krw [Mon, 26 Oct 2015 14:37:50 +0000 (14:37 +0000)]
Flesh out GPT info and tweak other verbiage to be less MBR specific.
millert [Mon, 26 Oct 2015 14:27:41 +0000 (14:27 +0000)]
Remove some useless defines and the set_cron_uid() function.
OK jung@
bluhm [Mon, 26 Oct 2015 14:12:13 +0000 (14:12 +0000)]
Let SLIST_REMOVE invalidate the pointer in more cases.
OK jsing@
mmcc [Mon, 26 Oct 2015 14:08:47 +0000 (14:08 +0000)]
Rename err() to error() to prevent confusion with the stdlib function.
Discussed with jca@.
tedu [Mon, 26 Oct 2015 13:56:18 +0000 (13:56 +0000)]
remove the silly username cache here and use libc user_from_uid.
libc isn't (yet) any better, but it can improve with time.
deraadt [Mon, 26 Oct 2015 13:12:10 +0000 (13:12 +0000)]
remove TMPDIR support
deraadt [Mon, 26 Oct 2015 13:11:42 +0000 (13:11 +0000)]
sync
deraadt [Mon, 26 Oct 2015 13:07:13 +0000 (13:07 +0000)]
rip6query goes to the attic. Hopefully route6d (rip6d?) will get some
love instead, prod prod.
ok claudio jca mpi
tedu [Mon, 26 Oct 2015 12:52:27 +0000 (12:52 +0000)]
remove TMPDIR support. ok millert
tedu [Mon, 26 Oct 2015 12:44:22 +0000 (12:44 +0000)]
print uptime too. ok deraadt
tedu [Mon, 26 Oct 2015 12:24:48 +0000 (12:24 +0000)]
one second amnesty for timeouts so we don't spin with short timeouts
tedu [Mon, 26 Oct 2015 12:23:40 +0000 (12:23 +0000)]
set listening sockets to nonblocking, then handle as many incoming requests
as we can in the loop instead of keventing per request.
tedu [Mon, 26 Oct 2015 12:17:03 +0000 (12:17 +0000)]
dns check needs to be done on the kernel address after copyin
deraadt [Mon, 26 Oct 2015 12:13:45 +0000 (12:13 +0000)]
Allow NET_RT_IFLIST in pledge "dns" as well
claudio [Mon, 26 Oct 2015 11:46:25 +0000 (11:46 +0000)]
Kernel got fixed we no longer need to check if rtm_pid is 0 to filter out
route messages that are not from us.
deraadt [Mon, 26 Oct 2015 11:17:52 +0000 (11:17 +0000)]
If the system call is entirely unpermitted, code will be 0, and there is
no pledge to recommend.
deraadt [Mon, 26 Oct 2015 11:11:45 +0000 (11:11 +0000)]
add setreuid/setregid to "id"
deraadt [Mon, 26 Oct 2015 11:10:53 +0000 (11:10 +0000)]
stop saving a pidfile; ok jung zhuk
jung [Mon, 26 Oct 2015 11:03:29 +0000 (11:03 +0000)]
fix PATH_INFO for / requests
diff from Denis Fondras
ok reyk
bluhm [Mon, 26 Oct 2015 10:43:42 +0000 (10:43 +0000)]
Nothing in base uses native language support anymore. Remove NLS
support from the makefiles.
OK naddy@
tedu [Mon, 26 Oct 2015 10:34:18 +0000 (10:34 +0000)]
remove libutil from dpadd too
tedu [Mon, 26 Oct 2015 10:32:56 +0000 (10:32 +0000)]
remove libutil from dpadd too
deraadt [Mon, 26 Oct 2015 10:12:46 +0000 (10:12 +0000)]
last consumer in base of pidfile()...
jung [Mon, 26 Oct 2015 10:08:14 +0000 (10:08 +0000)]
remove util.h include and -lutil after pidfile removal
ok deraadt
deraadt [Mon, 26 Oct 2015 09:58:18 +0000 (09:58 +0000)]
Stop writing a pidfile
ok benno jung
deraadt [Mon, 26 Oct 2015 09:57:55 +0000 (09:57 +0000)]
stop using pidfile()
ok benno jung jca
jung [Mon, 26 Oct 2015 09:56:01 +0000 (09:56 +0000)]
remove unneeded pidfile() from smtpd
ok gilles
jsg [Mon, 26 Oct 2015 09:34:50 +0000 (09:34 +0000)]
Sync "ifconfig create" interface list with ifconfig -C output.
