Date: Mon, 12 Apr 2010 23:09:23 +0000 (UTC) From: Warner Losh <imp@FreeBSD.org> To: src-committers@freebsd.org, svn-src-user@freebsd.org Subject: svn commit: r206519 - in user/imp/tbemd: sbin/geom/class sbin/geom/class/cache sbin/geom/class/mountver sbin/geom/class/multipath sbin/geom/class/sched sbin/hastd sbin/ifconfig sbin/ipfw sbin/mount... Message-ID: <201004122309.o3CN9NQx068709@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: imp Date: Mon Apr 12 23:09:22 2010 New Revision: 206519 URL: http://svn.freebsd.org/changeset/base/206519 Log: Merge from head, part 5 of many. Added: user/imp/tbemd/sbin/geom/class/sched/ - copied from r206514, head/sbin/geom/class/sched/ user/imp/tbemd/secure/libexec/ssh-pkcs11-helper/ - copied from r206514, head/secure/libexec/ssh-pkcs11-helper/ Modified: user/imp/tbemd/sbin/geom/class/Makefile user/imp/tbemd/sbin/geom/class/cache/gcache.8 user/imp/tbemd/sbin/geom/class/mountver/gmountver.8 user/imp/tbemd/sbin/geom/class/multipath/geom_multipath.c user/imp/tbemd/sbin/hastd/primary.c user/imp/tbemd/sbin/ifconfig/ifconfig.c user/imp/tbemd/sbin/ifconfig/ifieee80211.c user/imp/tbemd/sbin/ipfw/Makefile user/imp/tbemd/sbin/ipfw/dummynet.c user/imp/tbemd/sbin/ipfw/ipfw.8 user/imp/tbemd/sbin/ipfw/ipfw2.c user/imp/tbemd/sbin/ipfw/ipfw2.h user/imp/tbemd/sbin/ipfw/main.c user/imp/tbemd/sbin/mount/mount.c user/imp/tbemd/sbin/newfs/mkfs.c user/imp/tbemd/sbin/newfs/newfs.8 user/imp/tbemd/sbin/newfs/newfs.c user/imp/tbemd/sbin/newfs/newfs.h user/imp/tbemd/sbin/nos-tun/Makefile user/imp/tbemd/sbin/nos-tun/nos-tun.c user/imp/tbemd/sbin/quotacheck/quotacheck.8 user/imp/tbemd/sbin/setkey/setkey.8 user/imp/tbemd/sbin/sysctl/sysctl.c user/imp/tbemd/secure/lib/libcrypto/Makefile.inc user/imp/tbemd/secure/lib/libcrypto/Makefile.man user/imp/tbemd/secure/lib/libcrypto/man/ASN1_OBJECT_new.3 user/imp/tbemd/secure/lib/libcrypto/man/ASN1_STRING_length.3 user/imp/tbemd/secure/lib/libcrypto/man/ASN1_STRING_new.3 user/imp/tbemd/secure/lib/libcrypto/man/ASN1_STRING_print_ex.3 user/imp/tbemd/secure/lib/libcrypto/man/ASN1_generate_nconf.3 user/imp/tbemd/secure/lib/libcrypto/man/BIO_ctrl.3 user/imp/tbemd/secure/lib/libcrypto/man/BIO_f_base64.3 user/imp/tbemd/secure/lib/libcrypto/man/BIO_f_buffer.3 user/imp/tbemd/secure/lib/libcrypto/man/BIO_f_cipher.3 user/imp/tbemd/secure/lib/libcrypto/man/BIO_f_md.3 user/imp/tbemd/secure/lib/libcrypto/man/BIO_f_null.3 user/imp/tbemd/secure/lib/libcrypto/man/BIO_f_ssl.3 user/imp/tbemd/secure/lib/libcrypto/man/BIO_find_type.3 user/imp/tbemd/secure/lib/libcrypto/man/BIO_new.3 user/imp/tbemd/secure/lib/libcrypto/man/BIO_push.3 user/imp/tbemd/secure/lib/libcrypto/man/BIO_read.3 user/imp/tbemd/secure/lib/libcrypto/man/BIO_s_accept.3 user/imp/tbemd/secure/lib/libcrypto/man/BIO_s_bio.3 user/imp/tbemd/secure/lib/libcrypto/man/BIO_s_connect.3 user/imp/tbemd/secure/lib/libcrypto/man/BIO_s_fd.3 user/imp/tbemd/secure/lib/libcrypto/man/BIO_s_file.3 user/imp/tbemd/secure/lib/libcrypto/man/BIO_s_mem.3 user/imp/tbemd/secure/lib/libcrypto/man/BIO_s_null.3 user/imp/tbemd/secure/lib/libcrypto/man/BIO_s_socket.3 user/imp/tbemd/secure/lib/libcrypto/man/BIO_set_callback.3 user/imp/tbemd/secure/lib/libcrypto/man/BIO_should_retry.3 user/imp/tbemd/secure/lib/libcrypto/man/BN_BLINDING_new.3 user/imp/tbemd/secure/lib/libcrypto/man/BN_CTX_new.3 user/imp/tbemd/secure/lib/libcrypto/man/BN_CTX_start.3 user/imp/tbemd/secure/lib/libcrypto/man/BN_add.3 user/imp/tbemd/secure/lib/libcrypto/man/BN_add_word.3 user/imp/tbemd/secure/lib/libcrypto/man/BN_bn2bin.3 user/imp/tbemd/secure/lib/libcrypto/man/BN_cmp.3 user/imp/tbemd/secure/lib/libcrypto/man/BN_copy.3 user/imp/tbemd/secure/lib/libcrypto/man/BN_generate_prime.3 user/imp/tbemd/secure/lib/libcrypto/man/BN_mod_inverse.3 user/imp/tbemd/secure/lib/libcrypto/man/BN_mod_mul_montgomery.3 user/imp/tbemd/secure/lib/libcrypto/man/BN_mod_mul_reciprocal.3 user/imp/tbemd/secure/lib/libcrypto/man/BN_new.3 user/imp/tbemd/secure/lib/libcrypto/man/BN_num_bytes.3 user/imp/tbemd/secure/lib/libcrypto/man/BN_rand.3 user/imp/tbemd/secure/lib/libcrypto/man/BN_set_bit.3 user/imp/tbemd/secure/lib/libcrypto/man/BN_swap.3 user/imp/tbemd/secure/lib/libcrypto/man/BN_zero.3 user/imp/tbemd/secure/lib/libcrypto/man/CONF_modules_free.3 user/imp/tbemd/secure/lib/libcrypto/man/CONF_modules_load_file.3 user/imp/tbemd/secure/lib/libcrypto/man/CRYPTO_set_ex_data.3 user/imp/tbemd/secure/lib/libcrypto/man/DH_generate_key.3 user/imp/tbemd/secure/lib/libcrypto/man/DH_generate_parameters.3 user/imp/tbemd/secure/lib/libcrypto/man/DH_get_ex_new_index.3 user/imp/tbemd/secure/lib/libcrypto/man/DH_new.3 user/imp/tbemd/secure/lib/libcrypto/man/DH_set_method.3 user/imp/tbemd/secure/lib/libcrypto/man/DH_size.3 user/imp/tbemd/secure/lib/libcrypto/man/DSA_SIG_new.3 user/imp/tbemd/secure/lib/libcrypto/man/DSA_do_sign.3 user/imp/tbemd/secure/lib/libcrypto/man/DSA_dup_DH.3 user/imp/tbemd/secure/lib/libcrypto/man/DSA_generate_key.3 user/imp/tbemd/secure/lib/libcrypto/man/DSA_generate_parameters.3 user/imp/tbemd/secure/lib/libcrypto/man/DSA_get_ex_new_index.3 user/imp/tbemd/secure/lib/libcrypto/man/DSA_new.3 user/imp/tbemd/secure/lib/libcrypto/man/DSA_set_method.3 user/imp/tbemd/secure/lib/libcrypto/man/DSA_sign.3 user/imp/tbemd/secure/lib/libcrypto/man/DSA_size.3 user/imp/tbemd/secure/lib/libcrypto/man/ERR_GET_LIB.3 user/imp/tbemd/secure/lib/libcrypto/man/ERR_clear_error.3 user/imp/tbemd/secure/lib/libcrypto/man/ERR_error_string.3 user/imp/tbemd/secure/lib/libcrypto/man/ERR_get_error.3 user/imp/tbemd/secure/lib/libcrypto/man/ERR_load_crypto_strings.3 user/imp/tbemd/secure/lib/libcrypto/man/ERR_load_strings.3 user/imp/tbemd/secure/lib/libcrypto/man/ERR_print_errors.3 user/imp/tbemd/secure/lib/libcrypto/man/ERR_put_error.3 user/imp/tbemd/secure/lib/libcrypto/man/ERR_remove_state.3 user/imp/tbemd/secure/lib/libcrypto/man/ERR_set_mark.3 user/imp/tbemd/secure/lib/libcrypto/man/EVP_BytesToKey.3 user/imp/tbemd/secure/lib/libcrypto/man/EVP_DigestInit.3 user/imp/tbemd/secure/lib/libcrypto/man/EVP_EncryptInit.3 