openbsd
9 years agoDelete the wrapper functions mdoc_meta(), man_meta(), mdoc_node(),
schwarze [Sat, 18 Apr 2015 17:50:02 +0000 (17:50 +0000)]
Delete the wrapper functions mdoc_meta(), man_meta(), mdoc_node(),
man_node() from the mandoc(3) semi-public interface and the internal
wrapper functions print_mdoc() and print_man() from the HTML formatters.
Minus 60 lines of code, no functional change.

9 years agoUnify {mdoc,man}_{alloc,reset,free}() into roff_man_{alloc,reset,free}().
schwarze [Sat, 18 Apr 2015 17:28:08 +0000 (17:28 +0000)]
Unify {mdoc,man}_{alloc,reset,free}() into roff_man_{alloc,reset,free}().
Minus 80 lines of code, no functional change.
Written on the train from Koeln to Wolfsburg returning from p2k15.

9 years agoMove mdoc_hash_init() and man_hash_init() to libmandoc.h
schwarze [Sat, 18 Apr 2015 17:01:28 +0000 (17:01 +0000)]
Move mdoc_hash_init() and man_hash_init() to libmandoc.h
and call them from mparse_alloc() and choose_parser(),
preparing unified allocation of struct roff_man.

9 years agoProfit from the unified struct roff_man and reduce the number of
schwarze [Sat, 18 Apr 2015 16:34:03 +0000 (16:34 +0000)]
Profit from the unified struct roff_man and reduce the number of
arguments of mparse_result() by one.  No functional change.
Written on the ICE Bruxelles-Koeln on the way back from p2k15.

9 years agoReplace the structs mdoc and man by a unified struct roff_man.
schwarze [Sat, 18 Apr 2015 16:04:40 +0000 (16:04 +0000)]
Replace the structs mdoc and man by a unified struct roff_man.
Almost completely mechanical, no functional change.
Written on the train from Exeter to London returning from p2k15.

9 years agoanother round of reducing the diff to linux
jsg [Sat, 18 Apr 2015 14:47:34 +0000 (14:47 +0000)]
another round of reducing the diff to linux

9 years agoSimplify vio_encap() a bit.
sf [Sat, 18 Apr 2015 14:38:38 +0000 (14:38 +0000)]
Simplify vio_encap() a bit.

From brad@

9 years agofrom brad:
jmc [Sat, 18 Apr 2015 12:04:59 +0000 (12:04 +0000)]
from brad:
don;t try to list all generations in ciss's Nd;
do not use all caps for "array"

9 years agodefine and use trace macros
jsg [Sat, 18 Apr 2015 11:41:28 +0000 (11:41 +0000)]
define and use trace macros
discussed with kettenis

9 years agoRemove some unused debug functions. If we're interested in
jsg [Sat, 18 Apr 2015 11:21:12 +0000 (11:21 +0000)]
Remove some unused debug functions.  If we're interested in
these in future we should add i915_debugfs.c

9 years agoreplace the hand rolled lists of mbufs in hfsc_classq with an
dlg [Sat, 18 Apr 2015 11:12:33 +0000 (11:12 +0000)]
replace the hand rolled lists of mbufs in hfsc_classq with an
mbuf_list.

hfsc lists are very clever because they manage a fifo with a single
pointer by abusing the m_next pointer of the tail mbuf to point to
the head. clever but hard to read.

mbuf_lists are slightly bigger because they explicitely track the
head mbuf, but i got us that space back by inlining hfsc_classq
into hfsc_class and removing the unnecessary classq field.

ok henning@

9 years agoadd and use module param macros
jsg [Sat, 18 Apr 2015 11:05:32 +0000 (11:05 +0000)]
add and use module param macros

9 years agoAvoid calling freeifaddrs() with an uninitialised pointer in an
jsg [Sat, 18 Apr 2015 09:32:59 +0000 (09:32 +0000)]
Avoid calling freeifaddrs() with an uninitialised pointer in an
error path.

9 years agoRegis Leroy reported that httpd does not strictly accept CRLF for
jsg [Sat, 18 Apr 2015 09:27:54 +0000 (09:27 +0000)]
Regis Leroy reported that httpd does not strictly accept CRLF for
newlines which could lead to http response splitting/smuggling
if a badly behaved proxy is in front of httpd.