Adds pair, svlan, tap and vxlan.
jsg [Mon, 26 Oct 2015 09:22:03 +0000 (09:22 +0000)]
avoid a potential double free
ok gilles@
vgross [Mon, 26 Oct 2015 08:06:51 +0000 (08:06 +0000)]
Add autoport to netinet6 regress tests
vgross [Mon, 26 Oct 2015 08:04:10 +0000 (08:04 +0000)]
Add regress test on local route insertions
semarie [Mon, 26 Oct 2015 07:44:43 +0000 (07:44 +0000)]
change some pledge_fail() error/code
- for PLEDGE_FATTR: the code is more accurate to be PLEDGE_FATTR, has
p->p_pledgenote could have multiple bits inside, and it is the lake of
PLEDGE_FATTR that make the check fail.
- for PLEDGE_RECVFD and PLEDGE_SENDFD, change the error to be EINVAL: we fail,
not because of lake of PLEDGE_RECVFD / PLEDGE_SENDFD permission, but because
the value passed is invalid in pledged program (for example trying to send a
VDIR).
"go ahead" deraadt@
semarie [Mon, 26 Oct 2015 07:24:20 +0000 (07:24 +0000)]
make pledge_check(), used for syscall check with pledge, returns an error and
provide the required pledge request for pledge_fail().
ok deraadt@
yasuoka [Mon, 26 Oct 2015 06:44:40 +0000 (06:44 +0000)]
Using realm for bsdauth is misleading. It is currently unusable.
semarie [Mon, 26 Oct 2015 05:28:37 +0000 (05:28 +0000)]
temporary unhook regress/sys/kern/pledge from regress
dtucker [Mon, 26 Oct 2015 02:50:58 +0000 (02:50 +0000)]
Fix typo certopt->certopts in shell variable. This would cause the test to
hang at a host key prompt if you have an A or CNAME for "proxy" in your local
domain.
mmcc [Mon, 26 Oct 2015 02:33:07 +0000 (02:33 +0000)]
Cast isdigit()'s argument to unsigned char.
ok guenther@
schwarze [Mon, 26 Oct 2015 00:49:34 +0000 (00:49 +0000)]
adjust macro usage to the usual conventions
jca [Mon, 26 Oct 2015 00:37:44 +0000 (00:37 +0000)]
Partial revert of r1.79, "np" handling is a bit trickier than expected.
jca [Mon, 26 Oct 2015 00:33:03 +0000 (00:33 +0000)]
Set low-delay traffic class for IPv6 connections as well
While here, there is no option to pass a different tos, and no other
use of the "tos" variable out of tn(), so move the "tos" variable in tn()
and assign it the right value from the start.
ok millert@
jca [Mon, 26 Oct 2015 00:25:45 +0000 (00:25 +0000)]
Rename the struct pollfd array, "set" -> "pfd"
"set" reminds of select(2) fd_set, and is never used elsewhere in the
tree as a name for a pollfd array. No functional change.
jca [Mon, 26 Oct 2015 00:20:44 +0000 (00:20 +0000)]
Those variables should be local to the functions where they are used.
Gets rid of a lot of warnings with -Wshadow. No functional change.
jmc [Mon, 26 Oct 2015 00:15:37 +0000 (00:15 +0000)]
space before punctuation;
jca [Mon, 26 Oct 2015 00:05:47 +0000 (00:05 +0000)]
Kill unused variable and function.
