From owner-svn-src-vendor@FreeBSD.ORG Wed Apr 28 08:37:01 2010 Return-Path: Delivered-To: svn-src-vendor@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 89FF01065673; Wed, 28 Apr 2010 08:37:01 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 75E318FC0A; Wed, 28 Apr 2010 08:37:01 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id o3S8b1k9075070; Wed, 28 Apr 2010 08:37:01 GMT (envelope-from des@svn.freebsd.org) Received: (from des@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id o3S8b125075051; Wed, 28 Apr 2010 08:37:01 GMT (envelope-from des@svn.freebsd.org) Message-Id: <201004280837.o3S8b125075051@svn.freebsd.org> From: Dag-Erling Smorgrav Date: Wed, 28 Apr 2010 08:37:01 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org X-SVN-Group: vendor-crypto MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r207311 - in vendor-crypto/openssh/dist: . contrib contrib/caldera contrib/cygwin contrib/redhat contrib/suse openbsd-compat X-BeenThere: svn-src-vendor@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the vendor work area tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2010 08:37:01 -0000 Author: des Date: Wed Apr 28 08:37:00 2010 New Revision: 207311 URL: http://svn.freebsd.org/changeset/base/207311 Log: Vendor import of OpenSSH 5.5p1 Modified: vendor-crypto/openssh/dist/ChangeLog vendor-crypto/openssh/dist/Makefile.in vendor-crypto/openssh/dist/README vendor-crypto/openssh/dist/auth-options.c vendor-crypto/openssh/dist/auth2-pubkey.c vendor-crypto/openssh/dist/channels.c vendor-crypto/openssh/dist/clientloop.c vendor-crypto/openssh/dist/config.h.in vendor-crypto/openssh/dist/configure vendor-crypto/openssh/dist/configure.ac vendor-crypto/openssh/dist/contrib/Makefile vendor-crypto/openssh/dist/contrib/caldera/openssh.spec vendor-crypto/openssh/dist/contrib/cygwin/Makefile vendor-crypto/openssh/dist/contrib/cygwin/ssh-host-config vendor-crypto/openssh/dist/contrib/redhat/openssh.spec vendor-crypto/openssh/dist/contrib/ssh-copy-id vendor-crypto/openssh/dist/contrib/suse/openssh.spec vendor-crypto/openssh/dist/defines.h vendor-crypto/openssh/dist/key.c vendor-crypto/openssh/dist/key.h vendor-crypto/openssh/dist/loginrec.c vendor-crypto/openssh/dist/logintest.c vendor-crypto/openssh/dist/moduli.0 vendor-crypto/openssh/dist/openbsd-compat/bsd-arc4random.c vendor-crypto/openssh/dist/scp.0 vendor-crypto/openssh/dist/servconf.c vendor-crypto/openssh/dist/session.c vendor-crypto/openssh/dist/sftp-server.0 vendor-crypto/openssh/dist/sftp.0 vendor-crypto/openssh/dist/ssh-add.0 vendor-crypto/openssh/dist/ssh-agent.0 vendor-crypto/openssh/dist/ssh-keygen.0 vendor-crypto/openssh/dist/ssh-keygen.1 vendor-crypto/openssh/dist/ssh-keygen.c vendor-crypto/openssh/dist/ssh-keyscan.0 vendor-crypto/openssh/dist/ssh-keysign.0 vendor-crypto/openssh/dist/ssh-pkcs11-helper.0 vendor-crypto/openssh/dist/ssh-pkcs11-helper.c vendor-crypto/openssh/dist/ssh-rand-helper.0 vendor-crypto/openssh/dist/ssh.0 vendor-crypto/openssh/dist/ssh.1 vendor-crypto/openssh/dist/ssh_config.0 vendor-crypto/openssh/dist/ssh_config.5 vendor-crypto/openssh/dist/sshd.0 vendor-crypto/openssh/dist/sshd_config.0 vendor-crypto/openssh/dist/version.h Modified: vendor-crypto/openssh/dist/ChangeLog ============================================================================== --- vendor-crypto/openssh/dist/ChangeLog Wed Apr 28 07:57:37 2010 (r207310) +++ vendor-crypto/openssh/dist/ChangeLog Wed Apr 28 08:37:00 2010 (r207311) @@ -1,4 +1,120 @@ -20100307 +20100410 + - (dtucker) [configure.ac] Put the check for the existence of getaddrinfo + back so we disable the IPv6 tests if we don't have it. + +20100409 + - (dtucker) [contrib/cygwin/Makefile] Don't overwrite files with the wrong + ones. Based on a patch from Roumen Petrov. + - (dtucker) [configure.ac] Bug #1744: use pkg-config for libedit flags if we + have it and the path is not provided to --with-libedit. Based on a patch + from Iain Morgan. + - (dtucker) [configure.ac defines.h loginrec.c logintest.c] Bug #1732: enable + utmpx support on FreeBSD where possible. Patch from Ed Schouten, ok djm@ + +20100326 + - (djm) [openbsd-compat/bsd-arc4random.c] Fix preprocessor detection + for arc4random_buf() and arc4random_uniform(); from Josh Gilkerson + - (dtucker) [configure.ac] Bug #1741: Add section for Haiku, patch originally + by Ingo Weinhold via Scott McCreary, ok djm@ + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2010/03/25 23:38:28 + [servconf.c] + from portable: getcwd(NULL, 0) doesn't work on all platforms, so + use a stack buffer; ok dtucker@ + - djm@cvs.openbsd.org 2010/03/26 00:26:58 + [ssh.1] + mention that -S none disables connection sharing; from Colin Watson + - (djm) [session.c] Allow ChrootDirectory to work on SELinux platforms - + set up SELinux execution context before chroot() call. From Russell + Coker via Colin watson; bz#1726 ok dtucker@ + - (djm) [channels.c] Check for EPFNOSUPPORT as a socket() errno; bz#1721 + ok dtucker@ + - (dtucker) Bug #1725: explicitly link libX11 into gnome-ssh-askpass2 using + pkg-config, patch from Colin Watson. Needed for newer linkers (ie gold). + - (djm) [contrib/ssh-copy-id] Don't blow up when the agent has no keys; + bz#1723 patch from Adeodato Simóvia Colin Watson; ok dtucker@ + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2010/03/26 01:06:13 + [ssh_config.5] + Reformat default value of PreferredAuthentications entry (current + formatting implies ", " is acceptable as a separator, which it's not. + ok djm@ + +20100324 + - (dtucker) [contrib/cygwin/ssh-host-config] Mount the Windows directory + containing the services file explicitely case-insensitive. This allows to + tweak the Windows services file reliably. Patch from vinschen at redhat. + +20100321 + - (djm) OpenBSD CVS Sync + - jmc@cvs.openbsd.org 2010/03/08 09:41:27 + [ssh-keygen.1] + sort the list of constraints (to -O); ok djm + - jmc@cvs.openbsd.org 2010/03/10 07:40:35 + [ssh-keygen.1] + typos; from Ross Richardson + closes prs 6334 and 6335 + - djm@cvs.openbsd.org 2010/03/10 23:27:17 + [auth2-pubkey.c] + correct certificate logging and make it more consistent between + authorized_keys and TrustedCAKeys; ok markus@ + - djm@cvs.openbsd.org 2010/03/12 01:06:25 + [servconf.c] + unbreak AuthorizedKeys option with a $HOME-relative path; reported by + vinschen AT redhat.com, ok dtucker@ + - markus@cvs.openbsd.org 2010/03/12 11:37:40 + [servconf.c] + do not prepend AuthorizedKeysFile with getcwd(), unbreaks relative paths + free() (not xfree()) the buffer returned by getcwd() + - djm@cvs.openbsd.org 2010/03/13 21:10:38 + [clientloop.c] + protocol conformance fix: send language tag when disconnecting normally; + spotted by 1.41421 AT gmail.com, ok markus@ deraadt@ + - djm@cvs.openbsd.org 2010/03/13 21:45:46 + [ssh-keygen.1] + Certificates are named *-cert.pub, not *_cert.pub; committing a diff + from stevesk@ ok me + - jmc@cvs.openbsd.org 2010/03/13 23:38:13 + [ssh-keygen.1] + fix a formatting error (args need quoted); noted by stevesk + - stevesk@cvs.openbsd.org 2010/03/15 19:40:02 + [key.c key.h ssh-keygen.c] + also print certificate type (user or host) for ssh-keygen -L + ok djm kettenis + - stevesk@cvs.openbsd.org 2010/03/16 15:46:52 + [auth-options.c] + spelling in error message. ok djm kettenis + - djm@cvs.openbsd.org 2010/03/16 16:36:49 + [version.h] + crank version to openssh-5.5 since we have a few fixes since 5.4; + requested deraadt@ kettenis@ + - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + [contrib/suse/openssh.spec] Crank version numbers + +20100314 + - (djm) [ssh-pkcs11-helper.c] Move #ifdef to after #defines to fix + compilation failure when !HAVE_DLOPEN. Reported by felix-mindrot + AT fefe.de + - (djm) [Makefile.in] Respecify -lssh after -lopenbsd-compat for + ssh-pkcs11-helper to repair static builds (we do the same for + ssh-keyscan). Reported by felix-mindrot AT fefe.de + +20100312 + - (tim) [Makefile.in] Now that scard is gone, no need to make $(datadir) + - (tim) [Makefile.in] Add missing $(EXEEXT) to install targets. + Patch from Corinna Vinschen. + - (tim) [contrib/cygwin/Makefile] Fix list of documentation files to install + on a Cygwin installation. Patch from Corinna Vinschen. + +20100311 + - (tim) [contrib/suse/openssh.spec] crank version number here too. + report by imorgan AT nas.nasa.gov + +20100309 + - (dtucker) [configure.ac] Use a proper AC_CHECK_DECL for BROKEN_GETADDRINFO + so setting it in CFLAGS correctly skips IPv6 tests. + +20100308 - (djm) OpenBSD CVS Sync - djm@cvs.openbsd.org 2010/03/07 22:16:01 [ssh-keygen.c] Modified: vendor-crypto/openssh/dist/Makefile.in ============================================================================== --- vendor-crypto/openssh/dist/Makefile.in Wed Apr 28 07:57:37 2010 (r207310) +++ vendor-crypto/openssh/dist/Makefile.in Wed Apr 28 08:37:00 2010 (r207311) @@ -1,4 +1,4 @@ -# $Id: Makefile.in,v 1.306 2010/02/24 07:18:51 djm Exp $ +# $Id: Makefile.in,v 1.309 2010/03/13 21:41:34 djm Exp $ # uncomment if you run a non bourne compatable shell. Ie. csh #SHELL = @SH@ @@ -160,7 +160,7 @@ ssh-keysign$(EXEEXT): $(LIBCOMPAT) libss $(LD) -o $@ ssh-keysign.o readconf.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11.o - $(LD) -o $@ ssh-pkcs11-helper.o ssh-pkcs11.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) + $(LD) -o $@ ssh-pkcs11-helper.o ssh-pkcs11.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o roaming_dummy.o $(LD) -o $@ ssh-keyscan.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) @@ -249,26 +249,25 @@ install-files: $(srcdir)/mkinstalldirs $(DESTDIR)$(bindir) $(srcdir)/mkinstalldirs $(DESTDIR)$(sbindir) $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir) - $(srcdir)/mkinstalldirs $(DESTDIR)$(datadir) $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)1 $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)5 $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)8 $(srcdir)/mkinstalldirs $(DESTDIR)$(libexecdir) (umask 022 ; $(srcdir)/mkinstalldirs $(DESTDIR)$(PRIVSEP_PATH)) - $(INSTALL) -m 0755 $(STRIP_OPT) ssh $(DESTDIR)$(bindir)/ssh - $(INSTALL) -m 0755 $(STRIP_OPT) scp $(DESTDIR)$(bindir)/scp - $(INSTALL) -m 0755 $(STRIP_OPT) ssh-add $(DESTDIR)$(bindir)/ssh-add - $(INSTALL) -m 0755 $(STRIP_OPT) ssh-agent $(DESTDIR)$(bindir)/ssh-agent - $(INSTALL) -m 0755 $(STRIP_OPT) ssh-keygen $(DESTDIR)$(bindir)/ssh-keygen - $(INSTALL) -m 0755 $(STRIP_OPT) ssh-keyscan $(DESTDIR)$(bindir)/ssh-keyscan - $(INSTALL) -m 0755 $(STRIP_OPT) sshd $(DESTDIR)$(sbindir)/sshd + $(INSTALL) -m 0755 $(STRIP_OPT) ssh$(EXEEXT) $(DESTDIR)$(bindir)/ssh$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) scp$(EXEEXT) $(DESTDIR)$(bindir)/scp$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) ssh-add$(EXEEXT) $(DESTDIR)$(bindir)/ssh-add$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) ssh-agent$(EXEEXT) $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) ssh-keygen$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) ssh-keyscan$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) sshd$(EXEEXT) $(DESTDIR)$(sbindir)/sshd$(EXEEXT) if test ! -z "$(INSTALL_SSH_RAND_HELPER)" ; then \ - $(INSTALL) -m 0755 $(STRIP_OPT) ssh-rand-helper $(DESTDIR)$(libexecdir)/ssh-rand-helper ; \ + $(INSTALL) -m 0755 $(STRIP_OPT) ssh-rand-helper$(EXEEXT) $(DESTDIR)$(libexecdir)/ssh-rand-helper$(EXEEXT) ; \ fi - $(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign $(DESTDIR)$(SSH_KEYSIGN) - $(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper $(DESTDIR)$(SSH_PKCS11_HELPER) - $(INSTALL) -m 0755 $(STRIP_OPT) sftp $(DESTDIR)$(bindir)/sftp - $(INSTALL) -m 0755 $(STRIP_OPT) sftp-server $(DESTDIR)$(SFTP_SERVER) + $(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign$(EXEEXT) $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) $(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1 $(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1 $(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1 Modified: vendor-crypto/openssh/dist/README ============================================================================== --- vendor-crypto/openssh/dist/README Wed Apr 28 07:57:37 2010 (r207310) +++ vendor-crypto/openssh/dist/README Wed Apr 28 08:37:00 2010 (r207311) @@ -1,4 +1,4 @@ -See http://www.openssh.com/txt/release-5.4 for the release notes. +See http://www.openssh.com/txt/release-5.5 for the release notes. - A Japanese translation of this document and of the OpenSSH FAQ is - available at http://www.unixuser.org/~haruyama/security/openssh/index.html @@ -62,4 +62,4 @@ References - [6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9 [7] http://www.openssh.com/faq.html -$Id: README,v 1.72 2010/03/07 22:41:02 djm Exp $ +$Id: README,v 1.73 2010/03/21 19:11:55 djm Exp $ Modified: vendor-crypto/openssh/dist/auth-options.c ============================================================================== --- vendor-crypto/openssh/dist/auth-options.c Wed Apr 28 07:57:37 2010 (r207310) +++ vendor-crypto/openssh/dist/auth-options.c Wed Apr 28 08:37:00 2010 (r207311) @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-options.c,v 1.48 2010/03/07 11:57:13 dtucker Exp $ */ +/* $OpenBSD: auth-options.c,v 1.49 2010/03/16 15:46:52 stevesk Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -434,7 +434,7 @@ auth_cert_constraints(Buffer *c_orig, st goto out; } if (strlen(command) != clen) { - error("force-command constrain contains \\0"); + error("force-command constraint contains \\0"); goto out; } if (cert_forced_command != NULL) { @@ -454,7 +454,7 @@ auth_cert_constraints(Buffer *c_orig, st goto out; } if (strlen(allowed) != clen) { - error("source-address constrain contains \\0"); + error("source-address constraint contains \\0"); goto out; } if (cert_source_address_done++) { Modified: vendor-crypto/openssh/dist/auth2-pubkey.c ============================================================================== --- vendor-crypto/openssh/dist/auth2-pubkey.c Wed Apr 28 07:57:37 2010 (r207310) +++ vendor-crypto/openssh/dist/auth2-pubkey.c Wed Apr 28 08:37:00 2010 (r207311) @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.21 2010/03/04 10:36:03 djm Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.22 2010/03/10 23:27:17 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -240,22 +240,26 @@ user_key_allowed2(struct passwd *pw, Key continue; if (!key_equal(found, key->cert->signature_key)) continue; - debug("matching CA found: file %s, line %lu", - file, linenum); fp = key_fingerprint(found, SSH_FP_MD5, SSH_FP_HEX); - verbose("Found matching %s CA: %s", - key_type(found), fp); - xfree(fp); + debug("matching CA found: file %s, line %lu, %s %s", + file, linenum, key_type(found), fp); if (key_cert_check_authority(key, 0, 0, pw->pw_name, &reason) != 0) { + xfree(fp); error("%s", reason); auth_debug_add("%s", reason); continue; } if (auth_cert_constraints(&key->cert->constraints, - pw) != 0) + pw) != 0) { + xfree(fp); continue; + } + verbose("Accepted certificate ID \"%s\" " + "signed by %s CA %s via %s", key->cert->key_id, + key_type(found), fp, file); + xfree(fp); found_key = 1; break; } else if (!key_is_cert_authority && key_equal(found, key)) { @@ -281,15 +285,15 @@ user_key_allowed2(struct passwd *pw, Key static int user_cert_trusted_ca(struct passwd *pw, Key *key) { - char *key_fp, *ca_fp; + char *ca_fp; const char *reason; int ret = 0; if (!key_is_cert(key) || options.trusted_user_ca_keys == NULL) return 0; - key_fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); - ca_fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); + ca_fp = key_fingerprint(key->cert->signature_key, + SSH_FP_MD5, SSH_FP_HEX); if (key_in_file(key->cert->signature_key, options.trusted_user_ca_keys, 1) != 1) { @@ -306,13 +310,12 @@ user_cert_trusted_ca(struct passwd *pw, if (auth_cert_constraints(&key->cert->constraints, pw) != 0) goto out; - verbose("%s certificate %s allowed by trusted %s key %s", - key_type(key), key_fp, key_type(key->cert->signature_key), ca_fp); + verbose("Accepted certificate ID \"%s\" signed by %s CA %s via %s", + key->cert->key_id, key_type(key->cert->signature_key), ca_fp, + options.trusted_user_ca_keys); ret = 1; out: - if (key_fp != NULL) - xfree(key_fp); if (ca_fp != NULL) xfree(ca_fp); return ret; Modified: vendor-crypto/openssh/dist/channels.c ============================================================================== --- vendor-crypto/openssh/dist/channels.c Wed Apr 28 07:57:37 2010 (r207310) +++ vendor-crypto/openssh/dist/channels.c Wed Apr 28 08:37:00 2010 (r207311) @@ -3252,7 +3252,11 @@ x11_create_display_inet(int x11_display_ sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); if (sock < 0) { - if ((errno != EINVAL) && (errno != EAFNOSUPPORT)) { + if ((errno != EINVAL) && (errno != EAFNOSUPPORT) +#ifdef EPFNOSUPPORT + && (errno != EPFNOSUPPORT) +#endif + ) { error("socket: %.100s", strerror(errno)); freeaddrinfo(aitop); return -1; Modified: vendor-crypto/openssh/dist/clientloop.c ============================================================================== --- vendor-crypto/openssh/dist/clientloop.c Wed Apr 28 07:57:37 2010 (r207310) +++ vendor-crypto/openssh/dist/clientloop.c Wed Apr 28 08:37:00 2010 (r207311) @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.218 2010/01/28 00:21:18 djm Exp $ */ +/* $OpenBSD: clientloop.c,v 1.219 2010/03/13 21:10:38 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1484,6 +1484,7 @@ client_loop(int have_pty, int escape_cha packet_start(SSH2_MSG_DISCONNECT); packet_put_int(SSH2_DISCONNECT_BY_APPLICATION); packet_put_cstring("disconnected by user"); + packet_put_cstring(""); /* language tag */ packet_send(); packet_write_wait(); } Modified: vendor-crypto/openssh/dist/config.h.in ============================================================================== --- vendor-crypto/openssh/dist/config.h.in Wed Apr 28 07:57:37 2010 (r207310) +++ vendor-crypto/openssh/dist/config.h.in Wed Apr 28 08:37:00 2010 (r207311) @@ -80,9 +80,6 @@ /* Define if you want to specify the path to your lastlog file */ #undef CONF_LASTLOG_FILE -/* Define if you want to specify the path to your utmpx file */ -#undef CONF_UTMPX_FILE - /* Define if you want to specify the path to your utmp file */ #undef CONF_UTMP_FILE @@ -455,6 +452,9 @@ /* Define to 1 if you have the `getutxline' function. */ #undef HAVE_GETUTXLINE +/* Define to 1 if you have the `getutxuser' function. */ +#undef HAVE_GETUTXUSER + /* Define to 1 if you have the `get_default_context_with_level' function. */ #undef HAVE_GET_DEFAULT_CONTEXT_WITH_LEVEL @@ -551,6 +551,9 @@ /* Define if system has libiaf that supports set_id */ #undef HAVE_LIBIAF +/* Define to 1 if you have the `network' library (-lnetwork). */ +#undef HAVE_LIBNETWORK + /* Define to 1 if you have the `nsl' library (-lnsl). */ #undef HAVE_LIBNSL @@ -804,6 +807,9 @@ /* Define to 1 if you have the `setutent' function. */ #undef HAVE_SETUTENT +/* Define to 1 if you have the `setutxdb' function. */ +#undef HAVE_SETUTXDB + /* Define to 1 if you have the `setutxent' function. */ #undef HAVE_SETUTXENT Modified: vendor-crypto/openssh/dist/configure ============================================================================== --- vendor-crypto/openssh/dist/configure Wed Apr 28 07:57:37 2010 (r207310) +++ vendor-crypto/openssh/dist/configure Wed Apr 28 08:37:00 2010 (r207311) @@ -1,5 +1,5 @@ #! /bin/sh -# From configure.ac Revision: 1.444 . +# From configure.ac Revision: 1.449 . # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.61 for OpenSSH Portable. # @@ -693,6 +693,7 @@ LOGIN_PROGRAM_FALLBACK PATH_PASSWD_PROG LD SSHDLIBS +PKGCONFIG LIBEDIT INSTALL_SSH_RAND_HELPER SSH_PRIVSEP_USER @@ -7435,6 +7436,85 @@ fi *-*-dragonfly*) SSHDLIBS="$SSHDLIBS -lcrypt" ;; +*-*-haiku*) + LIBS="$LIBS -lbsd " + +{ echo "$as_me:$LINENO: checking for socket in -lnetwork" >&5 +echo $ECHO_N "checking for socket in -lnetwork... $ECHO_C" >&6; } +if test "${ac_cv_lib_network_socket+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lnetwork $LIBS" +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char socket (); +int +main () +{ +return socket (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then + ac_cv_lib_network_socket=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_cv_lib_network_socket=no +fi + +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ echo "$as_me:$LINENO: result: $ac_cv_lib_network_socket" >&5 +echo "${ECHO_T}$ac_cv_lib_network_socket" >&6; } +if test $ac_cv_lib_network_socket = yes; then + cat >>confdefs.h <<_ACEOF +#define HAVE_LIBNETWORK 1 +_ACEOF + + LIBS="-lnetwork $LIBS" + +fi + + cat >>confdefs.h <<\_ACEOF +#define HAVE_U_INT64_T 1 +_ACEOF + + MANTYPE=man + ;; *-*-hpux*) # first we define all of the options common to all HP-UX releases CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" @@ -12326,7 +12406,61 @@ LIBEDIT_MSG="no" # Check whether --with-libedit was given. if test "${with_libedit+set}" = set; then withval=$with_libedit; if test "x$withval" != "xno" ; then - if test "x$withval" != "xyes"; then + if test "x$withval" = "xyes" ; then + # Extract the first word of "pkg-config", so it can be a program name with args. +set dummy pkg-config; ac_word=$2 +{ echo "$as_me:$LINENO: checking for $ac_word" >&5 +echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } +if test "${ac_cv_path_PKGCONFIG+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + case $PKGCONFIG in + [\\/]* | ?:[\\/]*) + ac_cv_path_PKGCONFIG="$PKGCONFIG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_path_PKGCONFIG="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done +done +IFS=$as_save_IFS + + test -z "$ac_cv_path_PKGCONFIG" && ac_cv_path_PKGCONFIG="no" + ;; +esac +fi +PKGCONFIG=$ac_cv_path_PKGCONFIG +if test -n "$PKGCONFIG"; then + { echo "$as_me:$LINENO: result: $PKGCONFIG" >&5 +echo "${ECHO_T}$PKGCONFIG" >&6; } +else + { echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6; } +fi + + + if test "x$PKGCONFIG" != "xno"; then + { echo "$as_me:$LINENO: checking if $PKGCONFIG knows about libedit" >&5 +echo $ECHO_N "checking if $PKGCONFIG knows about libedit... $ECHO_C" >&6; } + if "$PKGCONFIG" libedit; then + { echo "$as_me:$LINENO: result: yes" >&5 +echo "${ECHO_T}yes" >&6; } + use_pkgconfig_for_libedit=yes + else + { echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6; } + fi + fi + else CPPFLAGS="$CPPFLAGS -I${withval}/include" if test -n "${need_dash_r}"; then LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" @@ -12334,13 +12468,20 @@ if test "${with_libedit+set}" = set; the LDFLAGS="-L${withval}/lib ${LDFLAGS}" fi fi + if test "x$use_pkgconfig_for_libedit" == "xyes"; then + LIBEDIT=`$PKGCONFIG --libs-only-l libedit` + CPPFLAGS="$CPPFLAGS `$PKGCONFIG --cflags libedit`" + else + LIBEDIT="-ledit -lcurses" + fi + OTHERLIBS=`echo $LIBEDIT | sed 's/-ledit//'` { echo "$as_me:$LINENO: checking for el_init in -ledit" >&5 echo $ECHO_N "checking for el_init in -ledit... $ECHO_C" >&6; } if test "${ac_cv_lib_edit_el_init+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_check_lib_save_LIBS=$LIBS -LIBS="-ledit -lcurses +LIBS="-ledit $OTHERLIBS $LIBS" cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ @@ -12402,7 +12543,6 @@ cat >>confdefs.h <<\_ACEOF #define USE_LIBEDIT 1 _ACEOF - LIBEDIT="-ledit -lcurses" LIBEDIT_MSG="yes" @@ -14961,7 +15101,8 @@ done -for ac_func in endutxent getutxent getutxid getutxline pututxline + +for ac_func in endutxent getutxent getutxid getutxline getutxuser pututxline do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` { echo "$as_me:$LINENO: checking for $ac_func" >&5 @@ -15056,7 +15197,8 @@ done -for ac_func in setutxent utmpxname + +for ac_func in setutxdb setutxent utmpxname do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` { echo "$as_me:$LINENO: checking for $ac_func" >&5 @@ -29373,8 +29515,8 @@ _ACEOF fi -{ echo "$as_me:$LINENO: checking if your system defines UTMPX_FILE" >&5 -echo $ECHO_N "checking if your system defines UTMPX_FILE... $ECHO_C" >&6; } +{ echo "$as_me:$LINENO: checking if your system defines WTMPX_FILE" >&5 +echo $ECHO_N "checking if your system defines WTMPX_FILE... $ECHO_C" >&6; } cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF @@ -29394,7 +29536,7 @@ cat >>conftest.$ac_ext <<_ACEOF int main () { - char *utmpx = UTMPX_FILE; + char *wtmpx = WTMPX_FILE; ; return 0; } @@ -29424,48 +29566,59 @@ sed 's/^/| /' conftest.$ac_ext >&5 { echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6; } - system_utmpx_path=no + system_wtmpx_path=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -if test -z "$conf_utmpx_location"; then - if test x"$system_utmpx_path" = x"no" ; then +if test -z "$conf_wtmpx_location"; then + if test x"$system_wtmpx_path" = x"no" ; then cat >>confdefs.h <<\_ACEOF -#define DISABLE_UTMPX 1 +#define DISABLE_WTMPX 1 _ACEOF fi else cat >>confdefs.h <<_ACEOF -#define CONF_UTMPX_FILE "$conf_utmpx_location" +#define CONF_WTMPX_FILE "$conf_wtmpx_location" _ACEOF fi -{ echo "$as_me:$LINENO: checking if your system defines WTMPX_FILE" >&5 -echo $ECHO_N "checking if your system defines WTMPX_FILE... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF + +if test ! -z "$blibpath" ; then + LDFLAGS="$LDFLAGS $blibflags$blibpath" + { echo "$as_me:$LINENO: WARNING: Please check and edit blibpath in LDFLAGS in Makefile" >&5 +echo "$as_me: WARNING: Please check and edit blibpath in LDFLAGS in Makefile" >&2;} +fi + +CFLAGS="$CFLAGS $werror_flags" + +if test "x$ac_cv_func_getaddrinfo" != "xyes" ; then + TEST_SSH_IPV6=no +else + TEST_SSH_IPV6=yes +fi +{ echo "$as_me:$LINENO: checking whether BROKEN_GETADDRINFO is declared" >&5 +echo $ECHO_N "checking whether BROKEN_GETADDRINFO is declared... $ECHO_C" >&6; } +if test "${ac_cv_have_decl_BROKEN_GETADDRINFO+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ - -#include -#include -#ifdef HAVE_UTMPX_H -#include -#endif -#ifdef HAVE_PATHS_H -# include -#endif - +$ac_includes_default int main () { - char *wtmpx = WTMPX_FILE; +#ifndef BROKEN_GETADDRINFO + (void) BROKEN_GETADDRINFO; +#endif + ; return 0; } @@ -29487,51 +29640,24 @@ eval "echo \"\$as_me:$LINENO: $ac_try_ec test -z "$ac_c_werror_flag" || test ! -s conftest.err } && test -s conftest.$ac_objext; then - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + ac_cv_have_decl_BROKEN_GETADDRINFO=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - system_wtmpx_path=no - + ac_cv_have_decl_BROKEN_GETADDRINFO=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -if test -z "$conf_wtmpx_location"; then - if test x"$system_wtmpx_path" = x"no" ; then - cat >>confdefs.h <<\_ACEOF -#define DISABLE_WTMPX 1 -_ACEOF - - fi -else - -cat >>confdefs.h <<_ACEOF -#define CONF_WTMPX_FILE "$conf_wtmpx_location" -_ACEOF - fi - - -if test ! -z "$blibpath" ; then - LDFLAGS="$LDFLAGS $blibflags$blibpath" - { echo "$as_me:$LINENO: WARNING: Please check and edit blibpath in LDFLAGS in Makefile" >&5 -echo "$as_me: WARNING: Please check and edit blibpath in LDFLAGS in Makefile" >&2;} +{ echo "$as_me:$LINENO: result: $ac_cv_have_decl_BROKEN_GETADDRINFO" >&5 +echo "${ECHO_T}$ac_cv_have_decl_BROKEN_GETADDRINFO" >&6; } +if test $ac_cv_have_decl_BROKEN_GETADDRINFO = yes; then + TEST_SSH_IPV6=no fi -CFLAGS="$CFLAGS $werror_flags" +TEST_SSH_IPV6=$TEST_SSH_IPV6 -if grep "#define BROKEN_GETADDRINFO 1" confdefs.h >/dev/null || \ - test "x$ac_cv_func_getaddrinfo" != "xyes" ; then - TEST_SSH_IPV6=no - -else - TEST_SSH_IPV6=yes - -fi ac_config_files="$ac_config_files Makefile buildpkg.sh opensshd.init openssh.xml openbsd-compat/Makefile openbsd-compat/regress/Makefile ssh_prng_cmds survey.sh" @@ -30236,6 +30362,7 @@ LOGIN_PROGRAM_FALLBACK!$LOGIN_PROGRAM_FA PATH_PASSWD_PROG!$PATH_PASSWD_PROG$ac_delim LD!$LD$ac_delim SSHDLIBS!$SSHDLIBS$ac_delim +PKGCONFIG!$PKGCONFIG$ac_delim LIBEDIT!$LIBEDIT$ac_delim INSTALL_SSH_RAND_HELPER!$INSTALL_SSH_RAND_HELPER$ac_delim SSH_PRIVSEP_USER!$SSH_PRIVSEP_USER$ac_delim @@ -30255,7 +30382,6 @@ PROG_VMSTAT!$PROG_VMSTAT$ac_delim PROG_UPTIME!$PROG_UPTIME$ac_delim PROG_IPCS!$PROG_IPCS$ac_delim PROG_TAIL!$PROG_TAIL$ac_delim -INSTALL_SSH_PRNG_CMDS!$INSTALL_SSH_PRNG_CMDS$ac_delim _ACEOF if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then @@ -30297,6 +30423,7 @@ _ACEOF ac_delim='%!_!# ' for ac_last_try in false false false false false :; do cat >conf$$subs.sed <<_ACEOF +INSTALL_SSH_PRNG_CMDS!$INSTALL_SSH_PRNG_CMDS$ac_delim KRB5CONF!$KRB5CONF$ac_delim PRIVSEP_PATH!$PRIVSEP_PATH$ac_delim xauth_path!$xauth_path$ac_delim @@ -30312,7 +30439,7 @@ LIBOBJS!$LIBOBJS$ac_delim LTLIBOBJS!