openbsd
6 years agoIf getcwd() fails in dinit(), the stat buffer 'swd' is used
millert [Wed, 19 Sep 2018 18:55:33 +0000 (18:55 +0000)]
If getcwd() fails in dinit(), the stat buffer 'swd' is used
uninitialized by the else clause.  Since it is used in both clauses
we should perform the stat before the if().  However, fixing this
causes 'cp' to be unitialized in some case so initialize cp to NULL
and move the "cp == NULL" check out of the first if() clause now
that it can be true in either case.  OK miko@ deraadt@

6 years agoFix last commit, I made one of the changes to the wrong line.
millert [Wed, 19 Sep 2018 18:48:55 +0000 (18:48 +0000)]
Fix last commit, I made one of the changes to the wrong line.
Noticed by martijn@

6 years agoUpdate disklabel(8) man page with the new 5G minimum for /usr/obj.
bluhm [Wed, 19 Sep 2018 18:35:21 +0000 (18:35 +0000)]
Update disklabel(8) man page with the new 5G minimum for /usr/obj.
Remove Tn macro to make mandoc lint happy.
requested by jmc@

6 years agofix message to reflect "rmidi" is the expected string; ok ratchov@
miko [Wed, 19 Sep 2018 16:21:00 +0000 (16:21 +0000)]
fix message to reflect "rmidi" is the expected string; ok ratchov@

6 years agoCompare against NULL, not '\0' for pointers. Quiets a warning on
millert [Wed, 19 Sep 2018 15:14:35 +0000 (15:14 +0000)]
Compare against NULL, not '\0' for pointers.  Quiets a warning on
newer gcc.

6 years agosys/stat.h not needed here; ok ratchov@
miko [Wed, 19 Sep 2018 14:01:52 +0000 (14:01 +0000)]
sys/stat.h not needed here; ok ratchov@

6 years agoAlways call bridge_iflist `bif'.
mpi [Wed, 19 Sep 2018 13:17:21 +0000 (13:17 +0000)]
Always call bridge_iflist `bif'.

ok bluhm@, visa@

6 years agoWrap sending imsg to the RDE in a function and make sure that the ibuf
claudio [Wed, 19 Sep 2018 13:09:30 +0000 (13:09 +0000)]
Wrap sending imsg to the RDE in a function and make sure that the ibuf
to the RDE is valid. The SE is stopping all sessions on exit and so
session_stop() is called which will send an imsg to the RDE which is no
longer there. Instead of fixing just one call fix all. Now the SE should
no longer crash when the RDE crashes.
OK sthen@

6 years agoTry to turn this into an actual regress test.
krw [Wed, 19 Sep 2018 12:20:47 +0000 (12:20 +0000)]
Try to turn this into an actual regress test.

with & ok bluhm@

6 years agoDo not abort when the ca privenc runs into a timeout.
reyk [Wed, 19 Sep 2018 11:28:02 +0000 (11:28 +0000)]
Do not abort when the ca privenc runs into a timeout.

OK claudio@

6 years agoReport duplex state correctly for adapters with firmware interface versions
jmatthew [Wed, 19 Sep 2018 10:26:17 +0000 (10:26 +0000)]
Report duplex state correctly for adapters with firmware interface versions
older than 1.08.

tested by and ok ccardenas@

6 years agoFree edid_buf after use so to fix possible memory leak.
claudio [Wed, 19 Sep 2018 08:12:39 +0000 (08:12 +0000)]
Free edid_buf after use so to fix possible memory leak.
With and ok jsg@

6 years agoIn mue_iff() move the initialization of the hash table up so that is done
mestre [Wed, 19 Sep 2018 07:47:54 +0000 (07:47 +0000)]
In mue_iff() move the initialization of the hash table up so that is done
unconditionally, like it's done on other devices, so that we don't end up in
the situation of the card being put in promiscuous mode or if
ac->ac_multirangecnt > 0 and then we would write into the table while being
uninitialized a little bit later.

