openbsd
10 years agoDo not set RTF_MASK, it is not used anymore.
mpi [Thu, 14 Aug 2014 08:08:00 +0000 (08:08 +0000)]
Do not set RTF_MASK, it is not used anymore.

ok yasuoka@

10 years agofix logging strings (correct function name via __func__ + a typo)
blambert [Thu, 14 Aug 2014 07:55:17 +0000 (07:55 +0000)]
fix logging strings (correct function name via __func__ + a typo)

ok florian@ henning@

10 years agoRemove obsolete struct stat parameters.
chrisz [Thu, 14 Aug 2014 07:50:35 +0000 (07:50 +0000)]
Remove obsolete struct stat parameters.

ok reyk@

10 years agoadd some definitions from libdrm 2.4.56
jsg [Thu, 14 Aug 2014 03:57:44 +0000 (03:57 +0000)]
add some definitions from libdrm 2.4.56

10 years agofix date that got changed by Mdocdate
schwarze [Thu, 14 Aug 2014 02:54:14 +0000 (02:54 +0000)]
fix date that got changed by Mdocdate
and no longer matches the desired output

10 years agomandoc 1.13.1 has been released
schwarze [Thu, 14 Aug 2014 02:49:23 +0000 (02:49 +0000)]
mandoc 1.13.1 has been released

10 years agonew regression tests collected during recent work
schwarze [Thu, 14 Aug 2014 02:00:52 +0000 (02:00 +0000)]
new regression tests collected during recent work

10 years agoadd missing NOPTS arguments
schwarze [Thu, 14 Aug 2014 01:58:51 +0000 (01:58 +0000)]
add missing NOPTS arguments

10 years agoRevert previous, as requested by kristaps@.
schwarze [Thu, 14 Aug 2014 00:29:12 +0000 (00:29 +0000)]
Revert previous, as requested by kristaps@.
The .Bf block can contain subblocks, so it has to render as an
element that can contain flow content.  But <em> cannot contain
flow content, only phrasing content.  Rendering .Em and .Bf differently
would by unfortunate, and closing out .Bf before subblocks and
re-opening it afterwards would merely complicate both the C code
of the program and the generated HTML code.  Besides, converting
.Em to semantic HTML markup would require some content to be put
into <em> and some into <i>, but we cannot automatically distinguish
which is which, so strictly speaking, we can't use semantic HTML
here but have to fall back to physical markup.  Wonders of HTML...

10 years agoAdd a simple target to validate the syntax of -Thtml output.
schwarze [Thu, 14 Aug 2014 00:07:55 +0000 (00:07 +0000)]
Add a simple target to validate the syntax of -Thtml output.
Not hooked to the build yet because there are still too many bugs.

10 years agoBegin cleanup of scaling units.
schwarze [Wed, 13 Aug 2014 22:09:28 +0000 (22:09 +0000)]
Begin cleanup of scaling units.
Note that we use 240u := 1i for all devices, even -Tps and -Tpdf.
Big fix of -Tascii rendering of f, m, and u.
Small fix of -Tascii rendering of c.
Big fix of -Thtml rendering of u.
Big fix of -Tps rendering of m, p, and u.
Clarify -Tps rendering of c.
Correct documentation of scaling units, in particular with respect to u.
This for example improves rendering of the OpenGL manuals.
Joint work with kristaps@.

10 years agoAdd /usr/X11R6/share/X11/app-defaults
matthieu [Wed, 13 Aug 2014 21:19:56 +0000 (21:19 +0000)]
Add /usr/X11R6/share/X11/app-defaults

10 years agoFor a non-existent root we don't want the root prefix to show up in
chrisz [Wed, 13 Aug 2014 18:00:54 +0000 (18:00 +0000)]
For a non-existent root we don't want the root prefix to show up in
PATH_INFO.
Therefore put a lower bound of strlen(root) on scriptlen.
This makes perfect sense for virtual FastCGI scripts which run chrooted
in another directory from httpd.

ok reyk@

10 years agoAlways call freeaddrinfo after getaddrinfo.
tobias [Wed, 13 Aug 2014 17:41:58 +0000 (17:41 +0000)]
Always call freeaddrinfo after getaddrinfo.

ok dlg@

10 years agoProvide a failsafe version of the path_info() function that doesn't
reyk [Wed, 13 Aug 2014 16:04:28 +0000 (16:04 +0000)]
Provide a failsafe version of the path_info() function that doesn't
need a temporary path variable.  Based on an initial diff from
chrisz@.

