Commit Graph

9568 Commits

Author SHA1 Message Date
David Schultz
170f850343 Remove the BUGS section introduced in rev 1.11 now that the problem
has been addressed.
2003-11-17 06:39:54 +00:00
David Schultz
71ff2d08cd Reimplement nologin(8) as a C program. This allows us to statically
link it at low cost and avoid environment poisoning attacks associated
with LD_LIBRARY_PATH.

Suggested by:	rwatson
2003-11-17 06:39:38 +00:00
David Schultz
4240849261 Document nologin(8) as being insecure in conjunction with a dynamic
root and suggest alternatives.
2003-11-17 00:08:28 +00:00
David Malone
de4aac0deb logerror is used in syslogd to log errors from syslogd itself. It
is possible for an error to occur while trying to log an error, and
this can result in infinite recursion (or at least until we run out
of stack).

Rather than this, we ignore requests to log an error while logging an
error.

PR:		51253
MFC after:	2 weeks
2003-11-16 21:51:06 +00:00
David Malone
3c453e20f9 Remove an argument to printf that is unused. 2003-11-16 21:42:00 +00:00
Nate Lawson
b1df3c5e22 Remove an annoying printf that somehow leaked into rev 1.21. 2003-11-16 08:41:24 +00:00
Tom Rhodes
f7d7038aa4 Make this WARNS 2 clean, and fix up the manual page:
Avoid implicit function calls by adding the proper include files.
Use const char copyright.
Fix some fprint formatting.

In the manual page:

Use the .Pa macro for filenames and locations.
Kill hard setence breaks.
Make use of the .Tn and .Dq macros.
Add some to text to the otherwise blank HISTORY section (taken from CVS).
2003-11-15 17:10:56 +00:00
Hartmut Brandt
89624a3490 Replace all uses of the old netgraph constants NG_*LEN by the new
constants NG_*SIZ that include the trailing NUL byte. This change
is mostly mechanical except for the replacement of a couple of snprintf()
and sprintf() calls with strlcpy.
2003-11-15 15:26:35 +00:00
Hajimu UMEMOTO
258a21fe7a - poll(2) support.
- simplify by strdup.
- set ai_protocol in hints to TCP.
- g/c FAITH_NS (no description, not maintained for years)
- warn if connection from IPv4 mapped is reached.
- IPV6_V6ONLY if possible.
- unifdef -UFAITH4.
- drop rsh/rlogin support.
- deal with negative return value from wait3.

Obtained from:	KAME
2003-11-14 17:34:08 +00:00
Hajimu UMEMOTO
cd8ce96d58 - need_trigger/idx should be u_int, not ssize_t.
- realloc pedant.
- set sin6_scope_id before sending (link-local/multicast) packets
- removed an incorrect comment
- don't age non-gateway host routes.
- not remove global addresses on loopback interface from routing table
  by route aging.

Obtained from:	KAME
2003-11-14 17:16:50 +00:00
Hajimu UMEMOTO
f768a332f8 - interface minimum MTU = 1280 in IPv6.
- simplify.

Obtained from:	KAME
2003-11-14 17:16:12 +00:00
Hajimu UMEMOTO
6d7256d9d6 our netstat is installed in /usr/bin. 2003-11-14 16:57:04 +00:00
Bruce Evans
e3937b620a Fixed spurious syntax errors for including files that don't begin with
a SEMICOLON token (a newline or semicolon, or one of these preceded
by a comment and/or whitespace).  The input stream was switched too
early and the parser was expecting a SEMICOLON in the included file
instead of after the filename in the include directive.

Submitted by:	Stefan Farfeleder <stefan@fafoe.narf.at>
Kept alive by:	Adam C. Migus <adam@migus.org>
2003-11-14 11:23:25 +00:00
Dag-Erling Smørgrav
49271db4a7 If the name of the mouse device starts with "/dev/ums", try to load the
ums module, and allow for up to five attempts to open the device, with
two-second pauses in between, to allow time for USB controllers and
devices to probe and attach.  My Gigabyte P4 Titan 848P motherboard has
a total of 15 ports on four hubs hanging off four controllers, and needs
at least half of that ten-second allowance to get ready.

