jmc [Sun, 13 Jul 2014 17:39:57 +0000 (17:39 +0000)]
tweak previous;
deraadt [Sun, 13 Jul 2014 17:39:56 +0000 (17:39 +0000)]
do not need malloc.h
deraadt [Sun, 13 Jul 2014 17:34:25 +0000 (17:34 +0000)]
use mallocarray where arguments are multiplied; ok tedu
jmc [Sun, 13 Jul 2014 17:28:13 +0000 (17:28 +0000)]
-N for SYNOPSIS and usage(), and some small changes to previous;
espie [Sun, 13 Jul 2014 17:24:06 +0000 (17:24 +0000)]
bye bye src url. Never amounted to much, we went another road a while ago
pirofti [Sun, 13 Jul 2014 17:19:17 +0000 (17:19 +0000)]
Keep track of port connections and port resets.
Also notify upstream when a port finished reseting and when the
connection status changes.
Gets things further along to the point where pipe device transfer
and control methods are required.
espie [Sun, 13 Jul 2014 17:17:21 +0000 (17:17 +0000)]
bundling base + packages was slow, as it needed to find lots of files.
different approach: mark the base system in one go, then hand pick the
files from the pkglocatedb.
quite a few unaccounted files yet, this will get better
claudio [Sun, 13 Jul 2014 17:07:00 +0000 (17:07 +0000)]
Set KERN_PROC_NOBROADCASTKILL so that iscsid is not killed by init
when terminating multi-user so that we have a chance to sync the
file systems mounted via iscsi.
deraadt [Sun, 13 Jul 2014 17:02:48 +0000 (17:02 +0000)]
sync
pelikan [Sun, 13 Jul 2014 16:59:35 +0000 (16:59 +0000)]
kill fs2hXX/h2fsXX macros with letohXX/htoleXX
The reason being that ext2 structures are little-endian but JBD2 journal
is big-endian. Don't confuse readers by talking about "file system endian".
Some KNF while there.
ok guenther
bluhm [Sun, 13 Jul 2014 16:58:43 +0000 (16:58 +0000)]
Put back a m_copyback() that got lost in rev 1.837 of pf.c. This
fixes the rewrite of an IPv6 header of an ICMP6 packet in the payload
of an ICMP6 error packet. Path MTU discovery with ping6 over pf
nat or rdr works again.
Found by src/regress/sys/net/pf_fragment make run-regress-fragping6
OK henning@
deraadt [Sun, 13 Jul 2014 16:50:25 +0000 (16:50 +0000)]
GPTSIGNATURE must be LL, for operation on non-punk machines
ok punk
claudio [Sun, 13 Jul 2014 16:49:47 +0000 (16:49 +0000)]
Add iscsid_flags to rc.conf so we do not try to start iscsid all the time.
Noticed by naddy@
pelikan [Sun, 13 Jul 2014 16:44:20 +0000 (16:44 +0000)]
kill fs2hXX/h2fsXX macros with letohXX/htoleXX
The reason being that ext2 structures are little-endian but JBD2 journal
is big-endian. Don't confuse readers by talking about "file system endian".
While here, nuke the copy of bswap.c and link it against the kernel's like
fsck_ext2fs has done, for better maintainability.
ok guenther
jsing [Sun, 13 Jul 2014 16:43:37 +0000 (16:43 +0000)]
Remove license introduced with the PSK code, which has since been removed.
ok deraadt@
krw [Sun, 13 Jul 2014 16:43:25 +0000 (16:43 +0000)]
When the three possible return values are -1, 0, and 1, != 1 is the same
as <= 0. And the latter is the normal idiom so use that.
ok claudio@ henning@
claudio [Sun, 13 Jul 2014 16:41:21 +0000 (16:41 +0000)]
Introduce PS_NOBROADCASTKILL a process flag that excludes processes from
receiving broadcast signals (kill -1). The flag can be set via a new
sysctl KERN_PROC_NOBROADCASTKILL. This will be used by iscsid to survive
the mass killing by init(8) when terminating multi-user operations.
With and OK guenther@
jsing [Sun, 13 Jul 2014 16:39:19 +0000 (16:39 +0000)]
Another compression remnant.
jsing [Sun, 13 Jul 2014 16:33:01 +0000 (16:33 +0000)]
Expand the tlsext_sigalg macros. The end result is about the same number
of lines and much more readable.
ok miod@
jsing [Sun, 13 Jul 2014 16:30:50 +0000 (16:30 +0000)]
Rewrite i2d_SSL_SESSION to use the ASN1 primitives, rather than using the
horrific macros from asn1_mac.h.
