this is not strictly compliant with XSI curses, it enables us to pass
const strings to many more functions that are actually const safe than
before. This should be harmless.
Requested by: lots of folks
of calling sigprocmask(). This matches the behaviour of thr_sigsetmask()
on Solaris; _pthread_sigmask_stub was added purely for compatibility
with Solaris (for TI-RPC), so it might as well do the same thing.
This fixes the problem where client RPC calls ignored all signals
for the complete duration of the RPC. This behaviour is currently
necessary in the threaded case due to locking issues, but was never
intended to occur in non-threaded programs.
Reviewed by: deischen
This work was based on kame-20010528-freebsd43-snap.tgz and some
critical problem after the snap was out were fixed.
There are many many changes since last KAME merge.
TODO:
- The definitions of SADB_* in sys/net/pfkeyv2.h are still different
from RFC2407/IANA assignment because of binary compatibility
issue. It should be fixed under 5-CURRENT.
- ip6po_m member of struct ip6_pktopts is no longer used. But, it
is still there because of binary compatibility issue. It should
be removed under 5-CURRENT.
Reviewed by: itojun
Obtained from: KAME
MFC after: 3 weeks
IPv6 transport-ready resolvers/DNS servers. Need careful configuration
when enable it. (default config is not affected).
See manpage for details.
XXX visible symbol __res_opt() is added, however, it is not supposed to be
called from outside, libc minor is not bumped.
Obtained from: KAME/NetBSD
Move common stuff into Makefile.inc, and tidy up all the Makefiles
as a result.
Build new modules.
Put a commented-out dependancy on libpam for the (shared) modules.
I can't bring this in just yet, as the dependancy (modules->libpam)
is reversed for the static case (libpam->modules).
pam_securetty silently succeeds if the user is on a secure tty
as defined by /etc/ttys.
pam_ftp does "anonymous ftp" style authentication with options for
specifying the anonymous user(s).
data pointer. This bug has been here since the ti-rpc import; it
apparently broke the clnt_control CLGET_SVC_ADDR options.
PR: misc/27813
Submitted by: Jean-Luc Richier <Jean-Luc.Richier@imag.fr>
there and compare the inode and device numbers to the values we remember,
to guard against the directory having been moved around in the meantime.
Reported by: Nick Cleaton <nick@cleaton.net>
For FTP control connection, keep the CRLF end-of-line termination
status in there.
Fixed the bug when the first FTP command in a session was ignored.
PR: 24048
MFC after: 1 week
real uid, saved uid, real gid, and saved gid to ucred, as well as the
pcred->pc_uidinfo, which was associated with the real uid, only rename
it to cr_ruidinfo so as not to conflict with cr_uidinfo, which
corresponds to the effective uid.
o Remove p_cred from struct proc; add p_ucred to struct proc, replacing
original macro that pointed.
p->p_ucred to p->p_cred->pc_ucred.
o Universally update code so that it makes use of ucred instead of pcred,
p->p_ucred instead of p->p_pcred, cr_ruidinfo instead of p_uidinfo,
cr_{r,sv}{u,g}id instead of p_*, etc.
o Remove pcred0 and its initialization from init_main.c; initialize
cr_ruidinfo there.
o Restruction many credential modification chunks to always crdup while
we figure out locking and optimizations; generally speaking, this
means moving to a structure like this:
newcred = crdup(oldcred);
...
p->p_ucred = newcred;
crfree(oldcred);
It's not race-free, but better than nothing. There are also races
in sys_process.c, all inter-process authorization, fork, exec, and
exit.
o Remove sigio->sio_ruid since sigio->sio_ucred now contains the ruid;
remove comments indicating that the old arrangement was a problem.
o Restructure exec1() a little to use newcred/oldcred arrangement, and
use improved uid management primitives.
o Clean up exit1() so as to do less work in credential cleanup due to
pcred removal.
o Clean up fork1() so as to do less work in credential cleanup and
allocation.
o Clean up ktrcanset() to take into account changes, and move to using
suser_xxx() instead of performing a direct uid==0 comparision.
o Improve commenting in various kern_prot.c credential modification
calls to better document current behavior. In a couple of places,
current behavior is a little questionable and we need to check
POSIX.1 to make sure it's "right". More commenting work still
remains to be done.
o Update credential management calls, such as crfree(), to take into
account new ruidinfo reference.
o Modify or add the following uid and gid helper routines:
change_euid()
change_egid()
change_ruid()
change_rgid()
change_svuid()
change_svgid()
In each case, the call now acts on a credential not a process, and as
such no longer requires more complicated process locking/etc. They
now assume the caller will do any necessary allocation of an
exclusive credential reference. Each is commented to document its
reference requirements.
o CANSIGIO() is simplified to require only credentials, not processes
and pcreds.
o Remove lots of (p_pcred==NULL) checks.
o Add an XXX to authorization code in nfs_lock.c, since it's
questionable, and needs to be considered carefully.
o Simplify posix4 authorization code to require only credentials, not
processes and pcreds. Note that this authorization, as well as
CANSIGIO(), needs to be updated to use the p_cansignal() and
p_cansched() centralized authorization routines, as they currently
do not take into account some desirable restrictions that are handled
by the centralized routines, as well as being inconsistent with other
similar authorization instances.
o Update libkvm to take these changes into account.
Obtained from: TrustedBSD Project
Reviewed by: green, bde, jhb, freebsd-arch, freebsd-audit
reason not to add it to others later). This causes the pam_unix
module to check the user's _own_ password, not the password of the
account that the user is authenticating into. This will allow eg:
WHEELSU type behaviour from su(1).
Tor created a while ago, removes the raw I/O piece (that has cache coherency
problems), and adds a buffer cache / VM freeing piece.
Essentially this patch causes O_DIRECT I/O to not be left in the cache, but
does not prevent it from going through the cache, hence the 80%. For
the last 20% we need a method by which the I/O can be issued directly to
buffer supplied by the user process and bypass the buffer cache entirely,
but still maintain cache coherency.
I also have the code working under -stable but the changes made to sys/file.h
may not be MFCable, so an MFC is not on the table yet.
Submitted by: tegge, dillon
keep track of a joiner. POSIX only supports a single joiner, so this
simplification is acceptable.
At the same time, make sure to mark a joined thread as detached so that
its resources can be freed.
Reviewed by: deischen
PR: 24345
accidentally clobber the server address if a stray packet arrived
at the client port. This would result in any further retransmits
going to the wrong address.
For now, fix this by not saving the source address of the reply; this
matches the pre-tirpc behaviour.
there is no need to wake all waiters to assure that the highest priority
thread is run. As the semaphore code is written, there was no correctness
problem, but the change improves sem_post() performance.
Pointed out by: deischen
history info as:
: .Sh STANDARDS If the command, library function or file adheres to a
: specific implementation such as IEEE Std 1003.2
: (``POSIX.2'') or ANSI X3.159-1989 (``ANSI C'') this
: should be noted here. If the command does not adhere
: to any standard, its history should be noted in the
: HISTORY section.
pam_krb5 is a Kerberos 5 (Heimdal) authentication module.
pam_nologin checks for /etc/nologin and does the "usual stuff"
if it is found, otherwise it silently succeeds.
pam_rootok silently succeeds if the user is root, otherwise
it fails.
pam_wheel silently succeeds if the user is a member of group
"wheel" (or another nominated group), and fails
otherwise.
There is an issue with kerberosIV and kerberos5 - if both are
being built, then static linking fails with duplicate symbols.
This will take a bit of work to sort out in the kerberii.
+ make Open_Disk sense the sector size by trying 512, 1024 and 2048
in this order. This makes the kernel note that
dscheck(cd1): bio_bcount 512 is not on a sector boundary (ssize 2048)
dscheck(cd1): bio_bcount 1024 is not on a sector boundary (ssize 2048)
if 2048 is the sector size. If this worries anyone: the message is from
/usr/src/sys/kern/subr_diskslice.c and shutups are to be placed there.
+ Have read_block and write_block use an additional parameter, the
sector size.
+ replace all barfout calls with return NULL, 0, __LINE__, etc.
Note that this does NOT emit diagnostics. More often than not,
you don't want library functions to scribble on stderr -- it may
not even be available. The right thing is to propagate the error
condition to upper management. The app should take care of errors.
+ use d1->sector_size instead of 512 in various places. I've left many
places untouched, especially those writing MBRs. I simply added
another arg hardcoded as 512. This is because I would not know what
I'm doing... I felt this approach would be reasonably backward
compatible and not introduce any new bugs in critical software.
Famous last words. Messing with MBRs might soon put me in the same
screwup meister category as, uh, never mind. :-)
+ bump the max no of disks from 20 to 32 (due to PR 24503).
PR: 8434 / 8436 / 24503
Submitted by: Jens Schweikhardt <schweikh@schweikhardt.net>
terminates the string in all cases, based on code from netstat(1).
The path in a sockaddr_un is terminated either by a '\0', or by
the end of the sockaddr as defined by sun_len.
Previously, the code could write the "safety" '\0' beyond the end
of the sockaddr (sockaddr_un's need only be large enough to store
sun_len bytes), and writing into the the supplied sockaddr is bad
anyway.
process on fork(2).
It is the supposed behavior stated in the manpage of sigaction(2), and
Solaris, NetBSD and FreeBSD 3-STABLE correctly do so.
The previous fix against libc_r/uthread/uthread_fork.c fixed the
problem only for the programs linked with libc_r, so back it out and
fix fork(2) itself to help those not linked with libc_r as well.
PR: kern/26705
Submitted by: KUROSAWA Takahiro <fwkg7679@mb.infoweb.ne.jp>
Tested by: knu, GOTOU Yuuzou <gotoyuzo@notwork.org>,
and some other people
Not objected by: hackers
MFC in: 3 days
placed in any scheduling queue(s). The process of dispatching
signals to a thread can change its state which will attempt to add
or remove the thread from any scheduling queue to which it belongs.
This can break some assertions if the thread isn't in the queue(s)
implied by its state.
When adding dispatching a pending signal to a thread, be sure to
remove the signal from the threads set of pending signals.
PR: 27035
Tested by: brian
MFC in: 1 week
longer includes machine/elf.h.
* consumers of elf.h now use the minimalist elf header possible.
This change is motivated by Binutils 2.11.0 and too much clashing over
our base elf headers and the Binutils elf headers.
address" string to a netbuf/sockaddr "transport address". In the
case of an AF_LOCAL address, it was missing the code to actually
point the netbuf at the newly allocated sockaddr_un, so the caller
ended up with a netbuf containing junk.
Submitted by: Martin Blapp <mb@imp.ch>
required by POSIX.1e. This maintains the current 'struct acl'
in the kernel while providing the generic external acl_t
interface required to complete the ACL editing library.
o Add the acl_get_entry() function.
o Convert the existing ACL utilities, getfacl and setfacl, to
fully make use of the ACL editing library.
Obtained from: TrustedBSD Project
The devinfo library provides access to the kernel's internal device
hierarchy and to the I/O resource manager. The library uses a
sysctl(9) interface to obtain a snapshot of the kernel's state which
is then made available to the application.
arguments where the format string is obtained from user data, or
otherwise difficult to verify statically.
Example usage:
printf(fmtcheck(user_format, standard_format), arg1, arg2);
checks the format string user_format for consistency (same number/order/
type of format operators) with standard_format. If they differ,
standard_format is used instead to avoid potential crashes or security
violations.
Obtained from: NetBSD
Reviewed by: -arch
instead of #pragma weak to create weak definitions. This macro is
improperly named, though, since a weak definition is not the same
thing as a weak reference.
Suggested by: bde
than the default buffer size in the old RPC code (8800 bytes), and
it could not be overriden by the application. This caused problems
with CFS (/usr/port/security/cfs).
Change this default back to UDPMSGSIZE (8800 bytes), but more
importantly, allow applications to use larger message sizes for
all protocols if desired. Choose an arbitrary maximum message size
of 256k instead of using the default as the maximum (which is
silly).
Reported by: ache
Reviewed by: alfred, Martin Blapp <mb@imp.ch>
functions.
- Place the acl_dup() description in alphabetical order.
- Move the POSIX.1e descriptions under the ENVIRONMENT section to the
STANDARDS section.
Reviewed by: rwatson
Obtained from: TrustedBSD Project
Makefile, add Makefile.inc needed for libc build; add
#include "namespace.h"/#include "un-namespace.h" pairs around the
includes of sys/acl.h and sys/capability.h, and an additional underscore
in front of the functions that will be overridden in libc_r.
Approved by: rwatson
Obtained from: TrustedBSD Project
`nc_error' variables. Move the nc_lock mutex from mt_misc.c to a
static variable within this function, since it is only used here.
Add a new getnetconfigent() error code `NC_NOTFOUND' to report the
case where the specified netid was not found. Set nc_error in all
error cases in getnetconfigent() so that the error messages returned
by nc_(s)perror are always meaningful.
Add a terminating \n to the output of nc_perror() to match both
our manpage and other implementations of this function.
Reviewed by: deischen, alfred, Martin Blapp <mb@imp.ch>
a "#pragma weak" directive linking the external symbol. This matches
the other pthread_* definitions, and ensures that users of this
function from within libc get the real version, not the stub.
Suggested by: deischen
Reviewed by: deischen, alfred
RPC clients hanging. The real problem turned out to be missing
cleanup code; this was fixed in clnt_vc.c r1.5 and clnt_dg.c r1.4.
Submitted by: Martin Blapp <mb@imp.ch>
so that the underscored versions of the pthread functions get
declared. This removes around 300 lines of 'implicit declaration
of XXX' warnings from the output of a libc build with -Wall.
Reviewed by: Martin Blapp <mb@imp.ch>, alfred
Also, looking to the future, don't assume all the world is an i386 and all
its disk layout brain damage will be repeated by other platforms. So all
the diking out if we are an Alpha, becomes adding in if we are an i386.
I've left out a couple of unused args between internal functions.
Use MAXPATHLEN, not MAXPATHLEN + 1 in a couple of places.
Pass a pointer to the end of the target filename space.
exactly the right size. Do it differently - pass a length rather than an
end-of-string+1 pointer as this is more convenient anyway. Get rid of
the bogus +1's.
to make asynchronous RPCs. This is needed to help fix ypbind, which can no
longer override the clnt_dg_call() method (formerly the clntudp_call()
method) due to all the internal descriptor locking code in TI-RPC. Turning
on this flag allows us to send an RPC request, then return immediately,
and handle a reply later, rather than being forced to do the request
and reply in a single function call.
Also fix a byte ordering bug: when clnt_dg_call() increments the XID
prior to transmitting a request, it uses the raw value, which is wrong.
The XID is stored in network byte order, i.e. big-endian. The CLSET_XID
and CLGET_XID commands in clnt_dg_control() use ntohl()/htonl() to get
the byte ordering right, but because clnt_dg_call() does not do this,
using CLSET_XID/CLGET_XID doesn't actually work, unless you're on a
big endian host, which we aren't (yet). Fix clnt_dg_call() to byte swap
properly when doing the increment.
Some of the major changes include:
- The SCSI error handling portion of cam_periph_error() has
been broken out into a number of subfunctions to better
modularize the code that handles the hierarchy of SCSI errors.
As a result, the code is now much easier to read.
- String handling and error printing has been significantly
revamped. We now use sbufs to do string formatting instead
of using printfs (for the kernel) and snprintf/strncat (for
userland) as before.
There is a new catchall error printing routine,
cam_error_print() and its string-based counterpart,
cam_error_string() that allow the kernel and userland
applications to pass in a CCB and have errors printed out
properly, whether or not they're SCSI errors. Among other
things, this helped eliminate a fair amount of duplicate code
in camcontrol.
We now print out more information than before, including
the CAM status and SCSI status and the error recovery action
taken to remedy the problem.
- sbufs are now available in userland, via libsbuf. This
change was necessary since most of the error printing code
is shared between libcam and the kernel.
- A new transfer settings interface is included in this checkin.
This code is #ifdef'ed out, and is primarily intended to aid
discussion with HBA driver authors on the final form the
interface should take. There is example code in the ahc(4)
driver that implements the HBA driver side of the new
interface. The new transfer settings code won't be enabled
until we're ready to switch all HBA drivers over to the new
interface.
src/Makefile.inc1,
lib/Makefile: Add libsbuf. It must be built before libcam,
since libcam uses sbuf routines.
libcam/Makefile: libcam now depends on libsbuf.
libsbuf/Makefile: Add a makefile for libsbuf. This pulls in the
sbuf sources from sys/kern.
bsd.libnames.mk: Add LIBSBUF.
camcontrol/Makefile: Add -lsbuf. Since camcontrol is statically
linked, we can't depend on the dynamic linker
to pull in libsbuf.
camcontrol.c: Use cam_error_print() instead of checking for
CAM_SCSI_STATUS_ERROR on every failed CCB.
sbuf.9: Change the prototypes for sbuf_cat() and
sbuf_cpy() so that the source string is now a
const char *. This is more in line wth the
standard system string functions, and helps
eliminate warnings when dealing with a const
source buffer.
Fix a typo.
cam.c: Add description strings for the various CAM
error status values, as well as routines to
look up those strings.
Add new cam_error_string() and
cam_error_print() routines for userland and
the kernel.
cam.h: Add a new CAM flag, CAM_RETRY_SELTO.
Add enumerated types for the various options
available with cam_error_print() and
cam_error_string().
cam_ccb.h: Add new transfer negotiation structures/types.
Change inq_len in the ccb_getdev structure to
be "reserved". This field has never been
filled in, and will be removed when we next
bump the CAM version.
cam_debug.h: Fix typo.
cam_periph.c: Modularize cam_periph_error(). The SCSI error
handling part of cam_periph_error() is now
in camperiphscsistatuserror() and
camperiphscsisenseerror().
In cam_periph_lock(), increase the reference
count on the periph while we wait for our lock
attempt to succeed so that the periph won't go
away while we're sleeping.
cam_xpt.c: Add new transfer negotiation code. (ifdefed
out)
Add a new function, xpt_path_string(). This
is a string/sbuf analog to xpt_print_path().
scsi_all.c: Revamp string handing and error printing code.
We now use sbufs for much of the string
formatting code. More of that code is shared
between userland the kernel.
scsi_all.h: Get rid of SS_TURSTART, it wasn't terribly
useful in the first place.
Add a new error action, SS_REQSENSE. (Send a
request sense and then retry the command.)
This is useful when the controller hasn't
performed autosense for some reason.
Change the default actions around a bit.
scsi_cd.c,
scsi_da.c,
scsi_pt.c,
scsi_ses.c: SF_RETRY_SELTO -> CAM_RETRY_SELTO. Selection
timeouts shouldn't be covered by a sense flag.
scsi_pass.[ch]: SF_RETRY_SELTO -> CAM_RETRY_SELTO.
Get rid of the last vestiges of a read/write
interface.
libkern/bsearch.c,
sys/libkern.h,
conf/files: Add bsearch.c, which is needed for some of the
new table lookup routines.
aic7xxx_freebsd.c: Define AHC_NEW_TRAN_SETTINGS if
CAM_NEW_TRAN_CODE is defined.
sbuf.h,
subr_sbuf.c: Add the appropriate #ifdefs so sbufs can
compile and run in userland.
Change sbuf_printf() to use vsnprintf()
instead of kvprintf(), which is only available
in the kernel.
Change the source string for sbuf_cpy() and
sbuf_cat() to be a const char *.
Add __BEGIN_DECLS and __END_DECLS around
function prototypes since they're now exported
to userland.
kdump/mkioctls: Include stdio.h before cam.h since cam.h now
includes a function with a FILE * argument.
Submitted by: gibbs (mostly)
Reviewed by: jdp, marcel (libsbuf makefile changes)
Reviewed by: des (sbuf changes)
Reviewed by: ken
o Revise description in light of commits over last month including:
- ACL editing library is now implemented
- ACLs are now implemented
Obtained from: TrustedBSD Project
because libc/rpc/key_call.c references uname(), and ps/print.c also
defines uname(), and ps is linked statically. This leads to a symbol
clash. The userland uname(3) kinda sucked anyway as the hostname
etc was too short. And since the libc rpc interface now uses
the utsname.nodename which gets truncated, I was tempted into doing
something about it. Create a new userland uname function, called
__xuname() which takes an extra argument that allows you to change
the size of the fields. uname() becomes a static inline function
in sys/utsname.h that passes the extra argument in. struct utsname
has its field members expanded by default now in userland.
We still provide a 'uname' externally linkable function for things
that either think that they ``know'' the utsname format and assume
32 character strings and bypass the include file, or objects that
are linked against old libcs. ie: just about every plausible
case that I can think of is covered. Should we ever change the
default lengths again, a libc major bump should not be required
as the size is now passed to the function.
XXX the uname(2) in the kernel is for FreeBSD 1.1 binary compatability!
All the uname(3) functions that are exported to userland are actually
implemented in libc with sysctl. uname(1) uses sysctl directly and
does not call uname(3).
PR: bin/4688
acl_add_perm, acl_clear_perms, acl_copy_entry, acl_create_entry,
acl_delete_perm, acl_get_permset, acl_get_qualifier, acl_get_tag_type,
acl_set_permset, acl_set_qualifier, acl_set_tag_type
This brings us within 4 functions of a full ACL editing library.
Reviewed by: rwatson
Make struct cmessage visible from socket.h (about 4 places were
defining it for themselves which wasn't good)
Make __rpc_get_local_uid() useable and give it prototype that's
visible.
Fix some issues with printing out usernames from rpcbind and keyserv.
changed. These were taken from the 4.2-RELEASE dist on ftp.freebsd.org.
This will be MFC'd shortly as it is required in RELENG_4 to maintain
compatability with binaries linked against these libraries.
should have been repo-copied from it in the first place.
Apply all of our fixes up to and including revision 1.14 to
the original rpc.3 manpage, including conversion to mdoc(7).
number of paths which glob(3) will return. Remove the hardcoded limit
from the last commit, which restores the previous unbounded behavior.
Document the new flag in the manual page.
associated changes that had to happen to make this possible as well as
bugs fixed along the way.
Bring in required TLI library routines to support this.
Since we don't support TLI we've essentially copied what NetBSD
has done, adding a thin layer to emulate direct the TLI calls
into BSD socket calls.
This is mostly from Sun's tirpc release that was made in 1994,
however some fixes were backported from the 1999 release (supposedly
only made available after this porting effort was underway).
The submitter has agreed to continue on and bring us up to the
1999 release.
Several key features are introduced with this update:
Client calls are thread safe. (1999 code has server side thread
safe)
Updated, a more modern interface.
Many userland updates were done to bring the code up to par with
the recent RPC API.
There is an update to the pthreads library, a function
pthread_main_np() was added to emulate a function of Sun's threads
library.
While we're at it, bring in NetBSD's lockd, it's been far too
long of a wait.
New rpcbind(8) replaces portmap(8) (supporting communication over
an authenticated Unix-domain socket, and by default only allowing
set and unset requests over that channel). It's much more secure
than the old portmapper.
Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded
to support TI-RPC and to support IPV6.
Umount(8) is also fixed to unmount pathnames longer than 80 chars,
which are currently truncated by the Kernel statfs structure.
Submitted by: Martin Blapp <mb@imp.ch>
Manpage review: ru
Secure RPC implemented by: wpaul
- lowercase Nd argument
- mark function arguments with Fa
- mark defined values with Dv
- simply copying POSIX text for RETURN VALUES and ERRORS sections is not
always a good idea. POSIX uses the word "shall" indicating the behavior
the correct implementation should follow.
reserved word, causing breakage when a C++ program included libutil.h
This change will be propagated elsewhere shortly.
Submitted by: jkh
Obtained from: TrustedBSD Project
o acl_calc_mask(): calculates the ACL mask entry associated with
the given ACL.
o acl_delete_entry(): remove a specified ACL entry from the given
ACL.
Approved by: rwatson
`err()'). libdisk does! and additionally libdisk gets confused on Alpha
disks with foreign disklabels, throws up its hands and exits. This is
the cause of the "going no where without my init" install bug on the Alpha.
So now on the Alpha, rather than call err(), we print the error string and
continue processing.
Submitted by: jkh
since they not allows POSIXly legal locale data. Currently, if relaxed form
POSIXly legal locale data will be used right now, some programs will be broken,
but it means that either locale data or programs must be fixed, not the library.
Introduce non-standard md_order (month/day order) locale field to be used later
via nl_langinfo(). Currently %EF and %Ef emulated using this field, but they
planned for remove in future in favour of nl_langinfo() test field.
Implement %F per POSIX
char *
FooFileChunk(const char *filename, char *buf, off_t offset, off_t length)
Which only hashes part of a file.
Implement FooFile() in terms of this function.
Submitted by: roam
is currently set to 10000. This is intended to prevent glob from running
amok when a highly recursive path is provided (such as "../*/../*/../*/...")
Reviewed by: Diane Bruce <db@db.net>, jhb
utility functions which convert between string namespace names and
numeric constants used by the interface. Right now, two namespaces
are supported, EXTATTR_NAMESPACE_SYSTEM ("system") and
EXTATTR_NAMESPACE_USER ("user"). These functions are used by
various userland EA utilities, rather than hard coding the routines
all over the place.
Obtained from: TrustedBSD Project
o Rename internal library functions so that they are prefixed with
_posix1e or _POSIX1E, removing them from the application namespace (and
potential conflict with other ACL functions elsewhere in the system).
Obtained from: TrustedBSD Project
gratuitous difference between us and our sister project.
This was given to me _ages_ ago. May apologies to Paul for the length
of time its taken me to commit.
Obtained from: Niels Provos <provos@physnet.uni-hamburg.de>/OpenBSD
Submitted by: Paul Herman <pherman@frenchfries.net>
Reviewed by: David Cross <dec@freebsd.org>, jkh <jkh@freebsd.org>
Approved by: jkh <jkh@freebsd.org>
Obtained from: Ian Dowse <iedowse@maths.tcd.ie>, David Cross <dec@freebsd.org>
We have been running this patch on a production NIS server for 2.5 weeks now.
Normally we would have ypserv die at least once a week, and often many times
a day.
This patch treats and error from select as zeroing out the FD_SET to indicate
that no fds are ready for reading. This is safe because the rpc code
always re-inits the FDSET before calling select.
The below text is quoted from the latest POSIX draft:
: The values of locale categories shall be determined by a precedence
: order; the first condition met below determines the value:
:
: 1. If the LC_ALL environment variable is defined and is not null,
: the value of LC_ALL shall be used.
: 2. If the LC_* environment variable (LC_COLLATE, LC_CTYPE, LC_MESSAGES,
: LC_MONETARY, LC_NUMERIC, LC_TIME) is defined and is not null, the
: value of the environment variable shall be used to initialize the
: category that corresponds to the environment variable.
: 3. If the LANG environment variable is defined and is not null, the
: value of the LANG environment variable shall be used.
: 4. If the LANG environment variable is not set or is set to the empty
: string, the implementation-defined default locale shall be used.
The conditions 1 and 2 were interchanged, i.e., LC_* were looked first,
then LC_ALL, then LANG (note that LC_ALL and LANG were essentially the
same, providing the default, with LC_ALL taking precedence over LANG).
Now, LC_ALL and LANG serve the different purposes. LC_ALL overrides
any LC_*, and LANG provides the default fallback.
Testcase:
/usr/bin/env LC_ALL=C LC_TIME=de_DE.ISO_8859-1 /bin/date
Should return date in the "C" locale format.
Inspired by: date(1) reference page in the Draft
lock definitions to it. flockfile state is now allocated
along with the rest of FILE. This eliminates the need for a
separate allocation of flockfile state as well as eliminating
the mutex/lock used to serialize its allocation.
Even better formula from random() could not be intetgrated because rand_r()
supposed to store its state in the single variable (but table needed for
random() algorithm integration).
- new EV_SET macro,
- NOTE_LOWAT option for low water marks on read/write filters,
- NOTE_REVOKE for filesystem unmounting (and revoke() calls)
- improved API for EVFILT_AIO
sysctls exporting swap information. When running on a live kernel,
the sysctl's will now be used instead of kvm_read, allowing consumers of
this interface to run without privilege (setgid kmem). Retain the
ability to run on coredumps, or on a kernel using kmem if explicitly
pointed at one.
A side effect of this change is that kvm_getswapinfo() is faster now in
the general case. If the SWIF_DUMP_TREE flag is given (pstat -ss does
this), the radix tree walker, which still uses kvm_read in any case, is
invoked, and therefore does require privilege.
Submitted by: Thomas Moestl <tmoestl@gmx.net>
Reviewed by: freebsd-audit
This is about to be replaced anyway by initialization explicitly
instead of lazily, and reducing the complexity of it. As it is
now, this will work fine, however.
while with threaded software in -CURRENT acting very "weird". It has
seemed, for example, in Mozilla that threads attempting to do host
lookups have been locking up. That's exactly the case.
There was a race condition in the implementation of the initialization
of the mutex used to protect FILE operations, first of all: multiple
instances of FLOCKFILE() in libc could occur on the same FILE at
the same time and cause strange behavior by overwriting eachothers'
creation of the mutex and the rest of the file lock.
Secondly, it's not appropriate to test the "validity" of the file
descriptor referenced by the FILE; if the code is calling FLOCKFILE()
or FUNLOCKFILE(), it wants the FILE to be locked or unlocked, not
to be locked or unlocked on the condition that _file is >= 0. This
also could quite easily cause leaks by failing to perform the lock or
unlock operation when it actually is needed.
Mozilla now works again on -CURRENT when linked to libc_r.so.5 and
libc.so.5.
ABI change. There is some serious evilness here to work around some
gcc weaknesses. We need to know the sizeof(FILE) manually until __sF
goes away in the next major bump. We have the size for Alpha and i386,
missing is ia64, ppc and sparc* (and i386 with 64 bit longs).
At some point down the track we can change the stdin etc #defines to
stop hard coding the size of FILE into application binaries.
Lots of head scratching and ideas and testing by: green, imp
causing some versions of as to dump core. This survived make
buildworld/installworld and the building gettext port afterwards.
Submitted by: <nnd@mail.nsk.ru> "N.Dudorov"
Reviewed by: "Daniel M. Eischen" <eischen@vigrid.com>
o Back out the __std* stuff. Can't figure out how to do this right now,
so we'll save it for late.
o use _up as a pointer for extra fields that we need to access.
o back out the libc major version bump.
Submitted by: green
reviewed by: peter, imp, green, obrien (to varying degrees).
We'll fix the "how do we stop encoding sizeof(FILE) in binaries" part
later.
