so I am backing it out for now. The problem is that some random program
calling crypt() could be passing a DES salt and the crypt(3) library
would encrypt it in md5 mode and there would be a password mismatch as a
result. I wrote a validater function for the DES code to verify that
a salt is valid for DES, but I realized there were too many strange things
to go wrong. passwd(1), pw(8) etc still generate md5 passwords by default
for /etc/master.passwd, so this is almost academic. It is a big deal for
things that have their own crypt(3)-ed password strings (.htaccess,
etc etc). Those are the things I do not want to break.
My DES salt recognizer basically checked if the salt was either 2 or
13 characters long, or began with '_' (_PASSWORD_EFMT1). I think it
would have worked but I have seen way too much crypt() mishandling
in the past.
one-way hash functions for authentication purposes. There is no more
"set the libcrypt->libXXXcrypt" nightmare.
- Undo the libmd.so hack, use -D to hide the md5c.c internals.
- Remove the symlink hacks in release/Makefile
- the algorthm is set by set_crypt_format() as before. If this is
not called, it tries to heuristically figure out the hash format, and
if all else fails, it uses the optional auth.conf entry to chose the
overall default hash.
- Since source has non-hidden crypto in it there may be some issues with
having the source it in some countries, so preserve the "secure/*"
division. You can still build a des-free libcrypt library if you want
to badly enough. This should not be a problem in the US or exporting
from the US as freebsd.org had notified BXA some time ago. That makes
this stuff re-exportable by anyone.
- For consistancy, the default in absence of any other clues is md5. This
is to try and minimize POLA across buildworld where folk may suddenly
be activating des-crypt()-hash support. Since the des hash may not
always be present, it seemed sensible to make the stronger md5 algorithm
the default.
All things being equal, no functionality is lost.
Reviewed-by: jkh
(flame-proof suit on)
process. This fixes a problem when attaching to a process in gdb
and the process staying in the STOP'd state after quiting gdb.
This whole process seems a bit suspect, but this seems to work.
Reviewed by: peter
parallel fsck's one per drive, use the shortest prefix ending in
a digit rather than the longest prefix ending in a digit.
This makes "/dev/ad0s1a" and "/dev/ad0s2a" appear to both reside
on the disk "/dev/ad0" and consequently they will be fsck'ed
sequentially rather than in parallel as now.
In general this heuristic is rather soft and errorprone. For
instance ccd may often reside on two or more physical disks. A
good solution would be to look for passes larger than 1 until no
disks are found in a particular pass, that way people could put
ccd stripes in pass 3... and have them fsck'ed sequentially.
Reviewed by: mjacob
with the driver locking up under load.
- Restructure so that we use a static pool of commands/FIBs, rather than
allocating them in clusters. The cluster allocation just made things
more complicated, and allowed us to waste more memory in peak load
situations.
- Make queueing macros more like my other drivers. This adds queue stats
for free. Add some debugging to take advantage of this.
- Reimplement the periodic timeout scan. Kick the interrupt handler
and the start routine every scan as well, just to be safe. Track busy
commands properly.
- Bring resource cleanup into line with resource allocation. We should
now clean up correctly after a failed probe/unload/etc.
- Try to start new commands when old ones are completed. We weren't doing
this before, which could lead to deadlock when the controller was full.
- Don't try to build a new command if we have found a deferred command.
This could cause us to lose the deferred command.
- Use diskerr() to report I/O errors.
- Don't bail if the AdapterInfo structure is the wrong size. Some variation
seems to be normal. We need to improve our handing of 2.x firmware sets.
- Improve some comments in an attempt to try to make things clearer.
- Restructure to avoid some warnings.
when using gdb on a remote target. The fix is to restrict PT_GETDBREGS
calls to `child' and `freebsd-uthreads' targets solely.
I've been in some conversation with Brian about this, and this solution
seems to be the most appropriate one.
PR: gnu/21685
Submitted by: bsd
in 4.2-REL which I ripped out in -stable and -current when implementing the
low-memory handling solution. However, maxlaunder turns out to be the saving
grace in certain very heavily loaded systems (e.g. newsreader box). The new
algorithm limits the number of pages laundered in the first pageout daemon
pass. If that is not sufficient then suceessive will be run without any
limit.
Write I/O is now pipelined using two sysctls, vfs.lorunningspace and
vfs.hirunningspace. This prevents excessive buffered writes in the
disk queues which cause long (multi-second) delays for reads. It leads
to more stable (less jerky) and generally faster I/O streaming to disk
by allowing required read ops (e.g. for indirect blocks and such) to occur
without interrupting the write stream, amoung other things.
NOTE: eventually, filesystem write I/O pipelining needs to be done on a
per-device basis. At the moment it is globalized.
GCC 2.7.2.3 as that was the version of GCC in active use before the switch
to ELF.
The GCC 2.9[67] versions of these files carry more baggage and I'm not sure
the are appropriate for this linker.
actually NOT '.' and '..'. Apparently this isn't the case when accessing
a directory via XFS over NFS on SGI systems. Since I don't have access to
an environment like that, this will sit out in -current for at least six
weeks. However, the patch proposed by the submitter seems acceptable, so
I've decided to commit it to the tree, in the hope that it will solve some
problems without bringing up others.
PR: 23300
Submitted by: Jim Pirzyk <Jim.Pirzyk@disney.com>
o Move the ax88190 code to its own function.
o Move all device_method_t, driver_t and DRIVER_MODULE definitions to the
end of files.
o Wrap a few lines > 80 characters.
o Use the same devclass for all ed drivers. This allows machines with
multiple types of cards to have their cards numbered correctly. Before,
you could wind up with two ed0's.
o Protect if_edvar.h from multiple includes because I was there.
o Add the removable_interfaces variable for list of removable network
interfaces (PC-card ethernet, wireless network and USB ethernet etc).
o ifconfig_<ifn>_alias0, static_routes_<ifn>, removable_route_flush,
/etc/start_if.<ifn> and /etc/stop_if.<ifn> are support.
o removable_route_flush variable is set to "NO" if you want to use the
machine as gateway using two or more removable network cards. If
static routing is needed use static_routes_<ifn> instead of
static_routes or defaultrouter.
o The optional static_routes_<ifn> variable is likely static_routes.
o /etc/start_if.<ifn> and /etc/stop_if.<ifn> are shell script to be
specified that are called when a card is inserted or removed.