Commit Graph

68365 Commits

Author SHA1 Message Date
itojun
51156effd6 be more paranoid about UDP-based echo services validation. namely,
reject the following sources:
	0.0.0.0/8 127.0.0.0/8 240.0.0.0/4 255.0.0.0/8
	ff00::/8 ::/128
	::ffff:0.0.0.0/96 and ::0.0.0.0/96 obeys IPv4 rule.
hint from deraadt.
2000-08-01 18:42:08 +00:00
itojun
058e85bfc6 we shouldn't use "(ip + 1)" to detect intermediate headers (AH/ESP).
we should use ip_p == IPPROTO_TCP/UDP.
2000-08-01 17:39:46 +00:00
itojun
bec9b9854d IPv6 UDP header checksum. 2000-08-01 17:35:18 +00:00
itojun
1c0969bf27 use of ip_p is irrelevant in tcp_cksum, as we may have AH/ESP inbetween. 2000-08-01 17:34:00 +00:00
itojun
d9bba2ca98 some merge from tcpdump.org code.
- print-telnet.c: do not print control character
- print-icmp6.c: improve icmp6 node information printing
  (we need to at least meet our kernel code!)
- update dhcp6 printing to 15 draft (14 and 15 are totally incompatible)
- add safeputc() and safeputs() into util.c
2000-08-01 17:29:47 +00:00
itojun
1174b9a1a9 implement tcp6 pseudo header cksum. 2000-08-01 17:24:40 +00:00
eeh
a8cd48f9e6 `mem' is now a pointer, not an array. Fixes kernel coredumps. 2000-08-01 16:49:47 +00:00
eeh
c8c5d91d87 Handle kernel cores properly. 2000-08-01 16:47:55 +00:00
eeh
baf03fd97c time is a struct timeval' not a time_t', so read it in properly. 2000-08-01 16:46:27 +00:00
thorpej
bdb0f01b7c Slight adjustment to last, to allow the userland version to build. 2000-08-01 15:03:51 +00:00
jwise
d6662ec62f Change name of precmd from start_precmd to sshd_precmd. While it worked
fine as was, the result was the line `start_precmd=start_precmd' which
looked odd.  Pointed out by Bernd Ernesti.

While here, add NetBSD RCS Id.

BTW, to clarify, as people have asked:  this script does not support
pkgsrc/security/sshd -- that package comes with a perfectly fine rc script
which in addition to supporting /etc/rc.d can also be used with 1.4.X.

This script will not trivially work with the ssh package as it a.) calls
the ssh commands at the pathnames they will be installed at by usr.bin/ssh,
and b.) generates a DSA key as well as an RSA key.
2000-08-01 14:28:32 +00:00
briggs
8d6c85d001 Remove hack for unswapped read/write_multi in swapped space.
Driver now uses read/write_multi_stream_2.
2000-08-01 13:08:39 +00:00
tsubai
43b5c0039c Enable rnd. 2000-08-01 08:23:37 +00:00
augustss
34119e1a6a Add midi at clcs 2000-08-01 08:19:39 +00:00
augustss
37ae63598b Add midi at clcs. 2000-08-01 08:16:54 +00:00
uch
ae581ace81 reserve AGP space to avoid resource conflict. 2000-08-01 05:23:59 +00:00
thorpej
ed2759b21c Un-__P. 2000-08-01 04:58:55 +00:00
thorpej
cd32ace8bb ANSI'ify. 2000-08-01 04:57:28 +00:00
itojun
67175858ec use __cputchar(), not putchar().
otherwise, __CTRACE() will not be useful for debugging curses internals.
2000-08-01 04:17:09 +00:00
thorpej
ead5ad8885 - ipl_enable(): -1 is not an error return. If initializing IP Filter
fails, return EIO instead.

