summaryrefslogtreecommitdiff
path: root/sbin
AgeCommit message (Collapse)Author
2016-11-18Make the ifconfig switch0 output nicer using a single line and theReyk Floeter
same keys as the actual commands (datapath, maxgroup, flowmax). flowmax should eventually renamed to maxflow for consistency. OK rzalamena@
2016-11-10The simple UTF-16 decode routine stopped too early due to wrong calculationGerhard Roth
of the output buffer size. Thus elements like subscriber-id, ICC-id, IMEI were shown truncated. Some modules report a phone number that already has the '+' prefix. Don't add another one when printing it. Patch from Bryan Vyhmeister ok otto
2016-11-08- Declare usage() as __dead void (remaining prototypes are not declared asRicardo Mestre
static, so keep it that way for consistency) - s/usage(1)/usage() and inside call exit(1) explicitly since all usage() calls always use that value (also update comment to reflect this change) - Remove main() prototype - s/exit/return in main() to enable SSP Feedback from jca@ and tb@ and OK from both (with their remarks in)
2016-10-26in florian;s last commit i urged him to change "twenty-four" toJason McIntyre
"twenty four", arguing, i think, that the internet is wrong; well seemingly i'm wrong, and you should hyphenate numbers when spelled out - who'd have thought it. apologies to florian and the diff submitter (and the internet); still, what i should have advised, and what i've done here, is use "24", which is much simpler, fits the surrounding text, and agrees with oed style advice;
2016-10-26When using a /32 IPv4 interface address, pfctl(8) reports a 0.0.0.0Alexander Bluhm
as broadcast address. The kernel does not consider this a broadcast address and ifconfig(8) has a check to exclude it. Use the same check in pfctl(8). Found by regress/sbin/pfctl pfi2; OK mikeb@
2016-10-26Due to 64 bit seconds + 64 bit nano seconds resolution and theFlorian Obser
addition of a MAC we need at least 24 bytes packet size these days to show timing information. Pointed out by Tamas Horvath, thanks! OK jmc
2016-10-20Only drop to _ping user if invoked as root. If invoked as anFlorian Obser
unprivileged user just shed the setuid privs as previously. sthen@ pointed out that you cannot kill(2) your own ping. With this we rely on pledge(2) for unprivileged users. OK sthen@, deraadt@ is happy with the middle ground
2016-10-20delete useless call to setlocale(3);Ingo Schwarze
patch from Jan Stary <hans at stare dot cz>; OK millert@ natano@
2016-10-20optarg is declared in unistd.h and usage is __dead. From Jan Stary.Theo Buehler
ok natano
2016-10-18Rewrite the kern.malloc.kmemstat in the same style as previous. This one doesOtto Moerbeek
not overflow because the initial count includes empty slots; ok tb@
2016-10-17Use strtoull() to read the datapath id and expect "datapath" instead ofRafael Zalamena
"datapathid" as stated by the man page. ok reyk@
2016-10-15add kern.dnsjackport;Jason McIntyre
2016-10-12copy updated log.c from vmd: for correctness, save errno when doingReyk Floeter
additional actions before printing it. OK rzalamena@
2016-10-11Enable the noperm option for mount_mfs. mfs is ffs in sheeps clothing,Martin Natano
so we basically get this for free. requested by espie ok deraadt
2016-10-10Rename BIOS parameter block field from bsPBP to bsBPB. This typoAlexander Bluhm
has been fixed in FreeBSD in 2002. No binary change. From Alexander von Gernler; OK krw@
2016-10-09fix heap overflow by rewriting loop; detected by new malloc canariesOtto Moerbeek
ok krw@ beck@
2016-10-08add missing AUTHORS; OK sobrado@, also checked by Sevan JaniyanIngo Schwarze
2016-10-06On noperm mount points honor the permissions of the root directory, soMartin Natano
access can be locked down. ok deraadt tb
2016-10-06Add support for RFC 6842, which says the client MUST drop packets whenKenneth R Westerback
the server provides a client-identifier value and it doesn't match the value the client sent. So stop suppressing client-identifer info in the leases file and when reading the leases file stop discarding leases that don't have current client-identifier info. Don't use them, but keep them around in case the client-identifier info changes back next time. Also construct the default client-identifier (if needed) before reading the leases file.
