diff options
36 files changed, 269 insertions, 249 deletions
diff --git a/lib/libc/gen/auth_subr.3 b/lib/libc/gen/auth_subr.3 index e748c1ac71c..9af34a4a533 100644 --- a/lib/libc/gen/auth_subr.3 +++ b/lib/libc/gen/auth_subr.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: auth_subr.3,v 1.15 2004/08/03 19:43:31 millert Exp $ +.\" $OpenBSD: auth_subr.3,v 1.16 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1997 Berkeley Software Design, Inc. All rights reserved. .\" @@ -61,7 +61,7 @@ .Fd #include <login_cap.h> .Fd #include <bsd_auth.h> .Ft auth_session_t * -.Fn auth_open +.Fn auth_open "void" .Ft int .Fn auth_close "auth_session_t *as" .Ft int @@ -100,7 +100,7 @@ .Fn auth_setoption "auth_session_t *as" "char *name" "char *value" .Ft int .Fn auth_setpwd "auth_session_t *as" "struct passwd *pwd" -.Ft int +.Ft void .Fn auth_setstate "auth_session_t *as" "int state" .Sh DESCRIPTION These functions provide the lower level interface to the BSD @@ -127,11 +127,11 @@ A return value of 0 implies the user was not authenticated. A non-zero return value is made up of 1 or more of the following values ORed together: .Bl -tag -width AUTH_ROOTOKAYXX -.It Li AUTH_OKAY +.It Dv AUTH_OKAY The user was authenticated. -.It Li AUTH_ROOTOKAY +.It Dv AUTH_ROOTOKAY The user was authenticated with a root instance. -.It Li AUTH_SECURE +.It Dv AUTH_SECURE The user was authenticated via a mechanism which is not subject to eavesdropping attacks (such as provided by token cards). .El @@ -141,20 +141,20 @@ The full state of the session is returned by the function. In addition to the values above, it also may contain the bits: .Bl -tag -width AUTH_ROOTOKAYXX -.It Li AUTH_SILENT +.It Dv AUTH_SILENT Do not report an error, the user was not authenticated for access and was not expected to be. -This is returned by login scripts that allow changing of the users password, +This is returned by login scripts that allow changing of the user's password, for instance. This value is stripped off for normal returns. -.It Li AUTH_CHALLENGE +.It Dv AUTH_CHALLENGE The user was not authenticated for access and a challenge was issued. The challenge should be displayed to the user, a response retrieved, and the result verified. This value is stripped off for normal returns. -.It Li AUTH_EXPIRED +.It Dv AUTH_EXPIRED The user's account has expired. -.It Li AUTH_PWEXPIRED +.It Dv AUTH_PWEXPIRED The user's password has expired and needs to be changed. .El .Pp @@ -186,9 +186,9 @@ does not pass the requirements of the function. .It Ar ... The remaining arguments, which should be of type -.Ft char * +.Vt char * and terminated with a -.Dv NULL +.Dv NULL , are passed to the login script at the end of the command line. .El .Pp @@ -246,7 +246,7 @@ The back channel data may also contain a file descriptor passed back from the login script. If this is the case, the login script will first send back the string .Dq fd -to indidate that a file descriptor will be the next data item. +to indicate that a file descriptor will be the next data item. The file descriptor will be passed back to the next invocation of the login script with a number specified by the .Fl v Ar fd @@ -278,14 +278,14 @@ and .Ev SHELL . The .Ev PATH -is set to the default path ( -.Pa /bin +is set to the default path +.Pa ( /bin and .Pa /usr/bin ) while the .Ev SHELL -is set to the default system shell ( -.Pa /bin/sh ) . +is set to the default system shell +.Pq Pa /bin/sh . .Pp The .Fn auth_challenge @@ -323,7 +323,7 @@ or .Li AUTH_EXPIRED as well as clearing any bits which would indicate the authentication was successful. -If the password or account has not expired they return the number of +If the password or account has not expired, they return the number of seconds left until the account does expire. The return value of -1 can either indicate the password or account just expired or that no password entry was set for the current session. @@ -349,18 +349,18 @@ function returns the value of The .Fa item may be one of: -.Bl -tag -width AUTH_ROOTOKAYXX -.It Li AUTH_CHALLENGE +.Bl -tag -width AUTH_INTERACTIVE +.It Dv AUTH_CHALLENGE The latest challenge, if any, set for the session. -.It Li AUTH_CLASS +.It Dv AUTH_CLASS The class of the user, as defined by the .Pa /etc/login.conf file. This value is not directly used by BSD Authentication, rather, it is passed to the login scripts for their possible use. -.It Li AUTH_INTERACTIVE -If set to any value then the session is tagged as interactive. -If not set the session is not interactive. +.It Dv AUTH_INTERACTIVE +If set to any value, then the session is tagged as interactive. +If not set, the session is not interactive. When the value is requested it is always either .Dv NULL or @@ -368,14 +368,14 @@ or The auth subroutines may choose to provide additional information to standard output or standard error when the session is interactive. There is no functional change in the operation of the subroutines. -.It Li AUTH_NAME +.It Dv AUTH_NAME The name of the user being authenticated. The name should include the instance, if any, that is being requested. -.It Li AUTH_SERVICE +.It Dv AUTH_SERVICE The service requesting the authentication. Initially it is set to the default service which provides the traditional interactive service. -.It Li AUTH_STYLE +.It Dv AUTH_STYLE The style of authentication being performed, as defined by the .Pa /etc/login.conf file. diff --git a/lib/libc/gen/authenticate.3 b/lib/libc/gen/authenticate.3 index 1b564df4028..9ec5cdec87d 100644 --- a/lib/libc/gen/authenticate.3 +++ b/lib/libc/gen/authenticate.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: authenticate.3,v 1.8 2005/02/25 03:12:43 cloder Exp $ +.\" $OpenBSD: authenticate.3,v 1.9 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1997 Berkeley Software Design, Inc. All rights reserved. .\" @@ -57,11 +57,11 @@ .Ft int .Fn auth_userresponse "auth_session_t *as" "char *response" "int more" .Ft int -.Fn auth_approval "auth_session_t *as" "login_cap_t *lc" "char *name" "char *type" +.Fn auth_approval "auth_session_t *as" "struct login_cap *lc" "char *name" "char *type" .Ft int .Fn auth_cat "char *file" .Ft void -.Fn auth_checknologin "login_cap_t *lc" +.Fn auth_checknologin "struct login_cap *lc" .Ft char * .Fn auth_mkvalue "char *value" .Ft auth_session_t * @@ -83,16 +83,16 @@ and the .Fn auth_userokay function returns a simple yes/no response. -A return value of 0 implies failure, a non-zero return value implies success. +A return value of 0 implies failure; a non-zero return value implies success. If .Ar style is not -.Dv NULL +.Dv NULL , it specifies the desired style of authentication to be used. If it is .Dv NULL then the default style for the user is used. -In this case +In this case, .Ar name may include the desired style by appending it to the user's name with a single colon @@ -125,7 +125,7 @@ The function operates the same as the .Fn auth_userokay function except that it does not close the BSD Authentication session created. -Rather than returning the status of the session it returns +Rather than returning the status of the session, it returns a pointer to the newly created BSD Authentication session. .Pp The @@ -174,10 +174,10 @@ The string will be