openbsd
9 years agoClean up some spacing. No functional change
mlarkin [Thu, 30 Apr 2015 15:49:02 +0000 (15:49 +0000)]
Clean up some spacing. No functional change

9 years agouse strdup() to init string
deraadt [Thu, 30 Apr 2015 15:28:03 +0000 (15:28 +0000)]
use strdup() to init string
ok doug millert

9 years agoDo not free & reallocate a new chunk of memory for the interface
mpi [Thu, 30 Apr 2015 15:19:50 +0000 (15:19 +0000)]
Do not free & reallocate a new chunk of memory for the interface
descriptor during SIOCSIFFLAGS.

This prevent a use after free, triggered by the pool/malloc damage
finder being currently cooked by dlg@ and deraadt@.

ok deraadt@

9 years agoAdd a comment about waitpid, suggested by espie@.
nicm [Thu, 30 Apr 2015 14:30:53 +0000 (14:30 +0000)]
Add a comment about waitpid, suggested by espie@.

9 years agoSet the correct media type for 1000baseLX SFPs.
jsg [Thu, 30 Apr 2015 14:17:26 +0000 (14:17 +0000)]
Set the correct media type for 1000baseLX SFPs.
Tested by/ok sthen@, ok mikeb@

9 years agoTweak comment so it doesn't imply line buffering is needed (any will do
nicm [Thu, 30 Apr 2015 14:16:49 +0000 (14:16 +0000)]
Tweak comment so it doesn't imply line buffering is needed (any will do
so long as it is explicit), and set stderr to NBF not LBF. Pointed out
by espie@.

9 years agoAdd warning when user specifies -R but no files, like GNU grep.
millert [Thu, 30 Apr 2015 13:49:04 +0000 (13:49 +0000)]
Add warning when user specifies -R but no files, like GNU grep.
OK schwarze@ ian@

9 years agoRemove SIZE_MAX from limits.h. It was added years ago before we
millert [Thu, 30 Apr 2015 13:42:08 +0000 (13:42 +0000)]
Remove SIZE_MAX from limits.h.  It was added years ago before we
had a proper stdint.h.  No ports fallout.  OK guenther@ miod@

9 years agoAllow use of 1Gb 1000baseLX SFPs in 82599 ix(4) SFP+ port. Adapted from
sthen [Thu, 30 Apr 2015 13:24:36 +0000 (13:24 +0000)]
Allow use of 1Gb 1000baseLX SFPs in 82599 ix(4) SFP+ port. Adapted from
Linux commit 345be204dcbb. ok jsg@ mikeb@

9 years agoFRELE returns an int not void. It is actually the return value
millert [Thu, 30 Apr 2015 11:46:16 +0000 (11:46 +0000)]
FRELE returns an int not void.  It is actually the return value
of fdrop() (or 0 if the ref count is non-zero).  From Kanonenvogel

9 years agoNow we use p_filesz - 1 to test for NUL check that p_filesz is
jsg [Thu, 30 Apr 2015 11:15:28 +0000 (11:15 +0000)]
Now we use p_filesz - 1 to test for NUL check that p_filesz is
at least two and while here allow the upper bound to be
MAXPATHLEN by changing a >= to > as suggested by krw@ in a thread
on tech where Maxime Villard proposed additional PT_INTERP checks.

tested by and ok guenther@

9 years agoLink report descriptors to known sensors.
mpi [Thu, 30 Apr 2015 10:09:31 +0000 (10:09 +0000)]
Link report descriptors to known sensors.

Since HID buffers always start by a reportID we can access the corresponding
report descriptor in O(1).  Having a list of sensors attached to each report
descriptor makes it easier to update all of them with only on I/O request.

Note that sensors are attached in depency order on every report list.

From David Higgs.

9 years agoInstead of using a single flat array for all sensors, put all the
mpi [Thu, 30 Apr 2015 10:00:50 +0000 (10:00 +0000)]
Instead of using a single flat array for all sensors, put all the
children of a sensor in a separate structure.

Children sensors should only be probbed if their parent is active.
This make the dependency tree explicit and will reduce the number
of I/O.

From David Higgs.

