openbsd
9 years agoAI_ADDRCONFIG: skip loopback addresses, not loopback interfaces.
jca [Tue, 5 May 2015 17:08:44 +0000 (17:08 +0000)]
AI_ADDRCONFIG: skip loopback addresses, not loopback interfaces.

This is what RFC3493 suggests.  Fixes AI_ADDRCONFIG on setups where
global addresses are configured only on loopback interfaces.

Discussed with and ok eric@ gilles@

9 years agoMove the AI_ADDRCONFIG setup to its own function.
jca [Tue, 5 May 2015 16:59:08 +0000 (16:59 +0000)]
Move the AI_ADDRCONFIG setup to its own function.

Input from and ok gilles@ eric@

9 years agoRemove man page links for crypto(9) key operations; reminded by jmc@
mikeb [Tue, 5 May 2015 16:38:20 +0000 (16:38 +0000)]
Remove man page links for crypto(9) key operations; reminded by jmc@

9 years agoLess magic number
shadchin [Tue, 5 May 2015 16:27:20 +0000 (16:27 +0000)]
Less magic number

For PS/2 - status byte - bit 5:
The bit is '1' if the data on input port 60h came from the AUX port, or '0' if
the data came from the keyboard or from the keyboard controller itself.

KBS_TERR (kbd transmission error) was valid for AT-mode, but not for PS/2-mode.

ok ratchov@, miod@

9 years agoMake argument name consistent and use .Fn rather than .Nm in section 3.
schwarze [Tue, 5 May 2015 14:37:20 +0000 (14:37 +0000)]
Make argument name consistent and use .Fn rather than .Nm in section 3.
Patch from <Kaspars at Bankovskis dot net>.

9 years agoadd missing braces in _aucat_wmsg()
jsg [Tue, 5 May 2015 13:36:22 +0000 (13:36 +0000)]
add missing braces in _aucat_wmsg()

As ratchov@ notes:
"all _aucat_wmsg() callers set hdl->wtodo, so your diff can't break
things that used to work by accident."

ok ratchov@

9 years agoRemove references to APIs that don't exist anymore.
mikeb [Tue, 5 May 2015 11:17:34 +0000 (11:17 +0000)]
Remove references to APIs that don't exist anymore.
Based on a diff from Vincent Gross <dermiste@kilob.yt>, thanks!

9 years agoImplement If-Modified-Since.
florian [Tue, 5 May 2015 11:10:13 +0000 (11:10 +0000)]
Implement If-Modified-Since.
From Kyle Thompson <jmp AT giga DOT moe>.
Tweaks by me.
OK benno@

9 years agoWinSCP doesn't implement RFC4419 DH-GEX so flag it so we don't offer that
dtucker [Tue, 5 May 2015 10:17:49 +0000 (10:17 +0000)]
WinSCP doesn't implement RFC4419 DH-GEX so flag it so we don't offer that
KEX method.  ok markus@

9 years agoHuawei MU609 from Cristián Edwards.
mpi [Tue, 5 May 2015 10:17:09 +0000 (10:17 +0000)]
Huawei MU609 from Cristián Edwards.

ok dcoppa@

9 years agoregen
mpi [Tue, 5 May 2015 10:16:38 +0000 (10:16 +0000)]
regen

9 years agoHuawei MU609 from Cristián Edwards.
mpi [Tue, 5 May 2015 10:16:00 +0000 (10:16 +0000)]
Huawei MU609 from Cristián Edwards.

ok dcoppa@

9 years agoFlag user specified routes with an AF_LINK gateway as RTF_LLINFO.
mpi [Tue, 5 May 2015 09:41:43 +0000 (09:41 +0000)]
Flag user specified routes with an AF_LINK gateway as RTF_LLINFO.

This makes ND6 and ARP layers happy since they both check for this flag,
but is was redundant to provide route(8)'s "-llinfo" option when adding
a l2 route.

