reyk [Tue, 22 Apr 2014 10:01:15 +0000 (10:01 +0000)]
The complexity and quality of kerberosV and the fact that almost
nobody is using it doesn't justify to have it in base - disable and
remove it. If the 2 two people who use it still want it, they can
make a port or recompile OpenBSD on their own.
There is a quote in theo.c from August 2010: "basically, dung beetles
fucking. that's what kerberosV + openssl is like".
Discussed with many. Tests by henning@ reyk@ and others.
ok deraadt@ henning@
reyk [Tue, 22 Apr 2014 09:48:51 +0000 (09:48 +0000)]
The complexity and quality of kerberosV and the fact that almost
nobody is using it doesn't justify to enable it by default. It will
be disabled and removed from base and possibly be moved to ports.
Discussed with many. Tests by henning@ reyk@ and others.
ok henning@
dlg [Tue, 22 Apr 2014 08:48:51 +0000 (08:48 +0000)]
move vscsi from using scsi_req_probe and scsi_req_detach to using
the newly minted scsi_probe and scsi_detach respectively from a
task it runs itself.
the probe and detach ioctls requests work the same before and after
this change, but this paves the way for vscsi being able to report
the status of these requests back to userland.
discussed with claudio@
tested with current iscsid and an md3200i
espie [Tue, 22 Apr 2014 08:26:31 +0000 (08:26 +0000)]
effectively use emult_realloc, okay guenther@
reyk [Tue, 22 Apr 2014 08:04:23 +0000 (08:04 +0000)]
Support the CA key for SSL inspection in the ca process. Instead of
looking up the keys by relay id, add all keys to a list and look them
up by key id.
ok benno@
dlg [Tue, 22 Apr 2014 07:29:11 +0000 (07:29 +0000)]
factor out the code that figures out whether you're probing or detaching
a whole bus, a target, or a specific lun on a target from the bioctl
and scsi_req paths.
i want to reuse this factored code for something claudio wants.
tedu [Tue, 22 Apr 2014 05:44:40 +0000 (05:44 +0000)]
errx when errno won't be set.
lteo [Tue, 22 Apr 2014 02:29:52 +0000 (02:29 +0000)]
gets() is gone
guenther [Tue, 22 Apr 2014 00:33:02 +0000 (00:33 +0000)]
Add errc/verrc/warnc/vwarnc family: versions of err/... that take the errno
value to use for the strerror() message as an argument. Originally from
FreeBSD 3.0
Patch from Steffen Nurpmeso (sdaoden (at) gmail.com) with minor tweaks.
guenther [Tue, 22 Apr 2014 00:23:35 +0000 (00:23 +0000)]
Clarify an err() message
guenther [Tue, 22 Apr 2014 00:22:41 +0000 (00:22 +0000)]
Convert a malloc(x*y)+memset to calloc(x,y)
From Jean-Philippe Ouellet (jean-philippe (at) ouellet.biz)
rpe [Mon, 21 Apr 2014 23:15:09 +0000 (23:15 +0000)]
Avoid a loop during autoinstall in case the path in the responsefile does
not exist.
OK halex@ krw@
djm [Mon, 21 Apr 2014 22:15:37 +0000 (22:15 +0000)]
repair regress tests broken by server-side default cipher/kex/mac changes
by ensuring that the option under test is included in the server's
algorithm list
claudio [Mon, 21 Apr 2014 20:20:37 +0000 (20:20 +0000)]
Print bytes read and written in human readable form, like:
2849359 I2T calls (5 read,
2849352 writes)
5 data reads (2.3K bytes read)
2849352 data writes (43.5G bytes written)
2849358 T2I calls (
2849358 done, 0 sense errors, 0 errors)
reyk [Mon, 21 Apr 2014 19:47:27 +0000 (19:47 +0000)]
Copy the updated proc.c from relayd to use the same file. Adjust
snmpd accordingly.
ok sthen@
rpe [Mon, 21 Apr 2014 19:05:40 +0000 (19:05 +0000)]
Change dhcp_request() and v4_config() to be able to configure dhcp
for an interface without an active network connection.
- Don't write options to dhclient.conf that are default. Only use
the 'host-name' option for hostname associated dhcp requests.
