guenther [Sun, 27 Jul 2014 23:46:51 +0000 (23:46 +0000)]
Link dependencies on libssl and libcrypto were missing.
OPENSSL_NO_RC5 is #defined in the #includes, so it's not needed here.
ok deraadt@
espie [Sun, 27 Jul 2014 22:19:18 +0000 (22:19 +0000)]
make sure makewhatis shows error messages without unsightly CODE() refs
espie [Sun, 27 Jul 2014 22:18:36 +0000 (22:18 +0000)]
- log libraries in a proper way
- mark wanted libraries, then run the db check.
Gives you a way to figure out when locate db are behind wrt pkgs
espie [Sun, 27 Jul 2014 22:17:33 +0000 (22:17 +0000)]
ensure log stuff happens, even without context
schwarze [Sun, 27 Jul 2014 21:53:04 +0000 (21:53 +0000)]
code readability; no functional change
schwarze [Sun, 27 Jul 2014 21:51:53 +0000 (21:51 +0000)]
Even for UTF-8 output, a non-breaking space character has the same width
as a normal space character, and not width 0. Bug reported by bentley@.
reyk [Sat, 26 Jul 2014 22:38:38 +0000 (22:38 +0000)]
Remove redundant slash
kettenis [Sat, 26 Jul 2014 16:07:39 +0000 (16:07 +0000)]
If we're stopping a secondary cpu, don't let sched_choosecpu() short-circuit
and return the current current CPU, otherwise sched_stop_secondary_cpus()
will spin forever trying to empty its run queues. Fixes hangs during suspend
that many people reported over the last couple of days.
ok bcook@, guenther@
mpi [Sat, 26 Jul 2014 10:48:59 +0000 (10:48 +0000)]
Revert "adjust -C algorithm to be more aggressive in scaling up" for
the moment, it triggers a race that breaks suspend/resume on some
machines.
ok tedu@, deraadt@, jsg@
reyk [Sat, 26 Jul 2014 10:27:19 +0000 (10:27 +0000)]
Add more examples. Requested by deraadt@
reyk [Sat, 26 Jul 2014 09:59:14 +0000 (09:59 +0000)]
bzero is over, memset is cool. pointed out by halex@
tobias [Sat, 26 Jul 2014 07:48:49 +0000 (07:48 +0000)]
Fix very hard to reach DoS attack vector, which would involve more than
8 billion network packets. Mixture of many many malformed and proper
packets could result in a division by zero.
ok krw@
reyk [Fri, 25 Jul 2014 23:30:58 +0000 (23:30 +0000)]
Differentiate servers by address and port, not just by address.
reyk [Fri, 25 Jul 2014 23:25:38 +0000 (23:25 +0000)]
Reset the default Host for each request
reyk [Fri, 25 Jul 2014 23:23:39 +0000 (23:23 +0000)]
It is recommended to use a URL in the Location header of 3xx
responses. To accomplish this, add some semantics to retrieve the
server host name of a connection: either IP, IP:PORT (if not 80) or
[IP6]:PORT, or Host value (if valid).
reyk [Fri, 25 Jul 2014 21:48:05 +0000 (21:48 +0000)]
Append mandatory Date header to each response.
reyk [Fri, 25 Jul 2014 21:36:37 +0000 (21:36 +0000)]
New HTTP/1.1 RFC 7231 prefers IMF-fixdate from RFC 5322.
reyk [Fri, 25 Jul 2014 21:29:58 +0000 (21:29 +0000)]
Canonicalize the request path once without the docroot and prepend the
docroot only only when it's needed. Suggested by deraadt@.
dtucker [Fri, 25 Jul 2014 21:22:03 +0000 (21:22 +0000)]
Clear buffer used for handling messages. This prevents keys being
left in memory after they have been expired or deleted in some cases
(but note that ssh-agent is setgid so you would still need root to
access them). Pointed out by Kevin Burns, ok deraadt
schwarze [Fri, 25 Jul 2014 21:05:38 +0000 (21:05 +0000)]
Choosing the right encoding is a tricky business...
Printing query strings for URIs *always* needs URI-encoding, and when
embedding the URI into an HTML document, it needs replacement of
the "&" separators by "&" *in addition to that*, not instead.
Delete the function html_primtquery(), it was completely wrong.
