library objects, rather than using OBJS to refer to them. This gives us
a separate variable to refer to static library objects that does not affect
profile library objects (which has POBJS) or shared library objects (which
has SOBJS).
Two new ioctls are added to the wsdisplay device, named WSDISPLAY_GMSGATTRS
and WSDISPLAY_SMSGATTRS, used to retrieve the actual values and set them,
respectively (the name, if you are wondering, comes from "message attributes").
A new emulop is added to the underlying display driver (only vga, for now)
which sets the new attribute for the whole screen, without having to clear
it. This is optional, which means that this also works with other drivers
that don't have this new operation.
Five new kernel options have been added, although only documented in
i386 kernels (for now):
- WSDISPLAY_CUSTOM_OUTPUT, which enables the ioctls described above to
change the colors dynamically from userland. This is enabled by default
in the GENERIC kernel (as well as others) but disabled on all INSTALL*
kernels (as this feature is useless there).
- WS_DEFAULT_COLATTR, WS_DEFAULT_MONOATTR, WS_DEFAULT_BG and WS_DEFAULT_FG,
which specify the default colors for the console at boot time. These have
the same meaning as the (already existing) WS_KERNEL_* variables.
wsconsctl is modified to add msg.default.{attrs,bg,fg} and
msg.kernel.{attrs,bg,fg} to the display part, so that colors can be changed
after boot.
Tested on NetBSD/i386 with vga (and vga in mono mode), and on NetBSD/mac68k.
No objections in tech-kern@.
(1) The stock sendmail.cf will only listen on the loopback interface.
(2) The stock submit.cf specifally connects to "localhost." which
should be less susceptible to being confused or looking confused.
(3) The smtp listener starts by default, if needed. The setting in
/etc/default/rc.conf is still "no", but rc.d/sendmail detects the
default setting and will change it to yes if need is determined.
Need is defined as "nothing else seems to have been changed about the
mail configuration but we'd like locally originated and locally
destined mail to be delivered". If you change, eg, mailer.conf to
point to postfix or some other MTA, sendmail will not start.
The algorithm used is essentially PBKDF1 from RFC 2898 but using
hmac_sha1 rather than SHA1 directly (suggested by smb@research.att.com).
* The format of the encrypted password is:
* $<tag>$<iterations>$<salt>$<digest>
*
* where:
* <tag> is "sha1"
* <iterations> is an unsigned int identifying how many rounds
* have been applied to <digest>. The number
* should vary slightly for each password to make
* it harder to generate a dictionary of
* pre-computed hashes. See crypt_sha1_iterations.
* <salt> up to 64 bytes of random data, 8 bytes is
* currently considered more than enough.
* <digest> the hashed password.
hmac.c implementes HMAC as defined in RFC 2104 and includes a unit
test for both hmac_sha1 and hmac_sha1 using a selection of the Known
Answer Tests from RFC 2202.
It is worth noting that to be FIPS compliant the hmac key (password)
should be 10-20 chars.
USETOOLS=no/never means the system groff is being used so depending on
anything except it's tmac files makes no sense (and prevents builds with
USETOOLS=no/never from working as PR#23067 points out)
_NETBSD_SOURCE as this makes cross building from older/newer versions of
NetBSD harder, not easier (and also makes the resulting tools 'different')
Wrap all required code with the inclusion of nbtool_config.h, attempt to
only use POSIX code in all places (or when reasonable test w. configure and
provide definitions: ala u_int, etc).
Reviewed by lukem. Tested on FreeBSD 4.9, Redhat Linux ES3, NetBSD 1.6.2 x86
NetBSD current (x86 and amd64) and Solaris 9.
Fixes PR's: PR#17762 PR#25944
doing copy-on-write.
- Change VFS_SNAPSHOT() to return the snapshot vnode locked.
- Make the IO path for copy-on-write and snapshot-read more lightweight.
Avoids deadlocks where vn_rdwr(...READ...) has a shared lock and needs
to copy-on-write.
Avoids deadlocks/panics where to clean pages the copy-on-write needs
to allocate pages for its VOP_PUTPAGES().
L_COWINPROGRESS part approved by: Jason R. Thorpe <thorpej@netbsd.org>
as LK_SHARED, the VOP_ code (in all our existing file systems)
was implememted assuming exclusive locking. Use of LK_SHARED
is technically a bug and only works right for uni-processor and
big-lock SMP systems. Our current file systems will blow up
(probably quite subtlely) with LK_SHARED and fine-grained SMP
locking.
- Not enabled by default. Needs kernel option FFS_SNAPSHOT.
- Change parameters of ffs_blkfree.
- Let the copy-on-write functions return an error so spec_strategy
may fail if the copy-on-write fails.
- Change genfs_*lock*() to use vp->v_vnlock instead of &vp->v_lock.
- Add flag B_METAONLY to VOP_BALLOC to return indirect block buffer.
- Add a function ffs_checkfreefile needed for snapshot creation.
- Add special handling of snapshot files:
Snapshots may not be opened for writing and the attributes are read-only.
Use the mtime as the time this snapshot was taken.