$LTLIBOBJS$ac_delim _ACEOF - if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 13; then + if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 14; then break elif $ac_last_try; then { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5 Modified: vendor-crypto/openssh/dist/configure.ac ============================================================================== --- vendor-crypto/openssh/dist/configure.ac Wed Apr 28 07:57:37 2010 (r207310) +++ vendor-crypto/openssh/dist/configure.ac Wed Apr 28 08:37:00 2010 (r207311) @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.444 2010/03/05 04:04:35 djm Exp $ +# $Id: configure.ac,v 1.449 2010/04/10 12:58:01 dtucker Exp $ # # Copyright (c) 1999-2004 Damien Miller # @@ -15,7 +15,7 @@ # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) -AC_REVISION($Revision: 1.444 $) +AC_REVISION($Revision: 1.449 $) AC_CONFIG_SRCDIR([ssh.c]) AC_CONFIG_HEADER(config.h) @@ -488,6 +488,12 @@ main() { if (NSVersionOfRunTimeLibrary(" *-*-dragonfly*) SSHDLIBS="$SSHDLIBS -lcrypt" ;; +*-*-haiku*) + LIBS="$LIBS -lbsd " + AC_CHECK_LIB(network, socket) + AC_DEFINE(HAVE_U_INT64_T) + MANTYPE=man + ;; *-*-hpux*) # first we define all of the options common to all HP-UX releases CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" @@ -1248,7 +1254,18 @@ LIBEDIT_MSG="no" AC_ARG_WITH(libedit, [ --with-libedit[[=PATH]] Enable libedit support for sftp], [ if test "x$withval" != "xno" ; then - if test "x$withval" != "xyes"; then + if test "x$withval" = "xyes" ; then + AC_PATH_PROG(PKGCONFIG, pkg-config, no) + if test "x$PKGCONFIG" != "xno"; then + AC_MSG_CHECKING(if $PKGCONFIG knows about libedit) + if "$PKGCONFIG" libedit; then + AC_MSG_RESULT(yes) + use_pkgconfig_for_libedit=yes + else + AC_MSG_RESULT(no) + fi + fi + else CPPFLAGS="$CPPFLAGS -I${withval}/include" if test -n "${need_dash_r}"; then LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" @@ -1256,14 +1273,20 @@ AC_ARG_WITH(libedit, LDFLAGS="-L${withval}/lib ${LDFLAGS}" fi fi + if test "x$use_pkgconfig_for_libedit" == "xyes"; then + LIBEDIT=`$PKGCONFIG --libs-only-l libedit` + CPPFLAGS="$CPPFLAGS `$PKGCONFIG --cflags libedit`" + else + LIBEDIT="-ledit -lcurses" + fi + OTHERLIBS=`echo $LIBEDIT | sed 's/-ledit//'` AC_CHECK_LIB(edit, el_init, [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp]) - LIBEDIT="-ledit -lcurses" LIBEDIT_MSG="yes" AC_SUBST(LIBEDIT) ], [ AC_MSG_ERROR(libedit not found) ], - [ -lcurses ] + [ $OTHERLIBS ] ) AC_MSG_CHECKING(if libedit version is compatible) AC_COMPILE_IFELSE( @@ -1534,8 +1557,8 @@ dnl Checks for utmp functions AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent) AC_CHECK_FUNCS(utmpname) dnl Checks for utmpx functions -AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline ) -AC_CHECK_FUNCS(setutxent utmpxname) +AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline getutxuser pututxline) +AC_CHECK_FUNCS(setutxdb setutxent utmpxname) dnl Checks for lastlog functions AC_CHECK_FUNCS(getlastlogxbyname) @@ -4064,34 +4087,6 @@ if test -n "$conf_wtmp_location"; then fi -dnl utmpx detection - I don't know any system so perverse as to require -dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out -dnl there, though. -AC_MSG_CHECKING([if your system defines UTMPX_FILE]) -AC_TRY_COMPILE([ -#include -#include -#ifdef HAVE_UTMPX_H -#include -#endif -#ifdef HAVE_PATHS_H -# include -#endif - ], - [ char *utmpx = UTMPX_FILE; ], - [ AC_MSG_RESULT(yes) ], - [ AC_MSG_RESULT(no) - system_utmpx_path=no ] -) -if test -z "$conf_utmpx_location"; then - if test x"$system_utmpx_path" = x"no" ; then - AC_DEFINE(DISABLE_UTMPX) - fi -else - AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location", - [Define if you want to specify the path to your utmpx file]) -fi - dnl wtmpx detection AC_MSG_CHECKING([if your system defines WTMPX_FILE]) AC_TRY_COMPILE([ @@ -4128,12 +4123,13 @@ dnl Adding -Werror to CFLAGS early preve dnl Add now. CFLAGS="$CFLAGS $werror_flags" -if grep "#define BROKEN_GETADDRINFO 1" confdefs.h >/dev/null || \ - test "x$ac_cv_func_getaddrinfo" != "xyes" ; then - AC_SUBST(TEST_SSH_IPV6, no) +if test "x$ac_cv_func_getaddrinfo" != "xyes" ; then + TEST_SSH_IPV6=no else - AC_SUBST(TEST_SSH_IPV6, yes) + TEST_SSH_IPV6=yes fi +AC_CHECK_DECL(BROKEN_GETADDRINFO, TEST_SSH_IPV6=no) +AC_SUBST(TEST_SSH_IPV6, $TEST_SSH_IPV6) AC_EXEEXT AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \ Modified: vendor-crypto/openssh/dist/contrib/Makefile ============================================================================== --- vendor-crypto/openssh/dist/contrib/Makefile Wed Apr 28 07:57:37 2010 (r207310) +++ vendor-crypto/openssh/dist/contrib/Makefile Wed Apr 28 08:37:00 2010 (r207311) @@ -9,7 +9,7 @@ gnome-ssh-askpass1: gnome-ssh-askpass1.c gnome-ssh-askpass2: gnome-ssh-askpass2.c $(CC) `pkg-config --cflags gtk+-2.0` \ gnome-ssh-askpass2.c -o gnome-ssh-askpass2 \ - `pkg-config --libs gtk+-2.0` + `pkg-config --libs gtk+-2.0 x11` clean: rm -f *.o gnome-ssh-askpass1 gnome-ssh-askpass2 gnome-ssh-askpass Modified: vendor-crypto/openssh/dist/contrib/caldera/openssh.spec ============================================================================== --- vendor-crypto/openssh/dist/contrib/caldera/openssh.spec Wed Apr 28 07:57:37 2010 (r207310) +++ vendor-crypto/openssh/dist/contrib/caldera/openssh.spec Wed Apr 28 08:37:00 2010 (r207311) @@ -17,11 +17,11 @@ #old cvs stuff. please update before use. may be deprecated. %define use_stable 1 %if %{use_stable} - %define version 5.4p1 + %define version 5.5p1 %define cvs %{nil} %define release 1 %else - %define version 5.4p1 + %define version 5.5p1 %define cvs cvs20050315 %define release 0r1 %endif @@ -360,4 +360,4 @@ fi * Mon Jan 01 1998 ... Template Version: 1.31 -$Id: openssh.spec,v 1.69 2010/03/07 22:41:03 djm Exp $ +$Id: openssh.spec,v 1.70 2010/03/21 19:11:58 djm Exp $ Modified: vendor-crypto/openssh/dist/contrib/cygwin/Makefile ============================================================================== --- vendor-crypto/openssh/dist/contrib/cygwin/Makefile Wed Apr 28 07:57:37 2010 (r207310) +++ vendor-crypto/openssh/dist/contrib/cygwin/Makefile Wed Apr 28 08:37:00 2010 (r207311) @@ -42,11 +42,13 @@ install-sshdoc: $(INSTALL) -m 644 $(srcdir)/OVERVIEW $(DESTDIR)$(sshdocdir)/OVERVIEW $(INSTALL) -m 644 $(srcdir)/PROTOCOL $(DESTDIR)$(sshdocdir)/PROTOCOL $(INSTALL) -m 644 $(srcdir)/PROTOCOL.agent $(DESTDIR)$(sshdocdir)/PROTOCOL.agent + $(INSTALL) -m 644 $(srcdir)/PROTOCOL.certkeys $(DESTDIR)$(sshdocdir)/PROTOCOL.certkeys + $(INSTALL) -m 644 $(srcdir)/PROTOCOL.mux $(DESTDIR)$(sshdocdir)/PROTOCOL.mux $(INSTALL) -m 644 $(srcdir)/README $(DESTDIR)$(sshdocdir)/README $(INSTALL) -m 644 $(srcdir)/README.dns $(DESTDIR)$(sshdocdir)/README.dns $(INSTALL) -m 644 $(srcdir)/README.platform $(DESTDIR)$(sshdocdir)/README.platform $(INSTALL) -m 644 $(srcdir)/README.privsep $(DESTDIR)$(sshdocdir)/README.privsep - $(INSTALL) -m 644 $(srcdir)/README.smartcard $(DESTDIR)$(sshdocdir)/README.smartcard + $(INSTALL) -m 644 $(srcdir)/README.tun $(DESTDIR)$(sshdocdir)/README.tun $(INSTALL) -m 644 $(srcdir)/TODO $(DESTDIR)$(sshdocdir)/TODO $(INSTALL) -m 644 $(srcdir)/WARNING.RNG $(DESTDIR)$(sshdocdir)/WARNING.RNG Modified: vendor-crypto/openssh/dist/contrib/cygwin/ssh-host-config ============================================================================== --- vendor-crypto/openssh/dist/contrib/cygwin/ssh-host-config Wed Apr 28 07:57:37 2010 (r207310) +++ vendor-crypto/openssh/dist/contrib/cygwin/ssh-host-config Wed Apr 28 08:37:00 2010 (r207311) @@ -90,7 +90,7 @@ update_services_file() { fi _serv_tmp="${_my_etcdir}/srv.out.$$" - mount -o text -f "${_win_etcdir}" "${_my_etcdir}" + mount -o text,posix=0,noacl -f "${_win_etcdir}" "${_my_etcdir}" # Depends on the above mount _wservices=`cygpath -w "${_services}"` Modified: vendor-crypto/openssh/dist/contrib/redhat/openssh.spec ============================================================================== --- vendor-crypto/openssh/dist/contrib/redhat/openssh.spec Wed Apr 28 07:57:37 2010 (r207310) +++ vendor-crypto/openssh/dist/contrib/redhat/openssh.spec Wed Apr 28 08:37:00 2010 (r207311) @@ -1,4 +1,4 @@ -%define ver 5.4p1 +%define ver 5.5p1 %define rel 1 # OpenSSH privilege separation requires a user & group ID Modified: vendor-crypto/openssh/dist/contrib/ssh-copy-id ============================================================================== --- vendor-crypto/openssh/dist/contrib/ssh-copy-id Wed Apr 28 07:57:37 2010 (r207310) +++ vendor-crypto/openssh/dist/contrib/ssh-copy-id Wed Apr 28 08:37:00 2010 (r207311) @@ -19,7 +19,7 @@ if [ "-i" = "$1" ]; then shift # and this should leave $1 as the target name fi else - if [ x$SSH_AUTH_SOCK != x ] ; then + if [ x$SSH_AUTH_SOCK != x ] && ssh-add -L >/dev/null 2>&1; then GET_ID="$GET_ID ssh-add -L" fi fi Modified: vendor-crypto/openssh/dist/contrib/suse/openssh.spec ============================================================================== --- vendor-crypto/openssh/dist/contrib/suse/openssh.spec Wed Apr 28 07:57:37 2010 (r207310) +++ vendor-crypto/openssh/dist/contrib/suse/openssh.spec Wed Apr 28 08:37:00 2010 (r207311) @@ -13,7 +13,7 @@ Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation Name: openssh *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-src-vendor@FreeBSD.ORG Wed Apr 28 08:39:12 2010 Return-Path: Delivered-To: svn-src-vendor@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8BB171065670; Wed, 28 Apr 2010 08:39:12 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 7691E8FC12; Wed, 28 Apr 2010 08:39:12 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id o3S8dCZE075574; Wed, 28 Apr 2010 08:39:12 GMT (envelope-from des@svn.freebsd.org) Received: (from des@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id o3S8dCLr075571; Wed, 28 Apr 2010 08:39:12 GMT (envelope-from des@svn.freebsd.org) Message-Id: <201004280839.o3S8dCLr075571@svn.freebsd.org> From: Dag-Erling Smorgrav Date: Wed, 28 Apr 2010 08:39:12 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org X-SVN-Group: vendor-crypto MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r207312 - in vendor-crypto/openssh/5.5p1: . contrib contrib/caldera contrib/cygwin contrib/redhat contrib/suse openbsd-compat X-BeenThere: svn-src-vendor@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the vendor work area tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2010 08:39:12 -0000 Author: des Date: Wed Apr 28 08:39:12 2010 New Revision: 207312 URL: http://svn.freebsd.org/changeset/base/207312 Log: Tag OpenSSH 5.5p1 Added: vendor-crypto/openssh/5.5p1/ - copied from r207310, vendor-crypto/openssh/dist/ Replaced: vendor-crypto/openssh/5.5p1/ChangeLog - copied unchanged from r207311, vendor-crypto/openssh/dist/ChangeLog vendor-crypto/openssh/5.5p1/Makefile.in - copied unchanged from r207311, vendor-crypto/openssh/dist/Makefile.in vendor-crypto/openssh/5.5p1/README - copied unchanged from r207311, vendor-crypto/openssh/dist/README vendor-crypto/openssh/5.5p1/auth-options.c - copied unchanged from r207311, vendor-crypto/openssh/dist/auth-options.c vendor-crypto/openssh/5.5p1/auth2-pubkey.c - copied unchanged from r207311, vendor-crypto/openssh/dist/auth2-pubkey.c vendor-crypto/openssh/5.5p1/channels.c - copied unchanged from r207311, vendor-crypto/openssh/dist/channels.c vendor-crypto/openssh/5.5p1/clientloop.c - copied unchanged from r207311, vendor-crypto/openssh/dist/clientloop.c vendor-crypto/openssh/5.5p1/config.h.in - copied unchanged from r207311, vendor-crypto/openssh/dist/config.h.in vendor-crypto/openssh/5.5p1/configure - copied unchanged from r207311, vendor-crypto/openssh/dist/configure vendor-crypto/openssh/5.5p1/configure.ac - copied unchanged from r207311, vendor-crypto/openssh/dist/configure.ac vendor-crypto/openssh/5.5p1/contrib/Makefile - copied unchanged from r207311, vendor-crypto/openssh/dist/contrib/Makefile vendor-crypto/openssh/5.5p1/contrib/caldera/openssh.spec - copied unchanged from r207311, vendor-crypto/openssh/dist/contrib/caldera/openssh.spec vendor-crypto/openssh/5.5p1/contrib/cygwin/Makefile - copied unchanged from r207311, vendor-crypto/openssh/dist/contrib/cygwin/Makefile vendor-crypto/openssh/5.5p1/contrib/cygwin/ssh-host-config - copied unchanged from r207311, vendor-crypto/openssh/dist/contrib/cygwin/ssh-host-config vendor-crypto/openssh/5.5p1/contrib/redhat/openssh.spec - copied unchanged from r207311, vendor-crypto/openssh/dist/contrib/redhat/openssh.spec vendor-crypto/openssh/5.5p1/contrib/ssh-copy-id - copied unchanged from r207311, vendor-crypto/openssh/dist/contrib/ssh-copy-id vendor-crypto/openssh/5.5p1/contrib/suse/openssh.spec - copied unchanged from r207311, vendor-crypto/openssh/dist/contrib/suse/openssh.spec vendor-crypto/openssh/5.5p1/defines.h - copied unchanged from r207311, vendor-crypto/openssh/dist/defines.h vendor-crypto/openssh/5.5p1/key.c - copied unchanged from r207311, vendor-crypto/openssh/dist/key.c vendor-crypto/openssh/5.5p1/key.h - copied unchanged from r207311, vendor-crypto/openssh/dist/key.h vendor-crypto/openssh/5.5p1/loginrec.c - copied unchanged from r207311, vendor-crypto/openssh/dist/loginrec.c vendor-crypto/openssh/5.5p1/logintest.c - copied unchanged from r207311, vendor-crypto/openssh/dist/logintest.c vendor-crypto/openssh/5.5p1/moduli.0 - copied unchanged from r207311, vendor-crypto/openssh/dist/moduli.0 vendor-crypto/openssh/5.5p1/openbsd-compat/bsd-arc4random.c - copied unchanged from r207311, vendor-crypto/openssh/dist/openbsd-compat/bsd-arc4random.c vendor-crypto/openssh/5.5p1/scp.0 - copied unchanged from r207311, vendor-crypto/openssh/dist/scp.0 vendor-crypto/openssh/5.5p1/servconf.c - copied unchanged from r207311, vendor-crypto/openssh/dist/servconf.c vendor-crypto/openssh/5.5p1/session.c - copied unchanged from r207311, vendor-crypto/openssh/dist/session.c vendor-crypto/openssh/5.5p1/sftp-server.0 - copied unchanged from r207311, vendor-crypto/openssh/dist/sftp-server.0 vendor-crypto/openssh/5.5p1/sftp.0 - copied unchanged from r207311, vendor-crypto/openssh/dist/sftp.0 vendor-crypto/openssh/5.5p1/ssh-add.0 - copied unchanged from r207311, vendor-crypto/openssh/dist/ssh-add.0 vendor-crypto/openssh/5.5p1/ssh-agent.0 - copied unchanged from r207311, vendor-crypto/openssh/dist/ssh-agent.0 vendor-crypto/openssh/5.5p1/ssh-keygen.0 - copied unchanged from r207311, vendor-crypto/openssh/dist/ssh-keygen.0 vendor-crypto/openssh/5.5p1/ssh-keygen.1 - copied unchanged from r207311, vendor-crypto/openssh/dist/ssh-keygen.1 vendor-crypto/openssh/5.5p1/ssh-keygen.c - copied unchanged from r207311, vendor-crypto/openssh/dist/ssh-keygen.c vendor-crypto/openssh/5.5p1/ssh-keyscan.0 - copied unchanged from r207311, vendor-crypto/openssh/dist/ssh-keyscan.0 vendor-crypto/openssh/5.5p1/ssh-keysign.0 - copied unchanged from r207311, vendor-crypto/openssh/dist/ssh-keysign.0 vendor-crypto/openssh/5.5p1/ssh-pkcs11-helper.0 - copied unchanged from r207311, vendor-crypto/openssh/dist/ssh-pkcs11-helper.0 vendor-crypto/openssh/5.5p1/ssh-pkcs11-helper.c - copied unchanged from r207311, vendor-crypto/openssh/dist/ssh-pkcs11-helper.c vendor-crypto/openssh/5.5p1/ssh-rand-helper.0 - copied unchanged from r207311, vendor-crypto/openssh/dist/ssh-rand-helper.0 vendor-crypto/openssh/5.5p1/ssh.0 - copied unchanged from r207311, vendor-crypto/openssh/dist/ssh.0 vendor-crypto/openssh/5.5p1/ssh.1 - copied unchanged from r207311, vendor-crypto/openssh/dist/ssh.1 vendor-crypto/openssh/5.5p1/ssh_config.0 - copied unchanged from r207311, vendor-crypto/openssh/dist/ssh_config.0 vendor-crypto/openssh/5.5p1/ssh_config.5 - copied unchanged from r207311, vendor-crypto/openssh/dist/ssh_config.5 vendor-crypto/openssh/5.5p1/sshd.0 - copied unchanged from r207311, vendor-crypto/openssh/dist/sshd.0 vendor-crypto/openssh/5.5p1/sshd_config.0 - copied unchanged from r207311, vendor-crypto/openssh/dist/sshd_config.0 vendor-crypto/openssh/5.5p1/version.h - copied unchanged from r207311, vendor-crypto/openssh/dist/version.h Copied: vendor-crypto/openssh/5.5p1/ChangeLog (from r207311, vendor-crypto/openssh/dist/ChangeLog) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ vendor-crypto/openssh/5.5p1/ChangeLog Wed Apr 28 08:39:12 2010 (r207312, copy of r207311, vendor-crypto/openssh/dist/ChangeLog) @@ -0,0 +1,2743 @@ +20100410 + - (dtucker) [configure.ac] Put the check for the existence of getaddrinfo + back so we disable the IPv6 tests if we don't have it. + +20100409 + - (dtucker) [contrib/cygwin/Makefile] Don't overwrite files with the wrong + ones. Based on a patch from Roumen Petrov. + - (dtucker) [configure.ac] Bug #1744: use pkg-config for libedit flags if we + have it and the path is not provided to --with-libedit. Based on a patch + from Iain Morgan. + - (dtucker) [configure.ac defines.h loginrec.c logintest.c] Bug #1732: enable + utmpx support on FreeBSD where possible. Patch from Ed Schouten, ok djm@ + +20100326 + - (djm) [openbsd-compat/bsd-arc4random.c] Fix preprocessor detection + for arc4random_buf() and arc4random_uniform(); from Josh Gilkerson + - (dtucker) [configure.ac] Bug #1741: Add section for Haiku, patch originally + by Ingo Weinhold via Scott McCreary, ok djm@ + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2010/03/25 23:38:28 + [servconf.c] + from portable: getcwd(NULL, 0) doesn't work on all platforms, so + use a stack buffer; ok dtucker@ + - djm@cvs.openbsd.org 2010/03/26 00:26:58 + [ssh.1] + mention that -S none disables connection