openbsd
8 years agoMake accepted sockets inherit IP_TTL from the listening socket.
jca [Fri, 1 Jul 2016 18:37:15 +0000 (18:37 +0000)]
Make accepted sockets inherit IP_TTL from the listening socket.

This is consistent with the IPV6_UNICAST_HOPS behavior, and is the only
way to allow applications to completely control the TTL of outgoing
packets (else an application could temporariy send packets with the
default TTL, until it sets again IP_TTL ; this is harmful eg for GTSM).

ok bluhm@

8 years agoAllow resetting the IP_TTL and IP_MINTTL sockopts
jca [Fri, 1 Jul 2016 18:28:58 +0000 (18:28 +0000)]
Allow resetting the IP_TTL and IP_MINTTL sockopts

IP_TTL can be reset by passing -1, IP_MINTTL can be reset by passing 0.
This is consistent with what Linux does and
IPV6_UNICAST_HOPS/IPV6_MINHOPCOUNT.

ok bluhm@

8 years agoUnbreak getsockopt(IPV6_MINHOPCOUNT)
jca [Fri, 1 Jul 2016 18:18:57 +0000 (18:18 +0000)]
Unbreak getsockopt(IPV6_MINHOPCOUNT)

ok bluhm@

8 years agoflag the local socket listener as local.
eric [Fri, 1 Jul 2016 17:53:23 +0000 (17:53 +0000)]
flag the local socket listener as local.
clarify check for local listeners.

ok gilles@ millert@

8 years agoAvoid printing f->f_lasttime and/or f->f_prevhost if they are empty.
millert [Fri, 1 Jul 2016 15:47:15 +0000 (15:47 +0000)]
Avoid printing f->f_lasttime and/or f->f_prevhost if they are empty.
This fixes a long-standing issue where syslogd would print 15 NUL
bytes followed by two blank spaces before the log message for
warnings generated while parsing syslog.conf.  OK bluhm@

8 years agoTiming changed, now a syslogd test may get EPIPE instead of
bluhm [Fri, 1 Jul 2016 15:30:46 +0000 (15:30 +0000)]
Timing changed, now a syslogd test may get EPIPE instead of
ECONNREFUSED error.

8 years agoAdd fdt init for octeon.
visa [Fri, 1 Jul 2016 15:12:37 +0000 (15:12 +0000)]
Add fdt init for octeon.

8 years agoadd a simple keyboard backlight driver for some chromebooks,
jcs [Fri, 1 Jul 2016 15:02:49 +0000 (15:02 +0000)]
add a simple keyboard backlight driver for some chromebooks,
adjustable with wsconsctl keyboard.backlight

ok bmercer, kettenis

8 years agoInclude errno string in log message when we fail to open a file.
millert [Fri, 1 Jul 2016 15:00:48 +0000 (15:00 +0000)]
Include errno string in log message when we fail to open a file.
The privileged process sends the errno value back when it cannot
open a file.  OK gilles@

8 years agoSolidRun's HummingBoards and CuBoxes are also available with
patrick [Fri, 1 Jul 2016 09:34:39 +0000 (09:34 +0000)]
SolidRun's HummingBoards and CuBoxes are also available with
the i.MX6 Solo and DualLite SoCs.  Those are slightly different
to the bigger versions and thus have a different FDT compatible
name.  To be able for us to boot on those machines, add those
compatible names to the list and re-use the board ids.

ok kettenis@

8 years agoupdate currency exchange rates;
jmc [Fri, 1 Jul 2016 07:00:02 +0000 (07:00 +0000)]
update currency exchange rates;

8 years agoSimplify IP proto-specific sockopt error handling.
bcook [Fri, 1 Jul 2016 00:29:14 +0000 (00:29 +0000)]
Simplify IP proto-specific sockopt error handling.

This makes error messages more specific and simplifies
masking compatible sections for the portable version.

ok beck@

8 years agoUse CLOCK_UPTIME instead of CLOCK_MONOTONIC, as the later makes jumps
ratchov [Thu, 30 Jun 2016 21:37:29 +0000 (21:37 +0000)]
Use CLOCK_UPTIME instead of CLOCK_MONOTONIC, as the later makes jumps
during suspend/resume cycles which triggers watchdog time-outs and
in turn prevents sndiod from resuming.

