PERFORCE change 122831 for review
Matt Jacob
mjacob at FreeBSD.org
Wed Jul 4 04:22:24 UTC 2007
http://perforce.freebsd.org/chv.cgi?CH=122831
Change 122831 by mjacob at mjexp on 2007/07/04 04:21:48
IFC
Affected files ...
.. //depot/projects/mjexp/ObsoleteFiles.inc#20 integrate
.. //depot/projects/mjexp/UPDATING#19 integrate
.. //depot/projects/mjexp/bin/df/df.c#5 integrate
.. //depot/projects/mjexp/bin/ed/Makefile#2 integrate
.. //depot/projects/mjexp/bin/sh/var.c#3 integrate
.. //depot/projects/mjexp/contrib/netcat/netcat.c#3 integrate
.. //depot/projects/mjexp/contrib/pf/authpf/authpf.8#2 integrate
.. //depot/projects/mjexp/contrib/pf/authpf/authpf.c#2 integrate
.. //depot/projects/mjexp/contrib/pf/ftp-proxy/filter.c#1 branch
.. //depot/projects/mjexp/contrib/pf/ftp-proxy/filter.h#1 branch
.. //depot/projects/mjexp/contrib/pf/ftp-proxy/ftp-proxy.8#2 integrate
.. //depot/projects/mjexp/contrib/pf/ftp-proxy/ftp-proxy.c#2 integrate
.. //depot/projects/mjexp/contrib/pf/ftp-proxy/getline.c#2 delete
.. //depot/projects/mjexp/contrib/pf/ftp-proxy/util.c#2 delete
.. //depot/projects/mjexp/contrib/pf/ftp-proxy/util.h#2 delete
.. //depot/projects/mjexp/contrib/pf/libevent/buffer.c#1 branch
.. //depot/projects/mjexp/contrib/pf/libevent/evbuffer.c#1 branch
.. //depot/projects/mjexp/contrib/pf/libevent/event-internal.h#1 branch
.. //depot/projects/mjexp/contrib/pf/libevent/event.c#1 branch
.. //depot/projects/mjexp/contrib/pf/libevent/event.h#1 branch
.. //depot/projects/mjexp/contrib/pf/libevent/evsignal.h#1 branch
.. //depot/projects/mjexp/contrib/pf/libevent/kqueue.c#1 branch
.. //depot/projects/mjexp/contrib/pf/libevent/log.c#1 branch
.. //depot/projects/mjexp/contrib/pf/libevent/log.h#1 branch
.. //depot/projects/mjexp/contrib/pf/libevent/poll.c#1 branch
.. //depot/projects/mjexp/contrib/pf/libevent/select.c#1 branch
.. //depot/projects/mjexp/contrib/pf/libevent/signal.c#1 branch
.. //depot/projects/mjexp/contrib/pf/man/pf.4#2 integrate
.. //depot/projects/mjexp/contrib/pf/man/pf.conf.5#5 integrate
.. //depot/projects/mjexp/contrib/pf/man/pf.os.5#2 integrate
.. //depot/projects/mjexp/contrib/pf/man/pflog.4#2 integrate
.. //depot/projects/mjexp/contrib/pf/man/pfsync.4#2 integrate
.. //depot/projects/mjexp/contrib/pf/pfctl/parse.y#2 integrate
.. //depot/projects/mjexp/contrib/pf/pfctl/pf_print_state.c#2 integrate
.. //depot/projects/mjexp/contrib/pf/pfctl/pfctl.8#2 integrate
.. //depot/projects/mjexp/contrib/pf/pfctl/pfctl.c#2 integrate
.. //depot/projects/mjexp/contrib/pf/pfctl/pfctl.h#2 integrate
.. //depot/projects/mjexp/contrib/pf/pfctl/pfctl_altq.c#3 integrate
.. //depot/projects/mjexp/contrib/pf/pfctl/pfctl_optimize.c#2 integrate
.. //depot/projects/mjexp/contrib/pf/pfctl/pfctl_osfp.c#2 integrate
.. //depot/projects/mjexp/contrib/pf/pfctl/pfctl_parser.c#2 integrate
.. //depot/projects/mjexp/contrib/pf/pfctl/pfctl_parser.h#2 integrate
.. //depot/projects/mjexp/contrib/pf/pfctl/pfctl_radix.c#2 integrate
.. //depot/projects/mjexp/contrib/pf/pfctl/pfctl_table.c#2 integrate
.. //depot/projects/mjexp/contrib/pf/pflogd/pflogd.8#2 integrate
.. //depot/projects/mjexp/contrib/pf/pflogd/pflogd.c#2 integrate
.. //depot/projects/mjexp/contrib/pf/pflogd/pflogd.h#2 integrate
.. //depot/projects/mjexp/contrib/pf/pflogd/privsep.c#2 integrate
.. //depot/projects/mjexp/contrib/pf/tftp-proxy/filter.c#1 branch
.. //depot/projects/mjexp/contrib/pf/tftp-proxy/filter.h#1 branch
.. //depot/projects/mjexp/contrib/pf/tftp-proxy/tftp-proxy.8#1 branch
.. //depot/projects/mjexp/contrib/pf/tftp-proxy/tftp-proxy.c#1 branch
.. //depot/projects/mjexp/contrib/telnet/telnet/externs.h#2 integrate
.. //depot/projects/mjexp/contrib/traceroute/traceroute.c#4 integrate
.. //depot/projects/mjexp/etc/mtree/BSD.include.dist#10 integrate
.. //depot/projects/mjexp/include/Makefile#9 integrate
.. //depot/projects/mjexp/include/stdlib.h#3 integrate
.. //depot/projects/mjexp/lib/libc/net/sctp_sys_calls.c#7 integrate
.. //depot/projects/mjexp/lib/libc/net/sourcefilter.c#2 integrate
.. //depot/projects/mjexp/lib/libc/stdlib/Makefile.inc#2 integrate
.. //depot/projects/mjexp/lib/libc/stdlib/getenv.3#5 integrate
.. //depot/projects/mjexp/lib/libc/stdlib/getenv.c#4 integrate
.. //depot/projects/mjexp/lib/libc/stdlib/putenv.c#4 delete
.. //depot/projects/mjexp/lib/libc/stdlib/setenv.c#4 delete
.. //depot/projects/mjexp/lib/libgssapi/gss_accept_sec_context.c#3 integrate
.. //depot/projects/mjexp/lib/libgssapi/gss_display_status.c#2 integrate
.. //depot/projects/mjexp/lib/libgssapi/gss_export_name.c#2 integrate
.. //depot/projects/mjexp/lib/libgssapi/gss_indicate_mechs.c#2 integrate
.. //depot/projects/mjexp/lib/libgssapi/gss_init_sec_context.c#4 integrate
.. //depot/projects/mjexp/lib/libipsec/Makefile#3 integrate
.. //depot/projects/mjexp/lib/libipsec/ipsec_dump_policy.c#2 integrate
.. //depot/projects/mjexp/lib/libipsec/ipsec_get_policylen.c#2 integrate
.. //depot/projects/mjexp/lib/libipsec/ipsec_set_policy.3#2 integrate
.. //depot/projects/mjexp/lib/libipsec/ipsec_strerror.3#2 integrate
.. //depot/projects/mjexp/lib/libipsec/ipsec_strerror.c#2 integrate
.. //depot/projects/mjexp/lib/libipsec/pfkey.c#2 integrate
.. //depot/projects/mjexp/lib/libipsec/pfkey_dump.c#3 integrate
.. //depot/projects/mjexp/lib/libipsec/policy_parse.y#2 integrate
