Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
256,307 Commits 606 Branches 0 Tags 3.1 GiB
6b182040a5
Commit Graph

256307 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
mrg
6b182040a5 missing in previous: 
mknative gcc 6.4 and powerpc / earmv4.
 2018-02-05 22:11:42 +00:00
mrg
9dd74e3a6c mknative gcc 6.4 and powerpc / earmv4. earmv4 seems to work. 
powerpc not properly tested yet, but builds.
 2018-02-05 22:06:44 +00:00
mrg
85028157d6 - enable powerpc and arm support. 
- port GetPcSpBp() to netbsd/powerpc* and netbsd/arm.
 2018-02-05 22:04:54 +00:00
maya
2272657d65 Match new openssl HMAC_CTX_new better and zero out all the fields. 2018-02-05 21:12:14 +00:00
christos
bb64310352 add DSA_bits() 2018-02-05 20:27:06 +00:00
christos
600234d2b4 fix inline 2018-02-05 20:23:47 +00:00
christos
651d2a0c85 more openssl-1.1 compat. 2018-02-05 16:12:52 +00:00
christos
934378087f add more functions that heimdal uses. 2018-02-05 16:09:09 +00:00
christos
6680b65dc2 port to openssl-1.1 2018-02-05 16:00:52 +00:00
maxv
790eef7946 Exterminate IPSENDREDIRECTS and IPMTUDISCTIMEOUT, neither is documented. 2018-02-05 15:23:14 +00:00
maxv
07316f2d3f Nuke DIRECTED_BROADCAST, it is not documented and not enabled anywhere. It 
probably wouldn't have built correctly anyway, since there is no associated
defflag.

These ten lines of code in ip_input.c already look a lot better.
 2018-02-05 15:18:10 +00:00
maxv
b9f3ecd7cb Remove references to IPFORWSRCRT (the only one that was actually 
documented).
 2018-02-05 15:02:52 +00:00
maxv
4e9f7594df Clean up this mess. This is typically the kind of places where we need to 
seriously cut the bullshit. These things are unreadable, undocumented, and
all they bought us was not figuring out we had IPv4 forwarding enabled by
default for 20+ years.
 2018-02-05 14:52:42 +00:00
maxv
74ae2b39bb Be tougher, and don't allow LSRR+SSRR (RFC7126). 2018-02-05 14:23:38 +00:00
maxv
8bb6d618d6 Kick duplicate options, they are not allowed (RFC791). 2018-02-05 13:52:39 +00:00
maxv
67805d326f Remove unused variable. 2018-02-05 13:34:20 +00:00
maxv
12bc52f12f Disable ip_allowsrcrt and ip_forwsrcrt. Enabling them by default was a 
completely dumb idea, because they have security implications.

By sending an IPv4 packet containing an LSRR option, an attacker will
cause the system to forward the packet to another IPv4 address - and
this way he white-washes the source of the packet.

It is also possible for an attacker to reach hidden networks: if a server
has a public address, and a private one on an internal network (network
which has several internal machines connected), the attacker can send a
packet with:

	source = 0.0.0.0
	destination = public address of the server
	LSRR first address = address of a machine on the internal network