Switch from evbuffer_readline() to evbuffer_readln() with
EVBUFFER_EOL_CRLF_STRICT to avoid this.

ok florian@

9 years agoi386 and amd64 have only one syscall entry point now, so simply the
guenther [Sat, 18 Apr 2015 05:14:05 +0000 (05:14 +0000)]
i386 and amd64 have only one syscall entry point now, so simply the
EIP/RIP adjustment for ERESTART

ok mlarkin@

9 years agoUse futimens() to preserve timestamps with subsec precision.
guenther [Sat, 18 Apr 2015 03:15:46 +0000 (03:15 +0000)]
Use futimens() to preserve timestamps with subsec precision.
Don't cast file sizes to size_t when comparing file contents for the -C option

ok deraadt@

9 years agoUse getint() instead of intval() for parsing the columns variable,
deraadt [Fri, 17 Apr 2015 17:20:41 +0000 (17:20 +0000)]
Use getint() instead of intval() for parsing the columns variable,
allowing the addition of more accurate bounds and garbage checks.
ok millert

9 years agoFALLTHROUGH in getopt is incorrect. While here use strtonum
deraadt [Fri, 17 Apr 2015 16:47:47 +0000 (16:47 +0000)]
FALLTHROUGH in getopt is incorrect.  While here use strtonum
to parse tz_minuteswest.
ok millert

9 years agoOn Ethernet packets have a minimal length, so very short packets
bluhm [Fri, 17 Apr 2015 16:42:50 +0000 (16:42 +0000)]
On Ethernet packets have a minimal length, so very short packets
get padding appended to them.  This padding is not stripped off in
ip6_input() (due to support for IPv6 Jumbograms, RFC2675).  That
means PF needs to be careful when reassembling fragmented packets
to not include the padding in the reassembled packet.
from FreeBSD; via Kristof Provost; OK henning@

9 years agos/recommended/required/ that private keys be og-r
djm [Fri, 17 Apr 2015 13:32:09 +0000 (13:32 +0000)]
s/recommended/required/ that private keys be og-r
this wording change was made a while ago but got accidentally reverted

9 years agodon't try to cleanup NULL KEX proposals in kex_prop_free();
djm [Fri, 17 Apr 2015 13:25:52 +0000 (13:25 +0000)]
don't try to cleanup NULL KEX proposals in kex_prop_free();
found by Jukka Taimisto and Markus Hietava

9 years agouse error/logit/fatal instead of fprintf(stderr, ...) and exit(0),
djm [Fri, 17 Apr 2015 13:19:22 +0000 (13:19 +0000)]
use error/logit/fatal instead of fprintf(stderr, ...) and exit(0),
fix a few errors that were being printed to stdout instead of stderr
and a few non-errors that were going to stderr instead of stdout
bz#2325; ok dtucker

9 years agodebug log missing DISPLAY environment when X11 forwarding
djm [Fri, 17 Apr 2015 13:16:48 +0000 (13:16 +0000)]
debug log missing DISPLAY environment when X11 forwarding
requested; bz#1682 ok dtucker@

9 years agowhile trying to reproduce lockups on mp alpha i hit an
dlg [Fri, 17 Apr 2015 12:38:54 +0000 (12:38 +0000)]
while trying to reproduce lockups on mp alpha i hit an
MUTEX_ASSERT_UNLOCKED, but it turns out alpha mutexes arent very
friendly to diagnostics on smp systems.

alpha mutexes contained an mtx_lock member. when 0 the mutex was
unlocked, and when 1 it was locked. the MUTEX_ASSERT_UNLOCKED checked
if mtx_lock was 1 to see if the current cpu owned the mutex, but
in an mp system another cpu may have set mtx_lock to 1, which causes
the assert to fire.

this changes alpha mutexes so they record which cpu owns the lock
rather than just if the lock is held or not. the diagnostics compare
the owner to the current cpus curcpu() address so they can actually
tell if the current cpu holds the lock instead of whether any cpu
holds the lock.

instead of using custom asm to implement a cas this uses atomic_cas_ptr,
which on alpha uses gcc cas code. miod says he has far more confidence
in the gcc cas than the code that was there before.

while im here i also shuffled the code. on MULTIPROCESSOR systems
instead of duplicating code between mtx_enter and mtx_enter_try,
mtx_enter simply loops on mtx_enter_try until it succeeds.