.. //depot/projects/mjexp/lib/libipsec/policy_token.l#2 integrate
.. //depot/projects/mjexp/lib/libipsec/test-policy.c#2 integrate
.. //depot/projects/mjexp/libexec/Makefile#2 integrate
.. //depot/projects/mjexp/libexec/ftp-proxy/Makefile#2 delete
.. //depot/projects/mjexp/libexec/pppoed/pppoed.c#3 integrate
.. //depot/projects/mjexp/libexec/tftp-proxy/Makefile#1 branch
.. //depot/projects/mjexp/release/doc/en_US.ISO8859-1/hardware/article.sgml#3 integrate
.. //depot/projects/mjexp/release/doc/en_US.ISO8859-1/relnotes/article.sgml#20 integrate
.. //depot/projects/mjexp/release/doc/share/misc/dev.archlist.txt#7 integrate
.. //depot/projects/mjexp/release/i386/fixit_crunch.conf#3 integrate
.. //depot/projects/mjexp/sbin/dhclient/dhclient-script#4 integrate
.. //depot/projects/mjexp/sbin/pfctl/Makefile#2 integrate
.. //depot/projects/mjexp/sbin/ping/ping.c#3 integrate
.. //depot/projects/mjexp/sbin/ping6/Makefile#2 integrate
.. //depot/projects/mjexp/sbin/ping6/ping6.c#3 integrate
.. //depot/projects/mjexp/sbin/setkey/Makefile#2 integrate
.. //depot/projects/mjexp/sbin/setkey/parse.y#2 integrate
.. //depot/projects/mjexp/sbin/setkey/setkey.c#2 integrate
.. //depot/projects/mjexp/sbin/setkey/test-pfkey.c#2 integrate
.. //depot/projects/mjexp/sbin/setkey/test-policy.c#2 integrate
.. //depot/projects/mjexp/sbin/setkey/token.l#3 integrate
.. //depot/projects/mjexp/share/man/man4/Makefile#18 integrate
.. //depot/projects/mjexp/share/man/man4/ath.4#4 integrate
.. //depot/projects/mjexp/share/man/man4/ieee80211.4#2 integrate
.. //depot/projects/mjexp/share/man/man4/msk.4#3 integrate
.. //depot/projects/mjexp/share/man/man4/nxge.4#1 branch
.. //depot/projects/mjexp/share/man/man4/ucom.4#3 integrate
.. //depot/projects/mjexp/share/man/man4/uhid.4#3 integrate
.. //depot/projects/mjexp/share/man/man4/wi.4#3 integrate
.. //depot/projects/mjexp/share/man/man7/hier.7#9 integrate
.. //depot/projects/mjexp/share/man/man9/ieee80211_ioctl.9#3 integrate
.. //depot/projects/mjexp/share/misc/committers-ports.dot#9 integrate
.. //depot/projects/mjexp/share/mk/sys.mk#4 integrate
.. //depot/projects/mjexp/sys/Makefile#5 integrate
.. //depot/projects/mjexp/sys/amd64/amd64/pmap.c#15 integrate
.. //depot/projects/mjexp/sys/amd64/conf/GENERIC#14 integrate
.. //depot/projects/mjexp/sys/amd64/conf/NOTES#5 integrate
.. //depot/projects/mjexp/sys/cam/cam_xpt.c#15 integrate
.. //depot/projects/mjexp/sys/cam/scsi/scsi_da.c#16 integrate
.. //depot/projects/mjexp/sys/conf/NOTES#28 integrate
.. //depot/projects/mjexp/sys/conf/files#31 integrate
.. //depot/projects/mjexp/sys/conf/files.amd64#10 integrate
.. //depot/projects/mjexp/sys/conf/files.arm#5 integrate
.. //depot/projects/mjexp/sys/conf/files.i386#10 integrate
.. //depot/projects/mjexp/sys/conf/files.ia64#4 integrate
.. //depot/projects/mjexp/sys/conf/files.pc98#10 integrate
.. //depot/projects/mjexp/sys/conf/files.powerpc#6 integrate
.. //depot/projects/mjexp/sys/conf/files.sparc64#10 integrate
.. //depot/projects/mjexp/sys/conf/files.sun4v#6 integrate
.. //depot/projects/mjexp/sys/conf/options#24 integrate
.. //depot/projects/mjexp/sys/conf/options.amd64#2 integrate
.. //depot/projects/mjexp/sys/conf/options.i386#2 integrate
.. //depot/projects/mjexp/sys/conf/options.pc98#2 integrate
.. //depot/projects/mjexp/sys/contrib/altq/altq/altq_cbq.c#3 integrate
.. //depot/projects/mjexp/sys/contrib/altq/altq/altq_hfsc.c#3 integrate
.. //depot/projects/mjexp/sys/contrib/altq/altq/altq_priq.c#3 integrate
.. //depot/projects/mjexp/sys/contrib/altq/altq/altq_red.c#3 integrate
.. //depot/projects/mjexp/sys/contrib/pf/net/if_pflog.c#2 integrate
.. //depot/projects/mjexp/sys/contrib/pf/net/if_pflog.h#2 integrate
.. //depot/projects/mjexp/sys/contrib/pf/net/if_pfsync.c#6 integrate
.. //depot/projects/mjexp/sys/contrib/pf/net/if_pfsync.h#3 integrate
.. //depot/projects/mjexp/sys/contrib/pf/net/pf.c#5 integrate
.. //depot/projects/mjexp/sys/contrib/pf/net/pf_if.c#2 integrate
.. //depot/projects/mjexp/sys/contrib/pf/net/pf_ioctl.c#3 integrate
.. //depot/projects/mjexp/sys/contrib/pf/net/pf_mtag.h#1 branch
.. //depot/projects/mjexp/sys/contrib/pf/net/pf_norm.c#2 integrate
.. //depot/projects/mjexp/sys/contrib/pf/net/pf_osfp.c#2 integrate
.. //depot/projects/mjexp/sys/contrib/pf/net/pf_ruleset.c#1 branch
.. //depot/projects/mjexp/sys/contrib/pf/net/pf_subr.c#2 integrate
.. //depot/projects/mjexp/sys/contrib/pf/net/pf_table.c#2 integrate
.. //depot/projects/mjexp/sys/contrib/pf/net/pfvar.h#2 integrate
.. //depot/projects/mjexp/sys/crypto/via/padlock.c#3 integrate
.. //depot/projects/mjexp/sys/dev/acpica/acpi.c#10 integrate
.. //depot/projects/mjexp/sys/dev/ipw/if_ipw.c#6 integrate
.. //depot/projects/mjexp/sys/dev/isp/isp.c#26 integrate
.. //depot/projects/mjexp/sys/dev/isp/isp_freebsd.h#20 integrate
.. //depot/projects/mjexp/sys/dev/isp/isp_library.c#9 integrate
.. //depot/projects/mjexp/sys/dev/isp/ispvar.h#10 integrate