And the packet will be forwarded, by the server, to the internal machine,
in some cases even with the internal IP address of the server as a source.
 2018-02-05 13:23:11 +00:00
maxv
755653626f Style, no functional change. 2018-02-05 13:04:56 +00:00
christos
95741dd42e undo previous. 2018-02-05 12:13:54 +00:00
christos
6fec6006f2 pretend we have openssl-1.1 2018-02-05 11:57:28 +00:00
christos
00a8c5d883 #if not #ifdef 2018-02-05 11:55:46 +00:00
christos
a888e01c4e protect the inline functions with the OPENSSL_VERSION_NUMBER 2018-02-05 11:52:32 +00:00
bouyer
669bbf3051 Follow GENERIC and enable xhci(4) by default. PR port-xen/52978 2018-02-05 11:19:55 +00:00
martin
cf29848b33 Adapt the version hack for openssl provided inline functions: openssl 1.0.2k 
already provides the colliding definitions.
 2018-02-05 10:46:19 +00:00
maya
6910501b14 Fix tyop 2018-02-05 10:41:12 +00:00
martin
cd829b9d79 Try to fix the build: OpenSSL 1.0.2k already has the EVP inline functions. 2018-02-05 10:26:06 +00:00
maxv
e561f679fe Declare icmperrppslim in ip_icmp.c, it shouldn't be used elsewhere. 2018-02-05 08:38:06 +00:00
mrg
1fcc5cabfc mark GCC 6.4 has nb1 20180203 2018-02-05 06:22:27 +00:00
mrg
b8a26bd00d more mknative-gcc 6.5 for sparc, sparc64 and amd64. 2018-02-05 06:13:33 +00:00
mrg
d2c0af66e5 it's called avx512bwintrin.h. 2018-02-05 05:43:53 +00:00
ozaki-r
58e4007f7e Obtain proper initialized addresses of locks allocated by mutex_obj_alloc or rw_obj_alloc 
Initialized addresses of locks allocated by mutex_obj_alloc or rw_obj_alloc
were not useful because the addresses were mutex_obj_alloc or rw_obj_alloc
itself. What we want to know are callers of them.

(forgot to commit)
 2018-02-05 05:00:48 +00:00
ozaki-r
5e1cf642fa Obtain proper initialized addresses of locks allocated by mutex_obj_alloc or rw_obj_alloc 
Initialized addresses of locks allocated by mutex_obj_alloc or rw_obj_alloc
were not useful because the addresses were mutex_obj_alloc or rw_obj_alloc
itself. What we want to know are callers of them.
 2018-02-05 04:25:04 +00:00
ozaki-r
74845a91b1 Sort XC_IPL_* in order of priority (NFC) 2018-02-05 02:51:41 +00:00
ozaki-r
9aaf776ebf Avoid allocating unused softints that share a value of IPL between another 2018-02-05 02:51:08 +00:00
ozaki-r
d32b28c1c1 Fix build of kernels that some (or all) IPL_SOFT* share a value (e.g., mips) 2018-02-05 02:49:46 +00:00
christos
04dc679937 Adjust to openssl 1.1 2018-02-05 00:43:06 +00:00
christos
5097134740 provide compatibility for libradius 2018-02-05 00:42:46 +00:00
christos
b400d00712 patch for OpenSSL-1.1 2018-02-05 00:13:50 +00:00
christos
9ed083bc65 add enough of the 1.1 API to compile openssh 2018-02-05 00:11:33 +00:00
skrll
b07568df9e Working / new versions from Ryo Shimizu 2018-02-04 21:52:16 +00:00
skrll
e958e889a2 Various fixes / changes from Ryo Shimizu / Toru Nishimura to make this 
work.

_rtld_call_ifunc copied from other rela platforms by me - not tested in
any way.
 2018-02-04 21:49:51 +00:00
christos
e7011cce36 optval is int not long 2018-02-04 20:38:41 +00:00
mrg
b3953390c8 regen mknative-gcc 6.4 and amd64. 2018-02-04 20:22:42 +00:00
mrg
51502cf62d updates for GCC 6.4: 
- remove many _DIAGASSERT() checks against not NULL for functions
  with arguments with nonnull attributes.  (probably more to come,
  the set between x86 and sparc us disjoint.)

- port libsanitizer's GetPcSpBp() to sparc, sparc64 and amd64.
 2018-02-04 20:22:17 +00:00
skrll
239256a2b3 lower case 'ret' to avoid macro clash 2018-02-04 18:32:31 +00:00
christos
2933287bf5 remove dup the from %eax 2018-02-04 18:17:59 +00:00
maxv
3ceb173944 Explicitly disable the kernel-mode GPROF (even though it is never enabled), 
and explain a bit.
 2018-02-04 17:54:34 +00:00
jmcneill
95031fc0dd Fix tools build 2018-02-04 17:33:34 +00:00
maxv
dec7dd7200 Add a proper defflag for GPROF, and include opt_gprof.h, otherwise we're 
not gonna go very far.
 2018-02-04 17:31:51 +00:00
maxv
70fadc9fd8 Add a TODO list for SVS. 2018-02-04 17:03:21 +00:00