most of the time (unless fork fails). This should fix the problem where
FreeBSD won't respond to a remote host and therefor the remote hosts
tries indefinitely to contact the FreeBSD hosts thereby irritating the
system administrator.
PR: misc/27810
implemented using a new VT_LOCKSWITCH ioctl. Although it is possible
to implement something like this by VT_SETMODEing to VT_PROCESS and
never releasing the vty, that method has a number of downsides, the
biggest of which is that some program has to stay resident for the
lock to be in effect.
Reviewed by: roam, sheldonh
sense. Since portmap/rpcbind is in /usr/sbin it doesn't make any sense for
nfsd and mountd to be in /sbin.
For the record, NetBSD has them in /usr/sbin while OpenBSD has them in /sbin
PR: bin/30972
Reviewed by: jake (mentor)
Objected to by: Andre Oppermann <oppermann@pipeline.ch>
After Andre's objection, I've re-examined rfc 2759 and noted that it
says that the domain name shouldn't be used when generating the
NT-Response field. So it looks like the bug is in freeradius rather
than in ppp.
This removes a bad latency problem during initial setup where we
end up waiting for too long before reading the connected message
and time the connection out.
Problem figured out by: Andre Albsmeier <andre@albsmeier.net>
In -STABLE, this is default, in -CURRENT it is not, which leads to many a
headache for a user coming to -CURRENT without remembering this fact. It
is one of the POLA violations we have not avoided by preparing the users
for it appopriately. Therefore, a warnx(3) is added here, explicitly to
be MFC'd shortly to start the re-education process rolling.
Reviewed by: General murmurs of approval in that IRC channel.
MFC after: 3 days
mainly so the compiler can correctly do printf-style parameter checking.
Some minor improvements to a few of the error messages, but the main
goal here is to get rid of a few more compile-time warning messages.
MFC after: 5 days
Change -l -> -L to match OpenBSD (since we haven't MFC'd it yet).
-l will now list stations that are associated with a hostap (preliminary)
MFC After: 2 weeks
is appropriate to avoid using typeof/__typeof__. It is worth noting that
SWAP() is only ever used to swap pointer values so 'void *' assumptions would
have been acceptable, but I'd gladly pay you tuesday for a cheeseburger^W
cleaner interface today.
Poked into submission by: bde
have native extended attributes rather than stacked extended attributes.
While I'm at it, make sure UFS_EXTATTR is not spelt FFS_EXTATTR.
Sponsored by: DARPA, NAI Labs
Obtained from: TrustedBSD Project
filesystem expands the inode to 256 bytes to make space for 64-bit
block pointers. It also adds a file-creation time field, an ability
to use jumbo blocks per inode to allow extent like pointer density,
and space for extended attributes (up to twice the filesystem block
size worth of attributes, e.g., on a 16K filesystem, there is space
for 32K of attributes). UFS2 fully supports and runs existing UFS1
filesystems. New filesystems built using newfs can be built in either
UFS1 or UFS2 format using the -O option. In this commit UFS1 is
the default format, so if you want to build UFS2 format filesystems,
you must specify -O 2. This default will be changed to UFS2 when
UFS2 proves itself to be stable. In this commit the boot code for
reading UFS2 filesystems is not compiled (see /sys/boot/common/ufsread.c)
as there is insufficient space in the boot block. Once the size of the
boot block is increased, this code can be defined.
Things to note: the definition of SBSIZE has changed to SBLOCKSIZE.
The header file <ufs/ufs/dinode.h> must be included before
<ufs/ffs/fs.h> so as to get the definitions of ufs2_daddr_t and
ufs_lbn_t.
Still TODO:
Verify that the first level bootstraps work for all the architectures.
Convert the utility ffsinfo to understand UFS2 and test growfs.
Add support for the extended attribute storage. Update soft updates
to ensure integrity of extended attribute storage. Switch the
current extended attribute interfaces to use the extended attribute
storage. Add the extent like functionality (framework is there,
but is currently never used).
Sponsored by: DARPA & NAI Labs.
