openbsd
6 years agoRevise OperatingRegion code to make it extensible and have chvgpio(4)
kettenis [Wed, 29 Nov 2017 15:22:22 +0000 (15:22 +0000)]
Revise OperatingRegion code to make it extensible and have chvgpio(4)
provide the OEM defined regions that are used by the AML on some
Cherryview-based machines.

ok mlarkin@

6 years agoShow line number correctly in synthetic mutex names.
visa [Wed, 29 Nov 2017 15:12:52 +0000 (15:12 +0000)]
Show line number correctly in synthetic mutex names.

OK jca@

6 years agozap untrue comment (since bcode.c 1.43)
otto [Wed, 29 Nov 2017 15:06:31 +0000 (15:06 +0000)]
zap untrue comment (since bcode.c 1.43)

6 years agoPledge can be done earlier; from kshe
otto [Wed, 29 Nov 2017 14:34:17 +0000 (14:34 +0000)]
Pledge can be done earlier; from kshe

6 years agofix decl of main
otto [Wed, 29 Nov 2017 14:31:50 +0000 (14:31 +0000)]
fix decl of main

6 years agoTest invalid divert combinations and adapt error messages.
bluhm [Wed, 29 Nov 2017 13:37:08 +0000 (13:37 +0000)]
Test invalid divert combinations and adapt error messages.

6 years agomissing Sx; ok jmc@
anton [Wed, 29 Nov 2017 07:28:21 +0000 (07:28 +0000)]
missing Sx; ok jmc@

6 years agosync
deraadt [Wed, 29 Nov 2017 05:58:22 +0000 (05:58 +0000)]
sync

6 years agoImport updated moduli.
dtucker [Wed, 29 Nov 2017 05:49:54 +0000 (05:49 +0000)]
Import updated moduli.

6 years agoclang doesn't propagate attributes like "asm labels" and "visibility(hidden)"
guenther [Wed, 29 Nov 2017 05:13:57 +0000 (05:13 +0000)]
clang doesn't propagate attributes like "asm labels" and "visibility(hidden)"
to builtins like mem{set,cpy,move} and __stack_smash_handler.  So, when
building with clang, instead mark those as protected visibility to get rid
of the PLT relocations.  We can't take the address of them then, but that's
ok: it's a build-time error not a run-time error.

ok kettenis@

6 years agoturns out you dont have to configure a vsi as the default in a veb.
dlg [Wed, 29 Nov 2017 05:09:59 +0000 (05:09 +0000)]
turns out you dont have to configure a vsi as the default in a veb.

what a waste of two days.

6 years agoregen
dlg [Wed, 29 Nov 2017 05:00:40 +0000 (05:00 +0000)]
regen

6 years agoadd some mellanox parts
dlg [Wed, 29 Nov 2017 05:00:16 +0000 (05:00 +0000)]
add some mellanox parts

6 years agofix this on sparc64 (or maybe gcc)
dlg [Wed, 29 Nov 2017 03:59:34 +0000 (03:59 +0000)]
fix this on sparc64 (or maybe gcc)

ok jmatthew@ guenther@ kettenis@

6 years agolet this build on sparc64 again.
dlg [Wed, 29 Nov 2017 03:38:03 +0000 (03:38 +0000)]
let this build on sparc64 again.

6 years agovmm(4) :Add the ukvm/Solo5 hypercall I/O ports to the list of ports to be
mlarkin [Wed, 29 Nov 2017 02:56:21 +0000 (02:56 +0000)]
vmm(4) :Add the ukvm/Solo5 hypercall I/O ports to the list of ports to be
passed through to userspace. When not using ukvm, if a guest does I/O to
these ports, vmd(8) will just discard the I/O.

Thanks to Adam Steen for helping test these past few diffs, in order
to get ukvm working on vmm(4).

