PERFORCE change 122837 for review
    Kip Macy 
    kmacy at FreeBSD.org
       
    Wed Jul  4 05:57:01 UTC 2007
    
    
  
http://perforce.freebsd.org/chv.cgi?CH=122837
Change 122837 by kmacy at kmacy_vt-x:opentoe_init on 2007/07/04 05:56:20
	IFC
Affected files ...
.. //depot/projects/opentoe/ObsoleteFiles.inc#10 integrate
.. //depot/projects/opentoe/UPDATING#10 integrate
.. //depot/projects/opentoe/bin/df/df.c#4 integrate
.. //depot/projects/opentoe/bin/ed/Makefile#2 integrate
.. //depot/projects/opentoe/bin/sh/var.c#3 integrate
.. //depot/projects/opentoe/contrib/netcat/netcat.c#3 integrate
.. //depot/projects/opentoe/contrib/pf/authpf/authpf.8#2 integrate
.. //depot/projects/opentoe/contrib/pf/authpf/authpf.c#2 integrate
.. //depot/projects/opentoe/contrib/pf/ftp-proxy/filter.c#1 branch
.. //depot/projects/opentoe/contrib/pf/ftp-proxy/filter.h#1 branch
.. //depot/projects/opentoe/contrib/pf/ftp-proxy/ftp-proxy.8#2 integrate
.. //depot/projects/opentoe/contrib/pf/ftp-proxy/ftp-proxy.c#2 integrate
.. //depot/projects/opentoe/contrib/pf/ftp-proxy/getline.c#2 delete
.. //depot/projects/opentoe/contrib/pf/ftp-proxy/util.c#2 delete
.. //depot/projects/opentoe/contrib/pf/ftp-proxy/util.h#2 delete
.. //depot/projects/opentoe/contrib/pf/libevent/buffer.c#1 branch
.. //depot/projects/opentoe/contrib/pf/libevent/evbuffer.c#1 branch
.. //depot/projects/opentoe/contrib/pf/libevent/event-internal.h#1 branch
.. //depot/projects/opentoe/contrib/pf/libevent/event.c#1 branch
.. //depot/projects/opentoe/contrib/pf/libevent/event.h#1 branch
.. //depot/projects/opentoe/contrib/pf/libevent/evsignal.h#1 branch
.. //depot/projects/opentoe/contrib/pf/libevent/kqueue.c#1 branch
.. //depot/projects/opentoe/contrib/pf/libevent/log.c#1 branch
.. //depot/projects/opentoe/contrib/pf/libevent/log.h#1 branch
.. //depot/projects/opentoe/contrib/pf/libevent/poll.c#1 branch
.. //depot/projects/opentoe/contrib/pf/libevent/select.c#1 branch
.. //depot/projects/opentoe/contrib/pf/libevent/signal.c#1 branch
.. //depot/projects/opentoe/contrib/pf/man/pf.4#2 integrate
.. //depot/projects/opentoe/contrib/pf/man/pf.conf.5#4 integrate
.. //depot/projects/opentoe/contrib/pf/man/pf.os.5#2 integrate
.. //depot/projects/opentoe/contrib/pf/man/pflog.4#2 integrate
.. //depot/projects/opentoe/contrib/pf/man/pfsync.4#2 integrate
.. //depot/projects/opentoe/contrib/pf/pfctl/parse.y#2 integrate
.. //depot/projects/opentoe/contrib/pf/pfctl/pf_print_state.c#2 integrate
.. //depot/projects/opentoe/contrib/pf/pfctl/pfctl.8#2 integrate
.. //depot/projects/opentoe/contrib/pf/pfctl/pfctl.c#2 integrate
.. //depot/projects/opentoe/contrib/pf/pfctl/pfctl.h#2 integrate
.. //depot/projects/opentoe/contrib/pf/pfctl/pfctl_altq.c#2 integrate
.. //depot/projects/opentoe/contrib/pf/pfctl/pfctl_optimize.c#2 integrate
.. //depot/projects/opentoe/contrib/pf/pfctl/pfctl_osfp.c#2 integrate
.. //depot/projects/opentoe/contrib/pf/pfctl/pfctl_parser.c#2 integrate
.. //depot/projects/opentoe/contrib/pf/pfctl/pfctl_parser.h#2 integrate
.. //depot/projects/opentoe/contrib/pf/pfctl/pfctl_radix.c#2 integrate
.. //depot/projects/opentoe/contrib/pf/pfctl/pfctl_table.c#2 integrate
.. //depot/projects/opentoe/contrib/pf/pflogd/pflogd.8#2 integrate
.. //depot/projects/opentoe/contrib/pf/pflogd/pflogd.c#2 integrate
.. //depot/projects/opentoe/contrib/pf/pflogd/pflogd.h#2 integrate
.. //depot/projects/opentoe/contrib/pf/pflogd/privsep.c#2 integrate
.. //depot/projects/opentoe/contrib/pf/tftp-proxy/filter.c#1 branch
.. //depot/projects/opentoe/contrib/pf/tftp-proxy/filter.h#1 branch
.. //depot/projects/opentoe/contrib/pf/tftp-proxy/tftp-proxy.8#1 branch
.. //depot/projects/opentoe/contrib/pf/tftp-proxy/tftp-proxy.c#1 branch
.. //depot/projects/opentoe/contrib/telnet/telnet/externs.h#2 integrate
.. //depot/projects/opentoe/contrib/traceroute/traceroute.c#3 integrate
.. //depot/projects/opentoe/etc/mtree/BSD.include.dist#6 integrate
.. //depot/projects/opentoe/include/Makefile#4 integrate
.. //depot/projects/opentoe/include/stdlib.h#3 integrate
.. //depot/projects/opentoe/lib/libc/net/sctp_sys_calls.c#6 integrate
.. //depot/projects/opentoe/lib/libc/net/sourcefilter.c#2 integrate
.. //depot/projects/opentoe/lib/libc/stdlib/Makefile.inc#2 integrate
.. //depot/projects/opentoe/lib/libc/stdlib/getenv.3#3 integrate
.. //depot/projects/opentoe/lib/libc/stdlib/getenv.c#3 integrate
.. //depot/projects/opentoe/lib/libc/stdlib/putenv.c#3 delete
.. //depot/projects/opentoe/lib/libc/stdlib/setenv.c#3 delete
.. //depot/projects/opentoe/lib/libgssapi/gss_accept_sec_context.c#3 integrate
.. //depot/projects/opentoe/lib/libgssapi/gss_display_status.c#2 integrate
.. //depot/projects/opentoe/lib/libgssapi/gss_export_name.c#2 integrate
.. //depot/projects/opentoe/lib/libgssapi/gss_indicate_mechs.c#2 integrate
.. //depot/projects/opentoe/lib/libgssapi/gss_init_sec_context.c#4 integrate
.. //depot/projects/opentoe/lib/libipsec/Makefile#3 integrate
.. //depot/projects/opentoe/lib/libipsec/ipsec_dump_policy.c#2 integrate
.. //depot/projects/opentoe/lib/libipsec/ipsec_get_policylen.c#2 integrate
.. //depot/projects/opentoe/lib/libipsec/ipsec_set_policy.3#2 integrate
.. //depot/projects/opentoe/lib/libipsec/ipsec_strerror.3#2 integrate
.. //depot/projects/opentoe/lib/libipsec/ipsec_strerror.c#2 integrate
.. //depot/projects/opentoe/lib/libipsec/pfkey.c#2 integrate
.. //depot/projects/opentoe/lib/libipsec/pfkey_dump.c#3 integrate
.. //depot/projects/opentoe/lib/libipsec/policy_parse.y#2 integrate
.. //depot/projects/opentoe/lib/libipsec/policy_token.l#2 integrate
.. //depot/projects/opentoe/lib/libipsec/test-policy.c#2 integrate
.. //depot/projects/opentoe/libexec/Makefile#2 integrate
.. //depot/projects/opentoe/libexec/ftp-proxy/Makefile#2 delete
.. //depot/projects/opentoe/libexec/pppoed/pppoed.c#3 integrate
.. //depot/projects/opentoe/libexec/tftp-proxy/Makefile#1 branch
.. //depot/projects/opentoe/release/doc/en_US.ISO8859-1/hardware/article.sgml#3 integrate
.. //depot/projects/opentoe/release/doc/en_US.ISO8859-1/relnotes/article.sgml#11 integrate
.. //depot/projects/opentoe/release/doc/share/misc/dev.archlist.txt#3 integrate
.. //depot/projects/opentoe/release/i386/fixit_crunch.conf#3 integrate
.. //depot/projects/opentoe/release/scripts/src-install.sh#2 integrate
.. //depot/projects/opentoe/sbin/dhclient/dhclient-script#3 integrate
.. //depot/projects/opentoe/sbin/pfctl/Makefile#2 integrate
.. //depot/projects/opentoe/sbin/ping/ping.c#3 integrate
.. //depot/projects/opentoe/sbin/ping6/Makefile#2 integrate
.. //depot/projects/opentoe/sbin/ping6/ping6.c#3 integrate
.. //depot/projects/opentoe/sbin/setkey/Makefile#2 integrate
.. //depot/projects/opentoe/sbin/setkey/parse.y#2 integrate
.. //depot/projects/opentoe/sbin/setkey/setkey.c#2 integrate
.. //depot/projects/opentoe/sbin/setkey/test-pfkey.c#2 integrate
.. //depot/projects/opentoe/sbin/setkey/test-policy.c#2 integrate
.. //depot/projects/opentoe/sbin/setkey/token.l#3 integrate
.. //depot/projects/opentoe/share/man/man4/Makefile#8 integrate
.. //depot/projects/opentoe/share/man/man4/ath.4#2 integrate
.. //depot/projects/opentoe/share/man/man4/ieee80211.4#2 integrate
.. //depot/projects/opentoe/share/man/man4/msk.4#2 integrate
.. //depot/projects/opentoe/share/man/man4/nxge.4#1 branch
.. //depot/projects/opentoe/share/man/man4/ucom.4#2 integrate
.. //depot/projects/opentoe/share/man/man4/uhid.4#2 integrate
.. //depot/projects/opentoe/share/man/man4/wi.4#2 integrate
.. //depot/projects/opentoe/share/man/man7/hier.7#7 integrate
.. //depot/projects/opentoe/share/man/man9/ieee80211_ioctl.9#2 integrate
.. //depot/projects/opentoe/share/misc/committers-ports.dot#8 integrate
.. //depot/projects/opentoe/share/mk/sys.mk#3 integrate
.. //depot/projects/opentoe/sys/Makefile#4 integrate
.. //depot/projects/opentoe/sys/amd64/amd64/pmap.c#8 integrate
.. //depot/projects/opentoe/sys/amd64/conf/GENERIC#8 integrate
.. //depot/projects/opentoe/sys/amd64/conf/NOTES#4 integrate
.. //depot/projects/opentoe/sys/cam/cam_xpt.c#6 integrate
.. //depot/projects/opentoe/sys/cam/scsi/scsi_da.c#8 integrate
.. //depot/projects/opentoe/sys/conf/NOTES#8 integrate
.. //depot/projects/opentoe/sys/conf/files#11 integrate
.. //depot/projects/opentoe/sys/conf/files.amd64#5 integrate
.. //depot/projects/opentoe/sys/conf/files.arm#2 integrate
.. //depot/projects/opentoe/sys/conf/files.i386#5 integrate
.. //depot/projects/opentoe/sys/conf/files.ia64#3 integrate
.. //depot/projects/opentoe/sys/conf/files.pc98#5 integrate
.. //depot/projects/opentoe/sys/conf/files.powerpc#3 integrate
.. //depot/projects/opentoe/sys/conf/files.sparc64#3 integrate
.. //depot/projects/opentoe/sys/conf/files.sun4v#3 integrate
.. //depot/projects/opentoe/sys/conf/options#10 integrate
.. //depot/projects/opentoe/sys/conf/options.amd64#2 integrate
.. //depot/projects/opentoe/sys/conf/options.i386#2 integrate
.. //depot/projects/opentoe/sys/conf/options.pc98#2 integrate
.. //depot/projects/opentoe/sys/contrib/altq/altq/altq_cbq.c#2 integrate
.. //depot/projects/opentoe/sys/contrib/altq/altq/altq_hfsc.c#2 integrate
.. //depot/projects/opentoe/sys/contrib/altq/altq/altq_priq.c#2 integrate
.. //depot/projects/opentoe/sys/contrib/altq/altq/altq_red.c#2 integrate
.. //depot/projects/opentoe/sys/contrib/pf/net/if_pflog.c#2 integrate
.. //depot/projects/opentoe/sys/contrib/pf/net/if_pflog.h#2 integrate
