IABSD.fr/src/sbin
Branch :
Log
| Author | Commit | Date | CI | Message |
|---|---|---|---|---|
 |
1ddc0014 | 2025-06-03 18:25:46 | -z honours -a (reset rule stats per anchor); OK sashan henning deraadt | |
 |
db3f753f | 2025-06-03 10:59:42 | Shuffle some -R code to eliminate extraneous copying and other minor tweaks. | |
 |
3c450be3 | 2025-06-03 09:57:57 | remove prototype for removed sysctl_fs() | |
|
598f77e6 | 2025-06-01 20:14:07 | Whitespace fixes. | |
 |
9ad64fc2 | 2025-05-31 20:25:33 | Use devname(3) instead of searching /dev manually During boot, savecore(8) is run immediately after dev_mkdb(8), so devname(3) is safe to use. If dev_mkdb(8) were to fail due to /var filling up, savecore(8) would be unable to write a core dump anyway. OK deraadt@ | |
|
12f6ad18 | 2025-05-28 03:55:41 | attibutes -> attributes | |
 |
55b7e178 | 2025-05-26 20:55:30 | pfctl(8) should not attempt to read limits when open('/dev/pf') fails. The bug was introduced by my earlier commit (pfctl.c,v 1.396) to pfctl(8). The issue was discovered and analyzed by anton@ OK @anton | |
 |
248a4f81 | 2025-05-25 10:16:22 | fdisk: consistently print an ASCII tab after disk name This aligns GPT and MBR output a bit better and is going to be handy for regress tests. Adjust the manpage examples accordingly. ok krw | |
|
a8ec491d | 2025-05-25 06:25:45 | When GPT_recover_partition() finds a partition offset of 0 use the first usable LBA of the largest chunk of free space. | |
|
4b64cfcf | 2025-05-25 03:26:43 | Make GPT_recover_partition() parameters const. | |
|
03a923c4 | 2025-05-24 09:45:13 | Add/repair some GPT -R paranoia. Ensure partitions don't overlap. Don't overwrite previously recovered protected partitions. Tests, fixes and ok lucas@ | |
 |
27d5f987 | 2025-05-23 05:48:13 | put -R in the right place in the options list: apologies, ken, for not spotting this in the diff review; i also added a colon to "For example", and added a missing space in ".Ar file." | |
|
a3f9d031 | 2025-05-23 00:20:02 | Add -R to recover/create GPT or MBR from a file or partial GPT. Feedback from lucas@ kettenis@ jmc@ Tests, fixes and ok lucas@ | |
|
3d8cde81 | 2025-05-22 11:33:04 | Update/improve FAT partition names. FAT has survived the rise and fall of DOS and Win95. No need to continue to defer to them. Originally from sobrado@ | |
|
85baac77 | 2025-05-22 06:34:03 | The current way to adjust pf(4) limits in pf.conf(5) is inconvenient. For example when ruleset uses more than 512 anchors (the current default limit) one would typically add 'set limit anchor 1024' to adjust the limit so the 'pf.conf(5)' gets processed. Unfortunately it does not work because limit gets changed with DIOCXCOMMIT which is too late. The pf.conf(5) fails to load the anchors to transaction, because the old lower limit is still in place. To fix it we must set the limit as soon as we parse 'set limit ...' option. The issue has been reported and fix tested by rafal _dot_ ramocki _von_ eo.pl OK @bluhm | |
|
b93b3696 | 2025-05-21 03:15:40 | Replace chroot(2) and custom rdaemon() with daemon(3) and unveil(2) Employ the "empty filesystem" idiom once in the background instead of preopening /dev/null, confining to /var/empty/ and using custom rdaemon(). Fix spaces in nfsd(8) (same unveil idiom) while here. Feedback OK brynet | |
|
76ca6222 | 2025-05-19 01:53:15 | Remove extra space character in option list. | |
|
0434c678 | 2025-05-16 05:47:30 | fix synopsis, pcap-filter(5) expressions can be spread across argv quoting is not strictly needed per se, i.e. those are equivalent: # tcpdump -i iwx0 port 22 and port 80 # tcpdump -i iwx0 'port 22 and port 80' | |
|
e1ab51e8 | 2025-05-13 15:11:54 | rewrite automatic interface groups list for brevity and discoverability Replace their mere inlined mentions with a visually clear list of tagged names and less repetetive, more informative text. Now 'man -k any=egress' lists ifconfig(8) and ":tpppx" in the manual pager jumps to the definition of that group. Input OK jmc schwarze | |
