# This appears to not break X11, but I'm having problems compiling the
# glide part of the server with or without this patch, so I can't tell
# for sure.
chpass(8). The relations between libc, libpam, chpass, passwd, and
vipw are a mess and probably should be cleaned up.
Submitted by: Peter Pentchev <roam@ringlet.net>
modules split across several physical medias. Following is how it works:
The splitfs code, when asked to open "foo" looks for a file "foo.split"
which is a text file containing a list of filenames and media names, e.g.
foo.aa "Kernel floppy 1"
foo.ab "Kernel floppy 2"
foo.ac "Kernel and modules floppy"
For each file segment, the process is:
- try to open the file
- prompt "Insert the disk labelled <whatever> and press any key..."
- try to open the file
- return error if file could not be located
RE team is free to use this feature in the upcoming 5.0-DP1.
Reviewed by: msmith, dcs
over someone else's fixes; this is at least offensive. If you
have problems doing a proper merge, we are here, your fellow
committers. :-(
Reapply markup fixes from revision 1.2 and fix some more. Also
fix the $OpenBSD$ tag.
support for fcmp and fcmpe instructions with a condition code
specification other than %fcc0.
This (primarily the first part) seems to fix a lot of problems that
people were seeing, e.g. perl and gawk failures.
Reported and analyzed by: wollman
gcc emits the deprecated sparc v8 instructions that use this register
when optimizing for UltraSparc machines because they are apparetly
faster then their v9 counterpars there.
o In i386's <machine/endian.h>, macros have some advantages over
inlines, so change some inlines to macros.
o In i386's <machine/endian.h>, ungarbage collect word_swap_int()
(previously __uint16_swap_uint32), it has some uses on i386's with
PDP endianness.
Submitted by: bde
o Move a comment up in <machine/endian.h> that was accidentially moved
down a few revisions ago.
o Reenable userland's use of optimized inline-asm versions of
byteorder(3) functions.
o Fix ordering of prototypes vs. redefinition of byteorder(3)
functions, so that the non-GCC (libc asm) case has proper
prototypes.
o Add proper prototypes for byteorder(3) functions in <sys/param.h>.
o Prevent redundant duplicate prototypes by making use of the
_BYTEORDER_PROTOTYPED define.
o Move the bswap16(), bswap32(), bswap64() C functions into MD space
for platforms in which asm versions don't exist. This significantly
reduces the complexity of some things at the cost of duplicate code.
Reviewed by: bde
to the console in a final attempt to log something. Make this final
attempt non-blocking so that a blocking console doesn't end up
blocking process which attempt to syslog something.
In particular, this means you should be able to su and fix the
problem if the console becomes blocking.
MFC after: 3 weeks
implementation did not match our manpage description (i.e., it could
return NULL). I mistakenly thought we were still using getpass.c
because, for some reason, CVS never removed it from the tree.
Pointy hat received from: alfred
Kick in the groin to: CVS
applications linked with Linux-PAM will still work.
Remove pam_get_pass(); OpenPAM has pam_get_authtok().
Remove pam_prompt(); OpenPAM has pam_{,v}{error,info,prompt}().
Remove pam_set_item(3) man page as OpenPAM has its own.
Sponsored by: DARPA, NAI Labs
be serialized. A mutex is used to protect the critical regions.
sbrk() and brk() are not thread safe. Replace use of sbrk() with
a call to malloc to avoid race when one thread calls atexit
while another thread calls malloc.
Reviewed by: deischen
device drivers for bus system with other endinesses than the CPU (using
interfaces compatible to NetBSD):
- bwap16() and bswap32(). These have optimized implementations on some
architectures; for those that don't, there exist generic implementations.
- macros to convert from a certain byte order to host byte order and vice
versa, using a naming scheme like le16toh(), htole16().
These are implemented using the bswap functions.
- stream bus space access functions, which do not perform a byte order
conversion (while the normal access functions would if the bus endianess
differs from the CPU endianess).
htons(), htonl(), ntohs() and ntohl() are implemented using the new
functions above for kernel usage. None of the above interfaces is currently
exported to user land.
Make use of the new functions in a few places where local implementations
of the same functionality existed.
Reviewed by: mike, bde
Tested on alpha by: mike
spares (the size of the field was changed from u_short to u_int to
reflect what it really ends up being). Accordingly, change users of
xucred to set and check this field as appropriate. In the kernel,
this is being done inside the new cru2x() routine which takes a
`struct ucred' and fills out a `struct xucred' according to the
former. This also has the pleasant sideaffect of removing some
duplicate code.
Reviewed by: rwatson
deprecated in favor of the POSIX-defined lowercase variants.
o Change all occurrences of NTOHL() and associated marcros in the
source tree to use the lowercase function variants.
o Add missing license bits to sparc64's <machine/endian.h>.
Approved by: jake
o Clean up <machine/endian.h> files.
o Remove unused __uint16_swap_uint32() from i386's <machine/endian.h>.
o Remove prototypes for non-existent bswapXX() functions.
o Include <machine/endian.h> in <arpa/inet.h> to define the
POSIX-required ntohl() family of functions.
o Do similar things to expose the ntohl() family in libstand, <netinet/in.h>,
and <sys/param.h>.
o Prepend underscores to the ntohl() family to help deal with
complexities associated with having MD (asm and inline) versions, and
having to prevent exposure of these functions in other headers that
happen to make use of endian-specific defines.
o Create weak aliases to the canonical function name to help deal with
third-party software forgetting to include an appropriate header.
o Remove some now unneeded pollution from <sys/types.h>.
o Add missing <arpa/inet.h> includes in userland.
Tested on: alpha, i386
Reviewed by: bde, jake, tmm
- missing whitespace
- strange version of warn() built out of warnx() + strerror(). Just use
warn().
- conversion of just one of the two perror()'s to warn*()
Actually use _warn() instead of _warn(), to keep up with namespace-
unpollution for warn().
I'll know as soon as I re-import it and compile it.. :-)
There is no longer a 'pri' strict in the proc struct.
the fields are scattered between the ksegrp and thread in question.
of an alternate signal stack for handling signals. Let the kernel
send signals on the stack of the current thread and teach the threads
signal handler how to deliver signals to the current thread if it
needs to. Also, always store a threads context as a jmp_buf. Eventually
this will change to be a ucontext_t or mcontext_t.
Other small nits. Use struct pthread * instead of pthread_t in internal
library routines. The threads code wants struct pthread *, and pthread_t
doesn't necessarily have to be the same.
Reviewed by: jasone
dependencies in the correct place, record the fact that -lssh
depends on -lcrypto and -lz.
Removed false dependencies on -lz (except ssh(1) and sshd(8)).
Removed false dependencies on -lcrypto and -lutil for scp(1).
Reviewed by: markm
Make a slight change so that libkvm reaches the main thread via the
linked list, rather than assuming it is in the proc structure. Both
conditions are true in -current but only the first will be true in
the KSE M3 world.
change prototypes to be the same as in the original sun tirpc code.
Remove ()P macro in a file where the mayority had ()P already removed.
Add them if the mayority use ()P macros.
Submitted by: mbr
Requested by: bde
server handle (for reuse or whatever). We just return now a handle
connected to the local rpcbind.
Do not try to call checkcache, if host = NULL;
Submitted by: mbr
In NetBSD, Solaris, xprt->xp_p2 pointed directly to the credentials,
in FreeBSD xprt->xp_verf.oa_base was a pointer to a struct cmessage,
which is defined as follow:
struct cmessage {
struct cmsghdr cmsg;
struct cmsgcred cmcred;
};
The credentials were submitted the right way and xprt->xp_p2 pointed to them.
But cb_verf.oa_flavor was still empty. There was an assignment missing
in svc_recv() in svc_vc.c:
msg->rm_call.cb_verf.oa_flavor = AUTH_UNIX;
Also
+ if (addr.ss_family == AF_LOCAL) {
+ xprt->xp_raddr = *(struct sockaddr_in *)xprt->xp_rtaddr.buf;
+ xprt->xp_addrlen = sizeof (struct sockaddr_in);
+ }
was missing. But the first seems not to be needed:
I guess in rpc.yppasswdd there was a typo:
- transp>xp_verf.oa_flavor != AUTH_UNIX) {
+ rqstp->rq_cred.oa_flavor != AUTH_UNIX) {
This little fix does fix the breakage in rpc.yppasswdd :-)
+ if (msg.msg_controllen == 0 ||
+ (msg.msg_flags & MSG_CTRUNC) != 0)
+ return (-1);
We cannot set the cb_verf.oa_length in svc_recv() of svc_vc.c,
the credentials get overwritten then, and that's bad.
Submitted by: mbr
were removed and replaced them with clnt_tp_create, now the af_local
support is fixed.
I also removed the hack how rpcinfo contacted rpcbind, now we can
relay on clnt_tp_create create the client-handle for us. Only
rpcbind itself needs a hardcoded socket-path.
Submitted by: mbr
Also add $FreeBSD
is an internal Linux-PAM header which shouldn't be used outside Linux-PAM
itself, and has absolutely zero effect on pam_ftp.
Sponsored by: DARPA, NAI Labs
MFC after: 1 week
in conditional code that happens not to be compiled, and because gcc
doesn't complain garbage after #endif by default.
Fixed some style bugs in previous commit, 1.8 and 1.1.
commit.
Fixed related style bugs:
basename.c: misplaced '#if 0'
dirname.c: misplaced '#if 0'
getgrent.c: missing '#if 0', and tab lossage in vendor id (the previous
commit fixed the complete corruption of the vendor id but
lost a tab)
getpwent.c: missing '#if 0'
it a little and try to make it more resilient to various possible failure
conditions. Change the man page accordingly, and take advantage of this
opportunity to simplify its language.
Sponsored by: DARPA, NAI Labs
doesn't really make any difference, except it matches wtmp(5) better.
Don't do anything in pam_sm_close_session(); init(8) will take care of
utmp and wtmp when the tty is released. Clearing them here would make it
possible to create a ghost session by logging in, running 'login -f $USER'
and exiting the subshell.
Sponsored by: DARPA, NAI Labs (but the bugs are all mine)
and sbrk's prototype from char *sbrk(int) to void *sbrk(intptr_t).
This makes us more consistant with NetBSD and standards which include
these functions. Bruce pointed out that ptrdiff_t would probably
have been better than intptr_t, but this doesn't match other
implimentations.
Also remove local declarations of sbrk and unnecessary casting.
PR: 32296
Tested by: Harti Brandt <brandt@fokus.gmd.de>
MFC after: 1 month
either PAM_RHOST or PAM_TTY against /etc/login.access.o
This uncovers a problem with PAM_RHOST, in that if we always set it, there
is no way to distinguish between a user logging in locally and a user
logging in using 'ssh localhost'. This will be fixed by first making sure
that all PAM modules can handle PAM_RHOST being unset (which is currently
not the case), and then modifying su(1) and login(1) to not set it for
local logins.
Sponsored by: DARPA, NAI Labs
- Spam /usr/lib some more by making libssh a standard library.
- Tweak ${LIBPAM} and ${MINUSLPAM}.
- Garbage collect unused libssh_pic.a.
- Add fake -lz dependency to secure/ makefiles needed for
dynamic linkage with -lssh.
Reviewed by: des, markm
Approved by: markm
argument to kvm_open() and kvm_openfiles() as unused.
BSD didn't read swap since kvm.c CSRG revision 5.21 (u-area is pageable
under new VM. no need to read from swap.)
The old !NEWVM code was removed in CSRG revision 5.23 (~ten years ago).
- Ignore the {try,use}_first_pass options by clearing PAM_AUTHTOK before
challenging the user. These options are meaningless for pam_opie(8)
since the user can't possibly know the right response before she sees
the challenge.
- Introduce the no_fake_prompts option. If this option is set, pam_opie(8)
will fail - rather than present a bogus challenge - if the target user
does not have an OPIE key. With this option, users who haven't set up
OPIE won't have to wonder what that "weird otp-md5 s**t" means :)
Reviewed by: ache, markm
Sponsored by: DARPA, NAI Labs
time_to_xxx() and xxx_to_time() functions. e.g. _time_to_xxx()
instead of time_to_xxx(), to make it more obvious that these are
stopgap functions & placemarkers and not meant to create a defacto
standard. They will eventually be replaced when a real standard
comes out of committee.
is correct but less than useful. There is some uncertainty about whether
isblank() is in C99, but it is certainly not in C90. It just conforms
to C89 because it is a conforming extension.
functions are defined in SUSv2 and the latest POSIX spec.
Thanks to Bernd Walter <ticso@cicely8.cicely.de> for helping debug my
alpha assembly.
Approved by: -arch
1. ctype.h defines digittoint(), isnumber() and ishexnmber(), yet
they are not documented in any of the manpages.
2. The ctype manpage references a non-existent manpage for
digittoint().
3. The isascii() manpage claims it is standards compliant, when
it isn't.
4. isblank() claims it is _not_ standards compliant, when it
is.
Fix by including the appropriate .Nm entries, and with a new digittoint.3
page.
PR: docs/26451
Submitted by: Adrian Filipi-Martin <adrian@ubergeeks.com>
alpha these bugs didn't cause any problems because it was little endian,
but on sparc64, we ended up with garbage for the IP address when we tried
to contact the server. (Usually 3.253.0.0)
Not objected to by: wpaul
argument. Leave a compatibility shim for Delete_Chunk().
Implement DELCHUNK_RECOVER flag so sysinstall can ask libdisk
to recover space when deleting a chunk.
data without confirming the connection by issuing a recvmsg(2) [...]".
There's no such code in the kernel.
PR: 26861
Submitted by: Richard A Steenbergen <ras@e-gerbil.net>,
Tom Rhodes <darklogik@pittgoth.com>
the first revision of strcpy(3)'s section is included, but should be
removed as the Security Architecture document is committed and
completed.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
at first and try to set an accept_filter(9) on it only after that.
Also document errno value that will be set if installing the
filter on a non-listening socket.
This will be trimmed as the FreeBSD Security Architecture document
is fleshed out and committed.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
Add support for handling floating point disabled traps mostly in userland
for the simple single threaded case. Not yet enabled by default.
Implement __sparc_utrap_install as specified by the sparc abi.
- Don't connect datagram socket if RES_INSECURE1.
- Needed to implement IPv6 anycast UDP DNS queries as documented in
<draft-ietf-ipngwg-dns-discovery-03.txt>.
Obtained from: KAME
According to C99:
"The functions atof, atoi, atol, and atoll need not
affect the value of the integer expression errno on an
error. If the value of the result cannot be represented,
the behavior is undefined."
o Document the following capabilities: CAP_NET_ADMIN, CAP_SYS_RAWIO,
CAP_SYS_ADMIN, and CAP_SYS_TTY_CONFIG.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
return address when modifying a jmp_buf to create a new thread context.
Also set t12 with the return address.
This should fix libc_r on alpha.
With much detective work by: Bernd Walter <ticso@cicely.de>
calls.
This change allows libc_r to create thread contexts with a different
stack and return address.
With much detective work by: Bernd Walter <ticso@cicely.de>
LC_MESSAGES related data was installed to <locale>/LC_MESSAGES file.
Now it go to <locale>/LC_MESSAGES/SYS_LC_MESSAGES file. LC_MESSAGES
directory is supposed to be storage of message catalogs of userland tools.
This should allow us to avoid many potential problems with future
libintl related functionality introduction.
Thanks for useful suggestions about correct way how to replace plain
files with directories at installworld stage to: Ruslan Ermilov <ru>
allows us to supply our own value for this, overriding the
default /usr/local/etc/nsmb.conf, which is not appropriate for
base system configuration files.
the target thread of the join operation. This allows the cancelled
thread to detach the target thread in its cancellation handler.
This bug was found by Butenhof's cancel_subcontract test.
Reviewed by: jasone
It tries to comply with the SCD 2.4.1 (and thus Sparc 64-bit psABI).
This is an amalgamation of the FreeBSD Alpha crt1.c and the BSD/OS Sparc
crt0.c (which the copyright reflects).
In original version grouping was hardcoded. It assumed that thousands
separator should be inserted to separate each 3 numbers. I.e. grouping
string "\003" was assumed for all cases. In correct case (per POSIX)
vfprintf should respect locale defined non-monetary (LC_NUMERIC
category) grouping sequence.
Also simplify thousands_sep handling.
o) Since we unwrap the sendfile syscall, check the return value of
writev(2) to see if it didn't complete all the data.
Previously if only a partial writev() succeeded, it would proceed
to sendfile(2) even though the headers weren't completely sent.
o) Properly adjust the "bytes to send" to take into account sendfile(2)'s
behaviour of counting the headers against the bytes to be transfered
from the file.
o) Correct the problem where EAGAIN was being returned from _sys_sendfile(2)
however the wrapper didn't update the 'sent bytes' parameter to take into
account for it. This is because sendfile can return EAGAIN even though
it has actually transfered data.
Special thanks to Justin Erenkrantz <jerenkrantz@apache.org> for bringing
this to my attention and giving an excellent way to reproduce the problem.
PR: kern/32684
MFC After: 1 week
driver in libstand. This specifically does not expand or truncate files
since the filesystem may be dirty or inconsistent.
PR: kern/32389
Submitted by: Jonathan Mini <mini@haikugeek.com>
Sponsored by: ClickArray, Inc.
of the recent WARNS commits. The idea is:
1) FreeBSD id tags should follow vendor tags.
2) Vendor tags should not be compiled (though copyrights probably should).
3) There should be no blank line between including cdefs and __FBSDIF.
sysinstall will automatically expand the previous partition to take up
the freed up space. So you can 'D'elete /home and /usr will get the
combined space, or you can 'D'elete /tmp and /var will get the combined space.
This gives the user, developer, or lay person a huge amount of flexibility
in constructing partitions from an 'A'uto base. It takes only 3 or 4
keystrokes to achieve virtually any combination of having or not having
a /tmp and/or /home after doing an 'A'uto create.
Change 'A'uto creation of /var/tmp to 'A'uto creation /tmp, which should
be less controversial.
MFC after: 6 days
more careful about reporting truncation with ERANGE in strerror_r.
Set errno to EINVAL for "unknown" errnum in strerror as required
by P1003.1-200x Draft June 14, 2001.
More carefully document the handling of strerrbuf when errors
(ERANGE, EINVAL) are encountered in strerror_r.
Reviewed by: bde (ongoing discussion)
dump core if invoked with an input file that looks like a password file
but isn't (e.g. /etc/group).
PR: 32378
Submitted by: Maxim Konovalov <maxim@macomnet.ru>
MFC after: 1 week
This API is supported in SVR4.0MP, Solaris, Linux, AIX and Tru64 Unix.
PR: bin/27489
Submitted by: Arun Sharma <arun@sharma-home.net>
Reviewed by: bde (prior version)
o Hide nonstandard functions and types in <netinet/in.h> when
_POSIX_SOURCE is defined.
o Add some missing types (required by POSIX.1-200x) to <netinet/in.h>.
o Restore vendor ID from Rev 1.1 in <netinet/in.h> and make use of new
__FBSDID() macro.
o Fix some miscellaneous issues in <arpa/inet.h>.
o Correct final argument for the inet_ntop() function (POSIX.1-200x).
o Get rid of the namespace pollution from <sys/types.h> in
<arpa/inet.h>.
Reviewed by: fenner
Partially submitted by: bde
removing it from our source tree in order to have one version
of strtod() for all arches. netbsd_strtod.c still left in source
tree until alpha folks make sure that our native strtod() works
as well as NetBSD's one.
Reviewed by: peter, bde (some time ago)
- New length modifiers: hh, j, t, z.
