deraadt [Wed, 16 Jul 2014 13:46:30 +0000 (13:46 +0000)]
Yes /etc/disklabels/ is a good practice for placing labels of disks
in case of catastropy. But it is so poorly documented that any admin
is more likely to store the labels elsewhere, so let's stop bothering
with providing the directory. Discussed a bit, no objections.
deraadt [Wed, 16 Jul 2014 13:21:33 +0000 (13:21 +0000)]
mixerctl.conf wsconsctl.conf can properly become examples.
As discussed a few days ago with aja
deraadt [Wed, 16 Jul 2014 12:50:42 +0000 (12:50 +0000)]
the files listed under BIN1 are not binaries in any way. Let's call
them what they are: MUTABLE, as in these are the specific files that
admins do edit in /etc
deraadt [Wed, 16 Jul 2014 12:46:16 +0000 (12:46 +0000)]
create examples/pf.conf which is a clone of the existing file. Now
the existing file can start losing... examples...
deraadt [Wed, 16 Jul 2014 12:25:52 +0000 (12:25 +0000)]
BIN2 is now just motd; install it direct without the abstractions. While
there, let's make it operator writeable. Or let's do a commit changing it
to operator writeable and see the pro and con camps rise up.
deraadt [Wed, 16 Jul 2014 10:45:46 +0000 (10:45 +0000)]
the scan for transforming free(...) to (free..., 0) failed becuase this
file has 'free ('
:-/
deraadt [Wed, 16 Jul 2014 10:43:06 +0000 (10:43 +0000)]
do not need a variable to track locking, since all code paths have it
locked throughout.
deraadt [Wed, 16 Jul 2014 10:36:11 +0000 (10:36 +0000)]
sync
deraadt [Wed, 16 Jul 2014 10:35:48 +0000 (10:35 +0000)]
lynx has left the tree, and let's be honest noone will find these html
files in their installed system. this extended documentation experience
is available better on the net using a browser installed with pkg_add.
(also note that two of the subsystems involved in this issue are heading
to the bit bucket sometime soon)
deraadt [Wed, 16 Jul 2014 10:25:38 +0000 (10:25 +0000)]
more lynx bits
reyk [Wed, 16 Jul 2014 10:25:28 +0000 (10:25 +0000)]
Implement file descriptor accounting. The concept was taken from
relayd but had to be adjusted for httpd. It now handles single-pass
HTTP connections, persistent connections with multiple requests, and
body-less HEAD requests. With input from benno@
ajacoutot [Wed, 16 Jul 2014 08:27:14 +0000 (08:27 +0000)]
Add a comment at the top of sysctl.conf when it is created by the
installer.
ok deraadt@ rpe@
mlarkin [Wed, 16 Jul 2014 07:42:50 +0000 (07:42 +0000)]
Reenable hibernate RLE support and flush+zero all memory after unpack.
lteo [Wed, 16 Jul 2014 04:52:43 +0000 (04:52 +0000)]
Clean up the ifdef maze in usage() by reformatting it to have distinct
!SMALL and SMALL sections. This makes future changes easier to review
and to compare with the man page's synopsis.
The usage output is the same as before so there is no change from the
user's point of view.
usage() cleanup and !SMALL/SMALL separation suggested by jmc@
ok jmc@
deraadt [Wed, 16 Jul 2014 02:02:56 +0000 (02:02 +0000)]
sync
deraadt [Wed, 16 Jul 2014 02:02:49 +0000 (02:02 +0000)]
another piece of lynx hides here
deraadt [Wed, 16 Jul 2014 01:23:39 +0000 (01:23 +0000)]
lynx will go to ports. there are too many reasons for it to go there,
and not enough for it to stay. lengthy discussions.
deraadt [Wed, 16 Jul 2014 00:40:11 +0000 (00:40 +0000)]
sync
deraadt [Wed, 16 Jul 2014 00:18:54 +0000 (00:18 +0000)]
#ifdef wrap the _rs_forkhandler
bcook [Wed, 16 Jul 2014 00:15:35 +0000 (00:15 +0000)]
added handler for an atfork hook from kettenis@
ok deraadt@ beck@ kettenis@
deraadt [Tue, 15 Jul 2014 23:13:48 +0000 (23:13 +0000)]
tidy up the script
miod [Tue, 15 Jul 2014 23:10:27 +0000 (23:10 +0000)]
Don't define uuid_t yet; unbreaks some ports. spotted by jca@
deraadt [Tue, 15 Jul 2014 23:07:19 +0000 (23:07 +0000)]
remove support for the non-standard BSDmakefile, which make tries to
open first. a handful of strange ports will cope soon.
