Commit Graph

4797 Commits

Author SHA1 Message Date
Brooks Davis
f954ec0bcf Introduce a new helper function check_search() derived for res_hnok to
check the domain-name parameter according to the rules for "search"
strings as documented in resolv.conf(5).  Specifically, the string must
be no more than 256 bytes long and contain no more than six valid domain
names separated by white space.

The previous unchecked values could result in a mangled resolv.conf
file which could effectively deny access to local sites.  This is not
a security issue as rogue dhcp servers could already do this without
sending invalid strings.

Reviewed by:	cperciva
MFC After:	3 days
2005-08-30 18:20:46 +00:00
Christian S.J. Peron
c313f09bfb When using files as backing stores for devices, and the user has requested the
device be created read+write, check to see if the backing store is read only
through the use of the access(2) system call. If this check fails returning
EACCES, EPERM or EROFS then gracefully downgrade the access to read only. Also
print a warning message to stderr, informing the user that the access mode
they requested is not available.

This behavior used to be handled by md(4) but was changed in revision 1.154

Discussed with:	pjd, phk, Dario Freni <saturnero at freesbie dot org>
Reviewed by:	phk
2005-08-30 16:45:32 +00:00
Marcel Moolenaar
4a8718928d This script was helpful during development, but has no reason to
be kept alive. Removal is long overdue as it is.
2005-08-30 06:20:20 +00:00
Marcel Moolenaar
14cbcc591c Don't print the total number of partitions removed now that we print
the name of the partitions that we remove. A summary is unnecessary
and even makes parsing of the output more difficult.

MFC after: 1 week
2005-08-30 06:16:31 +00:00
Maxim Sobolev
db45c56d7d Extend utility to allow recovering single file from the deffective
media.

MFC after:      2 weeks
2005-08-29 23:08:01 +00:00
Giorgos Keramidas
fc3643bb24 Make it clear that the .ko extention of a module to be loaded
is optional.

PR:		docs/85356
Submitted by:	Julien Gabel <jpeg@thilelli.net>
MFC after:	3 days
2005-08-27 22:25:51 +00:00
Marius Strobl
52a7b796a4 As with NO_CRYPT, don't try to compile geli(8) when NO_OPENSSL is defined
either.

MFC after:	1 week
2005-08-27 20:51:12 +00:00
Brooks Davis
001f040a03 The $medium string often contains quoted values with spaces in them (ssids,
for example).  Follow the example of the ISC script and wrap ifconfig
calls using $medium in eval "..." so this works.

Reported by:	iedowse
2005-08-26 20:31:04 +00:00
Takanori Watanabe
cf5a7ef8d1 Update Document. 2005-08-26 11:39:38 +00:00
Brooks Davis
753d6c0327 In read_string(), when the last character was a backslash, unincrement
the output index instead of keeping what ever trash was in the buffer.

Reported by:	iedowse
2005-08-26 01:25:59 +00:00
Brooks Davis
6ae27cb6ce Use a more robust, grep-free command to get the interface of the current
default route.

Submitted by:	Rostislav Krasny <rosti dot bsd at gmail dot com>
2005-08-26 01:07:51 +00:00
Brooks Davis
7e82455ea8 Don't and/remove a route to our assigned IP through 127.0.0.1. It
serves no apparent purpose (we commented this out ages ago in the ISC
scripts) and cases problems with some ADSL setups.

Reported by:	Rostislav Krasny <rosti dot bsd at gmail dot com>
2005-08-26 01:02:38 +00:00
Brooks Davis
1469b42c7d MFOpenBSD rev 1.9: fix a buffer overflow when processing config file
lines that are exactly 81 characters in length.

Obtained from:	OpenBSD
MFC After:	3 days
2005-08-24 00:05:04 +00:00
Brooks Davis
8794fdbb48 Add __FBSDID to all .c files in dhclient to aid in determining file
versions when dealing with user problems.
2005-08-23 23:59:55 +00:00
Christian S.J. Peron
4d3d08301e FreeBSD unconditionally supports write filters now. 2005-08-23 01:35:38 +00:00
Pawel Jakub Dawidek
dd549194ae By default, when doing crypto work in software, start as many threads
as we have active CPUs and bind each thread to its own CPU.

