openbsd
9 years agoadd missing splx calls
jsg [Sat, 2 May 2015 14:33:19 +0000 (14:33 +0000)]
add missing splx calls
ok miod@

9 years agoHoist common assignments out of a series of if/if-else statements
krw [Sat, 2 May 2015 14:29:32 +0000 (14:29 +0000)]
Hoist common assignments out of a series of if/if-else statements
in get_token(). Simplifies code and shrinks future diff.

No intentional functional change.

9 years agoFix obvious problems with relayd config reload.
claudio [Sat, 2 May 2015 13:15:24 +0000 (13:15 +0000)]
Fix obvious problems with relayd config reload.
- fix a TAILQ corruption because of a use after free
- do not reinit the SSL engine since that fails
OK sthen, benno

9 years agoCorrect switch between current and previous line buffers when
krw [Sat, 2 May 2015 12:37:35 +0000 (12:37 +0000)]
Correct switch between current and previous line buffers when
encountering a carriage return in the input.

Found by jsg@ a long time ago in a respository far, far away.

9 years agorework hppa mutexes.
dlg [Sat, 2 May 2015 10:59:47 +0000 (10:59 +0000)]
rework hppa mutexes.

this is largely based on src/sys/arch/alpha/alpha/mutex.c r1.14 and
src/sys/arch/sgi/sgi/mutex.c r1.15

always and explicitely record which cpu owns the lock (or NULL if
noone owns it). improve the mutex diagnostics/asserts so they operate
on the mtx_owner field rather than mtx_lock. previously the asserts
would assume the lock cpu owns the lock if any of them own the lock,
which blows up badly.

hppa hasnt got good atomic cpu opcodes, so this still relies on
ldcws to serialise access to the lock.

while im here i also shuffled the code. on MULTIPROCESSOR systems
instead of duplicating code between mtx_enter and mtx_enter_try,
mtx_enter simply loops on mtx_enter_try until it succeeds.

this also provides an alternative implementation of mutexes on
!MULTIPROCESSOR systems that avoids interlocking opcodes. mutexes
wont contend on UP boxes, theyre basically wrappers around spls.
we can just do the splraise, stash the owner as a guard value for
DIAGNOSTIC and return. similarly, mtx_enter_try on UP will never
fail, so we can just call mtx_enter and return 1.

tested by and ok kettenis@ jsing@

9 years agoadd missing splx calls
jsg [Sat, 2 May 2015 10:44:29 +0000 (10:44 +0000)]
add missing splx calls

9 years agoNo more pf_rules ipsec_rules.
ajacoutot [Sat, 2 May 2015 09:36:27 +0000 (09:36 +0000)]
No more pf_rules ipsec_rules.

9 years agoDrop pf_rules and ipsec_rules from rc.conf(5); it shouldn't have been made
ajacoutot [Sat, 2 May 2015 09:35:44 +0000 (09:35 +0000)]
Drop pf_rules and ipsec_rules from rc.conf(5); it shouldn't have been made
tweakable: there's no real point and these files support the 'include' option so
one can always get its config from whatever path... especially useful when
testing a new ruleset.

man page inputs from schwarze@
ok halex@ schwarze@ rpe@ deraadt@

9 years agostatue [sic] day in netherlands antilles becomes kingdom day in the netherlands;
jmc [Sat, 2 May 2015 07:05:38 +0000 (07:05 +0000)]
statue [sic] day in netherlands antilles becomes kingdom day in the netherlands;
thanks paul de weerd for pointers

9 years agoUse strtonum() when parsing argument list, as ping(8) does. Give
krw [Sat, 2 May 2015 00:32:03 +0000 (00:32 +0000)]
Use strtonum() when parsing argument list, as ping(8) does.  Give
or take a cast. Tweak error messages to also be consistant with
ping(8).

Change lower bound of '-h' to 0 from -1 at the request of florian@.