6 years agoadd an adaptive polling mode when no interrupt handler is available,
jcs [Wed, 29 Nov 2017 02:48:16 +0000 (02:48 +0000)]
add an adaptive polling mode when no interrupt handler is available,
such as on PCI dwiic(4) devices.

this is a temporary workaround until the underlying interrupt
problem is fixed.

tested by various

6 years agomake vmm(4) less responsible for initial register state, preferring to let
mlarkin [Wed, 29 Nov 2017 02:46:10 +0000 (02:46 +0000)]
make vmm(4) less responsible for initial register state, preferring to let
usermode daemons handle that.

ok pd@

6 years agoPrint_host is used mainly in printf style functions. So do not return NULL
claudio [Wed, 29 Nov 2017 01:25:11 +0000 (01:25 +0000)]
Print_host is used mainly in printf style functions. So do not return NULL
instead return "unknown".
OK beck@

6 years agoAdd a bunch of DPRINTFs in failure paths, fix some whitespace and some
mlarkin [Wed, 29 Nov 2017 00:38:01 +0000 (00:38 +0000)]
Add a bunch of DPRINTFs in failure paths, fix some whitespace and some
misspelled words.

6 years agoadd some comments. no functional change
mlarkin [Wed, 29 Nov 2017 00:32:52 +0000 (00:32 +0000)]
add some comments. no functional change

6 years ago- regression tests for 'load anchor ... from ...'
sashan [Wed, 29 Nov 2017 00:24:32 +0000 (00:24 +0000)]
- regression tests for 'load anchor ... from ...'
  the test case itself comes from Leonardo Guardati

6 years agoDocument NAT and DNS forwarding rules for vmd(8)
mlarkin [Wed, 29 Nov 2017 00:15:34 +0000 (00:15 +0000)]
Document NAT and DNS forwarding rules for vmd(8)

discussed at length with benno, beck, deraadt, and florian

6 years agofix some spelling errors in a few comments
mlarkin [Tue, 28 Nov 2017 23:58:30 +0000 (23:58 +0000)]
fix some spelling errors in a few comments

6 years agorefer to ixl as "Intel Ethernet 700 Series"
dlg [Tue, 28 Nov 2017 23:54:04 +0000 (23:54 +0000)]
refer to ixl as "Intel Ethernet 700 Series"

calling it intel 40g is less correct because the same driver is used for
10g and 25g parts as well.

6 years agoremove the #if 0ed out ixl_add_veb now that cvs has backed it up
dlg [Tue, 28 Nov 2017 23:47:25 +0000 (23:47 +0000)]
remove the #if 0ed out ixl_add_veb now that cvs has backed it up

im pretty sure we dont need it if we're just using the chip as a
single ethernet port.

6 years agoadd missing $OpenBSD$ tag
dlg [Tue, 28 Nov 2017 23:40:52 +0000 (23:40 +0000)]
add missing $OpenBSD$ tag

6 years agoadd ixl(4) for the "Intel Ethernet 700 Series"
dlg [Tue, 28 Nov 2017 23:39:39 +0000 (23:39 +0000)]
add ixl(4) for the "Intel Ethernet 700 Series"

this doesn't work yet, but it very recently got too big to hack on
without cvs to help me manage further changes to it.

ok deraadt@

6 years agoAdd option -i to allow oscpcheck to be used to validate an on-disk staple
beck [Tue, 28 Nov 2017 23:32:00 +0000 (23:32 +0000)]
Add option -i to allow oscpcheck to be used to validate an on-disk staple
ok claudio@ benno@

6 years agoHave sftp print a warning about shell cleanliness when decoding the first
dtucker [Tue, 28 Nov 2017 21:10:22 +0000 (21:10 +0000)]
Have sftp print a warning about shell cleanliness when decoding the first
packet fails, which is usually caused by shells polluting stdout of
non-interactive starups.  bz#2800, ok markus@ deraadt@.

