IABSD.fr/src
Branch :
Log
| Author | Commit | Date | CI | Message |
|---|---|---|---|---|
 |
ee24dc58 | 2025-05-13 09:17:41 | Unlock TCPCTL_ROOTONLY and TCPCTL_BADDYNAMIC cases of tcp_sysctl(). The copy-paste from udp_sysctl(). It is not reasonable to combine this code with UDP and make it more complex. ok bluhm | |
|
254506a7 | 2025-05-13 09:16:33 | Move `psec_require_pfs' sysctl(2) variable out of netlock. It is atomically accessed integer local to pfkeyv2_acquire(). ok bluhm | |
 |
d3634c06 | 2025-05-13 07:59:57 | dedup -d text, point to -v; OK dlg | |
 |
5c13c7ba | 2025-05-13 00:09:41 | replace task_del+taskq_barrier with taskq_del_barrier. | |
 |
0de99af2 | 2025-05-12 23:48:12 | Correctly delete files with spaces During uninstall, fw_update reads the list of installed filenames from +CONTENTS but would split commands before checking if there was a command. It now uses the full line as the filename as it should. Reported by Mikolaj Kucharski <mikolaj () kucharski ! name> OK (for a similar diff) lucas@ | |
 |
d9556adb | 2025-05-12 20:58:27 | the regex keyword must be used iff the argument to an option is a regular expression or a list of regular expressions, it requires no special handling; improvements to the wording by jmc@ and op@ ok gilles@, jmc@, and op@ | |
 |
b6767310 | 2025-05-12 17:23:41 | Until vmctl has its imsg usage cleaned, copy macros over from vmd. This fixes building vmctl since I didn't commit this header change when updating vmd. | |
|
39947927 | 2025-05-12 17:21:21 | Unlock UDPCTL_ROOTONLY and UDPCTL_BADDYNAMIC cases of udp_sysctl(). Use temporary buffer to exchange data with the userland. So we need to take exclusive netlock only if we modify values. The shared netlock is still required even if we read values, but it doesn't stop packets processing in the most paths. ok bluhm | |
|
89ae69af | 2025-05-12 17:20:09 | Move bunch of `ipsecctl_vars' variables out of netlock. The `ipsec_soft_allocations', `ipsec_exp_allocations', `ipsec_soft_bytes', `ipsec_exp_bytes', `ipsec_soft_timeout', `ipsec_exp_timeout', `ipsec_soft_first_use' and `ipsec_exp_first_use' are local to pfkeyv2_acquire(). They are loaded together during `sadb_comb' initialization, so make sense to unlock them together too. It looks reasonable to drop 'ipsec_' prefix for local variables, otherwise the names are too long, and I think this should made code reading worse. For consistency I dropped 'ipsec_' prefix for `ipsec_def_*_local' too. ok bluhm | |
|
acb6652b | 2025-05-12 17:17:42 | vmd(8): make imsg objects opaque and sanitize char[]s. vmd directly manipulated the inner members of imsg's throughout the codebase. Given a report of unchecked usage of some particular structs passed via imsg, this commit cleans up the imsg usage as well as santizes the embedded char[]'s in structs passed via imsg. All imsg metadata and data access now go through the imsg api (e.g. imsg_get_data(3)) and unmarshalling is handled in centralized locations with size checking and insertion of NUL-terminators in any char[]s. The result is no functional or behavioral change to vmd, but now all imsg's are treated opaquely and data santization is in a single function per type. NUL-termination issues reported by S. Ai, H. Lefeuvre, Systopia team. Review and guidance from claudio@. ok claudio@ | |
 |
072ecc2d | 2025-05-12 10:34:13 | Expand prompts when they are used rather than ahead of time, so the input can be used as part of the format. | |
|
d46c7786 | 2025-05-12 10:26:19 | Add R format modifier to repeat an argument. | |
|
78dde0c3 | 2025-05-12 10:16:42 | Add -E to run-shell to forward stderr as well as stdout, from github at jyn dot dev in GitHub issue 4246. | |
|
65233335 | 2025-05-12 09:50:00 | Do not downgrade styled underscores to standard underscore if the terminal does not support them, this matches what would happen if the application tried to use them on a terminal without support. | |
|
26490c00 | 2025-05-12 09:17:42 | Preserve colours in selection if the option style is default, GitHub issue 4498. | |