user/imp/tbemd/secure/lib/libcrypto/man/EVP_OpenInit.3 user/imp/tbemd/secure/lib/libcrypto/man/EVP_PKEY_new.3 user/imp/tbemd/secure/lib/libcrypto/man/EVP_PKEY_set1_RSA.3 user/imp/tbemd/secure/lib/libcrypto/man/EVP_SealInit.3 user/imp/tbemd/secure/lib/libcrypto/man/EVP_SignInit.3 user/imp/tbemd/secure/lib/libcrypto/man/EVP_VerifyInit.3 user/imp/tbemd/secure/lib/libcrypto/man/OBJ_nid2obj.3 user/imp/tbemd/secure/lib/libcrypto/man/OPENSSL_Applink.3 user/imp/tbemd/secure/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3 user/imp/tbemd/secure/lib/libcrypto/man/OPENSSL_config.3 user/imp/tbemd/secure/lib/libcrypto/man/OPENSSL_ia32cap.3 user/imp/tbemd/secure/lib/libcrypto/man/OPENSSL_load_builtin_modules.3 user/imp/tbemd/secure/lib/libcrypto/man/OpenSSL_add_all_algorithms.3 user/imp/tbemd/secure/lib/libcrypto/man/PKCS12_create.3 user/imp/tbemd/secure/lib/libcrypto/man/PKCS12_parse.3 user/imp/tbemd/secure/lib/libcrypto/man/PKCS7_decrypt.3 user/imp/tbemd/secure/lib/libcrypto/man/PKCS7_encrypt.3 user/imp/tbemd/secure/lib/libcrypto/man/PKCS7_sign.3 user/imp/tbemd/secure/lib/libcrypto/man/PKCS7_verify.3 user/imp/tbemd/secure/lib/libcrypto/man/RAND_add.3 user/imp/tbemd/secure/lib/libcrypto/man/RAND_bytes.3 user/imp/tbemd/secure/lib/libcrypto/man/RAND_cleanup.3 user/imp/tbemd/secure/lib/libcrypto/man/RAND_egd.3 user/imp/tbemd/secure/lib/libcrypto/man/RAND_load_file.3 user/imp/tbemd/secure/lib/libcrypto/man/RAND_set_rand_method.3 user/imp/tbemd/secure/lib/libcrypto/man/RSA_blinding_on.3 user/imp/tbemd/secure/lib/libcrypto/man/RSA_check_key.3 user/imp/tbemd/secure/lib/libcrypto/man/RSA_generate_key.3 user/imp/tbemd/secure/lib/libcrypto/man/RSA_get_ex_new_index.3 user/imp/tbemd/secure/lib/libcrypto/man/RSA_new.3 user/imp/tbemd/secure/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3 user/imp/tbemd/secure/lib/libcrypto/man/RSA_print.3 user/imp/tbemd/secure/lib/libcrypto/man/RSA_private_encrypt.3 user/imp/tbemd/secure/lib/libcrypto/man/RSA_public_encrypt.3 user/imp/tbemd/secure/lib/libcrypto/man/RSA_set_method.3 user/imp/tbemd/secure/lib/libcrypto/man/RSA_sign.3 user/imp/tbemd/secure/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3 user/imp/tbemd/secure/lib/libcrypto/man/RSA_size.3 user/imp/tbemd/secure/lib/libcrypto/man/SMIME_read_PKCS7.3 user/imp/tbemd/secure/lib/libcrypto/man/SMIME_write_PKCS7.3 user/imp/tbemd/secure/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 user/imp/tbemd/secure/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3 user/imp/tbemd/secure/lib/libcrypto/man/X509_NAME_get_index_by_NID.3 user/imp/tbemd/secure/lib/libcrypto/man/X509_NAME_print_ex.3 user/imp/tbemd/secure/lib/libcrypto/man/X509_new.3 user/imp/tbemd/secure/lib/libcrypto/man/bio.3 user/imp/tbemd/secure/lib/libcrypto/man/blowfish.3 user/imp/tbemd/secure/lib/libcrypto/man/bn.3 user/imp/tbemd/secure/lib/libcrypto/man/bn_internal.3 user/imp/tbemd/secure/lib/libcrypto/man/buffer.3 user/imp/tbemd/secure/lib/libcrypto/man/crypto.3 user/imp/tbemd/secure/lib/libcrypto/man/d2i_ASN1_OBJECT.3 user/imp/tbemd/secure/lib/libcrypto/man/d2i_DHparams.3 user/imp/tbemd/secure/lib/libcrypto/man/d2i_DSAPublicKey.3 user/imp/tbemd/secure/lib/libcrypto/man/d2i_PKCS8PrivateKey.3 user/imp/tbemd/secure/lib/libcrypto/man/d2i_RSAPublicKey.3 user/imp/tbemd/secure/lib/libcrypto/man/d2i_X509.3 user/imp/tbemd/secure/lib/libcrypto/man/d2i_X509_ALGOR.3 user/imp/tbemd/secure/lib/libcrypto/man/d2i_X509_CRL.3 user/imp/tbemd/secure/lib/libcrypto/man/d2i_X509_NAME.3 user/imp/tbemd/secure/lib/libcrypto/man/d2i_X509_REQ.3 user/imp/tbemd/secure/lib/libcrypto/man/d2i_X509_SIG.3 user/imp/tbemd/secure/lib/libcrypto/man/des.3 user/imp/tbemd/secure/lib/libcrypto/man/dh.3 user/imp/tbemd/secure/lib/libcrypto/man/dsa.3 user/imp/tbemd/secure/lib/libcrypto/man/ecdsa.3 user/imp/tbemd/secure/lib/libcrypto/man/engine.3 user/imp/tbemd/secure/lib/libcrypto/man/err.3 user/imp/tbemd/secure/lib/libcrypto/man/evp.3 user/imp/tbemd/secure/lib/libcrypto/man/hmac.3 user/imp/tbemd/secure/lib/libcrypto/man/lh_stats.3 user/imp/tbemd/secure/lib/libcrypto/man/lhash.3 user/imp/tbemd/secure/lib/libcrypto/man/md5.3 user/imp/tbemd/secure/lib/libcrypto/man/mdc2.3 user/imp/tbemd/secure/lib/libcrypto/man/pem.3 user/imp/tbemd/secure/lib/libcrypto/man/rand.3 user/imp/tbemd/secure/lib/libcrypto/man/rc4.3 user/imp/tbemd/secure/lib/libcrypto/man/ripemd.3 user/imp/tbemd/secure/lib/libcrypto/man/rsa.3 user/imp/tbemd/secure/lib/libcrypto/man/sha.3 user/imp/tbemd/secure/lib/libcrypto/man/threads.3 user/imp/tbemd/secure/lib/libcrypto/man/ui.3 user/imp/tbemd/secure/lib/libcrypto/man/ui_compat.3 user/imp/tbemd/secure/lib/libcrypto/man/x509.3 user/imp/tbemd/secure/lib/libssh/Makefile user/imp/tbemd/secure/lib/libssl/Makefile user/imp/tbemd/secure/lib/libssl/Makefile.man user/imp/tbemd/secure/lib/libssl/man/SSL_CIPHER_get_name.3 user/imp/tbemd/secure/lib/libssl/man/SSL_COMP_add_compression_method.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_add_session.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_ctrl.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_flush_sessions.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_free.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_get_ex_new_index.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_get_verify_mode.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_new.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_sess_number.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_sess_set_cache_size.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_sess_set_get_cb.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_sessions.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_cert_store.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_cipher_list.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_client_CA_list.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_client_cert_cb.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_info_callback.