We match curve parameters against the builtin curves and only accept
them if they're encoding a curve known to us. After getting rid of the
wtls curves, some of which used to coincide with secp curves (sometimes
the wrong ones), the nid is unambiguous. Setting the nid has no direct
implications on the encoding.
This helps ssh avoid doing ugly computations during the key exchange
for PEM keys using this encoding.
ok djm joshua jsing
even if we miss the press event. Change the driver such that wakeup is
signalled when the button is pressed such that it matches what happens
when wakeup is handled by the PMIC.
ok patrick@
Rename it to DSA_prime_checks and add an XXX comment mentioning that
we could reduce the number of rounds thanks to BPSW. There are no
plans of changing that as DSA is on its way out.
discussed with miod
So make sure that sleep_signal_check() returns ERESTART in that case so
that the syscall is retried once ptrace intercepted the signal.
This should fix unexpected EINTR returns of waitpid for precesses that
left SIGCHLD ignored (default). Not the perfect fix but a good enough
bandaid to allow people to debug processes doing forks and waitpid calls.
Problem reported and fix tested by stsp@
OK kettenis@ stsp@
possible if the admin misconfigures X11DisplayOffset or the user
misconfigures their own $DISPLAY, but don't happen in normal operation.
From Suhov Roman via bz#3730, ok djm@
No locks required for per-CPU counters based protocol statistics.
Atomically accessed `udpctl_vars' variables are already moved from the
net lock, sysctl(2) related locks are useless for them.
Complicated UDPCTL_BADDYNAMIC and UDPCTL_ROOTONLY cases were left as is.
ok bluhm
Keep locking only for ICMPCTL_REDIRTIMEOUT case. It is complicated, so
left it as is.
ICMPCTL_STATS loads per-CPU counters into local data, so no locking
required.
`icmpctl_vars' are atomically accessed integers. Except `icmperrppslim'
they are simply booleans, so nothing special required. Used the local
`icmperrppslim_local' variable to load `icmperrppslim' value because it
it could have negative values. claudio@ proposed to always load such
values to local variables, so I want to try this notation.
ok bluhm
Both `gre_allow' and `gre_wccp' are atomically accessed integers. They
could have only '0' and '1' values, so no extra dances around
atomic_load_int(9) required.
ok bluhm
As already done for SHA-256 and SHA-512, replace the perlasm generated
SHA-1 assembly implementation with one that is actually readable. Call the
assembly implementation from a C wrapper that can, in the future, dispatch
to alternate implementations. On a modern CPU the performance is around
5% faster than the base implementation generated by sha1-x86_64.pl, however
it is around 15% slower than the excessively complex SSSE2/AVX version that
is also generated by the same script (a SHA-NI version will greatly
outperform this and is much cleaner/simpler).
ok tb@
This should really have been using SECP 160R2, not SECP 160R1. Of course
this means in particular that nobody ever used this curve, at least not
against another implementation than OpenSSL. Quasi-monocultures are
poisonous whether the monopolist is benevolent and competent or not.
If a bt(5) script uses the same probe multiple times (like interval:hz),
btrace(8) has currently no knowledge of which rule to execute when it
parses events read from the kernel.
Disable the funcitonnality until someone in need of such feature comes
up with a nice implementation.
From Christian Ludwig.
Upstream decided that this nonsense was worth an ABI break and added stuff
to the X509_CTX so they could hang the issuer's public key off it so that
they could adjust the key identifiers as needed. Let's avoid that and do
it the slightly less nasty way by updating the AKI and SKI as needed.
We only do this when force pubkey is in place so we don't change the
semantics of the batshit crazy config language that nobody understands.
ok job
Run without kernel lock. Use the network stack functions used for
multiqueue, but still only run on one queue.
Add a virtio interface for an interrupt barrier.
This is the reverted diff plus a missing chunk.
Tested by dtucker, bluhm, sf
exists, but does not contain moduli within the client-requested range.
The fallback behaviour remains for the case where the moduli file does
not exist (typically, running tests prior to installing).
From bz#2793, based in part on patch from Joe Testa, ok djm@
