openbsd
7 years agoNot all devices support mmap, document EINVAL in this case too.
millert [Wed, 5 Apr 2017 18:15:43 +0000 (18:15 +0000)]
Not all devices support mmap, document EINVAL in this case too.
OK deraadt@

7 years agoClamp size to length if snprintf ever indicates overflow
deraadt [Wed, 5 Apr 2017 15:57:11 +0000 (15:57 +0000)]
Clamp size to length if snprintf ever indicates overflow
w/ millert

7 years agoReplace all combinations of logerror() and die() with log.c fatal().
bluhm [Wed, 5 Apr 2017 15:16:12 +0000 (15:16 +0000)]
Replace all combinations of logerror() and die() with log.c fatal().
Internally syslogd's fatal() calls die() to do cleanup if necessary.
Also replace all err(3) after log_init() with fatal().
OK millert@

7 years agoUnify variables used for recvmsg/sendmsg
jca [Wed, 5 Apr 2017 14:50:05 +0000 (14:50 +0000)]
Unify variables used for recvmsg/sendmsg

ok millert@ deraadt@

7 years agosendmsg returns a signed value, fix error check
jca [Wed, 5 Apr 2017 14:48:48 +0000 (14:48 +0000)]
sendmsg returns a signed value, fix error check

ok millert@ deraadt@

7 years agoWe can enable many -W compiler warnings now.
reyk [Wed, 5 Apr 2017 14:43:14 +0000 (14:43 +0000)]
We can enable many -W compiler warnings now.

OK rzalamena@

7 years agoRework the packet.c code for decoding and assembling DHCP messages.
reyk [Wed, 5 Apr 2017 14:40:56 +0000 (14:40 +0000)]
Rework the packet.c code for decoding and assembling DHCP messages.

This code suffered from many years of incremental improvements, fix it to:
- verify available buffer space in all cases and don't just trust the caller
- have an API where you always pass the full buffer length and absolute offset
- use consistent types for lengths and buffer offsets (int vs. size_t, ssize_t)
- don't just ignore errors, return and fail when something is wrong

OK rzalamena@

7 years agoDon't rely on asprintf setting pointer to NULL on failure.
jca [Wed, 5 Apr 2017 13:38:18 +0000 (13:38 +0000)]
Don't rely on asprintf setting pointer to NULL on failure.

ok millert@ deraadt@ tom@

7 years agoWhen building counter memory in preparation to copy to userland, always
deraadt [Wed, 5 Apr 2017 13:35:18 +0000 (13:35 +0000)]
When building counter memory in preparation to copy to userland, always
zero the buffers first.  All the current objects appear to be safe,
however future changes might introduce structure pads.
Discussed with guenther, ok bluhm

7 years agoAdd Home and End for copy mode.
nicm [Wed, 5 Apr 2017 12:14:18 +0000 (12:14 +0000)]
Add Home and End for copy mode.

7 years agoFor a non-interactive attempt to pkg_delete a firmware package, print a
sthen [Wed, 5 Apr 2017 11:57:58 +0000 (11:57 +0000)]
For a non-interactive attempt to pkg_delete a firmware package, print a
message advising use of "fw_update -d" rather than saying "ok" and doing
nothing. (pkg_delete intentionally makes it hard to uninstall firmware
to prevent surprises when cleaning a machine).

aja and I were surprised by the "ok" leaving the fw package installed.
suggestion from espie to mention fw_update -d in the message.

7 years agoReplace logdebug() with generic log_debug() from log.c. Implement
bluhm [Wed, 5 Apr 2017 11:31:45 +0000 (11:31 +0000)]
Replace logdebug() with generic log_debug() from log.c.  Implement
log_debugadd() to construct debug message incrementally.
OK deraadt@

7 years agoTry again to resolve problems with mistaking sessions for windows: now
nicm [Wed, 5 Apr 2017 11:04:48 +0000 (11:04 +0000)]
Try again to resolve problems with mistaking sessions for windows: now
do not look up windows as sessions (and panes as windows) when they are
qualified with a ':' or a '.'. So 'foo' as a window target will look for
windows and sessions called 'foo', but ':foo' will only look for
windows, and 'foo:' only for sessions. This means the common case of
using an unadorned session as a window target (send -tfoo) should
continue to work, but an explicit window will not get confused with a
session (send -t:foo).