No functional change.
jca [Sun, 25 Oct 2015 23:53:35 +0000 (23:53 +0000)]
hms() returns a pointer to static storage, annotate the return type with "const"
No functional change.
jca [Sun, 25 Oct 2015 23:50:23 +0000 (23:50 +0000)]
Correctly print size_t/time_t.
No functional change.
dtucker [Sun, 25 Oct 2015 23:42:00 +0000 (23:42 +0000)]
Expand tildes in filenames passed to -i before checking whether or not the
identity file exists. This means that if the shell doesn't do the expansion
(eg because the option and filename were given as a single argument) then
we'll still add the key. bz#2481, ok markus@
jca [Sun, 25 Oct 2015 23:41:50 +0000 (23:41 +0000)]
Plug memory leak introduced in r1.15.
No functional change.
dtucker [Sun, 25 Oct 2015 23:14:03 +0000 (23:14 +0000)]
Do not prepend "exec" to the shell command run by "Match exec" in a config
file. It's an unnecessary optimization from repurposed ProxyCommand code
and prevents some things working with some shells. bz#2471, pointed out
by res at qoxp.net. ok markus@
millert [Sun, 25 Oct 2015 23:10:53 +0000 (23:10 +0000)]
No longer create /var/run/ftpd.pid in daemon mode; OK jung@ jca@
jca [Sun, 25 Oct 2015 23:10:32 +0000 (23:10 +0000)]
Those two functions take no parameters, thus /* ARGSUSED */ is meaningless.
No functional change.
jca [Sun, 25 Oct 2015 23:03:07 +0000 (23:03 +0000)]
Sync surrounding code after reallocarray introduction.
No functional change.
jca [Sun, 25 Oct 2015 22:57:09 +0000 (22:57 +0000)]
Rename allocopy() to xstrdup(), and make use of strdup(3).
No functional change.
jca [Sun, 25 Oct 2015 22:45:21 +0000 (22:45 +0000)]
Kill unused ROUTE6D_CONF define.
Since 1999 no one has found the need to write support for a config file.
jca [Sun, 25 Oct 2015 22:38:48 +0000 (22:38 +0000)]
Another pidfile(3) removal; ok benno@
jca [Sun, 25 Oct 2015 22:36:17 +0000 (22:36 +0000)]
In case of error, also log the file name we failed to open.
nicm [Sun, 25 Oct 2015 22:29:17 +0000 (22:29 +0000)]
Extend the modifiers allowed before formats: as well as the existing
#{=10:...} length limit, add #{t:...} to convert a time_t format to a
string, #{b:...} for basename and #{d:...} for dirname. Remove all the
foo_string time formats as they can now be replaced by "t:", for example
#{window_activity_string} becomes #{t:window_activity}.
tedu [Sun, 25 Oct 2015 22:13:39 +0000 (22:13 +0000)]
unifdef some oldness. (BSD not defined since removal of param.h)
ok jca sthen
jca [Sun, 25 Oct 2015 22:11:34 +0000 (22:11 +0000)]
ansify
deraadt [Sun, 25 Oct 2015 21:58:04 +0000 (21:58 +0000)]
unbreak tree for ramdisks without INET6
zhuk [Sun, 25 Oct 2015 21:50:32 +0000 (21:50 +0000)]
Unify & improve paragraphs talking about "==> file <==" headers in
head(1) and tail(1).
Input & okay from jmc@
millert [Sun, 25 Oct 2015 21:36:55 +0000 (21:36 +0000)]
Remove PIDDIR and PIDFILE missed in previous commit.
deraadt [Sun, 25 Oct 2015 21:36:36 +0000 (21:36 +0000)]
sync
florian [Sun, 25 Oct 2015 21:32:16 +0000 (21:32 +0000)]
Put some comments in how nd6_rs_attach() works.
