openbsd
9 years agoThis should not be changed.
nicm [Thu, 22 Oct 2015 10:48:30 +0000 (10:48 +0000)]
This should not be changed.

9 years agoDo not dereference ``ifa_ifp'' when we already have an ``ifp'' pointer.
mpi [Thu, 22 Oct 2015 10:46:26 +0000 (10:46 +0000)]
Do not dereference ``ifa_ifp'' when we already have an ``ifp'' pointer.

9 years agoRename shutdown to exit.
nicm [Thu, 22 Oct 2015 10:46:24 +0000 (10:46 +0000)]
Rename shutdown to exit.

9 years agoThe eigrpe process also needs to pledge "cpath" for unlinking the
renato [Thu, 22 Oct 2015 10:42:14 +0000 (10:42 +0000)]
The eigrpe process also needs to pledge "cpath" for unlinking the
control socket.

9 years agoAfter some consideration, simply allow TIOCSCTTY in the "tty" pledge.
deraadt [Thu, 22 Oct 2015 10:35:23 +0000 (10:35 +0000)]
After some consideration, simply allow TIOCSCTTY in the "tty" pledge.
Discussion with nicm.

9 years agoDo not dereference ``ia_ifp'' when we already have an ``ifp'' pointer.
mpi [Thu, 22 Oct 2015 10:31:02 +0000 (10:31 +0000)]
Do not dereference ``ia_ifp'' when we already have an ``ifp'' pointer.

9 years agoUse rt_ifp as intended.
mpi [Thu, 22 Oct 2015 10:27:22 +0000 (10:27 +0000)]
Use rt_ifp as intended.

During s2k15 we fixed this ugly 20+ years loopback hack of having a
rt_ifp different than rt_ifa->ifa_ifp.

ok millert@, bluhm@

9 years agoKill dead code missed in per-ifp counter removal.
mpi [Thu, 22 Oct 2015 10:22:53 +0000 (10:22 +0000)]
Kill dead code missed in per-ifp counter removal.

ok millert@, bluhm@

9 years agodocument "id" request; from Gregor Best
deraadt [Thu, 22 Oct 2015 09:23:41 +0000 (09:23 +0000)]
document "id" request; from Gregor Best

9 years agodelivery to maildir needs pledge fattr
gilles [Thu, 22 Oct 2015 08:46:31 +0000 (08:46 +0000)]
delivery to maildir needs pledge fattr

from Gregor Best <gbe@unobtanium.de>

9 years agohalex removed the -p restriction, so do not document it;
jmc [Thu, 22 Oct 2015 08:35:18 +0000 (08:35 +0000)]
halex removed the -p restriction, so do not document it;
from kirill bychkov

9 years agoat present the setpriority() syscall is considered fairly low risk and
deraadt [Thu, 22 Oct 2015 07:52:29 +0000 (07:52 +0000)]
at present the setpriority() syscall is considered fairly low risk and
placed in pledge "proc".  pledge "stdio getpw proc", from Theo Buehler

9 years agoAdd a regress for libc handling of SIGTHR
guenther [Thu, 22 Oct 2015 05:30:18 +0000 (05:30 +0000)]
Add a regress for libc handling of SIGTHR

9 years agoPledge "stdio rpath tty" for hangman(6).
doug [Thu, 22 Oct 2015 05:28:42 +0000 (05:28 +0000)]
Pledge "stdio rpath tty" for hangman(6).

Patch submitted by Ricardo Mestre <serial@helheim.mooo.com>

ok semarie@

9 years agorename ml_join to ml_enlist and expose it to the rest of the kernel.
dlg [Thu, 22 Oct 2015 05:26:06 +0000 (05:26 +0000)]
rename ml_join to ml_enlist and expose it to the rest of the kernel.

9 years agopledge in doas. startup pledge "stdio rpath getpw proc exec id". 4
deraadt [Thu, 22 Oct 2015 04:57:20 +0000 (04:57 +0000)]
pledge in doas.  startup pledge "stdio rpath getpw proc exec id".  4
more times after that more attributes are dropped: "proc" after bsd
auth has spawned/received result from the login_* program; "getpw"
after the final getpwent lookup, "id" after the final uid changing,
and "rpath" after constructing getcwd.  leaving only "exec", for the
ride into execve().

