Switch branches/tags
Commits on Oct 4, 2011
  1. 2.13 update.

    fupjack committed Oct 4, 2011
Commits on Oct 1, 2011
  1. fsdb(8): Raise WARNS to 1.

    Sascha Wildner committed Oct 1, 2011
Commits on Sep 30, 2011
  1. kernel - VM MPSAFE fixes

    vsrinivas committed Sep 30, 2011
    * Apply amd64 PMAP fixes from a5fc46c to i386
    * Hold vm_object in vm_swapcache_cleaning()
Commits on Sep 29, 2011
  1. kernel - Numerous VM MPSAFE fixes

    Matthew Dillon committed Sep 29, 2011
    * Remove most critical sections from the VM subsystem, these are no longer
      applicable (vm_token covers the access).
    * _pmap_allocpte() for x86-64 - Conditionalize the zeroing of the vm_page
      after the grab.  The grab can race other threads and result in a page
      which had already been zero'd AND populated with pte's, so we can't just
      zero it.
      Use m->valid to determine if the page is actually newly allocated or not.
      NOTE: The 32 bit code already properly zeros the page by detecting whether
    	the pte has already been entered or not.  The 64-bit code couldn't
    	do this neatly so we used another method.
    * Hold the pmap vm_object in pmap_release() and pmap_object_init_pt() for
      the x86-64 pmap code.  This prevents related loops from blocking on the
      pmap vm_object when freeing VM pages which is not expected by the code.
    * pmap_copy() for x86-64 needs the vm_token, critical sections are no longer
    * Assert that PG_MANAGED is set when clearing pte's out of a pmap via the
      PV entries.  The pte's must exist in this case and it's a critical panic
      if they don't.
    * pmap_replacevm() for x86-64 - Adjust newvm->vm_sysref prior to assigning
      it to p->p_vmspace to handle any potential MP races with other sysrefs
      on the vmspace.
    * faultin() needs p->p_token, not proc_token.
    * swapout_procs_callback() needs p->p_token.
    * Deallocate the VM object associated with a vm_page after freeing the
      page instead of before freeing the page.  This fixes a potential
      use-after-refs-transition-to-0 case if a MP race occurs.
  2. Resurrect z*grep script to support gzip'ped files.

    YONETANI Tomokazu committed Sep 29, 2011
Commits on Sep 27, 2011
  1. hammer(8): snaprm: fix edge case

    Thomas Nikolajsen committed Sep 27, 2011
    Ensure that @@transid is at end of symlink.
Commits on Sep 26, 2011
  1. hammer(8): fix snaprm argument parsing

    Thomas Nikolajsen committed Sep 26, 2011
    Parse arguments according to SYNOPSIS.
    snaprm didn't parse arguments fully:
    e.g. PFS symlink was deleted if given as only argument.
    DragonFly-bug: <>
    Submitted-by: fix based on patch from ""
  2. hammer(8): whitespace cleanup: delete blank at end of line

    Thomas Nikolajsen committed Sep 26, 2011
  3. Sync zoneinfo database with tzdata2011k from

    Sascha Wildner committed Sep 26, 2011
    asia:           8.65 -> 8.68
    europe:         8.34 -> 8.38
    northamerica:   8.48 -> 8.49       8.47 -> 8.49
    * asia: Palestine suspends DST during Ramadan in 2011; Gaza and Hebron
        split in 2011, leading to a new Asia/Hebron zone (thanks to
        Steffen Thorsen and Alexander Krivenshev). The different end of DST
        in Gaza and Hebron in 2008 is also reflected.
    * europe: Belarus adopts permanent DST in 2011 (thanks to Yauhen Kharuzhy,
        Alexander Bokovoy, Alexander Krivenyshev, and Kirill A. Shutemov).
        Ukraine adopts permanent DST in 2011 (thanks to Alexander Krivenyshev).
        "Russia" rules changed to reflect end of use in 2010. "FET" used as
        abbreviation for Belarus, Ukraine, and western Russia (thanks to
        Paul Eggert). Also: a comment typo is fixed.
    * northamerica: Updated comment on Newfoundland's 2011 change of time of
        day when DST starts and ends (thanks to Michael Pelley).
    * New Asia/Hebron zone (thanks to Alexander Krivenshev).
Commits on Sep 25, 2011
  1. poll(2): Set POLLERR properly

    Sepherosa Ziehau committed Sep 25, 2011
    If the other side closed the connection and error happens (so_error != 0)
    POLLERR is turned on accordingly.
  2. truss(1): On a second thought, keep the old entries.