"Commit any failsafe version and I'm ok with it" chrisz@

10 years agoUse <em> for .Em and .Bf -emphasis.
schwarze [Wed, 13 Aug 2014 15:19:24 +0000 (15:19 +0000)]
Use <em> for .Em and .Bf -emphasis.

The vast majority of .Em in real-world manuals is stress emphasis,
for which <em> is the correct markup.  Admittedly, there are some
instances of .Em usage for alternate quality, for which <i> would
be a better match.  Most of these are technical terms that neither
allow semantic markup nor are keywords - for the latter, .Sy would
be preferable.  A typical example is that the shell breaks input into
.Em words .
Alternate voice or mood, which would also require <i>, is almost
absent from manuals.
We cannot satisfy both stress emphasis and alternate quality, so
pick the one that fits more often and looks less wrong when off.

Patch from Guy Harris <guy at alum dot mit dot edu>.
ok bentley@ joerg@NetBSD

10 years agoCorrectly set the rtable ID of the packet header when sending
mpi [Wed, 13 Aug 2014 12:03:40 +0000 (12:03 +0000)]
Correctly set the rtable ID of the packet header when sending
Active Discovery Terminate packets.

ok mikeb@, henning@, phessler@

10 years agoBring IPFIX sequence numbers in line with the RFC; original
blambert [Wed, 13 Aug 2014 09:46:23 +0000 (09:46 +0000)]
Bring IPFIX sequence numbers in line with the RFC; original
diff from benno@.

ok benno@, florian@

10 years agoSpelling - "alignment" not "alignement". ok ratchov
nicm [Wed, 13 Aug 2014 08:42:46 +0000 (08:42 +0000)]
Spelling - "alignment" not "alignement". ok ratchov

10 years agofix early loop termination in httpd path_info()
chrisz [Wed, 13 Aug 2014 08:08:55 +0000 (08:08 +0000)]
fix early loop termination in httpd path_info()
without this fix httpd always put at least the first
path component in SCRIPT_NAME even when it did not exist.
Now for completely non-existant paths everything goes into
PATH_INFO.

10 years agomatch on Intel 9 series and 9 series LP PCH, and add 8 series KT to puc
jsg [Wed, 13 Aug 2014 07:45:37 +0000 (07:45 +0000)]
match on Intel 9 series and 9 series LP PCH, and add 8 series KT to puc
ok millert@

10 years agoregen
jsg [Wed, 13 Aug 2014 07:36:57 +0000 (07:36 +0000)]
regen

10 years agoAdd some more 9 series ids, correct some existing ones and add
jsg [Wed, 13 Aug 2014 07:36:21 +0000 (07:36 +0000)]
Add some more 9 series ids, correct some existing ones and add
9 series LP/Wildcat Point-LP entries.
ok millert@

10 years agomunmap correct object in (extremely unlikely, and effectively terminal)
deraadt [Wed, 13 Aug 2014 06:04:10 +0000 (06:04 +0000)]
munmap correct object in (extremely unlikely, and effectively terminal)
case of failing to map the 2nd object.
found by Paul Maurers

10 years agouse errc instead of juggling errno values in tftpd_listen.
dlg [Wed, 13 Aug 2014 01:03:56 +0000 (01:03 +0000)]
use errc instead of juggling errno values in tftpd_listen.

10 years agosetsockopt sets errno on failure, so we can use err instead of errx when
dlg [Wed, 13 Aug 2014 01:00:16 +0000 (01:00 +0000)]
setsockopt sets errno on failure, so we can use err instead of errx when
handling the error.

10 years agoMerge a patch that i successfully pushed to OpenSSL,
schwarze [Tue, 12 Aug 2014 20:36:41 +0000 (20:36 +0000)]
Merge a patch that i successfully pushed to OpenSSL,
original OpenSSL commit message follows:

Fixed as shown; to be released post-1.0.2
commit bebbb11d132cc149f7713d6693703f8bfae10072
Author: Ingo Schwarze <schwarze@usta.de>
Date: Sat Jan 18 11:46:25 2014 +0100

RT3239: Extra comma in NAME lines of two manpages

In two OpenSSL manual pages, in the NAME section, the last word of the
name list is followed by a stray trailing comma. While this may seem
minor, it is worth fixing because it may confuse some makewhatis(8)
implementations.