ok espie
deraadt [Tue, 15 Jul 2014 22:14:37 +0000 (22:14 +0000)]
mode 644 for installing these files
deraadt [Tue, 15 Jul 2014 22:12:10 +0000 (22:12 +0000)]
delete commented out sl
miod [Tue, 15 Jul 2014 22:05:29 +0000 (22:05 +0000)]
Apparently people updating this no longer fix the DOW and the minute and
seconds values in the announcement timestamps. Damn youngsters.
deraadt [Tue, 15 Jul 2014 21:59:16 +0000 (21:59 +0000)]
crank to 5.6-beta
miod [Tue, 15 Jul 2014 17:36:13 +0000 (17:36 +0000)]
Remove ppi (hp300 leftover)
miod [Tue, 15 Jul 2014 16:28:11 +0000 (16:28 +0000)]
Implement rw_cas() with atomic_cas_ulong() now, instead of a dedicated
routine.
miod [Tue, 15 Jul 2014 16:26:28 +0000 (16:26 +0000)]
Fix stupid bug in atomic_{add,sub}_int_nv_mp, and stupider bug in
atomic_cas_uint_mp.
Also, make the interprocessor interlock the only thing on its cache line.
sthen [Tue, 15 Jul 2014 15:58:39 +0000 (15:58 +0000)]
add port entries for quagga from the documentation, ok ajacoutot@
/etc/services file moved from etc to base so is no longer really
user-editable as changes will be overwritten at update time
millert [Tue, 15 Jul 2014 15:54:14 +0000 (15:54 +0000)]
Add support for Unix domain socket forwarding. A remote TCP port
may be forwarded to a local Unix domain socket and vice versa or
both ends may be a Unix domain socket. This is a reimplementation
of the streamlocal patches by William Ahern from:
http://www.25thandclement.com/~william/projects/streamlocal.html
OK djm@ markus@
sthen [Tue, 15 Jul 2014 15:52:38 +0000 (15:52 +0000)]
conserver moved port, ok ajacoutot@
ajacoutot [Tue, 15 Jul 2014 15:30:56 +0000 (15:30 +0000)]
typo
jmc [Tue, 15 Jul 2014 11:26:20 +0000 (11:26 +0000)]
put examples/ in the right place;
jmc [Tue, 15 Jul 2014 11:25:22 +0000 (11:25 +0000)]
add -N to usage()/SYNOPSIS and tweak previous;
rather than adding "net" to the -o list, claudio points out that
-o net and -o noauto are really noops, so remove "noauto";
help/ok claudio
deraadt [Tue, 15 Jul 2014 10:09:36 +0000 (10:09 +0000)]
BSD.local.dist went away
reyk [Tue, 15 Jul 2014 09:51:06 +0000 (09:51 +0000)]
don't diplay the full path in error messages
ajacoutot [Tue, 15 Jul 2014 09:27:04 +0000 (09:27 +0000)]
/var/db/sysmerge -> /usr/share/sysmerge
ok deraadt@
espie [Tue, 15 Jul 2014 09:14:50 +0000 (09:14 +0000)]
folded back into 4.4BSD.dist
removed to unconfuse devs
okay aja, theo
deraadt [Tue, 15 Jul 2014 09:12:09 +0000 (09:12 +0000)]
new dir /usr/share/sysmerge
deraadt [Tue, 15 Jul 2014 09:11:18 +0000 (09:11 +0000)]
correct dir
sthen [Tue, 15 Jul 2014 09:03:00 +0000 (09:03 +0000)]
add /usr/local/lib/pkgconfig to mtree, ok espie@ jasper@
deraadt [Tue, 15 Jul 2014 08:49:50 +0000 (08:49 +0000)]
Create /etc/sysctl.conf based upon the 3 variables we might want to set
at install time.
ok aja
deraadt [Tue, 15 Jul 2014 08:31:56 +0000 (08:31 +0000)]
Move more user-unmutable files to the base set, as well as all the
directories. sysctl.conf moves this time also.
deraadt [Tue, 15 Jul 2014 08:28:43 +0000 (08:28 +0000)]
sysctl.conf moves to etc/examples
miod [Mon, 14 Jul 2014 18:16:27 +0000 (18:16 +0000)]
Make sure to correctly exit the loop in priv_flush_routes() in case of
allocation failure; ok krw@
deraadt [Mon, 14 Jul 2014 12:18:30 +0000 (12:18 +0000)]
In the next step, stop accepting the nibble-swapped protocol for 5.6.