- New flag: '. Note that %'f is not yet implemented.
- Use "inf"/"nan" for efg formats, "INF"/"NAN" for EFG formats.
- Implemented %q in terms of %ll; if "quad_t" is not "long long"
%q will break.
Still to do:
- %C, %S, %lc, %ls (wide character support)
- %'f (thousands in integer portion of %f)
- %a/%A (exact hex representation of floating-point numbers)
Garrett Wollman wrote the first version of the vfprintf.c update;
Mike Barcroft wrote the first version of the printf.3 changes.
STANDARDS section of the page. Add one remark there about inet_pton(3)
only understanding decimal values (in contrast to inet_aton(3) and
friends who are happy with 0ac.020.25 for 172.16.0.25).
Caught by: ru
MFC after: 2 days
The definition of character class digit requires that only ten characters
-the ones defining digits- can be specified; alternate digits (for
example, Hindi or Kanji) cannot be specified here. However, the encoding
may vary if an implementation supports more than one encoding.
The definition of character class xdigit requires that the characters
included in character class digit are included here also and allows for
different symbols for the hexadecimal digits 10 through 15.
the return code and errno instead. Those warnings did not do any good
for daemonized users of initgroups(3), and confused cvs clients that
communicated with non-root cvs pserver.
The committed fix differs from the one suggested in the PR, and was
submitted by ru.
PR: 15421
Approved by: markm
Discussed on: -stable, -current at various times
for passive mode data connections (PASV/EPSV -> 227/229). Well,
the actual punching happens a bit later, when the aliasing link
becomes fully specified.
Prodded by: Danny Carroll <dannycarroll@hotmail.com>
MFC after: 1 week
offsets don't work. It should really be documented that the returned
pointer can be in the middle of a fully-valid page when the offset
is not page-aligned, but I couldn't come up with suitable wording.
PR: kern/22754
extattr namespace routines to the libc/posix1e directory. While
the extattr calls are not strictly POSIX.1e, POSIX.1e wasn't
strictly ever approved, so I think that's OK.
Obtained from: TrustedBSD Project
is not defined in the capability type list. Provide a definition for
'bool', if a slightly less than elegant one. Note that this definition
does not include the complete scope of available behavior defined
in cgetcap(3), and could probably be improved.
- Renumber labels since the previous revision removed one.
- Remove useless and wrong comment.
- Repeating the function name is just redundant.
- The previous revision made the comment about %edx useless.
- The comment about %eax was wrong (but did explain why %eax used to be
fixed up).
Submitted by: bde
if and only if a target directory is devfs. Previous patch
doesn't correct, it's unconditionally avoid to create a device
file if kernel knows devfs.
PR: 31109
replaced with the new version in sendmail's distribution, vacation and
the necessary libraries (libsmdb and libsmutil) were changed so they
were always compiled. This broke people who didn't checkout
src/contrib/sendmail/. I don't know if it's best to think of NO_SENDMAIL
as no sendmail sources available or no sendmail binary. It is now the former.
Also, remove the sendmail chapter from System Managers Manual (SMM) if
NO_SENDMAIL is defined (for similar reasons -- source not available).
PR: 31863, 31865
Submitted by: matusita, Joe Kelsey <joe@zircon.seattle.wa.us>
MFC after: 3 days
`warn'. Now a whole 2 members of the err() family don't cause pollution.
This fixes world breakage in awk for NOSHARED worlds. contrib/awk/msg.c
has had its own version of err() for a long time, but this somehow
didn't cause problems until the update to awk-3.1.0.
access an array beyond it's length. This only happens in the last iteration of
a loop, and the value fetched is not used then, so the bug is a relatively
innocent one. Fix this by not fetching any value on the last iteration of said
loop.
Submitted by: MKI <mki@mozone.net>
MFC after: 1 week
what broke ps on ia64. It probably also broke on alpha, but the fallback
method of using lseek/read on /proc/*/mem to read ps_strings seems to
work there. It doesn't on ia64 yet.
hosts:!!!!!!!!@@@@@$%^&*()()*$(files{}{}|||++!)(dns
exactly the same as:
hosts: files dns
Recover from parse errors by looking for the end of a line; this
allows entries without errors to still be parsed even if there is
an erroneous entry earlier in the file.
new flags: F_ROOTDIR and F_RR (Rock Ridge present).
- Cache the SUSP LEN_SKP parameter in struct file as well.
- If we open() '/', then force a read of the directory's contents so we
can examine the directory record of '.' to see if Rock Ridge is present.
- If Rock Ridge extensions are present, lookup Rock Ridge names in
readdir().
I'm assuming that the comment was regarding socket address structures, so
correct the comment about pre-zero'ing socket structures to recommend
pre-zero'ing socket address structures.
- Fix some minor grammar nits.
- This isn't directly submitted by the PR below but is related to it and was
inspired by it.
PR: 31704
page and add an historical note explaining this. This patch is
based on Stephen's.
We still need someone to implement tgamma.
PR: 28972, 31764
Submitted by: Stephen Montgomery-Smith <stephen@math.missouri.edu>
the netbsd_strtod.c file we have does not. More still should be done
here, but this works happily on my Alpha. I have not (yet?) changed
the Makefile.inc to use this.
and/or libgnumalloc on anything but i386. The other platforms
post-date this mistake.
Do not build libc_r for ia64. There are some fundamental issues that
need to be resolved (ie: it cannot use setjmp/longjmp for thread
switching, which isn't likely to be fixed soon. libc_r has to be
reimplemented using something like makecontext()/swapcontext() etc
in order to work in ia64.)
If zero bytes are allocated, return pointer to the middle of page-zero
(which is protected) so that the program will crash if it dereferences
this illgotten pointer.
Inspired & Urged by: Theo de Raadt <deraadt@cvs.openbsd.org>
serve two purposes: (1) so we can maintain backwards compatibility with
protocols (rwhod, dump, etc...) that either assume time_t is 32 bits or
assume sizeof(time_t) == sizeof(int), or make other similar assumptions.
(2) To tag such routines (by the presence of these calls) for future
cleanup/extension work.
The 32->64 routine, time32_to_time() (when time_t is 64 bits, that is),
is defined specifically to implement temporal locality to properly set the
msb bits of a 64 bit time_t quantity, using the 50 year rule. The locality
code has not been implemented yet (and doesn't need to be for a while),
but that is the intent. This will allow us to maintain backwards protocol
compatibility past 2038.
These routines are intended to be platform and time_t agnostic.
MFC after: 1 week
since that is what we use now and this insulates us from any time_t
tweaks here. We can define a record format that uses 64 bit times if/when
we need to.
kernel #defines to figure out where the stack is located. This stops
libc_r from exploding when the kernel is compiled with a different
KVM size. IMHO this is all kinda bogus, it would be better to just
check %esp and work from that.
- uthread_signal.c; libc_r does not wrap signal() since 1998/04/29.
- uthread_attr_setprio.c; it was never connected to the build, and
pthread_attr_setprio() does not exist in POSIX.
- uthread_sigblock.c and uthread_sigsetmask.c; these were no-ops
bloating libc_r's space.
pthread_private.h:
- Removed prototypes of non-syscalls: send().
- Removed prototypes of unused syscalls: sigpending(), sigsuspend(),
and select().
- Fixed prototype of fork().
- MFS: Fixed prototypes of <sys/socket.h> syscalls.
Reviewed by: deischen
Approved by: deischen, jasone
makes FreeBSD inconsistent with previous releases and "other unices" as well
as with some internal password-asking services (e.g. ftp) within the same
release.
using rcmd directly. This has been in my tree for a long time, but we
may need to sync with OpenBSD before MFC.
Obtained from: openbsd
PR: 15830
MFC after: 2 months
manual page), fix capitalization, and remove chflags reference from
SEE ALSO since the only time it's referenced is with an .Xr, anyway.
Submitted by: bde
In libc_r, if _FDLOCKS_ENABLED is not defined, there is no guarantee
in many of the sycall wrappers that _thread_fd_table[fd] is
initialized. This causes problems for programs that pass in file
descriptors and execve() another program; when the exec'ed program
tries to do an fcntl() or other syscall on the passed-in fd, it fails.
Add calls to initialize the FD table entry for _thread_fd_lock and
_thread_fd_lock_debug.
Submitted by: Peter S. Housel <housel@acm.org>
describing these operators in English. This completes the fix in rev.1.3
(rev.1.2 got this wrong by describing wrong operators in English).
Fixed bitrot and improved English in the DESCRIPTION section.
Updated by peter following KSE and Giant pushdown.
I've running with this patch for two week with no ill side effects.
PR: kern/12014: Fix SysV Semaphore handling
Submitted by: Peter Jeremy <peter.jeremy@alcatel.com.au>
number of characters that are searched. This is especially useful
with file operations and non-NUL terminated strings.
Silence from: -audit, -hackers
MFC after: 5 days
1) Allow the sending of more than one control message at a time
over a unix domain socket. This should cover the PR 29499.
2) This requires that unp_{ex,in}ternalize and unp_scan understand
mbufs with more than one control message at a time.
3) Internalize and externalize used to work on the mbuf in-place.
This made life quite complicated and the code for sizeof(int) <
sizeof(file *) could end up doing the wrong thing. The patch always
create a new mbuf/cluster now. This resulted in the change of the
prototype for the domain externalise function.
4) You can now send SCM_TIMESTAMP messages.
5) Always use CMSG_DATA(cm) to determine the start where the data
in unp_{ex,in}ternalize. It was using ((struct cmsghdr *)cm + 1)
in some places, which gives the wrong alignment on the alpha.
(NetBSD made this fix some time ago).
This results in an ABI change for discriptor passing and creds
passing on the alpha. (Probably on the IA64 and Spare ports too).
6) Fix userland programs to use CMSG_* macros too.
7) Be more careful about freeing mbufs containing (file *)s.
This is made possible by the prototype change of externalise.
PR: 29499
MFC after: 6 weeks
is interrupted by saving the pid.
The old code would assign the return value to pid which would trash
it, to fix the problem save a copy of the pid to be used as the
paramter to wait4().
Submitted by: Toshihiko ARAI <toshi@jp.FreeBSD.org>
The corresponding bugs in <wchar.h> have no effect because the function
prototypes there don't have args so the __restrict "keyword" is
misinterpreted as an arg.
commits to these files.
As I sing to CVS:
Have I told you lately that I hate your guts? Have I told you
all SCM's are above you? You fill my heart with pain, take away
all my merging joy, grow my troubles that's what you do."
NAT in extended passive mode if the server's public IP address was
different from the main NAT address. This caused a wrong aliasing
link to be created that did not route the incoming packets back to
the original IP address of the server.
natd -v -n pub0 -redirect_address localFTP publicFTP
Note that even if localFTP == publicFTP, one still needs to supply
the -redirect_address directive. It is needed as a helper because
extended passive mode's 229 reply does not contain the IP address.
MFC after: 1 week
we have just installed a replacement for. This should solve the problem
of having a stale /usr/lib/libc.so.4 after we put a fresh
/usr/lib/compat/libc.so.4 in its place.
of NFS home directory and root directory processing fails to include
additional groups. This doesn't impact the final credential, but does
mean that users may be denied login even when additional groups might
allow it.
These might not be present in /usr/include, or they may be
incompatible with the version we are building (for library
upgrades/downgrades).
This stopped the RELENG_4 buildworld on a -CURRENT box.
Well, this only fixes the issue if MFC'ed. :-)
Note ALL MODULES MUST BE RECOMPILED
make the kernel aware that there are smaller units of scheduling than the
process. (but only allow one thread per process at this time).
This is functionally equivalent to teh previousl -current except
that there is a thread associated with each process.
Sorry john! (your next MFC will be a doosie!)
Reviewed by: peter@freebsd.org, dillon@freebsd.org
X-MFC after: ha ha ha ha
Note our implementation is not thread nor async-cancel safe.
Explicitely note atof() does not check nor report errors.
Note that strtod() should be used instead.
Also add C99 conformity status plus clarification that C99 leaves the
flushing of unwritten data, closure of open streams, and removal of
temporary files to the implementation.
of repeating unsuccessful lseek call on each write (original stdio bug).
2) Save errno accross _sseek call in _swrite to not touch it in case write
success (original stdio bug).
3) Add _sseek error checking back, but only for __SOPT mode now.
This is a first cut, but enough to help people interested in using it
further than before.
More text coming to illustrate use and provide more details.
Based on standards' text.
with non-seekable streams. Now here is what here was originally, but it is
ugly, producing unneded seek syscall on each non-seekable stream write. I'll
think about proper solution later.
manpage by taking its text from NetBSD and editing it further.
This also improves the page's mdoc(7) markup style.
Reviewed by: ru
Obtained from: NetBSD
my last version of this work due to HDD crash, but this version cleanly
passed all POSIX and SuSv2 tests. I am working on testing scripts which
should test this implementation against all locales and surely more fixes
will come soon.
Reviewed by: ache, silence at -audit & -developers
o Removed whitespace at EOL
o Removed hard sentence breaks
o Added cap_size() to the NAME section
o Normalized .Nd descriptions
o Fixed the abuses of .Nm and .Va
o Fixed some DESCRIPTION texts
o Fixed the RETURN VALUES and ERRORS texts to look more traditional
Reviewed by: tmm
'locale not used' statement from comments and BUGS section of manpage.
strtol(): fix non-portable 'cutoff' calculation using the same method as
in strtoll().
Cleanup 'cutoff' calculation, remove unneded casts. Misc. cleanup to
make all functions looks the same.
Implement EINVAL reaction per POSIX, document it in manpage, corresponding
POSIX example quotes here:
------------------------------------------------
If the subject sequence is empty or does not have the expected form, no
conversion is performed; the value of str is stored in the object pointed
to by endptr, provided that endptr is not a null pointer.
If no conversion could be performed, 0 shall be returned and errno may be
set to [EINVAL].
[EINVAL] The value of base is not supported.
Since 0, {LONG_MIN} or {LLONG_MIN}, and {LONG_MAX} or {LLONG_MAX} are
returned on error and are also valid returns on success, an application
wishing to check for error situations should set errno to 0, then call
strtol( ) or strtoll ( ), then check errno.
-----------------------------------------------------
are not used'. This is incorrect, as addr must be passed (caddr_t)1
to do anything useful. The source for gdb and a short test program
will confirm that this man page was in error.
PR: docs/27758
Submitted by: Jiangyi Liu <jyliu@163.net>
sys/capability.h--this compiled fine on i386 where (int) and (ssize_t)
are the same, but broke on Alpha where they differ.
Submitted by: Mike Barcroft <mike@FreeBSD.org>
Obtained from: TrustedBSD Project
plain regular files, i.e. files with __SOPT flag set. Fix it, so ftell(stdout)
always returns the same as lseek(1, 0, 1) now.
NOTE: this bug was in original stdio code
__swrite() and __sseek() to higher level. According to funopen(3) they all
are just wrappers to something like standard read(2), write(2) and
lseek(2), i.e. must not touch stdio internals because they are replaceable
with any other functions knows nothing about stdio internals. See example
of funopen(3) usage in sendmail sources f.e.
NOTE: this is original stdio bug, not result of my range checkin added.
internal functions there may fail and set (i.e. overwrite) errno in normal
(not error) situation). In original variant errno testing after call
(as POSIX suggest) is wrong when errno overwrite happens.
0, return that we can't specify it, i.e. error with ESPIPE.
(hint from: "Peter S. Housel" <housel@acm.org>)
Back out sinit() addition, not needed after various code simplifications.
support functions:
cap_subset_np() - Is cap1 a subset of cap2
cap_equal_np() - Is cap1 equal to cap2
o Introduce implementations of POSIX.1e capability support functions:
cap_copy_ext() - Externalize capability
cap_copy_int() - Internalize capability
cap_size() - Determine size required for cap_copy_ext()
Submitted by: tmm
Obtained from: TrustedBSD Project
When file offset tends to be negative due to internal and ungetc buffers
additions counted, try to discard some ungetc data first, then return EBADF.
Later one can happens if lseek(fileno(fd),...) called f.e. POSIX says that
ungetc beyond beginning of the file results are undefined, so we can just
discard some of ungetc data in that case.
Don't rely on gcc cast when checking for overflow, use OFF_MAX.
Cosmetique.
o Unify <machine/endian.h>'s across all architectures.
o Make bswapXX() functions use a different spelling of u_int16_t and
friends to reduce namespace pollution. The bswapXX() functions
don't actually exist, but we'll probably import these at some
point. Atleast one driver (if_de) depends on bswapXX() for big
endian cases.
o Deprecate byteorder(3) prototypes from <sys/types.h>, these are
now prototyped indirectly in <arpa/inet.h>.
o Deprecate in_addr_t and in_port_t typedefs in <sys/types.h>, these
are now typedef'd in <arpa/inet.h>.
o Change byteorder(3) prototypes to use standards compliant uint32_t
(spelled __uint32_t to reduce namespace pollution).
o Document new preferred headers and standards compliance.
Discussed with: bde
PR: 29946
Reviewed by: bmilekic
kernels. The error message was "elf_loadexec: cannot seek".
Libstand maintains a read-ahead buffer for each open file, so that
it can read in chunks of 512 bytes for greater efficiency. When
the loader tries to lseek forward in a file by a small amount, it
sometimes happens that the target file offset is already in the
read-ahead buffer. But the lseek code simply discarded the contents
of that buffer and performed a seek directly on the underlying
file. This resulted in an attempt to seek backwards in the file,
since some of the data has already been read into the read-ahead
buffer. Gzipped data streams cannot seek backwards, so an error
was returned.
This commit adds code which checks to see if the desired file offset
is already in the read-ahead buffer. If it is, the code simply
adjusts the buffer pointer and length, thereby avoiding a reverse
seek on the gzipped data stream.
I incorporated a suggestion from Matt Dillon which saved a little
bit of code in this fix.
Reviewed by: dillon, gallatin, jhb
documented by POSIX.1e, and understand the opaque capability structures.
Introduce support in the userland POSIX.1e library for a
_CAPABILITY_NEEDMACROS define to remove these macros from the normal
namespace, but allow the libc functions to use them.
Submitted by: tmm
Obtained from: TrustedBSD Project
return values a little more. Specifically, mention that a return
of 0 from NgRecvData() and NgRecvMsg() means the socket has been
closed.
Suggested by: jkh
referal from mmap to minherit for MAP_INHERIT. Fully document the
minherit.2 manual page (because frankly, my dear, however you think it
currently works is almost certainly wrong!). I may soon re-implement
MAP_COPY because I believe we can support it properly now, but I will have
to call it something else and that is for a later time.
Certain ISO fs's (like the one for 4.4-RC1 disc1 on alpha)
trigger this, and we end up opening a null file name. This causes us to get
a false match for "kernel.ko" when it does not exist.
without the silly librsaINTL.so and/or librsaUSA.so dependencies.
4.2-RELEASE appears to be after the demolition of the librsa* stuff, so
I'm not sure where ps got these binaries from. Anyway, this makes old
binaries work again since we dont ship librsaINTL.so and/or librsaUSA.so
in the compat dists. I believe RELENG_4 is affected still too.
o unifdef AUTHENTICATE. We have never compiled this code, and its
doubtful it will even work in this case.
o Style changes (some ansification, some comment updating)
o Diff reduction and code style merging with crypto telnet.
gets rid of the duplicated code in compute_stats().
Add a new DSM_SKIP statistic type for devstat_compute_statistics() that
causes the subsequent variable argument to be skipped.
Thanks to Sergey Osokin for coding up my idea/code fragment.