prepended to .Ar type if missing. -The resulting type is used to look up an entry in the +The resulting type is used to look up an entry in .Pa /etc/login.conf for the user's class. -If the entry is missing the generic entry for +If the entry is missing, the generic entry for .Dq approve will be used. The @@ -237,9 +237,8 @@ will be called with a value of 1. The .Fn auth_verify function is a front end to the -.Fn auth_call -function -.Pq see Xr auth_subr 3 . +.Xr auth_call 3 +function. It will open a BSD Authentication session, if needed, and will set the style and user name based on the .Ar style @@ -255,16 +254,14 @@ those pointers will become invalid). The variable arguments are passed to .Fn auth_call via the -.Fn auth_set_va_list -function -.Pq see Xr auth_subr 3 . +.Xr auth_set_va_list 3 +function. The, possibly created, BSD Authentication session is returned. The -.Fn auth_getstate +.Xr auth_getstate 3 or -.Fn auth_close +.Xr auth_close 3 function -.Pq see Xr auth_subr 3 should be used to determine the outcome of the authentication request. .Pp The @@ -292,9 +289,9 @@ The and .Fn auth_userchallenge functions call -.Fn getpwnam +.Xr getpwnam 3 or -.Fn getpwuid , +.Xr getpwuid 3 , overwriting the static storage used by the .Xr getpwent 3 family of routines. diff --git a/lib/libc/gen/err.3 b/lib/libc/gen/err.3 index 6257b755cc5..363a0166fd1 100644 --- a/lib/libc/gen/err.3 +++ b/lib/libc/gen/err.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: err.3,v 1.14 2003/06/02 20:18:34 millert Exp $ +.\" $OpenBSD: err.3,v 1.15 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1993 .\" The Regents of the University of California. All rights reserved. @@ -175,9 +175,9 @@ functions first appeared in It is important never to pass a string with user-supplied data as a format without using .Ql %s . -An attacker can put format specifiers in the string to mangle your stack, +An attacker can put format specifiers in the string to mangle the stack, leading to a possible security hole. -This holds true even if you have built the string +This holds true even if the string has been built .Dq by hand using a function like .Fn snprintf , diff --git a/lib/libc/gen/exec.3 b/lib/libc/gen/exec.3 index 12207316ea6..81082e528bb 100644 --- a/lib/libc/gen/exec.3 +++ b/lib/libc/gen/exec.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: exec.3,v 1.18 2005/07/22 02:47:28 jaredy Exp $ +.\" $OpenBSD: exec.3,v 1.19 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -129,7 +129,7 @@ The search path is the path specified in the environment by .Ev PATH variable. If this variable isn't specified, -.Va _PATH_DEFPATH +.Dv _PATH_DEFPATH from .Aq Pa paths.h is used instead, its value being: diff --git a/lib/libc/gen/fnmatch.3 b/lib/libc/gen/fnmatch.3 index c6df23052db..5bf498973e7 100644 --- a/lib/libc/gen/fnmatch.3 +++ b/lib/libc/gen/fnmatch.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: fnmatch.3,v 1.10 2003/06/02 20:18:34 millert Exp $ +.\" $OpenBSD: fnmatch.3,v 1.11 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1989, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -102,7 +102,7 @@ a period is leading if it immediately follows a slash. .It Dv FNM_LEADING_DIR Ignore -.Nm /* +.Sq /* rest after successful .Fa pattern matching. diff --git a/lib/libc/gen/fts.3 b/lib/libc/gen/fts.3 index 8fc386a4d25..7a40e991148 100644 --- a/lib/libc/gen/fts.3 +++ b/lib/libc/gen/fts.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: fts.3,v 1.21 2005/03/01 15:38:39 mpf Exp $ +.\" $OpenBSD: fts.3,v 1.22 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1989, 1991, 1993, 1994 .\" The Regents of the University of California. All rights reserved. @@ -601,7 +601,7 @@ or .Fn fts_read on the same file hierarchy stream. .Pp -.Fa option +.Fa options may be set to the following value: .Bl -tag -width FTS_NAMEONLY .It Dv FTS_NAMEONLY @@ -665,7 +665,7 @@ fields of the structure, when returned by .Fn fts_read , will reflect the target of the symbolic link instead of the symbolic link itself. -In either case, if the target of the symbolic link does not exist the +In either case if the target of the symbolic link does not exist, the fields of the returned structure will be unchanged and the .Fa fts_info field will be set to @@ -746,6 +746,6 @@ The specified option is invalid. .Sh STANDARDS The .Nm -utility is expected to be included in a future +API is expected to be included in a future .St -p1003.1-88 revision. diff --git a/lib/libc/gen/ftw.3 b/lib/libc/gen/ftw.3 index 731f8df9a80..10fc986f71c 100644 --- a/lib/libc/gen/ftw.3 +++ b/lib/libc/gen/ftw.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ftw.3,v 1.5 2004/01/25 14:48:32 jmc Exp $ +.\" $OpenBSD: ftw.3,v 1.6 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 2003 Todd C. Miller <Todd.Miller@courtesan.com> .\" @@ -68,10 +68,10 @@ function passes the aforementioned arguments plus a pointer to a structure as defined by .Aq Pa ftw.h (shown below): -.Bd -literal +.Bd -literal -offset indent struct FTW { - int base; /* offset of basename into pathname */ - int level; /* directory depth relative to starting point */ + int base; /* offset of basename into pathname */ + int level; /* directory depth relative to starting point */ }; .Ed .Pp @@ -121,7 +121,7 @@ function has an additional argument with the following possible values: .Bl -tag -width FTW_MOUNT .It Dv FTW_PHYS -Physical walk, don't follow symbolic links. +Physical walk: don't follow symbolic links. .It Dv FTW_MOUNT The walk will not cross a mount point. .It FTW_DEPTH @@ -170,7 +170,7 @@ for any of the errors specified for the library functions and .Xr readdir 3 . If the -.Dv FGTW_CHDIR +.Dv FTW_CHDIR flag is set, the .Fn nftw function may fail and set diff --git a/lib/libc/gen/getcap.3 b/lib/libc/gen/getcap.3 index 188b9c01783..22e874edb7e 100644 --- a/lib/libc/gen/getcap.3 +++ b/lib/libc/gen/getcap.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: getcap.3,v 1.28 2005/02/25 03:12:43 cloder Exp $ +.\" $OpenBSD: getcap.3,v 1.29 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1992, 1993 .\" The Regents of the University of California. All rights reserved. @@ -240,15 +240,15 @@ copy pointed to by expansion is done (see .Ic tc= comments below). -Upon completion of the database 0 is returned, 1 is returned upon successful -return of record with possibly more remaining (we haven't reached the end of -the database yet), 2 is returned if the record contains an unresolved +Upon completion of the database 0 is returned; 1 is returned upon successful +return of a record with possibly more remaining (the end of the database has +not been reached yet); 2 is returned if the record contains an unresolved .Ic tc -expansion, \-1 is returned if an system error occurred, and \-2 +expansion; \-1 is returned if an system error occurred; and \-2 is returned if a potential reference loop is detected (see .Ic tc= comments below). -Upon completion of database (0 return) the database is closed. +Upon completion of database (0 return), the database is closed. .Pp .Fn cgetclose closes the file descriptor and resets state used for sequential access. @@ -324,7 +324,7 @@ giving four names that can be used to access the record. .Pp The remaining non-empty capabilities describe a set of (name, value) bindings, consisting of a name optionally followed by a typed value: -.Bl -column "nameTvalue" +.Bl -column "nameTvalue" -offset indent .It name Ta "typeless [boolean] capability" .Em name No "is present [true]" .It name Ns Em \&T Ns value Ta capability @@ -434,7 +434,7 @@ Two types are predefined by .Fn cgetnum and .Fn cgetstr : -.Bl -column "nameXnumber" +.Bl -column "nameXnumber" -offset indent .Sm off .It Em name No \&# Em number Ta numeric capability @@ -470,7 +470,7 @@ Non-printable .Dv ASCII codes, new lines, and colons may be conveniently represented by the use of escape sequences: -.Bl -column "\e\|X,X\e\|X" "(ASCII octal nnn)" +.Bl -column "\e\|X,X\e\|X" "(ASCII octal nnn)" -offset indent ^X ('\fIX\fP' & 037) control-\fIX\fP \e\|b, \e\|B (ASCII 010) backspace \e\|t, \e\|T (ASCII 011) tab diff --git a/lib/libc/gen/getnetgrent.3 b/lib/libc/gen/getnetgrent.3 index 43840671545..409c9dc28ee 100644 --- a/lib/libc/gen/getnetgrent.3 +++ b/lib/libc/gen/getnetgrent.