7 years agoGive each client a name. This defaults to the tty name as before but
nicm [Wed, 5 Apr 2017 10:49:46 +0000 (10:49 +0000)]
Give each client a name. This defaults to the tty name as before but
falls back to an alternative if the tty name is not available. This is
clearer than overloading the client ttyname member and allows us to
remove the path stored in the tty struct, it should always be the same
as the client.

7 years agocfg_file can be static.
nicm [Wed, 5 Apr 2017 10:45:39 +0000 (10:45 +0000)]
cfg_file can be static.

7 years agoChange tty_repeat_space to write large sets of spaces together instead
nicm [Wed, 5 Apr 2017 10:45:20 +0000 (10:45 +0000)]
Change tty_repeat_space to write large sets of spaces together instead
of writing them individually.

7 years agovarious improvements, from klemens nanni;
jmc [Wed, 5 Apr 2017 08:45:33 +0000 (08:45 +0000)]
various improvements, from klemens nanni;
i've omitted hunk 3 of his diff, as what's there now is correct;

ok mikeb

7 years ago- -Z before -z in options list
jmc [Wed, 5 Apr 2017 06:55:59 +0000 (06:55 +0000)]
- -Z before -z in options list
- add -Z to help and usage()

7 years agoan annoying whitespace glitch
deraadt [Wed, 5 Apr 2017 04:44:03 +0000 (04:44 +0000)]
an annoying whitespace glitch

7 years agotimeval has trailing padding on powerpc and m88k, so memset it before
guenther [Wed, 5 Apr 2017 04:15:44 +0000 (04:15 +0000)]
timeval has trailing padding on powerpc and m88k, so memset it before
copyout to avoid leaking kernel stack

ok deraadt@

7 years agoHere at OpenBSD we change ABIs at the fling of a hat. Just in case a
deraadt [Wed, 5 Apr 2017 04:00:41 +0000 (04:00 +0000)]
Here at OpenBSD we change ABIs at the fling of a hat.  Just in case a
future disk info sysctl has pads in the structures, use M_ZERO when
allocating the storage to avoid leaking kernel memory.

7 years agoclear structure on the stack before copying out for sysctl. At present
deraadt [Wed, 5 Apr 2017 03:59:13 +0000 (03:59 +0000)]
clear structure on the stack before copying out for sysctl.  At present
it has no pads, but a future ABI change could add something and leak
kernel memory.

7 years agosync
deraadt [Wed, 5 Apr 2017 03:23:37 +0000 (03:23 +0000)]
sync

7 years agoAllow nc to save the peer certificate and chain in a pem file specified
beck [Wed, 5 Apr 2017 03:20:19 +0000 (03:20 +0000)]
Allow nc to save the peer certificate and chain in a pem file specified
with -Z
ok jsing@

7 years agoAdd tls_peer_cert_chain_pem - To retreive the peer certificate and chain
beck [Wed, 5 Apr 2017 03:19:22 +0000 (03:19 +0000)]
Add tls_peer_cert_chain_pem - To retreive the peer certificate and chain
as PEM format. This allows for it to be used or examined with tools
external to libtls
bump minor
ok jsing@

7 years agoInternal changes to allow for relayd engine privsep. sends the hash of the
beck [Wed, 5 Apr 2017 03:13:53 +0000 (03:13 +0000)]
Internal changes to allow for relayd engine privsep. sends the hash of the
public key as an identifier to RSA, and adds an function for relayd to
use to disable private key checking when doing engine privsep.
ok jsing@

7 years agoDo not print a warning if closing the control socket fails. It
bluhm [Wed, 5 Apr 2017 00:35:02 +0000 (00:35 +0000)]
Do not print a warning if closing the control socket fails.  It
cannot happen and there is nothing that could be done about it.
OK deraadt@

7 years agoadd a config test flag to sasyncd
jsg [Tue, 4 Apr 2017 22:37:01 +0000 (22:37 +0000)]
add a config test flag to sasyncd

ok reyk@ deraadt@ jmc@

7 years agoAlso remove non syspatch hidden files/dirs.
ajacoutot [Tue, 4 Apr 2017 21:20:22 +0000 (21:20 +0000)]
Also remove non syspatch hidden files/dirs.

