svn commit: r206519 - in user/imp/tbemd: sbin/geom/class
sbin/geom/class/cache sbin/geom/class/mountver
sbin/geom/class/multipath sbin/geom/class/sched sbin/hastd
sbin/ifconfig sbin/ipfw sbin/mount...
Warner Losh
imp at FreeBSD.org
Mon Apr 12 23:09:23 UTC 2010
Author: imp
Date: Mon Apr 12 23:09:22 2010
New Revision: 206519
URL: http://svn.freebsd.org/changeset/base/206519
Log:
Merge from head, part 5 of many.
Added:
user/imp/tbemd/sbin/geom/class/sched/
- copied from r206514, head/sbin/geom/class/sched/
user/imp/tbemd/secure/libexec/ssh-pkcs11-helper/
- copied from r206514, head/secure/libexec/ssh-pkcs11-helper/
Modified:
user/imp/tbemd/sbin/geom/class/Makefile
user/imp/tbemd/sbin/geom/class/cache/gcache.8
user/imp/tbemd/sbin/geom/class/mountver/gmountver.8
user/imp/tbemd/sbin/geom/class/multipath/geom_multipath.c
user/imp/tbemd/sbin/hastd/primary.c
user/imp/tbemd/sbin/ifconfig/ifconfig.c
user/imp/tbemd/sbin/ifconfig/ifieee80211.c
user/imp/tbemd/sbin/ipfw/Makefile
user/imp/tbemd/sbin/ipfw/dummynet.c
user/imp/tbemd/sbin/ipfw/ipfw.8
user/imp/tbemd/sbin/ipfw/ipfw2.c
user/imp/tbemd/sbin/ipfw/ipfw2.h
user/imp/tbemd/sbin/ipfw/main.c
user/imp/tbemd/sbin/mount/mount.c
user/imp/tbemd/sbin/newfs/mkfs.c
user/imp/tbemd/sbin/newfs/newfs.8
user/imp/tbemd/sbin/newfs/newfs.c
user/imp/tbemd/sbin/newfs/newfs.h
user/imp/tbemd/sbin/nos-tun/Makefile
user/imp/tbemd/sbin/nos-tun/nos-tun.c
user/imp/tbemd/sbin/quotacheck/quotacheck.8
user/imp/tbemd/sbin/setkey/setkey.8
user/imp/tbemd/sbin/sysctl/sysctl.c
user/imp/tbemd/secure/lib/libcrypto/Makefile.inc
user/imp/tbemd/secure/lib/libcrypto/Makefile.man
user/imp/tbemd/secure/lib/libcrypto/man/ASN1_OBJECT_new.3
user/imp/tbemd/secure/lib/libcrypto/man/ASN1_STRING_length.3
user/imp/tbemd/secure/lib/libcrypto/man/ASN1_STRING_new.3
user/imp/tbemd/secure/lib/libcrypto/man/ASN1_STRING_print_ex.3
user/imp/tbemd/secure/lib/libcrypto/man/ASN1_generate_nconf.3
user/imp/tbemd/secure/lib/libcrypto/man/BIO_ctrl.3
user/imp/tbemd/secure/lib/libcrypto/man/BIO_f_base64.3
user/imp/tbemd/secure/lib/libcrypto/man/BIO_f_buffer.3
user/imp/tbemd/secure/lib/libcrypto/man/BIO_f_cipher.3
user/imp/tbemd/secure/lib/libcrypto/man/BIO_f_md.3
user/imp/tbemd/secure/lib/libcrypto/man/BIO_f_null.3
user/imp/tbemd/secure/lib/libcrypto/man/BIO_f_ssl.3
user/imp/tbemd/secure/lib/libcrypto/man/BIO_find_type.3
user/imp/tbemd/secure/lib/libcrypto/man/BIO_new.3
user/imp/tbemd/secure/lib/libcrypto/man/BIO_push.3
user/imp/tbemd/secure/lib/libcrypto/man/BIO_read.3
user/imp/tbemd/secure/lib/libcrypto/man/BIO_s_accept.3
user/imp/tbemd/secure/lib/libcrypto/man/BIO_s_bio.3
user/imp/tbemd/secure/lib/libcrypto/man/BIO_s_connect.3
user/imp/tbemd/secure/lib/libcrypto/man/BIO_s_fd.3
user/imp/tbemd/secure/lib/libcrypto/man/BIO_s_file.3
user/imp/tbemd/secure/lib/libcrypto/man/BIO_s_mem.3
user/imp/tbemd/secure/lib/libcrypto/man/BIO_s_null.3
user/imp/tbemd/secure/lib/libcrypto/man/BIO_s_socket.3
user/imp/tbemd/secure/lib/libcrypto/man/BIO_set_callback.3
user/imp/tbemd/secure/lib/libcrypto/man/BIO_should_retry.3
user/imp/tbemd/secure/lib/libcrypto/man/BN_BLINDING_new.3
user/imp/tbemd/secure/lib/libcrypto/man/BN_CTX_new.3
user/imp/tbemd/secure/lib/libcrypto/man/BN_CTX_start.3
user/imp/tbemd/secure/lib/libcrypto/man/BN_add.3
user/imp/tbemd/secure/lib/libcrypto/man/BN_add_word.3
user/imp/tbemd/secure/lib/libcrypto/man/BN_bn2bin.3
user/imp/tbemd/secure/lib/libcrypto/man/BN_cmp.3
user/imp/tbemd/secure/lib/libcrypto/man/BN_copy.3
user/imp/tbemd/secure/lib/libcrypto/man/BN_generate_prime.3
user/imp/tbemd/secure/lib/libcrypto/man/BN_mod_inverse.3
user/imp/tbemd/secure/lib/libcrypto/man/BN_mod_mul_montgomery.3
user/imp/tbemd/secure/lib/libcrypto/man/BN_mod_mul_reciprocal.3
user/imp/tbemd/secure/lib/libcrypto/man/BN_new.3
user/imp/tbemd/secure/lib/libcrypto/man/BN_num_bytes.3
user/imp/tbemd/secure/lib/libcrypto/man/BN_rand.3
user/imp/tbemd/secure/lib/libcrypto/man/BN_set_bit.3
user/imp/tbemd/secure/lib/libcrypto/man/BN_swap.3
user/imp/tbemd/secure/lib/libcrypto/man/BN_zero.3
user/imp/tbemd/secure/lib/libcrypto/man/CONF_modules_free.3
user/imp/tbemd/secure/lib/libcrypto/man/CONF_modules_load_file.3
user/imp/tbemd/secure/lib/libcrypto/man/CRYPTO_set_ex_data.3
user/imp/tbemd/secure/lib/libcrypto/man/DH_generate_key.3
user/imp/tbemd/secure/lib/libcrypto/man/DH_generate_parameters.3
user/imp/tbemd/secure/lib/libcrypto/man/DH_get_ex_new_index.3
user/imp/tbemd/secure/lib/libcrypto/man/DH_new.3
user/imp/tbemd/secure/lib/libcrypto/man/DH_set_method.3
user/imp/tbemd/secure/lib/libcrypto/man/DH_size.3
user/imp/tbemd/secure/lib/libcrypto/man/DSA_SIG_new.3
user/imp/tbemd/secure/lib/libcrypto/man/DSA_do_sign.3
user/imp/tbemd/secure/lib/libcrypto/man/DSA_dup_DH.3
user/imp/tbemd/secure/lib/libcrypto/man/DSA_generate_key.3
user/imp/tbemd/secure/lib/libcrypto/man/DSA_generate_parameters.3
user/imp/tbemd/secure/lib/libcrypto/man/DSA_get_ex_new_index.3
user/imp/tbemd/secure/lib/libcrypto/man/DSA_new.3
user/imp/tbemd/secure/lib/libcrypto/man/DSA_set_method.3
user/imp/tbemd/secure/lib/libcrypto/man/DSA_sign.3
user/imp/tbemd/secure/lib/libcrypto/man/DSA_size.3
user/imp/tbemd/secure/lib/libcrypto/man/ERR_GET_LIB.3
user/imp/tbemd/secure/lib/libcrypto/man/ERR_clear_error.3
user/imp/tbemd/secure/lib/libcrypto/man/ERR_error_string.3
user/imp/tbemd/secure/lib/libcrypto/man/ERR_get_error.3
user/imp/tbemd/secure/lib/libcrypto/man/ERR_load_crypto_strings.3
user/imp/tbemd/secure/lib/libcrypto/man/ERR_load_strings.3
user/imp/tbemd/secure/lib/libcrypto/man/ERR_print_errors.3
user/imp/tbemd/secure/lib/libcrypto/man/ERR_put_error.3
user/imp/tbemd/secure/lib/libcrypto/man/ERR_remove_state.3
user/imp/tbemd/secure/lib/libcrypto/man/ERR_set_mark.3
user/imp/tbemd/secure/lib/libcrypto/man/EVP_BytesToKey.3
user/imp/tbemd/secure/lib/libcrypto/man/EVP_DigestInit.3
user/imp/tbemd/secure/lib/libcrypto/man/EVP_EncryptInit.3
user/imp/tbemd/secure/lib/libcrypto/man/EVP_OpenInit.3
