to a verification program for a binary package. The following callouts
are defined: "none", "gpg" and "pgp5".
This feature allows you to verify a binary package against a detached
signature file, and to proceed with the installation or not, depending
upon the level of trust you place in the signatory of the binary
package.
Digital signatures will be checked in a recursive manner (i.e. if
pkg_add is called with a verification type which is not "none", the
verification type will be passed to subsequent invocations of pkg_add
for the dependent packages).
At the current time, digital signatures cannot be used with the URL
form of pkg_add(1) - the detached signature file must be in the same
directory as the binary package, either locally or mounted by NFS.
If no -s argument is given, pkg_add(1) retains its current behaviour -
the package will not be verified before installation takes place.
The type of ALIGN() is vary on architecture and casting pointer to u_int
is incorrect for MI code.
Since the code is to make sure aligned access to IP header and requires
bcopy if the test fails. So the performance implication is not necessary
and we can use ALIGNED_POINTER() here.
pointed out by nathanw.
I have a weird PC-card-style appliance (I'm not sure I may call it a PC card)
whose ``CIS'' reads zeros forever, which caused kernel panic.
For your interest, it is a cooling fan to be inserted to a PC card slot.
Make sure that each va_start has one and only one matching va_end,
especially in error cases.
If the va_list is used multiple times, do multiple va_starts/va_ends.
If a function gets va_list as argument, don't let it use va_end (since
it's the callers responsibility).
Improved by comments from enami and christos -- thanks!
Heimdal/krb4/KAME changes already fed back, rest to follow.
Inspired by, but not not based on, OpenBSD.
aggressive; rework to be a bit less susceptable to round-off error.
now it's likely that the density might not be obtained with a small
filesystem with a large number of inodes (e.g -s 4M -i 1k), but that's
an extremely unlikely corner case that can easily be rectified with
command-line arguments.
fixed provided in private email by Takao Shinohara <shin@sm.sony.co.jp>
should resolve PRs [bin/14049] and [bin/14046]
1) Always do a make clean before building objects in any directory. This
is wasteful, but there's really no other simple way to cope with the
fact that the compilation settings (e.g. CFLAGS) appropriate for the
non-crunched build of a program may not be appropriate for the crunched
build. If the objdir magic in make didn't rely upon the presence of an
"obj" or "obj.${MACHINE}" symlink, we could abuse it to handle this but
unfortunately, it does.
2) Override $DBG to cause object files to be built with -Os. We can't emit
"DBG?=" into the generated makefile because of order-of-inclusion issues
with the system Makefiles; the result would be that the default setting
(currently -O2) would always be used instead of -Os. If you're crunching,
you almost certainly are doing it to get a smaller executable (!) so -Os
is almost certainly appropriate for you.
agc