sobrado [Fri, 2 Jan 2015 18:28:23 +0000 (18:28 +0000)]
PFS stands for Perfect Forward Secrecy.
ok reyk@
mpi [Fri, 2 Jan 2015 18:06:25 +0000 (18:06 +0000)]
When chaining TRBs, calculate the TD Size as described in section
4.11.2.4 instead of using one TRB per packet. Also make sure that
it is not greater than 31.
While here be paranoid about xfer buffer crossing a 64k boundary
and use a supplementary TRB in such case.
Fix a problem with uplcom(4) on Intel xHCI reported by jasper@.
kettenis [Fri, 2 Jan 2015 17:32:59 +0000 (17:32 +0000)]
Holds up much better under load with an IPL on the block pool.
schwarze [Fri, 2 Jan 2015 17:01:31 +0000 (17:01 +0000)]
Explicitly set the *data member of struct ohash_info to NULL.
It is never dereferenced, but it gets copied around, which worries
static analysis tools and might also confuse human auditors.
FreeBSD Coverity CID
1261298,
1261299,
1261300, reported by
Pedro Giffuni and Ulrich Spörlein <pfg@ and uqs@ at FreeBSD>.
bluhm [Fri, 2 Jan 2015 16:38:07 +0000 (16:38 +0000)]
Rename the tls_connect_socket() parameter 'socket' to 's' to avoid
a compiler warning about shadowing a global declaration.
OK jsing@
kettenis [Fri, 2 Jan 2015 16:20:11 +0000 (16:20 +0000)]
Still locks up under load, but otherwise fairly functional.
ajacoutot [Fri, 2 Jan 2015 14:44:05 +0000 (14:44 +0000)]
Fix return code of _rc_quirks().
ok robert@
bluhm [Fri, 2 Jan 2015 12:41:08 +0000 (12:41 +0000)]
Use SIMPLEQ for syslogd filed list instead of manual list operations.
OK dlg@
bluhm [Fri, 2 Jan 2015 12:30:45 +0000 (12:30 +0000)]
When syslogd was sending via TCP, there was file descriptor leak
and a use after free if it received a SIGHUP. Call bufferevent_free()
to deactivate the callbacks and close the TCP socket.
OK jasper@ deraadt@
mpi [Fri, 2 Jan 2015 11:58:32 +0000 (11:58 +0000)]
Report the TT Think Time of USB2.0 Hubs.
lum [Fri, 2 Jan 2015 11:43:15 +0000 (11:43 +0000)]
Remove unused variable.
deraadt [Fri, 2 Jan 2015 11:03:50 +0000 (11:03 +0000)]
adjust date
dlg [Fri, 2 Jan 2015 10:38:22 +0000 (10:38 +0000)]
give the device ref taken in vscsikqfilter to the knote, and unref
it in filt_vscsidetach.
dlg [Fri, 2 Jan 2015 10:32:21 +0000 (10:32 +0000)]
store all state needed to defer probe/detach events in vscsi_devevent_task.
ajacoutot [Fri, 2 Jan 2015 08:03:28 +0000 (08:03 +0000)]
Add a comment about the default values being duplicated in rcctl(8).
discussed with schwarze@
jmc [Fri, 2 Jan 2015 08:03:15 +0000 (08:03 +0000)]
update currency exchange rates;
jmc [Fri, 2 Jan 2015 08:02:20 +0000 (08:02 +0000)]
uppercase for place names, and one "t" in british;
from carson chittom
lteo [Fri, 2 Jan 2015 04:00:21 +0000 (04:00 +0000)]
Remove ifdef statements for TIMES and USE_TOD; they don't do anything,
apart from introducing a bug where the -elapsed option is not listed in
the usage output when it should be.
feedback/ok bcook@ jsing@
jsg [Fri, 2 Jan 2015 01:57:33 +0000 (01:57 +0000)]
Add some additional i.MX6 board types from Bitrig.
CompuLab Utilite, SolidRun HummingBoard/CuBox-i and UDOO.
krw [Thu, 1 Jan 2015 22:53:39 +0000 (22:53 +0000)]
Enable 'ifconfig -C' (list dynamic interface types) on install
media. Use this feature in install scripts to eliminate manually
maintained list of dynamic interface types.
