mlarkin [Tue, 28 Jun 2016 05:37:50 +0000 (05:37 +0000)]
Enable UMIP feature if present. miod originally pointed this out to me.
ok deraadt@
jmatthew [Tue, 28 Jun 2016 04:41:37 +0000 (04:41 +0000)]
enable ure(4) where we already have url(4)
afresh1 [Tue, 28 Jun 2016 04:30:02 +0000 (04:30 +0000)]
Stop linking perl to libpthread
No longer necessary with TIB work
from guenther@ ok sthen@
afresh1 [Tue, 28 Jun 2016 04:28:18 +0000 (04:28 +0000)]
Stop linking perl to libutil, never necessary
from guenther@ ok sthen@
semarie [Tue, 28 Jun 2016 04:27:58 +0000 (04:27 +0000)]
in pledgereq (the array for doing correspondance between textual promise as in pledge(2) and internal PLEDGE_* flag), the flags member should be a uint64_t and not a int.
ok deraadt@
deraadt [Tue, 28 Jun 2016 01:45:28 +0000 (01:45 +0000)]
sync
deraadt [Tue, 28 Jun 2016 00:01:10 +0000 (00:01 +0000)]
If an error path if close() is called, save errno so that original error
is shown by errx
ok millert krw
deraadt [Mon, 27 Jun 2016 23:58:08 +0000 (23:58 +0000)]
Be more careful initializing and tracking socket s through main, this is
so complicated that a future refactoring could easily in introduce a bug.
ok millert krw
deraadt [Mon, 27 Jun 2016 23:54:25 +0000 (23:54 +0000)]
Improve .Nd, and Xr from usb(4)
jmatthew [Mon, 27 Jun 2016 23:50:31 +0000 (23:50 +0000)]
add ure(4) man page
jmatthew [Mon, 27 Jun 2016 23:38:01 +0000 (23:38 +0000)]
the flag is USBD_EXCLUSIVE_USE, not USBD_EXCLUSIVE_ACCESS
jca [Mon, 27 Jun 2016 20:57:41 +0000 (20:57 +0000)]
Missing "break;" in switch statement; repairs IP_MINTTL.
jca [Mon, 27 Jun 2016 19:55:02 +0000 (19:55 +0000)]
Repair kill(2) on zombie processes.
kill(2) is supposed to find zombie processes, this probably got broken
when the process reaper was introduced. As a temporary(tm) workaround,
walk the list of zombie processes if we can't find the target pid in the
main process list.
Problem with zsh initially reported by Geoff Wozniak on misc@, analysis
done by naddy@. ok kettenis@ tedu@
renato [Mon, 27 Jun 2016 19:18:54 +0000 (19:18 +0000)]
Fix inverted logic in recv_hello().
Bug introduced by rev1.48 two weeks ago. We were not respecting the
advertised transport connection preference (LDPoIPv4 or LDPoIPv6),
the fix is pretty obvious.
renato [Mon, 27 Jun 2016 19:08:39 +0000 (19:08 +0000)]
Remove superfluous call to l2vpn_pw_exit().
renato [Mon, 27 Jun 2016 19:06:33 +0000 (19:06 +0000)]
Handle ibuf_add() errors.
tweaks from claudio@
stsp [Mon, 27 Jun 2016 19:01:02 +0000 (19:01 +0000)]
Revert if_iwm.c r1.166. We are still seeing links dropping upon HT protection
updates with some iwn chips, such as the 2200. Reported by mlarkin and krw.
jmc [Mon, 27 Jun 2016 17:36:33 +0000 (17:36 +0000)]
minor tweaks; ok tedu
espie [Mon, 27 Jun 2016 16:52:30 +0000 (16:52 +0000)]
make proper use of fstatat, as suggested by guenther@
okay millert@
jsing [Mon, 27 Jun 2016 16:52:01 +0000 (16:52 +0000)]
Regen.
jsing [Mon, 27 Jun 2016 16:50:07 +0000 (16:50 +0000)]
Restore the sys_o58_kill system call.
jsing [Mon, 27 Jun 2016 16:49:45 +0000 (16:49 +0000)]
Restore the sys_o58_kill system call.