This completes the transition. A cvs log and diff will tell the story
of why we went through this.
with david.dahlberg@fkie.fraunhofer.de and claudio
deraadt [Mon, 14 Jul 2014 10:42:01 +0000 (10:42 +0000)]
sync
jasper [Mon, 14 Jul 2014 10:23:58 +0000 (10:23 +0000)]
whitespace
ajacoutot [Mon, 14 Jul 2014 10:15:33 +0000 (10:15 +0000)]
Add shebang to make it clear these files are shell scripts (they are
explicitely executed by sh(1)).
discussed with deraadt@
ajacoutot [Mon, 14 Jul 2014 10:10:44 +0000 (10:10 +0000)]
quiet /etc/rc.shutdown, it may not exist.
ok deraadt@
zhuk [Mon, 14 Jul 2014 09:51:16 +0000 (09:51 +0000)]
Enable ext2fs support on RAMDISK_CD. Requested a few months ago in
private mail. We already have mount_ext2fs there, so it's likely to
be just forgotten to be enabled.
kirby@ kindly tested that kernel still fits.
okay deraadt
deraadt [Mon, 14 Jul 2014 09:48:50 +0000 (09:48 +0000)]
not needed anymore
ajacoutot [Mon, 14 Jul 2014 09:44:45 +0000 (09:44 +0000)]
This isn't C.
ajacoutot [Mon, 14 Jul 2014 09:44:07 +0000 (09:44 +0000)]
Only set kern.securelevel=1 if it was not lowered nor bumped by
rc.securelevel,
with deraadt@
ajacoutot [Mon, 14 Jul 2014 09:42:50 +0000 (09:42 +0000)]
Consistency.
ajacoutot [Mon, 14 Jul 2014 09:42:27 +0000 (09:42 +0000)]
Do not output anything by default, to be consistent with the other
site-specific rc.* files, the comment is enough.
ok deraadt@
jsing [Mon, 14 Jul 2014 09:26:27 +0000 (09:26 +0000)]
Convert ftp(1) to libressl, rather than rolling in^W^Whand rolling libssl.
ok beck@ deraadt@
ajacoutot [Mon, 14 Jul 2014 09:21:04 +0000 (09:21 +0000)]
No more "securelevel" variable.
pelikan [Mon, 14 Jul 2014 09:19:21 +0000 (09:19 +0000)]
powerdown=YES has been removed.
ok deraadt
ajacoutot [Mon, 14 Jul 2014 09:14:11 +0000 (09:14 +0000)]
powerdown is gone.
ajacoutot [Mon, 14 Jul 2014 09:12:43 +0000 (09:12 +0000)]
Add /etc/examples/
prodded by jmc@
ajacoutot [Mon, 14 Jul 2014 09:11:27 +0000 (09:11 +0000)]
/etc/rc already takes care of creating /var/run/utmp.
ok deraadt@ giovanni@
deraadt [Mon, 14 Jul 2014 09:04:02 +0000 (09:04 +0000)]
rc.{local,securelevel,shutdown} become examples. If versions of them
are created in /etc, they are executed (they used to be sourced) to
avoid polluting the rc variable space. The powerdown= and securelevel=
features are removed; they are likely only used by 2 people. the
secureleve is now always raised; this is the only sensible default.
ok ajacoutot
reyk [Mon, 14 Jul 2014 09:03:08 +0000 (09:03 +0000)]
Track Connection: Keep-Alive
rapha [Mon, 14 Jul 2014 08:55:07 +0000 (08:55 +0000)]
Write to the correct control module registers when configuring gpio pins.
Tested and ok joshe@
pelikan [Mon, 14 Jul 2014 08:54:13 +0000 (08:54 +0000)]
better type safety and KNF.
Because ext2fs has only 32-bit inode numbers, use ufsino_t as in FFS.
Disk blocks are u_int32_t as well, because we don't support the 64BIT flag.
When we do, there's going to be a lot more going on than just daddr_t.
While there, add some journaling-related bits into the superblock to play with.
ok guenther
schwarze [Mon, 14 Jul 2014 08:49:27 +0000 (08:49 +0000)]
The file /etc/exports is now optional and not installed by default,
so do not complain when it is absent.
issue found by and patch ok by ajacoutot@
"I don't do perl, but seems ok" deraadt@
espie [Mon, 14 Jul 2014 08:47:49 +0000 (08:47 +0000)]
unhardcode db paths.
put pruning of paths back early: these happen to be in the source db for
the most part, so if we auto-detect source first, we lose.
uebayasi [Mon, 14 Jul 2014 08:36:31 +0000 (08:36 +0000)]
More comment cleanup in boot().
zhuk [Mon, 14 Jul 2014 08:22:10 +0000 (08:22 +0000)]
Add TEST_ENV and ALL_TEST_ENV description.
miod [Mon, 14 Jul 2014 08:21:47 +0000 (08:21 +0000)]
Fix memory leak upon error in ssl_parse_clienthello_use_srtp_ext().