user/imp/tbemd/secure/lib/libcrypto/man/EVP_PKEY_new.3
user/imp/tbemd/secure/lib/libcrypto/man/EVP_PKEY_set1_RSA.3
user/imp/tbemd/secure/lib/libcrypto/man/EVP_SealInit.3
user/imp/tbemd/secure/lib/libcrypto/man/EVP_SignInit.3
user/imp/tbemd/secure/lib/libcrypto/man/EVP_VerifyInit.3
user/imp/tbemd/secure/lib/libcrypto/man/OBJ_nid2obj.3
user/imp/tbemd/secure/lib/libcrypto/man/OPENSSL_Applink.3
user/imp/tbemd/secure/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3
user/imp/tbemd/secure/lib/libcrypto/man/OPENSSL_config.3
user/imp/tbemd/secure/lib/libcrypto/man/OPENSSL_ia32cap.3
user/imp/tbemd/secure/lib/libcrypto/man/OPENSSL_load_builtin_modules.3
user/imp/tbemd/secure/lib/libcrypto/man/OpenSSL_add_all_algorithms.3
user/imp/tbemd/secure/lib/libcrypto/man/PKCS12_create.3
user/imp/tbemd/secure/lib/libcrypto/man/PKCS12_parse.3
user/imp/tbemd/secure/lib/libcrypto/man/PKCS7_decrypt.3
user/imp/tbemd/secure/lib/libcrypto/man/PKCS7_encrypt.3
user/imp/tbemd/secure/lib/libcrypto/man/PKCS7_sign.3
user/imp/tbemd/secure/lib/libcrypto/man/PKCS7_verify.3
user/imp/tbemd/secure/lib/libcrypto/man/RAND_add.3
user/imp/tbemd/secure/lib/libcrypto/man/RAND_bytes.3
user/imp/tbemd/secure/lib/libcrypto/man/RAND_cleanup.3
user/imp/tbemd/secure/lib/libcrypto/man/RAND_egd.3
user/imp/tbemd/secure/lib/libcrypto/man/RAND_load_file.3
user/imp/tbemd/secure/lib/libcrypto/man/RAND_set_rand_method.3
user/imp/tbemd/secure/lib/libcrypto/man/RSA_blinding_on.3
user/imp/tbemd/secure/lib/libcrypto/man/RSA_check_key.3
user/imp/tbemd/secure/lib/libcrypto/man/RSA_generate_key.3
user/imp/tbemd/secure/lib/libcrypto/man/RSA_get_ex_new_index.3
user/imp/tbemd/secure/lib/libcrypto/man/RSA_new.3
user/imp/tbemd/secure/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3
user/imp/tbemd/secure/lib/libcrypto/man/RSA_print.3
user/imp/tbemd/secure/lib/libcrypto/man/RSA_private_encrypt.3
user/imp/tbemd/secure/lib/libcrypto/man/RSA_public_encrypt.3
user/imp/tbemd/secure/lib/libcrypto/man/RSA_set_method.3
user/imp/tbemd/secure/lib/libcrypto/man/RSA_sign.3
user/imp/tbemd/secure/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3
user/imp/tbemd/secure/lib/libcrypto/man/RSA_size.3
user/imp/tbemd/secure/lib/libcrypto/man/SMIME_read_PKCS7.3
user/imp/tbemd/secure/lib/libcrypto/man/SMIME_write_PKCS7.3
user/imp/tbemd/secure/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3
user/imp/tbemd/secure/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3
user/imp/tbemd/secure/lib/libcrypto/man/X509_NAME_get_index_by_NID.3
user/imp/tbemd/secure/lib/libcrypto/man/X509_NAME_print_ex.3
user/imp/tbemd/secure/lib/libcrypto/man/X509_new.3
user/imp/tbemd/secure/lib/libcrypto/man/bio.3
user/imp/tbemd/secure/lib/libcrypto/man/blowfish.3
user/imp/tbemd/secure/lib/libcrypto/man/bn.3
user/imp/tbemd/secure/lib/libcrypto/man/bn_internal.3
user/imp/tbemd/secure/lib/libcrypto/man/buffer.3
user/imp/tbemd/secure/lib/libcrypto/man/crypto.3
user/imp/tbemd/secure/lib/libcrypto/man/d2i_ASN1_OBJECT.3
user/imp/tbemd/secure/lib/libcrypto/man/d2i_DHparams.3
user/imp/tbemd/secure/lib/libcrypto/man/d2i_DSAPublicKey.3
user/imp/tbemd/secure/lib/libcrypto/man/d2i_PKCS8PrivateKey.3
user/imp/tbemd/secure/lib/libcrypto/man/d2i_RSAPublicKey.3
user/imp/tbemd/secure/lib/libcrypto/man/d2i_X509.3
user/imp/tbemd/secure/lib/libcrypto/man/d2i_X509_ALGOR.3
user/imp/tbemd/secure/lib/libcrypto/man/d2i_X509_CRL.3
user/imp/tbemd/secure/lib/libcrypto/man/d2i_X509_NAME.3
user/imp/tbemd/secure/lib/libcrypto/man/d2i_X509_REQ.3
user/imp/tbemd/secure/lib/libcrypto/man/d2i_X509_SIG.3
user/imp/tbemd/secure/lib/libcrypto/man/des.3
user/imp/tbemd/secure/lib/libcrypto/man/dh.3
user/imp/tbemd/secure/lib/libcrypto/man/dsa.3
user/imp/tbemd/secure/lib/libcrypto/man/ecdsa.3
user/imp/tbemd/secure/lib/libcrypto/man/engine.3
user/imp/tbemd/secure/lib/libcrypto/man/err.3
user/imp/tbemd/secure/lib/libcrypto/man/evp.3
user/imp/tbemd/secure/lib/libcrypto/man/hmac.3
user/imp/tbemd/secure/lib/libcrypto/man/lh_stats.3
user/imp/tbemd/secure/lib/libcrypto/man/lhash.3
user/imp/tbemd/secure/lib/libcrypto/man/md5.3
user/imp/tbemd/secure/lib/libcrypto/man/mdc2.3
user/imp/tbemd/secure/lib/libcrypto/man/pem.3
user/imp/tbemd/secure/lib/libcrypto/man/rand.3
user/imp/tbemd/secure/lib/libcrypto/man/rc4.3
user/imp/tbemd/secure/lib/libcrypto/man/ripemd.3
user/imp/tbemd/secure/lib/libcrypto/man/rsa.3
user/imp/tbemd/secure/lib/libcrypto/man/sha.3
user/imp/tbemd/secure/lib/libcrypto/man/threads.3
user/imp/tbemd/secure/lib/libcrypto/man/ui.3
user/imp/tbemd/secure/lib/libcrypto/man/ui_compat.3
user/imp/tbemd/secure/lib/libcrypto/man/x509.3
user/imp/tbemd/secure/lib/libssh/Makefile
user/imp/tbemd/secure/lib/libssl/Makefile
user/imp/tbemd/secure/lib/libssl/Makefile.man
user/imp/tbemd/secure/lib/libssl/man/SSL_CIPHER_get_name.3
user/imp/tbemd/secure/lib/libssl/man/SSL_COMP_add_compression_method.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_add_session.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_ctrl.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_flush_sessions.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_free.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_get_ex_new_index.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_get_verify_mode.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_new.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_sess_number.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_sess_set_cache_size.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_sess_set_get_cb.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_sessions.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_cert_store.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_cipher_list.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_client_CA_list.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_client_cert_cb.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_info_callback.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_max_cert_list.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_mode.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_msg_callback.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_options.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_session_id_context.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_ssl_version.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_timeout.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_verify.3
