djm [Tue, 13 Jan 2015 14:51:51 +0000 (14:51 +0000)]
implement a SIGINFO handler so we can discern a stuck fuzz test
from a merely glacial one; prompted by and ok markus
bluhm [Tue, 13 Jan 2015 14:09:54 +0000 (14:09 +0000)]
Document the openssl s_client -proxy feature.
OK jmc@
schwarze [Tue, 13 Jan 2015 14:02:30 +0000 (14:02 +0000)]
remove .Tn from stdio manuals; Kaspars Bankovskis found one of these
schwarze [Tue, 13 Jan 2015 13:22:13 +0000 (13:22 +0000)]
do not spawn a pager when there is no output; issue pointed out by deraadt@
mpi [Tue, 13 Jan 2015 12:16:18 +0000 (12:16 +0000)]
Only notify userland about resolved ARP entries if the Ethernet address
changed or if we asked for it.
Should reduce the RTM_RESOLVE storm seeing by claudio@
With inputs from and ok mikeb@
mpi [Tue, 13 Jan 2015 12:14:00 +0000 (12:14 +0000)]
Restore sending RTM_ADD and RTM_DELETE messages to userland for every
route created/deleted with rt_ifa_add(9)/rt_ifa_del(9), not only for
RTF_LOCAL routes.
Regression introduced in r1.172 when restoring the original behavior
of RTM_NEWADDR/RTM_RTM_DELADDR reported by Florian Riehm.
Joint work with Florian Riehm, with input from and ok bluhm@.
bluhm [Tue, 13 Jan 2015 10:48:24 +0000 (10:48 +0000)]
Add the possibility to use the openssl s_client tool with an http
proxy. Implement the -proxy feature in the same hackish way as
-starttls.
OK jsing@
mpf [Tue, 13 Jan 2015 10:07:58 +0000 (10:07 +0000)]
Add dmesg -s support, to view the output of rc(8) system startup messages.
Help and feedback by Theo and Miod.
OK deraadt@, manpage-ok jmc@
reyk [Tue, 13 Jan 2015 09:24:20 +0000 (09:24 +0000)]
bump copyright year
reyk [Tue, 13 Jan 2015 09:21:15 +0000 (09:21 +0000)]
bump copyright year
reyk [Tue, 13 Jan 2015 08:54:01 +0000 (08:54 +0000)]
Abort if fcgi_chunked is not true to avoid sending additional garbage
after the response.
Found by Erik Lax
ok florian@
deraadt [Tue, 13 Jan 2015 08:40:09 +0000 (08:40 +0000)]
sync
reyk [Tue, 13 Jan 2015 08:33:12 +0000 (08:33 +0000)]
libedit claims compatibility with readline 4.2, so provide a stub for
rl_set_keyboard_input_timeout() that was added in this version.
Also crank the minor version.
OK krw@ yasuoka@ deraadt@
djm [Tue, 13 Jan 2015 08:23:26 +0000 (08:23 +0000)]
use $SSH instead of installed ssh to allow override; spotted by markus@
djm [Tue, 13 Jan 2015 07:49:49 +0000 (07:49 +0000)]
regress test for PubkeyAcceptedKeyTypes; ok markus@
djm [Tue, 13 Jan 2015 07:39:19 +0000 (07:39 +0000)]
add sshd_config HostbasedAcceptedKeyTypes and PubkeyAcceptedKeyTypes
options to allow sshd to control what public key types will be
accepted. Currently defaults to all. Feedback & ok markus@
guenther [Tue, 13 Jan 2015 07:18:21 +0000 (07:18 +0000)]
Remove unnecessary calls to __atexit_register_cleanup(), calling __sinit()
instead where necessary.
Based on a diff from enh (at) google.com
ok millert@
jmc [Tue, 13 Jan 2015 07:03:23 +0000 (07:03 +0000)]
escape "No" when it's not intended as a macro, and zap
trailing whitespace;
daniel [Tue, 13 Jan 2015 04:45:34 +0000 (04:45 +0000)]
An article on medium.com highlighted that grep
was available in v4.