This is a classic example of using macros to obfuscate code, in an attempt
to reduce the line count. The end result is so ridiculously convoluted that
it is completely unreadable and it takes hours to deconstruct the macros
and figure out what is actually going on behind the scenes.
ok miod@
pelikan [Sun, 13 Jul 2014 16:08:53 +0000 (16:08 +0000)]
kill fs2hXX/h2fsXX macros with letohXX/htoleXX
The reason being that ext2 structures are little-endian but JBD2 journal
is big-endian. Don't confuse readers by talking about "file system endian".
ok guenther
jsing [Sun, 13 Jul 2014 16:03:54 +0000 (16:03 +0000)]
Add a regress test for the ASN1 handling of SSL session tickets.
beck [Sun, 13 Jul 2014 16:03:09 +0000 (16:03 +0000)]
The bell tolls for BUF_strdup - Start the migration to using
intrinsics. This is the easy ones, a few left to check one at
a time.
ok miod@ deraadt@
espie [Sun, 13 Jul 2014 15:58:40 +0000 (15:58 +0000)]
tedu setlist support, superseded by the new locate dbs.
espie [Sun, 13 Jul 2014 15:54:28 +0000 (15:54 +0000)]
stuff no longer needed, now that base/x release install its own locate dbs
mpi [Sun, 13 Jul 2014 15:52:49 +0000 (15:52 +0000)]
No need for <netinet/in_systm.h> here.
tedu [Sun, 13 Jul 2014 15:52:38 +0000 (15:52 +0000)]
bzero -> memset. for the speeds.
tedu [Sun, 13 Jul 2014 15:48:41 +0000 (15:48 +0000)]
trim some casts
miod [Sun, 13 Jul 2014 15:48:32 +0000 (15:48 +0000)]
Remove stale comment which used to explain why we had a special 31-bit freelist
for DMA, back when this was applicable.
logan [Sun, 13 Jul 2014 15:47:51 +0000 (15:47 +0000)]
Fix memory leak.
OK from beck@ and miod@
uebayasi [Sun, 13 Jul 2014 15:46:21 +0000 (15:46 +0000)]
KERNEL_ASSERT_LOCKED(9): Assertion for kernel lock (Rev. 3)
This adds a new assertion macro, KERNEL_ASSERT_LOCKED(), to assert that
kernel_lock is held. In the long process of removing kernel_lock, there will
be a lot (hundreds or thousands) of use of this; virtually almost all functions
in !MP-safe subsystems should have this assertion. Thus this assertion should
have a short, good name.
Not only that "KERNEL_ASSERT_LOCKED" is consistent with other KERNEL_* and
SCHED_ASSERT_LOCKED() macros.
Input from dlg@ guenther@ kettenis@.
OK dlg@ guenther@
miod [Sun, 13 Jul 2014 15:42:42 +0000 (15:42 +0000)]
OPENSSL_{malloc,free} -> {malloc,free}
miod [Sun, 13 Jul 2014 15:41:33 +0000 (15:41 +0000)]
Warn about the use of BUF_strdup.
reyk [Sun, 13 Jul 2014 15:39:01 +0000 (15:39 +0000)]
Remove a debug message
krw [Sun, 13 Jul 2014 15:38:09 +0000 (15:38 +0000)]
Since the event(s) passed to a callback can be a mask of all events
of interest and EV_WRITE is or'ed into the interesting events, it
is more correct to check both events each time. Pointed out by
Claudio.
ok henning@ claudio@
schwarze [Sun, 13 Jul 2014 15:38:06 +0000 (15:38 +0000)]
Compatibility hack for the old "manpath=OpenBSD<blank>" query parameter format;
unfortunate, more than 400 links needing this are scattered all around
the www.openbsd.org website, and CVSweb needs this as well.
pirofti [Sun, 13 Jul 2014 15:33:28 +0000 (15:33 +0000)]
Fall back to smaller spacing on the mips64 machines.
Please spare some change for the mips64 memory-challenged machines..
Some change, Sir?
Fixes at least the octeon platform. Found the hardway on my DSR500.
