Commit Graph

4934 Commits

Author SHA1 Message Date
jhb
b1d0d78c99 Tweak the interactive description of CPU vs WCPU.
PR:		bin/158819
Submitted by:	arundel
Approved by:	re (kib)
2011-07-18 21:08:14 +00:00
dim
1242dbdf42 Upgrade our copy of llvm/clang to r135360, from upstream's trunk. 2011-07-17 19:51:40 +00:00
bz
81c9e88d02 Correct the description of struct pfioc_state_kill.
PR:		kern/158997
Submitted by:	ohauer
2011-07-17 17:33:39 +00:00
dougb
f4894c219c Upgrade to version 9.8.0-P4
This version has many new features, see /usr/share/doc/bind9/README
for details.
2011-07-16 11:12:09 +00:00
nwhitehorn
7c690c1aa8 Update dialog to 1.1-20110707. 2011-07-14 14:01:36 +00:00
jhb
85e4624c62 Add a leading space to the status messages output after toggling the
'C' and 'H' flags at runtime.  This matches messages output for other
toggles which leave the first column in the message blank to hold the
cursor.

PR:		bin/158775
Submitted by:	arundel
MFC after:	3 days
2011-07-11 16:51:29 +00:00
jhb
67900f72b1 Allow per-CPU statistics to be toggled at runtime via the 'P' key.
While here, make -P a toggle similar to other options such as -I.

Reviewed by:	arundel
MFC after:	1 week
2011-07-11 16:48:52 +00:00
mm
cf995996ab Update xz to git snapshot of v5.0 branch as of 20110711 (post-5.0.3)
For architectures with __NO_STRICT_ALIGNMENT
define TUKLIB_FAST_UNALIGNED_ACCESS

MFC after:	2 weeks
2011-07-11 14:15:27 +00:00
jhb
58a5a6ddbe Note that -a, -C, -H, -j, and -z are also toggles.
PR:		bin/158682
Reported by:	arundel
MFC after:	3 days
2011-07-08 13:45:53 +00:00
obrien
2adee38efa Note the PF version.
Discussed with:	bz
2011-07-07 23:17:56 +00:00
dougb
a56bc34bcb Update to version 9.6-ESV-R4-P3
ALL BIND USERS ARE ENCOURAGED TO UPGRADE IMMEDIATELY

This update addresses the following vulnerability:

CVE-2011-2464
=============
Severity:	High
Exploitable:	Remotely

Description:

A defect in the affected BIND 9 versions allows an attacker to remotely
cause the "named" process to exit using a specially crafted packet. This
defect affects both recursive and authoritative servers. The code location
of the defect makes it impossible to protect BIND using ACLs configured
within named.conf or by disabling any features at compile-time or run-time.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464
https://www.isc.org/software/bind/advisories/cve-2011-2464
2011-07-06 00:48:31 +00:00
dougb
28d62831de Apply bug fixes
Submitted by:	marius
2011-07-06 00:47:27 +00:00
uqs
0c741bc1ee - Fix typo in check_for_nested_with_variably_modified present
- Implement -Wvariable-decl.
- Port -Wtrampolines support from gcc3.
(all three also via OpenBSD)

PR:		gnu/127136, gnu/157019
Submitted by:	Henning Petersen, Pedro Giffuni
MFC after:	6 weeks
2011-07-01 20:45:55 +00:00
trasz
9b60524d55 Make lukemftpd properly set login class and cpumask. 2011-06-30 20:58:38 +00:00
trasz
20fc1d133e Make Sendmail properly set login class and cpumask. 2011-06-30 20:55:16 +00:00
bz
385c8843b3 In case ntp cannot resolve a hostname on startup it will queue the entry
for resolving by a child process that, upon success, will add the entry
to the config of the running running parent process.

Unfortunately there are a couple of bugs with this, fixed in various
later versions of upstream in potentially different ways due to other
code changes:

1) Upon server [-46] <FQDN> the [-46] are used as FQDN for later resolving
   which does not work.  Make sure we always pass the name (or IP there).