.. //depot/projects/mjexp/sys/dev/nxge/if_nxge.c#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/if_nxge.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/include/build-version.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/include/version.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/include/xge-debug.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/include/xge-defs.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/include/xge-list.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/include/xge-os-pal.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/include/xge-os-template.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/include/xge-queue.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/include/xgehal-channel.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/include/xgehal-config.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/include/xgehal-device.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/include/xgehal-driver.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/include/xgehal-event.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/include/xgehal-fifo.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/include/xgehal-mgmt.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/include/xgehal-mgmtaux.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/include/xgehal-mm.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/include/xgehal-regs.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/include/xgehal-ring.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/include/xgehal-stats.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/include/xgehal-types.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/include/xgehal.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/xge-osdep.h#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/xgehal/xge-queue.c#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/xgehal/xgehal-channel-fp.c#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/xgehal/xgehal-channel.c#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/xgehal/xgehal-config.c#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/xgehal/xgehal-device-fp.c#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/xgehal/xgehal-device.c#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/xgehal/xgehal-driver.c#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/xgehal/xgehal-fifo-fp.c#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/xgehal/xgehal-fifo.c#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/xgehal/xgehal-mgmt.c#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/xgehal/xgehal-mgmtaux.c#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/xgehal/xgehal-mm.c#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/xgehal/xgehal-ring-fp.c#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/xgehal/xgehal-ring.c#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/xgehal/xgehal-stats.c#1 branch
.. //depot/projects/mjexp/sys/dev/nxge/xgell-version.h#1 branch
.. //depot/projects/mjexp/sys/dev/ral/rt2560.c#7 integrate
.. //depot/projects/mjexp/sys/dev/ral/rt2661.c#6 integrate
.. //depot/projects/mjexp/sys/dev/snp/snp.c#3 integrate
.. //depot/projects/mjexp/sys/dev/sound/pci/hda/hdac.c#16 integrate
.. //depot/projects/mjexp/sys/dev/sound/pci/hda/hdac_private.h#6 integrate
.. //depot/projects/mjexp/sys/dev/sound/pcm/ac97_patch.c#6 integrate
.. //depot/projects/mjexp/sys/dev/usb/if_axe.c#9 integrate
.. //depot/projects/mjexp/sys/dev/usb/if_axereg.h#4 integrate
.. //depot/projects/mjexp/sys/dev/usb/if_cdce.c#7 integrate
.. //depot/projects/mjexp/sys/dev/usb/if_ural.c#16 integrate
.. //depot/projects/mjexp/sys/dev/usb/uark.c#5 integrate
.. //depot/projects/mjexp/sys/dev/usb/uhub.c#5 integrate
.. //depot/projects/mjexp/sys/dev/usb/umass.c#10 integrate
.. //depot/projects/mjexp/sys/dev/usb/ums.c#7 integrate
.. //depot/projects/mjexp/sys/dev/usb/usb.h#4 integrate
.. //depot/projects/mjexp/sys/dev/usb/usb_port.h#4 integrate
.. //depot/projects/mjexp/sys/dev/usb/usb_quirks.c#6 integrate
.. //depot/projects/mjexp/sys/dev/usb/usb_quirks.h#4 integrate
.. //depot/projects/mjexp/sys/dev/usb/usb_subr.c#8 integrate
.. //depot/projects/mjexp/sys/dev/usb/usbdevs#16 integrate
.. //depot/projects/mjexp/sys/dev/usb/usbdi.c#5 integrate
.. //depot/projects/mjexp/sys/dev/usb/usbdi.h#4 integrate
.. //depot/projects/mjexp/sys/dev/wi/if_wi.c#7 integrate
.. //depot/projects/mjexp/sys/fs/devfs/devfs_int.h#3 integrate
.. //depot/projects/mjexp/sys/fs/devfs/devfs_vnops.c#11 integrate
.. //depot/projects/mjexp/sys/fs/tmpfs/tmpfs.h#3 integrate
.. //depot/projects/mjexp/sys/fs/tmpfs/tmpfs_subr.c#3 integrate
.. //depot/projects/mjexp/sys/fs/tmpfs/tmpfs_uma.c#3 delete
.. //depot/projects/mjexp/sys/fs/tmpfs/tmpfs_uma.h#3 delete
.. //depot/projects/mjexp/sys/fs/tmpfs/tmpfs_vfsops.c#3 integrate
.. //depot/projects/mjexp/sys/fs/tmpfs/tmpfs_vnops.c#3 integrate
.. //depot/projects/mjexp/sys/i386/conf/GENERIC#12 integrate
.. //depot/projects/mjexp/sys/i386/conf/NOTES#6 integrate
.. //depot/projects/mjexp/sys/i386/i386/pmap.c#15 integrate
.. //depot/projects/mjexp/sys/i4b/driver/i4b_ing.c#2 integrate
.. //depot/projects/mjexp/sys/i4b/driver/i4b_ipr.c#4 integrate
.. //depot/projects/mjexp/sys/i4b/driver/i4b_isppp.c#2 integrate
.. //depot/projects/mjexp/sys/kern/kern_conf.c#7 integrate
.. //depot/projects/mjexp/sys/kern/kern_descrip.c#14 integrate
.. //depot/projects/mjexp/sys/kern/kern_lockf.c#3 integrate
.. //depot/projects/mjexp/sys/kern/kern_priv.c#3 integrate
.. //depot/projects/mjexp/sys/kern/subr_smp.c#4 integrate
.. //depot/projects/mjexp/sys/kern/sysv_sem.c#6 integrate
.. //depot/projects/mjexp/sys/kern/tty.c#9 integrate