9 years agoConvert to if_input(), tweak and ok dlg@
mpi [Thu, 30 Apr 2015 09:25:13 +0000 (09:25 +0000)]
Convert to if_input(), tweak and ok dlg@

9 years agoIndroduce fd_getfile_mode() and use it were fd_getfile() is directly
mpi [Thu, 30 Apr 2015 09:20:51 +0000 (09:20 +0000)]
Indroduce fd_getfile_mode() and use it were fd_getfile() is directly
followed by a mode check.  This will simplify the ref/unref dance as
soon as fd_getfile() will increment fp's reference counter.

Idea from and ok guenther@, ok millert@

9 years agouse adolf, not adolph, for hitler, to keep it consistent;
jmc [Thu, 30 Apr 2015 09:12:49 +0000 (09:12 +0000)]
use adolf, not adolph, for hitler, to keep it consistent;
remove his suicide entry since it's already listed, more completely,
in calendar.history;

from craig skinner

9 years agoNo need to set `rcvif', if_input() does it for you!
mpi [Thu, 30 Apr 2015 07:52:00 +0000 (07:52 +0000)]
No need to set `rcvif', if_input() does it for you!

9 years agoConvert moar drivers to if_input().
mpi [Thu, 30 Apr 2015 07:51:07 +0000 (07:51 +0000)]
Convert moar drivers to if_input().

ok dlg@

9 years agoError out if the PT_INTERP segment isn't NUL terminated
guenther [Thu, 30 Apr 2015 03:11:21 +0000 (03:11 +0000)]
Error out if the PT_INTERP segment isn't NUL terminated

ok deraadt@ millert@ miod@

9 years agoIf a block body gets broken, that's no good reason to extend the
schwarze [Wed, 29 Apr 2015 21:57:50 +0000 (21:57 +0000)]
If a block body gets broken, that's no good reason to extend the
scope of the end macro.  Instead, only keep the tail scope open if
the end macro macro calls an explicit macro and actually breaks
that.  This corrects syntax tree structure and fixes an assertion
found by jsg@ with afl (test case 098/Apr27).

9 years agoReplace the kludge for the \z escape sequence by an actual
schwarze [Wed, 29 Apr 2015 18:32:57 +0000 (18:32 +0000)]
Replace the kludge for the \z escape sequence by an actual
implementation.  As a side effect, minus ten lines of code.

As another side effect, this also fixes the assertion failure that
used to be triggered by "\z\o'ab'c" at the beginning of an output
line, found by jsg@ with afl (test case 022/Apr27).

9 years agoIn most cases, IP fragments do not have an Ethernet padding. So
bluhm [Wed, 29 Apr 2015 18:05:56 +0000 (18:05 +0000)]
In most cases, IP fragments do not have an Ethernet padding.  So
add a condition to save a useless call to m_adj() and have a paranoid
length check in the other cases.
OK henning@

9 years agosome fine-tuning in SYNOPSIS, usage, and order of options, with jmc
henning [Wed, 29 Apr 2015 16:56:31 +0000 (16:56 +0000)]
some fine-tuning in SYNOPSIS, usage, and order of options, with jmc

9 years agog/c unneeded second char * var, ok benno
henning [Wed, 29 Apr 2015 16:46:39 +0000 (16:46 +0000)]
g/c unneeded second char * var, ok benno

9 years agoDo not complain when directions fail.
nicm [Wed, 29 Apr 2015 16:26:17 +0000 (16:26 +0000)]
Do not complain when directions fail.

9 years agoAdd tmux and tmux-256color entries; this can be used inside tmux for
nicm [Wed, 29 Apr 2015 16:01:48 +0000 (16:01 +0000)]
Add tmux and tmux-256color entries; this can be used inside tmux for
correct italics support.

ok naddy (on a slightly older version)

9 years agoUse if_get() after every tsleep(), in case the bottom half of the driver
deraadt [Wed, 29 Apr 2015 16:00:06 +0000 (16:00 +0000)]
Use if_get() after every tsleep(), in case the bottom half of the driver
has destroyed or damaged the interface clone.
with mpi

9 years agoIf default-terminal is set to "screen" or "screen-*", emulate screen's
nicm [Wed, 29 Apr 2015 15:59:08 +0000 (15:59 +0000)]
If default-terminal is set to "screen" or "screen-*", emulate screen's
historical (incorrect) behaviour for SGR 3 and send smso
(standout). Previously, we would send sitm (italics) if the terminal
outside had it and smso otherwise. This was acceptably until recently
because xterm's terminfo entry lacked sitm, so most users got smso.

People who want italics should set default-terminal to the forthcoming
"tmux" entry (and be prepared to deal with it being missing on older
hosts).