Change __dtoa to not free the string it allocated the previous time it was
called. The caller now frees the string after usage if appropiate.
PR: 15070
Reviewed by: deischen
bikeshed in -arch. It isn't quite over, but it has been well established
that this can be adjusted or refined. But we do seem to have consensis
on a major bump of some sort. After this, it should reasonably safe
to build world again.
This change is to get rid of __sF[] and use seperate __stdin/out/err
handles. This means we can pad on extra bits onto the end of FILE
at will without going through this all over again. __sF[] was evil
because it compiled the sizeof(FILE) into every stdio using program.
Asbestos suit on: check!
Peril sensitive sunglasses on: check!
*gulp!*
try a hopefully more robust stdin/stdout/stderr. This costs an indirect
pointer fetch, but saves us from changes in 'FILE'. The __stdin stuff
is there to not pollute application name space if the application does
not use <stdio.h> and also in case something depended on the current
behavior where stdin etc was a #define.
Reviewed by: eischen, dillon
application to provide locking for I/O operations. This doesn't
break any of my tests, but the old behavior can be restored by
compiling with _FDLOCKS_ENABLED. This will eventually be removed
when it is obvious it does not cause any problems.
Remove most of flockfile implementation, with the exception of
flockfile_debug.
Make error messages more informational (submitted by Mike Heffner
<spock@techfour.net>, who's now known as mikeh@FreeBSD.org).
Add a lock to FILE. flockfile and friends are now implemented
(for the most part) in libc. flockfile_debug is implemented in
libc_r; I suppose it's about time to kill it but will do it in
a future commit.
Fix a potential deadlock in _fwalk in a threaded environment.
A file flag (__SIGN) was added to stdio.h that, when set, tells
_fwalk to ignore it in its walk. This seemed to be needed in
refill.c because each file needs to be locked when flushing.
Add a stub for pthread_self in libc. This is needed by flockfile
which is allowed by POSIX to be recursive.
Make fgetpos() error return value (-1) match man page.
Remove recursive calls to locked functions (stdio); I think I've
got them all, but I may have missed a couple.
A few K&R -> ANSI conversions along with removal of a few instances
of "register".
$Id$ -> $FreeBSD$ in libc/stdio/rget.c
Not objected to: -arch, a few months ago
it in.
Some review from -hackers (some time ago), and I think the best way to
get this improved (if it needs improving) or updating, is to bring it in.
PR: docs/12557
Submitted by: Tim Singletary <tsingle@triana.gsfc.nasa.gov>
LC_NUMERIC::grouping) values.
. Always set __XXX_changed flags then loading numeric & monetary locale
categories to allow localeconv() to use C locale also.
LC_NUMERIC fields, but only for *grouping fields - other fields are converted
to a chars in localeconv(), so final change is:
"-1" -> "127"
127 here is because CHAR_MAX supposed, which is _positive_ (SUSv2 requirement),
not negative as 255. It is still a bit of hack. To find real CHAR_MAX will be
better to sprintf() it once somewhere in static buffer. *grouping parsing
still broken and missing and needs to be implemented.
LC_MONETARY, LC_NUMERIC are byte-arrays, not ASCII strings!
Fix "C" locale, change "-1" to {CHAR_MAX, '\0'} according to standards.
This is only partial fix - locale loading procedure remains broken as before
and load too big values for all locales. All numeric strings there should be
converted with something like atoi() and placed into bytes. Maybe I do it
later, if someone will not fix it faster.
Change __dtoa to not free the string it allocated the previous time it was
called. The caller now frees the string after usage if appropiate.
PR: 15070
to be the same as -ragged in the current implementation) to
-ragged. With mdocNG, -filled displays produce the correct
output, formatted and justified to both margins.
Add another check for thread library initialization (jdp, we
really need a way to get _thread_init called at program start
before any constructors are run).
and treating (almost) all system calls the same way:
__sys_foo - actual syscall
foo, _foo - weak definitions to __sys_foo
Change PSEUDO syscalls (currently only _exit and _getlogin) to
be __sys_foo (T) and _foo (W).
Add $FreeBSD$ to a few files to satisfy commitprep.
Suggested by: bde
_foo - wrapped system call
foo - weak definition to _foo
and for cancellation points:
_foo - wrapped system call
__foo - enter cancellation point, call _foo(), leave
cancellation point
foo - weak definition to __foo
Change use of global _thread_run to call a function to get the
currently running thread.
Make all pthread_foo functions weak definitions to _pthread_foo,
where _pthread_foo is the implementation. This allows an application
to provide its own pthread functions.
Provide slightly different versions of pthread_mutex_lock and
pthread_mutex_init so that we can tell the difference between
a libc mutex and an application mutex. Threads holding mutexes
internal to libc should never be allowed to exit, call signal
handlers, or cancel.
Approved by: -arch
adding (weak definitions to) stubs for some of the pthread
functions. If the threads library is linked in, the real
pthread functions will pulled in.
Use the following convention for system calls wrapped by the
threads library:
__sys_foo - actual system call
_foo - weak definition to __sys_foo
foo - weak definition to __sys_foo
Change all libc uses of system calls wrapped by the threads
library from foo to _foo. In order to define the prototypes
for _foo(), we introduce namespace.h and un-namespace.h
(suggested by bde). All files that need to reference these
system calls, should include namespace.h before any standard
includes, then include un-namespace.h after the standard
includes and before any local includes. <db.h> is an exception
and shouldn't be included in between namespace.h and
un-namespace.h namespace.h will define foo to _foo, and
un-namespace.h will undefine foo.
Try to eliminate some of the recursive calls to MT-safe
functions in libc/stdio in preparation for adding a mutex
to FILE. We have recursive mutexes, but would like to avoid
using them if possible.
Remove uneeded includes of <errno.h> from a few files.
Add $FreeBSD$ to a few files in order to pass commitprep.
Approved by: -arch
- Use "OPOST | ONLCR" as a c_oflag in the raw mode instead of 0, which should
make debug output mode readable;
- flush input buffer when switching to/from raw mode. This should prevent
leaking raw scancodes into your shell prompt when program called
VGLKeyboardEnd() w/o processing all scancodes in the buffer.
attempt to read memory when siz is 0
- Clarify comments referring to strlcat() usage
PR: 24278, 24295
Submitted by: Tony Finch <dot@dotat.at>
Richard Kettlewell <rjk@greenend.org.uk>
Reviewed by: -audit
single manual page, appropriately linked, since this removes the
decision of which page the (previously non-existent) sigmask.2
MLINK should point at.
Submitted by: will
supported since it's not easy to put 3 bytes accross 64Kb windows
of memory. This should not be such a problem with linear framebuffers.
There is no major interface modification except that the color type
becomes u_long instead of byte. So one just need to recompile his
application.
Approved by: Soren Schmidt <sos@freebsd.dk>
- errno is already set to ENOMEM (as appropriate) when asprintf(),
strdup(), or acl_init() fails
o acl_to_text.c:
- the return value of the initial strdup() is not checked
- errno is already set to ENOMEM (as appropriate) when asprintf
and acl_init() fails
- let the the default: case use 'goto error_label' for consistency
Submitted by: jedgar
Rather than have a separate (misnamed) FTP_ANONYMOUS_PASSWORD constant, use
FTP_ANONYMOUS_USER (i.e. "anonymous") to construct the anonymous ftp password
if getlogin() fails.
- The stack was getting smashed by __grow_type_table()
- reallocf() was being called with the wrong pointer
- The maximum argument number was being incorrectly computed
PR: misc/23521
non-threaded programs. This provides threaded programs with the
needed exception frame symbols.
parts submitted by: Max Khon <fjoe@iclub.nsu.ru>
PR: 23252
non-threaded programs. This provides threaded programs with the
needed exception frame symbols.
parts submitted by: Max Khon <fjoe@iclub.nsu.ru>
PR: 23252
referenced to by libgcc.a.
This is needed when linking statically as SVR4 (ie, ELF) behavior is to only
link in a module if it satisfies an undefined strong reference from somewhere.
(this surprises a lot of people) Things are different when using shared libs,
the entire library and its modules and their symbols are available at run-time
(when the weak reference is seen to still be unsatisfied and is satisfied on
the spot), this is not the case with static libs.
Thus one can have a static binary with unresolved week references, and at
run-time dereference a NULL pointer.
Submitted by: eischen
interface was based on a draft version of POSIX whereas the final
(1996) version of POSIX specified that the error is returned.
While I'm here, fix getlogin_r so that it works for more than just
the first time it's called.
Reviewed by: wes, wollman (man page)
Submitted by: "Peter Avalos" <pavalos@theshell.com>
Reviewed by: /sbin/md5 [*]
[*] This line appears courtesy of Mr. Warner Losch, all rights reversed.
quitting every time. The way to free a CIRCLEQ was to loop until
the current == current->head, but the way to free a TAILQ is to loop
until current->head == NULL.
In any case, the CORRECT way to do it is a loop of TAILQ_EMPTY() checks
and TAILQ_REMOVE()al of TAILQ_FIRST(). This bug wouldn't have happened
if the loop wasn't hard-coded...
There may be more bugs of this type from the conversion.
so I am backing it out for now. The problem is that some random program
calling crypt() could be passing a DES salt and the crypt(3) library
would encrypt it in md5 mode and there would be a password mismatch as a
result. I wrote a validater function for the DES code to verify that
a salt is valid for DES, but I realized there were too many strange things
to go wrong. passwd(1), pw(8) etc still generate md5 passwords by default
for /etc/master.passwd, so this is almost academic. It is a big deal for
things that have their own crypt(3)-ed password strings (.htaccess,
etc etc). Those are the things I do not want to break.
My DES salt recognizer basically checked if the salt was either 2 or
13 characters long, or began with '_' (_PASSWORD_EFMT1). I think it
would have worked but I have seen way too much crypt() mishandling
in the past.
one-way hash functions for authentication purposes. There is no more
"set the libcrypt->libXXXcrypt" nightmare.
- Undo the libmd.so hack, use -D to hide the md5c.c internals.
- Remove the symlink hacks in release/Makefile
- the algorthm is set by set_crypt_format() as before. If this is
not called, it tries to heuristically figure out the hash format, and
if all else fails, it uses the optional auth.conf entry to chose the
overall default hash.
- Since source has non-hidden crypto in it there may be some issues with
having the source it in some countries, so preserve the "secure/*"
division. You can still build a des-free libcrypt library if you want
to badly enough. This should not be a problem in the US or exporting
from the US as freebsd.org had notified BXA some time ago. That makes
this stuff re-exportable by anyone.
- For consistancy, the default in absence of any other clues is md5. This
is to try and minimize POLA across buildworld where folk may suddenly
be activating des-crypt()-hash support. Since the des hash may not
always be present, it seemed sensible to make the stronger md5 algorithm
the default.
All things being equal, no functionality is lost.
Reviewed-by: jkh
(flame-proof suit on)
global time of day. This costs us nothing, but is a bit of a hack
to work around a process blocking and not having the time updated
by an ITIMER_PROF signal.
PR: 23679
present, this is limited to turning on the packet option if any of
disk slices begin above cylinder 1023. The effect of this change
should therefore be to automatically enable LBA support, as needed,
when installing FreeBSD.
Something-of-the-kind-requested-by: peter
no longer contains kernel specific data structures, but rather
only scalar values and structures that are already part of the
kernel/user interface, specifically rusage and rtprio. It no
longer contains proc, session, pcred, ucred, procsig, vmspace,
pstats, mtx, sigiolst, klist, callout, pasleep, or mdproc. If
any of these changed in size, ps, w, fstat, gcore, systat, and
top would all stop working. The new structure has over 200 bytes
of unassigned space for future values to be added, yet is nearly
100 bytes smaller per entry than the structure that it replaced.
identification and descriptions of most capabilities, current inheritence
rules, etc. More to follow.
Reviewed by: sheldonh
Obtained from: TrustedBSD Project
member f_devdata to be a pointer to a socket number. When currdev
is "pxe", that assumption is correct. When currdev is "disk*", that
assumption is incorrect.
Submitted by: Jim Browne <jbrowne@jbrowne.com>
and had libfetch selecting passive mode even when FTP_PASSIVE_MODE was not
set at all, which is really quite surprising unless you know about it. So
change it to the agreed default behaviour of selecting passive mode if
FTP_PASSIVE_MODE is set, but not "no".
telldir positions. This will allow (future) locking on a
per-DIR basis (for MT-safety). For now, this change does
the following:
o Remove the hash table from telldir.c. Recode to use queue
macros.
o Remove 'const' from 'telldir(const DIR *)'.
o Remove 'register' variables as suggested in a recent
thread.
No response from: -current
- iruserok_sa() and __ivaliduser_af() were re-organized to use
__ivaliduser_sa()
- __icheckhost() was re-written to use getaddrinfo() instead of
getipnodebyname()
- better handling of multiple destination addresses in rcmd()
These changes were basically taken from KAME and changed to fit our
rcmd.c.
Obtained from: KAME
a NULL argument. Some programs change the contents of the argv
array, typically to remove some special arguments. They shorten
argv by storing a NULL where an argument pointer used to be. Such
programs core dumped if they called setproctitle(), because it
would try to apply strlen() to a NULL pointer.
instead of immediately after the fclose. The previous logic did work
on freebsd, but is somewhat risky practice (and causes trouble when
porting to other OS's).
PR: bin/22965
Reviewed by: Garrett Wollman
files. Mostly -I${.CURDIR} was needed -- especially for YACC generated
files as the new cpp does not look in the ultimate source file
(ie, the .y file)'s directory as told by the "#line" directive. Some were
misspellings of "-I${.CURDIR}" as "-I.".
stderr in case of warnings and errors.
Rename malloc_options to have a leading underscore, I belive I have been
told that is more correct namespace wise.
back to the original environ unconditionally. The setting of the
variable to save the previous environ is conditional; it happens when
ENV.e_committed is set. Therefore, don't try to swap the env back
unless the previous env has been initialized.
PR: bin/22670
Submitted by: Takanori Saneto <sanewo@ba2.so-net.ne.jp>
libcompat" in favour of a .Sh LIBRARY section using the .Lb macro. Also add
.Bf -symbolic around the text saying "this is obsolete" in re_comp.3.
PR: 22675
Submitted by: Mike Meyer <mwm@mired.org>
Reviewed by: sheldonh
executed at least once, fixing pthread_mutex_lock() for recursive
mutex lock attempts.
Correctly set a threads signal mask while it is executing a signal
handler. The mask should be the union of its current mask, the
signal being handled, and the mask from the signal action.
Reported by: Dan Nelson <dnelson@emsphone.com>
MFC Candidate
was not getting properly initialized in pthread_cond_signal()
and pthread_cond_broadcast(). Reportedly, this can cause
an application to die.
MFC candidate
Submitted by: ade
the kernel to (re)use the alternate signal stack. In this
case, we don't return normally from the signal handler,
so the kernel still thinks we are using the signal stack.
The fixes a nasty bug where the signal handler can start
fiddling with the stack of a thread while the handler is
actually running on the same stack.
MFC candidate
the encoding and using the character set [a-zA-Z0-9]. This gives a total
of 62^6 = 56800235584 possible temporary filenames for the usual default
invocation of 6 X's (compared to as few as 52 possibilities for the
previous algorithm where up to 5 characters were wasted by the PID).
Update some apparently bitrotten comments to reflect reality.
Audited by: eivind, freebsd-audit
Reviewed by: freebsd-current (a while ago)
Originally submitted by: Peter Jeremy <Peter.Jeremy@alcatel.com.au>
The test for failing the end guard was always triggering (and was reported as
such in compiler warnings). This is a temporary band-aid until I can work
out what's really going on.
Reviewed by: obrien
file descriptors needing to be polled (Doh!). Reported
by Dan Nelson <dnelson@emsphone.com>.
Don't install and start the scheduling timer until the
first thread is created. This prevents the overhead of
having a periodic scheduling signal in a single threaded
program. Reported by Dan Nelson <dnelson@emsphone.com>.
Allow builtin longjmps out of application installed
signal handlers without the need perform any post-handler
cleanup:
o Change signal handling to save the threads interrupted
context on the stack. The threads current context is
now always stored in the same place (in the pthread).
If and when a signal handler returns, the interrupted
context is copied back to the storage area in the pthread.
o Before calling invoking a signal handler for a thread,
back the thread out of any internal waiting queues
(mutex, CV, join, etc) to which it belongs.
Rework uthread_info.c a bit to make it easier to change
the format of a thread dump.
Use an alternal signal stack for the thread library's
signal handler. This allows us to fiddle with the main
threads stack without fear of it being in use.
Reviewed by: jasone
into an infinite loop when a timeout value is supplied
and the timeout expires.
Reported by: Dan Nelson <dnelson@emsphone.com>
Reviewed by: jasone, jlemon
that applications know how large of a buffer they must allocate before
calling property_find(). Also added a $FreeBSD$ tag while I'm here.
Approved by: jkh
in <sys/signal.h>.
This might be a shortterm fix until the manpage is updated towards
POSIX terminology. And maybe not...
PR: 21542
Submitted by: Ronald F. Guilmette <rfg@monkeys.com>
PPTP links are no longer dropped by simple (and inappropriate in this
case) "inactivity timeout" procedure, only when requested through the
control connection.
It is now possible to have multiple PPTP servers running behind NAT.
Just redirect the incoming TCP traffic to port 1723, everything else
is done transparently.
Problems were reported and the fix was tested by:
Michael Adler <Michael.Adler@compaq.com>,
David Andersen <dga@lcs.mit.edu>
when using the egcs and gcc-devel ports, along with GCC built from stock
public FSF sources. With out this change, FreeBSD will be removed from
the list of systems GCC 3.0 must be evaluated on before release. With
the effort some of us put into getting FreeBSD on this list, we should
not turn this effort into a waste, else we might not be worth fighting
for in the future. (note that Alpha and IA-64 versions of crt{i,n}.S
are needed)
* Switch from our own crt{begin,in} to those created from GCC's crtstuff.c.
This will allow us to switch to DWARF2 exceptions in the future, along with
staying in sync with any future GCC requirements.
* Break out our ELF branding bits into a seperate file. Currently this
is now included by our crt1.c files (since this functionality was part of
our native crtbegin.c). Later crtbrand.o will be merged in the creation
of crti.o.
getting libutil/libcrypt to work properly. I've determined that GCC
thinks it can inline all functions, including weak-symboled ones, if
it feels like it.
Create a new stub.c and move any stubs there to prevent inlining.
Thanks to jdp and William S. Duncanson for helping me finally find the
problem.
by sigwait(). This prevents a signal from being sent to the process
when there are no application installed signal handlers.
Correct a typo in sigwait (foo -> foo[i]).
bind distribution, but until now was not being built as a separate
entity. For documentation, see these man pages:
assertions(3), eventlib(3), heap(3), logging(3), memcluster(3), tree(3).
Reviewed by: jdp
adding a signal frame to a thread, be sure to label the context
correctly so we don't restore an uninitialized process mask.
Reported by: kimc@W8HD.ORG and Andrey Rouskol <anry@sovintel.ru>
- ftpTimeout was not honored when reading actual data, as opposed to
talking protocol
- connection caching was broken because _ftp_cached_connect() would see
the result of the transfer instead of the result of the NOOP.
- if the RETR succeeded, but an error occurred later (as can happen
when talking to a proxy), the error would not be detected.
There still remains to register an atexit(3) callback to close the cached
connection gracefully instead of just dropping it on the floor.
K&R -> ANSI
Bugfix: 'Keep the bit position even when the report descriptor says POP.'
Add hid_use_report_desc, hid_parse_usage_page, hid_parse_usage_in_page.
Changed iface for hid_report_size.
Add references to the newly added hardware debug register
support functions i386_clr_watch(3) and i386_set_watch(3).
Reviewed by: Sean Eric Fagan <sef@kithrup.com>
and no other response to the review request.
thread switches should be on par with that under scheduler
activations.
o Timing is achieved through the use of a fixed interval
timer (ITIMER_PROF) to count scheduling ticks instead
of retrieving the time-of-day upon every thread switch
and calculating elapsed real time.
o Polling for I/O readiness is performed once for each
scheduling tick instead of every thread switch.
o The non-signal saving/restoring versions of setjmp/longjmp
are used to save and restore thread contexts. This may
allow the removal of _THREAD_SAFE macros from setjmp()
and longjmp() - needs more investigation.
Change signal handling so that signals are handled in the
context of the thread that is receiving the signal. When
signals are dispatched to a thread, a special signal handling
frame is created on top of the target threads stack. The
frame contains the threads saved state information and a new
context in which the thread can run. The applications signal
handler is invoked through a wrapper routine that knows how
to restore the threads saved state and unwind to previous
frames.
Fix interruption of threads due to signals. Some states
were being improperly interrupted while other states were
not being interrupted. This should fix several PRs.
Signal handlers, which are invoked as a result of a process
signal (not by pthread_kill()), are now called with the
code (or siginfo_t if SA_SIGINFO was set in sa_flags) and
sigcontext_t as received from the process signal handler.
Modify the search for a thread to which a signal is delivered.
The search algorithm is now:
o First thread found in sigwait() with signal in wait mask.
o First thread found sigsuspend()'d on the signal.
o Current thread if signal is unmasked.
o First thread found with signal unmasked.
Collapse machine dependent support into macros defined in
pthread_private.h. These should probably eventually be moved
into separate MD files.
Change the range of settable priorities to be compliant with
POSIX (0-31). The threads library uses higher priorities
internally for real-time threads (not yet implemented) and
threads executing signal handlers. Real-time threads and
threads running signal handlers add 64 and 32, respectively,
to a threads base priority.
Some other small changes and cleanups.
PR: 17757 18559 21943
Reviewed by: jasone
u_int64_t flag field, bounding the number of capabilities at 64,
but substantially cleaning up capability logic (there are currently
43 defined capabilities).
o Heads up to anyone actually using capabilities: the constant
assignments for various capabilities have been redone, so any
persistent binary capability stores (i.e., '$posix1e.cap' EA
backing files) must be recreated. If you have one of these,
you'll know about it, so if you have no idea what this means,
don't worry.
o Update libposix1e to reflect this new definition, fixing the
exposed functions that directly manipulate the flags fields.
Obtained from: TrustedBSD Project
compatible with the old version but includes new functionality and bug fixes.
Since it is not part of the NO_SENDMAIL make.conf option, libsmdb and
libsmutil should always be built for vacation's sake.
PR: 15227
Replace all in-tree uses with necessary subset of <sys/{fb,kb,cons}io.h>.
This is also the appropriate fix for exo-tree sources.
Put warnings in <machine/console.h> to discourage use.
November 15th 2000 the warnings will be converted to errors.
January 15th 2001 the <machine/console.h> files will be removed.
The recent problems with sshd were due to sshd reassigning
`environ' when setenv() thinks it owns it. setenv() subsequently
realloc()s the new version of environ and *boom*
- Include <stdlib.h> and <string.h> as needed for prototypes
- Remove unneeded "error" variables
o Make cap_init() use cap_clear() instead of bzero()
Obtained from: TrustedBSD Project
o Implementations will remain in the seperately distributed capability
patch until the cap_t type changes are synchronized.
Obtained from: TrustedBSD Project
response to return. This will stop processes waiting on DNS requests
from being woken up when a select collision occurs. This was tested
on mx1.FreeBSD.org (outgoing mail for the FreeBSD.org mailing
lists.)
Reviewed by: jlemon, peter
were not present when dev_mkdb(8) was run.
First the dev_mkdb(8) database is searched, this caters for non-DEVFS
cases where people have renamed a device.
If that fails we ask the kernel using sysctl kern.devname if the device
driver has put a name in the dev_t. This covers DEVFS cloned devices.
If that also fails we format a string which isn't entirely useless.
be used to point to a bad locale file. This is only believed to be a
minor security risk - the only risk is if some program uses the result
of a localized string as a format specifier in a vulnerable function
like sprintf(). No such code is believed to exist in the FreeBSD base
system, although it is possible that badly written third party code
would do that.
Submitted by: imp
Approved by: ache
configure FreeBSD so that various databases such as passwd and group can be
looked up using flat files, NIS, or Hesiod.
= Hesiod has been added to libc (see hesiod(3)).
= A library routine for parsing nsswitch.conf and invoking callback
functions as specified has been added to libc (see nsdispatch(3)).
= The following C library functions have been modified to use nsdispatch:
. getgrent, getgrnam, getgrgid
. getpwent, getpwnam, getpwuid
. getusershell
. getaddrinfo
. gethostbyname, gethostbyname2, gethostbyaddr
. getnetbyname, getnetbyaddr
. getipnodebyname, getipnodebyaddr, getnodebyname, getnodebyaddr
= host.conf has been removed from src/etc. rc.network has been modified
to warn that host.conf is no longer used at boot time. In addition, if
there is a host.conf but no nsswitch.conf, the latter is created at boot
time from the former.
Obtained from: NetBSD
the efficiency of byte-by-byte read operations on filesystems not already
supported by the block cache (especially NFS).
This should be a welcome change for users booting via PXE, as the loader
now reads its startup files almost instantly, instead of taking tens of
seconds.
It was kinda silly since the sigaction() syscall that it used to setup
the handler is more recent than __getcwd(), therefore it was useless
as the wrapper would have died before even getting as far as __getcwd(2).
Reminded by: bde
* rewrite catopen() to remove duplicate code chunks and optimize
* if empty string is passed to catopen() as name argument then
catopen() will set errno to ENOENT (File not found), not EINVAL
* move search code to LOOKUP() macro to shrink amount of duplicated code
* move common resource freeing actions to __nls_free_resources() function
* exclude from build code related to MCLoadAll defintion since it is not
using at all
* style(9) related whitespace changes
Reviewed by: ache
in my tree for a long time. bde reviewed this once upon a time and
said it was OK, iirc. This also obviates the need to put ? in the
optstring argument to preclude the extra warning message which some
people think confuses users. When I made my getopt cleanups of a long
time ago, this was the compromise reached. I just neglected to commit
it until now.
and bump __FreeBSD_version to 500012 to mark the occasion.
setproctitle() is prototyped in unistd.h as opposed to stdlib.h
where OpenBSD and NetBSD have it.
Reviewed by: peter
datagram embedded into ICMP error message, not with protocol
field of ICMP message itself (which is always IPPROTO_ICMP).
Pointed by: Erik Salander <erik@whistle.com>
not alias `ip_src' unless it comes from the host an original
datagram that triggered this error message was destined for.
PR: 20712
Reviewed by: brian, Charles Mott <cmott@scientech.com>
rmdir(2) on directories and unlink(2) otherwise. This modification,
and most of the man page update has been obtined from OpenBSD. This
was spotted by someone on a mailing lists a few months ago, but
I've lost their mail.
Reviewed by: sheldonh
for crypt(3) by now. In any case:
Add crypt_set_format(3) + documentation to -lcrypt.
Add login_setcryptfmt(3) + documentation to -lutil.
Support for switching crypt formats in passwd(8).
Support for switching crypt formats in pw(8).
The simple synopsis is:
edit login.conf; add a passwd_format field set to "des" or "md5"; go nuts :)
Reviewed by: peter
Beyond changes to the build system, this includes fixing up the sample
freebsd.mc configuration for changes in defaults and syntax, removing
outdated documentation, and updating the release notes.
identifier to the DHCP server. Now you can check for this string
in your dhcp configuration to decide whether you will hand out a
lease to the client or not.
I changed to close to original code before merging IPv6 support.
It seems having delay before another try is useless. However, I'm
not sure that delay means. So, I leave it as-is.
PR: bin/20515
related patches. These include:
* Mode page editting can be scripted. This involves two
things: first, if stdin is not a tty, changes are read from
stdin rather than invoking $EDITOR. Second, and more
importantly, not all modepage entries must be included in the
change set. This means that camcontrol can now gracefully handle
more intrusive editting from the $EDITOR, including removal or
rearrangement of lines. It also means that you can do stuff
like:
# echo "WCE: 1" | camcontrol modepage da3 -m 8 -e
# newfs /dev/da3
# echo "WCE: 0" | camcontrol modepage da3 -m 8 -e
* Range-checking on user-supplied input values. modeedit.c now
uses the field width specifiers to determine the maximum
allowable value for a field. If the user enters a value larger
than the maximum, it clips the value to the max and warns the
user. This also involved patching cam_cmdparse.c to be more
consistent with regards to the "count" parameter to arg_put
(previously is was the length of strings and 1 for all integral
types). The cam_cdbparse(3) man page was also updated to reflect
the revised semantics.
* In the process, I removed the 64 entry limit on mode pages (not
that we were even close to hitting that limit). This was a nice
side-effect of the other changes.
* Technically, the new mode editting functionality allows editting
of character array entries in mode pages (type 'c' or 'z'),
however since buff_encode doesn't grok them it is currently
useless.
* Camcontrol gained two new options related to mode pages: -l and
-b. The former lists all available mode pages for a given
device. The latter forces mode page display in binary format
(the default when no mode page definition was found in
scsi_modes).
* Added support for mode page names to scsi_modes. Allows names to
be displayed alongside mode numbers in the mode page
listing. Updated scsi_modes to use the new functionality. This
also adds the semicolon into the scsi_modes syntax as an
optional mode page definition terminator. This is needed to name
pages without providing a page format definition.
* Updated scsi_all.h to include a structure describing mode page
headers.
* Added $FreeBSD$ line to scsi_modes.
Inspired by: dwhite
Reviewed by: ken
was not fun and I am not entirely certain of the correctness, but it seems
to work. (in fact, side by side testing of this code vs the x86 version
turned up hidden bugs in the x86 code).
testing and real-life applications:
1) If you returned from the thread function, you got a segv instead of
calling _exit() with your return code.
2) clean up some bogus stack management. There was also an underflow
on function return.
3) when making syscalls, the kernel is expecting to have to leave space
for the function's return address. We need to duplicate this. It was
an accident that the rfork syscall actually worked here. :-/
the number of times I have given this to people and got asked: why isn't
it in libc? It is impossible to do this without assembler glue to reset
the stack for the new child process.
int rfork_thread(flags, stack_addr, start_fnc, start_arg)
int flags; Flags to rfork system call. See rfork(2).
void *stack_addr; Top of stack for thread.
int (*start_fnc)(void *); Address of thread function to call in child.
void *start_arg; Argument to pass to the thread function in child.
This is deliberately not documented or prototyped in includes until the
corresponding alpha version is written.
a bug in some ftp servers (most notably ftp.vmunix.com) which report the
size of a file correctly in ascii mode, but report it as 0 in binary mode.
Reported by: asmodai
Also remove an unneeded initialization.