RTF_LLINFO is clearly redundant for userland tools, so only allow the
kernel to set it.

ok benno@, claudio@

9 years agotweak;
jmc [Tue, 5 May 2015 07:20:42 +0000 (07:20 +0000)]
tweak;

9 years agoDocument that shm_open() accepts O_CLOEXEC and O_NOFOLLOW as extensions
guenther [Tue, 5 May 2015 06:29:15 +0000 (06:29 +0000)]
Document that shm_open() accepts O_CLOEXEC and O_NOFOLLOW as extensions

ok miod@

9 years agouse the sizeof the struct not the sizeof a pointer to the struct
jsg [Tue, 5 May 2015 02:48:17 +0000 (02:48 +0000)]
use the sizeof the struct not the sizeof a pointer to the struct
in ssh_digest_start()

This file is only used if ssh is built with OPENSSL=no

ok markus@

9 years agoemul_native is only used for kernel threads which can't dump core, so
guenther [Tue, 5 May 2015 02:13:46 +0000 (02:13 +0000)]
emul_native is only used for kernel threads which can't dump core, so
delete coredump_trad(), uvm_coredump(), cpu_coredump(), struct md_coredump,
and various #includes that are superfluous.

This leaves compat_linux processes without a coredump callback.  If that
ability is desired, someone should update it to use coredump_elf32() and
verify the results...

ok kettenis@

9 years agofix a return path that lacked a rw_exit_write() call
jsg [Tue, 5 May 2015 02:01:10 +0000 (02:01 +0000)]
fix a return path that lacked a rw_exit_write() call
ok kettenis@

9 years agouse the sizeof the struct not the sizeof a pointer to the struct
jsg [Tue, 5 May 2015 01:26:37 +0000 (01:26 +0000)]
use the sizeof the struct not the sizeof a pointer to the struct
ok claudio@

9 years agofix numbers for pppx, vscsi and diskmap
jmatthew [Mon, 4 May 2015 23:48:14 +0000 (23:48 +0000)]
fix numbers for pppx, vscsi and diskmap

ok dlg@

9 years agoDefault daemon_flags are no longer in /etc/rc.conf,
schwarze [Mon, 4 May 2015 22:29:04 +0000 (22:29 +0000)]
Default daemon_flags are no longer in /etc/rc.conf,
but you can still find them in the rc.d(8) scripts.

9 years agoRemove comments about default daemon_flags; most are empty, those
schwarze [Mon, 4 May 2015 22:25:17 +0000 (22:25 +0000)]
Remove comments about default daemon_flags; most are empty, those
that aren't are redundant because they can be found in the rc.d(8)
scripts themselves, and they risk getting out of sync.
While here, sort the daemons alphabetically.
No functional change.

Triggered by a much smaller nameserver-only patch from stephan@.
OK ajacoutot@ rpe@ stephan@ and looks good to sthen@.

9 years agofix device numbering comments, no binary change
jmatthew [Mon, 4 May 2015 21:45:23 +0000 (21:45 +0000)]
fix device numbering comments, no binary change

9 years agoDocument the disklabel(8) autopartitioning feature.
rpe [Mon, 4 May 2015 20:52:02 +0000 (20:52 +0000)]
Document the disklabel(8) autopartitioning feature.
While here, reformat the documentation for the additional questions.

Feedback from schwarze@
OK henning@ on a similar diff
OK jmc@

9 years agoAdd the new template file based autopartitioning feature of disklabel(8)
rpe [Mon, 4 May 2015 19:55:26 +0000 (19:55 +0000)]
Add the new template file based autopartitioning feature of disklabel(8)
to the OpenBSD installer. It is available during unattended installation.
The template file is fetched from an url, provided as answer to a new
question in the response file:

    URL to autopartitioning template for disklabel = url

Original diff from and OK henning@
'no objection' krw@

9 years agolightly document the posix option and POSIXLY_CORRECT; will sketch out
jmc [Mon, 4 May 2015 19:34:13 +0000 (19:34 +0000)]
lightly document the posix option and POSIXLY_CORRECT; will sketch out
in more detail once i get my head round them...

9 years agoAdd SwissSign CA root certificates. Requested by robert@, ok dcoppa@ aja@ miod@
sthen [Mon, 4 May 2015 19:02:57 +0000 (19:02 +0000)]
Add SwissSign CA root certificates. Requested by robert@, ok dcoppa@ aja@ miod@

9 years agotweak previous;
jmc [Mon, 4 May 2015 14:36:26 +0000 (14:36 +0000)]
tweak previous;

9 years agosort the hardware list for urtwn, and update it's description in usb.4;
jmc [Mon, 4 May 2015 14:30:06 +0000 (14:30 +0000)]
sort the hardware list for urtwn, and update it's description in usb.4;

9 years agoadd missing .Vt macros
schwarze [Mon, 4 May 2015 14:18:13 +0000 (14:18 +0000)]
add missing .Vt macros

9 years agoUse the right index when expanding/collapsing tree, from Thomas Adam.
nicm [Mon, 4 May 2015 13:04:10 +0000 (13:04 +0000)]
Use the right index when expanding/collapsing tree, from Thomas Adam.

