From owner-p4-projects@FreeBSD.ORG Wed Jul 4 05:57:01 2007 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 30CF316A469; Wed, 4 Jul 2007 05:57:01 +0000 (UTC) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id DE3FD16A400 for ; Wed, 4 Jul 2007 05:57:00 +0000 (UTC) (envelope-from kmacy@freebsd.org) Received: from repoman.freebsd.org (repoman.freebsd.org [69.147.83.41]) by mx1.freebsd.org (Postfix) with ESMTP id CD3E513C458 for ; Wed, 4 Jul 2007 05:57:00 +0000 (UTC) (envelope-from kmacy@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.8/8.13.8) with ESMTP id l645v0hm094183 for ; Wed, 4 Jul 2007 05:57:00 GMT (envelope-from kmacy@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.8/8.13.8/Submit) id l645utf6094177 for perforce@freebsd.org; Wed, 4 Jul 2007 05:56:55 GMT (envelope-from kmacy@freebsd.org) Date: Wed, 4 Jul 2007 05:56:55 GMT Message-Id: <200707040556.l645utf6094177@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to kmacy@freebsd.org using -f From: Kip Macy To: Perforce Change Reviews Cc: Subject: PERFORCE change 122837 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Jul 2007 05:57:01 -0000 http://perforce.freebsd.org/chv.cgi?CH=122837 Change 122837 by kmacy@kmacy_vt-x:opentoe_init on 2007/07/04 05:56:20 IFC Affected files ... .. //depot/projects/opentoe/ObsoleteFiles.inc#10 integrate .. //depot/projects/opentoe/UPDATING#10 integrate .. //depot/projects/opentoe/bin/df/df.c#4 integrate .. //depot/projects/opentoe/bin/ed/Makefile#2 integrate .. //depot/projects/opentoe/bin/sh/var.c#3 integrate .. //depot/projects/opentoe/contrib/netcat/netcat.c#3 integrate .. //depot/projects/opentoe/contrib/pf/authpf/authpf.8#2 integrate .. //depot/projects/opentoe/contrib/pf/authpf/authpf.c#2 integrate .. //depot/projects/opentoe/contrib/pf/ftp-proxy/filter.c#1 branch .. //depot/projects/opentoe/contrib/pf/ftp-proxy/filter.h#1 branch .. //depot/projects/opentoe/contrib/pf/ftp-proxy/ftp-proxy.8#2 integrate .. //depot/projects/opentoe/contrib/pf/ftp-proxy/ftp-proxy.c#2 integrate .. //depot/projects/opentoe/contrib/pf/ftp-proxy/getline.c#2 delete .. //depot/projects/opentoe/contrib/pf/ftp-proxy/util.c#2 delete .. //depot/projects/opentoe/contrib/pf/ftp-proxy/util.h#2 delete .. //depot/projects/opentoe/contrib/pf/libevent/buffer.c#1 branch .. //depot/projects/opentoe/contrib/pf/libevent/evbuffer.c#1 branch .. //depot/projects/opentoe/contrib/pf/libevent/event-internal.h#1 branch .. //depot/projects/opentoe/contrib/pf/libevent/event.c#1 branch .. //depot/projects/opentoe/contrib/pf/libevent/event.h#1 branch .. //depot/projects/opentoe/contrib/pf/libevent/evsignal.h#1 branch .. //depot/projects/opentoe/contrib/pf/libevent/kqueue.c#1 branch .. //depot/projects/opentoe/contrib/pf/libevent/log.c#1 branch .. //depot/projects/opentoe/contrib/pf/libevent/log.h#1 branch .. //depot/projects/opentoe/contrib/pf/libevent/poll.c#1 branch .. //depot/projects/opentoe/contrib/pf/libevent/select.c#1 branch .. //depot/projects/opentoe/contrib/pf/libevent/signal.c#1 branch .. //depot/projects/opentoe/contrib/pf/man/pf.4#2 integrate .. //depot/projects/opentoe/contrib/pf/man/pf.conf.5#4 integrate .. //depot/projects/opentoe/contrib/pf/man/pf.os.5#2 integrate .. //depot/projects/opentoe/contrib/pf/man/pflog.4#2 integrate .. //depot/projects/opentoe/contrib/pf/man/pfsync.4#2 integrate .. //depot/projects/opentoe/contrib/pf/pfctl/parse.y#2 integrate .. //depot/projects/opentoe/contrib/pf/pfctl/pf_print_state.c#2 integrate .. //depot/projects/opentoe/contrib/pf/pfctl/pfctl.8#2 integrate .. //depot/projects/opentoe/contrib/pf/pfctl/pfctl.c#2 integrate .. //depot/projects/opentoe/contrib/pf/pfctl/pfctl.h#2 integrate .. //depot/projects/opentoe/contrib/pf/pfctl/pfctl_altq.c#2 integrate .. //depot/projects/opentoe/contrib/pf/pfctl/pfctl_optimize.c#2 integrate .. //depot/projects/opentoe/contrib/pf/pfctl/pfctl_osfp.c#2 integrate .. //depot/projects/opentoe/contrib/pf/pfctl/pfctl_parser.c#2 integrate .. //depot/projects/opentoe/contrib/pf/pfctl/pfctl_parser.h#2 integrate .. //depot/projects/opentoe/contrib/pf/pfctl/pfctl_radix.c#2 integrate .. //depot/projects/opentoe/contrib/pf/pfctl/pfctl_table.c#2 integrate .. //depot/projects/opentoe/contrib/pf/pflogd/pflogd.8#2 integrate .. //depot/projects/opentoe/contrib/pf/pflogd/pflogd.c#2 integrate .. //depot/projects/opentoe/contrib/pf/pflogd/pflogd.h#2 integrate .. //depot/projects/opentoe/contrib/pf/pflogd/privsep.c#2 integrate .. //depot/projects/opentoe/contrib/pf/tftp-proxy/filter.c#1 branch .. //depot/projects/opentoe/contrib/pf/tftp-proxy/filter.h#1 branch .. //depot/projects/opentoe/contrib/pf/tftp-proxy/tftp-proxy.8#1 branch .. //depot/projects/opentoe/contrib/pf/tftp-proxy/tftp-proxy.c#1 branch .. //depot/projects/opentoe/contrib/telnet/telnet/externs.h#2 integrate .. //depot/projects/opentoe/contrib/traceroute/traceroute.c#3 integrate .. //depot/projects/opentoe/etc/mtree/BSD.include.dist#6 integrate .. //depot/projects/opentoe/include/Makefile#4 integrate .. //depot/projects/opentoe/include/stdlib.h#3 integrate .. //depot/projects/opentoe/lib/libc/net/sctp_sys_calls.c#6 integrate .. //depot/projects/opentoe/lib/libc/net/sourcefilter.c#2 integrate .. //depot/projects/opentoe/lib/libc/stdlib/Makefile.inc#2 integrate .. //depot/projects/opentoe/lib/libc/stdlib/getenv.3#3 integrate .. //depot/projects/opentoe/lib/libc/stdlib/getenv.c#3 integrate .. //depot/projects/opentoe/lib/libc/stdlib/putenv.c#3 delete .. //depot/projects/opentoe/lib/libc/stdlib/setenv.c#3 delete .. //depot/projects/opentoe/lib/libgssapi/gss_accept_sec_context.c#3 integrate .. //depot/projects/opentoe/lib/libgssapi/gss_display_status.c#2 integrate .. //depot/projects/opentoe/lib/libgssapi/gss_export_name.c#2 integrate .. //depot/projects/opentoe/lib/libgssapi/gss_indicate_mechs.c#2 integrate .. //depot/projects/opentoe/lib/libgssapi/gss_init_sec_context.c#4 integrate .. //depot/projects/opentoe/lib/libipsec/Makefile#3 integrate .. //depot/projects/opentoe/lib/libipsec/ipsec_dump_policy.c#2 integrate .. //depot/projects/opentoe/lib/libipsec/ipsec_get_policylen.c#2 integrate .. //depot/projects/opentoe/lib/libipsec/ipsec_set_policy.3#2 integrate .. //depot/projects/opentoe/lib/libipsec/ipsec_strerror.3#2 integrate .. //depot/projects/opentoe/lib/libipsec/ipsec_strerror.c#2 integrate .. //depot/projects/opentoe/lib/libipsec/pfkey.c#2 integrate .. //depot/projects/opentoe/lib/libipsec/pfkey_dump.c#3 integrate .. //depot/projects/opentoe/lib/libipsec/policy_parse.y#2 integrate .. //depot/projects/opentoe/lib/libipsec/policy_token.l#2 integrate .. //depot/projects/opentoe/lib/libipsec/test-policy.c#2 integrate .. //depot/projects/opentoe/libexec/Makefile#2 integrate .. //depot/projects/opentoe/libexec/ftp-proxy/Makefile#2 delete .. //depot/projects/opentoe/libexec/pppoed/pppoed.c#3 integrate .. //depot/projects/opentoe/libexec/tftp-proxy/Makefile#1 branch .. //depot/projects/opentoe/release/doc/en_US.ISO8859-1/hardware/article.sgml#3 integrate .. //depot/projects/opentoe/release/doc/en_US.ISO8859-1/relnotes/article.sgml#11 integrate .. //depot/projects/opentoe/release/doc/share/misc/dev.archlist.txt#3 integrate .. //depot/projects/opentoe/release/i386/fixit_crunch.conf#3 integrate .. //depot/projects/opentoe/release/scripts/src-install.sh#2 integrate .. //depot/projects/opentoe/sbin/dhclient/dhclient-script#3 integrate .. //depot/projects/opentoe/sbin/pfctl/Makefile#2 integrate .. //depot/projects/opentoe/sbin/ping/ping.c#3 integrate .. //depot/projects/opentoe/sbin/ping6/Makefile#2 integrate .. //depot/projects/opentoe/sbin/ping6/ping6.c#3 integrate .. //depot/projects/opentoe/sbin/setkey/Makefile#2 integrate .. //depot/projects/opentoe/sbin/setkey/parse.y#2 integrate .. //depot/projects/opentoe/sbin/setkey/setkey.c#2 integrate .. //depot/projects/opentoe/sbin/setkey/test-pfkey.c#2 integrate .. //depot/projects/opentoe/sbin/setkey/test-policy.c#2 integrate .. //depot/projects/opentoe/sbin/setkey/token.l#3 integrate .. //depot/projects/opentoe/share/man/man4/Makefile#8 integrate .. //depot/projects/opentoe/share/man/man4/ath.4#2 integrate .. //depot/projects/opentoe/share/man/man4/ieee80211.4#2 integrate .. //depot/projects/opentoe/share/man/man4/msk.4#2 integrate .. //depot/projects/opentoe/share/man/man4/nxge.4#1 branch .. //depot/projects/opentoe/share/man/man4/ucom.4#2 integrate .. //depot/projects/opentoe/share/man/man4/uhid.4#2 integrate .. //depot/projects/opentoe/share/man/man4/wi.4#2 integrate .. //depot/projects/opentoe/share/man/man7/hier.7#7 integrate .. //depot/projects/opentoe/share/man/man9/ieee80211_ioctl.9#2 integrate .. //depot/projects/opentoe/share/misc/committers-ports.dot#8 integrate .. //depot/projects/opentoe/share/mk/sys.mk#3 integrate .. //depot/projects/opentoe/sys/Makefile#4 integrate .. //depot/projects/opentoe/sys/amd64/amd64/pmap.c#8 integrate .. //depot/projects/opentoe/sys/amd64/conf/GENERIC#8 integrate .. //depot/projects/opentoe/sys/amd64/conf/NOTES#4 integrate .. //depot/projects/opentoe/sys/cam/cam_xpt.c#6 integrate .. //depot/projects/opentoe/sys/cam/scsi/scsi_da.c#8 integrate .. //depot/projects/opentoe/sys/conf/NOTES#8 integrate .. //depot/projects/opentoe/sys/conf/files#11 integrate .. //depot/projects/opentoe/sys/conf/files.amd64#5 integrate .. //depot/projects/opentoe/sys/conf/files.arm#2 integrate .. //depot/projects/opentoe/sys/conf/files.i386#5 integrate .. //depot/projects/opentoe/sys/conf/files.ia64#3 integrate .. //depot/projects/opentoe/sys/conf/files.pc98#5 integrate .. //depot/projects/opentoe/sys/conf/files.powerpc#3 integrate .. //depot/projects/opentoe/sys/conf/files.sparc64#3 integrate .. //depot/projects/opentoe/sys/conf/files.sun4v#3 integrate .. //depot/projects/opentoe/sys/conf/options#10 integrate .. //depot/projects/opentoe/sys/conf/options.amd64#2 integrate .. //depot/projects/opentoe/sys/conf/options.i386#2 integrate .. //depot/projects/opentoe/sys/conf/options.pc98#2 integrate .. //depot/projects/opentoe/sys/contrib/altq/altq/altq_cbq.c#2 integrate .. //depot/projects/opentoe/sys/contrib/altq/altq/altq_hfsc.c#2 integrate .. //depot/projects/opentoe/sys/contrib/altq/altq/altq_priq.c#2 integrate .. //depot/projects/opentoe/sys/contrib/altq/altq/altq_red.c#2 integrate .. //depot/projects/opentoe/sys/contrib/pf/net/if_pflog.c#2 integrate .. //depot/projects/opentoe/sys/contrib/pf/net/if_pflog.h#2 integrate .. //depot/projects/opentoe/sys/contrib/pf/net/if_pfsync.c#4 integrate .. //depot/projects/opentoe/sys/contrib/pf/net/if_pfsync.h#3 integrate .. //depot/projects/opentoe/sys/contrib/pf/net/pf.c#3 