eric [Mon, 17 Dec 2018 11:14:56 +0000 (11:14 +0000)]
use new cert helpers for mta sessions
ok @gilles
claudio [Mon, 17 Dec 2018 09:17:30 +0000 (09:17 +0000)]
Switch from timeout_add with tvtohz to just timeout_add_tv. Now this change
will reduce the sleep time by one tick which doesn't matter in the common
case. The code never passes a true 0 timeval to timeout_add_tv so the code
will always sleep for at least 1 tick which is good enough.
OK kn@, florian@, visa@, cheloha@
claudio [Mon, 17 Dec 2018 09:11:10 +0000 (09:11 +0000)]
Use timeout_add_sec() instead of timeout_add() with a multiplication with hz
OK kn@, florian@, visa@, cheloha@
eric [Mon, 17 Dec 2018 08:56:31 +0000 (08:56 +0000)]
set the return pointer to NULL when receiving a 0-sized data.
ok gilles
tim [Sun, 16 Dec 2018 20:41:30 +0000 (20:41 +0000)]
Remove control-use-cert. It is ignored for local sockets (since unbound 1.7.3).
OK florian@ sthen@
anton [Sun, 16 Dec 2018 15:56:03 +0000 (15:56 +0000)]
split tests into multiple make targets
millert [Sun, 16 Dec 2018 15:38:29 +0000 (15:38 +0000)]
Restore the optimization for unbuffered I/O. The buffer needs to
be reset before each call to __srefill(). Passes new regress.
OK semarie@
millert [Sun, 16 Dec 2018 15:36:27 +0000 (15:36 +0000)]
Add regress test for bugs in stdio/fread.c rev 1.13 and 1.17
deraadt [Sun, 16 Dec 2018 15:11:33 +0000 (15:11 +0000)]
sync
deraadt [Sun, 16 Dec 2018 15:11:30 +0000 (15:11 +0000)]
few more devs
visa [Sun, 16 Dec 2018 14:43:38 +0000 (14:43 +0000)]
Fix pool ipl to prevent a deadlock scenario.
While here, make the pool use the default memory alignment. The default
setting is good enough for the driver and the hardware.
schwarze [Sun, 16 Dec 2018 13:08:35 +0000 (13:08 +0000)]
Tweak the syntax displays to show that the list of words
in "for name in [word ...]; do list; done" can be empty.
In sh(1), clarify what happens in that case.
In ksh(1), clarify how it can happen that the list is never executed.
OK jmc@ tb@
sthen [Sun, 16 Dec 2018 12:08:32 +0000 (12:08 +0000)]
Regenerate root CA list using updated format-pem.pl. Specifically this
drops CA certificates whose validity dates don't comply with the rules on
ASN.1 encoding in RFC 5280 (and predecessors - same rule goes back to at
least RFC 2459, section 4.1.2.5).
LibreSSL strictly enforces this, so attempting to validate certificates
signed by these CAs just result in the following:
error 13 at 1 depth lookup:format error in certificate's notBefore field
"probably" beck@
sthen [Sun, 16 Dec 2018 11:56:53 +0000 (11:56 +0000)]
Add a check that libressl is actually able to verify CA certs.
Skip outputting them if invalid (e.g. GENERALIZEDTIME date before 2050).
espie [Sun, 16 Dec 2018 10:45:38 +0000 (10:45 +0000)]
bad choice of name. don't reuse the same method name to mean different
things
espie [Sun, 16 Dec 2018 10:44:18 +0000 (10:44 +0000)]
missing annotation after refactor
dependency on libraries should always trigger an update
found by landry@
espie [Sun, 16 Dec 2018 10:16:43 +0000 (10:16 +0000)]
the width code was moved to State.pm a while ago, remove last remnants
otto [Sun, 16 Dec 2018 08:33:16 +0000 (08:33 +0000)]
Avoid using a too big bounce buffer by splitting up large reads. Allows
for booting using large (64k) blocksize filesystems. ok tedu@
otto [Sun, 16 Dec 2018 08:31:50 +0000 (08:31 +0000)]
Make the freelist best fit code a tiny bit smarter to not use a block if
half or more would be wasted. Causes more effective re-use of blocks.