Requested by stsp
jca [Sun, 25 Oct 2015 21:31:58 +0000 (21:31 +0000)]
pledge "stdio inet route"; ok deraadt@
millert [Sun, 25 Oct 2015 21:30:11 +0000 (21:30 +0000)]
Remove cron.pid support. We still want to avoid multiple crons
running so verify that if the cron socket exists nothing is listening
on it. OK tedu@
jca [Sun, 25 Oct 2015 21:23:42 +0000 (21:23 +0000)]
Stop writing down a pidfile.
pid files aren't useful on OpenBSD, the rc.d(8) framework doesn't use
them. In rtadvd, not writing a pid file means that we can set tighter
pledge(2) settings. Also the pid file handling is pretty basic and the
atexit handler can't remove the pid file since rtadvd did a chroot - beurk.
ok florian@, "perfect" deraadt@ (!)
stsp [Sun, 25 Oct 2015 21:21:15 +0000 (21:21 +0000)]
Fix installboot(8) on i386/amd64 when softraid is on top of GPT.
ok krw deraadt
deraadt [Sun, 25 Oct 2015 20:39:54 +0000 (20:39 +0000)]
Fold "malloc" into "stdio" and -- recognizing that no program so far has
used less than "stdio" -- include all the "self" operations. Instead of
different defines, use regular PLEDGE_* in the "p_pledgenote" variable
(which indicates the operation subtype a system call is performing). Many
checks before easier to understand. p_pledgenote can often be passed
directly to ktrace, so that kdump says:
15565 test CALL pledge(0xa9a3f804c51,0)
15565 test STRU pledge request="stdio"
15565 test RET pledge 0
15565 test CALL open(0xa9a3f804c57,0x2<O_RDWR>)
15565 test NAMI "/tmp/testfile"
15565 test PLDG open, "wpath", errno 1 Operation not permitted
with help from semarie, ok guenther
deraadt [Sun, 25 Oct 2015 20:23:00 +0000 (20:23 +0000)]
pledge "route" no longer needed for if_indextoname & if_nametoindex
tobias [Sun, 25 Oct 2015 20:18:37 +0000 (20:18 +0000)]
Write error message instead of duplicated file name on error.
ok deraadt
doug [Sun, 25 Oct 2015 20:15:06 +0000 (20:15 +0000)]
Change test to use length 128 (shortest long-form encoding).
From BoringSSL commit:
d13a5e15d4e4eb51513be665306a2beba39869df
florian [Sun, 25 Oct 2015 20:01:21 +0000 (20:01 +0000)]
pr_bitrange() is unused, nuke it.
florian [Sun, 25 Oct 2015 19:58:56 +0000 (19:58 +0000)]
remove prototype for removed pingerlen function.
jung [Sun, 25 Oct 2015 19:32:33 +0000 (19:32 +0000)]
enable asmc(4) on i386
jung [Sun, 25 Oct 2015 19:26:43 +0000 (19:26 +0000)]
refactor to use a taskq and postpone the long running initial sensor probing,
also avoid excessive tsleep()s for updates within the sensor task,
moreover this should fix some seldom seen 'comm collision' errors
guenther [Sun, 25 Oct 2015 19:15:56 +0000 (19:15 +0000)]
Wrap waitpid() so calls go direct; weaken wait() and wait3().
Strip out unnecessary #includes and use NULL instead of (struct rusage *)0
claudio [Sun, 25 Oct 2015 18:49:01 +0000 (18:49 +0000)]
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and
imsg_ctl_rde since these function should only be used by the control
code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs
don't need to queue behind all the incoming bgp UPDATES. This speeds
up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing
this since a very long time but it seems the SE was not adjusted. Yikes
claudio [Sun, 25 Oct 2015 18:45:04 +0000 (18:45 +0000)]
Only run the rib_dump_runner() if there is something pending and the
control socket has not many messages queued.
mmcc [Sun, 25 Oct 2015 18:25:41 +0000 (18:25 +0000)]
Cast ctype functions' argument to unsigned char.