sharing; from Colin Watson + - (djm) [session.c] Allow ChrootDirectory to work on SELinux platforms - + set up SELinux execution context before chroot() call. From Russell + Coker via Colin watson; bz#1726 ok dtucker@ + - (djm) [channels.c] Check for EPFNOSUPPORT as a socket() errno; bz#1721 + ok dtucker@ + - (dtucker) Bug #1725: explicitly link libX11 into gnome-ssh-askpass2 using + pkg-config, patch from Colin Watson. Needed for newer linkers (ie gold). + - (djm) [contrib/ssh-copy-id] Don't blow up when the agent has no keys; + bz#1723 patch from Adeodato Simóvia Colin Watson; ok dtucker@ + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2010/03/26 01:06:13 + [ssh_config.5] + Reformat default value of PreferredAuthentications entry (current + formatting implies ", " is acceptable as a separator, which it's not. + ok djm@ + +20100324 + - (dtucker) [contrib/cygwin/ssh-host-config] Mount the Windows directory + containing the services file explicitely case-insensitive. This allows to + tweak the Windows services file reliably. Patch from vinschen at redhat. + +20100321 + - (djm) OpenBSD CVS Sync + - jmc@cvs.openbsd.org 2010/03/08 09:41:27 + [ssh-keygen.1] + sort the list of constraints (to -O); ok djm + - jmc@cvs.openbsd.org 2010/03/10 07:40:35 + [ssh-keygen.1] + typos; from Ross Richardson + closes prs 6334 and 6335 + - djm@cvs.openbsd.org 2010/03/10 23:27:17 + [auth2-pubkey.c] + correct certificate logging and make it more consistent between + authorized_keys and TrustedCAKeys; ok markus@ + - djm@cvs.openbsd.org 2010/03/12 01:06:25 + [servconf.c] + unbreak AuthorizedKeys option with a $HOME-relative path; reported by + vinschen AT redhat.com, ok dtucker@ + - markus@cvs.openbsd.org 2010/03/12 11:37:40 + [servconf.c] + do not prepend AuthorizedKeysFile with getcwd(), unbreaks relative paths + free() (not xfree()) the buffer returned by getcwd() + - djm@cvs.openbsd.org 2010/03/13 21:10:38 + [clientloop.c] + protocol conformance fix: send language tag when disconnecting normally; + spotted by 1.41421 AT gmail.com, ok markus@ deraadt@ + - djm@cvs.openbsd.org 2010/03/13 21:45:46 + [ssh-keygen.1] + Certificates are named *-cert.pub, not *_cert.pub; committing a diff + from stevesk@ ok me + - jmc@cvs.openbsd.org 2010/03/13 23:38:13 + [ssh-keygen.1] + fix a formatting error (args need quoted); noted by stevesk + - stevesk@cvs.openbsd.org 2010/03/15 19:40:02 + [key.c key.h ssh-keygen.c] + also print certificate type (user or host) for ssh-keygen -L + ok djm kettenis + - stevesk@cvs.openbsd.org 2010/03/16 15:46:52 + [auth-options.c] + spelling in error message. ok djm kettenis + - djm@cvs.openbsd.org 2010/03/16 16:36:49 + [version.h] + crank version to openssh-5.5 since we have a few fixes since 5.4; + requested deraadt@ kettenis@ + - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + [contrib/suse/openssh.spec] Crank version numbers + +20100314 + - (djm) [ssh-pkcs11-helper.c] Move #ifdef to after #defines to fix + compilation failure when !HAVE_DLOPEN. Reported by felix-mindrot + AT fefe.de + - (djm) [Makefile.in] Respecify -lssh after -lopenbsd-compat for + ssh-pkcs11-helper to repair static builds (we do the same for + ssh-keyscan). Reported by felix-mindrot AT fefe.de + +20100312 + - (tim) [Makefile.in] Now that scard is gone, no need to make $(datadir) + - (tim) [Makefile.in] Add missing $(EXEEXT) to install targets. + Patch from Corinna Vinschen. + - (tim) [contrib/cygwin/Makefile] Fix list of documentation files to install + on a Cygwin installation. Patch from Corinna Vinschen. + +20100311 + - (tim) [contrib/suse/openssh.spec] crank version number here too. + report by imorgan AT nas.nasa.gov + +20100309 + - (dtucker) [configure.ac] Use a proper AC_CHECK_DECL for BROKEN_GETADDRINFO + so setting it in CFLAGS correctly skips IPv6 tests. + +20100308 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2010/03/07 22:16:01 + [ssh-keygen.c] + make internal strptime string match strftime format; + suggested by vinschen AT redhat.com and markus@ + - djm@cvs.openbsd.org 2010/03/08 00:28:55 + [ssh-keygen.1] + document permit-agent-forwarding certificate constraint; patch from + stevesk@ + - djm@cvs.openbsd.org 2010/03/07 22:01:32 + [version.h] + openssh-5.4 + - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + crank version numbers + - (djm) Release OpenSSH-5.4p1 + +20100307 + - (dtucker) [auth.c] Bug #1710: call setauthdb on AIX before getpwuid so that + it gets the passwd struct from the LAM that knows about the user which is + not necessarily the default. Patch from Alexandre Letourneau. + - (dtucker) [session.c] Bug #1567: move setpcred call to before chroot and + do not set real uid, since that's needed for the chroot, and will be set + by permanently_set_uid. + - (dtucker) [session.c] Also initialize creds to NULL for handing to + setpcred. + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2010/03/07 11:57:13 + [auth-rhosts.c monitor.c monitor_wrap.c session.c auth-options.c sshd.c] + Hold authentication debug messages until after successful authentication. + Fixes an info leak of environment variables specified in authorized_keys, + reported by Jacob Appelbaum. ok djm@ + +20100305 + - OpenBSD CVS Sync + - jmc@cvs.openbsd.org 2010/03/04 12:51:25 + [ssh.1 sshd_config.5] + tweak previous; + - djm@cvs.openbsd.org 2010/03/04 20:35:08 + [ssh-keygen.1 ssh-keygen.c] + Add a -L flag to print the contents of a certificate; ok markus@ + - jmc@cvs.openbsd.org 2010/03/04 22:52:40 + [ssh-keygen.1] + fix Bk/Ek; + - djm@cvs.openbsd.org 2010/03/04 23:17:25 + [sshd_config.5] + missing word; spotted by jmc@ + - djm@cvs.openbsd.org 2010/03/04 23:19:29 + [ssh.1 sshd.8] + move section on CA and revoked keys from ssh.1 to sshd.8's known hosts + format section and rework it a bit; requested by jmc@ + - djm@cvs.openbsd.org 2010/03/04 23:27:25 + [auth-options.c ssh-keygen.c] + "force-command" is not spelled "forced-command"; spotted by + imorgan AT nas.nasa.gov + - djm@cvs.openbsd.org 2010/03/05 02:58:11 + [auth.c] + make the warning for a revoked key louder and more noticable + - jmc@cvs.openbsd.org 2010/03/05 06:50:35 + [ssh.1 sshd.8] + tweak previous; + - jmc@cvs.openbsd.org 2010/03/05 08:31:20 + [ssh.1] + document certificate authentication; help/ok djm + - djm@cvs.openbsd.org 2010/03/05 10:28:21 + [ssh-add.1 ssh.1 ssh_config.5] + mention loading of certificate files from [private]-cert.pub when + they are present; feedback and ok jmc@ + - (tim) [ssh-pkcs11.c] Fix "non-constant initializer" errors in older + compilers. OK djm@ + - (djm) [ssh-rand-helper.c] declare optind, avoiding compilation failure + on some platforms + - (djm) [configure.ac] set -fno-strict-aliasing for gcc4; ok dtucker@ + +20100304 + - (djm) [ssh-keygen.c] Use correct local variable, instead of + maybe-undefined global "optarg" + - (djm) [contrib/redhat/openssh.spec] Replace obsolete BuildPreReq + on XFree86-devel with neutral /usr/include/X11/Xlib.h; + imorgan AT nas.nasa.gov in bz#1731 + - (djm) [.cvsignore] Ignore ssh-pkcs11-helper + - (djm) [regress/Makefile] Cleanup sshd_proxy_orig + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2010/03/03 01:44:36 + [auth-options.c key.c] + reject strings with embedded ASCII nul chars in certificate key IDs, + principal names and constraints + - djm@cvs.openbsd.org 2010/03/03 22:49:50 + [sshd.8] + the authorized_keys option for CA keys is "cert-authority", not + "from=cert-authority". spotted by imorgan AT nas.nasa.gov + - djm@cvs.openbsd.org 2010/03/03 22:50:40 + [PROTOCOL.certkeys] + s/similar same/similar/; from imorgan AT nas.nasa.gov + - djm@cvs.openbsd.org 2010/03/04 01:44:57 + [key.c] + use buffer_get_string_ptr_ret() where we are checking the return + value explicitly instead of the fatal()-causing buffer_get_string_ptr() + - djm@cvs.openbsd.org 2010/03/04 10:36:03 + [auth-rh-rsa.c auth-rsa.c auth.c auth.h auth2-hostbased.c auth2-pubkey.c] + [authfile.c authfile.h hostfile.c hostfile.h servconf.c servconf.h] + [ssh-keygen.c ssh.1 sshconnect.c sshd_config.5] + Add a TrustedUserCAKeys option to sshd_config to specify CA keys that + are trusted to authenticate users (in addition than doing it per-user + in authorized_keys). + + Add a RevokedKeys option to sshd_config and a @revoked marker to + known_hosts to allow keys to me revoked and banned for user or host + authentication. + + feedback and ok markus@ + - djm@cvs.openbsd.org 2010/03/03 00:47:23 + [regress/cert-hostkey.sh regress/cert-userkey.sh] + add an extra test to ensure that authentication with the wrong + certificate fails as it should (and it does) + - djm@cvs.openbsd.org 2010/03/04 10:38:23 + [regress/cert-hostkey.sh regress/cert-userkey.sh] + additional regression tests for revoked keys and TrustedUserCAKeys + +20100303 + - (djm) [PROTOCOL.certkeys] Add RCS Ident + - OpenBSD CVS Sync + - jmc@cvs.openbsd.org 2010/02/26 22:09:28 + [ssh-keygen.1 ssh.1 sshd.8] + tweak previous; + - otto@cvs.openbsd.org 2010/03/01 11:07:06 + [ssh-add.c] + zap what seems to be a left-over debug message; ok markus@ + - djm@cvs.openbsd.org 2010/03/02 23:20:57 + [ssh-keygen.c] + POSIX strptime is stricter than OpenBSD's so do a little dance to + appease it. + - (djm) [regress/cert-userkey.sh] s/echo -n/echon/ here too + +20100302 + - (tim) [config.guess config.sub] Bug 1722: Update to latest versions from + http://git.savannah.gnu.org/gitweb/ (2009-12-30 and 2010-01-22 + respectively). + +20100301 + - (dtucker) [regress/{cert-hostkey,cfgmatch,cipher-speed}.sh} Replace + "echo -n" with "echon" for portability. + - (dtucker) [openbsd-compat/port-linux.c] Make failure to write to the OOM + adjust log at verbose only, since according to cjwatson in bug #1470 + some virtualization platforms don't allow writes. + +20100228 + - (djm) [auth.c] On Cygwin, refuse usernames that have differences in + case from that matched in the system password database. On this + platform, passwords are stored case-insensitively, but sshd requires + exact case matching for Match blocks in sshd_config(5). Based on + a patch from vinschen AT redhat.com. + - (tim) [ssh-pkcs11-helper.c] Move declarations before calling functions + to make older compilers (gcc 2.95) happy. + +20100227 + - (djm) [ssh-pkcs11-helper.c ] Ensure RNG is initialised and seeded + - (djm) [openbsd-compat/bsd-cygwin_util.c] Reduce the set of environment + variables copied into sshd child processes. From vinschen AT redhat.com + +20100226 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2010/02/26 20:29:54 + [PROTOCOL PROTOCOL.agent PROTOCOL.certkeys addrmatch.c auth-options.c] + [auth-options.h auth.h auth2-pubkey.c authfd.c dns.c dns.h hostfile.c] + [hostfile.h kex.h kexdhs.c kexgexs.c key.c key.h match.h monitor.c] + [myproposal.h servconf.c servconf.h ssh-add.c ssh-agent.c ssh-dss.c] + [ssh-keygen.1 ssh-keygen.c ssh-rsa.c ssh.1 ssh.c ssh2.h sshconnect.c] + [sshconnect2.c sshd.8 sshd.c sshd_config.5] + Add support for certificate key types for users and hosts. + + OpenSSH certificate key types are not X.509 certificates, but a much + simpler format that encodes a public key, identity information and + some validity constraints and signs it with a CA key. CA keys are + regular SSH keys. This certificate style avoids the attack surface + of X.509 certificates and is very easy to deploy. + + Certified host keys allow automatic acceptance of new host keys + when a CA certificate is marked as trusted in ~/.ssh/known_hosts. + see VERIFYING HOST KEYS in ssh(1) for details. + + Certified user keys allow authentication of users when the signing + CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS + FILE FORMAT" in sshd(8) for details. + + Certificates are minted using ssh-keygen(1), documentation is in + the "CERTIFICATES" section of that manpage. + + Documentation on the format of certificates is in the file + PROTOCOL.certkeys + + feedback and ok markus@ + - djm@cvs.openbsd.org 2010/02/26 20:33:21 + [Makefile regress/cert-hostkey.sh regress/cert-userkey.sh] + regression tests for certified keys + +20100224 + - (djm) [pkcs11.h ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c] + [ssh-pkcs11.h] Add $OpenBSD$ RCS idents so we can sync portable + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2010/02/11 20:37:47 + [pathnames.h] + correct comment + - dtucker@cvs.openbsd.org 2009/11/09 04:20:04 + [regress/Makefile] + add regression test for ssh-keygen pubkey conversions + - dtucker@cvs.openbsd.org 2010/01/11 02:53:44 + [regress/forwarding.sh] + regress test for stdio forwarding + - djm@cvs.openbsd.org 2010/02/09 04:57:36 + [regress/addrmatch.sh] + clean up droppings + - djm@cvs.openbsd.org 2010/02/09 06:29:02 + [regress/Makefile] + turn on all the malloc(3) checking options when running regression + tests. this has caught a few bugs for me in the past; ok dtucker@ + - djm@cvs.openbsd.org 2010/02/24 06:21:56 + [regress/test-exec.sh] + wait for sshd to fully stop in cleanup() function; avoids races in tests + that do multiple start_sshd/cleanup cycles; "I hate pidfiles" deraadt@ + - markus@cvs.openbsd.org 2010/02/08 10:52:47 + [regress/agent-pkcs11.sh] + test for PKCS#11 support (currently disabled) + - (djm) [Makefile.in ssh-pkcs11-helper.8] Add manpage for PKCS#11 helper + - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + [contrib/suse/openssh.spec] Add PKCS#11 helper binary and manpage + +20100212 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2010/02/02 22:49:34 + [bufaux.c] + make buffer_get_string_ret() really non-fatal in all cases (it was + using buffer_get_int(), which could fatal() on buffer empty); + ok markus dtucker + - markus@cvs.openbsd.org 2010/02/08 10:50:20 + [pathnames.h readconf.c readconf.h scp.1 sftp.1 ssh-add.1 ssh-add.c] + [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config.5] + replace our obsolete smartcard code with PKCS#11. + ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf + ssh(1) and ssh-keygen(1) use dlopen(3) directly to talk to a PKCS#11 + provider (shared library) while ssh-agent(1) delegates PKCS#11 to + a forked a ssh-pkcs11-helper process. + PKCS#11 is currently a compile time option. + feedback and ok djm@; inspired by patches from Alon Bar-Lev + - jmc@cvs.openbsd.org 2010/02/08 22:03:05 + [ssh-add.1 ssh-keygen.1 ssh.1 ssh.c] + tweak previous; ok markus + - djm@cvs.openbsd.org 2010/02/09 00:50:36 + [ssh-agent.c] + fallout from PKCS#11: unbreak -D + - djm@cvs.openbsd.org 2010/02/09 00:50:59 + [ssh-keygen.c] + fix -Wall + - djm@cvs.openbsd.org 2010/02/09 03:56:28 + [buffer.c buffer.h] + constify the arguments to buffer_len, buffer_ptr and buffer_dump + - djm@cvs.openbsd.org 2010/02/09 06:18:46 + [auth.c] + unbreak ChrootDirectory+internal-sftp by skipping check for executable + shell when chrooting; reported by danh AT wzrd.com; ok dtucker@ + - markus@cvs.openbsd.org 2010/02/10 23:20:38 + [ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5] + pkcs#11 is no longer optional; improve wording; ok jmc@ + - jmc@cvs.openbsd.org 2010/02/11 13:23:29 + [ssh.1] + libarary -> library; + - (djm) [INSTALL Makefile.in README.smartcard configure.ac scard-opensc.c] + [scard.c scard.h pkcs11.h scard/Makefile.in scard/Ssh.bin.uu scard/Ssh.java] + Remove obsolete smartcard support + - (djm) [ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c] + Make it compile on OSX + - (djm) [ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c] + Use ssh_get_progname to fill __progname + - (djm) [configure.ac] Enable PKCS#11 support only when we find a working + dlopen() + +20100210 + - (djm) add -lselinux to LIBS before calling AC_CHECK_FUNCS for + getseuserbyname; patch from calebcase AT gmail.com via + cjwatson AT debian.org + +20100202 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2010/01/30 21:08:33 + [sshd.8] + debug output goes to stderr, not "the system log"; ok markus dtucker + - djm@cvs.openbsd.org 2010/01/30 21:12:08 + [channels.c] + fake local addr:port when stdio fowarding as some servers (Tectia at + least) validate that they are well-formed; + reported by imorgan AT nas.nasa.gov + ok dtucker + +20100130 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2010/01/28 00:21:18 + [clientloop.c] + downgrade an error() to a debug() - this particular case can be hit in + normal operation for certain sequences of mux slave vs session closure + and is harmless + - djm@cvs.openbsd.org 2010/01/29 00:20:41 + [sshd.c] + set FD_CLOEXEC on sock_in/sock_out; bz#1706 from jchadima AT redhat.com + ok dtucker@ + - djm@cvs.openbsd.org 2010/01/29 20:16:17 + [mux.c] + kill correct channel (was killing already-dead mux channel, not + its session channel) + - djm@cvs.openbsd.org 2010/01/30 02:54:53 + [mux.c] + don't mark channel as read failed if it is already closing; suppresses + harmless error messages when connecting to SSH.COM Tectia server + report by imorgan AT nas.nasa.gov + +20100129 + - (dtucker) [openbsd-compat/openssl-compat.c] Bug #1707: Call OPENSSL_config() + after registering the hardware engines, which causes the openssl.cnf file to + be processed. See OpenSSL's man page for OPENSSL_config(3) for details. + Patch from Solomon Peachy, ok djm@. + +20100128 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2010/01/26 02:15:20 + [mux.c] + -Wuninitialized and remove a // comment; from portable + (Id sync only) + - djm@cvs.openbsd.org 2010/01/27 13:26:17 + [mux.c] + fix bug introduced in mux rewrite: + + In a mux master, when a socket to a mux slave closes before its server + session (as may occur when the slave has been signalled), gracefully + close the server session rather than deleting its channel immediately. + A server may have more messages on that channel to send (e.g. an exit + message) that will fatal() the client if they are sent to a channel that + has been prematurely deleted. + + spotted by imorgan AT nas.nasa.gov + - djm@cvs.openbsd.org 2010/01/27 19:21:39 + [sftp.c] + add missing "p" flag to getopt optstring; + bz#1704 from imorgan AT nas.nasa.gov + +20100126 + - (djm) OpenBSD CVS Sync + - tedu@cvs.openbsd.org 2010/01/17 21:49:09 + [ssh-agent.1] + Correct and clarify ssh-add's password asking behavior. + Improved text dtucker and ok jmc + - dtucker@cvs.openbsd.org 2010/01/18 01:50:27 + [roaming_client.c] + s/long long unsigned/unsigned long long/, from tim via portable + (Id sync only, change already in portable) + - djm@cvs.openbsd.org 2010/01/26 01:28:35 + [channels.c channels.h clientloop.c clientloop.h mux.c nchan.c ssh.c] + rewrite ssh(1) multiplexing code to a more sensible protocol. + + The new multiplexing code uses channels for the listener and + accepted control sockets to make the mux master non-blocking, so + no stalls when processing messages from a slave. + + avoid use of fatal() in mux master protocol parsing so an errant slave + process cannot take down a running master. + + implement requesting of port-forwards over multiplexed sessions. Any + port forwards requested by the slave are added to those the master has + established. + + add support for stdio forwarding ("ssh -W host:port ...") in mux slaves. + + document master/slave mux protocol so that other tools can use it to + control a running ssh(1). Note: there are no guarantees that this + protocol won't be incompatibly changed (though it is versioned). + + feedback Salvador Fandino, dtucker@ + channel changes ok markus@ + +20100122 + - (tim) [configure.ac] Due to constraints in Windows Sockets in terms of + socket inheritance, reduce the default SO_RCVBUF/SO_SNDBUF buffer size + in Cygwin to 65535. Patch from Corinna Vinschen. + +20100117 + - (tim) [configure.ac] OpenServer 5 needs BROKEN_GETADDRINFO too. + - (tim) [configure.ac] On SVR5 systems, use the C99-conforming functions + snprintf() and vsnprintf() named _xsnprintf() and _xvsnprintf(). + +20100116 + - (dtucker) [openbsd-compat/pwcache.c] Pull in includes.h and thus defines.h + so we correctly detect whether or not we have a native user_from_uid. + - (dtucker) [openbsd-compat/openbsd-compat.h] Prototypes for user_from_uid + and group_from_gid. + - (dtucker) [openbsd-compat/openbsd-compat.h] Fix prototypes, spotted by + Tim. + - (dtucker) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2010/01/15 09:24:23 + [sftp-common.c] + unused + - (dtucker) [openbsd-compat/pwcache.c] Shrink ifdef area to prevent unused + variable warnings. + - (dtucker) [openbsd-compat/openbsd-compat.h] Typo. + - (tim) [regress/portnum.sh] Shell portability fix. + - (tim) [configure.ac] Define BROKEN_GETADDRINFO on SVR5 systems. The native + getaddrinfo() is too old and limited for addr_pton() in addrmatch.c. + - (tim) [roaming_client.c] Use of is not really portable so we + use "openbsd-compat/sys-queue.h". s/long long unsigned/unsigned long long/ + to keep USL compilers happy. + +20100115 + - (dtucker) OpenBSD CVS Sync + - jmc@cvs.openbsd.org 2010/01/13 12:48:34 + [sftp.1 sftp.c] + sftp.1: put ls -h in the right place + sftp.c: as above, plus add -p to get/put, and shorten their arg names + to keep the help usage nicely aligned + ok djm + - djm@cvs.openbsd.org 2010/01/13 23:47:26 + [auth.c] + when using ChrootDirectory, make sure we test for the existence of the + user's shell inside the chroot; bz #1679, patch from alex AT rtfs.hu; + ok dtucker + - dtucker@cvs.openbsd.org 2010/01/14 23:41:49 + [sftp-common.c] + use user_from{uid,gid} to lookup up ids since it keeps a small cache. + ok djm + - guenther@cvs.openbsd.org 2010/01/15 00:05:22 + [sftp.c] + Reset SIGTERM to SIG_DFL before executing ssh, so that even if sftp + inherited SIGTERM as ignored it will still be able to kill the ssh it + starts. + ok dtucker@ + - (dtucker) [openbsd-compat/pwcache.c] Pull in pwcache.c from OpenBSD (no + changes yet but there will be some to come). + - (dtucker) [configure.ac openbsd-compat/{Makefile.in,pwcache.c} Portability + for pwcache. Also, added caching of negative hits. + +20100114 + - (djm) [platform.h] Add missing prototype for + platform_krb5_get_principal_name + +20100113 + - (dtucker) [monitor_fdpass.c] Wrap poll.h include in ifdefs. + - (dtucker) [openbsd-compat/readpassphrase.c] Resync against OpenBSD's r1.18: + missing restore of SIGTTOU and some whitespace. + - (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.21. + - (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.22. + Fixes bz #1590, where sometimes you could not interrupt a connection while + ssh was prompting for a passphrase or password. + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2010/01/13 00:19:04 + [sshconnect.c auth.c] + Fix a couple of typos/mispellings in comments + - dtucker@cvs.openbsd.org 2010/01/13 01:10:56 + [key.c] + Ignore and log any Protocol 1 keys where the claimed size is not equal to + the actual size. Noted by Derek Martin, ok djm@ + - dtucker@cvs.openbsd.org 2010/01/13 01:20:20 + [canohost.c ssh-keysign.c sshconnect2.c] + Make HostBased authentication work with a ProxyCommand. bz #1569, patch + from imorgan at nas nasa gov, ok djm@ + - djm@cvs.openbsd.org 2010/01/13 01:40:16 + [sftp.c sftp-server.c sftp.1 sftp-common.c sftp-common.h] + support '-h' (human-readable units) for sftp's ls command, just like + ls(1); ok dtucker@ + - djm@cvs.openbsd.org 2010/01/13 03:48:13 + [servconf.c servconf.h sshd.c] + avoid run-time failures when specifying hostkeys via a relative + path by prepending the cwd in these cases; bz#1290; ok dtucker@ + - djm@cvs.openbsd.org 2010/01/13 04:10:50 + [sftp.c] + don't append a space after inserting a completion of a directory (i.e. + a path ending in '/') for a slightly better user experience; ok dtucker@ + - (dtucker) [sftp-common.c] Wrap include of util.h in an ifdef. + - (tim) [defines.h] openbsd-compat/readpassphrase.c now needs _NSIG. + feedback and ok dtucker@ + +20100112 + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2010/01/11 01:39:46 + [ssh_config channels.c ssh.1 channels.h ssh.c] + Add a 'netcat mode' (ssh -W). This connects stdio on the client to a + single port forward on the server. This allows, for example, using ssh as + a ProxyCommand to route connections via intermediate servers. + bz #1618, man page help from jmc@, ok markus@ + - dtucker@cvs.openbsd.org 2010/01/11 04:46:45 + [authfile.c sshconnect2.c] + Do not prompt for a passphrase if we fail to open a keyfile, and log the + reason the open failed to debug. + bz #1693, found by tj AT castaglia org, ok djm@ + - djm@cvs.openbsd.org 2010/01/11 10:51:07 + [ssh-keygen.c] + when converting keys, truncate key comments at 72 chars as per RFC4716; + bz#1630 reported by tj AT castaglia.org; ok markus@ + - dtucker@cvs.openbsd.org 2010/01/12 00:16:47 + [authfile.c] + Fix bug introduced in r1.78 (incorrect brace location) that broke key auth. + Patch from joachim joachimschipper nl. + - djm@cvs.openbsd.org 2010/01/12 00:58:25 + [monitor_fdpass.c] + avoid spinning when fd passing on nonblocking sockets by calling poll() + in the EINTR/EAGAIN path, much like we do in atomicio; ok dtucker@ + - djm@cvs.openbsd.org 2010/01/12 00:59:29 + [roaming_common.c] + delete with extreme prejudice a debug() that fired with every keypress; + ok dtucker deraadt + - dtucker@cvs.openbsd.org 2010/01/12 01:31:05 + [session.c] + Do not allow logins if /etc/nologin exists but is not readable by the user + logging in. Noted by Jan.Pechanec at Sun, ok djm@ deraadt@ + - djm@cvs.openbsd.org 2010/01/12 01:36:08 + [buffer.h bufaux.c] + add a buffer_get_string_ptr_ret() that does the same as + buffer_get_string_ptr() but does not fatal() on error; ok dtucker@ + - dtucker@cvs.openbsd.org 2010/01/12 08:33:17 + [session.c] + Add explicit stat so we reliably detect nologin with bad perms. + ok djm markus + +20100110 + - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c] + Remove hacks add for RoutingDomain in preparation for its removal. + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2010/01/09 23:04:13 + [channels.c ssh.1 servconf.c sshd_config.5 sshd.c channels.h servconf.h + ssh-keyscan.1 ssh-keyscan.c readconf.c sshconnect.c misc.c ssh.c + readconf.h scp.1 sftp.1 ssh_config.5 misc.h] + Remove RoutingDomain from ssh since it's now not needed. It can be + replaced with "route exec" or "nc -V" as a proxycommand. "route exec" + also ensures that trafic such as DNS lookups stays withing the specified + routingdomain. For example (from reyk): + # route -T 2 exec /usr/sbin/sshd + or inherited from the parent process + $ route -T 2 exec sh + $ ssh 10.1.2.3 + ok deraadt@ markus@ stevesk@ reyk@ + - dtucker@cvs.openbsd.org 2010/01/10 03:51:17 + [servconf.c] + Add ChrootDirectory to sshd.c test-mode output + - dtucker@cvs.openbsd.org 2010/01/10 07:15:56 + [auth.c] + Output a debug if we can't open an existing keyfile. bz#1694, ok djm@ + +20100109 + - (dtucker) Wrap use of IPPROTO_IPV6 in an ifdef for platforms that don't + have it. + - (dtucker) [defines.h] define PRIu64 for platforms that don't have it. + - (dtucker) [roaming_client.c] Wrap inttypes.h in an ifdef. + - (dtucker) [loginrec.c] Use the SUSv3 specified name for the user name + when using utmpx. Patch from Ed Schouten. + - (dtucker) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2010/01/09 00:20:26 + [sftp-server.c sftp-server.8] + add a 'read-only' mode to sftp-server(8) that disables open in write mode + and all other fs-modifying protocol methods. bz#430 ok dtucker@ + - djm@cvs.openbsd.org 2010/01/09 00:57:10 + [PROTOCOL] + tweak language + - jmc@cvs.openbsd.org 2010/01/09 03:36:00 + [sftp-server.8] + bad place to forget a comma... + - djm@cvs.openbsd.org 2010/01/09 05:04:24 + [mux.c sshpty.h clientloop.c sshtty.c] + quell tc[gs]etattr warnings when forcing a tty (ssh -tt), since we + usually don't actually have a tty to read/set; bz#1686 ok dtucker@ + - dtucker@cvs.openbsd.org 2010/01/09 05:17:00 + [roaming_client.c] + Remove a PRIu64 format string that snuck in with roaming. ok djm@ + - dtucker@cvs.openbsd.org 2010/01/09 11:13:02 + [sftp.c] + Prevent sftp from derefing a null pointer when given a "-" without a + command. Also, allow whitespace to follow a "-". bz#1691, path from + Colin Watson via Debian. ok djm@ deraadt@ + - dtucker@cvs.openbsd.org 2010/01/09 11:17:56 + [sshd.c] + Afer sshd receives a SIGHUP, ignore subsequent HUPs while sshd re-execs + itself. Prevents two HUPs in quick succession from resulting in sshd + dying. bz#1692, patch from Colin Watson via Ubuntu. + - (dtucker) [defines.h] Remove now-undeeded PRIu64 define. + +20100108 + - (dtucker) OpenBSD CVS Sync + - andreas@cvs.openbsd.org 2009/10/24 11:11:58 + [roaming.h] + Declarations needed for upcoming changes. + ok markus@ + - andreas@cvs.openbsd.org 2009/10/24 11:13:54 + [sshconnect2.c kex.h kex.c] + Let the client detect if the server supports roaming by looking + for the resume@appgate.com kex algorithm. + ok markus@ + - andreas@cvs.openbsd.org 2009/10/24 11:15:29 + [clientloop.c] + client_loop() must detect if the session has been suspended and resumed, + and take appropriate action in that case. + From Martin Forssen, maf at appgate dot com + - andreas@cvs.openbsd.org 2009/10/24 11:19:17 + [ssh2.h] + Define the KEX messages used when resuming a suspended connection. + ok markus@ + - andreas@cvs.openbsd.org 2009/10/24 11:22:37 + [roaming_common.c] + Do the actual suspend/resume in the client. This won't be useful until + the server side supports roaming. + Most code from Martin Forssen, maf at appgate dot com. Some changes by + me and markus@ + ok markus@ + - andreas@cvs.openbsd.org 2009/10/24 11:23:42 + [ssh.c] + Request roaming to be enabled if UseRoaming is true and the server + supports it. + ok markus@ + - reyk@cvs.openbsd.org 2009/10/28 16:38:18 + [ssh_config.5 sshd.c misc.h ssh-keyscan.1 readconf.h sshconnect.c + channels.c channels.h servconf.h servconf.c ssh.1 ssh-keyscan.c scp.1 + sftp.1 sshd_config.5 readconf.c ssh.c misc.c] + Allow to set the rdomain in ssh/sftp/scp/sshd and ssh-keyscan. + ok markus@ + - jmc@cvs.openbsd.org 2009/10/28 21:45:08 + [sshd_config.5 sftp.1] + tweak previous; + - djm@cvs.openbsd.org 2009/11/10 02:56:22 + [ssh_config.5] + explain the constraints on LocalCommand some more so people don't + try to abuse it. + - djm@cvs.openbsd.org 2009/11/10 02:58:56 + [sshd_config.5] + clarify that StrictModes does not apply to ChrootDirectory. Permissions + and ownership are always checked when chrooting. bz#1532 + - dtucker@cvs.openbsd.org 2009/11/10 04:30:45 + [sshconnect2.c channels.c sshconnect.c] + Set close-on-exec on various descriptors so they don't get leaked to + child processes. bz #1643, patch from jchadima at redhat, ok deraadt. + - markus@cvs.openbsd.org 2009/11/11 21:37:03 + [channels.c channels.h] + fix race condition