Tweaks and suggestions from, ok florian@

9 years ago- king's birthday now celebrated in the netherlands; from einfach jemand
jmc [Fri, 1 May 2015 18:36:52 +0000 (18:36 +0000)]
- king's birthday now celebrated in the netherlands; from einfach jemand
ok, though not neccessarily endorsed, from/by otto

tim van der molen further requested it be "king's day" and the removal
of antilles

while here i've used an article (*the* netherlands), here and in another
example

9 years agomdoc_valid_post() may indirectly call roff_node_unlink() which may
schwarze [Fri, 1 May 2015 16:56:36 +0000 (16:56 +0000)]
mdoc_valid_post() may indirectly call roff_node_unlink() which may
set ROFF_NEXT_CHILD, which is desirable for the final call to
mdoc_valid_post() - in case the target itself gets deleted, the
parse point may need this adjustment - but not for the intermediate
calls - if intermediate nodes get deleted, that mustn't clobber the
parse point.  So move setting ROFF_NEXT_SIBLING to the proper place
in rew_last().

This fixes the assertion failure in jsg@'s afl test case 108/Apr27.

9 years agoConvert to if_input(), ok miod@
mpi [Fri, 1 May 2015 16:37:32 +0000 (16:37 +0000)]
Convert to if_input(), ok miod@

9 years agoSetting the "last" member of struct roff_node was done at an extremely
schwarze [Fri, 1 May 2015 16:01:53 +0000 (16:01 +0000)]
Setting the "last" member of struct roff_node was done at an extremely
weird place.  Move it to the obviously correct place.
Surprisingly, this didn't cause any misformatting in the test suite
or in any base system manuals, but i cannot believe the code was
really correct for all conceivable input, and it would be very hard
to verify.  At the very least, it cannot have worked for man(7).

9 years agoMinor bug fix: When .Pp rewinds .Nm, rewind the whole block,
schwarze [Fri, 1 May 2015 15:27:17 +0000 (15:27 +0000)]
Minor bug fix:  When .Pp rewinds .Nm, rewind the whole block,
not just the body.  In some unusual edge cases, this caused
the .Pp to become a sibling of the .Nm body inside the .Nm block.

9 years agoConvert to if_input(), ok miod@
mpi [Fri, 1 May 2015 14:56:18 +0000 (14:56 +0000)]
Convert to if_input(), ok miod@

9 years agoregen
jsg [Fri, 1 May 2015 12:46:48 +0000 (12:46 +0000)]
regen

9 years agoCorrect some E5 v2 ids and add E5 v2 R2PCIE.
jsg [Fri, 1 May 2015 12:46:04 +0000 (12:46 +0000)]
Correct some E5 v2 ids and add E5 v2 R2PCIE.
From Hrvoje Popovski.

9 years agoreenable page zeroing thread on SMP mips kernels.
miod [Fri, 1 May 2015 11:18:21 +0000 (11:18 +0000)]
reenable page zeroing thread on SMP mips kernels.

9 years agoDo not grab the kernel lock for clock interrupts. Help and ok kettenis@
miod [Fri, 1 May 2015 11:17:22 +0000 (11:17 +0000)]
Do not grab the kernel lock for clock interrupts. Help and ok kettenis@

9 years agomention that the user's shell from /etc/passwd is used for commands
djm [Fri, 1 May 2015 07:11:47 +0000 (07:11 +0000)]
mention that the user's shell from /etc/passwd is used for commands
too; bz#1459 ok dtucker@

9 years agorefactor ssh_dispatch_run_fatal() to use sshpkt_fatal() to better
djm [Fri, 1 May 2015 07:10:01 +0000 (07:10 +0000)]
refactor ssh_dispatch_run_fatal() to use sshpkt_fatal() to better
report error conditions. Teach sshpkt_fatal() about ECONNRESET.