You can see the badness by entering "mandoc &sec=2" into the query input
box before this patch and click "Submit". You come to the right page at
first (...man.cgi?query=mandoc+%26sec%3D2&apropos=0&sec=0&...), but now
the link to mandoc(1) is wrong: ...mandoc.1?query=mandoc &sec=2&...
Clicking on that, the "&sec=2" disappears from the query input box and
suddenly you have the first dropdown set to "2 - System Calls". Oops.
reyk [Fri, 25 Jul 2014 20:13:06 +0000 (20:13 +0000)]
Don't leak docroot in the error message if the default index file is missing.
OK florian@
schwarze [Fri, 25 Jul 2014 20:08:49 +0000 (20:08 +0000)]
Sort the URI keys for .Xr links in the same order used by the search form,
and leave out the manpath when it is the default.
For building the HTML formatter options, do not use a static buffer.
schwarze [Fri, 25 Jul 2014 19:36:02 +0000 (19:36 +0000)]
oops, we must not try to validate a manpath we don't have;
fixing an oversight introduced in rev. 1.17
schwarze [Fri, 25 Jul 2014 18:19:33 +0000 (18:19 +0000)]
We cannot easily control the order of the QUERY_STRING keys generated
by the search form, it's just the order of the fields in the form.
Actually, that's not too bad; the generated URI resembles the
generating form.
To minimize confusion for people looking at URIs, give the keys
in the same order when generating URIs for search listings and
search redirections, the latter being used instead of search
listings that would have only one single entry. Also, if the
manpath is the default, remove it form the generated URIs.
schwarze [Fri, 25 Jul 2014 17:51:33 +0000 (17:51 +0000)]
In generated .Xr links, avoid double encoding of ampersands
and avoid empty arch= keys.
reyk [Fri, 25 Jul 2014 17:49:11 +0000 (17:49 +0000)]
Add multiple-servers "virtual hosts" example.
jasper [Fri, 25 Jul 2014 17:36:32 +0000 (17:36 +0000)]
fix perl5 architecture name
ok deraadt@
schwarze [Fri, 25 Jul 2014 17:33:51 +0000 (17:33 +0000)]
Even though this is not XHTML yet, remove some gratuitious violations
of XHTML syntax. Also add some cosmetic newlines to the HTML code.
reyk [Fri, 25 Jul 2014 17:04:47 +0000 (17:04 +0000)]
Add a single line to fix the address matching of multiple server blocks with
non-virtual hosts. I had this line in a previous diff.
schwarze [Fri, 25 Jul 2014 16:55:40 +0000 (16:55 +0000)]
The names of all other struct query memebers match the corresponding
QUERY_STRING keys, so rename "expr" to "query".
Also add some missing function prototypes.
No functional change.
schwarze [Fri, 25 Jul 2014 16:43:05 +0000 (16:43 +0000)]
clean up pg_show() to not modify a string returned from getenv(3)
reyk [Fri, 25 Jul 2014 16:23:19 +0000 (16:23 +0000)]
Add support for "virtual hosts" aka. server blocks aka. multiple
servers with the same or "overlapping" IP address but a different name.
ok beck@
schwarze [Fri, 25 Jul 2014 16:06:19 +0000 (16:06 +0000)]
Rewrite http_parse() completely:
1. Make sure the last occurrence of each key is used, even if
it is empty, in which case it resets the value to the default.
2. When there is an HTTP encoding error, skip the affected
key-value pair only, but not all subsequent key-value pairs.
3. Do not modify a string returned from getenv(3).
4. Do not assume the NULL pointer is all null bits.
reyk [Fri, 25 Jul 2014 15:47:11 +0000 (15:47 +0000)]
Add and document 'root' configuration option for the docroot.
jsing [Fri, 25 Jul 2014 14:04:51 +0000 (14:04 +0000)]
Add missing year to copyright.
reyk [Fri, 25 Jul 2014 13:10:18 +0000 (13:10 +0000)]
Split server and server_config.
reyk [Fri, 25 Jul 2014 12:46:23 +0000 (12:46 +0000)]
Rename a field, needed later, no functional change.
reyk [Fri, 25 Jul 2014 12:42:05 +0000 (12:42 +0000)]
Move the docroot into the server block.
doug [Fri, 25 Jul 2014 06:05:31 +0000 (06:05 +0000)]
BIO_free() returns immediately when the sole input is NULL.