9 years agoFix clipping bug in float to fixed point conversion, causing
ratchov [Mon, 4 May 2015 12:51:13 +0000 (12:51 +0000)]
Fix clipping bug in float to fixed point conversion, causing
audible glitches when samples smaller than the quantification
step are converted.

9 years agourtwn(4) man page updates for RTL8188EU support.
stsp [Mon, 4 May 2015 11:48:05 +0000 (11:48 +0000)]
urtwn(4) man page updates for RTL8188EU support.
Patch by Mikhail <mp39590@gmail.com>, based on FreeBSD r264912 by kevlo.

9 years agoAdd support for RTL8188EU chips to urtwn(4).
stsp [Mon, 4 May 2015 11:46:29 +0000 (11:46 +0000)]
Add support for RTL8188EU chips to urtwn(4).

Patch by Mikhail <mp39590@gmail.com>, based on FreeBSD r264912 by kevlo.

Tested with 8188EU (TP-Link TL-WN725N). No regression on 8188CUS.
There are performance problems with 8188EU devices, cause unknown.
These will hopefully be resolved soon.

ok mpi@

9 years agoWhen writing a value to a field, don't read past the end of the source value
jmatthew [Mon, 4 May 2015 10:42:06 +0000 (10:42 +0000)]
When writing a value to a field, don't read past the end of the source value
if the field is bigger.  Fixes crashes seen on HP bc2500 blades with MP
kernels.

ok kettenis@

9 years agoUse ether_input() as default input packet handler and do the necessary
mpi [Mon, 4 May 2015 10:24:08 +0000 (10:24 +0000)]
Use ether_input() as default input packet handler and do the necessary
m_adj(9) to keep bridge(4) working while other pseudo-drivers are
converted to if_input().

Tested by mxb <mxb AT alumni DOT chalmers DOT se>, thanks!

ok henning@

9 years agoreduce the scope of things that include uvm_swap_encrypt.h.
dlg [Mon, 4 May 2015 10:21:15 +0000 (10:21 +0000)]
reduce the scope of things that include uvm_swap_encrypt.h.

uvm_meter.c needs it to route the sysctl, uvm_swap.c needs it to
use the functionality, and uvm_swap_encrypt.c needs it to for obvious
reasons. userland sysctl already includes it explicitely.

everything else doesnt and shouldnt care.

ok miod@

9 years agoDocument usbd_open_pipe(9) and friends, from Sean Levy with some tweaks.
mpi [Mon, 4 May 2015 10:12:34 +0000 (10:12 +0000)]
Document usbd_open_pipe(9) and friends, from Sean Levy with some tweaks.

9 years agoUse the size of the buffer not the pointer in a call to mem_free().
jsg [Mon, 4 May 2015 09:43:51 +0000 (09:43 +0000)]
Use the size of the buffer not the pointer in a call to mem_free().
ok miod@ and guenther@ who both pointed out this argument is unused.

9 years agouse the size of the buffer not the pointer in resume_randomness()
jsg [Mon, 4 May 2015 09:38:05 +0000 (09:38 +0000)]
use the size of the buffer not the pointer in resume_randomness()
ok djm@ miod@ deraadt@

9 years agoPrint irq informations in pckbc_set_inputhandler().
mpi [Mon, 4 May 2015 09:33:45 +0000 (09:33 +0000)]
Print irq informations in pckbc_set_inputhandler().

ok miod@

9 years agoRemove pattern length argument from match_pattern_list(),
djm [Mon, 4 May 2015 06:10:48 +0000 (06:10 +0000)]
Remove pattern length argument from match_pattern_list(),
we only ever use it for strlen(pattern).

Prompted by hanno AT hboeck.de pointing an out-of-bound read
error caused by an incorrect pattern length found using AFL
and his own tools.

ok markus@

9 years agoFix some misuse of the | operator. In particular | has higher
jsg [Mon, 4 May 2015 03:59:42 +0000 (03:59 +0000)]
Fix some misuse of the | operator.  In particular | has higher
precedence than ?:
ok guenther@ krw@ miod@

9 years agoClarify that hibernate_resume must be called with interrupts enabled.
mlarkin [Mon, 4 May 2015 02:18:05 +0000 (02:18 +0000)]
Clarify that hibernate_resume must be called with interrupts enabled.