ok guenther@
guenther [Sun, 25 Oct 2015 18:03:17 +0000 (18:03 +0000)]
Move the _atfork_list definition to atexit.c so that the fork syscall stub
doesn't get pulled into all static executables
ok millert@ jca@
guenther [Sun, 25 Oct 2015 18:01:24 +0000 (18:01 +0000)]
Hide __atexit and __atexit_register_cleanup()
Wrap __cxa_{atexit,finalize}() so the call from exit() goes direct
Switch regress/lib/libc/atexit/ to be built with -static so that it can
still access __atexit*
ok millert@ jca@
deraadt [Sun, 25 Oct 2015 17:45:29 +0000 (17:45 +0000)]
pledge_sockopt_check is shared between setsockopt/getsockopt. nicm
found the first case of "get allowed, set not allowed". Tiny
refactoring of that.
krw [Sun, 25 Oct 2015 16:45:08 +0000 (16:45 +0000)]
'b0' and 'b1' are no longer supported, so de-document them.
krw [Sun, 25 Oct 2015 16:35:40 +0000 (16:35 +0000)]
Nuke union of d_packname with un_d_boot0 & un_d_boot1, keeping
d_packname as a simple field. Also nuke the access #defines, and
support for b0 and b1 capabilities in disktab.
ok deraadt@ miod@
mpi [Sun, 25 Oct 2015 16:25:23 +0000 (16:25 +0000)]
I should not have committed this chunk. Spotted by krw@
doug [Sun, 25 Oct 2015 16:07:04 +0000 (16:07 +0000)]
Sort the obsolete flags.
doug [Sun, 25 Oct 2015 15:58:57 +0000 (15:58 +0000)]
Mark SSL_OP_NO_{COMPRESSION,SSLv2,SSLv3} as obsolete.
For backward compatibility, the flags are redefined as 0.
ok jsing@
doug [Sun, 25 Oct 2015 15:52:49 +0000 (15:52 +0000)]
Remove last vestige of SSL_OP_NO_SSLv3 support.
No part of LibreSSL checks for this flag any longer.
ok jsing@
doug [Sun, 25 Oct 2015 15:49:04 +0000 (15:49 +0000)]
Simplify ssl23_get_client_hello error handling.
ssl23_get_client_hello sets type=1 on error and continues processing.
It should return an error immediately to simplify things. This also
allows us to start removing the last of SSL_OP_NO_SSL*.
Added extra paranoia for s->version to make sure it is set properly.
ok jsing@
zhuk [Sun, 25 Oct 2015 15:38:19 +0000 (15:38 +0000)]
Decapitalize yyparse tag name here.
okay jmc@
czarkoff [Sun, 25 Oct 2015 15:26:53 +0000 (15:26 +0000)]
strvis directory names in ps
OK stsp@
mpi [Sun, 25 Oct 2015 15:24:03 +0000 (15:24 +0000)]
Simple sizes for free(9).
ok claudio@
deraadt [Sun, 25 Oct 2015 15:11:52 +0000 (15:11 +0000)]
do not expose nd6 randomid's to userland via ioctl.
ok claudio mpi florian
mpi [Sun, 25 Oct 2015 15:01:59 +0000 (15:01 +0000)]
Trivial rt_ifp->if_index -> rt_ifidx conversions.
mpi [Sun, 25 Oct 2015 14:56:14 +0000 (14:56 +0000)]
Sync after recent rtable_insert() change.
mpi [Sun, 25 Oct 2015 14:48:51 +0000 (14:48 +0000)]
Merge rtable_mpath_conflict() into rtable_insert().
ok claudio@
florian [Sun, 25 Oct 2015 14:43:48 +0000 (14:43 +0000)]
IPV6_NEXTHOP is gone, remove -g option which used this.
kill it mpi@
florian [Sun, 25 Oct 2015 14:43:06 +0000 (14:43 +0000)]
Remove IPV6_NEXTHOP implementation. Source routing is considered to be
a bad idea these days.
kill it mpi@
general agreement in the network hackers room at u2k15
jca [Sun, 25 Oct 2015 14:42:02 +0000 (14:42 +0000)]
Kill unused local var, and reorder while here.