6 years agoduplicate word, found by igor(1)
schwarze [Tue, 28 Nov 2017 20:26:03 +0000 (20:26 +0000)]
duplicate word, found by igor(1)

6 years agoAdd a member to be used by __cxa_thread_atexit(). Remove padding which would
kettenis [Tue, 28 Nov 2017 18:57:02 +0000 (18:57 +0000)]
Add a member to be used by __cxa_thread_atexit().  Remove padding which would
now misalign things.

ok guenther@

6 years agoOne less lie in comments
claudio [Tue, 28 Nov 2017 18:25:53 +0000 (18:25 +0000)]
One less lie in comments

6 years agoAdd the missing STANDARDS section (kettenis@ noticed that these are
schwarze [Tue, 28 Nov 2017 18:10:59 +0000 (18:10 +0000)]
Add the missing STANDARDS section (kettenis@ noticed that these are
POSIX functions) and turn the weird DIAGNOSTICS section into a normal
RETURN VALUES section while here.

6 years agozap newline in warn(); from kshe
otto [Tue, 28 Nov 2017 17:43:45 +0000 (17:43 +0000)]
zap newline in warn(); from kshe

6 years agoImplement a DL_REFERENCE dlctl. To be used by the upcoming
kettenis [Tue, 28 Nov 2017 17:19:47 +0000 (17:19 +0000)]
Implement a DL_REFERENCE dlctl.  To be used by the upcoming
__cxa_thread_atexit() implementation.

ok guenther@

6 years agoAllow TLS ciphers and protocols to be specified for nc(1).
jsing [Tue, 28 Nov 2017 16:59:10 +0000 (16:59 +0000)]
Allow TLS ciphers and protocols to be specified for nc(1).

Replace the "tlscompat" and "tlsall" options with "cipher" and "protocol"
options that are key/value pairs. This allows the user to specify ciphers
and protocols in a form that are accepted by tls_config_set_ciphers() and
tls_config_set_protocols() respectively.

ok beck@

(also ok jmc@ for a previous revision of the man page).

6 years agoRewrite ASN1_TYPE_{get,set}_octetstring() using templated ASN.1.
jsing [Tue, 28 Nov 2017 16:51:21 +0000 (16:51 +0000)]
Rewrite ASN1_TYPE_{get,set}_octetstring() using templated ASN.1.

This removes the last remaining use of the old M_ASN1_* macros (asn1_mac.h)
from API that needs to continue to exist.

ok beck@ inoguchi@

6 years agoAdd regress coverage for ASN1_TYPE_{get,set}_int_octetstring()
jsing [Tue, 28 Nov 2017 16:47:55 +0000 (16:47 +0000)]
Add regress coverage for ASN1_TYPE_{get,set}_int_octetstring()

6 years agoCorrect TLS extensions handling when no extensions are present.
jsing [Tue, 28 Nov 2017 16:46:14 +0000 (16:46 +0000)]
Correct TLS extensions handling when no extensions are present.

If no TLS extensions are present in a client hello or server hello, omit
the entire extensions block, rather than including it with a length of
zero.

ok beck@ inoguchi@

6 years agoAdd regress test coverage for building clienthello and serverhello
jsing [Tue, 28 Nov 2017 16:40:21 +0000 (16:40 +0000)]
Add regress test coverage for building clienthello and serverhello
extensions, both with extensions being present and not present. The not
present case currently fails.

6 years agoAdd regress for CBB_discard_child().
jsing [Tue, 28 Nov 2017 16:35:05 +0000 (16:35 +0000)]
Add regress for CBB_discard_child().

Converted from BoringSSL.

6 years agoAdd CBB_discard_child(), which allows for a child CBB to be discarded.
jsing [Tue, 28 Nov 2017 16:34:20 +0000 (16:34 +0000)]
Add CBB_discard_child(), which allows for a child CBB to be discarded.

Based on BoringSSL.

6 years agoSilence the "Unclaimed register before interrupt" errors. While these do
kettenis [Tue, 28 Nov 2017 16:29:56 +0000 (16:29 +0000)]
Silence the "Unclaimed register before interrupt" errors.  While these do
indicate a bug somewhere, it is unlikely to be in the OpenBSD glue code.
There are reports that these go away in newer Linux code anyway.