ok jsing@
millert [Sun, 16 Dec 2018 03:40:40 +0000 (03:40 +0000)]
Back out rev 1.17 for now, it causes issues with python when building
databases/tdb from ports.
dlg [Sun, 16 Dec 2018 03:40:12 +0000 (03:40 +0000)]
document task_pending()
dlg [Sun, 16 Dec 2018 03:36:02 +0000 (03:36 +0000)]
add task_pending
jsg@ wants this for drm, and i've had a version of it in diffs sine
2016, but obviously havent needed to use it just yet.
task_pending is modelled on timeout_pending, and tells you if the
task is on a list waiting to execute.
ok jsg@
schwarze [Sun, 16 Dec 2018 02:20:26 +0000 (02:20 +0000)]
The .HP macro was deprecated by groff, and that makes sense
because it serves no real purpose and works poorly with HTML.
While here, describe the section argument of .TH,
clarify the syntax display of .TP, and polish some wordings.
schwarze [Sun, 16 Dec 2018 01:34:34 +0000 (01:34 +0000)]
minor polishing, in parts related to functional improvements in the past,
and also adding some cross references for important escape sequences
schwarze [Sun, 16 Dec 2018 00:10:03 +0000 (00:10 +0000)]
make test output less ugly
schwarze [Sat, 15 Dec 2018 23:33:20 +0000 (23:33 +0000)]
Yet another round of improvements to manual font selection.
Unify handling of \f and .ft.
Support \f4 (bold+italic).
Support ".ft BI" and ".ft CW" for terminal output.
Support the .ft request in HTML output.
Reject the bogus fonts \f(C1, \f(C2, \f(C3, and \f(CP.
schwarze [Sat, 15 Dec 2018 19:30:19 +0000 (19:30 +0000)]
Several improvements to escape sequence handling.
* Add the missing special character \_ (underscore).
* Partial implementations of \a (leader character)
and \E (uninterpreted escape character).
* Parse and ignore \r (reverse line feed).
* Add a WARNING message about undefined escape sequences.
* Add an UNSUPP message about unsupported escape sequences.
* Mark \! and \? (transparent throughput)
and \O (suppress output) as unsupported.
* Treat the various variants of zero-width spaces as one-byte escape
sequences rather than as special characters, to avoid defining bogus
forms with square brackets.
* For special characters with one-byte names, do not define bogus
forms with square brackets, except for \[-], which is valid.
* In the form with square brackets, undefined special characters do not
fall back to printing the name verbatim, not even for one-byte names.
* Starting a special character name with a blank is an error.
* Undefined escape sequences never abort formatting of the input
string, not even in HTML output mode.
* Document the newly handled escapes, and a few that were missing.
* Regression tests for most of the above.
eric [Sat, 15 Dec 2018 15:16:12 +0000 (15:16 +0000)]
add a -R option to set/unset resolver flags.
use strcasecmp for reading args.
tedu [Sat, 15 Dec 2018 00:50:21 +0000 (00:50 +0000)]
remove unused and problematic sudo clean. ok espie
millert [Fri, 14 Dec 2018 20:55:17 +0000 (20:55 +0000)]
Revisit the optimization for unbuffered I/O. We can use the buffer
passed to fread(3) directly in the FILE * and call __srefill() in
a loop without the memcpy(). This preserves the expected behavior
in all cases. OK semarie@, "This is neat" tedu@
millert [Fri, 14 Dec 2018 20:48:18 +0000 (20:48 +0000)]
Back out the optimization in rev 1.13, it does not update flags on
EOF or error. This caused a regression in the cPickle python extension.
gilles [Fri, 14 Dec 2018 20:22:52 +0000 (20:22 +0000)]
let smtpd fatal on misbehaving proc filters
let filters register the reporting events and filter hooks they support but
only as a stub for now
schwarze [Fri, 14 Dec 2018 20:18:27 +0000 (20:18 +0000)]
Delete a note taken during the rev. 1.1 man page splite
that should have been deleted before commit.