9 years agoSpecify regression test host keys so that this test will work without
dtucker [Mon, 4 May 2015 01:51:39 +0000 (01:51 +0000)]
Specify regression test host keys so that this test will work without
SUDO (because it can't read the real host keys) and in -portable on
systems where sshd hasn't been installed yet (because the keys don't
exist yet).

9 years agoUse diff w/out -u for better portability
dtucker [Mon, 4 May 2015 01:47:53 +0000 (01:47 +0000)]
Use diff w/out -u for better portability

9 years agoPreserve times to nanosecond precision instead of just microsecond.
guenther [Sun, 3 May 2015 19:44:58 +0000 (19:44 +0000)]
Preserve times to nanosecond precision instead of just microsecond.
Prefer to set attributes by fd for regular files, and not follwing
symlinks for others.

ok brynet@ millert@

9 years agoImplement byte ranges.
florian [Sun, 3 May 2015 18:39:58 +0000 (18:39 +0000)]
Implement byte ranges.
From Sunil Nimmagadda <sunil At nimmagadda DOT net>
OK benno@

9 years agoS was misplaced in r1.89, the optarg that was removed was actually needed
gilles [Sun, 3 May 2015 18:10:58 +0000 (18:10 +0000)]
S was misplaced in r1.89, the optarg that was removed was actually needed
by R, so reintroduce it in the proper place.

spotted and diff by Sunil Nimmagadda

9 years agosmtpd enqueue -S does not take an argument, fix optstring accordingly
gilles [Sun, 3 May 2015 17:53:50 +0000 (17:53 +0000)]
smtpd enqueue -S does not take an argument, fix optstring accordingly

fix by Nathanael Rensen

9 years agoRemove subsections and start documentation of autoinstall only installer
rpe [Sun, 3 May 2015 12:53:36 +0000 (12:53 +0000)]
Remove subsections and start documentation of autoinstall only installer
features.

Feedback and OK jmc@
"Reads ok" krw@

9 years agostruct usave is unused, and eproc is gone; delete the former and
guenther [Sun, 3 May 2015 06:23:28 +0000 (06:23 +0000)]
struct usave is unused, and eproc is gone; delete the former and
stop referencing them in comments

9 years agoadd missing CISS_UNLOCK_SCRATCH/splx calls
jsg [Sun, 3 May 2015 02:10:13 +0000 (02:10 +0000)]
add missing CISS_UNLOCK_SCRATCH/splx calls
ok krw@

9 years agoMake sure we don't leak bytes from malloced memory in the padding of struct
guenther [Sun, 3 May 2015 02:02:15 +0000 (02:02 +0000)]
Make sure we don't leak bytes from malloced memory in the padding of struct
dirent.  (The memset in previous commit was both wrong and insufficient.)

problem with memset noted by brad@ and jsg@
ok millert@

9 years agoEliminate the -U flag and make usage of DUID in /etc/dumpdates the default.
guenther [Sun, 3 May 2015 01:44:34 +0000 (01:44 +0000)]
Eliminate the -U flag and make usage of DUID in /etc/dumpdates the default.
Correct old style entries so nothing has to be done for the admin.

diff from Manuel Giraud (manuel (at) ledu-giraud.fr)  Thanks!

9 years agofix build with option DEBUG
miod [Sat, 2 May 2015 20:50:08 +0000 (20:50 +0000)]
fix build with option DEBUG

9 years agoDie, damned distracting red space.
krw [Sat, 2 May 2015 18:13:42 +0000 (18:13 +0000)]
Die, damned distracting red space.

9 years agode-castify strtonum to make it consistent again.
florian [Sat, 2 May 2015 18:03:37 +0000 (18:03 +0000)]
de-castify strtonum to make it consistent again.
Pointed out by bluhm@; no object change.
OK bluhm@, krw@

9 years agoUse IPV6_MAXHLIM instead of 255; pointed out by bluhm@
florian [Sat, 2 May 2015 17:19:42 +0000 (17:19 +0000)]
Use IPV6_MAXHLIM instead of 255; pointed out by bluhm@
No object change.