 |
b861b987 | 2025-05-13 13:41:08 | ifconfig.8: document that egress exists only on default rdomain OK: kn@ | |
 |
6096bd70 | 2025-05-09 19:17:31 | Accept wrong client identifiers echoed back to us. Apparently there are broken CPEs out there that do not return the client identifier to us. Android and iPhone do not care, which pretty much means we cannot care either. RFC 6842 has this: If the 'client identifier' option is present in a message received from a client, the server MUST return the 'client identifier' option, unaltered, in its response message. Reported by mpi some time ago. OK mpi | |
 |
51b51be2 | 2025-05-05 13:25:22 | Clear the resp buffer before calling getfh(). If getfh fails the response would leak stack memory to the less privileged process. Reported by S. Ai, H. Lefeuvre, Systopia team OK deraadt@ | |
 |
020c3892 | 2025-05-02 13:36:55 | The previous fix was flawed. We should only copy the minimum size of either EXT2_DINODE_SIZE or sizeof(dino). OK miod@ | |
 |
63effc54 | 2025-04-30 03:54:09 | mop up P-192/Group 25 remnants based on an initial diff by markus | |
|
4ad49911 | 2025-04-30 03:53:21 | mop up P-192/Group 25 remnants based on an initial diff by markus | |
|
b6c91c45 | 2025-04-30 03:51:42 | mop up P-192/Group 25 remnants based on an initial diff by markus | |
|
eacfe1d9 | 2025-04-29 17:44:00 | remove references to fs.posix.setuid; ok tedu | |
 |
b1cd6c14 | 2025-04-29 13:40:26 | Fix leak of peerid.id_buf ok markus@ | |
 |
3f9d9c64 | 2025-04-29 02:24:32 | remove the rest of the CTL_FS posix setuid sysctl | |
|
0d250559 | 2025-04-27 16:22:33 | Interface names must be proper strings. OK claudio, deraadt | |
|
3fdef24d | 2025-04-27 16:21:53 | Make sure the config from the parent contains proper strings. OK claudio, deraadt | |
|
30b47591 | 2025-04-27 16:21:26 | Make sure the qname is a string. Otherwise the frontend is no longer trustworthy and we should exit. OK claudio, deraadt | |
|
dda4025a | 2025-04-26 18:05:55 | Prevent yacc warning by removing unused rule. | |
|
1c776d1a | 2025-04-26 18:00:22 | Prevent renew storm in case t1 and t2 are 0. Follow guidance from RFC 8415 on how to initialize t1 and t2 in this case. Problem reported and fix tested by Nick Owens. OK phessler | |
|
0d4f890c | 2025-04-26 17:58:02 | Make sure the engine send us a proper strings inside the imsg. Otherwise the engine is no longer trustworthy and we should stop running. These strings end up in the leasefile, they might leak information about the running process to users in group wheel in case of a buffer overread. While here, make sure the imsg buffer is initialized to 0 in the deconfigure case as is done for the configure case. Review prompted by recent work in bgpd(8) by claudio. "fine by me" claudio | |
|
965ad1bf | 2025-04-26 17:50:04 | Be explicit about rdns_count. This is equivalent to the check in the previous lines, but it is hard to reason about because it depends on struct sockaddr_rtdns sized just correctly. The previous check has to stay, because it makes sure we have enough space to send our nameservers to the kernel in case struct sockaddr_rtdns ever changes size. This tripped up claudio during a review. | |
|
73df8e5b | 2025-04-20 17:15:57 | dedup error string; OK tb deraadt | |
|
0790a7da | 2025-04-18 20:58:06 | properly indicate key disk for RAID 1C Show "key disk" instead of zero in the Size column of "bioctl softraid0". from Alexander Klimov | |
 |
5990a196 | 2025-04-09 07:10:48 | Fix a double-free in iked(8) and isakmpd(8) in ecdh mode. from markus@; OK tobhe@ tb@ | |
|
ca8ab885 | 2025-04-06 17:36:22 | typofix type for getline(3) size, drop unused length jlduran on GitHub pointed out that I flipped the types. OK millert | |