9 years agoUntil we understand the sitaution better, we should pledge() after
deraadt [Thu, 22 Oct 2015 04:08:17 +0000 (04:08 +0000)]
Until we understand the sitaution better, we should pledge() after
setlocale(), not before.  Not just here, but probably everywhere?

9 years agoFix typo in comment. From Theo Buehler.
mmcc [Thu, 22 Oct 2015 02:29:20 +0000 (02:29 +0000)]
Fix typo in comment. From Theo Buehler.

9 years agoMove all mdoc(7) node validation done before child parsing
schwarze [Wed, 21 Oct 2015 23:49:05 +0000 (23:49 +0000)]
Move all mdoc(7) node validation done before child parsing
to the new separate validation pass, except for a tiny bit
needed by the parser which goes to the new mdoc_state() module;
cleaner, simpler, and surprisingly also shorter by 15 lines.

9 years agoReject too small bits value in BN_generate_prime_ex(), so that it does not risk
miod [Wed, 21 Oct 2015 19:02:22 +0000 (19:02 +0000)]
Reject too small bits value in BN_generate_prime_ex(), so that it does not risk
becoming negative in probable_prime_dh_safe(). Reported by Franck Denis who
noticed `openssl gendh 0' would segfault.
Fix adapted from OpenSSL RT#2701.

ok beck@ jsing@

9 years agoUse SSL_CTX_set_ecdh_auto() instead of rolling our own version.
jsing [Wed, 21 Oct 2015 16:45:13 +0000 (16:45 +0000)]
Use SSL_CTX_set_ecdh_auto() instead of rolling our own version.

ok gilles@

9 years agoOnly enable SSL_VERIFY_PEER when the verify option is set on a listener.
jsing [Wed, 21 Oct 2015 16:44:28 +0000 (16:44 +0000)]
Only enable SSL_VERIFY_PEER when the verify option is set on a listener.

Always enabling SSL_VERIFY_PEER unnecessarily increases the number of
messages/bytes in the TLS handshake and increases our attack surface,
since we request and then process client certificates.

ok gilles@

9 years agoIn the case where len is not a multiple of sizeof(RC4_CHUNK) the RC4 code
jsing [Wed, 21 Oct 2015 16:36:50 +0000 (16:36 +0000)]
In the case where len is not a multiple of sizeof(RC4_CHUNK) the RC4 code
will end up doing a read and write of up to 7 bytes beyond the specified
length. This is effectively a non-issue since we read and write back the
same data and due to alignment it is within a page boundary.

Regardless, avoid this by removing the "special" handling for the remaining
length and allow the standard (non-chunk) code to process the remaining
bytes, which does not result in overrun.

Reported by Pascal Cuoq <cuoq at trust-in-soft.com> - thanks!

ok beck@ miod@

9 years agoSetting fcntl(F_SETOWN) for a pipe failed with inappropriate ioctl
bluhm [Wed, 21 Oct 2015 16:09:13 +0000 (16:09 +0000)]
Setting fcntl(F_SETOWN) for a pipe failed with inappropriate ioctl
for device.  In sys_fcntl() the ioctl(TIOCSPGRP) is called, but the
pipe expects SIOCSPGRP.  Sockets have a specal case for the same
reason, so adapt the special code for pipes.
OK millert@

9 years agoStyle fixes; from Ilya Kaliman
millert [Wed, 21 Oct 2015 16:06:57 +0000 (16:06 +0000)]
Style fixes; from Ilya Kaliman

9 years agoRemove a couple of unhelpful defines.
mmcc [Wed, 21 Oct 2015 15:47:41 +0000 (15:47 +0000)]
Remove a couple of unhelpful defines.

ok nicm@

9 years agoDon't bother casting NULL.
mmcc [Wed, 21 Oct 2015 15:20:37 +0000 (15:20 +0000)]
Don't bother casting NULL.

ok nicm@

9 years agoAssign pointer to NULL rather than 0.
mmcc [Wed, 21 Oct 2015 14:31:28 +0000 (14:31 +0000)]
Assign pointer to NULL rather than 0.

