jmc [Sat, 24 Jun 2017 06:57:04 +0000 (06:57 +0000)]
spelling;
djm [Sat, 24 Jun 2017 06:38:11 +0000 (06:38 +0000)]
don't pass pointer to struct sshcipher between privsep processes,
just redo the lookup in each using the already-passed cipher name.
bz#2704 based on patch from Brooks Davis; ok markus dtucker
djm [Sat, 24 Jun 2017 06:35:24 +0000 (06:35 +0000)]
regress test for ExposeAuthInfo
djm [Sat, 24 Jun 2017 06:34:38 +0000 (06:34 +0000)]
refactor authentication logging
optionally record successful auth methods and public credentials
used in a file accessible to user sessions
feedback and ok markus@
jmc [Sat, 24 Jun 2017 06:28:50 +0000 (06:28 +0000)]
word fix;
djm [Sat, 24 Jun 2017 05:37:44 +0000 (05:37 +0000)]
switch sshconnect.c from (slightly abused) select() to poll();
ok deraadt@ a while back
djm [Sat, 24 Jun 2017 05:35:05 +0000 (05:35 +0000)]
use HostKeyAlias if specified instead of hostname for matching host
certificate principal names; bz#2728; ok dtucker@
djm [Sat, 24 Jun 2017 05:24:11 +0000 (05:24 +0000)]
no need to call log_init to reinitialise logged PID in child sessions,
since we haven't called openlog() in log_init() since 1999; ok markus@
schwarze [Fri, 23 Jun 2017 22:59:27 +0000 (22:59 +0000)]
Consistently treat character escape sequences as operators,
not as letters, even if their names contain letters.
This is certainly not perfect, but code to recognize that \(*a is
not an operator but a letter would need a huge table, or Unicode
character property support, which won't happen at this time.
schwarze [Fri, 23 Jun 2017 21:04:34 +0000 (21:04 +0000)]
splitting a text box sometimes requires wrapping it in a list
bluhm [Fri, 23 Jun 2017 20:57:51 +0000 (20:57 +0000)]
Make libiberty test programs compile and run without segfault.
schwarze [Fri, 23 Jun 2017 19:56:57 +0000 (19:56 +0000)]
delete unused "lastline" state variable and some commented out lines;
no functional change
krw [Fri, 23 Jun 2017 19:51:07 +0000 (19:51 +0000)]
Once you have forked into two processes, setting a global flag
in one process does not mean the other process can see the
change. Nuke the pointless IFI_NEW_LLADDR.
schwarze [Fri, 23 Jun 2017 19:16:49 +0000 (19:16 +0000)]
delete warning about missing whitespace before trailing punctuation;
mandoc handles this now, not in exactly the same way, but catching
all the important cases, and with less false positives;
no objection from jmc@
mikeb [Fri, 23 Jun 2017 19:09:21 +0000 (19:09 +0000)]
Event interrupt handler should call hv_channel_schedule now
schwarze [Fri, 23 Jun 2017 19:07:25 +0000 (19:07 +0000)]
delete -r, RCS id checks are now covered by mandoc,
and garbage collect the unused "inliteral" state variable;
ok jmc@
mikeb [Fri, 23 Jun 2017 19:07:13 +0000 (19:07 +0000)]
Request deferred interrupt processing
mikeb [Fri, 23 Jun 2017 19:05:42 +0000 (19:05 +0000)]
Introduce deferred interrupt processing capability
Hyper-V interrupts seem to be sometimes delivered before the message
becomes available on the channel ring. This is reproducible on hvs(4)
under load. This change is modelled on the workaround found in the
Linux driver.
mikeb [Fri, 23 Jun 2017 18:54:44 +0000 (18:54 +0000)]
s/membar_sync/virtio_membar_sync/
mikeb [Fri, 23 Jun 2017 18:51:28 +0000 (18:51 +0000)]
Finish up minor changes in the output and clear the BATCHED channel flag
krw [Fri, 23 Jun 2017 16:18:02 +0000 (16:18 +0000)]
Oops. Remove extraneous 'return' and some braces from
priv_write_resolv_conf() code that was moved into the
dispatch loop.
krw [Fri, 23 Jun 2017 16:09:38 +0000 (16:09 +0000)]
Use a const char * for "/etc/resolv.conf.tail" instead of repeating the
text in various forms in different error messages. Also makes the error
messages consistent by always displaying the full path name.
krw [Fri, 23 Jun 2017 15:40:56 +0000 (15:40 +0000)]
Take reyk's imsg resolv.conf improvements of a while ago to their
logical conclusion.