 |
f6b7fd7f | 2025-05-12 08:19:08 | drm/amd/display: Fix slab-use-after-free in hdcp From Chris Bainbridge dd329f04dda35a66e0c9ed462ba91bd5f2c8be70 in linux-6.12.y/6.12.28 be593d9d91c5a3a363d456b9aceb71029aeb3f1d in mainline linux | |
 |
5d7c8167 | 2025-05-12 08:16:00 | do not use buffer cache as malloc replacement. ok deraadt even tested by Geoff Steckel | |
|
9a25937c | 2025-05-12 08:13:39 | drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp From Mario Limonciello 75096780a4de86c8884da20ee47e831713fb97e8 in linux-6.12.y/6.12.28 6b675ab8efbf2bcee25be29e865455c56e246401 in mainline linux | |
|
39e4fdb9 | 2025-05-12 08:10:01 | drm/i915/pxp: fix undefined reference to `intel_pxp_gsccs_is_ready_for_sessions' From Chen Linxuan bb0d602899650200efa69062edc99d2897c609e5 in linux-6.12.y/6.12.28 7e21ea8149a0e41c3666ee52cc063a6f797a7a2a in mainline linux | |
|
b5aee063 | 2025-05-12 08:07:58 | drm/amd/display: Default IPS to RCG_IN_ACTIVE_IPS2_IN_OFF From Leo Li b93e1cad05a079825a7b0e13033043bff988adc5 in linux-6.12.y/6.12.28 6ed0dc3fd39558f48119daf8f99f835deb7d68da in mainline linux | |
|
dc145b5b | 2025-05-12 08:05:21 | drm/amdgpu: Fix offset for HDP remap in nbio v7.11 From Lijo Lazar 989f9c6a619bf1b3cdef2f51522744c48a258da1 in linux-6.12.y/6.12.28 79af0604eb80ca1f86a1f265a0b1f9d4fccbc18f in mainline linux | |
|
89e2a243 | 2025-05-12 08:02:35 | drm/fdinfo: Protect against driver unbind From Tvrtko Ursulin f1dfc945847c5cb5462ed7f7c8bbf348e196023d in linux-6.12.y/6.12.28 5b1834d6202f86180e451ad1a2a8a193a1da18fc in mainline linux | |
|
dcf6c596 | 2025-05-12 07:09:02 | Add a mutex-specific version of guard(). Uses a cleanup attribute to free locks in return paths. Required for 6.12.28 drm. | |
 |
4da2732a | 2025-05-12 05:42:02 | Use EC_POINT_[sg]et_affine_coordinates() It is available in all supported OpenSSL flavors/versions and the _GFp variants will be removed from LibreSSL. ok hshoexer jsing | |
|
dd2b8bfe | 2025-05-12 05:41:20 | Use EC_POINT_[sg]et_affine_coordinates() It is available in all supported OpenSSL flavors/versions and the _GFp variants will be removed from LibreSSL. ok hshoexer jsing | |
|
31eb8153 | 2025-05-12 05:40:24 | Use EC_POINT_[sg]et_affine_coordinates() It is available in all supported OpenSSL flavors/versions and the _GFp variants will be removed from LibreSSL. ok hshoexer jsing | |
|
65799e18 | 2025-05-12 05:07:17 | remove unused extern, gcc warned about an unused variable | |
|
cc61faa9 | 2025-05-12 04:49:19 | remove unused variable; ok miod@ | |
 |
90f03005 | 2025-05-12 01:18:35 | add RK818 support ok kettenis | |
 |
1d7d4b26 | 2025-05-11 21:19:09 | The counter for halfopen states should be manipulated using atomic_ops(9f). In current code the counter may underflow. The issue has been noticed and reported by Pascal Stumpf (pascal _at_ stumpf _dot_ co). The change has been also kindly tested by Pascal. OK @bluhm, OK @dlg | |
|
044850b7 | 2025-05-11 20:03:08 | Make EVFILT_TIMER mp-safe. Introduce 'filt_timer' opaque structure to keep the timeout(9), the `ft_reschedule' flag and protecting mutex(9). The timeout(9) handler could reschedule itself, so `ft_reschedule' flag prevents this on timeout canceling. Note, this diff keeps the timeout handler under kernel lock. We don't touch kernel lock while we perform timeout_add(9) or timeout_del_barier(9) on non mp-safe timeouts, so kevent(2) will not stuck in kernel lock, meanwhile the timeout firing will take kernel lock in most cases even for mp-safe timeouts. ok visa | |
 |
b27496ef | 2025-05-11 19:41:05 | Add a sparc64-specific _raw flavour to the softintr routines. These are used by specific drivers (floppy controllers, PCMCIA bridge) which need to be able to schedule soft interrupts at actual hardware levels. This will allow further MI work on the softintr api to not affect or break these interfaces. And also unbreaks com@pcmcia devices, which register a soft interrupt at IPL_TTY level and got broken by accident in OpenBSD 4.4. discussed a lot with and ok visa@ | |
