CVS commit: src/sys/kern
Module Name:src Committed By: ad Date: Mon Oct 2 21:50:18 UTC 2023 Modified Files: src/sys/kern: vfs_cache.c Log Message: Tweak a couple of comments. To generate a diff of this commit: cvs rdiff -u -r1.155 -r1.156 src/sys/kern/vfs_cache.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/vfs_cache.c diff -u src/sys/kern/vfs_cache.c:1.155 src/sys/kern/vfs_cache.c:1.156 --- src/sys/kern/vfs_cache.c:1.155 Sat Sep 9 18:27:59 2023 +++ src/sys/kern/vfs_cache.c Mon Oct 2 21:50:18 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: vfs_cache.c,v 1.155 2023/09/09 18:27:59 ad Exp $ */ +/* $NetBSD: vfs_cache.c,v 1.156 2023/10/02 21:50:18 ad Exp $ */ /*- * Copyright (c) 2008, 2019, 2020, 2023 The NetBSD Foundation, Inc. @@ -164,11 +164,11 @@ * held. See definition of "struct namecache" in src/sys/namei.src, * and the definition of "struct vnode" for the particulars. * - * Per-CPU statistics, and LRU list totals are read unlocked, since - * an approximate value is OK. We maintain 32-bit sized per-CPU - * counters and 64-bit global counters under the theory that 32-bit - * sized counters are less likely to be hosed by nonatomic increment - * (on 32-bit platforms). + * Per-CPU statistics, and LRU list totals are read unlocked, since an + * approximate value is OK. We maintain 32-bit sized per-CPU counters + * and 64-bit global counters since 32-bit sized counters can be + * observed locklessly while the global counters are protected by a + * mutex. * * The lock order is: * @@ -182,7 +182,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: vfs_cache.c,v 1.155 2023/09/09 18:27:59 ad Exp $"); +__KERNEL_RCSID(0, "$NetBSD: vfs_cache.c,v 1.156 2023/10/02 21:50:18 ad Exp $"); #define __NAMECACHE_PRIVATE #ifdef _KERNEL_OPT @@ -437,8 +437,8 @@ cache_lookup_entry(struct vnode *dvp, co /* * Search the RB tree for the key. This is an inlined lookup - * tailored for exactly what's needed here (64-bit key and so on) - * that is quite a bit faster than using rb_tree_find_node(). + * tailored for exactly what's needed here that turns out to be + * quite a bit faster than using rb_tree_find_node(). * * For a matching key memcmp() needs to be called once to confirm * that the correct name has been found. Very rarely there will be
CVS commit: src/sys/kern
Module Name:src Committed By: ad Date: Mon Oct 2 21:50:18 UTC 2023 Modified Files: src/sys/kern: vfs_cache.c Log Message: Tweak a couple of comments. To generate a diff of this commit: cvs rdiff -u -r1.155 -r1.156 src/sys/kern/vfs_cache.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/kern
Module Name:src Committed By: ad Date: Mon Oct 2 21:03:55 UTC 2023 Modified Files: src/sys/kern: kern_mutex_obj.c kern_rwlock_obj.c Log Message: Use kmem_intr_*() variants for lock objects since aiodoned was done away with and we process these I/Os in soft interrupt context now. To generate a diff of this commit: cvs rdiff -u -r1.14 -r1.15 src/sys/kern/kern_mutex_obj.c cvs rdiff -u -r1.12 -r1.13 src/sys/kern/kern_rwlock_obj.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/kern
Module Name:src
Committed By: ad
Date: Mon Oct 2 21:03:55 UTC 2023
Modified Files:
src/sys/kern: kern_mutex_obj.c kern_rwlock_obj.c
Log Message:
Use kmem_intr_*() variants for lock objects since aiodoned was done away
with and we process these I/Os in soft interrupt context now.
To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 src/sys/kern/kern_mutex_obj.c
cvs rdiff -u -r1.12 -r1.13 src/sys/kern/kern_rwlock_obj.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/kern/kern_mutex_obj.c
diff -u src/sys/kern/kern_mutex_obj.c:1.14 src/sys/kern/kern_mutex_obj.c:1.15
--- src/sys/kern/kern_mutex_obj.c:1.14 Sat Sep 23 18:21:11 2023
+++ src/sys/kern/kern_mutex_obj.c Mon Oct 2 21:03:55 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_mutex_obj.c,v 1.14 2023/09/23 18:21:11 ad Exp $ */
+/* $NetBSD: kern_mutex_obj.c,v 1.15 2023/10/02 21:03:55 ad Exp $ */
/*-
* Copyright (c) 2008, 2019, 2023 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: kern_mutex_obj.c,v 1.14 2023/09/23 18:21:11 ad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_mutex_obj.c,v 1.15 2023/10/02 21:03:55 ad Exp $");
#include
#include
@@ -57,7 +57,7 @@ mutex_obj_alloc(kmutex_type_t type, int
{
struct kmutexobj *mo;