.. //depot/projects/mjexp/sys/kern/tty_pts.c#4 integrate
.. //depot/projects/mjexp/sys/kern/tty_pty.c#4 integrate
.. //depot/projects/mjexp/sys/kern/tty_tty.c#2 integrate
.. //depot/projects/mjexp/sys/kern/uipc_syscalls.c#13 integrate
.. //depot/projects/mjexp/sys/modules/Makefile#15 integrate
.. //depot/projects/mjexp/sys/modules/ath_rate_amrr/Makefile#3 integrate
.. //depot/projects/mjexp/sys/modules/ath_rate_onoe/Makefile#2 integrate
.. //depot/projects/mjexp/sys/modules/ipfw/Makefile#2 integrate
.. //depot/projects/mjexp/sys/modules/nxge/Makefile#1 branch
.. //depot/projects/mjexp/sys/modules/pf/Makefile#2 integrate
.. //depot/projects/mjexp/sys/modules/tmpfs/Makefile#2 integrate
.. //depot/projects/mjexp/sys/net/if_ethersubr.c#13 integrate
.. //depot/projects/mjexp/sys/net/if_ppp.c#6 integrate
.. //depot/projects/mjexp/sys/net/pfkeyv2.h#3 integrate
.. //depot/projects/mjexp/sys/net80211/_ieee80211.h#8 integrate
.. //depot/projects/mjexp/sys/net80211/ieee80211_input.c#9 integrate
.. //depot/projects/mjexp/sys/net80211/ieee80211_radiotap.h#5 integrate
.. //depot/projects/mjexp/sys/net80211/ieee80211_scan.c#2 integrate
.. //depot/projects/mjexp/sys/net80211/ieee80211_scan.h#2 integrate
.. //depot/projects/mjexp/sys/net80211/ieee80211_scan_sta.c#2 integrate
.. //depot/projects/mjexp/sys/netinet/in_pcb.c#10 integrate
.. //depot/projects/mjexp/sys/netinet/in_pcb.h#6 integrate
.. //depot/projects/mjexp/sys/netinet/in_proto.c#5 integrate
.. //depot/projects/mjexp/sys/netinet/ip_fw2.c#13 integrate
.. //depot/projects/mjexp/sys/netinet/ip_icmp.c#4 integrate
.. //depot/projects/mjexp/sys/netinet/ip_input.c#7 integrate
.. //depot/projects/mjexp/sys/netinet/ip_ipsec.c#3 integrate
.. //depot/projects/mjexp/sys/netinet/ip_output.c#9 integrate
.. //depot/projects/mjexp/sys/netinet/raw_ip.c#9 integrate
.. //depot/projects/mjexp/sys/netinet/sctp_indata.c#17 integrate
.. //depot/projects/mjexp/sys/netinet/sctp_input.c#17 integrate
.. //depot/projects/mjexp/sys/netinet/sctp_input.h#5 integrate
.. //depot/projects/mjexp/sys/netinet/sctp_os_bsd.h#12 integrate
.. //depot/projects/mjexp/sys/netinet/sctp_output.c#18 integrate
.. //depot/projects/mjexp/sys/netinet/sctp_pcb.c#17 integrate
.. //depot/projects/mjexp/sys/netinet/sctp_usrreq.c#16 integrate
.. //depot/projects/mjexp/sys/netinet/sctp_var.h#10 integrate
.. //depot/projects/mjexp/sys/netinet/sctputil.c#19 integrate
.. //depot/projects/mjexp/sys/netinet/tcp_input.c#18 integrate
.. //depot/projects/mjexp/sys/netinet/tcp_output.c#12 integrate
.. //depot/projects/mjexp/sys/netinet/tcp_subr.c#15 integrate
.. //depot/projects/mjexp/sys/netinet/tcp_syncache.c#13 integrate
.. //depot/projects/mjexp/sys/netinet/udp_usrreq.c#12 integrate
.. //depot/projects/mjexp/sys/netinet6/ah.h#2 delete
.. //depot/projects/mjexp/sys/netinet6/ah6.h#2 delete
.. //depot/projects/mjexp/sys/netinet6/ah_aesxcbcmac.c#2 delete
.. //depot/projects/mjexp/sys/netinet6/ah_aesxcbcmac.h#2 delete
.. //depot/projects/mjexp/sys/netinet6/ah_core.c#3 delete
.. //depot/projects/mjexp/sys/netinet6/ah_input.c#2 delete
.. //depot/projects/mjexp/sys/netinet6/ah_output.c#3 delete
.. //depot/projects/mjexp/sys/netinet6/esp.h#2 delete
.. //depot/projects/mjexp/sys/netinet6/esp6.h#2 delete
.. //depot/projects/mjexp/sys/netinet6/esp_aesctr.c#3 delete
.. //depot/projects/mjexp/sys/netinet6/esp_aesctr.h#2 delete
.. //depot/projects/mjexp/sys/netinet6/esp_camellia.c#2 delete
.. //depot/projects/mjexp/sys/netinet6/esp_camellia.h#2 delete
.. //depot/projects/mjexp/sys/netinet6/esp_core.c#3 delete
.. //depot/projects/mjexp/sys/netinet6/esp_input.c#2 delete
.. //depot/projects/mjexp/sys/netinet6/esp_output.c#2 delete
.. //depot/projects/mjexp/sys/netinet6/esp_rijndael.c#2 delete
.. //depot/projects/mjexp/sys/netinet6/esp_rijndael.h#2 delete
.. //depot/projects/mjexp/sys/netinet6/icmp6.c#6 integrate
.. //depot/projects/mjexp/sys/netinet6/in6.h#3 integrate
.. //depot/projects/mjexp/sys/netinet6/in6_pcb.c#6 integrate
.. //depot/projects/mjexp/sys/netinet6/in6_proto.c#7 integrate
.. //depot/projects/mjexp/sys/netinet6/ip6_forward.c#3 integrate
.. //depot/projects/mjexp/sys/netinet6/ip6_input.c#5 integrate
.. //depot/projects/mjexp/sys/netinet6/ip6_ipsec.c#1 branch
.. //depot/projects/mjexp/sys/netinet6/ip6_ipsec.h#1 branch
.. //depot/projects/mjexp/sys/netinet6/ip6_output.c#3 integrate
.. //depot/projects/mjexp/sys/netinet6/ipcomp.h#2 delete
.. //depot/projects/mjexp/sys/netinet6/ipcomp6.h#2 delete
.. //depot/projects/mjexp/sys/netinet6/ipcomp_core.c#2 delete
.. //depot/projects/mjexp/sys/netinet6/ipcomp_input.c#2 delete
.. //depot/projects/mjexp/sys/netinet6/ipcomp_output.c#2 delete
.. //depot/projects/mjexp/sys/netinet6/ipsec.c#5 delete
.. //depot/projects/mjexp/sys/netinet6/ipsec.h#2 delete
.. //depot/projects/mjexp/sys/netinet6/ipsec6.h#2 delete
.. //depot/projects/mjexp/sys/netinet6/nd6.c#9 integrate
.. //depot/projects/mjexp/sys/netinet6/nd6_nbr.c#4 integrate
.. //depot/projects/mjexp/sys/netinet6/raw_ip6.c#6 integrate
.. //depot/projects/mjexp/sys/netinet6/sctp6_usrreq.c#14 integrate
.. //depot/projects/mjexp/sys/netinet6/udp6_output.c#3 integrate
.. //depot/projects/mjexp/sys/netinet6/udp6_usrreq.c#6 integrate
.. //depot/projects/mjexp/sys/netipsec/ipsec.c#6 integrate
.. //depot/projects/mjexp/sys/netipsec/ipsec.h#2 integrate