8 years agoUpdate perl Time::HiRes to 1.9739
afresh1 [Thu, 30 Jun 2016 21:16:13 +0000 (21:16 +0000)]
Update perl Time::HiRes to 1.9739

Which provides hires `utime`

requested by espie@ OK millert@

8 years agoAlso mention the term 'USB device' in the title to make clear that the
mglocker [Thu, 30 Jun 2016 19:54:13 +0000 (19:54 +0000)]
Also mention the term 'USB device' in the title to make clear that the
reference count is on a device level.

ok jmc

8 years agoupdate aliases documentation to reflect reality
gilles [Thu, 30 Jun 2016 18:41:39 +0000 (18:41 +0000)]
update aliases documentation to reflect reality

8 years agodon't need the .xr to sysctl now either
tedu [Thu, 30 Jun 2016 15:59:30 +0000 (15:59 +0000)]
don't need the .xr to sysctl now either

8 years agonptys sysctls were removed
tedu [Thu, 30 Jun 2016 15:58:06 +0000 (15:58 +0000)]
nptys sysctls were removed

8 years agontpys sysctl was removed
tedu [Thu, 30 Jun 2016 15:56:59 +0000 (15:56 +0000)]
ntpys sysctl was removed

8 years ago992 ptys is the hard max.
tedu [Thu, 30 Jun 2016 15:54:53 +0000 (15:54 +0000)]
992 ptys is the hard max.

8 years agoUse ``rt_addr'' rather than ``rt_ifa'' to get the source address
mpi [Thu, 30 Jun 2016 12:36:27 +0000 (12:36 +0000)]
Use ``rt_addr'' rather than ``rt_ifa'' to get the source address
corresponding to a route.

ok florian@ on a previous version, input and ok bluhm@

8 years agoTighten behavior of _rs_allocate failure for portable arc4random implementations.
bcook [Thu, 30 Jun 2016 12:19:51 +0000 (12:19 +0000)]
Tighten behavior of _rs_allocate failure for portable arc4random implementations.

In the event of a failure in _rs_allocate for rsx, we still have a reference to
freed memory for rs on return. Not a huge deal since we subsequently abort in
_rs_init, but it looks strange on its own.

ok deraadt@

8 years agoTighten behavior of _rs_allocate on Windows.
bcook [Thu, 30 Jun 2016 12:17:29 +0000 (12:17 +0000)]
Tighten behavior of _rs_allocate on Windows.

For Windows, we are simply using calloc, which has two annoyances:
the memory has more permissions than needed by default, and it comes
from the process heap, which looks like a memory leak since this memory
is rightfully never freed.

This switches _rs_alloc on Windows to use VirtualAlloc, which restricts the
memory to READ|WRITE and keeps the memory out of the process heap.

ok deraadt@

8 years agobump to 2.4.2
bcook [Thu, 30 Jun 2016 11:10:29 +0000 (11:10 +0000)]
bump to 2.4.2

8 years agoPrevent NULL deref, pointed out by llvm's scan-build.
florian [Thu, 30 Jun 2016 10:17:18 +0000 (10:17 +0000)]
Prevent NULL deref, pointed out by llvm's scan-build.
OK jca, millert

8 years agoadapt S option: add C, rm F (not relevant with 0 cache and disables
otto [Thu, 30 Jun 2016 09:00:48 +0000 (09:00 +0000)]
adapt S option: add C, rm F (not relevant with 0 cache and disables
chunk rnd), rm P: is default

8 years agoRestore the automagically added /64 route on p2p interfaces in order to
mpi [Thu, 30 Jun 2016 08:19:03 +0000 (08:19 +0000)]
Restore the automagically added /64 route on p2p interfaces in order to
send traffic to link-local addresses without default route.