Stops claudio@ from whining.

6 years agoRaise the IPL of the sbar taskq to avoid lock order issues
visa [Tue, 28 Nov 2017 16:22:27 +0000 (16:22 +0000)]
Raise the IPL of the sbar taskq to avoid lock order issues
with the kernel lock.

Fixes a deadlock seen by Hrvoje Popovski and dhill@.
OK mpi@, dhill@

6 years agoThe divert structure was using the port number to indicate that
bluhm [Tue, 28 Nov 2017 16:05:46 +0000 (16:05 +0000)]
The divert structure was using the port number to indicate that
divert-to or divert-reply was active.  If the address was also set,
it meant divert-to.  Divert packet used a separate structure.  This
is confusing and makes it hard to add new features.  It is better
to have a divert type that explicitly says what is configured.
Adapt the pf rule struct in kernel and pfctl, no functional change.
Note that kernel and pfctl have to be updated together.
OK sashan@

6 years agofktrace(2) has been removed
guenther [Tue, 28 Nov 2017 16:05:13 +0000 (16:05 +0000)]
fktrace(2) has been removed

6 years agoNeed to remove fktrace here too
guenther [Tue, 28 Nov 2017 15:35:02 +0000 (15:35 +0000)]
Need to remove fktrace here too
Noted by Andreas Kusalananda Kähäri (andreas.kahari(at)icm.uu.se)

6 years agoFix mbuf leak when an interface is destroyed while forwarding IPv6
mpi [Tue, 28 Nov 2017 15:32:51 +0000 (15:32 +0000)]
Fix mbuf leak when an interface is destroyed while forwarding IPv6
packets.

Found by Hrvoje Popovski.

ok visa@, bluhm@

6 years agofix some clang warnings when building with VMM_DEBUG. Matches a previous
mlarkin [Tue, 28 Nov 2017 15:06:08 +0000 (15:06 +0000)]
fix some clang warnings when building with VMM_DEBUG. Matches a previous
commit to the amd64 version of this file

6 years agobetter handling for invalid instruction lengths.
mlarkin [Tue, 28 Nov 2017 14:51:34 +0000 (14:51 +0000)]
better handling for invalid instruction lengths.

equivalent amd64 version (already committed) was ok beck@, ccardenas@

6 years agobetter handling for invalid instruction lengths.
mlarkin [Tue, 28 Nov 2017 14:32:45 +0000 (14:32 +0000)]
better handling for invalid instruction lengths.

ok beck@, ccardenas@

6 years agoUse mutex_trylock() rather than mixing Linux APIs with OpenBSD ones.
mpi [Tue, 28 Nov 2017 13:38:11 +0000 (13:38 +0000)]
Use mutex_trylock() rather than mixing Linux APIs with OpenBSD ones.

ok kettenis@

6 years agozap trailing whitespace, and zap some Tn while here;
jmc [Tue, 28 Nov 2017 12:06:10 +0000 (12:06 +0000)]
zap trailing whitespace, and zap some Tn while here;

6 years agoCorrect the description for VOP_RENAME to reflect that tvp is unlocked
helg [Tue, 28 Nov 2017 11:17:01 +0000 (11:17 +0000)]
Correct the description for VOP_RENAME to reflect that tvp is unlocked
on exit.

ok mpi@

6 years agozap dead stores; prompted by a diff from kshe
otto [Tue, 28 Nov 2017 09:44:14 +0000 (09:44 +0000)]
zap dead stores; prompted by a diff from kshe

6 years agotweak previous;
jmc [Tue, 28 Nov 2017 09:40:46 +0000 (09:40 +0000)]
tweak previous;

6 years agogarbage collect a few functions that are not really needed; from kshe
otto [Tue, 28 Nov 2017 08:03:01 +0000 (08:03 +0000)]
garbage collect a few functions that are not really needed; from kshe

6 years agoGNU ld has prefixed the contents of .gnu.warning.SYMBOL sections
tb [Tue, 28 Nov 2017 06:55:49 +0000 (06:55 +0000)]
GNU ld has prefixed the contents of .gnu.warning.SYMBOL sections
with "warning: " since 2003, so the messages themselves need not
contain the prefix anymore.