.. //depot/projects/mjexp/sys/netipsec/ipsec6.h#2 integrate
.. //depot/projects/mjexp/sys/netipsec/ipsec_mbuf.c#2 integrate
.. //depot/projects/mjexp/sys/netipsec/ipsec_output.c#3 integrate
.. //depot/projects/mjexp/sys/netipsec/key.c#4 integrate
.. //depot/projects/mjexp/sys/netipsec/key_debug.c#2 integrate
.. //depot/projects/mjexp/sys/netipsec/keysock.c#2 integrate
.. //depot/projects/mjexp/sys/netipsec/xform_ah.c#2 integrate
.. //depot/projects/mjexp/sys/netipsec/xform_ipip.c#2 integrate
.. //depot/projects/mjexp/sys/netkey/key.c#2 delete
.. //depot/projects/mjexp/sys/netkey/key.h#2 delete
.. //depot/projects/mjexp/sys/netkey/key_debug.c#2 delete
.. //depot/projects/mjexp/sys/netkey/key_debug.h#2 delete
.. //depot/projects/mjexp/sys/netkey/key_var.h#2 delete
.. //depot/projects/mjexp/sys/netkey/keydb.c#2 delete
.. //depot/projects/mjexp/sys/netkey/keydb.h#2 delete
.. //depot/projects/mjexp/sys/netkey/keysock.c#2 delete
.. //depot/projects/mjexp/sys/netkey/keysock.h#2 delete
.. //depot/projects/mjexp/sys/nfsclient/nfs_bio.c#6 integrate
.. //depot/projects/mjexp/sys/nfsclient/nfs_subs.c#3 integrate
.. //depot/projects/mjexp/sys/pc98/conf/NOTES#3 integrate
.. //depot/projects/mjexp/sys/security/audit/audit.c#12 integrate
.. //depot/projects/mjexp/sys/security/audit/audit_bsm.c#7 integrate
.. //depot/projects/mjexp/sys/sys/conf.h#5 integrate
.. //depot/projects/mjexp/sys/sys/mbuf.h#10 integrate
.. //depot/projects/mjexp/sys/sys/param.h#22 integrate
.. //depot/projects/mjexp/sys/sys/systm.h#16 integrate
.. //depot/projects/mjexp/sys/ufs/ufs/dir.h#2 integrate
.. //depot/projects/mjexp/sys/vm/vm_pageout.c#11 integrate
.. //depot/projects/mjexp/tools/regression/environ/Makefile#1 branch
.. //depot/projects/mjexp/tools/regression/environ/Makefile.envctl#1 branch
.. //depot/projects/mjexp/tools/regression/environ/Makefile.retention#1 branch
.. //depot/projects/mjexp/tools/regression/environ/Makefile.timings#1 branch
.. //depot/projects/mjexp/tools/regression/environ/envctl.c#1 branch
.. //depot/projects/mjexp/tools/regression/environ/envtest.t#1 branch
.. //depot/projects/mjexp/tools/regression/environ/retention.c#1 branch
.. //depot/projects/mjexp/tools/regression/environ/timings.c#1 branch
.. //depot/projects/mjexp/tools/tools/README#3 integrate
.. //depot/projects/mjexp/tools/tools/nxge/Makefile#1 branch
.. //depot/projects/mjexp/tools/tools/nxge/xge_cmn.h#1 branch
.. //depot/projects/mjexp/tools/tools/nxge/xge_info.c#1 branch
.. //depot/projects/mjexp/tools/tools/nxge/xge_info.h#1 branch
.. //depot/projects/mjexp/tools/tools/nxge/xge_log.c#1 branch
.. //depot/projects/mjexp/tools/tools/nxge/xge_log.h#1 branch
.. //depot/projects/mjexp/tools/tools/tinybsd/conf/bridge/tinybsd.basefiles#4 integrate
.. //depot/projects/mjexp/tools/tools/tinybsd/conf/default/tinybsd.basefiles#4 integrate
.. //depot/projects/mjexp/tools/tools/tinybsd/conf/wireless/tinybsd.basefiles#4 integrate
.. //depot/projects/mjexp/tools/tools/tinybsd/conf/wrap/tinybsd.basefiles#4 integrate
.. //depot/projects/mjexp/usr.bin/du/du.c#3 integrate
.. //depot/projects/mjexp/usr.bin/env/env.c#3 integrate
.. //depot/projects/mjexp/usr.bin/limits/limits.c#3 integrate
.. //depot/projects/mjexp/usr.bin/login/login.c#4 integrate
.. //depot/projects/mjexp/usr.bin/netstat/Makefile#3 integrate
.. //depot/projects/mjexp/usr.bin/netstat/ipsec.c#3 integrate
.. //depot/projects/mjexp/usr.bin/netstat/main.c#3 integrate
.. //depot/projects/mjexp/usr.bin/netstat/netstat.h#3 integrate
.. //depot/projects/mjexp/usr.bin/netstat/pfkey.c#3 integrate
.. //depot/projects/mjexp/usr.bin/su/su.c#4 integrate
.. //depot/projects/mjexp/usr.bin/telnet/Makefile#2 integrate
.. //depot/projects/mjexp/usr.bin/usbhidaction/usbhidaction.1#2 integrate
.. //depot/projects/mjexp/usr.bin/usbhidaction/usbhidaction.c#2 integrate
.. //depot/projects/mjexp/usr.sbin/Makefile#5 integrate
.. //depot/projects/mjexp/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c#2 integrate
.. //depot/projects/mjexp/usr.sbin/ftp-proxy/Makefile#1 branch
.. //depot/projects/mjexp/usr.sbin/ftp-proxy/Makefile.inc#1 branch
.. //depot/projects/mjexp/usr.sbin/ftp-proxy/ftp-proxy/Makefile#1 branch
.. //depot/projects/mjexp/usr.sbin/ftp-proxy/libevent/Makefile#1 branch
.. //depot/projects/mjexp/usr.sbin/inetd/Makefile#2 integrate
.. //depot/projects/mjexp/usr.sbin/inetd/inetd.c#3 integrate
.. //depot/projects/mjexp/usr.sbin/portsnap/phttpget/phttpget.c#3 integrate
.. //depot/projects/mjexp/usr.sbin/pstat/pstat.c#5 integrate
.. //depot/projects/mjexp/usr.sbin/rrenumd/Makefile#2 integrate
.. //depot/projects/mjexp/usr.sbin/rrenumd/rrenumd.c#2 integrate
.. //depot/projects/mjexp/usr.sbin/sade/main.c#3 integrate
.. //depot/projects/mjexp/usr.sbin/sade/variable.c#3 integrate
.. //depot/projects/mjexp/usr.sbin/sysinstall/main.c#3 integrate
.. //depot/projects/mjexp/usr.sbin/sysinstall/menus.c#6 integrate
.. //depot/projects/mjexp/usr.sbin/sysinstall/variable.c#3 integrate
.. //depot/projects/mjexp/usr.sbin/traceroute6/Makefile#2 integrate
.. //depot/projects/mjexp/usr.sbin/traceroute6/traceroute6.c#4 integrate
.. //depot/projects/mjexp/usr.sbin/wicontrol/Makefile#2 delete
.. //depot/projects/mjexp/usr.sbin/wicontrol/wicontrol.8#3 delete
.. //depot/projects/mjexp/usr.sbin/wicontrol/wicontrol.c#3 delete
Differences ...