- mo = kmem_alloc(sizeof(*mo), KM_SLEEP);
+ mo = kmem_intr_alloc(sizeof(*mo), KM_SLEEP);
KASSERT(ALIGNED_POINTER(mo, coherency_unit));
_mutex_init(>mo_lock, type, ipl,
(uintptr_t)__builtin_return_address(0));
@@ -77,7 +77,7 @@ mutex_obj_tryalloc(kmutex_type_t type, i
{
struct kmutexobj *mo;
- mo = kmem_alloc(sizeof(*mo), KM_NOSLEEP);
+ mo = kmem_intr_alloc(sizeof(*mo), KM_NOSLEEP);
KASSERT(ALIGNED_POINTER(mo, coherency_unit));
if (__predict_true(mo != NULL)) {
_mutex_init(>mo_lock, type, ipl,
@@ -134,7 +134,7 @@ mutex_obj_free(kmutex_t *lock)
}
membar_acquire();
mutex_destroy(>mo_lock);
- kmem_free(mo, sizeof(*mo));
+ kmem_intr_free(mo, sizeof(*mo));
return true;
}
Index: src/sys/kern/kern_rwlock_obj.c
diff -u src/sys/kern/kern_rwlock_obj.c:1.12 src/sys/kern/kern_rwlock_obj.c:1.13
--- src/sys/kern/kern_rwlock_obj.c:1.12 Sat Sep 23 18:21:11 2023
+++ src/sys/kern/kern_rwlock_obj.c Mon Oct 2 21:03:55 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_rwlock_obj.c,v 1.12 2023/09/23 18:21:11 ad Exp $ */
+/* $NetBSD: kern_rwlock_obj.c,v 1.13 2023/10/02 21:03:55 ad Exp $ */
/*-
* Copyright (c) 2008, 2009, 2019, 2023 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: kern_rwlock_obj.c,v 1.12 2023/09/23 18:21:11 ad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_rwlock_obj.c,v 1.13 2023/10/02 21:03:55 ad Exp $");
#include
#include
@@ -57,7 +57,7 @@ rw_obj_alloc(void)
{
struct krwobj *ro;
- ro = kmem_alloc(sizeof(*ro), KM_SLEEP);
+ ro = kmem_intr_alloc(sizeof(*ro), KM_SLEEP);
KASSERT(ALIGNED_POINTER(ro, coherency_unit));
_rw_init(>ro_lock, (uintptr_t)__builtin_return_address(0));
ro->ro_magic = RW_OBJ_MAGIC;
@@ -76,7 +76,7 @@ rw_obj_tryalloc(void)
{
struct krwobj *ro;
- ro = kmem_alloc(sizeof(*ro), KM_NOSLEEP);
+ ro = kmem_intr_alloc(sizeof(*ro), KM_NOSLEEP);
KASSERT(ALIGNED_POINTER(ro, coherency_unit));
if (__predict_true(ro != NULL)) {
_rw_init(>ro_lock, (uintptr_t)__builtin_return_address(0));
@@ -124,7 +124,7 @@ rw_obj_free(krwlock_t *lock)
}
membar_acquire();
rw_destroy(>ro_lock);
- kmem_free(ro, sizeof(*ro));
+ kmem_intr_free(ro, sizeof(*ro));
return true;
}
CVS commit: src/sys/kern
Module Name:src Committed By: ad Date: Mon Oct 2 20:59:12 UTC 2023 Modified Files: src/sys/kern: kern_auth.c Log Message: kauth_cred_groupmember(): check egid before a tedious scan of groups. To generate a diff of this commit: cvs rdiff -u -r1.82 -r1.83 src/sys/kern/kern_auth.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/kern_auth.c diff -u src/sys/kern/kern_auth.c:1.82 src/sys/kern/kern_auth.c:1.83 --- src/sys/kern/kern_auth.c:1.82 Fri Feb 24 11:02:27 2023 +++ src/sys/kern/kern_auth.c Mon Oct 2 20:59:12 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_auth.c,v 1.82 2023/02/24 11:02:27 riastradh Exp $ */ +/* $NetBSD: kern_auth.c,v 1.83 2023/10/02 20:59:12 ad Exp $ */ /*- * Copyright (c) 2005, 2006 Elad Efrat @@ -28,7 +28,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: kern_auth.c,v 1.82 2023/02/24 11:02:27 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kern_auth.c,v 1.83 2023/10/02 20:59:12 ad Exp $"); #include #include @@ -409,14 +409,14 @@ kauth_cred_groupmember(kauth_cred_t cred KASSERT(cred != NOCRED); KASSERT(cred != FSCRED); + if (kauth_cred_getegid(cred) == gid) + return 0; + error = kauth_cred_ismember_gid(cred, gid, ); if (error) return error; - if (kauth_cred_getegid(cred) == gid || ismember) - return 0; - - return -1; + return ismember ? 0 : -1; } u_int
CVS commit: src/sys/kern
Module Name:src Committed By: ad Date: Mon Oct 2 20:59:12 UTC 2023 Modified Files: src/sys/kern: kern_auth.c Log Message: kauth_cred_groupmember(): check egid before a tedious scan of groups. To generate a diff of this commit: cvs rdiff -u -r1.82 -r1.83 src/sys/kern/kern_auth.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] src/doc