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: getnetgrent.3,v 1.11 2003/06/02 20:18:34 millert Exp $ +.\" $OpenBSD: getnetgrent.3,v 1.12 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1992, 1993 .\" The Regents of the University of California. All rights reserved. @@ -69,7 +69,7 @@ The function sets the three pointer arguments to the strings of the next member of the current netgroup. If any of the string pointers are -.Fa (char *)0 , +.Dv NULL , those fields are considered wildcards. .Pp The functions @@ -94,7 +94,7 @@ If any of the or .Ar domain arguments are -.Fa (char *)0 , +.Dv NULL , those fields will match any string value in the netgroup member. .Sh RETURN VALUES The function diff --git a/lib/libc/gen/getpwent.3 b/lib/libc/gen/getpwent.3 index 774868384d6..51217412040 100644 --- a/lib/libc/gen/getpwent.3 +++ b/lib/libc/gen/getpwent.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: getpwent.3,v 1.19 2003/06/02 20:18:34 millert Exp $ +.\" $OpenBSD: getpwent.3,v 1.20 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1988, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -116,7 +116,7 @@ function closes any open files. .Pp These routines have been written to .Dq shadow -the password file, e.g., +the password file, i.e., allow only certain programs to have access to the encrypted password. If the process which calls them has an effective UID of 0 or has the .Dq _shadow diff --git a/lib/libc/gen/getttyent.3 b/lib/libc/gen/getttyent.3 index 035881812e9..6956b6ed551 100644 --- a/lib/libc/gen/getttyent.3 +++ b/lib/libc/gen/getttyent.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: getttyent.3,v 1.9 2003/06/02 20:18:34 millert Exp $ +.\" $OpenBSD: getttyent.3,v 1.10 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1989, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -53,17 +53,17 @@ and .Fn getttynam functions each return a pointer to an object, with the following structure, containing the broken-out fields of a line from the tty description file. -.Bd -literal +.Bd -literal -offset indent struct ttyent { char *ty_name; /* terminal device name */ char *ty_getty; /* command to execute */ char *ty_type; /* terminal type */ #define TTY_ON 0x01 /* enable logins */ #define TTY_SECURE 0x02 /* allow uid of 0 to login */ -#define TTY_LOCAL 0x04 /* set 'CLOCAL' on open (dev. specific) */ -#define TTY_RTSCTS 0x08 /* set 'CRTSCTS' on open (dev. specific) */ -#define TTY_SOFTCAR 0x10 /* ignore hardware carrier (dev. spec.) */ -#define TTY_MDMBUF 0x20 /* set 'MDMBUF' on open (dev. specific) */ +#define TTY_LOCAL 0x04 /* set 'CLOCAL' on open */ +#define TTY_RTSCTS 0x08 /* set 'CRTSCTS' on open */ +#define TTY_SOFTCAR 0x10 /* ignore hardware carrier */ +#define TTY_MDMBUF 0x20 /* set 'MDMBUF' on open */ int ty_status; /* flag values */ char *ty_window; /* command for window manager */ char *ty_comment; /* comment field */ diff --git a/lib/libc/gen/getusershell.3 b/lib/libc/gen/getusershell.3 index c77ed5e1004..66778682711 100644 --- a/lib/libc/gen/getusershell.3 +++ b/lib/libc/gen/getusershell.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: getusershell.3,v 1.11 2005/04/02 17:06:27 millert Exp $ +.\" $OpenBSD: getusershell.3,v 1.12 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1985, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -75,7 +75,7 @@ closes it. .Sh DIAGNOSTICS The routine .Fn getusershell -returns a null pointer +returns a null pointer on .Dv EOF . .Sh SEE ALSO .Xr shells 5 diff --git a/lib/libc/gen/glob.3 b/lib/libc/gen/glob.3 index 1f97e40593b..730771b9368 100644 --- a/lib/libc/gen/glob.3 +++ b/lib/libc/gen/glob.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: glob.3,v 1.22 2005/07/22 02:54:19 jaredy Exp $ +.\" $OpenBSD: glob.3,v 1.23 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1989, 1991, 1993, 1994 .\" The Regents of the University of California. All rights reserved. @@ -53,13 +53,13 @@ The include file defines the structure type .Li glob_t , which contains at least the following fields: -.Bd -literal +.Bd -literal -offset indent typedef struct { - int gl_pathc; /* count of total paths so far */ - int gl_matchc; /* count of paths matching pattern */ - int gl_offs; /* reserved at beginning of gl_pathv */ - int gl_flags; /* returned flags */ - char **gl_pathv; /* list of paths matching pattern */ + int gl_pathc; /* count of total paths so far */ + int gl_matchc; /* count of paths matching pattern */ + int gl_offs; /* reserved at beginning of gl_pathv */ + int gl_flags; /* returned flags */ + char **gl_pathv; /* list of paths matching pattern */ } glob_t; .Ed .Pp @@ -199,13 +199,13 @@ structure have been initialized with alternate functions for .Fn glob to use to open, read, and close directories and to get stat information -on names found in those directories. +on names found in those directories: .Bd -literal - void *(*gl_opendir)(const char * name); + void *(*gl_opendir)(const char *); struct dirent *(*gl_readdir)(void *); void (*gl_closedir)(void *); - int (*gl_lstat)(const char *name, struct stat *st); - int (*gl_stat)(const char *name, struct stat *st); + int (*gl_lstat)(const char *, struct stat *); + int (*gl_stat)(const char *, struct stat *); .Ed .Pp This extension is provided to allow programs such as @@ -257,7 +257,7 @@ Limit the amount of memory used by matches to This option should be set for programs that can be coerced to a denial of service attack via patterns that expand to a very large number of matches, such as a long string of -.Li */../*/.. +.Ql */../*/.. . .El .Pp If, during the search, a directory is encountered that cannot be opened diff --git a/lib/libc/gen/lockf.3 b/lib/libc/gen/lockf.3 index e7b0c7bae28..65d2e5d8181 100644 --- a/lib/libc/gen/lockf.3 +++ b/lib/libc/gen/lockf.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: lockf.3,v 1.9 2000/04/18 03:01:27 aaron Exp $ +.\" $OpenBSD: lockf.3,v 1.10 2005/07/22 03:16:58 jaredy Exp $ .\" $NetBSD: lockf.3,v 1.1 1997/12/20 20:23:17 kleink Exp $ .\" .