jsing [Sun, 13 Jul 2014 22:42:01 +0000 (22:42 +0000)]
Move the client code into a separate file.
jsing [Sun, 13 Jul 2014 22:31:42 +0000 (22:31 +0000)]
Rename various configuration handling functions.
Requested by and discussed with tedu@.
miod [Sun, 13 Jul 2014 22:28:03 +0000 (22:28 +0000)]
Comment out option GPT until the matching userland bits are in place.
jsing [Sun, 13 Jul 2014 22:13:52 +0000 (22:13 +0000)]
Use a single ressl.h header file.
Discussed with beck@ and tedu@.
uebayasi [Sun, 13 Jul 2014 22:13:06 +0000 (22:13 +0000)]
Cosmetic changes to reduce diffs.
claudio [Sun, 13 Jul 2014 21:59:50 +0000 (21:59 +0000)]
Update procflags list, add PS_SYSTEM, PS_EMBRYO, PS_ZOMBIE and
PS_NOBROADCASTKILL. The resulting table is shifted so far right
that a few additional lines had to be wrapped. Not ideal but the
best we can do at the moment.
kettenis [Sun, 13 Jul 2014 21:51:12 +0000 (21:51 +0000)]
The correct place to call _bus_dmamap_sync() is after we copy data *to* the
bounce buffer and before we copy data *from* the bounce buffer. Currently
_bus_dmamap_sync() is a no-op, but keeping it #ifdef'ed out in the wrong
place makes no sense.
ok deraadt@, miod@
deraadt [Sun, 13 Jul 2014 21:49:02 +0000 (21:49 +0000)]
sync
claudio [Sun, 13 Jul 2014 21:46:25 +0000 (21:46 +0000)]
Use lerrx instead of errx since the logging subsystem is already initialized.
OK florian@
matthew [Sun, 13 Jul 2014 21:44:58 +0000 (21:44 +0000)]
Fix sched_stop_secondary_cpus() to properly drain CPUs
TAILQ_FOREACH() isn't safe to use in sched_chooseproc() to iterate
over the run queues because within the loop body we remove the threads
from their run queues and reinsert them elsewhere. As a result, we
end up only draining the first thread of each run queue rather than
all of them.
ok kettenis
deraadt [Sun, 13 Jul 2014 21:39:00 +0000 (21:39 +0000)]
yes indeed, it returns void *. from Jean-Philippe Ouellet, i also had
this lurking in a tree
jsing [Sun, 13 Jul 2014 21:38:23 +0000 (21:38 +0000)]
Explicitly initialise slen - this was not previously done due to a missing
M_ASN1_D2I_begin macro.
jsing [Sun, 13 Jul 2014 21:35:27 +0000 (21:35 +0000)]
Convert error handling to SSLerr and ERR_asprintf_error_data.
yasuoka [Sun, 13 Jul 2014 21:34:35 +0000 (21:34 +0000)]
Some functions need to dup() before sending a socket by imsg and don't
need to close() after sending socket since imsg_compose() closes the
passing socket.
rpe [Sun, 13 Jul 2014 21:24:43 +0000 (21:24 +0000)]
Only set machdep.allowaperture if 'vga1: aperture needed' is found
in dmesg output. Use that information to decide whether or not to
ask the user if he intends to use X.
initial diff from and OK halex@
OK deraadt@
tedu [Sun, 13 Jul 2014 21:21:25 +0000 (21:21 +0000)]
include stdint.h for standard ints. from Jean-Philippe Ouellet
jasper [Sun, 13 Jul 2014 21:18:44 +0000 (21:18 +0000)]
fix even more trailing tabs
miod [Sun, 13 Jul 2014 21:18:26 +0000 (21:18 +0000)]
#$%#@$# CONSPEED
kettenis [Sun, 13 Jul 2014 21:13:51 +0000 (21:13 +0000)]
Display zero page hit and miss counters in vmstat -s.
