www/{nginx,nginx-devel,freenginx}: 3rd-pary modules managemeht
Update mod_zip to 1.3.0 and switch Github author to evanmiller as this
seems to be author that the other, less current, versions are forked
from.
PR: 295934
Sponsored by: Netzkommune GmbH
[X86] Fold XOR of two VGF2P8AFFINEQB instructions with same matrix (#199146)
Adds an optimization to fold a XOR between two `vgf2p8affineqb`
instructions that share the same matrix by XORing their sources
beforehand. This patch:
- Can eliminate one `vgf2p8affineqb` instruction.
- Doesn't occur if either affine is multi use, preventing an increase in code size.
- Includes test coverage for both positive and negative cases.
Fixes #196879
Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rmk/linux
Pull ARM fixes from Russell King:
- Avoid KASAN instrumentation of half-word IO
- Use a byte load for KASAN shadow stack
- Fix kexec and hibernation with PAN
* tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rmk/linux:
ARM: 9476/1: mm: fix kexec and hibernation with CONFIG_CPU_TTBR0_PAN
ARM: 9475/1: entry: use byte load for KASAN VMAP stack shadow
ARM: 9474/1: io: avoid KASAN instrumentation of raw halfword I/O
Mop up SSL_CTX_set_options(3).
SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS is now a no-op, tidy up
SSL_OP_LEGACY_SERVER_CONNECT and reflect the current state of SSL_OP_ALL
Delete the entire "SECURE RENEGOTIATION" section that contained ancient
ramblings.
ok beck@ tb@
grep: periodic timer-based fflush instead of unconditional per-line flush
Replace the unconditional fflush(stdout) in grep_printline and
procmatches with a periodic timer that flushes at most once every
100ms. This preserves interactive responsiveness (grep | tee,
grep | tail -f) while avoiding 1M+ write(2) syscalls when
processing large inputs.
The flush interval is tracked via clock_gettime(CLOCK_MONOTONIC)
and a static timespec. --line-buffered continues to flush
immediately via setlinebuf(3), as before.
Benchmark on 1M lines (37MB output to file):
unconditional fflush: 1.90s (sys 1.22s)
periodic 100ms timer: 0.49s (sys 0.007s)
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D57528
Remove SSL_OP_LEGACY_SERVER_CONNECT from default options.
Remove SSL_OP_LEGACY_SERVER_CONNECT from the default SSL options and the
SSL_OP_ALL define. This means that we will now refuse to connect to a
TLSv1.2 server if it does not support the Renegotiation Indication (RI)
extension. This prevents a class of attacks against TLS clients that are
talking to TLSv1.2-only servers that permit client initiated renegotiation.
Raised by Lucca Hirschi et al from Inria.
ok beck@ tb@