From Scott Cheloha
ok jca, deraadt

6 years agodocument that the 'e' command is non-portable; from kshe; ok jmc@
otto [Tue, 28 Nov 2017 06:51:19 +0000 (06:51 +0000)]
document that the 'e' command is non-portable; from kshe; ok jmc@

6 years agodeadproc_mutex is only taken _before_ kernel_lock; exclude it from
guenther [Tue, 28 Nov 2017 06:09:44 +0000 (06:09 +0000)]
deadproc_mutex is only taken _before_ kernel_lock; exclude it from
WITNESS checking as (our) witness code isn't smart enough to let that by.

ok visa@

6 years agomore whitespace errors
djm [Tue, 28 Nov 2017 06:09:38 +0000 (06:09 +0000)]
more whitespace errors

6 years agosync
guenther [Tue, 28 Nov 2017 06:05:15 +0000 (06:05 +0000)]
sync

6 years agowhitespace at EOL
djm [Tue, 28 Nov 2017 06:04:51 +0000 (06:04 +0000)]
whitespace at EOL

6 years agoDelete fktrace(2). The consequences of it were not thought through
guenther [Tue, 28 Nov 2017 06:03:41 +0000 (06:03 +0000)]
Delete fktrace(2).  The consequences of it were not thought through
sufficiently and at least one horrific security hole was the result.

ok deraadt@ beck@

6 years agoThe athn(4) PCI driver forgot about adding the default noisefloor to
stsp [Tue, 28 Nov 2017 04:35:39 +0000 (04:35 +0000)]
The athn(4) PCI driver forgot about adding the default noisefloor to
measured RSSI values. The same is already done for USB devices.
RSSI values shown in ifconfig make sense now.

ok kevlo@

6 years agoIn athn(4), fix a comment which misidentifies the field where RSSI
stsp [Tue, 28 Nov 2017 04:33:03 +0000 (04:33 +0000)]
In athn(4), fix a comment which misidentifies the field where RSSI
values occur. Add macros to access RSSI info in ds_status4 as well.
ok kevlo@

6 years agoin auto-allocation, increase size of /usr/src to 1.3G.
benno [Tue, 28 Nov 2017 01:54:25 +0000 (01:54 +0000)]
in auto-allocation, increase size of /usr/src to 1.3G.
Our tree is now 1.1G big.
ok florian@, sure deraadt@

6 years agoIntroduce relay_reset_event() which closes and resets a relay connection.
claudio [Tue, 28 Nov 2017 01:51:47 +0000 (01:51 +0000)]
Introduce relay_reset_event() which closes and resets a relay connection.
Currently this is only used by relay_close() but will be needed in near
future.
OK benno@

6 years agocopyright
beck [Tue, 28 Nov 2017 01:39:49 +0000 (01:39 +0000)]
copyright

6 years agoIn TLS inspection mode we also need to keep the server tls object around.
claudio [Tue, 28 Nov 2017 01:24:22 +0000 (01:24 +0000)]
In TLS inspection mode we also need to keep the server tls object around.
For this we need to add an additional pointer to the ctl_relay_event.
Diff from Petri Mikkila (pmikkila at gmail)
OK benno@

6 years agoDisable oscp stapling on invalid staple, rather than failing to start.
beck [Tue, 28 Nov 2017 01:21:30 +0000 (01:21 +0000)]
Disable oscp stapling on invalid staple, rather than failing to start.
ok claudio@ florian@

6 years agorelay_load_fd() is no longer clobering errno in the error case so use
claudio [Tue, 28 Nov 2017 00:20:23 +0000 (00:20 +0000)]
relay_load_fd() is no longer clobering errno in the error case so use
fatal() instead of fatalx()

6 years agoAdd space between to and read like in other DPRINTFs.
claudio [Tue, 28 Nov 2017 00:17:56 +0000 (00:17 +0000)]
Add space between to and read like in other DPRINTFs.

