guenther [Sun, 13 Jul 2014 13:17:16 +0000 (13:17 +0000)]
Split out ntoh[ls] and hton[ls] into their own manpage.
Update byteorder(3) to cover the new functions in <endian.h>
ok deraadt@ millert@
miod [Sun, 13 Jul 2014 13:07:30 +0000 (13:07 +0000)]
Needs getchar.c now
deraadt [Sun, 13 Jul 2014 13:03:09 +0000 (13:03 +0000)]
Provide a link to the canonical API specification.
ok beck
ajacoutot [Sun, 13 Jul 2014 13:01:48 +0000 (13:01 +0000)]
Mismatch between the sets list and what's in DESTDIR should not be fatal
to sysmerge sum files generation.
discussed by deraadt@
tedu [Sun, 13 Jul 2014 13:00:40 +0000 (13:00 +0000)]
long live BSD, SYSV is dead!
schwarze [Sun, 13 Jul 2014 12:55:24 +0000 (12:55 +0000)]
Make the calltree a bit easier to understand by giving the
functions that call resp_begin_html() names starting with "pg_"
and those called after resp_begin_html() names with "resp_".
No functional change, purely renaming functions.
miod [Sun, 13 Jul 2014 12:53:46 +0000 (12:53 +0000)]
Make sure all error conditions in RSA_padding_add_PKCS1_PSS_mgf1() cause
EVP_MD_CTX_cleanup() to be called.
miod [Sun, 13 Jul 2014 12:46:44 +0000 (12:46 +0000)]
Possible PBEPARAM leak in the error path.
miod [Sun, 13 Jul 2014 12:45:01 +0000 (12:45 +0000)]
dsa_priv_decode(): only destroy the object we've created, and with the
appropriate function. Checking for privkey != NULL is not enough since
privkey points to a member of ndsa if ndsa != NULL.
dsa_priv_encode(): possible double free in error path.
schwarze [Sun, 13 Jul 2014 12:44:57 +0000 (12:44 +0000)]
make source vs. formatted guessing a bit more robust
schwarze [Sun, 13 Jul 2014 12:31:00 +0000 (12:31 +0000)]
By popular demand, bring man.cgi default mode closer to what man(1) does:
Even when there are multiple pages with the same name in different
sections, show one of them, using the same priorities as in the
default man.conf(5) file.
ajacoutot [Sun, 13 Jul 2014 12:14:37 +0000 (12:14 +0000)]
Install some config files with mode 0600 as they were before the move to
/etc/examples.
ok deraadt@
claudio [Sun, 13 Jul 2014 12:12:30 +0000 (12:12 +0000)]
rc bits for iscsid. Start iscsid as early as possible. Use the new -N
flag for fsck and mount to check and mount the iscsi file systems (marked
with option net) right after the mount -a.
"Get it in" deraadt@
rpe@ is OK with this going in but it may need further changes
jasper [Sun, 13 Jul 2014 12:11:01 +0000 (12:11 +0000)]
use nitems() instead of handrolling something identical
ok mpi@ sthen@
krw [Sun, 13 Jul 2014 12:07:59 +0000 (12:07 +0000)]
Close connection/remove event handler when msgbuf_write() hits an
EOF.
ok jmatthew@ claudio@
claudio [Sun, 13 Jul 2014 12:07:40 +0000 (12:07 +0000)]
Add iscsid to the rc.d files to install
claudio [Sun, 13 Jul 2014 12:07:11 +0000 (12:07 +0000)]
rc.d script for iscsid.
claudio [Sun, 13 Jul 2014 12:04:25 +0000 (12:04 +0000)]
Try to document new 'net' option that is a bit like 'noauto'.
claudio [Sun, 13 Jul 2014 12:03:48 +0000 (12:03 +0000)]
Intorduce the same -N flag that mount(8) just got to do the same
selection of file systems with option 'net'. Again this will be used
by the rc script to fsck iscsi file systems before mounting them.
Again by default file systems with the net option are ignored when
scanning fstab.
"Get it in" deraadt@
claudio [Sun, 13 Jul 2014 12:01:30 +0000 (12:01 +0000)]
Introduce a -N option to mount and a 'net' mount option.