Sort out the size / length confusion. Always try to report the *real* file
size in the url_stat structure, no matter how much of it is actually being
sent, and try to detect inconsistencies between sizes.
Rearrange the request loop to avoid having to add meaningless code just to
silence compiler warnings.
Switch to a more sensible and consistent interface for the _http_parse*()
functions.
32-bit type (rather than define his own type based on the type of box
being compiled on).
Submitted by: Mark Abene <phiber@radicalmedia.com>
(however I applied a slightly different fix)
strdup()) rather than pointing it at something that's free()d
(via freeaddrinfo(res)) before the function returns.
I appreciate that this is an API change, but it's the only way
(AFAIK) of doing this without breaking existing code that uses
rcmd{,_af}().
Pointed out by: phkmalloc
than requested. Instead, inform the caller of the real offset by modifying
the offset field in the original struct url, and let him decide how to handle
the situation.
pthread_cond_signal(), pthread_cond_broadcast(), and pthread_cond_timedwait().
Do not dump core in pthread_cond_timedwait() (due to a NULL pointer
dereference) if attempting to wait on an uninitialized condition variable.
PR: bin/18099
fetchStat*(). In most cases, either fetchGet*() or fetchXGet*() is a wrapper
around the other; in all cases, calling fetchGet*() is identical to calling
fetchXGet*() with the second argument set to NULL.
outside the loop inspects it to determine whether or not we succeeded in
retrieving the requested document. This fixes a bug where fetchGetHTTP()
would return a FILE with an invalid file descriptor if it hit the redirect
limit without locating the requested document.
or not interrupted system calls will be restarted. This fixes a bug where
fetch(1) would hang (potentially forever) if a server stopped responding,
because the signal handler would absorb the user's efforts to interrupt the
transfer.
via IPv6, the hostname is trimed due to the length of IPv6 address.
This change saves it as possible.
I have a grudge against the shortage of UT_HOSTSIZE.
to be applied to the value given. This does not break installed
/etc/login.conf files, since un-suffixed numbers are interpreted as
they were before.
PR: 19750
Submitted by: Paul Herman <pherman@frenchfries.net>
moved around, but the acutal functional changes are small.
Add support for site-internal redirects (where the Location: header gives a
path instead of an absolute URI)
Pointed out by: kuriyama
with fdisk, ensure that they are a multiple of the sector size in length.
- Axe all the 1024 cylinder checks as they are no longer relevant with the
fixed bootstrap.
more robust, and somewhat more efficient. It also handles authorization and
redirects properly, and supports timeouts like the FTP code.
Many thanks to Umemoto-san for his assistance with IPv6 support, both here
and in other parts of libfetch.
management involving rcmd_af(), getaddrinfo(), freeaddrinfo(), etc.
We set *ahost to point to ai->canonname; and later free the ai-> stuff
and still leave the old pointers in *ahost to the freed data.
Perhaps the best way to deal with this is a static buffer or a static
strdup() that is freed on the next iteration or something. This gives
me headaches just thinking about this.
The new 'AJ' default for malloc() tripped this up.
of the processing of the recursion, "scan" would be pointing to O_CH
(or O_QUEST), which would then be interpreted as being the end character
for altoffset().
We avoid this by properly increasing scan before leaving the switch.
Without this, something like (a?b?)?cc would result in a g->moffset of
1 instead of 2.
I added a case to the soon-to-be-imported regex(3) test code to catch
this error.
string may be found (from the beginning of the pattern), the point
at which must is found minus that offset may actually point to some
place before the start of the text.
In that case, make start = start.
Alternatively, this could be tested for in the preceding if, but it
did not occur to me. :-)
Caught by: regex(3) test code
use a CHAR_MIN-based array, like elsewhere in the code.
Remove a number of unused variables (some due to the above change, one
that was left after a number of optimizing steps through the source).
Brucified by: bde
remove (comment out) functions defined or depricated elsewhere:
bsearch, lfind, lsearch, insque, remque
change hcreate to take a size_t rather than uint (essentially the same)
since hcreate/hdestroy are now in <search.h>, remove private search.h
in lib/libc/db/hash/
add $FreeBSD tags to hsearch.c
- permit numeric scopeid, be more careful about buffer size
TODO: 2nd arg type should be socklen_t for RFC2553 conformance,
but due to include file dependency it is not a easy thing to do
(netdb.h does not have socklen_t)
soon to be committed syscall stubs. These calls will be used to get
and set capability state associated with executables.
Obtained from: TrustedBSD Project
interface addresses in a portable manner, without headache of SIOCGIFCONF
or sysctl. it is in bsdi/openbsd/netbsd already.
from kame tree (actually, mandatory for latest kame tree).
when parsing certain DNS records during a reverse address resolution. Thus
when code tries to examine the returned host name, it dereferences a null
pointer :-(
Problem noticed by: ps
VIS_HTTPSTYLE is a new encoding style for use in vis(), strvis() and
strvisx() that escapes characters according to RFC 1808 (URI encoding).
Since decoding of these require different detection of start-points of
escaped characters, VIS_HTTPSTYLE can be given as flag to unvis().
unvis() will then properly decode URIs.
A new function appeared, strunvisx(): strunvisx() behaves similar as
strunvis(), with one exception: It has an additional flag parameter,
which is passed to unvis() to archive the effect I described above.
previous commits.
At the time we search the pattern for the "must" string, we now compute
the longest offset from the beginning of the pattern at which the must
string might be found. If that offset is found to be infinite (through
use of "+" or "*"), we set it to -1 to disable the heuristics applied
later.
After we are done with pre-matching, we use that offset and the point in
the text at which the must string was found to compute the earliest
point at which the pattern might be found.
Special care should be taken here. The variable "start" is passed to the
automata-processing functions fast() and slow() to indicate the point in
the text at which they should start working from. The real beginning of
the text is passed in a struct match variable m, which is used to check
for anchors. That variable, though, is initialized with "start", so we
must not adjust "start" before "m" is properly initialized.
Simple tests showed a speed increase from 100% to 400%, but they were
biased in that regexec() was called for the whole file instead of line
by line, and parenthized subexpressions were not searched for.
This change adds a single integer to the size of the "guts" structure,
and does not change the ABI.
Further improvements possible:
Since the speed increase observed here is so huge, one intuitive
optimization would be to introduce a bias in the function that computes
the "must" string so as to prefer a smaller string with a finite offset
over a larger one with an infinite offset. Tests have shown this to be a
bad idea, though, as the cost of false pre-matches far outweights the
benefits of a must offset, even in biased situations.
A number of other improvements suggest themselves, though:
* identify the cases where the pattern is identical to the must
string, and avoid entering fast() and slow() in these cases.
* compute the maximum offset from the must string to the end of
the pattern, and use that to set the point at which fast() and
slow() should give up trying to find a match, and return then
return to pre-matching.
* return all the way to pre-matching if a "match" was found and
later invalidated by back reference processing. Since back
references are evil and should be avoided anyway, this is of
little use.
The BM algorithm works by scanning the pattern from right to left,
and jumping as many characters as viable based on the text's mismatched
character and the pattern's already matched suffix.
This typically enable us to test only a fraction of the text's characters,
but has a worse performance than the straight-forward method for small
patterns. Because of this, the BM algorithm will only be used if the
pattern size is at least 4 characters.
Notice that this pre-matching is done on the largest substring of the
regular expression that _must_ be present on the text for a succesful
match to be possible at all.
For instance, "(xyzzy|grues)" will yield a null "must" substring, and,
therefore, not benefit from the BM algorithm at all. Because of the
lack of intelligence of the algorithm that finds the "must" string,
things like "charjump|matchjump" will also yield a null string. To
optimize that, "(char|match)jump" should be used.
The setup time (at regcomp()) for the BM algorithm will most likely
outweight any benefits for one-time matches. Given the slow regex(3)
we have, this is unlikely to be even perceptible, though.
The size of a regex_t structure is increased by 2*sizeof(char*) +
256*sizeof(int) + strlen(must)*sizeof(int). This is all inside the
regex_t's "guts", which is allocated dynamically by regcomp(). If
allocation of either of the two tables fail, the other one is freed.
In this case, the straight-forward algorithm is used for pre-matching.
Tests exercising the code path affected have shown a speed increase of
50% for "must" strings of length four or five.
API and ABI remain unchanged by this commit.
The patch submitted on the PR was not used, as it was non-functional.
PR: 14342
not have a user-supplied signal handler, when a signal is delivered, one
thread will receive the signal, and then the code reverts to having no
signal handler for the signal. This can leave the other sigwait()ing
threads stranded permanently if the signal is later ignored, or can result
in process termination when the process should have delivered the signal to
one of the threads in sigwait().
To fix this problem, maintain a count of sigwait()ers for each signal that
has no default signal handler. Use the count to correctly install/uninstall
dummy signal handlers.
Reviewed by: deischen
available. If not, it falls back to the existing hack and slash method.
A positive side effect is that non-root users may now use Disk_Names(),
for non-dangerous libh/disk.tcl testing.
Reviewed by: phk
- Have NgSendAsciiMsg() return the same token as NgSendMsg()
- Document that NgSendMsg() and NgSendAsciiMsg() return the token
- Add MLINKS for the functions defined in netgraph(3)
getaddrinfo() accidentally returns IPv4 mapped IPv6 address instead
of native IPv4 address.
Now, getaddinfo() is scoped address ready. You can put scoped
address within /etc/hosts.
Obtained from: KAME Project.
- Multiple PPTP clients behind NAT to the same or different servers.
- Single PPTP server behind NAT -- you just need to redirect TCP
port 1723 to a local machine. Multiple servers behind NAT is
possible but would require a simple API change.
- No API changes!
For more information on how this works see comments at the start of
the alias_pptp.c.
PacketAliasPptp() is no longer necessary and will be removed soon.
Submitted by: Erik Salander <erik@whistle.com>
Reviewed by: ru
Rewritten by: ru
Reviewed by: Erik Salander <erik@whistle.com>
renamed to {s|g}etflagsbyname, which received objections. They're
now called strtofflags (string to file flags) and fflagstostr (file
flags to string).
Suggested by: bde
not allowed to return EINTR, but use of pthread_suspend_np() could cause
EINTR to be returned. To fix this, restructure pthread_suspend_np() so that
it does not interrupt a thread that is waiting on a mutex or condition, and
keep enough state around that pthread_resume_np() can fix things up
afterwards.
Reviewed by: deischen
It does mean that it is now possible to run passive-mode FTP
server behind NAT.
- SECURITY: FTP aliasing engine now ensures that:
o the segment preceding a PORT/227 segment terminates with a \r\n;
o the IP address in the PORT/227 matches the source IP address of
the packet;
o the port number in the PORT command or 277 reply is greater than
or equal to 1024.
Submitted by: Erik Salander <erik@whistle.com>
Reviewed by: ru
.Pp
.Fn func
.Pp
Description ...
with a list (Bl ... Li ... El).
- Remove a superfluous ``.Sh ENVIRONMENT'' and replace it with a ``.Pp''
within the IMPLEMENTATION DETAILS section.
Reviewed by: rwatson
right now...
I talked w/ phk last night and "fixing" this in a generic way is going
to require a lot of complex thought on stacking let alone the NFS problems..
add missing sys/time.h for struct timespec def...
standardized interface to the capability support in TrustedBSD.
o Not currently enabled in Makefile, as this code depends on syscalls
and include files that will be committed at a later date.
Obtained from: TrustedBSD Project
o Add shared library version 2 to libposix1e given API changes, et al
o Commented out cap_*.c as that is not currently being compiled into
the library (pending syscalls being committed)
Obtained from: TrustedBSD Project
o Switch reference to www.trustedbsd.org instead of POSIX.1e implementation
page
o Add cross references to capabilities man pages
o Remove extended attribute not implemented "BUGS" entry
Obtained from: TrustedBSD Project
from the "common" directory.
As a side-effect, this also fixes a bug in the ordering of global
constructors and destructors on the Alpha. See revision 1.3 of
"../common/crtbegin.c" for details.
libcam/Makefile: Add scsi_da.c to libcam for the new
scsi_format_unit() function.
camcontrol.8: Update the man page for the new format
functionality, and take out the examples section
describing how to do it with 'camcontrol cmd'.
camcontrol.c: New format functionality. Note that unlike the
rest of the camcontrol subcommands, this one is
interactive by default. Because of the potential
destructiveness of the format command, I thought
it necessary to get confirmation from the user
before spamming a disk. You can disable the
interactive behavior, and the status meter with
command line arguments.
scsi_da.c: Add the new scsi_format_unit() cdb building
function and use #ifdef _KERNEL to make this file
compile in both the kernel and userland. The
format unit function is currently only defined in
the non-kernel case, because nothing in the kernel
is using it. If that changes, it should be
un-ifdefed and compiled in both cases.
scsi_da.h: New function declaration, CDB structure and format
data structures.
Thanks to Nick Hibma for providing some valuable input on these changes.
various architectures. Now all the work is done in crtbegin.c.
It doesn't contain any assembly language code, so it should work
fine on all architectures. (I have tested it on the i386 and the
alpha.) The old assembly language files crt[in].S are now empty
shells that generate no code or data. They should not be removed
any time soon, because the various versions of gcc in src and ports
expect them to exist.
Next I will move crtbegin.c into a new common machine-independent
directory, and adjust the i386-elf Makefile to use that version.
After that I will adjust the alpha Makefile to use the common
version too.
Requested by: obrien
was not the fault of the module code, nor FICL. The malloc code requires
sbrk() to return addresses that were at least 16 byte aligned. If the
Alpha loader happened to be 8 byte but not 16 byte aligned in length, then
you would get a zfree() panic at startup.
Incidently, this affected the i386 loader as well, and explains why
the static heap changed things and why jlemon had trouble when the bss
was not ending at a multiple of 8 bytes.
My fix is to 16 byte align it on all arches, even though the x86 version
only required 8 byte alignment (struct MemNode is smaller there). We could
page align it if we wanted to be paranoid, but it isn't presently necessary.
. use real function names as `.Nm' macro argument in NAME section. It allows
them to appear in apropos(1) or whatis(1) output.
. replace empty lines with `.Pp' macro.
. replace hardcoded standard names with their `.St' macro equivalents.
. sort cross references in SEE ALSO section
maintained, and has been replaced by msun. The libm sources
shouldn't be removed just yet as there are parts that should be
merged into msun first.
PR: misc/17848
Discussed with: phk & bde
to PPTP) with more generic PacketAliasRedirectProto().
Major number is not bumped because it is believed that noone
has started using PacketAliasRedirectPptp() yet.
LSNAT links are first created by either PacketAliasRedirectPort() or
PacketAliasRedirectAddress() and then set up by one or more calls to
PacketAliasAddServer().
from
all AAAA trial, then all A trial
to
try AAAA and A for each trial
TODO: more fix for the case where IPv4 mapped IPv6 addr is disabled
Reviewed by: ume
maintainers.
After we established our branding method of writing upto 8 characters of
the OS name into the ELF header in the padding; the Binutils maintainers
and/or SCO (as USL) decided that instead the ELF header should grow two new
fields -- EI_OSABI and EI_ABIVERSION. Each of these are an 8-bit unsigned
integer. SCO has assigned official values for the EI_OSABI field. In
addition to this, the Binutils maintainers and NetBSD decided that a better
ELF branding method was to include ABI information in a ".note" ELF
section.
With this set of changes, we will now create ELF binaries branded using
both "official" methods. Due to the complexity of adding a section to a
binary, binaries branded with ``brandelf'' will only brand using the
EI_OSABI method. Also due to the complexity of pulling a section out of an
ELF file vs. poking around in the ELF header, our image activator only
looks at the EI_OSABI header field.
Note that a new kernel can still properly load old binaries except for
Linux static binaries branded in our old method.
*
* For a short period of time, ``ld'' will also brand ELF binaries
* using our old method. This is so people can still use kernel.old
* with a new world. This support will be removed before 5.0-RELEASE,
* and may not last anywhere upto the actual release. My expiration
* time for this is about 6mo.
*
connections, after SYN packets were seen from both ends. Before this,
it would get applied right after the first SYN packet was seen (either
from client or server). With broken TCP connection attempts, when the
remote end does not respond with SYNACK nor with RST, this resulted in
having a useless (ie, no actual TCP connection associated with it) TCP
link with 86400 seconds TTL, wasting system memory. With high rate of
such broken connection attempts (for example, remote end simply blocks
these connection attempts with ipfw(8) without sending RST back), this
could result in a denial-of-service.
PR: bin/17963
but with `dst_port' work for outgoing packets.
This case was not handled properly when I first fixed this
in revision 1.17.
This change is also required for the upcoming improved PPTP
support patches -- that is how I found the problem.
Before this change:
# natd -v -a aliasIP \
-redirect_port tcp localIP:localPORT publicIP:publicPORT 0:remotePORT
Out [TCP] [TCP] localIP:localPORT -> remoteIP:remotePORT aliased to
[TCP] aliasIP:localPORT -> remoteIP:remotePORT
After this change:
# natd -v -a aliasIP \
-redirect_port tcp localIP:localPORT publicIP:publicPORT 0:remotePORT
Out [TCP] [TCP] localIP:localPORT -> remoteIP:remotePORT aliased to
[TCP] publicIP:publicPORT -> remoteIP:remotePORT
INADDR_NONE: Incoming packets go to the alias address (the default)
INADDR_ANY: Incoming packets are not NAT'd (direct access to the
internal network from outside)
anything else: Incoming packets go to the specified address
Change a few inaddr::s_addr == 0 to inaddr::s_addr == INADDR_ANY
while I'm there.
redirected and when no target address has been specified, NAT
the destination address to the alias address rather than
allowing people direct access to your internal network from
outside.
some reason. This will prevent an infinite loop if (say) a sigalarm is
being scheduled at a more frequent interval than the poll timeout.
PR: 2191, 8847, 10553
thread waiting on an event (I/O, condvar, etc) will, when resumed using
pthread_resume_np, return with EINTR. For example, suspending and resuming
a thread blocked on read() will not requeue the thread for the read, but
will return -1 with errno = EINTR. If the suspended thread is in a critical
region, the thread is suspended as soon as it leaves the critical region.
Fix a bogon in pthread_kill() where a signal was being delivered twice
to threads waiting in sigwait().
Reported by (suspend/resume bug): jdp
Reviewed by: jasone
and gids bigger than 16 bits. Added checks for uids and gids that are
bigger than 32 bits.
Approved by: jkh (partly, this fix is bigger than I first intended)
Without this, kernel will panic at getsockopt() of IPSEC_POLICY.
Also make compilable libipsec/test-policy.c which tries getsockopt() of
IPSEC_POLICY.
Approved by: jkh
Submitted by: sakane@kame.net
optimization that generates code our current as doesn't understand.
The result is bad code that damages dynamic symbol locations at
runtime. Ouch. See PR bin/16862 and discussion in -current.
This change will be backed out when gcc and gas are back in sync.
PR: Fixes bin/16862, but not the underlying problem.
Submitted by: bde
Approved by: jdk
when connecting via IPv6, hostname was not recorded to utmp anymore.
Because, if hostname is longer than buffer size, getnameinfo() returns
with ENI_MEMORY.
Reviewed by: shin
Approved by: jkh
I'm not quite sure about this, I think it should be using -lssh_pic since
it's being linked into a .so, but nothing seems to complain ahd it does
work. (well, it works for using the authorized_keys file, but I have not
figured out how to get it to start a ssh-agent and cache the key for me)
PR: 17191
Submitted by: Adrian Pavlykevych <pam@polynet.lviv.ua>
-Added more description.
-Many grammer fix.
-Fix hard sentence break.
-Many other man style fix.
Thanks for bde finding out the problem.
Thanks for sheldon for the patient and thorough review.
:-)
Submitted by: bde
Reviewed by: sheldonh
This
This feature allows you to specify if mmap'd data is included in
an application's corefile.
Change the type of eflags in struct vm_map_entry from u_char to
vm_eflags_t (an unsigned int).
Reviewed by: dillon,jdp,alfred
Approved by: jkh
Sorry for the flapping, but no change will be done for 4.0 anymore.
Official standard will be published around April or later.
If different format would be adopted at that time, then support for
the new format will be added to the succeeding FreeBSD 4.x.
Approved by: jkh
run out of KVM through a mmap()/fork() bomb that allocates hundreds
of thousands of vm_map_entry structures.
Add panic to make null-pointer dereference crash a little more verbose.
Add a new sysctl, vm.max_proc_mmap, which specifies the maximum number
of mmap()'d spaces (discrete vm_map_entry's in the process). The value
defaults to around 9000 for a 128MB machine. The test is scaled for the
number of processes sharing a vmspace (aka linux threads). Setting
the value to 0 disables the feature.
PR: kern/16573
Approved by: jkh
returning the error directly.
For sem_post(), make sure that the correct thread is woken up. This has
unfortunate performance implications, but is necessary for POSIX compliance.
Approved by: jkh
fit in the static buffer. This fix causes it to look like there is no
data available, which is also wrong but is better than dumping core.
PR: bin/10344
Reviewed by: billf
Approved by: jkh
Now libutil depends on libc.so.4, so needs to update the major version.
Without this, old binaries which use libutil and build with libc.so.3
will coredump on recent 4.0.
Solicited comment for cvs-committers and there seems to be no objection.
Approved by: jkh
might it confuse people, but it causes a warning message with
nroff, and no version history mentions a 1.2 version of FreeBSD.
If anything, a ``HISTORY'' section should show which version this
appeared in.
Now libwrap depends on libc.so.4, so needs to update the major version.
Without this, old binaries which use libwrap and build with libc.so.3
will coredump on recent 4.0.
Approved by: jkh
Reviewed by: markm
-Should not error return when rresvport_af() failed for one of dest
addrs resolved by getaddrinfo().
Should retry until all dest addr fail.
Approved by: jkh
(shortend format, etc)
Current KAME getaddrinfo() supports only d.d.d.d format IPv4
addr. But traditionally inet_aton() and etc support other formats.
(shortend format and octal/deciaml/hex format)
Aboud this,
-As far as the discussion on freebsd-current, many people
think traditional format should also be supported by getaddrinfo().
-X/Open spec requires getaddrinfo() also support those
traditional IPv4 format.
-RFC2553 say nothing about it.
-As the result of confirmation in ietf/ipng list, there is
no clear concensus yet, and the reply was, "RFC2553 update
and X/Open spec will be in sync"
So takeing these conditions into account, I think
getaddrinfo() should also support traditional IPv4 format.
Specified by: Marc Schneiders <marc@oldserver.demon.nl>
Approved by: jkh
KAME scoped addr format is changed recently.
before: addr@scope
now: scope%addr
Because the end of IPv6 numeric addr is tend to be truncated in
`netstat -rn ` output, so placing scope part at starting of addr
will be convenient.
Approved by: jkh
Obtained from: KAME project
of the C++ stdlib. Our ctype.h uses symbols of the form _<X> to denote the
various character classes. Our ctype.h also extends the usual ctype.h
offering by adding the "_T" (special) class. Problem is parts of the STL
also use the symbol "_T" as its parameterized type. These two uses are
incompatible.
Thus change the form of the symbols used in ctype to something that fixes
the current problem and is less likely to cause conflicts in the future.
Requested by: Tomoaki NISHIYAMA <tomoaki@biol.s.u-tokyo.ac.jp>
Ok'ed by: JKH
interface, and statically link them to the programs using them.
These functions, upon reflection and discussion, are too generically
named for a library interface with such specific functionality.
Also the api that they use, whilst ok for private use, isn't good
enough for a libc function.
Additionally there were complications with the build/install-world
process. It depends heavily upon xinstall, which got broken by
the change in api, and caused bootstrap problems and general mayhem.
There is work in progress to address future problems that may be
caused by changes in install-chain tools, and better names for
{g|s}etflags can be derived when some future program requires them.
For now the code has been left in src/lib/libc/gen (it started off
in src/bin/ls).
It's important to provide library functions for manipulating file
flag strings if we ever want this interface to be adopted outside
of the source tree, but now isn't necessarily the right moment
with 4.0-release just around the corner.
Approved: jkh
Now when tcp_wrapper is enabled by inetd -wW,
several accesses which should be permitted are refused only for IPv6,
if hostname is used to decide the host to be allowed.
IPv6 users will be just upset.
About security related concern.
-All extensions are wrapped by #ifdef INET6, so people can completely
disable the extension by recompile libwrap without INET6 option.
-Access via IPv6 is not enabled by default.
People need to enable IPv6 access by changing /etc/inetd.conf at first,
by adding tcp6 and/or tcp46 entries.
-The base of patches are from KAME package and are actually daily used
for more than a year in several Japanese IPv6 environments.
-Patches are reviewed by markm.
Approved by: jkh
Submitted by: Hajimu UMEMOTO <ume@mahoroba.org>
Reviewed by: markm
Obtained from: KAME project
When libipsec library is created, no SHLIB numbers are
specified in the Makefile. Then the library version was set
to 2.(by default?)
So change it to 0.
For now it should not be problem, because the contents are same.
I'll also prepare an entry for UPDATING.
Some of rcmd related function is need to be updated to
support IPv6. Some of them are already updated as standard
document. But there is also several de-facto functions and
they are not listed in standard documents.
They are,
iruserok() (used by rlogind, rshd)
ruserok() (used by kerberos, etc)
KAME package updated those functions in original way.
iruserok_af()
ruserok_af()
But recently there was discussion on IETF IPng mailing
list about how to sync those API, and it is decided,
-Those function is not standard and not documented.
-But let BSDs sync their API as de-facto.
And after some discussion, it is announced that
-add update to iruserok() as iruserok_sa()
-no ruserok() API change(it is only updated internaly)
So I sync those API before 4.0 is released.
The changes are,
-prototype changes
-ruserok() internal update (use iruserok_sa() inside)
-removal of ruserok_af()
-change iruserok_af() as static functioin, and also prefix the name with __.
-add iruserok_sa() (Just call __iruserok_af() inside)
-adding flag AI_ALL to getipnodebyaddr() called from __icheckhost().
This is necessary to support IPv4 communication via AF_INET6 socket
could be correctly authenticated via iruserok_sa()
-irusreok_af() call is replaced to iruserok_sa() call
in rlogind, and rshd.
Approved by: jkh
For libc_r renamed syscalls, correct symbol naming from
_thread_sys_foo() <-- _foo() to _thread_sys_foo() <-- _foo() <-- foo(). This
is necessary for system calls which libc_r doesn't define foo().
Some weak symbols such as poll() are defined twice. From what I understand,
depending on one weak symbol or the other to be used is a bad idea. All
such weak symbols defined in the libc_r-specific code should therefore be
made strong (non-weak?).
Simplify PSEUDO() to not define any weak symbols, since they aren't ever
needed.
alpha/SYS.h:
Correct reversed usage of WEAK_ALIAS(), which has reversed arguments from
__weak_reference(). Also, fix reversal of symbols, so that syscall foo()
is a weak alias for _foo().
Add WEAK_ALIAS() call to PRSYSCALL(), which unlike the i386 version of
PRSYSCALL(), is not defined in terms of PSYSCALL().
Make PSEUDO() equivalent to the i386 version.
Introduce ACL man pages en masse for library calls, and general introduction.
Also, fix acl_valid.c non-portable calls to include _np in their names,
making them standard-happy as well as consistent with acl.h
strftime(3), add another one. :) %z yields the local timezone's offset
in hours and minutes, as used in RFC822 headers. There's a precedence
for this in Lunux' libc, and Internet software (like Perl scripts)
start using it.
OKed by (wrt. the code freeze): jkh
just use _foo() <-- foo(). In the case of a libpthread that doesn't do
call conversion (such as linuxthreads and our upcoming libpthread), this
is adequate. In the case of libc_r, we still need three names, which are
now _thread_sys_foo() <-- _foo() <-- foo().
Convert all internal libc usage of: aio_suspend(), close(), fsync(), msync(),
nanosleep(), open(), fcntl(), read(), and write() to _foo() instead of foo().
Remove all internal libc usage of: creat(), pause(), sleep(), system(),
tcdrain(), wait(), and waitpid().
Make thread cancellation fully POSIX-compliant.
Suggested by: deischen
string to u_long and back using two functions, flags_to_string and
string_to_flags, which co-existed with 'ls'. As time has progressed
more and more other tools have used these private functions to
manipulate the file flags.
Recently I moved these functions from /usr/src/bin/ls to libutil,
but after some discussion with bde it's been decided that they
really ought to go in libc.
There are two already existing libc functions for manipulating file
modes: setmode and getmode. In keeping with these flags_to_string
has been renamed getflags and string_to_flags to setflags.
The manual page could probably be improved upon ;)
o Do not override `environ' if realloc() fails, leave it intact.
o Set `alloced' only when memory is actually allocated.
PR: bin/5604 (2nd part)
Reviewed by: bde
Updated date. 1987 was a while ago.
Removed trailing comma in NAME section.
Uncapitalised Bindresvport and Bindresvport_sa in DESCRIPTION section.
Don't use .Nm there either.
Added bindresvport_sa() to the RETURN VALUES and ERROR sections.
- clean up unneeded AFS ID type
- Add Coda, NTFS, NWFS ACL types
- Add acl_dup() prototype
- Remove acl_calc_mask, which belongs in the editing library
- Introduce posix1e.3, a man page introducing POSIX.1e library calls
(more man pages to follow)
-changed bindresvport2 to bindresvport_sa
-merged the man into bindresvport.3
All discussion between Jean-Luc Richier <Jean-Luc.Richier@imag.fr>,
Theo de Raadt <deraadt@cvs.openbsd.org>, itojun, is reflected to
this code. (Actually Theo de Raadt write the code simultaneously as the
discussion change.)
obtained from itojun.
-don't filter address families which are not supported by system at
FQDN resolving.
-don't do reverse lookup
I think I checked all lib and tools which use getaddrinfo() if
this change affect them.
Obtained from: KAME project
adds _np to a couple of function prototypes that provided more broad/useful
interfaces than POSIX.1e interfaces included.
Also, move from using a heuristic to identify POSIX.1e-semantic ACLs to
using different ACL types for non-POSIX.1e ACLs. This should clean up the
existing fuzzy logic that determined when acl_sort() should be applied
before kernel submission.
are not supported by this implementation, and the error return values
from sem_init(), sem_open(), sem_close(), and sem_unlink() reflect this.
Approved by: jkh
signal handler. Explicitly check for jumps to anywhere other than the
current stack, since such jumps are undefined according to POSIX.
While we're at it, convert thread cancellation to use continuations, since
it's cleaner than the original cancellation code.