Remove unnecessary NULL check.
ok miod@
dlg [Fri, 25 Jul 2014 01:34:29 +0000 (01:34 +0000)]
document the scheduler types and how to specify them.
some pointers from schwarze@
millert [Thu, 24 Jul 2014 22:57:10 +0000 (22:57 +0000)]
Mention UNIX-domain socket forwarding too. OK jmc@ deraadt@
mpi [Thu, 24 Jul 2014 22:38:19 +0000 (22:38 +0000)]
Speed up the boot sequence by deferring the scan of xt keyboard code set.
If you were wondering why there's a pause of 5 seconds after loading the
kernel and before seeing the copyright in blue when booting some of your
machines, well this is for you!
mlarkin@ found that this delay is caused by some code probing for xt scan
code tables when pckbd(4) initialize the console keyboard. So this diff
implements an idea from deraadt@ to only do the scan once, either during
*attach() or if we enter ddb> or ukc> before that!
ok miod@, mlarkin@, deraadt@, shadchin@
schwarze [Thu, 24 Jul 2014 20:30:38 +0000 (20:30 +0000)]
Sort result pages first by section number, then by name.
By moving the sort from cgi.c to mansearch.c, we get two advantages:
Easier access to the data needed for sorting, in particular the section
number, and the apropos(1) command line utility profits as well.
Feature requested by deraadt@.
miod [Thu, 24 Jul 2014 19:23:51 +0000 (19:23 +0000)]
Provide eeprom(8) on the sparc installation media. Intended to help diagnosing
installation problems.
``if it fits go for it'' deraadt@ (and it fits)
miod [Thu, 24 Jul 2014 19:21:48 +0000 (19:21 +0000)]
+ eeprom
miod [Thu, 24 Jul 2014 19:21:06 +0000 (19:21 +0000)]
Build machinery to build eeprom(8) for the installation media on arches where
it matters.
miod [Thu, 24 Jul 2014 19:19:26 +0000 (19:19 +0000)]
Shunt hwupdate property decoding in sparc's old prom (sun4 only) if
defined(SMALL).
jca [Thu, 24 Jul 2014 17:45:35 +0000 (17:45 +0000)]
Unbreak ''route flush'': the kernel now adds local (RTF_LOCAL) routes
for addresses configured on the system, and prevents userland from
deleting them. Just skip those routes when flushing.
Problem noticed by mlarkin@, ok henning@ mpi@ claudio@ sthen@ deraadt@
pascal [Thu, 24 Jul 2014 09:15:14 +0000 (09:15 +0000)]
Revert ssp-strong on arm. This has been exposing one or more bugs in GCC that
kill large portions of the ports tree. Most notably, it broke devel/gperf at
runtime.
ok martynas@, "make a decision" deraadt@
reyk [Thu, 24 Jul 2014 08:32:36 +0000 (08:32 +0000)]
Plug a memleak by correctly free'ing the HTTP descriptor that contains
all the headers etc. of a connection.
schwarze [Thu, 24 Jul 2014 08:25:45 +0000 (08:25 +0000)]
Provide a dropdown entry "All Architectures" and make it the default.
Still, amd64 remains the default in the following sense:
If a man(1) mode search returns more than one page of the same name,
prefer amd64 over other architectures for immediate display.
ok deraadt@ daniel@
mpi [Thu, 24 Jul 2014 08:23:12 +0000 (08:23 +0000)]
Fix debug printf, from Nathanael Rensen and chris@.
reyk [Thu, 24 Jul 2014 08:11:27 +0000 (08:11 +0000)]
Remove unused fields from structure
deraadt [Thu, 24 Jul 2014 03:31:03 +0000 (03:31 +0000)]
sync
schwarze [Thu, 24 Jul 2014 01:26:33 +0000 (01:26 +0000)]
tweak previous: use .Er for ENXIO
dlg [Thu, 24 Jul 2014 01:18:23 +0000 (01:18 +0000)]
this is start on documenting bufqs. it covers the bits disk drivers need
to know. the grubby bits the midlayer touches on them will get written up
soon.
ok deraadt@
tedu [Thu, 24 Jul 2014 01:04:58 +0000 (01:04 +0000)]
Steven Roberts sent me a patch updating the various setperf thresholds.
But instead of continuing to overdocument internal behavior, provide a
high level description of the modes and their purpose.
reyk [Wed, 23 Jul 2014 23:10:27 +0000 (23:10 +0000)]
When canonicalizing the path, it is better to fail on truncation.