Noticed on Coverity ID 1473316.

hint from claudio@ and kettenis@
OK kevlo@ claudio@

6 years agorename the ill-named "flags" member to "as_host" in domain structure.
eric [Wed, 19 Sep 2018 05:31:12 +0000 (05:31 +0000)]
rename the ill-named "flags" member to "as_host" in domain structure.
remove yet another useless relay flag while there.

ok gilles@

6 years agoDelete checks of the CST bit_width ('vendor') field, as new Ryzen machines
guenther [Wed, 19 Sep 2018 05:23:16 +0000 (05:23 +0000)]
Delete checks of the CST bit_width ('vendor') field, as new Ryzen machines
are showing up with vendor 2 and it doesn't seem to mean anything: Linux
doesn't check it at all, so this exhibits all the normal ACPI spec lossage

tested in snaps for a few weeks
shrug kettenis@

6 years agoVarious clean up items for disks.
ccardenas [Wed, 19 Sep 2018 04:29:21 +0000 (04:29 +0000)]
Various clean up items for disks.

- qcow2: general cleanup
- vioraw: check malloc
- virtio: add function to sync disks
- vm: call virtio_shutdown to sync disks when vm is finished executing

Thanks to Ori Bernstein.

Ok miko@

6 years agoMake "ssh-add -q" do what it says on the tin: silence output from
djm [Wed, 19 Sep 2018 02:03:02 +0000 (02:03 +0000)]
Make "ssh-add -q" do what it says on the tin: silence output from
successful operations.

Based on patch from Thijs van Dijk; ok dtucker@ deraadt@

6 years agoUpdating time counters without memory barriers is wrong. Put
bluhm [Tue, 18 Sep 2018 20:47:11 +0000 (20:47 +0000)]
Updating time counters without memory barriers is wrong.  Put
membar_producer() into tc_windup() and membar_consumer() into the
uptime functions.  They order the visibility of the time and
generation number updates.
This is a combination of what NetBSD and FreeBSD do.
OK kettenis@

6 years agoUpdate to compiler-rt 6.0.0.
patrick [Tue, 18 Sep 2018 20:21:40 +0000 (20:21 +0000)]
Update to compiler-rt 6.0.0.

tested by naddy@
ok kettenis@

6 years agosync
deraadt [Tue, 18 Sep 2018 19:40:15 +0000 (19:40 +0000)]
sync

6 years ago6.5 packages key
naddy [Tue, 18 Sep 2018 19:15:40 +0000 (19:15 +0000)]
6.5 packages key

6 years ago6.5 base key
deraadt [Tue, 18 Sep 2018 18:48:16 +0000 (18:48 +0000)]
6.5 base key

6 years agowhitespace fix; no binary change
anton [Tue, 18 Sep 2018 18:36:27 +0000 (18:36 +0000)]
whitespace fix; no binary change

6 years agoBackport support for option -a to addr2line, which will display each address
anton [Tue, 18 Sep 2018 18:25:31 +0000 (18:25 +0000)]
Backport support for option -a to addr2line, which will display each address
given as input before the resolved source location. This change was introduced
to bintutils after the switch from GPLv2 but the author Tristan Gingold granted
me permission relicense the diff under GPLv2; thanks!

Taken as is from binutils commit be6f64938f985dfb0eaa2107b99f193bb865ce04

This option is used by the syzkaller kernel fuzzer to produce a human readable
representation of the coverage collected by kcov.

ok deraadt@ jca@ visa@

6 years agoRestore the xmalloc(), xcalloc(), xreallocarray() and xstrdup() changes.
millert [Tue, 18 Sep 2018 17:48:22 +0000 (17:48 +0000)]
Restore the xmalloc(), xcalloc(), xreallocarray() and xstrdup() changes.
OK deraadt@

6 years agoThe dmesg buffer is sufficiently large now that using the accumulated
naddy [Tue, 18 Sep 2018 17:43:40 +0000 (17:43 +0000)]
The dmesg buffer is sufficiently large now that using the accumulated
output from several boots in the dmesg listener can overflow the
ramdisk, so use only one boot's worth of dmesg in the listener.
sed(1) expression from kn@.  ok deraadt@

6 years agos/mulitprotocol/multiprotocol/ in error text
sthen [Tue, 18 Sep 2018 16:54:01 +0000 (16:54 +0000)]
s/mulitprotocol/multiprotocol/ in error text

6 years agovmm(4): Reset host LDTR on exit for SVM
mlarkin [Tue, 18 Sep 2018 16:02:08 +0000 (16:02 +0000)]
vmm(4): Reset host LDTR on exit for SVM

For SVM machines, the LDT content remains set to that of the guest VM on
exit (as compared to Intel/VMX which resets the LDTR to 0). This fix
ensures the LDT is reset to 0 on SVM exits.