Reviewed by: Poul-Henning Kamp <phk@freebsd.org>
path... after we've talked to any RADIUS servers involved, so that we
haven't touched the data before it gets to the server.
Make it clearer in the code that this compensation is done by setting
a flag to a value of zero, a flag which rfc2759 says *MUST* be zero.
While we're here, don't bother passing the peer challenge into
radius_Authenticate(). It's already part of the key we're passing in
(this becomes obvious now that I've structured that data...).
This ``fix'' doesn't help to authenticate Win98/WinME users in my test
environment as ports/net/freeradius seems to ignore the flag
completely anyway, but it may help with other RADIUS servers.
visible change should be that more than one queue can now be specified,
if one uses the '-msg' parameter to separate the list of queues from the
status message to set.
The previous implementation of 'down' remains available as the command
'xdown', available for instant fallback if there seems to be anything
wrong with the new one. If no one reports a problem after a few weeks,
then a later update will remove 'xdown'.
Reviewed by: freebsd-print@bostonradio.org
MFC after: 10 days
change the status message of a print queue. This includes some minor
changes to the upstat() routine, so that error messages are not printed
while seteuid(priv-user).
Reviewed by: freebsd-audit and freebsd-print@bostonradio.org
MFC after: 10 days
was removed from the kernel;
Advertise the prefix with zero lifetimes rather than to remove the prefix
from the prefix list to be advertised.
This will help renumber a receiving host by deprecating the address
derived from the old prefix.
Obtained from: KAME
MFC after: 2 weeks
'restart', 'start', 'stop' and 'up'. These are commands which mainly
just alter the access bits on the lock-file of a queue, and they all
now use a central routine to do that. This reduces the amount of code
that is run as the priv userid, and eliminates a number of cases where
error messages were written while that priv uid was in effect.
As far as users are concerned, there should be no noticable difference
in the new versions. In case there *is*, the previous implementations
are still there as 'xabort', 'xenable', etc, so they are available for
instant fallback. If no one reports a problem after a few weeks, then
a later update will remove those x-commands.
Reviewed by: freebsd-audit and freebsd-print@bostonradio.org
MFC after: 10 days
RAD_MICROSOFT_MS_CHAP_ERROR and RAD_MICROSOFT_MS_CHAP2_SUCCESS
messages, and remove the hack in chap.c to ignore that ident field
on the client side.
This anomoly was hacked around during development, and I forgot to
go back and fix it properly.
Spotted by: Sergey Korolew <ds@rt.balakovo.ru>
RAD_MICROSOFT_MS_MPPE_ENCRYPTION_POLICY
RAD_MICROSOFT_MS_MPPE_ENCRYPTION_TYPES
RAD_MICROSOFT_MS_MPPE_RECV_KEY
RAD_MICROSOFT_MS_MPPE_SEND_KEY
These attributes may be supplied by a RADIUS server when MSCHAPv2 is
used to authenticate.
It *should* now be possible to build ppp with -DNODES and still support
CHAP/MSCHAP/MSCHAPv2/MPPE via a RADIUS server, but the code isn't yet
smart enough to do that (building with -DNODES just looses these
facilities).
Sponsored by: Monzoon
hatching the idea of using dc, and Giorgos (keramida) for incubating it.
This also reverses most of the previous commit which took out or
modified the text about umask stuff.
are installing.
* Since this means that for now we can't accomodate non-standard
umask's, warn the user accordingly.
* Convert the "press enter to continue" prompt into a function.
of them to keep better track of which-is-which (multiple variables were
named 'pid'). Moved a global pid-variable into the only routine that
used it. Net result: fixes two compile-time warnings...
MFC after: 2 weeks
actually does work. Ignore errors from kldload(2) if the errno value is
EEXIST. It would help if this return value were documented in the
kldload(2) manual page.
one can set the 'noError' variable to ignore any errors that occur for the
next command. However, the code was only unsetting 'noError' when an error
actually occurred, so if you set 'noError', the next command completed ok,
and the command after that failed, the second command's failure would be
ignored. This fixes this by performing the 'noError' check earlier and
then unsetting 'noError' after every command that is run.
