Having all these flags in a single bitmask makes it harder to see where
exactly they can possibly be used since their state could also be
modified using the unsuspicious job->flags = 0. Using individual names
just leaves the single memset, and that is only used during
initialization.
The "false" is supposed to be run not only if the command has the '-'
flag, but also if the target is marked as .IGNORE or if the command line
option -i is given.
After the failed command, the remaining commands are skipped, therefore
the final echo for the empty line had to be moved up, at the beginning
of the target.
The code in JobPrintSpecials is rather complicated and contains
surprising interaction between some of the switches.
To see the exact effects of the switches, record the current state and
its output, to prevent accidental breakage during the upcoming
refactorings.
---
date: 2020-07-27 09:57:44 -0700; author: gson; state: Exp; lines: +6 -1; commitid: m3HouRBlhyJQVJhC;
Skip the repeated_link_addr test by default as it causes the
evbarm-aarch64 testbed to hang (PR port-evbarm/55521), and will not be
safe to run by default even after that bug is fixed, for similar
reasons as t_repeated_updown.
---
t_repeated_mtu.sh changes the MTU, which may cause NFS to fail.
if you have NFS root, this is system killing.
t_repeated_scan.sh kills and restarts both hostapd and
wpa_supplicant.
Fixed NULL pointer deref in the GENERAL_NAME_cmp function This
function could crash if both GENERAL_NAMEs contain an EDIPARTYNAME.
If an attacker can control both items being compared then this
could lead to a possible denial of service attack. OpenSSL itself
uses the GENERAL_NAME_cmp function for two purposes:
Comparing CRL distribution point names between an available CRL
and a CRL distribution point embedded in an X509 certificate When
verifying that a timestamp response token signer matches the
timestamp authority name (exposed via the API functions
TS_RESP_verify_response and TS_RESP_verify_token) (CVE-2020-1971)
Matt Caswell
Changes between 1.1.1g and 1.1.1h [22 Sep 2020]
Certificates with explicit curve parameters are now disallowed in
verification chains if the X509_V_FLAG_X509_STRICT flag is used.
Tomas Mraz
The 'MinProtocol' and 'MaxProtocol' configuration commands now
silently ignore TLS protocol version bounds when configuring
DTLS-based contexts, and conversely, silently ignore DTLS protocol
version bounds when configuring TLS-based contexts. The commands
can be repeated to set bounds of both types. The same applies with
the corresponding "min_protocol" and "max_protocol" command-line
switches, in case some application uses both TLS and DTLS.
SSL_CTX instances that are created for a fixed protocol version
(e.g. TLSv1_server_method()) also silently ignore version bounds.
Previously attempts to apply bounds to these protocol versions
would result in an error. Now only the "version-flexible" SSL_CTX
instances are subject to limits in configuration files in command-line
options.
Viktor Dukhovni
Handshake now fails if Extended Master Secret extension is dropped
on renegotiation.
Tomas Mraz
The Oracle Developer Studio compiler will start reporting deprecated
APIs
Removes an include cycle when including <sys/resource.h> via:
ys/time.h, sys/timevar.h, sys/mutex.h, sys/intr.h on top of this
file, and sys/param.h, uvm/uvm_param.h, sys/resourcevar.h below.
The manual page says that in -j mode when the shell does not have ErrCtl
(and none of the default shells has that), the command prefix '-'
"affects the entire job", but this seems to be wrong. At least, there
is no change in the output from before, when all commands had been in
the same target.
In PR kern/22646 some TDs can be on the done queue when the abort start
and, if this is the case, they need to processed after the WDH interrupt.
Instead of waiting for WDH we release TDs that have been touched by the
HC and replace them with new ones. Once WDH happens the floating TDs
will be returned to the free list.
Also addresses the issue seen in PR kern/55835
Thanks to both Andreas Gustafsson and Edgar Fuß for testing. Apologies to
Andreas Gustafsson for not committing this to HEAD for 4y6m.w
As one national park director once said: "my problems start when the
dumber of my visitors meet the smarter of my bears".
Old inline asm used specific hardcoded registers "assuming that gcc
doesn't do anything funny with these". Unfortunately now it does,
especially when this function is inlined. We ended up restoring a
wrong context. The result was mysterious infinite memory faults.
Rewrite in safer inline asm, so that gcc is not confused.
Many thanks to chs@ for his patience.
- Some of what was defined as "generic itimer" behavior turned out to be
ptimer-specific. As such, everything related to the "fired timer queue"
is now specific to ptimers, and the queue and softint handle fields of
itimer_ops are not needed.
- Split itimer_fini() into 2 parts: itimer_poision() marks the timer as
dead and attempts to cancel it. itimer_fini() is then just responsible
for freeing itimer resources and releasing the lock. They are split
into two parts, as ptimers require an addition processing step between
those two operations, but other kinds of itimers do not necessarily require
that.
- Export a few more itimer-related symbols that other itimer types will
need.
Riding previous kernel version bump since there are no external uses of
this code since the version bump that accompanied the original change.
