jmc [Thu, 24 Apr 2014 19:07:54 +0000 (19:07 +0000)]
no more kinit(1);
tedu [Thu, 24 Apr 2014 19:04:54 +0000 (19:04 +0000)]
jmc spotted more ruptime tentacles
jmc [Thu, 24 Apr 2014 18:56:24 +0000 (18:56 +0000)]
uses ssh these days, not rsh; ok tedu
jmc [Thu, 24 Apr 2014 18:52:11 +0000 (18:52 +0000)]
no more rwho/ruptime;
giovanni [Thu, 24 Apr 2014 18:35:25 +0000 (18:35 +0000)]
unifdef MSDOS
ok miod@
tedu [Thu, 24 Apr 2014 17:13:11 +0000 (17:13 +0000)]
obvious use after free was less obviously not a use after free.
who uses '\0' as a null pointer constant? fix my mistake and restore
original semantics.
millert [Thu, 24 Apr 2014 16:29:48 +0000 (16:29 +0000)]
Fix logic inversion when checking environment variables on the
command line against the blacklist. This is only a problem when
env_reset is disabled. CVE 2014-0106
jsing [Thu, 24 Apr 2014 15:50:02 +0000 (15:50 +0000)]
More KNF.
jsg [Thu, 24 Apr 2014 15:38:25 +0000 (15:38 +0000)]
no need to check for default_chip_map twice in one if statement
jsing [Thu, 24 Apr 2014 15:38:13 +0000 (15:38 +0000)]
Make it compile again.
jsing [Thu, 24 Apr 2014 15:12:20 +0000 (15:12 +0000)]
Remove some malloc/strlcpy/strlcat horror. Just use asprintf and avoid an
unchecked malloc at the same time.
ok beck@
aoyama [Thu, 24 Apr 2014 15:09:35 +0000 (15:09 +0000)]
regen
beck [Thu, 24 Apr 2014 15:07:20 +0000 (15:07 +0000)]
add ERR_asprintf_error_data, A tool to be used to get rid of the far too
frequent construct of 30 lines of pointer and strlcat insanity followed
by an ERR_add_error_data. I will sweep through here like a chubby mongol
horde in the next few days pillaging crappy ERR_add_error_data's.
Oh and while we're at it fix the nasty vdata function to use something less
hard on the eyes.
ok jsing@
tedu [Thu, 24 Apr 2014 15:05:10 +0000 (15:05 +0000)]
rm rwhod tentacles
tedu [Thu, 24 Apr 2014 15:03:04 +0000 (15:03 +0000)]
rm rwho xr
tedu [Thu, 24 Apr 2014 15:01:27 +0000 (15:01 +0000)]
I have not eaten for days.
And who says you will?
aoyama [Thu, 24 Apr 2014 15:01:12 +0000 (15:01 +0000)]
regen
tedu [Thu, 24 Apr 2014 14:59:06 +0000 (14:59 +0000)]
That is strength, boy! That is power! What is steel compared to the hand
that wields it? Look at the strength in your body, the desire in your
heart, I gave you this! Such a waste. Contemplate this on the tree of woe.
tedu [Thu, 24 Apr 2014 14:55:39 +0000 (14:55 +0000)]
days since rwhod was useful: 5475
aoyama [Thu, 24 Apr 2014 14:52:09 +0000 (14:52 +0000)]
Add pcex{mem,io} entries to MAKEDEV.
ok miod@
jmc [Thu, 24 Apr 2014 14:14:08 +0000 (14:14 +0000)]
remove kerberos reference, and knock some fairly useless Xr out;
jsing [Thu, 24 Apr 2014 14:03:38 +0000 (14:03 +0000)]
You want signals?!? I'll give you signals!!! Oh, and we have termios as
well...
ok beck@
jmc [Thu, 24 Apr 2014 14:00:35 +0000 (14:00 +0000)]
simpler description for -P, avoiding the need to discuss rsh;
jmc [Thu, 24 Apr 2014 13:48:38 +0000 (13:48 +0000)]
no more asn1 or comm_err;
jmc [Thu, 24 Apr 2014 13:41:39 +0000 (13:41 +0000)]
adjust some list widths;
jsing [Thu, 24 Apr 2014 13:12:18 +0000 (13:12 +0000)]
More KNF.