Leaving the LDT set to the guest's choice could allow a malicious process
to escalate its privileges with the help of a malicious VM that they
also are able to run on the machine.

This was reported by Maxime Villard; thanks!

6 years agoStart testing the roa backend (test 5) and cleanup tool in general.
claudio [Tue, 18 Sep 2018 15:15:32 +0000 (15:15 +0000)]
Start testing the roa backend (test 5) and cleanup tool in general.

6 years agoBackend for roa-sets. This combines as_sets and prefix-set tries to do
claudio [Tue, 18 Sep 2018 15:14:07 +0000 (15:14 +0000)]
Backend for roa-sets. This combines as_sets and prefix-set tries to do
proper ROA checking. There is a new match function trie_roa_check which
does a trie traversal and looks for candidates and matches. If prefix
is not covered then ROA_UNKNOWN is returned, if prefix is covered by an
entry it will return ROA_INVALID unless the source-as / maxlen combo is
matching (ROA_VALID).
OK and input sthen@

6 years agoFix typo in previous: group_from_gid(st->st_gid, 1), not st_uid.
tb [Tue, 18 Sep 2018 15:14:06 +0000 (15:14 +0000)]
Fix typo in previous: group_from_gid(st->st_gid, 1), not st_uid.
This broke the chmod regression test, as noted and tracked down
by bluhm.

ok millert

6 years agofix a crash when prefix length is not specified
denis [Tue, 18 Sep 2018 13:55:28 +0000 (13:55 +0000)]
fix a crash when prefix length is not specified

6 years agoIncrease minimum size for /usr/obj partition to 5 Gig. This allows
bluhm [Tue, 18 Sep 2018 13:53:09 +0000 (13:53 +0000)]
Increase minimum size for /usr/obj partition to 5 Gig.  This allows
to run make build and make regress after a default install.
OK deraadt@

6 years agogrow arm64 ramdisk
deraadt [Tue, 18 Sep 2018 13:45:09 +0000 (13:45 +0000)]
grow arm64 ramdisk

6 years agofix table commands under anchors
kn [Tue, 18 Sep 2018 12:55:19 +0000 (12:55 +0000)]
fix table commands under anchors

With r1.358 I simplified anchor handling but also broke semantics with
regard to tables:

# pfctl -a aname -t tname -T show
pfctl: anchors apply to -f, -F and -s only

Unbreak this by checking for table commands as well.

OK bluhm

6 years agodocument parallel2
espie [Tue, 18 Sep 2018 12:49:10 +0000 (12:49 +0000)]
document parallel2

6 years agocast HWRM_NA_SIGNATURE when shortening it to keep gcc happy, prodded by jsg@
jmatthew [Tue, 18 Sep 2018 07:21:49 +0000 (07:21 +0000)]
cast HWRM_NA_SIGNATURE when shortening it to keep gcc happy, prodded by jsg@

6 years agobackout last week of csh diffs. They are disasterously broken, on i386
deraadt [Tue, 18 Sep 2018 06:56:09 +0000 (06:56 +0000)]
backout last week of csh diffs.  They are disasterously broken, on i386
it becomes entirely unusable.

6 years agofix memory leak in ieee80211_end_scan()
mestre [Tue, 18 Sep 2018 06:36:18 +0000 (06:36 +0000)]
fix memory leak in ieee80211_end_scan()

OK phessler@ jsg@

6 years agoellapsed -> elapsed; ok jmc@
miko [Tue, 18 Sep 2018 06:21:45 +0000 (06:21 +0000)]
ellapsed -> elapsed; ok jmc@

6 years agoi forgot to sync sndiod with aucat/dsp.c rev 1.12
miko [Tue, 18 Sep 2018 06:05:45 +0000 (06:05 +0000)]
i forgot to sync sndiod with aucat/dsp.c rev 1.12

6 years agoclear p->ctx array with memset(); ok ratchov@
miko [Tue, 18 Sep 2018 04:29:58 +0000 (04:29 +0000)]
clear p->ctx array with memset(); ok ratchov@

