On the responder (for instance), there is a need to not only migrate local
and remote addresses of Phase 1 that match previous addresses but also
the local and remote addresses of a Phase 1 *associated* with a migrated
Phase 2. For instance, we have that need when receiving the first
MIGRATE/KMADDRESS message because the old addresses are still the HoA and
the address of the HA (while the peer has contacted us using the CoA and
we have negotiated this address as src attribute in Phase 2). The patch
fixes that by having migrate_ph1_ike_addresses() called from
migrate_ph2_ike_addresses() callback.
library.
A good signature verification now shows the filename, time of signing,
and the public keys of the signatories.
Made the interface much more standard by using any argv components after
the options have been parsed to indicate files, rather than a single
--file=filename long option.
Get rid of all assert() calls in the program - dumping core when an
argument is missing is a trifle uncompromising.
When matching userids, if the given userid contains a '@' character,
consider all characters from the rightmost '<' to the terminating
'>' of the file-based userid to be an email address. If there's no
'@' character, consider the given name as a real name, and match
from the start of the file-based userid. All comparisons are done
using case-insensitive searching. I'll consider implementing regexp
matching when enough chocolate bribes are received.
Rework the internals to call a major internal function, rather than doing
everything in main().
Run the results of all this through indent, since the current sources
bear little resemblance to what went before.
numeric addresses. The documentation appears to say this works, and some
other systems support it -- more importantly, why should it _not_ work? If
it does not, getaddrinfo() cannot be used as a general-purpose textual to
binary address conversion utility function; yet it is the only such function
we have in the system, since inet_pton() requires a priori knowledge of the
address family.
This change also causes getaddrinfo() with NULL hint (expressly documented
as working) to work properly for numeric addresses.
type/status/etc inquiries. (PR kern/37915)
This is clearly a design problem in tty, but we need a cheap fix now.
The problem is that ttyinput() tries to pull a spinlock which
is already held on calls to t_oproc.
The workaround is based on the fact that within wscons code, the
wsdisplay_emulinput() function is only called directly from
wsdisplaystart(). So we can be sure that the tty lock is held,
and use an inofficial entry point in ttc.c which avoids the locking.
These ate certainly more assumptions than needed by the fix
proposed in the PR, but it doesn't affect (and slow down) other
tty drivers.
(not such a great idea), use getpass() to get the passphrase.
Various debugging additions.
When verifying files, print out the file name which was verified, and exit
with either EXIT_FAILURE or EXIT_SUCCESS, depending upon the verification
result. This still needs to be reworked to print out the signatory to the
file, and the date of signing.
that key ring. If no key ring has been specified, list the keys in
the default public key ring, rather than dying with a usage message.
Matches gpg behaviour, and stops openpgp violating the POLA.
tteras