mpi [Sun, 18 Jan 2015 17:18:08 +0000 (17:18 +0000)]
This size check was obviously commented out because of the incorrect
size computed for reports with reportID.
Tested by Benjamin Baier.
mpi [Sun, 18 Jan 2015 17:16:06 +0000 (17:16 +0000)]
Do not calculated the length of a report with an extra byte for the
reportID because the kernel skips it.
Problem reported and fix tested by Benjamin Baier.
jsg [Sun, 18 Jan 2015 16:26:39 +0000 (16:26 +0000)]
When restoring spsr values when handling traps use spsr_fsxc instead
of spsr_all so all the bits are restored. Using the msr instruction
with spsr_all is treated the same as spsr_fc and does not include the
status and extension fields (bits 23:8).
This fixes the problem of some i.MX6 machines powering up with the
big endian bit set in the extension field causing them to crash
on returning from the first interrupt.
From NetBSD.
jsg [Sun, 18 Jan 2015 14:55:02 +0000 (14:55 +0000)]
Switch some uses of msr that only deal with interrupts/mode to use
just the control field ('c' bits 7:0) instead of 'all' which includes
the flags field ('f' bits 31:24) which isn't modified.
mpi [Sun, 18 Jan 2015 14:51:43 +0000 (14:51 +0000)]
Do not even try to dereference a NULL pointer.
Found the hard way by Peter N. M. Hansteen.
ok claudio@, phessler@
mpi [Sun, 18 Jan 2015 14:49:04 +0000 (14:49 +0000)]
Complete synchronous abort method modeled after the existing ones.
Because our USB stack wants the aborted xfer to be removed from the
pipe during abort(), we have to sleep in the abort function.
Regarding the xHCI process, when a TD is being aborted, we simply stop
the endpoint and then move the dequeue pointer past its last TRB. This
is fairly simple for the moment since only one xfer can be pending on a
given pipe.
mpi [Sun, 18 Jan 2015 14:40:05 +0000 (14:40 +0000)]
Do not try to free xfers before aborting the pipes, otherwise a clown
might eat you.
deraadt [Sun, 18 Jan 2015 14:21:53 +0000 (14:21 +0000)]
sync
aoyama [Sun, 18 Jan 2015 14:13:18 +0000 (14:13 +0000)]
Add commented-out necsb(4) and audio(4) configuration to GENERIC.
miod [Sun, 18 Jan 2015 14:01:54 +0000 (14:01 +0000)]
Revert 1.166 (but keep the bufq_wait() interface change), for this is wrong
and the bufq pointer might be NULL at the time it is `saved'.
Found the hard way on sparc due to the limited kva, with all disk active
processes ending up sleeping on "buf_needva".
ok kettenis@ krw@
florian [Sun, 18 Jan 2015 14:01:17 +0000 (14:01 +0000)]
First stab at implementing basic auth.
Currently the htpasswd file needs to be in the chroot; will hopefully
improved soonish.
Based on a diff from Oscar Linderholm many months ago but turned into
a complete rewrite.
input/OK reyk@
deraadt [Sun, 18 Jan 2015 14:01:00 +0000 (14:01 +0000)]
string truncation due to sizeof(size)
ok djm markus
djm [Sun, 18 Jan 2015 13:33:34 +0000 (13:33 +0000)]
avoid trailing ',' in host key algorithms
djm [Sun, 18 Jan 2015 13:22:28 +0000 (13:22 +0000)]
infer key length correctly when user specified a fully-
qualified key name instead of using the -b bits option;
ok markus@
jsg [Sun, 18 Jan 2015 12:03:11 +0000 (12:03 +0000)]
The 'mrs' instruction only deals with the whole register without
masking. Remove the use of cpsr_all/spsr_all with 'mrs' and just use
the register names. This matches the arm docs and avoids confusion as
cpsr_all/spsr_all don't include bits 23->8 when used with the 'msr'
instruction but do with 'mrs'.
mpi [Sun, 18 Jan 2015 11:54:02 +0000 (11:54 +0000)]
Since we are no longer resetting rings when a Babble or Stall condition
is detected, simply keep track of the faulty xfer instead of completing
all the pending ones.