By keeping both the new (sys_kill/sys_thrkill) and old (sys_o58_kill)
system calls for the OpenBSD 6.0 release, code that uses either of these
mechanisms will work on both of the supported OpenBSD releases. This
provides a clean transition for runtimes that make direct system calls
(namely the Go programming language).
This requires a minimal amount of non-intrusive code and does not block
development progress within OpenBSD.
ok deraadt@ guenther@
jca [Mon, 27 Jun 2016 16:36:08 +0000 (16:36 +0000)]
Kill outdated comment. Reading the code is enough.
ok sthen@ bluhm@
jca [Mon, 27 Jun 2016 16:33:48 +0000 (16:33 +0000)]
Implement IPV6_MINHOPCOUNT support.
Useful to implement GTSM support in daemons such as bgpd(8). Diff from
2013 revived by renato@. Input from bluhm@, ok bluhm@ deraadt@
bluhm [Mon, 27 Jun 2016 15:59:51 +0000 (15:59 +0000)]
Copy inp_hops from the listening socket to the accepted one and use
its value for the SYN+ACK packet. This makes the IPV6_UNICAST_HOPS
socket option usable for incoming TCP connections.
tested by renato@; OK jca@
tedu [Mon, 27 Jun 2016 15:47:38 +0000 (15:47 +0000)]
somehow nopass snuck onto the :wheel example. i think it's better without.
tedu [Mon, 27 Jun 2016 15:41:17 +0000 (15:41 +0000)]
revise environment handling.
Add a setenv keyword for manipulating the environment. keepenv now means
only retain everything. (for one release, the old use of keepenv will still
work.)
Allow setting variables to new or existing values, and also removing vars
when keepenv is used.
ok djm martijn tb
tedu [Mon, 27 Jun 2016 15:33:40 +0000 (15:33 +0000)]
defer munmap to after unlocking malloc. this can (unfortunately) be an
expensive syscall, and we don't want to tie up other threads. there's no
need to hold the lock, so defer it to afterwards.
from Michael McConville
ok deraadt
deraadt [Mon, 27 Jun 2016 14:43:04 +0000 (14:43 +0000)]
whitespace
deraadt [Mon, 27 Jun 2016 14:26:26 +0000 (14:26 +0000)]
sync
jsg [Mon, 27 Jun 2016 13:06:41 +0000 (13:06 +0000)]
Fix a memory leak in an error path.
ok mikeb@
jsg [Mon, 27 Jun 2016 12:32:39 +0000 (12:32 +0000)]
Correct the order of memset arguments.
ok mikeb@
bluhm [Mon, 27 Jun 2016 12:25:27 +0000 (12:25 +0000)]
The variable swapping between inp, newinp and oldinpcb in syn_cache_get()
was overly complicated. Simplify the code without functional change.
OK jca@
jmatthew [Mon, 27 Jun 2016 11:42:47 +0000 (11:42 +0000)]
add ure(4), a driver for Realtek RTL8152 10/100 USB Ethernet adapters,
ported from FreeBSD.
ok dereaadt@
espie [Mon, 27 Jun 2016 08:38:15 +0000 (08:38 +0000)]
surprised nobody noticed before me
let scp:// work with PKG_CACHE
basically, we do an extra fork, so we end up cleaning up the connection twice
that's okay for the handles, but not for the commands, since we do a spurious
ABORT BYE BYE on cleanup.
espie [Mon, 27 Jun 2016 06:10:04 +0000 (06:10 +0000)]
make the fallback code more accurate (in particular, it should return names
based on the actual device, not any kind of inode equality which won't hold
for duplicates of the dev tree in a chroot)
no bump as it doesn't change any API.