Module Name:src Committed By: martin Date: Mon Oct 2 17:41:04 UTC 2023 Modified Files: src/doc [netbsd-8]: CHANGES-8.3 Log Message: Tickets #1898 and #1899 To generate a diff of this commit: cvs rdiff -u -r1.1.2.198 -r1.1.2.199 src/doc/CHANGES-8.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-8.3 diff -u src/doc/CHANGES-8.3:1.1.2.198 src/doc/CHANGES-8.3:1.1.2.199 --- src/doc/CHANGES-8.3:1.1.2.198 Fri Sep 15 15:45:19 2023 +++ src/doc/CHANGES-8.3 Mon Oct 2 17:41:04 2023 @@ -1,4 +1,4 @@ - $NetBSD: CHANGES-8.3,v 1.1.2.198 2023/09/15 15:45:19 martin Exp $ + $NetBSD: CHANGES-8.3,v 1.1.2.199 2023/10/02 17:41:04 martin Exp $ A complete list of changes from the NetBSD 8.2 release to the NetBSD 8.3 release: @@ -3882,3 +3882,14 @@ sys/arch/i386/stand/efiboot/eficpufunc.h efiboot/x86: add serial console support via raw I/O port access. [rin, ticket #1897] +lib/libpam/modules/pam_krb5/pam_krb5.c 1.32 + + pam_krb5: PR lib/57631: fix double-free and use of uninitialized + memory. + [riastradh, ticket #1898] + +share/examples/wpa_supplicant/wpa_supplicant.conf 1.4 + + wpa_supplicant.conf: fix connection string for Eduroam example config. + [gutteridge, ticket #1899] +
CVS commit: [netbsd-8] src/doc
Module Name:src Committed By: martin Date: Mon Oct 2 17:41:04 UTC 2023 Modified Files: src/doc [netbsd-8]: CHANGES-8.3 Log Message: Tickets #1898 and #1899 To generate a diff of this commit: cvs rdiff -u -r1.1.2.198 -r1.1.2.199 src/doc/CHANGES-8.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/doc
Module Name:src Committed By: martin Date: Mon Oct 2 17:40:28 UTC 2023 Modified Files: src/doc [netbsd-9]: CHANGES-9.4 Log Message: Tickets #1734 - #1743 To generate a diff of this commit: cvs rdiff -u -r1.1.2.103 -r1.1.2.104 src/doc/CHANGES-9.4 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-9.4 diff -u src/doc/CHANGES-9.4:1.1.2.103 src/doc/CHANGES-9.4:1.1.2.104 --- src/doc/CHANGES-9.4:1.1.2.103 Mon Sep 18 19:01:14 2023 +++ src/doc/CHANGES-9.4 Mon Oct 2 17:40:28 2023 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-9.4,v 1.1.2.103 2023/09/18 19:01:14 martin Exp $ +# $NetBSD: CHANGES-9.4,v 1.1.2.104 2023/10/02 17:40:28 martin Exp $ A complete list of changes from the NetBSD 9.3 release to the NetBSD 9.4 release: @@ -2142,3 +2142,58 @@ sys/dev/raidframe/rf_netbsdkintf.c 1.41 is in progress. [oster, ticket #1733] +lib/libpam/modules/pam_krb5/pam_krb5.c 1.32 + + pam_krb5: PR lib/57631: fix double-free and use of uninitialized + memory. + [riastradh, ticket #1734] + +external/cddl/osnet/sys/kern/kmem.c 1.4 + + solaris: PR 57558: use pool_cache_reclaim, not pool_cache_invalidate. + [riastradh, ticket #1735] + +share/examples/wpa_supplicant/wpa_supplicant.conf 1.4 + + wpa_supplicant.conf: fix connection string for Eduroam example config. + [gutteridge, ticket #1736] + +libexec/ftpd/extern.h1.65 +libexec/ftpd/ftpd.c1.205 + + ftpd(8): increase some buffer sizes. + [lukem, ticket #1737] + +libexec/ftpd/ftpd.c1.206 + + ftpd(8): improve error handling to fix CVE-2020-7468. + [lukem, ticket #1738] + +libexec/ftpd/ftpd.c1.207 +libexec/ftpd/version.h1.78 + + ftpd(8): improve seteuid error handling. + [lukem, ticket #1739] + +libexec/ftpd/ftpcmd.y1.95 + + ftpd(8): fix MLSD/MLST auth checks. + [lukem, ticket #1740] + +libexec/ftpd/conf.c1.65 + + ftpd(8): fix uninitialized memory usage in count_users(). + [lukem, ticket #1741] + +libexec/ftpd/ftpd.c1.208 + + ftpd(8): use correct sockaddr in PAM auth. + [lukem, ticket #1742] + +libexec/ftpd/version.h1.80 + + ftp: update version to "NetBSD-ftpd 20230930" for changes: + - fix uninitialized memory usage in count_users() + - fix pam_set_item call with proper struct passed as PAM_SOCKADDR + [lukem, ticket #1743] +
CVS commit: [netbsd-9] src/doc
Module Name:src Committed By: martin Date: Mon Oct 2 17:40:28 UTC 2023 Modified Files: src/doc [netbsd-9]: CHANGES-9.4 Log Message: Tickets #1734 - #1743 To generate a diff of this commit: cvs rdiff -u -r1.1.2.103 -r1.1.2.104 src/doc/CHANGES-9.4 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-10] src/doc
Module Name:src Committed By: martin Date: Mon Oct 2 17:39:38 UTC 2023 Modified Files: src/doc [netbsd-10]: CHANGES-10.0 Log Message: Tickets #378 - #391 To generate a diff of this commit: cvs rdiff -u -r1.1.2.126 -r1.1.2.127 src/doc/CHANGES-10.0 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-10.0 diff -u src/doc/CHANGES-10.0:1.1.2.126 src/doc/CHANGES-10.0:1.1.2.127 --- src/doc/CHANGES-10.0:1.1.2.126 Thu Sep 21 13:23:45 2023 +++ src/doc/CHANGES-10.0 Mon Oct 2 17:39:38 2023 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-10.0,v 1.1.2.126 2023/09/21 13:23:45 martin Exp $ +# $NetBSD: CHANGES-10.0,v 1.1.2.127 2023/10/02 17:39:38 martin Exp $ A complete list of changes from the initial NetBSD 10.0 branch on 2022-12-16 until the 