Nuke _PATH_RESOLV_CONF since the value is only meant to be
known inside priv_write_resolv_conf(). Just use a local const char *.
Bring priv_write_resolv_conf() into line with other priv_ functions
invoked from the dispatch loop. i.e. don't pass it the imsg, just pass
a pointer to the data and a size after ensuring there is data to pass.
nicm [Fri, 23 Jun 2017 15:36:52 +0000 (15:36 +0000)]
Add user-keys option to allow user-defined keys to be set, from Dan
Aloni.
kevlo [Fri, 23 Jun 2017 14:41:54 +0000 (14:41 +0000)]
- Fix Tx queues to USB endpoints mapping and merge urtwn_r92c_dma_init()
and urtwn_r88e_dma_init() into one; from FreeBSD r291902.
- Change the way the number of pages for public queue is calculated;
Based on the vendor driver's _InitQueueReservedPage(), the formula for
calculation of the number of pages for public priority queue is as follows:
if the device has 3 endpoints:
PUBQ = total number of Tx pages - HQ - LQ - NQ
if the device has 2 endpoints (i.e. has high and normal priority queues):
PUBQ = total number of Tx pages - HQ - NQ
- Don't write MCS8..MCS15 Tx power if the WNIC is a 1-stream Tx;
- Set R88E_TX_PAGE_COUNT to a correct value;
- Minimal enhancement in urtwn_open_pipes() for upcoming rtl8192eu chipset
support;
Tested with USB-N10 Nano (rtl8188cu), DWA-131 rev B (rtl8192cu), and
TL-WN725N v2 (rtl8188eu) on amd64.
ok stsp@
fcambus [Fri, 23 Jun 2017 12:56:25 +0000 (12:56 +0000)]
Remove unused confirm() and datime() functions.
Those functions are unused and have been compiled out since 1998,
it's time to let them go.
OK sthen@, tom@, mestre@
jsg [Fri, 23 Jun 2017 11:54:22 +0000 (11:54 +0000)]
Always include Makefile.dep, conditionally including it based on the
existence of a .depend file can lead to various problems.
The logic before rev 1.15 resulted in Makefile.dep always being
included as DEPENDSFILE was never set so this returns to the old
behaviour.
ok espie@
bluhm [Fri, 23 Jun 2017 11:18:12 +0000 (11:18 +0000)]
Resetting the mbuf header in if_input_local() was stripping off the
M_LOOP flag. This broke IPv6 multicast. Always set M_LOOP when
going through if_input_local() and adjust the flag's comment.
report rzalamena@; OK mpi@
mpi [Fri, 23 Jun 2017 09:55:10 +0000 (09:55 +0000)]
Unbreak profiling assembly functions in userland by defining the
correct prologue if compiled with -DPROF.
ok deraadt@
mestre [Fri, 23 Jun 2017 07:24:48 +0000 (07:24 +0000)]
When using the escape sequence &~ the code path is client_loop() ->
client_simple_escape_filter() -> process_escapes() -> fork() and the pledge for
this path lacks the proc promise and therefore aborts the process.
The solution is to just add proc the promise to this specific pledge.