user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_use_certificate.3
user/imp/tbemd/secure/lib/libssl/man/SSL_SESSION_free.3
user/imp/tbemd/secure/lib/libssl/man/SSL_SESSION_get_ex_new_index.3
user/imp/tbemd/secure/lib/libssl/man/SSL_SESSION_get_time.3
user/imp/tbemd/secure/lib/libssl/man/SSL_accept.3
user/imp/tbemd/secure/lib/libssl/man/SSL_alert_type_string.3
user/imp/tbemd/secure/lib/libssl/man/SSL_clear.3
user/imp/tbemd/secure/lib/libssl/man/SSL_connect.3
user/imp/tbemd/secure/lib/libssl/man/SSL_do_handshake.3
user/imp/tbemd/secure/lib/libssl/man/SSL_free.3
user/imp/tbemd/secure/lib/libssl/man/SSL_get_SSL_CTX.3
user/imp/tbemd/secure/lib/libssl/man/SSL_get_ciphers.3
user/imp/tbemd/secure/lib/libssl/man/SSL_get_client_CA_list.3
user/imp/tbemd/secure/lib/libssl/man/SSL_get_current_cipher.3
user/imp/tbemd/secure/lib/libssl/man/SSL_get_default_timeout.3
user/imp/tbemd/secure/lib/libssl/man/SSL_get_error.3
user/imp/tbemd/secure/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3
user/imp/tbemd/secure/lib/libssl/man/SSL_get_ex_new_index.3
user/imp/tbemd/secure/lib/libssl/man/SSL_get_fd.3
user/imp/tbemd/secure/lib/libssl/man/SSL_get_peer_cert_chain.3
user/imp/tbemd/secure/lib/libssl/man/SSL_get_peer_certificate.3
user/imp/tbemd/secure/lib/libssl/man/SSL_get_rbio.3
user/imp/tbemd/secure/lib/libssl/man/SSL_get_session.3
user/imp/tbemd/secure/lib/libssl/man/SSL_get_verify_result.3
user/imp/tbemd/secure/lib/libssl/man/SSL_get_version.3
user/imp/tbemd/secure/lib/libssl/man/SSL_library_init.3
user/imp/tbemd/secure/lib/libssl/man/SSL_load_client_CA_file.3
user/imp/tbemd/secure/lib/libssl/man/SSL_new.3
user/imp/tbemd/secure/lib/libssl/man/SSL_pending.3
user/imp/tbemd/secure/lib/libssl/man/SSL_read.3
user/imp/tbemd/secure/lib/libssl/man/SSL_rstate_string.3
user/imp/tbemd/secure/lib/libssl/man/SSL_session_reused.3
user/imp/tbemd/secure/lib/libssl/man/SSL_set_bio.3
user/imp/tbemd/secure/lib/libssl/man/SSL_set_connect_state.3
user/imp/tbemd/secure/lib/libssl/man/SSL_set_fd.3
user/imp/tbemd/secure/lib/libssl/man/SSL_set_session.3
user/imp/tbemd/secure/lib/libssl/man/SSL_set_shutdown.3
user/imp/tbemd/secure/lib/libssl/man/SSL_set_verify_result.3
user/imp/tbemd/secure/lib/libssl/man/SSL_shutdown.3
user/imp/tbemd/secure/lib/libssl/man/SSL_state_string.3
user/imp/tbemd/secure/lib/libssl/man/SSL_want.3
user/imp/tbemd/secure/lib/libssl/man/SSL_write.3
user/imp/tbemd/secure/lib/libssl/man/d2i_SSL_SESSION.3
user/imp/tbemd/secure/lib/libssl/man/ssl.3
user/imp/tbemd/secure/libexec/Makefile
user/imp/tbemd/secure/usr.bin/openssl/man/CA.pl.1
user/imp/tbemd/secure/usr.bin/openssl/man/asn1parse.1
user/imp/tbemd/secure/usr.bin/openssl/man/ca.1
user/imp/tbemd/secure/usr.bin/openssl/man/ciphers.1
user/imp/tbemd/secure/usr.bin/openssl/man/crl.1
user/imp/tbemd/secure/usr.bin/openssl/man/crl2pkcs7.1
user/imp/tbemd/secure/usr.bin/openssl/man/dgst.1
user/imp/tbemd/secure/usr.bin/openssl/man/dhparam.1
user/imp/tbemd/secure/usr.bin/openssl/man/dsa.1
user/imp/tbemd/secure/usr.bin/openssl/man/dsaparam.1
user/imp/tbemd/secure/usr.bin/openssl/man/ec.1
user/imp/tbemd/secure/usr.bin/openssl/man/ecparam.1
user/imp/tbemd/secure/usr.bin/openssl/man/enc.1
user/imp/tbemd/secure/usr.bin/openssl/man/errstr.1
user/imp/tbemd/secure/usr.bin/openssl/man/gendsa.1
user/imp/tbemd/secure/usr.bin/openssl/man/genrsa.1
user/imp/tbemd/secure/usr.bin/openssl/man/nseq.1
user/imp/tbemd/secure/usr.bin/openssl/man/ocsp.1
user/imp/tbemd/secure/usr.bin/openssl/man/openssl.1
user/imp/tbemd/secure/usr.bin/openssl/man/passwd.1
user/imp/tbemd/secure/usr.bin/openssl/man/pkcs12.1
user/imp/tbemd/secure/usr.bin/openssl/man/pkcs7.1
user/imp/tbemd/secure/usr.bin/openssl/man/pkcs8.1
user/imp/tbemd/secure/usr.bin/openssl/man/rand.1
user/imp/tbemd/secure/usr.bin/openssl/man/req.1
user/imp/tbemd/secure/usr.bin/openssl/man/rsa.1
user/imp/tbemd/secure/usr.bin/openssl/man/rsautl.1
user/imp/tbemd/secure/usr.bin/openssl/man/s_client.1
user/imp/tbemd/secure/usr.bin/openssl/man/s_server.1
user/imp/tbemd/secure/usr.bin/openssl/man/s_time.1
user/imp/tbemd/secure/usr.bin/openssl/man/sess_id.1
user/imp/tbemd/secure/usr.bin/openssl/man/smime.1
user/imp/tbemd/secure/usr.bin/openssl/man/speed.1
user/imp/tbemd/secure/usr.bin/openssl/man/spkac.1
user/imp/tbemd/secure/usr.bin/openssl/man/verify.1
user/imp/tbemd/secure/usr.bin/openssl/man/version.1
user/imp/tbemd/secure/usr.bin/openssl/man/x509.1
user/imp/tbemd/secure/usr.bin/openssl/man/x509v3_config.1
user/imp/tbemd/secure/usr.bin/ssh/Makefile
user/imp/tbemd/secure/usr.sbin/sshd/Makefile
Modified: user/imp/tbemd/sbin/geom/class/Makefile
==============================================================================
--- user/imp/tbemd/sbin/geom/class/Makefile Mon Apr 12 23:06:14 2010 (r206518)
+++ user/imp/tbemd/sbin/geom/class/Makefile Mon Apr 12 23:09:22 2010 (r206519)
@@ -15,6 +15,7 @@ SUBDIR+=multipath
SUBDIR+=nop
SUBDIR+=part
SUBDIR+=raid3
+SUBDIR+=sched
SUBDIR+=shsec
SUBDIR+=stripe
SUBDIR+=virstor
Modified: user/imp/tbemd/sbin/geom/class/cache/gcache.8
==============================================================================
--- user/imp/tbemd/sbin/geom/class/cache/gcache.8 Mon Apr 12 23:06:14 2010 (r206518)
+++ user/imp/tbemd/sbin/geom/class/cache/gcache.8 Mon Apr 12 23:09:22 2010 (r206519)
@@ -14,14 +14,14 @@
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR THE VOICES IN HIS HEAD BE
-.\" LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-.\" POSSIBILITY OF SUCH DAMAGE.