\" Copyright (c) 1997 The NetBSD Foundation, Inc. @@ -142,7 +142,9 @@ controlled by the process. Locked sections will be unlocked starting at the current file offset through .Fa size -bytes or to the end of the file if size is 0. +bytes or to the end of the file if +.Fa size +is 0. When all of a locked section is not released (that is, when the beginning or end of the area to be unlocked falls within a locked section), the remaining portions of @@ -156,7 +158,9 @@ system-imposed limit, the request will fail. .Pp An .Dv F_ULOCK -request in which size is non-zero and the offset of the last byte of +request in which +.Fa size +is non-zero and the offset of the last byte of the requested section is the maximum value for an object of type .Li off_t , when the process has an existing lock in which size is 0 and @@ -176,7 +180,7 @@ locked region is unlocked would cause a deadlock and fails with an error. .Pp .Fn lockf , -.Xr fcntl 2 +.Xr fcntl 2 , and .Xr flock 2 locks may be safely used concurrently. @@ -234,7 +238,7 @@ The argument is not one of .Dv F_ULOCK , .Dv F_LOCK , -.Dv F_TLOCK +.Dv F_TLOCK , or .Dv F_TEST . .Pp @@ -246,7 +250,7 @@ The argument .Fa function is .Dv F_ULOCK , -.Dv F_LOCK +.Dv F_LOCK , or .Dv F_TLOCK , and satisfying the lock or unlock request would result in the number diff --git a/lib/libc/gen/login_cap.3 b/lib/libc/gen/login_cap.3 index 5273b3c4acb..66aed5bc335 100644 --- a/lib/libc/gen/login_cap.3 +++ b/lib/libc/gen/login_cap.3 @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $OpenBSD: login_cap.3,v 1.12 2004/08/09 21:15:09 millert Exp $ +.\" $OpenBSD: login_cap.3,v 1.13 2005/07/22 03:16:58 jaredy Exp $ .\" BSDI $From: login_cap.3,v 1.4 1997/11/07 16:22:27 jch Exp $ .\" .Dd July 16, 1996 @@ -56,7 +56,7 @@ .Ft char * .Fn login_getstyle "login_cap_t *lc" "char *style" "char *type" .Ft int -.Fn login_getcapbool "login_cap_t *lc" "char *cap" "u_int def" +.Fn login_getcapbool "login_cap_t *lc" "char *cap" "unsigned int def" .Ft quad_t .Fn login_getcapnum "login_cap_t *lc" "char *cap" "quad_t def" "quad_t err" .Ft quad_t @@ -70,9 +70,9 @@ .Ft int .Fn secure_path "char *path" .Ft int -.Fn setclasscontext "char *class" "u_int flags" +.Fn setclasscontext "char *class" "unsigned flags" .Ft int -.Fn setusercontext "login_cap_t *lc" "struct passwd *pwd" "uid_t uid" "u_int flags" +.Fn setusercontext "login_cap_t *lc" "struct passwd *pwd" "uid_t uid" "unsigned flags" .Sh DESCRIPTION The .Fn login_getclass @@ -131,8 +131,8 @@ If .Ar type is .Dv NULL -then only "auth" will be looked at. -(See +then only "auth" will be looked at +(see .Xr login.conf 5 ) . The .Fn login_getstyle @@ -166,7 +166,7 @@ It returns .Ar def if no capabilities were found for this class (typically meaning that the default class was used and the -.Li /etc/login.conf +.Pa /etc/login.conf file is missing). It returns a non-zero value if .Ar cap , @@ -193,8 +193,8 @@ Only the .Dv LOGIN_SETRESOURCES , and .Dv LOGIN_SETUMASK -bits are used. -(See +bits are used +(see .Fn setusercontext below). It returns 0 on success and \-1 on failure. @@ -235,7 +235,7 @@ are: .It Dv LOGIN_SETENV Sets environment variables specified by the setenv keyword. .It Dv LOGIN_SETGROUP -Set the group id and call +Set the group ID and call .Xr initgroups 3 . Requires the .Ar pwd diff --git a/lib/libc/gen/nice.3 b/lib/libc/gen/nice.3 index 305495b41a2..f7de88363d6 100644 --- a/lib/libc/gen/nice.3 +++ b/lib/libc/gen/nice.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: nice.3,v 1.14 2003/06/02 20:18:34 millert Exp $ +.\" $OpenBSD: nice.3,v 1.15 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1980, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -84,5 +84,5 @@ has the same failure conditions as .Sh HISTORY A .Fn nice -syscall appeared in +system call appeared in .At v6 . diff --git a/lib/libc/gen/pause.3 b/lib/libc/gen/pause.3 index 2f00238b298..736347e9dbb 100644 --- a/lib/libc/gen/pause.3 +++ b/lib/libc/gen/pause.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: pause.3,v 1.9 2003/06/02 20:18:34 millert Exp $ +.\" $OpenBSD: pause.3,v 1.10 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1980, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -76,5 +76,5 @@ The call was interrupted. .Sh HISTORY A .Fn pause -syscall appeared in +system call appeared in .At v6 . diff --git a/lib/libc/gen/popen.3 b/lib/libc/gen/popen.3 index 1215be9d0c1..cc4c6b419f6 100644 --- a/lib/libc/gen/popen.3 +++ b/lib/libc/gen/popen.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: popen.3,v 1.13 2005/02/25 03:12:43 cloder Exp $ +.\" $OpenBSD: popen.3,v 1.14 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -79,7 +79,7 @@ stream in all respects except that it must be closed with .Fn pclose rather than -.Fn fclose . +.Xr fclose 3 . Writing to such a stream writes to the standard input of the command; the command's standard output is the same as that of the process that called @@ -91,9 +91,9 @@ stream reads the command's standard output, and the command's standard input is the same as that of the process that called .Fn popen . .Pp -Note that output +Note that .Fn popen -streams are fully buffered by default. +output streams are fully buffered by default. .Pp The .Fn pclose @@ -161,12 +161,12 @@ before .Fn popen . .Pp Failure to execute the shell is indistinguishable from the shell's -failure to execute command, or an immediate exit of the command. +failure to execute +.Fa command , +or an immediate exit of the command. The only hint is an exit status of 127. .Pp The .Fn popen argument always calls -.Xr sh 1 ; -it never calls -.Xr csh 1 . +.Xr sh 1 . diff --git a/lib/libc/gen/psignal.3 b/lib/libc/gen/psignal.3 index 13ec71eb6b7..24d029d30ab 100644 --- a/lib/libc/gen/psignal.3 +++ b/lib/libc/gen/psignal.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: psignal.3,v 1.9 2003/06/02 20:18:34 millert Exp $ +.\" $OpenBSD: psignal.3,v 1.10 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1983, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -57,7 +57,9 @@ it is written to the standard error file descriptor prior to the message string, immediately followed by a colon and a space. If the signal number is not recognized -.Pq Xr sigaction 2 , +(see +.Xr sigaction 2 +for a list), the string .Dq Unknown signal is produced. @@ -69,7 +71,7 @@ The external array .Va sys_signame is used similarly and contains short, upper-case abbreviations for signals which are useful for recognizing signal names in user input. -The defined variable +The defined value .Dv NSIG contains a count of the strings in .Va sys_siglist diff --git a/lib/libc/gen/pw_dup.3 b/lib/libc/gen/pw_dup.3 index 562568ecd06..bc9f97002ac 100644 --- a/lib/libc/gen/pw_dup.3 +++ b/lib/libc/gen/pw_dup.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: pw_dup.3,v 1.5 2003/06/17 21:56:23 millert Exp $ +.\" $OpenBSD: pw_dup.3,v 1.6 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 2000 Todd C. Miller <Todd.Miller@courtesan.com> .\" @@ -35,13 +35,13 @@ This is useful as subsequent calls to .Fn getpwnam , and .Fn getpwuid -will overwrite the data from previous calls. +will overwrite the data they returned from previous calls. .Pp The returned pointer may be deallocated by a single call to .Xr free 3 . Since .Fn pw_dup -allocates space for the copy in one chunk it is not necessary to free +allocates space for the copy in one chunk, it is not necessary to free the individual strings contained in the returned struct passwd. .Pp If insufficient memory is available, diff --git a/lib/libc/gen/raise.3 b/lib/libc/gen/raise.3 index fb6cc007a63..1afc69571c3 100644 --- a/lib/libc/gen/raise.3 +++ b/lib/libc/gen/raise.