openbsd
9 years agoRemove all references to the amd -M option (it was disabled long ago) and
guenther [Wed, 21 Jan 2015 09:47:15 +0000 (09:47 +0000)]
Remove all references to the amd -M option (it was disabled long ago) and
correct the texinfo validation errors, then re-enable validation

9 years agofix macro breakage and update usage();
jmc [Wed, 21 Jan 2015 09:21:05 +0000 (09:21 +0000)]
fix macro breakage and update usage();

9 years agoSimplify internals and rewrite file header parsing code:
ratchov [Wed, 21 Jan 2015 08:43:55 +0000 (08:43 +0000)]
Simplify internals and rewrite file header parsing code:
- remove -M, -t, -w, -C, -x flags that don't make sense anymore
- make "-j off" the default (sndiod already does the job)
- don't limit the number of played/recorded files.
- add support for floating-point encoded files.
- add support for apple .aiff and sun/next .au files

9 years agoRegenerate the amq RPC stubs with a -current rpcgen, with some
guenther [Wed, 21 Jan 2015 08:24:41 +0000 (08:24 +0000)]
Regenerate the amq RPC stubs with a -current rpcgen, with some
post-processing of the server stub to match previous local changes.
This corrects the type handling of mt_mounttime, so "amq /mountpoint"
doesn't segv trying to treat a time_t as a pointer.
With the file (re)generation fixed, we can more easily update the
protocol to support 64bit time_t...

9 years agoamq doesn't use anything from misc_rpc.c
guenther [Wed, 21 Jan 2015 08:16:51 +0000 (08:16 +0000)]
amq doesn't use anything from misc_rpc.c

9 years agoAssume NFS_CHECK and RO_CHECK are defined.
guenther [Wed, 21 Jan 2015 04:08:37 +0000 (04:08 +0000)]
Assume NFS_CHECK and RO_CHECK are defined.
We only need the dev_t and not the entire struct stat in mntinfo.
Delete some superfluous casts.

9 years agoReduce opt_t from long to int.
guenther [Wed, 21 Jan 2015 03:18:31 +0000 (03:18 +0000)]
Reduce opt_t from long to int.
Debug message consistency: format opts with %#x and modes with %#04o

9 years agoFix deferred host DNS lookups.
bcook [Wed, 21 Jan 2015 03:14:10 +0000 (03:14 +0000)]
Fix deferred host DNS lookups.

If the network is unreachable when ntpd starts and host_dns fails, be sure
that we still close the HOST_DNS imsg.

Thanks to Paul de Weerd <weerd at weirdnet dot nl> for reporting this.

ok beck@

9 years agoRemove unsafe micro-optimization of *bit test*
guenther [Wed, 21 Jan 2015 03:05:03 +0000 (03:05 +0000)]
Remove unsafe micro-optimization of *bit test*

9 years agoDelete option COMPAT_43: support for pre-sa_len binaries has been obsolete
guenther [Wed, 21 Jan 2015 02:23:14 +0000 (02:23 +0000)]
Delete option COMPAT_43: support for pre-sa_len binaries has been obsolete
for a couple decades.  Keep the OSIOCGIFCONF ioctl to support COMPAT_LINUX
but move the rest of the Linux-specific ioctl() handling into linux_socket.c
This lets struct osockaddr finally move from sys/socket.h to protocols/talkd.h

ok krw@ deraadt@ mpi@

9 years agopass empty request lines through to tbl(7); sometimes, they end a layout
schwarze [Wed, 21 Jan 2015 02:16:11 +0000 (02:16 +0000)]
pass empty request lines through to tbl(7); sometimes, they end a layout

9 years agoblank lines in tables do not need special handling; simplifies code
schwarze [Wed, 21 Jan 2015 00:45:16 +0000 (00:45 +0000)]
blank lines in tables do not need special handling; simplifies code
and reduces groff/mandoc differences in base by about 1%

9 years agoFix DTLS memory leak (CVE-2015-0206).
doug [Wed, 21 Jan 2015 00:15:50 +0000 (00:15 +0000)]
Fix DTLS memory leak (CVE-2015-0206).