'-C' brought to my attention by reyk@, tweaks to install script to
use -C in get_ifdevs() from rpe@.
ok rpe@ deraadt@
florian [Thu, 1 Jan 2015 20:28:27 +0000 (20:28 +0000)]
"The logging of errors SHOULD be restricted to conflicting information
that causes hosts to switch from one value to another with each
received advertisement." (RFC 4861)
Receiving of RAs on non-advertising interfaces is not a conflicting
information; don't log it.
"Mike." (the.lists AT mgm51 DOT com) reported that this
leads to excessive logging with certain cable providers in 2013.
Recently reported again by Aaron Riekenberg (aaron.riekenberg AT gmail
DOT com). Thanks!
OK bluhm@
bluhm [Thu, 1 Jan 2015 19:58:48 +0000 (19:58 +0000)]
Test that syslogd sending over TCP does not leak a file descriptor
when it receives a SIGHUP.
miod [Thu, 1 Jan 2015 19:43:10 +0000 (19:43 +0000)]
Inline the .cpsetup pseudo-statement in rcrt0 to avoid saving the "old" gp
value, which we have no use for. ok kettenis@
schwarze [Thu, 1 Jan 2015 19:28:29 +0000 (19:28 +0000)]
Fix a buffer overrun triggered by a trailing backslash at EOF in
an unclosed conditional body. If the memory contained the byte
sequence "\}" after the end of the buffer before the next NUL, this
could even write beyond the end of the buffer, specifically '&' to
the location of the '}'. Found by jsg@ with afl.
schwarze [Thu, 1 Jan 2015 18:10:09 +0000 (18:10 +0000)]
Fix a read buffer overrun triggered by trailing \s- or trailing \s+
without the required subsequent argument; found by jsg@ with afl.
florian [Thu, 1 Jan 2015 16:31:59 +0000 (16:31 +0000)]
KNF; no binary change
deraadt [Thu, 1 Jan 2015 15:52:43 +0000 (15:52 +0000)]
sync
deraadt [Thu, 1 Jan 2015 15:50:27 +0000 (15:50 +0000)]
move to 5.7-beta
schwarze [Thu, 1 Jan 2015 15:34:43 +0000 (15:34 +0000)]
Don't dereference NULL pointers when formatting missing denominators,
subscripts, superscripts, or "from" or "to" arguments.
Found by jsg@ with afl.
reyk [Thu, 1 Jan 2015 14:54:06 +0000 (14:54 +0000)]
Merge error page changes from httpd: send Content-Length:, change
Date: from asctime to the preferred HTTP/1.1 format, and use the
popular "Comic Sans" style (can be changed in the configuration).
jsing [Thu, 1 Jan 2015 14:28:00 +0000 (14:28 +0000)]
Provide option types for binary AND, binary OR and silently discarding an
option.
reyk [Thu, 1 Jan 2015 14:21:06 +0000 (14:21 +0000)]
Use the recommended HTML5 doctype in error pages.
OK validator.w3.org (This document was successfully checked as HTML5!)
reyk [Thu, 1 Jan 2015 14:15:02 +0000 (14:15 +0000)]
Use the HTML5 doctype for error and auto index pages because it is
shorter, newer, and the recommendation. From James Jerkins.
Exclude the charset for now because it is not explicitly handled by httpd.
OK validator.w3.org (This document was successfully checked as HTML5!)
jsing [Thu, 1 Jan 2015 13:55:03 +0000 (13:55 +0000)]
Convert the openssl(1) enc command to the new option parsing and usage.
With input from doug@
schwarze [Thu, 1 Jan 2015 13:30:52 +0000 (13:30 +0000)]
Revert previous; tls_accept_socket() was intentionally undocumented
because the API design isn't fully settled.
Requested by jsing@ and tedu@.
schwarze [Thu, 1 Jan 2015 13:18:23 +0000 (13:18 +0000)]
If man(1) only has one single argument, always interpret it as a name,
never as a section. Who would have thought that people call their
manual pages 7z(1), 9c(1), 9p(1), and 9p(3)...