7 years agoDo not purge the CONFIG_SERVERS config in the parent. The ticket code uses
claudio [Tue, 4 Apr 2017 20:16:09 +0000 (20:16 +0000)]
Do not purge the CONFIG_SERVERS config in the parent. The ticket code uses
the servers config for its rekeying handling. Without this no rekeying happens
and httpd stops working. Learned the hard way by me and beck@
OK reyk@

7 years agostruct vfsconf is tightly packed, but let's M_ZERO it in case that ever
deraadt [Tue, 4 Apr 2017 18:17:02 +0000 (18:17 +0000)]
struct vfsconf is tightly packed, but let's M_ZERO it in case that ever
changes to avoid exposing userland memory.

7 years agoEnsure, that during upgrades, the default for the "Location of sets"
rpe [Tue, 4 Apr 2017 17:50:45 +0000 (17:50 +0000)]
Ensure, that during upgrades, the default for the "Location of sets"
question is set to http if /etc/installurl exists and override the
install method information from the cgi server.

'makes sense' deraadt@

7 years agoThe unsigned result cannot be -1, turn it into a signed variable.
reyk [Tue, 4 Apr 2017 15:52:12 +0000 (15:52 +0000)]
The unsigned result cannot be -1, turn it into a signed variable.

OK rzalamena@

7 years agoconstify pc_remote and pc_circuit
reyk [Tue, 4 Apr 2017 15:50:29 +0000 (15:50 +0000)]
constify pc_remote and pc_circuit

OK rzalamena@

7 years agoSend a RTM_PROPOSAL to clear out other dhclient instances on startup.
krw [Tue, 4 Apr 2017 15:15:48 +0000 (15:15 +0000)]
Send a RTM_PROPOSAL to clear out other dhclient instances on startup.

Replaces forcing interface link state down and up to generate
RTM_IFINFO messages.

7 years agodocument comments in table files; help/ok gilles
jmc [Tue, 4 Apr 2017 14:33:44 +0000 (14:33 +0000)]
document comments in table files; help/ok gilles

7 years agotweak previous;
jmc [Tue, 4 Apr 2017 14:08:19 +0000 (14:08 +0000)]
tweak previous;

7 years agoAdd missing newline in fprintf error message.
reyk [Tue, 4 Apr 2017 14:04:54 +0000 (14:04 +0000)]
Add missing newline in fprintf error message.

OK jsg@

7 years agoTreat SSID's like the 0 to 32 bytes of uint8_t data that they really
krw [Tue, 4 Apr 2017 13:01:20 +0000 (13:01 +0000)]
Treat SSID's like the 0 to 32 bytes of uint8_t data that they really
are. Track and use the actual lengths and use memcpy()/memcmp()
instead of strcmp()/strdup().

7 years agoCleanup the code further. Get rid of the remaining C++-style comments,
kettenis [Tue, 4 Apr 2017 12:56:24 +0000 (12:56 +0000)]
Cleanup the code further.  Get rid of the remaining C++-style comments,
remove some debug printfs, get rid of STATIC and __inline defines and
remove a bit more unused code.

ok drahn@, visa@

7 years agoIssue memory barrier before lock release, not after. This ensures
visa [Tue, 4 Apr 2017 12:30:04 +0000 (12:30 +0000)]
Issue memory barrier before lock release, not after. This ensures
the release write becomes globally visible only after any writes
of the critical section are globally visible. In practice, the
reordering has not happened because the kernel runs in the total
store order mode.