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: raise.3,v 1.6 2003/06/02 20:18:34 millert Exp $ +.\" $OpenBSD: raise.3,v 1.7 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1990, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -63,6 +63,7 @@ library functions and .Xr kill 2 . .Sh SEE ALSO +.Xr getpid 2 , .Xr kill 2 .Sh STANDARDS The diff --git a/lib/libc/gen/readpassphrase.3 b/lib/libc/gen/readpassphrase.3 index f078d0abdfb..18e5c8fa01d 100644 --- a/lib/libc/gen/readpassphrase.3 +++ b/lib/libc/gen/readpassphrase.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: readpassphrase.3,v 1.15 2005/02/25 03:12:43 cloder Exp $ +.\" $OpenBSD: readpassphrase.3,v 1.16 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 2000, 2002 Todd C. Miller <Todd.Miller@courtesan.com> .\" @@ -109,7 +109,9 @@ argument was zero. .It Bq Er EIO The process is a member of a background process attempting to read from its controlling terminal, the process is ignoring or blocking -the SIGTTIN signal or the process group is orphaned. +the +.Dv SIGTTIN +signal, or the process group is orphaned. .It Bq Er EMFILE The process has already reached its limit for open file descriptors. .It Bq Er ENFILE @@ -123,29 +125,23 @@ flag was specified. .Fn readpassphrase will catch the following signals: .Bd -literal -offset indent -SIGALRM -SIGHUP -SIGINT -SIGPIPE -SIGQUIT -SIGTERM -SIGTSTP -SIGTTIN -SIGTTOU +SIGALRM SIGHUP SIGINT +SIGPIPE SIGQUIT SIGTERM +SIGTSTP SIGTTIN SIGTTOU .Ed .Pp When one of the above signals is intercepted, terminal echo will be restored if it had previously been turned off. If a signal handler was installed for the signal when .Fn readpassphrase -was called that handler is then executed. +was called, that handler is then executed. If no handler was previously installed for the signal then the default action is taken as per .Xr sigaction 2 . .Pp The .Dv SIGTSTP , -.Dv SIGTTIN +.Dv SIGTTIN , and .Dv SIGTTOU signals (stop signals generated from keyboard or due to terminal I/O diff --git a/lib/libc/gen/setjmp.3 b/lib/libc/gen/setjmp.3 index f0c20de7bd7..56169eb4546 100644 --- a/lib/libc/gen/setjmp.3 +++ b/lib/libc/gen/setjmp.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: setjmp.3,v 1.20 2004/03/02 19:11:38 millert Exp $ +.\" $OpenBSD: setjmp.3,v 1.21 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1990, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -111,7 +111,7 @@ routines may not be called after the routine which called the .Fn setjmp routines returns. .Pp -All accessible objects have values as of the time +All accessible objects have values as of the time the .Fn longjmp routine was called, except that the values of objects of automatic storage invocation duration that do not have the @@ -124,7 +124,7 @@ call are indeterminate. .Pp The .Fn setjmp Ns / Ns Fn longjmp -function pairs save and restore the signal mask while +function pairs save and restore the signal mask while the .Fn _setjmp Ns / Ns Fn _longjmp function pairs save and restore only the register set and the stack (see .Xr sigmask 3 ) . diff --git a/lib/libc/gen/setproctitle.3 b/lib/libc/gen/setproctitle.3 index e5f0d24498e..14486e26335 100644 --- a/lib/libc/gen/setproctitle.3 +++ b/lib/libc/gen/setproctitle.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: setproctitle.3,v 1.14 2001/02/17 17:15:23 pjanzen Exp $ +.\" $OpenBSD: setproctitle.3,v 1.15 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1994, 1995 Christopher G. Demetriou .\" All rights reserved. @@ -77,9 +77,9 @@ function first appeared in It is important never to pass a string with user-supplied data as a format without using .Ql %s . -An attacker can put format specifiers in the string to mangle your stack, +An attacker can put format specifiers in the string to mangle the stack, leading to a possible security hole. -This holds true even if you have built the string +This holds true even if the string has been built .Dq by hand using a function like .Fn snprintf , diff --git a/lib/libc/gen/signal.3 b/lib/libc/gen/signal.3 index c7976dd357b..b9c9bcbb36f 100644 --- a/lib/libc/gen/signal.3 +++ b/lib/libc/gen/signal.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: signal.3,v 1.30 2004/12/30 00:57:07 jmc Exp $ +.\" $OpenBSD: signal.3,v 1.31 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1980, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -38,9 +38,9 @@ .\" The following is Quite Ugly, but syntactically correct. .\" Don't try to fix it. .Ft void -.Fn \*(lp*signal "int sigcatch" "void \*(lp*func\*(rp\*(lpint sigraised\*(rp\*(rp\*(rp \*(lpint" +.Fn \*(lp*signal "int sigcatch" "void \*(lp*func\*(rp\*(lpint sigraised\*(rp\*(rp\*(rp\*(lpint" .Ft void -.Fn \*(lp*bsd_signal "int sigcatch" "void \*(lp*func\*(rp\*(lpint sigraised\*(rp\*(rp\*(rp \*(lpint" +.Fn \*(lp*bsd_signal "int sigcatch" "void \*(lp*func\*(rp\*(lpint sigraised\*(rp\*(rp\*(rp\*(lpint" .Sh DESCRIPTION The .Fn signal @@ -95,7 +95,7 @@ function allows for any signal to be caught, to be ignored, or to generate an interrupt. These signals are defined in the file .Aq Pa signal.h : -.Bl -column SIGVTALARMXX "create core imagexxx" +.Bl -column SIGVTALA "create core imag" .It Sy "Name Default Action Description" .It Dv SIGHUP No " terminate process" " terminal line hangup" .It Dv SIGINT No " terminate process" " interrupt program" @@ -237,7 +237,7 @@ function; ignored signals remain ignored. .Pp The following functions are either reentrant or not interruptible -by signals and are async-signal safe. +by signals and are asyncronous-signal safe. Therefore applications may invoke them, without restriction, from signal-catching functions: .Pp @@ -378,14 +378,14 @@ struct is initialized as a local variable. .Sh RETURN VALUES The previous action is returned on a successful call. Otherwise, -.Fa SIG_ERR +.Dv SIG_ERR is returned and the global variable .Va errno is set to indicate the error. .Sh ERRORS .Fn signal will fail and no action will take place if one of the -following occur: +following occurs: .Bl -tag -width Er .It Bq Er EINVAL A specified signal diff --git a/lib/libc/gen/sigsetops.3 b/lib/libc/gen/sigsetops.3 index 586a2fd375b..701ceee82a4 100644 --- a/lib/libc/gen/sigsetops.3 +++ b/lib/libc/gen/sigsetops.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sigsetops.3,v 1.8 2004/12/17 10:18:03 jmc Exp $ +.\" $OpenBSD: sigsetops.3,v 1.9 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1983, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -91,8 +91,7 @@ is contained in the signal set. The .Fn sigismember function returns 1 -if the signal is a member of the set, -a 0 otherwise. +if the signal is a member of the set and 0 otherwise. The other functions return 0 upon success. A \-1 return value indicates an error occurred and the global variable diff --git a/lib/libc/gen/strtofflags.3 b/lib/libc/gen/strtofflags.3 index 2d9e0623419..f0ddf973378 100644 --- a/lib/libc/gen/strtofflags.3 +++ b/lib/libc/gen/strtofflags.