Improves error messages on TCP connection resets. bz#2257

ok dtucker@

9 years agoa couple of parse targets were missing activep checks, causing them
djm [Fri, 1 May 2015 07:08:08 +0000 (07:08 +0000)]
a couple of parse targets were missing activep checks, causing them
to be misapplied in match context;
bz#2272 diagnosis and original patch from Sami Hartikainen
ok dtucker@

9 years agomake handling of AuthorizedPrincipalsFile=none more consistent
djm [Fri, 1 May 2015 04:17:51 +0000 (04:17 +0000)]
make handling of AuthorizedPrincipalsFile=none more consistent
with other =none options; bz#2288 from Jakub Jelen; ok dtucker@

9 years agoremove failed remote forwards established by muliplexing from the
djm [Fri, 1 May 2015 04:03:20 +0000 (04:03 +0000)]
remove failed remote forwards established by muliplexing from the
list of active forwards; bz#2363, patch mostly by Yoann Ricordel;
ok dtucker@

9 years agoreduce stderr spam when using ssh -S /path/mux -O forward -R 0:...
djm [Fri, 1 May 2015 04:01:58 +0000 (04:01 +0000)]
reduce stderr spam when using ssh -S /path/mux -O forward -R 0:...
ok dtucker@

9 years agoprevent authorized_keys options picked up on public key tests without
djm [Fri, 1 May 2015 03:23:51 +0000 (03:23 +0000)]
prevent authorized_keys options picked up on public key tests without
a corresponding private key authentication being applied to other
authentication methods. Reported by halex@, ok markus@

9 years agoDon't make parsing of authorized_keys' environment= option conditional
djm [Fri, 1 May 2015 03:20:54 +0000 (03:20 +0000)]
Don't make parsing of authorized_keys' environment= option conditional
on PermitUserEnv - always parse it, but only use the result if the
option is enabled. This prevents the syntax of authorized_keys changing
depending on which sshd_config options were enabled.

bz#2329; based on patch from coladict AT gmail.com, ok dtucker@

9 years agoPass fflag to VOP_POLL so vfs fifo functions can get at the file
millert [Fri, 1 May 2015 01:30:58 +0000 (01:30 +0000)]
Pass fflag to VOP_POLL so vfs fifo functions can get at the file
flags to check FREAD/FWRITE if needed.  This will be used by fifo_poll
to avoid checking the write end of the fifo when the fd is read-only.
OK guenther@

9 years agoConvert to if_input().
mpi [Thu, 30 Apr 2015 21:52:49 +0000 (21:52 +0000)]
Convert to if_input().

Tested by jmatthew@

9 years agoAvoid NULL deref in fd_getfile_mode(); OK deraadt@
millert [Thu, 30 Apr 2015 21:18:45 +0000 (21:18 +0000)]
Avoid NULL deref in fd_getfile_mode(); OK deraadt@

9 years agoConvert to if_input().
mpi [Thu, 30 Apr 2015 20:55:23 +0000 (20:55 +0000)]
Convert to if_input().

ok miod@

9 years agoreapply the rules of english to the option keywords: i was persuaded to undo it
jmc [Thu, 30 Apr 2015 20:19:04 +0000 (20:19 +0000)]
reapply the rules of english to the option keywords: i was persuaded to undo it
because the option names are case sensitive, but it just looks awful. so
expect just a little more from the reader...

9 years agoMerge two identical if() statements in ipsp_acquire_sa(). The
millert [Thu, 30 Apr 2015 20:12:33 +0000 (20:12 +0000)]
Merge two identical if() statements in ipsp_acquire_sa().  The
change in ip_spd.c 1.59 makes it appear that there is a cut & pasto.
OK mikeb@

9 years agoupdate currency exchange rates;
jmc [Thu, 30 Apr 2015 19:33:58 +0000 (19:33 +0000)]
update currency exchange rates;

9 years agosync
deraadt [Thu, 30 Apr 2015 19:31:35 +0000 (19:31 +0000)]
sync

9 years agoAdd smtpd(8) spool directories so that they are registered as part of base.
ajacoutot [Thu, 30 Apr 2015 19:02:15 +0000 (19:02 +0000)]
Add smtpd(8) spool directories so that they are registered as part of base.

ok henning@ gilles@ deraadt@

9 years agoSIZE_MAX is no longer in limits.h
millert [Thu, 30 Apr 2015 18:19:25 +0000 (18:19 +0000)]
SIZE_MAX is no longer in limits.h

