jsing [Fri, 23 May 2014 17:52:46 +0000 (17:52 +0000)]
Not OPENSSL_SYS_SUNOS.
krw [Fri, 23 May 2014 17:36:59 +0000 (17:36 +0000)]
Make DEBUG a bit easier to use by calling setlogmask(LOG_UPTO(LOG_DEBUG))
when it is set, and the current setlogmask(LOG_UPTO(LOG_INFO)) when it
is not set.
jsing [Fri, 23 May 2014 16:33:34 +0000 (16:33 +0000)]
Clean up the SSL cipher initialisation and use C99 initialisers for
clarity, grepability and to protect from future field reordering/removal.
ok miod@
jsing [Fri, 23 May 2014 16:16:55 +0000 (16:16 +0000)]
signal.h is not needed here.
jsing [Fri, 23 May 2014 16:15:52 +0000 (16:15 +0000)]
Stop pulling signal.h into apps.h - just include it from openssl.c where
it is needed.
miod [Fri, 23 May 2014 16:11:55 +0000 (16:11 +0000)]
Replace (sometimes conditional) use of alloca with malloc, and clearing
through volatile pointers with explicit_bzero().
ok beck@ jsing@
jsing [Fri, 23 May 2014 16:10:02 +0000 (16:10 +0000)]
Calling signal once to ignore SIGPIPE is sufficient - we do not need to do
this again in each app.
ok miod@
jsing [Fri, 23 May 2014 15:55:08 +0000 (15:55 +0000)]
Move include to the top and nuke pointless comments.
millert [Fri, 23 May 2014 15:37:23 +0000 (15:37 +0000)]
Document that v?dprintf() is just as safe as v?snprintf(). OK espie@
krw [Fri, 23 May 2014 15:26:22 +0000 (15:26 +0000)]
A #define to rename another #define which is then used only once introduces
more obscurity than clarity. Nuke DHCPD_LOG_FACILITY and just use
LOG_DAEMON in openlog() call.
espie [Fri, 23 May 2014 13:28:32 +0000 (13:28 +0000)]
use reallocarray
okay gilles@
jmc [Fri, 23 May 2014 06:40:57 +0000 (06:40 +0000)]
adjust the note in STANDARDS: passing args to the flags is not an
extension, it's just we do it differently;
ok millert
guenther [Fri, 23 May 2014 04:38:57 +0000 (04:38 +0000)]
Use errc/warnc to simplify code.
ok jca@ krw@
guenther [Fri, 23 May 2014 03:30:41 +0000 (03:30 +0000)]
Free the est_fqlist allocations if we end up not using it.
suggested by Benjamin Baier (programmer (at) netzbasis.de)
ok and comment suggestion kettenis@
tedu [Fri, 23 May 2014 03:20:11 +0000 (03:20 +0000)]
don't deprecate until at least the base src tree is clean.
beck [Thu, 22 May 2014 21:57:25 +0000 (21:57 +0000)]
Mark the malloc wrapper functions as deprecated so warnings will
happen on their use.
ok miod@
beck [Thu, 22 May 2014 21:56:02 +0000 (21:56 +0000)]
Convert OPENSSL_malloc stuff back to intrinsics, a few were missed
as new stuff was brought in.
ok miod@
miod [Thu, 22 May 2014 21:12:14 +0000 (21:12 +0000)]
if (x) free(x) -> free(x); semantic patch generated with coccinelle, carefully
eyeballed before applying. Contributed by Cyril Roelandt on tech@
gilles [Thu, 22 May 2014 20:31:03 +0000 (20:31 +0000)]
when we reduced the number of iovec's we passed through an imsg, the iovec
declaration was not bumped down causing us to pass extra junk leading to a
crash in the pki lookup code. i'm amazed no one else crashed on that :-/
reported by Olivier Antoine who kindly provided access to his box
miod [Thu, 22 May 2014 20:16:03 +0000 (20:16 +0000)]
Add explicit #include lines for stdio.h, stdlib.h and string.h; these files
used to be pulled via <openssl/pqueue.h> which got removed, and it turns out
that there is code in the wild which currently relies upon these headers to
be brought in scope by including <openssl/dtls1.h>.
Although such code needs to be fixed to not rely upon any system header being
automagically included by including ssl headers, our goal is not to break
code for the sake of it (ok, maybe from time to time).