MFC after:	3 days
2005-08-21 18:12:51 +00:00
Simon L. B. Nielsen
b92f49fa86 Remove reference to raid(4), the RAIDframe manual page, which was
deleted a while ago.

PR:		docs/85142
Submitted by:	Jeremy Chadwick <freebsd@jdc.parodius.com>
MFC after:	3 days
2005-08-20 09:10:31 +00:00
Pawel Jakub Dawidek
7a5c26fcbd Allow to change number of iterations for PKCS#5v2. It can only be used
when there is only one key set.

MFC after:	3 days
2005-08-19 22:19:25 +00:00
Pawel Jakub Dawidek
829781048d Move function for calculating number of bits into more central place.
I want to use it so more.

MFC after:	3 days
2005-08-19 22:13:09 +00:00
Ian Dowse
a00a259113 Add the ability to specify the boot2 serial console speed in
/boot.config or on the "boot:" prompt line via a "-S<speed>" flag,
e.g. "-h -S19200". This adds about 50 bytes to the size of boot2
and required a few other small changes to limit the size impact.
This changes only affects boot2; there are further loader changes
to follow.
2005-08-18 00:42:45 +00:00
Pawel Jakub Dawidek
4cb6ca7622 Update manual page (now dedicated kernel thread is always started).
MFC after:	3 days
2005-08-17 15:27:23 +00:00
Christian Brueffer
8d8b579597 Clarify how the 'channel' argument should look like and add an
example on how to obtain information on devices on an ata channel.

PR:		84676
Submitted by:	Kevin Oberman <oberman@es.net>
		Jeremie Le Hen <jeremie@le-hen.org>
MFC after:	3 days
2005-08-16 21:14:25 +00:00
Gleb Smirnoff
9ff95228e8 Implement a new feature for ping(8) - sweeping pings. In a sweeping
ping ICMP payload of packets being sent is increased with given step.
Sweeping pings are useful for testing problematic channels, MTU
issues or traffic policing functions in networks.

PR:		bin/82625
Submitted by:	Chris Hellberg <chellberg juniper.net> (with some cleanups)
2005-08-15 14:15:37 +00:00
Ian Dowse
3b89beb171 Attempt to improve the logic for automatically sizing partitions
to take into account the new default of starting the first partition
after the boot blocks instead of at sector 0. If you used automatic
sizing when the first partition did not start at 0, you would get
an error that the automatically sized partition extended beyond the
end of the disk.

Note that there are probably still many more complex cases where
automatic sizing and placement will not work (e.g. non-contiguous
or out of order partitions).
2005-08-14 22:46:50 +00:00
Pawel Jakub Dawidek
a73148d28d Unfortunately dlerror(3) returns string, so there is no clean way to
ignore "no such file" errors only, which I wanted to do.
Because of this I ignored all other errors on dlopen(3) failure as well,
which isn't good.
Fix this situation by calling access(2) on library file first and ignore
only ENOENT error. This allows to report all the rest of dlopen(3) errors.

MFC after:	3 days
2005-08-14 21:55:18 +00:00
Ian Dowse
9405aea2e2 Don't treat failure to find the operator GID as a fatal error; this
made it impossible to use newfs (and mdmfs) when /etc/group is
missing and /etc is read-only.
2005-08-14 17:07:04 +00:00
Pawel Jakub Dawidek
5b5a030fa4 When keys were configured without passphrase, number of iterations in
metadata is equal to -1. if we then wanted to attach provider (or change
keys) and forget about '-p' flag it failed on assertion (quite ok, without
assertion it could call PKCS#5v2 with 4294967295 iterations).

Instead of failing on assertion, remind about '-p' flag.

MFC after:	3 days
2005-08-14 14:13:07 +00:00
Andrew Thompson
db7d6dc145 Document two missed if_bridge commands 'addr' and 'static'.
Noticed by:	Michal Mertl
Approved by:	mlaier (mentor)
MFC after:	3 days
2005-08-14 03:28:08 +00:00
Sam Leffler
29f0e92957 add list mac and mac:kick support
Submitted by:	Michal Mertl (original version)
MFC after:	2 weeks
2005-08-13 17:38:09 +00:00
Bjoern A. Zeeb
9066356ba1 * Add dynamic sysctl for net.inet6.ip6.fw.
* Correct handling of IPv6 Extension Headers.
* Add unreach6 code.
* Add logging for IPv6.

