The recent problems with sshd were due to sshd reassigning
`environ' when setenv() thinks it owns it. setenv() subsequently
realloc()s the new version of environ and *boom*
- Include <stdlib.h> and <string.h> as needed for prototypes
- Remove unneeded "error" variables
o Make cap_init() use cap_clear() instead of bzero()
Obtained from: TrustedBSD Project
o Implementations will remain in the seperately distributed capability
patch until the cap_t type changes are synchronized.
Obtained from: TrustedBSD Project
response to return. This will stop processes waiting on DNS requests
from being woken up when a select collision occurs. This was tested
on mx1.FreeBSD.org (outgoing mail for the FreeBSD.org mailing
lists.)
Reviewed by: jlemon, peter
were not present when dev_mkdb(8) was run.
First the dev_mkdb(8) database is searched, this caters for non-DEVFS
cases where people have renamed a device.
If that fails we ask the kernel using sysctl kern.devname if the device
driver has put a name in the dev_t. This covers DEVFS cloned devices.
If that also fails we format a string which isn't entirely useless.
be used to point to a bad locale file. This is only believed to be a
minor security risk - the only risk is if some program uses the result
of a localized string as a format specifier in a vulnerable function
like sprintf(). No such code is believed to exist in the FreeBSD base
system, although it is possible that badly written third party code
would do that.
Submitted by: imp
Approved by: ache
configure FreeBSD so that various databases such as passwd and group can be
looked up using flat files, NIS, or Hesiod.
= Hesiod has been added to libc (see hesiod(3)).
= A library routine for parsing nsswitch.conf and invoking callback
functions as specified has been added to libc (see nsdispatch(3)).
= The following C library functions have been modified to use nsdispatch:
. getgrent, getgrnam, getgrgid
. getpwent, getpwnam, getpwuid
. getusershell
. getaddrinfo
. gethostbyname, gethostbyname2, gethostbyaddr
. getnetbyname, getnetbyaddr
. getipnodebyname, getipnodebyaddr, getnodebyname, getnodebyaddr
= host.conf has been removed from src/etc. rc.network has been modified
to warn that host.conf is no longer used at boot time. In addition, if
there is a host.conf but no nsswitch.conf, the latter is created at boot
time from the former.
Obtained from: NetBSD
It was kinda silly since the sigaction() syscall that it used to setup
the handler is more recent than __getcwd(), therefore it was useless
as the wrapper would have died before even getting as far as __getcwd(2).
Reminded by: bde
* rewrite catopen() to remove duplicate code chunks and optimize
* if empty string is passed to catopen() as name argument then
catopen() will set errno to ENOENT (File not found), not EINVAL
* move search code to LOOKUP() macro to shrink amount of duplicated code
* move common resource freeing actions to __nls_free_resources() function
* exclude from build code related to MCLoadAll defintion since it is not
using at all
* style(9) related whitespace changes
Reviewed by: ache
in my tree for a long time. bde reviewed this once upon a time and
said it was OK, iirc. This also obviates the need to put ? in the
optstring argument to preclude the extra warning message which some
people think confuses users. When I made my getopt cleanups of a long
time ago, this was the compromise reached. I just neglected to commit
it until now.
and bump __FreeBSD_version to 500012 to mark the occasion.
setproctitle() is prototyped in unistd.h as opposed to stdlib.h
where OpenBSD and NetBSD have it.
Reviewed by: peter
rmdir(2) on directories and unlink(2) otherwise. This modification,
and most of the man page update has been obtined from OpenBSD. This
was spotted by someone on a mailing lists a few months ago, but
I've lost their mail.
Reviewed by: sheldonh
I changed to close to original code before merging IPv6 support.
It seems having delay before another try is useless. However, I'm
not sure that delay means. So, I leave it as-is.
PR: bin/20515
was not fun and I am not entirely certain of the correctness, but it seems
to work. (in fact, side by side testing of this code vs the x86 version
turned up hidden bugs in the x86 code).
testing and real-life applications:
1) If you returned from the thread function, you got a segv instead of
calling _exit() with your return code.
2) clean up some bogus stack management. There was also an underflow
on function return.