Hopefully, this commit can be reverted in a not-so-distant future.
millert [Thu, 22 May 2014 19:50:34 +0000 (19:50 +0000)]
If we have to realloc() "list" we need to zero out the new entries
to match the behavior of the initial calloc(). The "cols" array
does not actually need to be zeroed so use reallocarray() instead
of calloc(). Also fix a memory leak of tbl and initialize the value
of maxcols/maxentry in the assignment instead of in the ecalloc()
call. OK espie@
miod [Thu, 22 May 2014 19:39:54 +0000 (19:39 +0000)]
Regen
miod [Thu, 22 May 2014 19:39:37 +0000 (19:39 +0000)]
Yet another evil awk script (not perl, I'm not in LibreSSL mode at the moment)
to convert the PS/2 keyboard layouts to SGI serial keyboard layouts.
Only the subset of layouts known to have existed (as listed in IRIX's
<sys/kbd.h> header) get converted, and specific flavours (iopener, dec LK)
are ignored as well. `nodead' flavours, when existing, are preserved.
miod [Thu, 22 May 2014 19:37:07 +0000 (19:37 +0000)]
Extend the keyboard communication routines to be able to work in polling mode;
use this to read the DIP switches from the keyboard at attach time.
Change the state machine to allow for a `DIP switch prefix' scan code to be
received while we are not attempting to read the DIP switches, for the
`international' key (not found in regular us layouts, documented is the
`GERlessthan' key in sgi's keyboard(7) manual page) will return the
aforementioned scancode, instead of the one documented in the manual.
Thanks to sebastia@ for lending me his german layout keyboard.
jsing [Thu, 22 May 2014 17:53:00 +0000 (17:53 +0000)]
Expand the OPENSSL_{GLOBAL,EXPORT,IMPORT,EXTERN} macros - this rids the
libssl tree from all uses of these defines.
ok miod@
jsing [Thu, 22 May 2014 17:43:52 +0000 (17:43 +0000)]
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an
empty define) and an OPENSSL_EXTERN (which is defined as, well... extern).
The use of OPENSSL_EXTERN is already inconsistent since the lines above
and below just use plain old "extern". Expand the two uses of these macros
and stop including e_os2.h in libssl.
ok miod@
jsing [Thu, 22 May 2014 17:37:06 +0000 (17:37 +0000)]
Stop pulling pqueue.h into ssl_locl.h since only a small part of libssl
actually needs it. Instead, just include it in the files where it is
actually necessary.
Also remove standard includes from pqueue.h so that they are not available
as a side effect. Just add the two includes that are needed to pqueue.c.
ok miod@
jsing [Thu, 22 May 2014 17:33:17 +0000 (17:33 +0000)]
Stop including kssl_lcl.h and nuke it from orbit - it is a no-op now.
ok beck@ miod@
jsing [Thu, 22 May 2014 17:27:50 +0000 (17:27 +0000)]
Hello? Yes, you're speaking with OPENSSL_SYS_UNIX.
ok beck@ miod@
beck [Thu, 22 May 2014 15:37:59 +0000 (15:37 +0000)]
mark BIO_snprintf as deprecated, so warnings will be generated for it's
use. ok miod@ tedu@
jsing [Thu, 22 May 2014 14:41:24 +0000 (14:41 +0000)]
KNF.
krw [Thu, 22 May 2014 14:38:48 +0000 (14:38 +0000)]
Nuke pointless dev_bsize variable which is always set to 512, and just
use DEV_BSIZE.
Replace lseek+read with pread().
tedu [Thu, 22 May 2014 14:11:41 +0000 (14:11 +0000)]
update nosuidcoredump example. mentioned by stefan wollny
krw [Thu, 22 May 2014 14:04:41 +0000 (14:04 +0000)]
Nuke pointless dev_bsize variable which is always set to 512, and just
use DEV_BSIZE.
Write sizes need to be secsize and not DEV_BSIZE, just like reads.