10.0 release: @@ -11954,3 +11954,91 @@ sys/netinet/tcp_output.c 1.219 established connections. [bouyer, ticket #377] +sys/net/if_ipsec.c1.35 +sys/netipsec/key.c1.281 +tests/net/if_ipsec/t_ipsec_unnumbered.sh 1.2 + + ipsec(4): fix key deallocation after previous changes to not + do it from softint context. + ipsecif(4): reduce fixed_reqid space. + [knakahara, ticket #378] + +sys/uvm/uvm_pdaemon.c1.134 + + uvm: fix a theoretical lock order reversal. + [ad, ticket #379] + +lib/libpam/modules/pam_krb5/pam_krb5.c 1.32 + + pam_krb5: PR lib/57631: fix double-free and use of uninitialized + memory. + [riastradh, ticket #380] + +distrib/amd64/liveimage/emuimage/rc.conf.emuimage 1.3 +distrib/evbarm/liveimage/armimage/rc.conf.armimage 1.2 +distrib/sets/lists/etc/mi 1.273 +distrib/utils/embedded/conf/evbarm.conf 1.42 +distrib/utils/embedded/conf/evbmips.conf 1.4 +distrib/utils/embedded/conf/usermode.conf 1.7 +distrib/utils/embedded/conf/x86.conf 1.11 +etc/defaults/rc.conf1.166 +etc/rc.d/Makefile1.118 +etc/rc.d/certctl_init1.1 + + certctl(8): PR 57629: rehash on first boot of prebuilt images. + [riastradh, ticket #381] + +distrib/utils/embedded/files/ec2_init 1.6 + + ec2_init: Suppress error message for nonexistent sysctl. + [riastradh, ticket #382] + +external/cddl/osnet/sys/kern/kmem.c 1.4 + + solaris: PR 57558: use pool_cache_reclaim, not pool_cache_invalidate. + [riastradh, ticket #383] + +share/examples/wpa_supplicant/wpa_supplicant.conf 1.4 + + wpa_supplicant.conf: fix connection string for Eduroam example config. + [gutteridge, ticket #384] + +libexec/ftpd/ftpd.c1.207 +libexec/ftpd/version.h1.78 + + ftpd(8): improve seteuid error handling. + [lukem, ticket #385] + +libexec/ftpd/ftpcmd.y1.95 + + ftpd(8): fix MLSD/MLST auth checks. + [lukem, ticket #386] + +share/examples/ftpd/ftpusers 1.4 + + ftp: documentation improvements. + [lukem, ticket #387] + +libexec/ftpd/conf.c1.65 + + ftpd(8): fix uninitialized memory usage in count_users(). + [lukem, ticket #388] + +libexec/ftpd/ftpd.c1.208 + + ftpd(8): use correct sockaddr in PAM auth. + [lukem, ticket #389] + +libexec/ftpd/version.h1.80 + + ftp: update version to "NetBSD-ftpd 20230930" for changes: + - fix uninitialized memory usage in count_users() + - fix pam_set_item call with proper struct passed as PAM_SOCKADDR + [lukem, ticket #390] + +external/bsd/jemalloc/lib/Makefile 1.5 +external/bsd/jemalloc/lib/jemalloc_stub.c 1.2-1.4 + + libjemalloc: Compile in empty jemalloc_stub.c for HAVE_JEMALLOC=100. + [rin, ticket #391] +
CVS commit: [netbsd-10] src/doc
Module Name:src Committed By: martin Date: Mon Oct 2 17:39:38 UTC 2023 Modified Files: src/doc [netbsd-10]: CHANGES-10.0 Log Message: Tickets #378 - #391 To generate a diff of this commit: cvs rdiff -u -r1.1.2.126 -r1.1.2.127 src/doc/CHANGES-10.0 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-10] src/external/bsd/jemalloc/lib
Module Name:src
Committed By: martin
Date: Mon Oct 2 17:38:23 UTC 2023
Modified Files:
src/external/bsd/jemalloc/lib [netbsd-10]: Makefile jemalloc_stub.c
Log Message:
Pull up following revision(s) (requested by rin in ticket #391):
external/bsd/jemalloc/lib/jemalloc_stub.c: revision 1.2
external/bsd/jemalloc/lib/jemalloc_stub.c: revision 1.3
external/bsd/jemalloc/lib/jemalloc_stub.c: revision 1.4
external/bsd/jemalloc/lib/Makefile: revision 1.5
libjemalloc: Compile in empty jemalloc_stub.c for HAVE_JEMALLOC=100
Fix strange parallel build failures observed on vax and sun2, which
should be due to empty SRCS.
No functional changes as library itself.
jemalloc_stub.c: Provide stubs for HAVE_JEMALLOC > 100
Instead of HAVE_JEMALLOC != 100. Just for sure.
jemalloc_stub.c: Forgot to update comment. No binary changes.
To generate a diff of this commit:
cvs rdiff -u -r1.3.12.1 -r1.3.12.2 src/external/bsd/jemalloc/lib/Makefile
cvs rdiff -u -r1.1 -r1.1.12.1 src/external/bsd/jemalloc/lib/jemalloc_stub.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/jemalloc/lib/Makefile
diff -u src/external/bsd/jemalloc/lib/Makefile:1.3.12.1 src/external/bsd/jemalloc/lib/Makefile:1.3.12.2
--- src/external/bsd/jemalloc/lib/Makefile:1.3.12.1 Fri Jul 14 08:33:25 2023
+++ src/external/bsd/jemalloc/lib/Makefile Mon Oct 2 17:38:23 2023
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.3.12.1 2023/07/14 08:33:25 martin Exp $
