Originally, MKCRYPTO was introduced because the United States
classified cryptography as a munition and restricted its export. The
export controls were substantially relaxed fifteen years ago, and are
essentially irrelevant for software with published source code.
In the intervening time, nobody bothered to remove the option after
its motivation -- the US export restriction -- was eliminated. I'm
not aware of any other operating system that has a similar option; I
expect it is mainly out of apathy for churn that we still have it.
Today, cryptography is an essential part of modern computing -- you
can't use the internet responsibly without cryptography.
The position of the TNF board of directors is that TNF makes no
representation that MKCRYPTO=no satisfies any country's cryptography
regulations.
My personal position is that the availability of cryptography is a
basic human right; that any local laws restricting it to a privileged
few are fundamentally immoral; and that it is wrong for developers to
spend effort crippling cryptography to work around such laws.
As proposed on tech-crypto, tech-security, and tech-userlevel to no
objections:
https://mail-index.netbsd.org/tech-crypto/2017/05/06/msg000719.htmlhttps://mail-index.netbsd.org/tech-security/2017/05/06/msg000928.htmlhttps://mail-index.netbsd.org/tech-userlevel/2017/05/06/msg010547.html
P.S. Reviewing all the uses of MKCRYPTO in src revealed a lot of
*bad* crypto that was conditional on it, e.g. DES in telnet... That
should probably be removed too, but on the grounds that it is bad,
not on the grounds that it is (nominally) crypto.
bta2dpd allows you to stream audio to and from bluetooth devices.
It features high quality stereo audio and is intended for use with pad(4)
device.
As discussed on current-users@ and tech-userlevel@
Note that as of this writing the tool continues to work with the old
proplib-xml packet interface against the new libquota(3), so anyone
who has a use for it can bring it back from the Attic and/or create a
pkgsrc package.
Approved by releng for the freeze, and specifically okayed by core a
couple months ago.
This code has been developed by Abhinav Upadhyay as part of Google's Summer
of Code 2011. It uses libmandoc to parse man pages and builds a Full
Text Index in a SQLite database. The combination of indexing the full
manual page, filtering out stop words and ranking individual matches
based on the section gives a much improved user experience.
The old makewhatis and friends are kept under MKMAKEMANDB=no for now.
to store disk quota usage and limits, integrated with ffs
metadata. Usage is checked by fsck_ffs (no more quotacheck)
and is covered by the WAPBL journal. Enabled with kernel
option QUOTA2 (added where QUOTA was enabled in kernel config files),
turned on with tunefs(8) on a per-filesystem
basis. mount_mfs(8) can also turn quotas on.
See http://mail-index.netbsd.org/tech-kern/2011/02/19/msg010025.html
for details.
of Szeged, Hungary.
The commit includes:
- Flash layer, which gives a common API to access flash devices
- NAND controller subsystem for the flash layer
- An example OMAP driver which is used on BeagleBoard or alike ARM boards
- Designed to be fully MP-safe and highly efficient.
- Tables/IP sets (hash or red-black tree) for high performance lookups.
- Stateful filtering and Network Address Port Translation (NAPT).
Framework for application level gateways (ALGs).
- Packet inspection engine called n-code processor - inspired by BPF -
supporting generic RISC-like and specific CISC-like instructions for
common patterns (e.g. IPv4 address matching). See npf_ncode(9) manual.
- Convenient userland utility npfctl(8) with npf.conf(8).
NOTE: This is not yet a fully capable alternative to PF or IPFilter.
Further work (support for binat/rdr, return-rst/return-icmp, common ALGs,
state saving/restoring, logging, etc) is in progress.
Thanks a lot to Matt Thomas for various useful comments and code review.
Aye by: board@
It offer the following subcommands:
list - shows all child codec
get - get a plist of the chosen codec's widget configuration
set - forcibly reconfigure a specified codec from a plist
graph - generate a graphviz file for the specified codec
ethernet, allowing machines to be powered up without physical access to them.
tonnerre@ and tron@ reviewed it and decided that the bin directories
are not to full for this small and useful command.
ddb running on crash dumps, but with two notable changes:
- Breakpoints, watches, etc are obviously never going to work so they
are not handled.
- You can pipe output to the shell, e.g. ps | grep foo
Items remaining to be done:
- Port it to architectures other than i386. This isn't difficult, just
a case of making db_disasm.c/db_trace.c or their equivalent compile
and work.
- Make more of the "show" commands work, e.g "show uvmexp".
and DVD's behave like floppy discs. Writing is supported upto and including
version 2.01; version 2.50 and 2.60 will follow.
Also extending the UDF implementation to support symbolic links and
hardlinks.
Added are the mmcformat(8) tool to format rewritable CD/DVD discs and
newfs_udf(8).
Limitations:
all operations can be performed on the file system though the
sheduling is currently optimised for archiving workloads.
mv(1)/rename(2) is currently only implemented for non-directories.
btuartd(8) should be named btattach(8) for consistency
with other parts of NetBSD
make btattach(8) a single-use tool for less complexity
device specicific initialisation (from btuart(4)) is carried
out prior to activating the line discipline (in btattach(8)),
which simplifies the API somewhat and means that the user
tool and the kernel do not need to be kept in sync.
btuart(4) driver is much reduced; naming is made consistent
and all tsleep() and delay() are removed to userland
Add schedctl(8) - a program to control scheduling of processes and threads.
Notes:
- This is supported only by SCHED_M2;
- Migration of LWP mechanism will be revisited;
Proposed on: <tech-kern>. Reviewed by: <ad>.
