Date: Thu, 7 Jan 2016 20:54:00 +0000 (UTC) From: Gleb Smirnoff <glebius@FreeBSD.org> To: src-committers@freebsd.org, svn-src-user@freebsd.org Subject: svn commit: r293363 - user/cperciva/freebsd-update-build/patches/10.1-RELEASE Message-ID: <201601072054.u07Ks0UD041422@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: glebius Date: Thu Jan 7 20:53:59 2016 New Revision: 293363 URL: https://svnweb.freebsd.org/changeset/base/293363 Log: Add missing files for 10.1-RELEASE. Added: user/cperciva/freebsd-update-build/patches/10.1-RELEASE/13-EN-15:08.sendmail user/cperciva/freebsd-update-build/patches/10.1-RELEASE/14-EN-15:08.sendmail user/cperciva/freebsd-update-build/patches/10.1-RELEASE/14-EN-15:09.xlocale user/cperciva/freebsd-update-build/patches/10.1-RELEASE/14-EN-15:10.iconv user/cperciva/freebsd-update-build/patches/10.1-RELEASE/15-SA-15:13.tcp user/cperciva/freebsd-update-build/patches/10.1-RELEASE/16-SA-15:14.tcp user/cperciva/freebsd-update-build/patches/10.1-RELEASE/16-SA-15:15.bsdpatch user/cperciva/freebsd-update-build/patches/10.1-RELEASE/16-SA-15:16.openssh user/cperciva/freebsd-update-build/patches/10.1-RELEASE/17-SA-15:18.bsdpatch user/cperciva/freebsd-update-build/patches/10.1-RELEASE/17-SA-15:19.routed user/cperciva/freebsd-update-build/patches/10.1-RELEASE/18-SA-15:20.expat user/cperciva/freebsd-update-build/patches/10.1-RELEASE/19-EN-15:14.ixgbe user/cperciva/freebsd-update-build/patches/10.1-RELEASE/19-EN-15:15.pkg user/cperciva/freebsd-update-build/patches/10.1-RELEASE/19-SA-15:21.amd64 user/cperciva/freebsd-update-build/patches/10.1-RELEASE/19-SA-15:22.openssh user/cperciva/freebsd-update-build/patches/10.1-RELEASE/20-EN-15:18.pkg user/cperciva/freebsd-update-build/patches/10.1-RELEASE/21-SA-15:24.rpcbind user/cperciva/freebsd-update-build/patches/10.1-RELEASE/22-SA-15:24.rpcbind user/cperciva/freebsd-update-build/patches/10.1-RELEASE/23-SA-15:25.ntp user/cperciva/freebsd-update-build/patches/10.1-RELEASE/24-EN-15:19.ntp user/cperciva/freebsd-update-build/patches/10.1-RELEASE/24-EN-15:20.vm user/cperciva/freebsd-update-build/patches/10.1-RELEASE/24-EN-15:21.kqueue user/cperciva/freebsd-update-build/patches/10.1-RELEASE/25-SA-15:26.openssl Added: user/cperciva/freebsd-update-build/patches/10.1-RELEASE/13-EN-15:08.sendmail ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/10.1-RELEASE/13-EN-15:08.sendmail Thu Jan 7 20:53:59 2016 (r293363) @@ -0,0 +1,24 @@ +Index: contrib/sendmail/src/tls.c +=================================================================== +--- contrib/sendmail/src/tls.c ++++ contrib/sendmail/src/tls.c +@@ -650,7 +650,7 @@ + ** 1024 generate 1024 bit parameters + ** 2048 generate 2048 bit parameters + ** /file/name read parameters from /file/name +- ** default is: 1024 for server, 512 for client (OK? XXX) ++ ** default is: 1024 + */ + + if (bitset(TLS_I_TRY_DH, req)) +@@ -676,8 +676,8 @@ + } + if (dhparam == NULL) + { +- dhparam = srv ? "1" : "5"; +- req |= (srv ? TLS_I_DH1024 : TLS_I_DH512); ++ dhparam = "1"; ++ req |= TLS_I_DH1024; + } + else if (*dhparam == '/') + { Added: user/cperciva/freebsd-update-build/patches/10.1-RELEASE/14-EN-15:08.sendmail ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/10.1-RELEASE/14-EN-15:08.sendmail Thu Jan 7 20:53:59 2016 (r293363) @@ -0,0 +1,13 @@ +Index: contrib/sendmail/src/sendmail.h +=================================================================== +--- contrib/sendmail/src/sendmail.h (revision 284940) ++++ contrib/sendmail/src/sendmail.h (working copy) +@@ -1935,7 +1935,7 @@ struct termescape + + /* server requirements */ + #define TLS_I_SRV (TLS_I_SRV_CERT | TLS_I_RSA_TMP | TLS_I_VRFY_PATH | \ +- TLS_I_VRFY_LOC | TLS_I_TRY_DH | TLS_I_DH512 | \ ++ TLS_I_VRFY_LOC | TLS_I_TRY_DH | TLS_I_DH1024 | \ + TLS_I_CACHE) + + /* client requirements */ Added: user/cperciva/freebsd-update-build/patches/10.1-RELEASE/14-EN-15:09.xlocale ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/10.1-RELEASE/14-EN-15:09.xlocale Thu Jan 7 20:53:59 2016 (r293363) @@ -0,0 +1,58 @@ +Index: lib/libc/locale/setrunelocale.c +=================================================================== +--- lib/libc/locale/setrunelocale.c (revision 284940) ++++ lib/libc/locale/setrunelocale.c (working copy) +@@ -202,6 +202,8 @@ __set_thread_rune_locale(locale_t loc) + + if (loc == NULL) { + _ThreadRuneLocale = &_DefaultRuneLocale; ++ } else if (loc == LC_GLOBAL_LOCALE) { ++ _ThreadRuneLocale = 0; + } else { + _ThreadRuneLocale = XLOCALE_CTYPE(loc)->runes; + } +Index: lib/libc/locale/xlocale.c +=================================================================== +--- lib/libc/locale/xlocale.c (revision 284940) ++++ lib/libc/locale/xlocale.c (working copy) +@@ -154,23 +154,24 @@ __get_locale(void) + static void + set_thread_locale(locale_t loc) + { ++ locale_t l = (loc == LC_GLOBAL_LOCALE) ? 