26450 Commits

Author SHA1 Message Date
Bill Fenner
764d8cef56 A more complete fix for the "land" attack, removing the "quick fix" from
rev 1.66.  This fix contains both belt and suspenders.

Belt: ignore packets where src == dst and srcport == dstport in TCPS_LISTEN.
 These packets can only legitimately occur when connecting a socket to itself,
 which doesn't go through TCPS_LISTEN (it goes CLOSED->SYN_SENT->SYN_RCVD->
 ESTABLISHED).  This prevents the "standard" "land" attack, although doesn't
 prevent the multi-homed variation.

Suspenders: send a RST in response to a SYN/ACK in SYN_RECEIVED state.
 The only packets we should get in SYN_RECEIVED are
 1. A retransmitted SYN, or
 2. An ack of our SYN/ACK.
 The "land" attack depends on us accepting our own SYN/ACK as an ACK;
 in SYN_RECEIVED state; this should prevent all "land" attacks.

We also move up the sequence number check for the ACK in SYN_RECEIVED.
 This neither helps nor hurts with respect to the "land" attack, but
 puts more of the validation checking in one spot.

PR:             kern/5103
1998-01-21 02:05:59 +00:00
John Birrell
5ec0ebbb0d FreeBSD's make knows about the MACHINE, but not the MACHINE_ARCH unless
it is built with this defined (which it isn't by default). This change
to sys.mk treats the absence of MACHINE_ARCH as i386 on the assumption
that it will be appropriately defined (as something else) on any other
architecture. When building FreeBSD's make with NetBSD tools, both
MACHINE and MACHINE_ARCH are correctly set (e.g. when bootstrapping
FreeBSD's make on NetBSD/mvme68k, MACHINE=mvme68k and
MACHINE_ARCH=m68k). This isn't really needed for the alpha which
has both defined as 'alpha', but I thought it was worth getting the
distinction between a MACHINE and a MACHINE_ARCH correct now.

Now, shouldn't PC98 have MACHINE=pc98 and MACHINE_ARCH=i386 ??!!
1998-01-21 01:03:51 +00:00
Warner Losh
07d19529ee Quote filenames more agressively.
Reviewed by:	jkh
Submitted by:	Hubert Feyrer
1998-01-21 00:12:56 +00:00
Brian Somers
49b239e0d2 Allow an optional delay when specifying "set openmode active".
The delay defaults to 1 sec (as it always has) unless we've done
a ~p in interactive mode or we've actually detected a HDLC frame.
This is now cleanly implemented (via async timers) so that it is
possible for LCP to come up despite the delay if an LCP REQ is
received.

This will hopefully solve situations with slow servers or slirp
scenarios (where ECHO is left on the port for a second or so before
the peer enters packet mode).

Also, ~p in interactive mode no longer changes the value of the default
openmode delay and -dedicated mode enters packet mode in the right state
according to the value of openmode.
1998-01-20 22:47:48 +00:00
Nate Williams
a9b9e46550 - Support for multiple PD6832 controllers. Each found 6832 is assigned
and initializes the next two ports in order starting at 03e0.  This
  also patches pcic_p.h to reduce the I/O ports mapped from 4 to 2.

Submitted by:	Ted Faber <faber@ISI.EDU>
1998-01-20 21:11:03 +00:00
Bruce Evans
a798ce2eac Converted to Lite2 mount interface - use vfc_typenum from the
already looked up vfsconf struct for nfs instead of MOUNT_NFS.
Removed related FreeBSD ifdefs.
1998-01-20 15:22:27 +00:00
Bruce Evans
66a655bcf6 Merged from Lite2. Get the filesystem type name directly from the
statfs struct instead of converting from the filesystem type number.
1998-01-20 15:12:24 +00:00
Garrett Wollman
8830deae19 Properly initialize the printer struct.
PR: bin/5519
1998-01-20 14:43:05 +00:00
Bruce Evans
81d50a41f6 Merged just enough files from Lite2 in lfs_cleanerd to convert from
MOUNT_LFS to "lfs" in one place.  The merge was painful because it
conflicted with cosmetic FreeBSD changes.  lfs_cleanerd still compiles
cleanly but has aproximately the same chance of working as before (0).
1998-01-20 14:41:53 +00:00
Bruce Evans
8339e4f43d Converted to Lite2 mount interface - don't use numeric filesystem
types.  The NetBSD compatibility cruft was more correct for -current
than FreeBSD's own code.  It just used NetBSD #defines instead of
string literals for the filesystem names.  NetBSD's MOUNT_UFS is
"ffs", so using a literal "ufs" gives wrong results, but this is
unimportant, especially for bootstrapping.

