openbsd
16 years agomake the version number stuff mandatory.
espie [Tue, 15 Jul 2008 11:10:51 +0000 (11:10 +0000)]
make the version number stuff mandatory.

Restrict specifications to the parts that actually make sense (in particular,
remove most wildcard support, it's no longer a good idea in true
version number handling), explain about v*, and be more specific about
default package specs (since the fuzzyness in the original description
predates several changes to bsd.port.mk).

Also add version numbers and wildcards where they make sense so the examples
are more complete.

16 years agodeprecate package names without version numbers.
espie [Tue, 15 Jul 2008 10:48:14 +0000 (10:48 +0000)]
deprecate package names without version numbers.

16 years agosync
pvalchev [Tue, 15 Jul 2008 03:07:40 +0000 (03:07 +0000)]
sync

16 years agonumber of pipelined requests is not 64; prodded by Iain.Morgan AT nasa.gov
djm [Tue, 15 Jul 2008 02:23:14 +0000 (02:23 +0000)]
number of pipelined requests is not 64; prodded by Iain.Morgan AT nasa.gov

16 years agoFix struct sysioreg layout after the struct iommureg layout change;
miod [Mon, 14 Jul 2008 20:01:37 +0000 (20:01 +0000)]
Fix struct sysioreg layout after the struct iommureg layout change;
ok kettenis@

16 years agoMake VIDIOC_ENUM_FMT list all available formats for the attached device.
mglocker [Mon, 14 Jul 2008 19:57:36 +0000 (19:57 +0000)]
Make VIDIOC_ENUM_FMT list all available formats for the attached device.

16 years agoRegen
miod [Mon, 14 Jul 2008 16:23:07 +0000 (16:23 +0000)]
Regen

16 years ago/dev/tuner description should point out to bktr(4), spotted by jmc.
miod [Mon, 14 Jul 2008 16:22:23 +0000 (16:22 +0000)]
/dev/tuner description should point out to bktr(4), spotted by jmc.

16 years agoDo not create /dev/joy* and /dev/{r,}mcd* nodes, these devices are not
miod [Mon, 14 Jul 2008 16:21:52 +0000 (16:21 +0000)]
Do not create /dev/joy* and /dev/{r,}mcd* nodes, these devices are not
available on amd64.

16 years agoDon't lock timeouts in db_show_callout.
art [Mon, 14 Jul 2008 15:17:08 +0000 (15:17 +0000)]
Don't lock timeouts in db_show_callout.

All cpus are stopped and this cpu blocks all interrupts. It doesn't make
sense to grab locks that ddb can then jump past with longjmp.

Noticed by Pierre Riteau. I just forgot about the bug until reminded
today.

16 years agoUse uvm_km_valloc_prefer_wait() instead of uvm_km_valloc_wait() in vmapbuf().
miod [Mon, 14 Jul 2008 14:00:00 +0000 (14:00 +0000)]
Use uvm_km_valloc_prefer_wait() instead of uvm_km_valloc_wait() in vmapbuf().

ok art@

16 years agoBe sure to propagate PSL_O in psw on PCXU* processors to userland processes
miod [Mon, 14 Jul 2008 13:37:39 +0000 (13:37 +0000)]
Be sure to propagate PSL_O in psw on PCXU* processors to userland processes
and signal handlers.
ok kettenis@

16 years agom_copy can return NULL, so check for it
henning [Mon, 14 Jul 2008 13:29:45 +0000 (13:29 +0000)]
m_copy can return NULL, so check for it
problem found by "Adrian M. Whatley" <amw> and "Stephan A. Rickauer"
<stephan.rickauer>, both @ni.phys.ethz.ch
fix by me, ok mpf

16 years agoZap some dead commons that are no longer used.
art [Mon, 14 Jul 2008 13:13:18 +0000 (13:13 +0000)]
Zap some dead commons that are no longer used.
"Commitski!" miod@

16 years agoanother mange->manage
sthen [Mon, 14 Jul 2008 07:50:05 +0000 (07:50 +0000)]
another mange->manage

16 years agomange -> manage
mbalmer [Mon, 14 Jul 2008 07:39:34 +0000 (07:39 +0000)]
mange -> manage

from Markus Bergkvist <markus.bergkvist@telia.com>

16 years agoFinish support for uncompressed payloads (UDESCSUB_VS_FORMAT_UNCOMPRESSED).
mglocker [Mon, 14 Jul 2008 04:45:50 +0000 (04:45 +0000)]
Finish support for uncompressed payloads (UDESCSUB_VS_FORMAT_UNCOMPRESSED).