- Run dhclient with options to reduce the time it takes to finish
in case it gets no answer from a DHCP server.
- Don't bother removing the interface from group dhcp and save the
configuration files even if dhclient fails. If the same interface
is statically configured later, it is removed from the group dhcp.
- Add 'dhcp' to hostname.if file regardless whether dhcp_request()
was successful or not.
- Change the Netmask question to be more autoinstaller friendly.
based on krw's work
discussed with and OK krw@
claudio [Mon, 21 Apr 2014 18:59:05 +0000 (18:59 +0000)]
Bind to localAddr if specified and add some XXX comments about stuff
that is not prefect yet.
henning [Mon, 21 Apr 2014 18:52:25 +0000 (18:52 +0000)]
g/c hdrcmplt var, we can just set the esrc ptr earlier and re-set it in
the pseudo_AF_HDRCMPLT case, ok claudio reyk
henning [Mon, 21 Apr 2014 18:38:36 +0000 (18:38 +0000)]
__inline -> inline
deraadt [Mon, 21 Apr 2014 18:35:01 +0000 (18:35 +0000)]
you must have S_ISDIR to play
claudio [Mon, 21 Apr 2014 18:05:45 +0000 (18:05 +0000)]
Document show summary
claudio [Mon, 21 Apr 2014 18:01:08 +0000 (18:01 +0000)]
Print the target and initiator name in show command.
claudio [Mon, 21 Apr 2014 18:00:23 +0000 (18:00 +0000)]
Start passing the initiator and target name in the show command.
claudio [Mon, 21 Apr 2014 17:44:47 +0000 (17:44 +0000)]
Cope with the iscsid changes. Makes the msg handling a lot easier.
This also introduces some stuff that is work in progress.
claudio [Mon, 21 Apr 2014 17:41:52 +0000 (17:41 +0000)]
Redo most of the control message handling. Switch it back to use
SOCK_SEQPACKET and provide functions to build the control messages that
can also be used by iscsictl.
reyk [Mon, 21 Apr 2014 17:33:31 +0000 (17:33 +0000)]
Add a few missing free's in the grammar.
claudio [Mon, 21 Apr 2014 17:33:20 +0000 (17:33 +0000)]
It does not make sense to specify a port for the initiatoraddr.
reyk [Mon, 21 Apr 2014 17:22:06 +0000 (17:22 +0000)]
Use RSA_set_ex_data()/RSA_get_ex_data() directly instead of
the undocumented RSA_set_app_data()/RSA_get_app_data() wrappers.
jsing [Mon, 21 Apr 2014 17:15:24 +0000 (17:15 +0000)]
KNF.
jsing [Mon, 21 Apr 2014 16:59:26 +0000 (16:59 +0000)]
KNF.
jsing [Mon, 21 Apr 2014 16:49:02 +0000 (16:49 +0000)]
KNF.
deraadt [Mon, 21 Apr 2014 16:48:59 +0000 (16:48 +0000)]
use mallocarray(a,b) instead of malloc(a*b)
deraadt [Mon, 21 Apr 2014 16:34:43 +0000 (16:34 +0000)]
more malloc/realloc/calloc cleanups; ok beck kettenis
jsing [Mon, 21 Apr 2014 16:32:06 +0000 (16:32 +0000)]
KNF.
henning [Mon, 21 Apr 2014 16:21:08 +0000 (16:21 +0000)]
use the language from the 802.1Q standard which just talks about tags,
not encap, not header. reyk happy & ok.
guenther [Mon, 21 Apr 2014 16:13:24 +0000 (16:13 +0000)]
Remove historical comment about <varargs.h> and warn people from using
the _* functions outside libc
reyk [Mon, 21 Apr 2014 16:08:47 +0000 (16:08 +0000)]
The OpenSSL engine passes a "const u_char *" to the callback but
relayd's RSA privsep engine uses an iovec that expects a non-cast
"void *". Cast it and disable the -Wcast-qual warning because I don't
want to copy the data and I didn't find a better way to implement it.
