Julian Elischer [Tue, 13 Aug 1996 19:48:41 +0000 (19:48 +0000)]
Submitted by: doug Rabson (dfr@render.com)
cleaning up some of the vnode usage..
(I'm sure it still needs more..)
where can one find out what each vfs call expects to be locked
on completion, and how can one find out what each layer expects
to be freed on error.?
Paul Traina [Tue, 13 Aug 1996 19:43:41 +0000 (19:43 +0000)]
Completely rewrite handling of protocol field for firewalls, things are
now completely consistent across all IP protocols and should be quite a
bit faster.
Paul Traina [Tue, 13 Aug 1996 19:43:24 +0000 (19:43 +0000)]
Completely rewrite handling of protocol field for firewalls, things are
now completely consistent across all IP protocols and should be quite a
bit faster.
Use getprotoname() extensively, performed minor cleanups of admin utility.
The admin utility could use a good kick in the pants.
Basicly, these were the minimal changes I could make to the code
to get it up to tollerable shape. There will be some future commits
to clean up the basic architecture of the firewall code, and if
I'm feeling ambitious, I may pull in changes like NAT from Linux
and make the firewall hooks comletely generic so that a user can
either load the ipfw module or the ipfilter module (cf Darren Reed).
Peter Wemm [Tue, 13 Aug 1996 17:49:45 +0000 (17:49 +0000)]
Fix nasty bracketing/precedence bug. Every time something read (and
refilled) a file that was either line- or un-buffered, all files were
flushed. According to the code comment, the flush (according to ANSI)
is supposed to happen on write + line buffered output files, not _all_
files.
Obtained from: OpenBSD / Theo de Raadt, possibly from proven@cygnus.com
Julian Elischer [Tue, 13 Aug 1996 07:21:45 +0000 (07:21 +0000)]
symlink support in devfs.
it only barely works so don't get too carried away..
I noticed that teh symlink is length 0..
I guess I'll fix that tomorrow..
it also sometimes panics with "cleaned vnode isn't" but it's not more
broken than it was before.. I really want to go over it with someone
who understands the lifecycle of a vnode better than I do..
Joerg Wunsch [Mon, 12 Aug 1996 21:31:07 +0000 (21:31 +0000)]
Fix two minor oddities introduced by my yesterday's patches:
. preserve a multi-char sequence in a small static buffer inside
pccngetc(), so it won't be clobbered later (used to happen when
breaking into DDB user Ctrl-Alt-ESC), and
. simplify the ``keystroke is present'' determination in sgetc(), thus
making pccncheck() actually working without waiting for a keystroke.
There is so many places where range comparation (using collate)
needed (much more than I think initially), so I forced to add
new user-visible non-standard function to libc.
There is so many places where range comparation (using collate)
needed (much more than I think initially), so I forced to add
new user-visible non-standard function to libc.
Peter Wemm [Mon, 12 Aug 1996 17:12:07 +0000 (17:12 +0000)]
Extend the poll code so that it can periodically scan the host cards
for work regardless of whether there was an interrupt. This needs more
work, it should be able to run better when there are more than 3 host
cards present, ie: all cards in polling-only mode with no IRQ. (The
host cards have a choice of 3 irq's, 11, 12, or 15, or just polling)
Peter Wemm [Mon, 12 Aug 1996 17:03:30 +0000 (17:03 +0000)]
Add a simple -v (verbose) option that allows you to see when -C actually
installs something. This is not 100% right, since it has a false hit
when install -C snaps hard links.
Also, run strip(1) from the $PATH, otherwise you need a special version
of install to install (say) elf binaries which have a different strip.
With JDP's elfkit, the layout of the path determines which binary format
you are generating.
Peter Wemm [Mon, 12 Aug 1996 14:45:26 +0000 (14:45 +0000)]
Add new option to chpass: -e "expire" ; change the account expire time
from a script as if it was done in the interactive editor.
When reassembling the gecos string, trim any excess trailing commas, they
look ugly in the passwd file. :-)
Have a simple Makefile tweak to prevent mortal users from changing their
fullname. As ISP's we have seem some real bizzare stuff here..
When decoding the change/expire string, allow the month number as a
synonym for the name of the month.. (ie: 1 as well as Jan or January)
Note that using numbers means there's a chance that you can get bitten
if you're not used to the American DD-MM-YY order.
Peter Wemm [Mon, 12 Aug 1996 14:14:09 +0000 (14:14 +0000)]
clear sockaddr_in's on stack before use
set sin_len
close one ftp port bounce attack
have rresvport() use bindresvport() rather than duplicate the code,
rresvport() is a superset of bindresvport().
Obtained from: OpenBSD / Jason Downs / Theo de Raadt, minor tweaks by me.
Peter Wemm [Mon, 12 Aug 1996 14:05:54 +0000 (14:05 +0000)]
Add two more portrange sysctls, which control the area of the below
IPPORT_RESERVED that is used for selection when bind() is told to allocate
a reserved port.
Also, implement simple sanity checking for all the addresses set, to make
it a little harder for a user/sysadmin to shoot themselves in the feet.