|
79fe025d | 2025-04-05 14:09:06 | Add [-f file] to apply sysctl.conf in one go Intended as simpler alternative to scripting around a list of assignments (or passing multiple on the command line), which is useful for the occasional local edit-and-apply as well as config management tools handling sysctl.conf(5) incl. comments. deraadt millert like it | |
|
28170327 | 2025-03-27 15:15:46 | tweak the text for "powersave" to note that newer devices generally don;t support this. drivers which do document this in their manual pages; text/ok stsp | |
 |
96d031a5 | 2025-03-22 07:24:49 | Make ifconfig scan display wpa3. ok stsp@ sthen@ jca@, also tested by kirill@ | |
|
1cfd70a4 | 2025-03-13 17:49:37 | Move remote address update after ikev2_pld_parse() to make sure the received packet is validated and authenticated before we update our connection state. Initially reported by IIJ Feedback and ok yasuoka@ markus@ | |
 |
187b751d | 2025-02-26 06:18:56 | fix two sloppy error paths; ok florian millert deraadt | |
|
c8d1658b | 2025-02-23 07:54:39 | construct_reply_info_base() grew one more argument | |
|
47f70d8e | 2025-02-23 07:53:40 | sync to unbound | |
|
42051861 | 2025-02-10 18:09:10 | Print error message about missing config file. dhc6leased(8) does not work without one, as oposed to dhcpleased(8) from where this code came. Noticed by claudio. | |
|
c0f05be6 | 2025-02-07 21:56:04 | Rework checksum validation for incoming UDP in dhcpleased(8). RFC 1071 recommends to verify the checksum by calculating it over the packet including the checksum and compare to 0. That is also what our kernel does. Convert the logic in dhcpleased(8) to that algorithm. tested and OK jan@ | |
|
30772397 | 2025-02-07 07:37:16 | sync with unbound ok sthen | |
|
dd54d7a2 | 2025-01-30 20:02:13 | drop unused -D_LIBKVM; no object change; OK deraadt | |
|
2402f85a | 2025-01-30 17:08:10 | When struct ext2fs_dinode was extended in r1.15 fsck_ext2fs wasn't adjusted and ckinode() would copy over more than the 128 bytes that a caller would assume. Use EXT2_DINODE_SIZE() to make sure we stick to the expected 128 bytes. OK miod@ | |
|
109821c1 | 2025-01-16 12:48:45 | unveil privileged child's write/create to mountdtab file, drop exec It needs arbitrary read access, but only ever changes one file and is not meant to execute anything; initial r1.84 privsep from 2005 has the details. OK ratchov millert | |
|
c2a2da96 | 2025-01-16 12:46:03 | unveil nothing nfsd can't pledge due to nfssvc(2), so use the empty-permission idiom to hide filesystems and prevent execve; after it set up sockets and spawned workers, all NFS work is done in the kernel. OK millert | |
|
5ea00adc | 2025-01-11 18:21:02 | zap dead poll code With TCP on/off connect_type_cnt is 1/0; it can't be >=2 since 2004 r1.24 "remove iso crud, and other misc cleanups", so remove the unreachable block and flip early-exit logic to decrease indentation. OK millert | |
 |
4da14ec4 | 2025-01-06 17:49:29 | add and document vxlan "[-]endpoint" command. input anf ok dlg@ | |
|
9a5c1bb0 | 2025-01-02 21:37:38 | default to UDP when using only -n Only 'nfsd' without any option or argument default to UDP. Move the r1.28's check from argc to options/flags to cover 'nfsd -n4' as well, which would fork four servers, but not create any UDP sockets. Feedback OK jca | |
 |
b8d79964 | 2024-12-26 18:25:51 | Print "request" instead of "config" if dumping config when "request XX" is used. From William Rusnack, ok tobhe@ | |
|
d51e05ad | 2024-12-26 18:24:54 | Skip checking for root if we are only doing a config test. Tweaked from a diff from William Rusnack, ok tobhe@ kn@ | |
|
b7c9a52e | 2024-12-24 21:34:23 | struct gpt_partition's gp_name field is an array of u_int16_t so use nitems() not sizeof() to get the number of elements. ok kettenis@ lucas@ | |
|