okay and improvements guenther@
semarie [Mon, 27 Jun 2016 04:26:41 +0000 (04:26 +0000)]
dovutimens: call vrele(9) before returning EINVAL
ok guenther@
semarie [Mon, 27 Jun 2016 04:14:38 +0000 (04:14 +0000)]
sys_revoke: call vrele() before returning ENOTTY
ok guenther@
tedu [Sun, 26 Jun 2016 21:04:08 +0000 (21:04 +0000)]
increase the minimum for auto rounds to 6. that was the previous low bound
for login.conf, and we don't want to go lower.
tedu [Sun, 26 Jun 2016 20:32:31 +0000 (20:32 +0000)]
upgrade selected login.conf to use auto rounds for bcrypt. the installer
already does this, so we don't want to go backwards on password changes.
ok krw
tedu [Sun, 26 Jun 2016 19:53:40 +0000 (19:53 +0000)]
somebody forgot to look at format string warnings
tb [Sun, 26 Jun 2016 15:17:43 +0000 (15:17 +0000)]
Document how to create full boot and installation images containing
release tarballs and ports, suitable for installs without network.
Idea and patch from Bryan Everly, thanks!
With input from deraadt, jmc and myself.
ok jmc
semarie [Sun, 26 Jun 2016 14:27:14 +0000 (14:27 +0000)]
use error code path instead of return early without calling VOP_ABORTOP() and
vrele()/vput().
ok deraadt@
jsg [Sun, 26 Jun 2016 10:12:29 +0000 (10:12 +0000)]
sxie(4) is only for integrated 'EMAC' 10/100 Ethernet. Make this a bit
more obvious. The Gigabit 'GMAC' controller used by some A20 systems
is not supported.
jsg [Sun, 26 Jun 2016 10:04:18 +0000 (10:04 +0000)]
remove devices from soc abstraction device lists that now attach to fdt
jsg [Sun, 26 Jun 2016 09:06:35 +0000 (09:06 +0000)]
Dynamically attach cpsw(4) with the FDT.
jsg [Sun, 26 Jun 2016 07:25:05 +0000 (07:25 +0000)]
Dynamically attach tiiic using the FDT.
Only match on omap4 compatible controllers such as the one in the
am335x on bbb. omap3 has different register offsets and a different
compatible string.
This reuses kettenis' fdt i2c scan function from imxiic(4).
mglocker [Sun, 26 Jun 2016 06:50:26 +0000 (06:50 +0000)]
Oups, remove '#define I2S_DEBUG' again.
mglocker [Sun, 26 Jun 2016 06:48:39 +0000 (06:48 +0000)]
Make i2s compile with I2S_DEBUG; %x -> %p.
jsg [Sun, 26 Jun 2016 05:30:21 +0000 (05:30 +0000)]
add a missing argument specified in format string so this builds again
jsg [Sun, 26 Jun 2016 05:27:44 +0000 (05:27 +0000)]
destatic
jsg [Sun, 26 Jun 2016 05:16:33 +0000 (05:16 +0000)]
Dynamically attach omdog(4) using the FDT.
jsg [Sun, 26 Jun 2016 01:56:07 +0000 (01:56 +0000)]
Don't list cubieboard2, pmap can't handle allwinner a20.
espie [Sat, 25 Jun 2016 18:02:59 +0000 (18:02 +0000)]
recognize @option is-branch
so that it trickles to snapshots and then can be used in ports
tb [Sat, 25 Jun 2016 17:03:22 +0000 (17:03 +0000)]
Move pledge after opendev and DIOCGPDINFO. Fixes e.g. fdisk /dev/tty.
This diff by deraadt was overlooked far too many times, mostly by me.