|
957d03da | 2025-05-11 15:38:48 | Plug a few leaks after namespace_get() This patch fixes several memory leaks in ldapd caused by missing calls to ober_free_elements after using namespace_get. The namespace_get function eventually calls ober_read_element, which allocates memory for parsed BER elements. The most significant leak happens during processing of bind requests from non-root users in auth.c. The returned ber_element was not freed after being processed. Similar issues were found and fixed in ldape.c and modify.c. In these cases, ber_element returned by namespace_get was also left unfreed. From Anton Kasimov | |
|
0a3c375e | 2025-05-11 15:30:43 | Remove some NULL checks before ober_free_elements() From Anton Kasimov | |
 |
66c1ed3f | 2025-05-11 11:23:23 | Document four more command line options. The options --about, --list-package-names, --short-errors, and --log-file were not documented yet. While documenting --log-file, adjust the description of PKG_CONFIG_LOG, too. This patch was accepted and pushed upstream by Ariadne Conill. | |
|
3fa496cf | 2025-05-11 02:17:19 | add rk3128 support to rkusbphy, enable it on armv7 ok kettenis | |
|
836be986 | 2025-05-10 19:01:16 | Increase default PKCS12_SALT_LEN from 8 to 16 bytes Currently PKCS12_setup_mac() function uses salt length of 8 bytes / 64 bits when no salt length is specified. Increase this fallback default to 16 bytes / 128 bits, as recommended by NIST SP 800-132. Note this is for interoperability purposes. Some FIPS implementations enforce minimum salt length of 16 bytes. Examples of such FIPS implemenations are Bouncycastle FIPS Java API and Chainguard FIPS Provider for OpenSSL. Also future v3.6 release of OpenSSL will also increase the default salt length to 16 bytes. From Dimitri John Ledkov, thanks | |
|
9ae92282 | 2025-05-10 11:51:01 | asn_moid: move inclusion of err_local.h to the proper place | |
 |
688324ca | 2025-05-10 11:08:26 | Bring the code that reads the packet counters in line with rge(4). While I haven't found re(4) hardware that actually needs this, this aspect of the hardware is identical between re(4) and rge(4) and the new way of doing things should be safer. ok dlg@, kevlo@ | |
 |
260fc2d4 | 2025-05-10 11:06:36 | sparc64: Mask IPL_MPSAFE in softintr_establish() sparc64 is now the only MD softintr platform with non-zero IPL_MPSAFE flag. Mask this flag in sparc64 softintr_establish() so that it becomes possible to use IPL_MPSAFE with the softintr_establish() API. OK miod@ | |
|
a6f021db | 2025-05-10 10:11:02 | armv7: Use MI soft interrupt code | |
|
91abf8a7 | 2025-05-10 10:01:03 | mips64: Use MI soft interrupt code | |
|
5fc29628 | 2025-05-10 09:54:17 | powerpc: Use MI soft interrupt code Tested by gkoehler@ and mvs@ | |
|
8f25c064 | 2025-05-10 09:44:39 | kqueue: Implement EVFILT_USER Implement EVFILT_USER in kqueue(2)/kevent(2). This allows user-triggerable events with plain kevent(2). EVFILT_USER originally appeared in FreeBSD but is now available also in DragonFly BSD, NetBSD, and macOS, and probably others. The maximum number of user events is limited per process. The limit (1024) is hard-coded at the moment. Manual page tweak by jmc@ tedu@ likes this OK mvs@ | |
|
ef68f023 | 2025-05-10 06:45:46 | Sort FOOerror() in ASCII order | |
|
5ec83552 | 2025-05-10 06:35:22 | Simplify the remaining FOOerror() Redirect through an additional macro that adds the repeated function, file and line macros. Reduces the eyesore and makes the whole thing much more redable. similar to a suggestion by jsing a while back | |
|
e223f0a4 | 2025-05-10 06:22:08 | Remove unused internal FOOerror() pointed out by djm a while back | |
|
a0eb9462 | 2025-05-10 06:17:09 | Remove error macros except PEMerr(), RSAerr() and SSLerr() These three are still used in about half a dozen ports. All the others are unused. ok jsing | |
 |
5bbb7d88 | 2025-05-10 06:10:01 | fix grep invocations | |
|
bdb0d0cc | 2025-05-10 06:04:36 | ssl_local.h: stop guarding SYSerror() with an #ifdef | |