ok nicm@

9 years agoPenultimate commit to remove EXTERN.
mmcc [Wed, 21 Oct 2015 14:30:43 +0000 (14:30 +0000)]
Penultimate commit to remove EXTERN.

ok nicm@

9 years agoDo some cleanup in syslogd ttymsg(). Add a debug message when the
bluhm [Wed, 21 Oct 2015 14:03:07 +0000 (14:03 +0000)]
Do some cleanup in syslogd ttymsg().  Add a debug message when the
syslogd child calls fork(2) to delay blocked output.
OK benno@

9 years agoclient_key_table was missing.
nicm [Wed, 21 Oct 2015 13:14:36 +0000 (13:14 +0000)]
client_key_table was missing.

9 years agofix memory leak in error path
gsoares [Wed, 21 Oct 2015 11:33:03 +0000 (11:33 +0000)]
fix memory leak in error path
ok djm@

9 years agoadd missing rcsid
gsoares [Wed, 21 Oct 2015 11:28:02 +0000 (11:28 +0000)]
add missing rcsid
ok renato@

9 years agoBy popular demand add a default binding for mouse wheel up to scroll
nicm [Wed, 21 Oct 2015 11:13:47 +0000 (11:13 +0000)]
By popular demand add a default binding for mouse wheel up to scroll
into history (if the mouse is, on of course).

9 years agomake sure ProgressMeter gets set up. Fixes some weirdness in package installs,
espie [Wed, 21 Oct 2015 10:11:13 +0000 (10:11 +0000)]
make sure ProgressMeter gets set up. Fixes some weirdness in package installs,
as it now must contain a proper linkback to its own state.

9 years agoNo longer mention rtable_get(), it's a private function now.
mpi [Wed, 21 Oct 2015 08:48:12 +0000 (08:48 +0000)]
No longer mention rtable_get(), it's a private function now.

While here use C99 types in function definitions.

9 years agoReturn the correct error code when a table already exists.
mpi [Wed, 21 Oct 2015 08:47:01 +0000 (08:47 +0000)]
Return the correct error code when a table already exists.

9 years agou_short -> unsigned int for rtableid.
mpi [Wed, 21 Oct 2015 08:21:06 +0000 (08:21 +0000)]
u_short -> unsigned int for rtableid.

9 years agoDo not call uvm_swap_finicrypt_all() a second time in dumpsys().
mpi [Wed, 21 Oct 2015 07:59:17 +0000 (07:59 +0000)]
Do not call uvm_swap_finicrypt_all() a second time in dumpsys().

ok tedu@, deraadt@, miod@

9 years agoRemove Diffie-Hellman moduli entries below 2048.
doug [Wed, 21 Oct 2015 06:37:25 +0000 (06:37 +0000)]
Remove Diffie-Hellman moduli entries below 2048.

OpenSSH requires a 2048 minimum for DH in the client and server.

input and ok sthen@
ok dtucker@, djm@

9 years agoAdd support for route summarization.
renato [Wed, 21 Oct 2015 03:52:12 +0000 (03:52 +0000)]
Add support for route summarization.

Working great but need more testing, especially with ipv6. For now
we don't validate if one configured summary is inside another or the
presence of duplicates. Will address these issues in a future commit.

9 years agoMinor fixes and code cleanup.
renato [Wed, 21 Oct 2015 03:48:09 +0000 (03:48 +0000)]
Minor fixes and code cleanup.

9 years agoCompare pointers to NULL rather than 0.
mmcc [Tue, 20 Oct 2015 23:24:25 +0000 (23:24 +0000)]
Compare pointers to NULL rather than 0.

ok djm@

9 years agotweak previous;
jmc [Tue, 20 Oct 2015 22:08:19 +0000 (22:08 +0000)]
tweak previous;

9 years agoUse client pointer not file descriptor in logging.
nicm [Tue, 20 Oct 2015 21:12:08 +0000 (21:12 +0000)]
Use client pointer not file descriptor in logging.