+# $NetBSD: Makefile,v 1.3.12.2 2023/10/02 17:38:23 martin Exp $
WARNS?= 5
.include
@@ -6,8 +6,7 @@ WARNS?= 5
LIB=jemalloc
# The symbols from the stub only exist in newer jemalloc.
-.if ${HAVE_JEMALLOC:U0} != 100
-SRCS=jemalloc_stub.c
-.endif
+CPPFLAGS+= -DHAVE_JEMALLOC=${HAVE_JEMALLOC:U0}
+SRCS= jemalloc_stub.c
.include
Index: src/external/bsd/jemalloc/lib/jemalloc_stub.c
diff -u src/external/bsd/jemalloc/lib/jemalloc_stub.c:1.1 src/external/bsd/jemalloc/lib/jemalloc_stub.c:1.1.12.1
--- src/external/bsd/jemalloc/lib/jemalloc_stub.c:1.1 Tue Mar 12 15:13:25 2019
+++ src/external/bsd/jemalloc/lib/jemalloc_stub.c Mon Oct 2 17:38:23 2023
@@ -26,6 +26,8 @@
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
+
+#if HAVE_JEMALLOC > 100
#include
void *__je_mallocx(size_t, int);
@@ -139,3 +141,4 @@ void malloc_conf_set(const char *m)
{
__je_malloc_conf_set(m);
}
+#endif /* HAVE_JEMALLOC > 100 */
CVS commit: [netbsd-10] src/external/bsd/jemalloc/lib
Module Name:src Committed By: martin Date: Mon Oct 2 17:38:23 UTC 2023 Modified Files: src/external/bsd/jemalloc/lib [netbsd-10]: Makefile jemalloc_stub.c Log Message: Pull up following revision(s) (requested by rin in ticket #391): external/bsd/jemalloc/lib/jemalloc_stub.c: revision 1.2 external/bsd/jemalloc/lib/jemalloc_stub.c: revision 1.3 external/bsd/jemalloc/lib/jemalloc_stub.c: revision 1.4 external/bsd/jemalloc/lib/Makefile: revision 1.5 libjemalloc: Compile in empty jemalloc_stub.c for HAVE_JEMALLOC=100 Fix strange parallel build failures observed on vax and sun2, which should be due to empty SRCS. No functional changes as library itself. jemalloc_stub.c: Provide stubs for HAVE_JEMALLOC > 100 Instead of HAVE_JEMALLOC != 100. Just for sure. jemalloc_stub.c: Forgot to update comment. No binary changes. To generate a diff of this commit: cvs rdiff -u -r1.3.12.1 -r1.3.12.2 src/external/bsd/jemalloc/lib/Makefile cvs rdiff -u -r1.1 -r1.1.12.1 src/external/bsd/jemalloc/lib/jemalloc_stub.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/libexec/ftpd
Module Name:src Committed By: martin Date: Mon Oct 2 17:31:39 UTC 2023 Modified Files: src/libexec/ftpd [netbsd-9]: version.h Log Message: Pull up following revision(s) (requested by lukem in ticket #1743): libexec/ftpd/version.h: revision 1.80 NetBSD-ftpd 20230930 Update version to "NetBSD-ftpd 20230930" for changes: - fix uninitialized memory usage in count_users() - fix pam_set_item call with proper struct passed as PAM_SOCKADDR To generate a diff of this commit: cvs rdiff -u -r1.76.2.1 -r1.76.2.2 src/libexec/ftpd/version.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/ftpd/version.h diff -u src/libexec/ftpd/version.h:1.76.2.1 src/libexec/ftpd/version.h:1.76.2.2 --- src/libexec/ftpd/version.h:1.76.2.1 Mon Oct 2 17:13:33 2023 +++ src/libexec/ftpd/version.h Mon Oct 2 17:31:39 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: version.h,v 1.76.2.1 2023/10/02 17:13:33 martin Exp $ */ +/* $NetBSD: version.h,v 1.76.2.2 2023/10/02 17:31:39 martin Exp $ */ /*- * Copyright (c) 1999-2023 The NetBSD Foundation, Inc. * All rights reserved. @@ -29,5 +29,5 @@ */ #ifndef FTPD_VERSION -#define FTPD_VERSION "NetBSD-ftpd 20230902" +#define FTPD_VERSION "NetBSD-ftpd 20230930" #endif
CVS commit: [netbsd-9] src/libexec/ftpd
Module Name:src Committed By: martin Date: Mon Oct 2 17:31:39 UTC 2023 Modified Files: src/libexec/ftpd [netbsd-9]: version.h Log Message: Pull up following revision(s) (requested by lukem in ticket #1743): libexec/ftpd/version.h: revision 1.80 NetBSD-ftpd 20230930 Update version to "NetBSD-ftpd 20230930" for changes: - fix uninitialized memory usage in count_users() - fix pam_set_item call with proper struct passed as PAM_SOCKADDR To generate a diff of this commit: cvs rdiff -u -r1.76.2.1 -r1.76.2.2 src/libexec/ftpd/version.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-10] src/libexec/ftpd
Module Name:src Committed By: martin Date: Mon Oct 2 17:28:58 UTC 2023 Modified Files: src/libexec/ftpd [netbsd-10]: version.h Log Message: Pull up following revision(s) (requested by lukem in ticket #390): libexec/ftpd/version.h: revision 1.80 NetBSD-ftpd 20230930 Update version to "NetBSD-ftpd 20230930" for changes: - fix uninitialized memory usage in count_users() - fix pam_set_item call with proper struct passed as PAM_SOCKADDR To generate a diff of this commit: cvs rdiff -u -r1.77.6.1 -r1.77.6.2 src/libexec/ftpd/version.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/ftpd/version.h diff -u src/libexec/ftpd/version.h:1.77.6.1 src/libexec/ftpd/version.h:1.77.6.2 --- src/libexec/ftpd/version.h:1.77.6.1 Mon Oct 2 13:45:42 2023 +++ src/libexec/ftpd/version.h Mon Oct 2 17:28:58 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: version.h,v 1.77.6.1 2023/10/02 13:45:42 martin Exp $ */ +/* $NetBSD: version.h,v 1.77.6.2 2023/10/02 17:28:58 martin Exp $ */ /*- * Copyright (c) 1999-2023 The NetBSD Foundation, Inc. * All rights reserved. @@ -29,5 +29,5 @@ */ #ifndef FTPD_VERSION -#define FTPD_VERSION "NetBSD-ftpd 20230902" +#define FTPD_VERSION "NetBSD-ftpd 20230930" #endif
CVS commit: [netbsd-10] src/libexec/ftpd
Module Name:src Committed By: martin Date: Mon Oct 2 17:28:58 UTC 2023 Modified Files: src/libexec/ftpd [netbsd-10]: version.h Log Message: Pull up following revision(s) (requested by lukem in ticket #390): libexec/ftpd/version.h: revision 1.80 NetBSD-ftpd 20230930 Update version to "NetBSD-ftpd 20230930" for changes: - fix uninitialized memory usage in count_users() - fix pam_set_item call with proper struct passed as PAM_SOCKADDR To generate a diff of this commit: cvs rdiff -u -r1.77.6.1 -r1.77.6.2 src/libexec/ftpd/version.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/libexec/ftpd
Module Name:src
Committed By: martin
Date: Mon Oct 2 17:25:55 UTC 2023
Modified Files:
src/libexec/ftpd [netbsd-9]: ftpd.c
Log Message:
Pull up following revision(s) (requested by lukem in ticket #1742):
libexec/ftpd/ftpd.c: revision 1.208
pam_set_item PAM_SOCKADDR expects sockaddr_storage structure
Instead, internal struct sockinet was used. Because it's length is shorter
than sockaddr_storage, libpam was copying also memory outside of sockinet
struct.