+.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
.\"
.\" $FreeBSD$
.\"
Modified: user/imp/tbemd/sbin/geom/class/mountver/gmountver.8
==============================================================================
--- user/imp/tbemd/sbin/geom/class/mountver/gmountver.8 Mon Apr 12 23:06:14 2010 (r206518)
+++ user/imp/tbemd/sbin/geom/class/mountver/gmountver.8 Mon Apr 12 23:09:22 2010 (r206519)
@@ -14,14 +14,14 @@
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR THE VOICES IN HIS HEAD BE
-.\" LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-.\" POSSIBILITY OF SUCH DAMAGE.
+.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
.\"
.\" $FreeBSD$
.\"
Modified: user/imp/tbemd/sbin/geom/class/multipath/geom_multipath.c
==============================================================================
--- user/imp/tbemd/sbin/geom/class/multipath/geom_multipath.c Mon Apr 12 23:06:14 2010 (r206518)
+++ user/imp/tbemd/sbin/geom/class/multipath/geom_multipath.c Mon Apr 12 23:09:22 2010 (r206519)
@@ -48,6 +48,7 @@ uint32_t version = G_MULTIPATH_VERSION;
static void mp_main(struct gctl_req *, unsigned int);
static void mp_label(struct gctl_req *);
static void mp_clear(struct gctl_req *);
+static void mp_add(struct gctl_req *);
struct g_command class_commands[] = {
{
@@ -55,6 +56,10 @@ struct g_command class_commands[] = {
NULL, "[-v] name prov ..."
},
{
+ "add", G_FLAG_VERBOSE | G_FLAG_LOADKLD, mp_main, G_NULL_OPTS,
+ NULL, "[-v] name prov ..."
+ },
+ {
"destroy", G_FLAG_VERBOSE, NULL, G_NULL_OPTS,
NULL, "[-v] prov ..."
},
@@ -62,6 +67,14 @@ struct g_command class_commands[] = {
"clear", G_FLAG_VERBOSE, mp_main, G_NULL_OPTS,
NULL, "[-v] prov ..."
},
+ {
+ "rotate", G_FLAG_VERBOSE, NULL, G_NULL_OPTS,
+ NULL, "[-v] prov ..."
+ },
+ {
+ "getactive", G_FLAG_VERBOSE, NULL, G_NULL_OPTS,
+ NULL, "[-v] prov ..."
+ },
G_CMD_SENTINEL
};
@@ -77,6 +90,8 @@ mp_main(struct gctl_req *req, unsigned i
}
if (strcmp(name, "label") == 0) {
mp_label(req);
+ } else if (strcmp(name, "add") == 0) {
+ mp_add(req);
} else if (strcmp(name, "clear") == 0) {
mp_clear(req);
} else {
@@ -93,7 +108,7 @@ mp_label(struct gctl_req *req)
char *ptr;
uuid_t uuid;
uint32_t secsize = 0, ssize, status;
- const char *name;
+ const char *name, *mpname;
int error, i, nargs;
nargs = gctl_get_int(req, "nargs");
@@ -148,8 +163,8 @@ mp_label(struct gctl_req *req)
*/
strlcpy(md.md_magic, G_MULTIPATH_MAGIC, sizeof(md.md_magic));
md.md_version = G_MULTIPATH_VERSION;
- name = gctl_get_ascii(req, "arg0");
- strlcpy(md.md_name, name, sizeof(md.md_name));
+ mpname = gctl_get_ascii(req, "arg0");
+ strlcpy(md.md_name, mpname, sizeof(md.md_name));
md.md_size = disksiz;
md.md_sectorsize = secsize;
uuid_create(&uuid, &status);
@@ -166,46 +181,44 @@ mp_label(struct gctl_req *req)
free(ptr);
/*
- * Clear last sector first for each provider to spoil anything extant
+ * Clear metadata on initial provider first.
*/
- for (i = 1; i < nargs; i++) {
- name = gctl_get_ascii(req, "arg%d", i);
- error = g_metadata_clear(name, NULL);
- if (error != 0) {
- gctl_error(req, "cannot clear metadata on %s: %s.",
- name, strerror(error));
- return;
- }
+ name = gctl_get_ascii(req, "arg1");
+ error = g_metadata_clear(name, NULL);
+ if (error != 0) {
+ gctl_error(req, "cannot clear metadata on %s: %s.", name, strerror(error));
+ return;
}
+ /*
+ * encode the metadata
+ */
multipath_metadata_encode(&md, sector);
/*
- * Ok, store metadata.
+ * Store metadata on the initial provider.
*/
- for (i = 1; i < nargs; i++) {
- name = gctl_get_ascii(req, "arg%d", i);
- error = g_metadata_store(name, sector, secsize);
- if (error != 0) {
- fprintf(stderr, "Can't store metadata on %s: %s.\n",
- name, strerror(error));
- goto fail;
- }
+ error = g_metadata_store(name, sector, secsize);
+ if (error != 0) {
+ gctl_error(req, "cannot store metadata on %s: %s.", name, strerror(error));
+ return;
}
- return;
-fail:
/*
- * Clear last sector first for each provider to spoil anything extant
+ * Now add the rest of the providers.