To quote Ken Thompson, grep appeared "sometime
before the 4th edition."
ok schwarze@
deraadt [Tue, 13 Jan 2015 04:19:00 +0000 (04:19 +0000)]
-/* Backwards compatibility. */
-#ifndef NI_MAXHOST
-#define NI_MAXHOST 1025
-#endif
Disappointing.
lteo [Tue, 13 Jan 2015 03:43:57 +0000 (03:43 +0000)]
"wi0" should be "an0" in the EXAMPLES section.
lteo [Tue, 13 Jan 2015 03:43:18 +0000 (03:43 +0000)]
Give tcpdrop a proper usage() like other programs in the tree.
ok bluhm@
lteo [Tue, 13 Jan 2015 03:42:36 +0000 (03:42 +0000)]
Implement more thorough error checks:
- Check the return value of every relevant function call.
- If BIO_new() returns NULL instead of a valid BIO, do not attempt to
blindly use the NULL value as a BIO throughout the rest of the code.
- Ensure that bio_out is freed by BIO_free_all() at the end of all
error paths.
ok doug@
bcook [Tue, 13 Jan 2015 02:28:56 +0000 (02:28 +0000)]
fix some memory leaks in dns handling.
- Nothing seems to free the result of host_dns(), so add host_dns_free() and
call after each query.
- If imsg_add() fails, it frees buf. Avoid subsequently dereferencing the
freed buf in imsg_close().
ok millert@ deraadt@
dlg [Tue, 13 Jan 2015 02:24:26 +0000 (02:24 +0000)]
pass the vnd xfer pointer to the tasks callback as part of the
vndbuf allocation.
luke-warm support and ok krw@
bcook [Tue, 13 Jan 2015 02:23:33 +0000 (02:23 +0000)]
prefer sizeof(thing) to sizeof(type)
ok tedu@ deraadt@
jsg [Tue, 13 Jan 2015 01:54:19 +0000 (01:54 +0000)]
Enable snooping on Bay Trail HD Audio.
Fixes audio problems on an Asus J1800I-C
reported by Jan Stary.
jsg [Tue, 13 Jan 2015 01:33:45 +0000 (01:33 +0000)]
Add missing Utilite case in imx_platform_init_cons()
spotted by Patrick Wildt
deraadt [Tue, 13 Jan 2015 01:12:48 +0000 (01:12 +0000)]
for the install: target, use cmp as a rough attempt for avoiding repeated
make install
from Simon Nicolussi
ok jsing tedu
deraadt [Tue, 13 Jan 2015 00:45:10 +0000 (00:45 +0000)]
sync
tedu [Mon, 12 Jan 2015 23:39:57 +0000 (23:39 +0000)]
include NFSCLIENT. ok deraadt
deraadt [Mon, 12 Jan 2015 23:28:04 +0000 (23:28 +0000)]
sync
deraadt [Mon, 12 Jan 2015 21:42:53 +0000 (21:42 +0000)]
the BUG described at the bottom is not a bug. It is how it is supposed to
work. Move it up into the main body.
ok tedu millert
miod [Mon, 12 Jan 2015 21:34:15 +0000 (21:34 +0000)]
lager -> larger (no beer involved)
miod [Mon, 12 Jan 2015 21:31:06 +0000 (21:31 +0000)]
Fix two 19 years old (since day one) bug in bad144 sector reassignment logic:
- when entering bad144 mode, correctly compute the actual C/H/S values for the
logical block number.
- when leaving bad144 mode and resuming normal I/O operation, when computing
back the C/H/S values for the next logical block number, compute the
sector number correctly.
millert [Mon, 12 Jan 2015 20:58:07 +0000 (20:58 +0000)]
Add fgetwln(3) from FreeBSD and bump libc minor revision.
zhuk [Mon, 12 Jan 2015 20:56:20 +0000 (20:56 +0000)]
Documentation for postgresql.port.mk.
kettenis [Mon, 12 Jan 2015 20:27:09 +0000 (20:27 +0000)]
Make putting a breakpoint on the first instruction of a program work.