Equivalent to changes made in fsck_ffs.
jsing [Thu, 22 May 2014 11:48:49 +0000 (11:48 +0000)]
More KNF.
guenther [Thu, 22 May 2014 03:36:23 +0000 (03:36 +0000)]
Make this build cleanly even with UTF8_{putc,getc} moved from the
public header to the internal. Make some variables unsigned to
eliminate some warnings
guenther [Thu, 22 May 2014 03:34:26 +0000 (03:34 +0000)]
No uses of UTF8_{getc,putc}() in ports, so remove them from the public header.
ok miod@
krw [Thu, 22 May 2014 02:15:54 +0000 (02:15 +0000)]
Nuke some trailing whitespace to shrink subsequent diffs.
guenther [Thu, 22 May 2014 02:02:39 +0000 (02:02 +0000)]
From FreeBSD: the second argument to UFS_UPDATE/ffs_update is just a
boolean, not a MNT_* flag.
ok beck@
jmatthew [Wed, 21 May 2014 23:01:43 +0000 (23:01 +0000)]
We only have one possible location to use for a logged in port, so only set
it in one place.
jmatthew [Wed, 21 May 2014 22:59:26 +0000 (22:59 +0000)]
When the firmware tells us a loop id is already in use, add the device
there to our port lists, then find the next available loop id and carry on
rather than restarting. This way, we're less likely to get stuck looping
when the firmware behaves inconsistently. We also don't need to treat domain
controller logins specially.
krw [Wed, 21 May 2014 18:53:05 +0000 (18:53 +0000)]
Nuke some trailing whitespace to shrink subsequent diffs.
pascal [Wed, 21 May 2014 18:38:42 +0000 (18:38 +0000)]
stat(2) on the spool file needs privileges. Fixes file size reported by
lpq -l.
ok millert@
krw [Wed, 21 May 2014 17:52:26 +0000 (17:52 +0000)]
Nuke some trailing whitespace to shrink subsequent diffs.
krw [Wed, 21 May 2014 17:38:30 +0000 (17:38 +0000)]
Nuke some trailing whitespace and break some long lines to shrink
subsequent diffs.
krw [Wed, 21 May 2014 16:32:08 +0000 (16:32 +0000)]
Nuke some trailing whitespace to shrink subsequent diffs.
krw [Wed, 21 May 2014 15:55:19 +0000 (15:55 +0000)]
Fix 'fdisk -u', a.k.a. MBR_pcopy(), on sparc64 and possibly others.
gcc's built-in/in-lined memcpy() can't copy elements of a struct
dos_partiton array from inside the __packed struct dos_mbr into an
'unpacked' local variable. But copying the whole array works fine. Be
consistant and use the same idiom in both places the partition table
is parsed.
Leave the landisk workaround/hack in place until it can be confirmed
it is no longer needed.
ok martynas@ after many alternatives crashed and burned.
otto [Wed, 21 May 2014 15:47:51 +0000 (15:47 +0000)]
fix MALLOC_STATS (not compiled in by default); ok tedu@
mpi [Wed, 21 May 2014 14:48:28 +0000 (14:48 +0000)]
Fix IPsec route addition broken since the removal of the link-layer
addresses from the per-ifp list.
While here document why enc(4) needs a link-layer address, or at
least something that seems to be one.
Found the hard way and fix tested by naddy@, ok mikeb@, henning@
mpi [Wed, 21 May 2014 13:04:47 +0000 (13:04 +0000)]
regen
mpi [Wed, 21 May 2014 13:04:23 +0000 (13:04 +0000)]
Add VIA Labs.
mpi [Wed, 21 May 2014 12:31:53 +0000 (12:31 +0000)]
Handle the stall condition just like the bable one since in both cases
the ring is halted.
Do not bother reporting USBD_STALLED to the stack like other HC drivers
do since the endpoint is automatically reseted. What is the point of
this error apart from making sure driver authors will forget to call
usbd_clear_endpoint_stall_async() correctly?
The Renesas uPD720202 xHCI, provided by Stefan Wollny, now works as
expected.
djm [Wed, 21 May 2014 07:04:21 +0000 (07:04 +0000)]
when failing because of unexpected output, show the offending output
guenther [Wed, 21 May 2014 06:23:01 +0000 (06:23 +0000)]
Use errc/warnc to simplify code.
ok jca@ krw@
jmc [Wed, 21 May 2014 06:01:19 +0000 (06:01 +0000)]
document which keywords are posix conformant;
ok guenther sobrado
guenther [Wed, 21 May 2014 04:17:56 +0000 (04:17 +0000)]
Exit with non-zero status if a read is truncated, or if a compression
program was used but it didn't exit successfully.