MFC after:	7 days
2003-11-13 21:25:12 +00:00
Hajimu UMEMOTO
3174c1d413 - make command line argument parsing POSIX compliant. comment from
deraadt NOTE: -I needs to take an arg (there's no way we can take no
  arg/an arg with a single option)
- sscanf overrun
- no variable name on prototype.
- u_int32_t may not be u_long.
- skipped non-host route when printing neighbor cache entries.
- valid and preferred lifetimes are unsigned.
- wording.

Obtained from:	KAME
2003-11-13 16:02:44 +00:00
Poul-Henning Kamp
af8e163ec3 Fix a bug relating to the "files before directories" sort order when
comparing two spec files.
2003-11-13 11:02:57 +00:00
Hartmut Brandt
07841df0e6 Add an empty definition of the MIBS variable so that the makefile does
not try to use a MIBS definition from the environment.

Submitted by:	Joe Marcus Clarke <marcus@marcuscom.com>
2003-11-13 10:18:16 +00:00
Dag-Erling Smørgrav
b70d5d25f2 Whitespace cleanup. 2003-11-13 08:26:29 +00:00
Hajimu UMEMOTO
84a1a4cfab - setsockopt/sysctl takes int, not u_long.
- be more picky about argument parsing - like ERANGE.
- use u_long for args, not to lose accuracy/prevent overflow.
- socklen_t audit.
- Add -I (use icmp) option.
- warn if multiple addresses are present for dest.
- no need to pass tz.
- type pedant.  check -p range.
- grab hlim from sysctl.
- typo in port number setting.

Obtained from:	KAME
2003-11-12 18:56:59 +00:00
Hartmut Brandt
360b288fd2 The snmp_netgraph module depends on libnetgraph. So add a dependency and
add libnetgraph to the list of prebuilt libraries in the main Makefile.

Reviewed by:	ru
2003-11-12 17:09:13 +00:00
Hartmut Brandt
9d901d3b5f Get rid of the old constants which did not include the trailing NUL
and use the new constants which do.
2003-11-12 13:04:44 +00:00
Ken Smith
d1b10a6289 - Add a note that there are two MIB variables that have per-jail
settings.

Reviewed by:	rwatson
Approved by:	blackend (mentor)
2003-11-11 18:34:29 +00:00
Maksim Yevmenkin
0eff72054e Fix few typos
Reviewed by: imp, julian, ru
Approved by: imp (mentor)
2003-11-11 02:43:10 +00:00
Brian Somers
fb5a1d9297 Ignore case when comparing CHAP/CHAP81 responses
PR:		31771
2003-11-10 21:56:02 +00:00
Hartmut Brandt
723d6e6459 Correct the include path so that the include files are found
with include "...".
2003-11-10 14:04:34 +00:00
Hartmut Brandt
9bba371fbf Fix the build by adjusting the include directives. The problem was
that the sources use "..." includes to get at include files that
later on reside in an include sub-directory.
2003-11-10 13:43:26 +00:00
Hajimu UMEMOTO
db54001806 enable aes-xcbc-mac and aes-ctr, again. 2003-11-10 10:39:14 +00:00
Hartmut Brandt
5597389c40 Link the SNMP daemon for NgATM to the build. 2003-11-10 09:23:09 +00:00
Hartmut Brandt
91a2f929e4 Add the build infrastructure for the SNMP daemon that is the base
for the NgATM ILMI daemon and for the tree parsing helper program.
2003-11-10 09:22:40 +00:00
Hartmut Brandt
259ee3d78e Add build infrastructure for libbsnmp and the modules. Add the
netgraph module for the SNMP daemon.
2003-11-10 09:17:34 +00:00
Hidetoshi Shimokawa
0e49db83c5 Increase MAXDEV up to 10. 2003-11-09 14:49:43 +00:00
Hidetoshi Shimokawa
3a97f68f4f Cosmetic change. 2003-11-07 10:17:09 +00:00
Poul-Henning Kamp
d26516132c Add a small testcase for the new -f-f mode. 2003-11-05 22:26:39 +00:00
Poul-Henning Kamp
b3e66ec9df Give mtree(8) the ability to take [two -f spec] arguments and compare
the two specifications to each other.
2003-11-05 22:26:08 +00:00
Poul-Henning Kamp
93347ded1a Rename spec() and verify() functions to have mtree_ prefix and take
explicit file descriptor instead of assuming stdin.
2003-11-05 20:07:40 +00:00
Poul-Henning Kamp
11333b51ca Take advantage of the fact that we know the err(3) function does not
return to eliminate some else clauses and gain some "outdenting".
2003-11-05 20:05:05 +00:00
Hajimu UMEMOTO
cf43a05493 - do hexdump on send. set length field properly
- check for encryption/authentication key together with algorithm.
- warned if a deprecated encryption algorithm (that includes "simple")
  is specified.
- changed the syntax how to define a policy of a ICMPv6 type and/or a
  code, like spdadd ::/0 ::/0 icmp6 134,0 -P out none;
- random cleanup in parser.
- use yyfatal, or return -1 after yyerror.
- deal with strdup() failure.
- permit scope notation in policy string (-P
  esp/tunnel/foo%scope-bar%scope/use)
- simplify /prefix and [port].
- g/c some unused symbols.

