Tighten up the introduction a little:
Mention Match as a conditional directive (previously it only
mentioned Host)
Try to use consistent language in the introduction to refer to
configuration directives (previously it used "parameters" and
"keywords" interchangeably).
Mention that comments may appear at the end of the line too, and that
whitespace at the beginning/end of lines is not significant.
LLVM now emits calls to strlen(3) and wcslen(3). Redirect those calls to
our hidden aliases to prevent unnecessary PLT entries (like we already do
for memmove(3), memcpy(4) and memset(3)).
ok deraadt@
login_ldap(8)/ldap(1): fix endless loop
Goto fail on closed socket and check for evbuffer_add(3) errors, too.
Original bug was reported by Matthias Pitzl.
On Tue, Jun 30, 2026 at 11:35:32AM +0200, Martijn van Duren wrote:
> Could you also make sure other aldap.c users get the fix?
OK martijn@
partially revert previous to return to 64-byte submission queue
entries by default, only applying 128-byte entries on APPLE_NVME3
(T2) where we know it's needed
the previous change broke APPLE_NVME2 which advertises 128 bytes but
needs 64
ok dlg
Yet another AI assisted report has triggered on the belief that
kill(2) against 0 (for pgrp) should not be permitted by pledge "proc".
Nothing validates this premise. Blocking process group kills would
break substantial amounts of software in dangeous ways, as it creates
fragile invarient conditions. We previously tried to block this belief
with kern_pledge.c:1.357 by subtly adding "/pgrp" in a comment, but that
was not effective so try adding "kill(2) may still operate on the
process group with pid 0." to the manual page. This is annoying
because the pledge manual page usually describes what is blocked
(resulting in process killing) rather than specifically listing
what allowed.
Discussed with Ivan Arce