Prevent installing corrupted /bsd on relink errors
Link with --no-mmap-output-file on LLD_ARCH to propagate failure, which
defaults to mmap(2) and thus does not account for, e.g. running out of space
in /usr/ or /tmp/.
This causes targets like `newbsd', used by reorder_kernel and the installer,
to install whatever ld.lld(1) produced despite errors before exiting zero.
Seen by many, debugged by tb and semarie; undocumented flag found by jmatthew.
"let's do it" deraadt
rpki-client: kill CPS printing in very verbose mode
This predated file mode by a bit and at that time it seemed a good idea to
provide access to it although it kind of made things excessively verbose.
This info is now easily accessible with -fv, so silence this chatterbox.
ok job
rpki-client: introduce cert_parse_internal()
End entity certificates have been checked only in a rather minimalistic
way for no good reason. A certificate is a certificate and while there
are some differences in the details of the extensions, there should only
be a single parsing function. Factor some checks for CA/TA certificates
into helpers and handle the logic in such a way that it can be read next
to RFC 6487 and checked for completeness. Some items are left for later.
input/ok job
Fix mistracking of MaxStartups process exits in some situations.
At worst, this can cause all MaxStartups slots to fill and sshd
to refuse new connections.
Diagnosis by xnor; ok dtucker@
the messaging layer between sshd-session and sshd-auth had a maximum
message size of 256KB. Some people apparently have configurations
larger than this and would hit this limit.
Worse, there was no good logging that could help diagnose what was
going wrong.
So this bumps the maximum message size to 4MB and implements an early
check (usable via the sshd -t test mode) that will report it to the
user where it is hopefully more visible.
bz3808, reported by Dmitry Belyavskiy, ok dtucker@
Teach puc(4) about my Nm9900 which attaches as
puc0 at pci3 dev 0 function 0 "NetMos Nm9900" rev 0x00: ports: 16 com
com4 at puc0 port 0 apic 2 int 16: st16650, 32 byte fifo
ok deraadt kettenis sthen
mux: fix incorrect return value check in local forward cancellation
channel_cancel_lport_listener() returns 1 on success and 0 on failure.
The previous code incorrectly checked for `== -1`, a value the function
never returns, so failure was not detected and the "port not found"
error message was never shown when cancelling dynamic or local port
forwards.
From: Boris Tonofa <b.tonofa at ideco.ru>