*/
- for (i = 1; i < nargs; i++) {
- name = gctl_get_ascii(req, "arg%d", i);
- error = g_metadata_clear(name, NULL);
- if (error != 0) {
- gctl_error(req, "cannot clear metadata on %s: %s.",
- name, strerror(error));
+ error = gctl_change_param(req, "verb", -1, "add");
+ if (error) {
+ gctl_error(req, "unable to change verb to \"add\": %s.", strerror(error));
+ return;
+ }
+ for (i = 2; i < nargs; i++) {
+ error = gctl_change_param(req, "arg1", -1, gctl_get_ascii(req, "arg%d", i));
+ if (error) {
+ gctl_error(req, "unable to add %s to %s: %s.", gctl_get_ascii(req, "arg%d", i), mpname, strerror(error));
continue;
}
+ mp_add(req);
}
}
@@ -213,22 +226,23 @@ static void
mp_clear(struct gctl_req *req)
{
const char *name;
- int error, i, nargs;
+ int error;
- nargs = gctl_get_int(req, "nargs");
- if (nargs < 1) {
- gctl_error(req, "Too few arguments.");
- return;
+ name = gctl_get_ascii(req, "arg1");
+ error = g_metadata_clear(name, G_MULTIPATH_MAGIC);
+ if (error != 0) {
+ fprintf(stderr, "Can't clear metadata on %s: %s.\n", name, strerror(error));
+ gctl_error(req, "Not fully done.");
}
+}
- for (i = 0; i < nargs; i++) {
- name = gctl_get_ascii(req, "arg%d", i);
- error = g_metadata_clear(name, G_MULTIPATH_MAGIC);
- if (error != 0) {
- fprintf(stderr, "Can't clear metadata on %s: %s.\n",
- name, strerror(error));
- gctl_error(req, "Not fully done.");
- continue;
- }
- }
+static void
+mp_add(struct gctl_req *req)
+{
+ const char *errstr;
+
+ errstr = gctl_issue(req);
+ if (errstr != NULL && errstr[0] != '\0') {
+ gctl_error(req, "%s", errstr);
+ }
}
Modified: user/imp/tbemd/sbin/hastd/primary.c
==============================================================================
--- user/imp/tbemd/sbin/hastd/primary.c Mon Apr 12 23:06:14 2010 (r206518)
+++ user/imp/tbemd/sbin/hastd/primary.c Mon Apr 12 23:09:22 2010 (r206519)
@@ -460,9 +460,11 @@ init_local(struct hast_resource *res)
exit(EX_NOINPUT);
}
-static void
-init_remote(struct hast_resource *res)
+static bool
+init_remote(struct hast_resource *res, struct proto_conn **inp,
+ struct proto_conn **outp)
{
+ struct proto_conn *in, *out;
struct nv *nvout, *nvin;
const unsigned char *token;
unsigned char *map;
@@ -472,13 +474,17 @@ init_remote(struct hast_resource *res)
uint32_t mapsize;
size_t size;
+ assert((inp == NULL && outp == NULL) || (inp != NULL && outp != NULL));
+
+ in = out = NULL;
+
/* Prepare outgoing connection with remote node. */
- if (proto_client(res->hr_remoteaddr, &res->hr_remoteout) < 0) {
+ if (proto_client(res->hr_remoteaddr, &out) < 0) {
primary_exit(EX_OSERR, "Unable to create connection to %s",
res->hr_remoteaddr);
}
/* Try to connect, but accept failure. */
- if (proto_connect(res->hr_remoteout) < 0) {
+ if (proto_connect(out) < 0) {
pjdlog_errno(LOG_WARNING, "Unable to connect to %s",
res->hr_remoteaddr);
goto close;
@@ -496,7 +502,7 @@ init_remote(struct hast_resource *res)
nv_free(nvout);
goto close;
}
- if (hast_proto_send(res, res->hr_remoteout, nvout, NULL, 0) < 0) {
+ if (hast_proto_send(res, out, nvout, NULL, 0) < 0) {
pjdlog_errno(LOG_WARNING,
"Unable to send handshake header to %s",
res->hr_remoteaddr);
@@ -504,7 +510,7 @@ init_remote(struct hast_resource *res)
goto close;
}
nv_free(nvout);
- if (hast_proto_recv_hdr(res->hr_remoteout, &nvin) < 0) {
+ if (hast_proto_recv_hdr(out, &nvin) < 0) {
pjdlog_errno(LOG_WARNING,
"Unable to receive handshake header from %s",
res->hr_remoteaddr);
@@ -536,12 +542,12 @@ init_remote(struct hast_resource *res)
* Second handshake step.
* Setup incoming connection with remote node.
*/
- if (proto_client(res->hr_remoteaddr, &res->hr_remotein) < 0) {
+ if (proto_client(res->hr_remoteaddr, &in) < 0) {
pjdlog_errno(LOG_WARNING, "Unable to create connection to %s",
res->hr_remoteaddr);
}
/* Try to connect, but accept failure. */
- if (proto_connect(res->hr_remotein) < 0) {
+ if (proto_connect(in) < 0) {
pjdlog_errno(LOG_WARNING, "Unable to connect to %s",
res->hr_remoteaddr);
goto close;
@@ -560,7 +566,7 @@ init_remote(struct hast_resource *res)
nv_free(nvout);
goto close;
}
- if (hast_proto_send(res, res->hr_remotein, nvout, NULL, 0) < 0) {
+ if (hast_proto_send(res, in, nvout, NULL, 0) < 0) {
pjdlog_errno(LOG_WARNING,
"Unable to send handshake header to %s",
res->hr_remoteaddr);
@@ -568,7 +574,7 @@ init_remote(struct hast_resource *res)
goto close;
}
nv_free(nvout);
- if (hast_proto_recv_hdr(res->hr_remoteout, &nvin) < 0) {
+ if (hast_proto_recv_hdr(out, &nvin) < 0) {
pjdlog_errno(LOG_WARNING,
"Unable to receive handshake header from %s",
res->hr_remoteaddr);
@@ -611,7 +617,7 @@ init_remote(struct hast_resource *res)
* Remote node have some dirty extents on its own, lets
* download its activemap.
*/
- if (hast_proto_recv_data(res, res->hr_remoteout, nvin, map,
+ if (hast_proto_recv_data(res, out, nvin, map,
mapsize) < 0) {
pjdlog_errno(LOG_ERR,
"Unable to receive remote activemap");
@@ -631,18 +637,29 @@ init_remote(struct hast_resource *res)
(void)hast_activemap_flush(res);
}
pjdlog_info("Connected to %s.", res->hr_remoteaddr);
+ if (inp != NULL && outp != NULL) {
+ *inp = in;
+ *outp = out;
+ } else {
+ res->hr_remotein = in;
+ res->hr_remoteout = out;
+ }
+ return (true);
+close:
+ proto_close(out);
+ if (in != NULL)
+ proto_close(in);
+ return (false);
+}
+
+static void
+sync_start(void)
+{
+
mtx_lock(&sync_lock);
sync_inprogress = true;
mtx_unlock(&sync_lock);
cv_signal(&sync_cond);
- return;
-close:
- proto_close(res->hr_remoteout);
- res->hr_remoteout = NULL;
- if (res->hr_remotein != NULL) {
- proto_close(res->hr_remotein);
- res->hr_remotein = NULL;
- }
}
static void
@@ -735,7 +752,8 @@ hastd_primary(struct hast_resource *res)
setproctitle("%s (primary)", res->hr_name);
init_local(res);
- init_remote(res);
+ if (init_remote(res, NULL, NULL))
+ sync_start();
init_ggate(res);
init_environment(res);
error = pthread_create(&td, NULL, ggate_recv_thread, res);
@@ -1695,6 +1713,7 @@ static void *
guard_thread(void *arg)
{
struct hast_resource *res = arg;
+ struct proto_conn *in, *out;
unsigned int ii, ncomps;
int timeout;
@@ -1738,26 +1757,31 @@ guard_thread(void *arg)
* connected.