9 years agoA ttl of 0 is valid. While here use MAXTTL instead of 255.
florian [Sat, 2 May 2015 17:16:07 +0000 (17:16 +0000)]
A ttl of 0 is valid. While here use MAXTTL instead of 255.
Input bluhm@, OK krw@

9 years agoadd missing splx calls
jsg [Sat, 2 May 2015 14:43:06 +0000 (14:43 +0000)]
add missing splx calls
ok krw@

9 years agoadd missing splx calls
jsg [Sat, 2 May 2015 14:33:19 +0000 (14:33 +0000)]
add missing splx calls
ok miod@

9 years agoHoist common assignments out of a series of if/if-else statements
krw [Sat, 2 May 2015 14:29:32 +0000 (14:29 +0000)]
Hoist common assignments out of a series of if/if-else statements
in get_token(). Simplifies code and shrinks future diff.

No intentional functional change.

9 years agoFix obvious problems with relayd config reload.
claudio [Sat, 2 May 2015 13:15:24 +0000 (13:15 +0000)]
Fix obvious problems with relayd config reload.
- fix a TAILQ corruption because of a use after free
- do not reinit the SSL engine since that fails
OK sthen, benno

9 years agoCorrect switch between current and previous line buffers when
krw [Sat, 2 May 2015 12:37:35 +0000 (12:37 +0000)]
Correct switch between current and previous line buffers when
encountering a carriage return in the input.

Found by jsg@ a long time ago in a respository far, far away.

9 years agorework hppa mutexes.
dlg [Sat, 2 May 2015 10:59:47 +0000 (10:59 +0000)]
rework hppa mutexes.

this is largely based on src/sys/arch/alpha/alpha/mutex.c r1.14 and
src/sys/arch/sgi/sgi/mutex.c r1.15

always and explicitely record which cpu owns the lock (or NULL if
noone owns it). improve the mutex diagnostics/asserts so they operate
on the mtx_owner field rather than mtx_lock. previously the asserts
would assume the lock cpu owns the lock if any of them own the lock,
which blows up badly.

hppa hasnt got good atomic cpu opcodes, so this still relies on
ldcws to serialise access to the lock.

while im here i also shuffled the code. on MULTIPROCESSOR systems
instead of duplicating code between mtx_enter and mtx_enter_try,
mtx_enter simply loops on mtx_enter_try until it succeeds.

this also provides an alternative implementation of mutexes on
!MULTIPROCESSOR systems that avoids interlocking opcodes. mutexes
wont contend on UP boxes, theyre basically wrappers around spls.
we can just do the splraise, stash the owner as a guard value for
DIAGNOSTIC and return. similarly, mtx_enter_try on UP will never
fail, so we can just call mtx_enter and return 1.

tested by and ok kettenis@ jsing@

9 years agoadd missing splx calls
jsg [Sat, 2 May 2015 10:44:29 +0000 (10:44 +0000)]
add missing splx calls

9 years agoNo more pf_rules ipsec_rules.
ajacoutot [Sat, 2 May 2015 09:36:27 +0000 (09:36 +0000)]
No more pf_rules ipsec_rules.

9 years agoDrop pf_rules and ipsec_rules from rc.conf(5); it shouldn't have been made
ajacoutot [Sat, 2 May 2015 09:35:44 +0000 (09:35 +0000)]
Drop pf_rules and ipsec_rules from rc.conf(5); it shouldn't have been made
tweakable: there's no real point and these files support the 'include' option so
one can always get its config from whatever path... especially useful when
testing a new ruleset.

man page inputs from schwarze@
ok halex@ schwarze@ rpe@ deraadt@

9 years agostatue [sic] day in netherlands antilles becomes kingdom day in the netherlands;
jmc [Sat, 2 May 2015 07:05:38 +0000 (07:05 +0000)]
statue [sic] day in netherlands antilles becomes kingdom day in the netherlands;
thanks paul de weerd for pointers

9 years agoUse strtonum() when parsing argument list, as ping(8) does. Give
krw [Sat, 2 May 2015 00:32:03 +0000 (00:32 +0000)]
Use strtonum() when parsing argument list, as ping(8) does.  Give
or take a cast. Tweak error messages to also be consistant with
ping(8).

Change lower bound of '-h' to 0 from -1 at the request of florian@.