6 years agoUse user_from_uid(3) if getlogin(2) fails, storing the uid as a
millert [Tue, 18 Sep 2018 03:10:53 +0000 (03:10 +0000)]
Use user_from_uid(3) if getlogin(2) fails, storing the uid as a
string if there is no passwd entry.  OK tb@

6 years agoUse user_from_uid(3) instead of getpwuid(3) and keep the passwd
millert [Tue, 18 Sep 2018 03:09:55 +0000 (03:09 +0000)]
Use user_from_uid(3) instead of getpwuid(3) and keep the passwd
file open.  OK tb@

6 years agoAccount from the fact that we store ech entry three times when
millert [Tue, 18 Sep 2018 03:05:42 +0000 (03:05 +0000)]
Account from the fact that we store ech entry three times when
estimating the number of hash table elements.  Also set the bucket
size to be the optimal file system block size instead of hard-coding
to 4096.  OK tb@

6 years agoremove macros for xmalloc(), xcalloc() & xreallocarray() and just name the
miko [Tue, 18 Sep 2018 02:29:10 +0000 (02:29 +0000)]
remove macros for xmalloc(), xcalloc() & xreallocarray() and just name the
functions that.

ok millert@ martijn@

6 years agofix order of arguments in fmt.Printf()
tb [Tue, 18 Sep 2018 01:05:37 +0000 (01:05 +0000)]
fix order of arguments in fmt.Printf()

6 years agoSimplify initialization of asn1_cb; use correct spelling of NULL.
tb [Mon, 17 Sep 2018 18:18:01 +0000 (18:18 +0000)]
Simplify initialization of asn1_cb; use correct spelling of NULL.

6 years agotypo in comment
sthen [Mon, 17 Sep 2018 17:06:33 +0000 (17:06 +0000)]
typo in comment

6 years agoReplace any() with strchr(3).
martijn [Mon, 17 Sep 2018 16:00:19 +0000 (16:00 +0000)]
Replace any() with strchr(3).

OK millert@ and miko@

6 years agoupdate the installed path for sendmail: from matt schwartz
jmc [Mon, 17 Sep 2018 15:46:37 +0000 (15:46 +0000)]
update the installed path for sendmail: from matt schwartz
trim the comment - it is just repeating info

ok benno

6 years agoclean up the amount of printf in usage(): from sascha paunovic
jmc [Mon, 17 Sep 2018 15:44:16 +0000 (15:44 +0000)]
clean up the amount of printf in usage(): from sascha paunovic
move the descriptive text in usage() to the man page: from robert klein

6 years agoUse the strict pragma for better warnings.
millert [Mon, 17 Sep 2018 15:41:17 +0000 (15:41 +0000)]
Use the strict pragma for better warnings.

6 years agoWhen choosing a prime from the moduli file, avoid re-using the
millert [Mon, 17 Sep 2018 15:40:14 +0000 (15:40 +0000)]
When choosing a prime from the moduli file, avoid re-using the
linenum variable for something that is not a line number to avoid
the confusion that resulted in the bug in rev. 1.64.  This also
lets us pass the actual linenum to parse_prime() so the error
messages include the correct line number.  OK markus@ some time ago.

6 years agoMove tally mark printing out of the main benchmark loop; ok tb@
cheloha [Mon, 17 Sep 2018 15:37:35 +0000 (15:37 +0000)]
Move tally mark printing out of the main benchmark loop; ok tb@

6 years agoSimplify VFS initialization.
visa [Mon, 17 Sep 2018 14:56:37 +0000 (14:56 +0000)]
Simplify VFS initialization.

Because loadable kernel modules are no longer, there is no need to
register or unregister filesystem implementations at runtime. Remove
vfs_register() and vfs_unregister(), and make vfsinit() call vfs_init
routines directly. Replace the linked list of vfsconf structs with
the vfsconflist[] array.

OK mpi@ bluhm@

6 years agounveil(2) "path" (/dev/audioctl0 by default, or changed via args) with rw
mestre [Mon, 17 Sep 2018 14:14:39 +0000 (14:14 +0000)]
unveil(2) "path" (/dev/audioctl0 by default, or changed via args) with rw
access and disable further calls to unveil(2) with unveil(NULL, NULL).