Fix a race condition where we could end up aborting a freshly enqueued
xfer when two different threads are submitting control transfers (i.e.
usbdevs(8) and a kernel driver).
ajacoutot [Sun, 18 Jan 2015 10:29:53 +0000 (10:29 +0000)]
Drop backward compat syntax.
jsg [Sun, 18 Jan 2015 10:17:41 +0000 (10:17 +0000)]
unifdef IPKDB. These codepaths are holdouts from NetBSD code and are
not used.
guenther [Sun, 18 Jan 2015 05:30:58 +0000 (05:30 +0000)]
The world is ELF: use <sys/exec_elf.h> instead of <a.out.h> or <sys/exec.h>
Use a better test for an input being ELF: struct exec is dead and there are
defines for the ELF magic. Reorder #includes and do some whitespace cleanup.
Oh, and don't lead the fd if an input file isn't ELF.
ok deraadt@
guenther [Sun, 18 Jan 2015 04:52:03 +0000 (04:52 +0000)]
Per POSIX, <sys/socket.h> needs to expose struct iovec, and may do so
by pulling in <sys/uio.h>, so do so. Remove some stuff that we can trust
<sys/uio.h> to also provide, like cdefs.h, _types.h, and exposing size_t
and ssize_t
pointed out by naddy@
ok deraadt@
deraadt [Sun, 18 Jan 2015 04:48:24 +0000 (04:48 +0000)]
do not require <a.out.h>
deraadt [Sun, 18 Jan 2015 03:46:24 +0000 (03:46 +0000)]
sync
tedu [Sat, 17 Jan 2015 20:37:04 +0000 (20:37 +0000)]
remove des.h. it somehow escaped from ssleay into /usr/include, but none
of the functions prototyped here exist in libc, making it useless.
djm [Sat, 17 Jan 2015 18:54:30 +0000 (18:54 +0000)]
unit test for hostkeys in ssh-agent
djm [Sat, 17 Jan 2015 18:53:34 +0000 (18:53 +0000)]
fix hostkeys on ssh agent; found by unit test I'm about to commit
mpi [Sat, 17 Jan 2015 18:37:12 +0000 (18:37 +0000)]
Split the consumer & producer logic into two different functions in
order to read last TRB of the event ring.
Fix a bug introduced in r1.1.
tedu [Sat, 17 Jan 2015 18:01:43 +0000 (18:01 +0000)]
Improve wording in alloca.
1. it's not a bug; it's a caveat.
2. "slightly unsafe" gives me the willies.
3. one .Xr to malloc should suffice
ok deraadt jmc
deraadt [Sat, 17 Jan 2015 17:49:26 +0000 (17:49 +0000)]
use NGROUPS_MAX
tedu [Sat, 17 Jan 2015 17:44:15 +0000 (17:44 +0000)]
guard usingacpi variable inside NACPI. from oyvind jaegtnes
deraadt [Sat, 17 Jan 2015 17:22:07 +0000 (17:22 +0000)]
use NGROUPS_MAX instead of NGROUPS
deraadt [Sat, 17 Jan 2015 17:17:10 +0000 (17:17 +0000)]
NGROUPS_MAX, not NGROUPS
millert [Sat, 17 Jan 2015 15:03:09 +0000 (15:03 +0000)]
Define MAXHOSTNAMELEN as HOST_NAME_MAX+1. OK deraadt@
rpe [Sat, 17 Jan 2015 14:36:58 +0000 (14:36 +0000)]
Remove unnecessary double-quotes inside [[]].