While here, also add the missing word "size" to the one line
description in SSL_CTX_set_max_cert_list(3).

Reviewed by: Dr Stephen Henson <shenson@drh-consultancy.co.uk>

10 years agoLower VM_PHYSSEG_MAX from the mips64 default to a generous 4, and change
miod [Tue, 12 Aug 2014 19:35:28 +0000 (19:35 +0000)]
Lower VM_PHYSSEG_MAX from the mips64 default to a generous 4, and change
allocation strategy to VM_PSTRAT_BIGFIRST.

10 years agoaddu -> PTR_ADDU when doing address arithmetic in the octeon-specific code path.
miod [Tue, 12 Aug 2014 19:33:59 +0000 (19:33 +0000)]
addu -> PTR_ADDU when doing address arithmetic in the octeon-specific code path.

10 years agoIn mdoc(7) and man(7), if a width is given as a bare number without
schwarze [Tue, 12 Aug 2014 19:27:57 +0000 (19:27 +0000)]
In mdoc(7) and man(7), if a width is given as a bare number without
specifying a unit, the implied unit is 'n' (on the terminal, one
character position; in PostScript, half of the current font size
in points), not 'u' (roff output device basic unit).  No functional
change right now, but important for the upcoming scaling unit fixes.

10 years agoThe macro SCALE_HS_INIT() is always passed the result of strlen() or
schwarze [Tue, 12 Aug 2014 19:19:42 +0000 (19:19 +0000)]
The macro SCALE_HS_INIT() is always passed the result of strlen() or
an equivalent number as its argument, and strlen() measures the width
of a string in characters, not in basic units.  No functional change
right now, but important for the upcoming scaling unit fixes.

10 years agoFinally implement what's stated in the man page regarding parent
mikeb [Tue, 12 Aug 2014 15:29:33 +0000 (15:29 +0000)]
Finally implement what's stated in the man page regarding parent
anchors for "once" rules: "In case this is the only rule in the
anchor, the anchor will be destroyed automatically after the rule
is matched."  Employ an additional pointer pair to keep track of
the parent ruleset containing the anchor that we want to remove.

OK henning

10 years agoReplace intrinsic ROTATE macros with an inline.
bcook [Tue, 12 Aug 2014 15:02:52 +0000 (15:02 +0000)]
Replace intrinsic ROTATE macros with an inline.

Without the cast/mask, the compiler is allowed to optimize this directly
to the correct CPU intrinsic for rotate.

10 years agoMake sure that pf_step_into_anchor always saves a pointer to the rule
mikeb [Tue, 12 Aug 2014 14:42:06 +0000 (14:42 +0000)]
Make sure that pf_step_into_anchor always saves a pointer to the rule
that owns the anchor on the pf anchor stack.  There's no reason why we
should check for depth here.  As a side effect this makes sure that the
correct nested anchor gets it's counter bumped instead of the top most.

For the save/restore symmetry pf_step_out_of_anchor is made to always
restore previous value of the anchor rule.  depth == 0 means what we a
at the top (main ruleset).

OK henning

10 years agoApart from some minor code reshuffling the big change is that we
mikeb [Tue, 12 Aug 2014 14:38:27 +0000 (14:38 +0000)]
Apart from some minor code reshuffling the big change is that we
start with a ruleset pointer assigned to pf_main_ruleset so that
pf_purge_rule doesn't get called with a NULL.

Prompted by the discussion with Alexandr Nedvedicky <alexandr !
nedvedicky at oracle ! com>.

OK henning

10 years agoroute_cb is internal to rtsock.c
mpi [Tue, 12 Aug 2014 13:52:08 +0000 (13:52 +0000)]
route_cb is internal to rtsock.c

10 years agoBetter cache information gathering. Only affects information put in dmesg.
miod [Tue, 12 Aug 2014 04:30:21 +0000 (04:30 +0000)]
Better cache information gathering. Only affects information put in dmesg.

10 years agoRevert 1.173 now that the real cause of the octeon regression has been fixed.
miod [Tue, 12 Aug 2014 04:29:05 +0000 (04:29 +0000)]
Revert 1.173 now that the real cause of the octeon regression has been fixed.