==== //depot/projects/mjexp/ObsoleteFiles.inc#20 (text+ko) ====
@@ -1,5 +1,5 @@
#
-# $FreeBSD: src/ObsoleteFiles.inc,v 1.97 2007/06/25 05:06:52 rafan Exp $
+# $FreeBSD: src/ObsoleteFiles.inc,v 1.102 2007/07/03 13:06:45 mlaier Exp $
#
# This file lists old files (OLD_FILES), libraries (OLD_LIBS) and
# directories (OLD_DIRS) which should get removed at an update. Recently
@@ -14,6 +14,30 @@
# The file is partitioned: OLD_FILES first, then OLD_LIBS and OLD_DIRS last.
#
+# 20070703: pf 4.1 import
+OLD_FILES+=usr/libexec/ftp-proxy
+# 20070701: KAME IPSec removal
+OLD_FILES+=usr/include/netinet6/ah.h
+OLD_FILES+=usr/include/netinet6/ah6.h
+OLD_FILES+=usr/include/netinet6/ah_aesxcbcmac.h
+OLD_FILES+=usr/include/netinet6/esp.h
+OLD_FILES+=usr/include/netinet6/esp6.h
+OLD_FILES+=usr/include/netinet6/esp_aesctr.h
+OLD_FILES+=usr/include/netinet6/esp_camellia.h
+OLD_FILES+=usr/include/netinet6/esp_rijndael.h
+OLD_FILES+=usr/include/netinet6/ipsec.h
+OLD_FILES+=usr/include/netinet6/ipsec6.h
+OLD_FILES+=usr/include/netinet6/ipcomp.h
+OLD_FILES+=usr/include/netinet6/ipcomp6.h
+OLD_FILES+=usr/include/netkey/key.h
+OLD_FILES+=usr/include/netkey/key_debug.h
+OLD_FILES+=usr/include/netkey/key_var.h
+OLD_FILES+=usr/include/netkey/keydb.h
+OLD_FILES+=usr/include/netkey/keysock.h
+OLD_DIRS+=usr/include/netkey
+# 20070701: remove wicontrol
+OLD_FILES+=usr/sbin/wicontrol
+OLD_FILES+=usr/share/man/man8/wicontrol.8.gz
# 20070625: umapfs removal
OLD_FILES+=rescue/mount_umapfs
OLD_FILES+=sbin/mount_umapfs
@@ -3589,7 +3613,6 @@
# - usr/share/tmac/mm/locale
# - usr/share/tmac/mm/se_locale
# - var/yp/Makefile
-
# 20070519: GCC 4.2
OLD_LIBS+=usr/lib/libg2c.a
OLD_LIBS+=usr/lib/libg2c.so
==== //depot/projects/mjexp/UPDATING#19 (text+ko) ====
@@ -21,6 +21,26 @@
developers choose to disable these features on build machines
to maximize performance.
+20070702:
+ The packet filter (pf) code has been updated to OpenBSD 4.1 Please
+ note the changed syntax - keep state is now on by default. Also
+ note the fact that ftp-proxy(8) has been changed from bottom up and
+ has been moved from libexec to usr/sbin. Changes in the ALTQ
+ handling also affect users of IPFW's ALTQ capabilities.
+
+20070701:
+ Remove KAME IPsec in favor of FAST_IPSEC, which is now the
+ only IPsec supported by FreeBSD. The new IPsec stack
+ supports both IPv4 and IPv6. The kernel option will change
+ after the code changes have settled in. For now the kernel
+ option IPSEC is deprecated and FAST_IPSEC is the only option, that
+ will change after some settling time.
+
+20070701:
+ The wicontrol(8) utility has been removed from the base system. wi(4)
+ cards should be configured using ifconfig(8), see the man page for more
+ information.
+
20070612:
By default, /etc/rc.d/sendmail no longer rebuilds the aliases
database if it is missing or older than the aliases file. If
@@ -857,4 +877,4 @@
Contact Warner Losh if you have any questions about your use of
this document.