Submitted by:	sysctl handling derived from patch from ume needed for ip6fw
Obtained from:	is_icmp6_query and send_reject6 derived from similar
		functions of netinet6,ip6fw
Reviewed by:	ume, gnn; silence on ipfw@
Test setup provided by: CK Software GmbH
MFC after:	6 days
2005-08-13 11:02:34 +00:00
Pawel Jakub Dawidek
325319eb3d GELI doesn't need cryptodev.
MFC after:	2 days
2005-08-12 07:44:42 +00:00
Pawel Jakub Dawidek
9417a618d1 Add code for Ext2FS and ReiserFS labels recognition.
Submitted by:	Stanislav Sedov <stas@310.ru>
PR:		kern/84638
MFC after:	1 week
2005-08-12 00:27:45 +00:00
Stefan Farfeleder
515faf2fbe The libedit update made a const cast necessary. 2005-08-07 20:53:33 +00:00
Søren Schmidt
3ea7aedd41 Fix status to report status from the given array. 2005-08-05 13:08:02 +00:00
Stefan Farfeleder
a3ae5e4ede Use socklen_t where appropriate. 2005-08-05 09:58:49 +00:00
Stefan Farfeleder
d414fcbc3e Garbage collect useless variables. 2005-08-05 07:39:39 +00:00
Stefan Farfeleder
435071dff3 Use the C99 syntax for designated initialisers. 2005-08-05 07:33:50 +00:00
Stefan Farfeleder
70382d5abe Fix commen typos. 2005-08-03 20:57:33 +00:00
Ruslan Ermilov
a5de1230a9 Add missing check for the NO_CRYPT build option.
Reported by:	Alexander Polakov
2005-08-02 20:12:30 +00:00
Sam Leffler
aeffcba3c1 Wireless suport fixups: add a bunch of stuff that's been in the
code but not documented (e.g. wme, mac acl) and correct some
information, etc.

Reviewed by:	brueffer
2005-08-02 19:13:13 +00:00
Sam Leffler
7c0cbd3bfa acm and ack are specified per-ac
MFC after:	3 days
2005-08-01 16:34:41 +00:00
Ceri Davies
b1f1271f26 Correct the description of the TAPE environment variable.
Based on:

PR:		docs/84200
Submitted by:	Gary W. Swearingen <garys at opusnet dot com>
MFC after:	1 week
2005-07-31 13:56:19 +00:00
Christian Brueffer
acc79971c2 Misc cleanup (spelling, grammar, mdoc, style, cut >80 char lines). 2005-07-30 13:27:15 +00:00
Sam Leffler
0c36e9bb67 oops, revert previous change 2005-07-30 03:30:29 +00:00
Sam Leffler
4e5771359e MFC: add fragthreshold parameter and accept - (or any) for rtsthreshold
Approved by:	re (kensmith)
2005-07-30 03:28:41 +00:00
Pawel Jakub Dawidek
16a563e2b4 Update manual page after ggate rewrite.
MFC after:	1 day
2005-07-29 11:22:13 +00:00
Pawel Jakub Dawidek
fd833a6a19 I actually do need libmd. 2005-07-29 10:06:57 +00:00
Brooks Davis
289d89d80f Further fix receive_packet() by using BPF_WORDALIGN to insure the offset
is properly aligned when we move to the next packet.

Obtained from:	ISC dhclient via krw at OpenBSD
2005-07-28 15:30:19 +00:00
Giorgos Keramidas
497dd0f938 Spell "partition" correctly.
PR:		docs/84198
Submitted by:	Gary W. Swearingen
MFC after:	3 days
2005-07-28 10:48:07 +00:00
Brooks Davis
acccb9aa83 Don't reject packets with server names containing characters that are
not allowed in domain names.  RFC 2132 does not list valid or invalid
characters and the ISC client accepts anything here.

Reported by:	ps
2005-07-28 00:24:39 +00:00