10 years agoPass 0 instead of uvm_map_hint() to uvm_map() in exec_md_map() to figure out
miod [Tue, 12 Aug 2014 04:28:07 +0000 (04:28 +0000)]
Pass 0 instead of uvm_map_hint() to uvm_map() in exec_md_map() to figure out
where to put the fpu assist page, for uvm_map_hint() may return an address
outside userland bounds due to aggressive randomization. Passing zero will
still get a random address, but correctly bounded.

10 years agosigh. when returning ENOENT in the sysctl path, unlock on the way out.
dlg [Tue, 12 Aug 2014 01:31:43 +0000 (01:31 +0000)]
sigh. when returning ENOENT in the sysctl path, unlock on the way out.

10 years agoi accidentally removed the check for whether the requested pool in
dlg [Tue, 12 Aug 2014 01:25:21 +0000 (01:25 +0000)]
i accidentally removed the check for whether the requested pool in
the sysctl path exists. return ENOENT instead of trying a NULL
deref.

10 years agobring back r1.135:
dlg [Tue, 12 Aug 2014 01:05:46 +0000 (01:05 +0000)]
bring back r1.135:

matthew@ noticed i wasnt populating npages in the kinfo_pool sent to
userland.

10 years agobring back r1.134:
dlg [Tue, 12 Aug 2014 01:01:11 +0000 (01:01 +0000)]
bring back r1.134:

inline is the new __inline

10 years agobring back r1.133. this is a bit different cos we're still using splvm to
dlg [Tue, 12 Aug 2014 00:59:27 +0000 (00:59 +0000)]
bring back r1.133. this is a bit different cos we're still using splvm to
protect pool_list rather than the rwlock that made i386 blow up:

use pool_count to report the number of pools to userland rather
than walking the list and counting the elements as we go.

use sysctl_rdint, sysctl_rdstring, and sysctl_rdstruct instead of
handcrafted copyouts.

10 years agoNo need to repeat other-end more than once, from Juho Pohjala. Also add
nicm [Mon, 11 Aug 2014 22:39:57 +0000 (22:39 +0000)]
No need to repeat other-end more than once, from Juho Pohjala. Also add
it to the commands list while here.

10 years agoFix two copy mode problems:
nicm [Mon, 11 Aug 2014 22:18:16 +0000 (22:18 +0000)]
Fix two copy mode problems:

1. In vi mode the selection doesn't include the last character if you
   moved the cursor up or left.
2. In emacs mode the selection includes the last character if you moved
   the cursor to the left.

From Balazs Kezes.

10 years agoAdd flags to selectp to enable and disable input to a pane, from Anish
nicm [Mon, 11 Aug 2014 22:14:30 +0000 (22:14 +0000)]
Add flags to selectp to enable and disable input to a pane, from Anish
Athalye.

10 years agoregen
millert [Mon, 11 Aug 2014 20:30:51 +0000 (20:30 +0000)]
regen

10 years agoAdd some Intel Z97 chipset devices; ok deraadt@
millert [Mon, 11 Aug 2014 20:30:22 +0000 (20:30 +0000)]
Add some Intel Z97 chipset devices; ok deraadt@

10 years agoStill need to separately set FD_CLOEXEC if the new fd was >= FDBASE.
guenther [Mon, 11 Aug 2014 20:28:47 +0000 (20:28 +0000)]
Still need to separately set FD_CLOEXEC if the new fd was >= FDBASE.
Affects scripts that directly use 9 of the first 10 fds.

noted by miod@

10 years agoTypo.
ajacoutot [Mon, 11 Aug 2014 20:24:57 +0000 (20:24 +0000)]
Typo.

ok kili@

10 years agoLet _rc_parse_conf stick to parsing /etc/rc.conf and /etc/rc.conf.local
kili [Mon, 11 Aug 2014 20:16:04 +0000 (20:16 +0000)]
Let _rc_parse_conf stick to parsing /etc/rc.conf and /etc/rc.conf.local
if it's invoked without parameters. It's simpler than adding adding
/etc/rc.conf and /etc/rc.conf.local parameters whereever _rc_parse_conf
is used (e.g. /etc/rc and /etc/netstart).

While here, replace a

        for foo in "$@"; do something; done

by

        for foo; do something; done

ok aja@

10 years agoDo not pmap_update(pmap_kernel()) within the `create mappings' loop, but only
miod [Mon, 11 Aug 2014 19:16:56 +0000 (19:16 +0000)]
Do not pmap_update(pmap_kernel()) within the `create mappings' loop, but only
once after it is over.

