Set User-Agent for HTTP healthchecks
Joel Carnat (Thanks) notice that GoToSocial does not like it when we sent
no User-Agent and returns an HTTP/418.
Lloyd pointed to use RELAYD_SERVERNAME instead hardcoded "relayd"
OK sthen, claudio (diff without RELAYD_SERVERNAME)
Unveil fix for traversing up at a mount point in vfs_lookup.
This fixes an issue where we could use the wrong unveil
when we had a path starting with a .. starting from a directory
that was a mount point, and also was unveiled.
The fix ensures we remember traversing the unveil before
descending into the underlying filesystem.
fix by semarie@ with testing by me and deraadt@ and others
from beck@; ok deraadt@
this is errata/7.7/025_unveil_mount.patch.sig
Unveil fix for traversing up at a mount point in vfs_lookup.
This fixes an issue where we could use the wrong unveil
when we had a path starting with a .. starting from a directory
that was a mount point, and also was unveiled.
The fix ensures we remember traversing the unveil before
descending into the underlying filesystem.
fix by semarie@ with testing by me and deraadt@ and others
from beck@; ok deraadt@
this is errata/7.8/019_unveil_mount.patch.sig
In tzpath_ok(), also reject a path ending in "/..". This replaces
strstr() with a loop that matches embedded ".." path elements as
well as leading and trailing ones. OK tb@
sys/iwx: support powersave
This diff enables power save by default for iwx by setting
IEEE80211_F_PMGTON (and IEEE80211_C_PMGT), and makes iwx react to
SIOCS80211POWER by switching between PM (level 3) and CAM at runtime.
OK: stsp@
Unveil fix for traversing up at a mount point in vfs_lookup.
This fixes an issue where we could use the wrong unveil
when we had a path starting with a .. starting from a directory
that was a mount point, and also was unveiled.
The fix ensures we remember traversing the unveil before
descending into the underlying filesystem.
fix by semarie@ with testing by me and deraadt@ and others
ok deraadt@
improve the "No changes need to be saved" check
Instead of checking for the BFCHG flag in buffsave(), bubble it up to
filesave(), which is the interactive function. This avoids prompting
for a filepath for e.g. when attempting to save the *scratch* buffer.
The only other place where buffsave() is called, anycb in buffer.c is
already guarding for a set file name and the BFCHG flag.
Initial diff from Han Boetes (hboetes at gmail), tweaked by me.
pledge "tmppath" goes away because it sucks. The history is kind of
sad: unveil(2) was invented by Bob Beck and myself because a couple
of us struggled and couldn't expand the "tmppath" mechanism to general use.
unveil(2) ended up being kind of "upside down" different, and so we never
deleted "tmppath" because the refactorings seemed complicated.
However over the last two weeks, we're removed all the "tmppath" in base
pretty easily, and the 18 ports using it have also been fixed.
The majority of situations now use unveil "/tmp" "rwc", unveil "/" "r" or
similar, and then pledge "rpath wpath cpath", and this is generally needed
to satisfy the mkstemp(3) family of functions in libc.
Use of "tmppath" will now cause pledge(2) to return EINVAL. There is
no backwards compatible way of mimic the behaviour correctly using
kernel-internal unveil hackery.
Prompted by a report from David Leadbeater; and extensive conversations
with beck and semarie.
from deraadt@
Stop the canonicalization of the path in pledge_namei() callback since
we know is providing strictly normalized paths, and it leads to a subtle
[17 lines not shown]
pledge "tmppath" goes away because it sucks. The history is kind of
sad: unveil(2) was invented by Bob Beck and myself because a couple
of us struggled and couldn't expand the "tmppath" mechanism to general use.
unveil(2) ended up being kind of "upside down" different, and so we never
deleted "tmppath" because the refactorings seemed complicated.
However over the last two weeks, we're removed all the "tmppath" in base
pretty easily, and the 18 ports using it have also been fixed.
The majority of situations now use unveil "/tmp" "rwc", unveil "/" "r" or
similar, and then pledge "rpath wpath cpath", and this is generally needed
to satisfy the mkstemp(3) family of functions in libc.
Use of "tmppath" will now cause pledge(2) to return EINVAL. There is
no backwards compatible way of mimic the behaviour correctly using
kernel-internal unveil hackery.
Prompted by a report from David Leadbeater; and extensive conversations
with beck and semarie.
from deraadt@
Stop the canonicalization of the path in pledge_namei() callback since
we know is providing strictly normalized paths, and it leads to a subtle
[17 lines not shown]
make iwx_read_firmware() error out if IWX_NUM_UCODE_TLV_CAPA is too small
The driver would attempt to load an incomplete firmware image if
this check failed. Make the driver report a proper error instead.
ok tb@ phessler@
Unbreak compiles with IEEE80211_DEBUG defined.
In ieee80211_recv_probe_resp() the code to print probe responses should be
called after ieee80211_find_node() and is_new should be used instead of
checking for ni == NULL.
OK stsp@
Add support for MCC update firmware response v4 to iwx(4).
This will be needed to support BZ devices.
ok kettenis@ phessler@
Tested:
AX210 (MA): kettenis
AX211: phessler
AX211 (BZ): stsp
In tzpath_ok(), also reject a path ending in "/..". This replaces
strstr() with a loop that matches "/../" in the name as well as
"/.." at the end. OK deraadt@
Rework rkpinctrl(4) to delay the lookup of the regmaps until we actually
need them. This should fix issues with Linux device tree changes that
make us attach rkpinctrl(4) before the syscon(4) that provides the
regmap.
ok patrick@
While in practice the ibuf_skip() call can not fail it is better to check
it. If the ibuf header can't be skipped it is better to not forward the
message and return an error.
Fix for CID 492354
OK tb@
Stop the canonicalization of the path in pledge_namei() callback since
we know is providing strictly normalized paths, and it leads to a subtle
problem a little bit like a TOCTOU. However, this pathcode can also be
reached by non-libc callers, so we need one validation step: the zoneinfo
sub-directory inspections may not attempt walks upwards through "..", we
don't need to consider symbolic links because root does not place them there.
From discussions with david leadbeater, ok beck