Original diff by mpf@
mlarkin [Wed, 21 May 2014 02:26:49 +0000 (02:26 +0000)]
Change use of Z_PARTIAL_FLUSH to Z_SYNC_FLUSH in the hibernate code as per
a warning/comment in zlib.h that Z_PARTIAL_FLUSH "will be removed, use
Z_SYNC_FLUSH instead".
mlarkin [Wed, 21 May 2014 02:20:18 +0000 (02:20 +0000)]
Typo in comment noticed during some recent hibernate debugging. No code
change.
mlarkin [Wed, 21 May 2014 02:14:07 +0000 (02:14 +0000)]
Fix invalid / missing format specifiers in several dnprintf statements
(used only when ACPI_DEBUG is enabled)
From a diff on tech@ by Fabian Raetz, with a minor change by me, tested
on i386 and amd64 with ACPI_DEBUG enabled and disabled.
tedu [Wed, 21 May 2014 01:17:52 +0000 (01:17 +0000)]
warn about implicit. misspelled function names in libc are deadly.
dlg [Tue, 20 May 2014 23:41:36 +0000 (23:41 +0000)]
destinct is spelled distinct.
ok henning@ jmc@
halex [Tue, 20 May 2014 22:49:43 +0000 (22:49 +0000)]
remove irrelevant, outdated, and misleading sentence suggesting that
you need to set up a local mirror for the install sets
brought to attention by pascal@ ok krw@
yasuoka [Tue, 20 May 2014 22:28:07 +0000 (22:28 +0000)]
Merge the fixes from the upstream. Factor out some common code in
tty.c and fix EL_SETTY to work.
ok nicm
krw [Tue, 20 May 2014 21:11:16 +0000 (21:11 +0000)]
As suggested by guenther@ and millert@, replace seek+[read|write] with
p[read|write]. Makes the code much clearer by eliminating extra error
checking and verbiage.
No intentional functional change.
Tweaks by and ok guenther@
eric [Tue, 20 May 2014 18:47:01 +0000 (18:47 +0000)]
format string cleanup: change "%i" to "%d" and fix a few typos
reyk [Tue, 20 May 2014 17:33:36 +0000 (17:33 +0000)]
Unify the SSL privsep key loading functions.
ok eric@
jsing [Tue, 20 May 2014 16:59:05 +0000 (16:59 +0000)]
KSSL is dead... nuke KSSL_DEBUG from orbit.
ok beck@ miod@
mpi [Tue, 20 May 2014 15:02:54 +0000 (15:02 +0000)]
regen
mpi [Tue, 20 May 2014 15:02:24 +0000 (15:02 +0000)]
Add VIA VL80x xHCI.
mpi [Tue, 20 May 2014 14:46:19 +0000 (14:46 +0000)]
Format string fixes for XHCI_DEBUG.
reyk [Tue, 20 May 2014 14:21:45 +0000 (14:21 +0000)]
Deep down inside OpenSSL, err... LibreSSL, RSA_set_ex_data attempts to
free() the external data when releasing the RSA object. The
RSA_GET_EX_NEW_INDEX(3) manual page doesn't mention that this is the
default behaviour - it just describes the possible free_func()
callback - and the code path in libcrypto is hiding the fact behind
layers of abstraction.
Fix possible double free by allocating and copying the external data
reference that is used for RSA privsep (pkiname in smtpd's case).
ok eric@ gilles@
syl [Tue, 20 May 2014 13:32:22 +0000 (13:32 +0000)]
Add -o max_read=XXX support in fuse. This is needed by usmb to have a
working read() and write().
ok tedu@
syl [Tue, 20 May 2014 13:22:06 +0000 (13:22 +0000)]
Add support for -o XXX or -oXXX options in libfuse.
inputs from tedu@, ok tedu@
nicm [Tue, 20 May 2014 11:59:03 +0000 (11:59 +0000)]
The argv[] used for el_set() EL_BIND, EL_SETTY, etc should be terminated
by NULL. Fix from NetBSD via yasuoka@ but changed by me not to walk off
the end of array with >20 arguments.
ok yasuoka
mpi [Tue, 20 May 2014 11:03:13 +0000 (11:03 +0000)]
Assign the queue ID to the correct packet header when sending ICMP messages.
ok henning@
mpi [Tue, 20 May 2014 10:29:01 +0000 (10:29 +0000)]
Fix eui64 address generation, broken since the removal of the link-layer
address from the per-ifp list.