mcbride [Thu, 24 Apr 2014 13:06:52 +0000 (13:06 +0000)]
More KNF, things that couldn't be verified with md5(1), and some whitespace
I missed on the first go around.
jsing [Thu, 24 Apr 2014 12:39:02 +0000 (12:39 +0000)]
unifdef -U LINT
jsing [Thu, 24 Apr 2014 12:22:22 +0000 (12:22 +0000)]
When OPENSSL_C is not defined, apps_startup becomes a
signal(SIGPIPE, SIG_IGN) and apps_shutdown is a no-op. So just do that
instead.
ok beck@
mcbride [Thu, 24 Apr 2014 12:21:26 +0000 (12:21 +0000)]
KNF
jsing [Thu, 24 Apr 2014 12:19:59 +0000 (12:19 +0000)]
Remove more FIPS tenticles.
ok beck@
jsing [Thu, 24 Apr 2014 12:04:31 +0000 (12:04 +0000)]
Rip a bunch of ifdefs from speed. We know we can fork, have SIGALRM and
do not use lint.
ok miod@
henning [Thu, 24 Apr 2014 11:55:12 +0000 (11:55 +0000)]
ewps... repair qid assignment
mpi [Thu, 24 Apr 2014 09:40:28 +0000 (09:40 +0000)]
Change the usbd_*_report() family of functions to take a usbd_device
and a infaceno argument instead of an iface pointer. While here,
remove some unused functions and inlined usbd_read_report_desc since
it is used only once.
This is part of plumbing required to convert the various USB HID devices
to handle multiples report IDs.
ok andre@
nicm [Thu, 24 Apr 2014 09:14:43 +0000 (09:14 +0000)]
There is no longer a need for a paste_stack struct or for global_buffers
to be global. Move to paste.c.
bluhm [Thu, 24 Apr 2014 09:05:10 +0000 (09:05 +0000)]
The switch statement given/when was introduced in Perl 5.10 and got
experimental in Perl 5.18. So we see warnings in the tests.
given is experimental at funcs.pl line 62.
when is experimental at funcs.pl line 63.
Just suppress this type of warnings for now. If Perl will disable
smart match, the simple regression code still works. If they will
choose to remove given/when, we can fix it later.
Discussed with and OK andre@ afresh1@
blambert [Thu, 24 Apr 2014 08:51:08 +0000 (08:51 +0000)]
fix copied text in error string
ok reyk@
beck [Thu, 24 Apr 2014 06:02:58 +0000 (06:02 +0000)]
A fantastic way to make a large unsigned number is to assign
a small signed one to it.. Some people on OpenSSL's list
noticed - http://marc.info/?l=openssl-dev&m=
139809485525663&w=2
This should fix that, and make sure we don't try to write out insane
amounts of stuff.
ok miod@ tedu@
tedu [Thu, 24 Apr 2014 04:45:43 +0000 (04:45 +0000)]
remove redundant asign. from David Hill
lteo [Thu, 24 Apr 2014 04:36:08 +0000 (04:36 +0000)]
Support for the -ssl2 option has been removed, so remove it from usage
as well ("openssl ciphers -h").
"sure" miod@
tedu [Thu, 24 Apr 2014 04:31:30 +0000 (04:31 +0000)]
on today's episode of things you didn't want to learn:
do_ssl3_write() is recursive. and not in the simple, obvious way, but in
the sneaky called through ssl3_dispatch_alert way. (alert level: fuchsia)
this then has a decent chance of releasing the buffer that we thought we
were going to use. check for this happening, and if the buffer has gone
missing, put another one back in place.
the direct recursive call is safe because it won't call ssl3_write_pending
which is the function that actually does do the writing and releasing.
