- reject absolute names in +CONTENT
- fix size issues with pkg_add -u and buffer handling
- print file name of failed renames in pkgdb during pkg_add -u
- remove warning when running pkg_add as non-root
- remove more traces of master/slave mode
- update URLs for new ftp.netbsd.org layout
- make warning of broken symlinks separate from warning for non-existant
files
- FETCH_PRE_ARGS option for download-vulnerability-list
- print only base package name in FILE_NAME for pkg_info -X
- don't leak memory in Dewey, it is called a lot more often now and
makes a difference
- just allocate in vfcexec and free, don't bother caching the exec
buffer
- remove some FTP debugging code
- make more allocation errors in the pkgdb iteration code fatal
- glob patterns and simple patterns are checked for being version-free
as well
- try harder to get setgid permissions correctly when extracting as
non-root
- fix waitpid to correctly handle EINTR
code to retry on SIOCGIFCONF not returning all interfaces is broken,
this unreasonably large buffer should handle the case of a machine
with lots of (usually virtual) interfaces. dhcpd 4 uses a different
method to get interface configuration, so this kludge should go away
on upgrade.
Fix based on understanding of the code, but has been compile-tested
only, to address failure report received from Michael Graff.
Pay closer attention to the TSIH value that is assigned by the target -
rather than a simple (session id + 1) value, which cycles after 16 sessions
are used, use a central counter, and increment that whenever a TSIH is
apportioned. This fixes some problems for me with multiple targets being
ignored, and only the first target being used. Tested with the Microsoft
initiator, and the embryonic NetBSD initiator.
Use more enumerated types, rather than cpp definitions.
Use enumerated types also in preference to magic numbers.
In the iSCSI test harness, use the -t argument to specify a disk target
exported by the NetBSD iSCSI target. This allows us to test for the
situation outlined above.
Add my copyright to the test harness - there's no Intel code left anymore.
Modify the way initiator login and logout information is presented to the
user. This is only of concern to people who use this with the target in
non-detached (non-daemon) mode.
Get rid of the MODE_SENSE_10 and MODE_SELECT_10 cases in the disk switch,
since they do not return responses in the correct format yet.
functions. Code contributed by Aleksey Cheusov in PR#36394, and slightly
tweaked for closer-to-KNF conventions by me. Also slightly improved checks
of error returns.
- include <stdbool.h> so bool is available _KERNEL for sys/condvar.h
- include <sys/mutex.h> before defining _KERNEL so it won't try to
include <machine/intr.h> which isn't available to userland.
fixes builds on sparc64.
+ fix a reported problem with newer versions of FreeBSD which require
a block of data to be read and written, rather than a single byte.
+ add support for Extended Inquiry Data VPD Page (0x86), reported to be
necessary to interoperate with the AIX initiator.
+ add preliminary support for the Write and Verify SCSI operation (0x2e).
writable, do the touch(1) dance with 512 bytes of information, rather
than just a single byte - the single byte read and write causes
problems on newer versions of FreeBSD, I am informed. Patch from
Andrey Yakovlev, cleaned up to compile by myself.
Add support for Extended Inquiry Data VPD Page (0x86), reported to be
necessary to interoperate with the AIX initiator.
Add preliminary support for the Write and Verify SCSI operation (0x2e).
http://www.ludd.ltu.se/~ragge/pcc/
This is based on the original Portable C Compiler by S. C. Johnson,
written in the late 70's. Even though much of the compiler has been
rewritten, some of the basics still remain.
The goal of pcc is to produce a small, simple, fast and understandable
C99 compiler under a BSD licence.
next ifreq is sizeof(struct ifreq) after the current one unless the
sockaddr is bigger than the union in ifreq that holds it.
In the original 4.4BSD code, this interpretation results in the same
behavior as the "is the sockaddr bigger than struct sockaddr", because
sizeof(struct sockaddr) and sizeof(ifc->ifr_ifru) are the same.
Add comments pointing out problems in the 'need bigger buffer' code,
and copying excessive amounts of data.
correct service - allows us to bind to the correct port, and not the
iSCSI control port.
Update version to 20070815, and re-run autoconf and autoheader.
+ if the attempt to getaddrinfo() on (host,port) fails, try various
combinations of (host,service)
+ clean up lint
+ set sess->d when we get traffic in, rather than just at iSCSI login
Only the library, tar, the test suites for each and the NEWS are
imported, the rest is not used or currently not useful.
Patches for an aliasing violation and a ctype interface violation
are included, they are scheduled to be part of the next release.
diffs to upstream.
This turns out to be a no-op, and it shouldn't be here at all because
the DEC/NetBSD specific FDDI padding is dealt with in libpcap already.
2206. [security] "allow-query-cache" and "allow-recursion" now
cross inherit from each other.
If allow-query-cache is not set in named.conf then
allow-recursion is used if set, otherwise allow-query
is used if set, otherwise the default (localnets;
localhost;) is used.
If allow-recursion is not set in named.conf then
allow-query-cache is used if set, otherwise allow-query
is used if set, otherwise the default (localnets;
localhost;) is used.
[RT #16987]
2203. [security] Query id generation was cryptographically weak.
