1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-30 12:04:07 +00:00
Commit Graph

62880 Commits

Author SHA1 Message Date
Hajimu UMEMOTO
e43cc4ae36 When running aplication joined multicast address,
removing network card, and kill aplication.
imo_membership[].inm_ifp refer interface pointer
after removing interface.
When kill aplication, release socket,and imo_membership.
imo_membership use already not exist interface pointer.
Then, kernel panic.

PR:		29345
Submitted by:	Inoue Yuichi <inoue@nd.net.fujitsu.co.jp>
Obtained from:	KAME
MFC after:	3 days
2001-08-04 17:10:14 +00:00
Mark Murray
4447e914e8 Fix the bug where this modulke was not checking the priamry GID, only
the GIDS in /etc/group or NIS's group map.

Tested by:	sheldonh
PR:		29349
2001-08-04 09:19:31 +00:00
Warner Losh
a253d9b47b Kill debug output for sn device. It is confusing the natives 2001-08-04 05:27:52 +00:00
Bruce Evans
ea36b96388 Link to libcipher in the usual way. `bdes' depended on a nonexistent
library.  This only worked because of the undocmented feature of make(1)
that targets named foo.a are always up to date.

Fixed some style bugs.
2001-08-03 22:28:25 +00:00
Bruce Evans
a7dff00b1e Don't clobber the default for CFLAGS. 2001-08-03 21:45:54 +00:00
John Baldwin
c9c1406f76 Add KTR_INTR tracepoints for when clock interrupts are triggered. 2001-08-03 20:54:41 +00:00
Hajimu UMEMOTO
2a21da3022 When global anycast address was assigned to lo0, wrong source
address was selected.

Reported by:	Shingo WATANABE <nabe@nabechan.org>
Submitted by:	JINMEI Tatuya <jinmei@isl.rdc.toshiba.co.jp>
MFC after:	3 days
2001-08-03 19:10:31 +00:00
Robert Watson
fd6aaf7fe1 Anton kindly pointed out (and fixed) a bug in the Jail handling of the
bind() call on IPv4 sockets:

  Currently, if one tries to bind a socket using INADDR_LOOPBACK inside a
  jail, it will fail because prison_ip() does not take this possibility
  into account.  On the other hand, when one tries to connect(), for
  example, to localhost, prison_remote_ip() will silently convert
  INADDR_LOOPBACK to the jail's IP address.  Therefore, it is desirable to
  make bind() to do this implicit conversion as well.

  Apart from this, the patch also replaces 0x7f000001 in
  prison_remote_ip() to a more correct INADDR_LOOPBACK.

This is a 4.4-RELEASE "during the freeze, thanks" MFC candidate.

Submitted by:	Anton Berezin <tobez@FreeBSD.org>
Discussed with at some point:	phk
MFC after:	3 days
2001-08-03 18:21:06 +00:00
Robert Watson
7d69e57088 Remove dangling prototype for the now defunct procfs_kmemaccess()
call.

Obtained from:	TrustedBSD Project
2001-08-03 17:51:05 +00:00
Daniel C. Sobral
07203494d2 MFS: Avoid dropping fragments in the absence of an interface address.
Noticed by:	fenner
Submitted by:	iedowse
Not committed to current by:	iedowse ;-)
2001-08-03 17:36:06 +00:00
Robert Watson
436b89d434 Collapse a Pmem case in with the other debugging files case for procfs,
as there are now "unusual" protection properties to Pmem that differ
from the other files.  While I'm at it, introduce proc locking for
the other files, which was previously present only in the Pmem case.

Obtained from:	TrustedBSD Project
2001-08-03 17:20:34 +00:00
Robert Watson
57de737e82 Remove read permission for group on the /proc/*/mem file, since kmem
no longer requires access.

Reviewed by:	tmm
Obtained from:	TrustedBSD Project
2001-08-03 17:15:40 +00:00
Robert Watson
f2e6be5865 Prior to support for almost all ps activity via sysctl, ps used procfs,
and so special-casing was introduced to provide extra procfs privilege
to the kmem group.  With the advent of non-setgid kmem ps, this code
is no longer required, and in fact, can is potentially harmful as it
allocates privilege to a gid that is increasingly less meaningful.
Knowledge of specific gid's in kernel is also generally bad precedent,
as the kernel security policy doesn't distinguish gid's specifically,
only uid 0.