16 years agomention requirement for /dev/log inside chroot when using sftp-server
djm [Mon, 14 Jul 2008 01:55:56 +0000 (01:55 +0000)]
mention requirement for /dev/log inside chroot when using sftp-server
with ChrootDirectory

16 years agocode(4) doesnt exist. cmp(4) is probably a bit more relevant.
dlg [Mon, 14 Jul 2008 00:44:48 +0000 (00:44 +0000)]
code(4) doesnt exist. cmp(4) is probably a bit more relevant.

16 years agoincrease number of piplelined requests so they properly fill the
djm [Sun, 13 Jul 2008 22:16:03 +0000 (22:16 +0000)]
increase number of piplelined requests so they properly fill the
(recently increased) channel window. prompted by rapier AT psc.edu;
ok markus@

16 years agouse struct sockaddr_storage instead of struct sockaddr for accept(2)
djm [Sun, 13 Jul 2008 22:13:07 +0000 (22:13 +0000)]
use struct sockaddr_storage instead of struct sockaddr for accept(2)
address argument. from visibilis AT yahoo.com in bz#1485; ok markus@

16 years agoChange "ssh-keygen -F [host] -l" to not display random art unless
sthen [Sun, 13 Jul 2008 21:22:52 +0000 (21:22 +0000)]
Change "ssh-keygen -F [host] -l" to not display random art unless
-v is also specified, making it consistent with the manual and other
uses of -l.

ok grunk@

16 years agoDo not specify the gateway on RTM_DELETE -- similar fix was done in the arp
claudio [Sun, 13 Jul 2008 20:41:39 +0000 (20:41 +0000)]
Do not specify the gateway on RTM_DELETE -- similar fix was done in the arp
code. This fixes in6_ifloop_request warnings seen on carp interfaces.
OK henning@, found and tested by david@

16 years agocore(4)
kettenis [Sun, 13 Jul 2008 15:27:39 +0000 (15:27 +0000)]
core(4)

16 years agoSpacing.
mglocker [Sun, 13 Jul 2008 12:48:40 +0000 (12:48 +0000)]
Spacing.

16 years agoSave format and frame descriptors to a format group structure so we
mglocker [Sun, 13 Jul 2008 11:49:31 +0000 (11:49 +0000)]
Save format and frame descriptors to a format group structure so we
can use them later for stuff like VIDIOC_S_FMT (e.g. set custom
resolution).

16 years agoAdd some additional hardware revisions from FreeBSD needed for
jsg [Sun, 13 Jul 2008 05:24:05 +0000 (05:24 +0000)]
Add some additional hardware revisions from FreeBSD needed for
upcoming changes and sort list.

16 years agoreference vmt (openbsd) rather than vmware (xorg)
ckuethe [Sat, 12 Jul 2008 23:17:33 +0000 (23:17 +0000)]
reference vmt (openbsd) rather than vmware (xorg)
ok dlg

16 years agoMake the console interrupt driven.
kettenis [Sat, 12 Jul 2008 23:12:52 +0000 (23:12 +0000)]
Make the console interrupt driven.

16 years agoMake sure the label is read in rdopen(), this isn't the case if you
miod [Sat, 12 Jul 2008 19:58:48 +0000 (19:58 +0000)]
Make sure the label is read in rdopen(), this isn't the case if you
boot bsd.rd -a and want to mount the ramdisk later on.

ok otto@ krw@ millert@

16 years agoRight now agp_generic_enable() is wrong. It has been since 2006. It
oga [Sat, 12 Jul 2008 17:31:06 +0000 (17:31 +0000)]
Right now agp_generic_enable() is wrong. It has been since 2006. It
assumes that the display device and the agp bridge are the same device.
In almost all cases this is incorrect.