The cross reference is already present below SEE ALSO.
Glitch noticed by jsing@.
guenther [Fri, 14 Dec 2018 19:56:02 +0000 (19:56 +0000)]
Delete unused phdr functions; move declarations for functions internal to
elf.c to that file
ok mpi@
eric [Fri, 14 Dec 2018 09:18:03 +0000 (09:18 +0000)]
use new cert helpers for incoming smtp sessions
ok gilles@
jmc [Fri, 14 Dec 2018 07:56:17 +0000 (07:56 +0000)]
sync usage(); also, stop enclosing arg names in quotes, since it was
applied inconsistently, and applied consistently would make it
look like spaghetti;
ok mlarkin
schwarze [Fri, 14 Dec 2018 06:33:03 +0000 (06:33 +0000)]
Cleanup, no functional change:
Now that message handling is properly encapsulated,
remove struct mparse pointers from four structs (roff, roff_man,
tbl_node, eqn_node) and from the argument lists of five functions
(roff_alloc, roff_man_alloc, mandoc_getarg, tbl_alloc, eqn_alloc).
Except for being passed to the main program as an opaque object,
it now only occurs in read.c, as it should, and not across 15 files
like in the past.
schwarze [Fri, 14 Dec 2018 05:17:45 +0000 (05:17 +0000)]
Almost mechanical diff to remove the "struct mparse *" argument
from mandoc_msg(), where it is no longer used.
While here, rename mandoc_vmsg() to mandoc_msg() and retire the
old version: There is really no point in having another function
merely to save "%s" in a few places.
Minus 140 lines of code.
schwarze [Fri, 14 Dec 2018 02:15:10 +0000 (02:15 +0000)]
Fold mparse_parse_buffer() into mparse_readfd(), making the code
considerably more readable. This is possible now that i finally
deleted mparse_readmem() from mandoc portable - an unused function
that never existed in OpenBSD.
This cleanup already made me find a minor bug: after a recursive
parse, restoring the line number of the parent file was forgotten.
This is fixed now.
schwarze [Fri, 14 Dec 2018 01:17:46 +0000 (01:17 +0000)]
Major cleanup; may imply minor changes in edge cases of error reporting.
Finally, drop support for the run-time configurable mandocmsg()
callback. It was over-engineered from the start, never used for
anything in a decade, and repeatedly caused maintenance headaches.
Consolidate reporting infrastructure into two files, mandoc.h and
mandoc_msg.c, mopping up the bits and pieces that were scattered
around main.c, read.c, mandoc_parse.h, libmandoc.h, the prototypes
of four parsing-related functions, and both parser structs.
gilles [Thu, 13 Dec 2018 17:08:10 +0000 (17:08 +0000)]
in event reports, use a struct timeval instead of time_t since we want more
than second precision
discussed with eric@
gilles [Thu, 13 Dec 2018 17:07:13 +0000 (17:07 +0000)]
do not use err() on fork_processor() exit
visa [Thu, 13 Dec 2018 16:35:07 +0000 (16:35 +0000)]
Use a faster, more reliable way to figure out how many TLB entries are
available on RM7000 processors.
From miod@
lum [Thu, 13 Dec 2018 14:59:16 +0000 (14:59 +0000)]
Allow all non-ephemeral buffers to be toggled writable or read-only
while mg is running: toggle-read-only-all
gilles [Thu, 13 Dec 2018 14:43:31 +0000 (14:43 +0000)]
only allow builtin filters to declare which hook they listen to in the conf
since proc filters are going to register themselves through the protocol.
this will allow us to plug proc filters that deal with multiple hooks w/out
having to declare each and every hook, and without risking to forget one.
discussed with eric@
krw [Thu, 13 Dec 2018 14:06:10 +0000 (14:06 +0000)]
Revert last. Breaks landisk snap building for currently unknown
reason.