Submitted by: "Sergey A. Osokin" <osa@freebsd.org.ru>
socket option for the Unix domain. It's weaker than the
socket option (this only returns the uid and gid, while the
socket opt. can return the entire group list), and is
implemented mostly for compatibility with OpenBSD.
Resulting fseek() offset must fit in long, required by POSIX (pointed by bde),
so add LONG_MAX and final tests for it.
rewind.c:
1) add missing __sinit() as in fseek() it pretends to be.
2) use clearerr_unlocked() since we already lock stream before _fseeko()
3) don't zero errno at the end, it explicitely required by POSIX as the
only one method to test rewind() error condition.
4) don't clearerr() if error happens in _fseeko()
"[EINVAL] ... The resulting file-position indicator would be set to a
negative value."
Moreover, in real life negative seek in stdio cause EOF indicator cleared
and not set again forever even if EOF returned.
2) Catch few possible off_t overflows.
Reviewed by: arch discussion
It was foiled because of dynamic copy relocations that caused compile-time
space to be reserved in .bss and at run time a blob of data was copied to
that space and everything used the .bss version.. The problem is that
the space is reserved at compile time, not runtime... So we *still* could
not change the size of FILE. Sigh. :-(
Replace it with something that does actually work and really does let us
make 'FILE' extendable. It also happens to be the same as Linux does in
glibc, but has the slight cost of a pointer. Note that this is the
same cost that 'fp = fopen(), fprintf(fp, ...); fclose(fp);' has.
Fortunately, actual references to stdin/out/err are not all that common
since we have implicit stdin/out/err-using versions of functions
(printf() vs. fprintf()).
is stored in _res_ext.sort_list, and sortlist for IPv4 is stored in
_res.sort_list for backward compatibility. However, both sort_list's
are maintaind by just one index _res.nsort. So, when IPv6 address is
specified to sortlist, empty entry was created in _res.sort_list. It
broke sortlist facility of gethostbyname().
Discussed on users@jp.ipv6.org.
/usr/src/lib/libpam/modules/pam_ssh/pam_ssh.c has couple of bugs which cause:
1) xdm dumps core
2) ssh1 private key is not passed to ssh-agent
3) ssh2 RSA key seems not handled properly (just a guess from source)
4) ssh_get_authentication_connectionen() fails to get connection because of
SSH_AUTH_SOCK not defined.
PR: 29609
Submitted by: Takanori Saneto <sanewo@ba2.so-net.ne.jp>
Backout previous revision. We should not expand plain text xrefs if
they appear in the literal text, e.g. in the error or warning message
of the library function. (Submitted by: bde)
Moved "out of memory" from warning to errors section.
o Replace strncpy examples with less confusing ones from
OpenBSD. These examples give more detail and also suggest
using strlcpy(3).
Reviewed by: des, ru, sheldonh
Obtained from: OpenBSD
MFC after: 3 days
Avoid using parenthesis enclosure macros (.Pq and .Po/.Pc) with plain text.
Not only this slows down the mdoc(7) processing significantly, but it also
has an undesired (in this case) effect of disabling hyphenation within the
entire enclosed block.
into sadb_x_sa2_sequence from sadb_x_sa2_reserved3 in the sadb_x_sa2
structure. Also the output of setkey is changed. sequence number
of the sadb is replaced to the end of the output.
Obtained from: KAME
1.) prefix all functions in the library with devstat_ (compatability
functions are available for all functions that were chaned in an
incompatible way, but are deprecated).
2.) Add a pointer to a kvm_t as the first argument to functions that
used to get their information via sysctl; they behave the same
as before when NULL is passed as this argument, otherwise, the
information is obtained via libkvm using the supplied handle.
3.) Add a new function, devstat_compute_statistics(), that is intended
to replace the old compute_stats() function. It offers more
statistics data, and has a more flexible interface.
libdevstat does now require libkvm; a library depedency is added, so
that libkvm only needs to be explicitely specified for statically linked
programs.
The library major version number is bumped.
Submitted by: Sergey A. Osokin <osa@freebsd.org.ru>, ken (3)
Reviewed by: ken
to strdup() the address string before returning it via *targaddr
because the caller will free the string.
Change the comment at the top of getclnthandle() to clarify that
the caller is responsible for freeing *targaddr.
Noticed by: sobomax
crypto bits installed and/or NOCRYPTO/NO_OPENSSL is defined. This unfortunately
meants that usr.bin/chkey, usr.bin/newkey and usr.sbin/keyserv have also to
be disconnected.
IMO it is merely a workaround, the proper solution is to move libmp to
src/crypto where it belongs and use libgmp for the cryptoless builds instead.
Missed by: dd
with NetBSD and OpenBSD. glob(3) will now return GLOB_NOSPACE with
errno set to 0 instead of GLOB_LIMIT when we match more than `gl_matchc'
patterns. GLOB_MAXPATH has been left as an alias of GLOB_LIMIT to
maintain backwards compatibility.
Reviewed by: sheldonh, assar
Obtained from: NetBSD/OpenBSD
proxy specification, which seems to be valid according to the man page.
Change the logic to consider "hostname:port" a hostname and port instead
of a file URL.
Approved by: des
I revised the text after dd's kind review. So, if you find
any error, it is probably introduced by my last minutes'
update and is entirely my fault, not dd's.
Reviewed by: dd
already found in the sigaction(2) manual.
As discussed with the committer of that delta, cross-reference the list
in sigaction(2) instead of duplicating the list of functions that are
safe for use within signal handlers.
Clarify that if strlcat() does not find a NUL within siz byte it
will not NUL terminate either.
Document boundary condition when size < strlen(dst).
"of", not "on" (from Henric Jungheim)
Obtained from: OpenBSD
MFC After: 1 week
immediately when a signal is caught. Instead, defer
program termination until the next call to VGLCheckSwitch().
Otherwise, the video card may not be restored correctly
if the signal is seen while inside libvgl functions.
MFC after: 1 week
Previously, some useful xrefs were missing.
Now each of the pages refers to all remaining section 2 pages,
to the kld(4) page, and to a related utility's (section 8) page.
be malloc()ed, but they are now allocated using mmap(), just as the
default-size stacks are. A separate cache of stacks is kept for
non-default-size stacks.
Collaboration with: deischen
o The new options-processing API
o The new DEBUG-logging API
Add man(1) pages for ALL modules. MDOC-Police welcome
to check this.
Audit, clean up while I'm here.
underlying CAM device. This needs to be checked not only in
the open routine, but the device->fd has to be initialized
as well.
PR: 28688
Submitted (partially) by: T. William Wells <bill@twwells.com>
MFC after: 2 weeks
change the name of the page (.Nm) from "kldstat" to "modstat".
Second, don't claim that modstat(2) always returns 0. Actually,
it behaves as most syscalls do - returns 0 on success, or -1
on failure.
MFC after: 5 days
atomically:
1) Search _thread_list for the thread to join.
2) Search _dead_list for the thread to join.
3) Set the running thread as the joiner.
While we're at it, fix a race in the case where multiple threads try to
join on the same thread. POSIX says that the behavior of multiple joiners
is undefined, but the fix is cheap as a result of the other fix.
whether or not connect(2) is used for UDP client sockets. The default
is not to connect(), so existing clients will see no change in
behaviour.
The use of connect(2) for UDP clients has a number of advantages:
only replies from the intended address are received, and ICMP errors
pertaining to the connection are reported back to the application.
and its associated constants. Implement _SC_IOV_MAX in the usual way.
Be a bit sloppy about the namespace question; this should get cleared up
in time for 5.0.
MFC after: 1 month
to fix the "-nostdinc WARNS=X" breakage caused by broken prototypes
for cabs() and cabsl() in <math.h>.
Reimplemented cabs() and cabsl() using new complex numbers types and
moved prototypes from <math.h> to <complex.h>.
this is not strictly compliant with XSI curses, it enables us to pass
const strings to many more functions that are actually const safe than
before. This should be harmless.
Requested by: lots of folks
of calling sigprocmask(). This matches the behaviour of thr_sigsetmask()
on Solaris; _pthread_sigmask_stub was added purely for compatibility
with Solaris (for TI-RPC), so it might as well do the same thing.
This fixes the problem where client RPC calls ignored all signals
for the complete duration of the RPC. This behaviour is currently
necessary in the threaded case due to locking issues, but was never
intended to occur in non-threaded programs.
Reviewed by: deischen
This work was based on kame-20010528-freebsd43-snap.tgz and some
critical problem after the snap was out were fixed.
There are many many changes since last KAME merge.
TODO:
- The definitions of SADB_* in sys/net/pfkeyv2.h are still different
from RFC2407/IANA assignment because of binary compatibility
issue. It should be fixed under 5-CURRENT.
- ip6po_m member of struct ip6_pktopts is no longer used. But, it
is still there because of binary compatibility issue. It should
be removed under 5-CURRENT.
Reviewed by: itojun
Obtained from: KAME
MFC after: 3 weeks
IPv6 transport-ready resolvers/DNS servers. Need careful configuration
when enable it. (default config is not affected).
See manpage for details.
XXX visible symbol __res_opt() is added, however, it is not supposed to be
called from outside, libc minor is not bumped.
Obtained from: KAME/NetBSD
Move common stuff into Makefile.inc, and tidy up all the Makefiles
as a result.
Build new modules.
Put a commented-out dependancy on libpam for the (shared) modules.
I can't bring this in just yet, as the dependancy (modules->libpam)
is reversed for the static case (libpam->modules).
pam_securetty silently succeeds if the user is on a secure tty
as defined by /etc/ttys.
pam_ftp does "anonymous ftp" style authentication with options for
specifying the anonymous user(s).
data pointer. This bug has been here since the ti-rpc import; it
apparently broke the clnt_control CLGET_SVC_ADDR options.
PR: misc/27813
Submitted by: Jean-Luc Richier <Jean-Luc.Richier@imag.fr>
there and compare the inode and device numbers to the values we remember,
to guard against the directory having been moved around in the meantime.
Reported by: Nick Cleaton <nick@cleaton.net>
For FTP control connection, keep the CRLF end-of-line termination
status in there.
Fixed the bug when the first FTP command in a session was ignored.
PR: 24048
MFC after: 1 week
real uid, saved uid, real gid, and saved gid to ucred, as well as the
pcred->pc_uidinfo, which was associated with the real uid, only rename
it to cr_ruidinfo so as not to conflict with cr_uidinfo, which
corresponds to the effective uid.
o Remove p_cred from struct proc; add p_ucred to struct proc, replacing
original macro that pointed.
p->p_ucred to p->p_cred->pc_ucred.
o Universally update code so that it makes use of ucred instead of pcred,
p->p_ucred instead of p->p_pcred, cr_ruidinfo instead of p_uidinfo,
cr_{r,sv}{u,g}id instead of p_*, etc.
o Remove pcred0 and its initialization from init_main.c; initialize
cr_ruidinfo there.
o Restruction many credential modification chunks to always crdup while
we figure out locking and optimizations; generally speaking, this
means moving to a structure like this:
newcred = crdup(oldcred);
...
p->p_ucred = newcred;
crfree(oldcred);
It's not race-free, but better than nothing. There are also races
in sys_process.c, all inter-process authorization, fork, exec, and
exit.
o Remove sigio->sio_ruid since sigio->sio_ucred now contains the ruid;
remove comments indicating that the old arrangement was a problem.
o Restructure exec1() a little to use newcred/oldcred arrangement, and
use improved uid management primitives.
o Clean up exit1() so as to do less work in credential cleanup due to
pcred removal.
o Clean up fork1() so as to do less work in credential cleanup and
allocation.
o Clean up ktrcanset() to take into account changes, and move to using
suser_xxx() instead of performing a direct uid==0 comparision.
o Improve commenting in various kern_prot.c credential modification
calls to better document current behavior. In a couple of places,
current behavior is a little questionable and we need to check
POSIX.1 to make sure it's "right". More commenting work still
remains to be done.
o Update credential management calls, such as crfree(), to take into
account new ruidinfo reference.
o Modify or add the following uid and gid helper routines:
change_euid()
change_egid()
change_ruid()
change_rgid()
change_svuid()
change_svgid()
In each case, the call now acts on a credential not a process, and as
such no longer requires more complicated process locking/etc. They
now assume the caller will do any necessary allocation of an
exclusive credential reference. Each is commented to document its
reference requirements.
o CANSIGIO() is simplified to require only credentials, not processes
and pcreds.
o Remove lots of (p_pcred==NULL) checks.
o Add an XXX to authorization code in nfs_lock.c, since it's
questionable, and needs to be considered carefully.
o Simplify posix4 authorization code to require only credentials, not
processes and pcreds. Note that this authorization, as well as
CANSIGIO(), needs to be updated to use the p_cansignal() and
p_cansched() centralized authorization routines, as they currently
do not take into account some desirable restrictions that are handled
by the centralized routines, as well as being inconsistent with other
similar authorization instances.
o Update libkvm to take these changes into account.
Obtained from: TrustedBSD Project
Reviewed by: green, bde, jhb, freebsd-arch, freebsd-audit
reason not to add it to others later). This causes the pam_unix
module to check the user's _own_ password, not the password of the
account that the user is authenticating into. This will allow eg:
WHEELSU type behaviour from su(1).
Tor created a while ago, removes the raw I/O piece (that has cache coherency
problems), and adds a buffer cache / VM freeing piece.
Essentially this patch causes O_DIRECT I/O to not be left in the cache, but
does not prevent it from going through the cache, hence the 80%. For
the last 20% we need a method by which the I/O can be issued directly to
buffer supplied by the user process and bypass the buffer cache entirely,
but still maintain cache coherency.
I also have the code working under -stable but the changes made to sys/file.h
may not be MFCable, so an MFC is not on the table yet.
Submitted by: tegge, dillon
keep track of a joiner. POSIX only supports a single joiner, so this
simplification is acceptable.
At the same time, make sure to mark a joined thread as detached so that
its resources can be freed.
Reviewed by: deischen
PR: 24345
accidentally clobber the server address if a stray packet arrived
at the client port. This would result in any further retransmits
going to the wrong address.
For now, fix this by not saving the source address of the reply; this
matches the pre-tirpc behaviour.
there is no need to wake all waiters to assure that the highest priority
thread is run. As the semaphore code is written, there was no correctness
problem, but the change improves sem_post() performance.
Pointed out by: deischen
history info as:
: .Sh STANDARDS If the command, library function or file adheres to a
: specific implementation such as IEEE Std 1003.2
: (``POSIX.2'') or ANSI X3.159-1989 (``ANSI C'') this
: should be noted here. If the command does not adhere
: to any standard, its history should be noted in the
: HISTORY section.
pam_krb5 is a Kerberos 5 (Heimdal) authentication module.
pam_nologin checks for /etc/nologin and does the "usual stuff"
if it is found, otherwise it silently succeeds.
pam_rootok silently succeeds if the user is root, otherwise
it fails.
pam_wheel silently succeeds if the user is a member of group
"wheel" (or another nominated group), and fails
otherwise.
There is an issue with kerberosIV and kerberos5 - if both are
being built, then static linking fails with duplicate symbols.
This will take a bit of work to sort out in the kerberii.
+ make Open_Disk sense the sector size by trying 512, 1024 and 2048
in this order. This makes the kernel note that
dscheck(cd1): bio_bcount 512 is not on a sector boundary (ssize 2048)
dscheck(cd1): bio_bcount 1024 is not on a sector boundary (ssize 2048)
if 2048 is the sector size. If this worries anyone: the message is from
/usr/src/sys/kern/subr_diskslice.c and shutups are to be placed there.
+ Have read_block and write_block use an additional parameter, the
sector size.
+ replace all barfout calls with return NULL, 0, __LINE__, etc.
Note that this does NOT emit diagnostics. More often than not,
you don't want library functions to scribble on stderr -- it may
not even be available. The right thing is to propagate the error
condition to upper management. The app should take care of errors.
+ use d1->sector_size instead of 512 in various places. I've left many
places untouched, especially those writing MBRs. I simply added
another arg hardcoded as 512. This is because I would not know what
I'm doing... I felt this approach would be reasonably backward
compatible and not introduce any new bugs in critical software.
Famous last words. Messing with MBRs might soon put me in the same
screwup meister category as, uh, never mind. :-)
+ bump the max no of disks from 20 to 32 (due to PR 24503).
PR: 8434 / 8436 / 24503
Submitted by: Jens Schweikhardt <schweikh@schweikhardt.net>
terminates the string in all cases, based on code from netstat(1).
The path in a sockaddr_un is terminated either by a '\0', or by
the end of the sockaddr as defined by sun_len.
Previously, the code could write the "safety" '\0' beyond the end
of the sockaddr (sockaddr_un's need only be large enough to store
sun_len bytes), and writing into the the supplied sockaddr is bad
anyway.
process on fork(2).
It is the supposed behavior stated in the manpage of sigaction(2), and
Solaris, NetBSD and FreeBSD 3-STABLE correctly do so.
The previous fix against libc_r/uthread/uthread_fork.c fixed the
problem only for the programs linked with libc_r, so back it out and
fix fork(2) itself to help those not linked with libc_r as well.
PR: kern/26705
Submitted by: KUROSAWA Takahiro <fwkg7679@mb.infoweb.ne.jp>
Tested by: knu, GOTOU Yuuzou <gotoyuzo@notwork.org>,
and some other people
Not objected by: hackers
MFC in: 3 days
placed in any scheduling queue(s). The process of dispatching
signals to a thread can change its state which will attempt to add
or remove the thread from any scheduling queue to which it belongs.
This can break some assertions if the thread isn't in the queue(s)
implied by its state.
When adding dispatching a pending signal to a thread, be sure to
remove the signal from the threads set of pending signals.
PR: 27035
Tested by: brian
MFC in: 1 week
longer includes machine/elf.h.
* consumers of elf.h now use the minimalist elf header possible.
This change is motivated by Binutils 2.11.0 and too much clashing over
our base elf headers and the Binutils elf headers.
address" string to a netbuf/sockaddr "transport address". In the
case of an AF_LOCAL address, it was missing the code to actually
point the netbuf at the newly allocated sockaddr_un, so the caller
ended up with a netbuf containing junk.
Submitted by: Martin Blapp <mb@imp.ch>
required by POSIX.1e. This maintains the current 'struct acl'
in the kernel while providing the generic external acl_t
interface required to complete the ACL editing library.
o Add the acl_get_entry() function.
o Convert the existing ACL utilities, getfacl and setfacl, to
fully make use of the ACL editing library.
Obtained from: TrustedBSD Project
The devinfo library provides access to the kernel's internal device
hierarchy and to the I/O resource manager. The library uses a
sysctl(9) interface to obtain a snapshot of the kernel's state which
is then made available to the application.
arguments where the format string is obtained from user data, or
otherwise difficult to verify statically.
Example usage:
printf(fmtcheck(user_format, standard_format), arg1, arg2);
checks the format string user_format for consistency (same number/order/
type of format operators) with standard_format. If they differ,
standard_format is used instead to avoid potential crashes or security
violations.
Obtained from: NetBSD
Reviewed by: -arch
instead of #pragma weak to create weak definitions. This macro is
improperly named, though, since a weak definition is not the same
thing as a weak reference.
Suggested by: bde
than the default buffer size in the old RPC code (8800 bytes), and
it could not be overriden by the application. This caused problems
with CFS (/usr/port/security/cfs).
Change this default back to UDPMSGSIZE (8800 bytes), but more
importantly, allow applications to use larger message sizes for
all protocols if desired. Choose an arbitrary maximum message size
of 256k instead of using the default as the maximum (which is
silly).