Tweaks and suggestions from, ok florian@

9 years ago- king's birthday now celebrated in the netherlands; from einfach jemand
jmc [Fri, 1 May 2015 18:36:52 +0000 (18:36 +0000)]
- king's birthday now celebrated in the netherlands; from einfach jemand
ok, though not neccessarily endorsed, from/by otto

tim van der molen further requested it be "king's day" and the removal
of antilles

while here i've used an article (*the* netherlands), here and in another
example

9 years agomdoc_valid_post() may indirectly call roff_node_unlink() which may
schwarze [Fri, 1 May 2015 16:56:36 +0000 (16:56 +0000)]
mdoc_valid_post() may indirectly call roff_node_unlink() which may
set ROFF_NEXT_CHILD, which is desirable for the final call to
mdoc_valid_post() - in case the target itself gets deleted, the
parse point may need this adjustment - but not for the intermediate
calls - if intermediate nodes get deleted, that mustn't clobber the
parse point.  So move setting ROFF_NEXT_SIBLING to the proper place
in rew_last().

This fixes the assertion failure in jsg@'s afl test case 108/Apr27.

9 years agoConvert to if_input(), ok miod@
mpi [Fri, 1 May 2015 16:37:32 +0000 (16:37 +0000)]
Convert to if_input(), ok miod@

9 years agoSetting the "last" member of struct roff_node was done at an extremely
schwarze [Fri, 1 May 2015 16:01:53 +0000 (16:01 +0000)]
Setting the "last" member of struct roff_node was done at an extremely
weird place.  Move it to the obviously correct place.
Surprisingly, this didn't cause any misformatting in the test suite
or in any base system manuals, but i cannot believe the code was
really correct for all conceivable input, and it would be very hard
to verify.  At the very least, it cannot have worked for man(7).

9 years agoMinor bug fix: When .Pp rewinds .Nm, rewind the whole block,
schwarze [Fri, 1 May 2015 15:27:17 +0000 (15:27 +0000)]
Minor bug fix:  When .Pp rewinds .Nm, rewind the whole block,
not just the body.  In some unusual edge cases, this caused
the .Pp to become a sibling of the .Nm body inside the .Nm block.

9 years agoConvert to if_input(), ok miod@
mpi [Fri, 1 May 2015 14:56:18 +0000 (14:56 +0000)]
Convert to if_input(), ok miod@

9 years agoregen
jsg [Fri, 1 May 2015 12:46:48 +0000 (12:46 +0000)]
regen

9 years agoCorrect some E5 v2 ids and add E5 v2 R2PCIE.
jsg [Fri, 1 May 2015 12:46:04 +0000 (12:46 +0000)]
Correct some E5 v2 ids and add E5 v2 R2PCIE.
From Hrvoje Popovski.

9 years agoreenable page zeroing thread on SMP mips kernels.
miod [Fri, 1 May 2015 11:18:21 +0000 (11:18 +0000)]
reenable page zeroing thread on SMP mips kernels.

9 years agoDo not grab the kernel lock for clock interrupts. Help and ok kettenis@
miod [Fri, 1 May 2015 11:17:22 +0000 (11:17 +0000)]
Do not grab the kernel lock for clock interrupts. Help and ok kettenis@

9 years agomention that the user's shell from /etc/passwd is used for commands
djm [Fri, 1 May 2015 07:11:47 +0000 (07:11 +0000)]
mention that the user's shell from /etc/passwd is used for commands
too; bz#1459 ok dtucker@

9 years agorefactor ssh_dispatch_run_fatal() to use sshpkt_fatal() to better
djm [Fri, 1 May 2015 07:10:01 +0000 (07:10 +0000)]
refactor ssh_dispatch_run_fatal() to use sshpkt_fatal() to better
report error conditions. Teach sshpkt_fatal() about ECONNRESET.