It's the original fix of the pledge disklabel breakage found by espie.
diff by deraadt; ok semarie, tb.
beck [Sat, 25 Jun 2016 16:10:26 +0000 (16:10 +0000)]
Fix from kinichiro.inoguchi@gmail.com to ensure that OCSP uses
Generalized Time on requests as per RFC6960
beck [Sat, 25 Jun 2016 15:38:44 +0000 (15:38 +0000)]
Fix the ocsp code to actually check for errors when comparing time values
which was not being done due to a lack of checking of the return code for
X509_cmp_time. Ensure that we only compare GERNERALIZEDTIME values because
this is what is specified by RFC6960.
Issue reported, and fix provided by Kazuki Yamaguchi <k@rhe.jp>
ok bcook@
feinerer [Sat, 25 Jun 2016 05:31:08 +0000 (05:31 +0000)]
Add Medion Mobile S4222
Remove deprecated Tn at the same time.
OK jmc@
tedu [Fri, 24 Jun 2016 20:49:56 +0000 (20:49 +0000)]
move a space to the correct spot
tedu [Fri, 24 Jun 2016 17:22:56 +0000 (17:22 +0000)]
use crypt_checkpass to simplify password checking logic.
espie [Fri, 24 Jun 2016 14:20:49 +0000 (14:20 +0000)]
make use of former changes. If list is higher than display go thru more.
bluhm [Fri, 24 Jun 2016 13:55:57 +0000 (13:55 +0000)]
The function pf_get_sport() did work for out rules only. Make it
aware of the direction of the packet. Now nat-to can be used by
in rules and together with divert-to. Collisions with existing
states are found and produce a "NAT proxy port allocation failed"
message.
OK henning@ mikeb@
espie [Fri, 24 Jun 2016 11:42:30 +0000 (11:42 +0000)]
simplify the logic. no need for a separate hook when we can just specialize
find_window_size.
fix a bug: integrate SIG{CONT} for re-checking window size.
the way it's currently written, first call to compute_playfield will
call itself once. But it makes for less code.
florian [Fri, 24 Jun 2016 08:34:33 +0000 (08:34 +0000)]
regen
florian [Fri, 24 Jun 2016 08:34:02 +0000 (08:34 +0000)]
Update to 4.1.10
Testing by millert@, sthen@ and me.
came up with the same diff & OK sthen@
stefan [Thu, 23 Jun 2016 18:41:44 +0000 (18:41 +0000)]
Avoid multiple evaluation of macro arguments in softclock()
ok mikeb@ tedu@
espie [Thu, 23 Jun 2016 16:11:23 +0000 (16:11 +0000)]
there's no reason for window size computation to be linked to the
ProgressMeter, so make it available from state.
- computation is lazy, so no runtime difference;
- don't bother setting a SIG{WINCH} on non-tty;
- progressmeter already has access to state;
- do an empty window_size_changed in base state, override it for
addcreatedelete to inform the progressmeter.
to be reused in dpb...
bluhm [Thu, 23 Jun 2016 15:41:42 +0000 (15:41 +0000)]
As klog dropped message has no ifdef small kernel, sendsyslog
should not have it either. While there bring some variables in
sync between both functions.
OK deraadt@
bluhm [Thu, 23 Jun 2016 13:15:21 +0000 (13:15 +0000)]
It is annoying that the dmesg buffer can overflow and loose messages
undetected during debugging. To make clear what happens, count the
dropped bytes and write message buffer full to syslogd. This also
helps to have a reliable log system.
OK deraadt@ millert@ tedu@
espie [Thu, 23 Jun 2016 12:44:10 +0000 (12:44 +0000)]
add fh variation of printing code. Systematically use it with STDOUT/STDERR
for classical functions.
kettenis [Thu, 23 Jun 2016 12:02:18 +0000 (12:02 +0000)]
Use SYMBOL_CALLS_LOCAL() to determine whether we can drop relocations for a
symbol such that hidden symbols get handled properly. Gets rid of the
spurious DT_TEXTREL entries seen with (typically) C++ code.
ok deraadt@, guenther@
eric [Thu, 23 Jun 2016 11:56:19 +0000 (11:56 +0000)]
move transaction-specific states from struct smtp_session to struct smtp_tx
ok gilles@
henning [Thu, 23 Jun 2016 09:08:56 +0000 (09:08 +0000)]
when pf_test returns something but PF_PASS, set error to EACCES
instead of EHOSTUNREACH. On the latter, ip_forward can generate undesired
icmp errors - either pf generates those itself (block return), or there
shouldn't be any.