Avoid delivering a signal to a thread twice. This was a pre-existing bug,
but was likely unexposed until these other changes were made.
Defer signals generated by pthread_kill() so that they can be delivered on
the appropriate stack. deischen claims that this is unnecessary, which is
likely true, but without this change, pthread_kill() can cause undefined
priority queue states and/or PANICs in [sig|_]longjmp(), so I'm leaving
this in for now. To compile this code out and exercise the bug, define
the _NO_UNDISPATCH cpp macro. Defining _PTHREADS_INVARIANTS as well will
cause earlier crashes.
PR: kern/14685
Collaboration with: deischen
prettier (?) names, adding some const's around here, et al.
This is commit 4 out of 3, updating the userland library to reflect kernel
interface changes.
Reviewed by: bde
check for on the server may arise legitimately on the client. The
correct way to check for a zero record length is to check for it
without the LAST_FRAG marker in it, since it's legal to send a LAST_FRAG
marker with 0 bytes of data.
PR: misc/16028
the case that a CPU hungry main thread is prevented from being preempted
due to a negative calculation of its time slice.
Reported by: Alexander Litvin <archer@lucky.net>
libcrypt and libutil was not built before libpam.
The order here is currently unimportant, but ../Makefile should
descend here to build everything (which currently doesn't work
right) or at least to get the order using `make -V SUBDIR'.
Fixed bitrot in comments about library dependencies. The list has been
maintained better in ../Makefile.inc1, except it has been uninverted
there so it is hard to use manually.
interface. This commit introduces the library, as well as a modest
subset of the ACL calls, with some modifications to support multiple
ACL semantics.
Reviewed by: eivind
points. For library functions, the pattern is __sleep() <--
_libc_sleep() <-- sleep(). The arrows represent weak aliases. For
system calls, the pattern is _read() <-- _libc_read() <-- read().
I smite thee, vile buildworld breakage!
The story is that these were added to beforeinstall improperly. In our
beforeinstall, a full mtree has not been populated. Since the tree is
not populated, we explode from missing directories on doc install. It
should not be done in beforeinstall (includes) anyway.
* Add the 'h' ftp flag (allocate local port in high range)
* Add the 'd' flag (use direct connection even if proxy is defined)
* Make sure flags != NULL before calling strchr().
* Minor changes to some comments.
the initial thread). Instead, just leave an unmapped gap between thread
stacks and make sure that the thread stacks won't grow into these gaps,
simply by limiting the size of the stacks with the 'len' argument to
mmap(). This (if I understand correctly) reduces VM overhead
considerably.
Reviewed by: deischen
is an application space macro and the applications are supposed to be free
to use it as they please (but cannot). This is consistant with the other
BSD's who made this change quite some time ago. More commits to come.
handler. Thread-to-thread signals (pthread_signal) are treated differently
than process signals; a pthread_signal can wakeup a blocked thread if
a signal handler is not installed for that signal.
Found by: ACE tests
pointer" instead. The potential confusion arises because the string/*.3
pages use the term "null-terminated string" (which is permissable). Moreover,
this also makes these two manpages more consistent with the other string/*.3
manpages.
(1)added error check of if_nameindex() return value at getaddrinfo().
(2)print out more detailed information when getaddrinfo() error value
is EAI_SYSTEM.(in this case system error num is kept in errno)
(1) is Discovered by: jinmei@kame.net in KAME environment.
(From the author:)
Primarily, I have added built-in functions for manipulating the
environment, so putenv() is no longer used. XDM and its variants
should now work without modification. Note that the new code uses
the macros in <sys/queue.h>.
Submitted by: Andrew J. Korty <ajk@iu.edu>
locking functions. If an application loads a shared object with
dlopen() and the shared object has an init function which requires
lazy binding, then _rtld_bind is called when the thread is already
inside the dynamic linker. This leads to a recursive acquisition
of the lock, which I was not expecting -- hence the assert failure.
This work-around makes the default locking functions handle recursive
locking. It is NOT the correct fix -- that should be implemented
at the generic locking level rather than in the default locking
functions. I will implement the correct fix in a future commit.
Since the dllockinit() interface will likely need to change, warn
about that in both the man page and the header file.
Fix some ctype problems - isascii() caused a warning if fed an unsigned
char - it's always > 0 and libstand is compiled with -Wall.
Missing prototype/include in printf.c
and is module aware. Yes, this means that kvm_nlist(3) will find symbols
in loaded modules. The emulation of the nlist struct is pretty crude but
seems to work well enough for all the users in the tree that I found.
functions to be used by the dynamic linker. This can be called by
threads packages at start-up time. I will add the call to libc_r
soon.
Also add a default locking method that is used up until dllockinit()
is called. The default method works by blocking SIGVTALRM, SIGPROF,
and SIGALRM in critical sections. It is based on the observation
that most user-space threads packages implement thread preemption
with one of these signals (usually SIGVTALRM).
The dynamic linker has never been reentrant, but it became less
reentrant in revision 1.34 of "src/libexec/rtld-elf/rtld.c".
Starting with that revision, multiple threads each doing lazy
binding could interfere with each other. The usual symptom was
that a symbol was falsely reported as undefined at start-up time.
It was rare but not unseen. This commit fixes it.
Doing the "right thing" here is difficult, so create two ENTRY points for
each function (for example, __setjmp and setjmp are equivalent). This
isn't pretty, but it works for both aout and ELF.
libc symbol naming needs an overhaul in order to properly support function
wrapping, specifically in the case of a real libpthread, and these
duplicate entry points should be fixed as part of that overhaul.
Pointed out by: bde
takes an int arg and is prototyped in <string.h>. It has the opposite
interface botches to psignal(3) which takes a bogus unsigned arg but is
prototyped in the right place.
This is not the last of the interface problems for strsignal(). We
obtained it from NetBSD, but NetBSD has moved its prototype to
<unistd.h>. strsignal() should return const char *, but it returns
char * for historical reasons. NetBSD declares it as returning
__aconst char, where __aconst is normally empty but can be set to
`const' to give better error checking. glibc-2.1.1 prototypes
strsignal() in <string.h>.
lobotomized environment, say booted from a floppy with no /etc full
of password and group files, give sensible fallbacks for roots uid
and operators gid.
This might fix sysinstall.
this makefile update which should have been together with the file
removal.
Removed vlimit.3 and vtimes.3. Removed vlimit.c and vtimes.c from
the "MISSING" list. These were old variants of get/setrlimit() and
getrusage(), respectively, and were never implemented in FreeBSD.
vlimit.3 referred to <sys/vlimit.h> which was removed recently.
vtimes.3 referred to <sys/vtimes.h> which never existed in FreeBSD.
the "MISSING" list. These were old variants of get/setrlimit() and
getrusage(), respectively, and were never implemented in FreeBSD.
vlimit.3 referred to <sys/vlimit.h> which was removed recently.
vtimes.3 referred to <sys/vtimes.h> which never existed in FreeBSD.
o Cancellation flags were not getting properly set/cleared.
o Loops waiting for internal locks were not being exited
correctly by a cancelled thread.
o Minor spelling (cancelation -> cancellation) and formatting
corrections (missing tab).
Found by: tg
Reviewed by: jasone
o Don't call signal handlers with the signal handler access lock
held.
o Remove pending signals before calling signal handlers. If
pending signals were not removed prior to handling them,
invocation of the handler could cause the handler to be
called more than once for the same signal. Found by: JB
o When SIGCHLD arrives, wake up all threads in PS_WAIT_WAIT
(wait4).
PR: bin/15328
Reviewed by: jasone
IPv6 specific library functions addition.
(getnameinfo(), getaddrinfo(), and IPv6 transport support is not yet)
Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project
__setjmp, __longjmp, __sigsetjmp, and __siglongjmp, respectively.
This supports cancellation in the linuxthreads port. In the long run,
a much more comprehensive solution will necessitate more dramatic changes
to libc symbol naming, and these aliases will probably need modification
at that time.
MAN8+= rstat_svc.8
The file it talks about doesn't exist on FreeBSD, so there's no point in
installing the manual page. There was already a comment to this effect in
this file, but the entry hadn't been commented out.
rstat.1 and rstat_svc.8 can probably actually be removed.
PR: docs/13767
Submitted by: Seth <seth@freebie.dp.ny.frb.org>
madvise().
This feature prevents the update daemon from gratuitously flushing
dirty pages associated with a mapped file-backed region of memory. The
system pager will still page the memory as necessary and the VM system
will still be fully coherent with the filesystem. Modifications made
by other means to the same area of memory, for example by write(), are
unaffected. The feature works on a page-granularity basis.
MAP_NOSYNC allows one to use mmap() to share memory between processes
without incuring any significant filesystem overhead, putting it in
the same performance category as SysV Shared memory and anonymous memory.
Reviewed by: julian, alc, dg
is good for... :-)), I discovered that part of the change when mkstemps()
was brought in was missed - it was missing the termination case to make
sure it doesn't walk into the suffix. This isn't the same code OpenBSD
has, I think this is a little better as we terminate the loop in a better
spot.
Discuss in the BUGS section of the manpage, problems involved with
the use of %C, %e, %l, %p, %U and %W.
PR: 13901
Reported by: scott@chronis.pobox.com
Before this change, a signal was delivered to each thread that
didn't have the signal masked. Signals also improperly woke up
threads waiting on I/O. With this change, signals are now
handled in the following way:
o If a thread is waiting in a sigwait for the signal,
then the thread is woken up.
o If no threads are sigwait'ing on the signal and a
thread is in a sigsuspend waiting for the signal,
then the thread is woken up.
o In the case that no threads are waiting or suspended
on the signal, then the signal is delivered to the
first thread we find that has the signal unmasked.
o If no threads are waiting or suspended on the signal,
and no threads have the signal unmasked, then the signal
is added to the process wide pending signal set. The
signal will be delivered to the first thread that unmasks
the signal.
If there is an installed signal handler, it is only invoked
if the chosen thread was not in a sigwait.
In the case that multiple threads are waiting or suspended
on a signal, or multiple threads have the signal unmasked,
we wake up/deliver the signal to the first thread we find.
The above rules still apply.
Reported by: Scott Hess <scott@avantgo.com>
Reviewed by: jb, jasone
the environment. This allows big ID warnings to be suppressed for
vipw and chpass as well.
Since the environment variable test is only performed for callers
of pw_scan() that do not set pw_big_ids_warning, the test can still
be overriden. Currently, chpass and pwd_mkdb are the only users
of pw_scan() and neither of them overrides the environment variable
test.
NGM_BINARY2ASCII, which convert control messages to ASCII and back.
This allows control messages to be sent and received in ASCII form
using ngctl(8), which makes ngctl a lot more useful.
This also allows all the type-specific debugging code in libnetgraph
to go away -- instead, we just ask the node itself to do the ASCII
translation for us.
Currently, all generic control messages are supported, as well as
messages associated with the following node types: async, cisco,
ksocket, and ppp.
See /usr/share/examples/netgraph/ngctl for an example of using this.
Also give ngctl(8) the ability to print out incoming data and
control messages at any time. Eventually nghook(8) may be subsumed.
Several other misc. bug fixes.
Reviewed by: julian
readdir_r is not POSIX according to POSIX_SOURCE, bruce says:
> readdir_r() is in the _POSIX_SOURCE section, but is not a POSIX.1-1990
> function. It's POSIX.1-1996 so it should be under a different feature
> test which we don't support yet.
make sure errno is saved so that its contents are cleared unless
necessary.
Submitted by: bde
"login auth sufficient pam_ssh.so" to your /etc/pam.conf, and
users with a ~/.ssh/identity can login(1) with their SSH key :)
PR: 15158
Submitted by: Andrew J. Korty <ajk@waterspout.com>
Reviewed by: obrien
to use mmap(..., MAP_STACK, ...) on alpha too since that should work
now.
* Add hooks to allow GDB to access the internals of pthreads without
having to know the exact layout of struct pthread.
Reviewed by: deischen
eischen (Daniel Eischen) added wrappers to protect against cancled
threads orphaning internal resources.
the cancelability code is still a bit fuzzy but works for test
programs of my own, OpenBSD's and some examples from ORA's books.
add readdir_r to both libc and libc_r
add some 'const' attributes to function parameters
Reviewed by: eischen, jasone
with NetBSD and the Single Unix Specification v2.
This updates some structures with other, almost equivalent types and
effort is under way to get the whole more consistent.
Also removes a double definition of INET6 and some other clean-ups.
Reviewed by: green, bde, phk
Some part obtained from: NetBSD, SUSv2 specification
happy with how this end up and will re-visit the entire empty field
problem, but this patch solves the NIS problem for now.
Submitted by: Dan Nelson <dan@emsphone.com>
PR: 14865,14984
mode. This addresses a well-known race condition that can cause
servers to hang in accept(). The relevant case is when somebody
connects to the server and then immediately kills the connection
by sending a TCP reset. On the server this causes select to report
a ready condition on the socket, after which the accept call blocks
because there is no longer any pending connection to accept.
In -current there is already a work-around for this in the kernel.
It was merged into -stable some time ago, but then David Greenman
reverted it because it seemed to be causing a socket leak in some
cases. (See uipc_socket.c revision 1.51.2.3.) Hence this userland
fix is needed in -stable, and I plan to merge it into that branch
soon because it fixes a potential DoS attack. It may also be needed
in -current if the suspected socket leak turns out to be real. In
any case, after thinking it over I believe the fix belongs in
userland. An application shouldn't assume that a ready return from
select guarantees that the subsequent I/O operation cannot block.
A lot can happen between the select and the accept.
A similar fix should most likely be applied to the Unix domain
socket transport too.
Submitted by: peter
Reviewed by: jdp
It used to loop back up to the accept() call and block there,
shutting out all other transports until a new connection came in.
Now it returns instead after dropping the connection. That will
take it back to the select() loop where all transports can be
serviced. I intend to MFC this within a day or two since it
fixes a DoS vulnerability.
This fixes some nasty procfs problems for SMP, makes ps(1) run much faster,
and makes ps(1) even less dependent on /proc which will aid chroot and
jails alike.
To disable this facility and revert to previous behaviour:
sysctl -w kern.ps_arg_cache_limit=0
For full details see the current@FreeBSD.org mail-archives.
All Makefiles now use MACHINE_ARCH for the target architecture.
Unification is required for cross-building.
Tags added to:
sys/boot/Makefile
sys/boot/arc/loader/Makefile
sys/kern/Makefile
usr.bin/cpp/Makefile
usr.bin/gcore/Makefile
usr.bin/truss/Makefile
usr.bin/gcore/Makefile:
fixed typo: MACHINDE -> MACHINE_ARCH
which is zero-based.
Correct the range checking for the value taken for %S.
Add %w for the day of the week (0-6).
Accept (but do nothing with) %U and %W. The comment for this change was
taken from NetBSD.
These changes were made after several failed attempts to contact the
author of our strptime.c .
PR: 10131
Submitted by: tadf@kt.rim.or.jp (Tadayoshi Funaba)
It adds new functions and extend some structures and can handle
VESA modes.
- Update the man page.
- Bump the library version number.
(The old version will be added to compat3x.)
of the /etc/radius.conf file. But the code contains hacks for
backward compatibility, so old files will continue to work.
I updated the man pages and made a couple of minor changes, but
everything else was submitted by Oleg.
PR: misc/14284
Submitted by: Oleg Semyonov <os@altavista.net>
should close all outstanding PRs on incorrect inet_aton behavior, and
since it has a decent parsing routine, doesn't allow some hysterically
working behavior.
PR: 13628
Submitted by: Adrian Chadd <adrian@FreeBSD.org>
two subsections: SINOPSIS (declarations) and DESCRIPTION (descriptions)
All functions now mentioned in NAME section (apropos capable manpage :)
Various mdoc fixe
Been in production for 3 years now. Gives Instant Frame relay to if_sr
and if_ar drivers, and PPPOE support soon. See:
ftp://ftp.whistle.com/pub/archie/netgraph/index.html
for on-line manual pages.
Reviewed by: Doug Rabson (dfr@freebsd.org)
Obtained from: Whistle CVS tree
next try over chroot (descriptor closed). getgrnam() used already handles
endgrent() properly and honors _gr_stayopen. Automatically call
setgroupent(1) when _pw_stayopen is set (for YP/NIS code).
setjmp() gets the jmp_buf pointer from the wrong place (the place
where the return address is) in the shlib case, and uses it (only)
to fetch the current signal mask to address (return_address + 28).
This address is normally read-only (I hope), so the sigprocmask()
call has no effect except to return an error code.
\end{quote}
Submitted by: bde
just breaks the prototypes for gzseek() and gztell() when an application
defines HAVE_UNISTD_H before including <zlib.h>. z_off_t was always
long for compiling zlib, but was sometimes off_t for compiling
applications, e.g., Ethereal 0.7.5.
This "fix" preserves bug for bug binary compatibility. z_off_t should
be off_t for everything, but zlib doesn't support off_t being longer
than long, so using the correct type without fixing zlib's internals
would at best break binary compatibility. This "fix" also make the
namespace problems for HAVE_UNISTD_H no worse than hundreds of other
namespace prooblems in zconf.h. I'll wait for a new release of zlib
for proper fixes.
Reported by: Guy Harris via jkh
the code, which seems to implement the POSIX requirements, and
have described the behavior here. Basically, it behaves the same
as select(2).
Noticed by: John Polstra
to call osigaction(). But that's wrong because it causes the
handler to receive a struct osigcontext instead of the expected
struct sigcontext. Use sigaction() instead, copying the compatible
portion of the signal mask.
Reviewed by: marcel
-----------------------------
Most of the userland changes are in libc. For both the alpha
and the i386 setjmp has been changed to accomodate for the
new sigset_t. Internally, libc is mostly rewritten to use the
new syscalls. The exception is in compat-43/sigcompat.c
The POSIX thread library has also been rewritten to use the
new sigset_t. Except, that it currently only handles NSIG
signals instead of the maximum _SIG_MAXSIG. This should not
be a problem because current applications don't use any
signals higher than NSIG.
There are version bumps for the following libraries:
libdialog
libreadline
libc
libc_r
libedit
libftpio
libss
These libraries either a) have one of the modified structures
visible in the interface, or b) use sigset_t internally and
may cause breakage if new binaries are used against libraries
that don't have the sigset_t change. This not an immediate
issue, but will be as soon as applications start using the
new range to its fullest.
NOTE: libncurses already had an version bump and has not been
given one now.
NOTE: doscmd is a real casualty and has been disconnected for
the moment. Reconnection will eventually happen after
doscmd has been fixed. I'm aware that being the last one
to touch it, I'm automaticly promoted to being maintainer.
According to good taste this means that I will receive a
badge which either will be glued or mechanically stapled,
drilled or otherwise violently forced onto me :-)
NOTE: pcvt/vttest cannot be compiled with -traditional. The
change cause sys/types to be included along the way which
contains the const and volatile modifiers. I don't consider
this a solution, but more a workaround.
required to be "announced" by a new bit in sa_flags to indicate the
program is aware of and has taken care of them. eg: SA_SIGINFO means
the program has used the sa_siginfo field (versus sa_handler).
sigaction, used to describe an action to be taken, is defined in the
header <signal.h> to include at least the following members:"
^^^^^^^^
A sigaction defined on stack with essentially random contents may have
just about anything underneath fields that the program doesn't know about.
It is not safe to delete the bzero.
initialization of sa_flags added so that we can lose the bzero.
IIRC, this code is not used anymore since the addition of
ncurses. Commit the change anyway so, just to be safe.
$FreeBSD$ tag added
initialization of sa_flags added so that the 'struct sigaction'
can be declared local in both functions that use the global
(static) declaration. Remove the global declaration.
the link are equal to the default aliasing address. Do not zero them!
This will fix the problem with non-working links added with the source
and/or aliasing address equal to the default aliasing address, but the
default aliasing address is set later, after the link has been set up,
like both natd(8) and ppp(8) do (for objective reasons).
Reviewed by: Brian Somers <brian@FreeBSD.org>,
Eivind Eklund <eivind@FreeBSD.org>,
Charles Mott <cmott@srv.net>
Revert the major number back to 2.
libcrypt only export one function, before the recent changes and now:
char *crypt(const char *key, const char *salt);
The prototype didn't changed. Internal representation of `char' and `char *'
didn't changed. Therefore, there is no reason to change the version number.
`dst_port') work for outgoing packets.
- Make permanent links whose `alias_addr' matches the primary aliasing
address `aliasAddress' work for incoming packets.
- Typo fixes.
Reviewed by: brian, eivind
else, it is equivalent to strdup(). So, we will check if the substitution
tables are trivial at the load time, and possibly save 2 calls to
__collate_substitute() in strcoll().
Still, __collate_substitute() should not exist.
Other minor optimizations. I got ~30% speedup in strcoll() for 50 char strings,
~40% speedup for 100 char strings, and unmeasurable speedup for 1M strings.
Collates are still terribly slow. To make them reasonable fast,
__collate_substitute() should be killed.
representation of the full month name. In the Russian locale, this alternative
will be "nominative case", useful when the date designate month as a whole.
E.g. month heading in a calendar. I hope it can be useful for some other
locales too.
Discussed with: wollman, ache
In the words of originator:
:If an incoming connection is initiated through natd and deny_incoming is
:not set, then a new alias_link structure is created to handle the link.
:If there is nothing listening for the incoming connection, then the kernel
:responds with a RST for the connection. However, this is not processed
:correctly in libalias/alias.c:TcpMonitor{In,Out} and
:libalias/alias_db.c:SetState{In,Out} as it thinks a connection
:has been established and therefore applies a timeout of 86400 seconds
:to the link.
:
:If many of these half-connections are initiated (during, for example, a
:port scan of the host), then many thousands of unnecessary links are
:created and the resident size of natd balloons to 20MB or more.
PR: 13639
Reviewed by: brian
Style and punctuation errors fixes.
ERRORS section included to RETURN VALUES because it's
describing return values instead of errors and their handling.
Reviewed by: mpp
Build libncurses early again (it had drifted into set of libraries that
have no ordering requirements, but it must be built before libedit here
and before some gnu libraries in ../Makefile.inc1).
patch to stop the core dumps while others come up with a better
reviewed patch which may also fix other problems. We do illegal
pointer arithmetic, but it should be OK since FreeBSD only supports
machines with flat address spaces.
Submitted by: bde
make -jN fail. This fixes the present problem only, not the larger one
of when those internal tools are built and the cross-compiling etc.
Submitted by: luoqi
This isn't quite finished yet, there are still some unresolved problems
with ospeed and the sgtty.h (non-posix) terminal interface. Mostly
this only causes problems with src/games.
The other tools and libraries (libform,libpanel,libmenu) will come
shortly but are seperate.
Beware, there be dragons here! (The build will be broken for a short
while)
- Slightly rearrange VGLCheckSwitch() to ensure the display content
will be correctly restored when switching back to the vty where
the vgl program is running.
- VGLEnd() should clear the screen only when the vty is in the
foreground.
Discussed with: sos
for over 5 years since we switched to using procfs for kvm_uread().
This cleanup was motivated by recent breakage of the default swap file
(/dev/drum) when swapon() has not been called.
keyboard.c
- Call tcsetattr() in VGLKeyboardEnd() to restore tty, only when
tty attributes have been previously saved.
PR: misc/9524
Submitted by: Katusyuki 'kei' Maeda (kei@nanet.co.jp)
- Set up the tty raw mode correctly.
main.c
- Restore VESA_800x600 raster text mode correctly in VGLEnd().
Submitted by: des
text.c
- Allocate the correct size of a font buffer in VGLSetFontFile().
I forgot the submitter ;-(
simple.c, bitmap.c
- Fix address calculation for the VGA mode X in VGLGetXY() and
VGLBitmapCopy().
- Fix typo (dsty -> dstx) in __VGLBitmapCopy().
Reviewed by: sos
should be used from now on for anything security but not auth-related.
Included are updates for all relevant manpages and also to /etc files,
creating a new /var/log/security. Nothing in the system logs to
/var/log/security yet as of the time of this commit.
Reviewed by: rgrimes, imp, chris
might have been mmapped, and if so, passing the pointer to free() is
really not a good idea.
[ In the next millenium, when I've taken over the world, I'm going
to ban 8 character tabs. You've been warned. ]
would expect. (Allow user data to be associated with an EditLine context).
As this changes no existing interfaces and doesn't alter any structs
visable to the user I've been told that its not necessary to bump
the version of the library.
- Sort xrefs
- FreeBSD.ORG -> FreeBSD.org
- Be consistent with section names as outlines in mdoc(7)
- Other misc mdoc cleanup.
PR: doc/13144
Submitted by: Alexy M. Zelkin <phantom@cris.net>
When fts_open is used with option FTS_NOCHDIR the full
path entry of type FTS_DP is returned with a trailing
'/' if the final directory is empty.
This fix coresponds to netbsd's __fts13.c v. 1.16
1) Safty change from casper dik was added to OpenBSD's sources since I
grabbed them. milltert@openbsd.org
2) Split up strlcpy to improve efficiency of the common case.
milltert@openbsd.org
3) Cleanup of cross references for man page. {alex,aaron}@openbsd.org
Pointed out by: deraadt@openbsd.org
Removed POSIX.1/NetBSD markup (braces) for NAME_MAX, etc. We don't
define this. Most FreeBSD man pages hard-code the limits; in fact,
utimes.2 recently became the only file in libc/sys/*.2 that mentions
NAME_MAX. There probably should be mandoc macros for this.
Text is a compromise based on messages from Wes Peters, Ville-Pertti
Keinonen, and Matt Dillon.
PR: docs/10512
Submitted by: Howard Goldstein <hgoldst@mpcs.com>
Note: you need to install the current groff tmac macros for these
man pages to format correctly. Specifically, rev 1.21 of
contrib_groff/tmac/doc-syms in -current, or rev 1.17.24 for 3.2-stable
misinterpreted to mean that the pointer passed to asprintf() must be suitable
for passing to realloc() as-is (ie. either a NULL pointer or a valid pointer).
(devname() returned "??" when the lookup failed, but callers expected it
to return NULL). This was fixed in Lite2, but until recently the changes
were only merged into devname.3. A day or two after devname.c was fixed,
devname.3 was made inconsistent again by backing out most of the Lite2
changes.
track.
The $Id$ line is normally at the bottom of the main comment block in the
man page, separated from the rest of the manpage by an empty comment,
like so;
.\" $Id$
.\"
If the immediately preceding comment is a @(#) format ID marker than the
the $Id$ will line up underneath it with no intervening blank lines.
Otherwise, an additional blank line is inserted.
Approved by: bde
track.
The $Id$ line is normally at the bottom of the main comment block in the
man page, separated from the rest of the manpage by an empty comment,
like so;
.\" $Id$
.\"
If the immediately preceding comment is a @(#) format ID marker than the
the $Id$ will line up underneath it with no intervening blank lines.
Otherwise, an additional blank line is inserted.
Approved by: bde
Always use mmap() for default-size stack allocation. Use MAP_ANON instead
of MAP_STACK on the alpha architecture.
Reduce the amount of code executed while owning _gc_mutex during stack
allocation.
Cache discarded default thread stacks for use in subsequent thread creations.
Create a red zone at the end of each stack (including the initial thread
stack), with the hope of causing a segfault if a stack overflows.
To activate these modifications, add -D_PTHREAD_GSTACK to CFLAGS in
src/lib/libc_r/Makefile. Since the modifications depend on the VM_STACK
kernel option, I'm not sure how to safely use growable stacks by default.
Testing, as well as algorithmic and stylistic comments are welcome.
secure permissions in case the user attempts to save something to
a file of his own.
Move umask stuff out of pw_init() into main() for better visibility
of overall umask tweaking logic.
PR: misc/11797
o The polling mechanism for I/O readiness was changed from
select() to poll(). In additon, a wrapped version of poll()
is now provided.
o The wrapped select routine now converts each fd_set to a
poll array so that the thread scheduler doesn't have to
perform a bitwise search for selected fds each time file
descriptors are polled for I/O readiness.
o The thread scheduler was modified to use a new queue (_workq)
for threads that need work. Threads waiting for I/O readiness
and spinblocks are added to the work queue in addition to the
waiting queue. This reduces the time spent forming/searching
the array of file descriptors being polled.
o The waiting queue (_waitingq) is now maintained in order of
thread wakeup time. This allows the thread scheduler to
find the nearest wakeup time by looking at the first thread
in the queue instead of searching the entire queue.
o Removed file descriptor locking for select/poll routines. An
application should not rely on the threads library for providing
this locking; if necessary, the application should use mutexes
to protect selecting/polling of file descriptors.
o Retrieve and use the kernel clock rate/resolution at startup
instead of hardcoding the clock resolution to 10 msec (tested
with kernel running at 1000 HZ).
o All queues have been changed to use queue.h macros. These
include the queues of all threads, dead threads, and threads
waiting for file descriptor locks.
o Added reinitialization of the GC mutex and condition variable
after a fork. Also prevented reallocation of the ready queue
after a fork.
o Prevented the wrapped close routine from closing the thread
kernel pipes.
o Initialized file descriptor table for stdio entries at thread
init.
o Provided additional flags to indicate to what queues threads
belong.
o Moved TAILQ initialization for statically allocated mutex and
condition variables to after the spinlock.
o Added dispatching of signals to pthread_kill. Removing the
dispatching of signals from thread activation broke sigsuspend
when pthread_kill was used to send a signal to a thread.
o Temporarily set the state of a thread to PS_SUSPENDED when it
is first created and placed in the list of threads so that it
will not be accidentally scheduled before becoming a member
of one of the scheduling queues.
o Change the signal handler to queue signals to the thread kernel
pipe if the scheduling queues are protected. When scheduling
queues are unprotected, signals are then dequeued and handled.
o Ensured that all installed signal handlers block the scheduling
signal and that the scheduling signal handler blocks all
other signals. This ensures that the signal handler is only
interruptible for and by non-scheduling signals. An atomic
lock is used to decide which instance of the signal handler
will handle pending signals.
o Removed _lock_thread_list and _unlock_thread_list as they are
no longer used to protect the thread list.
o Added missing RCS IDs to modified files.
o Added checks for appropriate queue membership and activity when
adding, removing, and searching the scheduling queues. These
checks add very little overhead and are enabled when compiled
with _PTHREADS_INVARIANTS defined. Suggested and implemented
by Tor Egge with some modification by me.
o Close a race condition in uthread_close. (Tor Egge)
o Protect the scheduling queues while modifying them in
pthread_cond_signal and _thread_fd_unlock. (Tor Egge)
o Ensure that when a thread gets a mutex, the mutex is on that
threads list of owned mutexes. (Tor Egge)
o Set the kernel-in-scheduler flag in _thread_kern_sched_state
and _thread_kern_sched_state_unlock to prevent a scheduling
signal from calling the scheduler again. (Tor Egge)
o Don't use TAILQ_FOREACH macro while searching the waiting
queue for threads in a sigwait state, because a change of
state destroys the TAILQ link. It is actually safe to do
so, though, because once a sigwaiting thread is found, the
loop ends and the function returns. (Tor Egge)
o When dispatching signals to threads, make the thread inherit
the signal deferral flag of the currently running thread.