In order to correctly enable the agp device with the correct mode, we
need to set the AGP_COMMAND register on both the display and the bridge
with the right bits. Since agp is currently attaching at vga(4), due to
the problems with the intel integrated graphics (a problem that I still
need to solve, to be honest), for now just provide both pci_attach_args
to the agp init, and get what we need from there to do the enable.

This fixes the "agp bug" which i have been known to rant about, a lot.
So agp radeons now work with dri without needing to be forced to pci
mode.

This wasn't detected before, since the only non-drm consumer of agp is
the intel X driver, the i810 agp driver has its own enable function.

tested by many. ok kettenis@.

16 years agosync
bernd [Sat, 12 Jul 2008 16:23:40 +0000 (16:23 +0000)]
sync

16 years agoAdd another Acer id.
bernd [Sat, 12 Jul 2008 16:22:55 +0000 (16:22 +0000)]
Add another Acer id.

help & ok jsg@

16 years agoShave off a few instructions from cpu_switchto().
kettenis [Sat, 12 Jul 2008 15:05:51 +0000 (15:05 +0000)]
Shave off a few instructions from cpu_switchto().

16 years agoAdd a temporary hack to attach only the first thread of every core for
kettenis [Sat, 12 Jul 2008 14:26:07 +0000 (14:26 +0000)]
Add a temporary hack to attach only the first thread of every core for
MULTIPROCESSOR kernels.  We map 'struct cpuinfo' at the same virtual
address on every processor, but since threads on the same core share
an MMU this doesn't quite work.  With the hack we are at least able to
use the other core (and any additional processors).

16 years agoAdd core(4).
kettenis [Sat, 12 Jul 2008 13:20:42 +0000 (13:20 +0000)]
Add core(4).

16 years agoPerform IOMMU cache flushes on Oberon.
kettenis [Sat, 12 Jul 2008 13:08:04 +0000 (13:08 +0000)]
Perform IOMMU cache flushes on Oberon.

16 years agoFix a strlcpy() bound.
miod [Sat, 12 Jul 2008 12:33:42 +0000 (12:33 +0000)]
Fix a strlcpy() bound.

16 years agoUse the proper interrupt target ID on Oberon.
kettenis [Sat, 12 Jul 2008 12:21:04 +0000 (12:21 +0000)]
Use the proper interrupt target ID on Oberon.

16 years agofix printing of nchstats
thib [Sat, 12 Jul 2008 12:04:10 +0000 (12:04 +0000)]
fix printing of nchstats

ok art@,dlg@

16 years agoAdjust SUN4U_TLB_RESERVED_MASK for updated SUN4U_TLB_PA_MASK.
kettenis [Sat, 12 Jul 2008 11:09:02 +0000 (11:09 +0000)]
Adjust SUN4U_TLB_RESERVED_MASK for updated SUN4U_TLB_PA_MASK.

16 years agoDon't install interrupt handlers for non-exitsing interrupts on CMU-CH.
kettenis [Sat, 12 Jul 2008 10:07:25 +0000 (10:07 +0000)]
Don't install interrupt handlers for non-exitsing interrupts on CMU-CH.

16 years agoOn Fujitsu's SPARC64 CPUs, the data_access_error trap is synchronous, and AFSR
kettenis [Sat, 12 Jul 2008 08:08:54 +0000 (08:08 +0000)]
On Fujitsu's SPARC64 CPUs, the data_access_error trap is synchronous, and AFSR
will be 0.  Check SFSR too, before deciding there's no fault.

16 years agoAdd macros to get the appropriate interrupt target ID for non-UPA CPUs and
kettenis [Sat, 12 Jul 2008 07:37:25 +0000 (07:37 +0000)]
Add macros to get the appropriate interrupt target ID for non-UPA CPUs and
use them in cpu_myid().