this also provides an alternative implementation of mutexes on
!MULTIPROCESSOR systems that avoids interlocking opcodes. mutexes
wont contend on UP boxes, theyre basically wrappers around spls.
we can just do the splraise, stash the owner as a guard value for
DIAGNOSTIC and return. similarly, mtx_enter_try on UP will never
fail, so we can just call mtx_enter and return 1.

ok miod@

9 years agoIPSEC_IN_CRYPTO_DONE and OUT_CRYPTO_NEEDED are gone
mikeb [Fri, 17 Apr 2015 11:06:39 +0000 (11:06 +0000)]
IPSEC_IN_CRYPTO_DONE and OUT_CRYPTO_NEEDED are gone

9 years agoStubs and support code for NIC-enabled IPsec bite the dust.
mikeb [Fri, 17 Apr 2015 11:04:01 +0000 (11:04 +0000)]
Stubs and support code for NIC-enabled IPsec bite the dust.
No objection from reyk@, OK markus, hshoexer

9 years agoRemove unused ipsp_parse_headers that was supposed to parse packets
mikeb [Fri, 17 Apr 2015 10:08:07 +0000 (10:08 +0000)]
Remove unused ipsp_parse_headers that was supposed to parse packets
returned by IPsec-enabled NICs;  OK markus, hshoexer

9 years agoRemove unsupported SADB_X_IDENTTYPE_CONNECTION; OK markus, hshoexer
mikeb [Fri, 17 Apr 2015 10:04:37 +0000 (10:04 +0000)]
Remove unsupported SADB_X_IDENTTYPE_CONNECTION;  OK markus, hshoexer

9 years agoRemove superflous "::1" route, test currently failing but a fix is
mpi [Fri, 17 Apr 2015 08:20:24 +0000 (08:20 +0000)]
Remove superflous "::1" route, test currently failing but a fix is
in its way.

9 years agoLocal routes should be present in the routing table output.
mpi [Fri, 17 Apr 2015 08:19:27 +0000 (08:19 +0000)]
Local routes should be present in the routing table output.

9 years agoparse_prefix in parse.c got changed but the declaration in bgpctl.c
phessler [Fri, 17 Apr 2015 07:51:09 +0000 (07:51 +0000)]
parse_prefix in parse.c got changed but the declaration in bgpctl.c
wasn't updated, so we would crash when doing `bgpctl net bulk` commands.

Fix by moving parse_prefix into a header, since we use it in more than
one file.

crash found by henning@
underlying problem found by blambert@

OK sthen@ deraadt@ claudio@ henning@

9 years agoMatch -current output. Every configured address should have a local route
mpi [Fri, 17 Apr 2015 07:46:10 +0000 (07:46 +0000)]
Match -current output.  Every configured address should have a local route
and remove redundant loopback cloning route.

Note that tests using IPv6 still contain two routes to "::1" this should
cause no harm but is being investigated.

9 years agoCrank the timeout and decrease the buffer size to not end up dropping
mpi [Fri, 17 Apr 2015 07:17:51 +0000 (07:17 +0000)]
Crank the timeout and decrease the buffer size to not end up dropping
all the entropy provided by the device.

Also make sure we match the right endpoint.

From Sean Levy based on comments from Andreas Gustafsson who's behind
Alea.

9 years agooops, started expecting sockoptlevelname() to handle two arguments
guenther [Fri, 17 Apr 2015 06:33:30 +0000 (06:33 +0000)]
oops, started expecting sockoptlevelname() to handle two arguments
but never actually did so.  Fix that so that we stop losing the
second argument to {get,set}sockopt().  Handling of levels other than
SOL_SOCKET could be improved.

9 years agoThe first argument to socket/socketpair is an address family, not a protocol
guenther [Fri, 17 Apr 2015 06:14:36 +0000 (06:14 +0000)]
The first argument to socket/socketpair is an address family, not a protocol
family.  (sysctl(3) is practically the only place where PF_* is correct)

9 years agoTweaks utimensat/futimens handling to always update ctime, even when both
guenther [Fri, 17 Apr 2015 04:43:20 +0000 (04:43 +0000)]
Tweaks utimensat/futimens handling to always update ctime, even when both
atime and mtime are UTIME_OMIT (at least for ufs, tmpfs, and ext2fs), and
to correctly handle a timestamp of -1.

ok millert@

9 years agodon't call record_login() in monitor when UseLogin is enabled;
djm [Fri, 17 Apr 2015 04:32:31 +0000 (04:32 +0000)]
don't call record_login() in monitor when UseLogin is enabled;
bz#278 reported by drk AT sgi.com; ok dtucker

9 years agoAdd some missing options to sshd -T and fix the output of VersionAddendum
dtucker [Fri, 17 Apr 2015 04:12:35 +0000 (04:12 +0000)]
Add some missing options to sshd -T and fix the output of VersionAddendum
HostCertificate.  bz#2346, patch from jjelen at redhat com, ok djm.