Previously a breakpoint at the first instruction would force us to
single-step. Depending on the single-step implementation this would make us
step over the breakpoint and continue in many cases. Fix this by passing the
address of the current instruction pointer which will skip the code that
checks if we need to step over a breakpoint. A similar fix has been made
upstream many moons ago. Fixes debugging static PIE on sparc64 and probably
others that use some sort of software single-stepping.
markus [Mon, 12 Jan 2015 20:13:27 +0000 (20:13 +0000)]
unbreak parsing of pubkey comments; with gerhard; ok djm/deraadt
tedu [Mon, 12 Jan 2015 20:00:11 +0000 (20:00 +0000)]
revert the namecache embiggening since it seems to cause hangs at reboot.
reported and revert tested by krw
markus [Mon, 12 Jan 2015 19:22:46 +0000 (19:22 +0000)]
missing error assigment on sshbuf_put_string()
espie [Mon, 12 Jan 2015 18:27:33 +0000 (18:27 +0000)]
oops, don't load quirks prematurely. noticed by many, myself included
stsp [Mon, 12 Jan 2015 18:18:42 +0000 (18:18 +0000)]
Fix axen(4) build with AXEN_DEBUG defined. From Fabien Raetz.
deraadt [Mon, 12 Jan 2015 17:25:03 +0000 (17:25 +0000)]
exphy and ciphy are not needed with this list of network devices
thanks jsg
deraadt [Mon, 12 Jan 2015 17:10:36 +0000 (17:10 +0000)]
Due to recent savings with instbin, we can take i386 to one install
floppy. A few drivers are missing, but the world has moved on (the drivers
included are always a work in progress)
Speeds up make release substantially, of course.
deraadt [Mon, 12 Jan 2015 16:33:31 +0000 (16:33 +0000)]
Enable lid suspends by default in the kernel, and remove the question from
the installer. We used a full release cycle to learn that suspend/resume
is reliable enough for this default. Personal policy can disable this using
machdep.lidsuspend=0 in /etc/sysctl.conf
ok more people begging, and less people whining
bluhm [Mon, 12 Jan 2015 15:46:55 +0000 (15:46 +0000)]
Fetching port distfiles with the ftp command from githup did not
work when using a https proxy because of a missing host header.
Remember the host form the url and write it into the http request.
Fix the format string when using Proxy-Authorization together with
Cookie. Also write the http request to the debugging output to
see what is going on.
input jca@; OK sthen@ mpi@
djm [Mon, 12 Jan 2015 15:18:07 +0000 (15:18 +0000)]
apparently memcpy(x, NULL, 0) is undefined behaviour according to
C99 (cf. sections 7.21.1 and 7.1.4), so check skip memcpy calls when
length==0; ok markus@
ajacoutot [Mon, 12 Jan 2015 14:40:35 +0000 (14:40 +0000)]
Make sure the given user exists.
"I like it" sthen@
ok robert@
millert [Mon, 12 Jan 2015 14:36:48 +0000 (14:36 +0000)]
Use proper casts for ctype functions. This is already fixed in nsd
trunk. OK doug@
markus [Mon, 12 Jan 2015 14:05:19 +0000 (14:05 +0000)]
free->sshkey_free; ok djm@
mpi [Mon, 12 Jan 2015 13:51:45 +0000 (13:51 +0000)]
Kill the global list of IPv4 addresses.
ok claudio@, mikeb@, bluhm@
ajacoutot [Mon, 12 Jan 2015 13:51:20 +0000 (13:51 +0000)]
Make it possible to reset "timeout" to the default value.
ajacoutot [Mon, 12 Jan 2015 13:40:12 +0000 (13:40 +0000)]
"timeout" must be a positive integer.
markus [Mon, 12 Jan 2015 13:29:27 +0000 (13:29 +0000)]
allow WITH_OPENSSL w/o WITH_SSH1; ok djm@
jsg [Mon, 12 Jan 2015 12:41:30 +0000 (12:41 +0000)]
regen
jsg [Mon, 12 Jan 2015 12:40:41 +0000 (12:40 +0000)]
add some E5 v3 PCIE and Bay Trail ids
djm [Mon, 12 Jan 2015 11:46:32 +0000 (11:46 +0000)]
fatal if soft-PKCS11 library is missing rather (rather than continue
and fail with a more cryptic error)
mikeb [Mon, 12 Jan 2015 11:24:58 +0000 (11:24 +0000)]
Don't forget about protocol specification when configuring flows.
Tested by and OK claudio.
djm [Mon, 12 Jan 2015 11:12:38 +0000 (11:12 +0000)]
let this test all supporte key types; pointed out/ok markus@
mikeb [Mon, 12 Jan 2015 10:40:51 +0000 (10:40 +0000)]
When setting up advanced TX descriptor use m_getptr to locate the IP
or IPv6 header instead of assuming contiguousness of the target buffer
across Ethernet and IP/IPv6 headers.