ok deraadt@
jasper [Sun, 13 Jul 2014 21:13:30 +0000 (21:13 +0000)]
more hanging tabs
deraadt [Sun, 13 Jul 2014 21:11:40 +0000 (21:11 +0000)]
ugly hanging tabs; ok jasper
nicm [Sun, 13 Jul 2014 20:57:46 +0000 (20:57 +0000)]
Show an error if cmd_find_session can't find the current session, like
the other functions.
miod [Sun, 13 Jul 2014 20:53:35 +0000 (20:53 +0000)]
No libsa putchar wanted here actually
krw [Sun, 13 Jul 2014 20:51:08 +0000 (20:51 +0000)]
An EOF is a good reason to close a connection.
ok nicm@
deraadt [Sun, 13 Jul 2014 20:49:42 +0000 (20:49 +0000)]
obvious conversion to mallocarray()
jmc [Sun, 13 Jul 2014 20:42:33 +0000 (20:42 +0000)]
tweak previous;
jmc [Sun, 13 Jul 2014 20:40:34 +0000 (20:40 +0000)]
missing bracket in previous;
miod [Sun, 13 Jul 2014 20:29:05 +0000 (20:29 +0000)]
Still needs <sys/reboot.h>
nicm [Sun, 13 Jul 2014 20:23:10 +0000 (20:23 +0000)]
If a client is killed while suspended with ^Z so has gone through the
MSG_EXITED dance, don't try to resume it since a) it's pointless and b)
the tty structures have been cleaned up and tmux will crash.
tedu [Sun, 13 Jul 2014 20:09:38 +0000 (20:09 +0000)]
remove all crypt choices other than bcrypt. ok afresh1 deraadt
tedu [Sun, 13 Jul 2014 19:40:57 +0000 (19:40 +0000)]
calling this "encryption" makes me cringe. "slightly obfuscated" is better.
tedu [Sun, 13 Jul 2014 18:59:40 +0000 (18:59 +0000)]
compare snprintf return value with -1. this isn't really necessary because
int promotion rules guarantee the correct result when compared with sizeof,
but it is perhaps easier for some people to understand it this way.
from Doug Hogan.
deraadt [Sun, 13 Jul 2014 18:22:12 +0000 (18:22 +0000)]
sync
jasper [Sun, 13 Jul 2014 18:08:16 +0000 (18:08 +0000)]
sync with kernel, root= -> rootdev=
jasper [Sun, 13 Jul 2014 18:07:38 +0000 (18:07 +0000)]
consistency with upcoming bootloader device parsing of the uboot arguments,
root= becomes rootdev=
jsing [Sun, 13 Jul 2014 17:56:56 +0000 (17:56 +0000)]
Convert d2i_SSL_SESSION to ASN1 primitives, instead of the horrific
asn1_mac.h macros. This still needs a lot of improvement, but immediately
becomes readable.
ok miod@ (sight unseen!)
claudio [Sun, 13 Jul 2014 17:53:41 +0000 (17:53 +0000)]
Use errx() after getpwnam() failure since errno may not be set.
All other privsep / privdrop daemons do this the same way.
OK florian@ some time ago
claudio [Sun, 13 Jul 2014 17:47:03 +0000 (17:47 +0000)]
Document KERN_PROC_NOBROADKILL
bluhm [Sun, 13 Jul 2014 17:41:04 +0000 (17:41 +0000)]
When reassembled IPv6 fragments are NATed or RDRed by pf, the
checksum has to be recalculated before the packet is fragmented
again. Put a missing in6_proto_cksum_out() into pf_refragment6().
This makes run-regress-frag6 and run-regress-frag6-ext pass again.
From Matthias Pitzl; OK henning@
jmc [Sun, 13 Jul 2014 17:39:57 +0000 (17:39 +0000)]
tweak previous;
deraadt [Sun, 13 Jul 2014 17:39:56 +0000 (17:39 +0000)]
do not need malloc.h
deraadt [Sun, 13 Jul 2014 17:34:25 +0000 (17:34 +0000)]
use mallocarray where arguments are multiplied; ok tedu
jmc [Sun, 13 Jul 2014 17:28:13 +0000 (17:28 +0000)]
-N for SYNOPSIS and usage(), and some small changes to previous;
espie [Sun, 13 Jul 2014 17:24:06 +0000 (17:24 +0000)]
bye bye src url. Never amounted to much, we went another road a while ago
pirofti [Sun, 13 Jul 2014 17:19:17 +0000 (17:19 +0000)]
Keep track of port connections and port resets.
