Fix memleak in syslogd(8) when client aborts TLS connection.
In the callback tcp_closecb() the TLS context was not freed. This
happend when a TLS client aborted or terminated the syslog connection.
While there, initialize variables before registering the bufferevent
errorcb callback although they should not be used that early.
reported, tested and OK henning@
Prevent vmd(8) guests from reading outside pci config space.
vmd emulates a pci host bridge and attached devices. Guests could
read and write beyond a device's configuration space, clobbering
device state or worse. They could also do this for non-existent
devices on the pci host bridge.
The PCI spec says to return all 1's when accessing non-existent
devices, so make vmd's emulation to do the same for these invalid
reads. For invalid writes, drop them.
ok mlarkin@
Detect support for OSC 52 using the device attributes report. Some
terminals are using this to indicate that they support copying to the
clipboard with XTerm's OSC 52 sequence. From James Holderness in GitHub
issue 4539.
First emit pthread signal, then unlock mutex
POSIX says this:
The pthread_cond_broadcast() or pthread_cond_signal() functions may
be called by a thread whether or not it currently owns the mutex
that threads calling pthread_cond_clockwait(),
pthread_cond_timedwait(), or pthread_cond_wait() have associated
with the condition variable during their waits; however, if
predictable scheduling behavior is required, then that mutex shall
be locked by the thread calling pthread_cond_broadcast() or
pthread_cond_signal().
While both ordering approaches are correct, the predictable scheduling
pattern is preferred.
"yes" kettenis@
"clearer to hold mutex around the signal" tedu@
make "Match !final" not trigger a 2nd pass ssh_config parsing pass
(unless hostname canonicalisation or a separate "Match final" does).
bz3843
ok dtucker@
Explain why issuer and subject UIDs are disallowed in the RPKI
RFC 5280 disallows them for CA certificates and RFC 6487 section 4.5
requires subjects of all certs issued by the same CA to be unique,
which renders them meaningless. Apparently nothing more explicit is
in the RPKI specs.
ok job
Check for errors on all pthread_*() calls
A pthread implementation might dynamically allocate memory on some paths,
checking whether calls were successful seems a necessity.
OK tb@ claudio@
Unlock IPCTL_MTUDISC case of ip_sysctl().
`ip_mtudisc' is atomically accessed boolean, so allow only 0 and 1
values to set. Also, while `ip_mtudisc' is 0, the rt_timer_queue_flush()
will be triggered all the times even if we do read access. There is no
reason for that, so flush the queue only if this thread successfully
assigned 0 value. The rt_timer_queue_flush() requires to be serialized
with the netlock.
ok bluhm