- iplioctl(): If performing a NAT operation, and IP Filter is not
  yet initialized (e.g. by `ipf -E'), enable it implicitly before
  doing the NAT operation.
2000-08-01 03:46:09 +00:00
enami
fce828f34e When output device is ascii, load tmac.tty-char explicity as nroff does,
so that some developer's names are translated saner way.
2000-08-01 01:57:57 +00:00
wiz
be8ff811b7 Rename VM_INHERIT_* to MAP_INHERIT_* and move them to sys/sys/mman.h as
discussed on tech-kern.
Retire sys/uvm/uvm_inherit.h, update man page for minherit(2).
2000-08-01 00:53:07 +00:00
eeh
57d2ec0b98 Overhaul cache flush code and coredump code. 2000-08-01 00:40:15 +00:00
eeh
568dca001c Cleanup trapstate handling and garbage collect old stuff. 2000-08-01 00:36:05 +00:00
eeh
e5a87444c7 Cleanup trapframe and TSTATE handling. 2000-08-01 00:34:13 +00:00
eeh
6f9bfddd60 Add UVM_PAGEIDLE_ZERO. 2000-08-01 00:31:15 +00:00
eeh
cacbbd1117 Garbage collection. 2000-08-01 00:28:55 +00:00
eeh
d09c8ea0f1 Revamp cache flush routines. 2000-08-01 00:28:02 +00:00
eeh
07fc19421d Pull in <machine/frame.h> to define BIAS and CC64FSZ. 2000-08-01 00:25:02 +00:00
eeh
aeb88321db Call the parent bus dvmamap_unload function to clear the cache rather
than do it ourselves.
2000-08-01 00:22:41 +00:00
minoura
3094e3b89d include <sys/types.h> to define u_int. 2000-07-31 23:40:02 +00:00
briggs
02e3c1ef40 Use bus_space_read/write_multi_stream_2 for FIFO instead of bsr/w_multi_2. 2000-07-31 22:48:49 +00:00
briggs
3f1e17a340 Define bus_space_*_stream_N functions as their non-stream counterparts. 2000-07-31 22:43:46 +00:00
briggs
3ce3697584 Add bus_space_*_stream_N functions. 2000-07-31 22:40:25 +00:00
briggs
bd823b939e Fix code to read a string from the nubus board--it was not terminating
the string properly when the string on the board is longer than the
pre-allocated space.
2000-07-31 22:39:17 +00:00
eeh
ede765839e Look for fpu files in the sparc subdirectory where they now reside. 2000-07-31 22:17:05 +00:00
gmcgarry
f21a75dee3 XIDEBUG_CONFIG -> XID_CONFIG. From R.Massar@Fh-Worms.DE 2000-07-31 21:49:47 +00:00
jlam
f3983ea4df Correct apparent past-o: RSA -> DSA 2000-07-31 21:43:52 +00:00
msaitoh
9c331f1f89 use 'makeoptions LDSCRIPTBASE="sh.x"' (or shl.x) to select ldscript file 2000-07-31 20:57:45 +00:00
jwise
5da8f604df Add $sshd and $sshd_flags for use by both usr.bin/sshd and pkgsrc/security/{open,}ssh
As a precedent, note the presence of $gated, even though we do not distribute
gated outside of pkgsrc.
2000-07-31 20:47:41 +00:00
jwise
5cfec6f11d An sshd startup script for use with usr.bin/sshd. Installation is conditional
on ${SSHDIST}, as with usr.bin/ssh itself.

This script includes a `keygen' target for regenerating RSA and DSA host keys,
and invokes this if these keys are not present when sshd is started up.
2000-07-31 20:39:41 +00:00
thorpej
cf6fc32958 Add support for building the assembly versions of some BIGNUM
routines from OpenSSL.  Speeds up DSA significantly.  A similar
gain should also be seen for RSA.

Before:
Doing 512 bit sign dsa's for 10s: 965 512 bit DSA signs in 9.97s
Doing 512 bit verify dsa's for 10s: 766 512 bit DSA verify in 9.93s
Doing 1024 bit sign dsa's for 10s: 276 1024 bit DSA signs in 9.99s
Doing 1024 bit verify dsa's for 10s: 217 1024 bit DSA verify in 9.93s
                  sign    verify    sign/s verify/s
dsa  512 bits   0.0103s   0.0130s     96.8     77.1
dsa 1024 bits   0.0362s   0.0458s     27.6     21.9

After:
Doing 512 bit sign dsa's for 10s: 3742 512 bit DSA signs in 9.88s
Doing 512 bit verify dsa's for 10s: 3065 512 bit DSA verify in 9.92s
Doing 1024 bit sign dsa's for 10s: 1357 1024 bit DSA signs in 9.99s
Doing 1024 bit verify dsa's for 10s: 1094 1024 bit DSA verify in 9.83s
                  sign    verify    sign/s verify/s
dsa  512 bits   0.0026s   0.0032s    378.7    309.0
dsa 1024 bits   0.0074s   0.0090s    135.8    111.3
2000-07-31 19:57:30 +00:00
danw
601e8144d5 s/abort(2)/abort(3)/ 2000-07-31 19:30:37 +00:00
thorpej
557e12076d Add support for building the assembly version of RMD160 from OpenSSL.
Before:
Doing rmd160 for 3s on 8 size blocks: 778828 rmd160's in 3.00s
Doing rmd160 for 3s on 64 size blocks: 430214 rmd160's in 3.00s
Doing rmd160 for 3s on 256 size blocks: 182108 rmd160's in 3.00s
Doing rmd160 for 3s on 1024 size blocks: 55050 rmd160's in 3.00s
Doing rmd160 for 3s on 8192 size blocks: 7339 rmd160's in 3.00s
type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
rmd160            2076.87k     9177.90k    15539.88k    18790.40k    20040.36k