File systems marked with net will not be mounted by default.
mount -a -N will mount all those file systems instead.
This will be used to mark file systems needing network to work -- in
other words which depend on iscsid.
"Get it in" deraadt@
jasper [Sun, 13 Jul 2014 11:50:40 +0000 (11:50 +0000)]
add copyright and rcs id
"go ahead" kettenis@
miod [Sun, 13 Jul 2014 11:15:54 +0000 (11:15 +0000)]
Check X509_NAME_oneline() return value when it will have to allocate memory.
miod [Sun, 13 Jul 2014 11:14:02 +0000 (11:14 +0000)]
EVP_DigestInit_ex() may be used to recycle an existing EVP_MD_CTX without having
to reinitialize all of it, especially if it is used with the same MD algorithm.
However, when the MD algorithm changes, it needs to perform more cleanups.
Make that code more closer to what EVP_MD_CTX_cleanup() does by:
- only freeing md_data if EVP_MD_CTX_FLAG_REUSE is not set
- performing an explicit_bzero of md_data before freeing it
- making sure we call EVP_PKEY_CTX_free on the pctx if the allocation for the
new md_data fails.
ok tedu@
miod [Sun, 13 Jul 2014 11:10:20 +0000 (11:10 +0000)]
Don't include asn1_mac.h if all you need is asn1.h.
jmc [Sun, 13 Jul 2014 10:59:49 +0000 (10:59 +0000)]
tweak previous; ok dlg
pirofti [Sun, 13 Jul 2014 10:58:19 +0000 (10:58 +0000)]
Start handling host channel interrupts.
For now just acknowledge and clear the event to avoid interrupt storms.
beck [Sun, 13 Jul 2014 10:27:22 +0000 (10:27 +0000)]
Take out __bounded__ in the include files we use it in when not on OpenBSD.
while we can take it out in portable at compile time, it is still a problem
when we install this header file on a system that doesn't support __bounded__
if this is unguarded.
ok miod@ bcook@
schwarze [Sun, 13 Jul 2014 10:23:06 +0000 (10:23 +0000)]
Unconfuse .Fa documentation:
You can use .Fa with just a type, without a name,
but when you give both, which is the usual case,
they need to go into one single .Fa argument.
Observed by bentley@; ok jmc@ bentley@.
jmc [Sun, 13 Jul 2014 10:09:12 +0000 (10:09 +0000)]
tweak previous;
jmc [Sun, 13 Jul 2014 10:05:49 +0000 (10:05 +0000)]
tweak previous;
schwarze [Sun, 13 Jul 2014 09:58:52 +0000 (09:58 +0000)]
Install the manuals of the web interface below the same directory
as manpath.conf, such that we do not need to mix our own documentation
into the documentation we are serving, which may not even be possible
if the latter is updated automatically.
Based on an idea by beck@.
dlg [Sun, 13 Jul 2014 09:52:48 +0000 (09:52 +0000)]
treat external storage allocated by the mbuf layer the same as
external storage attached to an mbuf anywhere else. this means it
uses MEXTADD to wire it up to the mbuf, and it relies on the ext_free
and ext_arg bits in the header to call the right free function
against the right pool.
M_CLUSTER gets renamed to M_EXTWR. the type field in MEXTADD gets
reused as a flags field so anything attaching storage to an mbuf
can say if it is writable or not.
ok claudio@
beck [Sun, 13 Jul 2014 09:46:19 +0000 (09:46 +0000)]
Make error messages more obvious to the user.
ok reyk@ florian@
mpi [Sun, 13 Jul 2014 09:37:22 +0000 (09:37 +0000)]
What would you use config_init() for?
beck [Sun, 13 Jul 2014 09:32:42 +0000 (09:32 +0000)]
While we thought this would make portable life easier it actually
makes it much harder.
ok bcook@ kettenis@
miod [Sun, 13 Jul 2014 09:30:02 +0000 (09:30 +0000)]
No need to include evp_locl.h in there.
mpi [Sun, 13 Jul 2014 09:28:06 +0000 (09:28 +0000)]
Split config_attach/detach(9) from autoconf(9). Stop talking about
config_deactivate(9), it should die. Mention config_detach_children(9).