10 years agoDo not extern octeon_boot_info, <machine/octeonvar.h> declares it for you.
miod [Mon, 11 Aug 2014 19:00:50 +0000 (19:00 +0000)]
Do not extern octeon_boot_info, <machine/octeonvar.h> declares it for you.

10 years agoDo not use CKSEG0 to quickly map physical addresses, but XKPHYS, for we are
miod [Mon, 11 Aug 2014 18:56:49 +0000 (18:56 +0000)]
Do not use CKSEG0 to quickly map physical addresses, but XKPHYS, for we are
not limited to 512MB physmem.

10 years agoGet rid of the `quirks' member, which is never initialized (but by zero at
miod [Mon, 11 Aug 2014 18:52:54 +0000 (18:52 +0000)]
Get rid of the `quirks' member, which is never initialized (but by zero at
softc creation) anyway. Sorry, we are not trying to support SEIL-specific
hardware at this point.

10 years agoWhen parsing 32 bit values, verify that we received 4 bytes.
tobias [Mon, 11 Aug 2014 18:41:13 +0000 (18:41 +0000)]
When parsing 32 bit values, verify that we received 4 bytes.

ok krw@

10 years agovalidate len field for proper length, not just "not zero."
tobias [Mon, 11 Aug 2014 18:39:41 +0000 (18:39 +0000)]
validate len field for proper length, not just "not zero."

ok krw@

10 years ago-current dammit
miod [Mon, 11 Aug 2014 18:33:36 +0000 (18:33 +0000)]
-current dammit

10 years agoRemove evcnt and %b format strings relying upon SEIL extensions. This gives
miod [Mon, 11 Aug 2014 18:29:56 +0000 (18:29 +0000)]
Remove evcnt and %b format strings relying upon SEIL extensions. This gives
OCTEON_ETH_DEBUG kernels a chance to build. No functional change for regular
kernels.

10 years agoDe-static so that my ddb backtrace get closer to reality.
miod [Mon, 11 Aug 2014 18:08:17 +0000 (18:08 +0000)]
De-static so that my ddb backtrace get closer to reality.

10 years agoAdd option USER_PCICONF for pcidump(8) to be able to do its magic.
miod [Mon, 11 Aug 2014 16:54:20 +0000 (16:54 +0000)]
Add option USER_PCICONF for pcidump(8) to be able to do its magic.

10 years agomake a few variables more local
deraadt [Mon, 11 Aug 2014 15:26:33 +0000 (15:26 +0000)]
make a few variables more local

10 years agoUse the RTF_LOCAL flag instead of abusing the RTF_LLINFO flag when
mpi [Mon, 11 Aug 2014 13:51:07 +0000 (13:51 +0000)]
Use the RTF_LOCAL flag instead of abusing the RTF_LLINFO flag when
adding local route entries.

This hack made sense when we didn't have the RTF_LOCAL flag, but since
some months it is set on every local route.

10 years agobring back r1.132:
dlg [Mon, 11 Aug 2014 13:31:42 +0000 (13:31 +0000)]
bring back r1.132:

provide a pool_count global so we can figure out how many pools there are
active without having to walk the global pool_list.

10 years agoGuard RSA / RC4-5 ASM when NO_ASM is not defined
bcook [Mon, 11 Aug 2014 13:29:43 +0000 (13:29 +0000)]
Guard RSA / RC4-5 ASM when NO_ASM is not defined

Most assembly blocks remain inactive if OPENSSL_NO_ASM is not defined,
only enabling inline assembly, but the RSA / RC4-5 blocks (used only in
amd64 systems) turn on implicitly. Guard these two as well.

This simplifies enabling just inline ASM in portable, no effective
change in OpenBSD.

10 years agoMake it possible to pass arguments to _rc_parse_conf().
ajacoutot [Mon, 11 Aug 2014 13:25:23 +0000 (13:25 +0000)]
Make it possible to pass arguments to _rc_parse_conf().

ok robert@

10 years agodocument "tc";
jmc [Mon, 11 Aug 2014 12:57:14 +0000 (12:57 +0000)]
document "tc";
From: Edward

ok millert

10 years agoFewer <netinet/in_systm.h>
mpi [Mon, 11 Aug 2014 12:45:45 +0000 (12:45 +0000)]
Fewer <netinet/in_systm.h>

10 years agobring back r1.131:
dlg [Mon, 11 Aug 2014 12:37:36 +0000 (12:37 +0000)]
bring back r1.131:

take the pools mutex when copying stats out of it in the sysctl
path so we are guaranteed a consistent snapshot.