.. //depot/projects/opentoe/sys/contrib/pf/net/if_pfsync.c#4 integrate
.. //depot/projects/opentoe/sys/contrib/pf/net/if_pfsync.h#3 integrate
.. //depot/projects/opentoe/sys/contrib/pf/net/pf.c#3 integrate
.. //depot/projects/opentoe/sys/contrib/pf/net/pf_if.c#2 integrate
.. //depot/projects/opentoe/sys/contrib/pf/net/pf_ioctl.c#2 integrate
.. //depot/projects/opentoe/sys/contrib/pf/net/pf_mtag.h#1 branch
.. //depot/projects/opentoe/sys/contrib/pf/net/pf_norm.c#2 integrate
.. //depot/projects/opentoe/sys/contrib/pf/net/pf_osfp.c#2 integrate
.. //depot/projects/opentoe/sys/contrib/pf/net/pf_ruleset.c#1 branch
.. //depot/projects/opentoe/sys/contrib/pf/net/pf_subr.c#2 integrate
.. //depot/projects/opentoe/sys/contrib/pf/net/pf_table.c#2 integrate
.. //depot/projects/opentoe/sys/contrib/pf/net/pfvar.h#2 integrate
.. //depot/projects/opentoe/sys/crypto/via/padlock.c#3 integrate
.. //depot/projects/opentoe/sys/dev/acpica/acpi.c#9 integrate
.. //depot/projects/opentoe/sys/dev/ipw/if_ipw.c#4 integrate
.. //depot/projects/opentoe/sys/dev/isp/isp.c#5 integrate
.. //depot/projects/opentoe/sys/dev/isp/isp_freebsd.h#4 integrate
.. //depot/projects/opentoe/sys/dev/isp/isp_library.c#4 integrate
.. //depot/projects/opentoe/sys/dev/isp/ispvar.h#3 integrate
.. //depot/projects/opentoe/sys/dev/nxge/if_nxge.c#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/if_nxge.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/include/build-version.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/include/version.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/include/xge-debug.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/include/xge-defs.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/include/xge-list.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/include/xge-os-pal.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/include/xge-os-template.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/include/xge-queue.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-channel.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-config.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-device.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-driver.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-event.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-fifo.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-mgmt.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-mgmtaux.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-mm.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-regs.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-ring.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-stats.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-types.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/include/xgehal.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/xge-osdep.h#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/xgehal/xge-queue.c#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-channel-fp.c#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-channel.c#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-config.c#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-device-fp.c#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-device.c#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-driver.c#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-fifo-fp.c#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-fifo.c#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-mgmt.c#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-mgmtaux.c#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-mm.c#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-ring-fp.c#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-ring.c#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-stats.c#1 branch
.. //depot/projects/opentoe/sys/dev/nxge/xgell-version.h#1 branch
.. //depot/projects/opentoe/sys/dev/ral/rt2560.c#4 integrate
.. //depot/projects/opentoe/sys/dev/ral/rt2661.c#3 integrate
.. //depot/projects/opentoe/sys/dev/snp/snp.c#3 integrate
.. //depot/projects/opentoe/sys/dev/sound/pci/hda/hdac.c#8 integrate
.. //depot/projects/opentoe/sys/dev/sound/pci/hda/hdac_private.h#4 integrate
.. //depot/projects/opentoe/sys/dev/sound/pcm/ac97_patch.c#4 integrate
.. //depot/projects/opentoe/sys/dev/usb/if_axe.c#5 integrate
.. //depot/projects/opentoe/sys/dev/usb/if_axereg.h#4 integrate
.. //depot/projects/opentoe/sys/dev/usb/if_cdce.c#4 integrate
.. //depot/projects/opentoe/sys/dev/usb/if_ural.c#10 integrate
.. //depot/projects/opentoe/sys/dev/usb/uark.c#3 integrate
.. //depot/projects/opentoe/sys/dev/usb/ugen.c#3 integrate
.. //depot/projects/opentoe/sys/dev/usb/uhub.c#4 integrate
.. //depot/projects/opentoe/sys/dev/usb/umass.c#5 integrate
.. //depot/projects/opentoe/sys/dev/usb/umodem.c#5 integrate
.. //depot/projects/opentoe/sys/dev/usb/ums.c#5 integrate
.. //depot/projects/opentoe/sys/dev/usb/usb.h#3 integrate
.. //depot/projects/opentoe/sys/dev/usb/usb_port.h#4 integrate
.. //depot/projects/opentoe/sys/dev/usb/usb_quirks.c#5 integrate
.. //depot/projects/opentoe/sys/dev/usb/usb_quirks.h#3 integrate
.. //depot/projects/opentoe/sys/dev/usb/usb_subr.c#4 integrate
.. //depot/projects/opentoe/sys/dev/usb/usbdevs#9 integrate
.. //depot/projects/opentoe/sys/dev/usb/usbdi.c#3 integrate
.. //depot/projects/opentoe/sys/dev/usb/usbdi.h#3 integrate
.. //depot/projects/opentoe/sys/dev/wi/if_wi.c#4 integrate
.. //depot/projects/opentoe/sys/fs/devfs/devfs_int.h#2 integrate
.. //depot/projects/opentoe/sys/fs/devfs/devfs_vnops.c#8 integrate
.. //depot/projects/opentoe/sys/fs/tmpfs/tmpfs.h#3 integrate
.. //depot/projects/opentoe/sys/fs/tmpfs/tmpfs_fifoops.c#2 integrate
.. //depot/projects/opentoe/sys/fs/tmpfs/tmpfs_fifoops.h#3 integrate
.. //depot/projects/opentoe/sys/fs/tmpfs/tmpfs_subr.c#3 integrate
.. //depot/projects/opentoe/sys/fs/tmpfs/tmpfs_uma.c#3 delete
.. //depot/projects/opentoe/sys/fs/tmpfs/tmpfs_uma.h#3 delete
.. //depot/projects/opentoe/sys/fs/tmpfs/tmpfs_vfsops.c#3 integrate
.. //depot/projects/opentoe/sys/fs/tmpfs/tmpfs_vnops.c#3 integrate
.. //depot/projects/opentoe/sys/fs/tmpfs/tmpfs_vnops.h#2 integrate
.. //depot/projects/opentoe/sys/i386/conf/GENERIC#7 integrate
.. //depot/projects/opentoe/sys/i386/conf/NOTES#4 integrate
.. //depot/projects/opentoe/sys/i386/i386/pmap.c#8 integrate
.. //depot/projects/opentoe/sys/i4b/driver/i4b_ing.c#2 integrate
.. //depot/projects/opentoe/sys/i4b/driver/i4b_ipr.c#2 integrate
.. //depot/projects/opentoe/sys/i4b/driver/i4b_isppp.c#2 integrate
.. //depot/projects/opentoe/sys/kern/kern_conf.c#4 integrate
.. //depot/projects/opentoe/sys/kern/kern_descrip.c#7 integrate
.. //depot/projects/opentoe/sys/kern/kern_lockf.c#3 integrate
.. //depot/projects/opentoe/sys/kern/kern_priv.c#3 integrate
.. //depot/projects/opentoe/sys/kern/subr_smp.c#3 integrate
.. //depot/projects/opentoe/sys/kern/sysv_sem.c#3 integrate
.. //depot/projects/opentoe/sys/kern/tty.c#3 integrate
.. //depot/projects/opentoe/sys/kern/tty_pts.c#2 integrate
.. //depot/projects/opentoe/sys/kern/tty_pty.c#2 integrate
.. //depot/projects/opentoe/sys/kern/tty_tty.c#2 integrate
.. //depot/projects/opentoe/sys/kern/uipc_syscalls.c#7 integrate
.. //depot/projects/opentoe/sys/modules/Makefile#6 integrate
.. //depot/projects/opentoe/sys/modules/ath_rate_amrr/Makefile#2 integrate
.. //depot/projects/opentoe/sys/modules/ath_rate_onoe/Makefile#2 integrate
.. //depot/projects/opentoe/sys/modules/ipfw/Makefile#2 integrate
.. //depot/projects/opentoe/sys/modules/nxge/Makefile#1 branch
.. //depot/projects/opentoe/sys/modules/pf/Makefile#2 integrate
.. //depot/projects/opentoe/sys/modules/tmpfs/Makefile#2 integrate
.. //depot/projects/opentoe/sys/net/if_ethersubr.c#7 integrate
.. //depot/projects/opentoe/sys/net/if_ppp.c#2 integrate
.. //depot/projects/opentoe/sys/net/pfkeyv2.h#3 integrate
.. //depot/projects/opentoe/sys/net80211/_ieee80211.h#3 integrate
.. //depot/projects/opentoe/sys/net80211/ieee80211_input.c#3 integrate
.. //depot/projects/opentoe/sys/net80211/ieee80211_radiotap.h#3 integrate
.. //depot/projects/opentoe/sys/net80211/ieee80211_scan.c#2 integrate
.. //depot/projects/opentoe/sys/net80211/ieee80211_scan.h#2 integrate
.. //depot/projects/opentoe/sys/net80211/ieee80211_scan_sta.c#2 integrate
.. //depot/projects/opentoe/sys/netatalk/aarp.h#2 integrate
.. //depot/projects/opentoe/sys/netatalk/ddp.h#2 integrate
.. //depot/projects/opentoe/sys/netinet/in_pcb.c#5 integrate
.. //depot/projects/opentoe/sys/netinet/in_pcb.h#5 integrate
.. //depot/projects/opentoe/sys/netinet/in_proto.c#3 integrate
.. //depot/projects/opentoe/sys/netinet/ip_fw2.c#6 integrate
.. //depot/projects/opentoe/sys/netinet/ip_icmp.c#3 integrate
.. //depot/projects/opentoe/sys/netinet/ip_input.c#6 integrate
.. //depot/projects/opentoe/sys/netinet/ip_ipsec.c#3 integrate
.. //depot/projects/opentoe/sys/netinet/ip_output.c#5 integrate
.. //depot/projects/opentoe/sys/netinet/raw_ip.c#5 integrate
.. //depot/projects/opentoe/sys/netinet/sctp_indata.c#13 integrate
.. //depot/projects/opentoe/sys/netinet/sctp_input.c#13 integrate
.. //depot/projects/opentoe/sys/netinet/sctp_input.h#4 integrate
.. //depot/projects/opentoe/sys/netinet/sctp_os_bsd.h#9 integrate
.. //depot/projects/opentoe/sys/netinet/sctp_output.c#12 integrate
.. //depot/projects/opentoe/sys/netinet/sctp_pcb.c#12 integrate