9 years agoMake drm ioctls table driven. Further reduces the diff to linux.
jsg [Fri, 17 Apr 2015 00:54:41 +0000 (00:54 +0000)]
Make drm ioctls table driven.  Further reduces the diff to linux.
ok kettenis@

9 years agoDocument "none" for PidFile XAuthLocation TrustedUserCAKeys and RevokedKeys.
dtucker [Thu, 16 Apr 2015 23:25:50 +0000 (23:25 +0000)]
Document "none" for PidFile XAuthLocation TrustedUserCAKeys and RevokedKeys.
bz#2382, feedback from jmc@, ok djm@

9 years agoRestore the page headers and page footers that accidentally got lost
schwarze [Thu, 16 Apr 2015 20:21:08 +0000 (20:21 +0000)]
Restore the page headers and page footers that accidentally got lost
in rev. 1.225.  Regression reported by florian@.

9 years agofirmware, not firmwares;
jmc [Thu, 16 Apr 2015 20:01:39 +0000 (20:01 +0000)]
firmware, not firmwares;

9 years agotweak previous;
jmc [Thu, 16 Apr 2015 19:59:28 +0000 (19:59 +0000)]
tweak previous;

9 years agoipa_inp_next is unused; via mikeb@
markus [Thu, 16 Apr 2015 19:44:01 +0000 (19:44 +0000)]
ipa_inp_next is unused; via mikeb@

9 years agoremove unfinished/unused support for socket-attached ipsec-policies
markus [Thu, 16 Apr 2015 19:24:13 +0000 (19:24 +0000)]
remove unfinished/unused support for socket-attached ipsec-policies
ok mikeb

9 years agochange {import,export}_identity so it can be used for policies; ok mikeb
markus [Thu, 16 Apr 2015 19:18:10 +0000 (19:18 +0000)]
change {import,export}_identity so it can be used for policies; ok mikeb
(fixes sadb_ident_type conversion for policies)

9 years agoshorten "outdated mandoc.db" warning message; requested by deraadt@
schwarze [Thu, 16 Apr 2015 16:35:02 +0000 (16:35 +0000)]
shorten "outdated mandoc.db" warning message; requested by deraadt@

9 years agosync
deraadt [Thu, 16 Apr 2015 15:50:47 +0000 (15:50 +0000)]
sync

9 years agoTweak error output.
gsoares [Thu, 16 Apr 2015 15:14:30 +0000 (15:14 +0000)]
Tweak error output.
ok krw@

9 years agoMake sure LLVM static analyzer do not report a false positive,
mpi [Thu, 16 Apr 2015 14:23:48 +0000 (14:23 +0000)]
Make sure LLVM static analyzer do not report a false positive,
found by and fix confirmed by jsg@.

9 years agodocument %m, sort %.
espie [Thu, 16 Apr 2015 14:11:29 +0000 (14:11 +0000)]
document %m, sort %.

9 years agoadd %m as a shorthand, will expand to
espie [Thu, 16 Apr 2015 14:08:19 +0000 (14:08 +0000)]
add %m as a shorthand, will expand to
pub/OpenBSD/5.7/packages/amd64
for lazy typers.

okay aja@

9 years agodocument % sequences.
espie [Thu, 16 Apr 2015 13:40:56 +0000 (13:40 +0000)]
document % sequences.

9 years agoreorg code, the arch/osversion code should live in a single place,
espie [Thu, 16 Apr 2015 13:29:16 +0000 (13:29 +0000)]
reorg code, the arch/osversion code should live in a single place,
short and sweet

9 years agoMatch the Nd of the page, prodded by jmc@
mpi [Thu, 16 Apr 2015 11:21:01 +0000 (11:21 +0000)]
Match the Nd of the page, prodded by jmc@

9 years agocommit expanded tags for %c, %v, %a
espie [Thu, 16 Apr 2015 09:32:23 +0000 (09:32 +0000)]
commit expanded tags for %c, %v, %a

9 years agoEnable ualea(4) where we have uhub(4), these USB device lists cry for
mpi [Thu, 16 Apr 2015 09:09:49 +0000 (09:09 +0000)]
Enable ualea(4) where we have uhub(4), these USB device lists cry for
unification...