To generate a diff of this commit:
cvs rdiff -u -r1.204.4.3 -r1.204.4.4 src/libexec/ftpd/ftpd.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/libexec/ftpd/ftpd.c
diff -u src/libexec/ftpd/ftpd.c:1.204.4.3 src/libexec/ftpd/ftpd.c:1.204.4.4
--- src/libexec/ftpd/ftpd.c:1.204.4.3 Mon Oct 2 17:13:33 2023
+++ src/libexec/ftpd/ftpd.c Mon Oct 2 17:25:54 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: ftpd.c,v 1.204.4.3 2023/10/02 17:13:33 martin Exp $ */
+/* $NetBSD: ftpd.c,v 1.204.4.4 2023/10/02 17:25:54 martin Exp $ */
/*
* Copyright (c) 1997-2023 The NetBSD Foundation, Inc.
@@ -97,7 +97,7 @@ __COPYRIGHT("@(#) Copyright (c) 1985, 19
#if 0
static char sccsid[] = "@(#)ftpd.c 8.5 (Berkeley) 4/28/95";
#else
-__RCSID("$NetBSD: ftpd.c,v 1.204.4.3 2023/10/02 17:13:33 martin Exp $");
+__RCSID("$NetBSD: ftpd.c,v 1.204.4.4 2023/10/02 17:25:54 martin Exp $");
#endif
#endif /* not lint */
@@ -3896,6 +3896,7 @@ auth_pam(void)
int e;
ftpd_cred_t auth_cred = { curname, 0 };
struct pam_conv conv = { _conv, _cred };
+ struct sockaddr_storage ss;
e = pam_start("ftpd", curname, , );
if (e != PAM_SUCCESS) {
@@ -3918,7 +3919,9 @@ auth_pam(void)
return -1;
}
- e = pam_set_item(pamh, PAM_SOCKADDR, _addr);
+ memset(, 0, sizeof(ss));
+ memcpy(, _addr.si_su, his_addr.su_len);
+ e = pam_set_item(pamh, PAM_SOCKADDR, );
if (e != PAM_SUCCESS) {
syslog(LOG_ERR, "pam_set_item(PAM_SOCKADDR): %s",
pam_strerror(pamh, e));
CVS commit: [netbsd-9] src/libexec/ftpd
Module Name:src Committed By: martin Date: Mon Oct 2 17:25:55 UTC 2023 Modified Files: src/libexec/ftpd [netbsd-9]: ftpd.c Log Message: Pull up following revision(s) (requested by lukem in ticket #1742): libexec/ftpd/ftpd.c: revision 1.208 pam_set_item PAM_SOCKADDR expects sockaddr_storage structure Instead, internal struct sockinet was used. Because it's length is shorter than sockaddr_storage, libpam was copying also memory outside of sockinet struct. To generate a diff of this commit: cvs rdiff -u -r1.204.4.3 -r1.204.4.4 src/libexec/ftpd/ftpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-10] src/libexec/ftpd
Module Name:src
Committed By: martin
Date: Mon Oct 2 17:24:44 UTC 2023
Modified Files:
src/libexec/ftpd [netbsd-10]: ftpd.c
Log Message:
Pull up following revision(s) (requested by lukem in ticket #389):
libexec/ftpd/ftpd.c: revision 1.208
pam_set_item PAM_SOCKADDR expects sockaddr_storage structure
Instead, internal struct sockinet was used. Because it's length is shorter
than sockaddr_storage, libpam was copying also memory outside of sockinet
struct.
To generate a diff of this commit:
cvs rdiff -u -r1.206.2.1 -r1.206.2.2 src/libexec/ftpd/ftpd.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/libexec/ftpd/ftpd.c
diff -u src/libexec/ftpd/ftpd.c:1.206.2.1 src/libexec/ftpd/ftpd.c:1.206.2.2
--- src/libexec/ftpd/ftpd.c:1.206.2.1 Mon Oct 2 13:45:42 2023
+++ src/libexec/ftpd/ftpd.c Mon Oct 2 17:24:44 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: ftpd.c,v 1.206.2.1 2023/10/02 13:45:42 martin Exp $ */
+/* $NetBSD: ftpd.c,v 1.206.2.2 2023/10/02 17:24:44 martin Exp $ */
/*
* Copyright (c) 1997-2023 The NetBSD Foundation, Inc.