Deny mtime updates for snapshot files.
- Add function transferlockers to transfer any waiting processes from
one lock to another.
- Add vfsop VFS_SNAPSHOT to take a snapshot and make it accessible through
a vnode.
- Add snapshot support to ls, fsck_ffs and dump.
Welcome to 2.0F.
Approved by: Jason R. Thorpe <thorpej@netbsd.org>
and don't install the (.a) library.
This is useful for "build only" helper libraries.
* Add some #{ [...] #} comments around large conditional statements.
by udi_, and adapt to udi_lowspeed -> udi_speed member change
fix usb_device_stats - there is uds_ prefix
use #include <dev/usb/usb.h> also in USB CONTROLLER INTERFACE section
bump date
review, proofing, and bug-fixing by Thomas Klausner (wiz):
1. add hifn(40 and ubsec(4) to share/man/man4/Makefile and the distrib set lists.
2. Restore commented-out cross-references to hifn(40 and ubsec(4) in crypto(4).
No change made to hifn.4 or ubsec.4; commit forced for cross-reference
and for pullup-request purposes.
.Pp before/after section headers; replace <> with \*[Lt] and \*[Gt] resp.
for HTML; mark up COP_*; add a missing word ("if"); comment out references
to hifn(4) and ubsec(4), which we don't have; sort sections; add missing
word ("in").
(MD5 signatures for TCP, as used with BGP). Credit for original
FreeBSD code goes to Bruce M. Simpson, with FreeBSD sponsorship
credited to sentex.net. Shortening of the setsockopt() name
attributed to Vincent Jardin.
This commit is a minimal, working version of the FreeBSD code, as
MFC'ed to FreeBSD-4. It has received minimal testing with a ttcp
modified to set the TCP-MD5 option; BMS's additions to tcpdump-current
(tcpdump -M) confirm that the MD5 signatures are correct. Committed
as-is for further testing between a NetBSD BGP speaker (e.g., quagga)
and industry-standard BGP speakers (e.g., Cisco, Juniper).
NOTE: This version has two potential flaws. First, I do see any code
that verifies recieved TCP-MD5 signatures. Second, the TCP-MD5
options are internally padded and assumed to be 32-bit aligned. A more
space-efficient scheme is to pack all TCP options densely (and
possibly unaligned) into the TCP header ; then do one final padding to
a 4-byte boundary. Pre-existing comments note that accounting for
TCP-option space when we add SACK is yet to be done. For now, I'm
punting on that; we can solve it properly, in a way that will handle
SACK blocks, as a separate exercise.
In case a pullup to NetBSD-2 is requested, this adds sys/netipsec/xform_tcp.c
,and modifies:
sys/net/pfkeyv2.h,v 1.15
sys/netinet/files.netinet,v 1.5
sys/netinet/ip.h,v 1.25
sys/netinet/tcp.h,v 1.15
sys/netinet/tcp_input.c,v 1.200
sys/netinet/tcp_output.c,v 1.109
sys/netinet/tcp_subr.c,v 1.165
sys/netinet/tcp_usrreq.c,v 1.89
sys/netinet/tcp_var.h,v 1.109
sys/netipsec/files.netipsec,v 1.3
sys/netipsec/ipsec.c,v 1.11
sys/netipsec/ipsec.h,v 1.7
sys/netipsec/key.c,v 1.11
share/man/man4/tcp.4,v 1.16
lib/libipsec/pfkey.c,v 1.20
lib/libipsec/pfkey_dump.c,v 1.17
lib/libipsec/policy_token.l,v 1.8
sbin/setkey/parse.y,v 1.14
sbin/setkey/setkey.8,v 1.27
sbin/setkey/token.l,v 1.15
Note that the preceding two revisions to tcp.4 will be
required to cleanly apply this diff.
socket options (TCP_MD5SIG) in the works. Break TCP socket-options
into a list, and add a list element for TCP_MAXSEG, with text borrowed
from FreeBSD. (NB: our implementation may need improving to match that
rather general text.)
In preparation for adding list elements for TCP_MD5SIG.
- support ${COPTS.<fn>} ${CPUFLAGS.<fn>} ${CPPFLAGS.<fn>}
(deficiency noted by Tyler Retzlaff <rtr@NetBSD.org>)
- use ${COMPILE.s} for .s.o .s.po .s.so (instead of ${COMPILE.S})
- don't support AINC anymore; append to AFLAGS instead
Remove .c.ln - it was a duplicate of the rule in <bsd.sys.mk>
Usage: ${MAKEDIRTARGET} dir target [params]
Runs "cd $${dir} && ${MAKE} [params] $${target}",
displaying a "pretty" message whilst doing so.
Use MAKEDIRPREFIX to implement the __recurse .USE macro in <bsd.subdir.mk>
name where the user should look at for documentation about rcvar. It defaults
to 'rc.subr(5)', as rc.subr is mainly used by rc.d scripts.
This variable is useful to let the daily, weekly, monthly and security scripts
tune the warning message shown when any of the variables they handle is not
properly set.
Closes PR misc/23908.