9 years agoadd a new getsockopt option IP_IPDEFTTL to retrieve the default ttl.
benno [Tue, 20 Oct 2015 20:22:42 +0000 (20:22 +0000)]
add a new getsockopt option IP_IPDEFTTL to retrieve the default ttl.
this can be used as an alternative to sysctl net.inet.ip.ttl, in
programs that use pledge().
ok reyk@, "Like this" deraadt@

9 years agoFix write to other user's tty. The device has to be opened with
bluhm [Tue, 20 Oct 2015 20:21:18 +0000 (20:21 +0000)]
Fix write to other user's tty.  The device has to be opened with
O_WRONLY, but without O_CREAT.  So freopen(3) has to be replaced
with open(2) and dup2(2).
from deraadt@

9 years agobelieve this will work with "stdio rpath wpath cpath inet" now that
deraadt [Tue, 20 Oct 2015 18:47:21 +0000 (18:47 +0000)]
believe this will work with "stdio rpath wpath cpath inet" now that
SO_RCVBUF is permitted.  It may even be possible to lose the "inet" a
bit later in the code.  Anyone want to test?

9 years agoDocument SOCK_DNS flag
deraadt [Tue, 20 Oct 2015 18:11:53 +0000 (18:11 +0000)]
Document SOCK_DNS flag
ok guenther tedu semarie

9 years agoAt guenther's suggestion replace dnssocket() with a SOCK_DNS flag on
deraadt [Tue, 20 Oct 2015 18:04:03 +0000 (18:04 +0000)]
At guenther's suggestion replace dnssocket() with a SOCK_DNS flag on
socket().  Without pledge, all other socket behaviours become permitted,
except this one case: connect/send* only works to *:53.  In pledge mode,
a very few are further restricted.  Some backwards compatibility for
the dnssocket/dnsconnect calls will remain in the tree temporarily so
that people can build through the transition.
ok tedu guenther semarie

9 years agoAdd SIOCGIFGMEMB to "route" (returns a list of all interfaces who are
reyk [Tue, 20 Oct 2015 17:44:48 +0000 (17:44 +0000)]
Add SIOCGIFGMEMB to "route" (returns a list of all interfaces who are
member of the given group).  This is used by some parse.y.

OK deraadt@

9 years agoFix 802.1p VLAN priority code points for VLAN_HWTAGGING.
chrisz [Tue, 20 Oct 2015 17:08:39 +0000 (17:08 +0000)]
Fix 802.1p VLAN priority code points for VLAN_HWTAGGING.
Our in-kernel ether-vtag has a different layout to the vr TXSTAT register.

ok sthen@

9 years ago... but keep the previous logic for sparc, which is the other user of this
miod [Tue, 20 Oct 2015 16:22:47 +0000 (16:22 +0000)]
... but keep the previous logic for sparc, which is the other user of this
Makefile, until it switches to MI installboot, too.

9 years agoMissing commit of vax switch to MI installboot(8), forgotten when it went in.
miod [Tue, 20 Oct 2015 16:18:23 +0000 (16:18 +0000)]
Missing commit of vax switch to MI installboot(8), forgotten when it went in.

9 years agoLob a style(9) grenade in here.
jsing [Tue, 20 Oct 2015 15:50:13 +0000 (15:50 +0000)]
Lob a style(9) grenade in here.

9 years agoadd "proc" to pledge for script(1)
semarie [Tue, 20 Oct 2015 14:55:21 +0000 (14:55 +0000)]
add "proc" to pledge for script(1)

it needs to "forward" SIGWINCH to subprocesses.

ok deraadt@

9 years agoThe table could change when retrying so don't save it at start of
nicm [Tue, 20 Oct 2015 14:19:27 +0000 (14:19 +0000)]
The table could change when retrying so don't save it at start of
server_client_handle_key.

9 years agoAfter pledge "dns" has been refactored and setsockopt(SO_RCVBUF)
bluhm [Tue, 20 Oct 2015 12:40:19 +0000 (12:40 +0000)]
After pledge "dns" has been refactored and setsockopt(SO_RCVBUF)
has been added to it, the syslogd privsep parent does not need
pledge "inet" anymore.
discussed with deraadt@

9 years agoAdd an explicit check for a malformed AS segment with (segment length 0),
sthen [Tue, 20 Oct 2015 11:29:07 +0000 (11:29 +0000)]
Add an explicit check for a malformed AS segment with (segment length 0),
avoiding division by zero when deciding whether it contains 2- or 4-byte ASNs.
Refactor TCHECK calls to ensure proper coverage.