As a side-effect this changes default-terminal to be a server rather
than a session option.

suggested by and ok naddy

9 years agoDo not mark a block with the MDOC_BROKEN flag if it merely contains
schwarze [Wed, 29 Apr 2015 14:48:17 +0000 (14:48 +0000)]
Do not mark a block with the MDOC_BROKEN flag if it merely contains
a mismatching explicit end macro without actually being broken.
Avoids a subsequent upward search for the non-existent breaker
ending up in a NULL pointer access; afl test case 005/Apr27 from jsg@.

9 years agoWhen the last line of a table layout turns out to be empty, it is deleted.
schwarze [Wed, 29 Apr 2015 12:44:10 +0000 (12:44 +0000)]
When the last line of a table layout turns out to be empty, it is deleted.
Do not just free the struct tbl_row but also make sure that no pointer
to it remains.  Fixing a use after free found by jsg@ with afl.

9 years agoCheck arguments before eval so we don't end up with a cryptic error message.
ajacoutot [Wed, 29 Apr 2015 11:05:16 +0000 (11:05 +0000)]
Check arguments before eval so we don't end up with a cryptic error message.
reported by jasper@

While here: _rc_is_supported() -> _rc_not_supported()
- saves a fork
- reduces triple negation to double negation in _rc_not_supported()
- simplifie condition for rc_restart=NO
from schwarze@

ok jasper@ schwarze@

9 years agoImprove the error message in case somebody has configured an invalid PAGER.
schwarze [Wed, 29 Apr 2015 11:03:48 +0000 (11:03 +0000)]
Improve the error message in case somebody has configured an invalid PAGER.
Suggested by Lorenzo Beretta <lory dot fulgi at infinito dot it>.

9 years agosupport passing a template file for the auto-allocation to disklabel.
henning [Wed, 29 Apr 2015 09:58:16 +0000 (09:58 +0000)]
support passing a template file for the auto-allocation to disklabel.
template gives mountpoints, min-max size ranges and percentage of disk
foremost intended for autoinstalls, installer bits to follow soon.
with input from many, ok theo

9 years agoMake some regular expressions more strict. This allows the tests
bluhm [Wed, 29 Apr 2015 08:45:53 +0000 (08:45 +0000)]
Make some regular expressions more strict.  This allows the tests
to pass also if relayd is compiled with DEBUG.

9 years agoWhen the HTTP client did close the connection while relayd was still
bluhm [Wed, 29 Apr 2015 08:41:24 +0000 (08:41 +0000)]
When the HTTP client did close the connection while relayd was still
parsig the HTTP header, the session was never destroyed.  This
resulted in a file descriptor leak.
Add a check wether the protocol knows how much data to expect.  If
relayd is reading unlimited data or is expecting nothing to read,
ignore the end-of-file.  Otherwise it is a protocol violation, so
close the session immediately.
While there, make relayd compile with DEBUG defined.
Based on a diff from claudio@; tested by claudio@; OK claudio@ benno@

9 years agothe non braced do while made my teeth hurt
deraadt [Wed, 29 Apr 2015 06:37:14 +0000 (06:37 +0000)]
the non braced do while made my teeth hurt

9 years agoAlso generate db_structinfo.txt with struct member offset and size info
guenther [Wed, 29 Apr 2015 06:06:38 +0000 (06:06 +0000)]
Also generate db_structinfo.txt with struct member offset and size info

prodded by deraadt@ and miod@

9 years agoDelete the duplicated sched_{policy,param} members from the internal struct
guenther [Wed, 29 Apr 2015 06:01:37 +0000 (06:01 +0000)]
Delete the duplicated sched_{policy,param} members from the internal struct
pthread and instead use the values from the embedded struct pthread_attr.
For bonus points, pay attention to the sched_inherit attribute and possibly
set the values from the parent thread.

Problem noted by natano of bitrig.

9 years agoAdd tests for ListenAddress/Port/AddressFamily in alternate orders.
dtucker [Wed, 29 Apr 2015 05:23:27 +0000 (05:23 +0000)]
Add tests for ListenAddress/Port/AddressFamily in alternate orders.