Peter Wemm [Mon, 12 Aug 1996 11:48:49 +0000 (11:48 +0000)]
Remove the quotes from some of the kernel options that dont need it.
eg: options "SCSI_DELAY=15" should be options SCSI_DELAY=15, as config
knows about the "=" and splits it correctly into key=value for the #defines.
The only options that need quotes are those that have numbers as part of
the actual name, eg: "TUNE_1542" and "COMPAT_IBCS2".
Bill Paul [Mon, 12 Aug 1996 00:53:02 +0000 (00:53 +0000)]
Apply my small patch to make detection of ATAPI CD-ROMs happen a
little more reliably. So far I've received a couple of positive
responses and no objections to these changes.
There are two one-line changes:
- In wdprobe(), when testing the error status of drives, don't
unconditionally decide that there is no controller present if we
read back a value of 0x81 (drive 0 okay, drive 1 failed) twice
in a row. This may be caused by having an ATAPI CD-ROM jumpered
as a master on the controller with no slave.
- In wdgetctlr(), when checking for a status of WDCS_READY, check the
value twice. The first time may be bogus. This stops a phantom wd2
device from being detected when an ATAPI CD-ROM is attached to the
secondary controller alone as a slave. (This can cause installation to
fail when sysinstall attempts to open the phantom device and wedges the
system as a result. This has bitten me a couple of times on some
Gateway 2000 machines.)
Paul Traina [Sun, 11 Aug 1996 17:29:37 +0000 (17:29 +0000)]
Previously, if the dial script had any problems, pppd would simply
bomb out. Unfortunately, FreeBSD's sio driver and certain internal
modems don't get along very well, which can cause the serial port to
wedge until it is closed and reopened.
Add new variable, connect-max-attempts, default = 1 (to mimic previous
behavior). If > 1, will try up to "n" times to dial remote site before
aborting.
Peter Wemm [Sun, 11 Aug 1996 12:31:57 +0000 (12:31 +0000)]
Add a hook ``MANFILTER''. This optionally specifies a command to
pipe the man page source through before compressing or installing.
This can be used to do do (eg) sed substitution on man pages from
3rd party packages (in particular, ncurses and bind-4.9.4)
This should not affect anything already in the source tree.
Joerg Wunsch [Sat, 10 Aug 1996 22:14:36 +0000 (22:14 +0000)]
Fix many long-standing bugs and problems with pcvt, namely:
. make pccncheck() work even when interrupts are disabled, so the
``Press a key on the console...'' procedure will work,
. make kernel colors #ifndef, so they can be overridden from the
config file,
. use shutdown_nice() instead of cpu_reset() if Ctrl-Alt-Del is
enabled,
. allow pccngetc() to return more than a single character, so the
arrow keys will work (and thus visual UserConfig!),
. fix a warning.
This closes all know PRs related to pcvt, in particular #845, #1236,
and #1265. PR #991 is a duplicate for 845, and PR #1283 has already
been fixed earlier in rev 1.11 of pcvt_conf.h.
Submitted by: Ulf Kieber (kieber@sax.de), for the kernel color fix
Joerg Wunsch [Sat, 10 Aug 1996 13:38:44 +0000 (13:38 +0000)]
Finally implement a simple commandline history in DDB.
Emacs-style line editing has already been there (did anybody ever
notice this? :), so i `only' had to add ^P and ^N. The approach is
fairly minimalistic, with the advantage of keeping the bloat as small
as 864 bytes of .text and 16 bytes of .bss, plus 10*120 bytes
malloc'ed history buffer at the first use.
Peter Wemm [Sat, 10 Aug 1996 07:54:17 +0000 (07:54 +0000)]
Remove the need for rdist(1) to run setuid, thus completely closing any
possibility of a security hole. It now does what rdist-6 does, and calls
/usr/bin/rsh if not running as root. There are NO protocol changes, this
is 100% compatable with the old rdist, except that it does not need setuid
root privs.
However, there are some minor differences to the base rdist-6 code in that
if it is being run by root, it will call rcmd(3) directly rather than
piping everything through rsh(1). This is a little more efficient as it
doesn't involve context switching on pipe reads/writes.
Also, the -P option was added from rdist-6.1.2, which allows an alternative
rsh program to be specified, such as ssh. Note that it requires the fixes
to the ssh port to disable the unconditional USE_PIPES option that was
recently added. The rcmd(3) optimisation is disabled if a non-rsh program
is speficied.
Peter Wemm [Sat, 10 Aug 1996 06:35:35 +0000 (06:35 +0000)]
Trivial cosmetic tweak to make the i[56]86 CPU MHz reprting round to the
nearest .01 Mhz rather than simply truncating it downwards.
This hack makes this 89.999928 Mhz clock correctly round to the closer
90.00-MHz rather than 89.99-MHz:
> i586 clock: 89999928 Hz, i8254 clock: 1193152 Hz
> CPU: Pentium (90.00-MHz 586-class CPU)
Julian Elischer [Fri, 9 Aug 1996 22:57:06 +0000 (22:57 +0000)]
Submitted by: archie@whistle.com
allow a tunnel interface to be openned even if it has no remote address yet.
this may be needed if you have used
route add default -interface tun0
where the remote end might not even HAVE a number (e.g. netcom links)