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_max_cert_list.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_mode.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_msg_callback.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_options.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_session_id_context.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_ssl_version.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_timeout.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_set_verify.3 user/imp/tbemd/secure/lib/libssl/man/SSL_CTX_use_certificate.3 user/imp/tbemd/secure/lib/libssl/man/SSL_SESSION_free.3 user/imp/tbemd/secure/lib/libssl/man/SSL_SESSION_get_ex_new_index.3 user/imp/tbemd/secure/lib/libssl/man/SSL_SESSION_get_time.3 user/imp/tbemd/secure/lib/libssl/man/SSL_accept.3 user/imp/tbemd/secure/lib/libssl/man/SSL_alert_type_string.3 user/imp/tbemd/secure/lib/libssl/man/SSL_clear.3 user/imp/tbemd/secure/lib/libssl/man/SSL_connect.3 user/imp/tbemd/secure/lib/libssl/man/SSL_do_handshake.3 user/imp/tbemd/secure/lib/libssl/man/SSL_free.3 user/imp/tbemd/secure/lib/libssl/man/SSL_get_SSL_CTX.3 user/imp/tbemd/secure/lib/libssl/man/SSL_get_ciphers.3 user/imp/tbemd/secure/lib/libssl/man/SSL_get_client_CA_list.3 user/imp/tbemd/secure/lib/libssl/man/SSL_get_current_cipher.3 user/imp/tbemd/secure/lib/libssl/man/SSL_get_default_timeout.3 user/imp/tbemd/secure/lib/libssl/man/SSL_get_error.3 user/imp/tbemd/secure/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3 user/imp/tbemd/secure/lib/libssl/man/SSL_get_ex_new_index.3 user/imp/tbemd/secure/lib/libssl/man/SSL_get_fd.3 user/imp/tbemd/secure/lib/libssl/man/SSL_get_peer_cert_chain.3 user/imp/tbemd/secure/lib/libssl/man/SSL_get_peer_certificate.3 user/imp/tbemd/secure/lib/libssl/man/SSL_get_rbio.3 user/imp/tbemd/secure/lib/libssl/man/SSL_get_session.3 user/imp/tbemd/secure/lib/libssl/man/SSL_get_verify_result.3 user/imp/tbemd/secure/lib/libssl/man/SSL_get_version.3 user/imp/tbemd/secure/lib/libssl/man/SSL_library_init.3 user/imp/tbemd/secure/lib/libssl/man/SSL_load_client_CA_file.3 user/imp/tbemd/secure/lib/libssl/man/SSL_new.3 user/imp/tbemd/secure/lib/libssl/man/SSL_pending.3 user/imp/tbemd/secure/lib/libssl/man/SSL_read.3 user/imp/tbemd/secure/lib/libssl/man/SSL_rstate_string.3 user/imp/tbemd/secure/lib/libssl/man/SSL_session_reused.3 user/imp/tbemd/secure/lib/libssl/man/SSL_set_bio.3 user/imp/tbemd/secure/lib/libssl/man/SSL_set_connect_state.3 user/imp/tbemd/secure/lib/libssl/man/SSL_set_fd.3 user/imp/tbemd/secure/lib/libssl/man/SSL_set_session.3 user/imp/tbemd/secure/lib/libssl/man/SSL_set_shutdown.3 user/imp/tbemd/secure/lib/libssl/man/SSL_set_verify_result.3 user/imp/tbemd/secure/lib/libssl/man/SSL_shutdown.3 user/imp/tbemd/secure/lib/libssl/man/SSL_state_string.3 user/imp/tbemd/secure/lib/libssl/man/SSL_want.3 user/imp/tbemd/secure/lib/libssl/man/SSL_write.3 user/imp/tbemd/secure/lib/libssl/man/d2i_SSL_SESSION.3 user/imp/tbemd/secure/lib/libssl/man/ssl.3 user/imp/tbemd/secure/libexec/Makefile user/imp/tbemd/secure/usr.bin/openssl/man/CA.pl.1 user/imp/tbemd/secure/usr.bin/openssl/man/asn1parse.1 user/imp/tbemd/secure/usr.bin/openssl/man/ca.1 user/imp/tbemd/secure/usr.bin/openssl/man/ciphers.1 user/imp/tbemd/secure/usr.bin/openssl/man/crl.1 user/imp/tbemd/secure/usr.bin/openssl/man/crl2pkcs7.1 user/imp/tbemd/secure/usr.bin/openssl/man/dgst.1 user/imp/tbemd/secure/usr.bin/openssl/man/dhparam.1 user/imp/tbemd/secure/usr.bin/openssl/man/dsa.1 user/imp/tbemd/secure/usr.bin/openssl/man/dsaparam.1 user/imp/tbemd/secure/usr.bin/openssl/man/ec.1 user/imp/tbemd/secure/usr.bin/openssl/man/ecparam.1 user/imp/tbemd/secure/usr.bin/openssl/man/enc.1 user/imp/tbemd/secure/usr.bin/openssl/man/errstr.1 user/imp/tbemd/secure/usr.bin/openssl/man/gendsa.1 user/imp/tbemd/secure/usr.bin/openssl/man/genrsa.1 user/imp/tbemd/secure/usr.bin/openssl/man/nseq.1 user/imp/tbemd/secure/usr.bin/openssl/man/ocsp.1 user/imp/tbemd/secure/usr.bin/openssl/man/openssl.1 user/imp/tbemd/secure/usr.bin/openssl/man/passwd.1 user/imp/tbemd/secure/usr.bin/openssl/man/pkcs12.1 user/imp/tbemd/secure/usr.bin/openssl/man/pkcs7.1 user/imp/tbemd/secure/usr.bin/openssl/man/pkcs8.1 user/imp/tbemd/secure/usr.bin/openssl/man/rand.1 user/imp/tbemd/secure/usr.bin/openssl/man/req.1 user/imp/tbemd/secure/usr.bin/openssl/man/rsa.1 user/imp/tbemd/secure/usr.bin/openssl/man/rsautl.1 user/imp/tbemd/secure/usr.bin/openssl/man/s_client.1 user/imp/tbemd/secure/usr.bin/openssl/man/s_server.1 user/imp/tbemd/secure/usr.bin/openssl/man/s_time.1 user/imp/tbemd/secure/usr.bin/openssl/man/sess_id.1 user/imp/tbemd/secure/usr.bin/openssl/man/smime.1 user/imp/tbemd/secure/usr.bin/openssl/man/speed.1 user/imp/tbemd/secure/usr.bin/openssl/man/spkac.1 user/imp/tbemd/secure/usr.bin/openssl/man/verify.1 user/imp/tbemd/secure/usr.bin/openssl/man/version.1 user/imp/tbemd/secure/usr.bin/openssl/man/x509.1 user/imp/tbemd/secure/usr.bin/openssl/man/x509v3_config.1 user/imp/tbemd/secure/usr.bin/ssh/Makefile user/imp/tbemd/secure/usr.sbin/sshd/Makefile Modified: user/imp/tbemd/sbin/geom/class/Makefile ============================================================================== --- user/imp/tbemd/sbin/geom/class/Makefile Mon Apr 12 23:06:14 2010 (r206518) +++ user/imp/tbemd/sbin/geom/class/Makefile Mon Apr 12 23:09:22 2010 (r206519) @@ -15,6 +15,7 @@ SUBDIR+=multipath SUBDIR+=nop SUBDIR+=part SUBDIR+=raid3 +SUBDIR+=sched SUBDIR+=shsec SUBDIR+=stripe SUBDIR+=virstor Modified: user/imp/tbemd/sbin/geom/class/cache/gcache.8 ============================================================================== --- user/imp/tbemd/sbin/geom/class/cache/gcache.8 Mon Apr 12 23:06:14 2010 (r206518) +++ user/imp/tbemd/sbin/geom/class/cache/gcache.8 Mon Apr 12 23:09:22 2010 (r206519) @@ -14,14 +14,14 @@ .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR THE VOICES IN HIS HEAD BE -.\" LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -.\" POSSIBILITY OF SUCH DAMAGE. +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. .