Reported by Gregoire Jadi gjadi ! omecha.info
Insight with tb@, OK jca@
tedu [Fri, 23 Jun 2017 06:07:51 +0000 (06:07 +0000)]
i didn't know we had clang-local until reminded by jsg.
mention the disabling of ident strings.
dtucker [Fri, 23 Jun 2017 03:30:42 +0000 (03:30 +0000)]
Import regenerated moduli.
dtucker [Fri, 23 Jun 2017 03:25:53 +0000 (03:25 +0000)]
Run the screen twice so we end up with more candidate groups. ok djm@
schwarze [Fri, 23 Jun 2017 02:31:39 +0000 (02:31 +0000)]
Write text boxes as <mi>, <mn>, or <mo> as appropriate,
and write fontstyle or fontweight attributes where required.
Missing features reported by bentley@.
dlg [Fri, 23 Jun 2017 01:21:55 +0000 (01:21 +0000)]
set the alignment of the per cpu cache structures to CACHELINESIZE.
hardcoding 64 is too optimistic.
dlg [Fri, 23 Jun 2017 01:02:18 +0000 (01:02 +0000)]
change the semantic for calculating when to grow the size of a cache list.
previously it would figure out if there's enough items overall for
all the cpus to have full active an inactive free lists. this
included currently allocated items, which pools wont actually hold
on a free list and cannot predict when they will come back.
instead, see if there's enough items in the idle lists in the depot
that could instead go on all the free lists on the cpus. if there's
enough idle items, then we can grow.
tested by hrvoje popovski and amit kulkarni
ok visa@
schwarze [Fri, 23 Jun 2017 00:30:17 +0000 (00:30 +0000)]
Simplify font handling:
1. Inherit the font attribute from the parent box, such that iteration
is no longer required to find the current font.
2. For well-known function name tokens, do not insert an EQN_LISTONE
box into the AST; simply set the font attribute of the text box
itself that contains the name.
Also improve word splitting of unquoted strings in default font mode:
3. Split between numbers and punctuation because both will soon get
different HTML markup.
4. Do not split between letters. With the newly ubiquitious font
attributes, all formatters will be able to figure out what to do
without putting each letter into a separate box.
deraadt [Thu, 22 Jun 2017 21:26:54 +0000 (21:26 +0000)]
i386 uses a intentional fallthrough between appended code blocks in .init,
which we cannot TRAPSLED FILL. This needs to be done a different way.
diagnosis with kettenis
benno [Thu, 22 Jun 2017 20:44:36 +0000 (20:44 +0000)]
Do not interpret an empty path as current working directory "." when
parsing LD_LIBRARY_PATH, and in DT_RPATH and DT_RUNPATH attributes and
in ld.so.hints.
ok deraadt@
fcambus [Thu, 22 Jun 2017 20:38:32 +0000 (20:38 +0000)]
Close file descriptor on an exit path.
OK gsoares@
bluhm [Thu, 22 Jun 2017 20:17:22 +0000 (20:17 +0000)]
Perl on 32 bit architectures does not support pack('Q'), replace
it with 'NN'.
bluhm [Thu, 22 Jun 2017 20:06:14 +0000 (20:06 +0000)]
Get the framework from relayd regress to start switchd on demand.
This allows to run the test without manual setup.
bluhm [Thu, 22 Jun 2017 18:07:30 +0000 (18:07 +0000)]
Do not skip any crypto tests. Remove useless make code, use defaults
where appropriate.
OK mikeb@
anton [Thu, 22 Jun 2017 18:05:31 +0000 (18:05 +0000)]
Make sure to abort loops when pressing ^C in csh.
Regression found by deraadt@
jsing [Thu, 22 Jun 2017 18:03:57 +0000 (18:03 +0000)]
Use the tls_password_cb() callback with all PEM_read_bio_*() calls, so that
we can prevent libcrypto from going behind our back and trying to read
passwords from standard input (which we may not be permitted to do).