From BoringSSL.
espie [Mon, 14 Jul 2014 08:15:20 +0000 (08:15 +0000)]
explicit copyright, as authorized by Thomas. Thanks!
deraadt [Mon, 14 Jul 2014 08:14:08 +0000 (08:14 +0000)]
sync
beck [Mon, 14 Jul 2014 08:11:34 +0000 (08:11 +0000)]
revert free checks in here. this seems to be a bit too agressive at the
moment and now is not the time. hitting these in here causes chaos.
We need to do these, but at a better time than right after a hackathon
and before release.
ok guenther@
pelikan [Mon, 14 Jul 2014 07:22:06 +0000 (07:22 +0000)]
international currency locale rules as per POSIX.1-2008
required for libc++
ok guenther afresh1
jmc [Mon, 14 Jul 2014 06:44:11 +0000 (06:44 +0000)]
use Nx;
jmc [Mon, 14 Jul 2014 06:39:23 +0000 (06:39 +0000)]
remove the never installed getmntopts.3 page, as well as the
corresponding comment in Makefile;
ok claudio deraadt
guenther [Mon, 14 Jul 2014 06:00:22 +0000 (06:00 +0000)]
Constipate st_hash()
guenther [Mon, 14 Jul 2014 05:59:26 +0000 (05:59 +0000)]
Oops: resurrect cached file that wasn't ripe for deletion
guenther [Mon, 14 Jul 2014 05:58:19 +0000 (05:58 +0000)]
Delete pointless 'return;' at end of function
guenther [Mon, 14 Jul 2014 05:54:19 +0000 (05:54 +0000)]
Fix an off-by-one error that's already been accepted upstream
deraadt [Mon, 14 Jul 2014 05:54:12 +0000 (05:54 +0000)]
Repair handling of ^C and ^D around command prompts, by inserting
correct newlines. Of course, that means removing stdio use from
signal handlers. Can we find someone to rewrite the entire interactive
half of this program?
ok guenther
guenther [Mon, 14 Jul 2014 05:53:29 +0000 (05:53 +0000)]
Instead of using a variable format string to change the field width,
use %*s and just put the width in a variable
guenther [Mon, 14 Jul 2014 05:49:14 +0000 (05:49 +0000)]
Add sendsyslog too, and sort
guenther [Mon, 14 Jul 2014 05:48:18 +0000 (05:48 +0000)]
Update for arc4random and syslog changes
guenther [Mon, 14 Jul 2014 05:44:59 +0000 (05:44 +0000)]
Update systrace policies for arc4random changes
guenther [Mon, 14 Jul 2014 05:41:00 +0000 (05:41 +0000)]
Eliminate a warning from -Wformat=2 by using an additional 'prefix'
variable instead of using a variable format string for printf
deraadt [Mon, 14 Jul 2014 05:03:04 +0000 (05:03 +0000)]
sync
deraadt [Mon, 14 Jul 2014 05:00:56 +0000 (05:00 +0000)]
Move rc.{local,shutdown,securelevel} to examples, as discusssed with
ajacoutot and robert
deraadt [Mon, 14 Jul 2014 04:02:33 +0000 (04:02 +0000)]
Create a socketpair() and tie one end to /dev/klog using ioctl LIOCSFD.
This allows us to receive messages direct from programs using the
fd-safe sendsyslog(2), aka. syslog_r(3). Thanks to guenther for this part
of the solution.
ok beck tedu miod guenther
deraadt [Mon, 14 Jul 2014 03:54:50 +0000 (03:54 +0000)]
Now that we have sendsyslog(2), we can directly use it in the
(previously completely retarded) stack_smash_handler of ld.so
ok beck miod tedu
deraadt [Mon, 14 Jul 2014 03:53:36 +0000 (03:53 +0000)]
crank major for syslog_r(3) using sendsyslog(2). new kernel needed, too.
deraadt [Mon, 14 Jul 2014 03:52:04 +0000 (03:52 +0000)]
Convert syslog_r(3) to using sendsyslog(2). This ensures that syslog_r(3)
can be used anywhere (signal handler, stack protector fault handler) as
long as the format string does not contain floating point.
ok tedu miod beck
deraadt [Mon, 14 Jul 2014 03:45:55 +0000 (03:45 +0000)]
check for existance of rc.shutdown, before sourcing it
dlg [Mon, 14 Jul 2014 03:45:43 +0000 (03:45 +0000)]
now that receive ring accounting has been pulled out of the mbuf layer,
we can pull the space the mbuf layer used to do per interface accounting
out of struct if_data.
saves a hundredish bytes on every interface.
ok deraadt@ claudio@
deraadt [Mon, 14 Jul 2014 01:36:00 +0000 (01:36 +0000)]
sync
jsing [Mon, 14 Jul 2014 01:05:36 +0000 (01:05 +0000)]
Hook in libressl to regress.
deraadt [Mon, 14 Jul 2014 01:01:27 +0000 (01:01 +0000)]
enter libressl for make includes