6 years agoUse CLOCK_MONOTONIC for the delay before printing "Calculating line numbers"
jca [Mon, 27 Nov 2017 23:39:03 +0000 (23:39 +0000)]
Use CLOCK_MONOTONIC for the delay before printing "Calculating line numbers"

from Scott Cheloha who's pushing this upstream.  ok tb@

6 years agoThe divert structure was using the port number to indicate that
bluhm [Mon, 27 Nov 2017 23:21:50 +0000 (23:21 +0000)]
The divert structure was using the port number to indicate that
divert-to or divert-reply was active.  If the address was also set,
it meant divert-to.  Divert packet used a separate structure.  This
is confusing and makes it hard to add new features.  It is better
to have a divert type that explicitly says what is configured.
Convert the pfctl(8) rule parser to divert types, kernel cleanup
will be the next step.
OK sashan@

6 years agoChange the ecdhe curve configuration to the same way httpd is doing it.
claudio [Mon, 27 Nov 2017 23:21:16 +0000 (23:21 +0000)]
Change the ecdhe curve configuration to the same way httpd is doing it.
This removes 'no ecdh' and renames 'ecdh curve auto' to ecdhe default.
The code uses now tls_config_set_ecdhecurves(3) so it is possible to
specify multiple curves now. If people specified curves in their config
they need to adjust their config now.
OK beck@

6 years agoMake ca_launch error messages unique.
bluhm [Mon, 27 Nov 2017 23:05:50 +0000 (23:05 +0000)]
Make ca_launch error messages unique.
OK claudio@

6 years agolseek/read is racy when there is multiple consumers. Use pread instead.
claudio [Mon, 27 Nov 2017 23:04:26 +0000 (23:04 +0000)]
lseek/read is racy when there is multiple consumers. Use pread instead.
Solves the startup issues seen by bluhm@. pread idea from guenther@.
While there save the errno in the error case.
OK bluhm@

6 years agoChange fusefs_link to return EPERM if the source file is a directory.
helg [Mon, 27 Nov 2017 22:55:17 +0000 (22:55 +0000)]
Change fusefs_link to return EPERM if the source file is a directory.
Now aligns with link(2) man page and ffs regress tests.

ok phessler@, jca@

6 years agoSafer handling of the jump_table[] in dc's bcode.c
tom [Mon, 27 Nov 2017 21:32:33 +0000 (21:32 +0000)]
Safer handling of the jump_table[] in dc's bcode.c

Based on a diff sent to tech@ by kshe59 (at)zoho (dot) eu - thanks

ok otto@, who also remembered to check the regression tests

6 years agoAdd a DPRINTF() in relay_error() that helped me out way too many times.
claudio [Mon, 27 Nov 2017 21:09:55 +0000 (21:09 +0000)]
Add a DPRINTF() in relay_error() that helped me out way too many times.

6 years agoUse file descriptor passing to load certificates into the relays. Especially
claudio [Mon, 27 Nov 2017 21:06:25 +0000 (21:06 +0000)]
Use file descriptor passing to load certificates into the relays. Especially
the ca file (having all the trusted certs in them) can be so big that loading
via imsg fails.
OK beck@

6 years agoStop reporting WPA and WEP keys back to userland.
stsp [Mon, 27 Nov 2017 20:54:38 +0000 (20:54 +0000)]
Stop reporting WPA and WEP keys back to userland.
The kernel is not a password database; look your wifi keys up elsewhere.

Discussed with several.
ok phessler@ jca@

6 years agodecriptor relative openat() and chmod
beck [Mon, 27 Nov 2017 20:16:12 +0000 (20:16 +0000)]
decriptor relative openat() and chmod

6 years agoreadlink and friends
beck [Mon, 27 Nov 2017 19:44:40 +0000 (19:44 +0000)]
readlink and friends

6 years agosymlink and a couple more...
beck [Mon, 27 Nov 2017 18:59:10 +0000 (18:59 +0000)]
symlink and a couple more...