OK krw@
millert [Sat, 17 Jan 2015 13:37:59 +0000 (13:37 +0000)]
Remove a pasto introduced in the last commit, spotted by schwarze@
espie [Sat, 17 Jan 2015 13:20:04 +0000 (13:20 +0000)]
make sure we have an interactivestub... I forgot the -I part from the old
script.
rpe [Sat, 17 Jan 2015 10:09:06 +0000 (10:09 +0000)]
Uppercase global vars (auto -> AUTO, respfile -> RESPFILE)
OK krw@ deraadt@
aoyama [Sat, 17 Jan 2015 08:26:10 +0000 (08:26 +0000)]
Delete an extra tab.
jsg [Sat, 17 Jan 2015 08:00:41 +0000 (08:00 +0000)]
Add an ascii bit/field diagram for armv7-a psr to match the
existing one for earlier arm revisions.
deraadt [Sat, 17 Jan 2015 07:37:14 +0000 (07:37 +0000)]
document the <sys/param.h>
deraadt [Sat, 17 Jan 2015 07:09:50 +0000 (07:09 +0000)]
_KERNEL 1? no, just _KERNEL
deraadt [Sat, 17 Jan 2015 05:31:29 +0000 (05:31 +0000)]
eliminate strcpy & strcat, by using strlcpy, strlcat or snprintf where
suitable.
ok jsg
deraadt [Sat, 17 Jan 2015 04:18:49 +0000 (04:18 +0000)]
resume_randomness() before spinning up other cpus...
deraadt [Sat, 17 Jan 2015 02:58:28 +0000 (02:58 +0000)]
sync
jsg [Sat, 17 Jan 2015 02:57:16 +0000 (02:57 +0000)]
More complete gpio reset sequences for SABRE Lite/Nitrogen6X.
From Patrick Wildt in Bitrig.
millert [Fri, 16 Jan 2015 21:31:27 +0000 (21:31 +0000)]
Document behavior of killing process 0, matching the text in kill(2).
From Theo Buehler
tedu [Fri, 16 Jan 2015 21:16:14 +0000 (21:16 +0000)]
increase namecache to maxvnodes again now that the n^2 loop is no more.
battle tested by krw
schwarze [Fri, 16 Jan 2015 21:12:01 +0000 (21:12 +0000)]
Let man(1) show manuals for the current architecture by default,
and support the MACHINE environment variable as documented in man(1).
Missing feature reported by pascal@.
miod [Fri, 16 Jan 2015 20:21:40 +0000 (20:21 +0000)]
Constify the driver name to disk type table, and remove rz and ccd from that
list.
ok krw@ millert@
miod [Fri, 16 Jan 2015 20:18:24 +0000 (20:18 +0000)]
Revert forcing a rachitic `c' slice size when the drive geometry is not known,
now that the disklabel code will reduce MAXDISKSIZE to the real size if a Sun
label is found.
kettenis [Fri, 16 Jan 2015 20:17:07 +0000 (20:17 +0000)]
Don't bother to initialize %g1; we don't do this on sparc either.
ok miod@
miod [Fri, 16 Jan 2015 20:17:05 +0000 (20:17 +0000)]
disklabel_sun_to_bsd() will nicely set the disk size if it is zero, but it is
usually invoked after initdisklabel() which proactively changes a zero disk
size to MAXDISKSIZE, causing this test to fail.
Allow for MAXDISKSIZE too in that test. This makes spoofed disklabels of SMD
disks have a proper `c' slice size.
luna88k disklabel_om_to_bsd() is modified accordingly, to keep diffability,
even though luna88k can't - to the best of my knowledge - sport SMD disk
controllers.
ok deraadt@ krw@
millert [Fri, 16 Jan 2015 18:20:14 +0000 (18:20 +0000)]
Use ">", not ">=" when comparing length to HOST_NAME_MAX since
otherwise we end up needlessly replacing a NUL with a NUL.
