(MD5 signatures for TCP, as used with BGP). Credit for original
FreeBSD code goes to Bruce M. Simpson, with FreeBSD sponsorship
credited to sentex.net. Shortening of the setsockopt() name
attributed to Vincent Jardin.
This commit is a minimal, working version of the FreeBSD code, as
MFC'ed to FreeBSD-4. It has received minimal testing with a ttcp
modified to set the TCP-MD5 option; BMS's additions to tcpdump-current
(tcpdump -M) confirm that the MD5 signatures are correct. Committed
as-is for further testing between a NetBSD BGP speaker (e.g., quagga)
and industry-standard BGP speakers (e.g., Cisco, Juniper).
NOTE: This version has two potential flaws. First, I do see any code
that verifies recieved TCP-MD5 signatures. Second, the TCP-MD5
options are internally padded and assumed to be 32-bit aligned. A more
space-efficient scheme is to pack all TCP options densely (and
possibly unaligned) into the TCP header ; then do one final padding to
a 4-byte boundary. Pre-existing comments note that accounting for
TCP-option space when we add SACK is yet to be done. For now, I'm
punting on that; we can solve it properly, in a way that will handle
SACK blocks, as a separate exercise.
In case a pullup to NetBSD-2 is requested, this adds sys/netipsec/xform_tcp.c
,and modifies:
sys/net/pfkeyv2.h,v 1.15
sys/netinet/files.netinet,v 1.5
sys/netinet/ip.h,v 1.25
sys/netinet/tcp.h,v 1.15
sys/netinet/tcp_input.c,v 1.200
sys/netinet/tcp_output.c,v 1.109
sys/netinet/tcp_subr.c,v 1.165
sys/netinet/tcp_usrreq.c,v 1.89
sys/netinet/tcp_var.h,v 1.109
sys/netipsec/files.netipsec,v 1.3
sys/netipsec/ipsec.c,v 1.11
sys/netipsec/ipsec.h,v 1.7
sys/netipsec/key.c,v 1.11
share/man/man4/tcp.4,v 1.16
lib/libipsec/pfkey.c,v 1.20
lib/libipsec/pfkey_dump.c,v 1.17
lib/libipsec/policy_token.l,v 1.8
sbin/setkey/parse.y,v 1.14
sbin/setkey/setkey.8,v 1.27
sbin/setkey/token.l,v 1.15
Note that the preceding two revisions to tcp.4 will be
required to cleanly apply this diff.
from values to be assigned when processing a file. Clean up error
reporting (print the name of the file and the line number), and tidy
some numeric conversions. Continue after most "errors" when
processing a -f argument.
Addresses PR bin/25115.
this addresses pr/23924
this includes most of support for creating fslevel 3 compatible filesystems,
although there is currently no command line option to invoke it when
not using apple_ufs
Wolfgang Solfrank has explained the problem with router discovery
in `routed` in a way I can understand.
Let's assume that the configured preference of the interface is 5.
This gets converted to 0x80000005 through the use of the UNSIGN_PREF
macro. Later on, this value gets put into the PREF macro, which
compares it against the interface metric(s) (let's assume those
values to be 0 for now). Of course the 0x80000005, cast to int,
is much less than 0, so the clamping rule is triggered, which
gives us a value of 1. This is then converted via SIGN_PREF into
0x80000001 and put into the message. Certainly, this isn't what
was intended.
leave 4 bytes for the Windows NT Drive Serial Number (DSN) at 440-443
(as mbr_sector.mbr_dsn).
Ensure that all the MBR & PBR code reserves space for mbr_sector.mbr_dsn.
Leave the bootsel magic number at 444-445 as mbr_sector.mbr_bootsel_magic
(instead of mbr_sector.mbr_bootsel.mbrbs_magic), but use 0xb5e1 (MBR_BS_MAGIC)
instead of 0xaa55 (MBR_MAGIC) to indicate that this change has occurred.
Rework MBR_BS_NEWMBR to mean "mbr_bootsel has moved to 400".
Modify fdisk(8) to automatically relocate the mbr_bootsel from 404 to 400
if mbr_bootsel_magic is the old value (0xaa55), and unset MBR_BS_NEWMBR
to flag that new mbr_bootsel code must be used if updating the MBR.
These changes fixes a problem where Windows 2000 or Windows XP would corrupt
the last 3 bytes + NUL of MBR partition 3's bootsel name if the bootsel name
was 5 characters long, replacing bytes 6-9 with the DSN.
