Commit Graph

69160 Commits

Author SHA1 Message Date
David Greenman
7228268aaa Fixed bug in calculation of amount of file to send when nbytes !=0 and
headers or trailers are supplied. Reported by Vladislav Shabanov
<vs@rambler-co.ru>.

PR:		33771
Submitted by:	Maxim Konovalov <maxim@macomnet.ru>
MFC after:	3 days
2002-01-22 17:32:10 +00:00
Hajimu UMEMOTO
fc50a44458 Do not taint ::/124 for localhost reverse table. 2002-01-22 17:22:41 +00:00
Ruslan Ermilov
322628519e Reincarnate SETUID code in man(1), not compiled in by default.
The code will be fixed for all known security vulnerabilities,
and a make.conf(5) knob (ENABLE_SUID_MAN) will be provided for
those who still want it installed setuid for whatever reasons.
2002-01-22 15:15:38 +00:00
Ruslan Ermilov
93dee74a5d Revert revision 1.57 -- ache@ axed /var/spool/uucp in BSD.var.dist,v 1.55. 2002-01-22 14:55:25 +00:00
Ruslan Ermilov
0dc5e09ec6 Fix the description of the O_NONBLOCK flag to match reality.
Prodded by:	Maxim Konovalov <maxim@macomnet.ru>
Obtained from:	BSD/OS
2002-01-22 14:18:55 +00:00
Ruslan Ermilov
0c7f152b7b Fix a typo I made in revision 1.5.
Submitted by:	trevor
2002-01-22 12:38:43 +00:00
Poul-Henning Kamp
1a25c86b3b In certain cases sbuf_printf() and sbuf_vprintf() could mistakely
make extendable sbufs as overflowed.

Approved by:	des
2002-01-22 11:22:55 +00:00
Joerg Wunsch
7109d65231 Mention that a minimal version of camcontrol(8) is now available in the
installation environment (currently only for i386 releases).
2002-01-22 11:13:43 +00:00
Giorgos Keramidas
686c8fdcab Tiny style change. Whitespace only change.
Use tab after #define ENOTSUP.

Reviewed by:	mike
2002-01-22 10:44:40 +00:00
Ruslan Ermilov
6dd5958b99 Finish cleanup in chroot.c CSRG revision 5.6 by Keith Bostic
(never installed setuid, so don't need to reset the uid).

PR:		bin/34159
2002-01-22 10:44:02 +00:00
Ruslan Ermilov
fe42e96eff Finish cleanup in kvm.c revisions 1.10 and 1.11 -- mark sf (swapfile)
argument to kvm_open() and kvm_openfiles() as unused.

BSD didn't read swap since kvm.c CSRG revision 5.21 (u-area is pageable
under new VM.  no need to read from swap.)

The old !NEWVM code was removed in CSRG revision 5.23 (~ten years ago).
2002-01-22 10:07:03 +00:00
Kirk McKusick
03a2057a5b This patch fixes a long standing complaint with soft updates in
which small and/or nearly full filesystems would fail with `file
system full' messages when trying to replace a number of existing
files (for example during a system installation). When the allocation
routines are about to fail with a file system full condition, they
make a call to softdep_request_cleanup() which attempts to accelerate
the flushing of pending deletion requests in an effort to free up
space. In the face of filesystem I/O requests that exceed the
available disk transfer capacity, the cleanup request could take
an unbounded amount of time. Thus, the softdep_request_cleanup()
routine will only try for tickdelay seconds (default 2 seconds)
before giving up and returning a filesystem full error. Under typical
conditions, the softdep_request_cleanup() routine is able to free
up space in under fifty milliseconds.
2002-01-22 06:17:22 +00:00
Jun Kuriyama
5c4132e9a0 MFen (1.263 --> 1.264).
Fix typo.
2002-01-22 06:04:46 +00:00
Bruce A. Mah
1b11aef2ba hw.physmem is more properly a loader tunable, not an environment
variable (which is ambiguous).