@@ -97,7 +97,7 @@ __COPYRIGHT("@(#) Copyright (c) 1985, 19
#if 0
static char sccsid[] = "@(#)ftpd.c 8.5 (Berkeley) 4/28/95";
#else
-__RCSID("$NetBSD: ftpd.c,v 1.206.2.1 2023/10/02 13:45:42 martin Exp $");
+__RCSID("$NetBSD: ftpd.c,v 1.206.2.2 2023/10/02 17:24:44 martin Exp $");
#endif
#endif /* not lint */
@@ -3896,6 +3896,7 @@ auth_pam(void)
int e;
ftpd_cred_t auth_cred = { curname, 0 };
struct pam_conv conv = { _conv, _cred };
+ struct sockaddr_storage ss;
e = pam_start("ftpd", curname, , );
if (e != PAM_SUCCESS) {
@@ -3918,7 +3919,9 @@ auth_pam(void)
return -1;
}
- e = pam_set_item(pamh, PAM_SOCKADDR, _addr);
+ memset(, 0, sizeof(ss));
+ memcpy(, _addr.si_su, his_addr.su_len);
+ e = pam_set_item(pamh, PAM_SOCKADDR, );
if (e != PAM_SUCCESS) {
syslog(LOG_ERR, "pam_set_item(PAM_SOCKADDR): %s",
pam_strerror(pamh, e));
CVS commit: [netbsd-10] src/libexec/ftpd
Module Name:src Committed By: martin Date: Mon Oct 2 17:24:44 UTC 2023 Modified Files: src/libexec/ftpd [netbsd-10]: ftpd.c Log Message: Pull up following revision(s) (requested by lukem in ticket #389): libexec/ftpd/ftpd.c: revision 1.208 pam_set_item PAM_SOCKADDR expects sockaddr_storage structure Instead, internal struct sockinet was used. Because it's length is shorter than sockaddr_storage, libpam was copying also memory outside of sockinet struct. To generate a diff of this commit: cvs rdiff -u -r1.206.2.1 -r1.206.2.2 src/libexec/ftpd/ftpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/libexec/ftpd
Module Name:src
Committed By: martin
Date: Mon Oct 2 17:22:10 UTC 2023
Modified Files:
src/libexec/ftpd [netbsd-9]: conf.c
Log Message:
Pull up following revision(s) (requested by lukem in ticket #1741):
libexec/ftpd/conf.c: revision 1.65
Fix uninitialized memory usage in count_users()
If the file was previously empty, pids table is not set, the code however used
pids[0] which is uninitialized in this case. In some scenarios it may lead to
propagate garbage value from pids[0] to the file and cause writing outside of
allocated memory.
OK lukem@
To generate a diff of this commit:
cvs rdiff -u -r1.64 -r1.64.32.1 src/libexec/ftpd/conf.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/libexec/ftpd/conf.c
diff -u src/libexec/ftpd/conf.c:1.64 src/libexec/ftpd/conf.c:1.64.32.1
--- src/libexec/ftpd/conf.c:1.64 Sun Nov 4 20:46:46 2012
+++ src/libexec/ftpd/conf.c Mon Oct 2 17:22:10 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: conf.c,v 1.64 2012/11/04 20:46:46 christos Exp $ */
+/* $NetBSD: conf.c,v 1.64.32.1 2023/10/02 17:22:10 martin Exp $ */
/*-
* Copyright (c) 1997-2009 The NetBSD Foundation, Inc.
@@ -31,7 +31,7 @@
#include
#ifndef lint
-__RCSID("$NetBSD: conf.c,v 1.64 2012/11/04 20:46:46 christos Exp $");
+__RCSID("$NetBSD: conf.c,v 1.64.32.1 2023/10/02 17:22:10 martin Exp $");
#endif /* not lint */
#include
@@ -909,7 +909,7 @@ count_users(void)
goto cleanup_count;
if (fstat(fd, ) == -1)
goto cleanup_count;
- if ((pids = malloc(sb.st_size + sizeof(pid_t))) == NULL)
+ if ((pids = calloc(sb.st_size + sizeof(pid_t), 1)) == NULL)
goto cleanup_count;
/* XXX: implement a better read loop */
scount = read(fd, pids, sb.st_size);
CVS commit: [netbsd-9] src/libexec/ftpd
Module Name:src Committed By: martin Date: Mon Oct 2 17:22:10 UTC 2023 Modified Files: src/libexec/ftpd [netbsd-9]: conf.c Log Message: Pull up following revision(s) (requested by lukem in ticket #1741): libexec/ftpd/conf.c: revision 1.65 Fix uninitialized memory usage in count_users() If the file was previously empty, pids table is not set, the code however used pids[0] which is uninitialized in this case. In some scenarios it may lead to propagate garbage value from pids[0] to the file and cause writing outside of allocated memory. OK lukem@ To generate a diff of this commit: cvs rdiff -u -r1.64 -r1.64.32.1 src/libexec/ftpd/conf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-10] src/libexec/ftpd
Module Name:src
Committed By: martin
Date: Mon Oct 2 17:21:07 UTC 2023
Modified Files:
src/libexec/ftpd [netbsd-10]: conf.c
Log Message:
Pull up following revision(s) (requested by lukem in ticket #388):
libexec/ftpd/conf.c: revision 1.65
Fix uninitialized memory usage in count_users()
If the file was previously empty, pids table is not set, the code however used
pids[0] which is uninitialized in this case. In some scenarios it may lead to
propagate garbage value from pids[0] to the file and cause writing outside of
allocated memory.
OK lukem@
To generate a diff of this commit:
cvs rdiff -u -r1.64 -r1.64.40.1 src/libexec/ftpd/conf.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/libexec/ftpd/conf.c
diff -u src/libexec/ftpd/conf.c:1.64 src/libexec/ftpd/conf.c:1.64.40.1
--- src/libexec/ftpd/conf.c:1.64 Sun Nov 4 20:46:46 2012
+++ src/libexec/ftpd/conf.c Mon Oct 2 17:21:07 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: conf.c,v 1.64 2012/11/04 20:46:46 christos Exp $ */
+/* $NetBSD: conf.c,v 1.64.40.1 2023/10/02 17:21:07 martin Exp $ */
/*-
* Copyright (c) 1997-2009 The NetBSD Foundation, Inc.