Reported by: ache
Reviewed by: alfred, Martin Blapp <mb@imp.ch>
functions.
- Place the acl_dup() description in alphabetical order.
- Move the POSIX.1e descriptions under the ENVIRONMENT section to the
STANDARDS section.
Reviewed by: rwatson
Obtained from: TrustedBSD Project
Makefile, add Makefile.inc needed for libc build; add
#include "namespace.h"/#include "un-namespace.h" pairs around the
includes of sys/acl.h and sys/capability.h, and an additional underscore
in front of the functions that will be overridden in libc_r.
Approved by: rwatson
Obtained from: TrustedBSD Project
`nc_error' variables. Move the nc_lock mutex from mt_misc.c to a
static variable within this function, since it is only used here.
Add a new getnetconfigent() error code `NC_NOTFOUND' to report the
case where the specified netid was not found. Set nc_error in all
error cases in getnetconfigent() so that the error messages returned
by nc_(s)perror are always meaningful.
Add a terminating \n to the output of nc_perror() to match both
our manpage and other implementations of this function.
Reviewed by: deischen, alfred, Martin Blapp <mb@imp.ch>
a "#pragma weak" directive linking the external symbol. This matches
the other pthread_* definitions, and ensures that users of this
function from within libc get the real version, not the stub.
Suggested by: deischen
Reviewed by: deischen, alfred
RPC clients hanging. The real problem turned out to be missing
cleanup code; this was fixed in clnt_vc.c r1.5 and clnt_dg.c r1.4.
Submitted by: Martin Blapp <mb@imp.ch>
so that the underscored versions of the pthread functions get
declared. This removes around 300 lines of 'implicit declaration
of XXX' warnings from the output of a libc build with -Wall.
Reviewed by: Martin Blapp <mb@imp.ch>, alfred
Also, looking to the future, don't assume all the world is an i386 and all
its disk layout brain damage will be repeated by other platforms. So all
the diking out if we are an Alpha, becomes adding in if we are an i386.
I've left out a couple of unused args between internal functions.
Use MAXPATHLEN, not MAXPATHLEN + 1 in a couple of places.
Pass a pointer to the end of the target filename space.
exactly the right size. Do it differently - pass a length rather than an
end-of-string+1 pointer as this is more convenient anyway. Get rid of
the bogus +1's.
to make asynchronous RPCs. This is needed to help fix ypbind, which can no
longer override the clnt_dg_call() method (formerly the clntudp_call()
method) due to all the internal descriptor locking code in TI-RPC. Turning
on this flag allows us to send an RPC request, then return immediately,
and handle a reply later, rather than being forced to do the request
and reply in a single function call.
Also fix a byte ordering bug: when clnt_dg_call() increments the XID
prior to transmitting a request, it uses the raw value, which is wrong.
The XID is stored in network byte order, i.e. big-endian. The CLSET_XID
and CLGET_XID commands in clnt_dg_control() use ntohl()/htonl() to get
the byte ordering right, but because clnt_dg_call() does not do this,
using CLSET_XID/CLGET_XID doesn't actually work, unless you're on a
big endian host, which we aren't (yet). Fix clnt_dg_call() to byte swap
properly when doing the increment.
Some of the major changes include:
- The SCSI error handling portion of cam_periph_error() has
been broken out into a number of subfunctions to better
modularize the code that handles the hierarchy of SCSI errors.
As a result, the code is now much easier to read.
- String handling and error printing has been significantly
revamped. We now use sbufs to do string formatting instead
of using printfs (for the kernel) and snprintf/strncat (for
userland) as before.
There is a new catchall error printing routine,
cam_error_print() and its string-based counterpart,
cam_error_string() that allow the kernel and userland
applications to pass in a CCB and have errors printed out
properly, whether or not they're SCSI errors. Among other
things, this helped eliminate a fair amount of duplicate code
in camcontrol.
We now print out more information than before, including
the CAM status and SCSI status and the error recovery action
taken to remedy the problem.
- sbufs are now available in userland, via libsbuf. This
change was necessary since most of the error printing code
is shared between libcam and the kernel.
- A new transfer settings interface is included in this checkin.
This code is #ifdef'ed out, and is primarily intended to aid
discussion with HBA driver authors on the final form the
interface should take. There is example code in the ahc(4)
driver that implements the HBA driver side of the new
interface. The new transfer settings code won't be enabled
until we're ready to switch all HBA drivers over to the new
interface.
src/Makefile.inc1,
lib/Makefile: Add libsbuf. It must be built before libcam,
since libcam uses sbuf routines.
libcam/Makefile: libcam now depends on libsbuf.
libsbuf/Makefile: Add a makefile for libsbuf. This pulls in the
sbuf sources from sys/kern.
bsd.libnames.mk: Add LIBSBUF.
camcontrol/Makefile: Add -lsbuf. Since camcontrol is statically
linked, we can't depend on the dynamic linker
to pull in libsbuf.
camcontrol.c: Use cam_error_print() instead of checking for
CAM_SCSI_STATUS_ERROR on every failed CCB.
sbuf.9: Change the prototypes for sbuf_cat() and
sbuf_cpy() so that the source string is now a
const char *. This is more in line wth the
standard system string functions, and helps
eliminate warnings when dealing with a const
source buffer.
Fix a typo.
cam.c: Add description strings for the various CAM
error status values, as well as routines to
look up those strings.
Add new cam_error_string() and
cam_error_print() routines for userland and
the kernel.
cam.h: Add a new CAM flag, CAM_RETRY_SELTO.
Add enumerated types for the various options
available with cam_error_print() and
cam_error_string().
cam_ccb.h: Add new transfer negotiation structures/types.
Change inq_len in the ccb_getdev structure to
be "reserved". This field has never been
filled in, and will be removed when we next
bump the CAM version.
cam_debug.h: Fix typo.
cam_periph.c: Modularize cam_periph_error(). The SCSI error
handling part of cam_periph_error() is now
in camperiphscsistatuserror() and
camperiphscsisenseerror().
In cam_periph_lock(), increase the reference
count on the periph while we wait for our lock
attempt to succeed so that the periph won't go
away while we're sleeping.
cam_xpt.c: Add new transfer negotiation code. (ifdefed
out)
Add a new function, xpt_path_string(). This
is a string/sbuf analog to xpt_print_path().
scsi_all.c: Revamp string handing and error printing code.
We now use sbufs for much of the string
formatting code. More of that code is shared
between userland the kernel.
scsi_all.h: Get rid of SS_TURSTART, it wasn't terribly
useful in the first place.
Add a new error action, SS_REQSENSE. (Send a
request sense and then retry the command.)
This is useful when the controller hasn't
performed autosense for some reason.
Change the default actions around a bit.
scsi_cd.c,
scsi_da.c,
scsi_pt.c,
scsi_ses.c: SF_RETRY_SELTO -> CAM_RETRY_SELTO. Selection
timeouts shouldn't be covered by a sense flag.
scsi_pass.[ch]: SF_RETRY_SELTO -> CAM_RETRY_SELTO.
Get rid of the last vestiges of a read/write
interface.
libkern/bsearch.c,
sys/libkern.h,
conf/files: Add bsearch.c, which is needed for some of the
new table lookup routines.
aic7xxx_freebsd.c: Define AHC_NEW_TRAN_SETTINGS if
CAM_NEW_TRAN_CODE is defined.
sbuf.h,
subr_sbuf.c: Add the appropriate #ifdefs so sbufs can
compile and run in userland.
Change sbuf_printf() to use vsnprintf()
instead of kvprintf(), which is only available
in the kernel.
Change the source string for sbuf_cpy() and
sbuf_cat() to be a const char *.
Add __BEGIN_DECLS and __END_DECLS around
function prototypes since they're now exported
to userland.
kdump/mkioctls: Include stdio.h before cam.h since cam.h now
includes a function with a FILE * argument.
Submitted by: gibbs (mostly)
Reviewed by: jdp, marcel (libsbuf makefile changes)
Reviewed by: des (sbuf changes)
Reviewed by: ken
o Revise description in light of commits over last month including:
- ACL editing library is now implemented
- ACLs are now implemented
Obtained from: TrustedBSD Project
because libc/rpc/key_call.c references uname(), and ps/print.c also
defines uname(), and ps is linked statically. This leads to a symbol
clash. The userland uname(3) kinda sucked anyway as the hostname
etc was too short. And since the libc rpc interface now uses
the utsname.nodename which gets truncated, I was tempted into doing
something about it. Create a new userland uname function, called
__xuname() which takes an extra argument that allows you to change
the size of the fields. uname() becomes a static inline function
in sys/utsname.h that passes the extra argument in. struct utsname
has its field members expanded by default now in userland.
We still provide a 'uname' externally linkable function for things
that either think that they ``know'' the utsname format and assume
32 character strings and bypass the include file, or objects that
are linked against old libcs. ie: just about every plausible
case that I can think of is covered. Should we ever change the
default lengths again, a libc major bump should not be required
as the size is now passed to the function.
XXX the uname(2) in the kernel is for FreeBSD 1.1 binary compatability!
All the uname(3) functions that are exported to userland are actually
implemented in libc with sysctl. uname(1) uses sysctl directly and
does not call uname(3).
PR: bin/4688
acl_add_perm, acl_clear_perms, acl_copy_entry, acl_create_entry,
acl_delete_perm, acl_get_permset, acl_get_qualifier, acl_get_tag_type,
acl_set_permset, acl_set_qualifier, acl_set_tag_type
This brings us within 4 functions of a full ACL editing library.
Reviewed by: rwatson
Make struct cmessage visible from socket.h (about 4 places were
defining it for themselves which wasn't good)
Make __rpc_get_local_uid() useable and give it prototype that's
visible.
Fix some issues with printing out usernames from rpcbind and keyserv.
changed. These were taken from the 4.2-RELEASE dist on ftp.freebsd.org.
This will be MFC'd shortly as it is required in RELENG_4 to maintain
compatability with binaries linked against these libraries.
should have been repo-copied from it in the first place.
Apply all of our fixes up to and including revision 1.14 to
the original rpc.3 manpage, including conversion to mdoc(7).
number of paths which glob(3) will return. Remove the hardcoded limit
from the last commit, which restores the previous unbounded behavior.
Document the new flag in the manual page.
associated changes that had to happen to make this possible as well as
bugs fixed along the way.
Bring in required TLI library routines to support this.
Since we don't support TLI we've essentially copied what NetBSD
has done, adding a thin layer to emulate direct the TLI calls
into BSD socket calls.
This is mostly from Sun's tirpc release that was made in 1994,
however some fixes were backported from the 1999 release (supposedly
only made available after this porting effort was underway).
The submitter has agreed to continue on and bring us up to the
1999 release.
Several key features are introduced with this update:
Client calls are thread safe. (1999 code has server side thread
safe)
Updated, a more modern interface.
Many userland updates were done to bring the code up to par with
the recent RPC API.
There is an update to the pthreads library, a function
pthread_main_np() was added to emulate a function of Sun's threads
library.
While we're at it, bring in NetBSD's lockd, it's been far too
long of a wait.
New rpcbind(8) replaces portmap(8) (supporting communication over
an authenticated Unix-domain socket, and by default only allowing
set and unset requests over that channel). It's much more secure
than the old portmapper.
Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded
to support TI-RPC and to support IPV6.
Umount(8) is also fixed to unmount pathnames longer than 80 chars,
which are currently truncated by the Kernel statfs structure.
Submitted by: Martin Blapp <mb@imp.ch>
Manpage review: ru
Secure RPC implemented by: wpaul
- lowercase Nd argument
- mark function arguments with Fa
- mark defined values with Dv
- simply copying POSIX text for RETURN VALUES and ERRORS sections is not
always a good idea. POSIX uses the word "shall" indicating the behavior
the correct implementation should follow.
reserved word, causing breakage when a C++ program included libutil.h
This change will be propagated elsewhere shortly.
Submitted by: jkh
Obtained from: TrustedBSD Project
o acl_calc_mask(): calculates the ACL mask entry associated with
the given ACL.
o acl_delete_entry(): remove a specified ACL entry from the given
ACL.
Approved by: rwatson
`err()'). libdisk does! and additionally libdisk gets confused on Alpha
disks with foreign disklabels, throws up its hands and exits. This is
the cause of the "going no where without my init" install bug on the Alpha.
So now on the Alpha, rather than call err(), we print the error string and
continue processing.
Submitted by: jkh
since they not allows POSIXly legal locale data. Currently, if relaxed form
POSIXly legal locale data will be used right now, some programs will be broken,
but it means that either locale data or programs must be fixed, not the library.
Introduce non-standard md_order (month/day order) locale field to be used later
via nl_langinfo(). Currently %EF and %Ef emulated using this field, but they
planned for remove in future in favour of nl_langinfo() test field.
Implement %F per POSIX
char *
FooFileChunk(const char *filename, char *buf, off_t offset, off_t length)
Which only hashes part of a file.
Implement FooFile() in terms of this function.
Submitted by: roam
is currently set to 10000. This is intended to prevent glob from running
amok when a highly recursive path is provided (such as "../*/../*/../*/...")
Reviewed by: Diane Bruce <db@db.net>, jhb
utility functions which convert between string namespace names and
numeric constants used by the interface. Right now, two namespaces
are supported, EXTATTR_NAMESPACE_SYSTEM ("system") and
EXTATTR_NAMESPACE_USER ("user"). These functions are used by
various userland EA utilities, rather than hard coding the routines
all over the place.
Obtained from: TrustedBSD Project
o Rename internal library functions so that they are prefixed with
_posix1e or _POSIX1E, removing them from the application namespace (and
potential conflict with other ACL functions elsewhere in the system).
Obtained from: TrustedBSD Project
gratuitous difference between us and our sister project.
This was given to me _ages_ ago. May apologies to Paul for the length
of time its taken me to commit.
Obtained from: Niels Provos <provos@physnet.uni-hamburg.de>/OpenBSD
Submitted by: Paul Herman <pherman@frenchfries.net>
Reviewed by: David Cross <dec@freebsd.org>, jkh <jkh@freebsd.org>
Approved by: jkh <jkh@freebsd.org>
Obtained from: Ian Dowse <iedowse@maths.tcd.ie>, David Cross <dec@freebsd.org>
We have been running this patch on a production NIS server for 2.5 weeks now.
Normally we would have ypserv die at least once a week, and often many times
a day.
This patch treats and error from select as zeroing out the FD_SET to indicate
that no fds are ready for reading. This is safe because the rpc code
always re-inits the FDSET before calling select.
The below text is quoted from the latest POSIX draft:
: The values of locale categories shall be determined by a precedence
: order; the first condition met below determines the value:
:
: 1. If the LC_ALL environment variable is defined and is not null,
: the value of LC_ALL shall be used.
: 2. If the LC_* environment variable (LC_COLLATE, LC_CTYPE, LC_MESSAGES,
: LC_MONETARY, LC_NUMERIC, LC_TIME) is defined and is not null, the
: value of the environment variable shall be used to initialize the
: category that corresponds to the environment variable.
: 3. If the LANG environment variable is defined and is not null, the
: value of the LANG environment variable shall be used.
: 4. If the LANG environment variable is not set or is set to the empty
: string, the implementation-defined default locale shall be used.
The conditions 1 and 2 were interchanged, i.e., LC_* were looked first,
then LC_ALL, then LANG (note that LC_ALL and LANG were essentially the
same, providing the default, with LC_ALL taking precedence over LANG).
Now, LC_ALL and LANG serve the different purposes. LC_ALL overrides
any LC_*, and LANG provides the default fallback.
Testcase:
/usr/bin/env LC_ALL=C LC_TIME=de_DE.ISO_8859-1 /bin/date
Should return date in the "C" locale format.
Inspired by: date(1) reference page in the Draft
lock definitions to it. flockfile state is now allocated
along with the rest of FILE. This eliminates the need for a
separate allocation of flockfile state as well as eliminating
the mutex/lock used to serialize its allocation.
Even better formula from random() could not be intetgrated because rand_r()
supposed to store its state in the single variable (but table needed for
random() algorithm integration).
- new EV_SET macro,
- NOTE_LOWAT option for low water marks on read/write filters,
- NOTE_REVOKE for filesystem unmounting (and revoke() calls)
- improved API for EVFILT_AIO
sysctls exporting swap information. When running on a live kernel,
the sysctl's will now be used instead of kvm_read, allowing consumers of
this interface to run without privilege (setgid kmem). Retain the
ability to run on coredumps, or on a kernel using kmem if explicitly
pointed at one.
A side effect of this change is that kvm_getswapinfo() is faster now in
the general case. If the SWIF_DUMP_TREE flag is given (pstat -ss does
this), the radix tree walker, which still uses kvm_read in any case, is
invoked, and therefore does require privilege.
Submitted by: Thomas Moestl <tmoestl@gmx.net>
Reviewed by: freebsd-audit
This is about to be replaced anyway by initialization explicitly
instead of lazily, and reducing the complexity of it. As it is
now, this will work fine, however.
while with threaded software in -CURRENT acting very "weird". It has
seemed, for example, in Mozilla that threads attempting to do host
lookups have been locking up. That's exactly the case.
There was a race condition in the implementation of the initialization
of the mutex used to protect FILE operations, first of all: multiple
instances of FLOCKFILE() in libc could occur on the same FILE at
the same time and cause strange behavior by overwriting eachothers'
creation of the mutex and the rest of the file lock.
Secondly, it's not appropriate to test the "validity" of the file
descriptor referenced by the FILE; if the code is calling FLOCKFILE()
or FUNLOCKFILE(), it wants the FILE to be locked or unlocked, not
to be locked or unlocked on the condition that _file is >= 0. This
also could quite easily cause leaks by failing to perform the lock or
unlock operation when it actually is needed.
Mozilla now works again on -CURRENT when linked to libc_r.so.5 and
libc.so.5.
ABI change. There is some serious evilness here to work around some
gcc weaknesses. We need to know the sizeof(FILE) manually until __sF
goes away in the next major bump. We have the size for Alpha and i386,
missing is ia64, ppc and sparc* (and i386 with 64 bit longs).
At some point down the track we can change the stdin etc #defines to
stop hard coding the size of FILE into application binaries.
Lots of head scratching and ideas and testing by: green, imp
causing some versions of as to dump core. This survived make
buildworld/installworld and the building gettext port afterwards.
Submitted by: <nnd@mail.nsk.ru> "N.Dudorov"
Reviewed by: "Daniel M. Eischen" <eischen@vigrid.com>
o Back out the __std* stuff. Can't figure out how to do this right now,
so we'll save it for late.
o use _up as a pointer for extra fields that we need to access.
o back out the libc major version bump.
Submitted by: green
reviewed by: peter, imp, green, obrien (to varying degrees).
We'll fix the "how do we stop encoding sizeof(FILE) in binaries" part
later.
Change __dtoa to not free the string it allocated the previous time it was
called. The caller now frees the string after usage if appropiate.
PR: 15070
Reviewed by: deischen
bikeshed in -arch. It isn't quite over, but it has been well established
that this can be adjusted or refined. But we do seem to have consensis
on a major bump of some sort. After this, it should reasonably safe
to build world again.
This change is to get rid of __sF[] and use seperate __stdin/out/err
handles. This means we can pad on extra bits onto the end of FILE
at will without going through this all over again. __sF[] was evil
because it compiled the sizeof(FILE) into every stdio using program.
Asbestos suit on: check!
Peril sensitive sunglasses on: check!