\" .\" $FreeBSD$ .\" Modified: user/imp/tbemd/sbin/geom/class/mountver/gmountver.8 ============================================================================== --- user/imp/tbemd/sbin/geom/class/mountver/gmountver.8 Mon Apr 12 23:06:14 2010 (r206518) +++ user/imp/tbemd/sbin/geom/class/mountver/gmountver.8 Mon Apr 12 23:09:22 2010 (r206519) @@ -14,14 +14,14 @@ .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR THE VOICES IN HIS HEAD BE -.\" LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -.\" POSSIBILITY OF SUCH DAMAGE. +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. .\" .\" $FreeBSD$ .\" Modified: user/imp/tbemd/sbin/geom/class/multipath/geom_multipath.c ============================================================================== --- user/imp/tbemd/sbin/geom/class/multipath/geom_multipath.c Mon Apr 12 23:06:14 2010 (r206518) +++ user/imp/tbemd/sbin/geom/class/multipath/geom_multipath.c Mon Apr 12 23:09:22 2010 (r206519) @@ -48,6 +48,7 @@ uint32_t version = G_MULTIPATH_VERSION; static void mp_main(struct gctl_req *, unsigned int); static void mp_label(struct gctl_req *); static void mp_clear(struct gctl_req *); +static void mp_add(struct gctl_req *); struct g_command class_commands[] = { { @@ -55,6 +56,10 @@ struct g_command class_commands[] = { NULL, "[-v] name prov ..." }, { + "add", G_FLAG_VERBOSE | G_FLAG_LOADKLD, mp_main, G_NULL_OPTS, + NULL, "[-v] name prov ..." + }, + { "destroy", G_FLAG_VERBOSE, NULL, G_NULL_OPTS, NULL, "[-v] prov ..." }, @@ -62,6 +67,14 @@ struct g_command class_commands[] = { "clear", G_FLAG_VERBOSE, mp_main, G_NULL_OPTS, NULL, "[-v] prov ..." }, + { + "rotate", G_FLAG_VERBOSE, NULL, G_NULL_OPTS, + NULL, "[-v] prov ..." + }, + { + "getactive", G_FLAG_VERBOSE, NULL, G_NULL_OPTS, + NULL, "[-v] prov ..." + }, G_CMD_SENTINEL }; @@ -77,6 +90,8 @@ mp_main(struct gctl_req *req, unsigned i } if (strcmp(name, "label") == 0) { mp_label(req); + } else if (strcmp(name, "add") == 0) { + mp_add(req); } else if (strcmp(name, "clear") == 0) { mp_clear(req); } else { @@ -93,7 +108,7 @@ mp_label(struct gctl_req *req) char *ptr; uuid_t uuid; uint32_t secsize = 0, ssize, status; - const char *name; + const char *name, *mpname; int error, i, nargs; nargs = gctl_get_int(req, "nargs"); @@ -148,8 +163,8 @@ mp_label(struct gctl_req *req) */ strlcpy(md.md_magic, G_MULTIPATH_MAGIC, sizeof(md.md_magic)); md.md_version = G_MULTIPATH_VERSION; - name = gctl_get_ascii(req, "arg0"); - strlcpy(md.md_name, name, sizeof(md.md_name)); + mpname = gctl_get_ascii(req, "arg0"); + strlcpy(md.md_name, mpname, sizeof(md.md_name)); md.md_size = disksiz; md.md_sectorsize = secsize; uuid_create(&uuid, &status); @@ -166,46 +181,44 @@ mp_label(struct gctl_req *req) free(ptr); /* - * Clear last sector first for each provider to spoil anything extant + * Clear metadata on initial provider first. */ - for (i = 1; i < nargs; i++) { - name = gctl_get_ascii(req, "arg%d", i); - error = g_metadata_clear(name, NULL); - if (error != 0) { - gctl_error(req, "cannot clear metadata on %s: %s.", - name, strerror(error)); - return; - } + name = gctl_get_ascii(req, "arg1"); + error = g_metadata_clear(name, NULL); + if (error != 0) { + gctl_error(req, "cannot clear metadata on %s: %s.", name, strerror(error)); + return; } + /* + * encode the metadata + */ multipath_metadata_encode(&md, sector); /* - * Ok, store metadata. + * Store metadata on the initial provider. */ - for (i = 1; i < nargs; i++) { - name = gctl_get_ascii(req, "arg%d", i); - error = g_metadata_store(name, sector, secsize); - if (error != 0) { - fprintf(stderr, "Can't store metadata on %s: %s.\n", - name, strerror(error)); - goto fail; - } + error = g_metadata_store(name, sector, secsize); + if (error != 0) { + gctl_error(req, "cannot store metadata on %s: %s.", name, strerror(error)); + return; } - return; -fail: /* - * Clear last sector first for each provider to spoil anything extant + * Now add the rest of the providers. */ - for (i = 1; i < nargs; i++) { - name = gctl_get_ascii(req, "arg%d", i); - error = g_metadata_clear(name, NULL); - if (error != 0) { - gctl_error(req, "cannot clear metadata on %s: %s.", - name, strerror(error)); + error = gctl_change_param(req, "verb", -1, "add"); + if (error) { + gctl_error(req, "unable to change verb to \"add\": %s.", strerror(error)); + return; + } + for (i = 2; i < nargs; i++) { + error = gctl_change_param(req, "arg1", -1, gctl_get_ascii(req, "arg%d", i)); + if (error) { + gctl_error(req, "unable to add %s to %s: %s.", gctl_get_ascii(req, "arg%d", i), mpname, strerror(error)); continue; } + mp_add(req); } } @@ -213,22 +226,23 @@ static void mp_clear(struct gctl_req *req) { const char *name; - int error, i, nargs; + int error; - nargs = gctl_get_int(req, "nargs"); - if (nargs < 1) { - gctl_error(req, "Too few arguments."); - return; + name = gctl_get_ascii(req, "arg1"); + error = g_metadata_clear(name, G_MULTIPATH_MAGIC); + if (error != 0) { + fprintf(stderr, "Can't clear metadata on %s: %s.\n", name, strerror(error)); + gctl_error(req, "Not fully done."); } +} - for (i = 0; i < nargs; i++) { - name = gctl_get_ascii(req, "arg%d", i); - error = g_metadata_clear(name, G_MULTIPATH_MAGIC); - if (error != 0) { - fprintf(stderr, "Can't clear metadata on %s: %s.