Use CONTEXT and RETURN VALUES sections
jasper [Sun, 13 Jul 2014 09:26:08 +0000 (09:26 +0000)]
move putchar() into libsa
"sure" miod@
miod [Sun, 13 Jul 2014 09:09:16 +0000 (09:09 +0000)]
One missing boot -> prsignal(initprocess) conversion
miod [Sun, 13 Jul 2014 09:08:20 +0000 (09:08 +0000)]
These still need <sys/reboot.h> for the RB_ constants.
deraadt [Sun, 13 Jul 2014 08:32:06 +0000 (08:32 +0000)]
sync
beck [Sun, 13 Jul 2014 08:24:20 +0000 (08:24 +0000)]
Take away the use of the address of main as a source of entropy. Causes
distractions to people testing and seeing link errors in some setups.
This will come back in another form
ok deraadt@
tedu [Sun, 13 Jul 2014 08:15:16 +0000 (08:15 +0000)]
more mmap random on 64-bit platforms. noticed in freebsd aslr patches.
miod [Sun, 13 Jul 2014 08:13:07 +0000 (08:13 +0000)]
Add missing atomic primitives and __sync_synchronize to let the kernel
compile again; tested by aoyama@
robert [Sun, 13 Jul 2014 08:07:51 +0000 (08:07 +0000)]
document that rc.conf is not a shell script anymore
ajacoutot [Sun, 13 Jul 2014 07:12:41 +0000 (07:12 +0000)]
Also ignore examplessum.
mpi [Sun, 13 Jul 2014 07:10:58 +0000 (07:10 +0000)]
Bye bye
mpi [Sun, 13 Jul 2014 07:06:23 +0000 (07:06 +0000)]
No need for ezload.h
dlg [Sun, 13 Jul 2014 05:23:24 +0000 (05:23 +0000)]
we dont do per interface accounting in the mbuf layer anymore
bluhm [Sun, 13 Jul 2014 02:01:23 +0000 (02:01 +0000)]
Make the pf_fragment test pass again. pf does not adjust the
checksum of a NATed UDP or TCP packet in the payload of an ICMP
packet anymore. Disable all test that rely on this feature.
Check that the router's interface mtu has been set to 1300.
bluhm [Sun, 13 Jul 2014 01:47:20 +0000 (01:47 +0000)]
Make the pf_forward test pass again. Check that the router's
interface mtu has been set to 1300. New netcat needs -N for shutdown.
The IPv4 and IPv6 addresses for the af-to tests must have corresponding
host numbers.
benno [Sun, 13 Jul 2014 00:32:08 +0000 (00:32 +0000)]
improve log output for relays. adjust regress tests
ok reyk
jsing [Sun, 13 Jul 2014 00:30:07 +0000 (00:30 +0000)]
KNF and some code cleaning.
benno [Sun, 13 Jul 2014 00:18:05 +0000 (00:18 +0000)]
repair matching of headers, add regress test for this error
ok reyk
schwarze [Sun, 13 Jul 2014 00:16:03 +0000 (00:16 +0000)]
update after recent code changes
deraadt [Sun, 13 Jul 2014 00:10:47 +0000 (00:10 +0000)]
remove silly cast
jsing [Sun, 13 Jul 2014 00:08:44 +0000 (00:08 +0000)]
Another large dose of KNF.
deraadt [Sun, 13 Jul 2014 00:01:54 +0000 (00:01 +0000)]
sync
jsing [Sat, 12 Jul 2014 23:59:11 +0000 (23:59 +0000)]
Apply a large dose of KNF.
reyk [Sat, 12 Jul 2014 23:55:35 +0000 (23:55 +0000)]
Use Comic Sans (or Chalkboard) as the default font for HTTP error
messages because we love web hipsters.
ok beck@
jasper [Sat, 12 Jul 2014 23:45:33 +0000 (23:45 +0000)]
- remove CONSPEED from libsa.h
- remove unused define
schwarze [Sat, 12 Jul 2014 23:40:44 +0000 (23:40 +0000)]
Polish the search form using feedback from beck@ and others,
in particular introduce a section dropdown and an architecture dropdown.
jasper [Sat, 12 Jul 2014 23:34:54 +0000 (23:34 +0000)]
unify cnspeed()
reyk [Sat, 12 Jul 2014 23:34:54 +0000 (23:34 +0000)]
Add httpd(8), an attempt to turn the relayd(8) codebase into a simple
web server. It is not finished yet and I just started it today, but
the goal is to provide an HTTP server that a) provides minimal
features, b) serves static files, c) provides FastCGI support, and d)
follows common coding practices of OpenBSD.