Found by Boss tedu@ and Boss deraadt@
Okay Boss miod@
miod [Sun, 13 Jul 2014 15:32:28 +0000 (15:32 +0000)]
Initial support to read GPT partition tables in the kernel, if option GPT.
Contributed by Markus Mueller; code based upon Bitrig's GPT support, with
stricter GPT structures validation and support for alternate header places.
ok deraadt@ jsing@ krw@
mpi [Sun, 13 Jul 2014 15:31:20 +0000 (15:31 +0000)]
Stop using old n_long and n_short types.
tedu [Sun, 13 Jul 2014 15:29:04 +0000 (15:29 +0000)]
use mallocarray where arguments are multipled. ok deraadt
reyk [Sun, 13 Jul 2014 15:11:23 +0000 (15:11 +0000)]
Sync file to be identical in relayd(8) and httpd(8).
reyk [Sun, 13 Jul 2014 15:07:50 +0000 (15:07 +0000)]
Finish writing the output before closing the connection
(adopted from relayd).
pelikan [Sun, 13 Jul 2014 15:07:01 +0000 (15:07 +0000)]
fill in proper sizes in free(9)
miod [Sun, 13 Jul 2014 15:06:02 +0000 (15:06 +0000)]
Update BUGS section.
tedu [Sun, 13 Jul 2014 15:00:40 +0000 (15:00 +0000)]
pass the size to free in some of the obvious cases
tedu [Sun, 13 Jul 2014 14:59:28 +0000 (14:59 +0000)]
if the freedsize isn't zero, check that's reasonable. ok beck
guenther [Sun, 13 Jul 2014 14:56:56 +0000 (14:56 +0000)]
If the only process in the pgrp is in the middle of exiting, it might
not have any threads left. Treat that the same as an empty pgrp.
encountered by and ok deraadt@
krw [Sun, 13 Jul 2014 14:50:03 +0000 (14:50 +0000)]
When renewing a lease, update client->active or you end up in a
tight renew loop. Caused by recent reshuffling of code in
bind_lease().
reyk [Sun, 13 Jul 2014 14:46:52 +0000 (14:46 +0000)]
Close the connection after the response is completed (no Keepalive yet).
tedu [Sun, 13 Jul 2014 14:25:00 +0000 (14:25 +0000)]
oops, i deleted the wrong word
tedu [Sun, 13 Jul 2014 14:24:23 +0000 (14:24 +0000)]
remove a lie spotted by guenther
tedu [Sun, 13 Jul 2014 14:21:14 +0000 (14:21 +0000)]
once srandomdev() is called, switch to using arc4random() but mask off the
high bit as required by posix. wouldn't want to break any standards.
idea and ok deraadt
reyk [Sun, 13 Jul 2014 14:17:37 +0000 (14:17 +0000)]
Add support for media types (aka. MIME types): the types section is
compatible to nginx' mime.types file which can be included directly.
If not present, use a few built-in defaults for html, css, txt, jpeg,
gif, png, and js.
jasper [Sun, 13 Jul 2014 14:16:09 +0000 (14:16 +0000)]
print leading '0x' for addresses and masks with DUMP_BOOT_{DESC,INFO}
ok pirofti@
ajacoutot [Sun, 13 Jul 2014 14:14:41 +0000 (14:14 +0000)]
Document the security/heimdal MODULE.
beck [Sun, 13 Jul 2014 14:13:27 +0000 (14:13 +0000)]
unbreak build this needed to be an and..
ok jsing@
ajacoutot [Sun, 13 Jul 2014 14:01:36 +0000 (14:01 +0000)]
All /etc/examples files belong to base; for now.
ok deraadt@
tedu [Sun, 13 Jul 2014 14:01:04 +0000 (14:01 +0000)]
if not seeded explicitly, use arc4random instead. ok deraadt
todd [Sun, 13 Jul 2014 13:58:09 +0000 (13:58 +0000)]
sync
mpi [Sun, 13 Jul 2014 13:57:56 +0000 (13:57 +0000)]
Stop using old n_time, n_long and n_short types in netinet headers.
ok deraadt@, naddy@
deraadt [Sun, 13 Jul 2014 13:55:41 +0000 (13:55 +0000)]
sync
rpe [Sun, 13 Jul 2014 13:53:36 +0000 (13:53 +0000)]
- move the ntpd.conf file to examples directory
- move it from BIN1 to EXAMPLES in src/etc/Makefile
- change the installer to create the file instead of editing it
- add a '+' to the corresponding changelist entry
suggested by and OK deraadt@
OK for the installer change krw@
pelikan [Sun, 13 Jul 2014 13:50:00 +0000 (13:50 +0000)]
new superblock header needs fixes
henning [Sun, 13 Jul 2014 13:41:46 +0000 (13:41 +0000)]
someone send dlg a keyboard with a tab key please
deraadt [Sun, 13 Jul 2014 13:37:38 +0000 (13:37 +0000)]
Use dl_iterate_phdr() to iterate over the segments and throw the addresses
into the hash; hoping the system has some ASLR or PIE. This replaces and
substantially improves upon &main which proved problematic with some picky
linkers.