Obtained from:	KAME
2003-11-05 09:47:54 +00:00
Brian Feldman
afdc68c42f Add a "-f" flag for asf(8) which performs a search to find the each module
no matter where in the directory structure it may be.  Use this and the "-k"
flag in the generated gdbinit files so that the "getsyms" function in gdb
requires no user intervention to run and will find every module if they're
in the kernel build's module directory.  This is still quite useful for
cases where gdb knows that the path for some modules is /boot/kernel and
others are in the object directory for /usr/src/sys/$ARCH/compile/kernel.

Approved by:	grog
2003-11-04 06:38:37 +00:00
Marcel Moolenaar
16918a3363 o Don't tell that there's such a thing as a C suffix for specifying
a partition size on ia64. It's not true.
o  Ask for a mountpoint for EFI partitions as well and check that it
   isn't "/".
o  On ia64 we may need to add EFI partitions. Make sure we pass the
   right arguments to Create_Chunk_DWIM() in that case.
2003-11-04 02:04:36 +00:00
Marcel Moolenaar
cb3e210e30 Build zzz(8) on ia64. It first checks ACPI before it checks for APM.
It will therefore always suspend using ACPI.
2003-11-03 04:25:55 +00:00
Marcel Moolenaar
697defc485 o Add PART_EFI so that we can use it instead of PART_FAT on ia64
to better deal with the fact that we need an EFI partition and
   that we need to have a mountpoint for it.
o  When creating a new partition, add EFI to the list of types
   the user can select from. This makes it easy to create an EFI.
o  Do not include wizard.c on ia64.
o  The user cannot create a partition on ia64 that's a multiple of
   the cylinder size. We don't have a notion of cyclinders.
2003-11-02 08:58:57 +00:00
Marcel Moolenaar
ceeef1c666 o Do not define WITH_SYSCONS and WITH_MICE on ia64. We cannot have
a generic kernel with syscons.
o  Do not define WITH_SLICES on ia64. We only label because we're
   going to create GPT disks.
2003-11-01 20:17:11 +00:00
Marcel Moolenaar
f7da19f20b o Compile-out "wizard" mode on ia64.
o  Also allow swap and filesystem partitions outside a freebsd slice.
   This is typically the case for GPT.
o  Allow chunks of type "whole" to be displayed at the top. This is
   to allow a GPT disk to be labeled. We need a slice out of which we
   can make partitions, but a GPT disk doesn't have slices. For GPT
   disks a chunk of type "whole" can then be used as a placeholder.
2003-11-01 20:14:06 +00:00
Marcel Moolenaar
fb8ce55cf5 o Compile-out "wizard" mode on ia64.
o  Do not set bootblocks on ia64. It's not even a functionality in
   libdisk on ia64.
2003-11-01 20:04:12 +00:00
Bruce Evans
7ee49c89f7 Fixed breakage of my world in rev.1.30. #include <sys/time.h> instead of
depending on namespace pollution in <sys/stat.h> for the declarations of
struct timeval and utimes().