It will neither support plugins, nor custom memory allocators, EBCDIC
support, PCRE or any other things that can be found elsewhere.
httpd(8) is not intended to provide a fully-featured replacement for
nginx(8) or the Apache, but it will provide enough functionality that
is needed in the OpenBSD base system.
ok deraadt@
jsg [Sat, 12 Jul 2014 23:31:07 +0000 (23:31 +0000)]
regen
jsg [Sat, 12 Jul 2014 23:30:14 +0000 (23:30 +0000)]
missed the trailing digit
deraadt [Sat, 12 Jul 2014 23:27:43 +0000 (23:27 +0000)]
resurrect this treasure (still needed to build microcode)
jsg [Sat, 12 Jul 2014 23:16:23 +0000 (23:16 +0000)]
Print a line in dmesg to indicate if the aperture driver is
required to run X. This will be used by the installer to decide
what value to set machdep.allowaperture to.
For devices supported by i915 and radeon kms machdep.allowaperture
will be set to 0. Systems that have a graphics device commonly
found in servers (g200e*/aspeed/es1000 etc) will also not have
the aperture enabled as they generally don't need to run X.
ok deraadt@ kettenis@
miod [Sat, 12 Jul 2014 22:47:41 +0000 (22:47 +0000)]
duplicate function names in head1
bluhm [Sat, 12 Jul 2014 22:43:31 +0000 (22:43 +0000)]
Automatically load the required pf rules into the kernel of the
remote test machine.
uebayasi [Sat, 12 Jul 2014 22:37:03 +0000 (22:37 +0000)]
reboot(9), panic(9): Call panic(9) for unrecoverable MD H/W errors (NMIs)
Some architectures have ability to detect hardware sanity and notify system
(NMI, firmware callback, etc.). Handle these hardware severe errors, same
as software errors, with panic(9).
According to miod@, SGI IP27 NMI is triggered by pushing some "hidden" button,
which "usual" users/admins don't know. Pushing such a button is "RB_USERREQ"
(human-triggered) in that the button is pushed by a human, but not "RB_USERREQ"
in that no user intervention in system (== no command input) is done. miod@
agreed that changing these from RB_USERREQ to !RB_USERREQ (== panic(9)) is
not a big problem.
OK miod@ kettenis@
jsing [Sat, 12 Jul 2014 22:33:39 +0000 (22:33 +0000)]
The correct name for EDH is DHE, likewise EECDH should be ECDHE.
Based on changes to OpenSSL trunk.
ok beck@ miod@
jmc [Sat, 12 Jul 2014 22:27:09 +0000 (22:27 +0000)]
some basic formatting fixes;
miod [Sat, 12 Jul 2014 22:26:01 +0000 (22:26 +0000)]
No need to include asn1_mac.h here.
jsg [Sat, 12 Jul 2014 22:17:59 +0000 (22:17 +0000)]
remove double brackets. fixes build with clang.
ok jsing@
espie [Sat, 12 Jul 2014 22:08:23 +0000 (22:08 +0000)]
don't check_security on newer *after* making sure the set doesn't have
errors. Note that the errors are already signaling enough (conflicts, bad
package etc)... And not having any errors mean we actually have proper plists.
problem noticed by zhuk@
ajacoutot [Sat, 12 Jul 2014 22:06:11 +0000 (22:06 +0000)]
egsum -> examplessum
ajacoutot [Sat, 12 Jul 2014 22:05:16 +0000 (22:05 +0000)]
egsum -> examplessum to make it more obvious.
req. by deraadt@
ajacoutot [Sat, 12 Jul 2014 22:03:44 +0000 (22:03 +0000)]
Simplify checksum generation for sysmerge.