as reported by David Ramos to openssl-dev:
http://marc.info/?l=openssl-dev&m=
139809493725682&w=2
ok beck
jsg [Thu, 24 Apr 2014 04:11:17 +0000 (04:11 +0000)]
match some more intel sata devices in ide mode
jsg [Thu, 24 Apr 2014 04:08:01 +0000 (04:08 +0000)]
regen
jsg [Thu, 24 Apr 2014 04:07:25 +0000 (04:07 +0000)]
add some more intel sata devices in ide mode
tedu [Thu, 24 Apr 2014 01:57:06 +0000 (01:57 +0000)]
calloc is better. from Peter Malone
tedu [Thu, 24 Apr 2014 01:34:35 +0000 (01:34 +0000)]
calloc is better. from Peter Malone
tedu [Thu, 24 Apr 2014 01:04:52 +0000 (01:04 +0000)]
repair missing semicolon. from Ian Mcwilliam
schwarze [Thu, 24 Apr 2014 00:28:02 +0000 (00:28 +0000)]
misplaced punctuation
miod [Wed, 23 Apr 2014 22:26:25 +0000 (22:26 +0000)]
Unifdef -UPKCS1_CHECK and remove SSL_OP_PKCS1_CHECK_[12], this is leftover
``debug'' code from a 15+ years old bugfix and the SSL_OP_PKCS1_CHECK_*
constants have had a value of zero since ages. No production code should use
them.
ok beck@
tedu [Wed, 23 Apr 2014 21:58:05 +0000 (21:58 +0000)]
ain't nobody got time for hpux
tedu [Wed, 23 Apr 2014 21:55:26 +0000 (21:55 +0000)]
fix some variables
tedu [Wed, 23 Apr 2014 21:54:30 +0000 (21:54 +0000)]
replace a bunch of hand duped strings with strdup
miod [Wed, 23 Apr 2014 21:53:18 +0000 (21:53 +0000)]
Don't bother generating win64 assembly prologue.
tedu [Wed, 23 Apr 2014 21:49:49 +0000 (21:49 +0000)]
malloc/memset -> calloc. from peter malone
miod [Wed, 23 Apr 2014 21:28:52 +0000 (21:28 +0000)]
No longer needed during build. Brings a smile on beck@'s face.
schwarze [Wed, 23 Apr 2014 21:06:33 +0000 (21:06 +0000)]
Audit malloc(3)/calloc(3)/realloc(3) usage.
* Change eight reallocs to reallocarray to be safe from overflows.
* Change one malloc to reallocarray to be safe from overflows.
* Change one calloc to reallocarray, no zeroing needed.
* Change the order of arguments of three callocs (aesthetical).
tedu [Wed, 23 Apr 2014 21:01:15 +0000 (21:01 +0000)]
null pointers after free to prevent double frees and worse. also fix a
very obvious use after free. this file may still be a total loss.
miod [Wed, 23 Apr 2014 20:59:36 +0000 (20:59 +0000)]
The usual idiom to cope with systems not defining socklen_t is to add a
#define socklen_t int
somewhere (or a typedef, whatever gives you an integer type of the size
your system expects as the 3rd argument of accept(2), really).
OpenSSL here is a bit more creative by using an union of an int and a size_t,
and extra code if sizeof(int) != sizeof(size_t) in order to recover the
proper size. With a comment mentioning that this has no chance to work on
a platform with a stack growing up and accept() returning an int, fortunately
this seems to work on HP-UX.
Switch to the light side of the force and declare and use socklen_t variables,
period. If your system does not define socklen_t, consider bringing it back
to your vendor for a refund.
ok matthew@ tedu@
tedu [Wed, 23 Apr 2014 20:50:18 +0000 (20:50 +0000)]
whitespace
tedu [Wed, 23 Apr 2014 20:22:37 +0000 (20:22 +0000)]
close socket in failure cases too
tedu [Wed, 23 Apr 2014 20:21:23 +0000 (20:21 +0000)]
if realloc failed, BIO_accept would leak memory and return NULL, causing
caller to crash. Fix leak and return an error instead. from Chad Loder
miod [Wed, 23 Apr 2014 19:20:36 +0000 (19:20 +0000)]
One last Dec C tentacle on alpha.