Found by jsg@ with httpd and password protected keys.
jsing [Thu, 22 Jun 2017 17:58:54 +0000 (17:58 +0000)]
Fix incorrect indentation.
jsing [Thu, 22 Jun 2017 17:55:48 +0000 (17:55 +0000)]
Plug a memory leak in tls_keypair_cert_hash(), introduced in r1.60.
mikeb [Thu, 22 Jun 2017 17:48:42 +0000 (17:48 +0000)]
Pick rijndael.c lost after backout; requested by bluhm@
jsing [Thu, 22 Jun 2017 17:47:56 +0000 (17:47 +0000)]
Remove dead code that has remained hiding since ressl.c r1.14!
jsing [Thu, 22 Jun 2017 17:34:25 +0000 (17:34 +0000)]
Use the standard `rv' idiom in tls_keypair_load_cert(), rather than
duplicating clean up code.
jsing [Thu, 22 Jun 2017 17:28:00 +0000 (17:28 +0000)]
Distinguish between self-issued certificates and self-signed certificates.
The certificate verification code has special cases for self-signed
certificates and without this change, self-issued certificates (which it
seems are common place with openvpn/easyrsa) were also being included in
this category.
Based on BoringSSL.
Thanks to Dale Ghent <daleg at elemental dot org> for assisting in
identifying the issue and testing this fix.
ok inoguchi@
espie [Thu, 22 Jun 2017 17:09:10 +0000 (17:09 +0000)]
zap trailing spaces from the previous commits and also other trailing
spaces
espie [Thu, 22 Jun 2017 17:08:20 +0000 (17:08 +0000)]
better display of cycles in -j mode.
lots of tests by krw@
review and comments by pirofti@, more tweaks to come
bluhm [Thu, 22 Jun 2017 16:10:34 +0000 (16:10 +0000)]
Convert shell script tests to regress make rules. Having only one
tool and more verbosity allows better debugging. Additional tests
check that gzip and gunzip preserve file permissions and ownership.
deraadt [Thu, 22 Jun 2017 16:03:36 +0000 (16:03 +0000)]
Adjust relink procedure to use new targets. Better use semantics for
users and developers.
diff from rpe, ok tb
deraadt [Thu, 22 Jun 2017 16:02:42 +0000 (16:02 +0000)]
compile.tgz no longer needs to contain machine/ subdir, instead it needs
makegap.sh
ok tb
deraadt [Thu, 22 Jun 2017 16:01:45 +0000 (16:01 +0000)]
Generate a gap.link script, and use that to generate gap.o. On multi-ABI
architectures we must also link against a gapdummy.o to repair the ABI
of the resulting .o file. Woe is me.
Also repair install: target to update the linkkit & hash when a kernel
is installed.
ok rpe tb mlarkin and tested by others also
deraadt [Thu, 22 Jun 2017 15:57:16 +0000 (15:57 +0000)]
Generate the newbsd: and install-update: targets here, rather than
in the source Makefile.* files.
ok tb rpe mlarkin
deraadt [Thu, 22 Jun 2017 15:56:29 +0000 (15:56 +0000)]
calculate a "sum" based upon pointers to functions all over the kernel,
so that an unhibernate kernel can detect if it is running with the
kernel it booted.
ok mlarkin
krw [Thu, 22 Jun 2017 15:08:53 +0000 (15:08 +0000)]
Drop support for old (>4yr) timestamp formats in leases
files.
ok tb@ millert@
visa [Thu, 22 Jun 2017 14:40:20 +0000 (14:40 +0000)]
Improve the coalescing of instruction cache flushes on R8000 in order
not to perform redundant work. There is no direct way to flush the
cache; rather, the kernel evicts unwanted bits from the cache by
executing a block of instructions, which is expensive.
With this diff, make build time decreases about 0.4%.
Diff from miod@
jmc [Thu, 22 Jun 2017 13:51:49 +0000 (13:51 +0000)]
typo; from jack burton
tom [Thu, 22 Jun 2017 13:21:10 +0000 (13:21 +0000)]
Tidy up comment about double load opcodes in m88k/eh_common.S (and fix ;; -> ||)
ok miod@
tom [Thu, 22 Jun 2017 11:34:51 +0000 (11:34 +0000)]
Fix the remaining ';;'s in sys/
jmatthew [Thu, 22 Jun 2017 06:21:12 +0000 (06:21 +0000)]
Add a hypervisor-specific function pointer in pvbus(4) that gets called during
cpu_hatch() on each cpu, allowing initialization of per-cpu features on each
cpu as it starts up.
