1b6de1b392227530c097dc5e0c in mainline linux
tb [Thu, 12 Sep 2024 10:33:25 +0000 (10:33 +0000)]
Reintroduce check that CRL Number is in range
The CRL number draft clarified what ignoring means and it includes checking
that the CRL number is well-formed again. So do this but continue to ignore
the value for any other purpose. This refactors x509_convert_seqnum() into
a couple of helpers. There's some duplication between crl_check_crl_number()
and crl_parse_crl_number() which could be removed if anyone cares.
tweaks/ok job
claudio [Thu, 12 Sep 2024 09:10:46 +0000 (09:10 +0000)]
Do a basic sanity check that dirents returned via fuse are kind of sane.
Ensure that file names passed back by readdir do not include a '/'
character. The '/' char is the path separator and is not allowed in
any filename. On top of this also check that d_reclen and d_namlen
are kind of sane and zero out the padding bytes after d_name.
OK beck@
claudio [Thu, 12 Sep 2024 09:07:28 +0000 (09:07 +0000)]
msdos already transfroms for Windows long names a '/' char into '?'.
Do the same for the 8.3 case as well.
This is not ideal since now it is possible that two files in the same
directory have the same name but the msdos code already does a lot of
this and so the problem already exists.
OK beck@ miod@
claudio [Thu, 12 Sep 2024 09:04:51 +0000 (09:04 +0000)]
Ensure that file names passed back by readdir do not include a '/'
character. The '/' char is the path separator and is not allowed in
any filename.
NFS specific report by Apple Security Engineering and Architecture (SEAR).
Input from guenther@ and millert@
OK beck@ miod@
djm [Thu, 12 Sep 2024 00:36:27 +0000 (00:36 +0000)]
Relax absolute path requirement back to what it was prior to OpenSSH 9.8,
which incorrectly required that sshd was started with an absolute path
in inetd mode. bz3717, patch from Colin Wilson
nicm [Wed, 11 Sep 2024 19:12:33 +0000 (19:12 +0000)]
Mouse move keys are not useful as key bindings because we do not turn
them on unless the application requests them. Ignore them so they do not
cause the prefix to be canceled, GitHub issue 4111.
bluhm [Wed, 11 Sep 2024 15:42:52 +0000 (15:42 +0000)]
Implement AMD SEV support in vmd(8).
To launch a guest with AMD SEV enabled, vmd needs to do a few things:
- retrieve ASID used by guest on VM creation
- provide ASID to psp(4)
- let psp(4) encrypt memory used intially by guest
- run guest
- release resources held by psp(4) on guest shutdown
To enable SEV for a guest use the parameter "sev" in the guest's vm
section in vm.conf.
from hshoexer@; OK mlarkin@
tb [Wed, 11 Sep 2024 15:04:16 +0000 (15:04 +0000)]
parametes -> parameters
claudio [Wed, 11 Sep 2024 12:22:34 +0000 (12:22 +0000)]
After calling m_freem() on nmi_mrep (or nmi_mreq) set the pointer to NULL.
Only do this if struct nfsm_info doesn't have local scope.
In some cases the caller would perfrom another m_freem and double free
the mbuf and Bad Things(TM) would happen.
Reported by Claes M Nyberg on bugs@; with & ok miod@
claudio [Wed, 11 Sep 2024 08:29:55 +0000 (08:29 +0000)]
While I can understand that ext2fs is using ufs_ihashget() I'm still
flabbergasted by the abuse from fuse.
For whatever dumb reason fuse uses the ufs inode instead of having its
own much simpler struct. Again this is a workaround to not crash when
fuse is used.
OK beck@
guenther [Wed, 11 Sep 2024 03:57:14 +0000 (03:57 +0000)]
fstat(2) can't return an S_IFLNK, so delete that test.
Also, switch to S_IS*() tests and update the manpage
to reflect that POSIX-2024 has no substantive changes
for wc(1)
ok op@ millert@
yasuoka [Wed, 11 Sep 2024 00:41:51 +0000 (00:41 +0000)]
Fix a typo
schwarze [Tue, 10 Sep 2024 19:46:01 +0000 (19:46 +0000)]
Delete a test_ps() call that does not actually test
what it was intended to test.
The intention was to test that src/bin/ps/utf8.c handles embedded NUL bytes
correctly, just as the other tests in the same group test the handling of
various other non-printable characters. But testing that does not work
for multiple reasons. Neither does the shell pass the NUL byte to the
called test program as intended, nor can argv[] in a C program contain
a NUL byte in the middle of an argument, simply because in the C language,
a string is defined to end at the first NUL byte. On top of all that,
even the function mbswprint() that was supposed to be tested terminates
the processing of the multi-byte input string as soon as it encounters
a NUL byte (all of which is correct behaviour).