Tested by Kapetanakis Giannis <bilias at edu ! physics ! uoc ! gr>,
thanks! Problem analysis and initial diff by dlg@.
nicm [Mon, 12 Jan 2015 10:11:07 +0000 (10:11 +0000)]
Add a note that HOST_NAME_MAX does not include a terminating \0, unlike
MAXHOSTNAMELEN.
ok deraadt guenther
deraadt [Mon, 12 Jan 2015 07:12:58 +0000 (07:12 +0000)]
pretty up some malloc() calls
deraadt [Mon, 12 Jan 2015 07:11:41 +0000 (07:11 +0000)]
hibernate_suspend() should not pmap_kremove by itself; hibernate_free()
must do that. otherwise, pmap_kremove is called twice. i386 in particular
does not tolerate that, found by sebastia
ok mlarkin kettenis
brad [Mon, 12 Jan 2015 04:49:41 +0000 (04:49 +0000)]
Some fixes and tidying up of the receive filter handling bits.
tedu [Mon, 12 Jan 2015 03:20:04 +0000 (03:20 +0000)]
rename blocks to words. bcrypt "blocks" are unrelated to blowfish blocks,
nor are they the same size.
doug [Mon, 12 Jan 2015 02:15:23 +0000 (02:15 +0000)]
Fix a memory leak in bss_dgram.
Free data->saved_message.data. Based on OpenSSL commit:
41cd41c4416f545a18ead37e09e437c75fa07c95 except this version sets a->ptr
to NULL to avoid accidental reuse and handles malloc failing.
ok beck@, input + ok miod@
dlg [Mon, 12 Jan 2015 00:07:55 +0000 (00:07 +0000)]
stash the softc in the memory allocated for setting up a task for
creating sensors.
espie [Sun, 11 Jan 2015 22:34:08 +0000 (22:34 +0000)]
replace fw_update (shell script) with a specialized version of pkg_add.
This has numerous advantages, in terms of speed and control.
Initial version should be (mostly) identical to the old one.
thanks to rpe@ and sthen@ for tests.
miod [Sun, 11 Jan 2015 21:24:32 +0000 (21:24 +0000)]
Remove orphaned defines.
miod [Sun, 11 Jan 2015 21:02:55 +0000 (21:02 +0000)]
No more etc set, also sparc nowadays needs more than 16MB to boot multiuser.
kettenis [Sun, 11 Jan 2015 19:59:56 +0000 (19:59 +0000)]
Tolerate checksum errors in ACPI tables (but complain about them). Apparently
there are machines out there with broken BIOSen with such checksum errors in
thier RSDT tables. Windows runs fine on these machines, so it probably does
not check. Linux ignores checksum errors as well (and prints a warning).
ok deraadt@, krw@
guenther [Sun, 11 Jan 2015 19:34:52 +0000 (19:34 +0000)]
LOCKDEBUG is dead; perform the funeral rites
pointed out by Helg (xx404 (at) msn.com)
ok deraadt@ miod@
tedu [Sun, 11 Jan 2015 19:25:13 +0000 (19:25 +0000)]
switch prototype warnings to implicit-declaration warnings.
This should catch all the same bad cases, but be a little less aggravating
in circumstances where a prototype isn't necessary
ok deraadt
gilles [Sun, 11 Jan 2015 18:25:54 +0000 (18:25 +0000)]
revert two latest commits until a crash is fixed
miod [Sun, 11 Jan 2015 18:10:33 +0000 (18:10 +0000)]
When using sun4 PROM I/O routines, make sure we never attempt to transfer more
than the maximum DMA transfer size the PROM reports.
Crank version to 2.9.
mpi [Sun, 11 Jan 2015 15:41:16 +0000 (15:41 +0000)]
There's no simple way so check for DMA buffer overrun with isochronous
transfers, so skip the check for such xfers for the moment.