0 : loc; + + _once(&once_control, init_key); + +- if (NULL != loc) { +- xlocale_retain((struct xlocale_refcounted*)loc); ++ if (NULL != l) { ++ xlocale_retain((struct xlocale_refcounted*)l); + } + locale_t old = pthread_getspecific(locale_info_key); +- if ((NULL != old) && (loc != old)) { ++ if ((NULL != old) && (l != old)) { + xlocale_release((struct xlocale_refcounted*)old); + } + if (fake_tls) { +- thread_local_locale = loc; ++ thread_local_locale = l; + } else { +- pthread_setspecific(locale_info_key, loc); ++ pthread_setspecific(locale_info_key, l); + } + #ifndef __NO_TLS +- __thread_locale = loc; ++ __thread_locale = l; + __set_thread_rune_locale(loc); + #endif + } +@@ -361,9 +362,6 @@ locale_t uselocale(locale_t loc) + { + locale_t old = get_thread_locale(); + if (NULL != loc) { +- if (LC_GLOBAL_LOCALE == loc) { +- loc = NULL; +- } + set_thread_locale(loc); + } + return (old ? old : LC_GLOBAL_LOCALE); Added: user/cperciva/freebsd-update-build/patches/10.1-RELEASE/14-EN-15:10.iconv ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/10.1-RELEASE/14-EN-15:10.iconv Thu Jan 7 20:53:59 2016 (r293363) @@ -0,0 +1,107 @@ +Index: lib/libiconv_modules/UTF7/citrus_utf7.c +=================================================================== +--- lib/libiconv_modules/UTF7/citrus_utf7.c (revision 284940) ++++ lib/libiconv_modules/UTF7/citrus_utf7.c (working copy) +@@ -62,8 +62,7 @@ typedef struct { + unsigned int + mode: 1, /* whether base64 mode */ + bits: 4, /* need to hold 0 - 15 */ +- cache: 22, /* 22 = BASE64_BIT + UTF16_BIT */ +- surrogate: 1; /* whether surrogate pair or not */ ++ cache: 22; /* 22 = BASE64_BIT + UTF16_BIT */ + int chlen; + char ch[4]; /* BASE64_IN, 3 * 6 = 18, most closed to UTF16_BIT */ + } _UTF7State; +@@ -154,12 +153,11 @@ _citrus_UTF7_mbtoutf16(_UTF7EncodingInfo * __restr + uint16_t * __restrict u16, const char ** __restrict s, size_t n, + _UTF7State * __restrict psenc, size_t * __restrict nresult) + { +- _UTF7State sv; + const char *s0; + int done, i, len; + ++ *nresult = 0; + s0 = *s; +- sv = *psenc; + + for (i = 0, done = 0; done == 0; i++) { + if (i == psenc->chlen) { +@@ -166,9 +164,6 @@ _citrus_UTF7_mbtoutf16(_UTF7EncodingInfo * __restr + if (n-- < 1) { + *nresult = (size_t)-2; + *s = s0; +- sv.chlen = psenc->chlen; +- memcpy(sv.ch, psenc->ch, sizeof(sv.ch)); +- *psenc = sv; + return (0); + } + psenc->ch[psenc->chlen++] = *s0++; +@@ -257,34 +252,31 @@ _citrus_UTF7_mbrtowc_priv(_UTF7EncodingInfo * __re + *nresult = (size_t)_ENCODING_IS_STATE_DEPENDENT; + return (0); + } +- if (psenc->surrogate) { +- hi = (psenc->cache >> psenc->bits) & UTF16_MAX; +- if (hi < HISRG_MIN || hi > HISRG_MAX) +- return (EINVAL); +- siz = 0; +- } else { +- err = _citrus_UTF7_mbtoutf16(ei, &hi, s, n, psenc, &nr); +- if (nr == (size_t)-1 || nr == (size_t)-2) { +- *nresult = nr; +- return (err); +- } +- if (err != 0) +- return (err); +- n -= nr; +- siz = nr; +- if (hi < HISRG_MIN || hi > HISRG_MAX) { +- u32 = (uint32_t)hi; +- goto done; +- } +- psenc->surrogate = 1; ++ err = _citrus_UTF7_mbtoutf16(ei, &hi, s, n, psenc, &nr); ++ if (nr == (size_t)-1 || nr == (size_t)-2) { ++ *nresult = nr; ++ return (err); + } ++ if (err != 0) ++ return (err); ++ n -= nr; ++ siz = nr; ++ if (hi < HISRG_MIN || hi > HISRG_MAX) { ++ u32 = (uint32_t)hi; ++ goto done; ++ } + err = _citrus_UTF7_mbtoutf16(ei, &lo, s, n, psenc, &nr); + if (nr == (size_t)-1 || nr == (size_t)-2) { ++ psenc->chlen = 1; /* make get_state_desc return incomplete */ + *nresult = nr; + return (err); + } + if (err != 0) + return (err); ++ if (lo < LOSRG_MIN || lo > LOSRG_MAX) { ++ *nresult = (size_t)-1; ++ return (EILSEQ); ++ } + hi -= HISRG_MIN; + lo -= LOSRG_MIN; + u32 = (hi << 10 | lo) + SRG_BASE; +@@ -297,7 +289,6 @@ done: + _citrus_UTF7_init_state(ei, psenc); + } else { + *nresult = siz; +- psenc->surrogate = 0; + } + return (err); + } +@@ -396,7 +387,7 @@ _citrus_UTF7_put_state_reset(_UTF7EncodingInfo * _ + { + int bits, pos; + +- if (psenc->chlen != 0 || psenc->bits > BASE64_BIT || psenc->surrogate) ++ if (psenc->chlen != 0 || psenc->bits > BASE64_BIT) + return (EINVAL); + + if (psenc->mode) { Added: user/cperciva/freebsd-update-build/patches/10.1-RELEASE/15-SA-15:13.tcp ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/10.1-RELEASE/15-SA-15:13.tcp Thu Jan 7 20:53:59 2016 (r293363) @@ -0,0 +1,31 @@ +Index: sys/netinet/tcp_output.c +=================================================================== +--- sys/netinet/tcp_output.c (revision 285435) ++++ sys/netinet/tcp_output.c (working copy) +@@ -400,7 +400,7 @@ after_sack_rexmit: + flags &= ~TH_FIN; + } + +- if (len < 0) { ++ if (len <= 0) { + /* + * If FIN has been sent but not acked, + * but we haven't been called to retransmit, +@@ -410,9 +410,16 @@ after_sack_rexmit: + * to (closed) window, and set the persist timer + * if it isn't already going. If the window didn't + * close completely, just wait for an ACK. ++ * ++ * We also do a general check here to ensure that ++ * we will set the persist timer when we have data ++ * to send, but a 0-byte window. This makes sure ++ * the persist timer is set even if the packet ++ * hits one of the "goto send" lines below. + */ + len = 0; +- if (sendwin == 0) { ++ if ((sendwin == 0) && (TCPS_HAVEESTABLISHED(tp->t_state)) && ++ (off < (int) so->so_snd.sb_cc)) { + tcp_timer_activate(tp, TT_REXMT, 0); + tp->t_rxtshift = 0; + tp->snd_nxt = tp->snd_una; Added: user/cperciva/freebsd-update-build/patches/10.1-RELEASE/16-SA-15:14.tcp ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/10.1-RELEASE/16-SA-15:14.tcp Thu Jan 7 20:53:59 2016 (r293363) @@ -0,0 +1,194 @@ +Index: sys/netinet/tcp_reass.c +=================================================================== +--- sys/netinet/tcp_reass.c (revision 285923) ++++ sys/netinet/tcp_reass.c (working copy) +@@ -79,25 +79,22 @@ static int tcp_reass_sysctl_qsize(SYSCTL_HANDLER_A + static SYSCTL_NODE(_net_inet_tcp, OID_AUTO, reass, CTLFLAG_RW, 0, + "TCP Segment Reassembly Queue"); + +-static VNET_DEFINE(int, tcp_reass_maxseg) = 0; +-#define V_tcp_reass_maxseg VNET(tcp_reass_maxseg) +-SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, maxsegments, CTLFLAG_RDTUN, +- &VNET_NAME(tcp_reass_maxseg), 0, ++static int tcp_reass_maxseg = 0; ++SYSCTL_INT(_net_inet_tcp_reass, OID_AUTO, maxsegments, CTLFLAG_RDTUN, ++ &tcp_reass_maxseg, 0, + "Global maximum number of TCP Segments in Reassembly Queue"); + +-SYSCTL_VNET_PROC(_net_inet_tcp_reass, OID_AUTO, cursegments, ++SYSCTL_PROC(_net_inet_tcp_reass, OID_AUTO, cursegments, + (CTLTYPE_INT | CTLFLAG_RD), NULL, 0, &tcp_reass_sysctl_qsize, "I", + "Global number of TCP Segments currently in Reassembly Queue"); + +-static VNET_DEFINE(int, tcp_reass_overflows) = 0; +-#define V_tcp_reass_overflows VNET(tcp_reass_overflows) +-SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, overflows, ++static int tcp_reass_overflows = 0; ++SYSCTL_INT(_net_inet_tcp_reass, OID_AUTO, overflows, + CTLTYPE_INT | CTLFLAG_RD, +- &VNET_NAME(tcp_reass_overflows), 0, ++ &tcp_reass_overflows, 0, + "Global number of TCP Segment Reassembly Queue Overflows"); + +-static VNET_DEFINE(uma_zone_t, tcp_reass_zone); +-#define V_tcp_reass_zone VNET(tcp_reass_zone) ++static uma_zone_t tcp_reass_zone; + + /* Initialize TCP reassembly queue */ + static void +@@ -105,37 +102,28 @@ tcp_reass_zone_change(void *tag) + { + + /* Set the zone limit and read back the effective value. */ +- V_tcp_reass_maxseg = nmbclusters / 16; +- V_tcp_reass_maxseg = uma_zone_set_max(V_tcp_reass_zone, +- V_tcp_reass_maxseg); ++ tcp_reass_maxseg = nmbclusters / 16; ++ tcp_reass_maxseg = uma_zone_set_max(tcp_reass_zone, ++ tcp_reass_maxseg); + } + + void +-tcp_reass_init(void) ++tcp_reass_global_init(void) + { + +- V_tcp_reass_maxseg = nmbclusters / 16; ++ tcp_reass_maxseg = nmbclusters / 16; + TUNABLE_INT_FETCH("net.inet.tcp.reass.maxsegments", +- &V_tcp_reass_maxseg); +- V_tcp_reass_zone = uma_zcreate("tcpreass", sizeof (struct tseg_qent), ++ &tcp_reass_maxseg); ++ tcp_reass_zone = uma_zcreate("tcpreass", sizeof (struct tseg_qent), + NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE); + /* Set the zone limit and read back the effective value. */ +- V_tcp_reass_maxseg = uma_zone_set_max(V_tcp_reass_zone, +- V_tcp_reass_maxseg); ++ tcp_reass_maxseg = uma_zone_set_max(tcp_reass_zone, ++ tcp_reass_maxseg); + EVENTHANDLER_REGISTER(nmbclusters_change, + tcp_reass_zone_change, NULL, EVENTHANDLER_PRI_ANY); + } + +-#ifdef VIMAGE + void +-tcp_reass_destroy(void) +-{ +- +- uma_zdestroy(V_tcp_reass_zone); +-} +-#endif +- +-void + tcp_reass_flush(struct tcpcb *tp) + { + struct tseg_qent *qe; +@@ -145,7 +133,7 @@ tcp_reass_flush(struct tcpcb *tp) + while ((qe = LIST_FIRST(&tp->t_segq)) != NULL) { + LIST_REMOVE(qe, tqe_q); + m_freem(qe->tqe_m); +- uma_zfree(V_tcp_reass_zone, qe); ++ uma_zfree(tcp_reass_zone, qe); + tp->t_segqlen--; + } + +@@ -159,7 +147,7 @@ tcp_reass_sysctl_qsize(SYSCTL_HANDLER_ARGS) + { + int qsize; + +- qsize = uma_zone_get_cur(V_tcp_reass_zone); ++ qsize = uma_zone_get_cur(tcp_reass_zone); + return (sysctl_handle_int(oidp, &qsize, 0, req)); + } + +@@ -207,7 +195,7 @@ tcp_reass(struct tcpcb *tp, struct tcphdr *th, int + */ + if ((th->th_seq != tp->rcv_nxt || !TCPS_HAVEESTABLISHED(tp->t_state)) && + tp->t_segqlen >= (so->so_rcv.sb_hiwat / tp->t_maxseg) + 1) { +- V_tcp_reass_overflows++; ++ tcp_reass_overflows++; + TCPSTAT_INC(tcps_rcvmemdrop); + m_freem(m); + *tlenp = 0; +@@ -226,7 +214,7 @@ tcp_reass(struct tcpcb *tp, struct tcphdr *th, int + * Use a temporary structure on the stack for the missing segment + * when the zone is exhausted. Otherwise we may get stuck. + */ +- te = uma_zalloc(V_tcp_reass_zone, M_NOWAIT); ++ te = uma_zalloc(tcp_reass_zone, M_NOWAIT); + if (te == NULL) { + if (th->th_seq != tp->rcv_nxt || !TCPS_HAVEESTABLISHED(tp->t_state)) { + TCPSTAT_INC(tcps_rcvmemdrop); +@@ -277,7 +265,7 @@ tcp_reass(struct tcpcb *tp, struct tcphdr *th, int + TCPSTAT_ADD(tcps_rcvdupbyte, *tlenp); + m_freem(m); + if (te != &tqs) +- uma_zfree(V_tcp_reass_zone, te); ++ uma_zfree(tcp_reass_zone, te); + tp->t_segqlen--; + /* + * Try to present any queued data +@@ -314,7 +302,7 @@ tcp_reass(struct tcpcb *tp, struct tcphdr *th, int + nq = LIST_NEXT(q, tqe_q); + LIST_REMOVE(q, tqe_q); + m_freem(q->tqe_m); +- uma_zfree(V_tcp_reass_zone, q); ++ uma_zfree(tcp_reass_zone, q); + tp->t_segqlen--; + q = nq; + } +@@ -353,7 +341,7 @@ present: + else + sbappendstream_locked(&so->so_rcv, q->tqe_m); + if (q != &tqs) +- uma_zfree(V_tcp_reass_zone, q); ++ uma_zfree(tcp_reass_zone, q); + tp->t_segqlen--; + q = nq; + } while (q && q->tqe_th->th_seq == tp->rcv_nxt); +Index: sys/netinet/tcp_subr.c +=================================================================== +--- sys/netinet/tcp_subr.c (revision 285923) ++++ sys/netinet/tcp_subr.c (working copy) +@@ -375,7 +375,6 @@ tcp_init(void) + tcp_tw_init(); + syncache_init(); + tcp_hc_init(); +- tcp_reass_init(); + + TUNABLE_INT_FETCH("net.inet.tcp.sack.enable", &V_tcp_do_sack); + V_sack_hole_zone = uma_zcreate("sackhole", sizeof(struct sackhole), +@@ -385,6 +384,8 @@ tcp_init(void) + if (!IS_DEFAULT_VNET(curvnet)) + return; + ++ tcp_reass_global_init(); ++ + /* XXX virtualize those bellow? */ + tcp_delacktime = TCPTV_DELACK; + tcp_keepinit = TCPTV_KEEP_INIT; +@@ -432,7 +433,6 @@ void + tcp_destroy(void) + { + +- tcp_reass_destroy(); + tcp_hc_destroy(); + syncache_destroy(); + tcp_tw_destroy(); +Index: sys/netinet/tcp_var.h +=================================================================== +--- sys/netinet/tcp_var.h (revision 285923) ++++ sys/netinet/tcp_var.h (working copy) +@@ -666,11 +666,8 @@ char *tcp_log_addrs(struct in_conninfo *, struct t + char *tcp_log_vain(struct in_conninfo *, struct tcphdr *, void *, + const void *); + int tcp_reass(struct tcpcb *, struct tcphdr *, int *, struct mbuf *); +-void tcp_reass_init(void); ++void tcp_reass_global_init(void); + void tcp_reass_flush(struct tcpcb *); +-#ifdef VIMAGE +-void tcp_reass_destroy(void); +-#endif + void tcp_input(struct mbuf *, int); + u_long tcp_maxmtu(struct in_conninfo *, struct tcp_ifcap *); + u_long tcp_maxmtu6(struct in_conninfo *, struct tcp_ifcap *); Added: user/cperciva/freebsd-update-build/patches/10.1-RELEASE/16-SA-15:15.bsdpatch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/10.1-RELEASE/16-SA-15:15.bsdpatch Thu Jan 7 20:53:59 2016 (r293363) @@ -0,0 +1,188 @@ +Index: usr.bin/patch/common.h +=================================================================== +--- usr.bin/patch/common.h (revision 285926) ++++ usr.bin/patch/common.h (working copy) +@@ -43,12 +43,10 @@ + #define LINENUM_MAX LONG_MAX + + #define SCCSPREFIX "s." +-#define GET "get -e %s" +-#define SCCSDIFF "get -p %s | diff - %s >/dev/null" + + #define RCSSUFFIX ",v" +-#define CHECKOUT "co -l %s" +-#define RCSDIFF "rcsdiff %s > /dev/null" ++#define CHECKOUT "/usr/bin/co" ++#define RCSDIFF "/usr/bin/rcsdiff" + + #define