\n", - name, strerror(error)); - gctl_error(req, "Not fully done."); - continue; - } - } +static void +mp_add(struct gctl_req *req) +{ + const char *errstr; + + errstr = gctl_issue(req); + if (errstr != NULL && errstr[0] != '\0') { + gctl_error(req, "%s", errstr); + } } Modified: user/imp/tbemd/sbin/hastd/primary.c ============================================================================== --- user/imp/tbemd/sbin/hastd/primary.c Mon Apr 12 23:06:14 2010 (r206518) +++ user/imp/tbemd/sbin/hastd/primary.c Mon Apr 12 23:09:22 2010 (r206519) @@ -460,9 +460,11 @@ init_local(struct hast_resource *res) exit(EX_NOINPUT); } -static void -init_remote(struct hast_resource *res) +static bool +init_remote(struct hast_resource *res, struct proto_conn **inp, + struct proto_conn **outp) { + struct proto_conn *in, *out; struct nv *nvout, *nvin; const unsigned char *token; unsigned char *map; @@ -472,13 +474,17 @@ init_remote(struct hast_resource *res) uint32_t mapsize; size_t size; + assert((inp == NULL && outp == NULL) || (inp != NULL && outp != NULL)); + + in = out = NULL; + /* Prepare outgoing connection with remote node. */ - if (proto_client(res->hr_remoteaddr, &res->hr_remoteout) < 0) { + if (proto_client(res->hr_remoteaddr, &out) < 0) { primary_exit(EX_OSERR, "Unable to create connection to %s", res->hr_remoteaddr); } /* Try to connect, but accept failure. */ - if (proto_connect(res->hr_remoteout) < 0) { + if (proto_connect(out) < 0) { pjdlog_errno(LOG_WARNING, "Unable to connect to %s", res->hr_remoteaddr); goto close; @@ -496,7 +502,7 @@ init_remote(struct hast_resource *res) nv_free(nvout); goto close; } - if (hast_proto_send(res, res->hr_remoteout, nvout, NULL, 0) < 0) { + if (hast_proto_send(res, out, nvout, NULL, 0) < 0) { pjdlog_errno(LOG_WARNING, "Unable to send handshake header to %s", res->hr_remoteaddr); @@ -504,7 +510,7 @@ init_remote(struct hast_resource *res) goto close; } nv_free(nvout); - if (hast_proto_recv_hdr(res->hr_remoteout, &nvin) < 0) { + if (hast_proto_recv_hdr(out, &nvin) < 0) { pjdlog_errno(LOG_WARNING, "Unable to receive handshake header from %s", res->hr_remoteaddr); @@ -536,12 +542,12 @@ init_remote(struct hast_resource *res) * Second handshake step. * Setup incoming connection with remote node. */ - if (proto_client(res->hr_remoteaddr, &res->hr_remotein) < 0) { + if (proto_client(res->hr_remoteaddr, &in) < 0) { pjdlog_errno(LOG_WARNING, "Unable to create connection to %s", res->hr_remoteaddr); } /* Try to connect, but accept failure. */ - if (proto_connect(res->hr_remotein) < 0) { + if (proto_connect(in) < 0) { pjdlog_errno(LOG_WARNING, "Unable to connect to %s", res->hr_remoteaddr); goto close; @@ -560,7 +566,7 @@ init_remote(struct hast_resource *res) nv_free(nvout); goto close; } - if (hast_proto_send(res, res->hr_remotein, nvout, NULL, 0) < 0) { + if (hast_proto_send(res, in, nvout, NULL, 0) < 0) { pjdlog_errno(LOG_WARNING, "Unable to send handshake header to %s", res->hr_remoteaddr); @@ -568,7 +574,7 @@ init_remote(struct hast_resource *res) goto close; } nv_free(nvout); - if (hast_proto_recv_hdr(res->hr_remoteout, &nvin) < 0) { + if (hast_proto_recv_hdr(out, &nvin) < 0) { pjdlog_errno(LOG_WARNING, "Unable to receive handshake header from %s", res->hr_remoteaddr); @@ -611,7 +617,7 @@ init_remote(struct hast_resource *res) * Remote node have some dirty extents on its own, lets * download its activemap. */ - if (hast_proto_recv_data(res, res->hr_remoteout, nvin, map, + if (hast_proto_recv_data(res, out, nvin, map, mapsize) < 0) { pjdlog_errno(LOG_ERR, "Unable to receive remote activemap"); @@ -631,18 +637,29 @@ init_remote(struct hast_resource *res) (void)hast_activemap_flush(res); } pjdlog_info("Connected to %s.", res->hr_remoteaddr); + if (inp != NULL && outp != NULL) { + *inp = in; + *outp = out; + } else { + res->hr_remotein = in; + res->hr_remoteout = out; + } + return (true); +close: + proto_close(out); + if (in != NULL) + proto_close(in); + return (false); +} + +static void +sync_start(void) +{ + mtx_lock(&sync_lock); sync_inprogress = true; mtx_unlock(&sync_lock); cv_signal(&sync_cond); - return; -close: - proto_close(res->hr_remoteout); - res->hr_remoteout = NULL; - if (res->hr_remotein != NULL) { - proto_close(res->hr_remotein); - res->hr_remotein = NULL; - } } static void @@ -735,7 +752,8 @@ hastd_primary(struct hast_resource *res) setproctitle("%s (primary)", res->hr_name); init_local(res); - init_remote(res); + if (init_remote(res, NULL, NULL)) + sync_start(); init_ggate(res); init_environment(res); error = pthread_create(&td, NULL, ggate_recv_thread, res); @@ -1695,6 +1713,7 @@ static void * guard_thread(void *arg) { struct hast_resource *res = arg; + struct proto_conn *in, *out; unsigned int ii, ncomps; int timeout; @@ -1738,26 +1757,31 @@ guard_thread(void *arg) * connected. */ rw_unlock(&hio_remote_lock[ii]); - rw_wlock(&hio_remote_lock[ii]); - assert(res->hr_remotein == NULL); - assert(res->hr_remoteout == NULL); pjdlog_debug(2, "remote_guard: Reconnecting to %s.", res->hr_remoteaddr); - init_remote(res); - if (ISCONNECTED(res, ii)) { + in = out = NULL; + if (init_remote(res, &in, &out)) { + rw_wlock(&hio_remote_lock[ii]); + assert(res->hr_remotein == NULL); + assert(res->hr_remoteout == NULL); + assert(in != NULL && out != NULL); + res->hr_remotein = in; + res->hr_remoteout = out; + rw_unlock(&hio_remote_lock[ii]); pjdlog_info("Successfully reconnected to %s.", res->hr_remoteaddr); + sync_start(); } else { /* Both connections should be NULL. */ assert(res->hr_remotein == NULL); assert(res->hr_remoteout == NULL); + assert(in == NULL && out == NULL); pjdlog_debug(2, "remote_guard: Reconnect to %s failed.", res->hr_remoteaddr); timeout = RECONNECT_SLEEP; } - rw_unlock(&hio_remote_lock[ii]); } } (void)cv_timedwait(&hio_guard_cond, &hio_guard_lock, timeout); Modified: user/imp/tbemd/sbin/ifconfig/ifconfig.c ============================================================================== --- user/imp/tbemd/sbin/ifconfig/ifconfig.c Mon Apr 12 23:06:14 2010 (r206518) +++ user/imp/tbemd/sbin/ifconfig/ifconfig.c Mon Apr 12 23:09:22 2010 (r206519) @@ -881,7 +881,7 @@ unsetifdescr(const char *val, int value, #define IFCAPBITS \ "\020\1RXCSUM\2TXCSUM\3NETCONS\4VLAN_MTU\5VLAN_HWTAGGING\6JUMBO_MTU\7POLLING" \ "\10VLAN_HWCSUM\11TSO4\12TSO6\13LRO\14WOL_UCAST\15WOL_MCAST\16WOL_MAGIC" \ -"\21VLAN_HWFILTER\23VLAN_HWTSO" +"\21VLAN_HWFILTER\23VLAN_HWTSO\24LINKSTATE" /* * Print the status of the interface. If an address family was Modified: user/imp/tbemd/sbin/ifconfig/ifieee80211.c ============================================================================== --- user/imp/tbemd/sbin/ifconfig/ifieee80211.c Mon Apr 12 23:06:14 2010 (r206518) +++ user/imp/tbemd/sbin/ifconfig/ifieee80211.c Mon Apr 12 23:09:22 2010 (r206519) @@ -4509,6 +4509,7 @@ end: } else { LINE_BREAK(); list_roam(s); + LINE_BREAK(); } } Modified: user/imp/tbemd/sbin/ipfw/Makefile ============================================================================== --- user/imp/tbemd/sbin/ipfw/Makefile Mon Apr 12 23:06:14 2010 (r206518) +++ user/imp/tbemd/sbin/ipfw/Makefile Mon Apr 12 23:09:22 2010 (r206519) @@ -3,6 +3,7 @@ PROG= ipfw SRCS= ipfw2.c dummynet.c ipv6.c main.c nat.c altq.c WARNS?