(Tor Egge)
Submitted by: Daniel Eischen <eischen@vigrid.com> and
Tor Egge <Tor.Egge@fast.no>
camcontrol(8) and the documentation in camlib.c and cam(3) all expect
-1 on failure and 0 on success. Updated camlib.c to return the values
specified by the documentation.
PR: 12023
pointers. The calls are in different sections from the functions
being called, and they can potentially be far away. On a very large
program, the 21-bit displacement field of the BSR instruction
overflowed at link time.
simple enough to be trusted.
Add account management functionality to the pam_unix module.
These changes should make it possible to use PAM in some ports.
Submitted by: Max Khon <fjoe@iclub.nsu.ru>
Submitted by: Yung-Jen Hung <winard@u3717a.dorm.ccu.edu.tw>
Reviewed by: bearscorp.bbs@bbs.life.nthu.edu.tw
_BIG5_sgetrune() in libc doesn't work well, this commit will fix it.
"passwordtime" is what passwd(1) has actually been using. I suspect
passwordperiod was the original intent. I can't figure-out which,
if either, BSDi uses. If anyone knows...
This is a seriously beefed up chroot kind of thing. The process
is jailed along the same lines as a chroot does it, but with
additional tough restrictions imposed on what the superuser can do.
For all I know, it is safe to hand over the root bit inside a
prison to the customer living in that prison, this is what
it was developed for in fact: "real virtual servers".
Each prison has an ip number associated with it, which all IP
communications will be coerced to use and each prison has its own
hostname.
Needless to say, you need more RAM this way, but the advantage is
that each customer can run their own particular version of apache
and not stomp on the toes of their neighbors.
It generally does what one would expect, but setting up a jail
still takes a little knowledge.
A few notes:
I have no scripts for setting up a jail, don't ask me for them.
The IP number should be an alias on one of the interfaces.
mount a /proc in each jail, it will make ps more useable.
/proc/<pid>/status tells the hostname of the prison for
jailed processes.
Quotas are only sensible if you have a mountpoint per prison.
There are no privisions for stopping resource-hogging.
Some "#ifdef INET" and similar may be missing (send patches!)
If somebody wants to take it from here and develop it into
more of a "virtual machine" they should be most welcome!
Tools, comments, patches & documentation most welcome.
Have fun...
Sponsored by: http://www.rndassociates.com/
Run for almost a year by: http://www.servetheweb.com/
o use braces to avoid potentially ambiguous else
o don't default to type int (and also remove a useless register
modifier).
o Use parens around assignment values used as truth values.
o Remove unused function.
Reviewed by: obrien and chuckr
70-00 are intepreted in the 20th century; 01-69 in the
21st century. (Yes, 2000 is the last year of the 20th
century, not the first year of the 21st.)
Submitted by: Sergey Babkin <babkin@bellatlantic.net>
before.
Added SYS.h for mipseb and mipsel.
I now get part way through building libc in the cross environment that
I have (along with pending mipse[bl] changes to the intree egcs) with
these changes.
function. It was an ill-considered feature. It didn't solve the
problem I wanted it to solve. And it added Yet Another Version
Number that would have to be maintained at every release point.
I'm nuking it now before anybody grows too fond of it.
Unlike other filesystem objects, symbolic links do not have an owner,
group, access mode, times, etc. Instead, these attributes are taken from
the directory that contains the link. The only attributes returned from
an lstat() that refer to the symbolic link itself are the file type
(S_IFLNK), size, blocks, and link count (always 1).
This is bogus, and disagrees with the implementation and symlink(7).
Removed it.
PR: docs/10269
Submitted by: Tolik <tolik@sibptus.tomsk.ru>
Include <machine/ansi.h> so that this file is self-sufficient again.
Rev.1.6 doesn't do this as claimed unless <nlist.h> has nonstandard
pollution.
Cleaned up includes.
changes have made this too expensive. This gains about 1.25% on
worldstone on my SMP machine.
Swap-less machines, for instance PicoBSDs, and machines which experience
page-out trafic, check with top(1), will probably want to reenable this
with:
ln -s H /etc/malloc.conf
Suggested by: alc (&dyson ?)
that counted the number of elements in argv. The counter is incremented
in the next-iteration section of the loop, not the body, so at termination
it's already "counted" the element that failed the continuation test - in
this case the NULL argv terminator.
Noted by: bde
call them. All the execX() libc functions should be vfork() safe now.
Specifically:
- execlp() does the argument count-and-build into a vector from alloca
(like the others) - buildargv() is no longer used (and gone).
- execvp() uses alloca/strcpy rather than strdup().
- the ENOEXEC handler uses alloca rather than malloc.
- a couple of free() calls removed - alloca works on the local stack and
the allocations are freed on function exit (which is why buildargv
wasn't useful - it's alloca() context would disappear on return).
Along the way:
- If alloca() fails (can it?), set errno = ENOMEM explicitly.
- The ENOEXEC recovery routine that trys again with /bin/sh appeared to
not be terminating the new argv[] array for /bin/sh, allowing it to
walk off the end of the list.
I dithered a bit about using alloca() even more as it's most commonly
associated with gcc. However, standalone portable (using malloc) and
machine-specific assembler alloca implementations appear to be available
on just about all the architectures we're likely to want to port to.
alloca will be the least of our problems if ever going to another compiler.
kern.chroot_allow_open_directories = 0
chroot(2) fails if there are open directories.
kern.chroot_allow_open_directories = 1 (default)
chroot(2) fails if there are open directories and the process
is subject of a previous chroot(2).
kern.chroot_allow_open_directories = anything else
filedescriptors are not checked. (old behaviour).
I'm very interested in reports about software which breaks when
running with the default setting.
o Runnable threads are now maintained in priority queues. The
implementation requires two things:
1.) The priority queues must be protected during insertion
and removal of threads. Since the kernel scheduler
must modify the priority queues, a spinlock for
protection cannot be used. The functions
_thread_kern_sched_defer() and _thread_kern_sched_undefer()
were added to {un}defer kernel scheduler activation.
2.) A thread (active) priority change can be performed only
when the thread is removed from the priority queue. The
implementation uses a threads active priority when
inserting it into the queue.
A by-product is that thread switches are much faster. A
separate queue is used for waiting and/or blocked threads,
and it is searched at most 2 times in the kernel scheduler
when there are active threads. It should be possible to
reduce this to once by combining polling of threads waiting
on I/O with the loop that looks for timed out threads and
the minimum timeout value.
o Functions to defer kernel scheduler activation were added. These
are _thread_kern_sched_defer() and _thread_kern_sched_undefer()
and may be called recursively. These routines do not block the
scheduling signal, but latch its occurrence. The signal handler
will not call the kernel scheduler when the running thread has
deferred scheduling, but it will be called when running thread
undefers scheduling.
o Added support for _POSIX_THREAD_PRIORITY_SCHEDULING. All the
POSIX routines required by this should now be implemented.
One note, SCHED_OTHER, SCHED_FIFO, and SCHED_RR are required
to be defined by including pthread.h. These defines are currently
in sched.h. I modified pthread.h to include sched.h but don't
know if this is the proper thing to do.
o Added support for priority protection and inheritence mutexes.
This allows definition of _POSIX_THREAD_PRIO_PROTECT and
_POSIX_THREAD_PRIO_INHERIT.
o Added additional error checks required by POSIX for mutexes and
condition variables.
o Provided a wrapper for sigpending which is marked as a hidden
syscall.
o Added a non-portable function as a debugging aid to allow an
application to monitor thread context switches. An application
can install a routine that gets called everytime a thread
(explicitly created by the application) gets context switched.
The routine gets passed the pthread IDs of the threads that are
being switched in and out.
Submitted by: Dan Eischen <eischen@vigrid.com>
Changes by me:
o Added a PS_SPINBLOCK state to deal with the priority inversion
problem most often (I think) seen by threads calling malloc/free/realloc.
o Dispatch signals to the running thread directly rather than at a
context switch to avoid the situation where the switch never occurs.
ifdefs are too ugly for this to be much of a simplification. The
existence tests are even uglier now. Note that the previous commit
was not submitted by me. It missed the point and just added a second
layer of unused removals.
Fixed hard-coded "libcrypt"s. The LCRYPTBASE macro mainly makes
things hard to read, but use it while we have it.
which ones cause us to fail. Now all open errors on the databse file
will cause the next file in the list to be tried.
Submitted by: Arne Henrik Juul <arnej@math.ntnu.no>
PR: 4585
levels (-O3 and above) won't remove essential code. Many thanks
to Dmitrij Tejblum <dima@tejblum.dnttm.rssi.ru> for pointing out
that it was the optimizer's removal of this code that caused make
world with -O3 to break. With this change, make buildworld now
completes.
shared library when invoking global constructors and destructors.
For constructors, the object files used to be processed from first
to last; now they're done from last to first. (Destructors are done
in the opposite order, as required by the C++ standard.) This makes
us consistent with standard gcc and egcs compilers. It also
eliminates ordering differences between dynamic and static
executables.
Bump the value of __FreeBSD_version to 400002 to reflect this
change.
C function so the compiler won't try to emit line numbers for it
with "-g", breaking the build. This has the nice side-effect of
making crtbegin.o and crtbeginS.o a little bit smaller.
Remove "-Wno-unused" from the Makefile. Replace it with "__unused"
on particular function and variable declarations.
compiling, since <stdio.h> correctly doesn't declare off_t although
the pseudo-prototypes for the new fseeko() and ftello() functions
use it. Handle this like the corresponding problem for va_list
versus the vprintf() family.
Fixed some English errors.
request for it something like it. It was poorly worded and too
far from both POSIX wording and normal (mal)practice by referring to
sysconf(_SC_NGROUPS_MAX) instead of {NGROUPS_MAX} or NGROUPS. POSIX.1
uses curly braces to mark up "symbolic constants or limits [that may
be] defined in certain headers". Since we don't document this markup,
don't use it. Just use NGROUPS_MAX.
so that non-sloppy applications can call it without using disgusting
casts to avoid warnings. The 4th arg is sort of varargs -- it must
sometimes represent a filename, sometimes a struct pointer, and is
sometimes unused. The arg type is still caddr_t in the kernel.
Obtained from: mostly from NetBSD
and SHA-1 when OBJFORMAT is not ELF. Add a warning to the man page
about how SHA-1 uses bswapl, which will trap on 80386es (and the kernel
should, but doesn't currently, emulate).
build, but broke while doing the aout legacy build). Now using
.p2align instead of .align. Fixes broken buildworld.
Submitted by: John Polstra
Reviewed by: John Polstra
- Transparent proxying support added.
- PPTP redirecting support added based on patches
contributed by Dru Nelson <dnelson@redwoodsoft.com>.
Submitted by: Charles Mott <cmott@srv.net>
the function naming problem for complex double function i've recently
aksed for in -committers. (The recently committed rev 1.5 of proc.c
was actually also part of this update.)
Should the mailing lists come to an agreement that f2c better belongs
into the ports, this could be done nevertheless. For the time being,
we've at least got a current version now.
Thanks, Steve!
Submitted by: Steve Kargl <sgk@troutmask.apl.washington.edu>
Don't insist that RAD_USER_PASSWORD is supplied before
calling rad_send_request(). Instead, insist on only one
of RAD_USER_PASSWORD and RAD_CHAP_PASSWORD.
Sponsored by: Internet Business Solutions Ltd., Switzerland
This changes the definitions of a few items so that structures are the
same whether or not the option itself is enabled. This allows
people to enable and disable the option without recompilng the world.
As the author says:
|I ran into a problem pulling out the VM_STACK option. I was aware of this
|when I first did the work, but then forgot about it. The VM_STACK stuff
|has some code changes in the i386 branch. There need to be corresponding
|changes in the alpha branch before it can come out completely.
what is done:
|
|1) Pull the VM_STACK option out of the header files it appears in. This
|really shouldn't affect anything that executes with or without the rest
|of the VM_STACK patches. The vm_map_entry will then always have one
|extra element (avail_ssize). It just won't be used if the VM_STACK
|option is not turned on.
|
|I've also pulled the option out of vm_map.c. This shouldn't harm anything,
|since the routines that are enabled as a result are not called unless
|the VM_STACK option is enabled elsewhere.
|
|2) Add what appears to be appropriate code the the alpha branch, still
|protected behind the VM_STACK switch. I don't have an alpha machine,
|so we would need to get some testers with alpha machines to try it out.
|
|Once there is some testing, we can consider making the change permanent
|for both i386 and alpha.
|
[..]
|
|Once the alpha code is adequately tested, we can pull VM_STACK out
|everywhere.
|
Submitted by: "Richard Seaman, Jr." <dick@tar.com>
This takes the conditionals out of the code that has been tested by
various people for a while.
ps and friends (libkvm) will need a recompile as some proc structure
changes are made.
Submitted by: "Richard Seaman, Jr." <dick@tar.com>
This man page may be overdoing the cross references by referencing
man pages that are just links to other pages that are referenced.
kvm_uread() is still completely undocumented in kvm*.3.
consider a linker set definition to be sufficient reason to pull an
object module from an archive library. This caused undefined
symbols when linking with libpam.a using a.out. I solved it by
linking in the object that references the linker set in the "ld -r"
step.
Secure Hashing Algorithm - 1 (SHA-1), along with the further
refinement of what $x$salt$hash means. With this new crypt the
following are all acceptable:
$1$
$MD5$
$SHA1$
Note: $2$ is used by OpenBSD's Blowfish, which I considered adding
as $BF$, but there is no actual need for it with SHA-1. However,
somebody wishing to add OpenBSD password support could easilly add
it in now.
There is also a malloc_crypt() available in the library now, which
behaves exactly the same as crypt(), but it uses a malloced buffer
instead of a static buffer. However, this is not standard so will
likely not be used much (at all).
Also, for those interested I did a brief speed test Pentium 166/MMX,
which shows the DES crypt to do approximately 2640 crypts a CPU second,
MD5 to do about 62 crypts a CPU second and SHA1 to do about 18 crypts
a CPU second.
Reviewed by: Mark Murray
of getopt (as in, multiple input lines :). This is documented in the
man page and is used in the code, but unistd.h and stand.h do not
declare it. Incidentally, it prevents me fixing a bug in loader's
code... :-)
PR: misc/9373
Submitted by: "Daniel C. Sobral" <dcs@newsguy.com>
than ".so". The old extension conflicted with well-established
naming conventions for dynamically loadable modules.
The "clean" targets continue to remove ".so" files too, to deal with
old systems.
- document that sysctl() and sysctlbyname() return 0 on success
- if the provided buffer is too small, set errno to ENOMEM and return -1
instead of returning ENOMEM.
is actually mounted on "/" can be determined using statfs() and is
in /dev. This fixes fsck operating on the wrong device when the
fs_spec entry is only an alias. The aliased case became more
dangerous when the ROOTSLICE_HUNT hack was committed in mount(8).
ROOTSLICE_HUNT may be unnecessary now.
Set_Boot_Blocks() anyway and should thus have never been a part of
libdisk, it should have been provided by the client of libdisk since
passing the information in is already part of the API.
Rename 'cerror' to '.cerror' so that programs which have a function or
global variable named 'cerror' don't completely break the syscall error
reporting mechanism.
#include <ieeefp.h>
to access these functions instead of the i386 specific
#include <machine/floatingpoint.h>
Submitted by: Hidetoshi Shimokawa <simokawa@sat.t.u-tokyo.ac.jp>
Submitted by: "Richard Seaman, Jr." <lists@tar.com>
Obtained from: linux :-)
Code to allow Linux Threads to run under FreeBSD.
By default not enabled
This code is dependent on the conditional
COMPAT_LINUX_THREADS (suggested by Garret)
This is not yet a 'real' option but will be within some number of hours.
<kvm.h> is self-sufficient again.
Moved typedefs and forward struct declarations out of __BEGIN_DECLS/
__END_DECLS.
Don't comment out the prototype for kvm_uread(). This was a 4 year
old kludge for previous breakage of self-sufficiency. The prototypwe
was broken instead.
Fixed bitrot (const poisoning) in the type of kvm_uread().
Fixed order of the declaration of kvm_uread().
fixes a type mismatch in the call to kvm_uread(). The bug has gone
undetected for almost 3 years because kvm_uproc()'s protoype has been
disabled for almost 4 years.
Trust sysctlbyname() to work properly if it succeeds.
Fixed style bugs in revs. 1.19 and 1.22.
an unimprovement here. I thought it would be an improvement, as in libkvm,
but here we can access the strings directly.
Use sysctlbyname() instead of sysctl() and trust it to give a nonzero
address if it succeeds.
Brucify the Makefile.
Differentiate atime and mtime in fetch*Stat().
Fix a few pointer bugs.
Tweak some error messages.
Don't #include sys/param.h and stdio.h in fetch.h.
Document that sys/param.h and stdio.h must be #included before fetch.h.
Add bounds checking to netbios NS packet resolving code. This should
prevent natd from crashing on badly formed netbios packets (as might be
heard when the machine is sitting on a cable modem or certain DSL
networks), and also closes potential security holes that might have
exploited the lack of bounds checking in the previous version of the
code.
the PAM modules.
Fix the comments describing the PAM dependencies to be consistent
with other related comments.
Restructure the library-building loop slightly, per suggestion from
bde.
modules for FreeBSD's standard authentication methods. Although
the Linux-PAM modules are present in the contrib tree, we don't
use any of them.
The main library "libpam" is composed of sources taken from three
places. First are the standard Linux-PAM libpam sources from the
contrib tree. Second are the Linux-PAM "libpam_misc" sources, also
from the contrib tree. In Linux these form a separate library.
But as Mike Smith pointed out to me, that seems pointless, so I
have combined them into the libpam library. Third are some additional
sources from the "src/lib/libpam" tree with some common functions
that make it easier to write modules. Those I wrote myself.
This work has been donated to FreeBSD by Juniper Networks, Inc.
This commit introduces the following features:
a) the fetchStat*() functions, which return meta-information for a
document, such as size, modification time, etc.
b) the use of the com_err(3) facilities to report errors.
It also fixes a bunch of style bugs and a few logic bugs and somewhat
improves the man page.
Changed files, in alphabetical order:
Makefile:
Don't generate macros in {ftp,http}err.c.
Generate category fields for the error message lists.
Compile the error table.
Install fetch_err.h along with fetch.h.
common.c:
Remove the _netdb_errstring() macro, and add FETCH_ERR_NETDB to the
error code in the _netdb_seterr() macro.
Add categories to the _netdb_errlist table.
Report errors through the Common Error library.
common.h:
Add the DEBUG macros.
Add prototype for fetchConnect().
Remove the prototype for _fetch_errstring(), which is local to common.c
Add a categroy field to struct fetcherr, and define constants for
error categories.
Define macros for _{url,netdb,ftp,http}_seterr().
errors.et: (new file)
List error categories.
fetch.3:
Document the fetchStat*() functions.
Move the "unimplemented functionality" comments from NOTES to BUGS.
Document that applications which use libfetch must also use
libcom_err, and list existing error codes.
Undocument fetchLastErr{Code,String}.
Remove the (empty) DIAGNOSTICS section.
Mention Eugene Skepner in the AUTHORS section.
fetch.c:
Move the DEBUG macros to common.c
Add fetchStat() and fetchStatURL().
Generate error messages for URL parser errors, and fix a minor bug
in the parser.
Use 'struct url' instead of 'url_t'.
Remove fetchLastErr{Code,String}.
fetch.h:
Use 'struct url' instead of 'url_t', and remove the typedef.
Define struct url_stat (used by fetchStat()).
Add prototypes for fetchStat*().
Remove the declarations for fetchLastErr{Code,String}.
Include fetch_err.h.
fetch_err.et: (new file)
Error table for libfetch.
file.c:
Add fetchStatFile().
Use 'struct url' instead of 'url_t'.
ftp.c:
Add fetchStatFTP().
Use 'struct url' instead of 'url_t'.
Don't use fetchLastErrCode.
ftp.errors:
Add categories to all error messages.
http.c:
Add fetchStatHTTP().
Use 'struct url' instead of 'url_t'.
Don't use fetchLastErr{Code,Text}.
http.errors:
Add categories to all error messages.
Prompted by: jkh and Eugene Skepner
Numerous sugestions from: Garett Wollman and Eugene Skepner
alphabetical order:
Makefile:
Add common.c to SRCS.
Make debugging easier by making 'CFLAGS += -DNDEBUG' conditional on DEBUG
Don't declare struct {ftp,http}err in {ftp,http}err.c; use struct fetcherr
instead.
README:
Remove the todo list, which is out of date anyway.
common.c: (new file)
Gather utility functions in this file.
Merge the error reporting functions intp _fetch_errstring(),
_fetch_seterr() and _fetch_syserr().
Set fetchLastErrCode and fetchLastErrText appropriately when fetchConnect
fails.
common.h: (new file)
Gather internal prototypes and structures in this files.
fetch.3:
Undocument fetchFreeURL().
Document a few more known bugs.
Document fetchLastErrCode and fetchLastErrText.
fetch.c:
Add descriptive comments to all functions that lacked them.
Move fetchConnect() to common.c.
Obviate the need for fetchFreeURL(), and remove it.
fetch.h:
Modify struct url_t so the document part is at the end.
ftp.c:
Remove code that is duplicated elsewhere.
http.c:
Remove code that is duplicated elsewhere.
Prompted by: jkh
in libstand, only for i386 until I locate an alpha setjmp/longjmp.
Minimal 64-bit gcc integer support for i386. This is kinda nasty, and
should be revisited once we decide whether the bootblocks need
quad arithmetic.
they cannot mount a filesystem that they cannot see in getvfsbyname().
Part 1 of this is a hack, make vfsisloadable() always return true - the
ultimate decider of whether it's loadable or not is kldload() or mount().
Part 2 of this is to have vfsload() call kldload(2) and return success if
it works. This means that we will use a viable kld module in preference
to an LKM!
Ultimately, the thing to do is remove the hacks to do a vfsload in all the
mount_* commands and let the kernel do it by itself in mount(2).
etc. associated with the device entry.
Consider EOF an 'error' for fgetstr if we haven't read anything yet.
You *MUST* recompile and reinstall libstand before rebuilding the bootstrap.
most of the open/close routines, and the buffer/cdb parsing routines
derived from the old scsi(3) library.
The cam_cdbparse(3) man page borrows from the old scsi(3) man page, so the
copyright and history section reflect that.
The many scsi_* functions and other functions that are pulled in from the
kernel aren't documented yet, but will be eventually.
execvp() in the child branch of a vfork(). Changed to use fork()
instead.
Some of these (mv, find, apply, xargs) might benefit greatly from
being rewritten to use vfork() properly.
PR: Loosely related to bin/8252
Approved by: jkh and bde
have the passthrough device configured in their kernel.
This will hopefully reduce the number of people complaining that they can't
get {camcontrol, xmcd, tosha, cdrecord, etc.} to work.
Reviewed by: gibbs
loaded systems by retrying the sysctl() with a larger buffer if it
fails with ENOMEM. For good measure, allocate 10% more memory than
sysctl() claims is necessary.
PR: 8275
Reviewed by: David Greenman <dg@freebsd.org>
This bug showed up when you had more than 3 devices displayed. (thus
requiring a second line of display)
Here's a quote From the PR:
When wrefresh() is called with a subwindow as argument, __set_subwin
might be called with reversed arguments if wrefresh() decides to calls
quickch(). This may cause use of negative array indexes, with a
resulting segfault.
Since quickch() manipulates the line structures belonging to curscr,
it looks like all subwindows of curscr should be updated.
PR: bin/8086
Submitted by: Tor Egge <Tor.Egge@fast.no>
- the directory was wrong if ${SHLIBDIR} != ${LIBDIR}. It's still wrong
if the installation of the obsolete library was done before /aout was
appended to LIBDIR.
- the version would have become wrong when the default in ../Makefile.inc
is changed from 2.0.
- the comment mostly described moving of libraries to /usr/lib/compat, but
we don't do that.
in the wrong places for a while.
Also, the the libtermlib.so -> libtermcap.so manually for elf, otherwise
the hard link follows the symlink and the result looks rather wierd. The
*.a files are still hard linked under elf as before.
have been linked against it. Try and clean up the leftovers. Also, put
the a.out libs in /usr/lib/compat/aout since that's where the default
a.out ldconfig compat path points to.
vfork() can't be used. We could use alloca() in execl() so that
it can be called between vfork() and execve(), but a "portable"
popen() shouldn't depend on this. Calling execle() instead of
execl() should be fairly safe, since execle() is supposed to be
callable from signal handlers and signal handlers can't call
malloc(). However, execle() is broken.
ever saw one), and move the description of NULL behaviour out to a
'NOTES' section, with an extra note that programs should not rely up
on it.
Kinda-approve-by: bde (by not replying to the mail with the diff)
make pthread_yield() more reliable,
threads always (I hope) preempted at least every 0.1 sec, as intended.
PR: bin/7744
Submitted by: "Richard Seaman, Jr." <dick@tar.com>
shouldn't include other ones (which, unfortunately, is also a hellish
rule since he broke interfaces like sysctl this way by requiring undocumented
header files to be included just in order to be able to use them now - SIGH!).
I'll convert sysinstall to use shortly) and a simple call which uses
this mechanism to implement an /etc/auth.conf file. I'll let Mark Murray
handle the format and checkin of the sample auth.conf file.
Reviewed by: markm
PR: 7923
Submitted by: Archie Cobbs <archie@whistle.com>
The scandir() function returns -1 if it fails.
In many cases when this happens, it does not free
the memory that it allocated, resulting in a memory
leak, or close the directory opened with opendir().
BAD DOG, BAD!
the thread kernel into a garbage collector thread which is started when
the fisrt thread is created (other than the initial thread). This
removes the window of opportunity where a context switch will cause a
thread that has locked the malloc spinlock, to enter the thread kernel,
find there is a dead thread and try to free memory, therefore trying
to lock the malloc spinlock against itself.
The garbage collector thread acts just like any other thread, so
instead of having a spinlock to control accesses to the dead thread
list, it uses a mutex and a condition variable so that it can happily
wait to be signalled when a thread exists.
launching an application into space when someone tries to debug it.
The dead thread list now has it's own link pointer, so use that when
reporting the grateful dead.
- Add support of a thread being listed in the dead thread list as well
as the thread list.
- Add a new thread state to make sigwait work properly. (Submitted by
Daniel M. Eischen <eischen@vigrid.com>)
- Add global variable for the garbage collector mutex and condition
variable.
- Delete a couple of prototypes that are no longer required.
- Add a prototype for the garbage collector thread.
realloc functions check for recursion within the malloc code itself. In
a thread-safe library, the single spinlock ensures that no two threads
go inside the protected code at the same time. The thread implementation
is responsible for ensuring that the spinlock does in fact protect malloc.
There was a window of opportunity in which this was not the case. I'll fix
that with a commit RSN.
disks.
* Fix a whole raft of warnings, printf and otherwise.
* Make zalloc work for alpha (just a case of using the right typedef).
* Add some (disabled) malloc debug printing to stand.h.
compact and much better one donated by Matt Dillon. Implement a simple
sbrk() which uses the existing setheap() api.
Remove the custom allocator from the UFS code. It wasn't working quite
right, and it shouldn't be needed with the new allocator.
Fix a serious problem with changing the value of already-existent
environment variables. Don't attempt to modify the supposedly-const
argument to putenv()
Fix an off-by-one sizing error in the zipfs code detected by the new
allocator.
Submitted by: zmalloc from Matt Dillon <dillon@backplane.com>
string. From the submitted patch:
Credit for patch: Chris Torek <torek@bsdi.com>
Tod Miller <millert@openbsd.org>
This makes us in line with SunOS 4.1.3_U1, Solaris 2.6, OpenBSD 2.3,
HP-UX 10.20, Irix 5.3. The previous behavior was in line with Ultrix 4.4.
PR: bin/7970
Submitted by: Niall Smart nialls@euristix.ie
Our spinlock implementation allows a particular thread to obtain a lock
multiple times, but release the lock with a single unlock call. Since
we're detecting recursion, we know the lock is already owned by the
current thread in a previous call and must not be released in the
current call. This is really far too dependent on this particular
spinlock implementation, so I've added commented out calls to
THREAD_UNLOCK in the appropriate places. We can activate this code when
spinlock is taught to count each lock operation.
generation was causing unaligned access faults on the Alpha.
I have incremented the devstat version number, since this is an interface
change. You'll need to recompile libdevstat, systat, iostat, vmstat and
rpc.rstatd along with your kernel.
Partially Submitted by: Andrew Gallatin <gallatin@cs.duke.edu>
The functions that were being compiled into the library have been moved to
scsi_all.c.
One warning: Any programs using scsi_start_stop() or scsi_read_write()
that included scsi_da.h but not scsi_all.h will need to be
changed to include scsi_all.h. This doesn't affect
camcontrol, and I don't think it affects any ports, but you
never know.
PR: kern/7969
Reviewed by: gibbs
In some cases replace if (a == null) a = malloc(x); else a =
realloc(a, x); with simple reallocf(a, x). Per ANSI-C, this is
guaranteed to be the same thing.
I've been running these on my system here w/o ill effects for some
time. However, the CTM-express is at part 6 of 34 for the CAM
changes, so I've not been able to do a build world with the CAM in the
tree with these changes. Shouldn't impact anything, but...
===================================
HARP | Host ATM Research Platform
===================================
HARP 3
What is this stuff?
-------------------
The Advanced Networking Group (ANG) at the Minnesota Supercomputer Center,
Inc. (MSCI), as part of its work on the MAGIC Gigabit Testbed, developed
the Host ATM Research Platform (HARP) software, which allows IP hosts to
communicate over ATM networks using standard protocols. It is intended to
be a high-quality platform for IP/ATM research.
HARP provides a way for IP hosts to connect to ATM networks. It supports
standard methods of communication using IP over ATM. A host's standard IP
software sends and receives datagrams via a HARP ATM interface. HARP provides
functionality similar to (and typically replaces) vendor-provided ATM device
driver software.