ORIGEXT ".orig" + #define REJEXT ".rej" +Index: usr.bin/patch/inp.c +=================================================================== +--- usr.bin/patch/inp.c (revision 285926) ++++ usr.bin/patch/inp.c (working copy) +@@ -31,8 +31,10 @@ + #include <sys/file.h> + #include <sys/stat.h> + #include <sys/mman.h> ++#include <sys/wait.h> + + #include <ctype.h> ++#include <errno.h> + #include <libgen.h> + #include <stddef.h> + #include <stdint.h> +@@ -133,12 +135,14 @@ reallocate_lines(size_t *lines_allocated) + static bool + plan_a(const char *filename) + { +- int ifd, statfailed; ++ int ifd, statfailed, devnull, pstat; + char *p, *s, lbuf[INITLINELEN]; + struct stat filestat; + ptrdiff_t sz; + size_t i; + size_t iline, lines_allocated; ++ pid_t pid; ++ char *argp[4] = {NULL}; + + #ifdef DEBUGGING + if (debug & 8) +@@ -166,13 +170,14 @@ plan_a(const char *filename) + } + if (statfailed && check_only) + fatal("%s not found, -C mode, can't probe further\n", filename); +- /* For nonexistent or read-only files, look for RCS or SCCS versions. */ ++ /* For nonexistent or read-only files, look for RCS versions. */ ++ + if (statfailed || + /* No one can write to it. */ + (filestat.st_mode & 0222) == 0 || + /* I can't write to it. */ + ((filestat.st_mode & 0022) == 0 && filestat.st_uid != getuid())) { +- const char *cs = NULL, *filebase, *filedir; ++ char *filebase, *filedir; + struct stat cstat; + char *tmp_filename1, *tmp_filename2; + +@@ -180,43 +185,26 @@ plan_a(const char *filename) + tmp_filename2 = strdup(filename); + if (tmp_filename1 == NULL || tmp_filename2 == NULL) + fatal("strdupping filename"); ++ + filebase = basename(tmp_filename1); + filedir = dirname(tmp_filename2); + +- /* Leave room in lbuf for the diff command. */ +- s = lbuf + 20; +- + #define try(f, a1, a2, a3) \ +- (snprintf(s, buf_size - 20, f, a1, a2, a3), stat(s, &cstat) == 0) ++ (snprintf(lbuf, sizeof(lbuf), f, a1, a2, a3), stat(lbuf, &cstat) == 0) + +- if (try("%s/RCS/%s%s", filedir, filebase, RCSSUFFIX) || +- try("%s/RCS/%s%s", filedir, filebase, "") || +- try("%s/%s%s", filedir, filebase, RCSSUFFIX)) { +- snprintf(buf, buf_size, CHECKOUT, filename); +- snprintf(lbuf, sizeof lbuf, RCSDIFF, filename); +- cs = "RCS"; +- } else if (try("%s/SCCS/%s%s", filedir, SCCSPREFIX, filebase) || +- try("%s/%s%s", filedir, SCCSPREFIX, filebase)) { +- snprintf(buf, buf_size, GET, s); +- snprintf(lbuf, sizeof lbuf, SCCSDIFF, s, filename); +- cs = "SCCS"; +- } else if (statfailed) +- fatal("can't find %s\n", filename); +- +- free(tmp_filename1); +- free(tmp_filename2); +- + /* + * else we can't write to it but it's not under a version + * control system, so just proceed. + */ +- if (cs) { ++ if (try("%s/RCS/%s%s", filedir, filebase, RCSSUFFIX) || ++ try("%s/RCS/%s%s", filedir, filebase, "") || ++ try("%s/%s%s", filedir, filebase, RCSSUFFIX)) { + if (!statfailed) { + if ((filestat.st_mode & 0222) != 0) + /* The owner can write to it. */ + fatal("file %s seems to be locked " +- "by somebody else under %s\n", +- filename, cs); ++ "by somebody else under RCS\n", ++ filename); + /* + * It might be checked out unlocked. See if + * it's safe to check out the default version +@@ -224,21 +212,59 @@ plan_a(const char *filename) + */ + if (verbose) + say("Comparing file %s to default " +- "%s version...\n", +- filename, cs); +- if (system(lbuf)) ++ "RCS version...\n", filename); ++ ++ switch (pid = fork()) { ++ case -1: ++ fatal("can't fork: %s\n", ++ strerror(errno)); ++ case 0: ++ devnull = open("/dev/null", O_RDONLY); ++ if (devnull == -1) { ++ fatal("can't open /dev/null: %s", ++ strerror(errno)); ++ } ++ (void)dup2(devnull, STDOUT_FILENO); ++ argp[0] = strdup(RCSDIFF); ++ argp[1] = strdup(filename); ++ execv(RCSDIFF, argp); ++ exit(127); ++ } ++ pid = waitpid(pid, &pstat, 0); ++ if (pid == -1 || WEXITSTATUS(pstat) != 0) { + fatal("can't check out file %s: " +- "differs from default %s version\n", +- filename, cs); ++ "differs from default RCS version\n", ++ filename); ++ } + } ++ + if (verbose) +- say("Checking out file %s from %s...\n", +- filename, cs); +- if (system(buf) || stat(filename, &filestat)) +- fatal("can't check out file %s from %s\n", +- filename, cs); ++ say("Checking out file %s from RCS...