in x11/agent channel allocation: don't read after + the end of the select read/write fdset and make sure a reused FD + is not touched before the pre-handlers are called. + with and ok djm@ + - djm@cvs.openbsd.org 2009/11/17 05:31:44 + [clientloop.c] + fix incorrect exit status when multiplexing and channel ID 0 is recycled + bz#1570 reported by peter.oliver AT eon-is.co.uk; ok dtucker + - djm@cvs.openbsd.org 2009/11/19 23:39:50 + [session.c] + bz#1606: error when an attempt is made to connect to a server + with ForceCommand=internal-sftp with a shell session (i.e. not a + subsystem session). Avoids stuck client when attempting to ssh to such a + service. ok dtucker@ + - dtucker@cvs.openbsd.org 2009/11/20 00:15:41 + [session.c] + Warn but do not fail if stat()ing the subsystem binary fails. This helps + with chrootdirectory+forcecommand=sftp-server and restricted shells. + bz #1599, ok djm. + - djm@cvs.openbsd.org 2009/11/20 00:54:01 + [sftp.c] + bz#1588 change "Connecting to host..." message to "Connected to host." + and delay it until after the sftp protocol connection has been established. + Avoids confusing sequence of messages when the underlying ssh connection + experiences problems. ok dtucker@ + - dtucker@cvs.openbsd.org 2009/11/20 00:59:36 + [sshconnect2.c] + Use the HostKeyAlias when prompting for passwords. bz#1039, ok djm@ + - djm@cvs.openbsd.org 2009/11/20 03:24:07 + [misc.c] + correct off-by-one in percent_expand(): we would fatal() when trying + to expand EXPAND_MAX_KEYS, allowing only EXPAND_MAX_KEYS-1 to actually + work. Note that nothing in OpenSSH actually uses close to this limit at + present. bz#1607 from Jan.Pechanec AT Sun.COM + - halex@cvs.openbsd.org 2009/11/22 13:18:00 + [sftp.c] + make passing of zero-length arguments to ssh safe by + passing "-" "" rather than "-" + ok dtucker@, guenther@, djm@ + - dtucker@cvs.openbsd.org 2009/12/06 23:41:15 + [sshconnect2.c] + zap unused variable and strlen; from Steve McClellan, ok djm + - djm@cvs.openbsd.org 2009/12/06 23:53:45 + [roaming_common.c] + use socklen_t for getsockopt optlen parameter; reported by + Steve.McClellan AT radisys.com, ok dtucker@ + - dtucker@cvs.openbsd.org 2009/12/06 23:53:54 + [sftp.c] + fix potential divide-by-zero in sftp's "df" output when talking to a server + that reports zero files on the filesystem (Unix filesystems always have at + least the root inode). From Steve McClellan at radisys, ok djm@ + - markus@cvs.openbsd.org 2009/12/11 18:16:33 + [key.c] + switch from 35 to the more common value of RSA_F4 == (2**16)+1 == 65537 + for the RSA public exponent; discussed with provos; ok djm@ + - guenther@cvs.openbsd.org 2009/12/20 07:28:36 + [ssh.c sftp.c scp.c] + When passing user-controlled options with arguments to other programs, + pass the option and option argument as separate argv entries and + not smashed into one (e.g., as -l foo and not -lfoo). Also, always + pass a "--" argument to stop option parsing, so that a positional + argument that starts with a '-' isn't treated as an option. This + fixes some error cases as well as the handling of hostnames and + filenames that start with a '-'. + Based on a diff by halex@ + ok halex@ djm@ deraadt@ + - djm@cvs.openbsd.org 2009/12/20 23:20:40 + [PROTOCOL] + fix an incorrect magic number and typo in PROTOCOL; bz#1688 + report and fix from ueno AT unixuser.org + - stevesk@cvs.openbsd.org 2009/12/25 19:40:21 + [readconf.c servconf.c misc.h ssh-keyscan.c misc.c] + validate routing domain is in range 0-RT_TABLEID_MAX. + 'Looks right' deraadt@ + - stevesk@cvs.openbsd.org 2009/12/29 16:38:41 + [sshd_config.5 readconf.c ssh_config.5 scp.1 servconf.c sftp.1 ssh.1] + Rename RDomain config option to RoutingDomain to be more clear and + consistent with other options. + NOTE: if you currently use RDomain in the ssh client or server config, + or ssh/sshd -o, you must update to use RoutingDomain. + ok markus@ djm@ + - jmc@cvs.openbsd.org 2009/12/29 18:03:32 + [sshd_config.5 ssh_config.5] + sort previous; + - dtucker@cvs.openbsd.org 2010/01/04 01:45:30 + [sshconnect2.c] + Don't escape backslashes in the SSH2 banner. bz#1533, patch from + Michal Gorny via Gentoo. + - djm@cvs.openbsd.org 2010/01/04 02:03:57 + [sftp.c] + Implement tab-completion of commands, local and remote filenames for sftp. + Hacked on and off for some time by myself, mouring, Carlos Silva (via 2009 + Google Summer of Code) and polished to a fine sheen by myself again. + It should deal more-or-less correctly with the ikky corner-cases presented + by quoted filenames, but the UI could still be slightly improved. + In particular, it is quite slow for remote completion on large directories. + bz#200; ok markus@ + - djm@cvs.openbsd.org 2010/01/04 02:25:15 + [sftp-server.c] + bz#1566 don't unnecessarily dup() in and out fds for sftp-server; + ok markus@ + - dtucker@cvs.openbsd.org 2010/01/08 21:50:49 + [sftp.c] + Fix two warnings: possibly used unitialized and use a nul byte instead of + NULL pointer. ok djm@ + - (dtucker) [Makefile.in added roaming_client.c roaming_serv.c] Import new + files for roaming and add to Makefile. + - (dtucker) [Makefile.in] .c files do not belong in the OBJ lines. + - (dtucker) [sftp.c] ifdef out the sftp completion bits for platforms that + don't have libedit. + - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c] Make + RoutingDomain an unsupported option on platforms that don't have it. + - (dtucker) [sftp.c] Expand ifdef for libedit to cover complete_is_remote + too. + - (dtucker) [misc.c] Move the routingdomain ifdef to allow the socket to + be created. + - (dtucker] [misc.c] Shrink the area covered by USE_ROUTINGDOMAIN more + to eliminate an unused variable warning. + - (dtucker) [roaming_serv.c] Include includes.h for u_intXX_t types. + +20091226 + - (tim) [contrib/cygwin/Makefile] Install ssh-copy-id and ssh-copy-id.1 + Gzip all man pages. Patch from Corinna Vinschen. + +20091221 + - (dtucker) [auth-krb5.c platform.{c,h} openbsd-compat/port-aix.{c,h}] + Bug #1583: Use system's kerberos principal name on AIX if it's available. + Based on a patch from and tested by Miguel Sanders + +20091208 + - (dtucker) Bug #1470: Disable OOM-killing of the listening sshd on Linux, + based on a patch from Vaclav Ovsik and Colin Watson. ok djm. + +20091207 + - (dtucker) Bug #1160: use pkg-config for opensc config if it's available. + Tested by Martin Paljak. + - (dtucker) Bug #1677: add conditionals around the source for ssh-askpass. + +20091121 + - (tim) [opensshd.init.in] If PidFile is set in sshd_config, use it. + Bug 1628. OK dtucker@ + +20091120 + - (djm) [ssh-rand-helper.c] Print error and usage() when passed command- + line arguments as none are supported. Exit when passed unrecognised + commandline flags. bz#1568 from gson AT araneus.fi + +20091118 + - (djm) [channels.c misc.c misc.h sshd.c] add missing setsockopt() to + set IPV6_V6ONLY for local forwarding with GatwayPorts=yes. Unify + setting IPV6_V6ONLY behind a new function misc.c:sock_set_v6only() + bz#1648, report and fix from jan.kratochvil AT redhat.com + - (djm) [contrib/gnome-ssh-askpass2.c] Make askpass dialog desktop-modal. + bz#1645, patch from jchadima AT redhat.com + +20091107 + - (dtucker) [authfile.c] Fall back to 3DES for the encryption of private + keys when built with OpenSSL versions that don't do AES. + +20091105 + - (dtucker) [authfile.c] Add OpenSSL compat header so this still builds with + older versions of OpenSSL. + +20091024 + - (dtucker) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2009/10/11 23:03:15 + [hostfile.c] + mention the host name that we are looking for in check_host_in_hostfile() + - sobrado@cvs.openbsd.org 2009/10/17 12:10:39 + [sftp-server.c] + sort flags. + - sobrado@cvs.openbsd.org 2009/10/22 12:35:53 + [ssh.1 ssh-agent.1 ssh-add.1] + use the UNIX-related macros (.At and .Ux) where appropriate. + ok jmc@ + - sobrado@cvs.openbsd.org 2009/10/22 15:02:12 + [ssh-agent.1 ssh-add.1 ssh.1] + write UNIX-domain in a more consistent way; while here, replace a + few remaining ".Tn UNIX" macros with ".Ux" ones. + pointed out by ratchov@, thanks! + ok jmc@ + - djm@cvs.openbsd.org 2009/10/22 22:26:13 + [authfile.c] + switch from 3DES to AES-128 for encryption of passphrase-protected + SSH protocol 2 private keys; ok several + - djm@cvs.openbsd.org 2009/10/23 01:57:11 + [sshconnect2.c] + disallow a hostile server from checking jpake auth by sending an + out-of-sequence success message. (doesn't affect code enabled by default) + - dtucker@cvs.openbsd.org 2009/10/24 00:48:34 + [ssh-keygen.1] + ssh-keygen now uses AES-128 for private keys + - (dtucker) [mdoc2man.awk] Teach it to understand the .Ux macro. + - (dtucker) [session.c openbsd-compat/port-linux.{c,h}] Bug #1637: if selinux + is enabled set the security context to "sftpd_t" before running the + internal sftp server Based on a patch from jchadima at redhat. + +20091011 + - (dtucker) [configure.ac sftp-client.c] Remove the gyrations required for + dirent d_type and DTTOIF as we've switched OpenBSD to the more portable + lstat. + - (dtucker) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2009/10/08 14:03:41 + [sshd_config readconf.c ssh_config.5 servconf.c sshd_config.5] + disable protocol 1 by default (after a transition period of about 10 years) + ok deraadt + - jmc@cvs.openbsd.org 2009/10/08 20:42:12 + [sshd_config.5 ssh_config.5 sshd.8 ssh.1] + some tweaks now that protocol 1 is not offered by default; ok markus + - dtucker@cvs.openbsd.org 2009/10/11 10:41:26 + [sftp-client.c] + d_type isn't portable so use lstat to get dirent modes. Suggested by and + "looks sane" deraadt@ + - markus@cvs.openbsd.org 2009/10/08 18:04:27 + [regress/test-exec.sh] + re-enable protocol v1 for the tests. + +20091007 + - (dtucker) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2009/08/12 00:13:00 + [sftp.c sftp.1] + support most of scp(1)'s commandline arguments in sftp(1), as a first + step towards making sftp(1) a drop-in replacement for scp(1). + One conflicting option (-P) has not been changed, pending further + discussion. + Patch from carlosvsilvapt@gmail.com as part of his work in the + Google Summer of Code + - jmc@cvs.openbsd.org 2009/08/12 06:31:42 + [sftp.1] + sort options; + - djm@cvs.openbsd.org 2009/08/13 01:11:19 + [sftp.1 sftp.c] + Swizzle options: "-P sftp_server_path" moves to "-D sftp_server_path", + add "-P port" to match scp(1). Fortunately, the -P option is only really + used by our regression scripts. + part of larger patch from carlosvsilvapt@gmail.com for his Google Summer + of Code work; ok deraadt markus + - jmc@cvs.openbsd.org 2009/08/13 13:39:54 + [sftp.1 sftp.c] + sync synopsis and usage(); + - djm@cvs.openbsd.org 2009/08/14 18:17:49 + [sftp-client.c] + make the "get_handle: ..." error messages vaguely useful by allowing + callers to specify their own error message strings. + - fgsch@cvs.openbsd.org 2009/08/15 18:56:34 + [auth.h] + remove unused define. markus@ ok. *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-src-vendor@FreeBSD.ORG Wed Apr 28 21:50:59 2010 Return-Path: Delivered-To: svn-src-vendor@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 585B61065673; Wed, 28 Apr 2010 21:50:59 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 433128FC15; Wed, 28 Apr 2010 21:50:59 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id o3SLoxO9056246; Wed, 28 Apr 2010 21:50:59 GMT (envelope-from jkim@svn.freebsd.org) Received: (from jkim@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id o3SLow2N056233; Wed, 28 Apr 2010 21:50:58 GMT (envelope-from jkim@svn.freebsd.org) Message-Id: <201004282150.o3SLow2N056233@svn.freebsd.org> From: Jung-uk Kim Date: Wed, 28 Apr 2010 21:50:58 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org X-SVN-Group: vendor-sys MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r207340 - in vendor-sys/acpica/dist: . common compiler debugger events executer include os_specific/service_layers tables tests tests/misc tools/acpiexec tools/acpisrc utilities X-BeenThere: svn-src-vendor@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the vendor work area tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2010 21:50:59 -0000 Author: jkim Date: Wed Apr 28 21:50:57 2010 New Revision: 207340 URL: http://svn.freebsd.org/changeset/base/207340 Log: Import ACPICA 20100428. Added: vendor-sys/acpica/dist/compiler/aslrestype1i.c (contents, props changed) vendor-sys/acpica/dist/compiler/aslrestype2d.c (contents, props changed) vendor-sys/acpica/dist/compiler/aslrestype2e.c (contents, props changed) vendor-sys/acpica/dist/compiler/aslrestype2q.c (contents, props changed) vendor-sys/acpica/dist/compiler/aslrestype2w.c (contents, props changed) vendor-sys/acpica/dist/events/evgpeinit.c (contents, props changed) vendor-sys/acpica/dist/events/evgpeutil.c (contents, props changed) vendor-sys/acpica/dist/tests/ vendor-sys/acpica/dist/tests/misc/ vendor-sys/acpica/dist/tests/misc/badcode.asl vendor-sys/acpica/dist/tests/misc/grammar.asl Modified: vendor-sys/acpica/dist/changes.txt vendor-sys/acpica/dist/common/adisasm.c vendor-sys/acpica/dist/compiler/Makefile vendor-sys/acpica/dist/compiler/aslcompile.c vendor-sys/acpica/dist/compiler/aslcompiler.h vendor-sys/acpica/dist/compiler/asldefine.h vendor-sys/acpica/dist/compiler/aslfiles.c vendor-sys/acpica/dist/compiler/aslglobal.h vendor-sys/acpica/dist/compiler/asllisting.c vendor-sys/acpica/dist/compiler/aslmain.c vendor-sys/acpica/dist/compiler/aslpredef.c vendor-sys/acpica/dist/compiler/aslresource.c vendor-sys/acpica/dist/compiler/aslrestype1.c vendor-sys/acpica/dist/compiler/aslrestype2.c vendor-sys/acpica/dist/compiler/asltypes.h vendor-sys/acpica/dist/debugger/dbcmds.c vendor-sys/acpica/dist/debugger/dbdisply.c vendor-sys/acpica/dist/events/evgpe.c vendor-sys/acpica/dist/events/evgpeblk.c vendor-sys/acpica/dist/executer/exconfig.c vendor-sys/acpica/dist/executer/exoparg1.c vendor-sys/acpica/dist/executer/exsystem.c vendor-sys/acpica/dist/include/acevents.h vendor-sys/acpica/dist/include/acglobal.h vendor-sys/acpica/dist/include/acinterp.h vendor-sys/acpica/dist/include/aclocal.h vendor-sys/acpica/dist/include/acpiosxf.h vendor-sys/acpica/dist/include/acpixf.h vendor-sys/acpica/dist/include/actypes.h vendor-sys/acpica/dist/include/amlresrc.h vendor-sys/acpica/dist/os_specific/service_layers/osunixxf.c vendor-sys/acpica/dist/os_specific/service_layers/oswinxf.c vendor-sys/acpica/dist/osunixxf.c vendor-sys/acpica/dist/tables/tbfind.c vendor-sys/acpica/dist/tables/tbinstal.c vendor-sys/acpica/dist/tables/tbutils.c vendor-sys/acpica/dist/tables/tbxface.c vendor-sys/acpica/dist/tools/acpiexec/Makefile vendor-sys/acpica/dist/tools/acpiexec/aeexec.c vendor-sys/acpica/dist/tools/acpiexec/aetables.c vendor-sys/acpica/dist/tools/acpisrc/astable.c vendor-sys/acpica/dist/utilities/utcopy.c vendor-sys/acpica/dist/utilities/utglobal.c vendor-sys/acpica/dist/utilities/uttrack.c Modified: vendor-sys/acpica/dist/changes.txt ============================================================================== --- vendor-sys/acpica/dist/changes.txt Wed Apr 28 19:42:20 2010 (r207339) +++ vendor-sys/acpica/dist/changes.txt Wed Apr 28 21:50:57 2010 (r207340) @@ -1,4 +1,70 @@ ---------------------------------------- +28 April 2010. Summary of changes for version 20100428: + +1) ACPI CA