Bizarrely enough, ip_forward has EACCES handling with a comment specifically
pointing to packets blocked by pf, but the code in ip_output used EHOSTUNREACH
from day #1 on.
found & analyzed by Kristof Provost <kp at FreeBSD>, discussed at BSDcan
ok mpi millert
semarie [Thu, 23 Jun 2016 06:37:36 +0000 (06:37 +0000)]
allow creation of devices or fifo without -p (as it is already allowed with -p)
diff from trondd at kagu-tsuchi com, enhanced by me for reordering promises
ok deraadt@
djm [Thu, 23 Jun 2016 05:17:51 +0000 (05:17 +0000)]
fix AuthenticationMethods during configuration re-parse;
reported by Juan Francisco Cantero Hurtado
kettenis [Wed, 22 Jun 2016 20:15:31 +0000 (20:15 +0000)]
Fetch MAC address from FDT.
ok jsg@, patrick@
sthen [Wed, 22 Jun 2016 20:11:09 +0000 (20:11 +0000)]
backport r3782, fixing qname-minimisation with various broken DNS servers,
often found at CDNs.
- Use QTYPE=A for QNAME minimisation.
- Keep track of number of time-outs when performing QNAME minimisation.
Stop minimising when number of time-outs for a QNAME/QTYPE pair is
more than three.
sthen [Wed, 22 Jun 2016 20:09:55 +0000 (20:09 +0000)]
backport r3781, fix segfault in -h
sthen [Wed, 22 Jun 2016 20:05:40 +0000 (20:05 +0000)]
update to unbound-1.5.9. (there will be a follow-up commit to cherrypick a
couple of post-1.5.9 patches).
tests from Mark Patruck, danj, matthieu, millert. reads ok to jung, ok florian.
jca [Wed, 22 Jun 2016 19:44:26 +0000 (19:44 +0000)]
No modules thus no need for extra space for additional ppp compressions.
ok deraadt@ mikeb@
bluhm [Wed, 22 Jun 2016 19:29:29 +0000 (19:29 +0000)]
Syslogd can send messages to a user, test what happens if the
terminal is blocking to receive messages. Stop the fake user
terminal and look for a delayed write debug message from syslogd.
This makes the test more reliable.
kettenis [Wed, 22 Jun 2016 13:29:14 +0000 (13:29 +0000)]
Don't make the DT_TEXTREL warning fatal. Hopefully this will be temporary,
but we first have to make sure that our tree is clean.
ok deraadt@
visa [Wed, 22 Jun 2016 13:09:35 +0000 (13:09 +0000)]
Add support for the second GMX interface on Octeon II. This enables
ports eth[0-3] on 8-port EdgeRouters. Currently, port eth0 maps to
network interface cnmac4, eth1 to cnmac5 etc.
ok dlg@, tested by martijn@
espie [Wed, 22 Jun 2016 12:18:21 +0000 (12:18 +0000)]
have a consistent exit code when looking for stuff
stsp [Wed, 22 Jun 2016 11:32:12 +0000 (11:32 +0000)]
In iwm(4), clear the in_assoc flag when going down. This flag affects behaviour
early during startup, e.g. where the BSSID for the MAC context is copied from.
Pointed out by Imre Vadasz.
stsp [Wed, 22 Jun 2016 11:30:00 +0000 (11:30 +0000)]
Remove code from iwm(4) which sends DTIM and TSF information to the
firmware based on information from the wireless stack. Letting the
firmware deal with these details by itself seems to work better.