Submitted by:	dwhite
2002-01-22 05:21:21 +00:00
Mike Barcroft
e1bc822ebe o Remove the -V [version number] option, since our version of at(1) no
longer resembles the original.
o Remove references to `you' in the manual.

Submitted by:	Joe Halpin <joe.halpin@attbi.com>
2002-01-22 03:04:15 +00:00
Andrew Gallatin
500c14f6af Don't read the sigcontext pointer directly from userspace. If the process
is swapped out, this can cause a system panic.  Copy it in, instead

tested by: Bernd Walter <ticso@cicely8.cicely.de>
2002-01-22 02:40:39 +00:00
Peter Wemm
755a585260 List bit 18 (reserved, apparently present on thunderbird cpus)
and bit 19 (athlon XP/MP rev 0x662 and later) for amd_features.

Submitted by:  dwcjr
2002-01-22 01:28:32 +00:00
Andrey A. Chernov
ee6ebaaa18 The idea of mapping non-existen characters to space (0x20) was nice alone,
but those maps also used as backward maps for Paste, so space becomes mapped
to last non-existen character on Paste as result.

Fix it by mapping non-existen characters to another non-existen one, i.e. to
0x00, so unused 0x00 can be backward-mapped to some junk without real harm.

Pointed by:	Alexander Kabaev <ak03@gte.com>
2002-01-21 21:52:02 +00:00
Poul-Henning Kamp
3ca627fefa Gah! last commit botched indentation, fix indentation and some other
white-space nits while at it.
2002-01-21 20:57:03 +00:00
Poul-Henning Kamp
b4a4f93c5e Restructure slightly, eliminating some repetitive source lines and
making GEOM patches simpler and more readable at the same time.
2002-01-21 20:50:06 +00:00
Dag-Erling Smørgrav
1e22a4f048 Link pam_opieaccess, pam_self and pam_ssh into the static library.
Sponsored by:	DARPA, NAI Labs
2002-01-21 20:43:01 +00:00
Dag-Erling Smørgrav
78eab69072 Add the necessary dependencies and linker flags for linking with a
static PAM library that includes pam_ssh.

Sponsored by:	DARPA, NAI Labs
2002-01-21 20:42:25 +00:00
Ollivier Robert
a6f7ec3ba2 Correct typos and macro usage.
PR:		33179, 33181, 33295
Submitted by:	Norihiro Kumagai <kumagai@attbi.com>
Reviewed by:	sheldonh (MAINTAINER)
MFC after:	2 days
2002-01-21 20:12:02 +00:00
Hajimu UMEMOTO
a4a6e77341 - Check the address family of the destination cached in a PCB.
- Clear the cached destination before getting another cached route.
  Otherwise, garbage in the padding space (which might be filled in if it was
  used for IPv4) could annoy rtalloc.

Obtained from:	KAME
2002-01-21 20:04:22 +00:00
Hajimu UMEMOTO
54c1b8821b - Check the address family of a cached destination, in case of
sharing the cache with IPv4.
- Check if the cached route is up in in6_selectsrc().

Obtained from:	KAME
2002-01-21 20:02:36 +00:00
Andrey A. Chernov
f650a12484 Remove my workaround fallback since PAM now do it properly. 2002-01-21 19:07:15 +00:00
Dag-Erling Smørgrav
b0aa095ad0 On second thought, getpwnam() failure should be treated just as if the user
existed, but had no OPIE key, i.e. PAM_IGNORE.

Pointed out by:	ache
Sponsored by:	DARPA, NAI Labs
2002-01-21 19:05:45 +00:00
Dag-Erling Smørgrav
b4b56d051a Return PAM_SERVICE_ERR rather than PAM_USER_UNKNOWN if getpwnam() fails, as
PAM_USER_UNKNOWN will break the chain, revealing to an attacker that the
user does not exist.