OK deraadt@
millert [Fri, 16 Jan 2015 18:18:58 +0000 (18:18 +0000)]
Replace HOST_NAME_MAX+1-1 with HOST_NAME_MAX. OK deraad@
millert [Fri, 16 Jan 2015 18:10:31 +0000 (18:10 +0000)]
Replace check for ">= HOST_NAME_MAX+1" with "> HOST_NAME_MAX".
OK deraadt@
millert [Fri, 16 Jan 2015 18:08:15 +0000 (18:08 +0000)]
Add missing <limits.h> to file.c and remove definition of PATH_MAX
which masked the missing include. OK deraadt@
schwarze [Fri, 16 Jan 2015 17:20:24 +0000 (17:20 +0000)]
properly handle opening parentheses, correctly quote vertical bars,
and do not use the legacy predefined string \*(Ba
bluhm [Fri, 16 Jan 2015 17:06:43 +0000 (17:06 +0000)]
Add test that exchanges database description packets with ospfd.
From Florian Riehm.
tedu [Fri, 16 Jan 2015 17:05:49 +0000 (17:05 +0000)]
increasing the size of the namecache suddenly made the comment
"This makes the algorithm O(n^2), but do you think I care?"
a lot more meaningful, as discovered by krw.
fix the loop so it doesn't restart all the time, as it's not necessary.
(this was also tried years ago in rev 1.20 and reverted, but that change
also introduced pool_put before the namecache was ready to free things. we
have been freeing cache entries with pool_put for some time now, so that's
been made safe.)
ok deraadt krw
schwarze [Fri, 16 Jan 2015 16:52:39 +0000 (16:52 +0000)]
Parse and ignore .IX (generate index entry) macros because pod2man(1)
emits them, by default without defining them, relying on the roff(7)
quirk that undefined macros have no effect.
This cures 1996 mandoc ERRORs in src/gnu.
deraadt [Fri, 16 Jan 2015 16:48:51 +0000 (16:48 +0000)]
Move to the <limits.h> universe.
review by millert, binary checking process with doug, concept with guenther
deraadt [Fri, 16 Jan 2015 16:25:50 +0000 (16:25 +0000)]
More evil bootstrap code. #ifndef ALIGNBYTES #define ALIGNBYTES 3.
Which makes this code go all wrong depending on where a system has put
their things like ALIGNBYTES.
Delete with prejudice. When someone needs to compile this in another
environment, they need to face this hurdle, and maybe change the
embedded memory allocator...
schwarze [Fri, 16 Jan 2015 16:20:23 +0000 (16:20 +0000)]
garbage collect empty .No macros mandoc warns about
deraadt [Fri, 16 Jan 2015 16:18:07 +0000 (16:18 +0000)]
<sys/param.h> to <limits.h> conversion. Verified binaries
ok millert, thanks to doug for process advice
schwarze [Fri, 16 Jan 2015 16:16:36 +0000 (16:16 +0000)]
add missing .An macros
deraadt [Fri, 16 Jan 2015 16:04:38 +0000 (16:04 +0000)]
change to <limits.h> universe. The only changes in the binary are due
to the heavy use of assert.
ok millert
schwarze [Fri, 16 Jan 2015 16:01:46 +0000 (16:01 +0000)]
manage spacing in a simpler way, removing some useless macros mandoc warns about
deraadt [Fri, 16 Jan 2015 15:57:06 +0000 (15:57 +0000)]
move to <limits.h> where possible, annotate <sys/param.h> otherwise
djm [Fri, 16 Jan 2015 15:55:07 +0000 (15:55 +0000)]
regression: incorrect error message on otherwise-successful
ssh-keygen -A. Reported by Dmitry Orlov, via deraadt@
schwarze [Fri, 16 Jan 2015 15:53:24 +0000 (15:53 +0000)]
fix placement of opening parentheses, and drop some .Xo while here
deraadt [Fri, 16 Jan 2015 15:40:16 +0000 (15:40 +0000)]
Move from <sys/param.h>. (The binary change is due to a line number
passed to assert, found by doug)
ok millert
schwarze [Fri, 16 Jan 2015 15:37:20 +0000 (15:37 +0000)]
Arguments are just ".Ar", not ".Brq Ar" or even ".Ns { Ns Ar ... Ns }".