Also, by explicitly reserving the space for the DSN we prevent problems in the
future if non bootsel MBR or PBR code had other information at bytes 440-443.
finding an ffsv1 sb at 64k.
Also stop it playing with fs that have 'FS_FLAGS_UPDATED' set.
It certainly doesn't act on that falg, and my guess is that it is
playing the pre-ffsv2 fs.
Fixes part of PR kern/24809
location where we expect to find an ffsv2 superblock.
It could be the first alternate for a ffsv1 filesystem with 64k blocks.
Fixes part of PR kern/24809
indicates that the target of the fdisk operation is a file, not a
disk. With -t and -T, the user tells fdisk the geometry for the
file If the default geometry that fdisk will "fake up" for a file
are not satisfactory, the user may tell the geometry to fdisk using
-t disktab -T disktype.
The existing pkcs5_pbdkf2 keygen method is retained functionally
as-is, for compatibility with existing params files. The corrected
algorithm, which is now the default for new params file generation, is
called pkcs5_pbkdf2/sha1.
NB. The backwards compatibility for the miscreant keygen method will
be removed at the same time as support for the previous parameters
file syntax. Sometime between now and then, users should update their
params files using -G, which will create a new params file including
an xor value so that the resulting generated key is the same; they
should also
Problem discovery and 2-char algorithm fix by Charles Blundell, messy
compat goop by me, long complicated names by Roland Dowdeswell.
Update manpage accordingly and bump date.
use the size of 'device' for teh file syste size - fixes pr 18353.
(It might be better to be able to say 50% of the size...)
Fix 'mount_mfs -N ...', as well as supressing the creation of the fs, the -N
inhibits the supression of the prints of the mfs parameters.
clean up the ssid explanation a bit (including mentioning that if you
want to use a hex ssid, you precede it with a 0x, which really needed
documenting.)
sysctl() call to query for each of three different display modes:
(1) sum across all cpus
% sysctl kern.cp_time
kern.cp_time: user = 93240, nice = 1507, sys = 17252, ...
(2) data for just cpu 0
% sysctl kern.cp_time.0
kern.cp_time.0: user = 93282, nice = 1507, sys = 17264, ...
(3) each cpu individually up to hw.ncpu
% sysctl -A kern.cp_time
kern.cp_time.0: user = 93349, nice = 1507, sys = 17280, ...
kern.cp_time.1: user = 93403, nice = 1507, sys = 17291, ...
...
pointed out by Klaus Klein (original idea was that it should hold at least
the pathname ...); instead, let the ELF and a.out backends allocate memory
for the link command, and get rid of the fixed size buffer altogether
if the disklabel is missing the cpg parameter. Also print a warning
if this is skipped because of a missing fsize, frag or cpg disklabel parameter
this fixes a divide by zero error reported by martin@
controls with the section for the other MBR-using platforms that
already enable this)
* Don't prompt the user to "erase the previous contents of the disk"
when there's no NetBSD MBR partition; SAVEBOOTAREA is sufficient.
These fixes mean that you can create a disklabel (on an i386/amd64) on a disk
that doesn't have a NetBSD MBR partition without trashing the existing MBR.
The previous behaviour was extremely annoying when working with media such
as FAT-formatted CF cards, and didn't really protect people with such from
accidentally trashing part of sector 1 of such disks, and made it extremely
easy to trash sectors 0..15 of those disks instead.
is provided.
add compatibility for filesystems before FFSv2 integration
these patches are from pr port-macppc/23925 and should also
fix problems discussed in pr kern/21404 and pr kern/21283
and don't try the disklabel.
Allows to create a filesystem on a floppy again.
(It is arguably another bug that DIOCGDINFO returns nonsense
for floppies.)
- factor out disksubr.c between sun3, sparc and sparc64. Keep the sun3
groveling code to find a NetBSD disklabel in the first sector (so that it
can find a label at the old sun3 LABELOFFSET) as a fallback is not
label at LABELOFFSET, or sun label is present.
- Fix the sun3 LABELOFFSET (was 64, but the kernel wrote the NetBSD label at
128)
- Make next68k disksubr.c always write a next-compatible disklabel.
- remove #ifdef __sparc__ hack from disklabel(8), and change it to issue
a DIOCWDINFO after writing the disklabel to the raw partition in the
-r/-I case (so that the kernel can convert the label if needed).
sysctl. Add a protocol-independent sysctl handler to show the per-protocol
"struct ifq' statistics. Add IP(v4) specific call to the handler.
Other protocols can show their per-protocol input statistics by
allocating a sysclt node and calling sysctl_ifq() with their own struct ifq *.