Sponsored by: The Weather Channel
sufficient.
In fact, using both breaks the radiator RADIUS daemon when used with
a db as it maps both attributes to the same field value and then
fails the insert.
I decided to remove RAD_NAS_IP_ADDRESS on the basis that rfc2138 says:
An Access-Request MUST contain a User-Name attribute. It SHOULD
contain either a NAS-IP-Address attribute or NAS-Identifier
attribute (or both, although that is not recommended). It MUST
despite the fact that this not recommended bit was removed from the
updated rfc.
we weren't properly checking for the case that the two version strings
being compared had different numbers of components. This has been
fixed.
Pointed out by: sobomax
Reviewed by: silence on -ports
temporarily turn off the nonInteractive variable around the DHCP and IPv6
Yes/No questions in a network device setup so that those questions are
asked.
use and has been broken in -CURRENT for a long time.
Clean up unneeded entries in the nlist array.
Implement kvm-backed ttymode (which we never had before). Incomplete as we
do not (yet?) print the correct device, sid or pgid.
Sponsored by: DARPA, NAI Labs
line as an environment variable assignment, is broken
and not conformant to its description in the manual page.
I think it is worthwhile to have that fix in 4.6.
PR: bin/38374
Submitted by: Thomas Quinot <thomas@cuivre.fr.eu.org>
MFC after: 2 days
`/2' with `>>1'. In the context `>>1' is more appropriate
because it looks like the division is used to restore a
shifted value.
GCC GNATS PR: c/6677
This fixes a problem where wheel-up movement is taken as wheel-down
in the sysmouse protocol.
Do not assume the plain char's are signed; use `signed char' where
char's need to be signed.
Discussed on: audit
Pointed out by: bde
configured).
Handle internal failures in radius_Authenticate() correctly.
Bump the ppp version number.
This doesn't yet work with MPPE. More will follow.
Sponsored by: Mozoon
/etc/exports. Oversized lines were unlikely due to the large 10k
limit, but any found would cause mountd to exit with an error. Also
fix one or two compiler warnings.
o Bump version number to 3.0.4
o When talking to a RADIUS server, provide a NAS-Port-Type.
When the NAS-Port-Type is Ethernet, provide a NAS-Port value equal
to the SESSIONID from the environment in direct mode or the
NGM_PPPOE_SESSIONID message in other modes. If no SESSIONID is found,
default to the interface index in client mode or zero in server mode.
When the NAS-Port-Type is ISDN, set the NAS-Port to the minor number
of the physical device (ie, the N in /dev/i4brbchN).
This makes it easier for the RADIUS server to identify the client
WRT accounting data etc.
Prompted by: lsz8425 <lsz8425@mail.cd.hn.cn>
just send PROTO_IP packets when we've got only one link up in multi-link
mode.
Problem noted by: Adrian Close <adrian@fernhilltec.com.au>
MFC after: 1 week
o Minor grammar fixes.
o Sort SEE ALSO references, and add iostat(8).
o Delete punctuation at end of AUTHORS' section only line
Reviewed by: rwatson, Hiten Pandya <hiten@uk.FreeBSD.org>
include all package files into resulting tarball.
PR: 34007
Submitted by: olgeni
While I here:
- Remove bogus comment;
- ensure that we return the proper exit code in the case of -b failure.
MFC after: 5 days
#include route.h before iso88025.h, and we have to dereference
the trld_route array correctly. (NOTE: I'm not altogether sure
that this is really the correct way to traverse this array. This
just eliminates the build warning/error. It may not work right at
runtime, and I have no way to test it since I lack the necessary
hardware.)
Broken by: kbyanc, who gets to wear the pointy hat
works on ATAPI drives only.
