Commit Graph

1720 Commits

Author SHA1 Message Date
darrenr df16b421e0 When preparing ipfilter to import, remove files that are not related to
NetBSD in any way (such as those for Linux, Solaris, etc.)
2009-08-19 18:51:24 +00:00
martti 28de1fee02 IPF 4.1.33 2009-08-19 09:35:01 +00:00
darrenr aa4e57639b Update head to version 4.1.33 from vendor branch 2009-08-19 08:35:30 +00:00
darrenr 1098c7bfb7 Import IPFilter 4.1.33
4.1.33 - Release 16 August 2009

2837931 wrong mode selected in ipf program for hash-entries
2826168 load_http can make ippool core dump
2825150 IPL_LOGMAX used to index some arrays
2825084 ipv6 fragments should not be allowed past 64k
2824713 ipfstat top output alternates between entries and nothing
2824712 ipfstat top output is shows negative ttl
2820965 a single bad ipv6 extension header should not impact others
2818197 ignored fragment bits defined as being reserved
2817667 IPv6 fragment header verification needs attention
2817098 fr_getrulen() finds the wrong rule
2817096 fr_rulen is unused
2741019 Lingering states (Established/Listen - 5/0) in state table
2702887 use of PBR/fastroute causes panic with ipv6
2671913 regression test in7 fails to execute
2598625 parsing empty config file results in an error
2698656 test parsing empty config files
2597956 not all pointers in a clone are reset
2543934 nat_t gets assigned ifp too early
2535795 No need to always bump fr_ref
2535778 Bad IPv6 packets droped by default
2031730 4.1.31 Nat drops fragmented packets after the first
2214661 ipf does not handle IPv6 fragments
2473273 NAT removed before RST/ICMP sent
2216500 fin_state serves no purpose
2424604 adding random MD5 data causes panic
2304435 Ineffecient lock usage in logging
2216491 fin_nat serves little purpose
2055619 duplicating a free-d packet will fail
2042949 Excessive locking when creating nat_t
2035610 nat_update does not need to get locks
2214658 ipf mostly ignores locking in NetBSD
1979427 Memory leak in user utilities - token never freed (rel br)
* SunOS4 does not have a curproc, but it does have u.
* The fix for 2020447 generated random port numbers but not within the
  range specified in the map rule.  Add in a regression test to verify
  that the "random" part works.
2020447 NAT can undo name server random port selection
1988795 NetBSD does not build with kernel malloc stats
1988782 fr_movequeue can take a short cut
1988669 first nat creation failure prevents further success
1988668 hostmap searching does not work properly
* on some 64bit architectures (such as alpha), the addrfamily_t is packed
  differently, throwing off the calculations for adf_len
* one too many READ_ENTERs in ip_sync code.
* clean up fr_fastroute a little by removing some #ifdefs and pushing the
  code around a bit to use the same variables (NetBSD)
* more recent NetBSDs use VOP related macros differently
2009-08-19 08:28:39 +00:00
aymeric 46545ebf5c bump to nb5:
. :ESC works again
. #+ and #- work again
2009-08-11 21:42:03 +00:00
aymeric 7963ec5bf2 . adding STRCHR variants to common/multibyte.h for the benefit of
. making #+ and #- work again in vi/v_increment.c
2009-08-11 21:28:02 +00:00
aymeric b8018f6743 in v_ecl(), copy the converter from the shadow screen initialized in
v_ecl_init(), so that history can be displayed and edited.

Which means, :ESC works again.
2009-08-11 21:24:49 +00:00
minskim 0997da05f2 Correct the #ifdef test for struct ifdatareq. 2009-08-07 16:37:12 +00:00
lukem 86814cdb3c Crank version to nb4 2009-08-07 16:32:43 +00:00
lukem ddff3f7108 Rename "expandtabs" to "expandtab" to match documentation (and vim,
where I got the idea from).
Actually implement the "et" abbreviation for expandtab.
2009-08-07 16:19:53 +00:00
christos 2ba3b8f193 constify for new openssl 2009-07-20 18:44:09 +00:00
tonnerre 7c437b76bb Fix behavior of dhcpd in the case where clientid and hardware ethernet
definitions are mixed. Fixes a refcount assertion.
2009-07-16 22:44:27 +00:00
christos 6c781e23d6 use the proper structure to get interface data. We depend on having the
NetBSD-specific ZIFDATA call to do the selection of the ioctl style.
From Patrick Welche.
2009-07-15 18:05:17 +00:00
apb 97f740f02b Add missing close quote in a usually-unreached part of an #if block.
Part of PR 41255 from Kurt Lidl.
2009-07-14 20:56:12 +00:00
roy 7027866a09 Rename internal getline() function to get_line() so it does
conflict with the soon to be added getline(3) libc function.
2009-07-13 19:05:39 +00:00
snj 55f8c3946f Fix two problems in a conditional:
- __NetBSD__Version__ -> __NetBSD_Version__
- ">= 599001200" -> "< 599001200"

This worked on current because of the __ typo.