Pointed out by Doug Hogan.
reyk [Wed, 23 Jul 2014 22:56:00 +0000 (22:56 +0000)]
I wanted to know if people pay attention.
Doug Hogan found an off-by-one. More improvements will follow.
reyk [Wed, 23 Jul 2014 22:20:37 +0000 (22:20 +0000)]
The default index page shouldn't be a directory. It's a 500.
reyk [Wed, 23 Jul 2014 22:18:57 +0000 (22:18 +0000)]
Don't expose the docroot on error.
reyk [Wed, 23 Jul 2014 22:02:02 +0000 (22:02 +0000)]
The media_encoding is not used in parse.y but stack garbage could lead
to a double free; set it to NULL.
This should fix a problem that was found by deraadt@
reyk [Wed, 23 Jul 2014 21:43:12 +0000 (21:43 +0000)]
First attempt at verifying the request path and the access
permissions. We also have to redirect with 301 if a directory name
was requested without the trailing slash.
eric [Wed, 23 Jul 2014 21:26:25 +0000 (21:26 +0000)]
Make queries using the search list for hostname lookups fail with
NO_DATA/EAI_NODATA when the hostname param is an empty string.
So far, they were using the entries in the search list with no
additional component, which is not really expected.
reported by jsing@ and a few others
ok deraadt@, "makes sense" jsing@
mpi [Wed, 23 Jul 2014 20:49:53 +0000 (20:49 +0000)]
Set the console input in polling mode before entering ukc.
ok miod@, deraadt@, shadchin@
miod [Wed, 23 Jul 2014 20:49:52 +0000 (20:49 +0000)]
level_add_node(): if a memory allocation failure causes us to attempt to clean
up and return failure, be sure the cleanup work does NOT free objects which
are still being referenced by other objects.
ok guenther@
miod [Wed, 23 Jul 2014 20:43:56 +0000 (20:43 +0000)]
Make sure PEM_def_callback() correctly handles negative buffer sizes; all uses
within libcrypto are safe, but until we can change this function prototype to
use size_t instead of int, better be safe than sorry.
tweaks and ok guenther@
deraadt [Wed, 23 Jul 2014 19:13:23 +0000 (19:13 +0000)]
delinked from tree, now it goes to the bit bucket
reyk [Wed, 23 Jul 2014 19:03:56 +0000 (19:03 +0000)]
Add canonicalize_path() to canonicalize the requested URL path.
schwarze [Wed, 23 Jul 2014 15:18:05 +0000 (15:18 +0000)]
typo; patch from Timo dot Myyra at wickedbsd dot net
schwarze [Wed, 23 Jul 2014 15:00:00 +0000 (15:00 +0000)]
Security fix:
After decoding numeric (\N) and one-character (\<, \> etc.)
character escape sequences, do not forget to HTML-encode the
resulting ASCII character. Malicious manuals were able to smuggle
XSS content by roff-escaping the HTML-special characters they need.
That's a classic bug type in many web applications, actually... :-(
Found myself while auditing the HTML formatter for safe output handling.
espie [Wed, 23 Jul 2014 14:43:44 +0000 (14:43 +0000)]
document format changes, including the new @ts annotation that pkg_create
will generate after 5.6.
espie [Wed, 23 Jul 2014 14:35:17 +0000 (14:35 +0000)]
move misleading comment
reyk [Wed, 23 Jul 2014 13:26:39 +0000 (13:26 +0000)]
Correctly shutdown the servers when the process is terminating;
prevents a crash on exit. With debugging help from blambert@.
reyk [Wed, 23 Jul 2014 12:01:27 +0000 (12:01 +0000)]
always enable DPRINTF with compiled with DEBUG
reyk [Wed, 23 Jul 2014 11:49:06 +0000 (11:49 +0000)]
httpd.conf can be installed 0644 instead of 0600 like relayd.conf.
ok ajacoutot@ benno@
ajacoutot [Wed, 23 Jul 2014 11:44:35 +0000 (11:44 +0000)]
Add httpd.conf.
espie [Wed, 23 Jul 2014 10:19:51 +0000 (10:19 +0000)]
rephrase multi-packaged LIB_DEPENDS description to match fixed semantics.
jasper [Wed, 23 Jul 2014 10:06:18 +0000 (10:06 +0000)]
correctly drain and destroy the bufq upon detach
ok dlg@
guenther [Wed, 23 Jul 2014 08:07:35 +0000 (08:07 +0000)]
Subtraction usually decrements the value
ok dlg@
ajacoutot [Wed, 23 Jul 2014 08:01:15 +0000 (08:01 +0000)]
Trailing whitespace.