Work with kettenis, testing by beck
pelikan [Sun, 13 Jul 2014 13:37:22 +0000 (13:37 +0000)]
new superblock header needs fixes for BE architectures
pelikan [Sun, 13 Jul 2014 13:28:26 +0000 (13:28 +0000)]
ext4 (extents) read support
Tested on amd64 with > 4GB files and 50,000 subdirectories.
From FreeBSD, thanks!
ok deraadt guenther
jasper [Sun, 13 Jul 2014 13:19:01 +0000 (13:19 +0000)]
- fix off-by-one in getting the number of cores in the system
- unbreak GENERIC.MP build
guenther [Sun, 13 Jul 2014 13:17:16 +0000 (13:17 +0000)]
Split out ntoh[ls] and hton[ls] into their own manpage.
Update byteorder(3) to cover the new functions in <endian.h>
ok deraadt@ millert@
miod [Sun, 13 Jul 2014 13:07:30 +0000 (13:07 +0000)]
Needs getchar.c now
deraadt [Sun, 13 Jul 2014 13:03:09 +0000 (13:03 +0000)]
Provide a link to the canonical API specification.
ok beck
ajacoutot [Sun, 13 Jul 2014 13:01:48 +0000 (13:01 +0000)]
Mismatch between the sets list and what's in DESTDIR should not be fatal
to sysmerge sum files generation.
discussed by deraadt@
tedu [Sun, 13 Jul 2014 13:00:40 +0000 (13:00 +0000)]
long live BSD, SYSV is dead!
schwarze [Sun, 13 Jul 2014 12:55:24 +0000 (12:55 +0000)]
Make the calltree a bit easier to understand by giving the
functions that call resp_begin_html() names starting with "pg_"
and those called after resp_begin_html() names with "resp_".
No functional change, purely renaming functions.
miod [Sun, 13 Jul 2014 12:53:46 +0000 (12:53 +0000)]
Make sure all error conditions in RSA_padding_add_PKCS1_PSS_mgf1() cause
EVP_MD_CTX_cleanup() to be called.
miod [Sun, 13 Jul 2014 12:46:44 +0000 (12:46 +0000)]
Possible PBEPARAM leak in the error path.
miod [Sun, 13 Jul 2014 12:45:01 +0000 (12:45 +0000)]
dsa_priv_decode(): only destroy the object we've created, and with the
appropriate function. Checking for privkey != NULL is not enough since
privkey points to a member of ndsa if ndsa != NULL.
dsa_priv_encode(): possible double free in error path.
schwarze [Sun, 13 Jul 2014 12:44:57 +0000 (12:44 +0000)]
make source vs. formatted guessing a bit more robust
schwarze [Sun, 13 Jul 2014 12:31:00 +0000 (12:31 +0000)]
By popular demand, bring man.cgi default mode closer to what man(1) does:
Even when there are multiple pages with the same name in different
sections, show one of them, using the same priorities as in the
default man.conf(5) file.
ajacoutot [Sun, 13 Jul 2014 12:14:37 +0000 (12:14 +0000)]
Install some config files with mode 0600 as they were before the move to
/etc/examples.
ok deraadt@
claudio [Sun, 13 Jul 2014 12:12:30 +0000 (12:12 +0000)]
rc bits for iscsid. Start iscsid as early as possible. Use the new -N
flag for fsck and mount to check and mount the iscsi file systems (marked
with option net) right after the mount -a.