9 years agoRemove a check for NULL that would have been after a NULL dereference
jsg [Wed, 29 Apr 2015 04:43:25 +0000 (04:43 +0000)]
Remove a check for NULL that would have been after a NULL dereference
if callers of save_vec() weren't expected to pass a non NULL pointer
as an argument.

ok kettenis@

9 years agoMove a variable's initialisation so a panic will work as intended.
jsg [Wed, 29 Apr 2015 04:29:23 +0000 (04:29 +0000)]
Move a variable's initialisation so a panic will work as intended.

ok guenther@ deraadt@

9 years agoChange internal xrealloc() to a idiom-following xreallocarray().
deraadt [Wed, 29 Apr 2015 04:00:25 +0000 (04:00 +0000)]
Change internal xrealloc() to a idiom-following xreallocarray().
This loses a "new size is 0" failure case.  Probably not relevant;
and since we develop this in OpenBSD, we'll catch that before someone
else imports this...
ok millert

9 years agoAllow ListenAddress, Port and AddressFamily in any order. bz#68,
dtucker [Wed, 29 Apr 2015 03:48:56 +0000 (03:48 +0000)]
Allow ListenAddress, Port and AddressFamily in any order.  bz#68,
ok djm@, jmc@ (for the man page bit).

9 years agoAdd whitespace and replace OPENSSL_free with free in documentation.
doug [Wed, 29 Apr 2015 02:11:09 +0000 (02:11 +0000)]
Add whitespace and replace OPENSSL_free with free in documentation.

ok jsing@

9 years agoCall CBB_add_space() rather than reimplementing it.
doug [Wed, 29 Apr 2015 02:02:46 +0000 (02:02 +0000)]
Call CBB_add_space() rather than reimplementing it.

ok jsing@

9 years agoRename cbb_buffer_add_u to cbb_add_u and remove redundant code.
doug [Wed, 29 Apr 2015 01:49:28 +0000 (01:49 +0000)]
Rename cbb_buffer_add_u to cbb_add_u and remove redundant code.

All of cbb_buffer_add_u's callers first call CBB_flush and send cbb->base.
cbb_add_u() now has that common code in one place.

ok jsing@

9 years agoAdded len_len error checking for internal cbb_buffer_add_u().
doug [Wed, 29 Apr 2015 01:39:32 +0000 (01:39 +0000)]
Added len_len error checking for internal cbb_buffer_add_u().

ok jsing@

9 years agoCall CBS_mem_equal() rather than reimplementing it.
doug [Wed, 29 Apr 2015 01:31:39 +0000 (01:31 +0000)]
Call CBS_mem_equal() rather than reimplementing it.

ok jsing@

9 years agoAvoid NULL deref in CBS_get_any_asn1_element().
doug [Wed, 29 Apr 2015 01:27:34 +0000 (01:27 +0000)]
Avoid NULL deref in CBS_get_any_asn1_element().

This function is documented as allowing NULL for out_header_len.

ok jsing@

9 years agoAdded error checking for len argument in cbs_get_u().
doug [Wed, 29 Apr 2015 01:23:20 +0000 (01:23 +0000)]
Added error checking for len argument in cbs_get_u().

tweak + ok jsing@

9 years agofree() can handle NULL.
doug [Wed, 29 Apr 2015 01:16:06 +0000 (01:16 +0000)]
free() can handle NULL.

ok jsing@

9 years agoAdd missing #include <stdint.h> for SIZE_MAX
millert [Wed, 29 Apr 2015 00:42:12 +0000 (00:42 +0000)]
Add missing #include <stdint.h> for SIZE_MAX

9 years agoReject dNSName of " " for subjectAltName extension.
doug [Wed, 29 Apr 2015 00:24:31 +0000 (00:24 +0000)]
Reject dNSName of " " for subjectAltName extension.

RFC 5280 says " " must not be used as a dNSName.

ok jsing@ jca@

9 years agoAdd missing #include <stdint.h> for SIZE_MAX
millert [Wed, 29 Apr 2015 00:13:26 +0000 (00:13 +0000)]
Add missing #include <stdint.h> for SIZE_MAX

9 years agoAdd missing BN_CTX_end() calls.
doug [Wed, 29 Apr 2015 00:11:12 +0000 (00:11 +0000)]
Add missing BN_CTX_end() calls.