9 years agoUnset SEPARATE_GOTPLT. We don't want a seperate .got.plt section on OpenBSD,
kettenis [Thu, 30 Apr 2015 17:56:18 +0000 (17:56 +0000)]
Unset SEPARATE_GOTPLT.  We don't want a seperate .got.plt section on OpenBSD,
at least for now, as it would result in a partially writable GOT.  Our
ld.so(1) has the smarts to properly write-protect the single .got, so we
don't need this.

ok guenther@

9 years agoClean up some spacing. No functional change
mlarkin [Thu, 30 Apr 2015 15:49:02 +0000 (15:49 +0000)]
Clean up some spacing. No functional change

9 years agouse strdup() to init string
deraadt [Thu, 30 Apr 2015 15:28:03 +0000 (15:28 +0000)]
use strdup() to init string
ok doug millert

9 years agoDo not free & reallocate a new chunk of memory for the interface
mpi [Thu, 30 Apr 2015 15:19:50 +0000 (15:19 +0000)]
Do not free & reallocate a new chunk of memory for the interface
descriptor during SIOCSIFFLAGS.

This prevent a use after free, triggered by the pool/malloc damage
finder being currently cooked by dlg@ and deraadt@.

ok deraadt@

9 years agoAdd a comment about waitpid, suggested by espie@.
nicm [Thu, 30 Apr 2015 14:30:53 +0000 (14:30 +0000)]
Add a comment about waitpid, suggested by espie@.

9 years agoSet the correct media type for 1000baseLX SFPs.
jsg [Thu, 30 Apr 2015 14:17:26 +0000 (14:17 +0000)]
Set the correct media type for 1000baseLX SFPs.
Tested by/ok sthen@, ok mikeb@

9 years agoTweak comment so it doesn't imply line buffering is needed (any will do
nicm [Thu, 30 Apr 2015 14:16:49 +0000 (14:16 +0000)]
Tweak comment so it doesn't imply line buffering is needed (any will do
so long as it is explicit), and set stderr to NBF not LBF. Pointed out
by espie@.

9 years agoAdd warning when user specifies -R but no files, like GNU grep.
millert [Thu, 30 Apr 2015 13:49:04 +0000 (13:49 +0000)]
Add warning when user specifies -R but no files, like GNU grep.
OK schwarze@ ian@

9 years agoRemove SIZE_MAX from limits.h. It was added years ago before we
millert [Thu, 30 Apr 2015 13:42:08 +0000 (13:42 +0000)]
Remove SIZE_MAX from limits.h.  It was added years ago before we
had a proper stdint.h.  No ports fallout.  OK guenther@ miod@

9 years agoAllow use of 1Gb 1000baseLX SFPs in 82599 ix(4) SFP+ port. Adapted from
sthen [Thu, 30 Apr 2015 13:24:36 +0000 (13:24 +0000)]
Allow use of 1Gb 1000baseLX SFPs in 82599 ix(4) SFP+ port. Adapted from
Linux commit 345be204dcbb. ok jsg@ mikeb@

9 years agoFRELE returns an int not void. It is actually the return value
millert [Thu, 30 Apr 2015 11:46:16 +0000 (11:46 +0000)]
FRELE returns an int not void.  It is actually the return value
of fdrop() (or 0 if the ref count is non-zero).  From Kanonenvogel

9 years agoNow we use p_filesz - 1 to test for NUL check that p_filesz is
jsg [Thu, 30 Apr 2015 11:15:28 +0000 (11:15 +0000)]
Now we use p_filesz - 1 to test for NUL check that p_filesz is
at least two and while here allow the upper bound to be
MAXPATHLEN by changing a >= to > as suggested by krw@ in a thread
on tech where Maxime Villard proposed additional PT_INTERP checks.

tested by and ok guenther@

9 years agoLink report descriptors to known sensors.
mpi [Thu, 30 Apr 2015 10:09:31 +0000 (10:09 +0000)]
Link report descriptors to known sensors.