*gulp!*
try a hopefully more robust stdin/stdout/stderr. This costs an indirect
pointer fetch, but saves us from changes in 'FILE'. The __stdin stuff
is there to not pollute application name space if the application does
not use <stdio.h> and also in case something depended on the current
behavior where stdin etc was a #define.
Reviewed by: eischen, dillon
application to provide locking for I/O operations. This doesn't
break any of my tests, but the old behavior can be restored by
compiling with _FDLOCKS_ENABLED. This will eventually be removed
when it is obvious it does not cause any problems.
Remove most of flockfile implementation, with the exception of
flockfile_debug.
Make error messages more informational (submitted by Mike Heffner
<spock@techfour.net>, who's now known as mikeh@FreeBSD.org).
Add a lock to FILE. flockfile and friends are now implemented
(for the most part) in libc. flockfile_debug is implemented in
libc_r; I suppose it's about time to kill it but will do it in
a future commit.
Fix a potential deadlock in _fwalk in a threaded environment.
A file flag (__SIGN) was added to stdio.h that, when set, tells
_fwalk to ignore it in its walk. This seemed to be needed in
refill.c because each file needs to be locked when flushing.
Add a stub for pthread_self in libc. This is needed by flockfile
which is allowed by POSIX to be recursive.
Make fgetpos() error return value (-1) match man page.
Remove recursive calls to locked functions (stdio); I think I've
got them all, but I may have missed a couple.
A few K&R -> ANSI conversions along with removal of a few instances
of "register".
$Id$ -> $FreeBSD$ in libc/stdio/rget.c
Not objected to: -arch, a few months ago
it in.
Some review from -hackers (some time ago), and I think the best way to
get this improved (if it needs improving) or updating, is to bring it in.
PR: docs/12557
Submitted by: Tim Singletary <tsingle@triana.gsfc.nasa.gov>
LC_NUMERIC::grouping) values.
. Always set __XXX_changed flags then loading numeric & monetary locale
categories to allow localeconv() to use C locale also.
LC_NUMERIC fields, but only for *grouping fields - other fields are converted
to a chars in localeconv(), so final change is:
"-1" -> "127"
127 here is because CHAR_MAX supposed, which is _positive_ (SUSv2 requirement),
not negative as 255. It is still a bit of hack. To find real CHAR_MAX will be
better to sprintf() it once somewhere in static buffer. *grouping parsing
still broken and missing and needs to be implemented.
LC_MONETARY, LC_NUMERIC are byte-arrays, not ASCII strings!
Fix "C" locale, change "-1" to {CHAR_MAX, '\0'} according to standards.
This is only partial fix - locale loading procedure remains broken as before
and load too big values for all locales. All numeric strings there should be
converted with something like atoi() and placed into bytes. Maybe I do it
later, if someone will not fix it faster.
Change __dtoa to not free the string it allocated the previous time it was
called. The caller now frees the string after usage if appropiate.
PR: 15070
to be the same as -ragged in the current implementation) to
-ragged. With mdocNG, -filled displays produce the correct
output, formatted and justified to both margins.
Add another check for thread library initialization (jdp, we
really need a way to get _thread_init called at program start
before any constructors are run).
and treating (almost) all system calls the same way:
__sys_foo - actual syscall
foo, _foo - weak definitions to __sys_foo
Change PSEUDO syscalls (currently only _exit and _getlogin) to
be __sys_foo (T) and _foo (W).
Add $FreeBSD$ to a few files to satisfy commitprep.
Suggested by: bde
_foo - wrapped system call
foo - weak definition to _foo
and for cancellation points:
_foo - wrapped system call
__foo - enter cancellation point, call _foo(), leave
cancellation point
foo - weak definition to __foo
Change use of global _thread_run to call a function to get the
currently running thread.
Make all pthread_foo functions weak definitions to _pthread_foo,
where _pthread_foo is the implementation. This allows an application
to provide its own pthread functions.
Provide slightly different versions of pthread_mutex_lock and
pthread_mutex_init so that we can tell the difference between
a libc mutex and an application mutex. Threads holding mutexes
internal to libc should never be allowed to exit, call signal
handlers, or cancel.
Approved by: -arch
adding (weak definitions to) stubs for some of the pthread
functions. If the threads library is linked in, the real
pthread functions will pulled in.
Use the following convention for system calls wrapped by the
threads library:
__sys_foo - actual system call
_foo - weak definition to __sys_foo
foo - weak definition to __sys_foo
Change all libc uses of system calls wrapped by the threads
library from foo to _foo. In order to define the prototypes
for _foo(), we introduce namespace.h and un-namespace.h
(suggested by bde). All files that need to reference these
system calls, should include namespace.h before any standard
includes, then include un-namespace.h after the standard
includes and before any local includes. <db.h> is an exception
and shouldn't be included in between namespace.h and
un-namespace.h namespace.h will define foo to _foo, and
un-namespace.h will undefine foo.
Try to eliminate some of the recursive calls to MT-safe
functions in libc/stdio in preparation for adding a mutex
to FILE. We have recursive mutexes, but would like to avoid
using them if possible.
Remove uneeded includes of <errno.h> from a few files.
Add $FreeBSD$ to a few files in order to pass commitprep.
Approved by: -arch
- Use "OPOST | ONLCR" as a c_oflag in the raw mode instead of 0, which should
make debug output mode readable;
- flush input buffer when switching to/from raw mode. This should prevent
leaking raw scancodes into your shell prompt when program called
VGLKeyboardEnd() w/o processing all scancodes in the buffer.
attempt to read memory when siz is 0
- Clarify comments referring to strlcat() usage
PR: 24278, 24295
Submitted by: Tony Finch <dot@dotat.at>
Richard Kettlewell <rjk@greenend.org.uk>
Reviewed by: -audit
single manual page, appropriately linked, since this removes the
decision of which page the (previously non-existent) sigmask.2
MLINK should point at.
Submitted by: will
supported since it's not easy to put 3 bytes accross 64Kb windows
of memory. This should not be such a problem with linear framebuffers.
There is no major interface modification except that the color type
becomes u_long instead of byte. So one just need to recompile his
application.
Approved by: Soren Schmidt <sos@freebsd.dk>
- errno is already set to ENOMEM (as appropriate) when asprintf(),
strdup(), or acl_init() fails
o acl_to_text.c:
- the return value of the initial strdup() is not checked
- errno is already set to ENOMEM (as appropriate) when asprintf
and acl_init() fails
- let the the default: case use 'goto error_label' for consistency
Submitted by: jedgar
Rather than have a separate (misnamed) FTP_ANONYMOUS_PASSWORD constant, use
FTP_ANONYMOUS_USER (i.e. "anonymous") to construct the anonymous ftp password
if getlogin() fails.
- The stack was getting smashed by __grow_type_table()
- reallocf() was being called with the wrong pointer
- The maximum argument number was being incorrectly computed
PR: misc/23521
non-threaded programs. This provides threaded programs with the
needed exception frame symbols.
parts submitted by: Max Khon <fjoe@iclub.nsu.ru>
PR: 23252
non-threaded programs. This provides threaded programs with the
needed exception frame symbols.
parts submitted by: Max Khon <fjoe@iclub.nsu.ru>
PR: 23252
referenced to by libgcc.a.
This is needed when linking statically as SVR4 (ie, ELF) behavior is to only
link in a module if it satisfies an undefined strong reference from somewhere.
(this surprises a lot of people) Things are different when using shared libs,
the entire library and its modules and their symbols are available at run-time
(when the weak reference is seen to still be unsatisfied and is satisfied on
the spot), this is not the case with static libs.
Thus one can have a static binary with unresolved week references, and at
run-time dereference a NULL pointer.
Submitted by: eischen
interface was based on a draft version of POSIX whereas the final
(1996) version of POSIX specified that the error is returned.
While I'm here, fix getlogin_r so that it works for more than just
the first time it's called.
Reviewed by: wes, wollman (man page)
Submitted by: "Peter Avalos" <pavalos@theshell.com>
Reviewed by: /sbin/md5 [*]
[*] This line appears courtesy of Mr. Warner Losch, all rights reversed.
quitting every time. The way to free a CIRCLEQ was to loop until
the current == current->head, but the way to free a TAILQ is to loop
until current->head == NULL.
In any case, the CORRECT way to do it is a loop of TAILQ_EMPTY() checks
and TAILQ_REMOVE()al of TAILQ_FIRST(). This bug wouldn't have happened
if the loop wasn't hard-coded...
There may be more bugs of this type from the conversion.
so I am backing it out for now. The problem is that some random program
calling crypt() could be passing a DES salt and the crypt(3) library
would encrypt it in md5 mode and there would be a password mismatch as a
result. I wrote a validater function for the DES code to verify that
a salt is valid for DES, but I realized there were too many strange things
to go wrong. passwd(1), pw(8) etc still generate md5 passwords by default
for /etc/master.passwd, so this is almost academic. It is a big deal for
things that have their own crypt(3)-ed password strings (.htaccess,
etc etc). Those are the things I do not want to break.
My DES salt recognizer basically checked if the salt was either 2 or
13 characters long, or began with '_' (_PASSWORD_EFMT1). I think it
would have worked but I have seen way too much crypt() mishandling
in the past.
one-way hash functions for authentication purposes. There is no more
"set the libcrypt->libXXXcrypt" nightmare.
- Undo the libmd.so hack, use -D to hide the md5c.c internals.
- Remove the symlink hacks in release/Makefile
- the algorthm is set by set_crypt_format() as before. If this is
not called, it tries to heuristically figure out the hash format, and
if all else fails, it uses the optional auth.conf entry to chose the
overall default hash.
- Since source has non-hidden crypto in it there may be some issues with
having the source it in some countries, so preserve the "secure/*"
division. You can still build a des-free libcrypt library if you want
to badly enough. This should not be a problem in the US or exporting
from the US as freebsd.org had notified BXA some time ago. That makes
this stuff re-exportable by anyone.
- For consistancy, the default in absence of any other clues is md5. This
is to try and minimize POLA across buildworld where folk may suddenly
be activating des-crypt()-hash support. Since the des hash may not
always be present, it seemed sensible to make the stronger md5 algorithm
the default.
All things being equal, no functionality is lost.
Reviewed-by: jkh
(flame-proof suit on)
global time of day. This costs us nothing, but is a bit of a hack
to work around a process blocking and not having the time updated
by an ITIMER_PROF signal.
PR: 23679
present, this is limited to turning on the packet option if any of
disk slices begin above cylinder 1023. The effect of this change
should therefore be to automatically enable LBA support, as needed,
when installing FreeBSD.
Something-of-the-kind-requested-by: peter
no longer contains kernel specific data structures, but rather
only scalar values and structures that are already part of the
kernel/user interface, specifically rusage and rtprio. It no
longer contains proc, session, pcred, ucred, procsig, vmspace,
pstats, mtx, sigiolst, klist, callout, pasleep, or mdproc. If
any of these changed in size, ps, w, fstat, gcore, systat, and
top would all stop working. The new structure has over 200 bytes
of unassigned space for future values to be added, yet is nearly
100 bytes smaller per entry than the structure that it replaced.
identification and descriptions of most capabilities, current inheritence
rules, etc. More to follow.
Reviewed by: sheldonh
Obtained from: TrustedBSD Project
member f_devdata to be a pointer to a socket number. When currdev
is "pxe", that assumption is correct. When currdev is "disk*", that
assumption is incorrect.
Submitted by: Jim Browne <jbrowne@jbrowne.com>
and had libfetch selecting passive mode even when FTP_PASSIVE_MODE was not
set at all, which is really quite surprising unless you know about it. So
change it to the agreed default behaviour of selecting passive mode if
FTP_PASSIVE_MODE is set, but not "no".
telldir positions. This will allow (future) locking on a
per-DIR basis (for MT-safety). For now, this change does
the following:
o Remove the hash table from telldir.c. Recode to use queue
macros.
o Remove 'const' from 'telldir(const DIR *)'.
o Remove 'register' variables as suggested in a recent
thread.
No response from: -current
- iruserok_sa() and __ivaliduser_af() were re-organized to use
__ivaliduser_sa()
- __icheckhost() was re-written to use getaddrinfo() instead of
getipnodebyname()
- better handling of multiple destination addresses in rcmd()
These changes were basically taken from KAME and changed to fit our
rcmd.c.
Obtained from: KAME
a NULL argument. Some programs change the contents of the argv
array, typically to remove some special arguments. They shorten
argv by storing a NULL where an argument pointer used to be. Such
programs core dumped if they called setproctitle(), because it
would try to apply strlen() to a NULL pointer.
instead of immediately after the fclose. The previous logic did work
on freebsd, but is somewhat risky practice (and causes trouble when
porting to other OS's).
PR: bin/22965
Reviewed by: Garrett Wollman
files. Mostly -I${.CURDIR} was needed -- especially for YACC generated
files as the new cpp does not look in the ultimate source file
(ie, the .y file)'s directory as told by the "#line" directive. Some were
misspellings of "-I${.CURDIR}" as "-I.".
stderr in case of warnings and errors.
Rename malloc_options to have a leading underscore, I belive I have been
told that is more correct namespace wise.
back to the original environ unconditionally. The setting of the
variable to save the previous environ is conditional; it happens when
ENV.e_committed is set. Therefore, don't try to swap the env back
unless the previous env has been initialized.
PR: bin/22670
Submitted by: Takanori Saneto <sanewo@ba2.so-net.ne.jp>
libcompat" in favour of a .Sh LIBRARY section using the .Lb macro. Also add
.Bf -symbolic around the text saying "this is obsolete" in re_comp.3.
PR: 22675
Submitted by: Mike Meyer <mwm@mired.org>
Reviewed by: sheldonh
executed at least once, fixing pthread_mutex_lock() for recursive
mutex lock attempts.
Correctly set a threads signal mask while it is executing a signal
handler. The mask should be the union of its current mask, the
signal being handled, and the mask from the signal action.
Reported by: Dan Nelson <dnelson@emsphone.com>
MFC Candidate
was not getting properly initialized in pthread_cond_signal()
and pthread_cond_broadcast(). Reportedly, this can cause
an application to die.
MFC candidate
Submitted by: ade
the kernel to (re)use the alternate signal stack. In this
case, we don't return normally from the signal handler,
so the kernel still thinks we are using the signal stack.
The fixes a nasty bug where the signal handler can start
fiddling with the stack of a thread while the handler is
actually running on the same stack.
MFC candidate
the encoding and using the character set [a-zA-Z0-9]. This gives a total
of 62^6 = 56800235584 possible temporary filenames for the usual default
invocation of 6 X's (compared to as few as 52 possibilities for the
previous algorithm where up to 5 characters were wasted by the PID).
Update some apparently bitrotten comments to reflect reality.
Audited by: eivind, freebsd-audit
Reviewed by: freebsd-current (a while ago)
Originally submitted by: Peter Jeremy <Peter.Jeremy@alcatel.com.au>
The test for failing the end guard was always triggering (and was reported as
such in compiler warnings). This is a temporary band-aid until I can work
out what's really going on.
Reviewed by: obrien
file descriptors needing to be polled (Doh!). Reported
by Dan Nelson <dnelson@emsphone.com>.
Don't install and start the scheduling timer until the
first thread is created. This prevents the overhead of
having a periodic scheduling signal in a single threaded
program. Reported by Dan Nelson <dnelson@emsphone.com>.
Allow builtin longjmps out of application installed
signal handlers without the need perform any post-handler
cleanup:
o Change signal handling to save the threads interrupted
context on the stack. The threads current context is
now always stored in the same place (in the pthread).
If and when a signal handler returns, the interrupted
context is copied back to the storage area in the pthread.
o Before calling invoking a signal handler for a thread,
back the thread out of any internal waiting queues
(mutex, CV, join, etc) to which it belongs.
Rework uthread_info.c a bit to make it easier to change
the format of a thread dump.
Use an alternal signal stack for the thread library's
signal handler. This allows us to fiddle with the main
threads stack without fear of it being in use.
Reviewed by: jasone
into an infinite loop when a timeout value is supplied
and the timeout expires.
Reported by: Dan Nelson <dnelson@emsphone.com>
Reviewed by: jasone, jlemon
that applications know how large of a buffer they must allocate before
calling property_find(). Also added a $FreeBSD$ tag while I'm here.
Approved by: jkh
in <sys/signal.h>.
This might be a shortterm fix until the manpage is updated towards
POSIX terminology. And maybe not...
PR: 21542
Submitted by: Ronald F. Guilmette <rfg@monkeys.com>
PPTP links are no longer dropped by simple (and inappropriate in this
case) "inactivity timeout" procedure, only when requested through the
control connection.
It is now possible to have multiple PPTP servers running behind NAT.
Just redirect the incoming TCP traffic to port 1723, everything else
is done transparently.
Problems were reported and the fix was tested by:
Michael Adler <Michael.Adler@compaq.com>,
David Andersen <dga@lcs.mit.edu>
when using the egcs and gcc-devel ports, along with GCC built from stock
public FSF sources. With out this change, FreeBSD will be removed from
the list of systems GCC 3.0 must be evaluated on before release. With
the effort some of us put into getting FreeBSD on this list, we should
not turn this effort into a waste, else we might not be worth fighting
for in the future. (note that Alpha and IA-64 versions of crt{i,n}.S
are needed)
* Switch from our own crt{begin,in} to those created from GCC's crtstuff.c.
This will allow us to switch to DWARF2 exceptions in the future, along with
staying in sync with any future GCC requirements.
* Break out our ELF branding bits into a seperate file. Currently this
is now included by our crt1.c files (since this functionality was part of
our native crtbegin.c). Later crtbrand.o will be merged in the creation
of crti.o.
getting libutil/libcrypt to work properly. I've determined that GCC
thinks it can inline all functions, including weak-symboled ones, if
it feels like it.
Create a new stub.c and move any stubs there to prevent inlining.
Thanks to jdp and William S. Duncanson for helping me finally find the
problem.
by sigwait(). This prevents a signal from being sent to the process
when there are no application installed signal handlers.
Correct a typo in sigwait (foo -> foo[i]).
bind distribution, but until now was not being built as a separate
entity. For documentation, see these man pages:
assertions(3), eventlib(3), heap(3), logging(3), memcluster(3), tree(3).
Reviewed by: jdp
adding a signal frame to a thread, be sure to label the context
correctly so we don't restore an uninitialized process mask.
Reported by: kimc@W8HD.ORG and Andrey Rouskol <anry@sovintel.ru>
- ftpTimeout was not honored when reading actual data, as opposed to
talking protocol
- connection caching was broken because _ftp_cached_connect() would see
the result of the transfer instead of the result of the NOOP.
- if the RETR succeeded, but an error occurred later (as can happen
when talking to a proxy), the error would not be detected.
There still remains to register an atexit(3) callback to close the cached
connection gracefully instead of just dropping it on the floor.
K&R -> ANSI
Bugfix: 'Keep the bit position even when the report descriptor says POP.'
Add hid_use_report_desc, hid_parse_usage_page, hid_parse_usage_in_page.
Changed iface for hid_report_size.
Add references to the newly added hardware debug register
support functions i386_clr_watch(3) and i386_set_watch(3).
Reviewed by: Sean Eric Fagan <sef@kithrup.com>
and no other response to the review request.
thread switches should be on par with that under scheduler
activations.
o Timing is achieved through the use of a fixed interval
timer (ITIMER_PROF) to count scheduling ticks instead
of retrieving the time-of-day upon every thread switch
and calculating elapsed real time.
o Polling for I/O readiness is performed once for each
scheduling tick instead of every thread switch.
o The non-signal saving/restoring versions of setjmp/longjmp
are used to save and restore thread contexts. This may
allow the removal of _THREAD_SAFE macros from setjmp()
and longjmp() - needs more investigation.