16 years agoRemove obsolete TODO comment.
mglocker [Sat, 12 Jul 2008 06:26:06 +0000 (06:26 +0000)]
Remove obsolete TODO comment.

16 years agoAdd ':q' as an alias to ':quit', to match old behaviour. Initial patch
canacar [Sat, 12 Jul 2008 06:20:47 +0000 (06:20 +0000)]
Add ':q' as an alias to ':quit', to match old behaviour. Initial patch
from dlg@, this is a simpler version.

16 years agoregen
brad [Sat, 12 Jul 2008 05:45:49 +0000 (05:45 +0000)]
regen

16 years agoAdd the OUI id for JMicron and the ids for the JMP202 FastE PHY and
brad [Sat, 12 Jul 2008 05:45:31 +0000 (05:45 +0000)]
Add the OUI id for JMicron and the ids for the JMP202 FastE PHY and
JMP211 GigE PHY.

From FreeBSD

16 years agobetter description for -i flag:
djm [Sat, 12 Jul 2008 05:33:41 +0000 (05:33 +0000)]
better description for -i flag:
s/RSA authentication/public key authentication/

16 years agoAdd support for the Marvell 88E8016 PHY.
brad [Sat, 12 Jul 2008 05:31:14 +0000 (05:31 +0000)]
Add support for the Marvell 88E8016 PHY.

ok dlg@

16 years agounbreak; move clearing of cctx struct to before first use
djm [Sat, 12 Jul 2008 04:52:50 +0000 (04:52 +0000)]
unbreak; move clearing of cctx struct to before first use
reported by dkrause@

16 years agoIf there is a 100baseT4 connection then fall through so as to
brad [Fri, 11 Jul 2008 15:11:58 +0000 (15:11 +0000)]
If there is a 100baseT4 connection then fall through so as to
explicitly set the duplex flag instead of returning right away.

ok dlg@

16 years agoshut off an annoying gcc warning.
reyk [Fri, 11 Jul 2008 15:05:59 +0000 (15:05 +0000)]
shut off an annoying gcc warning.

ok beck@

16 years agoCheck the correct BMSR bit in the capabilities field when checking
brad [Fri, 11 Jul 2008 15:00:17 +0000 (15:00 +0000)]
Check the correct BMSR bit in the capabilities field when checking
for 100baseT4. The dcphy(4) driver could inadvertently display
100baseT4 for the media type for PHY not actually capable of
100baseT4.

From FreeBSD

ok dlg@

16 years agowrite a syslog debug message when a new GREY or TRAPPED entry is added
reyk [Fri, 11 Jul 2008 14:53:32 +0000 (14:53 +0000)]
write a syslog debug message when a new GREY or TRAPPED entry is added
to the database.

ok beck@

16 years agoQlogic -> QLogic
sobrado [Fri, 11 Jul 2008 14:46:24 +0000 (14:46 +0000)]
Qlogic -> QLogic

16 years agoFujitsu SPARC64-VI CPU's have two cores that have two threads each. Provide
kettenis [Fri, 11 Jul 2008 14:23:53 +0000 (14:23 +0000)]
Fujitsu SPARC64-VI CPU's have two cores that have two threads each.  Provide
a core(4) device, representing these cores and attach cpu(4) devices to it
for each thread.

16 years agoAdd timeout_add_{tv,ts,bt,sec,usec,nsec} so that we can add timeouts
blambert [Fri, 11 Jul 2008 14:18:39 +0000 (14:18 +0000)]
Add timeout_add_{tv,ts,bt,sec,usec,nsec} so that we can add timeouts
in something other than clock ticks. From art@'s punchlist and (for
the time being) not yet used.

"you're doing it wrong" art@,ray@,otto@,tedu@

ok art@

16 years agode-__inline a trio of functions to shave some space.
blambert [Fri, 11 Jul 2008 14:12:57 +0000 (14:12 +0000)]
de-__inline a trio of functions to shave some space.

ok art@

16 years agoDon't try to read the "regs" propety; it's pointless.
kettenis [Fri, 11 Jul 2008 13:47:20 +0000 (13:47 +0000)]
Don't try to read the "regs" propety; it's pointless.