Fixed style bugs in trymmap().

Fixed some disordered declarations.
1998-01-20 13:52:32 +00:00
Bruce Evans
d63b9ba46a Converted to Lite2 mount interface - decide filesystem types by name
instead of by number.
1998-01-20 12:53:43 +00:00
Bruce Evans
eae79dd1c0 Merged from Lite2. This was mostly already done, mostly indirectly
via wollman's changes in rev.1.2 being adopted by Lite2 and the
nfsv3 changes in rev.1.3 being adopted by both FreeBSD and Lite2.
We were only missing lookup of the type number for nfs (MOUNT_NFS
doesn't exist in Lite2).
1998-01-20 12:27:38 +00:00
Bruce Evans
7bbe74ab58 Don't refer to the nonexistent function VOP_VALLOC. 1998-01-20 11:08:06 +00:00
Bruce Evans
c7b367098d Fixed #includes in the synopsis and in an example. <sys/socket.h>
isn't a prerequisite, since it isn't required for the prototypes
and isn't always needed to call the functions (the address family
might be a variable).
1998-01-20 11:03:15 +00:00
KATO Takenori
59cf92149a Sync with sys/i386/isa/syscons.c revision 1.246. 1998-01-20 10:53:26 +00:00
Bruce Evans
87f01287d2 Removed definition of _NEW_VFSCONF. The new vfsconf interface is now
the default.
1998-01-20 10:40:18 +00:00
Bruce Evans
bf49c4278a Moved most of the (source-level) compatibility hacks for the vfsconf
interface from sys/mount.h to libc/getvfsent.c  The new interface is
now the default.

Sorted the prototypes for the library functions.
1998-01-20 10:36:42 +00:00
Bruce Evans
2aeb5561dd Moved most of the (source-level) compatibility hacks for the vfsconf
interface from sys/mount.h to libc/getvfsent.c  The new interface is
now the default.
1998-01-20 10:36:24 +00:00
KATO Takenori
3ae6029808 - Move SETKLOC and CLEARKLOCK macros into uion.h.
- Set UN_ULOCK in union_lock() when UN_KLOCK is set.  Caller expects
  that vnode is locked correctly, and may call another function which
  expects locked vnode and may unlock the vnode.
- Do not assume the behavior of inside functions in FreeBSD's
  vfs_suber.c is same as 4.4BSD-Lite2.  Vnode may be locked in
  vget() even though flag is zero.  (Locked vnode is, of course,
  unlocked before returning from vget.)
1998-01-20 10:02:54 +00:00
John Birrell
013239afdf Suggested by: bde
Move sigjmp_buf and jmp_buf structure definitions to machine/setjmp.h
so that i386 can continue to use int as the basic register type and
alpha can use long. Bruce was concerned about possible differing
alignment. I've left the definition of _JBLEN in machine/setjmp.h
even though Bruce's example used the number directly. I don't know if
any other code relies on _JBLEN, so I left it to avoid potential
breakage.
1998-01-20 09:09:24 +00:00
Philippe Charnier
ffe0efc2a9 Convert to mdoc format. Remove unused vars. Use err(3) and change exit(-1). 1998-01-20 07:30:27 +00:00
Alexander Langer
2768e0c4b5 Added cross references to mincore(2) and minherit(2).
Obtained from:	OpenBSD
1998-01-20 03:59:07 +00:00
Alexander Langer
891d6e5881 Added #include <sys/types.h> to synopsis.
Obtained from:	OpenBSD
1998-01-20 03:52:49 +00:00
Kazutaka YOKOTA
f17c00390e Add the PnP string for a Logitech serial mouse model. 1998-01-20 03:38:36 +00:00
Kazutaka YOKOTA
6c401d343f - Add binary compatibility support for obsolete console/mouse ioctls
so that existing programs which were compiled before the introduction
  of the new mouse code and use these ioctls will run unmodified.