Tested by and OK kettenis@

7 years agoadd a free() size near microcode loading
deraadt [Tue, 4 Apr 2017 04:38:31 +0000 (04:38 +0000)]
add a free() size near microcode loading

7 years agoRewrite tohexstr() to use the common idiom of converting a byte
millert [Tue, 4 Apr 2017 02:37:15 +0000 (02:37 +0000)]
Rewrite tohexstr() to use the common idiom of converting a byte
string to hex nybble by nybble.  This avoids using the return value
of snprintf() unchecked.  OK deraadt@

7 years agoAdd 8265 and 3168 support. Both cards need new firmware files which currently
claudio [Tue, 4 Apr 2017 00:40:52 +0000 (00:40 +0000)]
Add 8265 and 3168 support. Both cards need new firmware files which currently
need to be installed by hand until the iwm-firmware package has been updated.
This includes handling (by ignoring) of IWM_UCODE_TLV_FW_MEM_SEG and
IWM_DEBUG_LOG_MSG firmware commands. Mostly stolen from dragonflybsd.
With this in the X270 has working ethernet and wifi.
Commit! deraadt@

7 years agodisallow creation (of empty files) in read-only mode; reported by
djm [Tue, 4 Apr 2017 00:24:56 +0000 (00:24 +0000)]
disallow creation (of empty files) in read-only mode; reported by
Michal Zalewski, feedback & ok deraadt@

7 years agocp -p the bootblocks to RELEASEDIR; ok tb
deraadt [Tue, 4 Apr 2017 00:03:12 +0000 (00:03 +0000)]
cp -p the bootblocks to RELEASEDIR; ok tb

7 years agowarn format string should be literal.
fcambus [Mon, 3 Apr 2017 20:59:19 +0000 (20:59 +0000)]
warn format string should be literal.

OK deraadt@, millert@

7 years agoChange parse_string() to take an optional integer pointer that can
krw [Mon, 3 Apr 2017 19:59:39 +0000 (19:59 +0000)]
Change parse_string() to take an optional integer pointer that can
be used to return the final size of the parsed (i.e. un-vis'ed)
string. Use same, plus memcpy() to ensure entire final string is
copied to intended destination even if there are embedded NULs.

7 years agoAdd caveat telling it's better to always read a data byte when passing
otto [Mon, 3 Apr 2017 19:42:04 +0000 (19:42 +0000)]
Add caveat telling it's better to always read a data byte when passing
control messages.
Problem noted by Luke Small; ok deraadt@

7 years agoSend and receive 1 byte of data in addition to the control message. This is
otto [Mon, 3 Apr 2017 19:40:43 +0000 (19:40 +0000)]
Send and receive 1 byte of data in addition to the control message. This is
needed to make the code work in more cases.
Sending actually is not really needed, but do it anyway, to avoid confusing
mismatch between producer and consumer.
Problem noted by Luke Small; ok deraadt@

7 years agoWSDISPLAY_MAXFONTCOUNT macro was introduced in sys/dev/wscons/wsconsio.h
fcambus [Mon, 3 Apr 2017 18:43:41 +0000 (18:43 +0000)]
WSDISPLAY_MAXFONTCOUNT macro was introduced in sys/dev/wscons/wsconsio.h
(revision 1.75) to limit the number of fonts that can be loaded.

Reflect that in the man page as well.

OK jcs@

7 years agoSimplify read_string() to just read the characters between the '"'s.
krw [Mon, 3 Apr 2017 18:23:36 +0000 (18:23 +0000)]
Simplify read_string() to just read the characters between the '"'s.
Push the un-vising up to parse_string(). This allows both the actual
string and the un-vised version to be available as desired. Use
memcpy() instead of strdup() to copy un-vised string since it may
legitimately contain NUL.