|
3e51b078 | 2025-05-10 06:03:38 | Move the internal FOOerror() to err_local.h These are now only used in libcrypto. They should never have been in a public header in the first place. ok jsing | |
|
27854fe4 | 2025-05-10 05:54:38 | Use err_local.h rather than err.h in most places ok jsing | |
|
e3034ce0 | 2025-05-10 05:49:56 | ssl_local: provide an SSL-internal version of SYSerror() | |
|
a77d91e1 | 2025-05-10 05:49:21 | SSL_error_internal: remove a superfluous pair of parens | |
|
b4e54e6f | 2025-05-10 05:37:22 | ssl_local.h: adjust some whitespace | |
|
a7723dc5 | 2025-05-10 05:31:21 | const correct SSL_error_internal() | |
|
4b1267f5 | 2025-05-10 05:25:43 | cms: disallow AEAD ciphers and AES XTS The CMS code doesn't support RFC 5083/5084 authenticated enveloped data and outputs garbage that even itself can't decrypt for a reason that I have not tried to pinpoint. So refuse using AEAD ciphers and AES XTS for enveloped data from the cms "app" and throw an error pointing out that this isn't supported. OpenSSL have since added incorrect support for AuthEnvelopedData (ASN.1 and code review are hard), so doing this right will need both correct and interoperable code, which I doubt anyone will bother to write anytime soon. Reported by Ben Cooper in https://github.com/libressl/portable/issues/1157 ok beck jsing | |
|
7fb52fc4 | 2025-05-09 19:53:41 | Move ipsec-enc-alg, ipsec-auth-alg and ipsec-comp-alg sysctl variables out of netlock. Use integers instead of strings for in-kernel representation. So we can update them atomically. Also we remove strcmp() from the hot (?) path. Note, behavior was changed for a little. Against previous it denies to set incorrect values. In such case the EINVAL error will be returned to userland. ok bluhm | |
 |
6096bd70 | 2025-05-09 19:17:31 | Accept wrong client identifiers echoed back to us. Apparently there are broken CPEs out there that do not return the client identifier to us. Android and iPhone do not care, which pretty much means we cannot care either. RFC 6842 has this: If the 'client identifier' option is present in a message received from a client, the server MUST return the 'client identifier' option, unaltered, in its response message. Reported by mpi some time ago. OK mpi | |
 |
64ff7099 | 2025-05-09 17:40:08 | In TCP softlro split compare and concat functions. Split the function that compares two mbuf chains from the actual concatenation. This clarifies where the point of no return is. Now we have tcp_softlro_check() to figure out if a single packet is suitable for LRO. tcp_softlro_compare() takes two packets and returns whether they fit together. tcp_softlro_concat() unconditionally does the concatenation. The main function tcp_softlro_glue() is the wrapper around them and should be called by drivers. OK jan@ | |
|
b12495ee | 2025-05-09 14:53:22 | Clear and fill memory within same mutex block. When sysctl(2) copies a struct to userland, memset() the storage to zero before filling the fields to avoid kernel stack information leakage. Both memset() and field assignment should be covered by the same mutex. Although clearing stack does not need mutex protection, the compiler or processor may optimize away unnecessary store operations. A mtx_enter() between them would act as a barrier and prevent this optimization. OK tedu@ deraadt@ | |
 |
c900db63 | 2025-05-09 14:46:36 | netstat: add missing mulicast counter mfc_lookups and mfc_misses ok mvs, bluhm | |
|
b9e56c4e | 2025-05-09 14:43:47 | mp-safe multicast stats with per cpu counters ok mvs, bluhm | |
|
c8e4364a | 2025-05-09 13:53:10 | add Realtek RTL8201F ok kettenis | |
|
2e9bc565 | 2025-05-09 13:51:21 | sync | |
|
703b257a | 2025-05-09 13:51:03 | add Realtek RTL8201F ok kettenis | |
|
fa4c866e | 2025-05-09 13:24:37 | Garbage collect docs of BIO_dump{,_indent}_{cb,fp}() The _cb() variants were only documented as intentionally undocumented. Be that as it may, they left the building more than a year ago. | |
|
11b3a765 | 2025-05-09 13:05:03 | bss_log.c: don't rely on err.h pulling in bio.h ok jsing | |