Fix a regression reported by Michael Lechtermann, ok stsp@, sthen@

8 years agoExplicitly check for 100% completion to avoid potential floating point
dtucker [Thu, 30 Jun 2016 05:17:05 +0000 (05:17 +0000)]
Explicitly check for 100% completion to avoid potential floating point
rounding error, which could cause progressmeter to report 99% on completion.
While there invert the test so the 100% case is clearer.  with & ok djm@

8 years agoremove some unused variables (that were commented out anyway)
mlarkin [Thu, 30 Jun 2016 02:29:22 +0000 (02:29 +0000)]
remove some unused variables (that were commented out anyway)

8 years agoRemove flags for disabling constant-time operations.
bcook [Thu, 30 Jun 2016 02:02:06 +0000 (02:02 +0000)]
Remove flags for disabling constant-time operations.

This removes support for DSA_FLAG_NO_EXP_CONSTTIME, DH_FLAG_NO_EXP_CONSTTIME,
and RSA_FLAG_NO_CONSTTIME flags, making all of these operations unconditionally
constant-time.

Based on the original patch by César Pereid.  ok beck@

8 years agoIf /tmp/vi.recover doesn't exist, don't create it. Warn once
tb [Wed, 29 Jun 2016 20:38:39 +0000 (20:38 +0000)]
If /tmp/vi.recover doesn't exist, don't create it. Warn once
that it doesn't exist, afterwards fail silently.

ok millert

8 years agoDocument arptimeout, arpdown. Prodded by and ok jmc@
chris [Wed, 29 Jun 2016 17:54:08 +0000 (17:54 +0000)]
Document arptimeout, arpdown. Prodded by and ok jmc@

8 years agosort the -o list;
jmc [Wed, 29 Jun 2016 17:14:28 +0000 (17:14 +0000)]
sort the -o list;

8 years agoSpring cleanup
jca [Wed, 29 Jun 2016 14:19:38 +0000 (14:19 +0000)]
Spring cleanup

- pointless casts, kill caddr_t or replace it with char *
- signed counters
- simplify if_getmtu, only one method is needed and SIOCGIFMTU is the
  cheapest
- we no longer have drivers for IFT_FDDI
- hide details of iflist management
- if (dflag) log_debug -> log_debug
- dead code and comments
- etc etc

Input from and ok florian@

8 years agoMake the fdt parser skip nop tokens. This is needed on some
visa [Wed, 29 Jun 2016 13:39:03 +0000 (13:39 +0000)]
Make the fdt parser skip nop tokens. This is needed on some
octeon boards.

Feedback and ok kettenis@

8 years agoExplicitely enclose SMTP transactions between BEGIN and COMMIT/ROLLBACK
eric [Wed, 29 Jun 2016 06:46:06 +0000 (06:46 +0000)]
Explicitely enclose SMTP transactions between BEGIN and COMMIT/ROLLBACK
filter events. Bump filter API version.

ok gilles@ jung@

8 years agoDon't write a 1 to the RIRR bit in the IOAPIC redirection register. This bit
mlarkin [Wed, 29 Jun 2016 06:05:15 +0000 (06:05 +0000)]
Don't write a 1 to the RIRR bit in the IOAPIC redirection register. This bit
is R/O, and although it should not matter what value is written there,
Hyper-V's emulated IOAPIC interprets a write of 1 in some unexpected way and
subsequently blocks interrupt delivery. This primarily manifests itself as
de(4) timeouts when using Hyper-V VMs with the "Legacy Network Adapter"
interface.

This diff has been in snaps for almost a month with no reported fallout.

Based on an idea originally from mikeb with further input from kettenis and
deraadt.

8 years agoAdd missing words to help the reader.
jca [Tue, 28 Jun 2016 19:45:53 +0000 (19:45 +0000)]
Add missing words to help the reader.

ok mikeb@

8 years agowhitespace nit
jca [Tue, 28 Jun 2016 18:22:50 +0000 (18:22 +0000)]
whitespace nit

8 years agorevert previous. better fix applied to fts_open.
tedu [Tue, 28 Jun 2016 18:00:59 +0000 (18:00 +0000)]
revert previous. better fix applied to fts_open.

8 years agooops, $pkg can be more than a pkgname. We have the right information
espie [Tue, 28 Jun 2016 17:35:34 +0000 (17:35 +0000)]
oops, $pkg can be more than a pkgname. We have the right information
in the plist, so use it instead.