7 years agocheck return from pread, don't divide -1 for count
tedu [Mon, 3 Apr 2017 17:23:39 +0000 (17:23 +0000)]
check return from pread, don't divide -1 for count

7 years agouse recallocarray() because the array contains data that can be observed
deraadt [Mon, 3 Apr 2017 17:07:58 +0000 (17:07 +0000)]
use recallocarray() because the array contains data that can be observed

7 years agoinitialize regmatch_t always, fixes grep -o ""
tedu [Mon, 3 Apr 2017 16:18:35 +0000 (16:18 +0000)]
initialize regmatch_t always, fixes grep -o ""
from Michael Santos

7 years agoprovide size to free(9)
deraadt [Mon, 3 Apr 2017 16:10:00 +0000 (16:10 +0000)]
provide size to free(9)

7 years agoFix silly code that printfs NULL when there are no fractional seconds
beck [Mon, 3 Apr 2017 15:52:59 +0000 (15:52 +0000)]
Fix silly code that printfs NULL when there are no fractional seconds
on a GENREALIZEDTIME (which there should really never be for anything
remotely standards compliant)
ok jsing@

7 years agoTweak parse_string() to not consume the ';'. Simplifies/shortens
krw [Mon, 3 Apr 2017 15:34:46 +0000 (15:34 +0000)]
Tweak parse_string() to not consume the ';'. Simplifies/shortens
some logic.

7 years agoTweak 'expecting' parse_warn() messages to be more consistent.
krw [Mon, 3 Apr 2017 14:16:34 +0000 (14:16 +0000)]
Tweak 'expecting' parse_warn() messages to be more consistent.

7 years agoCompute address for ll/sc only once.
visa [Mon, 3 Apr 2017 13:51:54 +0000 (13:51 +0000)]
Compute address for ll/sc only once.

7 years agoLess convoluted code in soshutdown()
deraadt [Sun, 2 Apr 2017 23:40:08 +0000 (23:40 +0000)]
Less convoluted code in soshutdown()
ok guenther

7 years agoThe character buffer should be resized using recallocarray()
deraadt [Sun, 2 Apr 2017 23:02:06 +0000 (23:02 +0000)]
The character buffer should be resized using recallocarray()
ok millert and nicm a while ago

7 years agoAlways use return value of asprintf to determine success/failure,
deraadt [Sun, 2 Apr 2017 22:57:20 +0000 (22:57 +0000)]
Always use return value of asprintf to determine success/failure,
don't rely upon *ret becoming NULL
ok millert, tom

7 years agoCheck return value of asprintf(), and don't use 0 as a char *
tom [Sun, 2 Apr 2017 21:23:44 +0000 (21:23 +0000)]
Check return value of asprintf(), and don't use 0 as a char *

Started by, and ok, deraadt@

7 years agoChange parse_string() warning from "filename must be a string" to
krw [Sun, 2 Apr 2017 20:57:22 +0000 (20:57 +0000)]
Change parse_string() warning from "filename must be a string" to
"expecting a string". Things other than filenames are parsed here.

7 years agoFilter out RDTSCP, needed to handle solaris guests. We set the VMX control
mlarkin [Sun, 2 Apr 2017 20:21:44 +0000 (20:21 +0000)]
Filter out RDTSCP, needed to handle solaris guests. We set the VMX control
to enable RDTSCP to 0, so when solaris attempted to use the instruction
(since it wasn't filtered out of CPUID information), the CPU issued an
#UD exception.

7 years agonote that some hosts never generate tuples and are ignored;
jmc [Sun, 2 Apr 2017 18:14:34 +0000 (18:14 +0000)]
note that some hosts never generate tuples and are ignored;
ok beck

7 years agoupdate currency exchange rates;
jmc [Sun, 2 Apr 2017 18:13:18 +0000 (18:13 +0000)]
update currency exchange rates;

7 years agoOn ARMv8, the translation table walk is fully coherent so there is no
kettenis [Sun, 2 Apr 2017 18:06:57 +0000 (18:06 +0000)]
On ARMv8, the translation table walk is fully coherent so there is no
reason to explicitly flush the cache before invalidating the TLB.  The
barrier that is included in out TLB flushing code should be enough to
guarantee that the TLB walking hardware sees the updated page table
contents, so the explicit barriers can go as well.  Sanitize the code
immediately surrounding the removed bits while I'm there.