|
1180d6af | 2025-05-09 12:50:59 | openssl ocsp: switch from X509V3error() to perror() ok jsing | |
|
b4cec26c | 2025-05-09 06:07:50 | pkgconf: initial pledge from upstream This is a very early pledge "stdio rpath wpath cpath" since the utility has to walk the fs to read .pc files, on --silence-errors it redirects stderr to /dev/null, and it can be asked to create a log file. Once refactored to accomodate unveil, this might be tightened further. For now this is much better than nothing. Went through an amd64 bulk. ok schwarze semarie | |
|
5888c242 | 2025-05-09 03:13:51 | attach multiple interface queues this allows local network connections to utilise multiple softnets, rather than just softnet0. it relise on net_sn_count() to know how many softnets are available. ok claudio@ bluhm@ jmatthew@ | |
|
955258dd | 2025-05-09 03:12:36 | add net_sn_count() so things can ask how many softnet threads are running this is useful to properly size some resources (eg, interface queues/rings) to what the kernel is actually providing to handle them. ok claudio@ bluhm@ jmatthew@ | |
 |
0dc0a232 | 2025-05-09 02:42:03 | make the progress-meter code safe against being called when not initialised; spotted by tb@ feedback/ok tb@ deraadt@ | |
|
e505f9ab | 2025-05-09 01:09:10 | Properly document the module search path. Specifically, document --env-only, --list-all, --with-path, PKG_CONFIG_LIBDIR, and PKG_CONFIG_PATH, all of which were already mentioned, but very little was said about them, and much of what *was* said was outdated. This documents the intended behaviour of --with-path. Our tree currently contains a (non-critical) bug related to it that was fixed today in the upstream repository and that we might wish to fix here, too, at our leisure. This patch was accepted and pushed upstream by Ariadne Conill. | |
|
9eae247a | 2025-05-09 00:50:29 | POSIX requires in chapter 12.2, Utility Syntax Guideline 9: "All options should precede operands on the command line." https://pubs.opengroup.org/onlinepubs/9799919799/basedefs/V1_chap12.html#tag_1202 and grep(1) is explicitly required to conform right below OPTIONS: https://pubs.opengroup.org/onlinepubs/9799919799/utilities/grep.html Consequently, that our grep(1) treated operands starting with dashes after other operands as options was a standard-violating bug. Fix this bug as documented for "optstring" in the getopt_long(3) manual. Issue reported by Petr Rockai <m dot v0adgys6 at fixp dot eu> on tech@. OK miod@ tedu@ espie@ tb@ and tested in a bulk build by tb@ with no fallout. | |
 |
ffee0fd9 | 2025-05-08 23:04:35 | Fix a typo. 82559 must be 82599. found by Dmitry Bogdan | |
 |
07055c96 | 2025-05-08 21:14:18 | Fix sign of %z output, and add DST offset doabbr: change penultimate arg from "isdst" to "stdoff", so that doabbr() has enough information to output the UTC offset on request. Fix the sign of z_gmtoff and add stdoff. backport of https://github.com/eggert/tz/commit/7c3e255 OK miod@ | |
|
b8e20da2 | 2025-05-08 20:22:56 | Only accept simple TCP timestamp options for softlro. Instead of parsing all TCP options, consider only two cases. No options or only timestamps at aligned position. The latter is the common case which must be fast. Ignoring other packets with complicated options will not decrease speed. In tcp_softlro_check() only packets without options or simple timestamps are considered for LRO. Enforce that timestamps are increasing to detect sequence number wraparounds. When concatenating TCP packets, take the timestamps from the tail which are more recent. OK jan@ | |
|
d4c31fac | 2025-05-08 17:32:53 | convert a last quad_t to int64_t. ok deraadt djm | |
|
35d05b8e | 2025-05-08 16:44:58 | cap cpu stats at 99 to preserve column width and separation. feedback ok deraadt job miod | |
 |
0d5aafe3 | 2025-05-08 15:30:41 | setpassent(1) and setgroupent(1) are surely not needed in this program because it doesn't not do many (or any???) getpwent/getgrent iteration lookup calls. ok millert | |