= 2 +DPADD= ${LIBUTIL} LDADD= -lutil MAN= ipfw.8 Modified: user/imp/tbemd/sbin/ipfw/dummynet.c ============================================================================== --- user/imp/tbemd/sbin/ipfw/dummynet.c Mon Apr 12 23:06:14 2010 (r206518) +++ user/imp/tbemd/sbin/ipfw/dummynet.c Mon Apr 12 23:09:22 2010 (r206519) @@ -141,7 +141,8 @@ print_mask(struct ipfw_flow_id *id) { if (!IS_IP6_FLOW_ID(id)) { printf(" " - "mask: 0x%02x 0x%08x/0x%04x -> 0x%08x/0x%04x\n", + "mask: %s 0x%02x 0x%08x/0x%04x -> 0x%08x/0x%04x\n", + id->extra ? "queue," : "", id->proto, id->src_ip, id->src_port, id->dst_ip, id->dst_port); @@ -151,7 +152,8 @@ print_mask(struct ipfw_flow_id *id) "Tot_pkt/bytes Pkt/Byte Drp\n"); } else { char buf[255]; - printf("\n mask: proto: 0x%02x, flow_id: 0x%08x, ", + printf("\n mask: %sproto: 0x%02x, flow_id: 0x%08x, ", + id->extra ? "queue," : "", id->proto, id->flow_id6); inet_ntop(AF_INET6, &(id->src_ip6), buf, sizeof(buf)); printf("%s/0x%04x -> ", buf, id->src_port); @@ -175,7 +177,8 @@ list_flow(struct dn_flow *ni) pe = getprotobynumber(id->proto); /* XXX: Should check for IPv4 flows */ - printf("%3u ", (ni->oid.id) & 0xff); + printf("%3u%c", (ni->oid.id) & 0xff, + id->extra ? '*' : ' '); if (!IS_IP6_FLOW_ID(id)) { if (pe) printf("%-4s ", pe->p_name); @@ -532,7 +535,7 @@ read_bandwidth(char *arg, int *bandwidth if (*end == 'K' || *end == 'k') { end++; bw *= 1000; - } else if (*end == 'M') { + } else if (*end == 'M' || *end == 'm') { end++; bw *= 1000000; } @@ -910,6 +913,7 @@ ipfw_config_pipe(int ac, char **av) case TOK_ALL: /* * special case, all bits significant + * except 'extra' (the queue number) */ mask->dst_ip = ~0; mask->src_ip = ~0; @@ -922,6 +926,11 @@ ipfw_config_pipe(int ac, char **av) *flags |= DN_HAVE_MASK; goto end_mask; + case TOK_QUEUE: + mask->extra = ~0; + *flags |= DN_HAVE_MASK; + goto end_mask; + case TOK_DSTIP: mask->addr_type = 4; p32 = &mask->dst_ip; @@ -992,7 +1001,7 @@ ipfw_config_pipe(int ac, char **av) if (a > 0xFF) errx(EX_DATAERR, "proto mask must be 8 bit"); - fs->flow_mask.proto = (uint8_t)a; + mask->proto = (uint8_t)a; } if (a != 0) *flags |= DN_HAVE_MASK; @@ -1234,53 +1243,142 @@ dummynet_flush(void) do_cmd(IP_DUMMYNET3, &oid, oid.len); } +/* Parse input for 'ipfw [pipe|sched|queue] show [range list]' + * Returns the number of ranges, and possibly stores them + * in the array v of size len. + */ +static int +parse_range(int ac, char *av[], uint32_t *v, int len) +{ + int n = 0; + char *endptr, *s; + uint32_t base[2]; + + if (v == NULL || len < 2) { + v = base; + len = 2; + } + + for (s = *av; s != NULL; av++, ac--) { + v[0] = strtoul(s, &endptr, 10); + v[1] = (*endptr != '-') ? v[0] : + strtoul(endptr+1, &endptr, 10); + if (*endptr == '\0') { /* prepare for next round */ + s = (ac > 0) ? *(av+1) : NULL; + } else { + if (*endptr != ',') { + warn("invalid number: %s", s); + s = ++endptr; + continue; + } + /* continue processing from here */ + s = ++endptr; + ac++; + av--; + } + if (v[1] < v[0] || + v[1] < 0 || v[1] >= DN_MAX_ID-1 || + v[0] < 0 || v[1] >= DN_MAX_ID-1) { + continue; /* invalid entry */ + } + n++; + /* translate if 'pipe list' */ + if (co.do_pipe == 1) { + v[0] += DN_MAX_ID; + v[1] += DN_MAX_ID; + } + v = (n*2 < len) ? v + 2 : base; + } + return n; +} + /* main entry point for dummynet list functions. co.do_pipe indicates * which function we want to support. - * XXX todo- accept filtering arguments. + * av may contain filtering arguments, either individual entries + * or ranges, or lists (space or commas are valid separators). + * Format for a range can be n1-n2 or n3 n4 n5 ... + * In a range n1 must be <= n2, otherwise the range is ignored. + * A number 'n4' is translate in a range 'n4-n4' + * All number must be > 0 and < DN_MAX_ID-1 */ void dummynet_list(int ac, char *av[], int show_counters) { - struct dn_id oid, *x = NULL; - int ret, i, l = sizeof(oid); + struct dn_id *oid, *x = NULL; + int ret, i, l; + int n; /* # of ranges */ + int buflen; + int max_size; /* largest obj passed up */ + + ac--; + av++; /* skip 'list' | 'show' word */ + + n = parse_range(ac, av, NULL, 0); /* Count # of ranges. */ + + /* Allocate space to store ranges */ + l = sizeof(*oid) + sizeof(uint32_t) * n * 2; + oid = safe_calloc(1, l); + oid_fill(oid, l, DN_CMD_GET, DN_API_VERSION); + + if (n > 0) /* store ranges in idx */ + parse_range(ac, av, (uint32_t *)(oid + 1), n*2); + /* + * Compute the size of the largest object returned. If the + * response leaves at least this much spare space in the + * buffer, then surely the response is complete; otherwise + * there might be a risk of truncation and we will need to + * retry with a larger buffer. + * XXX don't bother with smaller structs. + */ + max_size = sizeof(struct dn_fs); + if (max_size < sizeof(struct dn_sch)) + max_size = sizeof(struct dn_sch); + if (max_size < sizeof(struct dn_flow)) + max_size = sizeof(struct dn_flow); - oid_fill(&oid, l, DN_CMD_GET, DN_API_VERSION); switch (co.do_pipe) { case 1: - oid.subtype = DN_LINK; /* list pipe */ + oid->subtype = DN_LINK; /* list pipe */ break; case 2: - oid.subtype = DN_FS; /* list queue */ + oid->subtype = DN_FS; /* list queue */ break; case 3: - oid.subtype = DN_SCH; /* list sched */ + oid->subtype = DN_SCH; /* list sched */ break; } - /* Request the buffer size (in oid.id)*/ - ret = do_cmd(-IP_DUMMYNET3, &oid, (uintptr_t)&l); - // printf("%s returns %d need %d\n", __FUNCTION__, ret, oid.id); - if (ret != 0 || oid.id <= sizeof(oid)) - return; - - /* Try max 10 times - * Buffer is correct