efb7adaa | 2024-12-24 17:40:06 | Set pltime to 0 when upstream interface goes down. In case of a flash-renumbering event we configure new prefixes with a pltime > 0. Clients should form new addresses and prefer those. Reported & fix tested by Tamas (cstamas at cstamas.hu). OK phessler | |
|
76b1f2eb | 2024-12-21 13:15:36 | change '386BSD 0.1.2.4/FreeBSD' to .Fx the 0.2.4 patchkit for 386BSD 0.1 did not have this command | |
|
7ed182d8 | 2024-12-21 05:01:25 | correct history; a reboot command did not appear until 4BSD | |
|
dfd61507 | 2024-12-18 10:36:05 | use opendev() for fsck_ext2fs, based on code adding this to fsck_ffs tweak (add strncmp()...blockcheck section) from martijn@ ok martijn@ | |
|
a95f0396 | 2024-11-24 11:33:34 | unwind: support wildcard in blacklist Any domain in the blacklist that starts with '.', which is not a legal name due to an empty label, is treated as any subdomain on that zone. This means that .example.com blocks all requests to any subdomain of example.com, but allows example.com. No objections: florian@ OK: kn@ | |
|
e08605c7 | 2024-11-21 18:16:01 | omit preceding flag from command/modifier lists to get tags; OK jmc reads odd to repeat, e.g. -F, when listing all its modifiers. as a consequence, automatic tagging wouldn't work, e.g. no "zero" tag would exist to jump to that -F modifier's definition. also add manual tags for -R and -T as get explained together with -s and -t, respectively, where only the first flag gets tagged. | |
|
0e59d0d1 | 2024-11-21 13:35:20 | Convert sbin and usr.bin to check for imsgbuf_init failure and add imsgbuf_allow_fdpass where needed. OK tb@ | |
|
fa353a8f | 2024-11-21 13:26:49 | s/ibuf_add_buf/ibuf_add_ibuf/ OK tb@ | |
|
aab0b474 | 2024-11-21 13:24:07 | Implement the recv_imsg/read_message function in the correct way. One needs to first check imsg_get() if there is a imsg already in the queue. Then if that returns 0 call imsgbuf_read(). Do this in a loop until imsg_get() returns an imsg. OK tb@ and nicm@ for file | |
|
668e5ba9 | 2024-11-21 13:21:33 | Convert the common imsgbuf_read calls to the post EAGAIN world. OK tb@ | |
|
31be28ca | 2024-11-21 13:18:37 | Use imsgbuf_queuelen() instead of accessing the w.queue member. OK tb@ | |
|
9cbf9e90 | 2024-11-21 13:17:56 | Use imsgbuf_clear() where appropriate instead of msgbuf_clear(). OK tb@ | |
|
dd7efffe | 2024-11-21 13:17:01 | Rename imsg_init, imsg_clear, imsg_read, imsg_write and imsg_flush to imsgbuf_init, imsgbuf_clear, imsgbuf_read, imsgbuf_write and imsgbuf_flush. This separates the imsgbuf API from the per-imsg API. OK tb@ | |
|
e3b6409c | 2024-11-21 13:14:44 | Convert imsg_write() callers to the new simplified return logic. OK tb@ | |
|
ce33693d | 2024-11-21 13:10:18 | Introduce imsg_write() and use it instead of msgbuf_write(). imsg_write() is just a thin wrapper around msgbuf_write(). So this is mostly search and replace. OK tb@ | |
|
f978fa48 | 2024-11-21 13:06:19 | imsg_flush no longer returns EAGAIN. Simplify proc_flush_imsg() accordingly. Issue spotted by op@ | |
 |
e449cd41 | 2024-11-21 10:07:30 | The block size of HMAC-SHA2-{384,512} must be 128 bytes. ok tb | |
|
e496dff3 | 2024-11-20 13:57:29 | pfctl: clear statistic for specified addresses OK: bluhm@ | |
 |
42a2f8b7 | 2024-11-12 04:14:51 | bump the type used to specify traffic queue bandwidth to 64bit. this should let people specify interface and queue bandwidths greater than ~4Gbit. this changes the pf ioctls used to specify queues, so if you want to try this you'll need a new kernel, new headers, and a new pfctl (and systat). or upgrade using a snapshot. the effort and benefit of providing compat isn't worth it. putting it in now so people can kick it around. | |
|
726515c9 | 2024-11-11 15:19:31 | Prevent completely empty interface blocks. This is meaningless in dhcpleased(8) and *not* needed to receive leases for an interface. In fact dhcpleased(8) works just fine without any configuration file at all. man page diff & OK kn | |