16 years agoremove an unused function. ok jsg@
kevlo [Fri, 11 Jul 2008 09:29:02 +0000 (09:29 +0000)]
remove an unused function. ok jsg@

16 years agoHandle CPUs with a clock speed >= 2 GHz correctly.
kettenis [Fri, 11 Jul 2008 05:20:19 +0000 (05:20 +0000)]
Handle CPUs with a clock speed >= 2 GHz correctly.

16 years agoinitialise the state kept between calls to dmamap_load_buffer to 0. there
dlg [Fri, 11 Jul 2008 03:03:07 +0000 (03:03 +0000)]
initialise the state kept between calls to dmamap_load_buffer to 0. there
was an extremely small chance that random stack garbage coudl be used which
could corrupt a dmamap.

this is the same as the change made to amd64 in
src/sys/arch/amd64/amd64/bus_dma.c r1.10.

ok miod@ kettenis@

16 years agogreyreader() shouldn't return, so tell us if it does
phessler [Fri, 11 Jul 2008 01:40:50 +0000 (01:40 +0000)]
greyreader() shouldn't return, so tell us if it does

ok beck@, reyk@

16 years agohttpd deamon -> httpd daemon
martynas [Fri, 11 Jul 2008 00:15:33 +0000 (00:15 +0000)]
httpd deamon -> httpd daemon

16 years agoadd missing ssl art after manual has been moved, instead of using
martynas [Fri, 11 Jul 2008 00:12:35 +0000 (00:12 +0000)]
add missing ssl art after manual has been moved, instead of using
src of non-existent place;  ok pval@, okan@, "looks good" jdixon@

16 years agoConsole functionality is there now.
kettenis [Thu, 10 Jul 2008 20:29:50 +0000 (20:29 +0000)]
Console functionality is there now.

16 years agoHandle breaks.
kettenis [Thu, 10 Jul 2008 20:27:36 +0000 (20:27 +0000)]
Handle breaks.

16 years ago- handle sign of negative zero. use sign dtoa sets
martynas [Thu, 10 Jul 2008 18:18:55 +0000 (18:18 +0000)]
- handle sign of negative zero.  use sign dtoa sets
- remove 'value < 0' cruft, dtoa already clears sign bit for us
discussed with, and tested by phessler@
ok millert@, who noticed to remove now-unused variable, and phessler@

16 years agonuke two bogus ARGSUSED
thib [Thu, 10 Jul 2008 18:17:56 +0000 (18:17 +0000)]
nuke two bogus ARGSUSED

16 years agomove a common statement out of if/else;
thib [Thu, 10 Jul 2008 18:14:59 +0000 (18:14 +0000)]
move a common statement out of if/else;
adjust the mbuf before loading it, with bus_dmamap_load_mbuf(),
that way we dont have to fiddle with ds_addr;

ok dlg@

16 years agosync v1 and v2 traffic accounting; add it to sshd, too; ok djm@, dtucker@
markus [Thu, 10 Jul 2008 18:08:11 +0000 (18:08 +0000)]
sync v1 and v2 traffic accounting; add it to sshd, too; ok djm@, dtucker@

16 years agomissing bzero; from mickey; ok djm@
markus [Thu, 10 Jul 2008 18:05:58 +0000 (18:05 +0000)]
missing bzero; from mickey; ok djm@

16 years agoFix "etc source" output when not using a tarball
ajacoutot [Thu, 10 Jul 2008 16:49:26 +0000 (16:49 +0000)]
Fix "etc source" output when not using a tarball

ok "bien sur!" sthen@

16 years agoDon't terminate the array of matching product/vendor IDs with { 0, 0 }
mbalmer [Thu, 10 Jul 2008 13:48:54 +0000 (13:48 +0000)]
Don't terminate the array of matching product/vendor IDs with { 0, 0 }
when usb_lookup is used.  If a device indeed has 0 as vendor and product
ID, like the  HP DL165 BMC Server Engines SE USB Device, a wrong driver
will attach and the machine will most pbly crash.