From Kevin Reay, ok canacar with wording tweak (I used "malformed" rather
than canacar's suggested "invalid size" or Kevin's original "empty").

9 years agofix a use after free found by clang using an approach suggested by renato
jsg [Tue, 20 Oct 2015 11:26:40 +0000 (11:26 +0000)]
fix a use after free found by clang using an approach suggested by renato
ok renato@

9 years agoOn xmalloc failure, stop trying to determine the total amount of allocated
pascal [Tue, 20 Oct 2015 11:15:07 +0000 (11:15 +0000)]
On xmalloc failure, stop trying to determine the total amount of allocated
memory up to this point by using sbrk(2).  This is of course wildly incorrect
for any mmap-based malloc(3).

This also makes it possible to bring pledge(2) to gnu/.

comments kettenis@, ok miod@

9 years agoupdate regress for pledge after whitelisted-path view inclusion
semarie [Tue, 20 Oct 2015 06:44:51 +0000 (06:44 +0000)]
update regress for pledge after whitelisted-path view inclusion

9 years agoFix ocsp by adding a missing TAILQ_INIT().
reyk [Tue, 20 Oct 2015 06:42:59 +0000 (06:42 +0000)]
Fix ocsp by adding a missing TAILQ_INIT().

Confirmed by markus@ with an identical diff

9 years agoclear whitelisted-paths view in pledge.
semarie [Tue, 20 Oct 2015 06:40:00 +0000 (06:40 +0000)]
clear whitelisted-paths view in pledge.

the following diff adds a clear view of whitelisted-paths in pledge.

before, whitelisting "/usr/local/bin" path would make only "/usr/local/bin"
VNODE was present and let "/usr/local", "/usr", and "/" been ENOENT. It was a
somehow odd filesystem hierarchy, and it breaks realpath(3).

with this diff, the directories that are one of the parents of a
whitelisted-directory become visible to stat(2) related syscalls, but only
with restricted permissions: stat(2) will lie a bit, and saying they owned by
root:wheel and mode is --x--x--x. Note that only stat(2) is affected by this
"view", and the owner/mode aren't effectively changed: it is just a "lie".

while here, refactor a bit pledge_namei() in order to avoid multiple for-loop
on whitelisted-path array.

ok deraadt@

9 years agoallow SO_ERROR all the time
deraadt [Tue, 20 Oct 2015 05:18:34 +0000 (05:18 +0000)]
allow SO_ERROR all the time

9 years agosync
deraadt [Tue, 20 Oct 2015 04:34:12 +0000 (04:34 +0000)]
sync

9 years agoReplace a function-local allocation with stack memory.
mmcc [Tue, 20 Oct 2015 03:36:35 +0000 (03:36 +0000)]
Replace a function-local allocation with stack memory.

ok djm@

9 years agoIn order to become able to generate syntax tree nodes on the roff(7)
schwarze [Tue, 20 Oct 2015 02:00:49 +0000 (02:00 +0000)]
In order to become able to generate syntax tree nodes on the roff(7)
level, validation must be separated from parsing and rewinding.
This first big step moves calling of the mdoc(7) post_*() functions
out of the parser loop into their own mdoc_validate() pass, while
using a new mdoc_state() module to make syntax tree state handling
available to both the parser loop and the validation pass.

9 years agoAlways allow the setsockopt & getsockopt system calls... however, in the
deraadt [Tue, 20 Oct 2015 01:44:00 +0000 (01:44 +0000)]
Always allow the setsockopt & getsockopt system calls... however, in the
default case only allows SOL_SOCKET SO_RCVBUF which is very common in
network-facing daemons.  Many of them manage this on a socket after
dropping abilities which can get them _new_ sockets.. syslogd, bgpd,
relayd, etc etc.  Other sockopts still require specific pledges.
Tested by bluhm.