8 years agoAdd -M and -m options to specify the outgoing and incoming minimum TTL
jca [Tue, 28 Jun 2016 17:35:14 +0000 (17:35 +0000)]
Add -M and -m options to specify the outgoing and incoming minimum TTL

Req by and ok blumh@

8 years agoIP_MINTTL and IPV6_MINHOPCOUNT work on TCP and UDP sockets
jca [Tue, 28 Jun 2016 17:32:58 +0000 (17:32 +0000)]
IP_MINTTL and IPV6_MINHOPCOUNT work on TCP and UDP sockets

Input from and ok bluhm@

8 years agoFor the EINVAL case there can be more than a single option.
millert [Tue, 28 Jun 2016 17:25:08 +0000 (17:25 +0000)]
For the EINVAL case there can be more than a single option.

8 years agofts_open() requires that the list passed as argument to contain at least
millert [Tue, 28 Jun 2016 17:21:48 +0000 (17:21 +0000)]
fts_open() requires that the list passed as argument to contain at least
one path.  When the list is empty (contain only a NULL pointer), return
EINVAL instead of pretending to succeed, which will cause a NULL pointer
deference in a later fts_read() call.  From FreeBSD.

8 years agoAdd sysctl for arp timers: net.inet.ip.arptimeout (expire timer for resolved
chris [Tue, 28 Jun 2016 17:18:24 +0000 (17:18 +0000)]
Add sysctl for arp timers: net.inet.ip.arptimeout (expire timer for resolved
entries) and net.inet.ip.arpdown (expire timer for unresolved entries)

ok mpi@

8 years agoDo not return an error in fts_open(3) if one of the paths in argv
millert [Tue, 28 Jun 2016 17:12:29 +0000 (17:12 +0000)]
Do not return an error in fts_open(3) if one of the paths in argv
is empty.  Otherwise, programs using fts(3) will report an error
if one of the paths is empty instead of just treating it as a
non-existent file.  OK guenther@

8 years agoUse IPV6_MINHOPCOUNT to finish implementing ttl-security for IPv6.
jca [Tue, 28 Jun 2016 16:59:14 +0000 (16:59 +0000)]
Use IPV6_MINHOPCOUNT to finish implementing ttl-security for IPv6.

ok renato@ deraadt@

8 years agooption -z that uses is-branch info to produce "complete"
espie [Tue, 28 Jun 2016 15:38:36 +0000 (15:38 +0000)]
option -z that uses is-branch info to produce "complete"
stem--[flavor][%branch] listing.
feedback and suggestions semarie@

8 years agodocument is-branch
espie [Tue, 28 Jun 2016 15:30:29 +0000 (15:30 +0000)]
document is-branch

8 years agodon't report errors for 'rm -rf ""'. report by rkitover.
tedu [Tue, 28 Jun 2016 15:20:13 +0000 (15:20 +0000)]
don't report errors for 'rm -rf ""'. report by rkitover.
ok benno deraadt

8 years agointroduce rwlock for socketbuf instead of the old flag and tsleep dance.
tedu [Tue, 28 Jun 2016 14:47:00 +0000 (14:47 +0000)]
introduce rwlock for socketbuf instead of the old flag and tsleep dance.
ok mikeb bluhm

8 years agoIPV6_MINHOPCOUNT now supports UDP (unicast and multicast)
jca [Tue, 28 Jun 2016 11:23:57 +0000 (11:23 +0000)]
IPV6_MINHOPCOUNT now supports UDP (unicast and multicast)

8 years agoAdd UDP unicast and multicast support for IP_MINTTL/IPV6_MINHOPCOUNT
jca [Tue, 28 Jun 2016 11:22:53 +0000 (11:22 +0000)]
Add UDP unicast and multicast support for IP_MINTTL/IPV6_MINHOPCOUNT

Requested by renato@, ok blumh@

8 years agofix a couple of errors in the page;
jmc [Tue, 28 Jun 2016 07:17:59 +0000 (07:17 +0000)]
fix a couple of errors in the page;
from henning petersen, netbsd pr lib/51284

ok semarie

8 years agoBack out previous; otto saw a potential race that could lead to a
tb [Tue, 28 Jun 2016 06:40:11 +0000 (06:40 +0000)]
Back out previous; otto saw a potential race that could lead to a
double unmap and I experienced a much more unstable firefox.