PR: kern/35512 (a part of)
Submitted by: Philipp Mergenthaler <philipp.mergenthaler@stud.uni-karlsruhe.de>
Reviewed by: -hackers
MFC after: 1 month
using new `@comment DEPORIGIN:...' directive. This would allow us to make
many neat things including:
- easier binary upgrades;
- source upgrades without using external tools by simply extending
bsd.port.mk and pkg_install tools;
- mixed-mode upgrades (source + binary);
- depreciate and deorbit silly +REQUIRED_BY files in the near future.
This feature is no-op until appropriate bsd.port.mk patch is committed, and
even when it is already committed packages generated will remain 100%
compatible with old set of pkg_install tools (module all those neat
features, of course).
MFC after: 6 days
directory, because this prevent this option from being used from the
package-depends target of bsd.port.mk since it creates such empty dir
during its normal operation.
MFC after: 6 days
fatal if the declaration of strdup() isn't in scope. The upper 32 bits
of the pointer are lost since it defaults to returning "int". Fix some
warnings while here, including trying to make gcc-3.1 happy.
Also add the ability to use Bzip'ed distributions -- but this is exclusive
of being able to use Gzip'ed distributions.
Sponsored by: FreeBSD Mall, Inc.
with variable numbers of arguments made this slightly harder than
it should be. Avoid the bug by not doing string concatenation within
the macros, and instead add a new function to syslog or print the
error messages.
This is a boolean option, and if it is specified in a print queue
for a remote host, it causes lpd to resend the data file for each
copy the user requested on 'lpr -#n'. This is useful for network
printers which accept lpd-style jobs, but which ignore the control
file (and thus they ignore any request for multiple copies).
PR: 25635
Reviewed by: short review on freebsd-audit
MFC after: 6 days
rendering of the man pages (turns some sequences of two blank lines
into a single blank line), and eliminates 306 errors generated while
formatting named.conf.5 .
for what is currently the '-p' parameter. '-s' is what NetBSD
used (and they implemented it before I added -p in FreeBSD), and
it also matches the '-s' option in syslogd. Someone in OpenBSD
land had also talked about adding a '-s' option, but it hasn't
happened yet.
MFC after: 5 days
destination.
(Currently lack of their specification does not lead to any problem, because
kernel does not check the consistency between actual address and its
address family / length on raw socket.
However kernel should always check their consistency and stop sending packets
if there is a contradiction. Considering backward compatibility of
programs, I just fixed rtsol now; I'd like to fix the kernel behavior later.)
Reviewed by: ume
MFC after: 3 days
them to point at static strings that contain the default paths. This
makes 'vipw -d' work again (I broke it in rev 1.21; apologies for taking
so long to fix it.)
Spotted by: Olivier Houchard <doginou@cognet.ci0.org>
Sponsored by: DARPA, NAI Labs
instead of u_char *.
The changes are cosmetic except:
RecvConfigAck() now displays the options that are being ACK'd
Huge (bogus) options sent from the peer won't cause an infinite loop
SendIdent and ReceiveIdent are displayed consistenlty with other FSM data
LCP AUTHPROTO options that aren't understood are NAK'd, not REJ'd
trying to run X on some Athlon systems where the BIOS does odd things
(mines an ASUS A7A266, but it seems to also help on other systems).
Here's a description of the problem and my fix:
The problem with the old MTRR code is that it only expects
to find documented values in the bytes of MTRR registers.
To convert the MTRR byte into a FreeBSD "Memory Range Type"
(mrt) it uses the byte value and looks it up in an array.
If the value is not in range then the mrt value ends up
containing random junk.
This isn't an immediate problem. The mrt value is only used
later when rewriting the MTRR registers. When we finally
go to write a value back again, the function i686_mtrrtype()
searches for the junk value and returns -1 when it fails
to find it. This is converted to a byte (0xff) and written
back to the register, causing a GPF as 0xff is an illegal
value for a MTRR byte.
To work around this problem I've added a new mrt flag
MDF_UNKNOWN. We set this when we read a MTRR byte which
we do not understand. If we try to convert a MDF_UNKNOWN
back into a MTRR value, then the new function, i686_mrt2mtrr,
just returns the old value of the MTRR byte. This leaves
the memory range type unchanged.