Suggested by msmith.
1998-01-20 03:37:27 +00:00
Jonathan M. Bresler
141868ce36 update hub's master configuraton file
limit sendmail to 500 messages per run
keeps the process from growing too large
sort the queue by host, not numeric priority
connecting to a host is too expensive,
once we got the connection, ram all the mail down his throat ;>
1998-01-20 01:48:12 +00:00
Bill Paul
844812c437 Also fix ypbind to compile with ANSI-fied /usr/include/rpcsvc. One of
these days I really should rerwite this creature from the ground up.
1998-01-19 23:31:38 +00:00
Jordan K. Hubbard
83ac5c703b Add wfd style devices to detection list (we'll have to put them on the
boot floppy too, of course - hope I still have enough inodes! :)
1998-01-19 23:28:41 +00:00
Bill Paul
e4a0e42ba8 Make these programs compile and work correctly now that /usr/include/rpcsvc
has been ANSI-fied.

Pointed out by: bde
1998-01-19 23:13:38 +00:00
Brian Somers
e2e26133df dlopen(..., RTLD_NOW) rather than RTLD_LAZY.
Pointed out by: John Polstra <jdp@polstra.com>
1998-01-19 22:59:57 +00:00
Brian Somers
677f680c33 sys/types.h -> sys/param.h
Pointed out by: Niklas Hallqvist <niklas@petra.appli.se>
1998-01-19 22:34:20 +00:00
Bruce Evans
bd4f43ff72 mount(8) only uses realpath() for the mountpoint, so don't look up the
real path here for the mount device (or path).  This fixes difficulties
unmounting devices that are actually symlinks to real devices.

Also, print the original path instead of the real path in early error
messages.  nfs path handling and later error messages may still be wrong,
probably only in silly cases where the original path is both a symlink
and a remote path.

PR:		5208
1998-01-19 18:48:36 +00:00
Tor Egge
281c79d603 Nondestructive attempts to get simple locks when SL_DEBUG is defined. 1998-01-19 17:33:08 +00:00
Bill Paul
813907f9ec Invoke rpcgen with -C so that headers are created with ANSI prototypes.
Note: this may cause some problems in a few cases. With very old versions
of rpcgen, if you defined a procedure called foo, then rpcen would create
client stubs for function foo_1() and server stubs _also_ with function
foo_1(). This only worked because of the lack of ANSI prototypes: the
client side stub takes different arguments than the server side stub.
(The client side takes a CLIENT * handle, while the server side wants
an svc_req *.)

To fix this conflict, rpcgen in ANSI mode generates foo_1() for the client
and foo_1_svc() for the server. RPC server code that depends on the old
behavior might break because of this. (Fixing it is just a matter of
adding the _svc suffix onto the server procedure names.)
1998-01-19 17:19:09 +00:00
Bruce Evans
90e05a748a Don't create superblocks with size larger than SBSIZE (8192). The
size was rounded up to a multiple of the fragment size, but this
gave invalid file systems when the fragment size was > SBSIZE (fsck
aborts early on them).  Now a fragment size of 32768 seems to work
(too-simple tests with fsck and iozone worked).
1998-01-19 16:55:26 +00:00
Bruce Evans
cc52d04f9f Guard against a block size of 0 in the label. When the first
superblock is invalid, fsck looks at the label to help guess where
the next superblock should be.  If the partition type is 4.2BSD,
fsck assumed that the block size was valid and divided by it, so
it dumped core if the size was 0.

Initialization of the label was broken almost 3 years ago in rev.1.9
of newfs/newfs.c.  Newfs does not change the label at all, so there
is no problem (except the breakage of the automatic search for
backup superblocks) unless something else sets the partition type
to 4.2BSD.  However, it is too easy to set partition types to
4.2.BSD by copying an old label or by using a disktab entry to
create the label.