integrate .. //depot/projects/opentoe/sys/contrib/pf/net/pf_if.c#2 integrate .. //depot/projects/opentoe/sys/contrib/pf/net/pf_ioctl.c#2 integrate .. //depot/projects/opentoe/sys/contrib/pf/net/pf_mtag.h#1 branch .. //depot/projects/opentoe/sys/contrib/pf/net/pf_norm.c#2 integrate .. //depot/projects/opentoe/sys/contrib/pf/net/pf_osfp.c#2 integrate .. //depot/projects/opentoe/sys/contrib/pf/net/pf_ruleset.c#1 branch .. //depot/projects/opentoe/sys/contrib/pf/net/pf_subr.c#2 integrate .. //depot/projects/opentoe/sys/contrib/pf/net/pf_table.c#2 integrate .. //depot/projects/opentoe/sys/contrib/pf/net/pfvar.h#2 integrate .. //depot/projects/opentoe/sys/crypto/via/padlock.c#3 integrate .. //depot/projects/opentoe/sys/dev/acpica/acpi.c#9 integrate .. //depot/projects/opentoe/sys/dev/ipw/if_ipw.c#4 integrate .. //depot/projects/opentoe/sys/dev/isp/isp.c#5 integrate .. //depot/projects/opentoe/sys/dev/isp/isp_freebsd.h#4 integrate .. //depot/projects/opentoe/sys/dev/isp/isp_library.c#4 integrate .. //depot/projects/opentoe/sys/dev/isp/ispvar.h#3 integrate .. //depot/projects/opentoe/sys/dev/nxge/if_nxge.c#1 branch .. //depot/projects/opentoe/sys/dev/nxge/if_nxge.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/include/build-version.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/include/version.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/include/xge-debug.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/include/xge-defs.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/include/xge-list.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/include/xge-os-pal.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/include/xge-os-template.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/include/xge-queue.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-channel.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-config.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-device.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-driver.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-event.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-fifo.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-mgmt.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-mgmtaux.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-mm.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-regs.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-ring.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-stats.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/include/xgehal-types.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/include/xgehal.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/xge-osdep.h#1 branch .. //depot/projects/opentoe/sys/dev/nxge/xgehal/xge-queue.c#1 branch .. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-channel-fp.c#1 branch .. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-channel.c#1 branch .. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-config.c#1 branch .. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-device-fp.c#1 branch .. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-device.c#1 branch .. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-driver.c#1 branch .. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-fifo-fp.c#1 branch .. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-fifo.c#1 branch .. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-mgmt.c#1 branch .. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-mgmtaux.c#1 branch .. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-mm.c#1 branch .. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-ring-fp.c#1 branch .. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-ring.c#1 branch .. //depot/projects/opentoe/sys/dev/nxge/xgehal/xgehal-stats.c#1 branch .. //depot/projects/opentoe/sys/dev/nxge/xgell-version.h#1 branch .. //depot/projects/opentoe/sys/dev/ral/rt2560.c#4 integrate .. //depot/projects/opentoe/sys/dev/ral/rt2661.c#3 integrate .. //depot/projects/opentoe/sys/dev/snp/snp.c#3 integrate .. //depot/projects/opentoe/sys/dev/sound/pci/hda/hdac.c#8 integrate .. //depot/projects/opentoe/sys/dev/sound/pci/hda/hdac_private.h#4 integrate .. //depot/projects/opentoe/sys/dev/sound/pcm/ac97_patch.c#4 integrate .. //depot/projects/opentoe/sys/dev/usb/if_axe.c#5 integrate .. //depot/projects/opentoe/sys/dev/usb/if_axereg.h#4 integrate .. //depot/projects/opentoe/sys/dev/usb/if_cdce.c#4 integrate .. //depot/projects/opentoe/sys/dev/usb/if_ural.c#10 integrate .. //depot/projects/opentoe/sys/dev/usb/uark.c#3 integrate .. //depot/projects/opentoe/sys/dev/usb/ugen.c#3 integrate .. //depot/projects/opentoe/sys/dev/usb/uhub.c#4 integrate .. //depot/projects/opentoe/sys/dev/usb/umass.c#5 integrate .. //depot/projects/opentoe/sys/dev/usb/umodem.c#5 integrate .. //depot/projects/opentoe/sys/dev/usb/ums.c#5 integrate .. //depot/projects/opentoe/sys/dev/usb/usb.h#3 integrate .. //depot/projects/opentoe/sys/dev/usb/usb_port.h#4 integrate .. //depot/projects/opentoe/sys/dev/usb/usb_quirks.c#5 integrate .. //depot/projects/opentoe/sys/dev/usb/usb_quirks.h#3 integrate .. //depot/projects/opentoe/sys/dev/usb/usb_subr.c#4 integrate .. //depot/projects/opentoe/sys/dev/usb/usbdevs#9 integrate .. //depot/projects/opentoe/sys/dev/usb/usbdi.c#3 integrate .. //depot/projects/opentoe/sys/dev/usb/usbdi.h#3 integrate .. //depot/projects/opentoe/sys/dev/wi/if_wi.c#4 integrate .. //depot/projects/opentoe/sys/fs/devfs/devfs_int.h#2 integrate .. //depot/projects/opentoe/sys/fs/devfs/devfs_vnops.c#8 integrate .. //depot/projects/opentoe/sys/fs/tmpfs/tmpfs.h#3 integrate .. //depot/projects/opentoe/sys/fs/tmpfs/tmpfs_fifoops.c#2 integrate .. //depot/projects/opentoe/sys/fs/tmpfs/tmpfs_fifoops.h#3 integrate .. //depot/projects/opentoe/sys/fs/tmpfs/tmpfs_subr.c#3 integrate .. //depot/projects/opentoe/sys/fs/tmpfs/tmpfs_uma.c#3 delete .. //depot/projects/opentoe/sys/fs/tmpfs/tmpfs_uma.h#3 delete .. //depot/projects/opentoe/sys/fs/tmpfs/tmpfs_vfsops.c#3 integrate .. //depot/projects/opentoe/sys/fs/tmpfs/tmpfs_vnops.c#3 integrate .. //depot/projects/opentoe/sys/fs/tmpfs/tmpfs_vnops.h#2 integrate .. //depot/projects/opentoe/sys/i386/conf/GENERIC#7 integrate .. //depot/projects/opentoe/sys/i386/conf/NOTES#4 integrate .. //depot/projects/opentoe/sys/i386/i386/pmap.c#8 integrate .. //depot/projects/opentoe/sys/i4b/driver/i4b_ing.c#2 integrate .. //depot/projects/opentoe/sys/i4b/driver/i4b_ipr.c#2 integrate .. //depot/projects/opentoe/sys/i4b/driver/i4b_isppp.c#2 integrate .. //depot/projects/opentoe/sys/kern/kern_conf.c#4 integrate .. //depot/projects/opentoe/sys/kern/kern_descrip.c#7 integrate .. //depot/projects/opentoe/sys/kern/kern_lockf.c#3 integrate .. //depot/projects/opentoe/sys/kern/kern_priv.c#3 integrate .. //depot/projects/opentoe/sys/kern/subr_smp.c#3 integrate .. //depot/projects/opentoe/sys/kern/sysv_sem.c#3 integrate .. //depot/projects/opentoe/sys/kern/tty.c#3 integrate .. //depot/projects/opentoe/sys/kern/tty_pts.c#2 integrate .. //depot/projects/opentoe/sys/kern/tty_pty.c#2 integrate .. //depot/projects/opentoe/sys/kern/tty_tty.c#2 integrate .. //depot/projects/opentoe/sys/kern/uipc_syscalls.c#7 integrate .. //depot/projects/opentoe/sys/modules/Makefile#6 integrate .. //depot/projects/opentoe/sys/modules/ath_rate_amrr/Makefile#2 integrate .. //depot/projects/opentoe/sys/modules/ath_rate_onoe/Makefile#2 integrate .. //depot/projects/opentoe/sys/modules/ipfw/Makefile#2 integrate .. //depot/projects/opentoe/sys/modules/nxge/Makefile#1 branch .. //depot/projects/opentoe/sys/modules/pf/Makefile#2 integrate .. //depot/projects/opentoe/sys/modules/tmpfs/Makefile#2 integrate .. //depot/projects/opentoe/sys/net/if_ethersubr.c#7 integrate .. //depot/projects/opentoe/sys/net/if_ppp.c#2 integrate .. //depot/projects/opentoe/sys/net/pfkeyv2.h#3 integrate .. //depot/projects/opentoe/sys/net80211/_ieee80211.h#3 integrate .. //depot/projects/opentoe/sys/net80211/ieee80211_input.c#3 integrate .. //depot/projects/opentoe/sys/net80211/ieee80211_radiotap.h#3 integrate .. //depot/projects/opentoe/sys/net80211/ieee80211_scan.c#2 integrate .. //depot/projects/opentoe/sys/net80211/ieee80211_scan.h#2 integrate .. //depot/projects/opentoe/sys/net80211/ieee80211_scan_sta.c#2 integrate .. //depot/projects/opentoe/sys/netatalk/aarp.h#2 integrate .. //depot/projects/opentoe/sys/netatalk/ddp.h#2 integrate .. //depot/projects/opentoe/sys/netinet/in_pcb.c#5 integrate .. //depot/projects/opentoe/sys/netinet/in_pcb.h#5 integrate .. //depot/projects/opentoe/sys/netinet/in_proto.c#3 integrate .. //depot/projects/opentoe/sys/netinet/ip_fw2.c#6 integrate .. //depot/projects/opentoe/sys/netinet/ip_icmp.c#3 integrate .. //depot/projects/opentoe/sys/netinet/ip_input.c#6 integrate .. //depot/projects/opentoe/sys/netinet/ip_ipsec.c#3 integrate .. //depot/projects/opentoe/sys/netinet/ip_output.c#5 integrate .. //depot/projects/opentoe/sys/netinet/raw_ip.c#5 integrate .. //depot/projects/opentoe/sys/netinet/sctp_indata.c#13 integrate .. //depot/projects/opentoe/sys/netinet/sctp_input.c#13 integrate .. //depot/projects/opentoe/sys/netinet/sctp_input.h#4 integrate .. //depot/projects/opentoe/sys/netinet/sctp_os_bsd.h#9 integrate .. //depot/projects/opentoe/sys/netinet/sctp_output.c#12 integrate .. //depot/projects/opentoe/sys/netinet/sctp_pcb.c#12 integrate .. //depot/projects/opentoe/sys/netinet/sctp_usrreq.c#12 integrate .. //depot/projects/opentoe/sys/netinet/sctp_var.h#6 integrate .. //depot/projects/opentoe/sys/netinet/sctputil.c#14 integrate .. //depot/projects/opentoe/sys/netinet/tcp_input.c#10 integrate .. //depot/projects/opentoe/sys/netinet/tcp_output.c#8 integrate .. //depot/projects/opentoe/sys/netinet/tcp_subr.c#8 integrate .. //depot/projects/opentoe/sys/netinet/tcp_syncache.c#7 integrate .. //depot/projects/opentoe/sys/netinet/udp_usrreq.c#4 integrate .. //depot/projects/opentoe/sys/netinet6/ah.h#2 delete .. //depot/projects/opentoe/sys/netinet6/ah6.h#2 delete .. //depot/projects/opentoe/sys/netinet6/ah_aesxcbcmac.c#2 delete .. //depot/projects/opentoe/sys/netinet6/ah_aesxcbcmac.h#2 delete .. //depot/projects/opentoe/sys/netinet6/ah_core.c#2 delete .. //depot/projects/opentoe/sys/netinet6/ah_input.c#2 delete .. //depot/projects/opentoe/sys/netinet6/ah_output.c#3 delete .. //depot/projects/opentoe/sys/netinet6/esp.h#2 delete .. //depot/projects/opentoe/sys/netinet6/esp6.h#2 delete .. //depot/projects/opentoe/sys/netinet6/esp_aesctr.c#2 delete .. //depot/projects/opentoe/sys/netinet6/esp_aesctr.h#2 delete .. //depot/projects/opentoe/sys/netinet6/esp_camellia.c#2 delete .. //depot/projects/opentoe/sys/netinet6/esp_camellia.h#2 delete .. //depot/projects/opentoe/sys/netinet6/esp_core.c#3 delete .. //depot/projects/opentoe/sys/netinet6/esp_input.c#2 delete .. //depot/projects/opentoe/sys/netinet6/esp_output.c#2 delete .. //depot/projects/opentoe/sys/netinet6/esp_rijndael.c#2 delete .. //depot/projects/opentoe/sys/netinet6/esp_rijndael.h#2 delete .. //depot/projects/opentoe/sys/netinet6/icmp6.c#3 integrate .. //depot/projects/opentoe/sys/netinet6/in6.h#3 integrate .. //depot/projects/opentoe/sys/netinet6/in6_pcb.c#5 integrate .. //depot/projects/opentoe/sys/netinet6/in6_proto.c#3 integrate .. //depot/projects/opentoe/sys/netinet6/ip6_forward.c#2 integrate .. //depot/projects/opentoe/sys/netinet6/ip6_input.c#3 integrate .. //depot/projects/opentoe/sys/netinet6/ip6_ipsec.c#1 branch .. //depot/projects/opentoe/sys/netinet6/ip6_ipsec.h#1 branch .. //depot/projects/opentoe/sys/netinet6/ip6_output.c#3 integrate .. //depot/projects/opentoe/sys/netinet6/ipcomp.h#2 delete .. //depot/projects/opentoe/sys/netinet6/ipcomp6.h#2 delete .. //depot/projects/opentoe/sys/netinet6/ipcomp_core.c#2 delete .. //depot/projects/opentoe/sys/netinet6/ipcomp_input.c#2 delete .. //depot/projects/opentoe/sys/netinet6/ipcomp_output.c#2 delete .. //depot/projects/opentoe/sys/netinet6/ipsec.c#3 delete .. //depot/projects/opentoe/sys/netinet6/ipsec.h#2 delete .. //depot/projects/opentoe/sys/netinet6/ipsec6.h#2 delete .. //depot/projects/opentoe/sys/netinet6/nd6.c#3 integrate .. //depot/projects/opentoe/sys/netinet6/nd6_nbr.c#3 integrate .. //depot/projects/opentoe/sys/netinet6/raw_ip6.c#4 integrate .. //depot/projects/opentoe/sys/netinet6/sctp6_usrreq.c#10 integrate .. //depot/projects/opentoe/sys/netinet6/udp6_output.c#3 integrate .. //depot/projects/opentoe/sys/netinet6/udp6_usrreq.c#3 integrate .. //depot/projects/opentoe/sys/netipsec/ipsec.c#4 integrate .. //depot/projects/opentoe/sys/netipsec/ipsec.h#2 integrate .. //depot/projects/opentoe/sys/netipsec/ipsec6.h#2 integrate .. //depot/projects/opentoe/sys/netipsec/ipsec_mbuf.c#2 integrate .. //depot/projects/opentoe/sys/netipsec/ipsec_output.c#3 integrate .. //depot/projects/opentoe/sys/netipsec/key.c#4 integrate .. //depot/projects/opentoe/sys/netipsec/key_debug.c#2 integrate .. //depot/projects/opentoe/sys/netipsec/keysock.c#2 integrate .. //depot/projects/opentoe/sys/netipsec/xform_ah.c#2 integrate .. //depot/projects/opentoe/sys/netipsec/xform_ipip.c#2 integrate .. //depot/projects/opentoe/sys/netkey/key.c#2 delete .. //depot/projects/opentoe/sys/netkey/key.h#2 delete .. //depot/projects/opentoe/sys/netkey/key_debug.c#2 delete .. //depot/projects/opentoe/sys/netkey/key_debug.h#2 delete .. //depot/projects/opentoe/sys/netkey/key_var.h#2 delete .. //depot/projects/opentoe/sys/netkey/keydb.c#2 delete .. //depot/projects/opentoe/sys/netkey/keydb.h#2 delete .. //depot/projects/opentoe/sys/netkey/keysock.c#2 delete .. //depot/projects/opentoe/sys/netkey/keysock.h#2 delete .. //depot/projects/opentoe/sys/nfsclient/nfs_bio.c#6 integrate .. //depot/projects/opentoe/sys/nfsclient/nfs_subs.c#2 integrate .. //depot/projects/opentoe/sys/pc98/conf/NOTES#2 integrate .. //depot/projects/opentoe/sys/security/audit/audit.c#6 integrate .. //depot/projects/opentoe/sys/security/audit/audit_bsm.c#6 integrate .. //depot/projects/opentoe/sys/sys/conf.h#3 integrate .. //depot/projects/opentoe/sys/sys/mbuf.h#9 integrate .. //depot/projects/opentoe/sys/sys/param.h#7 integrate .. //depot/projects/opentoe/sys/sys/systm.h#7 integrate .. //depot/projects/opentoe/sys/ufs/ufs/dir.h#2 integrate .. //depot/projects/opentoe/sys/vm/vm_pageout.c#6 integrate .. //depot/projects/opentoe/tools/regression/environ/Makefile#1 branch .. //depot/projects/opentoe/tools/regression/environ/Makefile.envctl#1 branch .. //depot/projects/opentoe/tools/regression/environ/Makefile.retention#1 branch .. //depot/projects/opentoe/tools/regression/environ/Makefile.timings#1 branch .. //depot/projects/opentoe/tools/regression/environ/envctl.c#1 branch .. //depot/projects/opentoe/tools/regression/environ/envtest.t#1 branch .. //depot/projects/opentoe/tools/regression/environ/retention.c#1 branch .. //depot/projects/opentoe/tools/regression/environ/timings.c#1 branch .. //depot/projects/opentoe/tools/tools/README#2 integrate .. //depot/projects/opentoe/tools/tools/nxge/Makefile#1 branch .. //depot/projects/opentoe/tools/tools/nxge/xge_cmn.h#1 branch .. //depot/projects/opentoe/tools/tools/nxge/xge_info.c#1 branch .. //depot/projects/opentoe/tools/tools/nxge/xge_info.h#1 branch .. //depot/projects/opentoe/tools/tools/nxge/xge_log.c#1 branch .. //depot/projects/opentoe/tools/tools/nxge/xge_log.h#1 branch .. //depot/projects/opentoe/tools/tools/tinybsd/conf/bridge/tinybsd.basefiles#3 integrate .. //depot/projects/opentoe/tools/tools/tinybsd/conf/default/tinybsd.basefiles#3 integrate .. //depot/projects/opentoe/tools/tools/tinybsd/conf/wireless/tinybsd.basefiles#3 integrate .. //depot/projects/opentoe/tools/tools/tinybsd/conf/wrap/tinybsd.basefiles#3 integrate .. //depot/projects/opentoe/usr.bin/du/du.c#3 integrate .. //depot/projects/opentoe/usr.bin/env/env.c#3 integrate .. //depot/projects/opentoe/usr.bin/limits/limits.c#3 