After calling BN_CTX_start(), there must be a BN_CTX_end() before
returning.  There were missing BN_CTX_end() calls in error paths.  One diff
chunk was simply removing redundant code related to this.

ok deraadt@

9 years agoVERBOSESTATUS or no VERBOSESTATUS, failed or missing dumps are still
halex [Wed, 29 Apr 2015 00:10:44 +0000 (00:10 +0000)]
VERBOSESTATUS or no VERBOSESTATUS, failed or missing dumps are still
worth noting

"go ahead" schwarze@

9 years agoExplicitly include .codepatch and .codepatchend in .rodata such that
kettenis [Tue, 28 Apr 2015 22:29:24 +0000 (22:29 +0000)]
Explicitly include .codepatch and .codepatchend in .rodata such that
the binutils 2.17 linker doesn't make them disappear.

ok deraadt@, guenther@

9 years agoajacoutot spotted a problem with the new sshd logic (to disable root logins
sthen [Tue, 28 Apr 2015 21:41:40 +0000 (21:41 +0000)]
ajacoutot spotted a problem with the new sshd logic (to disable root logins
by default completely in most cases, except where a public ssh key was provided
to autoinstall) - in the case where a (non-root) account was created, sshd
was being disabled; this diff fixes it. Looks good ajacoutot, OK djm@,
extensive testing+OK rpe@,

9 years agoProtect the per-process itimerval structs with a mutex. We update these
kettenis [Tue, 28 Apr 2015 20:54:18 +0000 (20:54 +0000)]
Protect the per-process itimerval structs with a mutex.  We update these
from hardclock() which runs without grabbing the kernel lock.  This means
that two threads could concurrently update the struct which could lead to
corruption of the value which in turn could stop the timer.  It could also
result in getitimer(2) returning a non-normalized value.

With help from guenther@.

ok deraadt@, guenther@

9 years agoDon't grab the kernel lock for clock interrupts. The way we use mutexes
kettenis [Tue, 28 Apr 2015 18:39:13 +0000 (18:39 +0000)]
Don't grab the kernel lock for clock interrupts.  The way we use mutexes
these days is incompatible with that practice and leads to deadlocks.

ok jsing@

9 years agoMake sure to overwrite sdl_type after calling ether_ifattach().
mpi [Tue, 28 Apr 2015 14:51:50 +0000 (14:51 +0000)]
Make sure to overwrite sdl_type after calling ether_ifattach().

Fix a problem found by Johan Huldtgren, ok phessler@

9 years agoFix a memory leak in an error path found by Maxime Villard's
jsg [Tue, 28 Apr 2015 14:07:47 +0000 (14:07 +0000)]
Fix a memory leak in an error path found by Maxime Villard's
Brainy Code Scanner.

9 years agotidy up the prebind text; prompted by zhuk
jmc [Tue, 28 Apr 2015 14:07:16 +0000 (14:07 +0000)]
tidy up the prebind text; prompted by zhuk

9 years agoenviroment -> environment: apologies to darren for not spotting that first
jmc [Tue, 28 Apr 2015 13:47:38 +0000 (13:47 +0000)]
enviroment -> environment: apologies to darren for not spotting that first
time round...

9 years agoIf looking for an index, don't fill in window when given a session.
nicm [Tue, 28 Apr 2015 12:09:24 +0000 (12:09 +0000)]
If looking for an index, don't fill in window when given a session.

9 years agoDo not do a search for the tty path if there isn't one.
nicm [Tue, 28 Apr 2015 11:57:20 +0000 (11:57 +0000)]
Do not do a search for the tty path if there isn't one.

9 years agoIf can't find pane as a pane, try as a window; likewise if can't find
nicm [Tue, 28 Apr 2015 11:33:17 +0000 (11:33 +0000)]
If can't find pane as a pane, try as a window; likewise if can't find
window as a session.

9 years agoAdd select-layout -o to undo the last layout change (apply the previously
nicm [Tue, 28 Apr 2015 10:43:13 +0000 (10:43 +0000)]
Add select-layout -o to undo the last layout change (apply the previously
set layout).

9 years agoFix typo in previous
dtucker [Tue, 28 Apr 2015 10:25:15 +0000 (10:25 +0000)]
Fix typo in previous

9 years agoDocument that the TERM environment variable is not subject to SendEnv
dtucker [Tue, 28 Apr 2015 10:17:58 +0000 (10:17 +0000)]
Document that the TERM environment variable is not subject to SendEnv
and AcceptEnv.  bz#2386, based loosely on a patch from jjelen at redhat,
help and ok jmc@

9 years agoIn rtsx(4), condense the list of support chips in a comment, remove the unused
stsp [Tue, 28 Apr 2015 07:55:13 +0000 (07:55 +0000)]
In rtsx(4), condense the list of support chips in a comment, remove the unused
F_5227 flag, sort PCI IDs, and fix a typo in a comment. No functional change.
from brad

9 years agoSomeone went to the trouble of vertically aligning a set of parameters but
mlarkin [Tue, 28 Apr 2015 05:54:31 +0000 (05:54 +0000)]
Someone went to the trouble of vertically aligning a set of parameters but
missed one. This diff is only a spacing change.