There were four bugs fixed by this patch:

* dtls1_buffer_record() now frees rdata->rbuf.buf on error.  Since
  s->s3->rbuf was memset, rdata->rbuf is the only pointer left which
  points to the old rbuf.  On error, rdata is freed so there will not
  be any way of freeing this memory unless we do it here.

* Changed the return code of dtls1_buffer_record() to differentiate
  between queue full (0) and error (-1).  See below as this differs
  from upstream.

* Handle errors if calls to dtls1_buffer_record() fail with -1.
  Previously, it did not check the return value.

* Changed the way receipts are recorded.  Previously, it was recorded
  when processed successfully (whether buffered or not) in
  dtls1_process_record().  Now, it records when it is handled in
  dtls1_get_record(): either when it is entered into the queue to buffer
  for the next epoch or when it is processed directly.  Processing
  buffered records does not add a receipt because it needed one in
  order to get into the queue.

The above bugs combined contributed to an eventual DoS through memory
exhaustion.  The memory leak came from dtls1_buffer_record()'s error
handling.  The error handling can be triggered by a duplicate record
or malloc failure.  It was possible to add duplicate records because
they were not being dropped.  The faulty receipts logic did not detect
replays when dealing with records for the next epoch.  Additionally,
dtls1_buffer_record()'s return value was not checked so an attacker
could send repeated replay records for the next epoch.

Reported to OpenSSL by Chris Mueller.

Patch based on OpenSSL commit 103b171d8fc282ef435f8de9afbf7782e312961f
and BoringSSL commit 44e2709cd65fbd2172b9516c79e56f1875f60300.

Our patch matches BoringSSL's commit.  OpenSSL returns 0 when the queue
is full or when malloc() or pitem_new() fails.  They return -1 on error
including !ssl3_setup_buffers() which is another failure to allocate
memory.

BoringSSL and LibreSSL changed the return code for dtls1_buffer_record()
to be 1 on success, 0 when the queue is full and -1 on error.

input + ok bcook@, jsing@

9 years agoReduce use of <sys/param.h> and transition to <limits.h> throughout.
deraadt [Tue, 20 Jan 2015 23:14:00 +0000 (23:14 +0000)]
Reduce use of <sys/param.h> and transition to <limits.h> throughout.
ok djm markus

9 years agouse SUBDIR to recuse into unit tests; makes "make obj" actually
djm [Tue, 20 Jan 2015 22:58:57 +0000 (22:58 +0000)]
use SUBDIR to recuse into unit tests; makes "make obj" actually
work

9 years agotweak previous; ok schwarze
jmc [Tue, 20 Jan 2015 22:34:15 +0000 (22:34 +0000)]
tweak previous; ok schwarze

9 years agoDocument how to send syslog messages over TCP or TLS.
bluhm [Tue, 20 Jan 2015 22:10:37 +0000 (22:10 +0000)]
Document how to send syslog messages over TCP or TLS.
OK jmc@

9 years agoincrease TMP_MAX to the equivalent of INT_MAX. it's actually more,
tedu [Tue, 20 Jan 2015 22:09:50 +0000 (22:09 +0000)]
increase TMP_MAX to the equivalent of INT_MAX. it's actually more,
but safer not to wraparound by accident.
ok deraadt millert miod

9 years agotweak previous;
jmc [Tue, 20 Jan 2015 22:02:15 +0000 (22:02 +0000)]
tweak previous;

9 years agoSplit the -Werror message level into -Werror (broken manual, probably
schwarze [Tue, 20 Jan 2015 21:12:46 +0000 (21:12 +0000)]
Split the -Werror message level into -Werror (broken manual, probably
using mandoc is better than using groff) and -Wunsupp (manual using
unsupported low-level roff(7) feature, probably using groff is better
than using mandoc).  Once this feature is complete, it is intended
to help porting, making the decision whether to USE_GROFF easier.