Fixed some style bugs in rev.1.30 and some nearby style bugs (mainly
unsorting and missing or extra blank lines).

Removed a wrong comment that was obtained from NetBSD in rev.1.14.  It said
that chflags() reset the times that were set "above" by utimes(), but
utimes wasn't "above" in FreeBSD until rev.1.30, and chflags() does't
actually reset the times.
2003-11-01 08:43:54 +00:00
Brooks Davis
cd30ca946d Temporarily disconnect ipfstat, ipnat, and ipftest to unbreak world.
Pointy hat to:	brooks
2003-10-31 18:54:46 +00:00
Brooks Davis
9bf40ede4a Replace the if_name and if_unit members of struct ifnet with new members
if_xname, if_dname, and if_dunit. if_xname is the name of the interface
and if_dname/unit are the driver name and instance.

This change paves the way for interface renaming and enhanced pseudo
device creation and configuration symantics.

Approved By:	re (in principle)
Reviewed By:	njl, imp
Tested On:	i386, amd64, sparc64
Obtained From:	NetBSD (if_xname)
2003-10-31 18:32:15 +00:00
Poul-Henning Kamp
671d15ef2a Make mtree's update function update the modification time too.
Submitted by:	Dan Nelson <dnelson@allantgroup.com>
PR:	53063
2003-10-31 13:39:19 +00:00
SUZUKI Shinsuke
7a1413f972 fixe remote panic on short packet
Obtained from: KAME
2003-10-31 03:18:45 +00:00
Peter Wemm
482e283b1e Use -D to rename the log() function (extensively used) rather than
using the gcc-specific -fno-builtin-log switch.
2003-10-30 22:59:41 +00:00
Peter Wemm
c903443a2c Rename the 'log' variable rather than -fno-builtin-log 2003-10-30 22:57:43 +00:00
Peter Wemm
e2c617744f Rather than use the gcc -fno-builtin-log flag, just rename the 'int log'
variable.
2003-10-30 22:56:44 +00:00
Hajimu UMEMOTO
f71d0e1192 add ip6addrctl(8) which is a command to configure address
selection policy for IPv6 and IPv4 described in RFC3484.
source address selection part of RFC3484 is not merged
from KAME, yet.

Obtained from:	KAME
2003-10-30 17:46:40 +00:00
Poul-Henning Kamp
b585dc87cc Update test-case to also fail on filenames containing '#' 2003-10-30 12:40:54 +00:00
Poul-Henning Kamp
5d9f6ca65c Use vis(3) to encode/decode the target for symlinks.
Make vis(3) decode errors fatal for both symlink targets and fienames.
2003-10-30 12:03:25 +00:00
Poul-Henning Kamp
13b31fb0d8 Add another test-script for mtree(8): Check symlinks with space in them. 2003-10-30 12:01:32 +00:00
Poul-Henning Kamp
d474d12b52 Fix bug in mtree(8)'s create mode where files or directories with had
names containing glob(3) expressions would appear verbatim in the
output.

If such an mtree file were used by mtree in update mode, wrong things
would happen.
2003-10-30 10:48:43 +00:00
Poul-Henning Kamp
92817d311f Add a test script which Mtree fails. 2003-10-30 10:46:23 +00:00
Ruslan Ermilov
96fd764f25 Basic PAM authentication support. 2003-10-29 20:32:19 +00:00
Peter Wemm
144b6720d9 Disclaim ownership of pppd/chat. It is vendor code, but has been badly
neglected here.
2003-10-29 19:24:04 +00:00
Nate Lawson
4e36f5a1b9 Add a newline even if IAPC_BOOT_ARCH == 0. 2003-10-29 17:59:05 +00:00
Martin Blapp
11362b0945 Don't pass NULL as an integer.
Obtained from:  NetBSD
2003-10-29 09:31:41 +00:00
Martin Blapp
545fbf37df Don't compare a char to NULL.
Obtained from:  NetBSD
2003-10-29 09:30:37 +00:00
Hajimu UMEMOTO
36a8118753 fix comment. 2003-10-26 10:30:17 +00:00
Hajimu UMEMOTO
87931aff11 one more IPV6_PKTINFO -> IPV6_RECVPKTINFO. 2003-10-26 06:21:16 +00:00
Peter Wemm
422e293c7f Deal with xdrproc_t casts. Make these compile cleanly with WARNS=2
(but I haven't turned it on)
2003-10-26 06:14:10 +00:00
Hajimu UMEMOTO
47f0776134 Since semantic of IPV6_PKTINFO was changed in RFC3542, we need to
use IPV6_RECVPKTINFO instead.