3) when making syscalls, the kernel is expecting to have to leave space
for the function's return address. We need to duplicate this. It was
an accident that the rfork syscall actually worked here. :-/
the number of times I have given this to people and got asked: why isn't
it in libc? It is impossible to do this without assembler glue to reset
the stack for the new child process.
int rfork_thread(flags, stack_addr, start_fnc, start_arg)
int flags; Flags to rfork system call. See rfork(2).
void *stack_addr; Top of stack for thread.
int (*start_fnc)(void *); Address of thread function to call in child.
void *start_arg; Argument to pass to the thread function in child.
This is deliberately not documented or prototyped in includes until the
corresponding alpha version is written.
strdup()) rather than pointing it at something that's free()d
(via freeaddrinfo(res)) before the function returns.
I appreciate that this is an API change, but it's the only way
(AFAIK) of doing this without breaking existing code that uses
rcmd{,_af}().
Pointed out by: phkmalloc
management involving rcmd_af(), getaddrinfo(), freeaddrinfo(), etc.
We set *ahost to point to ai->canonname; and later free the ai-> stuff
and still leave the old pointers in *ahost to the freed data.
Perhaps the best way to deal with this is a static buffer or a static
strdup() that is freed on the next iteration or something. This gives
me headaches just thinking about this.
The new 'AJ' default for malloc() tripped this up.
of the processing of the recursion, "scan" would be pointing to O_CH
(or O_QUEST), which would then be interpreted as being the end character
for altoffset().
We avoid this by properly increasing scan before leaving the switch.
Without this, something like (a?b?)?cc would result in a g->moffset of
1 instead of 2.
I added a case to the soon-to-be-imported regex(3) test code to catch
this error.
string may be found (from the beginning of the pattern), the point
at which must is found minus that offset may actually point to some
place before the start of the text.
In that case, make start = start.
Alternatively, this could be tested for in the preceding if, but it
did not occur to me. :-)
Caught by: regex(3) test code
use a CHAR_MIN-based array, like elsewhere in the code.
Remove a number of unused variables (some due to the above change, one
that was left after a number of optimizing steps through the source).
Brucified by: bde
remove (comment out) functions defined or depricated elsewhere:
bsearch, lfind, lsearch, insque, remque
change hcreate to take a size_t rather than uint (essentially the same)
since hcreate/hdestroy are now in <search.h>, remove private search.h
in lib/libc/db/hash/
add $FreeBSD tags to hsearch.c
- permit numeric scopeid, be more careful about buffer size
TODO: 2nd arg type should be socklen_t for RFC2553 conformance,
but due to include file dependency it is not a easy thing to do
(netdb.h does not have socklen_t)
soon to be committed syscall stubs. These calls will be used to get
and set capability state associated with executables.
Obtained from: TrustedBSD Project
interface addresses in a portable manner, without headache of SIOCGIFCONF
or sysctl. it is in bsdi/openbsd/netbsd already.
from kame tree (actually, mandatory for latest kame tree).
when parsing certain DNS records during a reverse address resolution. Thus
when code tries to examine the returned host name, it dereferences a null
pointer :-(
Problem noticed by: ps
VIS_HTTPSTYLE is a new encoding style for use in vis(), strvis() and
strvisx() that escapes characters according to RFC 1808 (URI encoding).
Since decoding of these require different detection of start-points of
escaped characters, VIS_HTTPSTYLE can be given as flag to unvis().
unvis() will then properly decode URIs.
A new function appeared, strunvisx(): strunvisx() behaves similar as
strunvis(), with one exception: It has an additional flag parameter,
which is passed to unvis() to archive the effect I described above.
previous commits.
At the time we search the pattern for the "must" string, we now compute
the longest offset from the beginning of the pattern at which the must
string might be found. If that offset is found to be infinite (through
use of "+" or "*"), we set it to -1 to disable the heuristics applied
later.
After we are done with pre-matching, we use that offset and the point in
the text at which the must string was found to compute the earliest
point at which the pattern might be found.
Special care should be taken here. The variable "start" is passed to the
automata-processing functions fast() and slow() to indicate the point in
the text at which they should start working from. The real beginning of
the text is passed in a struct match variable m, which is used to check
for anchors. That variable, though, is initialized with "start", so we
must not adjust "start" before "m" is properly initialized.
Simple tests showed a speed increase from 100% to 400%, but they were
biased in that regexec() was called for the whole file instead of line
by line, and parenthized subexpressions were not searched for.
This change adds a single integer to the size of the "guts" structure,
and does not change the ABI.