*/
rw_unlock(&hio_remote_lock[ii]);
- rw_wlock(&hio_remote_lock[ii]);
- assert(res->hr_remotein == NULL);
- assert(res->hr_remoteout == NULL);
pjdlog_debug(2,
"remote_guard: Reconnecting to %s.",
res->hr_remoteaddr);
- init_remote(res);
- if (ISCONNECTED(res, ii)) {
+ in = out = NULL;
+ if (init_remote(res, &in, &out)) {
+ rw_wlock(&hio_remote_lock[ii]);
+ assert(res->hr_remotein == NULL);
+ assert(res->hr_remoteout == NULL);
+ assert(in != NULL && out != NULL);
+ res->hr_remotein = in;
+ res->hr_remoteout = out;
+ rw_unlock(&hio_remote_lock[ii]);
pjdlog_info("Successfully reconnected to %s.",
res->hr_remoteaddr);
+ sync_start();
} else {
/* Both connections should be NULL. */
assert(res->hr_remotein == NULL);
assert(res->hr_remoteout == NULL);
+ assert(in == NULL && out == NULL);
pjdlog_debug(2,
"remote_guard: Reconnect to %s failed.",
res->hr_remoteaddr);
timeout = RECONNECT_SLEEP;
}
- rw_unlock(&hio_remote_lock[ii]);
}
}
(void)cv_timedwait(&hio_guard_cond, &hio_guard_lock, timeout);
Modified: user/imp/tbemd/sbin/ifconfig/ifconfig.c
==============================================================================
--- user/imp/tbemd/sbin/ifconfig/ifconfig.c Mon Apr 12 23:06:14 2010 (r206518)
+++ user/imp/tbemd/sbin/ifconfig/ifconfig.c Mon Apr 12 23:09:22 2010 (r206519)
@@ -881,7 +881,7 @@ unsetifdescr(const char *val, int value,
#define IFCAPBITS \
"\020\1RXCSUM\2TXCSUM\3NETCONS\4VLAN_MTU\5VLAN_HWTAGGING\6JUMBO_MTU\7POLLING" \
"\10VLAN_HWCSUM\11TSO4\12TSO6\13LRO\14WOL_UCAST\15WOL_MCAST\16WOL_MAGIC" \
-"\21VLAN_HWFILTER\23VLAN_HWTSO"
+"\21VLAN_HWFILTER\23VLAN_HWTSO\24LINKSTATE"
/*
* Print the status of the interface. If an address family was
Modified: user/imp/tbemd/sbin/ifconfig/ifieee80211.c
==============================================================================
--- user/imp/tbemd/sbin/ifconfig/ifieee80211.c Mon Apr 12 23:06:14 2010 (r206518)
+++ user/imp/tbemd/sbin/ifconfig/ifieee80211.c Mon Apr 12 23:09:22 2010 (r206519)
@@ -4509,6 +4509,7 @@ end:
} else {
LINE_BREAK();
list_roam(s);
+ LINE_BREAK();
}
}
Modified: user/imp/tbemd/sbin/ipfw/Makefile
==============================================================================
--- user/imp/tbemd/sbin/ipfw/Makefile Mon Apr 12 23:06:14 2010 (r206518)
+++ user/imp/tbemd/sbin/ipfw/Makefile Mon Apr 12 23:09:22 2010 (r206519)
@@ -3,6 +3,7 @@
PROG= ipfw
SRCS= ipfw2.c dummynet.c ipv6.c main.c nat.c altq.c
WARNS?= 2
+DPADD= ${LIBUTIL}
LDADD= -lutil
MAN= ipfw.8
Modified: user/imp/tbemd/sbin/ipfw/dummynet.c
==============================================================================
--- user/imp/tbemd/sbin/ipfw/dummynet.c Mon Apr 12 23:06:14 2010 (r206518)
+++ user/imp/tbemd/sbin/ipfw/dummynet.c Mon Apr 12 23:09:22 2010 (r206519)
@@ -141,7 +141,8 @@ print_mask(struct ipfw_flow_id *id)
{
if (!IS_IP6_FLOW_ID(id)) {
printf(" "
- "mask: 0x%02x 0x%08x/0x%04x -> 0x%08x/0x%04x\n",
+ "mask: %s 0x%02x 0x%08x/0x%04x -> 0x%08x/0x%04x\n",
+ id->extra ? "queue," : "",
id->proto,
id->src_ip, id->src_port,
id->dst_ip, id->dst_port);
@@ -151,7 +152,8 @@ print_mask(struct ipfw_flow_id *id)
"Tot_pkt/bytes Pkt/Byte Drp\n");
} else {
char buf[255];
- printf("\n mask: proto: 0x%02x, flow_id: 0x%08x, ",
+ printf("\n mask: %sproto: 0x%02x, flow_id: 0x%08x, ",
+ id->extra ? "queue," : "",
id->proto, id->flow_id6);
inet_ntop(AF_INET6, &(id->src_ip6), buf, sizeof(buf));
printf("%s/0x%04x -> ", buf, id->src_port);
@@ -175,7 +177,8 @@ list_flow(struct dn_flow *ni)
pe = getprotobynumber(id->proto);
/* XXX: Should check for IPv4 flows */
- printf("%3u ", (ni->oid.id) & 0xff);
+ printf("%3u%c", (ni->oid.id) & 0xff,
+ id->extra ? '*' : ' ');
if (!IS_IP6_FLOW_ID(id)) {
if (pe)
printf("%-4s ", pe->p_name);
@@ -532,7 +535,7 @@ read_bandwidth(char *arg, int *bandwidth
if (*end == 'K' || *end == 'k') {
end++;
bw *= 1000;
- } else if (*end == 'M') {
+ } else if (*end == 'M' || *end == 'm') {
end++;
bw *= 1000000;
}
@@ -910,6 +913,7 @@ ipfw_config_pipe(int ac, char **av)
case TOK_ALL:
/*
* special case, all bits significant
+ * except 'extra' (the queue number)
*/
mask->dst_ip = ~0;
mask->src_ip = ~0;
@@ -922,6 +926,11 @@ ipfw_config_pipe(int ac, char **av)
*flags |= DN_HAVE_MASK;
goto end_mask;
+ case TOK_QUEUE:
+ mask->extra = ~0;
+ *flags |= DN_HAVE_MASK;
+ goto end_mask;
+
case TOK_DSTIP:
mask->addr_type = 4;
p32 = &mask->dst_ip;
@@ -992,7 +1001,7 @@ ipfw_config_pipe(int ac, char **av)
if (a > 0xFF)
errx(EX_DATAERR,
"proto mask must be 8 bit");
- fs->flow_mask.proto = (uint8_t)a;
+ mask->proto = (uint8_t)a;
}
if (a != 0)
*flags |= DN_HAVE_MASK;
@@ -1234,53 +1243,142 @@ dummynet_flush(void)
do_cmd(IP_DUMMYNET3, &oid, oid.len);
}
+/* Parse input for 'ipfw [pipe|sched|queue] show [range list]'
+ * Returns the number of ranges, and possibly stores them
+ * in the array v of size len.
+ */
+static int
+parse_range(int ac, char *av[], uint32_t *v, int len)
+{
+ int n = 0;
+ char *endptr, *s;
+ uint32_t base[2];
+
+ if (v == NULL || len < 2) {
+ v = base;
+ len = 2;
+ }
+
+ for (s = *av; s != NULL; av++, ac--) {
+ v[0] = strtoul(s, &endptr, 10);
+ v[1] = (*endptr != '-') ? v[0] :
+ strtoul(endptr+1, &endptr, 10);
+ if (*endptr == '\0') { /* prepare for next round */
+ s = (ac > 0) ? *(av+1) : NULL;
+ } else {
+ if (*endptr != ',') {
+ warn("invalid number: %s", s);
+ s = ++endptr;
+ continue;
+ }
+ /* continue processing from here */
+ s = ++endptr;
+ ac++;
+ av--;
+ }
+ if (v[1] < v[0] ||
+ v[1] < 0 || v[1] >= DN_MAX_ID-1 ||
+ v[0] < 0 || v[1] >= DN_MAX_ID-1) {
+ continue; /* invalid entry */
+ }
+ n++;
+ /* translate if 'pipe list' */
+ if (co.do_pipe == 1) {
+ v[0] += DN_MAX_ID;
+ v[1] += DN_MAX_ID;
+ }
+ v = (n*2 < len) ? v + 2 : base;
+ }
+ return n;
+}
+
/* main entry point for dummynet list functions. co.do_pipe indicates
* which function we want to support.
- * XXX todo- accept filtering arguments.
+ * av may contain filtering arguments, either individual entries
+ * or ranges, or lists (space or commas are valid separators).
+ * Format for a range can be n1-n2 or n3 n4 n5 ...
+ * In a range n1 must be <= n2, otherwise the range is ignored.
+ * A number 'n4' is translate in a range 'n4-n4'
+ * All number must be > 0 and < DN_MAX_ID-1
*/
void
dummynet_list(int ac, char *av[], int show_counters)
{
- struct dn_id oid, *x = NULL;
- int ret, i, l = sizeof(oid);
+ struct dn_id *oid, *x = NULL;
+ int ret, i, l;
+ int n; /* # of ranges */
+ int buflen;
+ int max_size; /* largest obj passed up */
+
+ ac--;
+ av++; /* skip 'list' | 'show' word */
+
+ n = parse_range(ac, av, NULL, 0); /* Count # of ranges. */
+
+ /* Allocate space to store ranges */
+ l = sizeof(*oid) + sizeof(uint32_t) * n * 2;
+ oid = safe_calloc(1, l);
+ oid_fill(oid, l, DN_CMD_GET, DN_API_VERSION);
+
+ if (n > 0) /* store ranges in idx */
+ parse_range(ac, av, (uint32_t *)(oid + 1), n*2);
+ /*
+ * Compute the size of the largest object returned. If the
+ * response leaves at least this much spare space in the
+ * buffer, then surely the response is complete; otherwise
+ * there might be a risk of truncation and we will need to
+ * retry with a larger buffer.
+ * XXX don't bother with smaller structs.
