BSD Commit Log Search

   sndiod: Don't use midi_send() to generate MIDI messages

   midi_in() is the right function to do so. It handles multiple sources
   and does flow control.

   sndiod: Initialize the array of unused opt_app structures

   sc_imlen is allowed to be >= NCR_MAX_MSG_LEN.

   Fixes subtle ncr53c9x_msgin breakage in previous.

   Pointed out by, tweak & ok miod@

   Extend multicast router counter.

   ip_mforward() contained a static variable that poorly implements a
   rate limited log message.  Replace the log with a counter, which
   is MP-safe.
   Also count drops due to time-to-live and hop-limit.  As the default
   ttl is 1, this is the most common pitfall when configuring a multicast
   router.  This counter helps debugging.

   OK claudio@ deraadt@

   Test runs out of file descriptors.  Increase ulimit number to 256.

   Avoid printf("%s", NULL) since it's not guaranteed to be safe and will
   segfault on some -portable platforms.

   Fix FIFO handling to avoid overflowing sc_imess.

   Original diff from Stanislav Fort.

   ok deraadt@ claudio@

   pkg_add: add regression test reproducing the recent gcc15 issue

   from espie

   For IPC_STAT (and KERN_SYSVIPC_SHM_INFO) the three fields
   __shm_atimensec/__shm_dtimensec/_shm_ctimensec fields leak kernel memory
   contents because we never initialize them, they should clearly be zero
   until such time as we add more precision.  The Tsinghua University group
   suggested clearing these at export time, but the real problem is the
   memory is being allocated without PR_ZERO.
   ok kettenis mvs

   Replace two-value prompt_mode enum with a flag.

   Add some enums for prompt return values to make them a bit less confusing.

   Attach aplmbox(4) early in RAMDISK kernels too.

   isakmpd: Clear sensitive data with freezero()

   ok markus@

   isakmpd: Clear key material

   Track allocated sizes alongside the key pointers.

   Add a backoff retry mechanism for non-functional CAs

   Many non-functional CAs never recover once they become non-functional
   causing inefficiency in the operation of relying party instances.

   The existing detection mechanism for non-functional CAs is changed into
   a stateful backoff retry mechanism, eventually settling on retrying
   broken CAs only once per day. Backoff helps reduce load on both the
   RP and publication point sides of the house, reduces log clutter, and
   improves RP run duration.

   The sync schedule is reset if a given non-functional CA is discovered to
   be in working order again (i.e., backoff is not applied to healthy CAs).
   A few new statistics are exposed in the json & metrics outputs.

   An interesting side-effect of this mechanism is that it appears to
   obviate some of the need for a manually curated (and therefore, easily
   outdated) skiplist.

   OK claudio@ tb@

   add codepatch.h

   Handle different borders in move-pane, from Dane Jensen.

   Update header file chunks in this manual page for newer route message
   types; from ido at wireplug
   ok claudio

   Remove target completion which never worked very well, leave only
   command completion.

   mention a caveat regarding GSSAPIStrictAcceptorCheck in some environments

   add some logging to make debugging interactive/bulk classification
   mistakes easier next time (though I think we've got them all now, really)

   add a missing channels type for bulk/interactive classification
   bz3972; ok dtucker@

   Switch to imsg_recv_ctl_peer and switch all consumers of struct peer over
   to struct ctl_peer.

   bgpd no longer dumps the full struct peer over imsg, so adjust here.

   OK tb@

   Implement imsg_send_ctl_peer() and imsg_recv_ctl_peer and struct ctl_peer
   to export peer data to bgpctl.

   IMSG_CTL_SHOW_NEIGHBOR exported struct peer with a lot of internal data
   which leaks important information and works against our priv-sep model.
   The new struct ctl_peer only includes data that is needed by bgpctl.

   Triggered by a report from 7ASecurity
   OK tb@

   sndiod: Make sure strings received from the network are 0-terminated

   kettenisg -> kettenis

   Cast argument to unsigned char for ctype(3) macros.

   write: some small cleanup
   - pledge on start, restricting to stdio later on
   - annotate done as __dead and remove unreachable return in main
   - use common code to remove the /dev/ prefix from a device name
   - wrap the PUTC macro into do {} while (0) to avoid extra empty statement
   - use strftime() instead of using an offset into the ctime() string
   - pass ttyl as size_t not int in search_utmp() to match the variable
   From espie@

   Remove current directory from default package search path

   This was surprising behavior for many and has a very low probability
   of doing anything useful.

   manpage changes and "removing . [...] is sane" kili@
   Your funeral espie

   Remove fuzzy match operator again for now, this will be done differently.