Further improvements possible:
Since the speed increase observed here is so huge, one intuitive
optimization would be to introduce a bias in the function that computes
the "must" string so as to prefer a smaller string with a finite offset
over a larger one with an infinite offset. Tests have shown this to be a
bad idea, though, as the cost of false pre-matches far outweights the
benefits of a must offset, even in biased situations.
A number of other improvements suggest themselves, though:
* identify the cases where the pattern is identical to the must
string, and avoid entering fast() and slow() in these cases.
* compute the maximum offset from the must string to the end of
the pattern, and use that to set the point at which fast() and
slow() should give up trying to find a match, and return then
return to pre-matching.
* return all the way to pre-matching if a "match" was found and
later invalidated by back reference processing. Since back
references are evil and should be avoided anyway, this is of
little use.
The BM algorithm works by scanning the pattern from right to left,
and jumping as many characters as viable based on the text's mismatched
character and the pattern's already matched suffix.
This typically enable us to test only a fraction of the text's characters,
but has a worse performance than the straight-forward method for small
patterns. Because of this, the BM algorithm will only be used if the
pattern size is at least 4 characters.
Notice that this pre-matching is done on the largest substring of the
regular expression that _must_ be present on the text for a succesful
match to be possible at all.
For instance, "(xyzzy|grues)" will yield a null "must" substring, and,
therefore, not benefit from the BM algorithm at all. Because of the
lack of intelligence of the algorithm that finds the "must" string,
things like "charjump|matchjump" will also yield a null string. To
optimize that, "(char|match)jump" should be used.
The setup time (at regcomp()) for the BM algorithm will most likely
outweight any benefits for one-time matches. Given the slow regex(3)
we have, this is unlikely to be even perceptible, though.
The size of a regex_t structure is increased by 2*sizeof(char*) +
256*sizeof(int) + strlen(must)*sizeof(int). This is all inside the
regex_t's "guts", which is allocated dynamically by regcomp(). If
allocation of either of the two tables fail, the other one is freed.
In this case, the straight-forward algorithm is used for pre-matching.
Tests exercising the code path affected have shown a speed increase of
50% for "must" strings of length four or five.
API and ABI remain unchanged by this commit.
The patch submitted on the PR was not used, as it was non-functional.
PR: 14342
getaddrinfo() accidentally returns IPv4 mapped IPv6 address instead
of native IPv4 address.
Now, getaddinfo() is scoped address ready. You can put scoped
address within /etc/hosts.
Obtained from: KAME Project.
renamed to {s|g}etflagsbyname, which received objections. They're
now called strtofflags (string to file flags) and fflagstostr (file
flags to string).
Suggested by: bde
.Pp
.Fn func
.Pp
Description ...
with a list (Bl ... Li ... El).
- Remove a superfluous ``.Sh ENVIRONMENT'' and replace it with a ``.Pp''
within the IMPLEMENTATION DETAILS section.
Reviewed by: rwatson
right now...
I talked w/ phk last night and "fixing" this in a generic way is going
to require a lot of complex thought on stacking let alone the NFS problems..
add missing sys/time.h for struct timespec def...
standardized interface to the capability support in TrustedBSD.
o Not currently enabled in Makefile, as this code depends on syscalls
and include files that will be committed at a later date.
Obtained from: TrustedBSD Project
o Add shared library version 2 to libposix1e given API changes, et al
o Commented out cap_*.c as that is not currently being compiled into
the library (pending syscalls being committed)
Obtained from: TrustedBSD Project
o Switch reference to www.trustedbsd.org instead of POSIX.1e implementation
page
o Add cross references to capabilities man pages
o Remove extended attribute not implemented "BUGS" entry
Obtained from: TrustedBSD Project
. use real function names as `.Nm' macro argument in NAME section. It allows
them to appear in apropos(1) or whatis(1) output.
. replace empty lines with `.Pp' macro.
. replace hardcoded standard names with their `.St' macro equivalents.
. sort cross references in SEE ALSO section
from
all AAAA trial, then all A trial
to
try AAAA and A for each trial
TODO: more fix for the case where IPv4 mapped IPv6 addr is disabled
Reviewed by: ume
some reason. This will prevent an infinite loop if (say) a sigalarm is
being scheduled at a more frequent interval than the poll timeout.
PR: 2191, 8847, 10553
and gids bigger than 16 bits. Added checks for uids and gids that are
bigger than 32 bits.
Approved by: jkh (partly, this fix is bigger than I first intended)