HARP includes full source code, making it possible for researchers to
experiment with different approaches to running IP over ATM. HARP is
self-contained; it requires no other licenses or commercial software packages.
HARP implements support for the IETF Classical IP model for using IP over ATM
networks, including:
o IETF ATMARP address resolution client
o IETF ATMARP address resolution server
o IETF SCSP/ATMARP server
o UNI 3.1 and 3.0 signalling protocols
o Fore Systems's SPANS signalling protocol
What's supported
----------------
The following are supported by HARP 3:
o ATM Host Interfaces
- FORE Systems, Inc. SBA-200 and SBA-200E ATM SBus Adapters
- FORE Systems, Inc. PCA-200E ATM PCI Adapters
- Efficient Networks, Inc. ENI-155p ATM PCI Adapters
o ATM Signalling Protocols
- The ATM Forum UNI 3.1 signalling protocol
- The ATM Forum UNI 3.0 signalling protocol
- The ATM Forum ILMI address registration
- FORE Systems's proprietary SPANS signalling protocol
- Permanent Virtual Channels (PVCs)
o IETF "Classical IP and ARP over ATM" model
- RFC 1483, "Multiprotocol Encapsulation over ATM Adaptation Layer 5"
- RFC 1577, "Classical IP and ARP over ATM"
- RFC 1626, "Default IP MTU for use over ATM AAL5"
- RFC 1755, "ATM Signaling Support for IP over ATM"
- RFC 2225, "Classical IP and ARP over ATM"
- RFC 2334, "Server Cache Synchronization Protocol (SCSP)"
- Internet Draft draft-ietf-ion-scsp-atmarp-00.txt,
"A Distributed ATMARP Service Using SCSP"
o ATM Sockets interface
- The file atm-sockets.txt contains further information
What's not supported
--------------------
The following major features of the above list are not currently supported:
o UNI point-to-multipoint support
o Driver support for Traffic Control/Quality of Service
o SPANS multicast and MPP support
o SPANS signalling using Efficient adapters
This software was developed under the sponsorship of the Defense Advanced
Research Projects Agency (DARPA).
Reviewed (lightly) by: phk
Submitted by: Network Computing Services, Inc.
addresses by default.
Add a knob "icmp_bmcastecho" to "rc.network" to allow this
behaviour to be controlled from "rc.conf".
Document the controlling sysctl variable "net.inet.icmp.bmcastecho"
in sysctl(3).
Reviewed by: dg, jkh
Reminded on -hackers by: Steinar Haug <sthaug@nethelp.no>
Host ATM Research Platform (HARP), Network Computing Services, Inc.
This software was developed with the support of the Defense Advanced
Research Projects Agency (DARPA).
when it returns NULL to indicate failure, it will also free the memory
that was passed to it, if that was non-null.
This does not change the semantics of realloc.
A second commit will be done to commit the conversion of those places in
the code that can safely use this to avoid memory leaks when confronted
with low memory situations.
Beaten-to-death-but-finally-approved-in: -current
to fork. It is difficult to do real vfork in libc_r, since almost every
operation with file descriptsor changes _thread_fd_table and friends.
popen(3) works much better with this change.
- Fix some style errors I made back in 1995.
- Add a new flavor of the err(3) family, which takes an explicit
errno argument rather than implicitly examining errno. This
will make it easier to use these functions in conjunction with
modern library interfaces that return an errno value explicitly.
backing file for an anonymous (memory based) btree, and I don't think
that any setuid programs actually use it, but it is better to be safe
than sorry. This has been in my tree for a long time, maybe a year or
more...
Inspired by: Similar changes in OpenBSD, if memory serves (like nearly
a year ago)
standard places ("/etc/objformat", ${OBJFORMAT}, argv) for an
indication of the user's preferred object file format. This
consolidates some code that was starting to be duplicated in more
and more places.
Use the new function in ldconfig.
Note: I don't think that gcc should use getobjformat(), even though
it could. The compiler should limit itself to functions that are
widespread, to ease porting and cross-compilation.
the executable file, so it will work for both a.out and ELF format
files. I have split the object format specific code into separate
source files. It's cleaner than it was before, but it's still
pretty crufty.
Don't cheat on your make world for this update. A lot of things
have to be rebuilt for it to work, including the compiler and all
of the profiled libraries.
a port so there is nothing to be done on that side now.
Approved by: jkh
===
To: "Jordan K. Hubbard" <jkh@time.cdrom.com>
cc: Andreas Klemm <andreas@klemm.gtn.com>, current@freebsd.org
Subject: Re: Make this a relese coordinator decision (was Re: ports-current/packages-current discontinued)
From: David Greenman <dg@root.com>
Date: Sun, 03 Aug 1997 20:23:31 -0700
>decision is, I'll respect it.
Another chance to architect people's principles...I can hardly wait. Seems
quite appropriate for a Sunday - I just need to get one of those collection
plates (and money envelopes) so I can profit, too. :-)
Tcl stays in /usr/src for now, but it needs to be kept up to date; same
for perl. If Jordan doesn't have "setup" (written in tcl) ready for 3.0,
then tcl will be yanked prior to the 3.0 release (and made into a port).
As for the ports tree only supporting the last FreeBSD release, this seems
sensible to me. The "ports" have always been a moving target between releases
and the problem is only going to get worse when we expand to supporting other
processor architectures. In any case, Satoshi is and always has been in charge
of the ports tree and whatever he wants to do with it (within reason :-)) is
his decision.
Does this cover the issue completely? I admit to deleting messages in this
thread with unusual fervor (people have FAR too much time on their hands!).
There's a fair bit of reasoning behind the above, but since everyone is sick
of arguing about this, I'll spare you the analysis.
-DG
David Greenman
Core-team/Principal Architect, The FreeBSD Project
and res_* modules in a way that works for ELF. I moved the aliases
out of res_stubs.c and into the individual modules where the entry
points are defined. Weak aliases don't work in ELF unless that is
the case. (Actually, I'm surprised it worked for a.out.)
This should fix the undefined "inet_addr" and related symbols in
various applications that fail to include <arpa/inet.h> or
<resolv.h> as they are supposed to do.
- replaced bogus dependencies of distribution sources on generated
sources by the same ones that bsd.lib.mk would generate if it knew
all the sources. We shoot ourself in the foot by not naming the
generated (included) sources *.h, so we can just put the generated
sources in SRCS.
- replaced -I${.CURDIR} by `-I.'. Here `.' is an alias for ${.OBJDIR}.
-I${.CURDIR} didn't do anything, since ${.CURDIR} is the default in
all cases here (it would be necessary for ""-style includes made from
sources in ${.OBJDIR}.
Don't use `+=' for setting CLEANFILES for the first time.
Added $Id$.
- Fix the README to reflect the new status of the ftp code.
- Change tons of 'if (xxx < 0)' to 'if (xxx == -1)'
- Add two new interface functions
- Fix the Makefile so it actually works (yay!)
Now the manpage is lagging even further behind... :( Next on the todo
list is to clean up the http code.
the diff is attached below. This is done on the 3.0 source-tree.
I have test this on 2.2-stable before, but I don't have a 3.0 machine
right now.
This patch is mainly to make libc support BIG5 encoding, thus add
zh_TW.BIG5 locale to 3.0.
Submitted by: Chen Hsiung Chan <frankch@waru.life.nthu.edu.tw>
static to avoid them trying to use shared libraries before we're
ready. During the initial elf buildworld, the shared loader only
exists in the obj tree, so it can't be used.
are started instead of init (pid = 1). This allows an embedded
implementation quite like VxWorks, with (possibly) a single threaded
program running instead of init. The neat thing is that the same threaded
process can run in a multi-user workstation environment too.
revisions to match the confusing spelling in getttyent.c (1 to
break it to match the man page and 1 in each of 2 branches to fix
it). This function seems to be orphaned and unused.
...is expected to conform to IEEE (``POSIX'') Std 1003.1c when it is
published.
to:
...conforms to ISO/IEC 9945-1 ANSI/IEEE (``POSIX'') Std 1003.1 Second
Edition 1996-07-12.
Discussed with: jb
initialized mutex. Statically initialized mutexes are actually
initialized at first use (pthread_mutex_lock/pthread_mutex_trylock).
To prevent concurrent initialization by multiple threads, all
static initializations are now serialized by a spinlock.
Reviewed by: jb
pthread_mutex routines. I've also tweaked pthread_create.3 to point to
pthread_cleanup_push(3) and pthread_cleanup_pop(3).
PR: 7450
Submitted by: Brian Cully <shmit@kublai.com>
suitable for holding object pointers (ptrint_t -> uintptr_t).
Added corresponding signed type (intptr_t). Changed/added
corresponding non-C9x types for function pointers to match. Don't
use nonstandard types to implement these types, and don't comment
on them in <machine/types.h>.
least unsuitable for holding an object pointer. This should have been
used to fix warnings about casts between pointers and ints on alphas.
Moved corresponding existing general typedef (fptrint_t) for function
pointers from the i386 <machine/profile.h> to a kernel-only typedef
in <machine/types.h>. Kludged libc/gmon/mcount.c so that it can
still see this typedef.
more cleanly integrated with stdio. This should be faster and cleaner
since it doesn't memcpy() the data into a seperate buffer. This lets
stdio allocate and manage the buffer and then hand it over to the user.
Obtained from: Todd Miller <Todd.Miller@courtesan.com> via OpenBSD
know what they're doing if they do that. This will allow ps to use
the kvm_proc.c bits without having access to /dev/mem.
Fix kvm_proc.c to not need /dev/mem for access to argv/envp
Obtained from: partial merge of ADO version tzcode96h (was fully merged
in 1.10 but backed out in 1.11; the FreeBSD code for %s
was earlier, prettier but buggier).
signal can arrive before the thread is woken from it's wait4. In this
case, don't return an EINTR, just set the thread state to running and
the wait4 wrapper will loop and get the exit status of the process.
propagates a bug (that there is no poll wrapper in libc_r), but it
prevents GNU configure scripts from trying to use it in preference
to select. libc_r really needs to change it's wait interface to use
poll instead of select because poll is more a superset of select that
the other way around.
This should allow the Roxen web server to work out-of-the-box. It's
configuration intercae is kinda neat. The code isn't. Shiver. 8-)
includes and interfaces have been merged with the 8.1.2 update.
This essentially leaves the isc/* files that named and named-xfer use.
It might be best to just compile them with .PATH in both cases rather than
bothering with libbind.
copy to bring these files into libc from libcompat. I will enable
them and kill off the libcompat versions on the main branch soon.
PR: step one toward closing misc/6763
line number every time a file descriptor is locked.
This looks like a big change but it isn't. It should reduce the size
of libc_r and make it run slightly faster.
time that a thread keeps the file descriptor table locked. In particular,
perform malloc/free calls outside the lock and handle the situation
where two threads can race to initialise the table entry for the same
file descriptor.
with -D_LOCK_DEBUG. This adds the file name and line number to each lock
call and these are stored in the spinlock structure. When using debug
mode, the lock function will check if the thread is trying to lock
something it has already locked. This is not supposed to happen because
the lock will be freed too early.
Without lock debug, libc_r should be smaller and slightly faster.
cleanup destructor, so trap this case to prevent me from being being
burnt again by applications that try to do this. With this change, an
application (like one using a mis-configured ACE) will exit the process
after displaying a message quoting the POSIX section that the application
has violated.
is allocated or not, rather than keeping a count and attempting to
know it it is in-use. POSIX says that once a key is deleted, using the
key again results in undefined behaviour.
available and the kernel MIB setting is zero.
Return the result from getpagesize() if the p1003_1b.pagesize MIB
value is zero.
Suggested by: Joerg Schilling <schilling@fokus.gmd.de>
Here is a some example for avoiding a confusion.
It asssumes a logged host domain is "spec.co.jp". All
example is longer than UT_HOSTNAMELEN value.
1) turbo.tama.spec.co.jp: 192.19.0.2 -> trubo.tama
2) turbo.tama.foo.co.jp : 192.19.0.2 -> 192.19.0.2
3) specgw.spec.co.jp : 202.32.13.1 -> specgw
Submitted by: Atsushi Murai <amurai@spec.co.jp>
point to it rather than libscrypt.
This was how it was done prior to libscrypt being added in. This should
stop more people getting burnt with the /usr/lib -> /usr/lib/aout
transition, and the same when the ELF libs come online.
Move a.out libraries to /usr/lib/aout to make space for ELF libs.
Make rtld usr /usr/lib/aout as default library path.
Make ldconfig reject /usr/lib as an a.out library path.
Fix various Makefiles for LIBDIR!=/usr/lib breakage.
This will after a make world & reboot give a system that no
longer uses /usr/lib/*, infact one could remove all the old
libraries there, they are not used anymore.
We are getting close to an ELF make world, but I'll let this
all settle for a week or two...
written without returning to the caller. This only occurs on pipes
where either the number of bytes written is greater than the pipe
buffer or if there is insufficient space in the pipe buffer because the
reader is reading slower than the writer is writing.
size we receive here should fit into the receive buffer. Unfortunately,
there's no 100% foolproof way to distinguish a ridiculously large record
size that a client actually meant to send us from a ridiculously large
record size that was sent as a spoof attempt.
The one value that we can positively identify as bogus is zero. A
zero-sized record makes absolutely no sense, and sending an endless
supply of zeroes will cause the server to loop forever trying to
fill its receive buffer.
Note that the changes made to readtcp() make it okay to revert this
sanity test since the deadlock case where a client can keep the server
occupied forever in the readtcp() select() loop can't happen anymore.
This solution is not ideal, but is relatively easy to implement. The
ideal solution would be to re-arrange the way dispatching is handled
so that the select() loop in readtcp() can be eliminated, but this is
difficult to implement. I do plan to implement the complete solution
eventually but in the meantime I don't want to leave the RPC library
totally vulnerable.
That you very much Sun, may I have another.
uses readtcp() to gather data from the network; readtcp() uses select(),
with a timeout of 35 seconds. The problem with this is that if you
connect to a TCP server, send two bytes of data, then just pause, the
server will remain blocked in readtcp() for up to 35 seconds, which is
sort of a long time. If you keep doing this every 35 seconds, you can
keep the server occupied indefinitely.
To fix this, I modified readtcp() (and its cousin, readunix() in svc_unix.c)
to monitor all service transport handles instead of just the current socket.
This allows the server to keep handling new connections that arrive while
readtcp() is running. This prevents one client from potentially monopolizing
a server.
Also, while I was here, I fixed a bug in the timeout calculations. Someone
attempted to adjust the timeout so that if select() returned EINTR and the
loop was restarted, the timeout would be reduced so that rather than waiting
for another 35 seconds, you could never wait for more than 35 seconds total.
Unfortunately, the calculation was wrong, and the timeout could expire much
sooner than 35 seconds.
recently in BUGTRAQ. The set_input_fragment() routine in the XDR record
marking code blindly trusts that the first two bytes it sees will in fact
be an actual record header and that the specified size will be sane. In
fact, if you just telnet to a listening port of an RPC service and send a
few carriage returns, set_input_fragment() will obtain a ridiculously large
record size and sit there for a long time trying to read from the network.
A sanity test is required: if the record size is larger than the receive
buffer, punt.
recently in BUGTRAQ. If a stream oriented transport fails to properly decode
an RPC message header structure where there should be one, it should mark
the stream as dead so that the connection will be dropped.
dereferenced. This is because 'SP' is only initialized via 'newterm()'
(which is not required if you are going to interact with the 'terminfo'
database without using 'ncurses').
PR: 6648
Submitted by: Max Euston <meuston@jmrodgers.com>
Use rpcgen's -C option, although using it for non-headers breaks K&R
support. A local copy of yp.h is built to avoid adding
-I/usr/include/rpcsvc to CFLAGS. This version of yp.h differed from
<rpcsvc/yp.h> only in not declaring prototypes.
Fixed style bugs.
but also assumes that they are 32-bits. This is one place where I don't
think it is appropriate to change 'long' to 'int'. I don't see why the
code couldn't be fixed so that using natural long variables does the
right thing. It's spaggetti code so it'll take some effort. Obviously
NetBSD thought so too because they change 'long' to 'int32_t' etc
and left it at that. As a temporary measure FreeBSD/Alpha can use the
NetBSD code and put this on the list of things to fix.
in termios.h, but it's prototype in termcap.h and the main file use
the underlying definition (which is now an int, not a long for
compatibility with NetBSD). Really termcap.h should use speed_t too,
but I guess that this might break sources that don't include termios.h
first.
One bug was relatively harmless (select's timeout had an uninitialized
tv_usec), the other I'm not so sure.. (neglected to catch select returns
less than zero). Both of these were irrelevant on kernels with poll().
chunks of res_comp.c and replacing it with chunks of bind-8.1.1's resolver
code. (There are no interface changes though)
The other parts are better bounds checking related.
default syscall asm, so add it to NOASM. The other syscalls that manipulate
kernel threads use the default asm code, so they just get built
automatically.
file works with libpthread, but when built into libc_r which has a non-weak
symbol of the same name, the linker behaves unpredicatably and sometimes
links the wrong symbol. The linker behaviour is a byproduct of what
the program calls from object to object so it is like winning a lottery
if the program actually works. The odds are quite good - 95:1, I think.
We need a sure thing, though, so weak symbols can't be used instead
of renaming things.
of the one in libc that contains the weak symbol for __error. FreeBSD's
make accumulates paths to the point that it can find *anything*, possibly
including the car keys.
for the process, not a separate set for each thread). By default, the
process now only has signal handlers installed for SIGVTALRM, SIGINFO
and SIGCHLD. The thread kernel signal handler is installed for other
signals on demand. This means that SIG_IGN and SIG_DFL processing is now
left to the kernel, not the thread kernel.
Change the signal dispatch to no longer use a signal thread, and
call the signal handler using the stack of the thread that has the
signal pending.
Change the atomic lock method to use test-and-set asm code with
a yield if blocked. This introduces separate locks for each type
of object instead of blocking signals to prevent a context
switch. It was this blocking of signals that caused the performance
degradation the people have noted.
This is a *big* change!
Note odd `sigmask()' line in synopsis. `sigsetops(3)' is better suited
for `sigprocmask' and is already referenced from the manual page.
(`sigmask()' is useful for the older (& deprecated) `sigsetmask()' API).
PR: 6395
Reviewed by: phk
Submitted by: Joseph Koshy <koshy@india.hp.com>
leading XXX's. It could wrap an uppercase character through chars
like: [ \ ] ^ _ ` in between Z and a. The backslash and back tick
might be particularly nasty in a shell script context. Also, since
we've been using upper-case generated values for a while now, go with
the flow and use them in the pathname search rotation.
it was. Add a FILE_WAIT state and queue threads waiting for a FILE
lock. Start using the sys/queue.h macros instead of the way that MIT
pthreads did it.
Add a thread name to the private thread structure and a non-POSIX
function to set this. This helps (me at least) when sending a SIGINFO
to a threaded process to get a /tmp/uthread.dump to see what the
<expletive deleted> threads are doing this time. It is nice to be
able to recognise (yes, I spell that with an 's' too) which threads
are which.
Change the FILE locking to support kernel threads when linked with
libpthread (which you haven't see yet). This requires that libc become
thread-safe and thread-aware, testing __isthreaded before attempting
to do lock/unlock calls. The impact on non-threaded programs is minor.
This change works with libc_r, so it's the best compromise.
libc to determine if locking is required. This is needed in libc
for use with kernel threads, but until a thread is created, we don't
really want to bother locking things. The variable was added here
because the crt code calls exit(main()) so all programs will get the
variable.
threads from invalid ones. The pthread structure is opaque to the user
so this change does not cause any incompatibilities.
Hopefully this change will help code that was written for draft 4
fail gracefully if the programmer ignores the compiler warning about
the change in the level of indirection for the argument passed to
pthread_detach(). I got burnt, so I fixed then (expletive deleted)
thing.
These functions comply with the revised standard. That should shut
Terry up!
Add a note about not touching errno and warn about previous drafts
of the standard which changed the level of indirection to the thread
argument. POSIX had a bit of trouble deciding what to do. So anyone
coding to both draft 4 and draft 10 (the final draft) will get burnt
by this function. I did. Grrr.
_KPOSIX_PRIORITY_SCHEDULING options to work. Changes:
Change all "posix4" to "p1003_1b". Misnamed files are left
as "posix4" until I'm told if I can simply delete them and add
new ones;
Add _POSIX_PRIORITY_SCHEDULING system calls for FreeBSD and Linux;
Add man pages for _POSIX_PRIORITY_SCHEDULING system calls;
Add options to LINT;
Minor fixes to P1003_1B code during testing.
Commented out docmentation of nonexistent authenticate() and
auth_timesok(). authenticate() seems to be obsolete and
auth_timesok() never existed in FreeBSD.
__msync13. The old one got moved to compat_12. Wrap __msync13 up
to look like FreeBSD's msync and be careful to respect the fact that
MS_SYNC is 0x0000 on FreeBSD, but 0x0004 on NetBSD.
unsigned integral type. Changing it doesn't seem to cause any
sign extension bugs in /usr/src. In the kernel, this is partly
because `struct speedtab' and its lookup function are too bogus
to use speed_t's for speeds - they use ints.
Reminded by: PR 5786
Add a bootstrap mode so that non-rtld versions of these objects can
be built when bootstrapping the system with NetBSD tools, headers
and libraries. Once the FreeBSD tools are built, the FreeBSD headers
are installed and *then* these objects can be recompiled with the
rtld references. Phew.
asm code didn't link the way it was supposed to and the calling convention
for the entry "function" turned out to be very different. On alpha
it's a true function, but on i386 it's a fudge. Blech.
So jdp suggested keeping separate sets of source and avoiding lots
of #ifdefs. These files are based on his i386-elf code, with crt1.c
borrowing code from NetBSD's crt0. The copyright reflects that.
Complicating matters, the code turned out to be difficult to bootstrap
build using NetBSD tools. To compile against the FreeBSD rtld header
requires FreeBSD specific headers, but these can't be installed until
the tools are built, and they can't be built without the FreeBSD crt
objects. Anal retentive. So I introduced a HAVE_RTLD #define that isn't
set during the build process until all the tools are built and the
headers installed.
now that has been committed.
The makefile is derived from the i386-elf version, modified to pick
up most of the source (except crt1.c) from i386-elf. With minor changes
to i386-elf/crt1.c, this directory can be combined with i386-elf to
be a single csu/elf directory for all seasons.
the rtld code pending implementation on the alpha.
The csu/i386-elf should be renamed as csu/elf and this directory
trashed. Consider this a temporary implementation.
List non-default asm sources in MDASM so that they replace the defaults.
For funny or incomplete syscalls, list them in NOASM to stop them
from getting built as defaults.
Include the architecture specific sys makefile like previously, but
what this contains differs. It defines MDASM which list architecture
specific asm code that *replaces* syscalls of the same name defined
in MIASM (which gets defined by the syscall.mk or netbsd_syscall.mk
dependent of NETBSD_SYSCALLS being defined). If a syscall has a
C source implementation or something funny done to it, or just doesn't
need default asm source generated for it, then it is listed in NOASM.
syscall.mk is generated by makesyscalls.sh with other syscall files.
netbsd_syscall.mk is a hand-generated equivalent. So if a new syscall
is added and no other makefiles are edited, it will automatically have
the default asm source generated for it (whether you want it or not).
Anything listed in MDASM gets added to SRCS and gets built. For
each syscall name in MIASM, if it doesn't exist in MDASM or NOASM,
it gets added to the ASM or ASMR lists to have code generated for it.
If the syscall name was listed in HIDDEN_SYSCALLS (intended for use
by libc_r, not libc which has it defined, but empty), then the name
is added to the ASMR list and gets renamed before being built;
otherwise it is added to the ASM list and gets built with the same
name.
I wonder if this is too complicated. But it works on both i386 and alpha.
substitution errors for variables that don't exist.
If a machine architecture dependent makefile exists, include it
to discover if libc or libc_r is being built with NetBSD syscalls
instead of FreeBSD ones.
Put a NO_QUAD thingy around the quad makefile so that 64-bit
architectures can ignore that sh*t.
In the test for MDSRCS being empty, add all MISRCS to SRCS, rather
than just ignoring them.
Define the HIDDEN_SYSCALLS macro as empty because libc doesn't have
renamed syscalls. This avoids an undefined macro error when
libc/sys/Makefile.inc goes to look though it. HIDDEN_SYSCALLS is
used by the equivalent makefile to this one in lib/libc_r to list
those syscalls that it needs to rename so that libc_r can provide
replacement functions.
Change MACHINE references to MACHINE_ARCH.
Declare the names of the syscalls that need to be renamed to allow
for the functions that libc_r provides replacements for. This list
used to be in lib/libc/sys/Makefile.inc, but has been moved here
to keep that makefile tidy and remove the temptation for people to
add things to the list without adding a libc_r replacement function.
prototypes for the spinlock functions that will be used for thread locks.
libc will have stubs declared with weak symbols. libpthread and libc_r
will have functions that really do something.
Changed MACHINE to MACHINE_ARCH with the expectation that pc98 will
use elf the same as i386.
Nuked tahoe and vax 'cause the files they reference aren't in the
tree. If you want vax goto NetBSD. If you want tahoe... tough.
Changes to support building with _POSIX_SOURCE set to 199309L:
1. Add sys/_posix.h to handle those preprocessor defs that POSIX
says have effects when defined before including any header files;
2. Change POSIX4_VISIBLE back to _POSIX4_VISIBLE
3. Add _POSIX4_VISIBLE_HISTORICALLY for pre-existing BSD features now
defined in POSIX. These show up when:
_POSIX_SOURCE and _POSIX_C_SOURCE are not set or
_POSIX_C_SOURCE is set >= 199309L
and vanish when:
_POSIX_SOURCE is set or _POSIX_C_SOURCE is < 199309L.
4. Explain these in man 9 posix4;
5. Include _posix.h and conditionalize on new feature test.
- Completely recoded the ypmatch cache code. The old code could leak
memory: it would allow the cache to grow, but never
shrink. The new code imposes the following limits:
o The cache is capped at a limit of 5 entries.
o Each entry expires after five seconds, at which point
its slot is freed.
o If an insertion is to be done and all five slots
are filled, the oldest entry is forcibly expired
to release its slot.
Also, the cache is implemented on a per-binding basis rather than
having a global cache covering all bindings. This means that each
bound domain has its own 5 slot cache.
- Changed clntudp_create() to clntudp_bufcreate() so that the
xmit/recv message buffer sizes can be set explicitly. NIS transactions
are rarely much larger than 1024 bytes since YPMAXRECORD is 1024.
The defaults chosen by clntudb_create() are actually much larger
than needed. I set the xmit buffer to a little over 1024 and the
recv buffer to a little over 2048. This saves a few Kbytes for each
NIS binding.
- Add my name to the copyright. I think I've made enough changes to
this file to merit it. :)
Note: these changes should go into the 2.2.x branch, but I'm waiting
on feedback from a tester to see if the cache fixes solve the reported
memory leak problem.
changes to bsd.lib.mk can handle building it early enough. Don't
use the same rule for ss_err.h and ss_err.c, else `make -jN' would
run the rule twice concurrently. Don't put ss_err.c out of order
in SRCS; doing so was a kludge to get ss_err.h built early enough
for plain `make'.
Don't put a non-generated file in CLEANFILES.
since there might be permanent entries still left after
calls to DeleteLink (it will be nullified by DeleteLink
if all entries are deleted, won't it ?)
2) in PacketAliasSetAddress, set the aliasing address
even when PKT_ALIAS_RESET_ON_ADDR_CHANGE is in effect.
Just don't clean up links in this case.
Submitted by: Ari Suutari <ari@suutari.iki.fi>
via: Charles Mott <cmott@srv.net>
PR: 5041
fix a slight confusion about which draft of threads we are supporting.
this allows something as big and ugly as samba to be compiled with libc_r
and still work! our user-level pthreads seems amazingly robust!
implement mkdtemp
improve man page for mk*temp
use arc4random to seed extra XXX's randomly
Optionally warn of unsafe mktemp uses
From various commits by theo de raadt and Todd Miller.
Obtained from: OpenBSD
This should go into 2.2 after a testing period.
specifically:
uthread_accept.c: Fix for inherited socket not getting correct entry in
pthread flags.
uthread_create.c: Fix to allow pthread_t pointer return to be null if
caller doesn't care about return.
uthread_fd.c: Fix for return codes to be placed into correct errno.
uthread_init.c: Changes to make gcc-2.8 thread aware for exception stack
frames (WARNING: This is #ifdef'ed out by default and is
different from the Cygnus egcs fix).
uthread_ioctl.c: Fix for blocking/non-blocking ioctl.
uthread_kern.c: Signal handling fixes (only one case left to fix,
that of an externally sent SIGSEGV and friends -
a fairly unusual case).
uthread_write.c: Fix for lock of fd - ask for write lock, not read/write.
uthread_writev.c: Fix for lock of fd - ask for write lock, not read/write.
Pthreads now works well enough to run the LDAP and ACAPD(with the gcc 2.8 fix)
sample implementations.
one group. Thanks to Dirk Froemberg for supplying a patch for this. I will
be closing out the PR and moving this to the 2.2.5 branch later: my login
sessions to freefall from Columbia are ridiculously spotty today.
PR: 5610
Submitted by: Dirk Froemberg <ibex@physik.TU-Berlin.DE>
into libc. This reduces the size of every dynamically linked
executable by 248 bytes, and it reduces the size of static executables
by a lesser amount. It also eliminates some global namespace
pollution.
With this change in place, the source for dlfcn.h should probably
be moved to "/usr/src/include". I'll save that for another day.
Compatibility note: Programs which use dlopen, if compiled on
systems with this change, will not run on systems with a libc from
prior to this change. Very few programs use dlopen, so I think
that is OK.
isn't a prerequisite, since it isn't required for the prototypes
and isn't always needed to call the functions (the address family
might be a variable).
and the pre-Lite2 vfsconf interfaces.
For getvfsent.c, just define _OLD_VFSCONF. This will give the
current default macro hacks in <sys/mount.h> when the default is
reversed. This is an intermediate step.
makefile doesn't install them, and they couldn't be used without
lots of undocumented -I's in CFLAGS. tcl.h is still installed in
/usr/include/tcl/. Note that rev.1.24 of tcl_bmake/mkMakefile.sh
broke all the section 3 tcl man pages by putting it there instead
of in /usr/include.
are in kvm_uread():
- the setting of errno before checking it in the lseek() was lost.