This commit removes reference to kmem in procfs, both in terms of
access control decisions, and the applying of gid kmem to the
/proc/*/mem file, simplifying the associated code considerably.
Processes are still permitted to access the mem file based on
the debugging policy, so ps -e still works fine for normal
processes and use.

Reviewed by:	tmm
Obtained from:	TrustedBSD Project
2001-08-03 17:13:23 +00:00
Bill Fenner
02e3112ae7 Don't terminate the uiomove() loop on a zero-length mbuf. It's not
particularly nice that IPSEC inserts a zero-length mbuf into the
 chain, and that bug should be fixed too, but interfaces should be
 robust to bad input.
Print the interface name when TUNDEBUG()ing about dropping an mbuf.
2001-08-03 16:51:53 +00:00
Gregory Neil Shapiro
2325431216 Convert to using the same method of detecting the secure directory as other
usr.sbin programs.

Noted by:	markm
2001-08-03 16:22:47 +00:00
Mark Murray
563df95270 Revamp and diff-reduce the various secure telnets. Make sure that
Kerberos5 has _a_ telnet (which is not currently K5 enabled).
Incorporate BDE's static linking fixes.
2001-08-03 16:03:26 +00:00
Dima Dorfman
0512c8b6ab Note MFC of file 3.36. 2001-08-03 12:31:43 +00:00
Sheldon Hearn
f42dadce1e Miscellaneous fixes.
In particularly, the -h and -m flags were incorrectly described.
2001-08-03 11:31:39 +00:00
Thomas Gellekum
b99bacc92b Fix warnings from `-Wmissing-prototypes'. Staticize. 2001-08-03 10:47:56 +00:00
Thomas Gellekum
273a0913fe Sort SRCS. 2001-08-03 10:47:13 +00:00
Mike Smith
feade91944 Reverse the logic here again with regards to "trusted" ACPI timer
implementations.  More of them seem to be broken, so only "trust"
timers we know work.
2001-08-03 09:52:53 +00:00
Brian Somers
d8c3658bb5 Warn when a CHAP81 SUCCESS packet is invalid due to an incorrect S= value. 2001-08-03 09:28:21 +00:00
Mike Smith
d93b034fe9 Shoud build resources in the _CRS buffer. Oops.
Submitted by:	"neckpain@nettaxi.com" <neckpain@nettaxi.com>
2001-08-03 08:38:49 +00:00
Mike Smith
a692219d8a Move the resource pointer when we reallocate the buffer.
Submitted by:	"neckpain@nettaxi.com" <neckpain@nettaxi.com>
2001-08-03 08:38:11 +00:00
Bosko Milekic
ba3e88262e Rename mb_init() mbuf subsystem initialization routine to mbuf_init(), in
order to avoid namespace collision with subr_mchain.c's mb_init(). This
wasn't "fatal" as the mbuf initialization routine mb_init() was local to
subr_mbuf.c which in turn didn't pull in subr_mchain.c's mb_init()
declaration, but it should deffinately be changed now before it creates
headache.
2001-08-03 05:05:32 +00:00
Jake Burkholder
f74250ca46 Remove some code that appears to have endian problems with INVARIANTS.
This is #if BIG_ENDIAN, but is only necessary if malloc types are shorts,
not struct malloc_type * like they are now.
2001-08-03 03:31:45 +00:00
Jake Burkholder
7cabcd9841 Move some code related to managing pv entries from the pmap module to
the pv module.  It works now that vtophys for sttes works.
2001-08-03 01:27:15 +00:00
Jake Burkholder
d741ca6bdb Fix a bug translating virtual translation table entry addresses to physical
addresses.  It helps to use the physical address that the virtual address
actually maps to (doh!).  Comment out some code that crashes.

Found independently by:	tmm
2001-08-03 01:21:24 +00:00
Jake Burkholder
3db6135894 Define proc0paddr. Call init_param() as early as possible. 2001-08-03 01:11:49 +00:00
Jake Burkholder
d2734d58ab Add a Makefile, ldscript, and config magic for sparc64. This is tailored
to build with a cross compiler alongside the standard compiler; it would be
more desirable to build in a chroot.
2001-08-03 01:09:10 +00:00
Jake Burkholder
1994658f04 Add an Elfhashelt type for sparc64. 2001-08-03 01:00:41 +00:00
Scott Long
c6eafcf2c5 Reformat for 80 columns. Sorry, but I had to do it. 2001-08-03 00:50:30 +00:00
Jonathan Chen
685233abc5 Fixes file descriptor leak in standalone mode.
Prevents simultaneous calls to updatestat() as function is not reentrant.