As a first step, distinguish four classes of roff(7) requests:
1. Supported (currently 24 requests)
2. Currently ignored because unimportant (120)  ->  no message
3. Ignored for good because insecure (14)  ->  -Werror
4. Currently unsupported (68)  ->  these trigger the new -Wunsupp messages

9 years agoi wrote this
tedu [Tue, 20 Jan 2015 20:50:36 +0000 (20:50 +0000)]
i wrote this

9 years agokex_setup errors are fatal()
markus [Tue, 20 Jan 2015 20:16:21 +0000 (20:16 +0000)]
kex_setup errors are fatal()

9 years agoIf _dl_progname exceeds half the syslog buffer, truncate it with "...",
deraadt [Tue, 20 Jan 2015 19:51:00 +0000 (19:51 +0000)]
If _dl_progname exceeds half the syslog buffer, truncate it with "...",
so that the remaining information is more visible
ok kettenis miod

9 years agoMove ps_strings "after" the random stackgap. This makes its location a
kettenis [Tue, 20 Jan 2015 19:43:20 +0000 (19:43 +0000)]
Move ps_strings "after" the random stackgap.  This makes its location a
per-process value, and therefpore turns the VM_PSSTRINGS sysctl into a
per-process one as well.  This gets rid of a pointer to the bottom of the
stack at a fixed location.  Also clears the road for unmapping the stackgap.

ok deraadt@

9 years agoone more "center"; tedu forgot to use -i, i think...
jmc [Tue, 20 Jan 2015 19:23:32 +0000 (19:23 +0000)]
one more "center"; tedu forgot to use -i, i think...

9 years agotweak previous;
jmc [Tue, 20 Jan 2015 19:20:45 +0000 (19:20 +0000)]
tweak previous;

9 years agoDo not use /usr/ports/infrastructure/man/ by default because this
schwarze [Tue, 20 Jan 2015 19:17:28 +0000 (19:17 +0000)]
Do not use /usr/ports/infrastructure/man/ by default because this
directory is not contained in OpenBSD base, and because even people
having the directory often don't understand that they need to run
makewhatis(8) - and instead complain about the resulting warnings.
This commit reverts revisions 1.17 and 1.21.

Requested by deraadt@ millert@ kettenis@ who argue that people
using /usr/ports/infrastructure/bin/ already need to set PATH,
so editing man.conf (or, though more fragile, setting MANPATH)
should not be a big deal for them.

9 years agochange spelling of centre to center. consistent with other man pages,
tedu [Tue, 20 Jan 2015 18:54:33 +0000 (18:54 +0000)]
change spelling of centre to center. consistent with other man pages,
the name of the macro being described, and look(1).
ok jmc

9 years agoHOST_NAME_MAX + 1 is big enough for gethostname(3); this array has
florian [Tue, 20 Jan 2015 18:44:16 +0000 (18:44 +0000)]
HOST_NAME_MAX + 1 is big enough for gethostname(3); this array has
been one char too big when it was defined in terms of MAXHOSTNAMELEN.
While here, NI_MAXHOST is big enough for getnameinfo(3).
OK benno@

9 years agoMerge two copies of the (almost) identical bus space code into one file.
mpi [Tue, 20 Jan 2015 18:34:00 +0000 (18:34 +0000)]
Merge two copies of the (almost) identical bus space code into one file.

This brings bus_space_mmap(9) to socppc and change its bus_space_map(9)
implementation to use kernel_map instead of phys_map like macppc and
everybody else.

9 years agoAdjust <sys/param.h> comments regarding use of use of MSIZE, or
deraadt [Tue, 20 Jan 2015 18:26:57 +0000 (18:26 +0000)]
Adjust <sys/param.h> comments regarding use of use of MSIZE, or
delete <sys/param.h> if now possible
ok guenther

9 years agoAdjust <sys/param.h> comments regarding use of use of MAXFRAG, or
deraadt [Tue, 20 Jan 2015 18:22:20 +0000 (18:22 +0000)]
Adjust <sys/param.h> comments regarding use of use of MAXFRAG, or
delete <sys/param.h> if now possible
ok guenther

9 years agoMake the man(1) and apropos(1) options -s and -S much less expensive:
schwarze [Tue, 20 Jan 2015 18:19:39 +0000 (18:19 +0000)]
Make the man(1) and apropos(1) options -s and -S much less expensive:
Do not append an SQL clause looking into the large "keys" table.
Instead, filter the result of the SQL query in buildnames() where
equivalent data from the much smaller "mlinks" table is already
available for free.