if l != 0. - * If l == 0 no buffer is sent, maybe because kernel requires - * a greater buffer, so try with the new size in x->id. + /* + * Ask the kernel an estimate of the required space (result + * in oid.id), unless we are requesting a subset of objects, + * in which case the kernel does not give an exact answer. + * In any case, space might grow in the meantime due to the + * creation of new queues, so we must be prepared to retry. */ - for (i = 0, l = oid.id; i < 10; i++, l = x->id) { + if (n > 0) { + buflen = 4*1024; + } else { + ret = do_cmd(-IP_DUMMYNET3, oid, (uintptr_t)&l); + if (ret != 0 || oid->id <= sizeof(*oid)) + goto done; + buflen = oid->id + max_size; + oid->len = sizeof(*oid); /* restore */ + } + /* Try a few times, until the buffer fits */ + for (i = 0; i < 20; i++) { + l = buflen; x = safe_realloc(x, l); - *x = oid; - ret = do_cmd(-IP_DUMMYNET3, x, (uintptr_t)&l); - - if (ret != 0 || x->id <= sizeof(oid)) - return; - - if (l != 0) + bcopy(oid, x, oid->len); + ret = do_cmd(-IP_DUMMYNET3, x, (uintptr_t)&l); + if (ret != 0 || x->id <= sizeof(*oid)) + goto done; /* no response */ + if (l + max_size <= buflen) break; /* ok */ + buflen *= 2; /* double for next attempt */ } - // printf("%s returns %d need %d\n", __FUNCTION__, ret, oid.id); - // XXX filter on ac, av list_pipes(x, O_NEXT(x, l)); - free(x); +done: + if (x) + free(x); + free(oid); } Modified: user/imp/tbemd/sbin/ipfw/ipfw.8 ============================================================================== --- user/imp/tbemd/sbin/ipfw/ipfw.8 Mon Apr 12 23:06:14 2010 (r206518) +++ user/imp/tbemd/sbin/ipfw/ipfw.8 Mon Apr 12 23:09:22 2010 (r206519) @@ -1,7 +1,7 @@ .\" .\" $FreeBSD$ .\" -.Dd June 24, 2009 +.Dd March 20, 2010 .Dt IPFW 8 .Os .Sh NAME @@ -1404,7 +1404,7 @@ If not found, the match fails. Otherwise, the match succeeds and .Cm tablearg is set to the value extracted from the table. -.Br +.Pp This option can be useful to quickly dispatch traffic based on certain packet fields. See the @@ -1501,7 +1501,7 @@ is invalid) whenever .Cm xmit is used. .Pp -A packet may not have a receive or transmit interface: packets +A packet might not have a receive or transmit interface: packets originating from the local host have no receive interface, while packets destined for the local host have no transmit interface. @@ -1847,7 +1847,7 @@ is also the user interface for the .Nm dummynet traffic shaper, packet scheduler and network emulator, a subsystem that can artificially queue, delay or drop packets -emulator the behaviour of certain network links +emulating the behaviour of certain network links or queueing systems. .Pp .Nm dummynet @@ -1859,26 +1859,33 @@ Matching packets are then passed to eith different objects, which implement the traffic regulation: .Bl -hang -offset XXXX .It Em pipe -A pipe emulates a link with given bandwidth, propagation delay, +A +.Em pipe +emulates a +.Em link +with given bandwidth and propagation delay, +driven by a FIFO scheduler and a single queue with programmable queue size and packet loss rate. -Packets are queued in front of the pipe as they come out from the classifier, -and then transferred to the pipe according to the pipe's parameters. +Packets are appended to the queue as they come out from +.Nm ipfw , +and then transferred in FIFO order to the link at the desired rate. .It Em queue -A queue +A +.Em queue is an abstraction used to implement packet scheduling using one of several packet scheduling algorithms. -.Pp -The queue associates a -.Em weight -and a reference scheduler to each flow (a flow is a set of packets -with the same addresses and ports after masking). -A scheduler in turn is connected to a pipe, and arbitrates -the pipe's bandwidth among backlogged flows according to +Packets sent to a +.Em queue +are first grouped into flows according to a mask on the 5-tuple. +Flows are then passed to the scheduler associated to the +.Em queue , +and each flow uses scheduling parameters (weight and others) +as configured in the +.Em queue +itself. +A scheduler in turn is connected to an emulated link, +and arbitrates the link's bandwidth among backlogged flows according to weights and to the features of the scheduling algorithm in use. -.Pp -Note that weights are not priorities; a flow with a lower weight -is still guaranteed to get its fraction of the bandwidth even if a -flow with a higher weight is permanently backlogged. .El .Pp In practice, @@ -1887,6 +1894,52 @@ can be used to set hard limits to the ba .Em queues can be used to determine how different flows share the available bandwidth. .Pp +A graphical representation of the binding of queues, +flows, schedulers and links is below. +.Bd -literal -offset indent + (flow_mask|sched_mask) sched_mask + +---------+ weight Wx +-------------+ + | |->-[flow]-->--| |-+ + -->--| QUEUE x | ... | | | + | |->-[flow]-->--| SCHEDuler N | | + +---------+ | | | + ... | +--[LINK N]-->-- + +---------+ weight Wy | | +--[LINK N]-->-- + | |->-[flow]-->--| | | + -->--| QUEUE y | ... | | | + | |->-[flow]-->--| | | + +---------+ +-------------+ | + +-------------+ +.Ed +It is important to understand the role of the SCHED_MASK +and FLOW_MASK, which are configured through the commands +.Dl "ipfw sched N config mask SCHED_MASK ..." +and +.Dl "ipfw queue X config mask FLOW_MASK ..." . +.Pp +The SCHED_MASK is used to assign flows to one or more +scheduler instances, one for each +value of the packet's 5-fuple after applying SCHED_MASK. +As an example, using ``src-ip 0xffffff00'' creates one instance +for each /24 destination subnet. +.Pp +The FLOW_MASK, together with the SCHED_MASK, is used to split +packets into flows. As an example, using +``src-ip 0x000000ff'' +together with the previous SCHED_MASK makes a flow for +each individual source address. In turn, flows for each /24 +subnet will be sent to the same scheduler instance. +.Pp +The above diagram holds even for the +.Em pipe +case, with the only restriction that a +.Em pipe +only supports a