9 years agoAdd a missing free in the error path.
lteo [Tue, 28 Apr 2015 02:26:43 +0000 (02:26 +0000)]
Add a missing free in the error path.

ok nicm@

9 years agoRework sshd enable root login questions in light of sshd PermitRootLogin
djm [Mon, 27 Apr 2015 23:17:11 +0000 (23:17 +0000)]
Rework sshd enable root login questions in light of sshd PermitRootLogin
default change. The new default is not to ask to enable root logins
when a non-root user has been addedi. There is some additional sublety
for auto-installs that provide root ssh keys.

patch by myself and rpe@ with feedback from sthen@;
ok rpe@ deraadt@ sthen@

9 years agoDo not include unattached clients when trying to find one for target.
nicm [Mon, 27 Apr 2015 22:58:58 +0000 (22:58 +0000)]
Do not include unattached clients when trying to find one for target.

9 years agoReset cfg_ncauses to 0 as well or we could allocate the wrong size if
nicm [Mon, 27 Apr 2015 22:50:35 +0000 (22:50 +0000)]
Reset cfg_ncauses to 0 as well or we could allocate the wrong size if
called again.

9 years agoAssign to the right variable when comparing clients.
nicm [Mon, 27 Apr 2015 22:42:10 +0000 (22:42 +0000)]
Assign to the right variable when comparing clients.

9 years agoMake sshd default to PermitRootLogin=no;
djm [Mon, 27 Apr 2015 21:42:48 +0000 (21:42 +0000)]
Make sshd default to PermitRootLogin=no;
ok deraadt@ rpe@

9 years agoLet the HTTP client close the connection within an incomplete header
bluhm [Mon, 27 Apr 2015 20:01:59 +0000 (20:01 +0000)]
Let the HTTP client close the connection within an incomplete header
line.  Check that the session in relayd gets closes and it does not
result in a file descriptor leak.
Bug in relayd found by claudio@.

9 years agoSimplify remote(5) example file and remove stuff not supported by cu(1).
nicm [Mon, 27 Apr 2015 19:12:27 +0000 (19:12 +0000)]
Simplify remote(5) example file and remove stuff not supported by cu(1).

some tweaks from sobrado@, ok deraadt@

9 years agoRewrite of the target resolution internals to be simpler and more
nicm [Mon, 27 Apr 2015 16:25:57 +0000 (16:25 +0000)]
Rewrite of the target resolution internals to be simpler and more
consistent but with much less duplication, but keeping the same internal
API. Also adds more readable aliases for some of the special tokens used
in targets (eg "{start}" instead of "^"). Some behaviours may have
changed, for example prefix matches now happen before fnmatch.

9 years agoDo not call nd6_purge() before purging the IPv6 addresses of a detached
mpi [Mon, 27 Apr 2015 14:51:44 +0000 (14:51 +0000)]
Do not call nd6_purge() before purging the IPv6 addresses of a detached
interface.

Fix a use after free introduced in r1.98 of netinet6/in6.c and recently
exposed by a crazy pool/malloc damage finder being currently refined by
dlg@ and deraadt@.

ok mikeb@, henning@

9 years agoUse a systrace(4) sandbox with a short whitelist of allowed syscalls for
nicm [Mon, 27 Apr 2015 13:52:17 +0000 (13:52 +0000)]
Use a systrace(4) sandbox with a short whitelist of allowed syscalls for
the file(1) child process. Based on similar code in ssh sandbox-systrace.c.
Idea and help from deraadt@.

9 years agoAdd a _file user and use for privsep, ok deraadt
nicm [Mon, 27 Apr 2015 13:48:06 +0000 (13:48 +0000)]
Add a _file user and use for privsep, ok deraadt

9 years agoAdd simple privilege separation to file(1). Two processes, file
nicm [Mon, 27 Apr 2015 13:41:45 +0000 (13:41 +0000)]
Add simple privilege separation to file(1). Two processes, file
descriptors and a few other bits are opened in parent and passed to
child using imsg. Child currently drops to "nobody" but this will change.