+ */
+ max_size = sizeof(struct dn_fs);
+ if (max_size < sizeof(struct dn_sch))
+ max_size = sizeof(struct dn_sch);
+ if (max_size < sizeof(struct dn_flow))
+ max_size = sizeof(struct dn_flow);
- oid_fill(&oid, l, DN_CMD_GET, DN_API_VERSION);
switch (co.do_pipe) {
case 1:
- oid.subtype = DN_LINK; /* list pipe */
+ oid->subtype = DN_LINK; /* list pipe */
break;
case 2:
- oid.subtype = DN_FS; /* list queue */
+ oid->subtype = DN_FS; /* list queue */
break;
case 3:
- oid.subtype = DN_SCH; /* list sched */
+ oid->subtype = DN_SCH; /* list sched */
break;
}
- /* Request the buffer size (in oid.id)*/
- ret = do_cmd(-IP_DUMMYNET3, &oid, (uintptr_t)&l);
- // printf("%s returns %d need %d\n", __FUNCTION__, ret, oid.id);
- if (ret != 0 || oid.id <= sizeof(oid))
- return;
-
- /* Try max 10 times
- * Buffer is correct if l != 0.
- * If l == 0 no buffer is sent, maybe because kernel requires
- * a greater buffer, so try with the new size in x->id.
+ /*
+ * Ask the kernel an estimate of the required space (result
+ * in oid.id), unless we are requesting a subset of objects,
+ * in which case the kernel does not give an exact answer.
+ * In any case, space might grow in the meantime due to the
+ * creation of new queues, so we must be prepared to retry.
*/
- for (i = 0, l = oid.id; i < 10; i++, l = x->id) {
+ if (n > 0) {
+ buflen = 4*1024;
+ } else {
+ ret = do_cmd(-IP_DUMMYNET3, oid, (uintptr_t)&l);
+ if (ret != 0 || oid->id <= sizeof(*oid))
+ goto done;
+ buflen = oid->id + max_size;
+ oid->len = sizeof(*oid); /* restore */
+ }
+ /* Try a few times, until the buffer fits */
+ for (i = 0; i < 20; i++) {
+ l = buflen;
x = safe_realloc(x, l);
- *x = oid;
- ret = do_cmd(-IP_DUMMYNET3, x, (uintptr_t)&l);
-
- if (ret != 0 || x->id <= sizeof(oid))
- return;
-
- if (l != 0)
+ bcopy(oid, x, oid->len);
+ ret = do_cmd(-IP_DUMMYNET3, x, (uintptr_t)&l);
+ if (ret != 0 || x->id <= sizeof(*oid))
+ goto done; /* no response */
+ if (l + max_size <= buflen)
break; /* ok */
+ buflen *= 2; /* double for next attempt */
}
- // printf("%s returns %d need %d\n", __FUNCTION__, ret, oid.id);
- // XXX filter on ac, av
list_pipes(x, O_NEXT(x, l));
- free(x);
+done:
+ if (x)
+ free(x);
+ free(oid);
}
Modified: user/imp/tbemd/sbin/ipfw/ipfw.8
==============================================================================
--- user/imp/tbemd/sbin/ipfw/ipfw.8 Mon Apr 12 23:06:14 2010 (r206518)
+++ user/imp/tbemd/sbin/ipfw/ipfw.8 Mon Apr 12 23:09:22 2010 (r206519)
@@ -1,7 +1,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd June 24, 2009
+.Dd March 20, 2010
.Dt IPFW 8
.Os
.Sh NAME
@@ -1404,7 +1404,7 @@ If not found, the match fails.
Otherwise, the match succeeds and
.Cm tablearg
is set to the value extracted from the table.
-.Br
+.Pp
This option can be useful to quickly dispatch traffic based on
certain packet fields.
See the
@@ -1501,7 +1501,7 @@ is invalid) whenever
.Cm xmit
is used.
.Pp
-A packet may not have a receive or transmit interface: packets
+A packet might not have a receive or transmit interface: packets
originating from the local host have no receive interface,
while packets destined for the local host have no transmit
interface.
@@ -1847,7 +1847,7 @@ is also the user interface for the
.Nm dummynet
traffic shaper, packet scheduler and network emulator, a subsystem that
can artificially queue, delay or drop packets
-emulator the behaviour of certain network links
+emulating the behaviour of certain network links
or queueing systems.
.Pp
.Nm dummynet
@@ -1859,26 +1859,33 @@ Matching packets are then passed to eith
different objects, which implement the traffic regulation:
.Bl -hang -offset XXXX
.It Em pipe
-A pipe emulates a link with given bandwidth, propagation delay,
+A
+.Em pipe
+emulates a
+.Em link
+with given bandwidth and propagation delay,
+driven by a FIFO scheduler and a single queue with programmable
queue size and packet loss rate.
-Packets are queued in front of the pipe as they come out from the classifier,
-and then transferred to the pipe according to the pipe's parameters.
+Packets are appended to the queue as they come out from
+.Nm ipfw ,
+and then transferred in FIFO order to the link at the desired rate.
.It Em queue
-A queue
+A
+.Em queue
is an abstraction used to implement packet scheduling
using one of several packet scheduling algorithms.
-.Pp
-The queue associates a
-.Em weight
-and a reference scheduler to each flow (a flow is a set of packets
-with the same addresses and ports after masking).
-A scheduler in turn is connected to a pipe, and arbitrates
-the pipe's bandwidth among backlogged flows according to
+Packets sent to a
+.Em queue
+are first grouped into flows according to a mask on the 5-tuple.
+Flows are then passed to the scheduler associated to the
+.Em queue ,
+and each flow uses scheduling parameters (weight and others)
+as configured in the
+.Em queue
+itself.
+A scheduler in turn is connected to an emulated link,
+and arbitrates the link's bandwidth among backlogged flows according to
weights and to the features of the scheduling algorithm in use.
-.Pp
-Note that weights are not priorities; a flow with a lower weight
-is still guaranteed to get its fraction of the bandwidth even if a
-flow with a higher weight is permanently backlogged.
.El
.Pp
In practice,
@@ -1887,6 +1894,52 @@ can be used to set hard limits to the ba
.Em queues
can be used to determine how different flows share the available bandwidth.
.Pp
+A graphical representation of the binding of queues,
+flows, schedulers and links is below.
+.Bd -literal -offset indent
+ (flow_mask|sched_mask) sched_mask
+ +---------+ weight Wx +-------------+
+ | |->-[flow]-->--| |-+
+ -->--| QUEUE x | ... | | |
+ | |->-[flow]-->--| SCHEDuler N | |
+ +---------+ | | |
+ ... | +--[LINK N]-->--
+ +---------+ weight Wy | | +--[LINK N]-->--
+ | |->-[flow]-->--| | |
+ -->--| QUEUE y | ... | | |
+ | |->-[flow]-->--| | |
+ +---------+ +-------------+ |
+ +-------------+
+.Ed
+It is important to understand the role of the SCHED_MASK
+and FLOW_MASK, which are configured through the commands
+.Dl "ipfw sched N config mask SCHED_MASK ..."
+and
+.Dl "ipfw queue X config mask FLOW_MASK ..." .
+.Pp
+The SCHED_MASK is used to assign flows to one or more
+scheduler instances, one for each
+value of the packet's 5-fuple after applying SCHED_MASK.
+As an example, using ``src-ip 0xffffff00'' creates one instance
+for each /24 destination subnet.
+.Pp
+The FLOW_MASK, together with the SCHED_MASK, is used to split
+packets into flows. As an example, using
+``src-ip 0x000000ff''
+together with the previous SCHED_MASK makes a flow for
+each individual source address. In turn, flows for each /24
+subnet will be sent to the same scheduler instance.
+.Pp
+The above diagram holds even for the
+.Em pipe
+case, with the only restriction that a
+.Em pipe
+only supports a SCHED_MASK, and forces the use of a FIFO
+scheduler (these are for backward compatibility reasons;
+in fact, internally, a
+.Nm dummynet's
+pipe is implemented exactly as above).