    Sascha Wildner committed Sep 25, 2011
  3. truss(1): Remove an 'a' that sneaked in.

    Sascha Wildner committed Sep 25, 2011
  4. truss(1): Adjust for 315b8b8.

    Sascha Wildner committed Sep 25, 2011
    We changed to "DragonFly ELF{32,64}."
  5. patch(1): Don't try to mmap a zero length file.

    Sascha Wildner committed Sep 25, 2011
    Found-in: NetBSD
Commits on Sep 24, 2011
  1. fifo: Restore the old semantics of select(2)/poll(2) for reading

    Sepherosa Ziehau committed Sep 24, 2011
    select(2)/poll(2) for reading on a fifo should not return "ready
    to read" if all of the writers have closed the fifo.
  2. kernel -- vm_page_dontneed: Fix interaction with vm_page_madvise and …

    vsrinivas committed Sep 24, 2011
    vm_page_dontneed didn't clear the PG_REFERENCED flag on pages it is
    deactivating. The pagedaemon would see references on the page (via
    PG_REFERENCED) and reactivate it, undoing the effect of vm_page_dontneed.
Commits on Sep 23, 2011
  1. stdio: Add __printflike for dprintf(3) and vdprintf(3)

    Sepherosa Ziehau committed Sep 23, 2011
    Noticed-by: "Xia Zuoling" <>
  2. kevent: Restore old EV_EOF semantics

    Sepherosa Ziehau committed Sep 23, 2011
    - EV_EOF should be set when the other side closed the connection, even
      if there are data pending in the read buffer (the old semantics).
    - EV_NODATA is added to indicate there are no more data pending in the
      buffer and EOF is detected (EV_EOF is also set in this situation).
    Kernel code now tests EV_NODATA instead of EV_EOF, since EV_NODATA
    delivers the information which was delivered by the EV_EOF before
    this commit.
  3. select(2)/kevent: Bail out immediately if EV_ERROR is set.

    Sepherosa Ziehau committed Sep 23, 2011
    By setting *res to -1, if kevent registration failed, select(2)
    will return error properly.
  4. Add header guard to mntopts.h

    vsrinivas committed Sep 23, 2011
  5. kevent(2): Set errno properly

    Sepherosa Ziehau committed Sep 23, 2011
    If we can't deliver the registration failure information in the
    changelist, then we should set the errno properly.
Commits on Sep 21, 2011
  1. <ucontext.h>: Conditionalize prototypes for {get,set,make,swap}contex…

    Sascha Wildner committed Sep 21, 2011
    They are gone per OpenGroup Specifications Issue 7.
    However, keep them visible in our default environment.
  2. Update files for file-5.09 import.

    Peter Avalos committed Sep 21, 2011
  3. Merge branch 'vendor/FILE'

    Peter Avalos committed Sep 21, 2011
  4. Import file-5.09.

    Peter Avalos committed Sep 21, 2011
    * Don't wait for any subprocess, just the one we forked.
    * If the application name is not set in a cdf file, try to see
      if it has a directory with the application name on it.
    * Fix ELF lseek(2) madness. Inspired by PR/134 by Jan Kaluza
    * Don't use variable string formats.
    * Fix detection of Zip files (Mantis #128).
    * Make some minor improvements to file(1).
    * Rename MIME types for filesystem objects for consistency with
      xdg-utils. Typically this means that application/x-foo becomes
      inode/foo, but some names also change slightly, e.g.
      application/x-character-device becomes inode/chardevice.
  5. Update files for OpenSSL-1.0.0e import.

    Peter Avalos committed Sep 21, 2011
  6. Merge branch 'vendor/OPENSSL'

    Peter Avalos committed Sep 21, 2011
  7. Import OpenSSL-1.0.0e.