no objection from deraadt@
brad [Sat, 12 Jul 2014 22:03:16 +0000 (22:03 +0000)]
Add in missing brswphy(4) and the commented out USB entries.
ok pirofti@
tedu [Sat, 12 Jul 2014 21:58:36 +0000 (21:58 +0000)]
uyap: your call has been disconnected
tedu [Sat, 12 Jul 2014 21:56:56 +0000 (21:56 +0000)]
"Dr. Jones. Again we see there is nothing you can possess which I cannot
take away."
remove uyap. no effect except on hppa where it was strangely enabled.
jasper [Sat, 12 Jul 2014 21:54:57 +0000 (21:54 +0000)]
move getchar() into libsa where applicable
ok miod@
miod [Sat, 12 Jul 2014 21:49:27 +0000 (21:49 +0000)]
Build kernels at -O2 instead of -Os, as done for userland and on all other
architectures.
ok deraadt@
pirofti [Sat, 12 Jul 2014 21:47:04 +0000 (21:47 +0000)]
Fix the last commit by proper dereferencing the disklabel partition.
Found by me, fixed by krw@. Thanks!
deraadt [Sat, 12 Jul 2014 21:44:42 +0000 (21:44 +0000)]
sync
bluhm [Sat, 12 Jul 2014 21:41:49 +0000 (21:41 +0000)]
Teach these pf regress tests to run with obj directory and to fail
softly if the setup is incomplete. Link them to the build.
zhuk [Sat, 12 Jul 2014 21:28:58 +0000 (21:28 +0000)]
Add devel/cmake bits (rotted in my tree for more than a year) and a short
description of x11/kde4 variables. Everyone is welcome to extend&improve.
okay espie@
mpi [Sat, 12 Jul 2014 21:24:33 +0000 (21:24 +0000)]
Kill the last dumb DVACT_DEACTIVATE handlers.
matthew [Sat, 12 Jul 2014 21:21:19 +0000 (21:21 +0000)]
Refactor out dosigsuspend() function
Discussed with guenther and kettenis
miod [Sat, 12 Jul 2014 21:08:53 +0000 (21:08 +0000)]
Remove this sentence:
``The probability that a randomly generated key is weak is -1/2^52,
so it is not really worth checking for them.''
This kind of naively optimistic attitude is not compatible with security.
pirofti [Sat, 12 Jul 2014 21:07:33 +0000 (21:07 +0000)]
Fix USB connect freeze by clearing the host port interrupt.
Connects and disconnects have no affect on the machine, just like before
this driver came into existence.
While at it check for a few more interrupt types.
yasuoka [Sat, 12 Jul 2014 21:06:34 +0000 (21:06 +0000)]
Resize the pcb hashtable automatically. The table size will be doubled
when the number of the hash entries reaches 75% of the table size.
ok dlg henning, 'commit in' claudio
krw [Sat, 12 Jul 2014 21:04:07 +0000 (21:04 +0000)]
Log a warning whenever RTM_DESYNC is seen. Thus giving entrail
investigators some clue why dhclient may have gotten confused when
some RTM_ messages vanish.
sthen@ thinks this is a good start.
tedu [Sat, 12 Jul 2014 21:03:38 +0000 (21:03 +0000)]
revert a few stragglers hiding out
bluhm [Sat, 12 Jul 2014 21:00:46 +0000 (21:00 +0000)]
Use a saner and consistent address layout for my network tests that
run over 4 machines. Add a check-setup target to verify that
interface addresses and routes are properly set up.
mpi [Sat, 12 Jul 2014 20:58:44 +0000 (20:58 +0000)]
teduuuuuudfu(4) it has never been enabled in 5 years.
ok tedu@, deraadt@
tedu [Sat, 12 Jul 2014 20:58:31 +0000 (20:58 +0000)]
revert more free fallout
miod [Sat, 12 Jul 2014 20:56:21 +0000 (20:56 +0000)]
more MLINKS
wouter [Sat, 12 Jul 2014 20:54:49 +0000 (20:54 +0000)]
getentropy on Windows. It compiles but has not been thoroughly tested yet.
OK: beck@