Noticed by deraadt@
gilles [Thu, 13 Dec 2018 14:06:01 +0000 (14:06 +0000)]
we don't want to parse a filter command line
espie [Thu, 13 Dec 2018 12:48:53 +0000 (12:48 +0000)]
split the status display in two, so that I can explicitly show I'm
not extracting files, but skipping tied entries, which still takes
time for texlive.
schwarze [Thu, 13 Dec 2018 11:55:14 +0000 (11:55 +0000)]
Cleanup, no functional change:
Split the top level parser interface out of the utility header
mandoc.h, into a new header mandoc_parse.h, for use in the main
program and in the main parser only.
Move enum mandoc_os into roff.h because struct roff_man is the
place where it is stored.
This allows removal of mandoc.h from seven files in low-level
parsers and in formatters.
martijn [Thu, 13 Dec 2018 10:54:29 +0000 (10:54 +0000)]
fix printf statements when compiled with -DDEBUG.
OK deraadt@, tb@, claudio@
schwarze [Thu, 13 Dec 2018 07:29:35 +0000 (07:29 +0000)]
libmdoc.h no longer needs mdoc.h
schwarze [Thu, 13 Dec 2018 07:25:38 +0000 (07:25 +0000)]
Cleanup, no functional change:
Finally merge the pointless file st.in into st.c.
Nobody should do operating systems dependent changes to standards:
By definition, standards are the same for every operating system.
While here, libmdoc.h no longer requires mdoc.h.
jmc [Thu, 13 Dec 2018 06:51:52 +0000 (06:51 +0000)]
various minor tweaks; ok mlarkin
jmc [Thu, 13 Dec 2018 06:47:36 +0000 (06:47 +0000)]
further document pcap_dump; from jan stary
text tweaked and ok djm
schwarze [Thu, 13 Dec 2018 06:17:17 +0000 (06:17 +0000)]
Cleanup, no functional change:
Move the roffhash_*() functions from roff.h to roff_int.h
because they are only intended for use by parsers,
neither by main programs nor by formatters.
schwarze [Thu, 13 Dec 2018 05:13:15 +0000 (05:13 +0000)]
Cleanup, no functional change:
No need to expose the eqn(7) syntax tree data structures everywhere.
Move them to their own include file, "eqn.h".
While here, delete the unused enum eqn_pilet.
schwarze [Thu, 13 Dec 2018 03:40:09 +0000 (03:40 +0000)]
Cleanup, no functional change:
In libroff.h, nothing was left except the eqn(7) parser interface, which
isn't really part of the roff(7) parser, so rename it to eqn_parse.h.
While here, move struct eqn_def to eqn.c because that's the only
file using it, and let eqn_box_free() and eqn_free() handle NULL.
schwarze [Thu, 13 Dec 2018 02:05:57 +0000 (02:05 +0000)]
Cleanup, no functional change:
Move tbl(7)-specific parser internals out of libroff.h.
Move some tbl(7)-internal processing from roff.c to tbl.c.
sthen [Wed, 12 Dec 2018 23:20:38 +0000 (23:20 +0000)]
add commented-out "val-log-level: 2" next to the uncommentable line to
enable dnssec validation, it's really useful for debug
schwarze [Wed, 12 Dec 2018 21:54:30 +0000 (21:54 +0000)]
Cleanup, no functional change:
No need to expose the tbl(7) syntax tree data structures everywhere.
Move them to their own include file, "tbl.h", and improve comments.
gilles [Wed, 12 Dec 2018 21:28:39 +0000 (21:28 +0000)]
remove unused prototypes
gilles [Wed, 12 Dec 2018 21:27:49 +0000 (21:27 +0000)]
add tx-data reporting event
claudio [Wed, 12 Dec 2018 21:20:57 +0000 (21:20 +0000)]
Simplify mbzero() by using mem_write with a NULL buf which does zero out
all memory at once without having to use a zero buffer.