\n", ++ filename); ++ ++ switch (pid = fork()) { ++ case -1: ++ fatal("can't fork: %s\n", strerror(errno)); ++ case 0: ++ argp[0] = strdup(CHECKOUT); ++ argp[1] = strdup("-l"); ++ argp[2] = strdup(filename); ++ execv(CHECKOUT, argp); ++ exit(127); ++ } ++ pid = waitpid(pid, &pstat, 0); ++ if (pid == -1 || WEXITSTATUS(pstat) != 0 || ++ stat(filename, &filestat)) { ++ fatal("can't check out file %s from RCS\n", ++ filename); ++ } ++ } else if (statfailed) { ++ fatal("can't find %s\n", filename); + } ++ free(tmp_filename1); ++ free(tmp_filename2); + } ++ + filemode = filestat.st_mode; + if (!S_ISREG(filemode)) + fatal("%s is not a normal file--can't patch\n", filename); Added: user/cperciva/freebsd-update-build/patches/10.1-RELEASE/16-SA-15:16.openssh ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/10.1-RELEASE/16-SA-15:16.openssh Thu Jan 7 20:53:59 2016 (r293363) @@ -0,0 +1,90 @@ +Index: crypto/openssh/auth2-chall.c +=================================================================== +--- crypto/openssh/auth2-chall.c (revision 285923) ++++ crypto/openssh/auth2-chall.c (working copy) +@@ -82,6 +82,7 @@ struct KbdintAuthctxt + void *ctxt; + KbdintDevice *device; + u_int nreq; ++ u_int devices_done; + }; + + #ifdef USE_PAM +@@ -168,11 +169,15 @@ kbdint_next_device(Authctxt *authctxt, KbdintAuthc + if (len == 0) + break; + for (i = 0; devices[i]; i++) { +- if (!auth2_method_allowed(authctxt, ++ if ((kbdintctxt->devices_done & (1 << i)) != 0 || ++ !auth2_method_allowed(authctxt, + "keyboard-interactive", devices[i]->name)) + continue; +- if (strncmp(kbdintctxt->devices, devices[i]->name, len) == 0) ++ if (strncmp(kbdintctxt->devices, devices[i]->name, ++ len) == 0) { + kbdintctxt->device = devices[i]; ++ kbdintctxt->devices_done |= 1 << i; ++ } + } + t = kbdintctxt->devices; + kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL; +Index: crypto/openssh/sshconnect.c +=================================================================== +--- crypto/openssh/sshconnect.c (revision 285923) ++++ crypto/openssh/sshconnect.c (working copy) +@@ -1247,29 +1247,39 @@ verify_host_key(char *host, struct sockaddr *hosta + { + int flags = 0; + char *fp; ++ Key *plain = NULL; + + fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); + debug("Server host key: %s %s", key_type(host_key), fp); + free(fp); + +- /* XXX certs are not yet supported for DNS */ +- if (!key_is_cert(host_key) && options.verify_host_key_dns && +- verify_host_key_dns(host, hostaddr, host_key, &flags) == 0) { +- if (flags & DNS_VERIFY_FOUND) { +- +- if (options.verify_host_key_dns == 1 && +- flags & DNS_VERIFY_MATCH && +- flags & DNS_VERIFY_SECURE) +- return 0; +- +- if (flags & DNS_VERIFY_MATCH) { +- matching_host_key_dns = 1; +- } else { +- warn_changed_key(host_key); +- error("Update the SSHFP RR in DNS with the new " +- "host key to get rid of this message."); ++ if (options.verify_host_key_dns) { ++ /* ++ * XXX certs are not yet supported for DNS, so downgrade ++ * them and try the plain key. ++ */ ++ plain = key_from_private(host_key); ++ if (key_is_cert(plain)) ++ key_drop_cert(plain); ++ if (verify_host_key_dns(host, hostaddr, plain, &flags) == 0) { ++ if (flags & DNS_VERIFY_FOUND) { ++ if (options.verify_host_key_dns == 1 && ++ flags & DNS_VERIFY_MATCH && ++ flags & DNS_VERIFY_SECURE) { ++ key_free(plain); ++ return 0; ++ } ++ if (flags & DNS_VERIFY_MATCH) { ++ matching_host_key_dns = 1; ++ } else { ++ warn_changed_key(plain); ++ error("Update the SSHFP RR in DNS " ++ "with the new host key to get rid " ++ "of this message."); ++ } + } + } ++ key_free(plain); + } + + return check_host_key(host, hostaddr, options.port, host_key, RDRW, Added: user/cperciva/freebsd-update-build/patches/10.1-RELEASE/17-SA-15:18.bsdpatch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/10.1-RELEASE/17-SA-15:18.bsdpatch Thu Jan 7 20:53:59 2016 (r293363) @@ -0,0 +1,57 @@ +Index: usr.bin/patch/pathnames.h +=================================================================== +--- usr.bin/patch/pathnames.h (revision 286254) ++++ usr.bin/patch/pathnames.h (working copy) +@@ -9,4 +9,4 @@ + + #include <paths.h> + +-#define _PATH_ED "/bin/ed" ++#define _PATH_RED "/bin/red" +Index: usr.bin/patch/pch.c +=================================================================== +--- usr.bin/patch/pch.c (revision 286254) ++++ usr.bin/patch/pch.c (working copy) +@@ -1,4 +1,3 @@ +- + /*- + * Copyright 1986, Larry Wall + * +@@ -1409,6 +1408,7 @@ do_ed_script(void) + char *t; + off_t beginning_of_this_line; + FILE *pipefp = NULL; ++ int continuation; + + if (!skip_rest_of_patch) { + if (copy_file(filearg[0], TMPOUTNAME) < 