.. //depot/projects/opentoe/sys/netinet/sctp_usrreq.c#12 integrate
.. //depot/projects/opentoe/sys/netinet/sctp_var.h#6 integrate
.. //depot/projects/opentoe/sys/netinet/sctputil.c#14 integrate
.. //depot/projects/opentoe/sys/netinet/tcp_input.c#10 integrate
.. //depot/projects/opentoe/sys/netinet/tcp_output.c#8 integrate
.. //depot/projects/opentoe/sys/netinet/tcp_subr.c#8 integrate
.. //depot/projects/opentoe/sys/netinet/tcp_syncache.c#7 integrate
.. //depot/projects/opentoe/sys/netinet/udp_usrreq.c#4 integrate
.. //depot/projects/opentoe/sys/netinet6/ah.h#2 delete
.. //depot/projects/opentoe/sys/netinet6/ah6.h#2 delete
.. //depot/projects/opentoe/sys/netinet6/ah_aesxcbcmac.c#2 delete
.. //depot/projects/opentoe/sys/netinet6/ah_aesxcbcmac.h#2 delete
.. //depot/projects/opentoe/sys/netinet6/ah_core.c#2 delete
.. //depot/projects/opentoe/sys/netinet6/ah_input.c#2 delete
.. //depot/projects/opentoe/sys/netinet6/ah_output.c#3 delete
.. //depot/projects/opentoe/sys/netinet6/esp.h#2 delete
.. //depot/projects/opentoe/sys/netinet6/esp6.h#2 delete
.. //depot/projects/opentoe/sys/netinet6/esp_aesctr.c#2 delete
.. //depot/projects/opentoe/sys/netinet6/esp_aesctr.h#2 delete
.. //depot/projects/opentoe/sys/netinet6/esp_camellia.c#2 delete
.. //depot/projects/opentoe/sys/netinet6/esp_camellia.h#2 delete
.. //depot/projects/opentoe/sys/netinet6/esp_core.c#3 delete
.. //depot/projects/opentoe/sys/netinet6/esp_input.c#2 delete
.. //depot/projects/opentoe/sys/netinet6/esp_output.c#2 delete
.. //depot/projects/opentoe/sys/netinet6/esp_rijndael.c#2 delete
.. //depot/projects/opentoe/sys/netinet6/esp_rijndael.h#2 delete
.. //depot/projects/opentoe/sys/netinet6/icmp6.c#3 integrate
.. //depot/projects/opentoe/sys/netinet6/in6.h#3 integrate
.. //depot/projects/opentoe/sys/netinet6/in6_pcb.c#5 integrate
.. //depot/projects/opentoe/sys/netinet6/in6_proto.c#3 integrate
.. //depot/projects/opentoe/sys/netinet6/ip6_forward.c#2 integrate
.. //depot/projects/opentoe/sys/netinet6/ip6_input.c#3 integrate
.. //depot/projects/opentoe/sys/netinet6/ip6_ipsec.c#1 branch
.. //depot/projects/opentoe/sys/netinet6/ip6_ipsec.h#1 branch
.. //depot/projects/opentoe/sys/netinet6/ip6_output.c#3 integrate
.. //depot/projects/opentoe/sys/netinet6/ipcomp.h#2 delete
.. //depot/projects/opentoe/sys/netinet6/ipcomp6.h#2 delete
.. //depot/projects/opentoe/sys/netinet6/ipcomp_core.c#2 delete
.. //depot/projects/opentoe/sys/netinet6/ipcomp_input.c#2 delete
.. //depot/projects/opentoe/sys/netinet6/ipcomp_output.c#2 delete
.. //depot/projects/opentoe/sys/netinet6/ipsec.c#3 delete
.. //depot/projects/opentoe/sys/netinet6/ipsec.h#2 delete
.. //depot/projects/opentoe/sys/netinet6/ipsec6.h#2 delete
.. //depot/projects/opentoe/sys/netinet6/nd6.c#3 integrate
.. //depot/projects/opentoe/sys/netinet6/nd6_nbr.c#3 integrate
.. //depot/projects/opentoe/sys/netinet6/raw_ip6.c#4 integrate
.. //depot/projects/opentoe/sys/netinet6/sctp6_usrreq.c#10 integrate
.. //depot/projects/opentoe/sys/netinet6/udp6_output.c#3 integrate
.. //depot/projects/opentoe/sys/netinet6/udp6_usrreq.c#3 integrate
.. //depot/projects/opentoe/sys/netipsec/ipsec.c#4 integrate
.. //depot/projects/opentoe/sys/netipsec/ipsec.h#2 integrate
.. //depot/projects/opentoe/sys/netipsec/ipsec6.h#2 integrate
.. //depot/projects/opentoe/sys/netipsec/ipsec_mbuf.c#2 integrate
.. //depot/projects/opentoe/sys/netipsec/ipsec_output.c#3 integrate
.. //depot/projects/opentoe/sys/netipsec/key.c#4 integrate
.. //depot/projects/opentoe/sys/netipsec/key_debug.c#2 integrate
.. //depot/projects/opentoe/sys/netipsec/keysock.c#2 integrate
.. //depot/projects/opentoe/sys/netipsec/xform_ah.c#2 integrate
.. //depot/projects/opentoe/sys/netipsec/xform_ipip.c#2 integrate
.. //depot/projects/opentoe/sys/netkey/key.c#2 delete
.. //depot/projects/opentoe/sys/netkey/key.h#2 delete
.. //depot/projects/opentoe/sys/netkey/key_debug.c#2 delete
.. //depot/projects/opentoe/sys/netkey/key_debug.h#2 delete
.. //depot/projects/opentoe/sys/netkey/key_var.h#2 delete
.. //depot/projects/opentoe/sys/netkey/keydb.c#2 delete
.. //depot/projects/opentoe/sys/netkey/keydb.h#2 delete
.. //depot/projects/opentoe/sys/netkey/keysock.c#2 delete
.. //depot/projects/opentoe/sys/netkey/keysock.h#2 delete
.. //depot/projects/opentoe/sys/nfsclient/nfs_bio.c#6 integrate
.. //depot/projects/opentoe/sys/nfsclient/nfs_subs.c#2 integrate
.. //depot/projects/opentoe/sys/pc98/conf/NOTES#2 integrate
.. //depot/projects/opentoe/sys/security/audit/audit.c#6 integrate
.. //depot/projects/opentoe/sys/security/audit/audit_bsm.c#6 integrate
.. //depot/projects/opentoe/sys/sys/conf.h#3 integrate
.. //depot/projects/opentoe/sys/sys/mbuf.h#9 integrate
.. //depot/projects/opentoe/sys/sys/param.h#7 integrate
.. //depot/projects/opentoe/sys/sys/systm.h#7 integrate
.. //depot/projects/opentoe/sys/ufs/ufs/dir.h#2 integrate
.. //depot/projects/opentoe/sys/vm/vm_pageout.c#6 integrate
.. //depot/projects/opentoe/tools/regression/environ/Makefile#1 branch
.. //depot/projects/opentoe/tools/regression/environ/Makefile.envctl#1 branch
.. //depot/projects/opentoe/tools/regression/environ/Makefile.retention#1 branch
.. //depot/projects/opentoe/tools/regression/environ/Makefile.timings#1 branch
.. //depot/projects/opentoe/tools/regression/environ/envctl.c#1 branch
.. //depot/projects/opentoe/tools/regression/environ/envtest.t#1 branch
.. //depot/projects/opentoe/tools/regression/environ/retention.c#1 branch
.. //depot/projects/opentoe/tools/regression/environ/timings.c#1 branch
.. //depot/projects/opentoe/tools/tools/README#2 integrate
.. //depot/projects/opentoe/tools/tools/nxge/Makefile#1 branch
.. //depot/projects/opentoe/tools/tools/nxge/xge_cmn.h#1 branch
.. //depot/projects/opentoe/tools/tools/nxge/xge_info.c#1 branch
.. //depot/projects/opentoe/tools/tools/nxge/xge_info.h#1 branch
.. //depot/projects/opentoe/tools/tools/nxge/xge_log.c#1 branch
.. //depot/projects/opentoe/tools/tools/nxge/xge_log.h#1 branch
.. //depot/projects/opentoe/tools/tools/tinybsd/conf/bridge/tinybsd.basefiles#3 integrate
.. //depot/projects/opentoe/tools/tools/tinybsd/conf/default/tinybsd.basefiles#3 integrate
.. //depot/projects/opentoe/tools/tools/tinybsd/conf/wireless/tinybsd.basefiles#3 integrate
.. //depot/projects/opentoe/tools/tools/tinybsd/conf/wrap/tinybsd.basefiles#3 integrate
.. //depot/projects/opentoe/usr.bin/du/du.c#3 integrate
.. //depot/projects/opentoe/usr.bin/env/env.c#3 integrate
.. //depot/projects/opentoe/usr.bin/limits/limits.c#3 integrate
.. //depot/projects/opentoe/usr.bin/login/login.c#3 integrate
.. //depot/projects/opentoe/usr.bin/netstat/Makefile#3 integrate
.. //depot/projects/opentoe/usr.bin/netstat/ipsec.c#2 integrate
.. //depot/projects/opentoe/usr.bin/netstat/main.c#3 integrate
.. //depot/projects/opentoe/usr.bin/netstat/netstat.h#3 integrate
.. //depot/projects/opentoe/usr.bin/netstat/pfkey.c#2 integrate
.. //depot/projects/opentoe/usr.bin/su/su.c#3 integrate
.. //depot/projects/opentoe/usr.bin/telnet/Makefile#2 integrate
.. //depot/projects/opentoe/usr.bin/usbhidaction/usbhidaction.1#2 integrate
.. //depot/projects/opentoe/usr.bin/usbhidaction/usbhidaction.c#2 integrate
.. //depot/projects/opentoe/usr.sbin/Makefile#2 integrate
.. //depot/projects/opentoe/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c#2 integrate
.. //depot/projects/opentoe/usr.sbin/ftp-proxy/Makefile#1 branch
.. //depot/projects/opentoe/usr.sbin/ftp-proxy/Makefile.inc#1 branch
.. //depot/projects/opentoe/usr.sbin/ftp-proxy/ftp-proxy/Makefile#1 branch
.. //depot/projects/opentoe/usr.sbin/ftp-proxy/libevent/Makefile#1 branch
.. //depot/projects/opentoe/usr.sbin/inetd/Makefile#2 integrate
.. //depot/projects/opentoe/usr.sbin/inetd/inetd.c#2 integrate
.. //depot/projects/opentoe/usr.sbin/portsnap/phttpget/phttpget.c#2 integrate
.. //depot/projects/opentoe/usr.sbin/pstat/pstat.c#4 integrate
.. //depot/projects/opentoe/usr.sbin/rrenumd/Makefile#2 integrate
.. //depot/projects/opentoe/usr.sbin/rrenumd/rrenumd.c#2 integrate
.. //depot/projects/opentoe/usr.sbin/sade/main.c#3 integrate
.. //depot/projects/opentoe/usr.sbin/sade/variable.c#3 integrate
.. //depot/projects/opentoe/usr.sbin/sysinstall/dist.c#4 integrate
.. //depot/projects/opentoe/usr.sbin/sysinstall/dist.h#2 integrate
.. //depot/projects/opentoe/usr.sbin/sysinstall/index.c#4 integrate
.. //depot/projects/opentoe/usr.sbin/sysinstall/main.c#3 integrate
.. //depot/projects/opentoe/usr.sbin/sysinstall/menus.c#3 integrate
.. //depot/projects/opentoe/usr.sbin/sysinstall/variable.c#3 integrate
.. //depot/projects/opentoe/usr.sbin/traceroute6/Makefile#2 integrate
.. //depot/projects/opentoe/usr.sbin/traceroute6/traceroute6.c#3 integrate
.. //depot/projects/opentoe/usr.sbin/wicontrol/Makefile#2 delete
.. //depot/projects/opentoe/usr.sbin/wicontrol/wicontrol.8#2 delete
.. //depot/projects/opentoe/usr.sbin/wicontrol/wicontrol.c#2 delete
Differences ...
==== //depot/projects/opentoe/ObsoleteFiles.inc#10 (text+ko) ====
@@ -1,5 +1,5 @@
 #
-# $FreeBSD: src/ObsoleteFiles.inc,v 1.97 2007/06/25 05:06:52 rafan Exp $
+# $FreeBSD: src/ObsoleteFiles.inc,v 1.102 2007/07/03 13:06:45 mlaier Exp $
 #
 # This file lists old files (OLD_FILES), libraries (OLD_LIBS) and
 # directories (OLD_DIRS) which should get removed at an update. Recently
@@ -14,6 +14,30 @@
 # The file is partitioned: OLD_FILES first, then OLD_LIBS and OLD_DIRS last.
 #
 