ok guenther@
deraadt [Mon, 21 Apr 2014 16:08:08 +0000 (16:08 +0000)]
no need for malloc casts
jsing [Mon, 21 Apr 2014 16:00:04 +0000 (16:00 +0000)]
KNF.
rpe [Mon, 21 Apr 2014 15:56:19 +0000 (15:56 +0000)]
Use a better way that ensures that NIFS is really 0 if there are no
hostname.if files.
suggested by and OK halex@
OK krw@
sthen [Mon, 21 Apr 2014 15:46:03 +0000 (15:46 +0000)]
check perms on .ssh/id_ed25519; Fritjof Bornebusch
jsing [Mon, 21 Apr 2014 15:44:13 +0000 (15:44 +0000)]
More KNF.
jsing [Mon, 21 Apr 2014 15:39:52 +0000 (15:39 +0000)]
KNF.
krw [Mon, 21 Apr 2014 15:35:02 +0000 (15:35 +0000)]
msdosfs timestamps can only represent 1/1/1980 through
12/31/2107. 64-bit time_t now dominates that entire range, so simply
set all dates that cannot be represented to 1/1/1980 like Redmond
intended.
Problem reported by Alessandro De Laurenzis via misc@.
ok guenther@
krw [Mon, 21 Apr 2014 15:26:50 +0000 (15:26 +0000)]
Ooops. Delete discarded offered leases from correct TAILQ. More than
one offer would cause infinite loop.
ok guenther@
reyk [Mon, 21 Apr 2014 14:57:17 +0000 (14:57 +0000)]
The OpenSSL engine passes a "const u_char *" to the callback but
relayd's RSA privsep engine uses an iovec that expects a non-cast
"void *". Cast it and disable the -Wcast-qual warning because I don't
want to copy the data and I didn't find a better way to implement it.
ok guenther@
jsing [Mon, 21 Apr 2014 14:50:59 +0000 (14:50 +0000)]
KNF.
logan [Mon, 21 Apr 2014 14:36:16 +0000 (14:36 +0000)]
Implement sftp upload resume support.
OK from djm@, with input from guenther@, mlarkin@ and
okan@
jsing [Mon, 21 Apr 2014 14:27:06 +0000 (14:27 +0000)]
KNF.
florian [Mon, 21 Apr 2014 14:26:10 +0000 (14:26 +0000)]
Revert 1.101 as it breaks source port selection. This needs more
thought / code shuffling.
Reported by deraadt@ and sthen@, thanks!
henning [Mon, 21 Apr 2014 14:08:09 +0000 (14:08 +0000)]
stop lieing. vlan is not an encapsulation. it doesn't encapsulate ethernet
frames, it replaces the ethernet header by a slightly extended one.
ok sthen jmc
deraadt [Mon, 21 Apr 2014 13:45:47 +0000 (13:45 +0000)]
sync
deraadt [Mon, 21 Apr 2014 13:21:57 +0000 (13:21 +0000)]
correct man page section
deraadt [Mon, 21 Apr 2014 13:18:01 +0000 (13:18 +0000)]
crank minor
deraadt [Mon, 21 Apr 2014 13:17:32 +0000 (13:17 +0000)]
Introducing: void *mallocarray(size_t nmemb, size_t size);
Like calloc(), except without the cleared-memory gaurantee
ok beck guenther, discussed for more than a year...
deraadt [Mon, 21 Apr 2014 13:13:43 +0000 (13:13 +0000)]
wrong calloc, see people do care
jmatthew [Mon, 21 Apr 2014 13:05:20 +0000 (13:05 +0000)]
Simplify the update process a bit. Don't try to skip parts based on what
we think might have changed, since the update steps depend on each other
too much for that to really work anyway.
jsing [Mon, 21 Apr 2014 13:04:02 +0000 (13:04 +0000)]
KNF.
beck [Mon, 21 Apr 2014 12:49:34 +0000 (12:49 +0000)]
Back out most of v1.47 changes which mess up the block size on these
reads.
ok deraadt@ guenther@
rpe [Mon, 21 Apr 2014 12:41:36 +0000 (12:41 +0000)]
NIFS is supposed to represent the number of configured interfaces.
If an interface got configured twice, NIFS must not be incremented.