PR:	2537
1998-01-19 16:28:29 +00:00
Jordan K. Hubbard
7a0b248e9c Add a missing \ the previous committer omitted from the crunch target. 1998-01-19 16:10:51 +00:00
Bruce Evans
9bb4a86cf0 Fixed accesses to addresses between VM_MAXUSER_ADDRESS (normally
0xefbfe000) and kernel_start (normally 0xf0100000).

Things are unnecessarily (?) difficult because procfs is used to
access user addresses in the live-kernel case although we must have
access to /dev/mem to work at all, and whatever works for the
dead-kernel case should work in all cases (modulo volatility of
live kernel variables).  We used the wrong range [0, kernel_start)
for user addresses.  Procfs should only work up to VM_MAXUSER_ADDRESS,
but it bogusly works for reads up to the address 2 pages higher
(the user area, including the kernel stack, is mapped to where the
user area used to be (WTUAUTB)).  Procfs can not work at all for
addresses between WTUAUTB and kernel_start.

Now we use procfs only to access addresses up to VM_MAXUSER_ADDRESS.
Higher addresses are translated normally using kvtophys(), so the
user ptd is used for addresses below the real kernel start (0xf0000000;
see INKERNEL()) and nothing is found WTUAUTB.

Strange accesses that cross the user-kernel boundary are now handled,
but such ranges are currently always errors because they necessarily
overlap the hole WTUAUTB.

Short reads are still not handled.
1998-01-19 15:27:56 +00:00
Bruce Evans
04822660a1 Removed `kstack' and associated mistranslations in kvtophys().
Correct translations would have been null.  However, kstack was
the top of the kernel stack instead of the base of the kernel stack
like it was when the kernel exported it, so the area above the
kernel stack was mistranslated and the kernel stack was not
translated.  This bug was depended on to compensate for the wrong
value of kstack - to read the pcb, instead of just using the address
of the pcb, we used the mistranslated address of kstack, which
happened to be the same (curpcb = kstack - 0x2000).

This area is simpler than it used to be now that the kernel stack
address is per-process.  The code still seems to be more complicated
than necessary - the `found_pcb == 0' case seems to be unused.
1998-01-19 14:27:41 +00:00
Bruce Evans
ffbb164e19 Set p_retval for the correct process in getpriority(). This fixes
a null pointer panic when the pointer for the incorrect process is
NULL.  getpriority() was broken in rev.1.27.  Rev.1.28 broke the
warning instead of fixing the problem.

PR:	5495
1998-01-19 12:39:00 +00:00
Tor Egge
95f67de2e3 The removal of a page from the free queue in vm_page_zero_idle was
imcomplete. Also set m->queue, in order to prevent vm_page_select_free
from selecting the page being zeroed.
1998-01-19 04:16:16 +00:00
Brian Somers
c6fe0cb207 Reimplement proxy-arp address stuff using sysctl(). 1998-01-19 02:59:34 +00:00
Wolfram Schneider
74f3544ed2 Add an example for busy mail servers, commented out. 1998-01-18 22:28:06 +00:00
Brian Somers
d1a3ea477c Allow "set vj" for changing the default number of slots
and whether slot compression is requested.
Don't show current values with "show ipcp" if IPCP isn't
"opened".
1998-01-18 20:49:22 +00:00
Tor Egge
75d515b755 Don't throw away bootp reply packets that are shorter than our extended-length
bootp query packet.
PR:		5512
1998-01-18 18:53:46 +00:00
Tor Egge
3bc42d575a Increase the minimum bootp reply packet size from 16 (bogus) to 300 (correct). 1998-01-18 18:46:20 +00:00
KATO Takenori
647e869094 Sync with sys/i386/isa/wd.c revision 1.147. 1998-01-18 15:10:03 +00:00
KATO Takenori
43a0695fdf Sync with sys/i386/conf/files.i386 revision 1.186. 1998-01-18 15:09:34 +00:00
KATO Takenori
34bb5953e4 Sync with sys/i386/conf/files.i386 revision 1.12. 1998-01-18 15:09:05 +00:00
KATO Takenori
3c4f86eec1 Sync with sys/i386/conf/majors.i386 revision 1.24. 1998-01-18 15:08:34 +00:00