9 years agoAdjust ld semantics to make static PIE the default. Forgotten by pascal@.
kettenis [Mon, 27 Apr 2015 13:25:10 +0000 (13:25 +0000)]
Adjust ld semantics to make static PIE the default.  Forgotten by pascal@.

Original commit message:

Change gcc and ld semantics to make static PIE the default when invoking
'cc -static'.  To explicitly request the legacy behaviour, use -nopie.

For the few port affected by this, bumps will follow shortly.

looks good to kettenis@, ok kurt@

9 years agoremove some extraneous text; ok nicm
jmc [Mon, 27 Apr 2015 11:12:49 +0000 (11:12 +0000)]
remove some extraneous text; ok nicm

9 years agosync with rev 1.99 of sbin/route/show.c
benno [Mon, 27 Apr 2015 09:54:04 +0000 (09:54 +0000)]
sync with rev 1.99 of sbin/route/show.c
requested by claudio@ and mpi@

9 years agoroute show does not need to filter unwanted af itself, the sysctl does
benno [Mon, 27 Apr 2015 09:51:58 +0000 (09:51 +0000)]
route show does not need to filter unwanted af itself, the sysctl does
that for us.
approach seems sound deraadt@
ok claudio@ mpi@ henning@ phessler@

9 years agoSince upd(4) currently supports a known but limited number of sensors,
mpi [Mon, 27 Apr 2015 09:14:45 +0000 (09:14 +0000)]
Since upd(4) currently supports a known but limited number of sensors,
parse the HID descriptor multiple times to find them.

This logic is necessary to later create a tree of sensors in order to
avoid lookups in the hot path for sensors that depend on the value of
others.

From David Higgs.

9 years agoUpdate list of card readers supported by rtsx(4). From brad.
stsp [Mon, 27 Apr 2015 09:07:49 +0000 (09:07 +0000)]
Update list of card readers supported by rtsx(4). From brad.

9 years agoIf the requested pane is already active, do not unzoom the window (or do
nicm [Mon, 27 Apr 2015 07:49:36 +0000 (07:49 +0000)]
If the requested pane is already active, do not unzoom the window (or do
anything else). Prevents mouse clicking when zoomed causing unzoom,
reported by Jose Antonio Delgado Alfonso (with a different fix).

9 years agowith more unit convertion when new sensors will appear.
mpi [Mon, 27 Apr 2015 07:41:41 +0000 (07:41 +0000)]
with more unit convertion when new sensors will appear.

From David Higgs.

9 years agoMake use of DEVNAME(), from David Higgs.
mpi [Mon, 27 Apr 2015 07:37:19 +0000 (07:37 +0000)]
Make use of DEVNAME(), from David Higgs.

9 years agoCorrectly write the 64bits of the HID 1, 4 and 5 registers.
mpi [Mon, 27 Apr 2015 07:20:57 +0000 (07:20 +0000)]
Correctly write the 64bits of the HID 1, 4 and 5 registers.

This makes the secondary cpu of my PowerMac as fast as the primary one,
and divide the build time by 3 with a GENERIC.MP kernel on MP G5s

Found thanks to MP kernel profiling.

ok dlg@, miod@

9 years agoNot all Linux libc's include linux/sysctl.h in sys/sysctl.h.
bcook [Mon, 27 Apr 2015 03:37:06 +0000 (03:37 +0000)]
Not all Linux libc's include linux/sysctl.h in sys/sysctl.h.

Include it if we have the sysctl syscall.

9 years agoSupport AIX versions without WPAR support.
bcook [Mon, 27 Apr 2015 03:34:43 +0000 (03:34 +0000)]
Support AIX versions without WPAR support.

From Michael Felt.

9 years agomore OPENSSL=no fixes; ok dtucker@
djm [Mon, 27 Apr 2015 01:53:37 +0000 (01:53 +0000)]
more OPENSSL=no fixes; ok dtucker@

9 years agofix compilation with OPENSSL=no; ok dtucker@
djm [Mon, 27 Apr 2015 01:52:30 +0000 (01:52 +0000)]
fix compilation with OPENSSL=no; ok dtucker@

9 years agoInclude stdio.h for FILE (used in sshkey.h) so it compiles with OPENSSL=no.
dtucker [Mon, 27 Apr 2015 00:37:53 +0000 (00:37 +0000)]
Include stdio.h for FILE (used in sshkey.h) so it compiles with OPENSSL=no.