2016-10-06typoChristian Weisgerber
2016-10-06fix HISTORY:Ingo Schwarze
NetBSD 1.0A was not a release, but it was what would be called NetBSD 1.0-current in OpenBSD terminology, see http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/conf/newvers.sh#rev1.17 patch from Sevan Janiyan <venture37 at geeklan dot co dot uk>
2016-10-06init auto-partition table to zeroes; ok tb@Otto Moerbeek
2016-10-06fix HISTORY;Ingo Schwarze
patches from Sevan Janiyan <venture37 at geeklan dot co dot uk>; verified using minnie.tuhs.org/cgi-bin/utree.pl
2016-10-06fix HISTORY;Ingo Schwarze
patch from Sevan Janiyan <venture37 at geeklan dot co dot uk>; verified using Kusick's UCB CSRG archive CDs
2016-10-04Improve description of the noperm option.Martin Natano
ok jmc (on an earlier version of the diff), tb (who found a typo) and deraadt
2016-10-03Those while loops look better written as for loopsJeremie Courreges-Anglas
ok kettenis@
2016-09-30Zap stray whitespace.Kenneth R Westerback
2016-09-30Use WSKBDIO_GETENCODINGS ioctl to generate a list of supported keyboardMark Kettenis
encodings. Restores functionality lost when removing the kvm groveling code. ok deraadt@, jca@
2016-09-29Don't record non-existant client identifier in lease file.Kenneth R Westerback
2016-09-29'ifname' --> 'ifi->name' so DEBUG compiles again.Kenneth R Westerback
2016-09-28document kern.allowkmem; ok deraadtJason McIntyre
2016-09-28Always do the setgroups, setresgid and setresuid even if if theFlorian Obser
unprivileged user is not present instead of erroring out. This lets ping and traceroute work in restricted enviornments like the bgplg chroot. Problem reported by sthen@ input & prodding deraadt@
2016-09-27remove more kvm codeTheo de Raadt
2016-09-27Reintroduce rdaemon() - working properly this timeJeremie Courreges-Anglas
Thanks Ken for fixing my initial implementation. ok krw@
2016-09-26Remove kvm groveling code. To restore the lost functionality we need toMark Kettenis
implement something like a WSKBDIO_GETENCODINGS ioctl that fetches a list of possible encodings for the specified keyboard from the kernel. Until that happens, kbd -l will simple show the same harcoded list of possible encodings as the installer does. Prompted by deraadt@
2016-09-26Pass the flags argument of recvfromto down to the underlying recvmsgJeremie Courreges-Anglas
Doesn't matter in iked as recvfromto is only called with flags = 0, but this code tends to be copied. ok sthen@ florian@
2016-09-26Drop privileges to newly added _ping user/group.Florian Obser
It does not buy us much when called as a unpriv user. But if run as root we can now lose privileges. OK natano@, deraadt@ is happy
2016-09-24print a BFD route message.Peter Hessler
protected with #ifdef BFD while we still figure out some of the mechanisms. OK mpi@
2016-09-23kern.arandom no longer existsTheo de Raadt
from rob pierce
2016-09-21Remove reference to zaurusFrederic Cambus
OK sthen@
2016-09-21Document auto rounds.Joel Sing
2016-09-21Add support for automatically selecting the number of rounds to use withJoel Sing
bcrypt pbkdf, based on system performance. This is based on the bcrypt autorounds code we have in libc. Discussed with djm@ and tedu@.
2016-09-21Be clearer with the description of bioctl(8)'s -r option.Joel Sing
ok jmc@
2016-09-21sysctl KERN_ARND is no longer used (in ports, it only occurs in fallbackTheo de Raadt
paths of libevent). This interface was the first generation of what eventually became getentropy(2) and arc4random(3) -- june 1997! Ports scan by sthen, general agreement guenther
2016-09-20whitespaceTheo de Raadt
2016-09-20various cleanup; ok florianJason McIntyre
2016-09-19Update for bcrypt pbkdf.Joel Sing
2016-09-19Switch softraid crypto from PKCS5 PBKDF2 to bcrypt PBKDF.Joel Sing
New volumes will be created with bcrypt PBKDF, however existing volumes will continue to use PKCS5 PBKDF2 until a passphrase change is made. If you're booting from softraid crypto, ensure that your boot loader has been upgraded to a version that supports bcrypt prior to changing your passphrase. Also be aware that once the passphrase has been changed, an older version of bioctl(8) (one that does not support bcrypt PBKDF) will not be able to "unlock" the volume. Partly based on a diff from djm@.
2016-09-19Only allow standard dot notation for IPv4 addresses.Florian Obser
We can get rid of inet_aton(3) and use the AF independent getaddrinfo(3). OK natano@, krw@, millert@, claudio@
2016-09-18unbreak IPv6 source selectionFlorian Obser