Change signal handling so that signals are handled in the
context of the thread that is receiving the signal. When
signals are dispatched to a thread, a special signal handling
frame is created on top of the target threads stack. The
frame contains the threads saved state information and a new
context in which the thread can run. The applications signal
handler is invoked through a wrapper routine that knows how
to restore the threads saved state and unwind to previous
frames.
Fix interruption of threads due to signals. Some states
were being improperly interrupted while other states were
not being interrupted. This should fix several PRs.
Signal handlers, which are invoked as a result of a process
signal (not by pthread_kill()), are now called with the
code (or siginfo_t if SA_SIGINFO was set in sa_flags) and
sigcontext_t as received from the process signal handler.
Modify the search for a thread to which a signal is delivered.
The search algorithm is now:
o First thread found in sigwait() with signal in wait mask.
o First thread found sigsuspend()'d on the signal.
o Current thread if signal is unmasked.
o First thread found with signal unmasked.
Collapse machine dependent support into macros defined in
pthread_private.h. These should probably eventually be moved
into separate MD files.
Change the range of settable priorities to be compliant with
POSIX (0-31). The threads library uses higher priorities
internally for real-time threads (not yet implemented) and
threads executing signal handlers. Real-time threads and
threads running signal handlers add 64 and 32, respectively,
to a threads base priority.
Some other small changes and cleanups.
PR: 17757 18559 21943
Reviewed by: jasone
u_int64_t flag field, bounding the number of capabilities at 64,
but substantially cleaning up capability logic (there are currently
43 defined capabilities).
o Heads up to anyone actually using capabilities: the constant
assignments for various capabilities have been redone, so any
persistent binary capability stores (i.e., '$posix1e.cap' EA
backing files) must be recreated. If you have one of these,
you'll know about it, so if you have no idea what this means,
don't worry.
o Update libposix1e to reflect this new definition, fixing the
exposed functions that directly manipulate the flags fields.
Obtained from: TrustedBSD Project
compatible with the old version but includes new functionality and bug fixes.
Since it is not part of the NO_SENDMAIL make.conf option, libsmdb and
libsmutil should always be built for vacation's sake.
PR: 15227
Replace all in-tree uses with necessary subset of <sys/{fb,kb,cons}io.h>.
This is also the appropriate fix for exo-tree sources.
Put warnings in <machine/console.h> to discourage use.
November 15th 2000 the warnings will be converted to errors.
January 15th 2001 the <machine/console.h> files will be removed.
The recent problems with sshd were due to sshd reassigning
`environ' when setenv() thinks it owns it. setenv() subsequently
realloc()s the new version of environ and *boom*
- Include <stdlib.h> and <string.h> as needed for prototypes
- Remove unneeded "error" variables
o Make cap_init() use cap_clear() instead of bzero()
Obtained from: TrustedBSD Project
o Implementations will remain in the seperately distributed capability
patch until the cap_t type changes are synchronized.
Obtained from: TrustedBSD Project
response to return. This will stop processes waiting on DNS requests
from being woken up when a select collision occurs. This was tested
on mx1.FreeBSD.org (outgoing mail for the FreeBSD.org mailing
lists.)
Reviewed by: jlemon, peter
were not present when dev_mkdb(8) was run.
First the dev_mkdb(8) database is searched, this caters for non-DEVFS
cases where people have renamed a device.
If that fails we ask the kernel using sysctl kern.devname if the device
driver has put a name in the dev_t. This covers DEVFS cloned devices.
If that also fails we format a string which isn't entirely useless.
be used to point to a bad locale file. This is only believed to be a
minor security risk - the only risk is if some program uses the result
of a localized string as a format specifier in a vulnerable function
like sprintf(). No such code is believed to exist in the FreeBSD base
system, although it is possible that badly written third party code
would do that.
Submitted by: imp
Approved by: ache
configure FreeBSD so that various databases such as passwd and group can be
looked up using flat files, NIS, or Hesiod.
= Hesiod has been added to libc (see hesiod(3)).
= A library routine for parsing nsswitch.conf and invoking callback
functions as specified has been added to libc (see nsdispatch(3)).
= The following C library functions have been modified to use nsdispatch:
. getgrent, getgrnam, getgrgid
. getpwent, getpwnam, getpwuid
. getusershell
. getaddrinfo
. gethostbyname, gethostbyname2, gethostbyaddr
. getnetbyname, getnetbyaddr
. getipnodebyname, getipnodebyaddr, getnodebyname, getnodebyaddr
= host.conf has been removed from src/etc. rc.network has been modified
to warn that host.conf is no longer used at boot time. In addition, if
there is a host.conf but no nsswitch.conf, the latter is created at boot
time from the former.
Obtained from: NetBSD
the efficiency of byte-by-byte read operations on filesystems not already
supported by the block cache (especially NFS).
This should be a welcome change for users booting via PXE, as the loader
now reads its startup files almost instantly, instead of taking tens of
seconds.
It was kinda silly since the sigaction() syscall that it used to setup
the handler is more recent than __getcwd(), therefore it was useless
as the wrapper would have died before even getting as far as __getcwd(2).
Reminded by: bde
* rewrite catopen() to remove duplicate code chunks and optimize
* if empty string is passed to catopen() as name argument then
catopen() will set errno to ENOENT (File not found), not EINVAL
* move search code to LOOKUP() macro to shrink amount of duplicated code
* move common resource freeing actions to __nls_free_resources() function
* exclude from build code related to MCLoadAll defintion since it is not
using at all
* style(9) related whitespace changes
Reviewed by: ache
in my tree for a long time. bde reviewed this once upon a time and
said it was OK, iirc. This also obviates the need to put ? in the
optstring argument to preclude the extra warning message which some
people think confuses users. When I made my getopt cleanups of a long
time ago, this was the compromise reached. I just neglected to commit
it until now.
and bump __FreeBSD_version to 500012 to mark the occasion.
setproctitle() is prototyped in unistd.h as opposed to stdlib.h
where OpenBSD and NetBSD have it.
Reviewed by: peter
datagram embedded into ICMP error message, not with protocol
field of ICMP message itself (which is always IPPROTO_ICMP).
Pointed by: Erik Salander <erik@whistle.com>
not alias `ip_src' unless it comes from the host an original
datagram that triggered this error message was destined for.
PR: 20712
Reviewed by: brian, Charles Mott <cmott@scientech.com>
rmdir(2) on directories and unlink(2) otherwise. This modification,
and most of the man page update has been obtined from OpenBSD. This
was spotted by someone on a mailing lists a few months ago, but
I've lost their mail.
Reviewed by: sheldonh
for crypt(3) by now. In any case:
Add crypt_set_format(3) + documentation to -lcrypt.
Add login_setcryptfmt(3) + documentation to -lutil.
Support for switching crypt formats in passwd(8).
Support for switching crypt formats in pw(8).
The simple synopsis is:
edit login.conf; add a passwd_format field set to "des" or "md5"; go nuts :)
Reviewed by: peter
Beyond changes to the build system, this includes fixing up the sample
freebsd.mc configuration for changes in defaults and syntax, removing
outdated documentation, and updating the release notes.
identifier to the DHCP server. Now you can check for this string
in your dhcp configuration to decide whether you will hand out a
lease to the client or not.
I changed to close to original code before merging IPv6 support.
It seems having delay before another try is useless. However, I'm
not sure that delay means. So, I leave it as-is.
PR: bin/20515
related patches. These include:
* Mode page editting can be scripted. This involves two
things: first, if stdin is not a tty, changes are read from
stdin rather than invoking $EDITOR. Second, and more
importantly, not all modepage entries must be included in the
change set. This means that camcontrol can now gracefully handle
more intrusive editting from the $EDITOR, including removal or
rearrangement of lines. It also means that you can do stuff
like:
# echo "WCE: 1" | camcontrol modepage da3 -m 8 -e
# newfs /dev/da3
# echo "WCE: 0" | camcontrol modepage da3 -m 8 -e
* Range-checking on user-supplied input values. modeedit.c now
uses the field width specifiers to determine the maximum
allowable value for a field. If the user enters a value larger
than the maximum, it clips the value to the max and warns the
user. This also involved patching cam_cmdparse.c to be more
consistent with regards to the "count" parameter to arg_put
(previously is was the length of strings and 1 for all integral
types). The cam_cdbparse(3) man page was also updated to reflect
the revised semantics.
* In the process, I removed the 64 entry limit on mode pages (not
that we were even close to hitting that limit). This was a nice
side-effect of the other changes.
* Technically, the new mode editting functionality allows editting
of character array entries in mode pages (type 'c' or 'z'),
however since buff_encode doesn't grok them it is currently
useless.
* Camcontrol gained two new options related to mode pages: -l and
-b. The former lists all available mode pages for a given
device. The latter forces mode page display in binary format
(the default when no mode page definition was found in
scsi_modes).
* Added support for mode page names to scsi_modes. Allows names to
be displayed alongside mode numbers in the mode page
listing. Updated scsi_modes to use the new functionality. This
also adds the semicolon into the scsi_modes syntax as an
optional mode page definition terminator. This is needed to name
pages without providing a page format definition.
* Updated scsi_all.h to include a structure describing mode page
headers.
* Added $FreeBSD$ line to scsi_modes.
Inspired by: dwhite
Reviewed by: ken
was not fun and I am not entirely certain of the correctness, but it seems
to work. (in fact, side by side testing of this code vs the x86 version
turned up hidden bugs in the x86 code).
testing and real-life applications:
1) If you returned from the thread function, you got a segv instead of
calling _exit() with your return code.
2) clean up some bogus stack management. There was also an underflow
on function return.
3) when making syscalls, the kernel is expecting to have to leave space
for the function's return address. We need to duplicate this. It was
an accident that the rfork syscall actually worked here. :-/
the number of times I have given this to people and got asked: why isn't
it in libc? It is impossible to do this without assembler glue to reset
the stack for the new child process.
int rfork_thread(flags, stack_addr, start_fnc, start_arg)
int flags; Flags to rfork system call. See rfork(2).
void *stack_addr; Top of stack for thread.
int (*start_fnc)(void *); Address of thread function to call in child.
void *start_arg; Argument to pass to the thread function in child.
This is deliberately not documented or prototyped in includes until the
corresponding alpha version is written.
a bug in some ftp servers (most notably ftp.vmunix.com) which report the
size of a file correctly in ascii mode, but report it as 0 in binary mode.
Reported by: asmodai
Also remove an unneeded initialization.
Sort out the size / length confusion. Always try to report the *real* file
size in the url_stat structure, no matter how much of it is actually being
sent, and try to detect inconsistencies between sizes.
Rearrange the request loop to avoid having to add meaningless code just to
silence compiler warnings.
Switch to a more sensible and consistent interface for the _http_parse*()
functions.
32-bit type (rather than define his own type based on the type of box
being compiled on).
Submitted by: Mark Abene <phiber@radicalmedia.com>
(however I applied a slightly different fix)
strdup()) rather than pointing it at something that's free()d
(via freeaddrinfo(res)) before the function returns.
I appreciate that this is an API change, but it's the only way
(AFAIK) of doing this without breaking existing code that uses
rcmd{,_af}().
Pointed out by: phkmalloc
than requested. Instead, inform the caller of the real offset by modifying
the offset field in the original struct url, and let him decide how to handle
the situation.
pthread_cond_signal(), pthread_cond_broadcast(), and pthread_cond_timedwait().
Do not dump core in pthread_cond_timedwait() (due to a NULL pointer
dereference) if attempting to wait on an uninitialized condition variable.
PR: bin/18099
fetchStat*(). In most cases, either fetchGet*() or fetchXGet*() is a wrapper
around the other; in all cases, calling fetchGet*() is identical to calling
fetchXGet*() with the second argument set to NULL.
outside the loop inspects it to determine whether or not we succeeded in
retrieving the requested document. This fixes a bug where fetchGetHTTP()
would return a FILE with an invalid file descriptor if it hit the redirect
limit without locating the requested document.
or not interrupted system calls will be restarted. This fixes a bug where
fetch(1) would hang (potentially forever) if a server stopped responding,
because the signal handler would absorb the user's efforts to interrupt the
transfer.
via IPv6, the hostname is trimed due to the length of IPv6 address.
This change saves it as possible.
I have a grudge against the shortage of UT_HOSTSIZE.
to be applied to the value given. This does not break installed
/etc/login.conf files, since un-suffixed numbers are interpreted as
they were before.
PR: 19750
Submitted by: Paul Herman <pherman@frenchfries.net>
moved around, but the acutal functional changes are small.
Add support for site-internal redirects (where the Location: header gives a
path instead of an absolute URI)
Pointed out by: kuriyama
with fdisk, ensure that they are a multiple of the sector size in length.
- Axe all the 1024 cylinder checks as they are no longer relevant with the
fixed bootstrap.
more robust, and somewhat more efficient. It also handles authorization and
redirects properly, and supports timeouts like the FTP code.
Many thanks to Umemoto-san for his assistance with IPv6 support, both here
and in other parts of libfetch.
management involving rcmd_af(), getaddrinfo(), freeaddrinfo(), etc.
We set *ahost to point to ai->canonname; and later free the ai-> stuff
and still leave the old pointers in *ahost to the freed data.
Perhaps the best way to deal with this is a static buffer or a static
strdup() that is freed on the next iteration or something. This gives
me headaches just thinking about this.
The new 'AJ' default for malloc() tripped this up.
of the processing of the recursion, "scan" would be pointing to O_CH
(or O_QUEST), which would then be interpreted as being the end character
for altoffset().
We avoid this by properly increasing scan before leaving the switch.
Without this, something like (a?b?)?cc would result in a g->moffset of
1 instead of 2.
I added a case to the soon-to-be-imported regex(3) test code to catch
this error.
string may be found (from the beginning of the pattern), the point
at which must is found minus that offset may actually point to some
place before the start of the text.
In that case, make start = start.
Alternatively, this could be tested for in the preceding if, but it
did not occur to me. :-)
Caught by: regex(3) test code
use a CHAR_MIN-based array, like elsewhere in the code.
Remove a number of unused variables (some due to the above change, one
that was left after a number of optimizing steps through the source).
Brucified by: bde
remove (comment out) functions defined or depricated elsewhere:
bsearch, lfind, lsearch, insque, remque
change hcreate to take a size_t rather than uint (essentially the same)
since hcreate/hdestroy are now in <search.h>, remove private search.h
in lib/libc/db/hash/
add $FreeBSD tags to hsearch.c
- permit numeric scopeid, be more careful about buffer size
TODO: 2nd arg type should be socklen_t for RFC2553 conformance,
but due to include file dependency it is not a easy thing to do
(netdb.h does not have socklen_t)
soon to be committed syscall stubs. These calls will be used to get
and set capability state associated with executables.
Obtained from: TrustedBSD Project
interface addresses in a portable manner, without headache of SIOCGIFCONF
or sysctl. it is in bsdi/openbsd/netbsd already.
from kame tree (actually, mandatory for latest kame tree).
when parsing certain DNS records during a reverse address resolution. Thus
when code tries to examine the returned host name, it dereferences a null
pointer :-(
Problem noticed by: ps
VIS_HTTPSTYLE is a new encoding style for use in vis(), strvis() and
strvisx() that escapes characters according to RFC 1808 (URI encoding).
Since decoding of these require different detection of start-points of
escaped characters, VIS_HTTPSTYLE can be given as flag to unvis().
unvis() will then properly decode URIs.
A new function appeared, strunvisx(): strunvisx() behaves similar as
strunvis(), with one exception: It has an additional flag parameter,
which is passed to unvis() to archive the effect I described above.
previous commits.
At the time we search the pattern for the "must" string, we now compute
the longest offset from the beginning of the pattern at which the must
string might be found. If that offset is found to be infinite (through
use of "+" or "*"), we set it to -1 to disable the heuristics applied
later.
After we are done with pre-matching, we use that offset and the point in
the text at which the must string was found to compute the earliest
point at which the pattern might be found.
Special care should be taken here. The variable "start" is passed to the
automata-processing functions fast() and slow() to indicate the point in
the text at which they should start working from. The real beginning of
the text is passed in a struct match variable m, which is used to check
for anchors. That variable, though, is initialized with "start", so we
must not adjust "start" before "m" is properly initialized.
Simple tests showed a speed increase from 100% to 400%, but they were
biased in that regexec() was called for the whole file instead of line
by line, and parenthized subexpressions were not searched for.
This change adds a single integer to the size of the "guts" structure,
and does not change the ABI.
Further improvements possible:
Since the speed increase observed here is so huge, one intuitive
optimization would be to introduce a bias in the function that computes
the "must" string so as to prefer a smaller string with a finite offset
over a larger one with an infinite offset. Tests have shown this to be a
bad idea, though, as the cost of false pre-matches far outweights the
benefits of a must offset, even in biased situations.
A number of other improvements suggest themselves, though:
* identify the cases where the pattern is identical to the must
string, and avoid entering fast() and slow() in these cases.
* compute the maximum offset from the must string to the end of
the pattern, and use that to set the point at which fast() and
slow() should give up trying to find a match, and return then
return to pre-matching.
* return all the way to pre-matching if a "match" was found and
later invalidated by back reference processing. Since back
references are evil and should be avoided anyway, this is of
little use.
The BM algorithm works by scanning the pattern from right to left,
and jumping as many characters as viable based on the text's mismatched
character and the pattern's already matched suffix.
This typically enable us to test only a fraction of the text's characters,
but has a worse performance than the straight-forward method for small
patterns. Because of this, the BM algorithm will only be used if the
pattern size is at least 4 characters.
Notice that this pre-matching is done on the largest substring of the
regular expression that _must_ be present on the text for a succesful
match to be possible at all.
For instance, "(xyzzy|grues)" will yield a null "must" substring, and,
therefore, not benefit from the BM algorithm at all. Because of the
lack of intelligence of the algorithm that finds the "must" string,
things like "charjump|matchjump" will also yield a null string. To
optimize that, "(char|match)jump" should be used.
The setup time (at regcomp()) for the BM algorithm will most likely
outweight any benefits for one-time matches. Given the slow regex(3)
we have, this is unlikely to be even perceptible, though.
The size of a regex_t structure is increased by 2*sizeof(char*) +
256*sizeof(int) + strlen(must)*sizeof(int). This is all inside the
regex_t's "guts", which is allocated dynamically by regcomp(). If
allocation of either of the two tables fail, the other one is freed.
In this case, the straight-forward algorithm is used for pre-matching.
Tests exercising the code path affected have shown a speed increase of
50% for "must" strings of length four or five.
API and ABI remain unchanged by this commit.
The patch submitted on the PR was not used, as it was non-functional.
PR: 14342
not have a user-supplied signal handler, when a signal is delivered, one
thread will receive the signal, and then the code reverts to having no
signal handler for the signal. This can leave the other sigwait()ing
threads stranded permanently if the signal is later ignored, or can result
in process termination when the process should have delivered the signal to
one of the threads in sigwait().
To fix this problem, maintain a count of sigwait()ers for each signal that
has no default signal handler. Use the count to correctly install/uninstall
dummy signal handlers.
Reviewed by: deischen
available. If not, it falls back to the existing hack and slash method.
A positive side effect is that non-root users may now use Disk_Names(),
for non-dangerous libh/disk.tcl testing.
Reviewed by: phk
- Have NgSendAsciiMsg() return the same token as NgSendMsg()
- Document that NgSendMsg() and NgSendAsciiMsg() return the token
- Add MLINKS for the functions defined in netgraph(3)
getaddrinfo() accidentally returns IPv4 mapped IPv6 address instead
of native IPv4 address.