Also notify upstream when a port finished reseting and when the
connection status changes.
Gets things further along to the point where pipe device transfer
and control methods are required.
espie [Sun, 13 Jul 2014 17:17:21 +0000 (17:17 +0000)]
bundling base + packages was slow, as it needed to find lots of files.
different approach: mark the base system in one go, then hand pick the
files from the pkglocatedb.
quite a few unaccounted files yet, this will get better
claudio [Sun, 13 Jul 2014 17:07:00 +0000 (17:07 +0000)]
Set KERN_PROC_NOBROADCASTKILL so that iscsid is not killed by init
when terminating multi-user so that we have a chance to sync the
file systems mounted via iscsi.
deraadt [Sun, 13 Jul 2014 17:02:48 +0000 (17:02 +0000)]
sync
pelikan [Sun, 13 Jul 2014 16:59:35 +0000 (16:59 +0000)]
kill fs2hXX/h2fsXX macros with letohXX/htoleXX
The reason being that ext2 structures are little-endian but JBD2 journal
is big-endian. Don't confuse readers by talking about "file system endian".
Some KNF while there.
ok guenther
bluhm [Sun, 13 Jul 2014 16:58:43 +0000 (16:58 +0000)]
Put back a m_copyback() that got lost in rev 1.837 of pf.c. This
fixes the rewrite of an IPv6 header of an ICMP6 packet in the payload
of an ICMP6 error packet. Path MTU discovery with ping6 over pf
nat or rdr works again.
Found by src/regress/sys/net/pf_fragment make run-regress-fragping6
OK henning@
deraadt [Sun, 13 Jul 2014 16:50:25 +0000 (16:50 +0000)]
GPTSIGNATURE must be LL, for operation on non-punk machines
ok punk
claudio [Sun, 13 Jul 2014 16:49:47 +0000 (16:49 +0000)]
Add iscsid_flags to rc.conf so we do not try to start iscsid all the time.
Noticed by naddy@
pelikan [Sun, 13 Jul 2014 16:44:20 +0000 (16:44 +0000)]
kill fs2hXX/h2fsXX macros with letohXX/htoleXX
The reason being that ext2 structures are little-endian but JBD2 journal
is big-endian. Don't confuse readers by talking about "file system endian".
While here, nuke the copy of bswap.c and link it against the kernel's like
fsck_ext2fs has done, for better maintainability.
ok guenther
jsing [Sun, 13 Jul 2014 16:43:37 +0000 (16:43 +0000)]
Remove license introduced with the PSK code, which has since been removed.
ok deraadt@
krw [Sun, 13 Jul 2014 16:43:25 +0000 (16:43 +0000)]
When the three possible return values are -1, 0, and 1, != 1 is the same
as <= 0. And the latter is the normal idiom so use that.
ok claudio@ henning@
claudio [Sun, 13 Jul 2014 16:41:21 +0000 (16:41 +0000)]
Introduce PS_NOBROADCASTKILL a process flag that excludes processes from
receiving broadcast signals (kill -1). The flag can be set via a new
sysctl KERN_PROC_NOBROADCASTKILL. This will be used by iscsid to survive
the mass killing by init(8) when terminating multi-user operations.
With and OK guenther@
jsing [Sun, 13 Jul 2014 16:39:19 +0000 (16:39 +0000)]
Another compression remnant.
jsing [Sun, 13 Jul 2014 16:33:01 +0000 (16:33 +0000)]
Expand the tlsext_sigalg macros. The end result is about the same number
of lines and much more readable.
ok miod@
jsing [Sun, 13 Jul 2014 16:30:50 +0000 (16:30 +0000)]
Rewrite i2d_SSL_SESSION to use the ASN1 primitives, rather than using the
horrific macros from asn1_mac.h.