input from reyk@ and mikeb@
ok mikeb@
tom [Thu, 22 Jun 2017 05:32:47 +0000 (05:32 +0000)]
Fix another ;; in sys/dev
deraadt [Thu, 22 Jun 2017 02:44:37 +0000 (02:44 +0000)]
double ;;. xhci one found by geoffhill
dlg [Thu, 22 Jun 2017 02:30:34 +0000 (02:30 +0000)]
items get returns to pools with pool_put, not pool_get.
deraadt [Thu, 22 Jun 2017 01:26:28 +0000 (01:26 +0000)]
Only print the magic '&' letter on a disk if the hibernate partition is
valid. This is an undocumented little debugging diagnostic, much like
the '*'.
schwarze [Thu, 22 Jun 2017 00:30:06 +0000 (00:30 +0000)]
Fix font selection for text boxes in the terminal formatter.
Issue reported by bentley@.
The AST data structure is powerful enough that all required
information can easily be provided in the parser, and no change
of the formatting code is needed.
deraadt [Wed, 21 Jun 2017 23:54:19 +0000 (23:54 +0000)]
/var/db/kernel.SHA256 contains the hash of the /bsd kernel. Upon
install or upgrade, set it correctly.
diff from rpe, also thanks tb for comments and review
deraadt [Wed, 21 Jun 2017 23:52:55 +0000 (23:52 +0000)]
When building a snapshot, install the compile.tgz file to builder's
/usr/share/ so that next boot will find it and perhaps use it.
ok tb rpe
deraadt [Wed, 21 Jun 2017 23:21:35 +0000 (23:21 +0000)]
Better off padding with 0x0. 0x0 = "break 0,0".
(BTW, the binutils disasm cannot handle that instruction with those
parameters, because the decoder logic is wrong..)
schwarze [Wed, 21 Jun 2017 20:47:46 +0000 (20:47 +0000)]
Outside explicit font context, give every letter its own box.
The formatters need this to correctly select fonts.
Missing feature reported by bentley@.
deraadt [Wed, 21 Jun 2017 20:31:46 +0000 (20:31 +0000)]
elf64_x86_64_plt0_entry had a hardcoded nop-sled, before the subsequent
plt entry. Since previous effective instruction is a a jmp, this can be
a sequence of traps.
ok mlarkin
deraadt [Wed, 21 Jun 2017 20:29:39 +0000 (20:29 +0000)]
Intra-segment traps instead of nops. Similar to kernel change, further
reduction in nopsleds in code and data segments (if those data segments
ever become X, that is)
ok mlarkin
deraadt [Wed, 21 Jun 2017 20:08:53 +0000 (20:08 +0000)]
Fill space between sections with traps, rather than nops.
anton [Wed, 21 Jun 2017 19:36:23 +0000 (19:36 +0000)]
Minor style(9) corrections and whitespace cleanup to csh.
ok deraadt@ tb@
deraadt [Wed, 21 Jun 2017 19:23:12 +0000 (19:23 +0000)]
Large nopsleds make it easier for ROP machinery to sloppily reach targets.
Convert these to "trapsleds' instead. Since these can occur inside
fall-through blocks of code (and gcc sure isn't helping us by identifying
those), convert most to "short jump over" followed a sequence of int3.
This works for sled sizes 3-15, for i386 and amd64. Work by Todd Mortimer
ok mlarkin
anton [Wed, 21 Jun 2017 19:03:30 +0000 (19:03 +0000)]
Add regression tests for the filec feature in csh.
anton [Wed, 21 Jun 2017 18:55:15 +0000 (18:55 +0000)]
Replace usage of TIOCSTI in csh using a more common IO-loop where ICANON is
disabled and a single char of input is read at a time. This requires the line
editing capabilities provided when ICANON is enabled to be implemented.