Spotted by Geoff Wing.
2009-07-02 01:43:15 +00:00
njoly 922011108e Do set error for SMBIOC_LOOKUP ioctl failure in *SMBSERVER fallback. 2009-06-26 22:41:26 +00:00
agc 474f9d04b2 Switch over to building iscsi library, target and initiator from the
external framework.
2009-06-25 13:58:59 +00:00
christos 96a538bff1 Limit the length of the address mask before we copy it. 2009-06-23 19:50:50 +00:00
agc d94c46b0c4 Apply some fixes from HEO SeonMeyong to allow the iSCSI target to build
and operate on Mac OS X - with apologies for taking so long to apply them.
2009-06-23 05:11:46 +00:00
agc cacd735007 Simplify one routine 2009-06-23 05:08:22 +00:00
christos ac0ec62cd0 PR/40689: Nicolas Joly: awk(1) trashes memory with RE and ^ anchor
Another place to special-case HAT.
2009-06-21 20:08:44 +00:00
christos dc05b09461 PR/30294: John Darrow: nawk doesn't handle RS as a RE but as a single character 2009-06-20 23:23:12 +00:00
agc ea75669735 WARNS=4 (all sign-comparison changes) 2009-06-19 16:13:09 +00:00
christos 94e9d9b7f6 fix EOF/-1 portability. 2009-06-16 13:56:09 +00:00
minskim bea661fe98 Reduce diff with OpenBSD. No functional change. 2009-06-16 05:16:52 +00:00
minskim da9817918e Reduce diff with OpenBSD by deleting whitespace. 2009-06-16 02:18:07 +00:00
christos efdd16fa99 <= 2, from jukka salmi 2009-06-15 20:09:36 +00:00
christos ba7ea1e3fb purge/flush 0,1,2 since we did not open them, we should not be closing them.
s/EOF/-1/ as the documentation for fclose/pclose states.
2009-06-14 21:05:40 +00:00
kardel 4a186c8fa5 resolve import ntp-4-2-4p7 2009-06-13 12:02:07 +00:00
kardel be2dbc8357 Import ntp 4.2.4p7 2009-06-13 09:17:42 +00:00
ad d991fcb3b6 More changes to improve kern_descrip.c.
- Avoid atomics in more places.
- Remove the per-descriptor mutex, and just use filedesc_t::fd_lock.
  It was only being used to synchronize close, and in any case we needed
  to take fd_lock to free the descriptor slot.
- Optimize certain paths for the <NDFDFILE case.
- Sprinkle more comments and assertions.
- Cache more stuff in filedesc_t.
- Fix numerous minor bugs spotted along the way.
- Restructure how the open files array is maintained, for clarity and so
  that we can eliminate the membar_consumer() call in fd_getfile().  This is
  mostly syntactic sugar; the main functional change is that fd_nfiles now
  lives alongside the open file array.

Some measurements with libmicro:

- simple file syscalls are like close() are between 1 to 10% faster.
- some nice improvements, e.g. poll(1000) which is ~50% faster.
2009-05-24 21:41:25 +00:00
christos 91805f2d22 Fix CVE-2009-1252: Buffer overflow in ntpd crypto code. A remote
attacker can send a specially constructed request packet that would
overflow the sprintf()'ed buffer causing ntpd to crash.

XXX: Pullup to 5.x
2009-05-20 01:37:36 +00:00
wiz 983cc93f85 Sort SEE ALSO. 2009-05-18 14:11:30 +00:00
roy 45d9fd18a3 Use new way of associating, which fixes wpa with ral(4) 2009-05-13 11:57:16 +00:00
he e437fa175c Now that we have strnlen() in libc, get rid of the local
and type-conflicting implementation here instead of fixing
it locally.  I don't think (hope!) this is size-critical.
2009-05-10 22:03:22 +00:00
christos 9371e91bff reorder code to avoid uninitalized variable. 2009-05-08 12:06:11 +00:00
christos 3fde99f00c - prevent buffer overflow from Maksymilian Arciemowicz (worst case was 1041
characters and we allocated only 1024.
While here:
- use snprintf to prevent this from happening in the future.
- don't close fd twice on error.
- pass unsigned char to ctype.h functions.
2009-05-07 21:07:34 +00:00
wiz 8da40e7f0e Remove trailing whitespace. 2009-05-04 21:09:12 +00:00
wiz b10ceebb6d New sentence, new line. 2009-05-04 19:52:34 +00:00
reed 9fc4d3902e Fix roff formatting for ->
by adding an \ such as document in mdoc.7

This was reported in 41276
2009-04-24 16:48:58 +00:00
mrg 8cf404da0f add a NetBSD_DISABLED_* target for config.h.in. 2009-04-19 10:22:10 +00:00
tnozaki 41a9bd5969 fix reliability issue.
if wcwidth(3) return -1, nvi may crash by memory fault.
2009-04-19 02:28:19 +00:00
christos 6757e2669a delete old bind 2009-04-18 13:06:47 +00:00
dogcow c96865e412 more -Wsign-compare fixes. 2009-04-18 06:37:35 +00:00
christos 39a569fdc2 Fix:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0159
Using:
    https://support.ntp.org/bugs/show_bug.cgi?id=1144
XXX: Pullup to 5.x
2009-04-17 02:45:55 +00:00
tnozaki 4bdba43474 fix PR/41136: \<word search doesn't work in vi
don't reuse RCHAR_T(=wchar_t)'s bits, CSI wchar_t is opaque object.
2009-04-12 14:47:51 +00:00
lukem eb2de0beef Resolve -Wcast-qual issues. 2009-04-11 11:10:43 +00:00
kefren 430d7ee47c fix null references introduced while merging bzip2 1.0.5
fixes PR/41032
ok christos@
2009-04-06 19:33:22 +00:00
joerg 3e0637e9dd libarchive moved to src/external a while ago. 2009-04-06 15:05:52 +00:00