miod [Wed, 23 Apr 2014 19:17:48 +0000 (19:17 +0000)]
When I grow up, I want to write workaround for long long multiplications
under __TANDEM systems and compilers, using hardcoded octal numbers. NOT.
miod [Wed, 23 Apr 2014 19:16:15 +0000 (19:16 +0000)]
Remove IRIX_CC_BUG workaround.
miod [Wed, 23 Apr 2014 19:14:59 +0000 (19:14 +0000)]
I'm glad to know that Ultrix CC has a bug optimizing switch() statements
lacking an explicit `case 0:' construct. But Ultrix has been dead for more than
15 years, really. Don't give it any reason to move out of its coffin.
miod [Wed, 23 Apr 2014 19:12:21 +0000 (19:12 +0000)]
Grr, the more you remove, the more there remain.
miod [Wed, 23 Apr 2014 19:11:19 +0000 (19:11 +0000)]
Forgotten during latest spring cleaning of unreferenced bits.
miod [Wed, 23 Apr 2014 19:09:48 +0000 (19:09 +0000)]
Unifdef -UPEDANTIC. ok beck@ tedu@
schwarze [Wed, 23 Apr 2014 19:08:52 +0000 (19:08 +0000)]
Audit strlcpy(3)/strlcat(3) usage:
* Add missing truncation checks to three calls.
* In four cases where we know that the distination buffer is large enough,
cast the return vailue to (void).
miod [Wed, 23 Apr 2014 19:01:50 +0000 (19:01 +0000)]
Remove duplicate pointer assignment in ASN1_primitive_free(); Dirk Engling
miod [Wed, 23 Apr 2014 18:40:39 +0000 (18:40 +0000)]
Figure out endianness at compile-time, using _BYTE_ORDER from
<machine/endian.h>, rather than writing 1 to a 32-bit variable and checking
whether the first byte is nonzero.
tweaks and ok matthew@; ok beck@ tedu@
ajacoutot [Wed, 23 Apr 2014 18:24:23 +0000 (18:24 +0000)]
Remove more Kerberos cruft.
ok jca@ jmc@
jca [Wed, 23 Apr 2014 18:16:36 +0000 (18:16 +0000)]
Better name for fdmaskp, reduce the scope of some variables, don't abuse
cc for poll()'s return value, and indent decls. ok florian@
schwarze [Wed, 23 Apr 2014 16:33:37 +0000 (16:33 +0000)]
improve SQL style: avoid "SELECT *", be explicit in what columns we want;
suggested by espie@.
jmc [Wed, 23 Apr 2014 16:26:33 +0000 (16:26 +0000)]
tweak previous; sorry ingo, my review was pretty poor;
schwarze [Wed, 23 Apr 2014 16:07:06 +0000 (16:07 +0000)]
Audit strlcpy(3)/strlcat(3) usage.
* Repair three instances of silent truncation, use asprintf(3).
* Change two instances of strlen(3)+malloc(3)+strlcpy(3)+strlcat(3)+...
to use asprintf(3) instead to make them less error prone.
* Cast the return value of four instances where the destination
buffer is known to be large enough to (void).
* Completely remove three useless instances of strlcpy(3)/strlcat(3).
* Mark two places in -Thtml with XXX that can cause information loss
and crashes but are not easy to fix, requiring design changes of
some internal interfaces.
* The file mandocdb.c remains to be audited.
reyk [Wed, 23 Apr 2014 15:45:16 +0000 (15:45 +0000)]
Fix format string in DEBUG message (not compiled by default).
ok blambert@
tedu [Wed, 23 Apr 2014 15:07:27 +0000 (15:07 +0000)]
remove Z option and default to something halfway to J.
we always junk small chunks now, and the first part of pages,
but only after free. J still does the old thing. j disables everything.
Consider experimental as we evaluate performance in the real world.
ok otto
florian [Wed, 23 Apr 2014 14:43:14 +0000 (14:43 +0000)]
No need for vargs here.
While there move declaration of divert{,6}_output() to .c as it's a
private function. Also switch first two args to make it more like
similar functions (both suggested by mpi@).