+# 20070703: pf 4.1 import
+OLD_FILES+=usr/libexec/ftp-proxy
+# 20070701: KAME IPSec removal
+OLD_FILES+=usr/include/netinet6/ah.h
+OLD_FILES+=usr/include/netinet6/ah6.h
+OLD_FILES+=usr/include/netinet6/ah_aesxcbcmac.h
+OLD_FILES+=usr/include/netinet6/esp.h
+OLD_FILES+=usr/include/netinet6/esp6.h
+OLD_FILES+=usr/include/netinet6/esp_aesctr.h
+OLD_FILES+=usr/include/netinet6/esp_camellia.h
+OLD_FILES+=usr/include/netinet6/esp_rijndael.h
+OLD_FILES+=usr/include/netinet6/ipsec.h
+OLD_FILES+=usr/include/netinet6/ipsec6.h
+OLD_FILES+=usr/include/netinet6/ipcomp.h
+OLD_FILES+=usr/include/netinet6/ipcomp6.h
+OLD_FILES+=usr/include/netkey/key.h
+OLD_FILES+=usr/include/netkey/key_debug.h
+OLD_FILES+=usr/include/netkey/key_var.h
+OLD_FILES+=usr/include/netkey/keydb.h
+OLD_FILES+=usr/include/netkey/keysock.h
+OLD_DIRS+=usr/include/netkey
+# 20070701: remove wicontrol
+OLD_FILES+=usr/sbin/wicontrol
+OLD_FILES+=usr/share/man/man8/wicontrol.8.gz
 # 20070625: umapfs removal
 OLD_FILES+=rescue/mount_umapfs
 OLD_FILES+=sbin/mount_umapfs
@@ -3589,7 +3613,6 @@
 #  - usr/share/tmac/mm/locale
 #  - usr/share/tmac/mm/se_locale
 #  - var/yp/Makefile
-
 # 20070519: GCC 4.2
 OLD_LIBS+=usr/lib/libg2c.a
 OLD_LIBS+=usr/lib/libg2c.so
==== //depot/projects/opentoe/UPDATING#10 (text+ko) ====
@@ -21,6 +21,26 @@
 	developers choose to disable these features on build machines
 	to maximize performance.
 