PR:		bin/24857
Submitted by:	Martin Butkus <mb@bagheera.thgwf.de>
MFC after:	1 month
2001-08-03 00:23:37 +00:00
Peter Wemm
5635f2a580 Further Makefile.* sync (from Makefile.ia64). The lint target has been
commented out in the entire life of the 2.x+ branch and given the amount
of gcc-specific code we have and the warning checks that gcc does I'm not
sure that it is going to get us much for some time.
2001-08-03 00:07:54 +00:00
Peter Wemm
d74dddff88 Move MKMODULESENV+= *after* MKMODULESENV= 2001-08-03 00:01:13 +00:00
Peter Wemm
b2c17e333e Add a cosmetic comment. 2001-08-02 23:54:23 +00:00
John Baldwin
b39bc3e160 Use 'p' instead of the potentially more expensive 'curproc' inside of
mi_switch().
2001-08-02 22:15:31 +00:00
George C A Reid
1ad86e6dd7 Set up the via_chinfo structures properly so we write to the correct
registers later on; this fixes the VIA82C686 sound problems recently
reported by a number of people.
2001-08-02 22:13:10 +00:00
Ian Dowse
146e669b8d Fix a few bugs, some of which I introduced in recent commits:
- clean_mtab():
    Actually use the strdup'd version of the host that we go to the
    trouble of creating.
- do_umntall/do_umount:
    Don't return success if clnt_create() fails.
    Don't access a client pointer after it has been destroyed.
    Remember to destroy the authentication information we created.
2001-08-02 21:46:21 +00:00
Ian Dowse
e73bb7f1e2 In getclnthandle(), if the address is found in the cache we need
to strdup() the address string before returning it via *targaddr
because the caller will free the string.

Change the comment at the top of getclnthandle() to clarify that
the caller is responsible for freeing *targaddr.

Noticed by:	sobomax
2001-08-02 21:31:21 +00:00
Warner Losh
c7021493ba Make the fmt arguments to make_dev and make_dev_alias const char *.
Approved on IRC as long as it didn't cause a large number of warnings by: phk

MFC After: 700 hours
2001-08-02 20:35:35 +00:00
Brian Somers
1a40cd082a The wrong-last-byte bug on win98 chap responses is also in winME 2001-08-02 20:12:48 +00:00
Jonathan Chen
7ba271ae0b fix memory leak when error during opening of routing socket
PR:		kern/29336
Submitted by:	Richard Andrades <richard@xebeo.com>
MFC after:	1 month
2001-08-02 19:56:29 +00:00
Mark Murray
f950650b78 With the S/KEY removal, this is no longer buildable or necessary. 2001-08-02 19:04:20 +00:00
Mark Murray
c52468e7ef Don't try to make pam_ssh module if NO_OPENSSH is set. 2001-08-02 19:01:02 +00:00
Mark Murray
41b07e1d10 Add opieaccess(5) functionality under the INSECURE_OPIE .ifdef.
Asked for by:	ache
2001-08-02 18:58:52 +00:00
Maxim Sobolev
ea0cdbc8ac exists(../../crypto) --> exists(${.CURDIR}/../../crypto)
MFC after:	1 month
2001-08-02 18:21:48 +00:00
Jonathan Chen
f0b8b1fccb fix for pkg_add to symlinked prefix directories that are more than 1 link deep.
PR:	bin/28274
Submitted by:	John Hein <jhein@timing.com>
MFC after:	1 month
2001-08-02 18:20:27 +00:00
Andrey A. Chernov
bd376a3487 Allow configTtys() be called several times - set VAR_CONSTERM to "NO" after
operation done.
2001-08-02 16:36:21 +00:00
Maxim Sobolev
a8ec1b4851 Fix a cryptoless world by disconnecting libmp from the build when there is no
crypto bits installed and/or NOCRYPTO/NO_OPENSSL is defined. This unfortunately
meants that usr.bin/chkey, usr.bin/newkey and usr.sbin/keyserv have also to
be disconnected.

IMO it is merely a workaround, the proper solution is to move libmp to
src/crypto where it belongs and use libgmp for the cryptoless builds instead.

Missed by:	dd
2001-08-02 15:47:03 +00:00