Core Subsystem: + +Implemented GPE support for dynamically loaded ACPI tables. For all GPEs, +including FADT-based and GPE Block Devices, execute any _PRW methods in the +new table, and process any _Lxx/_Exx GPE methods in the new table. Any +runtime GPE that is referenced by an _Lxx/_Exx method in the new table is +immediately enabled. Handles the FADT-defined GPEs as well as GPE Block +Devices. Provides compatibility with other ACPI implementations. Two new +files added, evgpeinit.c and evgpeutil.c. ACPICA BZ 833. Lin Ming, Bob Moore. + +Fixed a regression introduced in version 20100331 within the table manager +where initial table loading could fail. This was introduced in the fix for +AcpiReallocateRootTable. Also, renamed some of fields in the table manager +data structures to clarify their meaning and use. + +Fixed a possible allocation overrun during internal object copy in +AcpiUtCopySimpleObject. The original code did not correctly handle the case +where the object to be copied was a namespace node. Lin Ming. ACPICA BZ 847. + +Updated the allocation dump routine, AcpiUtDumpAllocation and fixed a +possible access beyond end-of-allocation. Also, now fully validate descriptor +(size and type) before output. Lin Ming, Bob Moore. ACPICA BZ 847 + +Example Code and Data Size: These are the sizes for the OS-independent +acpica.lib produced by the Microsoft Visual C++ 6.0 32-bit compiler. The +debug version of the code includes the debug output trace mechanism and has a +much larger code and data size. + + Previous Release: + Non-Debug Version: 87.9K Code, 18.6K Data, 106.5K Total + Debug Version: 163.5K Code, 51.3K Data, 214.8K Total + Current Release: + Non-Debug Version: 88.4K Code, 18.8K Data, 107.2K Total + Debug Version: 164.2K Code, 51.5K Data, 215.7K Total + +2) iASL Compiler/Disassembler and Tools: + +iASL: Implemented Min/Max/Len/Gran validation for address resource +descriptors. This change implements validation for the address fields that +are common to all address-type resource descriptors. These checks are +implemented: Checks for valid Min/Max, length within the Min/Max window, +valid granularity, Min/Max a multiple of granularity, and _MIF/_MAF as per +table 6-40 in the ACPI 4.0a specification. Also split the large aslrestype1.c +and aslrestype2.c files into five new files. ACPICA BZ 840. + +iASL: Added support for the _Wxx predefined names. This support was missing +and these names were not recognized by the compiler as valid predefined +names. ACPICA BZ 851. + +iASL: Added an error for all predefined names that are defined to return no +value and thus must be implemented as Control Methods. These include all of +the _Lxx, _Exx, _Wxx, and _Qxx names, as well as some other miscellaneous +names such as _DIS, _INI, _IRC, _OFF, _ON, and _PSx. ACPICA BZ 850, 856. + +iASL: Implemented the -ts option to emit hex AML data in ASL format, as an +ASL Buffer. Allows ACPI tables to be easily included within ASL files, to be +dynamically loaded via the Load() operator. Also cleaned up output for the - +ta and -tc options. ACPICA BZ 853. + +Tests: Added a new file with examples of extended iASL error checking. +Demonstrates the advanced error checking ability of the iASL compiler. +Available at tests/misc/badcode.asl. + +---------------------------------------- 31 March 2010. Summary of changes for version 20100331: 1) ACPI CA Core Subsystem: Modified: vendor-sys/acpica/dist/common/adisasm.c ============================================================================== --- vendor-sys/acpica/dist/common/adisasm.c Wed Apr 28 19:42:20 2010 (r207339) +++ vendor-sys/acpica/dist/common/adisasm.c Wed Apr 28 21:50:57 2010 (r207340) @@ -282,8 +282,8 @@ AdInitialize ( /* Setup the Table Manager (cheat - there is no RSDT) */ - AcpiGbl_RootTableList.Size = 1; - AcpiGbl_RootTableList.Count = 0; + AcpiGbl_RootTableList.MaxTableCount = 1; + AcpiGbl_RootTableList.CurrentTableCount = 0; AcpiGbl_RootTableList.Tables = LocalTables; return (Status); @@ -1156,7 +1156,7 @@ AdParseTable ( /* If LoadTable is FALSE, we are parsing the last loaded table */ - TableIndex = AcpiGbl_RootTableList.Count - 1; + TableIndex = AcpiGbl_RootTableList.CurrentTableCount - 1; /* Pass 2 */ Modified: vendor-sys/acpica/dist/compiler/Makefile ============================================================================== --- vendor-sys/acpica/dist/compiler/Makefile Wed Apr 28 19:42:20 2010 (r207339) +++ vendor-sys/acpica/dist/compiler/Makefile Wed Apr 28 21:50:57 2010 (r207340) @@ -1,11 +1,37 @@ - PROG= iasl -SRCS= aslcompilerparse.c aslcompilerlex.c aslanalyze.c aslcodegen.c \ - aslcompile.c aslerror.c aslfiles.c asllength.c \ - asllisting.c aslload.c asllookup.c aslmain.c aslmap.c aslopcodes.c \ - asloperands.c aslpredef.c aslresource.c aslrestype1.c aslrestype2.c aslstartup.c \ - asltree.c aslutils.c asltransform.c aslfold.c aslstubs.c aslopt.c \ +SRCS= \ + aslcompilerparse.c \ + aslcompilerlex.c \ + aslanalyze.c \ + aslcodegen.c \ + aslcompile.c \ + aslerror.c \ + aslfiles.c \ + aslfold.c \ + asllength.c \ + asllisting.c \ + aslload.c \ + asllookup.c \ + aslmain.c \ + aslmap.c \ + aslopcodes.c \ + asloperands.c \ + aslopt.c \ + aslpredef.c \ + aslresource.c \ + aslrestype1.c \ + aslrestype1i.c \ + aslrestype2.c \ + aslrestype2d.c \ + aslrestype2e.c \ + aslrestype2q.c \ + aslrestype2w.c \ + aslstartup.c \ + aslstubs.c \ + asltransform.c \ + asltree.c \ + aslutils.c \ ../common/getopt.c \ ../utilities/utalloc.c \ ../utilities/utcache.c \ Modified: vendor-sys/acpica/dist/compiler/aslcompile.c ============================================================================== --- vendor-sys/acpica/dist/compiler/aslcompile.c Wed Apr 28 19:42:20 2010 (r207339) +++ vendor-sys/acpica/dist/compiler/aslcompile.c Wed Apr 28 21:50:57 2010 (r207340) @@ -177,7 +177,8 @@ AslCompilerSignon ( { Prefix = "; "; } - else if (Gbl_HexOutputFlag == HEX_OUTPUT_C) + else if ((Gbl_HexOutputFlag == HEX_OUTPUT_C) || + (Gbl_HexOutputFlag == HEX_OUTPUT_ASL)) { FlPrintFile (ASL_FILE_HEX_OUTPUT, "/*\n"); Prefix = " * "; @@ -265,7 +266,8 @@ AslCompilerFileHeader ( { Prefix = "; "; } - else if (Gbl_HexOutputFlag == HEX_OUTPUT_C) + else if ((Gbl_HexOutputFlag == HEX_OUTPUT_C) || + (Gbl_HexOutputFlag == HEX_OUTPUT_ASL)) { Prefix = " * "; } Modified: vendor-sys/acpica/dist/compiler/aslcompiler.h ============================================================================== --- vendor-sys/acpica/dist/compiler/aslcompiler.h Wed Apr 28 19:42:20 2010 (r207339) +++ vendor-sys/acpica/dist/compiler/aslcompiler.h Wed Apr 28 21:50:57 2010 (r207340) @@ -592,6 +592,10 @@ FlFileError ( UINT32 FileId, UINT8 ErrorId); +UINT32 +FlGetFileSize ( + UINT32 FileId); + ACPI_STATUS FlReadFile ( UINT32 FileId, @@ -750,6 +754,34 @@ UtDoConstant ( /* * aslresource - Resource template generation utilities */ +void +RsSmallAddressCheck ( + UINT8 Type, + UINT32 Minimum, + UINT32 Maximum, + UINT32 Length, + UINT32 Alignment, + ACPI_PARSE_OBJECT *MinOp, + ACPI_PARSE_OBJECT *MaxOp, + ACPI_PARSE_OBJECT *LengthOp, + ACPI_PARSE_OBJECT *AlignOp); + +void +RsLargeAddressCheck ( + UINT64 Minimum, + UINT64 Maximum, + UINT64 Length, + UINT64 Granularity, + UINT8 Flags, + ACPI_PARSE_OBJECT *MinOp, + ACPI_PARSE_OBJECT *MaxOp, + ACPI_PARSE_OBJECT *LengthOp, + ACPI_PARSE_OBJECT *GranOp); + +UINT16 +RsGetStringDataLength ( + ACPI_PARSE_OBJECT *InitializerOp); + ASL_RESOURCE_NODE * RsAllocateResourceNode ( UINT32 Size); @@ -805,7 +837,7 @@ RsDoResourceTemplate ( /* - * aslrestype1 - generate Small descriptors + * aslrestype1 - Miscellaneous Small descriptors */ ASL_RESOURCE_NODE * RsDoEndTagDescriptor ( @@ -813,68 +845,72 @@ RsDoEndTagDescriptor ( UINT32 CurrentByteOffset); ASL_RESOURCE_NODE * -RsDoDmaDescriptor ( +RsDoEndDependentDescriptor ( ACPI_PARSE_OBJECT *Op, UINT32 CurrentByteOffset); ASL_RESOURCE_NODE * -RsDoEndDependentDescriptor ( +RsDoMemory24Descriptor ( ACPI_PARSE_OBJECT *Op, UINT32 CurrentByteOffset); ASL_RESOURCE_NODE * -RsDoFixedIoDescriptor ( +RsDoMemory32Descriptor ( ACPI_PARSE_OBJECT *Op, UINT32 CurrentByteOffset); ASL_RESOURCE_NODE * -RsDoIoDescriptor ( +RsDoMemory32FixedDescriptor ( ACPI_PARSE_OBJECT *Op, UINT32 CurrentByteOffset); ASL_RESOURCE_NODE * -RsDoIrqDescriptor ( +RsDoStartDependentDescriptor ( ACPI_PARSE_OBJECT *Op, UINT32 CurrentByteOffset); ASL_RESOURCE_NODE * -RsDoIrqNoFlagsDescriptor ( +RsDoStartDependentNoPriDescriptor ( ACPI_PARSE_OBJECT *Op, UINT32 CurrentByteOffset); ASL_RESOURCE_NODE * -RsDoMemory24Descriptor ( +RsDoVendorSmallDescriptor ( ACPI_PARSE_OBJECT *Op, UINT32 CurrentByteOffset); + +/* + * aslrestype1i - I/O-related Small descriptors + */ ASL_RESOURCE_NODE * -RsDoMemory32Descriptor ( +RsDoDmaDescriptor ( ACPI_PARSE_OBJECT *Op, UINT32 CurrentByteOffset); ASL_RESOURCE_NODE * -RsDoMemory32FixedDescriptor ( +RsDoFixedIoDescriptor ( ACPI_PARSE_OBJECT *Op, UINT32 CurrentByteOffset); ASL_RESOURCE_NODE * -RsDoStartDependentDescriptor ( +RsDoIoDescriptor ( ACPI_PARSE_OBJECT *Op, UINT32 CurrentByteOffset); ASL_RESOURCE_NODE * -RsDoStartDependentNoPriDescriptor ( +RsDoIrqDescriptor ( ACPI_PARSE_OBJECT *Op, UINT32 CurrentByteOffset); ASL_RESOURCE_NODE * -RsDoVendorSmallDescriptor ( +RsDoIrqNoFlagsDescriptor ( ACPI_PARSE_OBJECT *Op, UINT32 CurrentByteOffset); /* - * aslrestype2 - generate Large descriptors + * aslrestype2 - Large resource descriptors */ ASL_RESOURCE_NODE * RsDoInterruptDescriptor ( @@ -882,6 +918,20 @@ RsDoInterruptDescriptor ( UINT32 CurrentByteOffset); ASL_RESOURCE_NODE * +RsDoVendorLargeDescriptor ( + ACPI_PARSE_OBJECT *Op, + UINT32 CurrentByteOffset); + +ASL_RESOURCE_NODE * +RsDoGeneralRegisterDescriptor ( + ACPI_PARSE_OBJECT *Op, + UINT32 CurrentByteOffset); + + +/* + * aslrestype2d - DWord address descriptors + */ +ASL_RESOURCE_NODE * RsDoDwordIoDescriptor ( ACPI_PARSE_OBJECT *Op, UINT32 CurrentByteOffset); @@ -896,6 +946,10 @@ RsDoDwordSpaceDescriptor ( ACPI_PARSE_OBJECT *Op, UINT32 CurrentByteOffset); + +/* + * aslrestype2e - Extended address descriptors + */ ASL_RESOURCE_NODE * RsDoExtendedIoDescriptor ( ACPI_PARSE_OBJECT *Op, @@ -911,6 +965,10 @@ RsDoExtendedSpaceDescriptor ( ACPI_PARSE_OBJECT *Op, UINT32 CurrentByteOffset); + +/* + * aslrestype2q - QWord address descriptors + */ ASL_RESOURCE_NODE * RsDoQwordIoDescriptor ( ACPI_PARSE_OBJECT *Op, @@ -926,6 +984,10 @@ RsDoQwordSpaceDescriptor ( ACPI_PARSE_OBJECT *Op, UINT32 CurrentByteOffset); + +/* + * aslrestype2w - Word address descriptors + */ ASL_RESOURCE_NODE * RsDoWordIoDescriptor ( ACPI_PARSE_OBJECT *Op, @@ -941,15 +1003,5 @@ RsDoWordBusNumberDescriptor ( ACPI_PARSE_OBJECT *Op, UINT32 CurrentByteOffset); -ASL_RESOURCE_NODE * -RsDoVendorLargeDescriptor ( - ACPI_PARSE_OBJECT *Op, - UINT32 CurrentByteOffset); - -ASL_RESOURCE_NODE * -RsDoGeneralRegisterDescriptor ( - ACPI_PARSE_OBJECT *Op, - UINT32 CurrentByteOffset); - #endif /* __ASLCOMPILER_H */ Modified: vendor-sys/acpica/dist/compiler/asldefine.h ============================================================================== --- vendor-sys/acpica/dist/compiler/asldefine.h Wed Apr 28 19:42:20 2010 (r207339) +++ vendor-sys/acpica/dist/compiler/asldefine.h Wed Apr 28 21:50:57 2010 (r207340) @@ -128,7 +128,7 @@ #define CompilerId "ASL Optimizing Compiler" #define DisassemblerId "AML Disassembler" #define CompilerCopyright "Copyright (c) 2000 - 2010 Intel Corporation" -#define CompilerCompliance "Supports ACPI Specification Revision 4.0" +#define CompilerCompliance "Supports ACPI Specification Revision 4.0a" #define CompilerName "iasl" #define CompilerCreatorId "INTL" Modified: vendor-sys/acpica/dist/compiler/aslfiles.c ============================================================================== --- vendor-sys/acpica/dist/compiler/aslfiles.c Wed Apr 28 19:42:20 2010 (r207339) +++ vendor-sys/acpica/dist/compiler/aslfiles.c Wed Apr 28 21:50:57 2010 (r207340) @@ -236,6 +236,36 @@ FlOpenFile ( /******************************************************************************* * + * FUNCTION: FlGetFileSize + * + * PARAMETERS: FileId - Index into file info array + * + * RETURN: File Size + * + * DESCRIPTION: Get current file size. Uses seek-to-EOF. File must be open. + * + ******************************************************************************/ + +UINT32 +FlGetFileSize ( + UINT32 FileId) +{ + FILE *fp; + UINT32 FileSize; + + + fp = Gbl_Files[FileId].Handle; + + fseek (fp, 0, SEEK_END); + FileSize = (UINT32) ftell (fp); + fseek (fp, 0, SEEK_SET); + + return (FileSize); +} + + +/******************************************************************************* + * * FUNCTION: FlReadFile * * PARAMETERS: FileId - Index into file info array Modified: vendor-sys/acpica/dist/compiler/aslglobal.h ============================================================================== --- vendor-sys/acpica/dist/compiler/aslglobal.h Wed Apr 28 19:42:20 2010 (r207339) +++ vendor-sys/acpica/dist/compiler/aslglobal.h Wed Apr 28 21:50:57 2010 (r207340) @@ -188,6 +188,7 @@ ASL_EXTERN BOOLEAN ASL_ ASL_EXTERN BOOLEAN ASL_INIT_GLOBAL (Gbl_FoldConstants, TRUE); ASL_EXTERN BOOLEAN ASL_INIT_GLOBAL (Gbl_VerboseErrors, TRUE); ASL_EXTERN BOOLEAN ASL_INIT_GLOBAL (Gbl_NoErrors, FALSE); +ASL_EXTERN BOOLEAN ASL_INIT_GLOBAL (Gbl_NoResourceChecking, FALSE); ASL_EXTERN BOOLEAN ASL_INIT_GLOBAL (Gbl_DisasmFlag, FALSE); ASL_EXTERN BOOLEAN ASL_INIT_GLOBAL (Gbl_GetAllTables, FALSE); ASL_EXTERN BOOLEAN ASL_INIT_GLOBAL (Gbl_IntegerOptimizationFlag, TRUE); @@ -200,6 +201,8 @@ ASL_EXTERN UINT8 ASL_ #define HEX_OUTPUT_NONE 0 #define HEX_OUTPUT_C 1 #define HEX_OUTPUT_ASM 2 +#define HEX_OUTPUT_ASL 3 + ASL_EXTERN BOOLEAN ASL_INIT_GLOBAL (Gbl_HexOutputFlag, HEX_OUTPUT_NONE); Modified: vendor-sys/acpica/dist/compiler/asllisting.c ============================================================================== --- vendor-sys/acpica/dist/compiler/asllisting.c Wed Apr 28 19:42:20 2010 (r207339) +++ vendor-sys/acpica/dist/compiler/asllisting.c Wed Apr 28 21:50:57 2010 (r207340) @@ -198,6 +198,10 @@ static void LsDoHexOutputAsm ( void); +static void +LsDoHexOutputAsl ( + void); + ACPI_STATUS LsTreeWriteWalk ( ACPI_PARSE_OBJECT *Op, @@ -1337,6 +1341,11 @@ LsDoHexOutput ( LsDoHexOutputAsm (); break; + case HEX_OUTPUT_ASL: + + LsDoHexOutputAsl (); + break; + default: /* No other output types supported */ break; @@ -1362,60 +1371,160 @@ static void LsDoHexOutputC ( void) { - UINT32 j; - UINT8 FileByte[HEX_TABLE_LINE_SIZE]; - UINT8 Buffer[4]; + UINT8 FileData[HEX_TABLE_LINE_SIZE]; + UINT32 LineLength; UINT32 Offset = 0; + UINT32 AmlFileSize; + UINT32 i; + + + /* Get AML size, seek back to start */ + AmlFileSize = FlGetFileSize (ASL_FILE_AML_OUTPUT); - FlPrintFile (ASL_FILE_HEX_OUTPUT, " * C source code output\n *\n */\n"); + FlPrintFile (ASL_FILE_HEX_OUTPUT, " * C source code output\n"); + FlPrintFile (ASL_FILE_HEX_OUTPUT, " * AML code block contains 0x%X bytes\n *\n */\n", + AmlFileSize); FlPrintFile (ASL_FILE_HEX_OUTPUT, "unsigned char AmlCode[] =\n{\n"); - /* Start at the beginning of the AML file */ + while (Offset < AmlFileSize) + { + /* Read enough bytes needed for one output line */ - FlSeekFile (ASL_FILE_AML_OUTPUT, 0); + LineLength = fread (FileData, 1, HEX_TABLE_LINE_SIZE, + Gbl_Files[ASL_FILE_AML_OUTPUT].Handle); + if (!LineLength) + { + break; + } - /* Process all AML bytes in the AML file */ + FlPrintFile (ASL_FILE_HEX_OUTPUT, " "); - j = 0; - while (FlReadFile (ASL_FILE_AML_OUTPUT, &FileByte[j], 1) == AE_OK) - { - if (j == 0) + for (i = 0; i < LineLength; i++) { - FlPrintFile (ASL_FILE_HEX_OUTPUT, " "); + /* + * Print each hex byte. + * Add a comma until the very last byte of the AML file + * (Some C compilers complain about a trailing comma) + */ + FlPrintFile (ASL_FILE_HEX_OUTPUT, "0x%2.2X", FileData[i]); + if ((Offset + i + 1) < AmlFileSize) + { + FlPrintFile (ASL_FILE_HEX_OUTPUT, ","); + } + else + { + FlPrintFile (ASL_FILE_HEX_OUTPUT, " "); + } } - /* Convert each AML byte to hex */ + /* Add fill spaces if needed for last line */ - UtConvertByteToHex (FileByte[j], Buffer); - FlWriteFile (ASL_FILE_HEX_OUTPUT, Buffer, 4); - FlPrintFile (ASL_FILE_HEX_OUTPUT, ","); + if (LineLength < HEX_TABLE_LINE_SIZE) + { + FlPrintFile (ASL_FILE_HEX_OUTPUT, "%*s", + 5 * (HEX_TABLE_LINE_SIZE - LineLength), " "); + } - /* An occasional linefeed improves readability */ + /* Emit the offset and ascii dump for the entire line */ - Offset++; - j++; + FlPrintFile (ASL_FILE_HEX_OUTPUT, " /* %8.8X", Offset); + LsDumpAsciiInComment (ASL_FILE_HEX_OUTPUT, LineLength, FileData); + FlPrintFile (ASL_FILE_HEX_OUTPUT, "%*s*/\n", + HEX_TABLE_LINE_SIZE - LineLength + 1, " "); - if (j >= HEX_TABLE_LINE_SIZE) - { - /* End of line, emit the ascii dump of the entire line */ + Offset += LineLength; + } - FlPrintFile (ASL_FILE_HEX_OUTPUT, - " /* %8.8X", Offset - HEX_TABLE_LINE_SIZE); + FlPrintFile (ASL_FILE_HEX_OUTPUT, "};\n"); + FlCloseFile (ASL_FILE_HEX_OUTPUT); +} - /* Write the ASCII character associated with each of the bytes */ - LsDumpAsciiInComment (ASL_FILE_HEX_OUTPUT, - HEX_TABLE_LINE_SIZE, FileByte); - FlPrintFile (ASL_FILE_HEX_OUTPUT, " */\n"); +/******************************************************************************* + * + * FUNCTION: LsDoHexOutputAsl + * + * PARAMETERS: None + * + * RETURN: None. + * + * DESCRIPTION: Create the hex output file. This is the same data as the AML + * output file, but formatted into hex/ascii bytes suitable for + * inclusion into a C source file. + * + ******************************************************************************/ - /* Start new line */ +static void +LsDoHexOutputAsl ( + void) +{ + UINT8 FileData[HEX_TABLE_LINE_SIZE]; + UINT32 LineLength; + UINT32 Offset = 0; + UINT32 AmlFileSize; + UINT32 i; - j = 0; + + /* Get AML size, seek back to start */ + + AmlFileSize = FlGetFileSize (ASL_FILE_AML_OUTPUT); + + FlPrintFile (ASL_FILE_HEX_OUTPUT, " * ASL source code output\n"); + FlPrintFile (ASL_FILE_HEX_OUTPUT, " * AML code block contains 0x%X bytes\n *\n */\n", + AmlFileSize); + FlPrintFile (ASL_FILE_HEX_OUTPUT, " Name (BUF1, Buffer()\n {\n"); + + while (Offset < AmlFileSize) + { + /* Read enough bytes needed for one output line */ + + LineLength = fread (FileData, 1, HEX_TABLE_LINE_SIZE, + Gbl_Files[ASL_FILE_AML_OUTPUT].Handle); + if (!LineLength) + { + break; + } + + FlPrintFile (ASL_FILE_HEX_OUTPUT, " "); + + for (i = 0; i < LineLength; i++) + { + /* + * Print each hex byte. + * Add a comma until the very last byte of the AML file + * (Some C compilers complain about a trailing comma) + */ + FlPrintFile (ASL_FILE_HEX_OUTPUT, "0x%2.2X", FileData[i]); + if ((Offset + i + 1) < AmlFileSize) + { + FlPrintFile (ASL_FILE_HEX_OUTPUT, ","); + } + else + { + FlPrintFile (ASL_FILE_HEX_OUTPUT, " "); + } + } + + /* Add fill spaces if needed for last line */ + + if (LineLength < HEX_TABLE_LINE_SIZE) + { + FlPrintFile (ASL_FILE_HEX_OUTPUT, "%*s", + 5 * (HEX_TABLE_LINE_SIZE - LineLength), " "); } + + /* Emit the offset and ascii dump for the entire line */ + + FlPrintFile (ASL_FILE_HEX_OUTPUT, " /* %8.8X", Offset); + LsDumpAsciiInComment (ASL_FILE_HEX_OUTPUT, LineLength, FileData); + FlPrintFile (ASL_FILE_HEX_OUTPUT, "%*s*/\n", + HEX_TABLE_LINE_SIZE - LineLength + 1, " "); + + Offset += LineLength; } - FlPrintFile (ASL_FILE_HEX_OUTPUT, "\n};\n"); + FlPrintFile (ASL_FILE_HEX_OUTPUT, " })\n"); FlCloseFile (ASL_FILE_HEX_OUTPUT); } @@ -1438,58 +1547,64 @@ static void LsDoHexOutputAsm ( void) { - UINT32 j; - UINT8 FileByte[HEX_TABLE_LINE_SIZE]; - UINT8 Buffer[4]; + UINT8 FileData[HEX_TABLE_LINE_SIZE]; + UINT32 LineLength; UINT32 Offset = 0; - BOOLEAN DoComma = FALSE; + UINT32 AmlFileSize; + UINT32 i; - FlPrintFile (ASL_FILE_HEX_OUTPUT, "; Assembly code source output\n;\n"); + /* Get AML size, seek back to start */ - /* Start at the beginning of the AML file */ + AmlFileSize = FlGetFileSize (ASL_FILE_AML_OUTPUT); - FlSeekFile (ASL_FILE_AML_OUTPUT, 0); + FlPrintFile (ASL_FILE_HEX_OUTPUT, "; Assembly code source output\n"); + FlPrintFile (ASL_FILE_HEX_OUTPUT, "; AML code block contains 0x%X bytes\n;\n", + AmlFileSize); - /* Process all AML bytes in the AML file */ - - j = 0; - while (FlReadFile (ASL_FILE_AML_OUTPUT, &FileByte[j], 1) == AE_OK) + while (Offset < AmlFileSize) { - if (j == 0) + /* Read enough bytes needed for one output line */ + + LineLength = fread (FileData, 1, HEX_TABLE_LINE_SIZE, + Gbl_Files[ASL_FILE_AML_OUTPUT].Handle); + if (!LineLength) { - FlPrintFile (ASL_FILE_HEX_OUTPUT, " db "); + break; } - else if (DoComma) + + FlPrintFile (ASL_FILE_HEX_OUTPUT, " db "); + + for (i = 0; i < LineLength; i++) { - FlPrintFile (ASL_FILE_HEX_OUTPUT, ","); - DoComma = FALSE; + /* + * Print each hex byte. + * Add a comma until the last byte of the line + */ + FlPrintFile (ASL_FILE_HEX_OUTPUT, "0%2.2Xh", FileData[i]); + if ((i + 1) < LineLength) + { + FlPrintFile (ASL_FILE_HEX_OUTPUT, ","); + } } - /* Convert each AML byte to hex */ - - UtConvertByteToAsmHex (FileByte[j], Buffer); - FlWriteFile (ASL_FILE_HEX_OUTPUT, Buffer, 4); + FlPrintFile (ASL_FILE_HEX_OUTPUT, " "); - /* An occasional linefeed improves readability */ + /* Add fill spaces if needed for last line */ - Offset++; - j++; - if (j >= HEX_TABLE_LINE_SIZE) + if (LineLength < HEX_TABLE_LINE_SIZE) { - FlPrintFile (ASL_FILE_HEX_OUTPUT, - " ;%8.8X", Offset - HEX_TABLE_LINE_SIZE); + FlPrintFile (ASL_FILE_HEX_OUTPUT, "%*s", + 5 * (HEX_TABLE_LINE_SIZE - LineLength), " "); + } - /* Write the ASCII character associated with each of the bytes */ + /* Emit the offset and ascii dump for the entire line */ - LsDumpAscii (ASL_FILE_HEX_OUTPUT, HEX_TABLE_LINE_SIZE, FileByte); - FlPrintFile (ASL_FILE_HEX_OUTPUT, "\n"); - j = 0; - } - else - { - DoComma = TRUE; - } + FlPrintFile (ASL_FILE_HEX_OUTPUT, " ; %8.8X", Offset); + LsDumpAsciiInComment (ASL_FILE_HEX_OUTPUT, LineLength, FileData); + FlPrintFile (ASL_FILE_HEX_OUTPUT, "\n"); + + Offset += LineLength; } FlPrintFile (ASL_FILE_HEX_OUTPUT, "\n"); Modified: vendor-sys/acpica/dist/compiler/aslmain.c ============================================================================== --- vendor-sys/acpica/dist/compiler/aslmain.c Wed Apr 28 19:42:20 2010 (r207339) +++ vendor-sys/acpica/dist/compiler/aslmain.c Wed Apr 28 21:50:57 2010 (r207340) @@ -167,7 +167,7 @@ AslDoResponseFile ( #define ASL_TOKEN_SEPARATORS " \t\n" -#define ASL_SUPPORTED_OPTIONS "@:2b:cd^e:fgh^i^I:l^o:p:r:s:t:v:w:x:" +#define ASL_SUPPORTED_OPTIONS "@:2b:c:d^e:fgh^i^I:l^no:p:r:s:t:v:w:x:" /******************************************************************************* @@ -203,13 +203,14 @@ Options ( printf ("\nAML Output Files:\n"); printf (" -s Create AML in assembler or C source file (*.asm or *.c)\n"); printf (" -i Create assembler or C include file (*.inc or *.h)\n"); - printf (" -t Create AML in assembler or C hex table (*.hex)\n"); + printf (" -t Create AML in assembler, C, or ASL hex table (*.hex)\n"); printf ("\nAML Code Generation:\n"); printf (" -oa Disable all optimizations (compatibility mode)\n"); printf (" -of Disable constant folding\n"); printf (" -oi Disable integer optimization to Zero/One/Ones\n"); printf (" -on Disable named reference string optimization\n"); + printf (" -cr Disable Resource Descriptor error checking\n"); printf (" -r Override table header Revision (1-255)\n"); printf ("\nListings:\n"); @@ -264,7 +265,7 @@ HelpMessage ( printf (" -b Create compiler debug/trace file (*.txt)\n"); printf (" Types: Parse/Tree/Both\n"); printf (" -f Ignore errors, force creation of AML output file(s)\n"); - printf (" -c Parse only, no output generation\n"); + printf (" -n Parse only, no output generation\n"); printf (" -ot Display compile times\n"); printf (" -x Set debug level for trace output\n"); } @@ -507,10 +508,16 @@ AslDoOptions ( case 'c': + switch (AcpiGbl_Optarg[0]) + { + case 'r': + Gbl_NoResourceChecking = TRUE; + break; - /* Parse only */ - - Gbl_ParseOnlyFlag = TRUE; + default: + printf ("Unknown option: -c%s\n", AcpiGbl_Optarg); + return (-1); + } break; @@ -688,6 +695,14 @@ AslDoOptions ( break; + case 'n': + + /* Parse only */ + + Gbl_ParseOnlyFlag = TRUE; + break; + + case 'p': /* Override default AML output filename */ @@ -741,6 +756,10 @@ AslDoOptions ( Gbl_HexOutputFlag = HEX_OUTPUT_C; break; + case 's': + Gbl_HexOutputFlag = HEX_OUTPUT_ASL; + break; + default: printf ("Unknown option: -t%s\n", AcpiGbl_Optarg); return (-1); Modified: vendor-sys/acpica/dist/compiler/aslpredef.c ============================================================================== --- vendor-sys/acpica/dist/compiler/aslpredef.c Wed Apr 28 19:42:20 2010 (r207339) +++ vendor-sys/acpica/dist/compiler/aslpredef.c Wed Apr 28 21:50:57 2010 (r207340) @@ -243,11 +243,11 @@ ApCheckForPredefinedMethod ( break; - case ACPI_EVENT_RESERVED_NAME: /* _Lxx, _Exx, and _Qxx methods */ + case ACPI_EVENT_RESERVED_NAME: /* _Lxx/_Exx/_Wxx/_Qxx methods */ Gbl_ReservedMethods++; - /* NumArguments must be zero for all _Lxx, _Exx, and _Qxx methods */ + /* NumArguments must be zero for all _Lxx/_Exx/_Wxx/_Qxx methods */ if (MethodInfo->NumArguments != 0) { @@ -346,12 +346,12 @@ ApCheckPredefinedReturnValue ( case ACPI_NOT_RESERVED_NAME: /* No underscore or _Txx or _xxx name not matched */ case ACPI_PREDEFINED_NAME: /* Resource Name or reserved scope name */ case ACPI_COMPILER_RESERVED_NAME: /* A _Txx that was not emitted by compiler */ - case ACPI_EVENT_RESERVED_NAME: /* _Lxx, _Exx, and _Qxx methods */ + case ACPI_EVENT_RESERVED_NAME: /* _Lxx/_Exx/_Wxx/_Qxx methods */ /* Just return, nothing to do */ return; - default: /* a real predefined ACPI name */ + default: /* A standard predefined ACPI name */ /* Exit if no return value expected */ @@ -425,29 +425,59 @@ ApCheckForPredefinedObject ( * or a predefined scope name */ Index = ApCheckForPredefinedName (Op, Name); - if (Index > ACPI_VALID_RESERVED_NAME_MAX) + + switch (Index) { + case ACPI_NOT_RESERVED_NAME: /* No underscore or _Txx or _xxx name not matched */ + case ACPI_PREDEFINED_NAME: /* Resource Name or reserved scope name */ + case ACPI_COMPILER_RESERVED_NAME: /* A _Txx that was not emitted by compiler */ + + /* Nothing to do */ return; - } - /* - * We found a matching predefind name. - * Check if this predefined name requires input arguments - */ - if (PredefinedNames[Index].Info.ParamCount > 0) - { + case ACPI_EVENT_RESERVED_NAME: /* _Lxx/_Exx/_Wxx/_Qxx methods */ + /* - * This predefined name must always be defined as a control - * method because it is required to have input arguments. + * These names must be control methods, by definition in ACPI spec. + * Also because they are defined to return no value. None of them + * require any arguments. */ AslError (ASL_ERROR, ASL_MSG_RESERVED_METHOD, Op, - "with arguments"); - } + "with zero arguments"); + return; - /* Typecheck the actual object, it is the next argument */ + default: /* A standard predefined ACPI name */ - ApCheckObjectType (Op->Asl.Child->Asl.Next, - PredefinedNames[Index].Info.ExpectedBtypes); + /* + * If this predefined name requires input arguments, then + * it must be implemented as a control method + */ + if (PredefinedNames[Index].Info.ParamCount > 0) + { + AslError (ASL_ERROR, ASL_MSG_RESERVED_METHOD, Op, + "with arguments"); + return; + } + + /* + * If no return value is expected from this predefined name, then + * it follows that it must be implemented as a control method + * (with zero args, because the args > 0 case was handled above) + * Examples are: _DIS, _INI, _IRC, _OFF, _ON, _PSx + */ + if (!PredefinedNames[Index].Info.ExpectedBtypes) + { + AslError (ASL_ERROR, ASL_MSG_RESERVED_METHOD, Op, + "with zero arguments"); + return; + } + + /* Typecheck the actual object, it is the next argument */ + + ApCheckObjectType (Op->Asl.Child->Asl.Next, + PredefinedNames[Index].Info.ExpectedBtypes); + return; + } } @@ -514,7 +544,7 @@ ApCheckForPredefinedName ( } } - /* Check for _Lxx, _Exx, _Qxx, _T_x. Warning if unknown predefined name */ + /* Check for _Lxx/_Exx/_Wxx/_Qxx/_T_x. Warning if unknown predefined name */ return (ApCheckForSpecialName (Op, Name)); } @@ -530,7 +560,7 @@ ApCheckForPredefinedName ( * RETURN: None * * DESCRIPTION: Check for the "special" predefined names - - * _Lxx, _Exx, _Qxx, and _T_x + * _Lxx, _Exx, _Qxx, _Wxx, and _T_x * ******************************************************************************/ @@ -541,14 +571,16 @@ ApCheckForSpecialName ( { /* - * Check for the "special" predefined names. We know the first char is an - * underscore already. + * Check for the "special" predefined names. We already know that the + * first character is an underscore. * GPE: _Lxx * GPE: _Exx + * GPE: _Wxx * EC: _Qxx */ if ((Name[1] == 'L') || (Name[1] == 'E') || + (Name[1] == 'W') || (Name[1] == 'Q')) { /* The next two characters must be hex digits */ Modified: vendor-sys/acpica/dist/compiler/aslresource.c ============================================================================== --- vendor-sys/acpica/dist/compiler/aslresource.c Wed Apr 28 19:42:20 2010 (r207339) +++ vendor-sys/acpica/dist/compiler/aslresource.c Wed Apr 28 21:50:57 2010 (r207340) @@ -1,7 +1,7 @@ /****************************************************************************** * - * Module Name: aslresource - Resource templates and descriptors + * Module Name: aslresource - Resource template/descriptor utilities * *****************************************************************************/ @@ -126,6 +126,298 @@ *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-src-vendor@FreeBSD.ORG Wed Apr 28 21:51:54 2010 Return-Path: Delivered-To: svn-src-vendor@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 25233106566C; Wed, 28 Apr 2010 21:51:54 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id EF0AB8FC17; Wed, 28 Apr 2010 21:51:53 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id o3SLprKp056487; Wed, 28 Apr 2010 21:51:53 GMT (envelope-from jkim@svn.freebsd.org) Received: (from jkim@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id o3SLprfO056486; Wed, 28 Apr 2010 21:51:53 GMT (envelope-from jkim@svn.freebsd.org) Message-Id: <201004282151.o3SLprfO056486@svn.freebsd.org> From: Jung-uk Kim Date: Wed, 28 Apr 2010 21:51:53 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org X-SVN-Group: vendor-sys MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r207341 - vendor-sys/acpica/20100428 X-BeenThere: svn-src-vendor@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the vendor work area tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2010 21:51:54 -0000 Author: jkim Date: Wed Apr 28 21:51:53 2010 New Revision: 207341 URL: http://svn.freebsd.org/changeset/base/207341 Log: Tag ACPICA 20100428. Added: vendor-sys/acpica/20100428/ - copied from r207340, vendor-sys/acpica/dist/