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: strtofflags.3,v 1.4 2003/06/02 20:18:35 millert Exp $ +.\" $OpenBSD: strtofflags.3,v 1.5 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1989, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -48,7 +48,7 @@ The .Fn fflagstostr function returns a comma separated string of the file flags represented by .Fa flags . -If no flags are set a zero length string is returned. +If no flags are set, a zero length string is returned. .Pp If memory cannot be allocated for the return value, .Fn fflagstostr @@ -58,9 +58,9 @@ returns The value returned from .Fn fflagstostr is obtained from -.Fn malloc +.Xr malloc 3 and should be returned to the system with -.Fn free +.Xr free 3 when the program is done with it. .Pp The diff --git a/lib/libc/gen/sysconf.3 b/lib/libc/gen/sysconf.3 index acd47fa90da..008f8f80e4c 100644 --- a/lib/libc/gen/sysconf.3 +++ b/lib/libc/gen/sysconf.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sysconf.3,v 1.19 2004/06/03 17:09:12 espie Exp $ +.\" $OpenBSD: sysconf.3,v 1.20 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1993 .\" The Regents of the University of California. All rights reserved. @@ -102,7 +102,7 @@ The maximum number of weights that can be assigned to any entry of the LC_COLLATE order keyword in the locale definition file. .It Li _SC_EXPR_NEST_MAX The maximum number of expressions that can be nested within -parenthesis by the +parentheses by the .Xr expr 1 utility. .It Li _SC_LINE_MAX @@ -146,7 +146,7 @@ Return 1 if the system supports the Shared Memory Option, otherwise \-1. The maximum number of semaphores in the system or \-1 if the system does not support the Semaphores Option. .It Li _SC_SEM_VALUE_MAX -The maximum value a semaphores may have or \-1 if the system +The maximum value a semaphore may have or \-1 if the system does not support the Semaphores Option. .El .Sh RETURN VALUES @@ -165,7 +165,7 @@ The .Fn sysconf function may fail and set .Va errno -for any of the errors specified for the library functions +for any of the errors specified for the library function .Xr sysctl 3 . In addition, the following error may be reported: .Bl -tag -width Er diff --git a/lib/libc/gen/sysctl.3 b/lib/libc/gen/sysctl.3 index c7a0939d5e3..2e9d584e285 100644 --- a/lib/libc/gen/sysctl.3 +++ b/lib/libc/gen/sysctl.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sysctl.3,v 1.143 2005/07/22 03:00:57 jaredy Exp $ +.\" $OpenBSD: sysctl.3,v 1.144 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1993 .\" The Regents of the University of California. All rights reserved. @@ -310,7 +310,7 @@ The number of CPUs. .It Dv HW_PAGESIZE The software page size. .It Dv HW_PHYSMEM -The bytes of physical memory. +The total physical memory, in bytes. .It Dv HW_SENSORS An array of .Li struct sensor @@ -319,7 +319,7 @@ structures containing information from the hardware monitoring sensors. Current CPU performance .Pq percentage . .It Dv HW_USERMEM -The bytes of non-kernel memory. +The amount of available non-kernel memory in bytes. .El .Ss CTL_KERN The string and integer information available for the @@ -402,11 +402,11 @@ information. .El .Bl -tag -width "123456" .It Dv KERN_ARGMAX -The maximum bytes of argument to +The maximum number of bytes allowed among the arguments to .Xr exec 3 . .It Dv KERN_ARND Returns a random integer from the kernel -.Fn arc4random +.Xr arc4random 9 function. This can be useful if .Pa /dev/arandom @@ -635,7 +635,9 @@ The fourth level name is one of: .Dv KERN_PROC_NARGV and .Dv KERN_PROC_NENV -return the number of elements in the argv or env array. +return the number of elements as an +.Vt int +in the argv or env array. .Dv KERN_PROC_ARGV returns the argv array and .Dv KERN_PROC_ENV @@ -648,7 +650,7 @@ attempts to retrieve any of the values will fail with .Er EOPNOTSUPP . The third level names for the string and integer profiling information -is detailed below. +are detailed below. The changeable column shows whether a process with appropriate privileges may change the value. .Bl -column "GPROFXGMONPARAMXXX" "struct gmonparamXXX" -offset indent @@ -850,7 +852,7 @@ system, otherwise 0. Returns 1 if System V style semaphore functionality is available on this system, otherwise 0. .It Dv KERN_SYSVSHM -Returns 1 if System V style share memory functionality is available on this +Returns 1 if System V style shared memory functionality is available on this system, otherwise 0. .It Dv KERN_TIMECOUNTER Return statistics information about the kernel time counter. @@ -931,7 +933,8 @@ Permits userland to use .Pa /dev/crypto for cryptographic support for asymmetric (public) key operations via hardware cryptographic devices. -kern.usercrypto must also be set. +.Dv KERN_USERCRYPTO +(see below) must also be set. .It Dv KERN_USERCRYPTO Permits userland to use .Pa /dev/crypto @@ -950,10 +953,11 @@ the system. The returned data consists of an array whose size depends on the current number of such objects in the system. Each element of the array contains the kernel address of a vnode -.Li struct vnode * +.Pq Li struct vnode * followed by the vnode itself -.Li struct vnode . +.Pq Li struct vnode . .It Dv KERN_WATCHDOG +Return information on hardware watchdog timers. If the kernel does not support a hardware watchdog timer, attempts to retrieve or set any of the .Dv KERN_WATCHDOG @@ -996,6 +1000,7 @@ privileges may change the value. .It Dv PF_ROUTE No " routing messages no" .It Dv PF_INET No " IPv4 values yes" .It Dv PF_INET6 No " IPv6 values yes" +.It Dv PF_KEY No " key management yes" .El .Bl -tag -width "123456" .It Dv PF_ROUTE @@ -1099,7 +1104,7 @@ The currently defined protocols and names are: The variables are as follows: .Bl -tag -width "123456" .It Li ah.enable -If set to 1, enable Authentication Header +If set to 1, enable the Authentication Header .Pq AH IPsec protocol. Enabled by default. @@ -1107,18 +1112,23 @@ See .Xr ipsec 4 for more information. .It Li bpf.bufsize -The initial size of BPF buffers. +The initial size of +.Xr bpf 4 +buffers. .It Li bpf.maxbufsize -The maximum size a user may request a BPF buffer to be. +The maximum size a user may request a +.Xr bpf 4 +buffer to be. .It Li carp.allow If set to 0, incoming -.Tn CARP +.Xr carp 4 packets will not be processed. If set to any other value, processing will occur. Enabled by default. .It Li carp.arpbalance -If set to any value other than 0, the ARP balancing functionality in carp is -enabled. +If set to any value other than 0, the ARP balancing functionality of +.Xr carp 4 +is enabled. When ARP requests are received for an IP address which is part of any virtual host, carp will hash the source IP in the ARP request to select one of the virtual hosts from the set of all the virtual hosts which have that IP address. @@ -1138,7 +1148,7 @@ If set to any other value, carp will become master of the virtual host if it believes it can send advertisements more frequently than the current master. Disabled by default. .It Li esp.enable -If set to 1, enable Encapsulating Security Payload +If set to 1, enable the Encapsulating Security Payload .Pq ESP IPsec protocol. Enabled by default. @@ -1172,7 +1182,7 @@ and is thus not advised. .It Li icmp.errppslimit This variable specifies