Tested by jsg@, ok drahn@, visa@

7 years agoprintf format strings should be literals. Reminded by clang.
visa [Sun, 2 Apr 2017 15:48:19 +0000 (15:48 +0000)]
printf format strings should be literals. Reminded by clang.

7 years agoDrop address conversion cruft.
visa [Sun, 2 Apr 2017 15:25:05 +0000 (15:25 +0000)]
Drop address conversion cruft.

7 years agoFix tcp stats reporting
jca [Sun, 2 Apr 2017 12:56:39 +0000 (12:56 +0000)]
Fix tcp stats reporting

Return the sum of per-cpu counters instead of the current cpu's
counters.  Brainfart on my side.  Analysis and fix by Andrei-Marius Radu.

7 years agoadd overdrive 1000
jsg [Sun, 2 Apr 2017 06:02:19 +0000 (06:02 +0000)]
add overdrive 1000

7 years agoFix an out-of-bounds memory access with 64-bit armaps.
visa [Sun, 2 Apr 2017 04:01:52 +0000 (04:01 +0000)]
Fix an out-of-bounds memory access with 64-bit armaps.

OK kettenis@

7 years agoBring back the wait instruction into the idle loop, but only on octeon.
visa [Sun, 2 Apr 2017 03:51:13 +0000 (03:51 +0000)]
Bring back the wait instruction into the idle loop, but only on octeon.
This lets an idle SoC run a bit cooler.

Tested on CN5020, CN6120 and CN7130.

7 years agoReplace snprintf(NULL, malloc, snprintf.... with the much better asprintf.
deraadt [Sun, 2 Apr 2017 02:51:51 +0000 (02:51 +0000)]
Replace snprintf(NULL, malloc, snprintf.... with the much better asprintf.
ok millert

7 years agoPrefer pread() over lseek()+read()
guenther [Sun, 2 Apr 2017 00:53:37 +0000 (00:53 +0000)]
Prefer pread() over lseek()+read()
open() only needs the mode argument if O_CREAT is present

ok beck@ deraadt@

7 years agonormalize order of arguments to if ()
deraadt [Sun, 2 Apr 2017 00:28:56 +0000 (00:28 +0000)]
normalize order of arguments to if ()

7 years agoMake dma range buffer cache pages visible in systat io
beck [Sun, 2 Apr 2017 00:27:44 +0000 (00:27 +0000)]
Make dma range buffer cache pages visible in systat io
ok deraadt@

7 years agounlock tree, we are now hacking on 6.1-current
deraadt [Sun, 2 Apr 2017 00:27:36 +0000 (00:27 +0000)]
unlock tree, we are now hacking on 6.1-current

7 years agoMDT...
deraadt [Sat, 1 Apr 2017 19:17:22 +0000 (19:17 +0000)]
MDT...

7 years agoThe default for the "Server directory?" question can possibly come
rpe [Fri, 31 Mar 2017 18:36:49 +0000 (18:36 +0000)]
The default for the "Server directory?" question can possibly come
from either what information is extracted from the cgi server or
from installurl(5). Otherwise a sane default is used.

Based on what server (HTTP_SERVER) is provided by the user decide
on what source to choose from for the default.

At the end of install_http() use the url from the cgi server as the
base for what's written to /etc/installurl if an official mirror was
used. Otherwise trim _url_base and remove the architecture and
snapshots or version part.

This fixes the problem reported by phessler@ which exposed how
fragile the current logic for this was after recent changes.

At this time of the release cycle the kernel presents itself as
release kernel, but we're still pre-release and the sets are still
in the snapshots directory on the mirrors. This was confusing the
installer script.

Thanks to phessler@ for finding this and testing.
Special thanks to tb@ who imposed on himself to try to understand
and review the diffs.