Reported by:	someone (I had removed the mail wrongly, sorry)
2003-10-26 06:11:31 +00:00
Peter Wemm
75e40e4604 Make this compile cleanly. It passes WARNS=2, but I haven't checked
it is so on more platforms.
2003-10-26 06:10:44 +00:00
Peter Wemm
cf6453779c Fix a 64 bit time_t bogon that I missed from before. lastlog.ll_time is
not a time_t.
2003-10-26 06:01:06 +00:00
Peter Wemm
389b844652 Use -fno-builtin-log. Fix svc_sendreply() missing required casts.
It is now WARNS=2 clean again.
2003-10-26 05:58:21 +00:00
Peter Wemm
3bda2f43af Use -fno-builtin-log so gcc doesn't get ideas about using a math function
to log data.  Clean up an unused variable that was hidden by the WARNS?=2
being commented out.  Uncomment it now that it compiles cleanly again.
2003-10-26 05:54:07 +00:00
Peter Wemm
88b30ea68c Make this compile cleanly. Switch to using rpcgen to generate
code that can be compiled on an ansi-C compiler, so that it puts the
xdrproc_t casts in.  This also implies a slight function name change.
2003-10-26 05:51:51 +00:00
Peter Wemm
3cc5d9ed65 Make 64 bit safe. 2003-10-26 05:33:59 +00:00
Peter Wemm
02f474d6ba Disable the log() builtin (the math function), because it will not do much
logging of information like the program expects.
2003-10-26 03:15:54 +00:00
Peter Wemm
817a5d2482 When we pass a string as auxillary data (type long), be sure to convert
it to a suitable type for the initialization.
2003-10-26 03:12:47 +00:00
Peter Wemm
7ed21d3224 Fix a warning about mismatched pointers. A pointer to "void *" is not the
same as a pointer to "char *".  Tell the compiler this is ok.
2003-10-26 03:01:24 +00:00
John-Mark Gurney
b89fbbb14b fix spelling of ATTACH
Submitted by:	Johny Mattsson
MFC after:	2 week
(do to code freeze)
2003-10-25 22:03:10 +00:00
Hidetoshi Shimokawa
0cf85b0de8 update for conserver-8.0.4. 2003-10-25 14:53:53 +00:00
Hidetoshi Shimokawa
be162aff87 remove debug message. 2003-10-25 14:51:36 +00:00
John Baldwin
147c4b81bb - Renumber the skerberos4 dist to fill in the gaps left when krb4 was axed.
- Update the DIST_CRYPTO_ALL value to match reality.
2003-10-24 20:55:15 +00:00
Hajimu UMEMOTO
f95d46333d Switch Advanced Sockets API for IPv6 from RFC2292 to RFC3542
(aka RFC2292bis).  Though I believe this commit doesn't break
backward compatibility againt existing binaries, it breaks
backward compatibility of API.
Now, the applications which use Advanced Sockets API such as
telnet, ping6, mld6query and traceroute6 use RFC3542 API.