Input/OK mpi@, OK lteo@
jca [Wed, 23 Apr 2014 14:15:03 +0000 (14:15 +0000)]
Use arc4random as PRNG backend, instead of libcrypto RAND.
Feedback and ok guenther@ deraadt@
Discussed with upstream, who is preparing an arc4random backend.
schwarze [Wed, 23 Apr 2014 13:58:55 +0000 (13:58 +0000)]
more info about HISTORY; ok jmc@
jca [Wed, 23 Apr 2014 13:16:28 +0000 (13:16 +0000)]
His name is Van Jacobson. ok jmc@
stsp [Wed, 23 Apr 2014 12:45:18 +0000 (12:45 +0000)]
Document RTS5227 support in rtsx(4).
djm [Wed, 23 Apr 2014 12:42:34 +0000 (12:42 +0000)]
don't record duplicate IdentityFiles
jsing [Wed, 23 Apr 2014 12:42:16 +0000 (12:42 +0000)]
Casting from a const unsigned char ** to a const unsigned char ** seems...
unnecessary. Remove the temporary ugly casts - the comments even call them
that!
ok guenther@
jsing [Wed, 23 Apr 2014 12:37:42 +0000 (12:37 +0000)]
We do not need ARGV, Argc and Argv - just use argc and argv like normal
people do.
ok beck@ (although he wanted #Arrrrrrrgv instead).
florian [Wed, 23 Apr 2014 12:27:31 +0000 (12:27 +0000)]
Replace malloc / memset / select song and dance with poll(2) like
ping6.
Prompted by and initial diff from Peter Malone (peter _AT_
petermalone _DOT_ org), thanks!
OK jca@
mpi [Wed, 23 Apr 2014 12:25:35 +0000 (12:25 +0000)]
Don't use varargs for udp_output() and sync the argument order with
udp6_output().
ok henning@, reyk@, jca@
otto [Wed, 23 Apr 2014 11:49:25 +0000 (11:49 +0000)]
don't clear label before readasciilabel(), it will not fill in some
required fields like disk size, causing consistency check failures.
with and ok krw@
jca [Wed, 23 Apr 2014 11:47:04 +0000 (11:47 +0000)]
Kill useless assignement, matchlen is initialized two lines below.
From Fritjof Bornebusch.
naddy [Wed, 23 Apr 2014 11:42:14 +0000 (11:42 +0000)]
Remove badly outdated information: FDDI and Token Ring are gone,
VLAN tags on transmitted packets have been visible to bpf since
the introduction of bpf_mtap_ether(). ok brad@, henning@
jca [Wed, 23 Apr 2014 10:50:18 +0000 (10:50 +0000)]
Don't attempt to deal with link types supported by no drivers in the
tree. ok henning@
espie [Wed, 23 Apr 2014 10:47:15 +0000 (10:47 +0000)]
explain a bit more what's going on for stupid me.
okay otto@
nicm [Wed, 23 Apr 2014 10:14:29 +0000 (10:14 +0000)]
Differentiate between linked and unlinked window closes and renames,
like we already do for adds. From Andre Masella.
ajacoutot [Wed, 23 Apr 2014 09:56:56 +0000 (09:56 +0000)]
Remove krb5 bits from rc(8).
ok reyk@
mpi [Wed, 23 Apr 2014 09:30:57 +0000 (09:30 +0000)]
You don't want to use ifa_ifwithroute(), it exists for to the routing
crazyness only.
florian [Wed, 23 Apr 2014 09:27:13 +0000 (09:27 +0000)]
Merge traceroute6 into traceroute.
Not yet enabled in the build.
OK benno@
florian [Wed, 23 Apr 2014 09:24:36 +0000 (09:24 +0000)]
Prepare for merge: s/hops/ttl/ in struct packetdata
OK benno@
florian [Wed, 23 Apr 2014 09:23:30 +0000 (09:23 +0000)]
Prepare for merge: no more useicmp
OK benno@
florian [Wed, 23 Apr 2014 09:22:34 +0000 (09:22 +0000)]
KNF
OK benno@