OK ratchov@

6 years agoDo not acknowledge a received ack-only tcp packet that we would drop due to
friehm [Mon, 17 Sep 2018 14:07:48 +0000 (14:07 +0000)]
Do not acknowledge a received ack-only tcp packet that we would drop due to
PAWS. Otherwise we could trigger a retransmit of the opposite party with another
wrong timestamp and produce loop. I have seen this with a buggy server which
messed up tcp timestamps.
Suggested by Prof. Jacobson for FreeBSD.

ok krw, bluhm, henning, mpi

6 years agoRename struct as_set to struct irr_as_set to not conflict with bgpd.
claudio [Mon, 17 Sep 2018 13:35:36 +0000 (13:35 +0000)]
Rename struct as_set to struct irr_as_set to not conflict with bgpd.
OK $CC

6 years agoavoid calling make_full for determining special file status, since we
espie [Mon, 17 Sep 2018 12:39:46 +0000 (12:39 +0000)]
avoid calling make_full for determining special file status, since we
can rely on is_info_name + cwd == '.'

6 years agosimplify code path for backup relay and remove useless flag
eric [Mon, 17 Sep 2018 12:16:27 +0000 (12:16 +0000)]
simplify code path for backup relay and remove useless flag

ok gilles@

6 years agoremove binary doc files that aren't really useful to have in-tree
sthen [Mon, 17 Sep 2018 10:00:41 +0000 (10:00 +0000)]
remove binary doc files that aren't really useful to have in-tree

6 years agomerge conflicts
sthen [Mon, 17 Sep 2018 09:46:12 +0000 (09:46 +0000)]
merge conflicts

6 years agoimport unbound 1.7.3, testing from benno@ and Brad.
sthen [Mon, 17 Sep 2018 09:43:42 +0000 (09:43 +0000)]
import unbound 1.7.3, testing from benno@ and Brad.

6 years agofix memory leaks in ieee80211_add_ess()
jsg [Mon, 17 Sep 2018 02:34:16 +0000 (02:34 +0000)]
fix memory leaks in ieee80211_add_ess()
ok stsp@ phessler@

6 years agoFix length checks in the receive path of iwm(4).
stsp [Sun, 16 Sep 2018 19:41:45 +0000 (19:41 +0000)]
Fix length checks in the receive path of iwm(4).
Prompted by a panic reported by Xavier Guerin on bugs@
ok tb@

6 years agoThe kernel does not set the address family for the socket addresses
bluhm [Sun, 16 Sep 2018 19:36:33 +0000 (19:36 +0000)]
The kernel does not set the address family for the socket addresses
that are used for netmask, broadcast, and destination address.  In
pfctl(8) take the family of the interface address and write it to
the other addresses.  This fixes some bugs when copy_satopfaddr()
copied only part of IPv6 addresses.  Print a warning if the address
family is unknown.
OK kn@

6 years agoadd missing default case to switch
tb [Sun, 16 Sep 2018 19:22:50 +0000 (19:22 +0000)]
add missing default case to switch

6 years agoIf a prefix without length was specifed in the config file, then
bluhm [Sun, 16 Sep 2018 18:58:36 +0000 (18:58 +0000)]
If a prefix without length was specifed in the config file, then
128 was used.  This does not make much sense for rad(8).  Change
the default prefixlen to 64.
OK florian@

6 years agoEVP_aead_chacha20_poly1305() can't actually fail.
tb [Sun, 16 Sep 2018 18:44:33 +0000 (18:44 +0000)]
EVP_aead_chacha20_poly1305() can't actually fail.

6 years agoUnbreak tree with 'char *' -> 'const char *' for
krw [Sun, 16 Sep 2018 17:37:11 +0000 (17:37 +0000)]
Unbreak tree with 'char *' -> 'const char *' for
userid().

6 years agoAdd support for setting NVRAM variables.
kettenis [Sun, 16 Sep 2018 14:27:32 +0000 (14:27 +0000)]
Add support for setting NVRAM variables.

6 years agoAdd missing includes for setpassent() and setgroupent().
millert [Sun, 16 Sep 2018 12:43:40 +0000 (12:43 +0000)]
Add missing includes for setpassent() and setgroupent().