integrate .. //depot/projects/opentoe/usr.bin/login/login.c#3 integrate .. //depot/projects/opentoe/usr.bin/netstat/Makefile#3 integrate .. //depot/projects/opentoe/usr.bin/netstat/ipsec.c#2 integrate .. //depot/projects/opentoe/usr.bin/netstat/main.c#3 integrate .. //depot/projects/opentoe/usr.bin/netstat/netstat.h#3 integrate .. //depot/projects/opentoe/usr.bin/netstat/pfkey.c#2 integrate .. //depot/projects/opentoe/usr.bin/su/su.c#3 integrate .. //depot/projects/opentoe/usr.bin/telnet/Makefile#2 integrate .. //depot/projects/opentoe/usr.bin/usbhidaction/usbhidaction.1#2 integrate .. //depot/projects/opentoe/usr.bin/usbhidaction/usbhidaction.c#2 integrate .. //depot/projects/opentoe/usr.sbin/Makefile#2 integrate .. //depot/projects/opentoe/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c#2 integrate .. //depot/projects/opentoe/usr.sbin/ftp-proxy/Makefile#1 branch .. //depot/projects/opentoe/usr.sbin/ftp-proxy/Makefile.inc#1 branch .. //depot/projects/opentoe/usr.sbin/ftp-proxy/ftp-proxy/Makefile#1 branch .. //depot/projects/opentoe/usr.sbin/ftp-proxy/libevent/Makefile#1 branch .. //depot/projects/opentoe/usr.sbin/inetd/Makefile#2 integrate .. //depot/projects/opentoe/usr.sbin/inetd/inetd.c#2 integrate .. //depot/projects/opentoe/usr.sbin/portsnap/phttpget/phttpget.c#2 integrate .. //depot/projects/opentoe/usr.sbin/pstat/pstat.c#4 integrate .. //depot/projects/opentoe/usr.sbin/rrenumd/Makefile#2 integrate .. //depot/projects/opentoe/usr.sbin/rrenumd/rrenumd.c#2 integrate .. //depot/projects/opentoe/usr.sbin/sade/main.c#3 integrate .. //depot/projects/opentoe/usr.sbin/sade/variable.c#3 integrate .. //depot/projects/opentoe/usr.sbin/sysinstall/dist.c#4 integrate .. //depot/projects/opentoe/usr.sbin/sysinstall/dist.h#2 integrate .. //depot/projects/opentoe/usr.sbin/sysinstall/index.c#4 integrate .. //depot/projects/opentoe/usr.sbin/sysinstall/main.c#3 integrate .. //depot/projects/opentoe/usr.sbin/sysinstall/menus.c#3 integrate .. //depot/projects/opentoe/usr.sbin/sysinstall/variable.c#3 integrate .. //depot/projects/opentoe/usr.sbin/traceroute6/Makefile#2 integrate .. //depot/projects/opentoe/usr.sbin/traceroute6/traceroute6.c#3 integrate .. //depot/projects/opentoe/usr.sbin/wicontrol/Makefile#2 delete .. //depot/projects/opentoe/usr.sbin/wicontrol/wicontrol.8#2 delete .. //depot/projects/opentoe/usr.sbin/wicontrol/wicontrol.c#2 delete Differences ... ==== //depot/projects/opentoe/ObsoleteFiles.inc#10 (text+ko) ==== @@ -1,5 +1,5 @@ # -# $FreeBSD: src/ObsoleteFiles.inc,v 1.97 2007/06/25 05:06:52 rafan Exp $ +# $FreeBSD: src/ObsoleteFiles.inc,v 1.102 2007/07/03 13:06:45 mlaier Exp $ # # This file lists old files (OLD_FILES), libraries (OLD_LIBS) and # directories (OLD_DIRS) which should get removed at an update. Recently @@ -14,6 +14,30 @@ # The file is partitioned: OLD_FILES first, then OLD_LIBS and OLD_DIRS last. # +# 20070703: pf 4.1 import +OLD_FILES+=usr/libexec/ftp-proxy +# 20070701: KAME IPSec removal +OLD_FILES+=usr/include/netinet6/ah.h +OLD_FILES+=usr/include/netinet6/ah6.h +OLD_FILES+=usr/include/netinet6/ah_aesxcbcmac.h +OLD_FILES+=usr/include/netinet6/esp.h +OLD_FILES+=usr/include/netinet6/esp6.h +OLD_FILES+=usr/include/netinet6/esp_aesctr.h +OLD_FILES+=usr/include/netinet6/esp_camellia.h +OLD_FILES+=usr/include/netinet6/esp_rijndael.h +OLD_FILES+=usr/include/netinet6/ipsec.h +OLD_FILES+=usr/include/netinet6/ipsec6.h +OLD_FILES+=usr/include/netinet6/ipcomp.h +OLD_FILES+=usr/include/netinet6/ipcomp6.h +OLD_FILES+=usr/include/netkey/key.h +OLD_FILES+=usr/include/netkey/key_debug.h +OLD_FILES+=usr/include/netkey/key_var.h +OLD_FILES+=usr/include/netkey/keydb.h +OLD_FILES+=usr/include/netkey/keysock.h +OLD_DIRS+=usr/include/netkey +# 20070701: remove wicontrol +OLD_FILES+=usr/sbin/wicontrol +OLD_FILES+=usr/share/man/man8/wicontrol.8.gz # 20070625: umapfs removal OLD_FILES+=rescue/mount_umapfs OLD_FILES+=sbin/mount_umapfs @@ -3589,7 +3613,6 @@ # - usr/share/tmac/mm/locale # - usr/share/tmac/mm/se_locale # - var/yp/Makefile - # 20070519: GCC 4.2 OLD_LIBS+=usr/lib/libg2c.a OLD_LIBS+=usr/lib/libg2c.so ==== //depot/projects/opentoe/UPDATING#10 (text+ko) ==== @@ -21,6 +21,26 @@ developers choose to disable these features on build machines to maximize performance. +20070702: + The packet filter (pf) code has been updated to OpenBSD 4.1 Please + note the changed syntax - keep state is now on by default. Also + note the fact that ftp-proxy(8) has been changed from bottom up and + has been moved from libexec to usr/sbin. Changes in the ALTQ + handling also affect users of IPFW's ALTQ capabilities. + +20070701: + Remove KAME IPsec in favor of FAST_IPSEC, which is now the + only IPsec supported by FreeBSD. The new IPsec stack + supports both IPv4 and IPv6. The kernel option will change + after the code changes have settled in. For now the kernel + option IPSEC is deprecated and FAST_IPSEC is the only option, that + will change after some settling time. + +20070701: + The wicontrol(8) utility has been removed from the base system. wi(4) + cards should be configured using ifconfig(8), see the man page for more + information. + 20070612: By default, /etc/rc.d/sendmail no longer rebuilds the aliases database if it is missing or older than the aliases file. If @@ -857,4 +877,4 @@ Contact Warner Losh if you have any questions about your use of this document. -$FreeBSD: src/UPDATING,v 1.497 2007/06/12 17:33:56 gshapiro Exp $ +$FreeBSD: src/UPDATING,v 1.500 2007/07/03 13:06:44 mlaier Exp $ ==== //depot/projects/opentoe/bin/df/df.c#4 (text+ko) ==== @@ -44,7 +44,7 @@ #endif /* not lint */ #endif #include -__FBSDID("$FreeBSD: src/bin/df/df.c,v 1.70 2007/05/01 16:02:44 ache Exp $"); +__FBSDID("$FreeBSD: src/bin/df/df.c,v 1.71 2007/07/04 00:00:37 scf Exp $"); #include #include @@ -131,14 +131,14 @@ */ if (kflag) break; - putenv("BLOCKSIZE=512"); + setenv("BLOCKSIZE", "512", 1); hflag = 0; break; case 'c': cflag = 1; break; case 'g': - putenv("BLOCKSIZE=1g"); + setenv("BLOCKSIZE", "1g", 1); hflag = 0; break; case 'H': @@ -152,7 +152,7 @@ break; case 'k': kflag++; - putenv("BLOCKSIZE=1024"); + setenv("BLOCKSIZE", "1024", 1); hflag = 0; break; case 'l': @@ -162,7 +162,7 @@ lflag = 1; break; case 'm': - putenv("BLOCKSIZE=1m"); + setenv("BLOCKSIZE", "1m", 1); hflag = 0; break; case 'n': ==== //depot/projects/opentoe/bin/ed/Makefile#2 (text+ko) ==== @@ -1,4 +1,4 @@ -# $FreeBSD: src/bin/ed/Makefile,v 1.32 2006/03/17 18:54:20 ru Exp $ +# $FreeBSD: src/bin/ed/Makefile,v 1.33 2007/07/02 14:00:25 kensmith Exp $ .include @@ -7,11 +7,13 @@ LINKS= ${BINDIR}/ed ${BINDIR}/red MLINKS= ed.1 red.1 +.if !defined(RELEASE_CRUNCH) .if ${MK_OPENSSL} != "no" CFLAGS+=-DDES WARNS?= 2 DPADD= ${LIBCRYPTO} LDADD= -lcrypto .endif +.endif .include ==== //depot/projects/opentoe/bin/sh/var.c#3 (text+ko) ==== @@ -36,7 +36,7 @@ #endif #endif /* not lint */ #include -__FBSDID("$FreeBSD: src/bin/sh/var.c,v 1.35 2007/05/01 16:02:43 ache Exp $"); +__FBSDID("$FreeBSD: src/bin/sh/var.c,v 1.36 2007/07/04 00:00:38 scf Exp $"); #include #include @@ -289,6 +289,7 @@ setvareq(char *s, int flags) { struct var *vp, **vpp; + char *p; int len; if (aflag) @@ -319,7 +320,10 @@ if (vp == &vmpath || (vp == &vmail && ! mpathset())) chkmail(1); if ((vp->flags & VEXPORT) && localevar(s)) { - putenv(s); + p = strchr(s, '='); + *p = '\0'; + (void) setenv(s, p + 1, 1); + *p = '='; (void) setlocale(LC_ALL, ""); } INTON; @@ -335,7 +339,10 @@ INTOFF; *vpp = vp; if ((vp->flags & VEXPORT) && localevar(s)) { - putenv(s); + p = strchr(s, '='); + *p = '\0'; + (void) setenv(s, p + 1, 1); + *p = '='; (void) setlocale(LC_ALL, ""); } INTON; @@ -596,7 +603,10 @@ vp->flags |= flag; if ((vp->flags & VEXPORT) && localevar(vp->text)) { - putenv(vp->text); + p = strchr(vp->text, '='); + *p = '\0'; + (void) setenv(vp->text, p + 1, 1); + *p = '='; (void) setlocale(LC_ALL, ""); } goto found; ==== //depot/projects/opentoe/contrib/netcat/netcat.c#3 (text+ko) ==== @@ -25,7 +25,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $FreeBSD: src/contrib/netcat/netcat.c,v 1.5 2007/03/28 01:57:03 delphij Exp $ + * $FreeBSD: src/contrib/netcat/netcat.c,v 1.6 2007/07/01 12:08:04 gnn Exp $ */ /* @@ -42,7 +42,7 @@ #include #include #ifdef IPSEC -#include +#include #endif #include #include ==== //depot/projects/opentoe/contrib/pf/authpf/authpf.8#2 (text+ko) ==== @@ -1,29 +1,19 @@ -.\" $FreeBSD: src/contrib/pf/authpf/authpf.8,v 1.2 2006/03/28 15:26:16 mlaier Exp $ -.\" $OpenBSD: authpf.8,v 1.38 2005/01/04 09:57:04 jmc Exp $ +.\" $FreeBSD: src/contrib/pf/authpf/authpf.8,v 1.3 2007/07/03 12:30:00 mlaier Exp $ +.\" $OpenBSD: authpf.8,v 1.43 2007/02/24 17:21:04 beck Exp $ .\" -.\" Copyright (c) 2002 Bob Beck (beck@openbsd.org>. All rights reserved. +.\" Copyright (c) 1998-2007 Bob Beck (beck@openbsd.org>. All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. The name of the author may not be used to endorse or promote products -.\" derived from this software without specific prior written permission. +.\" Permission to use, copy, modify, and distribute this software for any +.\" purpose with or without fee is hereby granted, provided that the above +.\" copyright notice and this permission notice appear in all copies. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" .Dd March 28, 2006 .Dt AUTHPF 8 @@ -230,8 +220,11 @@ hijack the session. Note that TCP keepalives are not sufficient for this, since they are not secure. -Also note that +Also note that the various SSH tunnelling mechanisms, +such as .Ar AllowTcpForwarding +and +.Ar PermitTunnel , should be disabled for .Nm users to prevent them from circumventing restrictions imposed by the @@ -429,8 +422,7 @@ external_if = "xl0" internal_if = "fxp0" -pass in log quick on $internal_if proto tcp from $user_ip to any \e - keep state +pass in log quick on $internal_if proto tcp from $user_ip to any pass in quick on $internal_if from $user_ip to any .Ed .Pp @@ -445,16 +437,15 @@ # rdr ftp for proxying by ftp-proxy(8) rdr on $internal_if proto tcp from $user_ip to any port 21 \e - -> 127.0.0.1 port 8081 + -> 127.0.0.1 port 8021 # allow out ftp, ssh, www and https only, and allow user to negotiate # ipsec with the ipsec server. pass in log quick on $internal_if proto tcp from $user_ip to any \e - port { 21, 22, 80, 443 } flags S/SA + port { 21, 22, 80, 443 } pass in quick on $internal_if proto tcp from $user_ip to any \e port { 21, 22, 80, 443 } -pass in quick proto udp from $user_ip to $ipsec_gw port = isakmp \e - keep state +pass in quick proto udp from $user_ip to $ipsec_gw port = isakmp pass in quick proto esp from $user_ip to $ipsec_gw .Ed .Pp @@ -469,7 +460,7 @@ # nat and tag connections... nat on $ext_if from $user_ip to any tag $user_ip -> $ext_addr pass in quick on $int_if from $user_ip to any -pass out log quick on $ext_if tagged $user_ip keep state +pass out log quick on $ext_if tagged $user_ip .Ed .Pp With the above rules added by @@ -495,7 +486,7 @@ .Bd -literal table persist pass in on $ext_if proto tcp from \e - to port { smtp imap } keep state + to port { smtp imap } .Ed .Pp It is also possible to use the "authpf_users" @@ -522,6 +513,7 @@ .Xr pf 4 , .Xr pf.conf 5 , .Xr fdescfs 5 , +.Xr securelevel 7 , .Xr ftp-proxy 8 .Sh HISTORY The ==== //depot/projects/opentoe/contrib/pf/authpf/authpf.c#2 (text+ko) ==== @@ -1,32 +1,23 @@ -/* $OpenBSD: authpf.c,v 1.89 2005/02/10 04:24:15 joel Exp $ */ +/* $OpenBSD: authpf.c,v 1.104 2007/02/24 17:35:08 beck Exp $ */ /* - * Copyright (C) 1998 - 2002 Bob Beck (beck@openbsd.org). + * Copyright (C) 1998 - 2007 Bob Beck (beck@openbsd.org). * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include -__FBSDID("$FreeBSD: src/contrib/pf/authpf/authpf.c,v 1.7 2005/12/25 22:57:08 mlaier Exp $"); +__FBSDID("$FreeBSD: src/contrib/pf/authpf/authpf.c,v 1.8 2007/07/03 12:30:01 mlaier Exp $"); #include #include @@ -56,15 +47,13 @@ #include "pathnames.h" -extern int symset(const char *, const char *, int); - static int read_config(FILE *); static void print_message(char *); static int allowed_luser(char *); static int check_luser(char *, char *); static int remove_stale_rulesets(void); static int change_filter(int, const char *, const char *); -static int change_table(int, const char *, const char *); +static int change_table(int, const char *); static void authpf_kill_states(void); int dev; /* pf device */ @@ -73,7 +62,6 @@ char tablename[PF_TABLE_NAME_SIZE] = "authpf_users"; FILE *pidfp; -char *infile; /* file name printed by yyerror() in parse.y */ char luser[MAXLOGNAME]; /* username */ char ipsrc[256]; /* ip as a string */ char pidfile[MAXPATHLEN]; /* we save pid in this file. */ @@ -102,11 +90,16 @@ struct in6_addr ina; struct passwd *pw; char *cp; + gid_t gid; uid_t uid; char *shell; login_cap_t *lc; config = fopen(PATH_CONFFILE, "r"); + if (config == NULL) { + syslog(LOG_ERR, "can not open %s (%m)", PATH_CONFFILE); + exit(1); + } if ((cp = getenv("SSH_TTY")) == NULL) { syslog(LOG_ERR, "non-interactive session connection for authpf"); @@ -143,7 +136,6 @@ uid = getuid(); pw = getpwuid(uid); - endpwent(); if (pw == NULL) { syslog(LOG_ERR, "cannot find user for uid %u", uid); goto die; @@ -256,6 +248,8 @@ if (++lockcnt > 10) { syslog(LOG_ERR, "cannot kill previous authpf (pid %d)", otherpid); + fclose(pidfp); + pidfp = NULL; goto dogdeath; } sleep(1); @@ -265,12 +259,22 @@ * it's lock, giving us a chance to get it now */ fclose(pidfp); + pidfp = NULL; } while (1); + + /* whack the group list */ + gid = getegid(); + if (setgroups(1, &gid) == -1) { + syslog(LOG_INFO, "setgroups: %s", strerror(errno)); + do_death(0); + } /* revoke privs */ - seteuid(getuid()); - setuid(getuid()); - + uid = getuid(); + if (setresuid(uid, uid, uid) == -1) { + syslog(LOG_INFO, "setresuid: %s", strerror(errno)); + do_death(0); + } openlog("authpf", LOG_PID | LOG_NDELAY, LOG_DAEMON); if (!check_luser(PATH_BAN_DIR, luser) || !allowed_luser(luser)) { @@ -278,8 +282,8 @@ do_death(0); } - if (config == NULL || read_config(config)) { - syslog(LOG_INFO, "bad or nonexistent %s", PATH_CONFFILE); + if (read_config(config)) { + syslog(LOG_ERR, "invalid config file %s", PATH_CONFFILE); do_death(0); } @@ -298,7 +302,7 @@ printf("Unable to modify filters\r\n"); do_death(0); } - if (change_table(1, luser, ipsrc) == -1) { + if (change_table(1, ipsrc) == -1) { printf("Unable to modify table\r\n"); change_filter(0, luser, ipsrc); do_death(0); @@ -309,7 +313,7 @@ signal(SIGALRM, need_death); signal(SIGPIPE, need_death); signal(SIGHUP, need_death); - signal(SIGSTOP, need_death); + signal(SIGQUIT, need_death); signal(SIGTSTP, need_death); while (1) { printf("\r\nHello %s. ", luser); @@ -559,9 +563,11 @@ while (fputs(tmp, stdout) != EOF && !feof(f)) { if (fgets(tmp, sizeof(tmp), f) == NULL) { fflush(stdout); + fclose(f); return (0); } } + fclose(f); } fflush(stdout); return (0); @@ -645,6 +651,7 @@ char *fdpath = NULL, *userstr = NULL, *ipstr = NULL; char *rsn = NULL, *fn = NULL; pid_t pid; + gid_t gid; int s; if (luser == NULL || !luser[0] || ipsrc == NULL || !ipsrc[0]) { @@ -684,8 +691,14 @@ switch (pid = fork()) { case -1: - err(1, "fork failed"); + syslog(LOG_ERR, "fork failed"); + goto error; case 0: + /* revoke group privs before exec */ + gid = getgid(); + if (setregid(gid, gid) == -1) { + err(1, "setregid"); + } execvp(PATH_PFCTL, pargv); warn("exec of %s failed", PATH_PFCTL); _exit(1); @@ -694,10 +707,8 @@ /* parent */ waitpid(pid, &s, 0); if (s != 0) { - if (WIFEXITED(s)) { - syslog(LOG_ERR, "pfctl exited abnormally"); - goto error; - } + syslog(LOG_ERR, "pfctl exited abnormally"); + goto error; } if (add) { @@ -718,16 +729,10 @@ syslog(LOG_ERR, "malloc failed"); error: free(fdpath); - fdpath = NULL; free(rsn); - rsn = NULL; free(userstr); - userstr = NULL; free(ipstr); - ipstr = NULL; free(fn); - fn = NULL; >>> TRUNCATED FOR MAIL (1000 lines) <<<