This is a classic example of using macros to obfuscate code, in an attempt
to reduce the line count. The end result is so ridiculously convoluted that
it is completely unreadable and it takes hours to deconstruct the macros
and figure out what is actually going on behind the scenes.
ok miod@
pelikan [Sun, 13 Jul 2014 16:08:53 +0000 (16:08 +0000)]
kill fs2hXX/h2fsXX macros with letohXX/htoleXX
The reason being that ext2 structures are little-endian but JBD2 journal
is big-endian. Don't confuse readers by talking about "file system endian".
ok guenther
jsing [Sun, 13 Jul 2014 16:03:54 +0000 (16:03 +0000)]
Add a regress test for the ASN1 handling of SSL session tickets.
beck [Sun, 13 Jul 2014 16:03:09 +0000 (16:03 +0000)]
The bell tolls for BUF_strdup - Start the migration to using
intrinsics. This is the easy ones, a few left to check one at
a time.
ok miod@ deraadt@
espie [Sun, 13 Jul 2014 15:58:40 +0000 (15:58 +0000)]
tedu setlist support, superseded by the new locate dbs.
espie [Sun, 13 Jul 2014 15:54:28 +0000 (15:54 +0000)]
stuff no longer needed, now that base/x release install its own locate dbs
mpi [Sun, 13 Jul 2014 15:52:49 +0000 (15:52 +0000)]
No need for <netinet/in_systm.h> here.
tedu [Sun, 13 Jul 2014 15:52:38 +0000 (15:52 +0000)]
bzero -> memset. for the speeds.
tedu [Sun, 13 Jul 2014 15:48:41 +0000 (15:48 +0000)]
trim some casts
miod [Sun, 13 Jul 2014 15:48:32 +0000 (15:48 +0000)]
Remove stale comment which used to explain why we had a special 31-bit freelist
for DMA, back when this was applicable.
logan [Sun, 13 Jul 2014 15:47:51 +0000 (15:47 +0000)]
Fix memory leak.
OK from beck@ and miod@
uebayasi [Sun, 13 Jul 2014 15:46:21 +0000 (15:46 +0000)]
KERNEL_ASSERT_LOCKED(9): Assertion for kernel lock (Rev. 3)
This adds a new assertion macro, KERNEL_ASSERT_LOCKED(), to assert that
kernel_lock is held. In the long process of removing kernel_lock, there will
be a lot (hundreds or thousands) of use of this; virtually almost all functions
in !MP-safe subsystems should have this assertion. Thus this assertion should
have a short, good name.
Not only that "KERNEL_ASSERT_LOCKED" is consistent with other KERNEL_* and
SCHED_ASSERT_LOCKED() macros.
Input from dlg@ guenther@ kettenis@.
OK dlg@ guenther@
miod [Sun, 13 Jul 2014 15:42:42 +0000 (15:42 +0000)]
OPENSSL_{malloc,free} -> {malloc,free}
miod [Sun, 13 Jul 2014 15:41:33 +0000 (15:41 +0000)]
Warn about the use of BUF_strdup.
reyk [Sun, 13 Jul 2014 15:39:01 +0000 (15:39 +0000)]
Remove a debug message
krw [Sun, 13 Jul 2014 15:38:09 +0000 (15:38 +0000)]
Since the event(s) passed to a callback can be a mask of all events
of interest and EV_WRITE is or'ed into the interesting events, it
is more correct to check both events each time. Pointed out by
Claudio.
ok henning@ claudio@
schwarze [Sun, 13 Jul 2014 15:38:06 +0000 (15:38 +0000)]
Compatibility hack for the old "manpath=OpenBSD<blank>" query parameter format;
unfortunate, more than 400 links needing this are scattered all around
the www.openbsd.org website, and CVSweb needs this as well.
pirofti [Sun, 13 Jul 2014 15:33:28 +0000 (15:33 +0000)]
Fall back to smaller spacing on the mips64 machines.
Please spare some change for the mips64 memory-challenged machines..
Some change, Sir?
Fixes at least the octeon platform. Found the hardway on my DSR500.