0) { +@@ -1415,7 +1415,7 @@ do_ed_script(void) + unlink(TMPOUTNAME); + fatal("can't create temp file %s", TMPOUTNAME); + } +- snprintf(buf, buf_size, "%s%s%s", _PATH_ED, ++ snprintf(buf, buf_size, "%s%s%s", _PATH_RED, + verbose ? " " : " -s ", TMPOUTNAME); + pipefp = popen(buf, "w"); + } +@@ -1433,7 +1433,19 @@ do_ed_script(void) + (*t == 'a' || *t == 'c' || *t == 'd' || *t == 'i' || *t == 's')) { + if (pipefp != NULL) + fputs(buf, pipefp); +- if (*t != 'd') { ++ if (*t == 's') { ++ for (;;) { ++ continuation = 0; ++ t = strchr(buf, '\0') - 1; ++ while (--t >= buf && *t == '\\') ++ continuation = !continuation; ++ if (!continuation || ++ pgets(true) == 0) ++ break; ++ if (pipefp != NULL) ++ fputs(buf, pipefp); ++ } ++ } else if (*t != 'd') { + while (pgets(true)) { + p_input_line++; + if (pipefp != NULL) Added: user/cperciva/freebsd-update-build/patches/10.1-RELEASE/17-SA-15:19.routed ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/10.1-RELEASE/17-SA-15:19.routed Thu Jan 7 20:53:59 2016 (r293363) @@ -0,0 +1,17 @@ +Index: sbin/routed/input.c +=================================================================== +--- sbin/routed/input.c (revision 286262) ++++ sbin/routed/input.c (working copy) +@@ -160,6 +160,12 @@ input(struct sockaddr_in *from, /* received from + + trace_rip("Recv", "from", from, sifp, rip, cc); + ++ if (sifp == 0) { ++ trace_pkt(" discard a request from an indirect router" ++ " (possibly an attack)"); ++ return; ++ } ++ + if (rip->rip_vers == 0) { + msglim(&bad_router, FROM_NADDR, + "RIP version 0, cmd %d, packet received from %s", Added: user/cperciva/freebsd-update-build/patches/10.1-RELEASE/18-SA-15:20.expat ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/10.1-RELEASE/18-SA-15:20.expat Thu Jan 7 20:53:59 2016 (r293363) @@ -0,0 +1,49 @@ +Index: contrib/expat/lib/xmlparse.c +=================================================================== +--- contrib/expat/lib/xmlparse.c (revision 286868) ++++ contrib/expat/lib/xmlparse.c (working copy) +@@ -1678,6 +1678,12 @@ XML_ParseBuffer(XML_Parser parser, int len, int is + void * XMLCALL + XML_GetBuffer(XML_Parser parser, int len) + { ++/* BEGIN MOZILLA CHANGE (sanity check len) */ ++ if (len < 0) { ++ errorCode = XML_ERROR_NO_MEMORY; ++ return NULL; ++ } ++/* END MOZILLA CHANGE */ + switch (ps_parsing) { + case XML_SUSPENDED: + errorCode = XML_ERROR_SUSPENDED; +@@ -1689,8 +1695,13 @@ XML_GetBuffer(XML_Parser parser, int len) + } + + if (len > bufferLim - bufferEnd) { +- /* FIXME avoid integer overflow */ + int neededSize = len + (int)(bufferEnd - bufferPtr); ++/* BEGIN MOZILLA CHANGE (sanity check neededSize) */ ++ if (neededSize < 0) { ++ errorCode = XML_ERROR_NO_MEMORY; ++ return NULL; ++ } ++/* END MOZILLA CHANGE */ + #ifdef XML_CONTEXT_BYTES + int keep = (int)(bufferPtr - buffer); + +@@ -1719,7 +1730,15 @@ XML_GetBuffer(XML_Parser parser, int len) + bufferSize = INIT_BUFFER_SIZE; + do { + bufferSize *= 2; +- } while (bufferSize < neededSize); ++/* BEGIN MOZILLA CHANGE (prevent infinite loop on overflow) */ ++ } while (bufferSize < neededSize && bufferSize > 0); ++/* END MOZILLA CHANGE */ ++/* BEGIN MOZILLA CHANGE (sanity check bufferSize) */ ++ if (bufferSize <= 0) { ++ errorCode = XML_ERROR_NO_MEMORY; ++ return NULL; ++ } ++/* END MOZILLA CHANGE */ + newBuf = (char *)MALLOC(bufferSize); + if (newBuf == 0) { + errorCode = XML_ERROR_NO_MEMORY; Added: user/cperciva/freebsd-update-build/patches/10.1-RELEASE/19-EN-15:14.ixgbe ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/10.1-RELEASE/19-EN-15:14.ixgbe Thu Jan 7 20:53:59 2016 (r293363) @@ -0,0 +1,26 @@ +Index: sys/conf/files +=================================================================== +--- sys/conf/files (revision 286787) ++++ sys/conf/files (working copy) +@@ -1704,7 +1704,7 @@ dev/ixgb/if_ixgb.c optional ixgb + dev/ixgb/ixgb_ee.c optional ixgb + dev/ixgb/ixgb_hw.c optional ixgb + dev/ixgbe/ixgbe.c optional ixgbe inet \ +- compile-with "${NORMAL_C} -I$S/dev/ixgbe -DSMP -DIXGBE_FDIR" ++ compile-with "${NORMAL_C} -I$S/dev/ixgbe -DSMP" + dev/ixgbe/ixv.c optional ixgbe inet \ + compile-with "${NORMAL_C} -I$S/dev/ixgbe" + dev/ixgbe/ixgbe_phy.c optional ixgbe inet \ +Index: sys/modules/ixgbe/Makefile +=================================================================== +--- sys/modules/ixgbe/Makefile (revision 286787) ++++ sys/modules/ixgbe/Makefile (working copy) +@@ -12,7 +12,7 @@ SRCS += ixgbe.c ixv.c + SRCS += ixgbe_common.c ixgbe_api.c ixgbe_phy.c ixgbe_mbx.c ixgbe_vf.c + SRCS += ixgbe_dcb.c ixgbe_dcb_82598.c ixgbe_dcb_82599.c + SRCS += ixgbe_82599.c ixgbe_82598.c ixgbe_x540.c +-CFLAGS+= -I${.CURDIR}/../../dev/ixgbe -DSMP -DIXGBE_FDIR ++CFLAGS+= -I${.CURDIR}/../../dev/ixgbe -DSMP + + .if !defined(KERNBUILDDIR) + .if ${MK_INET_SUPPORT} != "no" Added: user/cperciva/freebsd-update-build/patches/10.1-RELEASE/19-EN-15:15.pkg ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/10.1-RELEASE/19-EN-15:15.pkg Thu Jan 7 20:53:59 2016 (r293363) @@ -0,0 +1,34 @@ +Index: usr.sbin/pkg/pkg.c +=================================================================== +--- usr.sbin/pkg/pkg.c (revision 286787) ++++ usr.sbin/pkg/pkg.c (working copy) +@@ -749,7 +749,13 @@ bootstrap_pkg(bool force) + goto fetchfail; + + if (signature_type != NULL && +- strcasecmp(signature_type, "FINGERPRINTS") == 0) { ++ strcasecmp(signature_type, "NONE") != 0) { ++ if (strcasecmp(signature_type, "FINGERPRINTS") != 0) { ++ warnx("Signature type %s is not supported for " ++ "bootstrapping.", signature_type); ++ goto cleanup; ++ } ++ + snprintf(tmpsig, MAXPATHLEN, "%s/pkg.txz.sig.XXXXXX", + getenv("TMPDIR") ? getenv("TMPDIR") : _PATH_TMP); + snprintf(url, MAXPATHLEN, "%s/Latest/pkg.txz.sig", +@@ -834,7 +840,13 @@ bootstrap_pkg_local(const char *pkgpath, bool forc + return (-1); + } + if (signature_type != NULL && +- strcasecmp(signature_type, "FINGERPRINTS") == 0) { ++ strcasecmp(signature_type, "NONE") != 0) { ++ if (strcasecmp(signature_type, "FINGERPRINTS") != 0) { ++ warnx("Signature type %s is not supported for " ++ "bootstrapping.", signature_type); ++ goto cleanup; ++ } ++ + snprintf(path, sizeof(path), "%s.sig", pkgpath); + + if ((fd_sig = open(path, O_RDONLY)) == -1) { Added: user/cperciva/freebsd-update-build/patches/10.1-RELEASE/19-SA-15:21.amd64 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/10.1-RELEASE/19-SA-15:21.amd64 Thu Jan 7 20:53:59 2016 (r293363) @@ -0,0 +1,53 @@ +Index: sys/amd64/amd64/exception.S +=================================================================== +--- sys/amd64/amd64/exception.S (revision 286969) ++++ sys/amd64/amd64/exception.S (working copy) +@@ -154,9 +154,13 @@ IDTVEC(xmm) + IDTVEC(tss) + TRAP_ERR(T_TSSFLT) + IDTVEC(missing) +- TRAP_ERR(T_SEGNPFLT) ++ subq $TF_ERR,%rsp ++ movl $T_SEGNPFLT,TF_TRAPNO(%rsp) ++ jmp prot_addrf + IDTVEC(stk) +- TRAP_ERR(T_STKFLT) ++ subq $TF_ERR,%rsp ++ movl $T_STKFLT,TF_TRAPNO(%rsp) ++ jmp prot_addrf + IDTVEC(align) + TRAP_ERR(T_ALIGNFLT) + +@@ -319,6 +323,7 @@ IDTVEC(page) + IDTVEC(prot) + subq $TF_ERR,%rsp + movl $T_PROTFLT,TF_TRAPNO(%rsp) ++prot_addrf: + movq $0,TF_ADDR(%rsp) + movq %rdi,TF_RDI(%rsp) /* free up a GP register */ + leaq doreti_iret(%rip),%rdi +Index: sys/amd64/amd64/machdep.c +=================================================================== +--- sys/amd64/amd64/machdep.c (revision 286969) ++++ sys/amd64/amd64/machdep.c (working copy) +@@ -428,6 +428,7 @@ sendsig(sig_t catcher, ksiginfo_t *ksi, sigset_t * + regs->tf_rflags &= ~(PSL_T | PSL_D); + regs->tf_cs = _ucodesel; + regs->tf_ds = _udatasel; ++ regs->tf_ss = _udatasel; + regs->tf_es = _udatasel; + regs->tf_fs = _ufssel; + regs->tf_gs = _ugssel; +Index: sys/amd64/amd64/trap.c +=================================================================== +--- sys/amd64/amd64/trap.c (revision 286969) ++++ sys/amd64/amd64/trap.c (working copy) +@@ -473,8 +473,6 @@ trap(struct trapframe *frame) + goto out; + + case T_STKFLT: /* stack fault */ +- break; +- + case T_PROTFLT: /* general protection fault */ + case T_SEGNPFLT: /* segment not present fault */ + if (td->td_intr_nesting_level != 0) Added: user/cperciva/freebsd-update-build/patches/10.1-RELEASE/19-SA-15:22.openssh ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/10.1-RELEASE/19-SA-15:22.openssh Thu Jan 7 20:53:59 2016 (r293363) @@ -0,0 +1,68 @@ +Index: crypto/openssh/monitor.c +=================================================================== +--- crypto/openssh/monitor.c (revision 286787) ++++ crypto/openssh/monitor.c (working copy) +@@ -1027,9 +1027,7 @@ extern KbdintDevice sshpam_device; + int + mm_answer_pam_init_ctx(int sock, Buffer *m) + { +- + debug3("%s", __func__); +- authctxt->user = buffer_get_string(m, NULL); + sshpam_ctxt = (sshpam_device.init_ctx)(authctxt); + sshpam_authok = NULL; + buffer_clear(m); *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201601072054.u07Ks0UD041422>