I have seen one side effect of the fix, which is that ACPI calls
after X has been run seem to hang my machine. As running X would
previously panic the machine, this is still an improvement ;-)
I'd like to MFC this before the 4.6 code freeze - please let me
know if it causes any problems.
PR: 28418, 25958
Tested by: jkh, Christopher Masto <chris@netmonger.net>
MFC after: 2 weeks
present, this field specifies the media volume that the disc is
contained on. If the volume of a given packages is different than the
current volume of mediaDevice, then the user is prompted --
"This is disc #%d. Package %s is on disc #%d\n"
"Would you like to switch discs now?\n"
If the user selects yes, then DEVICE_SHUTDOWN is called and the user
is then prompted --
"Please remove disc #%d from you drive, and add disc #%d"
This works well for a carefully crafted INDEX file, but more work
needs to be done to sort dependencies on a given package based on the
volume that they reside on, to minimize the amount of disc flipping
required of the user.
This commit is a no-op for normal INDEX files and FreeBSD CDs. These
additional features are only used if the INDEX and cdrom.inf file have
multi-volume support.
print out the correct transport it failed on rather than always
spitting out 'udp', also call nc_sperror() to give a more verbose
error message detailing the problem.
files are owned by the caller of newsyslog (usually root:wheel) even if
alternative ownerships were specified in newsyslog.conf.
Note that this is part of a wider problem which is fully addressed in
OpenBSD. Anyone with the time and inclination to incorporate the full
fix for the wider problem will receive no complaints from me and should
feel free to walk all over this delta.
PR: bin/36738
MFC after: 1 week
"confused" about it being unassigned. In fact, gcc was right. Fix the
real problem by setting that variable before break-ing out of a select
statement so gcc is happy, and then remove the unnecessary assignment.
Reported by: a user wondering why lpd syslog-ed about "compiler confusion"
MFC after: 12 days
input file and any temporary (filter) file are closed upon return, and
that is generally done at the end of the routine. This should make it
easier for a later update (not yet written) to implement a "resend_copies"
option.
MFC after: 12 days
remote machines. Now they really are handled *exactly* the same as
input filters (if=) for remote queues, except that they are started
with a different set of parameters. This should fix a few subtle
bugs in output-filter processing on such queues. It is a pretty
significant re-arranging of sendfile(), moving some of it to a new
execfilter() routine.
PR: 36552
Reviewed by: no screams from freebsd-audit
MFC after: 12 days
We are long past the stage where we only had ARP working for 10 Mb/s.
PR: 35604
Submitted by: Gary W. Swearingen <swear@blarg.net>
Additional comments by: Mike DeGraw-Bertsch <mbertsch@radioactivedata.org>
This patch explains -F for usershow and groupshow. Because "groupmod
... -F" doesn't do anything, the patch also drops that from groupmod's
command line args.
PR: 35955
Submitted by: Mike DeGraw-Bertsch <mbertsch@radioactivedata.org>
so know we have proper PKG registration and dependency information.
This is a WIP for 5.0 DP #1, so it is still rough around the edges and
does not GC the old XFree86 3.3.6 handling stuff that should be GC'ed.
Sponsored by: FreeBSD Mall, Inc.
$ cat pkg.tgz | pkg_add -
The above command line will fail on -CURRENT or -STABLE, and
therefore, so will sysinstall if you try to install additional
packages through the network (FTP) from a multiuser system. Because
of the different environment during installation (wrt the playpen),
this bug does not manifest itself during initial installs, and users
may install packages from the network just fine at that time.
This bug was fixed in OpenBSD 4 years ago.
----------------------------
revision 1.4
date: 1998/04/07 05:56:13; author: marc; state: Exp; lines: +13 -8
fix package input from standard input -- the program tried to process
stdin twice. Note: it assumes stdin is a compressed tar file.
----------------------------
PR: conf/36606
Obtained from: OpenBSD
MFC after: 2 weeks
from CD-ROM in 4-stable. Note that in 5-current, we use devfs so this
change (hopefully) shouldn't change anything.