Problem reported Rivo Nurges <rix@estpak.ee>
cvs: ----------------------------------------------------------------------

16 years agoDetect whether com(4) is the console on the m4k.
kettenis [Thu, 10 Jul 2008 12:33:40 +0000 (12:33 +0000)]
Detect whether com(4) is the console on the m4k.

16 years agoAdd Sonix cam to the supported list.
mglocker [Thu, 10 Jul 2008 11:11:26 +0000 (11:11 +0000)]
Add Sonix cam to the supported list.

16 years agoAdd support for Fujitsu SPARC64-VI CPUs.
kettenis [Thu, 10 Jul 2008 09:29:33 +0000 (09:29 +0000)]
Add support for Fujitsu SPARC64-VI CPUs.

UltraSPARC I/II has a 41-bit physical address space, UltraSPARC III/IV has a
43-bit physical address space.  The Fujitsu SPARC64-VI extends this to 46 bits.
Adjust the TTE masks to take this into account and adjust some locore code
that truncated physical addresses to 41 bits (fixing a potential bug for
UltraSPARC III/IV too).

While there, fix the locore code for UltraSPARC Architecture 2007 CPUs, which
may support up to 56 bits of physical address space.

16 years agoAdd support for getting the time of day on the m4k.
kettenis [Thu, 10 Jul 2008 08:58:00 +0000 (08:58 +0000)]
Add support for getting the time of day on the m4k.

16 years agoAdd a function to get the time of day from the prom on the m4k.
kettenis [Thu, 10 Jul 2008 08:57:05 +0000 (08:57 +0000)]
Add a function to get the time of day from the prom on the m4k.

16 years agoretry port allocation on all errors, not just EADDRINUSE; ok jakob@
djm [Thu, 10 Jul 2008 07:42:14 +0000 (07:42 +0000)]
retry port allocation on all errors, not just EADDRINUSE; ok jakob@

16 years agocheck pf NAT source port allocation against net.inet.(tcp|udp).baddynamic
djm [Thu, 10 Jul 2008 07:41:21 +0000 (07:41 +0000)]
check pf NAT source port allocation against net.inet.(tcp|udp).baddynamic
lists; prevents use of ports corresponding to well-known services.

replace a couple of arc4random()%N with arc4random_uniform(N) that
missed the first round.

ok mcbride@

16 years agoIn pf_state_insert(), if the first pf_state_key_attach() fails, the
david [Thu, 10 Jul 2008 05:44:54 +0000 (05:44 +0000)]
In pf_state_insert(), if the first pf_state_key_attach() fails, the
state key is freed by pf_state_key_attach().  But in the case of NAT,
there are two state keys allocated, so we must free the second key
manually.  Fixes a pf_state_key_pl leak seen in certain cases with
pfsync or with pf state-insert errors.
ok mcbride@ henning@

16 years agoMake cams with Sonix chipset work by avoiding excessive alternate
mglocker [Thu, 10 Jul 2008 04:49:12 +0000 (04:49 +0000)]
Make cams with Sonix chipset work by avoiding excessive alternate
interface switching, which kind of crashed the device.

16 years agoadd X11 ports to default TCP baddynamic list
djm [Thu, 10 Jul 2008 02:19:28 +0000 (02:19 +0000)]
add X11 ports to default TCP baddynamic list

16 years agoDie -r, die! Eliminate stray -r in usage text. Spotted by James Hartley.
krw [Thu, 10 Jul 2008 00:21:39 +0000 (00:21 +0000)]
Die -r, die! Eliminate stray -r in usage text. Spotted by James Hartley.

16 years agothe DRM_{READ,WRITE}$NUMBER() macros currently use
oga [Thu, 10 Jul 2008 00:10:22 +0000 (00:10 +0000)]
the DRM_{READ,WRITE}$NUMBER() macros currently use
bus_space_{read,write}(). A bug in the code this was based on means that
this is also used for scatter gather maps, which are bus_dma memory, not
pci memory.  This obviously fails. Pull them out into a function and
Special case scatter gather to use the mapped virtual address to write
instead. Makes writeback test pass on pci and pci express radeon cards.