So count the number of hostname.if files instead.
discussed with and OK krw@
okan [Mon, 21 Apr 2014 12:35:25 +0000 (12:35 +0000)]
remove rshd example; ok sthen
claudio [Mon, 21 Apr 2014 12:26:50 +0000 (12:26 +0000)]
Handle EAGAIN, ENOBUFS and EINTR a bit better. Ignore them one layer above
and do not fail and tear down the world when they happen.
claudio [Mon, 21 Apr 2014 12:24:58 +0000 (12:24 +0000)]
It is possible that we can't burst all of the data in the immediate data
part of the write request. In that case R2T requests with be sent for the
rest of the data. The amount of data we can send is defined by
MaxRecvDataSegmentLength which is per connection and so a bit hackish to
read out. In the long run the min() of all connection MaxRecvDataSegmentLength
should be stored in the session struct.
henning [Mon, 21 Apr 2014 12:22:25 +0000 (12:22 +0000)]
ip_output() using varargs always struck me as bizarre, esp since it's only
ever used to pass on uint32 (for ipsec). stop that madness and just pass
the uint32, 0 in all cases but the two that pass the ipsec flowinfo.
ok deraadt reyk guenther
guenther [Mon, 21 Apr 2014 11:58:48 +0000 (11:58 +0000)]
Fix off-by-one error in PG_LGFRAME mask
ok mlarkin@
espie [Mon, 21 Apr 2014 11:42:31 +0000 (11:42 +0000)]
add support for reading/writing long paths and linkpaths as extended
headers
deraadt [Mon, 21 Apr 2014 11:37:41 +0000 (11:37 +0000)]
improve realloc/calloc/malloc patterns; ok guenther
guenther [Mon, 21 Apr 2014 11:27:34 +0000 (11:27 +0000)]
Use internal '__' names for __attributes__ in public headers
deraadt [Mon, 21 Apr 2014 11:23:09 +0000 (11:23 +0000)]
Delete #if 0'd time related functions which are totally expired.
No point even seeing these when we do the 2038 audit later on...
deraadt [Mon, 21 Apr 2014 11:19:28 +0000 (11:19 +0000)]
modernize malloc call
deraadt [Mon, 21 Apr 2014 11:18:34 +0000 (11:18 +0000)]
Replace entire printf-like guts with calls to libc snprintf.
funopen(3) is used to interface to BIO descriptors.
ok guenther
deraadt [Mon, 21 Apr 2014 11:12:49 +0000 (11:12 +0000)]
Bring malloc/calloc/realloc sequences to modern standard
ok guenther
henning [Mon, 21 Apr 2014 11:10:54 +0000 (11:10 +0000)]
we'll do fine without casting NULL to struct foo * / void *
ok gcc & md5 (alas, no binary change)
henning [Mon, 21 Apr 2014 10:07:58 +0000 (10:07 +0000)]
remove a define in an #ifdef notyet - "not yet" for 19 years gotta be
enough.
remove a define in an #ifdef notdef /* obsolete */ - 14 years are enough
henning [Mon, 21 Apr 2014 10:05:27 +0000 (10:05 +0000)]
annotate all #endifs to make clear what #if(def) they end
henning [Mon, 21 Apr 2014 09:57:27 +0000 (09:57 +0000)]
cosmetic changes regarding #ifdef to make things more obvious, ok reyk
claudio [Mon, 21 Apr 2014 09:48:31 +0000 (09:48 +0000)]
Now that we properly negotiate the session params we can enable sending
of immediate data for write commands. This gives a nice 20% performance
boost on writes compared to the solicited data transaction we did before.
deraadt [Mon, 21 Apr 2014 09:23:41 +0000 (09:23 +0000)]
remove macros wrapping malloc/calloc/free/realloc
guenther [Mon, 21 Apr 2014 09:22:15 +0000 (09:22 +0000)]
While we don't recommend using ext2fs, the directions for doing so
shouldn't be misleading
ok krw@
deraadt [Mon, 21 Apr 2014 09:00:56 +0000 (09:00 +0000)]
sync
guenther [Mon, 21 Apr 2014 08:46:59 +0000 (08:46 +0000)]
Correctly document the return value of getenv(3)
From Ben Cornett (ben (at) lantern.is)
ajacoutot [Mon, 21 Apr 2014 08:42:01 +0000 (08:42 +0000)]
Bye bye *hosts.equiv.