[RT # 16915]
2202. [security] The default acls for allow-query-cache and
allow-recursion were not being applied. [RT #16960]
2193. [port] win32: BINDInstall.exe is now linked statically.
[RT #16906]
2192. [port] win32: use vcredist_x86.exe to install Visual
Studio's redistributable dlls if building with
Visual Stdio 2005 or later.
insufficient check of snprintf()'s return value, see gentoo bug #184815.
The exploit provided appearently doesn't trigger the overflow in
NetBSD; this might be due to different error return behavior of snprintf
implementations, or due to the fact that out tcpdump is still 3.8.3
while the bug was reported against 3.9.x. The fix looks correct in any
case.
The exploit caused an endless loop at another place instead, due
to an obvious bug, so fix this too.
Also apply another patch which was applied to the 3.8 branch upstream
but never released: rev. 1.72.2.5, infinite loop protection for ldp and bgp
We should update tcpdump to 3.9.x.
This is part one of moving the authoritive version from
src/usr.sbin/pkg_install to pkgsrc/pkgtools/pkg_install/files.
Discussed with and agreed by: jlam@, agc@, adrianp@
Raised issue to and not objected by: core@
yamt's reading of RFC 3720 is correct (see section 12.10, InitialR2T).
The desired transfer length in the initial ready to transmit
negotiation should not include any immediate data.
before system header file inclusion magically causing what "read" is
#defined to to pick up a read-like prototype. For sanity's sake, put
prototypes for revolting trace_mr stuff in their own header file (instead
of nowhere at all and using the trick referenced above).
"state lock" flag (if-bound, gr-bound, floating) at the end of a
NAT rule. The new syntax is backwards-compatbile with the old
syntax.
PF (kernel): change the macro BOUND_IFACE() to the inline function
bound_iface(), and add a new argument, the applicable NAT rule.
Use both the flags on the applicable filter rule and on the applicable
NAT rule to decide whether or not to bind a state to the interface
or the group where it is created.
a "long long" - giving a compilation warning.
Check for the presence of PRIu64 and use that in preference.
Adjust code to avoid multiple printf() calls.
Use unsigned format specifiers in all cases.
running instead of overwriten the PID file, removing IPv4 address
from the network interface(s) and leaving the system in a broken state.
This fixes PR bin/26504 by Jun-ichiro itojun Hagino. Patch supplied
by Rivo Nurges during NetBSD's second Bugathon.
* Assertion failure in ISC BIND SIG query processing (CVE-2006-4095)
- Recursive servers
Queries for SIG records will trigger an assertion failure if more
than one RRset is returned. However exposure can be minimized by
restricting which sources can ask for recursion.
- Authoritative servers
If a nameserver is serving a RFC 2535 DNSSEC zone and is queried
for the SIG records where there are multiple RRsets, then the
named program will trigger an assertion failure when it tries
to construct the response.
* INSIST failure in ISC BIND recursive query handling code (CVE-2006-4096)
It is possible to trigger an INSIST failure by sending enough
recursive queries such that the response to the query arrives after
all the clients waiting for the response have left the recursion
queue. However exposure can be minimized by restricting which sources
can ask for recursion.
ok'ed christos@
implemented for IPv6, but works fine for IPv4)
+ now poll any connections opened in the target. select is used if
poll is not available
+ remove ramdisk type of backing store, since it was never used, and
is of no use for our needs
+ bump version to 20060727
- The array must be NULL terminated because other code depends on it.
- Use this terminator to check if we're at the end of the array instead
of doing sizeof(pf_timeouts) / sizeof(pf_timeouts[0]).
enabled (ipf -E) before ipnat is used; this detail is automated by the
rc scripts, but not by ipnat itself. ipf's author agrees this is a doc
bug.
Closes PR kern/33409.
serve simultaneously to DEFAULT_TARGET_MAX_SESSIONS, add a -s argument to
iscsi-target(8) to specify the maximum number of sessions.
Also bump default from 4 to 16.
following Dan Carosone's suggestion of the uint64_t array.
Abstract a bit more from the HTOBE64() macro intrigue, for platforms
like Solaris/x86 which have fun in this part.
Tested only with little-endian initiators for now.
Bump version to 20060526.
initiator (used on Solaris 10 Update 1) - the initiator demands that a
UUID is returned, so give it one.
Add autoconf glue for that, and a compat uuid_create(3) and
uuid_to_string(3).
This still spews a lot of output via the target's syslog, but persevere,
since it does actually make the target work with the Solaris initiator:
solaris10# format
Searching for disks...done
AVAILABLE DISK SELECTIONS:
0. c1d0 <DEFAULT cyl 29728 alt 2 hd 64 sec 63>
/pci@0,0/pci-ide@1f,1/ide@0/cmdk@0,0
1. c2t5d0 <DEFAULT cyl 96 alt 2 hd 64 sec 32>
/iscsi/disk@0000iqn.1994-04.org.netbsd.iscsi-target%3Atarget00001,0
Specify disk (enter its number): ^D
solaris10# df -k /mnt
Filesystem kbytes used avail capacity Mounted on
/dev/dsk/c2t5d0s0 91407 1041 81226 2% /mnt
solaris10# uname -a
SunOS solaris10 5.10 Generic_118844-26 i86pc i386 i86pc
solaris10#