+20070702:
+	The packet filter (pf) code has been updated to OpenBSD 4.1 Please
+	note the changed syntax - keep state is now on by default.  Also
+	note the fact that ftp-proxy(8) has been changed from bottom up and
+	has been moved from libexec to usr/sbin.  Changes in the ALTQ
+	handling also affect users of IPFW's ALTQ capabilities.
+
+20070701:
+	Remove KAME IPsec in favor of FAST_IPSEC, which is now the
+	only IPsec supported by FreeBSD.  The new IPsec stack
+	supports both IPv4 and IPv6. The kernel option will change
+	after the code changes have settled in.  For now the kernel
+	option IPSEC is deprecated and FAST_IPSEC is the only option, that
+	will change after some settling time.
+
+20070701:
+	The wicontrol(8) utility has been removed from the base system. wi(4)
+	cards should be configured using ifconfig(8), see the man page for more
+	information.
+
 20070612:
 	By default, /etc/rc.d/sendmail no longer rebuilds the aliases
 	database if it is missing or older than the aliases file.  If
@@ -857,4 +877,4 @@
 Contact Warner Losh if you have any questions about your use of
 this document.
 
-$FreeBSD: src/UPDATING,v 1.497 2007/06/12 17:33:56 gshapiro Exp $
+$FreeBSD: src/UPDATING,v 1.500 2007/07/03 13:06:44 mlaier Exp $
==== //depot/projects/opentoe/bin/df/df.c#4 (text+ko) ====
@@ -44,7 +44,7 @@
 #endif /* not lint */
 #endif
 #include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/bin/df/df.c,v 1.70 2007/05/01 16:02:44 ache Exp $");
+__FBSDID("$FreeBSD: src/bin/df/df.c,v 1.71 2007/07/04 00:00:37 scf Exp $");
 