10 years agoPut back the checks about RTF_LOCAL routes now that userland tools are
mpi [Mon, 11 Aug 2014 11:59:05 +0000 (11:59 +0000)]
Put back the checks about RTF_LOCAL routes now that userland tools are
aware of them.

Original commit message was:

Reserve the highest route priority for kernel-managed routes and prevent
userland from playing with the local and broadcast flags.

ok claudio@

10 years agoConvert ARP llinfo allocation to pool(9).
mpi [Mon, 11 Aug 2014 11:50:41 +0000 (11:50 +0000)]
Convert ARP llinfo allocation to pool(9).

ok henning@, dlg@

10 years agoCheck the return value of sk_SSL_CIPHER_new_null(), since it allocates
jsing [Mon, 11 Aug 2014 10:46:19 +0000 (10:46 +0000)]
Check the return value of sk_SSL_CIPHER_new_null(), since it allocates
memory and can return NULL.

ok miod@

10 years agomissing memset in table_api.c (currently only used by pluggable tables)
gilles [Mon, 11 Aug 2014 09:50:51 +0000 (09:50 +0000)]
missing memset in table_api.c (currently only used by pluggable tables)

diff from Martijn van Duren

10 years agoDo not try to delete RTF_LOCAL entries. Such routes are automatically
mpi [Mon, 11 Aug 2014 09:47:56 +0000 (09:47 +0000)]
Do not try to delete RTF_LOCAL entries.  Such routes are automatically
created /deleted by the kernel when an IP address is added/removed
on/from an interface and should not be manipulated by userland tools.

ok henning@, jca@

10 years agoSteal stripcom() from /etc/rc to parse sysmerge.ignore.
ajacoutot [Mon, 11 Aug 2014 09:03:27 +0000 (09:03 +0000)]
Steal stripcom() from /etc/rc to parse sysmerge.ignore.

10 years agoadd a caveat about databases;
jmc [Mon, 11 Aug 2014 08:21:55 +0000 (08:21 +0000)]
add a caveat about databases;
From: Matthew Weigel

ok gilles

10 years agoMove a sentence to the corresponding option description.
ajacoutot [Mon, 11 Aug 2014 06:30:39 +0000 (06:30 +0000)]
Move a sentence to the corresponding option description.

from jmc@

10 years agoUnchecked memory allocation and potential leak upon error in
miod [Mon, 11 Aug 2014 04:46:42 +0000 (04:46 +0000)]
Unchecked memory allocation and potential leak upon error in
ssl3_get_cert_verify().
ok guenther@ jsing@

10 years agoRemove now-unused SSL2_STATE as well as ssl2-specific state machine values.
miod [Mon, 11 Aug 2014 04:45:19 +0000 (04:45 +0000)]
Remove now-unused SSL2_STATE as well as ssl2-specific state machine values.
ok guenther@ jsing@

10 years agostart catching up with recent code changes, but no new files yet
schwarze [Mon, 11 Aug 2014 04:18:18 +0000 (04:18 +0000)]
start catching up with recent code changes, but no new files yet

10 years agoCurrently, ssl3_put_char_by_bytes(NULL, NULL) is just a long handed way
jsing [Mon, 11 Aug 2014 01:10:42 +0000 (01:10 +0000)]
Currently, ssl3_put_char_by_bytes(NULL, NULL) is just a long handed way
of writing "2". Add a define for the SSL3_CIPHER_VALUE_SIZE (rather than
using a less-readable hardcoded constant everywhere) and replace the
ssl3_put_char_by_bytes(NULL, NULL) calls with it.

ok bcook@ miod@

10 years agoProvide a ssl3_get_cipher_by_id() function that allows ciphers to be looked
jsing [Mon, 11 Aug 2014 01:06:22 +0000 (01:06 +0000)]
Provide a ssl3_get_cipher_by_id() function that allows ciphers to be looked
up by their ID. For one, this avoids an ugly mess in ssl_sess.c, where the
cipher value is manually written into a buffer, just so the cipher can be
located using ssl3_get_cipher_by_char().