ok deraadt@
jsing [Mon, 21 Apr 2014 08:41:26 +0000 (08:41 +0000)]
KNF.
krw [Mon, 21 Apr 2014 08:19:38 +0000 (08:19 +0000)]
Don't leak mountpoint info. Now with replacement for silly realloc() dance
that appears to fix mysterious crashes seen with previous version that
tried to sneak in to 5.5.
ok otto@
jmatthew [Mon, 21 Apr 2014 04:17:07 +0000 (04:17 +0000)]
In qla_get_port_name_list, handle malloc failure, skip special fabric ports,
and set location on ports as best we can. Take the port mutex too.
dlg [Mon, 21 Apr 2014 04:02:52 +0000 (04:02 +0000)]
th_code is in network byte order
tedu [Mon, 21 Apr 2014 02:44:28 +0000 (02:44 +0000)]
clean up files we don't need
beck [Mon, 21 Apr 2014 00:52:00 +0000 (00:52 +0000)]
fix accidentally deleted deref.
beck [Sun, 20 Apr 2014 23:30:12 +0000 (23:30 +0000)]
ASN1_STRING cleanup - realloc has handled NULL since I had a mullet
and parachute pants - and since it's obvious there is no guarantee
the caller doesn't pass in the data area in the argument, use memmove
instead of memcpy so overlapping areas are handled correctly.
Also, pointers can be usefully printed in hex with %p, in error messaeges
rather than the bizzaro stuff that was there using mystical buffer lengths
and abuse of strlcpy-converted-blindly-from-strcpy
jmc [Sun, 20 Apr 2014 22:52:26 +0000 (22:52 +0000)]
tweak previous;
ajacoutot [Sun, 20 Apr 2014 22:35:10 +0000 (22:35 +0000)]
Prevent lpd(8) from looking into hosts.equiv.
Access control is now done only using hosts.lpd.
See lpd(8) for more information about the format of this file.
"seems reasonable" tedu@
"looks good" deraadt@
ok sthen@
beck [Sun, 20 Apr 2014 22:32:58 +0000 (22:32 +0000)]
replace a bunch of pointer-arithmatic-strcpy-converted-blindly-to-strlcpy
cruft with an snprintf.
"better than what was there" ok guenther@
guenther [Sun, 20 Apr 2014 22:31:55 +0000 (22:31 +0000)]
Eliminate duplicated logic by switching from malloc+snprintf to asprintf
ok beck@
claudio [Sun, 20 Apr 2014 22:22:18 +0000 (22:22 +0000)]
Add iscsictl bits to show the vscsi stats.
claudio [Sun, 20 Apr 2014 22:18:04 +0000 (22:18 +0000)]
Introduce some basic stats for the vscsi layer. Just counting the commands
and the bytes we push through vscsi(4).
ajacoutot [Sun, 20 Apr 2014 22:15:49 +0000 (22:15 +0000)]
check_hosts_equiv -> check_hosts_lpd
i.e. don't check for hosts.equiv anymore.
input/ok schwarze@, ok sthen@
schwarze [Sun, 20 Apr 2014 22:03:40 +0000 (22:03 +0000)]
in debug messages, truncating strings of excessive lengths is actually
a good thing, so cast the return value from sprintf to (void);
this concludes the mandoc sprintf audit
krw [Sun, 20 Apr 2014 21:25:07 +0000 (21:25 +0000)]
Make -L even more useful to monitoring processes. Truncate and
refill the file rather than creating a new one, which preserves
an fd being monitored. And truncate file on losing link.
Things like sysutils/ertn should now be able to see new leases, lease
renewals and cable unplugs.
tweaks by and ok sthen@
schwarze [Sun, 20 Apr 2014 20:48:34 +0000 (20:48 +0000)]
strlen+malloc+snprintf is error prone;
rewrite post_lb() to use asprintf(3) instead
stsp [Sun, 20 Apr 2014 20:35:07 +0000 (20:35 +0000)]
regen