With help and feedback from deraadt@
schwarze [Wed, 21 Jun 2017 18:37:38 +0000 (18:37 +0000)]
quoted words are not parsed for defined keys
mikeb [Wed, 21 Jun 2017 18:18:08 +0000 (18:18 +0000)]
Don't confuse SCSI command status and transfer error code.
While here, make SCSI command completion routine more robust.
schwarze [Wed, 21 Jun 2017 18:03:50 +0000 (18:03 +0000)]
Recognize well-known functions names (the same that Heirloom recognizes,
which includes those recognized by groff) and wrap them in a roman box
unless they already are in roman context.
Missing feature reported by bentley@.
deraadt [Wed, 21 Jun 2017 17:13:20 +0000 (17:13 +0000)]
Permit TIOCSTAT on a tty.
tedu [Wed, 21 Jun 2017 16:51:07 +0000 (16:51 +0000)]
For a decade or more, we've patched gcc to make -fno-ident the default.
clang doesn't seem to have a command line option for the feature,
so just hard wire it off. We don't need advertisements in our binaries.
ok deraadt
krw [Wed, 21 Jun 2017 16:39:05 +0000 (16:39 +0000)]
Teach get_recorded_lease() that static leases do not
expire.
mikeb [Wed, 21 Jun 2017 16:37:48 +0000 (16:37 +0000)]
Return early from NVS command submission if no response is required
krw [Wed, 21 Jun 2017 15:49:27 +0000 (15:49 +0000)]
No need to manually check validity of ifi->active when
REBOOT'ing. It will be pointing to a recorded lease if
anything. So rely on get_recorded_lease() to return the
next valid candidate lease, which might be the lease
ifi->active was pointing at.
bluhm [Wed, 21 Jun 2017 15:29:23 +0000 (15:29 +0000)]
Fix kernel diagnostic assertion "(sk->inp == NULL) || (sk->inp->inp_pf_sk
== NULL)". The problem was that setting the inp pointer in the
statekey to NULL was delayed until the statekey refcounter reached
0. So the inp could get linked to another statekey while an mbuf
in the socket buffer was keeping the refcounter at 1. Set the
statekey inp pointer to NULL in pf_state_key_detach() immediately,
then the kassert can be even stricter.
OK sashan@
krw [Wed, 21 Jun 2017 15:24:34 +0000 (15:24 +0000)]
Consistently use time(&var) idiom rather than tossing in a few
var = time(NULL). Flip "struct interface *" to be the first
parameter in set_timeout(), as in other functions taking the
state info.
krw [Wed, 21 Jun 2017 12:37:24 +0000 (12:37 +0000)]
Allow familiar idiom free_client_lease(NULL).
mikeb [Wed, 21 Jun 2017 11:35:11 +0000 (11:35 +0000)]
Include the request id in the I/O debug output
akfaew [Wed, 21 Jun 2017 08:21:14 +0000 (08:21 +0000)]
List all five devices, not just the first two.
OK jmc@ sf@
deraadt [Wed, 21 Jun 2017 06:24:28 +0000 (06:24 +0000)]
sync
espie [Wed, 21 Jun 2017 00:11:36 +0000 (00:11 +0000)]
error out if an exists condition tests an empty path, because that makes
zero sense.
this would have caught DEPENDSFILE in gnu/cc/cc_tools
okay guenther@, also tested by krw@
espie [Wed, 21 Jun 2017 00:10:23 +0000 (00:10 +0000)]
DEPENDSFILE comes from FreeBSD, we don't have it. replace it with its
value .depend, so that the conditional is really used.
okay guenther@
deraadt [Tue, 20 Jun 2017 21:05:46 +0000 (21:05 +0000)]
use [] instead of * for reaching regions to unmap, making this more
similar to smashing versions written by visa
akfaew [Tue, 20 Jun 2017 20:40:54 +0000 (20:40 +0000)]
Fix a path in Makequest and remove hack.sh (it never worked).
OK tb@
akfaew [Tue, 20 Jun 2017 20:24:07 +0000 (20:24 +0000)]
Remove locate.concatdb, it never worked.
OK millert@