2) The intermediate file to carry the information to the child process
   does not know about -4/-6 restrictions, so that a dual-stacked host
   could resolve to an IPv6 address but that might be unreachable (see
   r223626) leading to no working synchronization ignoring a IPv4 record.
   Thus alter the intermediate format to also pass the address family
   (AF_UNSPEC (default), AF_INET or AF_INET6) to the child process
   depending on -4 or -6.

3) Make the child process to parse the new intermediate file format and
   save the address family for getaddrinfo() hints flags.

4) Change child to always reload resolv.conf calling res_init() before
   trying to resolve names.  This will pick up resolv.conf changes or
   new resolv.confs should they have not existed or been empty or
   unusable on ntp startup.  This fix is more conditional in upstream
   versions but given FreeBSD has res_init there is no need for the
   configure logic as well.

Approved by:	roberto
Sponsored by:	Sandvine Incorporated
MFC after:	9 days
2011-06-29 13:01:10 +00:00
bz
e15f804c7b Update packet filter (pf) code to OpenBSD 4.5.
You need to update userland (world and ports) tools
to be in sync with the kernel.

Submitted by:	mlaier
Submitted by:	eri
2011-06-28 11:57:25 +00:00
edwin
3292a832c8 MFV of tzdata2011h, r223627
- Russia scraps DST in 2011
- Remove Netherlands Antilles, add Bonaire, Curacao, Sint Maarten
2011-06-28 10:24:01 +00:00
bz
5eb4e348c8 Compare port numbers correctly. They are stored by SRCPORT()
in host byte order, so we need to compare them as such.
Properly compare IPv6 addresses as well.

This allows the, by default, 8 badaddrs slots per address
family to work correctly and only print sendto() errors once.

The change is no longer applicable to any latest upstream versions.

Approved by:	roberto
Sponsored by:	Sandvine Incorporated
MFC after:	1 week
2011-06-28 09:46:25 +00:00
delphij
009e986666 Incorporate vendor commit ecdc5c0a7f7591a7cd4a:
In userland, sign extend the offset for JA instructions.

We currently use that to implement "ip6 protochain", and "pc" might be
wider than "pc->k", in which case we need to arrange that "pc->k" be
sign-extended, by casting it to bpf_int32.

PR:		kern/157188
Submitted by:	plosher
MFC after:	2 weeks
2011-06-28 00:58:12 +00:00
dim
d2ac8b8fc0 For some reason, contrib/traceroute/traceroute.c ensures MAXHOSTNAMELEN
is defined, but then proceeds to use a hardcoded maximum hostname length
of 64 anyway.  Fix this by checking against MAXHOSTNAMELEN instead.

PR:		bin/157732
MFC after:	3 days
2011-06-26 19:03:33 +00:00
dim
1f9c357d9b Make GNU as recognize the ARM 'rrx' mnemonic, which can be generated by
clang for certain expressions.  Code taken from Apple cctools (GPLv2).

Submitted by:	damjan.marion@gmail.com
2011-06-23 20:54:44 +00:00
delphij
f715e0405a Revert r214857 pursudant to 9.0-RELEASE cycle.
Requested by:	jh
2011-06-20 16:48:00 +00:00
gavin
53f276e3d4 Merge tnftp-20100108 from the vendor branch into head.
PR:		bin/112288 bin/120256 bin/129014 bin/145528
MFC after:	1 month
2011-06-20 08:00:32 +00:00
gavin
f3c9355897 Copy lukemftp to its new home, tnftp. I'm doing this in stages so as to
not confuse the CVS exporter.
2011-06-19 21:50:38 +00:00
gavin
cd23bc1631 Bootstrap lukemftp vendor area 2011-06-19 16:54:06 +00:00
jh
bea80f7c3c Don't #undef curses ERR in dialog.h. Otherwise, the macro will be
unavailable if curses.h is included before dialog.h.