This is relevant because man(1) uses the equivalent of "-S ${MACHINE}"
by default since main.c rev. 1.122, to make sure that manuals for
the current architecture are shown.  With many ports installed, this
patch can speed up man(1) by a factor of more than a hundred.

Slowness reported by Theo Buehler <theo at math dot ethz dot ch>, thanks!

9 years agoFSHIFT does not need to go to userland, so convert it to _FSHIFT.
deraadt [Tue, 20 Jan 2015 18:14:51 +0000 (18:14 +0000)]
FSHIFT does not need to go to userland, so convert it to _FSHIFT.
FSCALE still needs to be exported .. unless someone fixes a few ports
that need it.
ok guenther, tested by sthen

9 years agoNothing in this file requires <sys/queue.h>. While here remove old and
mpi [Tue, 20 Jan 2015 18:14:39 +0000 (18:14 +0000)]
Nothing in this file requires <sys/queue.h>.  While here remove old and
unused typedef & external definitions.

9 years agoYears ago, MSIZE had to be known in <sys/param.h> probably to allocate
deraadt [Tue, 20 Jan 2015 18:12:49 +0000 (18:12 +0000)]
Years ago, MSIZE had to be known in <sys/param.h> probably to allocate
memory for the mbuf layer up front.  These days it only matters for
sizing of macros in <sys/mbuf.h>, so move it there.  MCLSHIFT, MCLBYTES,
and MCLOFSET can move also (a decade ago, architectures had different
mbuf sizes.  you don't want to know more)
ok guenther, ports fallout checked for by sthen

9 years agoDo not assume a read buffer coming from libevent is aligned. Copy the
deraadt [Tue, 20 Jan 2015 18:09:12 +0000 (18:09 +0000)]
Do not assume a read buffer coming from libevent is aligned.  Copy the
int to an aligned variable before operating on it.
ok claudio

9 years agoMAXFRAG was always placed incorrectly in <sys/param.h> It is primarily
deraadt [Tue, 20 Jan 2015 18:08:16 +0000 (18:08 +0000)]
MAXFRAG was always placed incorrectly in <sys/param.h>  It is primarily
used in disklabel type tools, newfs, fsck, when related to ufs or
ufs-derived filesystems, but also in a struct. Those things always include
<ufs/ffs/fs.h>.  Move it there
ok guenther, tested in ports by sthen

9 years agoCMASK was only a CSRGism. It was only used in the kernel and ftpd, once
deraadt [Tue, 20 Jan 2015 18:03:17 +0000 (18:03 +0000)]
CMASK was only a CSRGism.  It was only used in the kernel and ftpd, once
each, never in portable software.  Mop it up.
ok guenther, tested in ports tree by sthen

9 years agouse <limits.h> comprehensively. For now try to push <> includes to
deraadt [Tue, 20 Jan 2015 17:37:54 +0000 (17:37 +0000)]
use <limits.h> comprehensively.  For now try to push <> includes to
each .c file, and out of the .h files.  To avoid overinclude.
ok gilles, in principle.  If this has been done right, -portable should
become easier to maintain.

9 years agoPrevent tables referenced by rules in anchors from getting disabled.
mikeb [Tue, 20 Jan 2015 17:25:35 +0000 (17:25 +0000)]
Prevent tables referenced by rules in anchors from getting disabled.
Analysis and patch by Richard Kojedzinszky, thanks!  ok henning

9 years agoRewrite to void using union sockaddr_union
deraadt [Tue, 20 Jan 2015 17:19:05 +0000 (17:19 +0000)]
Rewrite to void using union sockaddr_union
ok mikeb

9 years agoMerge two copies of the same dma code into one file and sync the headers.
mpi [Tue, 20 Jan 2015 17:08:35 +0000 (17:08 +0000)]
Merge two copies of the same dma code into one file and sync the headers.