 #include <sys/param.h>
 #include <sys/stat.h>
@@ -131,14 +131,14 @@
 			 */
 			if (kflag)
 				break;
-			putenv("BLOCKSIZE=512");
+			setenv("BLOCKSIZE", "512", 1);
 			hflag = 0;
 			break;
 		case 'c':
 			cflag = 1;
 			break;
 		case 'g':
-			putenv("BLOCKSIZE=1g");
+			setenv("BLOCKSIZE", "1g", 1);
 			hflag = 0;
 			break;
 		case 'H':
@@ -152,7 +152,7 @@
 			break;
 		case 'k':
 			kflag++;
-			putenv("BLOCKSIZE=1024");
+			setenv("BLOCKSIZE", "1024", 1);
 			hflag = 0;
 			break;
 		case 'l':
@@ -162,7 +162,7 @@
 			lflag = 1;
 			break;
 		case 'm':
-			putenv("BLOCKSIZE=1m");
+			setenv("BLOCKSIZE", "1m", 1);
 			hflag = 0;
 			break;
 		case 'n':
==== //depot/projects/opentoe/bin/ed/Makefile#2 (text+ko) ====
@@ -1,4 +1,4 @@
-# $FreeBSD: src/bin/ed/Makefile,v 1.32 2006/03/17 18:54:20 ru Exp $
+# $FreeBSD: src/bin/ed/Makefile,v 1.33 2007/07/02 14:00:25 kensmith Exp $
 