PR:		bin/156601
Obtained from:	Thomas E. Dickey (upstream maintainer)
Discussed with:	nwhitehorn
2011-06-19 08:53:16 +00:00
benl
2071e3510a Fix clang warnings.
Approved by:	philip (mentor)
2011-06-18 13:56:33 +00:00
andreast
33e551a6c8 - Check on target wordsize instead of compile time define if we build on
64-bit PowerPC or 32-bit PowerPC.
- Make gdb work on powerpc64, the code for this is obtained from
  ppc-linux-tdep.c.
- Remove non-elf core read functionality. Implement core read functionality
  similar like other FreeBSD targets.
- Set long double limitations.
2011-06-14 15:20:30 +00:00
gshapiro
073dab128b Update notes regarding FreeBSD import 2011-06-14 06:44:42 +00:00
gshapiro
b73afeb2a4 Merge sendmail 8.14.5 to HEAD
MFC after:	4 days
2011-06-14 04:20:18 +00:00
gshapiro
dd85ece875 Import sendmail 8.14.5 2011-06-14 03:55:17 +00:00
bz
7ceffe8d59 Add a new option -P to suppress getservbyport(3) calls when printing rules.
This allows one to force consistent printing of numeric port numbers like
we do with -n for other tools like netstat (just that -n was already taken)
rather than the service names.

-P is currently unused in OpenBSD so the change is eligible for upstreaming.

PR:		misc/151015
Submitted by:	Matt Koivisto (mkoivisto sandvine.com)
Sponsored by:	Sandvine Incorporated
MFC after:	1 week
2011-06-13 20:11:28 +00:00
dim
d4c7939bea Upgrade our copy of llvm/clang to r132879, from upstream's trunk. 2011-06-12 18:01:31 +00:00
delphij
3f51f93516 MFV: Update to less v444.
MFC after:	2 weeks
2011-06-09 22:52:57 +00:00
ru
9c3130fd8b Pull up all vendor changes to mdoc(7).
This also replaces the local fix in r219209 that made .Ac emit
ASCII angle quotes with an official fix.  In the official fix,
ASCII quotes are output when using the .Aq, .Ao and .Ac calls,
but only when nested into the .An macro.

PR:		gnu/154822
2011-06-08 08:08:42 +00:00
ed
72c50e51a5 Upgrade libcompiler_rt from revision 117047 to 132478.
It seems there have only been a small amount to the compiler-rt source
code in the mean time. I'd rather have the code in sync as much as
possible by the time we release 9.0. Changes:

- The libcompiler_rt library is now dual licensed under both the
  University of Illinois "BSD-Like" license and the MIT license.

- Our local modifications for using .hidden instead of .private_extern
  have been upstreamed, meaning our changes to lib/assembly.h can now be
  reverted.

- A possible endless recursion in __modsi3() has been fixed.

- Support for ARM EABI has been added, but it has no effect on FreeBSD
  (yet).

- The functions __udivmodsi4 and __divmodsi4 have been added.

Requested by:	many, including bf@ and Pedro Giffuni
2011-06-03 17:49:16 +00:00
csjp
9c392f3f91 Explicitly initialize the packet buffer to NULL after we unmap the zero copy
buffers.  This fixes a segfault on exit due to calling free on a bogus pointer.
This should be considered a temporary stop gap fix to avoid the crash.  The
complete fix re-shuffles the initializations of some of the clean-up pointers.

The details of the fix can be found in the libpcap git repository:
commit bc8209b71e928870b0f172d43b174ab27ba24394

Proded by:	kevlo, rpaulo
MFC after:	2 weeks
Submitted by:	Anton Yuzhaninov
2011-06-03 14:57:38 +00:00
ru
c78f027a99 Re-enable SGR support (ANSI color escapes) in grotty(1) by default.
Our man(1) and bsd.doc.mk still disable it for POLA reasons via the
-c option to grotty(1).