ok kettenis@

9 years agoVarious cleanups. Explicitly include <sys/atomic.h>, Use pmap_remove_pg()
mpi [Tue, 20 Jan 2015 17:04:20 +0000 (17:04 +0000)]
Various cleanups. Explicitly include <sys/atomic.h>, Use pmap_remove_pg()
for the kernel pmap and kill pmap_kremove_pg().  Finally guard the hash
lock code under "MULTIPROCESSOR" to explicit which part of the code
received some MP love.

ok kettenis@

9 years agoAdd support for the "-r fromaddr" flag now that we don't support
millert [Tue, 20 Jan 2015 16:59:07 +0000 (16:59 +0000)]
Add support for the "-r fromaddr" flag now that we don't support
sendmail flags on the command line.
Also allow "from" to be set in mailrc.
Use sendmail's "-t" flag when executing sendmail instead of specifying
the list of recipients in argv.  The "-f" flag will be used to set
the from address if specified.

9 years agoAllocate a bit more memory to reduce the change of having to
millert [Tue, 20 Jan 2015 16:54:06 +0000 (16:54 +0000)]
Allocate a bit more memory to reduce the change of having to
realloc() which is expensive for large blacklists.

9 years agoincrease limits for staff (user created at install time is in staff)
deraadt [Tue, 20 Jan 2015 16:49:59 +0000 (16:49 +0000)]
increase limits for staff (user created at install time is in staff)

9 years agoRevert some $OpenBSD$ additions about which there are doubts.
krw [Tue, 20 Jan 2015 14:41:37 +0000 (14:41 +0000)]
Revert some $OpenBSD$ additions about which there are doubts.

Suggested by deraadt@

9 years agoRevert some $OpenBSD$ additions about which there are doubts.
krw [Tue, 20 Jan 2015 14:40:37 +0000 (14:40 +0000)]
Revert some $OpenBSD$ additions about which there are doubts.

Suggested by deraadt@

9 years agoRevert some $OpenBSD$ additions about which there are doubts.
krw [Tue, 20 Jan 2015 14:38:09 +0000 (14:38 +0000)]
Revert some $OpenBSD$ additions about which there are doubts.

Suggested by deraadt@

9 years agoRevert some $OpenBSD$ additions about which there are doubts.
krw [Tue, 20 Jan 2015 14:35:18 +0000 (14:35 +0000)]
Revert some $OpenBSD$ additions about which there are doubts.

Suggested by deraadt@

9 years agoMake ix(4) work on strict alignment architectures. The Intel networking
kettenis [Tue, 20 Jan 2015 12:56:50 +0000 (12:56 +0000)]
Make ix(4) work on strict alignment architectures.  The Intel networking
hardware is fairly retarded.  While it allows receive buffers with an
ETHER_ALIGN offset, it only allows the size of the buffers to be specified in
multiples of 1K.  This means that if we want to use standard mbuf clusters
we will waste 1024 - ETHER_ALIGN bytes per cluster, which is a lot for the
2K clusters we use now.  Compromise a bit by using 4K clusters on strict
alignment architectures and tell the hardware to use 3K of those, reducing
the spillage a bit.  While this isn't optimal, at least on sparc64 where we
have 8K pages, the pool page allocation overhead should be the same as on
amd64/i386 where we have 4K pages and continue to use 2K mbuf clusters.

ok mikeb@, dlg@

9 years agoWe do not support AIO, so comment it out in the kqueue(2) manpage for now.
reyk [Tue, 20 Jan 2015 11:56:33 +0000 (11:56 +0000)]
We do not support AIO, so comment it out in the kqueue(2) manpage for now.