Sponsored by:	DARPA, NAI Labs
2002-01-21 18:53:03 +00:00
Dag-Erling Smørgrav
ae739ec469 Enable OPIE by default, using the no_fake_prompts option to hide it from
users who don't wish to use it.  If the admin is worried about leaking
information about which users exist and which have OPIE enabled, the
no_fake_prompts option can simply be removed.

Also insert the appropriate pam_opieaccess lines after pam_opie to break
the chain in case the user is logging in from an untrusted host, or has a
.opiealways file.  The entire opieaccess / opiealways concept is slightly
unpammish, but admins familiar with OPIE will expect it to work.

Reviewed by:	ache, markm
Sponsored by:	DARPA, NAI Labs
2002-01-21 18:51:24 +00:00
Dag-Erling Smørgrav
03adba96a0 Further changes to allow enabling pam_opie(8) by default:
- Ignore the {try,use}_first_pass options by clearing PAM_AUTHTOK before
   challenging the user.  These options are meaningless for pam_opie(8)
   since the user can't possibly know the right response before she sees
   the challenge.

 - Introduce the no_fake_prompts option.  If this option is set, pam_opie(8)
   will fail - rather than present a bogus challenge - if the target user
   does not have an OPIE key.  With this option, users who haven't set up
   OPIE won't have to wonder what that "weird otp-md5 s**t" means :)

Reviewed by:	ache, markm
Sponsored by:	DARPA, NAI Labs
2002-01-21 18:46:25 +00:00
Dag-Erling Smørgrav
f2c44ccec8 When running on a local terminal, set PAM_RHOST to the local hostname.
Sponsored by:	DARPA, NAI Labs
2002-01-21 16:19:38 +00:00
Ruslan Ermilov
8c3f5566ae RFC1122 requires that addresses of the form { 127, <any> } MUST NOT
appear outside a host.

PR:		30792, 33996
Obtained from:	ip_input.c
MFC after:	1 week
2002-01-21 13:59:42 +00:00
Dag-Erling Smørgrav
f460490260 Add a new module, pam_opieaccess(8), which is responsible for checking
/etc/opieaccess and ~/.opiealways so we can decide what to do after
pam_opie(8) fails.

Sponsored by:	DARPA, NAI Labs
Reviewed by:	ache, markm
2002-01-21 13:43:53 +00:00
Mike Pritchard
5ecd6127b9 Ispell sweep of share/man/man4/man4.i386. 2002-01-21 12:36:12 +00:00
Mike Pritchard
f87717fa8b Ispell sweep of share/man/man4. 2002-01-21 12:09:13 +00:00
Mike Pritchard
51d31ec2d8 Fix a typo in a comment field. 2002-01-21 11:10:32 +00:00
Mike Pritchard
8edd27f18f Fix spelling errors. 2002-01-21 10:28:18 +00:00
Josef Karthauser
c3da78970e Merge from NetBSD:
ohci.c:	-r1.69 to 1.71
    ohcireg.h:	-r1.14

Some of these deltas are based upon patches that we submitted back to
NetBSD.  They got manifested slightly differently though, so I've brought
back those differences to bring our code bases closer together.

The logs from the NetBSD version of ohci.c:

	revision 1.71
	date: 2000/02/01 05:42:52;  author: augustss;  state: Exp;  lines: +13 -2
	Put some #ifdefs around power and shutdown hooks.
	----------------------------
	revision 1.70
	date: 2000/01/31 22:35:13;  author: augustss;  state: Exp;  lines: +7 -7
	Rename TAILMASK to HEADMASK, since it really masks the head pointer.
	From FreeBSD.
	----------------------------
	revision 1.69
	date: 2000/01/31 22:09:13;  author: augustss;  state: Exp;  lines: +18 -14
	Change where the has table for physical-to-virtual address translation
	is handled.  Partly from FreeBSD.
2002-01-21 05:02:21 +00:00
Josef Karthauser
851522be27 Merge from NetBSD:
ohci.c:	-r1.68
    ohcireg.h:	-r1.13