the maximum number of outgoing ICMP error messages per second. -ICMP error messages that exceeded the value are subject to rate limitation +ICMP error messages exceeding this value are subject to rate limitation and will not go out from the node. A negative value disables rate limitation. .It Li icmp.maskrepl @@ -1185,7 +1195,7 @@ Note that routers will never accept ICMP redirect packets, and the variable is meaningful on IP hosts only. .It Li icmp.redirtimeout This variable specifies the lifetime of routing entries generated by incoming -ICMP redirect. +ICMP redirects. The default timeout is 10 minutes. .It Li icmp.tstamprepl If set to 1, reply to ICMP timestamp requests. @@ -1262,8 +1272,8 @@ If set to any other value, it is left to the key management daemons to select an encryption algorithm for the security association. The default value is aes. .It Li ip.ipsec-expire-acquire -How long should the kernel allow key management to dynamically acquire -security associations, before re-sending a request. +How long the kernel should allow key management to dynamically acquire +security associations before re-sending a request. The default value is 30 seconds. .It Li ip.ipsec-firstuse The number of seconds after a security association is first used before @@ -1393,9 +1403,9 @@ If set to 0, incoming MobileIP encapsulated packets (RFC 2004) will not be processed. If set to any other value, processing will occur. .It Li tcp.ackonpush -Returns 1 if tcp segments with the +Returns 1 if TCP segments with the .Dv TH_PUSH -set are being acknowledged immediately, otherwise 0. +flag set are being acknowledged immediately, otherwise 0. .It Li tcp.baddynamic An array of .Li in_port_t @@ -1407,16 +1417,19 @@ by the kernel (i.e., they must be bound specifically by port number). .It Li tcp.ecn Returns 1 if Explicit Congestion Notifications for TCP are enabled. .It Li tcp.ident -A structure +A .Li struct tcp_ident_mapping specifying a local and foreign endpoint of a .Tn TCP -socket is filled in with the euid and ruid of the process that owns the socket. -If no such socket exists, then the euid and ruid values are both set to \-1. +socket is filled in with the effective and real UIDs of the process that +owns the socket. +If no such socket exists, then the effective and real UID values are +both set to \-1. .It Li tcp.keepidle If the socket option -.Pa SO_KEEPALIVE -has been set, time a connection needs to be idle before keepalives are sent. +.Dv SO_KEEPALIVE +has been set on a socket, then this value specifies how much time a +connection needs to be idle before keepalives are sent. See also tcp.slowhz. .It Li tcp.keepinittime Unused. @@ -1446,7 +1459,7 @@ Initial Window is increased, as specified in RFC 3390. .It Li tcp.rstppslimit This variable specifies the maximum number of outgoing TCP RST packets per second. -TCP RST packets that exceeded the value are subject to rate limitation +TCP RST packets exceeding this value are subject to rate limitation and will not go out from the node. A negative value disables rate limitation. .It Li tcp.sack @@ -1461,9 +1474,9 @@ of a clock that ticks tcp.slowhz times per second. (That is, their values must be divided by the tcp.slowhz value to get times in seconds.) .It Li tcp.synbucketlimit -The maximum number of entries allowed per hash bucket in the TCP syn cache. +The maximum number of entries allowed per hash bucket in the TCP SYN cache. .It Li tcp.syncachelimit -The maximum number of entries allowed in the TCP syn cache. +The maximum number of entries allowed in the TCP SYN cache. .It Li udp.baddynamic Analogous to .Li tcp.baddynamic @@ -1531,24 +1544,24 @@ The variables are as follows: .It Li icmp6.errppslimit This variable specifies the maximum number of outgoing ICMPv6 error messages per second. -ICMPv6 error messages that exceeded the value are subject to rate limitation +ICMPv6 error messages exceeding this value are subject to rate limitation and will not go out from the node. A negative value will disable the rate limitation. .Pp .It Li icmp6.mtudisc_hiwat .It Li icmp6.mtudisc_lowat -These variables define the maximum number of routing table entries, +These variables define the maximum number of routing table entries created due to path MTU discovery .Pq preventing denial-of-service attacks with ICMPv6 too big messages . After IPv6 path MTU discovery happens, path MTU information is kept in the routing table. -If the number of routing table entries exceed the value, +If the number of routing table entries exceeds this value, the kernel will not attempt to keep the path MTU information. .Li icmp6.mtudisc_hiwat is used when we have verified ICMPv6 too big messages. .Li icmp6.mtudisc_lowat is used when we have unverified ICMPv6 too big messages. -Verification is performed by using address/port pairs kept in connected pcbs. +Verification is performed by using address/port pairs kept in connected PCBs. A negative value disables the upper limit. .Pp .It Li icmp6.nd6_debug @@ -1628,7 +1641,7 @@ for the option to be meaningful (see .Pp .It Li ip6.auto_flowlabel On connected transport protocol packets, -fill IPv6 flowlabel field to help intermediate routers identify +fill the IPv6 flowlabel field to help intermediate routers identify packet flows. .Pp .It Li ip6.dad_count @@ -1708,7 +1721,7 @@ This variable specifies the interval between IPv6 router renumbering prefix babysitting in seconds. .Pp .It Li ip6.use_deprecated -This variable controls use of deprecated addresses, specified in +This variable controls the use of deprecated addresses, specified in RFC 2462 5.5.4. .Pp .It Li ip6.v6only @@ -1837,13 +1850,13 @@ The changeable column shows whether a process with appropriate privileges may change the value. .Bl -column "Second level nameXXXXXX" "struct loadavgXXX" -offset indent .It Sy Second level name Type Changeable -.It Dv VFS_GENERIC No " vm generic info no" +.It Dv VFS_GENERIC No " VM generic info no" .It Dv filesystem # No " filesystem info no" .El .Bl -tag -width "123456" .It Dv VFS_GENERIC This second level identifier requests generic information about the -vfs layer. +VFS layer. Within it, the following third level identifiers exist: .Bl -column "Third level nameXXXXXX" "struct loadavgXXX" -offset indent .It Sy Third level name Type Changeable @@ -1851,7 +1864,9 @@ Within it, the following third level identifiers exist: .It Dv VFS_MAXTYPENUM No " int no" .El .It filesystem # -After finding the filesystem dependent vfc_typenum using +After finding the filesystem dependent +.Va vfc_typenum +using .Dv VFS_GENERIC with .Dv VFS_CONF , @@ -1944,10 +1959,11 @@ The returned data consists of a .It Dv VM_NKMEMPAGES Number of pages in kmem_map. .It Dv VM_PSSTRINGS -Returns address of struct ps_strings. +Returns the address of the process +.Li struct ps_strings . The .Xr ps 1 -program uses it to locate argv and environment strings. +program uses it to locate the argument and environment strings. .It Dv VM_SWAPENCRYPT Contains statistics about swap encryption. The string and integer information available for the third level is diff --git a/lib/libc/gen/syslog.3 b/lib/libc/gen/syslog.3 index 22151f0a14c..b446dafaf60 100644 --- a/lib/libc/gen/syslog.3 +++ b/lib/libc/gen/syslog.