BSD Commit Log Search

   Add DPB_PROPERTIES=parallel to devel/gdb

   Builds many files and is on the path to lang/rust.
   Suggested by tb@

   update to uriparser-1.0.0

   update to dropbear-2025.89

   - Security: Avoid privilege escalation via unix stream forwarding in Dropbear
     server. Other programs on a system may authenticate unix sockets via
     SO_PEERCRED, which would be root user for Dropbear forwarded connections

   - Security: Include scp fix for CVE-2019-6111. This allowed
     a malicious server to overwrite arbitrary local files.

   - Don't limit channel window to 500MB. That is could cause stuck connections
     if peers advise a large window and don't send an increment within 500MB.
     Affects SSH.NET https://github.com/sshnet/SSH.NET/issues/1671

   and some others

   update to dropbear-2025.89

   - Security: Avoid privilege escalation via unix stream forwarding in Dropbear
     server. Other programs on a system may authenticate unix sockets via
     SO_PEERCRED, which would be root user for Dropbear forwarded connections

   - Security: Include scp fix for CVE-2019-6111. This allowed
     a malicious server to overwrite arbitrary local files.

   - Don't limit channel window to 500MB. That is could cause stuck connections
     if peers advise a large window and don't send an increment within 500MB.
     Affects SSH.NET https://github.com/sshnet/SSH.NET/issues/1671

   and some others

   peer_dump already puts all prefixes onto the pending queue.

   So there is no need to call peer_blast at the end, just call
   peer_blast_done() so the EOR marker is added and the peer
   is unthrottled.

   This removes an extra tree walk during session establishment.

   OK tb@

   This needs ports-gcc since it uses C11 _Generic
   OK jca@

   KNF

   Implement the bin_of function like omalloc.c and use it for various
   dynamic array sizing.

   Convert the attrs and communities code to use this (with slightly
   different values).

   OK tb@

   Kill tab on empty line.

   Update for Nextcloud to 32.0.3

   OK landry@

   Update for Nextcloud to 31.0.12

   OK rsadowski@ landry@

   update to sniproxy-0.9.16

   space at EOL

   Pass a struct pt_entry *pte to adjout_prefix_withdraw() and
   adjout_prefix_next(). A preparation step for an upcoming change.

   OK tb@

   Switch from a while loop to a for loop since this is what this actually is.

   Does not win a beauty contest but that can be solved later.
   OK tb@

   Extend the prefix/pt API with functions for iterators.

   - pt_first() and pt_next() can be used to implement a basic iterator
     that can walk all or part of a tree.
   - pt_get_next() returns the match or next bigger match than prefix/prefixlen

   OK tb@

   Replace sizeof(struct community) with sizeof(*new) since the latter is
   always right.
   OK tb@

   Update ansible 13.0.0 -> 13.1.0
   Changelog: https://github.com/ansible-community/ansible-build-data/blob/13.1.0/13/CHANGELOG-v13.md#v13-1-0

   Update ansible-core -> 2.20.0 -> 2.20.1
   Changelog: https://github.com/ansible/ansible/blob/stable-2.20/changelogs/CHANGELOG-v2.20.rst#v2-20-1

   Update terraform-docs 0.20.0 -> 0.21.0
   Changelog: https://github.com/terraform-docs/terraform-docs/releases/tag/v0.21.0

   Update tflint 0.59.1 -> 0.60.0
   Changelog: https://github.com/terraform-linters/tflint/releases/tag/v0.60.0

   Update to check-jsonschema 0.36.0

   Update to py-protobuf 6.33.2

   https://github.com/protocolbuffers/protobuf/releases/tag/v33.2

   Update to protobuf 6.33.2

   https://github.com/protocolbuffers/protobuf/releases/tag/v33.2

   Plug leak in ssh_digest_memory on error path.   Bonehead mistake spotted
   by otto@, ok djm@

   Add 'invaliduser' penalty to PerSourcePenalties, which is applied
   to login attempts for usernames that do not match real accounts.
   Defaults to 5s to match 'authfail' but allows administrators to
   block such sources for longer if desired.  with & ok djm@

   net/synapse: update to 1.144.0, from maintainer Renaud Allard

   static int, not int static

   c99 6.11.5:
   "The placement of a storage-class specifier other than at the beginning
   of the declaration specifiers in a declaration is an obsolescent
   feature."

   static const, not const static

   c99 6.11.5:
   "The placement of a storage-class specifier other than at the beginning
   of the declaration specifiers in a declaration is an obsolescent
   feature."

   ok krw@

   Rearrange command completion so callbacks are called without holding any
   locks. This makes it possible to mark the interrupt handler MPSAFE, but
   we're not actually doing that yet.

   Releasing the cq mutex means the completion callback can't use the cq
   entry, so we have to copy any fields we use from it into the ccb. For now,
   that's just the flags. This simplifies the callbacks in a few places.

   ok dlg@ (some time ago)
   also tested by kettenis@ with aplns(4)