The .Ar macro already causes distinctive formatting in a standard way,
so there is no need for additional braces.
This also fixes the only mandoc warning in src/sbin.
deraadt [Fri, 16 Jan 2015 15:36:29 +0000 (15:36 +0000)]
switch to <limits.h>; ok millert
schwarze [Fri, 16 Jan 2015 15:32:32 +0000 (15:32 +0000)]
remove useless escaping; mandoc warned about some of this
schwarze [Fri, 16 Jan 2015 15:30:10 +0000 (15:30 +0000)]
Properly escape punctuation when given as an argument to a macro;
this was the only mandoc warning in src/bin.
tedu [Fri, 16 Jan 2015 15:29:45 +0000 (15:29 +0000)]
Less code, more better. No longer need to worry about what mysterious
things will happen when machines have 8 byte longs.
deraadt [Fri, 16 Jan 2015 15:17:34 +0000 (15:17 +0000)]
The make code has "bootstrap", to allow it to be brought up on other
systems. Rarely used & tested -- perhaps once a decade. Perhaps not
even once this decade? Anyways,
#define PATH_MAX (MAXPATHLEN+1)
is quite wrong. Delete the chunk, assuming any system this is ported
to has PATH_MAX.
reyk [Fri, 16 Jan 2015 15:08:52 +0000 (15:08 +0000)]
SSL_CTX_use_certificate_chain() has been added to LibreSSL and there
is no need to keep a local copy in ssl_privsep.c. This adds a little
burden on OpenSMTPD-portable because it will have to put it in
openbsd-compat for compatibility with legacy OpenSSL.
OK gilles@
deraadt [Fri, 16 Jan 2015 15:06:40 +0000 (15:06 +0000)]
Adapt to <limits.h> universe.
ok millert
deraadt [Fri, 16 Jan 2015 14:36:44 +0000 (14:36 +0000)]
Replace <sys/param.h> with <limits.h>
millert spotted the accidental <ctype.h> removal that caused binary change.
reyk [Fri, 16 Jan 2015 14:34:51 +0000 (14:34 +0000)]
The SSL/TLS session Id context is limited to 32 bytes. Instead of
using the name of relayd relay or smtpd pki, use a 32 byte arc4random
buffer that should be unique for the context. This fixes an issue in
OpenSMTPD when a long pki name could break the configuration.
OK gilles@ benno@
schwarze [Fri, 16 Jan 2015 14:19:07 +0000 (14:19 +0000)]
Tweak previous: Do not put punctuation on its own line, put it at the end
of the preceding macro line; no output change with mandoc, fixes output
with groff. Also, if you want spacing back after .Sm off, do not add
an argument containing a blank character, simply rely on .Sm on.
bluhm [Fri, 16 Jan 2015 11:51:59 +0000 (11:51 +0000)]
Add regression tests for syslog over TLS.
sf [Fri, 16 Jan 2015 10:17:51 +0000 (10:17 +0000)]
Binary code patching on amd64
This commit adds generic infrastructure to do binary code patching on amd64.
The existing code patching for SMAP is converted to the new infrastruture.
More consumers and support for i386 will follow later.
This version of the diff has some simplifications in codepatch_fill_nop()
compared to a version that was:
OK @kettenis @mlarkin @jsg
bentley [Fri, 16 Jan 2015 09:08:41 +0000 (09:08 +0000)]
Clean up macros in isakmpd(8).
- Fix mandoc warnings ("WARNING: skipping empty macro: No")
- Mark up arguments with Ar, not Aq Ic
- Mark up pathnames with Pa
ok jmc@
doug [Fri, 16 Jan 2015 08:24:04 +0000 (08:24 +0000)]
Replace <sys/param.h> with <limits.h>
This patch is from Theo. I helped verify that removing <sys/param.h>
doesn't change anything.