Issue reported by Ingo Feinerer and fix confirmed by Jan Stary.
miod [Sun, 11 Jan 2015 15:35:38 +0000 (15:35 +0000)]
Use the softc-specific function pointers for bcopy() and bzero() in iestart(),
instead of, well, bcopy and bzero. This lets ie@vme transmit packets instead of
panicing due to memset() trying to use 32-bit stores on a device address.
miod [Sun, 11 Jan 2015 15:29:03 +0000 (15:29 +0000)]
Make sure to initialize nbpg to a sensible value in bootxx, when running on
a sun4 system - the prom i/o routines depend on it.
miod [Sun, 11 Jan 2015 14:56:23 +0000 (14:56 +0000)]
Unbreak sun4
deraadt [Sun, 11 Jan 2015 13:00:05 +0000 (13:00 +0000)]
global "list" is not the nicest variable name
seen my mlarkin, ok miod
kirby [Sun, 11 Jan 2015 12:17:44 +0000 (12:17 +0000)]
add/fix/extend entries of exUSSR airports I've been to.
ok sthen@
gilles [Sun, 11 Jan 2015 11:49:36 +0000 (11:49 +0000)]
unbreak the delivery_filename backend, now that it no longer prepends the
From separator line but gets it injected in its iobuf by the mda process,
we need to make sure not to escape the first 'From ' we receive.
spotted by deraadt@
dlg [Sun, 11 Jan 2015 11:18:36 +0000 (11:18 +0000)]
armv6 introduced opcodes for reversing words in registers. we can
use these on armv7 as a backend for byteswapping things that endian.h
provide.
i dunno if its faster, but it makes smaller code. saves 30k on
GENERIC-OMAP.
ok jsing@ bmercer@ jsg@
deraadt [Sun, 11 Jan 2015 04:14:40 +0000 (04:14 +0000)]
correctly use HOST_NAME_MAX.
Some notes:
POSIX HOST_NAME_MAX doesn't include the NUL.
POSIX LOGIN_NAME_MAX and TTY_NAME_MAX do include the NUL.
BSD MAXHOSTNAMELEN includes the NUL. Actually, most of the historical
BSD MAX* defines did include the NUL, except for the historical
mistake of utmp fields without NULs in the string, which directly led
to strncpy.. just showing how error prone this kind of accounting is.
CSRG did right. Somehow POSIX missed the memo on the concepts of
carefulness and consistancy, and we are still paying the price when
people trip over this. Of course, glibc is even more amazing (that is
a hint to blackhats)
ok guenther
deraadt [Sun, 11 Jan 2015 03:08:38 +0000 (03:08 +0000)]
use mallocarray(), then set the size afterwards. Prefer if people learn
and use this idiom everywhere, it is always safest.
deraadt [Sun, 11 Jan 2015 03:07:44 +0000 (03:07 +0000)]
use mallocarray()
deraadt [Sun, 11 Jan 2015 03:06:19 +0000 (03:06 +0000)]
mallocarray() for the rx_buffer memory
guenther [Sun, 11 Jan 2015 03:05:03 +0000 (03:05 +0000)]
Casting a gid_t to gid_t for a gid_t argument is overkill
deraadt [Sun, 11 Jan 2015 03:04:53 +0000 (03:04 +0000)]
use mallocarray() when reallocating the mux table
deraadt [Sun, 11 Jan 2015 02:59:59 +0000 (02:59 +0000)]
KUE_MCFILTCNT() is non-constant, so use mallocarray()
deraadt [Sun, 11 Jan 2015 02:57:09 +0000 (02:57 +0000)]
unnecessary cast
deraadt [Sun, 11 Jan 2015 02:35:44 +0000 (02:35 +0000)]
snc
kettenis [Sat, 10 Jan 2015 22:14:30 +0000 (22:14 +0000)]
Get the MAC address from the PCI ROM on systems without Open Firmware. Code
largely stolen from cas(4), but with a few tweaks.
kettenis [Sat, 10 Jan 2015 19:52:37 +0000 (19:52 +0000)]
Bye, bye simple_lock.
kettenis [Sat, 10 Jan 2015 18:56:55 +0000 (18:56 +0000)]
Disable (most) interrupts when the interface goes down.
kettenis [Sat, 10 Jan 2015 17:19:02 +0000 (17:19 +0000)]
Enable nep(4).
kettenis [Sat, 10 Jan 2015 17:17:48 +0000 (17:17 +0000)]
Hook up nep(4).
kettenis [Sat, 10 Jan 2015 17:02:17 +0000 (17:02 +0000)]
A few more loose ends.
kettenis [Sat, 10 Jan 2015 16:41:04 +0000 (16:41 +0000)]
Remove debug printfs.