Commit Graph

71815 Commits

Author SHA1 Message Date
Andrew R. Reiter
fe3240e9aa - Back out the commit to make the linker_load_file() securelevel check
made aware in jail environments.  Supposedly something is broken, so
  this should be backed out until further investigation proves otherwise,
  or a proper fix can be provided.
2002-03-22 04:56:09 +00:00
Mike Silbersack
9e5a5ed4c5 Change the ephemeral port range from 1024-5000 to 49152-65535.
This increases the number of concurrent outgoing connections from ~4000
to ~16000.  Other OSes (Solaris, OS X, NetBSD) and many other NAT
products have already made this change without ill effects, so we
should not run into any problems.

MFC after:	1 week
2002-03-22 03:28:11 +00:00
Warner Losh
80578e902c const poison just like NetBSD. 2002-03-22 02:43:01 +00:00
Warner Losh
ae10a3fcce Make user_from_uid and group_from_gid return const char *, just like
NetBSD.  Update man page to reflect this.
2002-03-22 02:35:47 +00:00
Robert Watson
1b350b4542 Break out the "see_other_uids" policy check from the various
method-based inter-process security checks.  To do this, introduce
a new cr_seeotheruids(u1, u2) function, which encapsulates the
"see_other_uids" logic.  Call out to this policy following the
jail security check for all of {debug,sched,see,signal} inter-process
checks.  This more consistently enforces the check, and makes the
check easy to modify.  Eventually, it may be that this check should
become a MAC policy, loaded via a module.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-03-22 02:28:26 +00:00
Warner Losh
3f330d7d1a remove __P 2002-03-22 01:42:45 +00:00
Warner Losh
d3cb5ded92 remove __P 2002-03-22 01:33:25 +00:00
Warner Losh
f1bb2cd2aa remove __P 2002-03-22 01:22:50 +00:00
Jun Kuriyama
9f6092398b MFen. 2002-03-22 00:19:50 +00:00
Mark Murray
0696ed0c00 Updates for OPIE 2.4. 2002-03-22 00:12:20 +00:00
David E. O'Brien
69160b1eb7 Remove __P() usage. 2002-03-21 23:54:04 +00:00
Benno Rice
bf76ba7826 Collect all functions for copying to and from userspace into the one file.
This allows me to reimplement [sf]u{byte,word} as separate functions and not
as calls to copy{in,out}.
2002-03-21 23:45:59 +00:00
David E. O'Brien
4d826ecfbc Remove __P() usage. 2002-03-21 23:43:04 +00:00
Mark Murray
f4083b2413 Resolve conflicts. 2002-03-21 23:42:52 +00:00
David E. O'Brien
be04b6d190 Remove 'register' keyword. 2002-03-21 23:39:28 +00:00
Alfred Perlstein
c4bc47ba6a Bring code to WARNS=3 level. Mostly fix unused variables. 2002-03-21 23:05:13 +00:00
Alfred Perlstein
b5749e6213 Remove main() prototype. 2002-03-21 22:53:49 +00:00
Alfred Perlstein
33314abe2c Remove __P. 2002-03-21 22:52:45 +00:00
Mark Murray
7b0f9607c9 This commit was generated by cvs2svn to compensate for changes in r92906,
which included commits to RCS files with non-trunk default branches.
2002-03-21 22:50:02 +00:00
Mark Murray
cfb697297a Vendor import of OPIE 2.4 2002-03-21 22:50:02 +00:00
David E. O'Brien
c05ac53b8b Remove __P() usage. 2002-03-21 22:49:10 +00:00
Mark Murray
2a66bf165b Restructure for own parsedate (replacement for get_date from CVS).
Fix up parsedate.y for WARNS=4.

Reviewd by:	bde (except for parsedate.y diffs)
2002-03-21 21:56:05 +00:00
Dag-Erling Smørgrav
575abac10a /etc/moduli -> /etc/ssh/moduli 2002-03-21 21:54:17 +00:00
Dag-Erling Smørgrav
99a0916ca1 This commit was generated by cvs2svn to compensate for changes in r92899,
which included commits to RCS files with non-trunk default branches.
2002-03-21 21:47:20 +00:00
Dag-Erling Smørgrav
323b03c5e9 Import OpenBSD's moduli(5) man page 2002-03-21 21:47:20 +00:00
Dag-Erling Smørgrav
d221a687b8 Install moduli instead of primes 2002-03-21 21:44:03 +00:00
Mark Murray
2309721787 Add a replacement for get_date which is currently being dug out of
CVS's sources.