"Get it in" deraadt@
rpe@ is OK with this going in but it may need further changes
jasper [Sun, 13 Jul 2014 12:11:01 +0000 (12:11 +0000)]
use nitems() instead of handrolling something identical
ok mpi@ sthen@
krw [Sun, 13 Jul 2014 12:07:59 +0000 (12:07 +0000)]
Close connection/remove event handler when msgbuf_write() hits an
EOF.
ok jmatthew@ claudio@
claudio [Sun, 13 Jul 2014 12:07:40 +0000 (12:07 +0000)]
Add iscsid to the rc.d files to install
claudio [Sun, 13 Jul 2014 12:07:11 +0000 (12:07 +0000)]
rc.d script for iscsid.
claudio [Sun, 13 Jul 2014 12:04:25 +0000 (12:04 +0000)]
Try to document new 'net' option that is a bit like 'noauto'.
claudio [Sun, 13 Jul 2014 12:03:48 +0000 (12:03 +0000)]
Intorduce the same -N flag that mount(8) just got to do the same
selection of file systems with option 'net'. Again this will be used
by the rc script to fsck iscsi file systems before mounting them.
Again by default file systems with the net option are ignored when
scanning fstab.
"Get it in" deraadt@
claudio [Sun, 13 Jul 2014 12:01:30 +0000 (12:01 +0000)]
Introduce a -N option to mount and a 'net' mount option.
File systems marked with net will not be mounted by default.
mount -a -N will mount all those file systems instead.
This will be used to mark file systems needing network to work -- in
other words which depend on iscsid.
"Get it in" deraadt@
jasper [Sun, 13 Jul 2014 11:50:40 +0000 (11:50 +0000)]
add copyright and rcs id
"go ahead" kettenis@
miod [Sun, 13 Jul 2014 11:15:54 +0000 (11:15 +0000)]
Check X509_NAME_oneline() return value when it will have to allocate memory.
miod [Sun, 13 Jul 2014 11:14:02 +0000 (11:14 +0000)]
EVP_DigestInit_ex() may be used to recycle an existing EVP_MD_CTX without having
to reinitialize all of it, especially if it is used with the same MD algorithm.
However, when the MD algorithm changes, it needs to perform more cleanups.
Make that code more closer to what EVP_MD_CTX_cleanup() does by:
- only freeing md_data if EVP_MD_CTX_FLAG_REUSE is not set
- performing an explicit_bzero of md_data before freeing it
- making sure we call EVP_PKEY_CTX_free on the pctx if the allocation for the
new md_data fails.
ok tedu@
miod [Sun, 13 Jul 2014 11:10:20 +0000 (11:10 +0000)]
Don't include asn1_mac.h if all you need is asn1.h.
jmc [Sun, 13 Jul 2014 10:59:49 +0000 (10:59 +0000)]
tweak previous; ok dlg
pirofti [Sun, 13 Jul 2014 10:58:19 +0000 (10:58 +0000)]
Start handling host channel interrupts.
For now just acknowledge and clear the event to avoid interrupt storms.
beck [Sun, 13 Jul 2014 10:27:22 +0000 (10:27 +0000)]
Take out __bounded__ in the include files we use it in when not on OpenBSD.
while we can take it out in portable at compile time, it is still a problem
when we install this header file on a system that doesn't support __bounded__
if this is unguarded.
ok miod@ bcook@
schwarze [Sun, 13 Jul 2014 10:23:06 +0000 (10:23 +0000)]
Unconfuse .Fa documentation:
You can use .Fa with just a type, without a name,
but when you give both, which is the usual case,
they need to go into one single .Fa argument.
Observed by bentley@; ok jmc@ bentley@.
jmc [Sun, 13 Jul 2014 10:09:12 +0000 (10:09 +0000)]
tweak previous;
jmc [Sun, 13 Jul 2014 10:05:49 +0000 (10:05 +0000)]
tweak previous;
schwarze [Sun, 13 Jul 2014 09:58:52 +0000 (09:58 +0000)]
Install the manuals of the web interface below the same directory
as manpath.conf, such that we do not need to mix our own documentation
into the documentation we are serving, which may not even be possible
if the latter is updated automatically.
Based on an idea by beck@.
dlg [Sun, 13 Jul 2014 09:52:48 +0000 (09:52 +0000)]
treat external storage allocated by the mbuf layer the same as
external storage attached to an mbuf anywhere else. this means it
uses MEXTADD to wire it up to the mbuf, and it relies on the ext_free
and ext_arg bits in the header to call the right free function
against the right pool.
M_CLUSTER gets renamed to M_EXTWR. the type field in MEXTADD gets
reused as a flags field so anything attaching storage to an mbuf
can say if it is writable or not.
ok claudio@