Tested by, among others ckuethe@ and sthen@.

16 years agoRead 'vendor' flag from ASCII disklabel since we print it. Fixes
krw [Wed, 9 Jul 2008 23:59:44 +0000 (23:59 +0000)]
Read 'vendor' flag from ASCII disklabel since we print it. Fixes
PR #5872.

ok millert@ deraadt@

16 years agoFixup AGP_MODE{GET,SET}_RATE() macros. the agp 2.0 spec defines that the lowest
oga [Wed, 9 Jul 2008 23:33:07 +0000 (23:33 +0000)]
Fixup AGP_MODE{GET,SET}_RATE() macros. the agp 2.0 spec defines that the lowest
three bits are for the current agp rate. not the lowest two. Otherwise we
preclude agp 4x mode.

It's a bit different for agp 3.0, but we don't have the bits for that yet.

Tested by several as part of a larger diff.

16 years agosync
deraadt [Wed, 9 Jul 2008 22:37:09 +0000 (22:37 +0000)]
sync

16 years agoautomatically populate net.inet.(tcp|udp).baddynamic with the
djm [Wed, 9 Jul 2008 20:23:47 +0000 (20:23 +0000)]
automatically populate net.inet.(tcp|udp).baddynamic with the
contents of /etc/services so as to avoid randomly allocating
source ports that correspond to well-known services. Auto-filling
of the baddynamic tables is performed before reading sysctl.conf,
so it is still possible to add or subtract ports, or override the
autofilling entirely there.

Note that this requires a new kernel and /sbin/sysctl.

feedback markus@ ok markus@ deraadt@ millert@

16 years agoexpand the net.inet.(tcp|udp).baddynamic dynamic source port
djm [Wed, 9 Jul 2008 20:20:45 +0000 (20:20 +0000)]
expand the net.inet.(tcp|udp).baddynamic dynamic source port
skipping bitmasks to cover the entire 65536 port space - previously
they covered 512-1024 only.

sysctl needs to be updated to cope with this change; please
"make includes" before rebuilding it.

feedback millert@ ok millert@ deraadt@ markus@

16 years agolet the kernel choose the random port. code from djm@. ok markus@.
jakob [Wed, 9 Jul 2008 20:10:30 +0000 (20:10 +0000)]
let the kernel choose the random port. code from djm@. ok markus@.

16 years agomissing new-line character.
sobrado [Wed, 9 Jul 2008 20:08:13 +0000 (20:08 +0000)]
missing new-line character.

16 years agoan ellipsis is not an optional argument.
sobrado [Wed, 9 Jul 2008 19:58:28 +0000 (19:58 +0000)]
an ellipsis is not an optional argument.

16 years agodocumentation tweaks.
sobrado [Wed, 9 Jul 2008 19:41:56 +0000 (19:41 +0000)]
documentation tweaks.

16 years agoreintroduce our own shuffle ID generator. ok djm@ millert@
jakob [Wed, 9 Jul 2008 19:04:55 +0000 (19:04 +0000)]
reintroduce our own shuffle ID generator. ok djm@ millert@

16 years agomerge and resolve conflicts introduced by 9.4.2-P1
jakob [Wed, 9 Jul 2008 19:02:52 +0000 (19:02 +0000)]
merge and resolve conflicts introduced by 9.4.2-P1

16 years agoalways verify that the received dns response id matches our request.
reyk [Wed, 9 Jul 2008 17:24:14 +0000 (17:24 +0000)]
always verify that the received dns response id matches our request.

16 years agoUse OpenBSD's knuth shuffle algorithm of random values from bind to
reyk [Wed, 9 Jul 2008 17:16:51 +0000 (17:16 +0000)]
Use OpenBSD's knuth shuffle algorithm of random values from bind to
produce the DNS request ids instead of a simple per-request
arc4random().  This ensure randomness but also satisfies the
non-repeating property we need.

ok deraadt@