	date: 2000/01/31 20:17:25;  author: augustss;  state: Exp;
	Fiddle with over-current protect when turning on port power to make
	things work for some OHCI controllers.
2002-01-21 04:24:33 +00:00
Josef Karthauser
3bedcae34f Merge from NetBSD:
revision 1.65
	date: 2000/01/25 12:06:21;  author: augustss;  state: Exp;  lines: +10 -2
	Add done method for root control transfers.
2002-01-21 04:15:39 +00:00
Josef Karthauser
4cd5d8f292 Merge from NetBSD:
revision 1.84
	date: 2000/01/28 00:44:27;  author: augustss;  state: Exp;  lines: +9 -2
	Add uhci_root_ctrl_done() method.
2002-01-21 03:44:00 +00:00
Josef Karthauser
ed98caba5f Merge from NetBSD:
uhci.c:	-r1.82
    uhcivar.h:	-r1.22

	date: 2000/01/26 10:04:39;  author: augustss;  state: Exp;
	Try to avoid accessing the HC if it is dead.  Suggested by mycroft.
2002-01-21 03:35:55 +00:00
Maxim Sobolev
dcd7d9b7b7 Allow dump device be configured as early as possible using loader(8) tunable.
This allows obtaining crash dumps from the panics occured during late stages
of kernel initialisation before system enters into single-user mode.

MFC after:	2 weeks
2002-01-21 01:16:11 +00:00
Brooks Davis
01b8b9e983 Add support for Linksys WDT11 PCI adaptors.
Submitted by:	Eric Liedtke <eliedtke@apogeetelecom.com>
2002-01-21 00:59:59 +00:00
Josef Karthauser
a87935da55 Remove some unused code, in line with NetBSD's version. 2002-01-20 23:56:46 +00:00
Josef Karthauser
aeab0647e8 Merge from NetBSD:
revision 1.125
	date: 2000/09/23 21:00:10;  author: augustss;  state: Exp;  lines: +19 -3
	Avoid "bandwidth reclamation" for control transfers.  The kue device chokes
	on it.
2002-01-20 23:48:43 +00:00
Josef Karthauser
519461f843 Merge from NetBSD:
uhci.c:	-r1.124
    uhcireg.h:	-r1.13

	date: 2000/08/13 18:20:14;  author: augustss;  state: Exp;
	Fix race condition when unlinking xfers.  Thanks to IWAMOTO Toshihiro
	<iwamoto@sat.t.u-tokyo.ac.jp> for analyzing the problem and suggesting a fix.
	Fixes PR 10662.
2002-01-20 23:38:33 +00:00
Makoto Matsushita
4b60693c3c MFS 1.536.2.52 (partial) and 1.536.2.70: kgzip loader if i386 (only).
5.0-CURRENT-20020121-JPSNAP was failed to build since kern.flp has no
space.  There is already a hack to kgzip loader, and it makes:

-r-xr-xr-x  1 root  wheel  163840 Jan 21 07:40 loader*
-r-xr-xr-x  1 root  wheel   90121 Jan 21 08:06 loader.kgz*

73719 bytes of free spaces to us.
2002-01-20 23:17:52 +00:00
Alfred Perlstein
767567d3c2 use mutex pools for "struct file" locking.
fix indentation of FILE_LOCK/UNLOCK macros while I'm here.
2002-01-20 22:58:08 +00:00
Alfred Perlstein
547ce823ef use mutex pool mutexes for uidinfo locking.
replace mutex_lock calls on uidinfo with macro calls:
  mtx_lock(&uidp->ui_mtx) -> UIDINFO_LOCK(uidp)

Terry Lambert <tlambert2@mindspring.com> helped with this.
2002-01-20 22:48:49 +00:00