6 years agoAdjust sparc64 bits after libunwind 6.0.0 update.
kettenis [Sun, 16 Sep 2018 12:26:06 +0000 (12:26 +0000)]
Adjust sparc64 bits after libunwind 6.0.0 update.

ok visa@

6 years agoVarious improvements to generate logical domain configurations that are
kettenis [Sun, 16 Sep 2018 12:17:05 +0000 (12:17 +0000)]
Various improvements to generate logical domain configurations that are
accepted by more modern firmwares.  In particular on SPARC T3 machines.

Tested on a t1k and t5120.

6 years agoRename *AesCcmOrGcm* into the slightly less ugly *AesAead*.
tb [Sun, 16 Sep 2018 11:45:08 +0000 (11:45 +0000)]
Rename *AesCcmOrGcm* into the slightly less ugly *AesAead*.

6 years agoMove vfsconf lookup code into dedicated functions.
visa [Sun, 16 Sep 2018 11:41:44 +0000 (11:41 +0000)]
Move vfsconf lookup code into dedicated functions.

OK bluhm@

6 years agoWith prefixlen 128, mask_prefix() in rad(8) caused a stack overflow
bluhm [Sun, 16 Sep 2018 08:53:02 +0000 (08:53 +0000)]
With prefixlen 128, mask_prefix() in rad(8) caused a stack overflow
in the config parser.  Add an out of bounds check for the in6_addr.
OK florian@

6 years agoUse uid_from_user(3) and gid_from_group(3) in utilities that
millert [Sun, 16 Sep 2018 02:44:06 +0000 (02:44 +0000)]
Use uid_from_user(3) and gid_from_group(3) in utilities that
do repeated lookups.  OK tb@

6 years agoUse user_from_uid(3) and group_from_gid(3) in a few more places
millert [Sun, 16 Sep 2018 02:43:11 +0000 (02:43 +0000)]
Use user_from_uid(3) and group_from_gid(3) in a few more places
that do repeated lookups.  OK tb@

6 years agoUse user_from_uid(3) and group_from_gid(3) to avoid extra passwd
millert [Sun, 16 Sep 2018 02:42:19 +0000 (02:42 +0000)]
Use user_from_uid(3) and group_from_gid(3) to avoid extra passwd
and group file lookups.  This required a bit of reordering of the
file mode handling bits to deal with the const char *.  OK tb@

6 years agoUse user_from_uid(3), group_from_gid(3), uid_from_user(3) and
millert [Sun, 16 Sep 2018 02:41:16 +0000 (02:41 +0000)]
Use user_from_uid(3), group_from_gid(3), uid_from_user(3) and
gid_from_group(3) to avoid repeatedly looking up the same user/group.
Also keep the passwd and group files open to avoid opening and
closing them all the time. OK tb@

6 years agoReplace the local getname() and getuserid() functions with calls
millert [Sun, 16 Sep 2018 02:38:57 +0000 (02:38 +0000)]
Replace the local getname() and getuserid() functions with calls
to user_from_uid(3) and uid_from_user(3).  This requires sprinkling
const in a few places to match the return value of user_from_uid(3).
OK tb@

6 years agoanother typo. time to sleep
tb [Sat, 15 Sep 2018 22:09:08 +0000 (22:09 +0000)]
another typo. time to sleep

6 years agotypos
tb [Sat, 15 Sep 2018 22:07:52 +0000 (22:07 +0000)]
typos

6 years agoadd a brief comment on the acceptable AES CCM and AES GCM cases
tb [Sat, 15 Sep 2018 22:03:28 +0000 (22:03 +0000)]
add a brief comment on the acceptable AES CCM and AES GCM cases

6 years agoAlso exercise EVP_aead_aes_128_gcm() and EVP_aead_aes_256_gcm().
tb [Sat, 15 Sep 2018 19:12:31 +0000 (19:12 +0000)]
Also exercise EVP_aead_aes_128_gcm() and EVP_aead_aes_256_gcm().

6 years agorename checkChaCha20Poly1305{Open,Seal}() into checkAead{Open,Seal}().
tb [Sat, 15 Sep 2018 19:09:07 +0000 (19:09 +0000)]
rename checkChaCha20Poly1305{Open,Seal}() into checkAead{Open,Seal}().