9 years agoManpage for ualea(4) with tweaks from jmc@.
mpi [Thu, 16 Apr 2015 08:56:53 +0000 (08:56 +0000)]
Manpage for ualea(4) with tweaks from jmc@.

9 years agoNew driver for Araneus Alea II TRNG. All the hardwork has been done by
mpi [Thu, 16 Apr 2015 08:55:21 +0000 (08:55 +0000)]
New driver for Araneus Alea II TRNG.  All the hardwork has been done by
Sean Levy, aka attila, <attila + stalphonsos ! com>, thanks!

ok deraadt@

9 years agoPlug leak of address passed to logging. bz#2373, patch from jjelen at redhat,
dtucker [Wed, 15 Apr 2015 23:23:25 +0000 (23:23 +0000)]
Plug leak of address passed to logging.  bz#2373, patch from jjelen at redhat,
ok markus@

9 years agoFix some issues in bright colour handling. Bold background doesn't exist
nicm [Wed, 15 Apr 2015 22:34:46 +0000 (22:34 +0000)]
Fix some issues in bright colour handling. Bold background doesn't exist
so there is no reason for tty_check_bg to mess with the BRIGHT flag at
all, ever. Also use aixterm colours for 256-to-16 translation if the
terminal supports them. And there is no reason for tty_colours_bg to
worry about whether the terminal supports them - tty_check_bg has
already taken care of it.

9 years agoUse tty_term_flag not _has for flags, also fix a typo (position not
nicm [Wed, 15 Apr 2015 22:10:13 +0000 (22:10 +0000)]
Use tty_term_flag not _has for flags, also fix a typo (position not
permission).

9 years agoTest that ping6 fragments with ethernet padding get reassembled
bluhm [Wed, 15 Apr 2015 21:29:15 +0000 (21:29 +0000)]
Test that ping6 fragments with ethernet padding get reassembled
correctly.

9 years agoConvert error/errorx/errorc functions -> fatal/fatalx/fatalc and
millert [Wed, 15 Apr 2015 16:43:11 +0000 (16:43 +0000)]
Convert error/errorx/errorc functions -> fatal/fatalx/fatalc and
make then take a printf format string instead of requiring the
caller to snprintf into a buffer first.  OK deraadt@

9 years agoOnly set the cipher list if one was specified and actually check the return
jsing [Wed, 15 Apr 2015 16:33:49 +0000 (16:33 +0000)]
Only set the cipher list if one was specified and actually check the return
value from SSL_CTX_set_cipher_list(). Also remove pointless getenv()
handling.

ok bcook@ doug@

9 years agoClean up the ssl_bytes_to_cipher_list() API - rather than having the
jsing [Wed, 15 Apr 2015 16:25:43 +0000 (16:25 +0000)]
Clean up the ssl_bytes_to_cipher_list() API - rather than having the
ability to pass or not pass a STACK_OF(SSL_CIPHER) *, which is then either
zeroed or if NULL a new one is allocated, always allocate one and return it
directly.

Inspired by simliar changes in BoringSSL.

ok beck@ doug@

9 years agoNow that tls_close() is more robust, consider a failure to be fatal.
jsing [Wed, 15 Apr 2015 16:09:29 +0000 (16:09 +0000)]
Now that tls_close() is more robust, consider a failure to be fatal.

9 years agoTreat SSL_ERROR_ZERO_RETURN as a success, rather than a failure. Also
jsing [Wed, 15 Apr 2015 16:08:43 +0000 (16:08 +0000)]
Treat SSL_ERROR_ZERO_RETURN as a success, rather than a failure. Also
ensure that outlen is set to zero so that tls_read() has read(2) like
semantics for EOF.

Spotted by doug@

9 years agoMake tls_close() more robust - do not rely on a close notify being received
jsing [Wed, 15 Apr 2015 16:05:23 +0000 (16:05 +0000)]
Make tls_close() more robust - do not rely on a close notify being received
from the other side and only return TLS_READ_AGAIN/TLS_WRITE_AGAIN if we
failed to send a close notify on a non-blocking socket.