9 years agoRemove old tame() stub
deraadt [Mon, 19 Oct 2015 23:13:38 +0000 (23:13 +0000)]
Remove old tame() stub

9 years agoAdd pledge(2) for radiusctl(8) and radiusd(8).
yasuoka [Mon, 19 Oct 2015 22:07:37 +0000 (22:07 +0000)]
Add pledge(2) for radiusctl(8) and radiusd(8).
- radiusd: "stdio inet"
- radiusd_radius: "stdio inet"
- radiusd_bsdauth:
  - "stdio proc" for the non-priviledged process
  - "stdio getpw rpath proc exec" for the priviledged process
- radiusctl: "stdio dns inet"

"go ahead" deraadt

9 years agobreak long lines in examples; ok jmc@
naddy [Mon, 19 Oct 2015 21:32:13 +0000 (21:32 +0000)]
break long lines in examples; ok jmc@

9 years agoTest syslogd logging to a tty which belongs to a user. This is
bluhm [Mon, 19 Oct 2015 20:16:09 +0000 (20:16 +0000)]
Test syslogd logging to a tty which belongs to a user.  This is
done with a utmp entry for a pty fake login.  All messages are read
from the pty and written into a log file.

9 years agostyle cleanup, no functional change
schwarze [Mon, 19 Oct 2015 20:03:57 +0000 (20:03 +0000)]
style cleanup, no functional change

9 years agoEnable some code that does power management magic.
kettenis [Mon, 19 Oct 2015 19:54:35 +0000 (19:54 +0000)]
Enable some code that does power management magic.

9 years agoSimplify, no functional change:
schwarze [Mon, 19 Oct 2015 19:51:06 +0000 (19:51 +0000)]
Simplify, no functional change:
Delete the outmdoc, outman, and outfree function pointers.

9 years agoProperly restore the prefetchable memory window upon resume.
kettenis [Mon, 19 Oct 2015 19:24:54 +0000 (19:24 +0000)]
Properly restore the prefetchable memory window upon resume.

ok deraadt@

9 years agoAdd parenthesis gcc wants and remove defined but unused label gcc
krw [Mon, 19 Oct 2015 19:22:32 +0000 (19:22 +0000)]
Add parenthesis gcc wants and remove defined but unused label gcc
complains about.

ok deraadt@ on parethesis

9 years agoDelete the empty example file "ftpchroot"; no example is needed.
schwarze [Mon, 19 Oct 2015 19:08:44 +0000 (19:08 +0000)]
Delete the empty example file "ftpchroot"; no example is needed.
Move the one useful bit of information contained in the file ("one
user name per line") to the ftpd(8) manual page where it belongs.
OK deraadt@ sthen@

9 years agoLABELSECTOR is a DEV_BSIZE quantity. So multiply by DEV_BSIZE and not
krw [Mon, 19 Oct 2015 19:07:59 +0000 (19:07 +0000)]
LABELSECTOR is a DEV_BSIZE quantity. So multiply by DEV_BSIZE and not
d_secsize when calculating disklabel location.

ok jsing@

9 years agoNuke unused variable.
krw [Mon, 19 Oct 2015 19:05:24 +0000 (19:05 +0000)]
Nuke unused variable.

9 years agoincluding <ohash.h> requires including <stdint.h> beforehand;
schwarze [Mon, 19 Oct 2015 18:58:20 +0000 (18:58 +0000)]
including <ohash.h> requires including <stdint.h> beforehand;
noticed by Svyatoslav Mishyn <juef at openmailbox dot org>

9 years agopledge "stdio exec proc" early on, setpriority, then pledge "stdio exec"
deraadt [Mon, 19 Oct 2015 18:53:35 +0000 (18:53 +0000)]
pledge "stdio exec proc" early on, setpriority, then pledge "stdio exec"
from Theo Buehler

9 years agofree rbio before wbio
beck [Mon, 19 Oct 2015 17:59:39 +0000 (17:59 +0000)]
free rbio before wbio
ok jsing@

9 years agomissing deref on char check. from David Binderman
tedu [Mon, 19 Oct 2015 17:24:07 +0000 (17:24 +0000)]
missing deref on char check. from David Binderman

9 years agoRemove the define NOT, replace it with '!'. No binary change.
mmcc [Mon, 19 Oct 2015 17:15:53 +0000 (17:15 +0000)]
Remove the define NOT, replace it with '!'. No binary change.