SCHED_MASK, and forces the use of a FIFO +scheduler (these are for backward compatibility reasons; +in fact, internally, a +.Nm dummynet's +pipe is implemented exactly as above). +.Pp There are two modes of .Nm dummynet operation: @@ -2087,9 +2140,36 @@ The following parameters can be configur .Pp .Bl -tag -width indent -compact .It Cm type Ar {fifo | wf2qp | rr | qfq} +specifies the scheduling algorithm to use. +.Bl -tag -width indent -compact +.It cm fifo +is just a FIFO scheduler (which means that all packets +are stored in the same queue as they arrive to the scheduler). +FIFO has O(1) per-packet time complexity, with very low +constants (estimate 60-80ns on a 2Ghz desktop machine) +but gives no service guarantees. +.It Cm wf2qp +implements the WF2Q+ algorithm, which is a Weighted Fair Queueing +algorithm which permits flows to share bandwidth according to +their weights. Note that weights are not priorities; even a flow +with a minuscule weight will never starve. +WF2Q+ has O(log N) per-packet processing cost, where N is the number +of flows, and is the default algorithm used by previous versions +dummynet's queues. +.It Cm rr +implements the Deficit Round Robin algorithm, which has O(1) processing +costs (roughly, 100-150ns per packet) +and permits bandwidth allocation according to weights, but +with poor service guarantees. +.It Cm qfq +implements the QFQ algorithm, which is a very fast variant of +WF2Q+, with similar service guarantees and O(1) processing +costs (roughly, 200-250ns per packet). +.El .El .Pp -plus all the parameters allowed for a pipe. +In addition to the type, all parameters allowed for a pipe can also +be specified for a scheduler. .Pp Finally, the following parameters can be configured for both pipes and queues: Modified: user/imp/tbemd/sbin/ipfw/ipfw2.c ============================================================================== --- user/imp/tbemd/sbin/ipfw/ipfw2.c Mon Apr 12 23:06:14 2010 (r206518) +++ user/imp/tbemd/sbin/ipfw/ipfw2.c Mon Apr 12 23:09:22 2010 (r206519) @@ -231,7 +231,7 @@ static struct _s_x rule_action_params[] */ static int lookup_key[] = { TOK_DSTIP, TOK_SRCIP, TOK_DSTPORT, TOK_SRCPORT, - TOK_UID, TOK_JAIL, -1 }; + TOK_UID, TOK_JAIL, TOK_DSCP, -1 }; static struct _s_x rule_options[] = { { "tagged", TOK_TAGGED }, @@ -258,6 +258,7 @@ static struct _s_x rule_options[] = { { "iplen", TOK_IPLEN }, { "ipid", TOK_IPID }, { "ipprecedence", TOK_IPPRECEDENCE }, + { "dscp", TOK_DSCP }, { "iptos", TOK_IPTOS }, { "ipttl", TOK_IPTTL }, { "ipversion", TOK_IPVER }, @@ -920,9 +921,9 @@ print_icmptypes(ipfw_insn_u32 *cmd) #define HAVE_DSTIP 0x0004 #define HAVE_PROTO4 0x0008 #define HAVE_PROTO6 0x0010 +#define HAVE_IP 0x0100 #define HAVE_OPTIONS 0x8000 -#define HAVE_IP (HAVE_PROTO | HAVE_SRCIP | HAVE_DSTIP) static void show_prerequisites(int *flags, int want, int cmd __unused) { @@ -1023,7 +1024,9 @@ show_ipfw(struct ip_fw *rule, int pcwidt switch(cmd->opcode) { case O_CHECK_STATE: printf("check-state"); - flags = HAVE_IP; /* avoid printing anything else */ + /* avoid printing anything else */ + flags = HAVE_PROTO | HAVE_SRCIP | + HAVE_DSTIP | HAVE_IP; break; case O_ACCEPT: @@ -1163,7 +1166,8 @@ show_ipfw(struct ip_fw *rule, int pcwidt show_prerequisites(&flags, HAVE_PROTO, 0); printf(" from any to any"); } - flags |= HAVE_IP | HAVE_OPTIONS; + flags |= HAVE_IP | HAVE_OPTIONS | HAVE_PROTO | + HAVE_SRCIP | HAVE_DSTIP; } if (co.comment_only) @@ -1252,9 +1256,12 @@ show_ipfw(struct ip_fw *rule, int pcwidt break; case O_IP_DSTPORT: - show_prerequisites(&flags, HAVE_IP, 0); + show_prerequisites(&flags, + HAVE_PROTO | HAVE_SRCIP | + HAVE_DSTIP | HAVE_IP, 0); case O_IP_SRCPORT: - show_prerequisites(&flags, HAVE_PROTO|HAVE_SRCIP, 0); + show_prerequisites(&flags, + HAVE_PROTO | HAVE_SRCIP, 0); if ((cmd->len & F_OR) && !or_block) printf(" {"); if (cmd->len & F_NOT) @@ -1275,7 +1282,8 @@ show_ipfw(struct ip_fw *rule, int pcwidt if ((flags & (HAVE_PROTO4 | HAVE_PROTO6)) && !(flags & HAVE_PROTO)) show_prerequisites(&flags, - HAVE_IP | HAVE_OPTIONS, 0); + HAVE_PROTO | HAVE_IP | HAVE_SRCIP | + HAVE_DSTIP | HAVE_OPTIONS, 0); if (flags & HAVE_OPTIONS) printf(" proto"); if (pe) @@ -1293,7 +1301,8 @@ show_ipfw(struct ip_fw *rule, int pcwidt ((cmd->opcode == O_IP4) && (flags & HAVE_PROTO4))) break; - show_prerequisites(&flags, HAVE_IP | HAVE_OPTIONS, 0); + show_prerequisites(&flags, HAVE_PROTO | HAVE_SRCIP | + HAVE_DSTIP | HAVE_IP | HAVE_OPTIONS, 0); if ((cmd->len & F_OR) && !or_block) printf(" {"); if (cmd->len & F_NOT && cmd->opcode != O_IN) @@ -1547,7 +1556,8 @@ show_ipfw(struct ip_fw *rule, int pcwidt or_block = 0; } } - show_prerequisites(&flags, HAVE_IP, 0); + show_prerequisites(&flags, HAVE_PROTO | HAVE_SRCIP | HAVE_DSTIP + | HAVE_IP, 0); if (comment) printf(" // %s", comment); printf("\n"); @@ -1730,6 +1740,8 @@ ipfw_sysctl_handler(char *av[], int whic } else if (_substrcmp(*av, "firewall") == 0) { sysctlbyname("net.inet.ip.fw.enable", NULL, 0, &which, sizeof(which)); + sysctlbyname("net.inet6.ip6.fw.enable", NULL, 0, + &which, sizeof(which)); } else if (_substrcmp(*av, "one_pass") == 0) { sysctlbyname("net.inet.ip.fw.one_pass", NULL, 0, &which, sizeof(which)); @@ -2646,7 +2658,7 @@ ipfw_add(char *av[]) } /* [set N] -- set number (0..RESVD_SET), optional */ - if (av[0] && !av[1] && _substrcmp(*av, "set") == 0) { + if (av[0] && av[1] && _substrcmp(*av, "set") == 0) { int set = strtoul(av[1], NULL, 10); if (set < 0 || set > RESVD_SET) errx(EX_DATAERR, "illegal set %s", av[1]); @@ -3519,7 +3531,7 @@ read_options: char *p; int j; - if (av[0] && av[1]) + if (!av[0] || !av[1]) errx(EX_USAGE, "format: lookup argument tablenum"); cmd->opcode = O_IP_DST_LOOKUP; cmd->len |= F_INSN_SIZE(ipfw_insn) + 2; Modified: user/imp/tbemd/sbin/ipfw/ipfw2.h ============================================================================== --- user/imp/tbemd/sbin/ipfw/ipfw2.h Mon Apr 12 23:06:14 2010 (r206518) *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201004122309.o3CN9NQx068709>