Found by Boss tedu@ and Boss deraadt@
Okay Boss miod@
miod [Sun, 13 Jul 2014 15:32:28 +0000 (15:32 +0000)]
Initial support to read GPT partition tables in the kernel, if option GPT.
Contributed by Markus Mueller; code based upon Bitrig's GPT support, with
stricter GPT structures validation and support for alternate header places.
ok deraadt@ jsing@ krw@
mpi [Sun, 13 Jul 2014 15:31:20 +0000 (15:31 +0000)]
Stop using old n_long and n_short types.
tedu [Sun, 13 Jul 2014 15:29:04 +0000 (15:29 +0000)]
use mallocarray where arguments are multipled. ok deraadt
reyk [Sun, 13 Jul 2014 15:11:23 +0000 (15:11 +0000)]
Sync file to be identical in relayd(8) and httpd(8).
reyk [Sun, 13 Jul 2014 15:07:50 +0000 (15:07 +0000)]
Finish writing the output before closing the connection
(adopted from relayd).
pelikan [Sun, 13 Jul 2014 15:07:01 +0000 (15:07 +0000)]
fill in proper sizes in free(9)
miod [Sun, 13 Jul 2014 15:06:02 +0000 (15:06 +0000)]
Update BUGS section.
tedu [Sun, 13 Jul 2014 15:00:40 +0000 (15:00 +0000)]
pass the size to free in some of the obvious cases
tedu [Sun, 13 Jul 2014 14:59:28 +0000 (14:59 +0000)]
if the freedsize isn't zero, check that's reasonable. ok beck
guenther [Sun, 13 Jul 2014 14:56:56 +0000 (14:56 +0000)]
If the only process in the pgrp is in the middle of exiting, it might
not have any threads left. Treat that the same as an empty pgrp.
encountered by and ok deraadt@
krw [Sun, 13 Jul 2014 14:50:03 +0000 (14:50 +0000)]
When renewing a lease, update client->active or you end up in a
tight renew loop. Caused by recent reshuffling of code in
bind_lease().
reyk [Sun, 13 Jul 2014 14:46:52 +0000 (14:46 +0000)]
Close the connection after the response is completed (no Keepalive yet).
tedu [Sun, 13 Jul 2014 14:25:00 +0000 (14:25 +0000)]
oops, i deleted the wrong word
tedu [Sun, 13 Jul 2014 14:24:23 +0000 (14:24 +0000)]
remove a lie spotted by guenther
tedu [Sun, 13 Jul 2014 14:21:14 +0000 (14:21 +0000)]
once srandomdev() is called, switch to using arc4random() but mask off the
high bit as required by posix. wouldn't want to break any standards.
idea and ok deraadt
reyk [Sun, 13 Jul 2014 14:17:37 +0000 (14:17 +0000)]
Add support for media types (aka. MIME types): the types section is
compatible to nginx' mime.types file which can be included directly.
If not present, use a few built-in defaults for html, css, txt, jpeg,
gif, png, and js.
jasper [Sun, 13 Jul 2014 14:16:09 +0000 (14:16 +0000)]
print leading '0x' for addresses and masks with DUMP_BOOT_{DESC,INFO}
ok pirofti@
ajacoutot [Sun, 13 Jul 2014 14:14:41 +0000 (14:14 +0000)]
Document the security/heimdal MODULE.
beck [Sun, 13 Jul 2014 14:13:27 +0000 (14:13 +0000)]
unbreak build this needed to be an and..
ok jsing@
ajacoutot [Sun, 13 Jul 2014 14:01:36 +0000 (14:01 +0000)]
All /etc/examples files belong to base; for now.
ok deraadt@
tedu [Sun, 13 Jul 2014 14:01:04 +0000 (14:01 +0000)]
if not seeded explicitly, use arc4random instead. ok deraadt
todd [Sun, 13 Jul 2014 13:58:09 +0000 (13:58 +0000)]
sync
mpi [Sun, 13 Jul 2014 13:57:56 +0000 (13:57 +0000)]
Stop using old n_time, n_long and n_short types in netinet headers.
ok deraadt@, naddy@
deraadt [Sun, 13 Jul 2014 13:55:41 +0000 (13:55 +0000)]
sync