- EOF handling was lost. kvm_uread() retried forever on EOF. EOF is
not really an error, but report it one as in rev.1.2.
- reporting of errno after a read error was lost.
Fixed style bugs in rev.1.3 and rev.1.12.
Not fixed: errno is not reported after lseek() failures.
overwrites it. This actually showed up when running under an old
kernel when free() called the madvise() stub which set errno, causing
getcwd() to return EOPNOTSUPP instead of ERANGE.
stale obj directory and we wouldn't want to do that! I trust he knows
what he's talking about. 8-)
Also avoid building libm at all until the NetBSD asm code is imported.
I wrongly commented this out last time. Oops.
that this source is compiled against. This source is referenced by
install which is needed as a build tool and must be able to compile
against NetBSD headers and libraries if we have a hope of supporting
another architecture.
With this change, that's two working programs down and 3945 (?) to go.
The other one was make, but that didn't need any changes to work under
FreeBSD/Alpha. 8-)
to another architecture (in this case the Alpha) we can continue to use
the host csu objects (from NetBSD). This should be a non-function change
to FreeBSD/i386.
case has very little to do with the output size being larger than
INT_MAX.
2. The new #include of <limits.h> was disordered.
3. The new declaration of `on' was disordered (integer types go together).
4. Testing an unsigned value for > 0 was fishy.
Submitted by: bde
mlock, mmap, mprotect, msync, munlock, and munmap are defined by
POSIX as taking void *. The const modifier has been added to
mlock, munlock, and mprotect as the standard dictates.
minherit comes from OpenBSD and has been updated to conform with
their recent change to void *.
madvise and mincore are not defined by POSIX, but their arguments
have been modified to be consistent with the POSIX-defined functions.
mincore takes a const pointer, but madvise does not due to the
MADV_FREE case.
Discussed with: bde
at the first position on either of the last two lines of the
screen. Ie. append contents of current line to the previous
line and scroll the next line's contents up.
PR: 5392
Submitted by: Kouichi Hirabayashi <kh@mogami-wire.co.jp>
instead of Singe Unix, thanx Bruce for explaining, I am not realize
standards war was there.
But now, fix n == 0 case to not return error and fix check for too
big n.
Things left to do: check for overflow in arguments.
Final word is Bruce's quote:
C9x specifies the BSD4.4-Lite behaviour:
[#3] ... Thus, the
null-terminated output has been completely written if and
only if the returned value is less than n.
It means that if we not have any null-terminated output as for n == 0
we can't return value less than n, so we forced to return value
equal to n i.e. 0
The next good thing is glibc compatibility, of course.
2) Do check for too big n in machine-independent way.
3) Minor optimization assuming EOF is < 0
The main argument is that it is impossible to determine if %n evaluated or not
when snprintf return 0, because it can happens for both n == 0 and n == 1.
Although EOF here is good indication of the end of process, if n is
decreased in the loop...
Since it is already supposed in many places that EOF *is* negative, f.e.
from Single Unix specs for snprintf
"return ... a negative value if an output error was encountered"
this not makes situation worse.
to pass not more than buffer size to %n agrument, old variant
always assume infinite buffer.
%n is for actually transmitted characters, not for planned ones.
"return the number of bytes needed, rather the number used"
According to Single Unix specs:
Upon successful completion, these functions return the number of bytes
transmitted excluding the terminating null
1) if buffer size is smaller than arguments size, return buffer
size, not arguments size as before.
2) if buffer size is 0, return 0, not EOF as before.
(now it is compatible with Linux and Apache implementations too).
NOTE: Single Unix specs says:
If the value of n {buffer size} is zero on a call to snprintf(), an
unspecified value less than 1 is returned.
It means we can't return EOF since EOF can take *any* value in general
not especially < 1. Better variant will be return -1 (it is less then
1 and different with n == 1 case) but -1 value is already occuped by
EOF in our implementation, so we can't distinguish true IO error
in that case. So 0 here is only possible case still conforming
to Single Unix specs.
where shared libraries are in /lib and almost everything is linked
shared. First, they removed the old shared library before installing
the new one. Second, they attemped a cross-device link from /lib
to /usr/lib/compat.
a malloc. The signal handler creates a thread which requires a malloc...
For now, the only thing to do is to block signals. When we move user
pthreads to use the kernel threads, mutexes will be implemented in kernel
space and then malloc can revert.
In the man page Use ".Pp" instead of blank lines, adopt English
and stress that the Julian->Gregorian switch took place at
different dates in different countries.
Suggested by: Garrett.
to the same version numbers as 2.2.x.
The problem with the way things were was:
- if you took a 2.2.x binary, it either wouldn't run on -current or
if you had the old -current version of libtermcap.so.2.1 then it could
potentially be a security problem.
- the alternative is to start a compat22 tree dist for -current with a
uuencoded binary. This makefile hack is less cost.
libtermcap.so.3.0 is provided via /usr/lib/compat to avoid transition
problems.
a similar way to libc. Sigh. This is not pretty but seems to work.
Somthing like this was needed in preference to bogusly bumping the major
library number here.
The syscall(SYS_issetugid) idea is originally Bruce's.
functions would return -1 and set errno to indicate the specific error.
POSIX requires that the functions return the error code as the return
value of the function instead.
on systems where long doubles are just doubles. FreeBSD hasn't
been such a system since it started using gcc-2.5 many years ago.
The fix is of low quality. It loses precision.
scanf() of long doubles doesn't seem to be used much, but gdb-4.16
uses %Lg format in its expression parser if it thinks that the
system supports printf'ing of long doubles. The symptom was that
floating point literals were usually interpreted to be 0.0.
Note this ONLY affects the function version - the macro version is always
used unless for some reason you put #undef sigismember in your code before
calling it.
PR: 3615
Submitted by: Nanbor Wang <nw1@cs.wustl.edu> (slightly amended patch)
Obtained from: Whistle Communications tree
Add an option to the way UFS works dependent on the SUID bit of directories
This changes makes things a whole lot simpler on systems running as
fileservers for PCs and MACS. to enable the new code you must
1/ enable option SUIDDIR on the kernel.
2/ mount the filesystem with option suiddir.
hopefully this makes it difficult enough for people to
do this accidentally.
see the new chmod(2) man page for detailed info.
Ever since I first say the way the mount flags were used I've hated the
fact that modes, and events, internal and exported, and short-term
and long term flags are all thrown together. Finally it's annoyed me enough..
This patch to the entire FreeBSD tree adds a second mount flag word
to the mount struct. it is not exported to userspace. I have moved
some of the non exported flags over to this word. this means that we now
have 8 free bits in the mount flags. There are another two that might
well move over, but which I'm not sure about.
The only user visible change would have been in pstat -v, except
that davidg has disabled it anyhow.
I'd still like to move the state flags and the 'command' flags
apart from each other.. e.g. MNT_FORCE really doesn't have the
same semantics as MNT_RDONLY, but that's left for another day.
PR: 4555
Submitted by: Dmitrij Tejblum <tejblum@arc.hq.cti.ru>
[0x0400 - 0xffff] [bbbbbbbb.bbbbbbbb] -> 1110bbbb, 10bbbbbb, 10bbbbbb
.Ed
.Pp
If more than a single representation of a value exists (for example,
0x00; 0xC0 0x80; 0xE0 0x80 0x80) the shortest representation is always
used (but the longer ones will be correctly decoded).
.Pp
The final three encodings provided by X-Open:
.Bd -literal
[00000000.000bbbbb.bbbbbbbb.bbbbbbbb] ->
11110bbb, 10bbbbbb, 10bbbbbb, 10bbbbbb
[000000bb.bbbbbbbb.bbbbbbbb.bbbbbbbb] ->
111110bb, 10bbbbbb, 10bbbbbb, 10bbbbbb, 10bbbbbb
[0bbbbbbb.bbbbbbbb.bbbbbbbb.bbbbbbbb] ->
1111110b, 10bbbbbb, 10bbbbbb, 10bbbbbb, 10bbbbbb, 10bbbbbb
.Ed
.Pp
which provides for the entire proposed ISO-10646 31 bit standard are currently
not implemented.
.Sh "SEE ALSO"
.Xr mklocale 1 ,
.Xr setlocale 3
@
1.4
log
@Don't use hardcoded *roff font change requests. Do it
via mdoc macros instead.
@
text
@d37 1
a37 1
.Dd "June 4, 1993"
@
1.3
log
@Very minor mdoc cleanup.
@
text
@d44 2
a45 1
\fBENCODING "UTF2"\fP
@
1.2
log
@Another round of various man page cleanups.
@
text
@d65 1
a65 1
.sp
d81 1
a81 1
.sp
@
1.2.2.1
log
@YAMFC:
Commit all of the -current changes that apply to 2.2. These fall into
several categories:
- Cosmetic/mdoc changes. They don't really afect the output
at all, but having them in 2.2 will make it easier to diff the man
pages later when looking for real changes.
- Update some man pages to reflect the current 2.2 header files.
- Sort xrefs.
- A few typo fixes.
- And a few changes that actualy added text to the man page that should
be reflected in 2.2.
- Add some missing MLINKS.
Requested by: bde
@
text
@d44 1
a44 2
.Nm ENCODING
.Qq UTF2
d65 1
a65 1
.Pp
d81 1
a81 1
.Pp
@
1.2.2.2
log
@MFC: Just the locale fixes (small doc tweaks for the most part)
and the new strptime(3) call. Having added something, does this
require a version bump? Haven't we bumped once already?
There are a *LOT* of additional 3.0 changes to be merged but I'm not
entirely comfortable with some of them so I'll take the conservative
(read: cowardly :) way out and just merge this much.
@
text
@d37 1
a37 1
.Dd June 4, 1993
@
1.1
log
@Initial revision
@
text
@d41 1
a41 1
.Nm UTF2
@
1.1.1.1
log
@BSD 4.4 Lite Lib Sources
@
text
@@
1.1.1.1.6.1
log
@Phase 2 of merge - also fix things broken in phase 1.
Watch out for falling rock until phase 3 is over!
libc completely merged except for phkmalloc & rfork (don't know if David
wants that).
Some include files in sys/ had to be updated in order to bring in libc.
@
text
@d41 1
a41 1
.Nm utf2
@
1.1.1.1.6.2
log
@This 3rd mega-commit should hopefully bring us back to where we were.
I can get it to `make world' succesfully, anyway!
@
text
@d41 1
a41 1
.Nm UTF2
@
partway through its attempt to decode the result structure sent by
the server. If this happens, it can leave the result partially
populated with dynamically allocated memory. In this event, the
xdr_replymsg() failure is detected and RPC_CANTDECODERES is returned,
but the memory in the partially populated result struct is not
free()d.
The end result is that memory is leaked when an RPC_CANTDECODERES
error occurs. (This condition can occur if a CLIENT * handle is created
using clntudp_bufcreate() with a receive buffer size that is too small
to handle the result sent by the server.)
Fixed by setting reply_xdrs.x_op to XDR_FREE and calling
xdr_replymsg() again to free the memory if an RPC_CANTDECODERES error
is detected.
I suspect that the clnt_tcp.c, clnt_unix.c and clnt_raw.c modules
may ha a similar problem, but I haven't duplicated the condition with
those yet.
Found by: dbmalloc
to fail under certain circumstances.
1. In one spot, the ifr_flags member was being examined in the
wrong structure, thus it contained garbage. On a machine in which
only the loopback interface was up, this caused everything that
wanted to talk to the portmapper to fail -- a particular problem
with laptops, where the pccard ethernet interface is likely to come
up long after the attempt to start mountd, nfsd, amd, etc.
2. Compounding the above problem, get_myaddress() returned a
successful status even though it failed to find an address that it
considered good enough.
This fixes bugs in the manual handling. abs.[cS] was handled too
specially and the wrong (.c) variant for each of div.[cS], labs.[cS]
and ldiv.[cS] was added to SRCS. This caused the .c variant to be
used if `depend' was made and the .S version to be used otherwise.
The names of m-d variants are now added (manually) to MDSRCS instead
of to SRCS, and the names of all machine-independent (m-i) variants
that can reasonably be replaced by an m-d variant are now added
(manually) to MISRCS instead of to SRCS, so that a simple substitution
can be used to discard the unused m-i variants. MISRCS is potentially
all m-i sources, but the substitution is too simple to be fast, so
MISRCS should be kept reasonably small.
libc/Makefile.inc:
Do the substitution.
libc/i386/string/Makefile.inc:
Add to MDSRCS instead of to SRCS. Add the names of all sources in this
directory, but no others.
libc/string/Makefile.inc
Add to MISRCS instead of to SRCS. Add the names of all sources in this
directory. Don't use (broken) explicit rules for special cases.
for the entire time that it was there, so obviously nothing needs it
anymore.
Note, unix98/single-unix spec v2 says that usleep() returns an int rather
than a void, to indicate whether the entire time period elapsed (0) or an
error (eg: signal handler) interrupted it (returns -1, errno = EINTR)
It is probably useful to make this change but I'll test it locally first
to see if this will break userland programs [much]...
Reviewed by: ache, bde
back to the original single nanosleep() implementation. This is POSIX and
Unix98 (aka single-unix spec v2) compliant behavior. If a program sets
alarm(2) or an interval timer (setitimer(2)) without a SIGALRM handler
being active, sleep(3) will no longer absorb it, and the program will get
what it asked for..... :-]
The original reason for this in the first place (apache) doesn't seem to
need it anymore, according to Andrey.
Reviewed by: ache, bde
made to the RPC code some months ago. The value of __svc_fdsetsize is being
calculated incorrectly.
Logically, one would assume that __svc_fdsetsize is being used as a
substitute for FD_SETSIZE, with the difference being that __svc_fdsetsize
can be expanded on the fly to accomodate more descriptors if need be.
There are two problems: first, __svc_fdsetsize is not initialized to 0.
Second, __svc_fdsetsize is being calculated in svc.c:xprt_registere() as:
__svc_fdsetsize = howmany(sock+1, NFDBITS);
This is wrong. If we are adding a socket with index value 4 to the
descriptor set, then __svc_fdsetsize will be 1 (since fds_bits is
an unsigned long, it can support any descriptor from 0 to 31, so we
only need one of them). In order for this to make sense with the
rest of the code though, it should be:
__svc_fdsetsize = howmany(sock+1, NFDBITS) * NFDBITS;
Now if sock == 4, __svc_fdsetsize will be 32.
This bug causes 2 errors to occur. First, in xprt_register(), it
causes the __svc_fdset descriptor array to be freed and reallocated
unnecessarily. The code checks if it needs to expand the array using
the test: if (sock + 1 > __svc_fdsetsize). The very first time through,
__svc_fdsetsize is 0, which is fine: an array has to be allocated the
first time out. However __svc_fdsetsize is incorrectly set to 1, so
on the second time through, the test (sock + 1 > __svc_fdsetsize)
will still succeed, and the __svc_fdset array will be destroyed and
reallocated for no reason.
Second, the code in svc_run.c:svc_run() can become hopelessly confused.
The svc_run() routine malloc()s its own fd_set array using the value
of __svc_fdsetsize to decide how much memory to allocate. Once the
xprt_register() function expands the __svc_fdset array the first time,
the value for __svc_fdsetsize becomes 2, which is too small: the resulting
calculation causes the code to allocate an array that's only 32 bits wide
when it actually needs 64 bits. It also uses the valuse of __svc_fdsetsize
when copying the contents of the __svc_fdset array into the new array.
The end result is that all but the first 32 file descriptors get lost.
Note: from what I can tell, this bug originated in OpenBSD and was
brought over to us when the code was merged. The bug is still there
in the OpenBSD source.
Total nervous breakdown averted by: Electric Fence 2.0.5
to POSIX.2. In particular:
- don't retry for ETXTBSY. This matches what sh(1) does. The retry code
was broken anyway. It only slept for several seconds for the first few
retries. Then it retried without sleeping.
- don't abort the search for errors related to the path prefix, in
particular for ENAMETOOLONG, ENOTDIR, ELOOP. This fixes PR1487. sh(1)
gets this wrong in the opposite direction by never aborting the search.
- don't confuse EACCES for errors related to the path prefix with EACCES
for errors related to the file. sh(1) gets this wrong.
- don't return a stale errno when the search terminates normally without
finding anything. The errno for the last unsuccessful execve() was
usually returned. This gave too much precedence to pathologies in the
last component of $PATH. This bug is irrelevant for sh(1).
The implementation still uses the optimization/race-inhibitor of trying
to execve() things first. POSIX.2 seems to require looking at file
permissions using stat(). We now use stat() after execve() if execve()
fails with an ambiguous error. Trying execve() first may actually be a
pessimization, since failing execve()s are fundamentally a little slower
than stat(), and are significantly slower when a file is found but has
unsuitable permissions or points to an unsuitable interpreter.
PR: 1487
'slow' lookup if we get a YPERR_MAP (no such map in server's domain) error
instead of failing over on any error. In the latter case, if the 'fast'
search fails legitimately (i.e. the user or host really isn't a member
of the specified netgroup) then we end up doing the 'slow' search and
failing all over again. The result is still correct, but cycles are
consumed for no good reason.
Also removed the #ifdef CHARITABLE since the compat kludge is no longer
optional.
that if searching through the special netgroup.byhost or netgroup.byuser
maps didn't work, we would roll over to the 'slow' method of grovelling
though the netgroup map and working out the dependencies on the fly.
But I left this option hidden inside an #ifdef CHARITABLE since I
didn't think I'd ever need it.
Well, the Sun rpc.nisd NIS+ server in YP compat mode doesn't support
the .byhost and .byuser reverse maps, so the failover is necessary
in order to be compatible. *sigh*
This closes PR #3891, and should be merged into RELENG_2_2.
ISSUES:
An example and better explansion on how to specify a user's login
class in /etc/master passwd is needed.
(As I don't seem to be specifiying it right, I can't do it).
can return UNIX errnos. When UNIX errnos catch up with FTP status
codes (e.g. at 100) a new way will have to be found to tell which
is which.
This allows fetch to print errors like
fetch: ftp.fu-berlin.de: No route to host
instead of
fetch: ftp.fu-berlin.de: Unknown error
nuked file descriptor. This is probably why sysinstall's ftp xfer
occasionally SEGV'd if you left things alone for a long time and
the timeout code got called. Whoops!
$ vipw
[corrupt a line in editor, exit editor]
pwd_mkdb: corrupted entry
pwd_mkdb: at line #2
pwd_mkdb:
/etc/pw.012585: Inappropriate file type or format
re-edit the password file? [y]: n^D^D
[hang]
plain 0 should be used. This happens to work because we #define
NULL to 0, but is stylistically wrong and can cause problems
for people trying to port bits of code to other environments.
PR: 2752
Submitted by: Arne Henrik Juul <arnej@imf.unit.no>
an unimplemented syscall returned ENOSYS, rather than EINVAL. I have run
statically linked code with this wrapper and it does appear to work fine
on 2.2-stable which doesn't have poll(). ktrace shows the poll syscall fail
once and the fallback to select() working.
if necessary. This removes the need to malloc large fd_set's for selecting
on high fd's (larger than FD_SETSIZE at libc compile time).
The syscall adaptive stuff only happens on the very first call. SIGSYS
is masked, and if the call to poll fails with ENOSYS, then we use select
for the life of the program. If poll does not fail with ENOSYS, then we
always use poll and skip the once-off signal masking gunk.
This may be overkill, but it saved my neck a few times while working on
multiple different sets of kernel sources, some with poll, some without.
things like libskey.so to be dynamically self contained.
Things like md5(1) where speed is critical should still link with libmd.a,
but for things like login, where it's a once-off call if skey is used, it's
not worth the hassle.
#defines that are compatable with ours). I made some some minor tweaks
to the leading '_' tests.
Again, this is off by default for the moment. This probably should be
split into seperate files (like some of our other libc files that could
do with some splitting).
Obtained from: OpenBSD (plus some minor tweaks)
tree. Also merge in fix to NetBSD PR #1495. These represent 1.3-1.9 in
the OpenBSD tree. Make minor KNF changes to new code (which is in the
OpenBSD as 1.10). This avoids the symlink race problems.
These patches should go into 2.2.5 before the ship if they don't
break anything in -current.
Reviewed by: Bruce Evans
Obtained from: OpenBSD
undefined symbol referenced from libc. Without the stub, it is
impossible to execute any program using the shared library if
LD_BIND_NOW=1 is in the environment. The stub always returns
failure, but it can be overridden outside the library when necessary.
I don't know whether this is the "correct" fix, but it is intolerable
to have any undefined symbols referenced from libc.
and return to previous Peter's variant.
POSIX says that this place is implementation defined and old variant allows
application block SIGALRM and sleep and not be killed by external SIGALRMs.
BTW, GNU sleep f.e. sleeps forever in blocked SIGALRM :-)
acceptable range for tv_sec to the magic number 100000000 (which at
least ought to be declared in a header file, and explained in the
non-existing man page, as well as in the existing man pages for
nanosleep(2) & Co.).
PR: bin/4259
modify the original `no modifications' copyright message, and i've
included his mail into the source file.
The common localization functions between strptime(3) and strftime(3)
have been broken out into timelocal.[ch].
Use 'beforedepend' instead of '.depend' to hang automatically-generated
headers off.
XXX the latter is bogus without a 'beforeall' target and explicit ordering
of dependancy generation for targets.
lifetime of the call, just like the old implementation did. Previously,
we were only eating them if the application did not call sleep()/usleep()
with SIGALRM masked.
Submitted by: ache
and forgot what I was trying to do originally and accidently zapped
a feature. :-] The problem is that we are converting a counted buffer in
a malloc pool into a null terminated C-style string. I was calling realloc
originally to shrink the buffer to the desired size. If realloc failed, we
still returned the valid buffer - the only thing wrong was it was a tad
too large. The previous commit disabled this.
This commit now handles the three cases..
1: the buffer is exactly right for the null byte to terminate the
string (we don't call realloc).
2: it's got h.left = 0, so we must expand it to make room. If realloc
fails here, it's fatal.
3: if there's too much room, we realloc to shrink it - a failed realloc
is not fatal, we use the original buffer which is still valid.
Dmitrij Tejblum <dima@tejblum.dnttm.rssi.ru>
Various cleanup from Keith Bostic
Reinstate calloc() as a separate funtion, in its own source/object file.
leave the manpage integrated with malloc.3 and friends. Too many things
were broken in this respect.
PR: 4002
Reviewed by: phk
Submitted by: Dmitrij Tejblum <dima@tejblum.dnttm.rssi.ru>
Submitted by: Keith Bostic <bostic@bostic.com>
Only call malloc() if the fd is too big for the compiled in fd_set size,
and don't use calloc either. This should reduce the impact of conflicts
with private malloc implementations etc. When using the fd_set on the
stack, only zero what is needed rather than all 1024 bits like FD_ZERO did.
Various portability and stylistic cleanups.
Kill MALLOC_STATS & the 'D' option.
Fix the 'V' option.
Major overhaul of the man-page.
You milage should not vary.
Reviewed by: Keith Bostic <bostic@bostic.com>
Submitted by: Keith Bostic <bostic@bostic.com>
The logic in get_myaddress() is broken: it always returns the loopback
address due to the following rule:
if ((ifreq.ifr_flags & IFF_UP) &&
ifr->ifr_addr.sa_family == AF_INET &&
(loopback == 1 && (ifreq.ifr_flags & IFF_LOOPBACK))) {
The idea is that we want to select the interface address only if it's
up and it's in the AF_INET family. If it turns uout we don't have
such an interface available, we make a second pass through the loop,
this time settling for the loopback interface. But the logic inadvertently
locks out all cases when loopback == 0, so nothing is ever selected until
the second pass (when loopback == 1).
This is changed to:
if (((ifreq.ifr_flags & IFF_UP) &&
ifr->ifr_addr.sa_family == AF_INET) ||
(loopback == 1 && (ifreq.ifr_flags & IFF_LOOPBACK))) {
which I think does the right thing.
This is yet another bogon I discovered during NIS+ testing; I need
get_myaddress() to work correctly so that the callback code in the
client library will work.
srandomdev(), but can be used inside libraries. random() can't be used
inside libraries because it breaks its possible predictable sequence.
arc4random() is true random as designed, so its usage is library-safe.
Obtained from: OpenBSD
implement (better) falback code inside srandomdev() itself.
Change return type from int to void (binary compatibility surprisely
achieved). Userland code will be changed soon.
The addition of the nanosleep syscall was correctly added to
libc/sys/Makefile so that it is renamed as _thread_sys_nanosleep().
This syscall is one of those that libc_r has to re-implement because
the only behaviour is to block the process. So libc_r just ignores the
fact that a nanosleep syscall exists and goes its own way - as it has
done all along .... and now it does again. And now a simple program
can sleep again. Phew.
Malloc cannot use pthread_mutex_init() to initialize a mutex because
the mutex initialization process does a malloc!
libc_r internals skip the malloc and assign an initializer to a static
structure and point the opaque type (pthread_mutex_t in this case) to
that structure. This is done on the assumption that the mutex will never
be destroyed. This style of initialization is only valid inside libc_r
because the structure that is assigned is opaque to the user.
This fix allows a simple program to get to main() again. 8-)
semantics of the old sleep for compatability with a few decades of expected
side effects. Apache breaks if we just use nanosleep() for some reason,
here we use a new signanosleep() syscall which is kinda like a hybrid of
sigsuspend and nanosleep..
Reviewed by: ache (and tested on his apache that was failing when
sleep used plain nanosleep)
These changes add the ability to specify that a UFS file/directory
cannot be unlinked. This is basically a scaled back version
of the IMMUTABLE flag. The reason is to allow an administrator
to create a directory hierarchy that a group of users
can arbitrarily add/delete files from, but that the hierarchy
itself is safe from removal by them.
If the NOUNLINK definition is set to 0
then this results in no change to what happens normally.
(and results in identical binary (in the kernel)).
It can be proven that if this bit is never set by the admin,
no new behaviour is introduced..
Several "good idea" comments from reviewers plus one grumble
about creeping featurism.
This code is in production in 2.2 based systems
-DUSE_NANOSLEEP. Also, seperate the code for _THREAD_SAFE so that it uses
the simpler threaded nanosleep() call in libc_r.. We don't go to the same
extremes for emulating traditional sleep semantics (ie: eating any SIGALRM
that might happen) which things like apache seem to depend on.
- bde's change to includes section in getrpcent.3
- Lost comment in svc_run.c (the code here was actually the same since
I had fixed the 'fds + 1' bug in my stuff at home before mailing
Peter about it, but I didn't notce that he'd made a change to the
comment right above the changed line).
Also pointed out by the ever vigilant: bde
This concludes tonight's entertainment. Once I'm sure I haven't destroyed
the world with all these changes, I'll import the utilities. Everything
should continue to work as before. If it doesn't let me know.
Special thanks to Mark Murray for running a test 'make world' for me to
shake out the bugs, which, hopefully, I have fixed.
(And there was much rejoicing.)
Note: you'll need to rinstalkl all your includes before compiling libc
the next time you update your sources in order for all this to work.
Reviewed by: Mark Murray
ppp (or will be shortly). Natd can now be updated to use
this library rather than carrying its own version of the code.
Submitted by: Charles Mott <cmott@srv.net>
visible type names in prototypes in user space headers. libutil.h
generates warnings with -Wall over the use of "const char *ttyname".
It's lucky it wasn't a #define conflict.
Is a single '_' prefix acceptable? or does it need to be two?
value, it appears as though the semantics of usleep are that it doesn't
return early. (only in the nanosleep code - the setitimer code does this
already)
(nanosleep) breaks Apache httpd badly: his childs died quickly after
number of requests (SIGPIPE). To reproduce this bug start
gdb /usr/local/sbin/httpd
run -X
and make some bunch of concurent requests (load the server pages
from 3 different places f.e.)
After short time httpd dies via SIGPIPE. It never dies with old sleep.c
In real life it looks like lots of broken images on the pages or missing
pages. Lynx says about Network read error, etc.
It seems something wrong in nanosleep signal handling.
back as designed in *BSD
Also it not violates current standards but
1) No other Unixes have this feature
2) It broke Kerberos5 (isprint) and God knows what else
(not all vendors will agree to treat FreeBSD as special case for support
since (1))
2) Give false localization sense (programs mimic to be 8859-1
localized) which prevents true localization.
bumped only 0.1 or 1.0 between releases. (See handbook.)
Note that if you have built world in -current in the last 48 hours or
so, you should manually remove /usr/lib/libutil.so.2.3 before
rebuilding world to cleanse your system.
o Incorporated BSDI code and enhancements, better logging for error
checking (which has been shown to be a problem, and is therefore
justified, imho); also some minor things we were missing, including
better quad_t math, which checks for under/overflows.
o setusercontext() now allows user resource limit overrides, but
does this AFTER dropping root privs, to restrict the user to
droping hard limits and set soft limits within the kernel's
allowed user limits.
o umask() only set once, and only if requested.
o add _secure_path(), and use in login.conf to guard against
symlinks etc. and non-root owned or non-user owned files being
used. Derived from BSDI contributed code.
o revamped authentication code to BSDI's latest api, which
includes deleting authenticate() and adding auth_check()
and a few other functions. This is still marked as depecated
in BSDI, but is included for completeness. No other source
in the tree uses this anyway, so it is now bracketed with
#ifdef LOGIN_CAP_AUTH which is by default not defined. Only
auth_checknologin() and auth_cat() are actually used in
module login_auth.c.
o AUTH_NONE definition removed (collided with other includes
in the tree). [bde]
o BSDI's login_getclass() now accepts a char *classname
parameter rather than struct passwd *pwd. We now do likewise,
but added login_getpwclass() for (sort of) backwards
compatiblity, namely because we handle root as a special
case for the default class. This will require quite a few
changes elsewhere in the source tree.
o We no longer pretend to support rlim_t as a long type.
o Revised code formatting to be more bsd-ish style.
so that all these makefiles can be used to build libc_r too.
Added .if ${LIB} == "c" tests to restrict man page builds to libc
to avoid needlessly building them with libc_r too.
Split libc Makefile into Makefile and Makefile.inc to allow the
libc_r Makefile to include Makefile.inc too.
and FNM_LEADING_DIR were specified and the pattern ended with "*".
Example: pattern="src/usr.sbin/w*", string="src/usr.sbin/watch/watch.8,v".
This should match, but did not.
- dependencies actually work (I need this to propagate some fixes
in <machine/asm.h>)
- the cpp pipeline goes away, so errors can't leak out of it and
an ANSI cpp is automatically used.
- it's simpler - standard rules get used instead of repetitive
special rules. (This showed bugs in the strip steps in the
standard rules. The wrong strip flag was also used for *.po
here.)