Since HID buffers always start by a reportID we can access the corresponding
report descriptor in O(1).  Having a list of sensors attached to each report
descriptor makes it easier to update all of them with only on I/O request.

Note that sensors are attached in depency order on every report list.

From David Higgs.

9 years agoInstead of using a single flat array for all sensors, put all the
mpi [Thu, 30 Apr 2015 10:00:50 +0000 (10:00 +0000)]
Instead of using a single flat array for all sensors, put all the
children of a sensor in a separate structure.

Children sensors should only be probbed if their parent is active.
This make the dependency tree explicit and will reduce the number
of I/O.

From David Higgs.

9 years agoConvert to if_input(), tweak and ok dlg@
mpi [Thu, 30 Apr 2015 09:25:13 +0000 (09:25 +0000)]
Convert to if_input(), tweak and ok dlg@

9 years agoIndroduce fd_getfile_mode() and use it were fd_getfile() is directly
mpi [Thu, 30 Apr 2015 09:20:51 +0000 (09:20 +0000)]
Indroduce fd_getfile_mode() and use it were fd_getfile() is directly
followed by a mode check.  This will simplify the ref/unref dance as
soon as fd_getfile() will increment fp's reference counter.

Idea from and ok guenther@, ok millert@

9 years agouse adolf, not adolph, for hitler, to keep it consistent;
jmc [Thu, 30 Apr 2015 09:12:49 +0000 (09:12 +0000)]
use adolf, not adolph, for hitler, to keep it consistent;
remove his suicide entry since it's already listed, more completely,
in calendar.history;

from craig skinner

9 years agoNo need to set `rcvif', if_input() does it for you!
mpi [Thu, 30 Apr 2015 07:52:00 +0000 (07:52 +0000)]
No need to set `rcvif', if_input() does it for you!

9 years agoConvert moar drivers to if_input().
mpi [Thu, 30 Apr 2015 07:51:07 +0000 (07:51 +0000)]
Convert moar drivers to if_input().

ok dlg@

9 years agoError out if the PT_INTERP segment isn't NUL terminated
guenther [Thu, 30 Apr 2015 03:11:21 +0000 (03:11 +0000)]
Error out if the PT_INTERP segment isn't NUL terminated

ok deraadt@ millert@ miod@

9 years agoIf a block body gets broken, that's no good reason to extend the
schwarze [Wed, 29 Apr 2015 21:57:50 +0000 (21:57 +0000)]
If a block body gets broken, that's no good reason to extend the
scope of the end macro.  Instead, only keep the tail scope open if
the end macro macro calls an explicit macro and actually breaks
that.  This corrects syntax tree structure and fixes an assertion
found by jsg@ with afl (test case 098/Apr27).

9 years agoReplace the kludge for the \z escape sequence by an actual
schwarze [Wed, 29 Apr 2015 18:32:57 +0000 (18:32 +0000)]
Replace the kludge for the \z escape sequence by an actual
implementation.  As a side effect, minus ten lines of code.

As another side effect, this also fixes the assertion failure that
used to be triggered by "\z\o'ab'c" at the beginning of an output
line, found by jsg@ with afl (test case 022/Apr27).

9 years agoIn most cases, IP fragments do not have an Ethernet padding. So
bluhm [Wed, 29 Apr 2015 18:05:56 +0000 (18:05 +0000)]
In most cases, IP fragments do not have an Ethernet padding.  So
add a condition to save a useless call to m_adj() and have a paranoid
length check in the other cases.
OK henning@

9 years agosome fine-tuning in SYNOPSIS, usage, and order of options, with jmc
henning [Wed, 29 Apr 2015 16:56:31 +0000 (16:56 +0000)]
some fine-tuning in SYNOPSIS, usage, and order of options, with jmc

9 years agog/c unneeded second char * var, ok benno
henning [Wed, 29 Apr 2015 16:46:39 +0000 (16:46 +0000)]
g/c unneeded second char * var, ok benno

9 years agoDo not complain when directions fail.
nicm [Wed, 29 Apr 2015 16:26:17 +0000 (16:26 +0000)]
Do not complain when directions fail.