discussed with otto on icb

8 years agomore standard Nd, and zap an unbalanced ";
jmc [Tue, 28 Jun 2016 06:31:30 +0000 (06:31 +0000)]
more standard Nd, and zap an unbalanced ";
ok jmatthew

8 years agoDon't panic on null vmxon region or vmxon failure - this will be handled
mlarkin [Tue, 28 Jun 2016 05:50:55 +0000 (05:50 +0000)]
Don't panic on null vmxon region or vmxon failure - this will be handled
in the calling function which will return EIO back up the stack to vmd(8).

Fixes a panic when CPUs fail to spin up for other reasons during boot,
noticed by reyk.

8 years agoEnable UMIP feature if present. miod originally pointed this out to me.
mlarkin [Tue, 28 Jun 2016 05:37:50 +0000 (05:37 +0000)]
Enable UMIP feature if present. miod originally pointed this out to me.

ok deraadt@

8 years agoenable ure(4) where we already have url(4)
jmatthew [Tue, 28 Jun 2016 04:41:37 +0000 (04:41 +0000)]
enable ure(4) where we already have url(4)

8 years agoStop linking perl to libpthread
afresh1 [Tue, 28 Jun 2016 04:30:02 +0000 (04:30 +0000)]
Stop linking perl to libpthread

No longer necessary with TIB work

from guenther@ ok sthen@

8 years agoStop linking perl to libutil, never necessary
afresh1 [Tue, 28 Jun 2016 04:28:18 +0000 (04:28 +0000)]
Stop linking perl to libutil, never necessary

from guenther@ ok sthen@

8 years agoin pledgereq (the array for doing correspondance between textual promise as in pledge...
semarie [Tue, 28 Jun 2016 04:27:58 +0000 (04:27 +0000)]
in pledgereq (the array for doing correspondance between textual promise as in pledge(2) and internal PLEDGE_* flag), the flags member should be a uint64_t and not a int.

ok deraadt@

8 years agosync
deraadt [Tue, 28 Jun 2016 01:45:28 +0000 (01:45 +0000)]
sync

8 years agoIf an error path if close() is called, save errno so that original error
deraadt [Tue, 28 Jun 2016 00:01:10 +0000 (00:01 +0000)]
If an error path if close() is called, save errno so that original error
is shown by errx
ok millert krw

8 years agoBe more careful initializing and tracking socket s through main, this is
deraadt [Mon, 27 Jun 2016 23:58:08 +0000 (23:58 +0000)]
Be more careful initializing and tracking socket s through main, this is
so complicated that a future refactoring could easily in introduce a bug.
ok millert krw

8 years agoImprove .Nd, and Xr from usb(4)
deraadt [Mon, 27 Jun 2016 23:54:25 +0000 (23:54 +0000)]
Improve .Nd, and Xr from usb(4)

8 years agoadd ure(4) man page
jmatthew [Mon, 27 Jun 2016 23:50:31 +0000 (23:50 +0000)]
add ure(4) man page

8 years agothe flag is USBD_EXCLUSIVE_USE, not USBD_EXCLUSIVE_ACCESS
jmatthew [Mon, 27 Jun 2016 23:38:01 +0000 (23:38 +0000)]
the flag is USBD_EXCLUSIVE_USE, not USBD_EXCLUSIVE_ACCESS

8 years agoMissing "break;" in switch statement; repairs IP_MINTTL.
jca [Mon, 27 Jun 2016 20:57:41 +0000 (20:57 +0000)]
Missing "break;" in switch statement; repairs IP_MINTTL.

8 years agoRepair kill(2) on zombie processes.
jca [Mon, 27 Jun 2016 19:55:02 +0000 (19:55 +0000)]
Repair kill(2) on zombie processes.

kill(2) is supposed to find zombie processes, this probably got broken
when the process reaper was introduced.  As a temporary(tm) workaround,
walk the list of zombie processes if we can't find the target pid in the
main process list.