 .include <bsd.own.mk>
 
@@ -7,11 +7,13 @@
 LINKS=	${BINDIR}/ed ${BINDIR}/red
 MLINKS=	ed.1 red.1
 
+.if !defined(RELEASE_CRUNCH)
 .if ${MK_OPENSSL} != "no"
 CFLAGS+=-DDES
 WARNS?=	2
 DPADD=	${LIBCRYPTO}
 LDADD=	-lcrypto
 .endif
+.endif
 
 .include <bsd.prog.mk>
==== //depot/projects/opentoe/bin/sh/var.c#3 (text+ko) ====
@@ -36,7 +36,7 @@
 #endif
 #endif /* not lint */
 #include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/bin/sh/var.c,v 1.35 2007/05/01 16:02:43 ache Exp $");
+__FBSDID("$FreeBSD: src/bin/sh/var.c,v 1.36 2007/07/04 00:00:38 scf Exp $");
 
 #include <unistd.h>
 #include <stdlib.h>
@@ -289,6 +289,7 @@
 setvareq(char *s, int flags)
 {
 	struct var *vp, **vpp;
+	char *p;
 	int len;
 
 	if (aflag)
@@ -319,7 +320,10 @@
 			if (vp == &vmpath || (vp == &vmail && ! mpathset()))
 				chkmail(1);
 			if ((vp->flags & VEXPORT) && localevar(s)) {
-				putenv(s);
+				p = strchr(s, '=');
+				*p = '\0';
+				(void) setenv(s, p + 1, 1);
+				*p = '=';
 				(void) setlocale(LC_ALL, "");
 			}
 			INTON;
@@ -335,7 +339,10 @@
 	INTOFF;
 	*vpp = vp;
 	if ((vp->flags & VEXPORT) && localevar(s)) {
-		putenv(s);
+		p = strchr(s, '=');
+		*p = '\0';
+		(void) setenv(s, p + 1, 1);
+		*p = '=';
 		(void) setlocale(LC_ALL, "");
 	}
 	INTON;
@@ -596,7 +603,10 @@
 
 						vp->flags |= flag;
 						if ((vp->flags & VEXPORT) && localevar(vp->text)) {
-							putenv(vp->text);
+							p = strchr(vp->text, '=');
+							*p = '\0';
+							(void) setenv(vp->text, p + 1, 1);
+							*p = '=';
 							(void) setlocale(LC_ALL, "");
 						}
 						goto found;
==== //depot/projects/opentoe/contrib/netcat/netcat.c#3 (text+ko) ====
@@ -25,7 +25,7 @@
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  *
- * $FreeBSD: src/contrib/netcat/netcat.c,v 1.5 2007/03/28 01:57:03 delphij Exp $
+ * $FreeBSD: src/contrib/netcat/netcat.c,v 1.6 2007/07/01 12:08:04 gnn Exp $
  */
 
 /*
@@ -42,7 +42,7 @@
 #include <netinet/in.h>
 #include <netinet/in_systm.h>
 #ifdef IPSEC
-#include <netinet6/ipsec.h>
+#include <netipsec/ipsec.h>
 #endif
 #include <netinet/tcp.h>
 #include <netinet/ip.h>
==== //depot/projects/opentoe/contrib/pf/authpf/authpf.8#2 (text+ko) ====
@@ -1,29 +1,19 @@
-.\" $FreeBSD: src/contrib/pf/authpf/authpf.8,v 1.2 2006/03/28 15:26:16 mlaier Exp $
-.\" $OpenBSD: authpf.8,v 1.38 2005/01/04 09:57:04 jmc Exp $
+.\" $FreeBSD: src/contrib/pf/authpf/authpf.8,v 1.3 2007/07/03 12:30:00 mlaier Exp $
+.\" $OpenBSD: authpf.8,v 1.43 2007/02/24 17:21:04 beck Exp $
 .\"
-.\" Copyright (c) 2002 Bob Beck (beck at openbsd.org>.  All rights reserved.
+.\" Copyright (c) 1998-2007 Bob Beck (beck at openbsd.org>.  All rights reserved.
 .\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\" 1. Redistributions of source code must retain the above copyright
-.\"    notice, this list of conditions and the following disclaimer.
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\"    notice, this list of conditions and the following disclaimer in the
-.\"    documentation and/or other materials provided with the distribution.
-.\" 3. The name of the author may not be used to endorse or promote products
-.\"    derived from this software without specific prior written permission.
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
 .\"
-.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
-.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
-.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
-.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
-.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
 .Dd March 28, 2006
 .Dt AUTHPF 8
@@ -230,8 +220,11 @@
 hijack the session.
 Note that TCP keepalives are not sufficient for
 this, since they are not secure.
-Also note that
+Also note that the various SSH tunnelling mechanisms,
+such as
 .Ar AllowTcpForwarding
+and
+.Ar PermitTunnel ,
 should be disabled for
 .Nm
 users to prevent them from circumventing restrictions imposed by the
@@ -429,8 +422,7 @@
 external_if = "xl0"
 internal_if = "fxp0"
 
-pass in log quick on $internal_if proto tcp from $user_ip to any \e
-      keep state
+pass in log quick on $internal_if proto tcp from $user_ip to any
 pass in quick on $internal_if from $user_ip to any
 .Ed
 .Pp
@@ -445,16 +437,15 @@
 
 # rdr ftp for proxying by ftp-proxy(8)
 rdr on $internal_if proto tcp from $user_ip to any port 21 \e
-      -> 127.0.0.1 port 8081
+      -> 127.0.0.1 port 8021
 
 # allow out ftp, ssh, www and https only, and allow user to negotiate
 # ipsec with the ipsec server.
 pass in log quick on $internal_if proto tcp from $user_ip to any \e
-      port { 21, 22, 80, 443 } flags S/SA
+      port { 21, 22, 80, 443 }
 pass in quick on $internal_if proto tcp from $user_ip to any \e
       port { 21, 22, 80, 443 }
-pass in quick proto udp from $user_ip to $ipsec_gw port = isakmp \e
-      keep state
+pass in quick proto udp from $user_ip to $ipsec_gw port = isakmp
 pass in quick proto esp from $user_ip to $ipsec_gw
 .Ed
 .Pp
@@ -469,7 +460,7 @@
 # nat and tag connections...
 nat on $ext_if from $user_ip to any tag $user_ip -> $ext_addr
 pass in quick on $int_if from $user_ip to any
-pass out log quick on $ext_if tagged $user_ip keep state
+pass out log quick on $ext_if tagged $user_ip
 .Ed
 .Pp
 With the above rules added by
@@ -495,7 +486,7 @@
 .Bd -literal
 table <authpf_users> persist
 pass in on $ext_if proto tcp from <authpf_users> \e
-        to port { smtp imap } keep state
+        to port { smtp imap }
 .Ed
 .Pp
 It is also possible to use the "authpf_users"
@@ -522,6 +513,7 @@
 .Xr pf 4 ,
 .Xr pf.conf 5 ,
 .Xr fdescfs 5 ,
+.Xr securelevel 7 ,
 .Xr ftp-proxy 8
 .Sh HISTORY
 The
==== //depot/projects/opentoe/contrib/pf/authpf/authpf.c#2 (text+ko) ====
@@ -1,32 +1,23 @@
-/*	$OpenBSD: authpf.c,v 1.89 2005/02/10 04:24:15 joel Exp $	*/
+/*	$OpenBSD: authpf.c,v 1.104 2007/02/24 17:35:08 beck Exp $	*/
 