Otherwise be more forceful and always shutdown/close the socket regardless
of other failures. Also do not consider ENOTCONN or ECONNRESET to be a
shutdown failure, since there are various situations where this can occur.

ok doug@ guenther@

9 years agoFix setting old-style window -fg/-bg/-attr options that aren't global.
nicm [Wed, 15 Apr 2015 15:44:40 +0000 (15:44 +0000)]
Fix setting old-style window -fg/-bg/-attr options that aren't global.

9 years agoAdd the necessary glue to keep carp(4) working while other pseudo-drivers
mpi [Wed, 15 Apr 2015 15:16:17 +0000 (15:16 +0000)]
Add the necessary glue to keep carp(4) working while other pseudo-drivers
are converted to if_input().

ok dlg@, claudio@

9 years agoUse ether_ifattach() and ether_ifdetach() when cloning/destroying an
mpi [Wed, 15 Apr 2015 15:14:37 +0000 (15:14 +0000)]
Use ether_ifattach() and ether_ifdetach() when cloning/destroying an
interface instead of rewritting most of them.

This change is also needed for upcoming if_input() conversion.

As a bonus pseudo-driver attached on top of carp are now detached in
the right order.

ok claudio@, henning@

9 years agoinclude header required for DEBUG build; ok jsg@
naddy [Wed, 15 Apr 2015 14:06:03 +0000 (14:06 +0000)]
include header required for DEBUG build; ok jsg@

9 years agoAvoid using inet_ntoa() twice in a single printf() parameter list
krw [Wed, 15 Apr 2015 12:40:57 +0000 (12:40 +0000)]
Avoid using inet_ntoa() twice in a single printf() parameter list
by caching the results from excess inet_ntoa() calls before doing
the printf(). Should improve usefullness (?) of DHCPRELEASE log
entries by actually printing ciaddr and giaddr correctly when
dhcprelays stand between servers and clients.

Looks good to dlg@.

9 years agoFix a typo introduced in the niq_enqueue() conversion.
mpi [Wed, 15 Apr 2015 10:11:29 +0000 (10:11 +0000)]
Fix a typo introduced in the niq_enqueue() conversion.

Should fix a panic reported by many on bugs@ and misc@.

ok dlg@

9 years agoAdd the necessary glue to keep vlan(4) working while other pseudo-drivers
mpi [Wed, 15 Apr 2015 09:58:44 +0000 (09:58 +0000)]
Add the necessary glue to keep vlan(4) working while other pseudo-drivers
are converted to if_input().

Reviewed by Rafael Zalamena.

ok claudio@, dlg@

9 years agoConvert remaining drm ioctl implementation functions to return Linux-style
kettenis [Wed, 15 Apr 2015 09:48:18 +0000 (09:48 +0000)]
Convert remaining drm ioctl implementation functions to return Linux-style
negative errno values.

ok jsg@

9 years agoadd the include dir for libepoxy
jsg [Wed, 15 Apr 2015 07:41:53 +0000 (07:41 +0000)]
add the include dir for libepoxy

9 years agoUnneeded return at the end of a void function.
mlarkin [Wed, 15 Apr 2015 03:52:45 +0000 (03:52 +0000)]
Unneeded return at the end of a void function.

9 years agoopt{ind,err,arg} are already known
deraadt [Wed, 15 Apr 2015 02:32:28 +0000 (02:32 +0000)]
opt{ind,err,arg} are already known

9 years agoremove historical (void)foo (which were only here to hide lint's
deraadt [Wed, 15 Apr 2015 02:12:00 +0000 (02:12 +0000)]
remove historical (void)foo (which were only here to hide lint's
undrenchable thirst for false positives)

9 years agoIt feels like this Makefile should contain -Wall at least
deraadt [Wed, 15 Apr 2015 02:10:25 +0000 (02:10 +0000)]
It feels like this Makefile should contain -Wall at least

9 years agodocument missing argument; ok jmc
deraadt [Tue, 14 Apr 2015 23:59:40 +0000 (23:59 +0000)]
document missing argument; ok jmc

9 years agoAnother couple of commas in the wrong place, ok jmc
nicm [Tue, 14 Apr 2015 22:16:03 +0000 (22:16 +0000)]
Another couple of commas in the wrong place, ok jmc

9 years agoRemove an extra comma pointed out by jmc@.
nicm [Tue, 14 Apr 2015 21:34:45 +0000 (21:34 +0000)]
Remove an extra comma pointed out by jmc@.