OK mlarkin@
claudio [Wed, 12 Dec 2018 21:19:22 +0000 (21:19 +0000)]
Set the com speed to 115200 like we do in our bootloader when using SeaBIOS.
OK mlarkin@
jmc [Wed, 12 Dec 2018 20:21:04 +0000 (20:21 +0000)]
zap trailing whitespace;
jmc [Wed, 12 Dec 2018 20:12:03 +0000 (20:12 +0000)]
some pcap_setdirection details; from jan stary
ok djm
tedu [Wed, 12 Dec 2018 17:55:28 +0000 (17:55 +0000)]
allow reading from stdin with -f -.
ok kn
espie [Wed, 12 Dec 2018 16:36:19 +0000 (16:36 +0000)]
document show-indexed
mpi [Wed, 12 Dec 2018 14:19:15 +0000 (14:19 +0000)]
Various cleanups:
- Unify the two hooks by passing the same argument
- Check for nullity before dereferencing `if_bridgeport', this will
matter when we go MP
- Use the same pattern to find a member in the ioctl path
ok bluhm@, visa@
mpi [Wed, 12 Dec 2018 14:15:35 +0000 (14:15 +0000)]
free(9) sizes for sysv shm.
ok bluhm@, visa@
mpi [Wed, 12 Dec 2018 14:15:00 +0000 (14:15 +0000)]
free(9) sizes for SVID semaphores.
ok bluhm@, visa@
espie [Wed, 12 Dec 2018 14:14:39 +0000 (14:14 +0000)]
+nettle-bug now that the fix has been committed
espie [Wed, 12 Dec 2018 14:14:06 +0000 (14:14 +0000)]
even when there's no update needed, respect dependency chain order.
More specifically, the set currently being installed won't be affected,
but shared libraries may be reached through a long dependency chain,
so they actually require "full" dependency ordering.
This fixes the libnettle issue reported by jca@ (see regress)
okay aja@, sthen@
espie [Wed, 12 Dec 2018 14:11:03 +0000 (14:11 +0000)]
moving handles to kept means they're not affected by complete_set, which
means that they won't get their dependency information. But if they're
in kept, they're actually installed so make sure they have a location.
This will let pkg_add always follow dependencies for all sets even if
there's nothing to directly install
gilles [Wed, 12 Dec 2018 10:50:04 +0000 (10:50 +0000)]
upon MAIL or RCPT errors, only trigger report_smtp_tx_{mail,rcpt} events if
error happened within an SMTP transaction.
claudio [Wed, 12 Dec 2018 08:55:44 +0000 (08:55 +0000)]
Enable the rules doing more than one match at a time. This works since a while.
anton [Wed, 12 Dec 2018 07:29:38 +0000 (07:29 +0000)]
Make kcov MP-safe. Calling the injected tracing function
__sanitizer_cov_trace_pc() early in the boot process caused a subtle
crash while booting the secondary CPU(s). On amd64, accessing curcpu
during this period is not safe since its GSBASE register is yet not
written. After the CPU has been booted curproc can also be NULL for a
brief period of time before the idle thread tied to the same CPU has
started. The two problems can simply be avoided by postponing access to
curcpu and curproc until /dev/kcov has been opened at least once.
The end goal here is to allow fuzzing of MP kernels, which already is in
full swing.
This work has gone through many iterations before settling on the least
intrusive change; many thanks for visa@ for reviewing and providing
valuable input.