As posted to tech-kern plus improvements/cleanup suggested by Andrew Brown.
kernels) so that newfs works on vinum (and similar).
Kill the -V hack for vinum.
Don't bother faking up a label for -F and mfs, nothing is needed from it.
Ignore label if special doesn't match DISKPART(sb.st_rdev);
Simplifly logic for default block/frag sizes.
Update man page to match.
WARNS=3.
There's no reasonable situation where there will be one there, except if the
disk had data on it previously for some reason. It's significantly more
likely (read "the world until UFS2 was merged") that sector 0(..15)
contains really important stuff like boot blocks and disk labels.
Once again, I ask, why wasn't UFS2 implemented as a separate file
system a la lfs & ext2fs ?
It could have shared a chunk of the kernel code (just like those),
and had different userland tools and a different fs_type.
* Rename "config.h" to "nbtool_config.h" and
HAVE_CONFIG_H to HAVE_NBTOOL_CONFIG_H.
This makes in more obvious in the source when we're using
tools/compat/config.h versus "standard autoconf" config.h
* Consistently move the inclusion of nbtool_config.h to before
<sys/cdefs.h> so that the former can provide __RCSID() (et al),
and there's no need to protect those macros any more.
These changes should make it easier to "tool-ify" a program by adding:
#if HAVE_NBTOOL_CONFIG_H
#include "nbtool_config.h"
#endif
to the top of the source files (for the general case).
* Don't bother prefixing commands with a line of ${_MKCMD}\
and instead rely upon "make -s". This is less intrusive on
all the Makefiles than the former. Idea from David Laight.
* Rename the variables use to print messages. The scheme now is:
_MKMSG_FOO Run _MKMSG 'foo'
_MKTARGET_FOO Run _MKMSG_FOO ${.TARGET}
From discussion with Alistair Crooks.
<sys/bootblock.h>:
* Added definitions for the Master Boot Record (MBR) used by
a variety of systems (primarily i386), including the format
of the BIOS Parameter Block (BPB).
This information was cribbed from a variety of sources
including <sys/disklabel_mbr.h> which this is a superset of.
As part of this, some data structure elements and #defines
were renamed to be more "namespace friendly" and consistent
with other bootblocks and MBR documentation.
Update all uses of the old names to the new names.
<sys/disklabel_mbr.h>:
* Deprecated in favor of <sys/bootblock.h> (the latter is more
"host tool" friendly).
amd64 & i386:
* Renamed /usr/mdec/bootxx_dosfs to /usr/mdec/bootxx_msdos, to
be consistent with the naming convention of the msdosfs tools.
* Removed /usr/mdec/bootxx_ufs, as it's equivalent to bootxx_ffsv1
and it's confusing to have two functionally equivalent bootblocks,
especially given that "ufs" has multiple meanings (it could be
a synonym for "ffs", or the group of ffs/lfs/ext2fs file systems).
* Rework pbr.S (the first sector of bootxx_*):
+ Ensure that BPB (bytes 11..89) and the partition table
(bytes 446..509) do not contain code.
+ Add support for booting from FAT partitions if BOOT_FROM_FAT
is defined. (Only set for bootxx_msdos).
+ Remove "dummy" partition 3; if people want to installboot(8)
these to the start of the disk they can use fdisk(8) to
create a real MBR partition table...
+ Compile with TERSE_ERROR so it fits because of the above.
Whilst this is less user friendly, I feel it's important
to have a valid partition table and BPB in the MBR/PBR.
* Renamed /usr/mdec/biosboot to /usr/mdec/boot, to be consistent
with other platforms.
* Enable SUPPORT_DOSFS in /usr/mdec/boot (stage2), so that
we can boot off FAT partitions.
* Crank version of /usr/mdec/boot to 3.1, and fix some of the other
entries in the version file.
installboot(8) (i386):
* Read the existing MBR of the filesystem and retain the BIOS
Parameter Block (BPB) in bytes 11..89 and the MBR partition
table in bytes 446..509. (Previously installboot(8) would
trash those two sections of the MBR.)
mbrlabel(8):
* Use sys/lib/libkern/xlat_mbr_fstype.c instead of homegrown code
to map the MBR partition type to the NetBSD disklabel type.
Test built "make release" for i386, and new bootblocks verified to work
(even off FAT!).
If /dev/MAKEDEV doesn't exist then try to run /etc/MAKEDEV instead.
Use the (new) '-n inodes' option to mount_mfs and base the size on the number
of inodes and the size of the MAKEDEV script.