-$FreeBSD: src/UPDATING,v 1.497 2007/06/12 17:33:56 gshapiro Exp $
+$FreeBSD: src/UPDATING,v 1.500 2007/07/03 13:06:44 mlaier Exp $
==== //depot/projects/mjexp/bin/df/df.c#5 (text+ko) ====
@@ -44,7 +44,7 @@
#endif /* not lint */
#endif
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/bin/df/df.c,v 1.70 2007/05/01 16:02:44 ache Exp $");
+__FBSDID("$FreeBSD: src/bin/df/df.c,v 1.71 2007/07/04 00:00:37 scf Exp $");
#include <sys/param.h>
#include <sys/stat.h>
@@ -131,14 +131,14 @@
*/
if (kflag)
break;
- putenv("BLOCKSIZE=512");
+ setenv("BLOCKSIZE", "512", 1);
hflag = 0;
break;
case 'c':
cflag = 1;
break;
case 'g':
- putenv("BLOCKSIZE=1g");
+ setenv("BLOCKSIZE", "1g", 1);
hflag = 0;
break;
case 'H':
@@ -152,7 +152,7 @@
break;
case 'k':
kflag++;
- putenv("BLOCKSIZE=1024");
+ setenv("BLOCKSIZE", "1024", 1);
hflag = 0;
break;
case 'l':
@@ -162,7 +162,7 @@
lflag = 1;
break;
case 'm':
- putenv("BLOCKSIZE=1m");
+ setenv("BLOCKSIZE", "1m", 1);
hflag = 0;
break;
case 'n':
==== //depot/projects/mjexp/bin/ed/Makefile#2 (text+ko) ====
@@ -1,4 +1,4 @@
-# $FreeBSD: src/bin/ed/Makefile,v 1.32 2006/03/17 18:54:20 ru Exp $
+# $FreeBSD: src/bin/ed/Makefile,v 1.33 2007/07/02 14:00:25 kensmith Exp $
.include <bsd.own.mk>
@@ -7,11 +7,13 @@
LINKS= ${BINDIR}/ed ${BINDIR}/red
MLINKS= ed.1 red.1
+.if !defined(RELEASE_CRUNCH)
.if ${MK_OPENSSL} != "no"
CFLAGS+=-DDES
WARNS?= 2
DPADD= ${LIBCRYPTO}
LDADD= -lcrypto
.endif
+.endif
.include <bsd.prog.mk>
==== //depot/projects/mjexp/bin/sh/var.c#3 (text+ko) ====
@@ -36,7 +36,7 @@
#endif
#endif /* not lint */
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/bin/sh/var.c,v 1.35 2007/05/01 16:02:43 ache Exp $");
+__FBSDID("$FreeBSD: src/bin/sh/var.c,v 1.36 2007/07/04 00:00:38 scf Exp $");
#include <unistd.h>
#include <stdlib.h>
@@ -289,6 +289,7 @@
setvareq(char *s, int flags)
{
struct var *vp, **vpp;
+ char *p;
int len;
if (aflag)
@@ -319,7 +320,10 @@
if (vp == &vmpath || (vp == &vmail && ! mpathset()))
chkmail(1);
if ((vp->flags & VEXPORT) && localevar(s)) {
- putenv(s);
+ p = strchr(s, '=');
+ *p = '\0';
+ (void) setenv(s, p + 1, 1);
+ *p = '=';
(void) setlocale(LC_ALL, "");
}
INTON;
@@ -335,7 +339,10 @@
INTOFF;
*vpp = vp;
if ((vp->flags & VEXPORT) && localevar(s)) {
- putenv(s);
+ p = strchr(s, '=');
+ *p = '\0';
+ (void) setenv(s, p + 1, 1);
+ *p = '=';
(void) setlocale(LC_ALL, "");
}
INTON;
@@ -596,7 +603,10 @@
vp->flags |= flag;
if ((vp->flags & VEXPORT) && localevar(vp->text)) {
- putenv(vp->text);
+ p = strchr(vp->text, '=');
+ *p = '\0';
+ (void) setenv(vp->text, p + 1, 1);
+ *p = '=';
(void) setlocale(LC_ALL, "");
}
goto found;
==== //depot/projects/mjexp/contrib/netcat/netcat.c#3 (text+ko) ====
@@ -25,7 +25,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
- * $FreeBSD: src/contrib/netcat/netcat.c,v 1.5 2007/03/28 01:57:03 delphij Exp $
+ * $FreeBSD: src/contrib/netcat/netcat.c,v 1.6 2007/07/01 12:08:04 gnn Exp $
*/
/*
@@ -42,7 +42,7 @@
#include <netinet/in.h>
#include <netinet/in_systm.h>
#ifdef IPSEC
-#include <netinet6/ipsec.h>
+#include <netipsec/ipsec.h>
#endif
#include <netinet/tcp.h>
#include <netinet/ip.h>
==== //depot/projects/mjexp/contrib/pf/authpf/authpf.8#2 (text+ko) ====
@@ -1,29 +1,19 @@
-.\" $FreeBSD: src/contrib/pf/authpf/authpf.8,v 1.2 2006/03/28 15:26:16 mlaier Exp $
-.\" $OpenBSD: authpf.8,v 1.38 2005/01/04 09:57:04 jmc Exp $
+.\" $FreeBSD: src/contrib/pf/authpf/authpf.8,v 1.3 2007/07/03 12:30:00 mlaier Exp $
+.\" $OpenBSD: authpf.8,v 1.43 2007/02/24 17:21:04 beck Exp $
.\"
-.\" Copyright (c) 2002 Bob Beck (beck at openbsd.org>. All rights reserved.
+.\" Copyright (c) 1998-2007 Bob Beck (beck at openbsd.org>. All rights reserved.
.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\" 1. Redistributions of source code must retain the above copyright
-.\" notice, this list of conditions and the following disclaimer.
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\" notice, this list of conditions and the following disclaimer in the
-.\" documentation and/or other materials provided with the distribution.
-.\" 3. The name of the author may not be used to endorse or promote products
-.\" derived from this software without specific prior written permission.
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
-.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
-.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
-.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
-.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd March 28, 2006
.Dt AUTHPF 8
@@ -230,8 +220,11 @@
hijack the session.
Note that TCP keepalives are not sufficient for
this, since they are not secure.
-Also note that
+Also note that the various SSH tunnelling mechanisms,
+such as
.Ar AllowTcpForwarding
+and
+.Ar PermitTunnel ,
should be disabled for
.Nm
users to prevent them from circumventing restrictions imposed by the
@@ -429,8 +422,7 @@
external_if = "xl0"
internal_if = "fxp0"
-pass in log quick on $internal_if proto tcp from $user_ip to any \e
- keep state
+pass in log quick on $internal_if proto tcp from $user_ip to any
pass in quick on $internal_if from $user_ip to any
.Ed
.Pp
@@ -445,16 +437,15 @@
# rdr ftp for proxying by ftp-proxy(8)
rdr on $internal_if proto tcp from $user_ip to any port 21 \e
- -> 127.0.0.1 port 8081
+ -> 127.0.0.1 port 8021
# allow out ftp, ssh, www and https only, and allow user to negotiate
# ipsec with the ipsec server.
pass in log quick on $internal_if proto tcp from $user_ip to any \e
- port { 21, 22, 80, 443 } flags S/SA
+ port { 21, 22, 80, 443 }
pass in quick on $internal_if proto tcp from $user_ip to any \e
port { 21, 22, 80, 443 }
-pass in quick proto udp from $user_ip to $ipsec_gw port = isakmp \e
- keep state
+pass in quick proto udp from $user_ip to $ipsec_gw port = isakmp
pass in quick proto esp from $user_ip to $ipsec_gw
.Ed
.Pp
@@ -469,7 +460,7 @@
# nat and tag connections...
nat on $ext_if from $user_ip to any tag $user_ip -> $ext_addr
pass in quick on $int_if from $user_ip to any
-pass out log quick on $ext_if tagged $user_ip keep state
+pass out log quick on $ext_if tagged $user_ip
.Ed
.Pp
With the above rules added by
@@ -495,7 +486,7 @@
.Bd -literal
table <authpf_users> persist
pass in on $ext_if proto tcp from <authpf_users> \e
- to port { smtp imap } keep state
+ to port { smtp imap }
.Ed
.Pp
It is also possible to use the "authpf_users"
@@ -522,6 +513,7 @@
.Xr pf 4 ,
.Xr pf.conf 5 ,
.Xr fdescfs 5 ,
+.Xr securelevel 7 ,
.Xr ftp-proxy 8
.Sh HISTORY
The
==== //depot/projects/mjexp/contrib/pf/authpf/authpf.c#2 (text+ko) ====
@@ -1,32 +1,23 @@
-/* $OpenBSD: authpf.c,v 1.89 2005/02/10 04:24:15 joel Exp $ */
+/* $OpenBSD: authpf.c,v 1.104 2007/02/24 17:35:08 beck Exp $ */
/*
- * Copyright (C) 1998 - 2002 Bob Beck (beck at openbsd.org).