So this particular subtest was totally bogus and only worked by accident,
for reasons completely unrelated to the intended purpose. I don't think
the test needs to be replaced by anything else. NUL bytes in the middle
of a program argument just aren't a thing in the first place.
Thanks to deraadt@ for asking what the purpose of this test_ps() call was.
miod [Tue, 10 Sep 2024 18:44:04 +0000 (18:44 +0000)]
nfsm_srvnamesiz() may set up an NFSERR_NAMETOL error, which nfsm_reply() would
consider as not tragic enough to abort the operation, in order to batch error
replies.
This would end up invoking nfs_namei() using an uninitialized variable as
length, and Bad Things(TM) would happen.
Reported by Claes M Nyberg on bugs@; tweaks & ok claudio@
tb [Tue, 10 Sep 2024 18:37:42 +0000 (18:37 +0000)]
Use doc/html link for consistency
tb [Tue, 10 Sep 2024 18:34:19 +0000 (18:34 +0000)]
Add reference to the manifest numbers draft
ok job
tb [Tue, 10 Sep 2024 17:01:09 +0000 (17:01 +0000)]
libcrypto hasn't had VIA padlock support compiled in for quite some time...
prompted by a question by jmc
bluhm [Tue, 10 Sep 2024 14:52:42 +0000 (14:52 +0000)]
Fix build of m_print_chain() on sparc64.
Use %zu to print mbuf MHLEN and MLEN in ddb, otherwise gcc complains.
found by claudio@
claudio [Tue, 10 Sep 2024 12:14:26 +0000 (12:14 +0000)]
ufs_ihashget() is also used by the ext2fs code but the DIP() makro does
not handle that. So for now add an ugly hack here to support ext2fs.
This fixes access to ext2fs after the last commit. A better fix can be
implemented in tree.
Reported and OK anton@
claudio [Tue, 10 Sep 2024 09:38:45 +0000 (09:38 +0000)]
Be more careful with aspath that have 0 length (aka the empty AS_PATH).
Again malloc(0) is not portable and calling memcpy with a NULL pointer
and a 0 length is not allowed by the C standard.
OK tb@
claudio [Tue, 10 Sep 2024 08:53:20 +0000 (08:53 +0000)]
community_copy needs to check if nentries is 0 and handle that specially.
Calling malloc / reallocarray with a 0 size is not portable and the
memcpy with a possible NULL pointer as source and 0 len is seen as UB
by newer C standards (grmbl).
OK tb@
claudio [Tue, 10 Sep 2024 08:47:51 +0000 (08:47 +0000)]
AID_VPN_IPv4 and AID_VPN_IPv6 require a labellen that is non-zero.
OK tb@
claudio [Tue, 10 Sep 2024 08:41:13 +0000 (08:41 +0000)]
Enfroce proper encoding of ASPA announce/withdraw PDU.
An announce PDU requires at least one provider ASnum while a withdraw
must not include any provider ASnums. The first is mandated by the ASPA
profile and the 2nd by the 8210bis draft.
Further cleanup some leftovers from the old per-AFI split of ASPA.
OK tb@
claudio [Tue, 10 Sep 2024 08:37:52 +0000 (08:37 +0000)]
Use reallocarray() instead of recallocarray(), this code does not need the
extra security measures of recallocarray() which adds a lot of overhead.
OK tb@
claudio [Tue, 10 Sep 2024 08:27:00 +0000 (08:27 +0000)]
Include CLUSTER_LIST in the bad attribute tests. Also add a 2nd session
which is iBGP so we can test both CLUSTER_LIST behaviours.
jsg [Tue, 10 Sep 2024 05:45:16 +0000 (05:45 +0000)]
change bus notifier defines into inline functions
jmc [Tue, 10 Sep 2024 05:33:32 +0000 (05:33 +0000)]
missing "Ar" in previous;
yasuoka [Mon, 9 Sep 2024 23:38:29 +0000 (23:38 +0000)]
When accounting start the type attribute was added twice.
from markus
claudio [Mon, 9 Sep 2024 15:00:45 +0000 (15:00 +0000)]
Handle the CLUSTER_LIST attribute as described in RFC7606
Just drop the attribute if received from an external peer.
Treat as withdraw if the len is 0 or not % 4.
OK tb@
claudio [Mon, 9 Sep 2024 14:58:47 +0000 (14:58 +0000)]
There is no need for an explicit size check for IMSG_RECONF_ASPA_TAS
imsg_get_data() does the same and produces the same error.
OK tb@
naddy [Mon, 9 Sep 2024 14:41:21 +0000 (14:41 +0000)]
document the mlkem768x25519-sha256 key exchange algorithm
claudio [Mon, 9 Sep 2024 12:59:49 +0000 (12:59 +0000)]
Use msgbuf_init() instead of hand initalizing the msgbuf.
OK tb@