9 years agoReorder prototypes to better match manpage layout and add some missing
nicm [Tue, 14 Apr 2015 21:25:54 +0000 (21:25 +0000)]
Reorder prototypes to better match manpage layout and add some missing
argument names, from Fabian Raetz. ok deraadt

9 years agosparc{,64} do not need softraid partitions to be defined as 4.2BSD, probably
miod [Tue, 14 Apr 2015 19:10:13 +0000 (19:10 +0000)]
sparc{,64} do not need softraid partitions to be defined as 4.2BSD, probably
since only one month after this was mentioned in CAVEATS.

9 years agoIPsec auth and credentials are not stored in the kernel anymore;
mikeb [Tue, 14 Apr 2015 17:53:13 +0000 (17:53 +0000)]
IPsec auth and credentials are not stored in the kernel anymore;
noticed by deraadt@

9 years agowrap a long line
deraadt [Tue, 14 Apr 2015 17:29:06 +0000 (17:29 +0000)]
wrap a long line

9 years agoFix sa_sigaction() handler example. The third argument is void * and
millert [Tue, 14 Apr 2015 17:05:28 +0000 (17:05 +0000)]
Fix sa_sigaction() handler example.  The third argument is void * and
should be cast to ucontext_t * to actually use it.  OK deraadt@

9 years agoThis is not System V, we spell it SIGCHLD.
millert [Tue, 14 Apr 2015 16:40:46 +0000 (16:40 +0000)]
This is not System V, we spell it SIGCHLD.
Adapted from a diff from Jan Stary.

9 years agoSetting the configuration in *_attach() is a bad practise because if it
mpi [Tue, 14 Apr 2015 14:57:05 +0000 (14:57 +0000)]
Setting the configuration in *_attach() is a bad practise because if it
fails it's impossible to debug and you cannot use your device.

So instead of calling usbd_set_config_index(), match the right interface.

This is trivial with this device because it has only one configuration
and interface.

9 years agoIt's not possible to call umcs_get_status() in interrupt context
mpi [Tue, 14 Apr 2015 14:38:17 +0000 (14:38 +0000)]
It's not possible to call umcs_get_status() in interrupt context
because it submits synchronous transfers, so schedule a task when
necessary.

9 years agomake ipsp_address thread safe; ok mpi
mikeb [Tue, 14 Apr 2015 14:20:01 +0000 (14:20 +0000)]
make ipsp_address thread safe;  ok mpi

9 years agoip6_sprintf is long gone; noticed by blambert
mikeb [Tue, 14 Apr 2015 14:18:37 +0000 (14:18 +0000)]
ip6_sprintf is long gone;  noticed by blambert

9 years agoMove verify externs into the header file.
jsing [Tue, 14 Apr 2015 12:56:36 +0000 (12:56 +0000)]
Move verify externs into the header file.

9 years agoRemove support for storing credentials and auth information in the kernel.
mikeb [Tue, 14 Apr 2015 12:22:15 +0000 (12:22 +0000)]
Remove support for storing credentials and auth information in the kernel.

This code is largely unfinished and is not used for anything.  The change
leaves identities as only objects referenced by ipsec_ref structure and
their handling requires some changes to support more advanced matching of
IPsec connections.

No objections from reyk and hshoexer, with and OK markus.

9 years agoConvert openssl(1) s_time to new option handling.
jsing [Tue, 14 Apr 2015 11:45:00 +0000 (11:45 +0000)]
Convert openssl(1) s_time to new option handling.

ok doug@

9 years agoClean up and improve openssl(1) errstr:
jsing [Tue, 14 Apr 2015 10:54:40 +0000 (10:54 +0000)]
Clean up and improve openssl(1) errstr:

- Use BIO_new_fp() instead of BIO_new()/BIO_set_fp() and handle NULL
  return value in a more appropriate manner.

- Use stroul() instead of sscanf() with appropriate error checking.

ok doug@

9 years agoMake sure we close the interrupt pipe when the device is detached.
mpi [Tue, 14 Apr 2015 07:57:33 +0000 (07:57 +0000)]
Make sure we close the interrupt pipe when the device is detached.

Bug reported and fix tested by Thomas Pfaff, thanks!