    Peter Avalos committed Sep 21, 2011
          o Fix for CRL vulnerability issue CVE-2011-3207
          o Fix for ECDH crashes CVE-2011-3210
          o Protection against EC timing attacks.
          o Support ECDH ciphersuites for certificates using SHA2 algorithms.
          o Various DTLS fixes.
Commits on Sep 20, 2011
  1. Update files for OpenSSH-5.9p1 import.

    Peter Avalos committed Sep 20, 2011
  2. Merge branch 'vendor/OPENSSH'

    Peter Avalos committed Sep 20, 2011
  3. Bring in a compat file needed for latest OpenSSH import.

    Peter Avalos committed Sep 20, 2011
  4. Merge branch 'vendor/OPENSSH'

    Peter Avalos committed Sep 20, 2011
  5. Import OpenSSH-5.9p1.

    Peter Avalos committed Sep 20, 2011
     * Introduce sandboxing of the pre-auth privsep child using an optional
       sshd_config(5) "UsePrivilegeSeparation=sandbox" mode that enables
       mandatory restrictions on the syscalls the privsep child can perform.
       This intention is to prevent a compromised privsep child from being
       used to attack other hosts (by opening sockets and proxying) or
       probing local kernel attack surface.
       The rlimit sandbox is a fallback choice for platforms that don't
       support a better one; it uses setrlimit() to reset the hard-limit
       of file descriptors and processes to zero, which should prevent
       the privsep child from forking or opening new network connections.
     * Add new SHA256-based HMAC transport integrity modes from
       These modes are hmac-sha2-256, hmac-sha2-256-96, hmac-sha2-512,
       and hmac-sha2-512-96, and are available by default in ssh(1) and
     * The pre-authentication sshd(8) privilege separation slave process
       now logs via a socket shared with the master process, avoiding the
       need to maintain /dev/log inside the chroot.
     * ssh(1) now warns when a server refuses X11 forwarding
     * sshd_config(5)'s AuthorizedKeysFile now accepts multiple paths,
       separated by whitespace. The undocumented AuthorizedKeysFile2
       option is deprecated (though the default for AuthorizedKeysFile
       includes .ssh/authorized_keys2)
     * sshd_config(5): similarly deprecate UserKnownHostsFile2 and
       GlobalKnownHostsFile2 by making UserKnownHostsFile and
       GlobalKnownHostsFile accept multiple options and default to
       include known_hosts2
     * Retain key comments when loading v.2 keys. These will be visible
       in "ssh-add -l" and other places. bz#439
     * ssh(1) and sshd(8): set IPv6 traffic class from IPQoS (as well as
       IPv4 ToS/DSCP). bz#1855
     * ssh_config(5)'s ControlPath option now expands %L to the host
       portion of the destination host name.
     * ssh_config(5) "Host" options now support negated Host matching, e.g.
         Host * !
            User mekmitasdigoat
       Will match "", "", but not ""
     * ssh_config(5): a new RequestTTY option provides control over when a
       TTY is requested for a connection, similar to the existing -t/-tt/-T
       ssh(1) commandline options.
     * sshd(8): allow GSSAPI authentication to detect when a server-side
       failure causes authentication failure and don't count such failures
       against MaxAuthTries; bz#1244
     * ssh-keygen(1): Add -A option. For each of the key types (rsa1, rsa,
       dsa and ecdsa) for which host keys do not exist, generate the host
       keys with the default key file path, an empty passphrase, default
       bits for the key type, and default comment. This is useful for
       system initialization scripts.
     * ssh(1): Allow graceful shutdown of multiplexing: request that a mux
       server removes its listener socket and refuse future multiplexing
       requests but don't kill existing connections. This may be requested
       using "ssh -O stop ..."
     * ssh-add(1) now accepts keys piped from standard input. E.g.
       "ssh-add - < /path/to/key"
     * ssh-keysign(8) now signs hostbased authentication
       challenges correctly using ECDSA keys; bz#1858
     * sftp(1): document that sftp accepts square brackets to delimit
       addresses (useful for IPv6); bz#1847a
     * ssh(1): when using session multiplexing, the master process will
       change its process title to reflect the control path in use and
       when a ControlPersist-ed master is waiting to close; bz#1883 and
     * Other minor bugs fixed: 1849 1861 1862 1869 1875 1878 1879 1892
       1900 1905 1913