Fixes association issues with 8260 hardware for me and Bryan Vyhmeister.
Also tested by jcs@.
stsp [Wed, 22 Jun 2016 11:28:27 +0000 (11:28 +0000)]
Make iwm(4) explicitly send multicast frames at the lowest rate, instead of
picking a rate from the firmware RS table. This matches what other drivers do.
Also, pass the correct Tx rate to BPF (tcpdump) for 5GHz, and don't loop over
CCK rates when building the Link-Quality command's RS table for 5GHz.
tested by myself and jcs@
kettenis [Wed, 22 Jun 2016 10:13:14 +0000 (10:13 +0000)]
Add curly braces that were missed in rev 1.651. Add parenthesis to make the
condition in the if statement more readable while I'm there.
ok phessler@, benno@, florian@
mlarkin [Wed, 22 Jun 2016 07:22:00 +0000 (07:22 +0000)]
Identify UMIP feature, if available.
ok millert, kettenis, deraadt
dlg [Wed, 22 Jun 2016 06:34:35 +0000 (06:34 +0000)]
dont need a traliing \ on a line in c code, it's not a macro definition.
from patrick keshishian
dlg [Wed, 22 Jun 2016 06:32:32 +0000 (06:32 +0000)]
rework art_walk so it will behave in an mpsafe world.
art_walk now explicitly takes the same lock used to serialise change
made via rtable_insert and _delete, so it can safely adjust the
refcnts on tables while it recurses into them. they need to still
exist when returning out of the recursion.
it uses srps to access nodes and drops the lock before calling the
callback function. this is because some callbacks sleep (eg, copyout
in the sysctl code that dumps an rtable to userland), which you
shouldnt hold a lock accross. other callbacks attempt to modify
the rtable (eg, marking routes as down when then interface theyre
on goes down), which tries to take the lock again, which probably
wont work in the future.
ok jmatthew@ mpi@
deraadt [Wed, 22 Jun 2016 03:48:23 +0000 (03:48 +0000)]
sync
mikeb [Wed, 22 Jun 2016 01:13:07 +0000 (01:13 +0000)]
Main Hyper-V nexus driver, work in progress.
ok mlarkin, deraadt
mikeb [Wed, 22 Jun 2016 01:12:38 +0000 (01:12 +0000)]
Setup Hyper-V hypercall page and an IDT vector.
ok mlarkin, kettenis, deraadt
jmc [Tue, 21 Jun 2016 22:35:39 +0000 (22:35 +0000)]
use the same argument name for -f in usage() as in SYNOPSIS;
benno [Tue, 21 Jun 2016 21:35:24 +0000 (21:35 +0000)]
do not allow whitespace in macro names, i.e. "this is" = "a variable".
change this in all config parsers in our tree that support macros.
problem reported by sven falempin.
feedback from henning@, stsp@, deraadt@
ok florian@ mikeb@
ratchov [Tue, 21 Jun 2016 21:16:42 +0000 (21:16 +0000)]
Make usage string match the man page.
suggested by jmc@
bluhm [Tue, 21 Jun 2016 16:45:37 +0000 (16:45 +0000)]
To assist debugging TCP connection reuse with NAT, expand the
existing log in pf_state_key_attach() from the failed to the reuse
case.
OK mikeb@
kettenis [Tue, 21 Jun 2016 15:39:51 +0000 (15:39 +0000)]
Remove code to generate uboot tags. It hardcoded information for a single
board and a device tree is required by our kernel now.
ok patrick@, jsg@
deraadt [Tue, 21 Jun 2016 15:25:36 +0000 (15:25 +0000)]
When handling DT_TEXTREL only set the mapping to READ+WRITE, ignore
possible EXEC permission for the section, because the proper permission
is set late, and there are no thread concerns here. Avoids W^X issues
in oddball cases.
ok guenther kettenis