If relay_httperror_byid() is passed a HTTP error code not in the table
this would result in a NULL deref. The intent is that the code fall back
to "Unknown error" on NULL return.
From Jan Schreiber
Follow iwlwifi for antenna pattern and STBC advertisement. Advertise RX
antenna pattern only when RX is effectively 1x1; advertise HT and VHT
STBC unconditionally, and VHT TX antenna pattern only when TX is
effectively 1x1, and program the firmware TLC STBC flag when the peer
advertises RX STBC and the device has more than one valid TX antenna.
OK: stsp@
commandline to earlier in main(), specifically before some
contexts where a username with shell characters might be
expanded by a %u directive in ssh_config.
We continue to recommend against using untrusted input on
the SSH commandline. Mitigations like this are not 100%
guarantees of safety because we can't control every
combination of user shell and configuration where they are
used.
Reported by Florian Kohnhäuser
allowlists: HostKeyAlgorithms, PubkeyAcceptedAlgorithms and
HostbasedAcceptedAlgorithms.
Previously, if any ECDSA type (say "ecdsa-sha2-nistp521") was
present in one of these lists, then all ECDSA algorithms would
be permitted.
Reported by Christos Papakonstantinou of Cantina and Spearbit.
-p (preserve modes) flag set, clear setuid/setgid bits from
downloaded files as one might expect.
AFAIK this bug dates back to the original Berkeley rcp program.
Reported by Christos Papakonstantinou of Cantina and Spearbit.
value <10 using the single-argument form of MaxStartups (e.g.
MaxStartups=3). This doesn't affect the three-argument form
of the directive (e.g. MaxStartups 3:20:5).
Patch from Peter Kaestle via bz3941
request we sent, so make sure they match exactly rather than allowing
higher msgids.
We can't handle out of order responses and if we don't receive a response
in time we retransmit our request until we get one or run into a timeout.
Found by Dirk Loss
ok markus@ hshoexer@
for INFORMATIONAL exchanges. iked currently assumes that IKE_AUTH always
results in valid child SAs, so IKEV2_STATE_ESTABLISHED means we have
successfully completed the IKE_AUTH exchange for the SA.
Independently found by Dirk Loss and Daniel Polak (SYS.nl)
ok and discussed with markus@ stsp@
The maximum depth is not expected to include the leaf certificate - restore
the decrement prior to checking, which means the previous behaviour is
retained for the callback depth and the maximum depth. Reduce the maximum
depth by one in order to avoid the overwrite that could previously occur.
Thanks to anton@ for flagging the rust-openssl failure in regress.
ok tb@
add a call to drm_fb_helper_restore_fbdev_mode_unlocked()
to amdgpu_enter_ddb() otherwise ddb output can't be seen
not required on inteldrm or radeondrm
This reimplements simpler versions of logging functions needed for
linking the qcow and raw disk image code from vmd.
Also cleans up the Makefile a bit, removing atomicio.c which is
unused.
ok mlarkin@
E-core (Atom) without L3 cache. These cpus are Lethargic, and it sucks
when processes migrate to them.
This introduces sysctl hw.blockcpu= which takes a sequence of 4 letters.
S (for SMT), P (regular performance cpu), E (efficient cpu) generally
80% to 50% as fast), and L (lethargic cpu) which are even slower.
By setting this, you can select cpus to kick out of the scheduler. The
default is SL.
The hw.smt sysctl remains for now but we will eventually delete it.
hw.smt changes and follows hw.blockcpu=S.
ok kettenis mlarkin