OK tb@, phessler@ (on a similar diff)
'commit when your are happy' deraadt@

7 years agoBe quiet in case /var/syspatch/ is empty and that there's no remote sig
ajacoutot [Fri, 31 Mar 2017 16:02:31 +0000 (16:02 +0000)]
Be quiet in case /var/syspatch/ is empty and that there's no remote sig
file yet (i.e. when we are in release mode but not released yet).

ok deraadt@

7 years agoskip floppyB until more space is found
deraadt [Thu, 30 Mar 2017 17:29:17 +0000 (17:29 +0000)]
skip floppyB until more space is found

7 years agoXr acpisbs
jcs [Thu, 30 Mar 2017 16:06:55 +0000 (16:06 +0000)]
Xr acpisbs

7 years agosync
deraadt [Thu, 30 Mar 2017 16:05:40 +0000 (16:05 +0000)]
sync

7 years agoadd a manpage for acpisbs, remove caveat from acpibat
jcs [Thu, 30 Mar 2017 16:04:36 +0000 (16:04 +0000)]
add a manpage for acpisbs, remove caveat from acpibat

7 years agoOnly close the SA if an error happens before ikev2_msg_init() was called
patrick [Thu, 30 Mar 2017 15:48:30 +0000 (15:48 +0000)]
Only close the SA if an error happens before ikev2_msg_init() was called
to make sure we do not run ikev2_msg_cleanup() on an unitialized stack
variable.

ok deraadt@ reyk@

7 years agoDisable client-initiated renegotiation.
jsing [Thu, 30 Mar 2017 15:41:04 +0000 (15:41 +0000)]
Disable client-initiated renegotiation.

ok gilles@ eric@ deraadt@

7 years agocorrect NBPFILTER #ifdef's
deraadt [Thu, 30 Mar 2017 15:22:07 +0000 (15:22 +0000)]
correct NBPFILTER #ifdef's
from sthen and others

7 years agosync
deraadt [Thu, 30 Mar 2017 15:19:58 +0000 (15:19 +0000)]
sync

7 years agothese free() size choices appear to be wrong. joel has a diff that fixes
deraadt [Thu, 30 Mar 2017 14:44:36 +0000 (14:44 +0000)]
these free() size choices appear to be wrong.  joel has a diff that fixes
them, but for release let's be conservative and use 0.

7 years agoadd signify public keys for syspatch for the current and next release
robert [Thu, 30 Mar 2017 10:45:50 +0000 (10:45 +0000)]
add signify public keys for syspatch for the current and next release

7 years agoUse m_devget(9) to replace code that does more or less the same but assumes
kettenis [Thu, 30 Mar 2017 07:23:50 +0000 (07:23 +0000)]
Use m_devget(9) to replace code that does more or less the same but assumes
the received packet fits in a single mbuf cluster, which isn't necessarily
the case.  This might fix the pool corruption seen by jcs@.

ok jcs@, jmatthew@, deraadt@

7 years agoSet interface flag to VMIFF_UP when using -i option. This way vmd will make
claudio [Thu, 30 Mar 2017 03:39:35 +0000 (03:39 +0000)]
Set interface flag to VMIFF_UP when using -i option. This way vmd will make
sure the interfaces are up on startup.
OK deraadt@, reky@

7 years agom_devget() lost its ipf pointer argument, update man page.
claudio [Wed, 29 Mar 2017 23:05:05 +0000 (23:05 +0000)]
m_devget() lost its ipf pointer argument, update man page.

7 years agoUse strtonum(3) instead of strtol(3). OK deraadt@
millert [Wed, 29 Mar 2017 22:40:15 +0000 (22:40 +0000)]
Use strtonum(3) instead of strtol(3).  OK deraadt@

7 years agosync the version of the example package; ok deraadt@
naddy [Wed, 29 Mar 2017 20:09:27 +0000 (20:09 +0000)]
sync the version of the example package; ok deraadt@

7 years agoBring radiusd log.c copyright in line with other program's log.c
bluhm [Wed, 29 Mar 2017 18:01:51 +0000 (18:01 +0000)]
Bring radiusd log.c copyright in line with other program's log.c
and other radiusd source files.  Remove the LOSS OF MIND clause.
OK henning@ yasuoka@ deraadt@

7 years agorephrase more enumerations of functions
otto [Wed, 29 Mar 2017 17:38:37 +0000 (17:38 +0000)]
rephrase more enumerations of functions