jmc [Wed, 23 Jul 2014 06:22:28 +0000 (06:22 +0000)]
tweak previous;
deraadt [Wed, 23 Jul 2014 05:57:36 +0000 (05:57 +0000)]
document that sendsyslog saves the day
miod [Wed, 23 Jul 2014 04:44:56 +0000 (04:44 +0000)]
Check the return value of the UI functions (including UI_new() which return
value is happily dereferenced without checking it for being non-NULL).
ok beck@
dlg [Wed, 23 Jul 2014 02:30:12 +0000 (02:30 +0000)]
document mallocarray like malloc throughout the page. better describe
what M_CANFAIL means for each.
motivation and initial diff from doug hogan
deraadt [Wed, 23 Jul 2014 00:18:22 +0000 (00:18 +0000)]
sync
dtucker [Tue, 22 Jul 2014 23:57:40 +0000 (23:57 +0000)]
Add $OpenBSD tag to make syncs easier
dtucker [Tue, 22 Jul 2014 23:35:38 +0000 (23:35 +0000)]
Regenerate test keys with certs signed with
ed25519 instead of ecdsa.
These can be used in -portable on platforms that don't support ECDSA.
dtucker [Tue, 22 Jul 2014 23:23:22 +0000 (23:23 +0000)]
Sign test certs with
ed25519 instead of ecdsa so that they'll work in
-portable on platforms that don't have ECDSA in their OpenSSL. ok djm
schwarze [Tue, 22 Jul 2014 22:41:29 +0000 (22:41 +0000)]
Security fix:
The function print_encode() is used both for plain text
and for quoted attribute values.
Escape the '"' character such that malicious manuals cannot pull off
XSS attacks using malformed .Lk, .Mt, .%U, and .UR macros (and maybe
others) to trigger the latter case.
In the former case, escaping does no harm.
Issue found by Sebastien Marie <semarie-openbsd at latrappe dot fr>.
tedu [Tue, 22 Jul 2014 22:09:36 +0000 (22:09 +0000)]
adjust -C algorithm to be more aggressive in scaling up.
works better for me, and others as well.
sthen [Tue, 22 Jul 2014 22:05:46 +0000 (22:05 +0000)]
add 5.7 firmware key
aoyama [Tue, 22 Jul 2014 22:01:10 +0000 (22:01 +0000)]
Add a link to pcexio(4) man page. Now 'man 4 pcexio' works fine on
luna88k.
ok miod@
deraadt [Tue, 22 Jul 2014 21:41:09 +0000 (21:41 +0000)]
The last poison change is awesome, it is triggering use after free bugs.
Some of them aren't too difficult to find and fix, but others are turning
out to be deeply hidden. The timing is poor -- disable this for now.
We need to revisit this right after tree unlock.
ajacoutot [Tue, 22 Jul 2014 21:01:58 +0000 (21:01 +0000)]
Revert revisions 1.88-1.94 but keep recent relevant changes.
The `+' sign was added by mistake thinking it was doing something else.
ok schwarze@
jmc [Tue, 22 Jul 2014 19:03:21 +0000 (19:03 +0000)]
some minor fixes;
ajacoutot [Tue, 22 Jul 2014 18:31:16 +0000 (18:31 +0000)]
Typo.
no ok needed miod@ guenther@
jca [Tue, 22 Jul 2014 18:28:40 +0000 (18:28 +0000)]
FSTAB -> _PATH_FSTAB, the latter is deprecated.
From natano@bitrig, ok deraadt@
schwarze [Tue, 22 Jul 2014 18:14:05 +0000 (18:14 +0000)]
Security fix to prevent XSS attacks:
Restrict the character set of strings passed into html_alloc(),
in particular architecture names that come from the QUERY_STRING,
but also SCRIPT_NAME and manpath.conf content for additional safety,
and bail out safely on violations.
Issue reported by Sebastien Marie <semarie-openbsd at latrappe dot fr>.
miod [Tue, 22 Jul 2014 18:10:48 +0000 (18:10 +0000)]
Now that DES_random_key() can be trusted, use it to generate DES keys in the
EVP_CTRL_RAND_KEY method handlers, rather than generating a random odd key and
not even checking it against the weak keys list.
ok beck@