Patch from Sebastien Marie <semarie dash openbsd at latrappe dot fr>.
schwarze [Thu, 1 Jan 2015 13:00:36 +0000 (13:00 +0000)]
activate eqn(7) tests
schwarze [Thu, 1 Jan 2015 12:53:46 +0000 (12:53 +0000)]
eqn(7) tests
ajacoutot [Thu, 1 Jan 2015 09:44:20 +0000 (09:44 +0000)]
Drop redundant FUNCS_ONLY.
schwarze [Thu, 1 Jan 2015 09:06:39 +0000 (09:06 +0000)]
The roff(7) language is Turing-complete, even the part implemented
in mandoc(1). So practice some recursive programming to make sure
it doesn't get broken.
schwarze [Thu, 1 Jan 2015 08:42:08 +0000 (08:42 +0000)]
minimally document tls_accept_socket();
patch from Sunil at Nimmagadda dot net
schwarze [Thu, 1 Jan 2015 07:27:34 +0000 (07:27 +0000)]
Get rid of .Tn; from Kaspars at Bankovskis dot net, tweaked by me.
While here, stop calling the Internet "the ARPA Internet".
schwarze [Thu, 1 Jan 2015 07:05:24 +0000 (07:05 +0000)]
Even though i personally consider 8-bit-characters in filenames unwise,
technically, filenames are not restricted to ASCII.
Patch from Kaspars at Bankovskis dot net, no opposition when shown on tech@.
lteo [Thu, 1 Jan 2015 03:27:56 +0000 (03:27 +0000)]
Remove an unnecessary freeaddrinfo() call, since errx() would free all
the memory including the one allocated by the earlier getaddrinfo()
(pointed out by claudio@).
feedback from claudio@
ok bluhm@
jsg [Thu, 1 Jan 2015 03:26:13 +0000 (03:26 +0000)]
Always drain the write buffer on pte sync. Needed for Cortex A7/A15
which have integrated L2 so changes will get flushed to memory ASAP.
From Patrick Wildt in Bitrig via rapha@
ok miod@
deraadt [Wed, 31 Dec 2014 23:12:36 +0000 (23:12 +0000)]
Do not take sh to STATICPIE yet. That will happen once matching
snapshots exist. That is why mips64 is still held up (arranged with
kettenis)
schwarze [Wed, 31 Dec 2014 20:41:53 +0000 (20:41 +0000)]
describe .Ql more precisely;
defect pointed out by Steffen Nurpmeso <sdaoden at yandex dot com>
tedu [Wed, 31 Dec 2014 16:56:55 +0000 (16:56 +0000)]
recent changes broke alignment requirements on arm.
simplify a bit more, swapping only aligned values and then using memcpy
to fill the digest. fix confirmed by jsg.
ok jsg kettenis millert
schwarze [Wed, 31 Dec 2014 16:50:54 +0000 (16:50 +0000)]
When showing more than one formatted manual page, insert horizontal lines
between pages. Suggested by Theo Buehler <theo at math dot ethz dot ch>.
Even in UTF-8 output mode, do not use fancy line drawing characters such
that you can easily use /^--- to skip to the next manual in your pager.
tedu [Wed, 31 Dec 2014 15:45:57 +0000 (15:45 +0000)]
adventure requires deterministic random for its internal data
"obfuscation" scheme to work (words fail me), but we can use arc4random
for the in game fun. from theo buehler
tedu [Wed, 31 Dec 2014 15:42:08 +0000 (15:42 +0000)]
simplify poll() conversion. from patrick keshishian
jsing [Wed, 31 Dec 2014 15:32:05 +0000 (15:32 +0000)]
copyright_year=$(date +%Y)
bluhm [Wed, 31 Dec 2014 14:05:26 +0000 (14:05 +0000)]
Adapt and add regression tests for sending syslog messages over TCP.
lum [Wed, 31 Dec 2014 13:56:37 +0000 (13:56 +0000)]
Use the first host of the documentation ranges for both address
families. ok jmc@ schwarze@ bluhm@
bluhm [Wed, 31 Dec 2014 13:55:57 +0000 (13:55 +0000)]
Implement sending syslog messages over TCP streams.
test and OK jasper@ jca@
jasper [Wed, 31 Dec 2014 11:52:22 +0000 (11:52 +0000)]
add entries for xmpp, mdns and puppet
ok aja@
aoyama [Wed, 31 Dec 2014 11:38:27 +0000 (11:38 +0000)]
Correct evcount_attach argument on cbus(4).