|
9720bce5 | 2024-11-09 12:44:12 | sync curly braces markup, fix indent Replace literal braces with .Brq, use a list and indent the interface options under that interface entry to reflect hierarchy (rad.conf(5) does that, too). Feedback from/fine with jmc | |
 |
22ac2f2a | 2024-11-09 10:57:06 | usage should fit in a 80-column display. ok jmc@ | |
 |
2119819d | 2024-11-04 21:59:15 | Ignore extra groups that don't fit in the buffer passed to getgrouplist(3) Our kernel supports 16 groups (NGROUPS_MAX), but nothing prevents an admin from adding a user to more groups. With that tweak we'll keep on ignoring them instead of potentially reading past the buffer passed to getgrouplist(3). That behavior is explicitely described in initgroups(3). ok millert@ gilles@ | |
|
9a836554 | 2024-11-04 02:44:28 | add a "natt" option that forces negotiation of nat-t (and udpencap). this is like the -t command line option on iked itself, but you get to keep the ike listener on port 500 and you can enable this on specific policies instead of all of them. this is useful if you're dealing with an org that can't firewall ESP traffic well and so you need to force the traffic to be udp encapsulated even if there's no NAT involved. ok markus@ tobhe@ | |
|
3612e128 | 2024-11-01 08:27:49 | Simplify name/prefix markup, readability tweak and cleanup Leave the notion of repition to ... and markup optional prefixes as such; 'name/prefix [name/prefix ...]' becomes 'name[/prefix] ...'. Also sync with unwind.conf.5 to fix curly braces and indentation. OK florian Input OK jmc | |
|
be0e8945 | 2024-10-30 17:01:28 | Document /var/db/dhcp6leased/uuid. Input & OK kn, jmc, sthen | |
|
a52c5fd0 | 2024-10-23 03:14:32 | remove duplicate defines | |
|
df2ad427 | 2024-10-08 00:21:08 | apply the CVE-2024-8508 fix from unbound (put a limit on resources used for handling DNS compression). OK florian | |
 |
c08965e9 | 2024-10-05 13:27:16 | Make scaling available for normal mice, too; not just for touchpads. Add reverse_scrolling to the manpage. ok bru@ | |
|
411db55c | 2024-09-29 18:00:38 | add some commas, to aid readability; from thorsten blum | |
 |
21cd3483 | 2024-09-25 19:56:33 | Correct an indexing error that may leave stale data in the mousecfg buffer. ok mpi@ | |
|
479c151d | 2024-09-20 02:00:46 | remove unneeded semicolons; checked by millert@ | |
|
1a834994 | 2024-09-16 07:34:49 | Close correct file descriptor. Instead of closing the just received UDP socket we closed the imsg fd thus cleanly shutting down dhcpleased(8). Problem triggered by sf@ with something like while :; do ifconfig vio0 -inet; done while :; do ifconfig vio0 inet autoconf; done The problem triggers when dhcpleased configured a lease and in just the right moment the autoconf flag gets removed. The main process opens a udp socket and sends it to the frontend. At the same time the frontend learned (from the route socket), that the interface lost its autoconf flag. When the frontend then receives the udp socket via fd passing it tries to close it. Due to a typo it would instead close the imsg file descriptor. Found by me after lots of head scratching. OK tb | |
|
9ca241fc | 2024-09-15 11:08:50 | Add handling of "Class" attribute. diff from markus ok markus | |
|
f6e4162f | 2024-09-15 07:14:58 | remove unused variables | |
|
4c856965 | 2024-09-11 00:41:51 | Fix a typo | |
|
6bf66549 | 2024-09-10 05:33:32 | missing "Ar" in previous; | |
|
ed822a90 | 2024-09-09 23:38:29 | When accounting start the type attribute was added twice. from markus | |
|
2402a19b | 2024-09-09 05:36:17 | Add triple-dots to synopsis as multiple name[=value] arguments may be given OK jmc sobrado | |
 |
19b65b99 | 2024-09-06 06:31:11 | Repair build with gcc. |