Now, getaddinfo() is scoped address ready. You can put scoped
address within /etc/hosts.
Obtained from: KAME Project.
- Multiple PPTP clients behind NAT to the same or different servers.
- Single PPTP server behind NAT -- you just need to redirect TCP
port 1723 to a local machine. Multiple servers behind NAT is
possible but would require a simple API change.
- No API changes!
For more information on how this works see comments at the start of
the alias_pptp.c.
PacketAliasPptp() is no longer necessary and will be removed soon.
Submitted by: Erik Salander <erik@whistle.com>
Reviewed by: ru
Rewritten by: ru
Reviewed by: Erik Salander <erik@whistle.com>
renamed to {s|g}etflagsbyname, which received objections. They're
now called strtofflags (string to file flags) and fflagstostr (file
flags to string).
Suggested by: bde
not allowed to return EINTR, but use of pthread_suspend_np() could cause
EINTR to be returned. To fix this, restructure pthread_suspend_np() so that
it does not interrupt a thread that is waiting on a mutex or condition, and
keep enough state around that pthread_resume_np() can fix things up
afterwards.
Reviewed by: deischen
It does mean that it is now possible to run passive-mode FTP
server behind NAT.
- SECURITY: FTP aliasing engine now ensures that:
o the segment preceding a PORT/227 segment terminates with a \r\n;
o the IP address in the PORT/227 matches the source IP address of
the packet;
o the port number in the PORT command or 277 reply is greater than
or equal to 1024.
Submitted by: Erik Salander <erik@whistle.com>
Reviewed by: ru
.Pp
.Fn func
.Pp
Description ...
with a list (Bl ... Li ... El).
- Remove a superfluous ``.Sh ENVIRONMENT'' and replace it with a ``.Pp''
within the IMPLEMENTATION DETAILS section.
Reviewed by: rwatson
right now...
I talked w/ phk last night and "fixing" this in a generic way is going
to require a lot of complex thought on stacking let alone the NFS problems..
add missing sys/time.h for struct timespec def...
standardized interface to the capability support in TrustedBSD.
o Not currently enabled in Makefile, as this code depends on syscalls
and include files that will be committed at a later date.
Obtained from: TrustedBSD Project
o Add shared library version 2 to libposix1e given API changes, et al
o Commented out cap_*.c as that is not currently being compiled into
the library (pending syscalls being committed)
Obtained from: TrustedBSD Project
o Switch reference to www.trustedbsd.org instead of POSIX.1e implementation
page
o Add cross references to capabilities man pages
o Remove extended attribute not implemented "BUGS" entry
Obtained from: TrustedBSD Project
from the "common" directory.
As a side-effect, this also fixes a bug in the ordering of global
constructors and destructors on the Alpha. See revision 1.3 of
"../common/crtbegin.c" for details.
libcam/Makefile: Add scsi_da.c to libcam for the new
scsi_format_unit() function.
camcontrol.8: Update the man page for the new format
functionality, and take out the examples section
describing how to do it with 'camcontrol cmd'.
camcontrol.c: New format functionality. Note that unlike the
rest of the camcontrol subcommands, this one is
interactive by default. Because of the potential
destructiveness of the format command, I thought
it necessary to get confirmation from the user
before spamming a disk. You can disable the
interactive behavior, and the status meter with
command line arguments.
scsi_da.c: Add the new scsi_format_unit() cdb building
function and use #ifdef _KERNEL to make this file
compile in both the kernel and userland. The
format unit function is currently only defined in
the non-kernel case, because nothing in the kernel
is using it. If that changes, it should be
un-ifdefed and compiled in both cases.
scsi_da.h: New function declaration, CDB structure and format
data structures.
Thanks to Nick Hibma for providing some valuable input on these changes.
various architectures. Now all the work is done in crtbegin.c.
It doesn't contain any assembly language code, so it should work
fine on all architectures. (I have tested it on the i386 and the
alpha.) The old assembly language files crt[in].S are now empty
shells that generate no code or data. They should not be removed
any time soon, because the various versions of gcc in src and ports
expect them to exist.
Next I will move crtbegin.c into a new common machine-independent
directory, and adjust the i386-elf Makefile to use that version.
After that I will adjust the alpha Makefile to use the common
version too.
Requested by: obrien
was not the fault of the module code, nor FICL. The malloc code requires
sbrk() to return addresses that were at least 16 byte aligned. If the
Alpha loader happened to be 8 byte but not 16 byte aligned in length, then
you would get a zfree() panic at startup.
Incidently, this affected the i386 loader as well, and explains why
the static heap changed things and why jlemon had trouble when the bss
was not ending at a multiple of 8 bytes.
My fix is to 16 byte align it on all arches, even though the x86 version
only required 8 byte alignment (struct MemNode is smaller there). We could
page align it if we wanted to be paranoid, but it isn't presently necessary.
. use real function names as `.Nm' macro argument in NAME section. It allows
them to appear in apropos(1) or whatis(1) output.
. replace empty lines with `.Pp' macro.
. replace hardcoded standard names with their `.St' macro equivalents.
. sort cross references in SEE ALSO section
maintained, and has been replaced by msun. The libm sources
shouldn't be removed just yet as there are parts that should be
merged into msun first.
PR: misc/17848
Discussed with: phk & bde
to PPTP) with more generic PacketAliasRedirectProto().
Major number is not bumped because it is believed that noone
has started using PacketAliasRedirectPptp() yet.
LSNAT links are first created by either PacketAliasRedirectPort() or
PacketAliasRedirectAddress() and then set up by one or more calls to
PacketAliasAddServer().
from
all AAAA trial, then all A trial
to
try AAAA and A for each trial
TODO: more fix for the case where IPv4 mapped IPv6 addr is disabled
Reviewed by: ume
maintainers.
After we established our branding method of writing upto 8 characters of
the OS name into the ELF header in the padding; the Binutils maintainers
and/or SCO (as USL) decided that instead the ELF header should grow two new
fields -- EI_OSABI and EI_ABIVERSION. Each of these are an 8-bit unsigned
integer. SCO has assigned official values for the EI_OSABI field. In
addition to this, the Binutils maintainers and NetBSD decided that a better
ELF branding method was to include ABI information in a ".note" ELF
section.
With this set of changes, we will now create ELF binaries branded using
both "official" methods. Due to the complexity of adding a section to a
binary, binaries branded with ``brandelf'' will only brand using the
EI_OSABI method. Also due to the complexity of pulling a section out of an
ELF file vs. poking around in the ELF header, our image activator only
looks at the EI_OSABI header field.
Note that a new kernel can still properly load old binaries except for
Linux static binaries branded in our old method.
*
* For a short period of time, ``ld'' will also brand ELF binaries
* using our old method. This is so people can still use kernel.old
* with a new world. This support will be removed before 5.0-RELEASE,
* and may not last anywhere upto the actual release. My expiration
* time for this is about 6mo.
*
connections, after SYN packets were seen from both ends. Before this,
it would get applied right after the first SYN packet was seen (either
from client or server). With broken TCP connection attempts, when the
remote end does not respond with SYNACK nor with RST, this resulted in
having a useless (ie, no actual TCP connection associated with it) TCP
link with 86400 seconds TTL, wasting system memory. With high rate of
such broken connection attempts (for example, remote end simply blocks
these connection attempts with ipfw(8) without sending RST back), this
could result in a denial-of-service.
PR: bin/17963
but with `dst_port' work for outgoing packets.
This case was not handled properly when I first fixed this
in revision 1.17.
This change is also required for the upcoming improved PPTP
support patches -- that is how I found the problem.
Before this change:
# natd -v -a aliasIP \
-redirect_port tcp localIP:localPORT publicIP:publicPORT 0:remotePORT
Out [TCP] [TCP] localIP:localPORT -> remoteIP:remotePORT aliased to
[TCP] aliasIP:localPORT -> remoteIP:remotePORT
After this change:
# natd -v -a aliasIP \
-redirect_port tcp localIP:localPORT publicIP:publicPORT 0:remotePORT
Out [TCP] [TCP] localIP:localPORT -> remoteIP:remotePORT aliased to
[TCP] publicIP:publicPORT -> remoteIP:remotePORT
INADDR_NONE: Incoming packets go to the alias address (the default)
INADDR_ANY: Incoming packets are not NAT'd (direct access to the
internal network from outside)
anything else: Incoming packets go to the specified address
Change a few inaddr::s_addr == 0 to inaddr::s_addr == INADDR_ANY
while I'm there.
redirected and when no target address has been specified, NAT
the destination address to the alias address rather than
allowing people direct access to your internal network from
outside.
some reason. This will prevent an infinite loop if (say) a sigalarm is
being scheduled at a more frequent interval than the poll timeout.
PR: 2191, 8847, 10553
thread waiting on an event (I/O, condvar, etc) will, when resumed using
pthread_resume_np, return with EINTR. For example, suspending and resuming
a thread blocked on read() will not requeue the thread for the read, but
will return -1 with errno = EINTR. If the suspended thread is in a critical
region, the thread is suspended as soon as it leaves the critical region.
Fix a bogon in pthread_kill() where a signal was being delivered twice
to threads waiting in sigwait().
Reported by (suspend/resume bug): jdp
Reviewed by: jasone
and gids bigger than 16 bits. Added checks for uids and gids that are
bigger than 32 bits.
Approved by: jkh (partly, this fix is bigger than I first intended)
Without this, kernel will panic at getsockopt() of IPSEC_POLICY.
Also make compilable libipsec/test-policy.c which tries getsockopt() of
IPSEC_POLICY.
Approved by: jkh
Submitted by: sakane@kame.net
optimization that generates code our current as doesn't understand.
The result is bad code that damages dynamic symbol locations at
runtime. Ouch. See PR bin/16862 and discussion in -current.
This change will be backed out when gcc and gas are back in sync.
PR: Fixes bin/16862, but not the underlying problem.
Submitted by: bde
Approved by: jdk
when connecting via IPv6, hostname was not recorded to utmp anymore.
Because, if hostname is longer than buffer size, getnameinfo() returns
with ENI_MEMORY.
Reviewed by: shin
Approved by: jkh
I'm not quite sure about this, I think it should be using -lssh_pic since
it's being linked into a .so, but nothing seems to complain ahd it does
work. (well, it works for using the authorized_keys file, but I have not
figured out how to get it to start a ssh-agent and cache the key for me)
PR: 17191
Submitted by: Adrian Pavlykevych <pam@polynet.lviv.ua>
-Added more description.
-Many grammer fix.
-Fix hard sentence break.
-Many other man style fix.
Thanks for bde finding out the problem.
Thanks for sheldon for the patient and thorough review.
:-)
Submitted by: bde
Reviewed by: sheldonh
This
This feature allows you to specify if mmap'd data is included in
an application's corefile.
Change the type of eflags in struct vm_map_entry from u_char to
vm_eflags_t (an unsigned int).
Reviewed by: dillon,jdp,alfred
Approved by: jkh
Sorry for the flapping, but no change will be done for 4.0 anymore.
Official standard will be published around April or later.
If different format would be adopted at that time, then support for
the new format will be added to the succeeding FreeBSD 4.x.
Approved by: jkh
run out of KVM through a mmap()/fork() bomb that allocates hundreds
of thousands of vm_map_entry structures.
Add panic to make null-pointer dereference crash a little more verbose.
Add a new sysctl, vm.max_proc_mmap, which specifies the maximum number
of mmap()'d spaces (discrete vm_map_entry's in the process). The value
defaults to around 9000 for a 128MB machine. The test is scaled for the
number of processes sharing a vmspace (aka linux threads). Setting
the value to 0 disables the feature.
PR: kern/16573
Approved by: jkh
returning the error directly.
For sem_post(), make sure that the correct thread is woken up. This has
unfortunate performance implications, but is necessary for POSIX compliance.
Approved by: jkh
fit in the static buffer. This fix causes it to look like there is no
data available, which is also wrong but is better than dumping core.
PR: bin/10344
Reviewed by: billf
Approved by: jkh
Now libutil depends on libc.so.4, so needs to update the major version.
Without this, old binaries which use libutil and build with libc.so.3
will coredump on recent 4.0.
Solicited comment for cvs-committers and there seems to be no objection.
Approved by: jkh
might it confuse people, but it causes a warning message with
nroff, and no version history mentions a 1.2 version of FreeBSD.
If anything, a ``HISTORY'' section should show which version this
appeared in.
Now libwrap depends on libc.so.4, so needs to update the major version.
Without this, old binaries which use libwrap and build with libc.so.3
will coredump on recent 4.0.
Approved by: jkh
Reviewed by: markm
-Should not error return when rresvport_af() failed for one of dest
addrs resolved by getaddrinfo().
Should retry until all dest addr fail.
Approved by: jkh
(shortend format, etc)
Current KAME getaddrinfo() supports only d.d.d.d format IPv4
addr. But traditionally inet_aton() and etc support other formats.
(shortend format and octal/deciaml/hex format)
Aboud this,
-As far as the discussion on freebsd-current, many people
think traditional format should also be supported by getaddrinfo().
-X/Open spec requires getaddrinfo() also support those
traditional IPv4 format.
-RFC2553 say nothing about it.
-As the result of confirmation in ietf/ipng list, there is
no clear concensus yet, and the reply was, "RFC2553 update
and X/Open spec will be in sync"
So takeing these conditions into account, I think
getaddrinfo() should also support traditional IPv4 format.
Specified by: Marc Schneiders <marc@oldserver.demon.nl>
Approved by: jkh
KAME scoped addr format is changed recently.
before: addr@scope
now: scope%addr
Because the end of IPv6 numeric addr is tend to be truncated in
`netstat -rn ` output, so placing scope part at starting of addr
will be convenient.
Approved by: jkh
Obtained from: KAME project
of the C++ stdlib. Our ctype.h uses symbols of the form _<X> to denote the
various character classes. Our ctype.h also extends the usual ctype.h
offering by adding the "_T" (special) class. Problem is parts of the STL
also use the symbol "_T" as its parameterized type. These two uses are
incompatible.
Thus change the form of the symbols used in ctype to something that fixes
the current problem and is less likely to cause conflicts in the future.
Requested by: Tomoaki NISHIYAMA <tomoaki@biol.s.u-tokyo.ac.jp>
Ok'ed by: JKH
interface, and statically link them to the programs using them.
These functions, upon reflection and discussion, are too generically
named for a library interface with such specific functionality.
Also the api that they use, whilst ok for private use, isn't good
enough for a libc function.
Additionally there were complications with the build/install-world
process. It depends heavily upon xinstall, which got broken by
the change in api, and caused bootstrap problems and general mayhem.
There is work in progress to address future problems that may be
caused by changes in install-chain tools, and better names for
{g|s}etflags can be derived when some future program requires them.
For now the code has been left in src/lib/libc/gen (it started off
in src/bin/ls).
It's important to provide library functions for manipulating file
flag strings if we ever want this interface to be adopted outside
of the source tree, but now isn't necessarily the right moment
with 4.0-release just around the corner.
Approved: jkh
Now when tcp_wrapper is enabled by inetd -wW,
several accesses which should be permitted are refused only for IPv6,
if hostname is used to decide the host to be allowed.
IPv6 users will be just upset.
About security related concern.
-All extensions are wrapped by #ifdef INET6, so people can completely
disable the extension by recompile libwrap without INET6 option.
-Access via IPv6 is not enabled by default.
People need to enable IPv6 access by changing /etc/inetd.conf at first,
by adding tcp6 and/or tcp46 entries.
-The base of patches are from KAME package and are actually daily used
for more than a year in several Japanese IPv6 environments.
-Patches are reviewed by markm.
Approved by: jkh
Submitted by: Hajimu UMEMOTO <ume@mahoroba.org>
Reviewed by: markm
Obtained from: KAME project
When libipsec library is created, no SHLIB numbers are
specified in the Makefile. Then the library version was set
to 2.(by default?)
So change it to 0.
For now it should not be problem, because the contents are same.
I'll also prepare an entry for UPDATING.
Some of rcmd related function is need to be updated to
support IPv6. Some of them are already updated as standard
document. But there is also several de-facto functions and
they are not listed in standard documents.
They are,
iruserok() (used by rlogind, rshd)
ruserok() (used by kerberos, etc)
KAME package updated those functions in original way.
iruserok_af()
ruserok_af()
But recently there was discussion on IETF IPng mailing
list about how to sync those API, and it is decided,
-Those function is not standard and not documented.
-But let BSDs sync their API as de-facto.
And after some discussion, it is announced that
-add update to iruserok() as iruserok_sa()
-no ruserok() API change(it is only updated internaly)
So I sync those API before 4.0 is released.
The changes are,
-prototype changes
-ruserok() internal update (use iruserok_sa() inside)
-removal of ruserok_af()
-change iruserok_af() as static functioin, and also prefix the name with __.
-add iruserok_sa() (Just call __iruserok_af() inside)
-adding flag AI_ALL to getipnodebyaddr() called from __icheckhost().
This is necessary to support IPv4 communication via AF_INET6 socket
could be correctly authenticated via iruserok_sa()
-irusreok_af() call is replaced to iruserok_sa() call
in rlogind, and rshd.
Approved by: jkh
For libc_r renamed syscalls, correct symbol naming from
_thread_sys_foo() <-- _foo() to _thread_sys_foo() <-- _foo() <-- foo(). This
is necessary for system calls which libc_r doesn't define foo().
Some weak symbols such as poll() are defined twice. From what I understand,
depending on one weak symbol or the other to be used is a bad idea. All
such weak symbols defined in the libc_r-specific code should therefore be
made strong (non-weak?).
Simplify PSEUDO() to not define any weak symbols, since they aren't ever
needed.
alpha/SYS.h:
Correct reversed usage of WEAK_ALIAS(), which has reversed arguments from
__weak_reference(). Also, fix reversal of symbols, so that syscall foo()
is a weak alias for _foo().
Add WEAK_ALIAS() call to PRSYSCALL(), which unlike the i386 version of
PRSYSCALL(), is not defined in terms of PSYSCALL().
Make PSEUDO() equivalent to the i386 version.
Introduce ACL man pages en masse for library calls, and general introduction.
Also, fix acl_valid.c non-portable calls to include _np in their names,
making them standard-happy as well as consistent with acl.h
strftime(3), add another one. :) %z yields the local timezone's offset
in hours and minutes, as used in RFC822 headers. There's a precedence
for this in Lunux' libc, and Internet software (like Perl scripts)
start using it.
OKed by (wrt. the code freeze): jkh
just use _foo() <-- foo(). In the case of a libpthread that doesn't do
call conversion (such as linuxthreads and our upcoming libpthread), this
is adequate. In the case of libc_r, we still need three names, which are
now _thread_sys_foo() <-- _foo() <-- foo().
Convert all internal libc usage of: aio_suspend(), close(), fsync(), msync(),
nanosleep(), open(), fcntl(), read(), and write() to _foo() instead of foo().
Remove all internal libc usage of: creat(), pause(), sleep(), system(),
tcdrain(), wait(), and waitpid().
Make thread cancellation fully POSIX-compliant.
Suggested by: deischen
string to u_long and back using two functions, flags_to_string and
string_to_flags, which co-existed with 'ls'. As time has progressed
more and more other tools have used these private functions to
manipulate the file flags.
Recently I moved these functions from /usr/src/bin/ls to libutil,
but after some discussion with bde it's been decided that they
really ought to go in libc.
There are two already existing libc functions for manipulating file
modes: setmode and getmode. In keeping with these flags_to_string
has been renamed getflags and string_to_flags to setflags.