The third argument of evcount_attach() should point some permanent
variable, not an automatic variable. Now "vmstat -i" correctly prints
C-bus interrupt level number as irq, on C-bus devices.
ok miod@
dcoppa [Wed, 31 Dec 2014 11:37:40 +0000 (11:37 +0000)]
Mention previously missing '/etc/apm/hibernate' action
From Alessandro DE LAURENZIS <just22_dot_adl_at_gmail_dot_com>
tweak and ok jmc@
bluhm [Wed, 31 Dec 2014 01:25:07 +0000 (01:25 +0000)]
Create CA and certificates for TLS tests consistently. Better
logging of SSL errors. Do not import unneeded Socket constants.
millert [Tue, 30 Dec 2014 23:27:23 +0000 (23:27 +0000)]
Use a 1MB realloc() increment instead of an 8KB one for the config
connection buffer. Significantly speeds up spamd-setup for lage
blacklists. Also free the buffer when we are done with it so memory
can be returned to the system (as it can grow quite large).
OK deraadt@
bcallah [Tue, 30 Dec 2014 22:05:32 +0000 (22:05 +0000)]
Remove some checks that will always evaluate to true. Noticed by a very
recent clang.
ok schwarze@ lum@
schwarze [Tue, 30 Dec 2014 21:34:32 +0000 (21:34 +0000)]
fix wrong paths below FILES; from Theo Buehler <theo at math dot ethz dot ch>
bluhm [Tue, 30 Dec 2014 20:50:49 +0000 (20:50 +0000)]
Add syslog-tls 6514/tcp to etc/services.
OK jasper
afresh1 [Tue, 30 Dec 2014 20:46:45 +0000 (20:46 +0000)]
Make perl use our (arc4random backed) drand48 when unseeded
uses srand48_deterministic if a seed is provided.
seems fine millert@
schwarze [Tue, 30 Dec 2014 20:40:05 +0000 (20:40 +0000)]
When a file is given on the command line, actually exists, and its name
relative to the respective manual tree is longer than PATH_MAX, do not
leak the memory allocated to hold the name. Not sure that can actually
happen, but better safe than sorry.
FreeBSD Coverity Scan CID
1261303, reported by Pedro Giffuni <pfg@>.
miod [Tue, 30 Dec 2014 19:26:38 +0000 (19:26 +0000)]
self-relocating crt0 bits for sh, and enable static pie by default. With some
archdep.h help from kettenis@
miod [Tue, 30 Dec 2014 18:31:21 +0000 (18:31 +0000)]
Clean up and optimize _dl_start a bit by using immediate addressing for
the constants whenever they fit, and avoiding saving and restoring
registers we don't need to preserve.
ajacoutot [Tue, 30 Dec 2014 15:33:53 +0000 (15:33 +0000)]
Rename a few functions name. Will help factorize some stuffs.
robert [Tue, 30 Dec 2014 15:31:33 +0000 (15:31 +0000)]
do not print an empty order in case pkg_scripts is undefined
ok ajacoutot@
ajacoutot [Tue, 30 Dec 2014 14:46:33 +0000 (14:46 +0000)]
add_flags() does not need any action argument.
Use the flags variable instead of hardcoding the output in preparation for
further subcommands.
jsg [Tue, 30 Dec 2014 11:45:31 +0000 (11:45 +0000)]
Remove redundant md memcpy.S and memmove.S lines. The mi config
definitions will find the md .S files for these.
kettenis [Tue, 30 Dec 2014 11:26:48 +0000 (11:26 +0000)]
Fix handling of R_MIPS_REL32_64 relocations that reference a symbol.
Fixes remaining problems with static PIE on mips64.
dlg [Tue, 30 Dec 2014 11:08:59 +0000 (11:08 +0000)]
add __bounded as appropriate.
looks good to deraadt@ miod@ and tedu@
schwarze [Tue, 30 Dec 2014 10:28:56 +0000 (10:28 +0000)]
Test the weird construct of a user-defined macro starting (but not
ending!) the definition of another user defined macro.
Mandoc already handles this correctly, make sure it won't get broken.
tedu [Tue, 30 Dec 2014 10:27:24 +0000 (10:27 +0000)]
copy bcrypt autotune from encrypt(1) and expose via crypt_newhash
ok deraadt miod
schwarze [Tue, 30 Dec 2014 08:52:55 +0000 (08:52 +0000)]
let the "make groff" maintainer target show groff warnings
jsg [Tue, 30 Dec 2014 08:12:52 +0000 (08:12 +0000)]
unifdef __APCS_26__ we don't run on anything with a 26 bit program counter.