+ * Copyright (C) 1998 - 2007 Bob Beck (beck at openbsd.org).
*
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
*
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/contrib/pf/authpf/authpf.c,v 1.7 2005/12/25 22:57:08 mlaier Exp $");
+__FBSDID("$FreeBSD: src/contrib/pf/authpf/authpf.c,v 1.8 2007/07/03 12:30:01 mlaier Exp $");
#include <sys/param.h>
#include <sys/file.h>
@@ -56,15 +47,13 @@
#include "pathnames.h"
-extern int symset(const char *, const char *, int);
-
static int read_config(FILE *);
static void print_message(char *);
static int allowed_luser(char *);
static int check_luser(char *, char *);
static int remove_stale_rulesets(void);
static int change_filter(int, const char *, const char *);
-static int change_table(int, const char *, const char *);
+static int change_table(int, const char *);
static void authpf_kill_states(void);
int dev; /* pf device */
@@ -73,7 +62,6 @@
char tablename[PF_TABLE_NAME_SIZE] = "authpf_users";
FILE *pidfp;
-char *infile; /* file name printed by yyerror() in parse.y */
char luser[MAXLOGNAME]; /* username */
char ipsrc[256]; /* ip as a string */
char pidfile[MAXPATHLEN]; /* we save pid in this file. */
@@ -102,11 +90,16 @@
struct in6_addr ina;
struct passwd *pw;
char *cp;
+ gid_t gid;
uid_t uid;
char *shell;
login_cap_t *lc;
config = fopen(PATH_CONFFILE, "r");
+ if (config == NULL) {
+ syslog(LOG_ERR, "can not open %s (%m)", PATH_CONFFILE);
+ exit(1);
+ }
if ((cp = getenv("SSH_TTY")) == NULL) {
syslog(LOG_ERR, "non-interactive session connection for authpf");
@@ -143,7 +136,6 @@
uid = getuid();
pw = getpwuid(uid);
- endpwent();
if (pw == NULL) {
syslog(LOG_ERR, "cannot find user for uid %u", uid);
goto die;
@@ -256,6 +248,8 @@
if (++lockcnt > 10) {
syslog(LOG_ERR, "cannot kill previous authpf (pid %d)",
otherpid);
+ fclose(pidfp);
+ pidfp = NULL;
goto dogdeath;
}
sleep(1);
@@ -265,12 +259,22 @@
* it's lock, giving us a chance to get it now
*/
fclose(pidfp);
+ pidfp = NULL;
} while (1);
+
+ /* whack the group list */
+ gid = getegid();
+ if (setgroups(1, &gid) == -1) {
+ syslog(LOG_INFO, "setgroups: %s", strerror(errno));
+ do_death(0);
+ }
/* revoke privs */
- seteuid(getuid());
- setuid(getuid());
-
+ uid = getuid();
+ if (setresuid(uid, uid, uid) == -1) {
+ syslog(LOG_INFO, "setresuid: %s", strerror(errno));
+ do_death(0);
+ }
openlog("authpf", LOG_PID | LOG_NDELAY, LOG_DAEMON);
if (!check_luser(PATH_BAN_DIR, luser) || !allowed_luser(luser)) {
@@ -278,8 +282,8 @@
do_death(0);
}
- if (config == NULL || read_config(config)) {
- syslog(LOG_INFO, "bad or nonexistent %s", PATH_CONFFILE);
+ if (read_config(config)) {
+ syslog(LOG_ERR, "invalid config file %s", PATH_CONFFILE);
do_death(0);
}
@@ -298,7 +302,7 @@
printf("Unable to modify filters\r\n");
do_death(0);
}
- if (change_table(1, luser, ipsrc) == -1) {
+ if (change_table(1, ipsrc) == -1) {
printf("Unable to modify table\r\n");
change_filter(0, luser, ipsrc);
do_death(0);
@@ -309,7 +313,7 @@
signal(SIGALRM, need_death);
signal(SIGPIPE, need_death);
signal(SIGHUP, need_death);
- signal(SIGSTOP, need_death);
+ signal(SIGQUIT, need_death);
signal(SIGTSTP, need_death);
while (1) {
printf("\r\nHello %s. ", luser);
@@ -559,9 +563,11 @@
while (fputs(tmp, stdout) != EOF && !feof(f)) {
if (fgets(tmp, sizeof(tmp), f) == NULL) {
fflush(stdout);
+ fclose(f);
return (0);
}
}
+ fclose(f);
}
fflush(stdout);
return (0);
@@ -645,6 +651,7 @@
char *fdpath = NULL, *userstr = NULL, *ipstr = NULL;
char *rsn = NULL, *fn = NULL;
pid_t pid;
+ gid_t gid;
int s;
if (luser == NULL || !luser[0] || ipsrc == NULL || !ipsrc[0]) {
@@ -684,8 +691,14 @@
switch (pid = fork()) {
case -1:
- err(1, "fork failed");
+ syslog(LOG_ERR, "fork failed");
+ goto error;
case 0:
+ /* revoke group privs before exec */
+ gid = getgid();
+ if (setregid(gid, gid) == -1) {
+ err(1, "setregid");
+ }
execvp(PATH_PFCTL, pargv);
warn("exec of %s failed", PATH_PFCTL);
_exit(1);
@@ -694,10 +707,8 @@
/* parent */
waitpid(pid, &s, 0);
if (s != 0) {
- if (WIFEXITED(s)) {
- syslog(LOG_ERR, "pfctl exited abnormally");
- goto error;
- }
+ syslog(LOG_ERR, "pfctl exited abnormally");
+ goto error;
}
if (add) {
@@ -718,16 +729,10 @@
syslog(LOG_ERR, "malloc failed");
error:
free(fdpath);
- fdpath = NULL;
free(rsn);
- rsn = NULL;
free(userstr);
- userstr = NULL;
free(ipstr);
- ipstr = NULL;
free(fn);
- fn = NULL;
- infile = NULL;
return (-1);
}
@@ -735,13 +740,14 @@
* Add/remove this IP from the "authpf_users" table.
*/
static int
-change_table(int add, const char *luser, const char *ipsrc)
+change_table(int add, const char *ipsrc)
{
>>> TRUNCATED FOR MAIL (1000 lines) <<<
More information about the p4-projects
mailing list