The manual page could probably be improved upon ;)
o Do not override `environ' if realloc() fails, leave it intact.
o Set `alloced' only when memory is actually allocated.
PR: bin/5604 (2nd part)
Reviewed by: bde
Updated date. 1987 was a while ago.
Removed trailing comma in NAME section.
Uncapitalised Bindresvport and Bindresvport_sa in DESCRIPTION section.
Don't use .Nm there either.
Added bindresvport_sa() to the RETURN VALUES and ERROR sections.
- clean up unneeded AFS ID type
- Add Coda, NTFS, NWFS ACL types
- Add acl_dup() prototype
- Remove acl_calc_mask, which belongs in the editing library
- Introduce posix1e.3, a man page introducing POSIX.1e library calls
(more man pages to follow)
-changed bindresvport2 to bindresvport_sa
-merged the man into bindresvport.3
All discussion between Jean-Luc Richier <Jean-Luc.Richier@imag.fr>,
Theo de Raadt <deraadt@cvs.openbsd.org>, itojun, is reflected to
this code. (Actually Theo de Raadt write the code simultaneously as the
discussion change.)
obtained from itojun.
-don't filter address families which are not supported by system at
FQDN resolving.
-don't do reverse lookup
I think I checked all lib and tools which use getaddrinfo() if
this change affect them.
Obtained from: KAME project
adds _np to a couple of function prototypes that provided more broad/useful
interfaces than POSIX.1e interfaces included.
Also, move from using a heuristic to identify POSIX.1e-semantic ACLs to
using different ACL types for non-POSIX.1e ACLs. This should clean up the
existing fuzzy logic that determined when acl_sort() should be applied
before kernel submission.
are not supported by this implementation, and the error return values
from sem_init(), sem_open(), sem_close(), and sem_unlink() reflect this.
Approved by: jkh
signal handler. Explicitly check for jumps to anywhere other than the
current stack, since such jumps are undefined according to POSIX.
While we're at it, convert thread cancellation to use continuations, since
it's cleaner than the original cancellation code.
Avoid delivering a signal to a thread twice. This was a pre-existing bug,
but was likely unexposed until these other changes were made.
Defer signals generated by pthread_kill() so that they can be delivered on
the appropriate stack. deischen claims that this is unnecessary, which is
likely true, but without this change, pthread_kill() can cause undefined
priority queue states and/or PANICs in [sig|_]longjmp(), so I'm leaving
this in for now. To compile this code out and exercise the bug, define
the _NO_UNDISPATCH cpp macro. Defining _PTHREADS_INVARIANTS as well will
cause earlier crashes.
PR: kern/14685
Collaboration with: deischen
prettier (?) names, adding some const's around here, et al.
This is commit 4 out of 3, updating the userland library to reflect kernel
interface changes.
Reviewed by: bde
check for on the server may arise legitimately on the client. The
correct way to check for a zero record length is to check for it
without the LAST_FRAG marker in it, since it's legal to send a LAST_FRAG
marker with 0 bytes of data.
PR: misc/16028
the case that a CPU hungry main thread is prevented from being preempted
due to a negative calculation of its time slice.
Reported by: Alexander Litvin <archer@lucky.net>
libcrypt and libutil was not built before libpam.
The order here is currently unimportant, but ../Makefile should
descend here to build everything (which currently doesn't work
right) or at least to get the order using `make -V SUBDIR'.
Fixed bitrot in comments about library dependencies. The list has been
maintained better in ../Makefile.inc1, except it has been uninverted
there so it is hard to use manually.
interface. This commit introduces the library, as well as a modest
subset of the ACL calls, with some modifications to support multiple
ACL semantics.
Reviewed by: eivind
points. For library functions, the pattern is __sleep() <--
_libc_sleep() <-- sleep(). The arrows represent weak aliases. For
system calls, the pattern is _read() <-- _libc_read() <-- read().
I smite thee, vile buildworld breakage!
The story is that these were added to beforeinstall improperly. In our
beforeinstall, a full mtree has not been populated. Since the tree is
not populated, we explode from missing directories on doc install. It
should not be done in beforeinstall (includes) anyway.
* Add the 'h' ftp flag (allocate local port in high range)
* Add the 'd' flag (use direct connection even if proxy is defined)
* Make sure flags != NULL before calling strchr().
* Minor changes to some comments.
the initial thread). Instead, just leave an unmapped gap between thread
stacks and make sure that the thread stacks won't grow into these gaps,
simply by limiting the size of the stacks with the 'len' argument to
mmap(). This (if I understand correctly) reduces VM overhead
considerably.
Reviewed by: deischen
is an application space macro and the applications are supposed to be free
to use it as they please (but cannot). This is consistant with the other
BSD's who made this change quite some time ago. More commits to come.
handler. Thread-to-thread signals (pthread_signal) are treated differently
than process signals; a pthread_signal can wakeup a blocked thread if
a signal handler is not installed for that signal.
Found by: ACE tests
pointer" instead. The potential confusion arises because the string/*.3
pages use the term "null-terminated string" (which is permissable). Moreover,
this also makes these two manpages more consistent with the other string/*.3
manpages.
(1)added error check of if_nameindex() return value at getaddrinfo().
(2)print out more detailed information when getaddrinfo() error value
is EAI_SYSTEM.(in this case system error num is kept in errno)
(1) is Discovered by: jinmei@kame.net in KAME environment.
(From the author:)
Primarily, I have added built-in functions for manipulating the
environment, so putenv() is no longer used. XDM and its variants
should now work without modification. Note that the new code uses
the macros in <sys/queue.h>.
Submitted by: Andrew J. Korty <ajk@iu.edu>
locking functions. If an application loads a shared object with
dlopen() and the shared object has an init function which requires
lazy binding, then _rtld_bind is called when the thread is already
inside the dynamic linker. This leads to a recursive acquisition
of the lock, which I was not expecting -- hence the assert failure.
This work-around makes the default locking functions handle recursive
locking. It is NOT the correct fix -- that should be implemented
at the generic locking level rather than in the default locking
functions. I will implement the correct fix in a future commit.
Since the dllockinit() interface will likely need to change, warn
about that in both the man page and the header file.
Fix some ctype problems - isascii() caused a warning if fed an unsigned
char - it's always > 0 and libstand is compiled with -Wall.
Missing prototype/include in printf.c
and is module aware. Yes, this means that kvm_nlist(3) will find symbols
in loaded modules. The emulation of the nlist struct is pretty crude but
seems to work well enough for all the users in the tree that I found.
functions to be used by the dynamic linker. This can be called by
threads packages at start-up time. I will add the call to libc_r
soon.
Also add a default locking method that is used up until dllockinit()
is called. The default method works by blocking SIGVTALRM, SIGPROF,
and SIGALRM in critical sections. It is based on the observation
that most user-space threads packages implement thread preemption
with one of these signals (usually SIGVTALRM).
The dynamic linker has never been reentrant, but it became less
reentrant in revision 1.34 of "src/libexec/rtld-elf/rtld.c".
Starting with that revision, multiple threads each doing lazy
binding could interfere with each other. The usual symptom was
that a symbol was falsely reported as undefined at start-up time.
It was rare but not unseen. This commit fixes it.
Doing the "right thing" here is difficult, so create two ENTRY points for
each function (for example, __setjmp and setjmp are equivalent). This
isn't pretty, but it works for both aout and ELF.
libc symbol naming needs an overhaul in order to properly support function
wrapping, specifically in the case of a real libpthread, and these
duplicate entry points should be fixed as part of that overhaul.
Pointed out by: bde
takes an int arg and is prototyped in <string.h>. It has the opposite
interface botches to psignal(3) which takes a bogus unsigned arg but is
prototyped in the right place.
This is not the last of the interface problems for strsignal(). We
obtained it from NetBSD, but NetBSD has moved its prototype to
<unistd.h>. strsignal() should return const char *, but it returns
char * for historical reasons. NetBSD declares it as returning
__aconst char, where __aconst is normally empty but can be set to
`const' to give better error checking. glibc-2.1.1 prototypes
strsignal() in <string.h>.
lobotomized environment, say booted from a floppy with no /etc full
of password and group files, give sensible fallbacks for roots uid
and operators gid.
This might fix sysinstall.
this makefile update which should have been together with the file
removal.
Removed vlimit.3 and vtimes.3. Removed vlimit.c and vtimes.c from
the "MISSING" list. These were old variants of get/setrlimit() and
getrusage(), respectively, and were never implemented in FreeBSD.
vlimit.3 referred to <sys/vlimit.h> which was removed recently.
vtimes.3 referred to <sys/vtimes.h> which never existed in FreeBSD.
the "MISSING" list. These were old variants of get/setrlimit() and
getrusage(), respectively, and were never implemented in FreeBSD.
vlimit.3 referred to <sys/vlimit.h> which was removed recently.
vtimes.3 referred to <sys/vtimes.h> which never existed in FreeBSD.
o Cancellation flags were not getting properly set/cleared.
o Loops waiting for internal locks were not being exited
correctly by a cancelled thread.
o Minor spelling (cancelation -> cancellation) and formatting
corrections (missing tab).
Found by: tg
Reviewed by: jasone
o Don't call signal handlers with the signal handler access lock
held.
o Remove pending signals before calling signal handlers. If
pending signals were not removed prior to handling them,
invocation of the handler could cause the handler to be
called more than once for the same signal. Found by: JB
o When SIGCHLD arrives, wake up all threads in PS_WAIT_WAIT
(wait4).
PR: bin/15328
Reviewed by: jasone
IPv6 specific library functions addition.
(getnameinfo(), getaddrinfo(), and IPv6 transport support is not yet)
Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project
__setjmp, __longjmp, __sigsetjmp, and __siglongjmp, respectively.
This supports cancellation in the linuxthreads port. In the long run,
a much more comprehensive solution will necessitate more dramatic changes
to libc symbol naming, and these aliases will probably need modification
at that time.
MAN8+= rstat_svc.8
The file it talks about doesn't exist on FreeBSD, so there's no point in
installing the manual page. There was already a comment to this effect in
this file, but the entry hadn't been commented out.
rstat.1 and rstat_svc.8 can probably actually be removed.
PR: docs/13767
Submitted by: Seth <seth@freebie.dp.ny.frb.org>
madvise().
This feature prevents the update daemon from gratuitously flushing
dirty pages associated with a mapped file-backed region of memory. The
system pager will still page the memory as necessary and the VM system
will still be fully coherent with the filesystem. Modifications made
by other means to the same area of memory, for example by write(), are
unaffected. The feature works on a page-granularity basis.
MAP_NOSYNC allows one to use mmap() to share memory between processes
without incuring any significant filesystem overhead, putting it in
the same performance category as SysV Shared memory and anonymous memory.
Reviewed by: julian, alc, dg
is good for... :-)), I discovered that part of the change when mkstemps()
was brought in was missed - it was missing the termination case to make
sure it doesn't walk into the suffix. This isn't the same code OpenBSD
has, I think this is a little better as we terminate the loop in a better
spot.
Discuss in the BUGS section of the manpage, problems involved with
the use of %C, %e, %l, %p, %U and %W.
PR: 13901
Reported by: scott@chronis.pobox.com
Before this change, a signal was delivered to each thread that
didn't have the signal masked. Signals also improperly woke up
threads waiting on I/O. With this change, signals are now
handled in the following way:
o If a thread is waiting in a sigwait for the signal,
then the thread is woken up.
o If no threads are sigwait'ing on the signal and a
thread is in a sigsuspend waiting for the signal,
then the thread is woken up.
o In the case that no threads are waiting or suspended
on the signal, then the signal is delivered to the
first thread we find that has the signal unmasked.
o If no threads are waiting or suspended on the signal,
and no threads have the signal unmasked, then the signal
is added to the process wide pending signal set. The
signal will be delivered to the first thread that unmasks
the signal.
If there is an installed signal handler, it is only invoked
if the chosen thread was not in a sigwait.
In the case that multiple threads are waiting or suspended
on a signal, or multiple threads have the signal unmasked,
we wake up/deliver the signal to the first thread we find.
The above rules still apply.
Reported by: Scott Hess <scott@avantgo.com>
Reviewed by: jb, jasone
the environment. This allows big ID warnings to be suppressed for
vipw and chpass as well.
Since the environment variable test is only performed for callers
of pw_scan() that do not set pw_big_ids_warning, the test can still
be overriden. Currently, chpass and pwd_mkdb are the only users
of pw_scan() and neither of them overrides the environment variable
test.
NGM_BINARY2ASCII, which convert control messages to ASCII and back.
This allows control messages to be sent and received in ASCII form
using ngctl(8), which makes ngctl a lot more useful.
This also allows all the type-specific debugging code in libnetgraph
to go away -- instead, we just ask the node itself to do the ASCII
translation for us.
Currently, all generic control messages are supported, as well as
messages associated with the following node types: async, cisco,
ksocket, and ppp.
See /usr/share/examples/netgraph/ngctl for an example of using this.
Also give ngctl(8) the ability to print out incoming data and
control messages at any time. Eventually nghook(8) may be subsumed.
Several other misc. bug fixes.
Reviewed by: julian
readdir_r is not POSIX according to POSIX_SOURCE, bruce says:
> readdir_r() is in the _POSIX_SOURCE section, but is not a POSIX.1-1990
> function. It's POSIX.1-1996 so it should be under a different feature
> test which we don't support yet.
make sure errno is saved so that its contents are cleared unless
necessary.
Submitted by: bde
"login auth sufficient pam_ssh.so" to your /etc/pam.conf, and
users with a ~/.ssh/identity can login(1) with their SSH key :)
PR: 15158
Submitted by: Andrew J. Korty <ajk@waterspout.com>
Reviewed by: obrien
to use mmap(..., MAP_STACK, ...) on alpha too since that should work
now.
* Add hooks to allow GDB to access the internals of pthreads without
having to know the exact layout of struct pthread.
Reviewed by: deischen
eischen (Daniel Eischen) added wrappers to protect against cancled
threads orphaning internal resources.
the cancelability code is still a bit fuzzy but works for test
programs of my own, OpenBSD's and some examples from ORA's books.
add readdir_r to both libc and libc_r
add some 'const' attributes to function parameters
Reviewed by: eischen, jasone
with NetBSD and the Single Unix Specification v2.
This updates some structures with other, almost equivalent types and
effort is under way to get the whole more consistent.
Also removes a double definition of INET6 and some other clean-ups.
Reviewed by: green, bde, phk
Some part obtained from: NetBSD, SUSv2 specification
happy with how this end up and will re-visit the entire empty field
problem, but this patch solves the NIS problem for now.
Submitted by: Dan Nelson <dan@emsphone.com>
PR: 14865,14984
mode. This addresses a well-known race condition that can cause
servers to hang in accept(). The relevant case is when somebody
connects to the server and then immediately kills the connection
by sending a TCP reset. On the server this causes select to report
a ready condition on the socket, after which the accept call blocks
because there is no longer any pending connection to accept.
In -current there is already a work-around for this in the kernel.
It was merged into -stable some time ago, but then David Greenman
reverted it because it seemed to be causing a socket leak in some
cases. (See uipc_socket.c revision 1.51.2.3.) Hence this userland
fix is needed in -stable, and I plan to merge it into that branch
soon because it fixes a potential DoS attack. It may also be needed
in -current if the suspected socket leak turns out to be real. In
any case, after thinking it over I believe the fix belongs in
userland. An application shouldn't assume that a ready return from
select guarantees that the subsequent I/O operation cannot block.
A lot can happen between the select and the accept.
A similar fix should most likely be applied to the Unix domain
socket transport too.
Submitted by: peter
Reviewed by: jdp
It used to loop back up to the accept() call and block there,
shutting out all other transports until a new connection came in.
Now it returns instead after dropping the connection. That will
take it back to the select() loop where all transports can be
serviced. I intend to MFC this within a day or two since it
fixes a DoS vulnerability.
This fixes some nasty procfs problems for SMP, makes ps(1) run much faster,
and makes ps(1) even less dependent on /proc which will aid chroot and
jails alike.
To disable this facility and revert to previous behaviour:
sysctl -w kern.ps_arg_cache_limit=0
For full details see the current@FreeBSD.org mail-archives.
All Makefiles now use MACHINE_ARCH for the target architecture.
Unification is required for cross-building.
Tags added to:
sys/boot/Makefile
sys/boot/arc/loader/Makefile
sys/kern/Makefile
usr.bin/cpp/Makefile
usr.bin/gcore/Makefile
usr.bin/truss/Makefile
usr.bin/gcore/Makefile:
fixed typo: MACHINDE -> MACHINE_ARCH
which is zero-based.
Correct the range checking for the value taken for %S.
Add %w for the day of the week (0-6).
Accept (but do nothing with) %U and %W. The comment for this change was
taken from NetBSD.
These changes were made after several failed attempts to contact the
author of our strptime.c .
PR: 10131
Submitted by: tadf@kt.rim.or.jp (Tadayoshi Funaba)
It adds new functions and extend some structures and can handle
VESA modes.
- Update the man page.
- Bump the library version number.
(The old version will be added to compat3x.)
of the /etc/radius.conf file. But the code contains hacks for
backward compatibility, so old files will continue to work.
I updated the man pages and made a couple of minor changes, but
everything else was submitted by Oleg.
PR: misc/14284
Submitted by: Oleg Semyonov <os@altavista.net>
should close all outstanding PRs on incorrect inet_aton behavior, and
since it has a decent parsing routine, doesn't allow some hysterically
working behavior.
PR: 13628
Submitted by: Adrian Chadd <adrian@FreeBSD.org>
two subsections: SINOPSIS (declarations) and DESCRIPTION (descriptions)
All functions now mentioned in NAME section (apropos capable manpage :)
Various mdoc fixe
Been in production for 3 years now. Gives Instant Frame relay to if_sr
and if_ar drivers, and PPPOE support soon. See:
ftp://ftp.whistle.com/pub/archie/netgraph/index.html
for on-line manual pages.
Reviewed by: Doug Rabson (dfr@freebsd.org)
Obtained from: Whistle CVS tree
next try over chroot (descriptor closed). getgrnam() used already handles
endgrent() properly and honors _gr_stayopen. Automatically call
setgroupent(1) when _pw_stayopen is set (for YP/NIS code).
setjmp() gets the jmp_buf pointer from the wrong place (the place
where the return address is) in the shlib case, and uses it (only)
to fetch the current signal mask to address (return_address + 28).
This address is normally read-only (I hope), so the sigprocmask()
call has no effect except to return an error code.
\end{quote}
Submitted by: bde
just breaks the prototypes for gzseek() and gztell() when an application
defines HAVE_UNISTD_H before including <zlib.h>. z_off_t was always
long for compiling zlib, but was sometimes off_t for compiling
applications, e.g., Ethereal 0.7.5.
This "fix" preserves bug for bug binary compatibility. z_off_t should
be off_t for everything, but zlib doesn't support off_t being longer
than long, so using the correct type without fixing zlib's internals
would at best break binary compatibility. This "fix" also make the
namespace problems for HAVE_UNISTD_H no worse than hundreds of other
namespace prooblems in zconf.h. I'll wait for a new release of zlib
for proper fixes.
Reported by: Guy Harris via jkh
the code, which seems to implement the POSIX requirements, and
have described the behavior here. Basically, it behaves the same
as select(2).
Noticed by: John Polstra
to call osigaction(). But that's wrong because it causes the
handler to receive a struct osigcontext instead of the expected
struct sigcontext. Use sigaction() instead, copying the compatible
portion of the signal mask.
Reviewed by: marcel