This codepath was removed in the NetBSD code this is derived from back
in 2003 and was removed in Bitrig earlier this year. No binary change.
krw [Tue, 30 Dec 2014 04:00:33 +0000 (04:00 +0000)]
Rework disklabel reading taskq to plug holes pointed out by jsing@.
Diff from dlg@.
ok jsing@
djm [Tue, 30 Dec 2014 01:41:43 +0000 (01:41 +0000)]
typo in comment: ouput => output
aoyama [Mon, 29 Dec 2014 22:01:19 +0000 (22:01 +0000)]
regen
aoyama [Mon, 29 Dec 2014 21:55:10 +0000 (21:55 +0000)]
Add audio(4) related entries.
ok miod@
millert [Mon, 29 Dec 2014 20:39:27 +0000 (20:39 +0000)]
Minor cleanup:
o doreply() just calls build_reply()
o remove a few dead stores and useless variables
o use the asprintf() return value
OK deraadt@
kettenis [Mon, 29 Dec 2014 20:18:20 +0000 (20:18 +0000)]
Make the PLT read-only on powerpc as well.
ok kurt@
naddy [Mon, 29 Dec 2014 20:16:58 +0000 (20:16 +0000)]
* Ukrainian airports; from Alexey Suslikov
* add Tampere; from Timo Myyra
kettenis [Mon, 29 Dec 2014 19:33:34 +0000 (19:33 +0000)]
Toggle the TX_RING_KICK_WRAP bit when appropriate.
tedu [Mon, 29 Dec 2014 17:07:17 +0000 (17:07 +0000)]
impose some limits on the ideal rounds so nothing too crazy happens when
the clock results are weird
deraadt [Mon, 29 Dec 2014 17:04:19 +0000 (17:04 +0000)]
encrypt is now built into instbin, do not need to use the /mnt version
tedu [Mon, 29 Dec 2014 16:55:44 +0000 (16:55 +0000)]
switch encrypt to auto scaling bcrypt rounds. ok deraadt
tedu [Mon, 29 Dec 2014 16:12:59 +0000 (16:12 +0000)]
don't leak timing info about padding errors by generating a fake key
afterwards. openssl has a more complicated fix, but it's less intrusive
for now to simply hoist the expensive part (fake key generation) up without
sweating a branch or two.
ok bcook jsing
schwarze [Mon, 29 Dec 2014 15:09:00 +0000 (15:09 +0000)]
document ordering more explicitly;
feedback and ok ajacoutot@ rpe@
tedu [Mon, 29 Dec 2014 14:35:04 +0000 (14:35 +0000)]
useless change. overwriting the nul byte with a newline means b64_ntop
can use the whole buffer, even the last byte.
tedu [Mon, 29 Dec 2014 14:23:17 +0000 (14:23 +0000)]
rename fingerprint struct field. no longer exposed to users, but since it's
not technically a fingerprint as others understand the term, pick another.
now it's a keynum!
after an email from Florian Weimer
tedu [Mon, 29 Dec 2014 14:16:04 +0000 (14:16 +0000)]
remove the inspect debug command. should not be used by users, who are not
supposed to know what fingerprints are or that they exist.
mpi [Mon, 29 Dec 2014 11:53:58 +0000 (11:53 +0000)]
Assert that rtrequest1(9) is always called at IPL_SOFTNET instead of
doing a spl dance.
This matters for RTM_DELETE because a deleted route entry is always
returned without having its reference counter increased when an `rtp'
argument is given. In this case, we do not want to call splx() that
might free this route.
Inputs from millert@, ok blambert@, mikeb@
ajacoutot [Mon, 29 Dec 2014 11:17:43 +0000 (11:17 +0000)]
Add line continuation to be consistent with rc_pre(); ok sthen@
ajacoutot [Mon, 29 Dec 2014 11:17:05 +0000 (11:17 +0000)]
pexp is not needed; ok sthen@
jsg [Mon, 29 Dec 2014 10:25:51 +0000 (10:25 +0000)]
sync
jasper [Mon, 29 Dec 2014 07:37:27 +0000 (07:37 +0000)]
re-add missing space in confirm prompt that got lost in -r1.18
ok espie@
miod [Mon, 29 Dec 2014 05:29:27 +0000 (05:29 +0000)]
Explicitely include <uvm/uvm_extern.h> in order to build on variable page size
architectures.
brad [Mon, 29 Dec 2014 02:39:33 +0000 (02:39 +0000)]
Some missing break's.