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: syslog.3,v 1.24 2004/04/16 10:48:39 jmc Exp $ +.\" $OpenBSD: syslog.3,v 1.25 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1985, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -112,7 +112,9 @@ information. This parameter must be initialized before .Fn syslog_r is called. -The SYSLOG_DATA_INIT constant is used for this purpose. +The +.Dv SYSLOG_DATA_INIT +constant is used for this purpose. The .Fa syslog_data structure is composed of the following elements: @@ -221,7 +223,7 @@ This option must be used in programs that call .Xr chroot 2 where the new root does not have its own log socket. .It Dv LOG_PERROR -Write the message to standard error output as well to the system log. +Write the message to standard error output as well as to the system log. .It Dv LOG_PID Log the process ID with each message; useful for identifying instantiations of daemons. @@ -299,7 +301,7 @@ The .Fn closelog function can be used to close the log file. .Fn closelog_r -do the same thing but in a reentrant way and takes an additional +does the same thing but in a reentrant way and takes an additional pointer on a .Fa syslog_data structure. @@ -339,7 +341,7 @@ The .Fn openlog_r , .Fn syslog , .Fn syslog_r , -.Fn vsyslog +.Fn vsyslog , and .Fn vsyslog_r functions return no value. @@ -381,9 +383,9 @@ The reentrant functions appeared in It is important never to pass a string with user-supplied data as a format without using .Ql %s . -An attacker can put format specifiers in the string to mangle your stack, +An attacker can put format specifiers in the string to mangle the stack, leading to a possible security hole. -This holds true even if you have built the string +This holds true even if the string has been built .Dq by hand using a function like .Fn snprintf , @@ -398,7 +400,7 @@ syslog(priority, "%s", string); .Pp .Fn syslog_r and the other reentrant functions should only be used where -reentrancy is required (for instance in a signal handler). +reentrancy is required (for instance, in a signal handler). .Fn syslog being not reentrant, only .Fn syslog_r diff --git a/lib/libc/gen/time.3 b/lib/libc/gen/time.3 index 96c450a037a..5adeaa22b8f 100644 --- a/lib/libc/gen/time.3 +++ b/lib/libc/gen/time.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: time.3,v 1.10 2003/06/02 20:18:35 millert Exp $ +.\" $OpenBSD: time.3,v 1.11 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1989, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -79,8 +79,8 @@ function appeared in .At v2 and used to return time in sixtieths of a second in 32 bits, which was to guarantee a crisis every 2.26 years. -Since the -.At v6 +Since +.At v6 , .Fn time -scale was changed to seconds extending the pre-crisis stagnation +scale was changed to seconds, extending the pre-crisis stagnation period up to a total of 68 years. diff --git a/lib/libc/gen/times.3 b/lib/libc/gen/times.3 index cad3b9090af..de34f61c1af 100644 --- a/lib/libc/gen/times.3 +++ b/lib/libc/gen/times.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: times.3,v 1.10 2003/06/02 20:18:35 millert Exp $ +.\" $OpenBSD: times.3,v 1.11 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1990, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -81,17 +81,17 @@ The time charged for execution by the system on behalf of the process. .It Fa tms_cutime -The sum of the -.Fa tms_utime Ns 's +The sum of +.Fa tms_utime and -.Fa tms_cutime Ns 's -of the child processes. +.Fa tms_cutime +for all of the child processes. .It Fa tms_cstime -The sum of the -.Fa tms_stime Ns s +The sum of +.Fa tms_stime and -.Fa tms_cstime Ns s -of the child processes. +.Fa tms_cstime +for all of the child processes. .El .Pp All times are in @@ -108,7 +108,7 @@ functions returns the process ID of the terminated child to the parent. If an error occurs, .Fn times returns the value -.Pq Em clock_t No - 1 , +.Li "(clock_t)-1" , and sets .Va errno to indicate the error. diff --git a/lib/libc/gen/unvis.3 b/lib/libc/gen/unvis.3 index de4fcff41d2..11a6b5eee5d 100644 --- a/lib/libc/gen/unvis.3 +++ b/lib/libc/gen/unvis.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: unvis.3,v 1.14 2004/10/17 20:25:31 otto Exp $ +.\" $OpenBSD: unvis.3,v 1.15 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1989, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -141,7 +141,9 @@ The decoder is placed into the starting state. .Pp When all bytes in the stream have been processed, call .Fn unvis -one more time with flag set to +one more time with +.Fa flag +set to .Dv UNVIS_END to extract any remaining character (the character passed in is ignored). .Pp @@ -152,7 +154,7 @@ the trailing NUL byte) or \-1 if an error occurred. .Pp The .Fn strnunvis -function returns the number of bytes (not counting the trailing NUL byte), +function returns the number of bytes (not counting the trailing NUL byte) that would be needed to fully convert the input string, or \-1 if an error occurred. .Sh EXAMPLES diff --git a/lib/libc/gen/usleep.3 b/lib/libc/gen/usleep.3 index dee027e3374..4b59f99a4c0 100644 --- a/lib/libc/gen/usleep.3 +++ b/lib/libc/gen/usleep.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: usleep.3,v 1.14 2003/06/02 20:18:35 millert Exp $ +.\" $OpenBSD: usleep.3,v 1.15 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1986, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -80,7 +80,7 @@ to the corresponding value. .Fn usleep was interrupted by the delivery of a signal. .It Bq Er EINVAL -.Fa useconds +.Fa microseconds specified a value of 1,000,000 or more microseconds. .El .Sh NOTES diff --git a/lib/libc/gen/utime.3 b/lib/libc/gen/utime.3 index 3b16ec812a1..35ad9b6f254 100644 --- a/lib/libc/gen/utime.3 +++ b/lib/libc/gen/utime.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: utime.3,v 1.16 2003/06/02 20:18:35 millert Exp $ +.\" $OpenBSD: utime.3,v 1.17 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1980, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -58,9 +58,7 @@ write the file. .Pp If .Fa timep -is non-null -.Fa time -is assumed to be a pointer to a +is non-null, it specifies a pointer to a .Li utimbuf structure, as defined in .Aq Pa utime.h : @@ -96,12 +94,13 @@ will fail if: .It Bq Er EACCES Search permission is denied for a component of the path prefix; or the -.Fa times +.Fa timep argument is .Dv NULL and the effective user ID of the process does not -match the owner of the file, and is not the superuser, and write -access is denied. +match the owner of the file, the effective user ID is not that of the +superuser, +and write access is denied. .It Bq Er EFAULT .Fa file or diff --git a/lib/libc/gen/valloc.3 b/lib/libc/gen/valloc.3 index 4ff8e3f7ddd..df8d8c84128 100644 --- a/lib/libc/gen/valloc.3 +++ b/lib/libc/gen/valloc.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: valloc.3,v 1.10 2003/06/02 20:18:35 millert Exp $ +.\" $OpenBSD: valloc.3,v 1.11 2005/07/22 03:16:58 jaredy Exp $ .\" .\" Copyright (c) 1980, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -61,6 +61,8 @@ The function returns a pointer to the allocated space if successful; otherwise a null pointer is returned. +.Sh SEE ALSO +.Xr malloc 3 .Sh HISTORY The .Fn valloc |