After:
Doing rmd160 for 3s on 8 size blocks: 1084941 rmd160's in 3.00s
Doing rmd160 for 3s on 64 size blocks: 617966 rmd160's in 3.00s
Doing rmd160 for 3s on 256 size blocks: 267381 rmd160's in 2.99s
Doing rmd160 for 3s on 1024 size blocks: 82001 rmd160's in 3.00s
Doing rmd160 for 3s on 8192 size blocks: 10974 rmd160's in 3.00s
type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
rmd160            2893.18k    13183.27k    22892.82k    27989.67k    29966.34k
2000-07-31 19:22:04 +00:00
thorpej
cb83ceb68d Add support for building the assembly version of MD5 from OpenSSL.
Before:
Doing md5 for 3s on 8 size blocks: 1490796 md5's in 3.00s
Doing md5 for 3s on 64 size blocks: 895849 md5's in 3.00s
Doing md5 for 3s on 256 size blocks: 410807 md5's in 3.00s
Doing md5 for 3s on 1024 size blocks: 129416 md5's in 3.00s
Doing md5 for 3s on 8192 size blocks: 17527 md5's in 3.00s
type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
md5               3975.46k    19111.45k    35055.53k    44173.99k    47860.39k

After:
Doing md5 for 3s on 8 size blocks: 2041410 md5's in 3.00s
Doing md5 for 3s on 64 size blocks: 1345402 md5's in 3.00s
Doing md5 for 3s on 256 size blocks: 669827 md5's in 3.10s
Doing md5 for 3s on 1024 size blocks: 221744 md5's in 2.96s
Doing md5 for 3s on 8192 size blocks: 30685 md5's in 3.00s
type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
md5               5443.76k    28701.91k    56968.68k    76711.44k    83790.51k
2000-07-31 19:08:02 +00:00
itojun
2e661a4ef6 free region got from t_getstr(). we will experience memory leak if
we call initscr() multiple times (rare, but it's better to be pedant).
2000-07-31 18:55:35 +00:00
thorpej
dacf9960bf Add support for building the assembly versions of Blowfish encrypt
and decrypt from OpenSSL.  Right now we only build the 586 version,
but eventually we will be able to build the 686 version based on a
CPP flag defined as a result of using `cc -mcpu=pentiumpro'.

We don't build the assembly version of BF_cbc_encrypt(), as it would
have to be rewritten to be PIC.

Performance difference is quite noticeable.

Before:
Doing blowfish cbc for 3s on 8 size blocks: 2891026 blowfish cbc's in 2.97s
Doing blowfish cbc for 3s on 64 size blocks: 411766 blowfish cbc's in 3.10s
Doing blowfish cbc for 3s on 256 size blocks: 104721 blowfish cbc's in 3.00s
Doing blowfish cbc for 3s on 1024 size blocks: 26291 blowfish cbc's in 2.98s
Doing blowfish cbc for 3s on 8192 size blocks: 3290 blowfish cbc's in 3.10s
type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
blowfish cbc      7787.28k     8755.16k     8936.19k     9034.22k     8954.05k

After:
Doing blowfish cbc for 3s on 8 size blocks: 4573792 blowfish cbc's in 3.10s
Doing blowfish cbc for 3s on 64 size blocks: 713440 blowfish cbc's in 2.99s
Doing blowfish cbc for 3s on 256 size blocks: 183125 blowfish cbc's in 3.00s
Doing blowfish cbc for 3s on 1024 size blocks: 46221 blowfish cbc's in 3.00s
Doing blowfish cbc for 3s on 8192 size blocks: 5787 blowfish cbc's in 3.00s
type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
blowfish cbc     12156.26k    15270.96k    15626.67k    15776.77k    15802.37k
2000-07-31 18:39:04 +00:00
jdolecek
973a6510c5 backup previous - including ../Makefile.inc does have some
side effects (as pointed by enami), and I changed my build
environment to not need such hack
2000-07-31 17:25:47 +00:00
thorpej
caacba233b Rework this so what we can include arch-specific versions
of the crypto Makefile includes.
2000-07-31 17:04:05 +00:00
itojun
78d8274105 fix 8bit cleanness of getch() and wgetch(). never use char variable against
stdio functions which return "int" (including getchar()).
the bug was introduced in 1.9 -> 1.10.  fixes PR10723.
2000-07-31 16:22:46 +00:00