Found the hard way by weerd@, florian@ and stsp@, ok florian@
mpi [Tue, 20 May 2014 09:16:43 +0000 (09:16 +0000)]
correctly match size and buffer. from enh at google
eric [Tue, 20 May 2014 08:09:04 +0000 (08:09 +0000)]
remove dead files
espie [Tue, 20 May 2014 05:55:43 +0000 (05:55 +0000)]
yet more code that no longer makes any sense
espie [Tue, 20 May 2014 05:46:13 +0000 (05:46 +0000)]
makewhatis being now external, it no longer requires picky/test/check_dir.
It also can't handle too many manpages at once (shell limit) so hand-feed
it (problem spotted by landry@).
Some tests by schwarze@.
espie [Tue, 20 May 2014 05:43:55 +0000 (05:43 +0000)]
fix bogus extension: $code and $code2 belong in _system, so that
both system and verbose_system will work properly.
guenther [Tue, 20 May 2014 01:25:23 +0000 (01:25 +0000)]
Use errc/warnc to simplify code.
Also, in 'ftp', always put the error message last, after the hostname/ipaddr.
ok jsing@ krw@ millert@
guenther [Tue, 20 May 2014 01:21:52 +0000 (01:21 +0000)]
Bring UTF8_{getc,putc} up-to-date: it's been a decade since 5- and 6-byte
encodings and encoding of surrogate pair code points were banned. Add
checks for those, both to those functions and to the code decoding the
BMP and UNIV encodings.
ok miod@
miod [Mon, 19 May 2014 21:18:42 +0000 (21:18 +0000)]
Format string fixes and removal of -Wno-format for sgi. Based upon an
initial diff from jasper@
jca [Mon, 19 May 2014 20:09:22 +0000 (20:09 +0000)]
X509_free() the certificate if the server hostname check fails.
No functional change. Reported by Mike Small and Maxime Villard.
miod [Mon, 19 May 2014 20:09:15 +0000 (20:09 +0000)]
Fix several bounds checks in ssl_add_clienthello_tlsext() and
ssl_add_serverhello_tlsext(), and convert all of them to the same idiom, for
easier review.
Math is hard, let's go webshopping.
Help and ok guenther@
jca [Mon, 19 May 2014 20:05:09 +0000 (20:05 +0000)]
Explicitely initialize two static variables introduced in the previous
commit, to please lteo@
jca [Mon, 19 May 2014 20:03:16 +0000 (20:03 +0000)]
HTTPS connections may see redirects, so initialize libcrypto and libssl
only once, and reuse the crafted SSL_CTX for further connections.
ok lteo@
jca [Mon, 19 May 2014 19:42:24 +0000 (19:42 +0000)]
Plug a small memory leak: if we pass checkin_init/checkin_update
a revision thru pb.newrev, it will not be freed. From Fritjof
Bornebusch, no objections from tech@
jmc [Mon, 19 May 2014 17:07:16 +0000 (17:07 +0000)]
no more -K;
tedu [Mon, 19 May 2014 15:05:13 +0000 (15:05 +0000)]
kerberos leftovers
tedu [Mon, 19 May 2014 14:30:03 +0000 (14:30 +0000)]
consistent use of uint32_t for poison values
syl [Mon, 19 May 2014 13:55:29 +0000 (13:55 +0000)]
Add some consistency in fuse error handling. We need to return ENXIO
when the fuse communication channel is broken and ENOSYS when the
libfuse callback does not exist.
Reported by Helg Bredow, thanks!
ok tedu@
tedu [Mon, 19 May 2014 13:43:30 +0000 (13:43 +0000)]
as reported by Helg, should use realpath for mounts. ok guenther syl
mpi [Mon, 19 May 2014 13:11:31 +0000 (13:11 +0000)]
There is no need to remember which usb(4) device is the child of an USB
host controller because autoconf(9) already does it.
Breakage reported by todd@
todd [Mon, 19 May 2014 12:40:53 +0000 (12:40 +0000)]
sync
jsing [Mon, 19 May 2014 12:34:53 +0000 (12:34 +0000)]
More KNF.
jsing [Mon, 19 May 2014 12:18:23 +0000 (12:18 +0000)]
More whack-a-mole^Wfips.
ok miod@
jsing [Mon, 19 May 2014 12:13:30 +0000 (12:13 +0000)]
It is perfectly valid to call free(NULL), so stop checking for non-NULL
before calling free - of some course parts of the code already did this.
krw [Mon, 19 May 2014 10:42:08 +0000 (10:42 +0000)]
Nuke some trailing whitespace that snuck in.