Removed some ${ECHO}s and `@'s. Normal make echoing of what is
being done is now not much more verbose than the echo messages
were, and is more useful.
the (buggy) support for alternative entry points. ALTENTRY() was only
used for memmove(). Optimizing for space was particularly silly because
memcpy() is rarely used (gcc normally inlines it).
Obtained from: NetBSD
the (buggy) support for alternative entry points. ALTENTRY() was only
used for memmove(). Optimizing for space was particularly silly because
memcpy() is rarely used (gcc normally inlines it).
Obtained from: NetBSD
- use a slightly less bogus copyright. This file was never contributed
to Berkeley. It still claims to be copright by the Regents.
- use <machine/asm.h> instead of "DEFS.h".
- use RCSID($Id$) instead of explicit assembly code and messy ifdefs.
The rcsid won't be put into the object file until we make RCSID()
non-null. NetBSD uses a LIBC_SCCS ifdef here. We used a LIBC_RCS
instead, but I want RCSID() to be controlled directly by LIBC_RCS
(actually by LIB_RCS). This is the only difference with the NetBSD
version.
- added ifdefs to support generation of memcpy() and memmove(). The
other changes are "while I'm here" to get this.
- improved style of the copy backwards case.
TTY_NETWORK (network), TTY_DIALUP (dialup), which determine a basic
connection type. TTY_DIALUP in particular will replace the old out of
date heuristic "tty[dD]*" in login.c (and better than the current
hard-coded method).
`void __set_ospeed(long);' in the appropriate header.
The implementation still uses speed_t instead of long. This
will break properly when speed_t is fixed (speed_t shall be
unsigned ...).
the src/contrib/tcl directory existing, and also have an /etc/make.conf
override (NOTCL) to stop building libtcl. This is in similar other
things from src/Makefile, eg: NOGAMES, NOLKM, etc.
This is so that people can put in a refuse entry in their cvsup files and
not fetch the tcl code, and have it not built automatically. I'll do
something similar for perl.
common. Add one do-nothing element to each set. This ensures that
the linker realizes that they are linker sets rather than simple
commons, and makes it possible to link c++rt0.o into every shared
library regardless of whether it is a C++ library or not. Without
this change, the constructors and destructors in the main program
could be executed multiple times.
This change is going to make it possible to get rid of the
CPLUSPLUSLIB makefile variable once and for all. It is a piece of
the solution to PR gnu/3505 (gcc -shared). Finally, it fixes a
heretofore unreported bug: If CPLUSPLUSLIB was set in a makefile
for a C++ shared library that had no static constructors or
destructors in it, then the main program's constructors and
destructors would be executed multiple times.
uid/gid in question was in the cache, but did not exist
in the password file. This causes the -nouser and -nogroup
options to find(1) to only print the first file owned by
an unknown user/group in some cases.
Use snprintf instead of sprintf to avoid buffer overflows
Use snprintf in uu_lockerr instead of lots of hardcoded constants
and not null-terminated strncpy
Return "" for OK and "device in use" for INUSE, it allows simple
strcpy(buf, uu_lockerr(retcode)) without testing for special OK
case (NULL was there) and obtaining meaningful result for INUSE
("" was there) without special testing for it too.
which don't provide a non-blocking interface.
This is a short term "fix" which changes a half-lose to a half-win.
The thread that accesses a device that does not provide a non-blocking
interface will block for its time slice.
A medium term solution would be to use rfork. A long-term solution
would be some sort of kernel thread/SMP implementation.
in uu_lock(). Add uu_lockerr() for turning the results of
uu_lock into something printable. Remove bogus section in man page
about race conditions allowing both processes to get the lock.
Include libutil.h and use uu_lock() correctly where it should.
Suggested by: ache@freebsd.org
passes on the status across fork/exec.
The previous version had some typos, referred to itself as link(2) in
one place :-), and didn't really match openbsd's implementation either.
Now that I've mentioned typos, hopefully our Typo Police and Xref Police
will be gentle with me. :-)
The sa_mask field specified in act is not allowed to block SIGKILL or
SIGSTOP. Any attempt to do so will be silently ignored.
Now where did I leave that pointy hat...
modern FreeBSD systems will syslog properly on older systems that
still name the logging socket "/dev/log". This includes pre-2.2
versions of FreeBSD as well as BSD/OS systems. If the connect to
"/var/run/log" fails, the function now tries to connect to
"/dev/log" as a fallback.
quoted individually. Quoting them all together sort of worked, except
for scsreq_build(), the long arg list was chopped near column 80, to
no avail since the closing parentheses was put on new line by itself.
Back out a dubious Lite2 change to "optimise" getcwd() to look at $PWD
because it's potentially dangerous (think: symlink races). Move
realpath() back to it's original location, and remove getcwd_physical()
by renaming it back to getcwd() and zapping the original getcwd wrapper.
Noticed by: bde
The following commits already happened but the log message got lost:
Modified Files:
gen/Makefile.inc gen/getcwd.c stdlib/Makefile.inc
Removed Files:
gen/realpath.3
because it's potentially dangerous (think: symlink races). Move
realpath() back to it's original location, and remove getcwd_physical()
by renaming it back to getcwd() and zapping the original getcwd wrapper.
Noticed by: bde
Bruce says that since NetBSD, OpenBSD and Linux currently
use ss_sp, we won't be changing it to the lite2 ss_base.
The type may change at some later date.
touch duplicate group suppression, but the merge blew away our
duplicate group suppression.
The merge also blew away the -Wall cleanup in rev.1.5, but that
was misformatted, so I didn't restore it.
but in one case the Lite2 changes were flat out wrong and
caused the man page to disagree with a header file.
There are still some *roff macro calls that were added that
I have yet to figure out what to do with in some of the man pages.
My changes to preserve errno across free() and close() and to report
fstat() errors properly were blown away.
Updated the FreeBSD changes to match the Lite2 style fixes.
Document that popen() can now create bidirectional pipes and handles.
Note that this needs to be updated since we have a native bidirectional
pipe and don't use socketpair() here.
style and b) the wrong logic. Should be strstr(s, "##") != NULL. (Note
that the passwd.adjunct stuff has not been merged into 2.2 so this bug
is not in that branch.)
The character `#' introduces a comment. Leading spaces and tabs are
ignored: '^[ \t]*#.*\n$'
Count an empty line - only spaces, tabs or newline - also as a comment.
(to be compatibel with password database comments). '^[ \t]*\n$'
and small values:
hypotf(2.3819765e+38, 2.0416943e+38) was NaN instead of 3.1372484e+38
hypotf(-3.4028235e+38, 3.3886450e+38) was NaN instead of Inf
hypotf(-2.8025969e-45, -2.8025969e-45) was 0 instead of 4.2038954e-45
Found by: ucbtest
- 0 was returned instead of EOF when an input failure occured while
skipping white-space after 0 assignments. This fixes PR2606. The
diagnosis in PR2606 is wrong.
- EOF was returned instead of 0 when an input failure occurred after
zero assignments and nonzero suppressed assignments.
- EOF was spelled -1.
This should be in 2.2.
for now so that we don't lose library compatibility. Applications should
define _NEW_VFSCONF and use getvfsbyname() instead of new_getvfsbyname()
if they want the new vfsconf interface. Parts of the old interface
(enough to load vfs modules, I hope) are still available.
previous revision. Use log10f() instead of log10(). log10f() is
currently slightly slower than log10() on P5's, but it is potentially
significantly faster.
Fixed declaration of the C function used in the (unused?) KR_headers
case.
avoid easily avoidable loss of precision when |x| is nearly 1.
Extended (64-bit) precision only moves the meaning of "nearly" here.
This probably could be done better by splitting up the range into
|x| <= 0.5 and |x| > 0.5 like the C version. However, ucbtest
does't report any errors in this version. Perhaps the C version
should be used anyway. It's only 25% slower now on a P5, provided
the C version of sqrt() isn't used, and the C version could be
optimized better.
Errors checked by: ucbtest
at runtime.
etc/make.conf:
Nuked HAVE_FPU option.
lib/msun/Makefile:
Always build the i387 objects. Copy the i387 source files at build
time so that the i387 objects have different names. This is simpler
than renaming the files in the cvs repository or repeating half of
bsd.lib.mk to add explicit rules.
lib/msun/src/*.c:
Renamed all functions that have an i387-specific version by adding
`__generic_' to their names.
lib/msun/src/get_hw_float.c:
New file for getting machdep.hw_float from the kernel.
sys/i386/include/asmacros.h:
Abuse the ENTRY() macro to generate jump vectors and associated code.
This works much like PIC PLT dynamic initialization. The PIC case is
messy. The old i387 entry points are renamed. Renaming is easier
here because the names are given by macro expansions.
log10(x) = log10e * log(x). The formula would work if the RHS were
evaluated in extended precision with an extended precision log().
This actually happened with the i387 log() because it returns excess
precision.
Found by: ucbtest
This defeats the point of log1p(). ucbtest reports errors of +-5e+15
ULPs. A correct version would use the i387 fyl2xp1 instruction for
small x and maybe scale to small x. The C version does the scaling
reasonably efficiently, and fyl2px1 is slow (at least on P5s), so not
much is lost by always using the C version (only 25% for small x even
with the broken i387 version; 50% for large x).
doesn't need to be included in files that have nothing to do with
syscalls.
Added missing `.text' to START_ENTRY so that ENTRY() works when
invoked in the data section.
I notice info(1) has some problems moving back and forth through the
resulting info file, but emacs doesn't, so i figure it's rather a
problem with info(1) itself. To the least, this file installs now
finally.
allocated size not reset to 0 causing NULL dereference
on call after login_close().
2) Modify login_capsize() behaviour to match manpage, allow
concatenated sizes; ie. 10m500k
the handler with SA_RESTART set, so the system calls I wanted to have the
timeout effect will just restart instead (which is NOT what I wanted).
Sheepishly use sigaction() like a good boy and make timeouts actually do
something.
Also pass errors out more effectively so that fetch(1) actually understands
what went wrong.
- Use MAP_FAILED instead of the constant -1 to indicate
failure (required by POSIX).
- Removed flag arguments of '0' (required by POSIX).
- Fixed code which expected an error return of 0.
- Fixed code which thought any address with the high bit set
was an error.
- Check for failure where no checks were present.
Discussed with: bde
a manner consistent with other implementations. Its done in a way that
adds only a tiny amount of overhead when positional arguments are not used.
I also have a test program to go with this, but don't know where it belongs
in the tree.
Submitted-By: Bill Fenner <fenner@FreeBSD.ORG>
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
of the user's timezone failed), don't bail if the specified timezone
doesn't have an offset; in this case it isn't going to. (Perhaps it would
be better to change the caller to always supply one, but this is quick
and clean and fixes the bug in the easiest possible way.)
Should be in 2.2. Fixes (properly) PR#1740.
were added with the login class stuff. This is needed since libutil.so.2.1
is what is used in RELENG_2_2 and well into the release cycle. We only
bump once per release cycle as needed.
Add descriptions of RTLD_LAZY and RTLD_NOW.
Correct the synopsis to agree with the actual function prototypes.
Add clarifications of a few things.
Clean up the wording in a few places.
was apparently overlooked at the time the member was added. Its absence
causes some error messages from the dynamic linker to begin with
"(null):" instead of with the pathname of the dynamic linker as they
should.
I am also adding a work-around to the dynamic linker, to cope with
legacy binaries that were built with older versions of crt0.
interfaces, until it's redone to use sysctl().
- bump the SIOCGIFCONF buffer size from 1K to 8K
- if we didn't find a suitable address, return a failure. Previously
if it didn't find anything it left the return address uninitialised.
Perhaps it would be better to return AF_INET/111/127.0.0.1 rather than
failing?
more manageable and convenient referencing by login.conf (login
class database) and (e.g.) login.access.
This is the first of a group of commits which implements the login
class capabilities database.
(There may be a behavior difference between the 2.1 and 2.2/3.0 kernels
in this area, it seemed to work for me but I have a horribly hacked
select() that might have a bug in the handling of this)
Submitted by: wpaul
get installed.
The `install' target should only be overridden when the default one would
do something wrong and you're too lazy to fix the default one.
Restore the clamp on the return value from rpc_dtablesize().. Some programs
(eg: ypserv) use this as an indication of how large svc_fdset is in their
hand-rolled svc_run() loops. The svc_fdset table is maintained by the
rpc library explicitly for compatability with such programs. (It uses
a different variable-sized bitmap itself internally)
- prototypes now in include files
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
Note: potential bug here, It looks like there could be a null pointer
dereference depending on what has already been called to initialise some
shared data.
- kill non-FD_SETSIZE code
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
Note, there was a nasty bug with our old code here. It would trash the
stack if a fd > 31 was passed in. It was using a "long" as though it
was an "fd_set", ie: it was assuming that a long was 256 bits wide. :-(
This has been lurking here for a while, since the FD_SETSIZE #ifdef's
were first implemented.
- fix timeout code
- better sequence number generation (for long running daemons)
- dont close an unopen socket
- use standard functions
- 64 bit type safe for wire protocols
- unlimited file descriptors
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- ensure we're not spoofed/confused while trying to talk to the portmapper
- handle new get_myaddress failure cases
- prototype now in include file
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- fix timeout code
- better "random" initial transaction id for long running daemons
- unlimited number of file descriptors to select().
- 64 bit type safe wire protocol
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- typo (spelling police :-)
- dont die on select() that returns time remaining (on my systems)
- improve initial "random" sequence number, to make it harder to guess
in long running daemons.
- fix timeout code.
- unlimited number of fd's in select.
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- Protect against select() that returns time remaining (on my systems).
- don't exit. It's bad form for libc to exit() or abort() instead of
returning an error.
- only use loopback addresses after checking the real interfaces.
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- canonical function declaration
- use constants from includes, not magic numbers
- use standard functions
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- 64 bit long type safe (wire protocols specified in explicit sized types)
- Support systems that don't do unaligned accesses
- Support for explicit int16 and int32 sizes in xdr
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
RELENG_2_2!
This is part#2 of the previous commit to src/lib/libc/net to contain the
potential damage.
This provides stubs so that binaries linked in 2.2 will run on 3.0
needed, as he discovered when he tried to run vi. :-]
These files used to be stubs which used #ifdef PIC to decide whether to
use the real dlopen() version or the stub version from the src/contrib/tcl
sources. Now, with the our stubs gone, the .PATH directive causes them to
be compiled directly from src/contrib/tcl/{unix,generic}. You might need
to rebuild your depend rules though as they may have stale paths.
Also, this is a generated file. This should not have been edited here.
also add the missing declaration of forkpty() to libutil.h.
Btw., the calling interface for login(3) is crude. Some better
abstraction is needed, perhaps similar to logwtmp(3).
2.2 candidate, but i'll wait for the spelling police first. :)
- the .gz files are no longer used as intermediate files, it's in a pipe
now. (gunzip normally deleted them anyway, but this should not hurt)
- I accidently left a -p arg to install from testing. Bruce says it should
be ${COPY} instead, but almost everything else in the tree uses plain -c
anyway.
- Use "LINKS=" or two identical files are installed sepeately instead of
as links (doh!)
- Use "LIB..." instead of "BIN..." for install permissions. Note that we
still use bsd.prog.mk, not bsd.lib.mk because bsd.lib.mk has problems
(it can't install a library unless it compiles it).
- Define LIBCOMPATDIR in Makefile.inc instead of using BINDIR.
Mostly submitted by: bde
just return errors. This removes the need for awful hacks like that in
our build of libtcl which would get link errors when linked static.
John Polstra once mentioned that this was on his "todo" list.
Note that one can use:
cc -Wl,-Bstatic -o foo foo.o
and get an executable that has it's libraries statically linked, but has
a fully functional runtime linker so the executable can call dlopen() and
have it work. (I've tested this)
- getpwent:
o adjunctbuf should be NUL terminated after copying
o _pw_breakout_yp() needs to know the length of the buffer returned
from YP so it can properly NUL terminate its local buffer.
- getgrent:
o YP buffers should be YPMAXRECORD + 2 bytes long and NUL terminated.
(Previously they were hardcoded to 1024 bytes.)
- getnetgrent:
o YP data should be copied with snprintf(), not sprintf()
These are 2.2 candidates. I will wait a few days to make sure these don't
break anything and then, if there are no objections, move them to the 2.2
branch.
- getservent:
o put _yp_check() proto under #ifdef YP where it belongs
o local YP buffers should be YPMAXRECORD + 2 bytes long and should
be NUL terminated after copying
- gethostbynis:
o local YP buffer should be YPMAXRECORD + 2 bytes long
- getnetbynis:
o local YP buffer should be YPMAXRECORD + 2 bytes long and should
be NUL terminated after copying
- ether_addr:
o local YP buffers should be YPMAXRECORD + 2 bytes long and should
be NUL terminated after copying (in this case it's BUFSIZ + 2 bytes,
but it happens that BUFSIZ == YPMAXRECORD.
- gethostbydns:
o nuke stray 'return(NULL)' in __dns_getanswer() (harmless but looks silly)
These are 2.2 candidates. I will wait a few days to make sure these don't
break anything and then, if there are no objections, move them to the 2.2
branch.
line length limit anymore - now 500 members or 5000 members are
possible. For security group lines longer than 256K will be count as
an error. 256K should be enough for 65536 users.
Support comments (lines that begin with a #) if compiled with
option -DGROUP_IGNORE_COMMENTS.
Fortunately it seems that all system utilities which use getgrent()
functions are dynamically linked executables. So you need only
rebuild libc.so.3.0 if you want this change. Note: if you have
an old X server which depend on libc.so.2.* you should rebuild
libc.so.2.* too.
Not a 2.2 candidate.
lookup results. Without this, doing multiple host/addr lookups in a
single process yeilds strange results (the buffer is static, and
garbage may be left behind from previous lookups).
I just noticed this in 2.2-BETA. Unless somebody threatens to chop my
hands off with an axe, I'm going to move this to the 2.2-RELENG branch
shortly.
of BIND, we need to tweak some things to that gethostanswer() knows
whether or not we're dealing with an IPv4 or IPv6 address. (This'll
teach me to use a 2.1.0 system for NIS development -- but it's so nice
and stable I just can't being myself to upgrade it. :)
- A major 11th hour, last second, untested commit!
Build some infrastructure to clean up the compat lib distributions, and
also allow them to be installed from the source tree rather than having
to to and get the tarballs from freefall or a CD. Some tweaks to
/etc/make.conf are in the pipeline to enable it.
This came about because it became apparent that we'd have to change the
compat21.tgz tarball to fix the NIS problem with 2.1.x binaries. Since
it's tar..gz.uu, doing this would have caused a huge repository change
and we may as well try and fix it once and for all. Now, adding/removing
libraries should have MUCH less repository impact.
Peril sensative sunglasses: on!
Flame proof suit: on!
Concept reviewed by a stream of ascii representing the opinion of: jkh
Changes casually reviewed by: jkh (but not actually tested)
Without it, the last row and last column don't get their background updated.
I think this should be in 2.2.
Submitted by: Paul Koch <koch@thehub.com.au> (again)
Passing observation: The fixes that pst put in on 1996/09/22 then backed out
look like they should be put in again. If sysinstall is depending on bugs,
then it should be fixed.
_yp_dobind() checks to see if a fork() happens (by checking PIDs) and
invalidates all bindings if it finds itself in a newly created child
process. (This avoids sharing RPC client handles and socket descriptors
with the parent, which would be bad.) Unfortunately, it summarily
calls clnt_destroy() on the handles, which may result in the destruction
of a descriptor that isn't really a socket.
This is fixed by replacing the explicit call to clnt_destroy() with a
call to _yp_unbind(), which deals with potentially hosed socket descriptors
an a safe manner.
This is basically a one-liner. Once I confirm that it fixes Christoph's
problem, I'd like permission to put it in the 2.2-RELENG branch.
Vulnerable: all programs that use setlocale(LC_COLLATE),
setlocale(LC_CTYPE), or setlocale(LC_ALL). The only setuid/setgid
binary i've found for this is w(1).
Should go into 2.2.
I've added an installation from optical disk drive facility.
This enables FreeBSD to be installed from an optical disk, which
may be formatted in "super floppy" style or sliced into MSDOS-FS
and UFS partitions.
Note: ncr.c should be reviewed by Stefan Esser <se@freebsd.org>
and cd.c by Joerg Wunsch <joerg@freebsd.org> before bringing this
into 2.2.
Submitted-By: Shunsuke Akiyama <akiyama@kme.mei.co.jp>
in lots of unrelated junk from <net/if.h> and <net/if_ether.h>. These
functions still aren't prototyped anywhere (but should be in
<net/ethernet.h>---got that, Bill?).
and he said:
The 3rd agrument is new; looks like it was part of the upgrade to
a new BIND with some IPv6 support. The third argument here should be
AF_INET. In order for it to be anything else, I'd have to add new
NIS functions to support IPv6 lookups. I don't even know what those
look like yet.
So there ya go, add AF_INET as the 3rd argument to the call.
Submitted-by: wpaul
copy of insure++, too bad the runtime only works for BSD/OS. :-(
Maybe they'll be so impressed by my initial 15 entry bug report for it
that they'll take the FreeBSD version more seriously. :-) :-)
NIS map which is present on SunOS NIS servers with the SunOS C2 security
hack^Woption installed. I'm convinced that the C2 security option restricts
access to the passwd.adjunct.byname map in the same way that I restrict
access to the master.passwd.{byname,buid} maps (checking for reserved ports),
which means that we should be able to handle passwd.adjunct.byname map
correctly.
If _havemaster() doesn't find a master.passwd.byname map, it will now
test for a passwd.adjunct.byname map before defaulting back to the
standard non-shadowed passwd.{byname,byuid} maps. If _pw_breakout_yp()
sees that the adjunct map was found and the password from the standard
maps starts with ##, it will try to grab the correct password field
from the adjunct map. As with the master.passwd maps, this only happens
if the caller is root, so the shadowing feature is preserved; non-root
users just get back ##username as the encrypted password.
Note that all we do is grab the second field from the passwd.adjunct.byname
entry, which is designated to be the real encrypted password. There are
other auditing fields in the entry but they aren't of much use to us.
Also switched back to using yp_order() to probe for the maps (instead
of yp_first()). The original problem with yp_order() was that it barfed
with NIS+ servers in YP compat mode since they don't support the
YPPROC_ORDER procedure. This condition is handled a bit more gracefully
in yplib now: we can detect the error and just punt on the probing.
Since locale reading code not resistent against stack overflowing or
similar intruder attacks, don't allow PATH_LOCALE env variable action
for s-bit programs (non-standard locale path setting)
strdup() it to prevent unsetenv() or setenv() effects. Check its length to
not allow user to overflow internal locale buffer. Move PATH_LOCALE
handling code into one place.
POSIX: make better stub for LC_MONETARY & LC_NUMERIC, now it check
locale directory existance instead of refusing all non-C non-POSIX
locales. POSIX treats empty locale env variable as unset variable
while our old code treats it as "C" locale, fix it. Implement previous locale
restoring, if locale setting fails. Old code assumes success if some
of LC_ALL subset is successed even other fails, POSIX treats it as
failure with previous locale restoring, fix it.
Remove unneccessary length checking in currentlocale()
Garbage in `eacces' caused the wrong errno to be set for non-EACCES errors.
Garbage in `etxtbsy' caused a semi-random retry strategy for ETXTBSY errors.
Found by: NIST-PCTS. gcc -Wall reported the problem, but -Wall is not
enabled for libc.
FTP error return code because
1) They return NULL, it means that ftpErrno can't be used because
it takes file pointer
2) They don't have FILE-type argument as f.e. ftpGet/ftpPut to use
it for ftpErrno instead.
For that functions I add yet one int* type argument to store
FTP error return code. It is impossible to add some global variable
for that reason, because user can have multiply FTP connections
opened at the same time.
So, interface changed, major number bumped.
Userland changes will follows.
Minor bugfixes, the code:
Forget to close file in few places, when failure occurse
Forget to NULL cached host name, multiply free is possible
When malloc fails. don't try to memset NULL pointer, it cause core dump
Replace malloc+memset with calloc, theoretically it can do some
optimization of zeroing process internally
Improve error diagnostic
dealing w/the fixit floppy.
Also added the MNT_RELOAD, MNT_WANTRDWR, MNT_ASYNC, MNT_NOATIME,
MOUNT_UNION flags. Someone might want to check my description of MNT_RELOAD.
2.2-R candidate. Not a 2.1.6-R candidate -- some current flags aren't in
2.1.5-R's version.
for NULL RPC client handles. This should hopefully fix the problems
Satoshi reported on -current.
- Add socket descriptor sanity checks to _yp_unbind().
- Fix yp_order() so that it handles the RPC_PROCUNAVAIL error gracefully.
NIS+ in YP compat mode doesn't support the YPPROC_ORDER procedure.
This is a 2.2 candidate with bells on.
inside libc. Add collate_range_cmp as alias to __collate_range_cmp
for temp. backward compatibility.
collate_range_cmp will be replaced with direct code for each
external program for compatibility with the rest of world
No changes other than "instructions" for what other tools that use this
.. "interesting" .. system should name their shared libraries. This was
broken for some tools (eg: expect-5.21) even for the native tcl build (ie,
it would end up using libexpect521.so, not libexpect521.so.1.0)
1) Rename FNM_ICASE to FNM_CASEFOLD
2) Add FNM_LEADING_DIR
Add proper (unsigned char) casts to tolower().
Use 'char' function argument for proper sign extension
Add progname to warning/error message layout. (joerg)
Remove inline assembler, no speed impact, not need for the obfuscation (bde)
Remove on the fly calculation of parameters, no longer critical.
Make D & U flags valid even if we don't support them.
Don't call imalloc until we're done initializing.
Zap contents on free() if we have "Junk" set. [*]
Various nitpicking.
[*] As a sideeffect of this change, if you are worried about
sensitive data lingering in memory, you can use the 'Junk' option
now to make sure phkmalloc zaps memory when it is returned. add
char * malloc_options = "J";
to your source. Obviously there is a performance impact.
Somehow, I also managed to get quite some other changes in this file at
the same time. All I did was checkout the file and made a single change.
If someone has an explanation how these PURIFFY defines got in...
API and non-API functions and giving _sk_ prefix for all non-API
functions. Old names will be available by _SKEY_INTERNAL define
it allows not change anything in keyinit & key, only -D_SKEY_INTERNAL required.
Staticise some things.
dead kernel debugging. The previous code was a "do nothing".
The most obvious side effect of this is that you can now do things like
this and reasonably expect them to work:
dmesg -M /var/crash/vmcore.3 -N /var/crash/kernel.3
ps -axl -M /var/crash/vmcore.3 -N /var/crash/kernel.3
A good deal of this was lifted from the gdb code to do this, as well as
from NetBSD's libkvm (which has completely different VM macros)
and forwards compatable with version 3. This is needed to enable storing
a run-time library path in the dynamic linking headers. The crt startup
tries version 4 first, and falls back to version 3, so an executable that
is linked on -current will work with the ld.so on 2.1.x and less.
Reviewed by: nate, jdp
Obtained from: NetBSD
- removed references to nonexistent pathconf-related variables.
- document everything in CTL_MACHDEP(more than in sysctl.8) and
80% of the things in CTL_KERN (same as in sysctl.8).
- old static non-profiled libraries were removed in the wrong directory
if ${ORIG_SHLIBDIR} != ${LIBDIR}.
- old profiled libraries weren't removed.
- new shared compat libraries were installed in the wrong directory if
${ORIG_SHLIBDIR} != /usr/lib.
- some lines were too long.
Added some comments about cases that have caused problems. Changed
libfoo to ${LIB} so that libresolv/Makefile and libgnumalloc/Makefile
are almost identical.
complaints and suggestions about this over the last few days that I
cannot remember who has said what anymore. :-(
There is also a comment here about the intent of the process and another
explicit pointer to the etc/etc/rc change to that has been ignored by
quite a few people it seems.
stuff and detection for the "gnumalloc" port which doesn't exist and
nobody has cared enough about for the past 6 months or so to implement.
As has been pointed out to me (quite a few times) in email, the people
that had been bitten by the changes had failed to follow the instructions
about updating /etc/rc.
Bruce also pointed out that after my last commit, it was no longer
removing /usr/lib/libgnumalloc.so.2.0 as it should have been.
Hopefully this (and the comments in the Makefile) should defuse the problem
a bit.
Various neat features added. More documentation in the manpage.
If your machine has very little RAM, I guess that would be < 16M
these days :-(, you may want to try this:
ln -fs 'H<' /etc/malloc.conf
check the manpage.
Major version bumped (by me) since the ftpGet() public interface has
changed (an "int *" becomes and "off_t *")
Submitted by: Jason Thorpe <thorpej@nas.nasa.gov>, PR#1640
as done after a quasi-recursive call to free() had modified what we
thought we knew about the last chunk of pages.
This bug manifested itself when I did a "make obj" from src/usr.sbin/lpr,
then make would coredump in the lpd directory.
for gcc >= 2.5 and no-ops for gcc >= 2.6. Converted to use __dead2
or __pure2 where it wasn't already done, except in math.h where use
of __pure was mostly wrong.
conflict with the other declarations in other files. tputs() is
traditionally declared to return int, not void. curses.h has it as int.
ncurses has int and actually sets the return value. This problem has
been causing the ircII port to not compile.
(I've only minimally tested this, I do not have libtermcap on my systems)
as a PR to GNATs but it evidently went astray somehow since I can't find
it in the database now, nor does an assigned PR# appear on the mail I got.
Sorry about that, Danny!
Submitted-By: Danny R. Johnston <danny@simn.com>
built early enough to always be installed by the `includes' target
in /usr/src/Makefile. This is supposed to be handled by not
installing it if it doesn't exist. However, a stale, uninstallable
copy sometimes exists in the source directory, and the existence
test sometimes found the wrong copy.
"." means the object directory, so it is just confusing to use it
when nothing is included from the object directory unless the object
directory is also the source directory. It is confusing for "."
not to mean the source directory anyway, so used `-I.'s should be
replaced by `-I${.OBJDIR}'.
traditional BSD4.4 behavior (_POSIX_SAVED_IDS are OFF) was described
before.
Add some hooks to easily change this text when
POSIX_SAVED_IDS model will be changed.
routines from contrib/bind directly. There were too many problems,
including having to add -DUSE_OPTIONS_H to the entire libc source in
order for the contrib code to pick up it's options, and so on.
Instead, I've merged the changes, libc is now self contained again.
