usr.sbin: Automated cleanup of cdefs and other formatting

Apply the following automated changes to try to eliminate
no-longer-needed sys/cdefs.h includes as well as now-empty
blank lines in a row.

Remove /^#if.*\n#endif.*\n#include\s+<sys/cdefs.h>.*\n/
Remove /\n+#include\s+<sys/cdefs.h>.*\n+#if.*\n#endif.*\n+/
Remove /\n+#if.*\n#endif.*\n+/
Remove /^#if.*\n#endif.*\n/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/types.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/param.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/capsicum.h>/

Sponsored by: Netflix

usr.sbin: Remove ancient SCCS tags.

Remove ancient SCCS tags from the tree, automated scripting, with two
minor fixup to keep things compiling. All the common forms in the tree
were removed with a perl script.

Sponsored by: Netflix

keyserv: Remove return statement at the end of void functions

Signed-off-by: Elyes Haouas <ehaouas@noos.fr>

Purge more stray embedded $FreeBSD$ strings

These do not use __FBSDID but instead use bare char arrays.

Reviewed by: imp, emaste
Differential Revision: https://reviews.freebsd.org/D41957

keyserv: Use C89 function definitions.

Also use more accurate function pointer types, and trim some duplicate
(but incomplete) function prototypes.

Reviewed by: zlei
Differential Revision: https://reviews.freebsd.org/D39533

keyserv(8): unifdef out __FreeBSD__ and KEYSERV_RANDOM

This doesn't appear to have some active upstream (and it's a steaming pile of
bad 90s crypto design). Rip out the completely horrible bits and leave the
only mildly less horrible bits. The whole thing should probably be deleted; to
the extent it purports to provide a security feature: it doesn't.

Cleanup unnecessary semicolons from utilities we all love.

Rework all non-contributed files that use `struct timezone'.

This structure is not part of POSIX. According to POSIX, gettimeofday()
has the following prototype:

int gettimeofday(struct timeval *restrict tp, void *restrict tzp);

Also, POSIX states that gettimeofday() shall return 0 (as long as tzp is
not used). Remove dead error handling code. Also use NULL for a
nul-pointer instead of integer 0.

While there, change all pieces of code that only use tv_sec to use
time(3), as this provides less overhead.

In usr.sbin/keyserv, fix some implicit enum conversions, and use the
correct printf length modifiers for uid_t.

MFC after: 1 week

A new jail(8) with a configuration file, to replace the work currently done
by /etc/rc.d/jail.

Create the altix project branch. The altix project will add support
for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting
is a two-module system, consisting of a base compute module and a
CPU expansion module. SGI's NUMAFlex architecture can be an excellent
platform to test CPU affinity and NUMA-aware features in FreeBSD.

- Import the HEAD csup code which is the basis for the cvsmode work.

Cleanup of userland __P use

Use arc4random() instead of random() when generating the master key.

MFC after: 1 week

Use sranddev()/srandomdev() for FreeBSD

Port to TI/RPC and/or IPV6.

Submitted by: Jean-Luc Richier <Jean-Luc.Richier@imag.fr>

Spell void * as void * rather than caddr_t. This is complicated by the
fact that caddr_t is often misspelled as char *.

Sponsored by: DARPA, NAI Labs

Readded the svc_create() and the registering of the local transport,
now it is fixed. This should get us a working keyserv again, since
it depends on local transport for key exchange.

Since we do not have any KEYFILE name hardcoded anymore, set the
umask that way that the keyserver socket can be created with with
the appropriate permissions.

Re-add the accidently removed signal(SIGPIPE, SIG_IGN); to the code
which makes sense to avoid SIGPIPE when a disconnect on rpc socket
occurs.

Submitted by: mbr

Nuke unused variables.

Hopefully fix some of the bugs in passing credentials over UNIX domain sockets.

Make struct cmessage visible from socket.h (about 4 places were
defining it for themselves which wasn't good)

Make __rpc_get_local_uid() useable and give it prototype that's
visible.

Fix some issues with printing out usernames from rpcbind and keyserv.

Bring in a hybrid of SunSoft's transport-independent RPC (TI-RPC) and
associated changes that had to happen to make this possible as well as
bugs fixed along the way.

Bring in required TLI library routines to support this.

Since we don't support TLI we've essentially copied what NetBSD
has done, adding a thin layer to emulate direct the TLI calls
into BSD socket calls.

This is mostly from Sun's tirpc release that was made in 1994,
however some fixes were backported from the 1999 release (supposedly
only made available after this porting effort was underway).

The submitter has agreed to continue on and bring us up to the
1999 release.

Several key features are introduced with this update:
Client calls are thread safe. (1999 code has server side thread
safe)
Updated, a more modern interface.

Many userland updates were done to bring the code up to par with
the recent RPC API.

There is an update to the pthreads library, a function
pthread_main_np() was added to emulate a function of Sun's threads
library.

While we're at it, bring in NetBSD's lockd, it's been far too
long of a wait.

New rpcbind(8) replaces portmap(8) (supporting communication over
an authenticated Unix-domain socket, and by default only allowing
set and unset requests over that channel). It's much more secure
than the old portmapper.

Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded
to support TI-RPC and to support IPV6.

Umount(8) is also fixed to unmount pathnames longer than 80 chars,
which are currently truncated by the Kernel statfs structure.

Submitted by: Martin Blapp <mb@imp.ch>
Manpage review: ru
Secure RPC implemented by: wpaul

$Id$ -> $FreeBSD$

Use err(3). Put includes in alphabetical order.
Rewrote man page in mdoc format.
Document -v and -p flags.

Import of the keyserv daemon needed for Secure RPC.

This version supports both the keyserv v1 and v2 protocols. It uses the
new AF_LOCAL transport so that only local processes can use it for
storing/retrieving keys, and it uses the SCM_CREDS kernel hack for
authentication. With these two modifications, we don't need the keyenvoy
program normally used with RPC 4.0.

Note that if libdes.so.3.x is present on the system when keyserv
is started, Secure RPC will run with normal DES encryption. If not,
everything falls back to RC4 with a 40 bit key.