Problem with zsh initially reported by Geoff Wozniak on misc@, analysis
done by naddy@.  ok kettenis@ tedu@

8 years agoFix inverted logic in recv_hello().
renato [Mon, 27 Jun 2016 19:18:54 +0000 (19:18 +0000)]
Fix inverted logic in recv_hello().

Bug introduced by rev1.48 two weeks ago. We were not respecting the
advertised transport connection preference (LDPoIPv4 or LDPoIPv6),
the fix is pretty obvious.

8 years agoRemove superfluous call to l2vpn_pw_exit().
renato [Mon, 27 Jun 2016 19:08:39 +0000 (19:08 +0000)]
Remove superfluous call to l2vpn_pw_exit().

8 years agoHandle ibuf_add() errors.
renato [Mon, 27 Jun 2016 19:06:33 +0000 (19:06 +0000)]
Handle ibuf_add() errors.

tweaks from claudio@

8 years agoRevert if_iwm.c r1.166. We are still seeing links dropping upon HT protection
stsp [Mon, 27 Jun 2016 19:01:02 +0000 (19:01 +0000)]
Revert if_iwm.c r1.166. We are still seeing links dropping upon HT protection
updates with some iwn chips, such as the 2200. Reported by mlarkin and krw.

8 years agominor tweaks; ok tedu
jmc [Mon, 27 Jun 2016 17:36:33 +0000 (17:36 +0000)]
minor tweaks; ok tedu

8 years agomake proper use of fstatat, as suggested by guenther@
espie [Mon, 27 Jun 2016 16:52:30 +0000 (16:52 +0000)]
make proper use of fstatat, as suggested by guenther@
okay millert@

8 years agoRegen.
jsing [Mon, 27 Jun 2016 16:52:01 +0000 (16:52 +0000)]
Regen.

8 years agoRestore the sys_o58_kill system call.
jsing [Mon, 27 Jun 2016 16:50:07 +0000 (16:50 +0000)]
Restore the sys_o58_kill system call.

8 years agoRestore the sys_o58_kill system call.
jsing [Mon, 27 Jun 2016 16:49:45 +0000 (16:49 +0000)]
Restore the sys_o58_kill system call.

By keeping both the new (sys_kill/sys_thrkill) and old (sys_o58_kill)
system calls for the OpenBSD 6.0 release, code that uses either of these
mechanisms will work on both of the supported OpenBSD releases. This
provides a clean transition for runtimes that make direct system calls
(namely the Go programming language).

This requires a minimal amount of non-intrusive code and does not block
development progress within OpenBSD.

ok deraadt@ guenther@

8 years agoKill outdated comment. Reading the code is enough.
jca [Mon, 27 Jun 2016 16:36:08 +0000 (16:36 +0000)]
Kill outdated comment.  Reading the code is enough.

ok sthen@ bluhm@

8 years agoImplement IPV6_MINHOPCOUNT support.
jca [Mon, 27 Jun 2016 16:33:48 +0000 (16:33 +0000)]
Implement IPV6_MINHOPCOUNT support.

Useful to implement GTSM support in daemons such as bgpd(8). Diff from
2013 revived by renato@.  Input from bluhm@, ok bluhm@ deraadt@

8 years agoCopy inp_hops from the listening socket to the accepted one and use
bluhm [Mon, 27 Jun 2016 15:59:51 +0000 (15:59 +0000)]
Copy inp_hops from the listening socket to the accepted one and use
its value for the SYN+ACK packet.  This makes the IPV6_UNICAST_HOPS
socket option usable for incoming TCP connections.
tested by renato@;  OK jca@

8 years agosomehow nopass snuck onto the :wheel example. i think it's better without.
tedu [Mon, 27 Jun 2016 15:47:38 +0000 (15:47 +0000)]
somehow nopass snuck onto the :wheel example. i think it's better without.