OK jmc@ guenther@

9 years agotypo in comment ;) ok nicm
sthen [Tue, 20 Jan 2015 10:57:10 +0000 (10:57 +0000)]
typo in comment ;)  ok nicm

9 years agoCheck for out-of-range indices when searching the default dac and adc.
ratchov [Tue, 20 Jan 2015 09:46:31 +0000 (09:46 +0000)]
Check for out-of-range indices when searching the default dac and adc.
Fix from Alexey Suslikov <alexey.suslikov at gmail.com>. Thanks!

tested by many, ok armani

9 years agoSplit out from rdist/defs.h the client-only and server-only bits into
guenther [Tue, 20 Jan 2015 09:00:16 +0000 (09:00 +0000)]
Split out from rdist/defs.h the client-only and server-only bits into
 rdist/client.h and rdistd/server.h
Only put #includes in .h files that are necessary for the .h to be used;
 all other #includes go in the .c files
Move all extern variable declarations to the .h files, renaming local
 variables to avoid shadowing
Replace me_type member of mntent_t with an "is NFS?" flag bit

9 years agoSupport blinking cursor mode, both the xterm CSI ?12 h/l and (the
nicm [Tue, 20 Jan 2015 08:18:04 +0000 (08:18 +0000)]
Support blinking cursor mode, both the xterm CSI ?12 h/l and (the
backwards) screen CSI 34 h/l. From Guanpeng Xu.

9 years agothis test would accidentally delete agent.sh if run without obj/
djm [Tue, 20 Jan 2015 08:02:33 +0000 (08:02 +0000)]
this test would accidentally delete agent.sh if run without obj/

9 years agomake this compile with KERBEROS5 enabled
djm [Tue, 20 Jan 2015 07:56:44 +0000 (07:56 +0000)]
make this compile with KERBEROS5 enabled

9 years agofix hostkeys in agent; ok markus@
djm [Tue, 20 Jan 2015 07:55:33 +0000 (07:55 +0000)]
fix hostkeys in agent; ok markus@

9 years agoChange the machdep.lidsupsend example now that the default setting has been
deraadt [Tue, 20 Jan 2015 07:42:35 +0000 (07:42 +0000)]
Change the machdep.lidsupsend example now that the default setting has been
inverted.

9 years agoWe all have syslog() now; assume LOG_PID and LOG_DAEMON
guenther [Tue, 20 Jan 2015 07:03:21 +0000 (07:03 +0000)]
We all have syslog() now; assume LOG_PID and LOG_DAEMON

9 years agoChange the machdep.lidsupsend example now that the default setting has been
miod [Tue, 20 Jan 2015 07:00:05 +0000 (07:00 +0000)]
Change the machdep.lidsupsend example now that the default setting has been
inverted.

9 years agoMove MF_* to message.c too
guenther [Tue, 20 Jan 2015 06:08:08 +0000 (06:08 +0000)]
Move MF_* to message.c too

9 years agoMove struct distoptinfo into distopt.c, killing the DISTOPTINFO typedef
guenther [Tue, 20 Jan 2015 06:02:30 +0000 (06:02 +0000)]
Move struct distoptinfo into distopt.c, killing the DISTOPTINFO typedef
Move struct msgtype and msgfacility into message.c, killing the MSGTYPE and
 MSGFACILITY typedefs
Make getdistopt() static to distopt.c

9 years agorework the audio key handling to allocate a message to send to the
dlg [Tue, 20 Jan 2015 04:54:23 +0000 (04:54 +0000)]
rework the audio key handling to allocate a message to send to the
task, rather than abusing task arguments to carry long values around.

this is unreliable, but so was the previous mechanism, just in a
different way. if you're so low on memory that you cant change the
volume, you probably have other more important problems going on
too.

tested by jim smith

9 years agoFix size of the bcopy when extracting the MAC address.
brad [Tue, 20 Jan 2015 04:46:11 +0000 (04:46 +0000)]
Fix size of the bcopy when extracting the MAC address.

From FreeBSD

9 years agoDon't use utime(), so don't need <utime.h>
guenther [Tue, 20 Jan 2015 04:45:43 +0000 (04:45 +0000)]
Don't use utime(), so don't need <utime.h>

9 years agoMissing $OpenBSD$'s.
krw [Tue, 20 Jan 2015 04:41:01 +0000 (04:41 +0000)]
Missing $OpenBSD$'s.

ok deraadt@

9 years agoRemove use of the link change interrupt handling, not all controllers
brad [Tue, 20 Jan 2015 04:33:06 +0000 (04:33 +0000)]
Remove use of the link change interrupt handling, not all controllers
support this interrupt. Link state changes are noticed via the PHY
status change callback or via the timeout for re_tick().