Improves error messages on TCP connection resets. bz#2257

ok dtucker@

9 years agoa couple of parse targets were missing activep checks, causing them
djm [Fri, 1 May 2015 07:08:08 +0000 (07:08 +0000)]
a couple of parse targets were missing activep checks, causing them
to be misapplied in match context;
bz#2272 diagnosis and original patch from Sami Hartikainen
ok dtucker@

9 years agomake handling of AuthorizedPrincipalsFile=none more consistent
djm [Fri, 1 May 2015 04:17:51 +0000 (04:17 +0000)]
make handling of AuthorizedPrincipalsFile=none more consistent
with other =none options; bz#2288 from Jakub Jelen; ok dtucker@

9 years agoremove failed remote forwards established by muliplexing from the
djm [Fri, 1 May 2015 04:03:20 +0000 (04:03 +0000)]
remove failed remote forwards established by muliplexing from the
list of active forwards; bz#2363, patch mostly by Yoann Ricordel;
ok dtucker@

9 years agoreduce stderr spam when using ssh -S /path/mux -O forward -R 0:...
djm [Fri, 1 May 2015 04:01:58 +0000 (04:01 +0000)]
reduce stderr spam when using ssh -S /path/mux -O forward -R 0:...
ok dtucker@

9 years agoprevent authorized_keys options picked up on public key tests without
djm [Fri, 1 May 2015 03:23:51 +0000 (03:23 +0000)]
prevent authorized_keys options picked up on public key tests without
a corresponding private key authentication being applied to other
authentication methods. Reported by halex@, ok markus@

9 years agoDon't make parsing of authorized_keys' environment= option conditional
djm [Fri, 1 May 2015 03:20:54 +0000 (03:20 +0000)]
Don't make parsing of authorized_keys' environment= option conditional
on PermitUserEnv - always parse it, but only use the result if the
option is enabled. This prevents the syntax of authorized_keys changing
depending on which sshd_config options were enabled.

bz#2329; based on patch from coladict AT gmail.com, ok dtucker@

9 years agoPass fflag to VOP_POLL so vfs fifo functions can get at the file
millert [Fri, 1 May 2015 01:30:58 +0000 (01:30 +0000)]
Pass fflag to VOP_POLL so vfs fifo functions can get at the file
flags to check FREAD/FWRITE if needed.  This will be used by fifo_poll
to avoid checking the write end of the fifo when the fd is read-only.
OK guenther@

9 years agoConvert to if_input().
mpi [Thu, 30 Apr 2015 21:52:49 +0000 (21:52 +0000)]
Convert to if_input().

Tested by jmatthew@

9 years agoAvoid NULL deref in fd_getfile_mode(); OK deraadt@
millert [Thu, 30 Apr 2015 21:18:45 +0000 (21:18 +0000)]
Avoid NULL deref in fd_getfile_mode(); OK deraadt@

9 years agoConvert to if_input().
mpi [Thu, 30 Apr 2015 20:55:23 +0000 (20:55 +0000)]
Convert to if_input().

ok miod@

9 years agoreapply the rules of english to the option keywords: i was persuaded to undo it
jmc [Thu, 30 Apr 2015 20:19:04 +0000 (20:19 +0000)]
reapply the rules of english to the option keywords: i was persuaded to undo it
because the option names are case sensitive, but it just looks awful. so
expect just a little more from the reader...

9 years agoMerge two identical if() statements in ipsp_acquire_sa(). The
millert [Thu, 30 Apr 2015 20:12:33 +0000 (20:12 +0000)]
Merge two identical if() statements in ipsp_acquire_sa().  The
change in ip_spd.c 1.59 makes it appear that there is a cut & pasto.
OK mikeb@

9 years agoupdate currency exchange rates;
jmc [Thu, 30 Apr 2015 19:33:58 +0000 (19:33 +0000)]
update currency exchange rates;

9 years agosync
deraadt [Thu, 30 Apr 2015 19:31:35 +0000 (19:31 +0000)]
sync

9 years agoAdd smtpd(8) spool directories so that they are registered as part of base.
ajacoutot [Thu, 30 Apr 2015 19:02:15 +0000 (19:02 +0000)]
Add smtpd(8) spool directories so that they are registered as part of base.

ok henning@ gilles@ deraadt@

9 years agoSIZE_MAX is no longer in limits.h
millert [Thu, 30 Apr 2015 18:19:25 +0000 (18:19 +0000)]
SIZE_MAX is no longer in limits.h

9 years agoUnset SEPARATE_GOTPLT. We don't want a seperate .got.plt section on OpenBSD,
kettenis [Thu, 30 Apr 2015 17:56:18 +0000 (17:56 +0000)]
Unset SEPARATE_GOTPLT.  We don't want a seperate .got.plt section on OpenBSD,
at least for now, as it would result in a partially writable GOT.  Our
ld.so(1) has the smarts to properly write-protect the single .got, so we
don't need this.

ok guenther@