This is a "public domain" implementation stolen from INN, and is
added unmodified.
2002-03-21 21:43:50 +00:00
Dag-Erling Smørgrav
8b04ebcbfe Import OpenBSD's moduli file. 2002-03-21 21:43:25 +00:00
Dag-Erling Smørgrav
e516274c3e This commit was generated by cvs2svn to compensate for changes in r92894,
which included commits to RCS files with non-trunk default branches.
2002-03-21 21:43:25 +00:00
Matt Jacob
371777b161 Limit fabric search to a default 256 entries. This will all go away
soon because it's just getting harder and harder to find switches
that correctly implement the GET ALL NEXT subcommands for the SNS
protocol.

Latch up result out pointer and set a busy flag when we're looking
at the response queue. This allows for a cleaner way to make sure
we don't get multiple CPUs trying to read the same response queue
entries.

Change how isp_handle_other_response returns values (clarity).

Make PORT UNAVAILABLE the same as PORT LOGOUT (force a LIP).

Do some formatting changes.

MFC after:	0 days
2002-03-21 21:10:16 +00:00
Bruce A. Mah
7a0933ca5d Fix typo: s/forth/fourth/ 2002-03-21 20:10:10 +00:00
Alan Cox
8fcaddd792 o Use the MI vm_map_growstack() instead of grow_stack() in trap_pfault()
and trapwrite().
 o On i386/pc98, remove the (now) unused grow_stack().
2002-03-21 19:27:15 +00:00
David E. O'Brien
8fb3f3f682 Remove 'register' keyword. 2002-03-21 18:49:23 +00:00
Andrew Gallatin
ddf23aa842 shut up the compiler 2002-03-21 18:48:00 +00:00
David E. O'Brien
84c63a156a Fix SCM ID's. 2002-03-21 18:06:09 +00:00
Alexander Leidinger
5ff65b6cf3 Traditional first commit.
Approved by: joerg
2002-03-21 16:40:32 +00:00
Bruce A. Mah
c88a01217a New release notes: libstand split file loading.
Updated release notes:  sparc64 platform progress, IPFilter 3.4.25.

Belated MFC note:  OpenSSH 2.9.
2002-03-21 16:30:34 +00:00
Andrew R. Reiter
e85b9ae9ac - Fix a logic error in checking the securelevel that was introduced in the
previous commit.

Pointy hats to: arr, rwatson
2002-03-21 15:27:39 +00:00
Warner Losh
d476a036e2 o remove __P
o remove main prototype
2002-03-21 13:20:49 +00:00
Warner Losh
854299908c o __P removed
o main prototype removed
2002-03-21 13:14:21 +00:00
Warner Losh
0638cc1a39 o __P removal.
o ansi function definitions.
o main prototype removal
o unifdef __STDC__
2002-03-21 13:10:52 +00:00
Benno Rice
6da4e60a23 - Make all inlines for manipulating supervisor-level registers accept/return
register_t values.
- Implement an inline for isync.
2002-03-21 13:07:31 +00:00
Dag-Erling Smørgrav
6b11d510fd Correctly set PAM_RHOST so e.g. pam_login_access(8) can do its job.
Sponsored by:	DARPA, NAI Labs
2002-03-21 12:55:21 +00:00
Dag-Erling Smørgrav
fe49ecbc93 Use the "sshd" service instead of "csshd". The latter was only needed
because of bugs (incorrect design decisions, actually) in Linux-PAM.

Sponsored by:	DARPA, NAI Labs
2002-03-21 12:23:09 +00:00
Dag-Erling Smørgrav
da4dc1eeb5 Use PAM instead of S/Key (or OPIE) for SSH2.
Sponsored by:	DARPA, NAI Labs
2002-03-21 12:18:27 +00:00
Benno Rice
54551c77ee GC some unused, bogus interrupt functions and replace them with proper
implementations of intr_disable and intr_restore.
2002-03-21 12:04:58 +00:00
Mike Barcroft
40dcc8608d Revert 1.20:
Memory disks may be used for other purposes besides newfs(8), so it
isn't helpful to require the minimum size meet newfs(8)'s criteria.
2002-03-21 12:03:09 +00:00
Bruce Evans
4bcae9ff30 Removed the last vestiges of libm. These have been repo-copied to
msun/bsdsrc.  Everything except true gamma() and its support functions
was superseded by msun long ago, at least on IEEE machines.
2002-03-21 11:33:50 +00:00
Doug Rabson
6720311838 Change critical_t to register_t for intr_disable/restore. 2002-03-21 09:50:11 +00:00
Doug Rabson
77b51ddfcd Change cpu_critical_enter/exit to intr_disable/restore. 2002-03-21 09:35:18 +00:00