I'll MFC to 4-stable later.
Tested with: FreeBSD/i386, 4.5-STABLE-20020330-JPSNAP
so the .lo files can be partially linked against libraries
which redefine symbols in the standard libs, or which reference
symbols in the objects.
Submitted by: Sam Leffler
MFC After: 3 days
discipline to do the async escaping, but no other benefits are available yet.
Change ``ifdef HAVE_DES'' to ``ifndef NODES'' for consistency.
Make the Makefile a little more sane WRT RELEASE_CRUNCH.
This is needed on sparc64 (and maybe all OpenFirmware based machines) as
most [all?] OpenBoot PROM's require either an a.out or FCode boot image.
Submitted by: jake
/kernel. kgmon actually appears to use getbootfile(), and the man page
might need to be updated to reflect that.
Reported by: Hiten Pandya <hiten@uk.FreeBSD.org>
rpcgen can't really make those fields const because the remote side might
want to munge them, so we need to pass non-const in. Hackish, but should
work.
It does not help modern compilers, and some may take some hit from it.
(I also found several functions that listed *every* of its 10 local vars with
"register" -- just how many free registers do people think machines have?)
While I'm here, make the menu entries on the documentation menu begin
with "1" instead of "2".
Reviewed by: imp, rwatson, murray
Approved by: imp, rwatson, murray
MFC after: 1 week
o Use ansi function definitions
o MAXPATHLEN already has the NUL at the end, so no need to add 1 (note that
MAXNAMLEN doesn't, so the + 1 there is correct).
o remove register.
the patch Matthew submitted, but I broke the lines in a more FreeBSD
way and made one small wording change.
PR: 31265
Submitted by: Matthew D. Fuller <fullermd@over-yonder.net>
MFC after: 3 weeks
case use size of the currently displaying font as a suffix. For example,
when the when the size of the currently displayed font is 8x8 the
following command will load koi8-r-8x8.fnt.
# vidcontrol -f koi8-r
MFC after: 2 weeks
installed ones under /boot (which we may not even have in the
case of a cross build).
This introduced chicken and egg problem - we need boot images
early in the "depend" stage but they have not yet been built.
Work around this by excluding the generated makeboot.c source
from the "depend" list; it's okay because we hardcode all its
dependencies explicitly. We actually lose the dependency bit
on <sys/types.h> but it's probably okay too as the only thing
we use is the u_char datatype and this is unlikely to change.
After all, it's normal for sloppy cleaning to cause problems.
beast.FreeBSD.org running 5.0-CURRENT alpha has been able to
cross build i386 world with this patch.
Prodded by: gallatin
spares (the size of the field was changed from u_short to u_int to
reflect what it really ends up being). Accordingly, change users of
xucred to set and check this field as appropriate. In the kernel,
this is being done inside the new cru2x() routine which takes a
`struct ucred' and fills out a `struct xucred' according to the
former. This also has the pleasant sideaffect of removing some
duplicate code.
Reviewed by: rwatson
master.passwd, group, and make.conf
* Add a feature to check variables in rc.conf[.local] to their
counterparts in /etc/defaults/rc.conf after a run
* Twiddle whitespace a little
* Change some "[ -f file ] && rm file" to "rm -f file"
counter type, as threatened in rev.1.8 (the density doesn't need to
be recorded since it can be derived from other fields). This doesn't
affect binary compatibility, but new utilities won't be able to depend
on the contents of this field because libc/gmon/gmon.c was broken --
it wrote garbage to the spare fields.
Added a history counter type field to struct gmonparam. This breaks
binary compatibility a little, since kgmon wanted to read the whole
struct. Fixed kgmon to only depend on reading the critical earlier
parts of the struct. This should also fix 6+ year old breakage of
binary compatibility when the profrate field was added.
Only initialize the new field in struct gmon for now, so that the
compatibility code for this (in kgmon) gets tested. The compatibility
code has to guesstimate the value. The new field in struct gmonparam
is for the kernel to initialize so that kgmon doesn't have to guess.