 /*
- * Copyright (C) 1998 - 2002 Bob Beck (beck at openbsd.org).
+ * Copyright (C) 1998 - 2007 Bob Beck (beck at openbsd.org).
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
  *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
 #include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/contrib/pf/authpf/authpf.c,v 1.7 2005/12/25 22:57:08 mlaier Exp $");
+__FBSDID("$FreeBSD: src/contrib/pf/authpf/authpf.c,v 1.8 2007/07/03 12:30:01 mlaier Exp $");
 
 #include <sys/param.h>
 #include <sys/file.h>
@@ -56,15 +47,13 @@
 
 #include "pathnames.h"
 
-extern int	symset(const char *, const char *, int);
-
 static int	read_config(FILE *);
 static void	print_message(char *);
 static int	allowed_luser(char *);
 static int	check_luser(char *, char *);
 static int	remove_stale_rulesets(void);
 static int	change_filter(int, const char *, const char *);
-static int	change_table(int, const char *, const char *);
+static int	change_table(int, const char *);
 static void	authpf_kill_states(void);
 
 int	dev;			/* pf device */
@@ -73,7 +62,6 @@
 char	tablename[PF_TABLE_NAME_SIZE] = "authpf_users";
 
 FILE	*pidfp;
-char	*infile;		/* file name printed by yyerror() in parse.y */
 char	 luser[MAXLOGNAME];	/* username */
 char	 ipsrc[256];		/* ip as a string */
 char	 pidfile[MAXPATHLEN];	/* we save pid in this file. */
@@ -102,11 +90,16 @@
 	struct in6_addr	 ina;
 	struct passwd	*pw;
 	char		*cp;
+	gid_t		 gid;
 	uid_t		 uid;
 	char		*shell;
 	login_cap_t	*lc;
 
 	config = fopen(PATH_CONFFILE, "r");
+	if (config == NULL) {
+		syslog(LOG_ERR, "can not open %s (%m)", PATH_CONFFILE);
+		exit(1);
+	}
 
 	if ((cp = getenv("SSH_TTY")) == NULL) {
 		syslog(LOG_ERR, "non-interactive session connection for authpf");
@@ -143,7 +136,6 @@
 
 	uid = getuid();
 	pw = getpwuid(uid);
-	endpwent();
 	if (pw == NULL) {
 		syslog(LOG_ERR, "cannot find user for uid %u", uid);
 		goto die;
@@ -256,6 +248,8 @@
 		if (++lockcnt > 10) {
 			syslog(LOG_ERR, "cannot kill previous authpf (pid %d)",
 			    otherpid);
+			fclose(pidfp);
+			pidfp = NULL;
 			goto dogdeath;
 		}
 		sleep(1);
@@ -265,12 +259,22 @@
 		 * it's lock, giving us a chance to get it now
 		 */
 		fclose(pidfp);
+		pidfp = NULL;
 	} while (1);
+	
+	/* whack the group list */
+	gid = getegid();
+	if (setgroups(1, &gid) == -1) {
+		syslog(LOG_INFO, "setgroups: %s", strerror(errno));
+		do_death(0);
+	}
 
 	/* revoke privs */
-	seteuid(getuid());
-	setuid(getuid());
-
+	uid = getuid();
+	if (setresuid(uid, uid, uid) == -1) {
+		syslog(LOG_INFO, "setresuid: %s", strerror(errno));
+		do_death(0);
+	}
 	openlog("authpf", LOG_PID | LOG_NDELAY, LOG_DAEMON);
 
 	if (!check_luser(PATH_BAN_DIR, luser) || !allowed_luser(luser)) {
@@ -278,8 +282,8 @@
 		do_death(0);
 	}
 
-	if (config == NULL || read_config(config)) {
-		syslog(LOG_INFO, "bad or nonexistent %s", PATH_CONFFILE);
+	if (read_config(config)) {
+		syslog(LOG_ERR, "invalid config file %s", PATH_CONFFILE);
 		do_death(0);
 	}
 
@@ -298,7 +302,7 @@
 		printf("Unable to modify filters\r\n");
 		do_death(0);
 	}
-	if (change_table(1, luser, ipsrc) == -1) {
+	if (change_table(1, ipsrc) == -1) {
 		printf("Unable to modify table\r\n");
 		change_filter(0, luser, ipsrc);
 		do_death(0);
@@ -309,7 +313,7 @@
 	signal(SIGALRM, need_death);
 	signal(SIGPIPE, need_death);
 	signal(SIGHUP, need_death);
-	signal(SIGSTOP, need_death);
+	signal(SIGQUIT, need_death);
 	signal(SIGTSTP, need_death);
 	while (1) {
 		printf("\r\nHello %s. ", luser);
@@ -559,9 +563,11 @@
 		while (fputs(tmp, stdout) != EOF && !feof(f)) {
 			if (fgets(tmp, sizeof(tmp), f) == NULL) {
 				fflush(stdout);
+				fclose(f);
 				return (0);
 			}
 		}
+		fclose(f);
 	}
 	fflush(stdout);
 	return (0);
@@ -645,6 +651,7 @@
 	char	*fdpath = NULL, *userstr = NULL, *ipstr = NULL;
 	char	*rsn = NULL, *fn = NULL;
 	pid_t	pid;
+	gid_t   gid;
 	int	s;
 
 	if (luser == NULL || !luser[0] || ipsrc == NULL || !ipsrc[0]) {
@@ -684,8 +691,14 @@
 
 	switch (pid = fork()) {
 	case -1:
-		err(1, "fork failed");
+		syslog(LOG_ERR, "fork failed");
+		goto error;
 	case 0:
+		/* revoke group privs before exec */
+		gid = getgid();
+		if (setregid(gid, gid) == -1) {
+			err(1, "setregid");
+		}
 		execvp(PATH_PFCTL, pargv);
 		warn("exec of %s failed", PATH_PFCTL);
 		_exit(1);
@@ -694,10 +707,8 @@
 	/* parent */
 	waitpid(pid, &s, 0);
 	if (s != 0) {
-		if (WIFEXITED(s)) {
-			syslog(LOG_ERR, "pfctl exited abnormally");
-			goto error;
-		}
+		syslog(LOG_ERR, "pfctl exited abnormally");
+		goto error;
 	}
 
 	if (add) {
@@ -718,16 +729,10 @@
 	syslog(LOG_ERR, "malloc failed");
 error:
 	free(fdpath);
-	fdpath = NULL;
 	free(rsn);
-	rsn = NULL;
 	free(userstr);
-	userstr = NULL;
 	free(ipstr);
-	ipstr = NULL;
 	free(fn);
-	fn = NULL;
>>> TRUNCATED FOR MAIL (1000 lines) <<<
    
    
More information about the p4-projects
mailing list