PR:		gnu/82353
2011-06-03 12:02:53 +00:00
jchandra
6f7651b2b3 Add .interp back into INITIAL_READONLY_SECTIONS in MIPS n64 ABI.
The binutils update in r218822 caused the MIPS n64 dynamic binaries to
fail because the ".interp" section is not in the initial sections.
This happens because elf64bmip-defs.sh overrides INITIAL_READONLY_SECTIONS
to add ".MIPS.options" sections instead of the ".reginfo" section used
by n32.
This used to work fine, but after r218822, INITIAL_READONLY_SECTIONS also
contains the .interp section, so the override has to be done differently.

Reported by : aduane at juniper

Obtained from:	gonzo (Initial version)
2011-06-01 10:23:03 +00:00
jhb
a73a4dbfbb - Document the -H option and 'H' key alongside other options and keys
rather than at the bottom of the manpage.
- Remove an obsolete comment about SWAIT being a stale state.  It was
  resurrected for a different purpose in FreeBSD 5 to mark idle ithreads.
- Add a comment documenting that the SLEEP and LOCK states typically
  display the name of the event being waited on with lock names being
  prefixed with an asterisk and sleep event names not having a prefix.

MFC after:	1 week
2011-05-31 15:41:10 +00:00
jhb
3e43795a7a Add a new option to toggle the display of the system idle process (per-CPU
idle threads).  The process is displayed by default (subject to whether or
not system processes are displayed) to preserve existing behavior.  The
system idle process can be hidden via the '-z' command line argument or the
'z' key while top is running.  When it is hidden, top more closely matches
the behavior of FreeBSD <= 4.x where idle time was not accounted to any
process.

MFC after:	2 weeks
2011-05-31 15:11:23 +00:00
bz
5cb7c50357 The argument to setsockopt for IP_MULTICAST_LOOP depends on operating
system and is decided upon by configure and could be an u_int or a
u_char.  For FreeBSD it is a u_char.

For IPv6 however RFC 3493, 5.2 defines the argument to
IPV6_MULTICAST_LOOP to be an unsigned integer so make sure we always
use that using a second variable for the IPV6 case.
This is to get rid of these error messages every 5 minutes on some
systems:
ntpd[1530]: setsockopt IPV6_MULTICAST_LOOP failure: Invalid argument
  on socket 22, addr fe80::... for multicast address ff02::101

While here also fix the copy&paste error in the log message for
IPV6_MULTICAST_LOOP.

Reviewed by:	roberto
Sponsored by:	The FreeBSD Foundation
Sponsored by:	iXsystems
MFC after:	10 days
Filed as:	Bug 1936 on ntp.org
2011-05-29 07:40:48 +00:00
dougb
ced7835c06 Upgrade to 9.6-ESV-R4-P1, which address the following issues:
1. Very large RRSIG RRsets included in a negative cache can trigger
an assertion failure that will crash named (BIND 9 DNS) due to an
off-by-one error in a buffer size check.

This bug affects all resolving name servers, whether DNSSEC validation
is enabled or not, on all BIND versions prior to today. There is a
possibility of malicious exploitation of this bug by remote users.

2. Named could fail to validate zones listed in a DLV that validated
insecure without using DLV and had DS records in the parent zone.

Add a patch provided by ru@ and confirmed by ISC to fix a crash at
shutdown time when a SIG(0) key is being used.
2011-05-28 00:21:28 +00:00
ru
2628ba45f7 [mdoc] Fixed .Dt call. 2011-05-25 14:13:53 +00:00
benl
383b306f0a Fix clang warnings.
Approved by:	philip (mentor)
2011-05-22 22:17:06 +00:00
benl
9dc57d1405 Fix clang warnings.
Approved by:	philip (mentor)
2011-05-22 22:16:19 +00:00
benl
3bcf417808 Fix clang warnings.
Approved by:	philip (mentor)
2011-05-22 22:15:42 +00:00
benl
fe2c179872 Fix clang warnings.
Approved by:	philip (mentor)
2011-05-22 22:15:16 +00:00
benl
0748b6b611 Fix clang compile warnings.
Approved by:	philip (mentor)
2011-05-22 22:14:15 +00:00