8 years agorevise environment handling.
tedu [Mon, 27 Jun 2016 15:41:17 +0000 (15:41 +0000)]
revise environment handling.
Add a setenv keyword for manipulating the environment. keepenv now means
only retain everything. (for one release, the old use of keepenv will still
work.)
Allow setting variables to new or existing values, and also removing vars
when keepenv is used.
ok djm martijn tb

8 years agodefer munmap to after unlocking malloc. this can (unfortunately) be an
tedu [Mon, 27 Jun 2016 15:33:40 +0000 (15:33 +0000)]
defer munmap to after unlocking malloc. this can (unfortunately) be an
expensive syscall, and we don't want to tie up other threads. there's no
need to hold the lock, so defer it to afterwards.
from Michael McConville
ok deraadt

8 years agowhitespace
deraadt [Mon, 27 Jun 2016 14:43:04 +0000 (14:43 +0000)]
whitespace

8 years agosync
deraadt [Mon, 27 Jun 2016 14:26:26 +0000 (14:26 +0000)]
sync

8 years agoFix a memory leak in an error path.
jsg [Mon, 27 Jun 2016 13:06:41 +0000 (13:06 +0000)]
Fix a memory leak in an error path.
ok mikeb@

8 years agoCorrect the order of memset arguments.
jsg [Mon, 27 Jun 2016 12:32:39 +0000 (12:32 +0000)]
Correct the order of memset arguments.
ok mikeb@

8 years agoThe variable swapping between inp, newinp and oldinpcb in syn_cache_get()
bluhm [Mon, 27 Jun 2016 12:25:27 +0000 (12:25 +0000)]
The variable swapping between inp, newinp and oldinpcb in syn_cache_get()
was overly complicated.  Simplify the code without functional change.
OK jca@

8 years agoadd ure(4), a driver for Realtek RTL8152 10/100 USB Ethernet adapters,
jmatthew [Mon, 27 Jun 2016 11:42:47 +0000 (11:42 +0000)]
add ure(4), a driver for Realtek RTL8152 10/100 USB Ethernet adapters,
ported from FreeBSD.

ok dereaadt@

8 years agosurprised nobody noticed before me
espie [Mon, 27 Jun 2016 08:38:15 +0000 (08:38 +0000)]
surprised nobody noticed before me
let scp:// work with PKG_CACHE
basically, we do an extra fork, so we end up cleaning up the connection twice
that's okay for the handles, but not for the commands, since we do a spurious
ABORT BYE BYE on cleanup.

8 years agomake the fallback code more accurate (in particular, it should return names
espie [Mon, 27 Jun 2016 06:10:04 +0000 (06:10 +0000)]
make the fallback code more accurate (in particular, it should return names
based on the actual device, not any kind of inode equality which won't hold
for duplicates of the dev tree in a chroot)

no bump as it doesn't change any API.

okay and improvements guenther@

8 years agodovutimens: call vrele(9) before returning EINVAL
semarie [Mon, 27 Jun 2016 04:26:41 +0000 (04:26 +0000)]
dovutimens: call vrele(9) before returning EINVAL

ok guenther@

8 years agosys_revoke: call vrele() before returning ENOTTY
semarie [Mon, 27 Jun 2016 04:14:38 +0000 (04:14 +0000)]
sys_revoke: call vrele() before returning ENOTTY

ok guenther@

8 years agoincrease the minimum for auto rounds to 6. that was the previous low bound
tedu [Sun, 26 Jun 2016 21:04:08 +0000 (21:04 +0000)]
increase the minimum for auto rounds to 6. that was the previous low bound
for login.conf, and we don't want to go lower.

8 years agoupgrade selected login.conf to use auto rounds for bcrypt. the installer
tedu [Sun, 26 Jun 2016 20:32:31 +0000 (20:32 +0000)]
upgrade selected login.conf to use auto rounds for bcrypt. the installer
already does this, so we don't want to go backwards on password changes.
ok krw

8 years agosomebody forgot to look at format string warnings
tedu [Sun, 26 Jun 2016 19:53:40 +0000 (19:53 +0000)]
somebody forgot to look at format string warnings

8 years agoDocument how to create full boot and installation images containing
tb [Sun, 26 Jun 2016 15:17:43 +0000 (15:17 +0000)]
Document how to create full boot and installation images containing
release tarballs and ports, suitable for installs without network.

Idea and patch from Bryan Everly, thanks!
With input from deraadt, jmc and myself.

ok jmc