|
5a61f308 | 2025-05-08 15:22:49 | There is no call to setpassent(1) or to getpwent(), so endpwent() is not required. Strangely, this pattern of calling endpwent() after getpwuid() or getpwnam() has become quite common, and I have a bunch of mop-up diffs coming. Discussed with millert. | |
|
278cc48c | 2025-05-08 13:57:20 | Some of architectures do not us the stack protector (for example, retguard or hppa with reverse stack). So they do not call __stack_smash_handler(), and do not call sendsyslog(2). On those architectures, we can onditionally remove the syscall stub (which also removes it from the pinsyscalls table), and the stack protector handler. ok miod | |
 |
987e6c5a | 2025-05-08 10:36:54 | DIST_TUPLE can now do fdo | |
|
2c333898 | 2025-05-08 05:24:57 | don't need endpwent() after getpwnam(), it's only for getpwent(). deraadt@ is worried about my ability to read man pages. | |
|
91a4c8b7 | 2025-05-07 23:27:19 | preserve the flowid over the m_resethdr in if_input_local. the packet contents are the same so the flowid is still valid. ok bluhm@ mvs@ | |
|
58ed9036 | 2025-05-07 22:03:44 | * Properly document --modversion, --verbose, and --path. * Mention that --digraph and --simulate are not compiled in. * Sort the ENVIRONMENT section (no text change in this section). * Do not use ALL CAPS for .Ar arguments. * In addition, some small content and markup improvements. Accepted and pushed upstream by Ariadne Conill. | |
 |
e0b32dbd | 2025-05-07 19:08:52 | Fix description of relaydRelay{Last,Avg} counters. These counters describe the number of sessions created on a given relay, not the number of packets passed. ok sthen@ | |
|
a1874f98 | 2025-05-07 14:58:17 | Install unmodified pkgconf.1 as pkg-config.1 discussed with schwarze | |
|
91fa387b | 2025-05-07 14:57:39 | Add a local patch to replace a few instances of pkgconf with pkg-config ok schwarze | |
|
d958b4f6 | 2025-05-07 14:10:19 | Cache socket lock during TCP input. Parallel TCP input is running for a few days now and looks quite stable. Final step is to implement caching of the socket lock. Without large receive offloading (LRO) in the driver layer, it is very likely that consecutive TCP segments are in the input queue. This leads to contention of the socket lock between TCP input and socket receive syscall from userland. With this commit, ip_deliver() moves all TCP packets that are in the softnet queue temporarily to a TCP queue. This queue is per softnet thread so no locking is needed. Finally in the same shared netlock context, tcp_input_mlist() processes all TCP packets. It keeps a pointer to the socket lock. tcp_input_solocked() switches the lock only when the TCP stream changes. A bunch of packets are processed and placed into the socket receive buffer under the same lock. Then soreceive() can copy huge chunks to userland. The contention of the socket lock is gone. On a 4 core machine I see between 12% to 22% improvement with 10 parallel TCP streams. When testing only with a single TCP stream, throughput increases between 38% to 100%. tested by Mark Patruck a while ago; OK mvs@ | |
|
d993c831 | 2025-05-07 14:08:45 | Give exabgp more time to do its thing in attr.sh, required to make it pass on older/slower hardware. | |
 |
16035840 | 2025-05-07 10:44:26 | Rename sockaddr_un sun -> sunaddr. This makes things easier in -portable, where on Solaris an derivatives "sun" is defined to "1", causing compilation errors. ok deraadt@. | |
|
857ee269 | 2025-05-07 06:40:18 | fix include order. poke by deraadt@ | |
|
a2426b6f | 2025-05-07 06:18:22 | move pledge() to immediately after connect; was after (effectively) sendmsg(2); prodded by deraadt@ | |
|
345ae754 | 2025-05-07 05:58:19 | pledge after socket connected; ok dlg | |
|
be1b15fc | 2025-05-07 05:42:43 | Berkely -> Berkeley | |
 |
ffe08980 | 2025-05-07 05:38:35 | - -P before -p - text tweak - sunc usage() | |
|
45c18297 | 2025-05-07 04:38:23 | sync | |
|
922f0a9c | 2025-05-07 04:10:21 | memory leak on error path; bz3821 |