Issue originally reported by Greg Steuck on tech@ who also took the time
to test all iterations and providing me access to a virtualised OpenBSD
machine for easier testing.
ok mpi@ visa@
dlg [Wed, 12 Dec 2018 05:38:26 +0000 (05:38 +0000)]
allow ethernet interfaces to provide a custom if_output routine.
this will be mostly useful for virtual interfaces like vlan and
etherip, where they can bypass queueing on an ifq, and instead
encapsulate in on multiple cpus concurrently and push the packet
onto the next layer directly.
ok visa@
claudio [Tue, 11 Dec 2018 22:11:01 +0000 (22:11 +0000)]
Fix regress test. The rule optimizer changes output since all the
set community rules are merged into one big set block.
dlg [Tue, 11 Dec 2018 22:08:57 +0000 (22:08 +0000)]
add optional per-cpu counters for interface stats.
these exist so interfaces that want to do mpsafe work outside the
ifq machinery have a place to allocate and update stats in. the
generic ioctl handling for getting stats to userland knows how to
roll the new per cpu stats into the rest before export.
ok visa@
florian [Tue, 11 Dec 2018 19:16:36 +0000 (19:16 +0000)]
the world is not ready for dnssec enabled by default
bluhm [Tue, 11 Dec 2018 18:19:55 +0000 (18:19 +0000)]
Flip snprintf(3) error check to align it with the man page example.
No functional change.
suggested by tb@; from Jan Klemkow
bluhm [Tue, 11 Dec 2018 18:03:11 +0000 (18:03 +0000)]
Convert some variables with non-negative values to unsigned type
to avoid comparison of integers of different signs.
from Jan Klemkow; OK tb@
guenther [Tue, 11 Dec 2018 17:09:07 +0000 (17:09 +0000)]
Add PN_XNUM support to libbfd so objdump and gdb can handle core
dumps with many many segments.
ok yasuoka@
espie [Tue, 11 Dec 2018 16:26:01 +0000 (16:26 +0000)]
add a non regression test that triggers the nettle bug
gilles [Tue, 11 Dec 2018 14:52:50 +0000 (14:52 +0000)]
remove filter action "rewrite" can only be done from a proc filter
remove "report" keyword, a proc filter gets report events
discussed with eric@
sthen [Tue, 11 Dec 2018 13:49:01 +0000 (13:49 +0000)]
merge 1.8.3
sthen [Tue, 11 Dec 2018 13:46:55 +0000 (13:46 +0000)]
Fix dns64 allocation in wrong region for returned internal queries.
(This is the only code change in upstream release 1.8.3).
gilles [Tue, 11 Dec 2018 13:40:30 +0000 (13:40 +0000)]
do some imsg renaming to make them more clear
gilles [Tue, 11 Dec 2018 13:35:23 +0000 (13:35 +0000)]
remove unused imsg names
gilles [Tue, 11 Dec 2018 13:30:45 +0000 (13:30 +0000)]
these files are no longer used
gilles [Tue, 11 Dec 2018 13:29:52 +0000 (13:29 +0000)]
factor smtp-in and smtp-out reporting code
gilles [Tue, 11 Dec 2018 11:29:44 +0000 (11:29 +0000)]
report filter responses to smtp
eric [Tue, 11 Dec 2018 10:31:45 +0000 (10:31 +0000)]
fix previous
ok gilles@
espie [Tue, 11 Dec 2018 10:18:37 +0000 (10:18 +0000)]
style
claudio [Tue, 11 Dec 2018 09:03:36 +0000 (09:03 +0000)]
bgpctl can no long reuse the aspath_match function from bgpd so move the
roughly the same function here called match_aspath().
OK denis@
claudio [Tue, 11 Dec 2018 09:02:14 +0000 (09:02 +0000)]
Refactor aspath code a bit. Move cached source_as (for origin validation)
into struct aspath and pass that struct to aspath_match().
OK denis@
gilles [Tue, 11 Dec 2018 08:40:56 +0000 (08:40 +0000)]
generate an event when a helo name identifies a link
eric [Tue, 11 Dec 2018 07:57:31 +0000 (07:57 +0000)]
remove unnecessary calls to getsockname()
ok gilles@
claudio [Tue, 11 Dec 2018 07:44:25 +0000 (07:44 +0000)]
Extend vmctl start -B argument to work for disk, cdrom and net.
Currently SeaBIOS will respect disk and cdrom and our kernel will
understand net.
OK ccardenas@, reyk@, mlarkin@
projects / openbsd / log