From FreeBSD

9 years agoSome fixes for handling link state changes.
brad [Tue, 20 Jan 2015 04:23:33 +0000 (04:23 +0000)]
Some fixes for handling link state changes.

9 years agoAnd the variable too.
brad [Tue, 20 Jan 2015 03:58:04 +0000 (03:58 +0000)]
And the variable too.

9 years agoSELECT_FD_TYPE is obsolete
guenther [Tue, 20 Jan 2015 03:55:18 +0000 (03:55 +0000)]
SELECT_FD_TYPE is obsolete

9 years agoBack out a chunk of rev 1.34 that wasn't supposed to go in with the
brad [Tue, 20 Jan 2015 03:54:26 +0000 (03:54 +0000)]
Back out a chunk of rev 1.34 that wasn't supposed to go in with the
capitalization corrections.

9 years agoprintf wasn't supposed to go in.
brad [Tue, 20 Jan 2015 03:26:24 +0000 (03:26 +0000)]
printf wasn't supposed to go in.

9 years agoMove #include <syslog.h> to the one file that needs it
guenther [Tue, 20 Jan 2015 03:14:52 +0000 (03:14 +0000)]
Move #include <syslog.h> to the one file that needs it

9 years agoAdd support for tracing libraries in static PIE binaries. rcrt does not
deraadt [Tue, 20 Jan 2015 02:16:19 +0000 (02:16 +0000)]
Add support for tracing libraries in static PIE binaries.  rcrt does not
contain "LD_TRACE_LOADED_OBJECTS" support, so this gets done by calling
RTLD_TRACE directly.
ok guenther

9 years ago#include <sys/syslimits.h> to allow operation without requiring the noise
deraadt [Tue, 20 Jan 2015 01:48:13 +0000 (01:48 +0000)]
#include <sys/syslimits.h> to allow operation without requiring the noise
of <sys/param.h>

9 years agoDEFAULT_PRIORITY and DEFAULT_QLIMIT no longer used
deraadt [Mon, 19 Jan 2015 23:52:02 +0000 (23:52 +0000)]
DEFAULT_PRIORITY and DEFAULT_QLIMIT no longer used

9 years agoRouting sockets are here to stay, so delete the wrapper that would use the
guenther [Mon, 19 Jan 2015 23:51:54 +0000 (23:51 +0000)]
Routing sockets are here to stay, so delete the wrapper that would use the
defunct ioctl(SIOCSARP)

ok millert@

9 years agoExplicitly mention that PATH_MAX includes the NUL in the ENAMETOOLONG
millert [Mon, 19 Jan 2015 23:41:32 +0000 (23:41 +0000)]
Explicitly mention that PATH_MAX includes the NUL in the ENAMETOOLONG
description.

9 years agoPrefer linux_sockaddr over osockaddr, so the latter can go away.
guenther [Mon, 19 Jan 2015 23:30:20 +0000 (23:30 +0000)]
Prefer linux_sockaddr over osockaddr, so the latter can go away.
sys_socket() supports SOCK_{CLOEXEC,NONBLOCK} now, so build on that.
doaccept() supports the non-inheriting-of-O_NONBLOCK, so build on that.
Merge compat_sys_{accept,send,recv}() into their only callers.
Lie a little and use struct sockaddr in the linux socket syscall args when
 it's a return argument to avoid a bunch a casts.
Delete many other unnecessary sockaddr casts

verified with a curl Linux binary

9 years agoback it out properly
deraadt [Mon, 19 Jan 2015 23:01:07 +0000 (23:01 +0000)]
back it out properly

9 years agonever tested with a make release
deraadt [Mon, 19 Jan 2015 22:58:53 +0000 (22:58 +0000)]
never tested with a make release

9 years agoTalk about thread-local errno and do not mention "extern int errno".
millert [Mon, 19 Jan 2015 21:29:38 +0000 (21:29 +0000)]
Talk about thread-local errno and do not mention "extern int errno".
Also correct the string version of error 0.  OK guenther@