9 years agoAdd tmux and tmux-256color entries; this can be used inside tmux for
nicm [Wed, 29 Apr 2015 16:01:48 +0000 (16:01 +0000)]
Add tmux and tmux-256color entries; this can be used inside tmux for
correct italics support.

ok naddy (on a slightly older version)

9 years agoUse if_get() after every tsleep(), in case the bottom half of the driver
deraadt [Wed, 29 Apr 2015 16:00:06 +0000 (16:00 +0000)]
Use if_get() after every tsleep(), in case the bottom half of the driver
has destroyed or damaged the interface clone.
with mpi

9 years agoIf default-terminal is set to "screen" or "screen-*", emulate screen's
nicm [Wed, 29 Apr 2015 15:59:08 +0000 (15:59 +0000)]
If default-terminal is set to "screen" or "screen-*", emulate screen's
historical (incorrect) behaviour for SGR 3 and send smso
(standout). Previously, we would send sitm (italics) if the terminal
outside had it and smso otherwise. This was acceptably until recently
because xterm's terminfo entry lacked sitm, so most users got smso.

People who want italics should set default-terminal to the forthcoming
"tmux" entry (and be prepared to deal with it being missing on older
hosts).

As a side-effect this changes default-terminal to be a server rather
than a session option.

suggested by and ok naddy

9 years agoDo not mark a block with the MDOC_BROKEN flag if it merely contains
schwarze [Wed, 29 Apr 2015 14:48:17 +0000 (14:48 +0000)]
Do not mark a block with the MDOC_BROKEN flag if it merely contains
a mismatching explicit end macro without actually being broken.
Avoids a subsequent upward search for the non-existent breaker
ending up in a NULL pointer access; afl test case 005/Apr27 from jsg@.

9 years agoWhen the last line of a table layout turns out to be empty, it is deleted.
schwarze [Wed, 29 Apr 2015 12:44:10 +0000 (12:44 +0000)]
When the last line of a table layout turns out to be empty, it is deleted.
Do not just free the struct tbl_row but also make sure that no pointer
to it remains.  Fixing a use after free found by jsg@ with afl.

9 years agoCheck arguments before eval so we don't end up with a cryptic error message.
ajacoutot [Wed, 29 Apr 2015 11:05:16 +0000 (11:05 +0000)]
Check arguments before eval so we don't end up with a cryptic error message.
reported by jasper@

While here: _rc_is_supported() -> _rc_not_supported()
- saves a fork
- reduces triple negation to double negation in _rc_not_supported()
- simplifie condition for rc_restart=NO
from schwarze@

ok jasper@ schwarze@

9 years agoImprove the error message in case somebody has configured an invalid PAGER.
schwarze [Wed, 29 Apr 2015 11:03:48 +0000 (11:03 +0000)]
Improve the error message in case somebody has configured an invalid PAGER.
Suggested by Lorenzo Beretta <lory dot fulgi at infinito dot it>.

9 years agosupport passing a template file for the auto-allocation to disklabel.
henning [Wed, 29 Apr 2015 09:58:16 +0000 (09:58 +0000)]
support passing a template file for the auto-allocation to disklabel.
template gives mountpoints, min-max size ranges and percentage of disk
foremost intended for autoinstalls, installer bits to follow soon.
with input from many, ok theo

9 years agoMake some regular expressions more strict. This allows the tests
bluhm [Wed, 29 Apr 2015 08:45:53 +0000 (08:45 +0000)]
Make some regular expressions more strict.  This allows the tests
to pass also if relayd is compiled with DEBUG.