ok bcook@ miod@

10 years agoWrite the core file of a non-suid process into the current directory
bluhm [Sun, 10 Aug 2014 23:44:20 +0000 (23:44 +0000)]
Write the core file of a non-suid process into the current directory
even if sysctl kern.nosuidcoredump has been set to 2 or 3.  This
allows a regular user to debug his programs again.
OK guenther@ deraadt@

10 years agoThere was a race in relayd that caused connections to hang. It
bluhm [Sun, 10 Aug 2014 21:55:17 +0000 (21:55 +0000)]
There was a race in relayd that caused connections to hang.  It
happend with non-persistent PUT connections that had a very short
body.  If the whole body was read from the client before the
connection to the server was set up, the event callback was not
called.  Do the regular checks after relay_connect() succeeded.
OK reyk@

10 years agoImprove variables listing in x11/kde4 module description.
zhuk [Sun, 10 Aug 2014 21:09:26 +0000 (21:09 +0000)]
Improve variables listing in x11/kde4 module description.

10 years ago[] -> [[]]
rpe [Sun, 10 Aug 2014 20:54:17 +0000 (20:54 +0000)]
[] -> [[]]

OK krw@
"well ok" halex@

10 years ago- add -p to SYNOPSIS
jmc [Sun, 10 Aug 2014 17:15:18 +0000 (17:15 +0000)]
- add -p to SYNOPSIS
- the argument to -s is not optional

ok ajacoutot

10 years agoguenther wants a copyright
tedu [Sun, 10 Aug 2014 16:36:13 +0000 (16:36 +0000)]
guenther wants a copyright

10 years agoConvert if foo; then bar; fi blocks to foo && bar but leave out enable_network()
rpe [Sun, 10 Aug 2014 16:32:28 +0000 (16:32 +0000)]
Convert if foo; then bar; fi blocks to foo && bar but leave out enable_network()
because it shares code&style with /etc/netstart. No functional change.

with feedback and OK krw@ halex@

10 years agoTweak cipher list comments and add missing cipher value comments.
jsing [Sun, 10 Aug 2014 15:06:15 +0000 (15:06 +0000)]
Tweak cipher list comments and add missing cipher value comments.

10 years ago{ foo ; bar ; } -> { foo; bar; }
rpe [Sun, 10 Aug 2014 14:59:22 +0000 (14:59 +0000)]
{ foo ; bar ; } -> { foo; bar; }

OK krw@

10 years agoRemove disabled (weakened export and non-ephemeral DH) cipher suites from
jsing [Sun, 10 Aug 2014 14:57:04 +0000 (14:57 +0000)]
Remove disabled (weakened export and non-ephemeral DH) cipher suites from
the cipher list. This reduces code size, saves data segment space and
prevents them from being turned back on at runtime by flipping a bit in
memory.

ok guenther@

10 years agoSince we no longer need to support SSLv2-style cipher lists, start
jsing [Sun, 10 Aug 2014 14:42:55 +0000 (14:42 +0000)]
Since we no longer need to support SSLv2-style cipher lists, start
unravelling the maze of function pointers and callbacks by directly
calling ssl3_{get,put}_cipher_by_char() and removing the
ssl_{get,put}_cipher_by_char macros.

Prompted by similar changes in boringssl.

ok guenther.

10 years agoAsk for the descriptor size corresponding to the number of ports present
mpi [Sun, 10 Aug 2014 13:32:14 +0000 (13:32 +0000)]
Ask for the descriptor size corresponding to the number of ports present
in the hub, not from some random value from the stack.

10 years agoDo not allocate space for the whole structure when we just want to store
mpi [Sun, 10 Aug 2014 12:58:49 +0000 (12:58 +0000)]
Do not allocate space for the whole structure when we just want to store
a pointer, found by clang.

10 years agosizeof() a pointer of the right struct to appease clang.
mpi [Sun, 10 Aug 2014 12:48:43 +0000 (12:48 +0000)]
sizeof() a pointer of the right struct to appease clang.

10 years agoNote that qemu 1.7.2 has the VLAN bug fix, too
sf [Sun, 10 Aug 2014 12:28:09 +0000 (12:28 +0000)]
Note that qemu 1.7.2 has the VLAN bug fix, too

10 years agozap trailing whitespace
jasper [Sun, 10 Aug 2014 11:26:07 +0000 (11:26 +0000)]
zap trailing whitespace

10 years agosome Ev fixes;
jmc [Sun, 10 Aug 2014 11:23:02 +0000 (11:23 +0000)]
some Ev fixes;