+.Pp
There are two modes of
.Nm dummynet
operation:
@@ -2087,9 +2140,36 @@ The following parameters can be configur
.Pp
.Bl -tag -width indent -compact
.It Cm type Ar {fifo | wf2qp | rr | qfq}
+specifies the scheduling algorithm to use.
+.Bl -tag -width indent -compact
+.It cm fifo
+is just a FIFO scheduler (which means that all packets
+are stored in the same queue as they arrive to the scheduler).
+FIFO has O(1) per-packet time complexity, with very low
+constants (estimate 60-80ns on a 2Ghz desktop machine)
+but gives no service guarantees.
+.It Cm wf2qp
+implements the WF2Q+ algorithm, which is a Weighted Fair Queueing
+algorithm which permits flows to share bandwidth according to
+their weights. Note that weights are not priorities; even a flow
+with a minuscule weight will never starve.
+WF2Q+ has O(log N) per-packet processing cost, where N is the number
+of flows, and is the default algorithm used by previous versions
+dummynet's queues.
+.It Cm rr
+implements the Deficit Round Robin algorithm, which has O(1) processing
+costs (roughly, 100-150ns per packet)
+and permits bandwidth allocation according to weights, but
+with poor service guarantees.
+.It Cm qfq
+implements the QFQ algorithm, which is a very fast variant of
+WF2Q+, with similar service guarantees and O(1) processing
+costs (roughly, 200-250ns per packet).
+.El
.El
.Pp
-plus all the parameters allowed for a pipe.
+In addition to the type, all parameters allowed for a pipe can also
+be specified for a scheduler.
.Pp
Finally, the following parameters can be configured for both
pipes and queues:
Modified: user/imp/tbemd/sbin/ipfw/ipfw2.c
==============================================================================
--- user/imp/tbemd/sbin/ipfw/ipfw2.c Mon Apr 12 23:06:14 2010 (r206518)
+++ user/imp/tbemd/sbin/ipfw/ipfw2.c Mon Apr 12 23:09:22 2010 (r206519)
@@ -231,7 +231,7 @@ static struct _s_x rule_action_params[]
*/
static int lookup_key[] = {
TOK_DSTIP, TOK_SRCIP, TOK_DSTPORT, TOK_SRCPORT,
- TOK_UID, TOK_JAIL, -1 };
+ TOK_UID, TOK_JAIL, TOK_DSCP, -1 };
static struct _s_x rule_options[] = {
{ "tagged", TOK_TAGGED },
@@ -258,6 +258,7 @@ static struct _s_x rule_options[] = {
{ "iplen", TOK_IPLEN },
{ "ipid", TOK_IPID },
{ "ipprecedence", TOK_IPPRECEDENCE },
+ { "dscp", TOK_DSCP },
{ "iptos", TOK_IPTOS },
{ "ipttl", TOK_IPTTL },
{ "ipversion", TOK_IPVER },
@@ -920,9 +921,9 @@ print_icmptypes(ipfw_insn_u32 *cmd)
#define HAVE_DSTIP 0x0004
#define HAVE_PROTO4 0x0008
#define HAVE_PROTO6 0x0010
+#define HAVE_IP 0x0100
#define HAVE_OPTIONS 0x8000
-#define HAVE_IP (HAVE_PROTO | HAVE_SRCIP | HAVE_DSTIP)
static void
show_prerequisites(int *flags, int want, int cmd __unused)
{
@@ -1023,7 +1024,9 @@ show_ipfw(struct ip_fw *rule, int pcwidt
switch(cmd->opcode) {
case O_CHECK_STATE:
printf("check-state");
- flags = HAVE_IP; /* avoid printing anything else */
+ /* avoid printing anything else */
+ flags = HAVE_PROTO | HAVE_SRCIP |
+ HAVE_DSTIP | HAVE_IP;
break;
case O_ACCEPT:
@@ -1163,7 +1166,8 @@ show_ipfw(struct ip_fw *rule, int pcwidt
show_prerequisites(&flags, HAVE_PROTO, 0);
printf(" from any to any");
}
- flags |= HAVE_IP | HAVE_OPTIONS;
+ flags |= HAVE_IP | HAVE_OPTIONS | HAVE_PROTO |
+ HAVE_SRCIP | HAVE_DSTIP;
}
if (co.comment_only)
@@ -1252,9 +1256,12 @@ show_ipfw(struct ip_fw *rule, int pcwidt
break;
case O_IP_DSTPORT:
- show_prerequisites(&flags, HAVE_IP, 0);
+ show_prerequisites(&flags,
+ HAVE_PROTO | HAVE_SRCIP |
+ HAVE_DSTIP | HAVE_IP, 0);
case O_IP_SRCPORT:
- show_prerequisites(&flags, HAVE_PROTO|HAVE_SRCIP, 0);
+ show_prerequisites(&flags,
+ HAVE_PROTO | HAVE_SRCIP, 0);
if ((cmd->len & F_OR) && !or_block)
printf(" {");
if (cmd->len & F_NOT)
@@ -1275,7 +1282,8 @@ show_ipfw(struct ip_fw *rule, int pcwidt
if ((flags & (HAVE_PROTO4 | HAVE_PROTO6)) &&
!(flags & HAVE_PROTO))
show_prerequisites(&flags,
- HAVE_IP | HAVE_OPTIONS, 0);
+ HAVE_PROTO | HAVE_IP | HAVE_SRCIP |
+ HAVE_DSTIP | HAVE_OPTIONS, 0);
if (flags & HAVE_OPTIONS)
printf(" proto");
if (pe)
@@ -1293,7 +1301,8 @@ show_ipfw(struct ip_fw *rule, int pcwidt
((cmd->opcode == O_IP4) &&
(flags & HAVE_PROTO4)))
break;
- show_prerequisites(&flags, HAVE_IP | HAVE_OPTIONS, 0);
+ show_prerequisites(&flags, HAVE_PROTO | HAVE_SRCIP |
+ HAVE_DSTIP | HAVE_IP | HAVE_OPTIONS, 0);
if ((cmd->len & F_OR) && !or_block)
printf(" {");
if (cmd->len & F_NOT && cmd->opcode != O_IN)
@@ -1547,7 +1556,8 @@ show_ipfw(struct ip_fw *rule, int pcwidt
or_block = 0;
}
}
- show_prerequisites(&flags, HAVE_IP, 0);
+ show_prerequisites(&flags, HAVE_PROTO | HAVE_SRCIP | HAVE_DSTIP
+ | HAVE_IP, 0);
if (comment)
printf(" // %s", comment);
printf("\n");
@@ -1730,6 +1740,8 @@ ipfw_sysctl_handler(char *av[], int whic
} else if (_substrcmp(*av, "firewall") == 0) {
sysctlbyname("net.inet.ip.fw.enable", NULL, 0,
&which, sizeof(which));
+ sysctlbyname("net.inet6.ip6.fw.enable", NULL, 0,
+ &which, sizeof(which));
} else if (_substrcmp(*av, "one_pass") == 0) {
sysctlbyname("net.inet.ip.fw.one_pass", NULL, 0,
&which, sizeof(which));
@@ -2646,7 +2658,7 @@ ipfw_add(char *av[])
}
/* [set N] -- set number (0..RESVD_SET), optional */
- if (av[0] && !av[1] && _substrcmp(*av, "set") == 0) {
+ if (av[0] && av[1] && _substrcmp(*av, "set") == 0) {
int set = strtoul(av[1], NULL, 10);
if (set < 0 || set > RESVD_SET)
errx(EX_DATAERR, "illegal set %s", av[1]);
@@ -3519,7 +3531,7 @@ read_options:
char *p;
int j;
- if (av[0] && av[1])
+ if (!av[0] || !av[1])
errx(EX_USAGE, "format: lookup argument tablenum");
cmd->opcode = O_IP_DST_LOOKUP;
cmd->len |= F_INSN_SIZE(ipfw_insn) + 2;
Modified: user/imp/tbemd/sbin/ipfw/ipfw2.h
==============================================================================
--- user/imp/tbemd/sbin/ipfw/ipfw2.h Mon Apr 12 23:06:14 2010 (r206518)
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-user
mailing list