6 years agoMerge AES CCM, AES GCM and ChaCha20 data structures into
tb [Sat, 15 Sep 2018 19:06:47 +0000 (19:06 +0000)]
Merge AES CCM, AES GCM and ChaCha20 data structures into
single AEAD types. Will be used in upcoming commits.

6 years agoAdd missing conversion specifier
tb [Sat, 15 Sep 2018 16:05:17 +0000 (16:05 +0000)]
Add missing conversion specifier

6 years agoModify regress appstest.sh for interoperability testing with OpenSSL 1.1.x
inoguchi [Sat, 15 Sep 2018 13:26:13 +0000 (13:26 +0000)]
Modify regress appstest.sh for interoperability testing with OpenSSL 1.1.x

- add sleep before s_client instead of removing -pause option
- change check words for s_client output messages
- replace CAfile to CApath for s_time
- remove -prexit from s_client
- confirm openssl command path is executable

6 years agoAdd support for version 2.0 of the mdstore protocol.
kettenis [Sat, 15 Sep 2018 13:20:16 +0000 (13:20 +0000)]
Add support for version 2.0 of the mdstore protocol.

6 years agostrsave() is hard-fail strdup() so simplify and rename to xstrdup().
miko [Sat, 15 Sep 2018 12:15:32 +0000 (12:15 +0000)]
strsave() is hard-fail strdup() so simplify and rename to xstrdup().
with help from martijn@.

ok millert@ martijn@

6 years agoFix fortune underlines and use the right number of underscores in Notes.
bentley [Sat, 15 Sep 2018 09:44:19 +0000 (09:44 +0000)]
Fix fortune underlines and use the right number of underscores in Notes.

ok sthen@

6 years agoInitialize the TDB to NULL in ipsec_common_input() and
mestre [Fri, 14 Sep 2018 23:40:10 +0000 (23:40 +0000)]
Initialize the TDB to NULL in ipsec_common_input() and
ipsec_{input,output}_cb() so that in the case of sending or receiving a bogus
mbuf (NULL) we don't end up trying to dereference the TDB, while being an
uninitialized pointer, to increase the drops.

Coverity IDs 14733121473313 and 1473317.

OK mpi@ visa@

6 years agoDo not leak a file descriptor when opening nohup.out. Make sure
bluhm [Fri, 14 Sep 2018 18:17:46 +0000 (18:17 +0000)]
Do not leak a file descriptor when opening nohup.out.  Make sure
that stdout and stderr are not closed.
from Nan Xiao

6 years agoUnify and bump some of the NMBCLUSTERS defines. Some archs had it set to
claudio [Fri, 14 Sep 2018 13:58:20 +0000 (13:58 +0000)]
Unify and bump some of the NMBCLUSTERS defines. Some archs had it set to
4MB which is far too low especially when the platform is able to run MP.
New limits are, amd64 = 256M; arm64, mips64, sparc64 = 64M; alpha, arm,
hppa, i386, powerpc = 32M; m88k, sh = 8M
Still rather conservative numbers but much better than before. At least
some hangs of arm64 build boxes was caused by this.
OK kettenis@, visa@

6 years agoAdd interoperability test mode for regress appstest.sh
inoguchi [Fri, 14 Sep 2018 13:54:57 +0000 (13:54 +0000)]
Add interoperability test mode for regress appstest.sh

- test s_server and s_client between different version by option -i
- indicate other version by defining OTHER_OPENSSL environment variable
- fix "SSL/TLS" to "TLS/SSL", since TLS is correct as technical term
- s/SKIPPNG/SKIPPING/

6 years agoadd gapdummy.c to the "clean" target like other generated files
naddy [Fri, 14 Sep 2018 13:49:01 +0000 (13:49 +0000)]
add gapdummy.c to the "clean" target like other generated files
ok visa@ jsg@ phessler@

6 years agoPass -L/usr/lib to the linker in preparation for switching to lld, which
naddy [Fri, 14 Sep 2018 13:44:18 +0000 (13:44 +0000)]
Pass -L/usr/lib to the linker in preparation for switching to lld, which
does not have a default search path.  ok kettenis@ jsg@