9 years agoWhen the HTTP client did close the connection while relayd was still
bluhm [Wed, 29 Apr 2015 08:41:24 +0000 (08:41 +0000)]
When the HTTP client did close the connection while relayd was still
parsig the HTTP header, the session was never destroyed.  This
resulted in a file descriptor leak.
Add a check wether the protocol knows how much data to expect.  If
relayd is reading unlimited data or is expecting nothing to read,
ignore the end-of-file.  Otherwise it is a protocol violation, so
close the session immediately.
While there, make relayd compile with DEBUG defined.
Based on a diff from claudio@; tested by claudio@; OK claudio@ benno@

9 years agothe non braced do while made my teeth hurt
deraadt [Wed, 29 Apr 2015 06:37:14 +0000 (06:37 +0000)]
the non braced do while made my teeth hurt

9 years agoAlso generate db_structinfo.txt with struct member offset and size info
guenther [Wed, 29 Apr 2015 06:06:38 +0000 (06:06 +0000)]
Also generate db_structinfo.txt with struct member offset and size info

prodded by deraadt@ and miod@

9 years agoDelete the duplicated sched_{policy,param} members from the internal struct
guenther [Wed, 29 Apr 2015 06:01:37 +0000 (06:01 +0000)]
Delete the duplicated sched_{policy,param} members from the internal struct
pthread and instead use the values from the embedded struct pthread_attr.
For bonus points, pay attention to the sched_inherit attribute and possibly
set the values from the parent thread.

Problem noted by natano of bitrig.

9 years agoAdd tests for ListenAddress/Port/AddressFamily in alternate orders.
dtucker [Wed, 29 Apr 2015 05:23:27 +0000 (05:23 +0000)]
Add tests for ListenAddress/Port/AddressFamily in alternate orders.

9 years agoRemove a check for NULL that would have been after a NULL dereference
jsg [Wed, 29 Apr 2015 04:43:25 +0000 (04:43 +0000)]
Remove a check for NULL that would have been after a NULL dereference
if callers of save_vec() weren't expected to pass a non NULL pointer
as an argument.

ok kettenis@

9 years agoMove a variable's initialisation so a panic will work as intended.
jsg [Wed, 29 Apr 2015 04:29:23 +0000 (04:29 +0000)]
Move a variable's initialisation so a panic will work as intended.

ok guenther@ deraadt@

9 years agoChange internal xrealloc() to a idiom-following xreallocarray().
deraadt [Wed, 29 Apr 2015 04:00:25 +0000 (04:00 +0000)]
Change internal xrealloc() to a idiom-following xreallocarray().
This loses a "new size is 0" failure case.  Probably not relevant;
and since we develop this in OpenBSD, we'll catch that before someone
else imports this...
ok millert

9 years agoAllow ListenAddress, Port and AddressFamily in any order. bz#68,
dtucker [Wed, 29 Apr 2015 03:48:56 +0000 (03:48 +0000)]
Allow ListenAddress, Port and AddressFamily in any order.  bz#68,
ok djm@, jmc@ (for the man page bit).

9 years agoAdd whitespace and replace OPENSSL_free with free in documentation.
doug [Wed, 29 Apr 2015 02:11:09 +0000 (02:11 +0000)]
Add whitespace and replace OPENSSL_free with free in documentation.

ok jsing@

9 years agoCall CBB_add_space() rather than reimplementing it.
doug [Wed, 29 Apr 2015 02:02:46 +0000 (02:02 +0000)]
Call CBB_add_space() rather than reimplementing it.

ok jsing@

9 years agoRename cbb_buffer_add_u to cbb_add_u and remove redundant code.
doug [Wed, 29 Apr 2015 01:49:28 +0000 (01:49 +0000)]
Rename cbb_buffer_add_u to cbb_add_u and remove redundant code.

All of cbb_buffer_add_u's callers first call CBB_flush and send cbb->base.
cbb_add_u() now has that common code in one place.

ok jsing@

9 years agoAdded len_len error checking for internal cbb_buffer_add_u().
doug [Wed, 29 Apr 2015 01:39:32 +0000 (01:39 +0000)]
Added len_len error checking for internal cbb_buffer_add_u().

ok jsing@

9 years agoCall CBS_mem_equal() rather than reimplementing it.
doug [Wed, 29 Apr 2015 01:31:39 +0000 (01:31 +0000)]
Call CBS_mem_equal() rather than reimplementing it.

ok jsing@

9 years agoAvoid NULL deref in CBS_get_any_asn1_element().
doug [Wed, 29 Apr 2015 01:27:34 +0000 (01:27 +0000)]
Avoid NULL deref in CBS_get_any_asn1_element().