9 years agoThe kernel doesn't actually care what a sockaddr's sa_len is on input,
guenther [Mon, 19 Jan 2015 21:18:47 +0000 (21:18 +0000)]
The kernel doesn't actually care what a sockaddr's sa_len is on input,
so don't waste code setting it

improvment and ok florian@

9 years agoNo need to include pfvar.h, another leftover from relayd. It was also
reyk [Mon, 19 Jan 2015 21:07:33 +0000 (21:07 +0000)]
No need to include pfvar.h, another leftover from relayd.  It was also
used for portrange operators which weren't used in httpd.

OK florian@

9 years agoUse initial assignment of action to check for errors.
bcook [Mon, 19 Jan 2015 20:47:03 +0000 (20:47 +0000)]
Use initial assignment of action to check for errors.

This simplifies things and make action = -1 no longer a dead store.

Also, spell FALLTHROUGH consistently.

reported by fritjof@alokat.org

9 years agofinally enable the KEX tests I wrote some years ago...
markus [Mon, 19 Jan 2015 20:45:25 +0000 (20:45 +0000)]
finally enable the KEX tests I wrote some years ago...

9 years agoadapt to new error message (SSH_ERR_MAC_INVALID)
markus [Mon, 19 Jan 2015 20:42:31 +0000 (20:42 +0000)]
adapt to new error message (SSH_ERR_MAC_INVALID)

9 years agoswitch ssh-keyscan from setjmp to multiple ssh transport layer instances
markus [Mon, 19 Jan 2015 20:32:39 +0000 (20:32 +0000)]
switch ssh-keyscan from setjmp to multiple ssh transport layer instances
ok djm@

9 years agoadd experimental api for packet layer; ok djm@
markus [Mon, 19 Jan 2015 20:30:23 +0000 (20:30 +0000)]
add experimental api for packet layer; ok djm@

9 years agoMissing initialization; tjenahej@speedmail.se
miod [Mon, 19 Jan 2015 20:25:36 +0000 (20:25 +0000)]
Missing initialization; tjenahej@speedmail.se

9 years agoAdd arc4random/getentropy shims for NetBSD.
bcook [Mon, 19 Jan 2015 20:21:40 +0000 (20:21 +0000)]
Add arc4random/getentropy shims for NetBSD.

The latest NetBSD (6.1.5) arc4random does not appear to reseed the CRNG state
after a fork, so provide an override until the fork-safe version in CVS appears
in a release.

These are the same as the FreeBSD shims.

ok deraadt@

9 years agostore compat flags in struct ssh; ok djm@
markus [Mon, 19 Jan 2015 20:20:20 +0000 (20:20 +0000)]
store compat flags in struct ssh; ok djm@

9 years agoOops, missed the new #include when manually applying the diff from
guenther [Mon, 19 Jan 2015 20:16:27 +0000 (20:16 +0000)]
Oops, missed the new #include when manually applying the diff from
Helg (xx404 (at) msn.com)

9 years agoadapt kex to sshbuf and struct ssh; ok djm@
markus [Mon, 19 Jan 2015 20:16:15 +0000 (20:16 +0000)]
adapt kex to sshbuf and struct ssh; ok djm@

9 years ago`wellspring' Apple keyboards found on Macbook Air need slightly different
miod [Mon, 19 Jan 2015 20:16:10 +0000 (20:16 +0000)]
`wellspring' Apple keyboards found on Macbook Air need slightly different
processing for Fn-key chords. From William Orr <will@worrbase.com>

9 years agoFix bracing in ASSERT_VP_ISLOCKED(vp) macro to not always panic()
guenther [Mon, 19 Jan 2015 20:13:03 +0000 (20:13 +0000)]
Fix bracing in ASSERT_VP_ISLOCKED(vp) macro to not always panic()

From Helg (xx404 (at) msn.com)

9 years agomove dispatch to struct ssh; ok djm@
markus [Mon, 19 Jan 2015 20:07:45 +0000 (20:07 +0000)]
move dispatch to struct ssh; ok djm@