Obtained from:	KAME
2003-10-24 18:26:30 +00:00
Hajimu UMEMOTO
2b5e03118b show maxmtu.
Obtained from:	KAME
2003-10-24 18:00:17 +00:00
Hidetoshi Shimokawa
869093b15d Add dumb console driver and related bits.
dcons(4): very simple console and gdb port driver
dcons_crom(4): FireWire attachment
dconschat(8): User interface to dcons

Tested with: i386, i386-PAE, and sparc64.
2003-10-24 15:44:10 +00:00
Hartmut Brandt
b9ff618c3a Mention the fact that our crontab is not fully POSIX.2 conform, because
it doesn't allow the dangerous variant of calling it without any
argument.
2003-10-24 13:02:39 +00:00
Hartmut Brandt
d3a3b08778 Allow nghook to execute a program with the data socket connected to
stdin and stdout instead of relaying the data. Now it is possible
to say:

	nghook -e path: hook /usr/local/bin/foo arg1 arg2

and foo will have the hook to path: at file descriptors 0 and 1.

Add an option to specify control messages to be send to the node before
either executing the program or entering the data relay loop.
2003-10-24 10:01:36 +00:00
Hajimu UMEMOTO
c449e28482 - style
- index() -> strchr()
- stop use of MAXHOSTNAMELEN

Obtained from:	KAME
2003-10-23 17:36:29 +00:00
Hidetoshi Shimokawa
cfa42d3692 Add '0x' in front of EUI64 to avoid confusion. 2003-10-22 07:23:27 +00:00
Hajimu UMEMOTO
d24cb2490d stop use of NI_WITHSCOPEID. it was deprecated.
Obtained from:	KAME
2003-10-21 20:11:47 +00:00
Poul-Henning Kamp
3206e56993 Remove clause 3 in the copyrights (according to permission in src/COPYRIGHT)
Remove trailing whitespace.
2003-10-21 08:27:05 +00:00
Poul-Henning Kamp
4d169ae131 Remove "register" keywords.
Use newspeak functions definitions.
2003-10-21 07:58:52 +00:00
Dag-Erling Smørgrav
79ef1f32da Various NFS-related bug fixes (mostly related to using variable_get()
instead of variable_cmp() to test boolean rc.conf variables).

Submitted by:	hmp
2003-10-19 13:37:12 +00:00
Hajimu UMEMOTO
31423309c2 don't print ndp -i result if the interface is not
initialized

Obtained from:	KAME
2003-10-17 16:17:47 +00:00
Hajimu UMEMOTO
a96bd7843f - NI_WITHSCOPEID was deprecated
- use strlcpy() and snprintf()
- use err()
- style

Obtained from:	KAME
2003-10-17 11:46:40 +00:00
Hajimu UMEMOTO
2f4c5de968 - style
- rename variable
- use strlcpy
- const'fy

Obtained from:	KAME
2003-10-17 11:43:44 +00:00
Hajimu UMEMOTO
b42ac57f4f - support AES counter mode for ESP.
- use size_t as return type of schedlen(), as there's no error
  check needed.
- clear key schedule buffer before freeing.

Obtained from:	KAME
2003-10-13 14:57:41 +00:00
Tim J. Robbins
1a7c9b7f5e Fix two buffer overflows caused by off-by-one errors: avoid writing a null
character 1 byte past the end of cmdline[] when libedit is being used for
input, and avoid writing a null pointer 1 element past the end of margv[].

Reviewed by:		gad
2003-10-13 07:24:22 +00:00
Hajimu UMEMOTO
c65ee7c758 - support AES XCBC MAC for AH
- correct SADB_X_AALG_RIPEMD160HMAC to 8

Obtained from:	KAME
2003-10-13 04:54:51 +00:00
Maksim Yevmenkin
0986ab12e4 Update Bluetooth code.
Reviewed by: M. Warner Losh <imp@bsdimp.com>; John Hay <jhay@freebsd.org>
Approved by: M. Warner Losh <imp@bsdimp.com> (mentor)
2003-10-12 22:04:24 +00:00
Murray Stokely
907d866750 Update the number of ports. 2003-10-12 21:35:50 +00:00
Hajimu UMEMOTO
492528c051 - RIPEMD160 support
- pass size arg to ah->result (avoid assuming result buffer size)

Obtained from:	KAME
2003-10-12 09:41:42 +00:00