rsa: rename getkey() to getrsakey(), document rsa2csr in rsa(8)
libsec: implement server side SCSV preventing silly client fallbacks
libsec: order tlshand cipher suits by: keyexchange>=cipher>=hash, ignore client preference
rsagen: increase default key size to 2048 bits
libsec: remove affine coordinate point operations from ecc
libsec: implement elliptic curve group operations in jacobian coordinate system
rcpu: make sure not to leak /env/fn#server and /env/fn#aanserver for drawterm (thanks mischief)
libsec: implement server side ECDHE key exchange with secp256r1, move DH state in TlsSec structure, simplify
webfs: fix memory leak of serverName in tlswrap()
rsa(8): provide example for converting OpenSSL generated PEM file to factotum
libsec: massive cleanup of tlshand.c
libsec: fix memory leak of RSApub, avoid parsing certificate twice to extract rsa public key
libsec: recognize and decode PKCS#8 wrapped RSA private keys for auth/asn12rsa
webfs: change %H (hostname) format to %N to not collide with encodefmt's %H (hex)
libsec: x509: convert to UTF8 from BMPString and UNIString, reject \0 bytes
libc: fix out of bounds access in dirpackage(), simplify
kbdfs: add shift+altgr table 7 for polish keymaps
Subject: typo: ee corrected (thanks Eric Lindblad)
fix estonian keymap (thanks Eric Lindblad)
python: make hashlib.py fallback to openssl in case of old python binary
ktrace: sign extend stack dump pc for amd64
libc: remove unneeded #include <auth.h> for crypt() and netcrypt()
libdraw: avoid BPSHORT()/BPLONG() expansion, cleanup loadchar(),cachechars()
add danish keymap (thanks Eric Lindblad)
ape: explicitely list the ape libs to build in mkfile
python: remove openssl support, use ape/libsec for cryptographics hash functions
gs: replace openssl aes implementation with ape/libsec
ape: add libauth, libbio, libmp and libsec as replacements for openssl
hg: create system wide /sys/lib/hgrc to enabled hgwebfs extension
libauth: remove unneeded includes for authsrv.h, avoid pulling in dependency for rerrstr()
libsec: make #include headers consistent
libsec: dont use mips assembly routines for spim, wrong endianess
libmp: fix build for spim, reduce by the mips assembly files
hg: set mercurial.url.has_https when hgwebfs extension is in use
ape: move compatibility libc.h to lib9 directory and incooperate needed functions for ape/mp (wip)
ape: remove broken 9errstr.c
ape: add internal _NSEC() function and make gettimeofday() use it
libmp: make includes consistent, make test program compile under ape (work in progress)
libdraw: dont postnote to pid==0 in ekill()
add missing target for antiword in /sys/src/cmd/aux/mkfile (thanks _sl)
aes(2): mention aesCBC bug
listen(8): fix html rendering
listen(8): document tcp17019 rcpu service
tls(3): document support for TLSv1.1 and TLSv1.2
qball(2): fix bad manpage reference
ether82563: initial i217 support from http://www.9legacy.org/9legacy/patch/pc-ether82563-i210.diff (thanks k0ga)
tcp567: run authserver with p9sk1 tickets disabled preventing offline password brute-force
jpg: fd == 0 is valid, so don't ignore it
libdraw: fix out of bounds memory access after subfont array reallocation (thanks ray)
kbdfs(8): document new /dev/kbd behaviour
change /dev/kbd to return multiple messages per read
kernel: always clunk closed fids asynchronously, regardless of caching
6in4: ingress filter multicast and link-local, but allow relay traffic
6in4: allow setting the local IPv4 address with -i flag (thanks k0ga)
9fs: bind -b /n/9front.org!7734 /n/lists
kernel: remove unused NSMAX, NSLOG, NSCACHE constants from portdat.h
fortunes: Ah, nice. the woodpeckers are back.
bullshit: +progressive +enhancement
zynq: cleanup devarch, flushmmu() after procflushpsecg()
kernel: print pid as %lud instead %lux (in tsleep() debug print)
libsec: fix tlsid for TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
devtls: print the path of the underlying chan in status file
devip: applying changes for bug: multicasts_and_udp_buffers
zynq: introduce SG_FAULT to prevent access to AXI segment while PL is not ready
file: deal with negative coordinates in plan9 bitmaps, print image size
kernel: fix tsleep()/twakeup()/tsemacquire() race
rio: flushimage() before wscrsleep()
devtls: zero secret information before freeing, cleanup
stats: fix display->locking race
add portable AES-GCM (Galois/Counter Mode) implementation to libsec and devtls
rio: add flushimage() after mb2 menu action
mothra(1): fix url for https://code.9front.org/hg/plan9front/
file(1): print warnings on /fd/2, remove some duplicate strings, whitespace fixes
games/life: add -d delay parameter, -b color reversal parameter, and update manpage
lib9p: remove duplicate variable assignment in createfile()
rio: fix some spacing, slightly cleaner arg handling
libdraw: have openfont() set error string
libc: trailing whitespace cleanup
ip/gping: add main pid to pid list for killall()
abandon streaming experiment
libc: fix runestrecpy() return value (thanks spew)
ppp: fix buffer overflow, set correct state after chap negotiation (thanks k0ga)
ppp: Small format and log fixes (thanks k0ga)
ppp: md5 and mschap inside chap, do not request encryption with -c or -C (thanks k0ga)
pppoe: Add support for -c and -C to enable/disable header compression (thanks k0ga)
rio: flushimage() improves your ability to see, i repeat twice.
rio: remove more unneccesary flushimage() calls
truss: add fake __NSEC syscall name for ape
truss: fix "bad string" error due to missing ape _nsec() syscall
uhtml: dont trust charset=utf-8 attribute, verify.