6 years agoImplement MOBIKE (RFC 4555) support in iked(8), with us acting as
patrick [Mon, 27 Nov 2017 18:39:35 +0000 (18:39 +0000)]
Implement MOBIKE (RFC 4555) support in iked(8), with us acting as
responder.  In practice this support means that clients like iPhones
can roam in different networks (LTE, WiFi) and change their external
addresses without having to re-do the whole handshake.  It allows the
client to choose how and when to change the external tunnel endpoint
addresses on demand, depending on which network is better or even is
connected at all.

ok sthen@
tweaks from jmc@
tested by a handful

6 years agoaccess and chflags
beck [Mon, 27 Nov 2017 18:27:33 +0000 (18:27 +0000)]
access and chflags

6 years agoAdd the start of regression tests for upcoming pledgepath stuff.
beck [Mon, 27 Nov 2017 18:10:30 +0000 (18:10 +0000)]
Add the start of regression tests for upcoming pledgepath stuff.
still some more to add, and we won't link into regress until later
ok deraadt@

6 years agoDo not rip out the output buffer of the bufferevent. Instead just use an
claudio [Mon, 27 Nov 2017 17:35:49 +0000 (17:35 +0000)]
Do not rip out the output buffer of the bufferevent. Instead just use an
initial bufferevent_write_buffer() to write out the queued up HTTP request.
OK benno@

6 years agolenght->length, mostly in comments
sthen [Mon, 27 Nov 2017 16:53:04 +0000 (16:53 +0000)]
lenght->length, mostly in comments

6 years agorfc 7230 mandates that a "204 No Content" http status must not come with a
benno [Mon, 27 Nov 2017 16:25:50 +0000 (16:25 +0000)]
rfc 7230 mandates that a "204 No Content" http status must not come with a
Content-Lenght Header. Of course some servers still so it and send
Content-Lenght: 0. Adjust accordingly.
ok claudio@

6 years agoRevise the linux sleeping compat code to avoid lock ordering problems.
kettenis [Mon, 27 Nov 2017 16:20:42 +0000 (16:20 +0000)]
Revise the linux sleeping compat code to avoid lock ordering problems.
Based on a diff from mpi@.

ok guenther@, mpi@

6 years agoUse a single timer for all ND6 entries.
mpi [Mon, 27 Nov 2017 15:41:30 +0000 (15:41 +0000)]
Use a single timer for all ND6 entries.

This prevents a use-after-free reported by Hrvoje Popovski where the
timeout function was already sleeping on the NET_LOCK() when ifconfig(8)
removed the enry from the table.

By iterating on a global list in the timeout routine we ensure that the
items are still valid when we process them.  This also reduce differences
with ARP.

ok bluhm@, visa@

6 years agoCheck access before creating a file or directory.
helg [Mon, 27 Nov 2017 13:15:56 +0000 (13:15 +0000)]
Check access before creating a file or directory.

input and ok mpi@

6 years agoSimplify lease_as_string() logic to use a single time_t variable
krw [Mon, 27 Nov 2017 13:13:19 +0000 (13:13 +0000)]
Simplify lease_as_string() logic to use a single time_t variable
and lease_[expiry|rebind|renewal]() functions.

6 years agoFix pasto so lease_rebind() returns rebind value and not
krw [Mon, 27 Nov 2017 13:09:20 +0000 (13:09 +0000)]
Fix pasto so lease_rebind() returns rebind value and not
renewal value.

6 years agoWhen renaming a file, unlock the target vnode if the target file exists.
helg [Mon, 27 Nov 2017 12:54:13 +0000 (12:54 +0000)]
When renaming a file, unlock the target vnode if the target file exists.

ok mpi@

6 years agoRemove MALLOC_DEBUG left overs.
mpi [Mon, 27 Nov 2017 09:23:44 +0000 (09:23 +0000)]
Remove MALLOC_DEBUG left overs.

From Klemens Nanni.