This produces the same binaries before and after with clang 3.5 and gcc
4.9.4 on amd64. There is a slight difference in the way it is generated by
our old gcc 4.2.1 despite the fact that the preprocessed input is almost
identical.
ok deraadt@
djm [Fri, 16 Jan 2015 07:19:48 +0000 (07:19 +0000)]
when hostname canonicalisation is enabled, try to parse hostnames
as addresses before looking them up for canonicalisation.
fixes bz#2074 and avoids needless DNS lookups in some cases;
ok markus
deraadt [Fri, 16 Jan 2015 06:47:03 +0000 (06:47 +0000)]
<sys/param.h> is not needed here either.
ok guenther millert doug
deraadt [Fri, 16 Jan 2015 06:39:28 +0000 (06:39 +0000)]
Replace <sys/param.h> with <limits.h> and other less dirty headers where
possible. Annotate <sys/param.h> lines with their current reasons. Switch
to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change
MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where
sensible to avoid pulling in the pollution. These are the files confirmed
through binary verification.
ok guenther, millert, doug (helped with the verification protocol)
tedu [Fri, 16 Jan 2015 06:16:12 +0000 (06:16 +0000)]
improve checksum parsing slightly. now handles filenames with spaces.
(though not names with ')'; sorry.)
tedu [Fri, 16 Jan 2015 06:00:39 +0000 (06:00 +0000)]
just to be careful, add a cpp guard that the sscanf sizes are ok
deraadt [Fri, 16 Jan 2015 05:53:49 +0000 (05:53 +0000)]
adjust to HOST_NAME_MAX+1 & LOGIN_NAME_MAX
deraadt [Fri, 16 Jan 2015 05:46:44 +0000 (05:46 +0000)]
If MAXPATHLEN is undefined, do not set it to 512. Dangerous.
lteo [Fri, 16 Jan 2015 04:12:45 +0000 (04:12 +0000)]
Complete the list of functions in the paragraph that mentions that
errbuf needs to hold at least PCAP_ERRBUF_SIZE chars.
lteo [Fri, 16 Jan 2015 04:03:04 +0000 (04:03 +0000)]
Rename pcap_create()'s ebuf argument to errbuf to match the rest of the
public pcap_* functions that use errbuf. Mainline libpcap also uses
"errbuf" for pcap_create().
No object file change.
lteo [Fri, 16 Jan 2015 03:37:10 +0000 (03:37 +0000)]
Add more missing argument names.
lteo [Fri, 16 Jan 2015 03:19:57 +0000 (03:19 +0000)]
Remove pointless casts for several malloc/calloc/free calls. No object
file change.
lteo [Fri, 16 Jan 2015 03:07:03 +0000 (03:07 +0000)]
The BPF paper referenced in the SEE ALSO section was most likely an unpublished
draft. Replace it with the authors' 1993 Winter USENIX paper, which is a more
authoritative reference on BPF.
ok deraadt@ jmc@ millert@
lteo [Fri, 16 Jan 2015 03:04:19 +0000 (03:04 +0000)]
Fix a use after free, where the already freed p->opt.source was used by
pcap_cleanup_bpf() to disable monitor mode on 802.11 devices.
feedback blambert@
ok deraadt@ mikeb@ millert@
schwarze [Fri, 16 Jan 2015 01:58:17 +0000 (01:58 +0000)]
Delete the MANLINT variable and the related SUFFIXES rules because
since yesterday, "mandoc -Tlint -Wfatal" can no longer fail.
Instead, as suggested by deraadt@, provide a manlint target
that is *not* run during make build, but can be run
whenever you want to check syntax of manuals.
"nice stuff" deraadt@
deraadt [Fri, 16 Jan 2015 01:37:15 +0000 (01:37 +0000)]
sync