"The ^ is used in regular expressions and many versions of fnmatch(3)
accept both ! and ^. However, we are never going to accept ^ instead of
! so I think this makes sense" -millert@

"go for it" -nicm@

9 years agoA little style(9) for sh.h includes
mmcc [Mon, 19 Oct 2015 17:10:53 +0000 (17:10 +0000)]
A little style(9) for sh.h includes

ok nicm@

9 years agoStop supporing "legcay" time formats that OpenSSL supports. Rewrite the
beck [Mon, 19 Oct 2015 16:32:37 +0000 (16:32 +0000)]
Stop supporing "legcay" time formats that OpenSSL supports. Rewrite the
utctime and gentime wrappers accordingly. Along with some other cleanup.
this also removes the need for timegm.
ok bcook@ sthen@ jsing@

9 years agoChange regress to not believe legacy times are valid
beck [Mon, 19 Oct 2015 16:29:22 +0000 (16:29 +0000)]
Change regress to not believe legacy times are valid

9 years agoAllow setpriority in "proc" as well, since a few shells have "nice"
deraadt [Mon, 19 Oct 2015 16:20:56 +0000 (16:20 +0000)]
Allow setpriority in "proc" as well, since a few shells have "nice"
builtin.  make a note that setpriority() should be weakened, unless "id"
is also present.
pointed out by Theo Buehler

9 years agoMove stddef.h include from sh.h to the file that uses it.
mmcc [Mon, 19 Oct 2015 14:43:46 +0000 (14:43 +0000)]
Move stddef.h include from sh.h to the file that uses it.

ok nicm@

9 years agoMove string.h include from sh.h to the files that use it.
mmcc [Mon, 19 Oct 2015 14:42:16 +0000 (14:42 +0000)]
Move string.h include from sh.h to the files that use it.

ok nicm@

9 years agofix memory leaks in error paths
jsg [Mon, 19 Oct 2015 14:15:59 +0000 (14:15 +0000)]
fix memory leaks in error paths
ok renato@

9 years agoRevert transfer submission to r1.85. Seems to make okan@'s scanner
mpi [Mon, 19 Oct 2015 14:05:01 +0000 (14:05 +0000)]
Revert transfer submission to r1.85.  Seems to make okan@'s scanner
work properly.

9 years agoMove limits.h include from sh.h to the files that actually need it. No
mmcc [Mon, 19 Oct 2015 14:03:21 +0000 (14:03 +0000)]
Move limits.h include from sh.h to the files that actually need it. No
binary change.

ok nicm@

9 years agoMore removal of EXTERN.
mmcc [Mon, 19 Oct 2015 14:01:37 +0000 (14:01 +0000)]
More removal of EXTERN.

ok nicm@

9 years agoPrint vnode type for sendfd/recvfd not file type, ok semarie
nicm [Mon, 19 Oct 2015 12:55:32 +0000 (12:55 +0000)]
Print vnode type for sendfd/recvfd not file type, ok semarie

9 years agoStop checking for RTF_UP directly, call rtisvalid(9) instead.
mpi [Mon, 19 Oct 2015 12:11:28 +0000 (12:11 +0000)]
Stop checking for RTF_UP directly, call rtisvalid(9) instead.

While here add two missing ``rtableid'' checks in in6_selectsrc().

ok bluhm@

9 years agoStop checking for RTF_UP directly, call rtisvalid(9) instead.
mpi [Mon, 19 Oct 2015 12:10:05 +0000 (12:10 +0000)]
Stop checking for RTF_UP directly, call rtisvalid(9) instead.

While here add a missing ``rtableid'' check in in_selectsrc().

ok bluhm@

9 years agoSync rtisvalid(9) check for local route entries with r1.257 of
mpi [Mon, 19 Oct 2015 12:02:11 +0000 (12:02 +0000)]
Sync rtisvalid(9) check for local route entries with r1.257 of
net/ip_input.c