This function is documented as allowing NULL for out_header_len.

ok jsing@

9 years agoAdded error checking for len argument in cbs_get_u().
doug [Wed, 29 Apr 2015 01:23:20 +0000 (01:23 +0000)]
Added error checking for len argument in cbs_get_u().

tweak + ok jsing@

9 years agofree() can handle NULL.
doug [Wed, 29 Apr 2015 01:16:06 +0000 (01:16 +0000)]
free() can handle NULL.

ok jsing@

9 years agoAdd missing #include <stdint.h> for SIZE_MAX
millert [Wed, 29 Apr 2015 00:42:12 +0000 (00:42 +0000)]
Add missing #include <stdint.h> for SIZE_MAX

9 years agoReject dNSName of " " for subjectAltName extension.
doug [Wed, 29 Apr 2015 00:24:31 +0000 (00:24 +0000)]
Reject dNSName of " " for subjectAltName extension.

RFC 5280 says " " must not be used as a dNSName.

ok jsing@ jca@

9 years agoAdd missing #include <stdint.h> for SIZE_MAX
millert [Wed, 29 Apr 2015 00:13:26 +0000 (00:13 +0000)]
Add missing #include <stdint.h> for SIZE_MAX

9 years agoAdd missing BN_CTX_end() calls.
doug [Wed, 29 Apr 2015 00:11:12 +0000 (00:11 +0000)]
Add missing BN_CTX_end() calls.

After calling BN_CTX_start(), there must be a BN_CTX_end() before
returning.  There were missing BN_CTX_end() calls in error paths.  One diff
chunk was simply removing redundant code related to this.

ok deraadt@

9 years agoVERBOSESTATUS or no VERBOSESTATUS, failed or missing dumps are still
halex [Wed, 29 Apr 2015 00:10:44 +0000 (00:10 +0000)]
VERBOSESTATUS or no VERBOSESTATUS, failed or missing dumps are still
worth noting

"go ahead" schwarze@

9 years agoExplicitly include .codepatch and .codepatchend in .rodata such that
kettenis [Tue, 28 Apr 2015 22:29:24 +0000 (22:29 +0000)]
Explicitly include .codepatch and .codepatchend in .rodata such that
the binutils 2.17 linker doesn't make them disappear.

ok deraadt@, guenther@

9 years agoajacoutot spotted a problem with the new sshd logic (to disable root logins
sthen [Tue, 28 Apr 2015 21:41:40 +0000 (21:41 +0000)]
ajacoutot spotted a problem with the new sshd logic (to disable root logins
by default completely in most cases, except where a public ssh key was provided
to autoinstall) - in the case where a (non-root) account was created, sshd
was being disabled; this diff fixes it. Looks good ajacoutot, OK djm@,
extensive testing+OK rpe@,

9 years agoProtect the per-process itimerval structs with a mutex. We update these
kettenis [Tue, 28 Apr 2015 20:54:18 +0000 (20:54 +0000)]
Protect the per-process itimerval structs with a mutex.  We update these
from hardclock() which runs without grabbing the kernel lock.  This means
that two threads could concurrently update the struct which could lead to
corruption of the value which in turn could stop the timer.  It could also
result in getitimer(2) returning a non-normalized value.

With help from guenther@.

ok deraadt@, guenther@

9 years agoDon't grab the kernel lock for clock interrupts. The way we use mutexes
kettenis [Tue, 28 Apr 2015 18:39:13 +0000 (18:39 +0000)]
Don't grab the kernel lock for clock interrupts.  The way we use mutexes
these days is incompatible with that practice and leads to deadlocks.

ok jsing@

9 years agoMake sure to overwrite sdl_type after calling ether_ifattach().
mpi [Tue, 28 Apr 2015 14:51:50 +0000 (14:51 +0000)]
Make sure to overwrite sdl_type after calling ether_ifattach().

Fix a problem found by Johan Huldtgren, ok phessler@