@@ -31,7 +31,7 @@
#include
#ifndef lint
-__RCSID("$NetBSD: conf.c,v 1.64 2012/11/04 20:46:46 christos Exp $");
+__RCSID("$NetBSD: conf.c,v 1.64.40.1 2023/10/02 17:21:07 martin Exp $");
#endif /* not lint */
#include
@@ -909,7 +909,7 @@ count_users(void)
goto cleanup_count;
if (fstat(fd, ) == -1)
goto cleanup_count;
- if ((pids = malloc(sb.st_size + sizeof(pid_t))) == NULL)
+ if ((pids = calloc(sb.st_size + sizeof(pid_t), 1)) == NULL)
goto cleanup_count;
/* XXX: implement a better read loop */
scount = read(fd, pids, sb.st_size);
CVS commit: [netbsd-10] src/libexec/ftpd
Module Name:src Committed By: martin Date: Mon Oct 2 17:21:07 UTC 2023 Modified Files: src/libexec/ftpd [netbsd-10]: conf.c Log Message: Pull up following revision(s) (requested by lukem in ticket #388): libexec/ftpd/conf.c: revision 1.65 Fix uninitialized memory usage in count_users() If the file was previously empty, pids table is not set, the code however used pids[0] which is uninitialized in this case. In some scenarios it may lead to propagate garbage value from pids[0] to the file and cause writing outside of allocated memory. OK lukem@ To generate a diff of this commit: cvs rdiff -u -r1.64 -r1.64.40.1 src/libexec/ftpd/conf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-10] src/share/examples/ftpd
Module Name:src Committed By: martin Date: Mon Oct 2 17:18:37 UTC 2023 Modified Files: src/share/examples/ftpd [netbsd-10]: ftpusers Log Message: Pull up following revision(s) (requested by lukem in ticket #387): share/examples/ftpd/ftpusers: revision 1.4 ftpusers(5) example: use IP & DNS examples Use .example TLD, per IETF RFC 2606. Use 192.0.2.0/24, per IETF RFC 5737. Use 127.0.0.1/24 for localguest, not network that ftp.NetBSD.org used to be in. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.3.106.1 src/share/examples/ftpd/ftpusers Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/share/examples/ftpd/ftpusers diff -u src/share/examples/ftpd/ftpusers:1.3 src/share/examples/ftpd/ftpusers:1.3.106.1 --- src/share/examples/ftpd/ftpusers:1.3 Sat Jul 26 20:17:31 2003 +++ src/share/examples/ftpd/ftpusers Mon Oct 2 17:18:37 2023 @@ -1,4 +1,4 @@ -# $NetBSD: ftpusers,v 1.3 2003/07/26 20:17:31 salo Exp $ +# $NetBSD: ftpusers,v 1.3.106.1 2023/10/02 17:18:37 martin Exp $ # # example /etc/ftpusers # @@ -6,20 +6,20 @@ # prevent the following from logging in: # - users `root' and `toor' # - members of the group `noftp' -# - connections from 10.0.0.0/8 -# - connections from *.spammer.com +# - connections from 192.0.2.0/24 +# - connections from *.spammer.example # root deny toor deny *:noftp deny -*@10.0.0.0/8 deny -*@*.spammer.com deny +*@192.0.2.0/24 deny +*@*.spammer.example deny -# anonymous ftp connections from *.NetBSD.org and 204.152.186.0/24 go into +# anonymous ftp connections from *.NetBSD.org and 127.0.0.0/8 go into # class `localguest' # ftp@*.NetBSD.org allow localguest -ftp@204.152.186.0/24 allow localguest +ftp@127.0.0.0/8 allow localguest # permit anonymous ftp connections from elsewhere (both entries are required, # for backwards compatibility, although `ftp' is the user checked in other
CVS commit: [netbsd-10] src/share/examples/ftpd
Module Name:src Committed By: martin Date: Mon Oct 2 17:18:37 UTC 2023 Modified Files: src/share/examples/ftpd [netbsd-10]: ftpusers Log Message: Pull up following revision(s) (requested by lukem in ticket #387): share/examples/ftpd/ftpusers: revision 1.4 ftpusers(5) example: use IP & DNS examples Use .example TLD, per IETF RFC 2606. Use 192.0.2.0/24, per IETF RFC 5737. Use 127.0.0.1/24 for localguest, not network that ftp.NetBSD.org used to be in. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.3.106.1 src/share/examples/ftpd/ftpusers Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/libexec/ftpd
Module Name:src
Committed By: martin
Date: Mon Oct 2 17:16:50 UTC 2023
Modified Files:
src/libexec/ftpd [netbsd-9]: ftpcmd.y
Log Message:
Pull up following revision(s) (requested by lukem in ticket #1740):
libexec/ftpd/ftpcmd.y: revision 1.95
Add missing check_login checks for MLST and MLSD
To generate a diff of this commit:
cvs rdiff -u -r1.94 -r1.94.18.1 src/libexec/ftpd/ftpcmd.y
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/libexec/ftpd/ftpcmd.y
diff -u src/libexec/ftpd/ftpcmd.y:1.94 src/libexec/ftpd/ftpcmd.y:1.94.18.1
--- src/libexec/ftpd/ftpcmd.y:1.94 Mon Aug 10 07:45:50 2015
+++ src/libexec/ftpd/ftpcmd.y Mon Oct 2 17:16:50 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: ftpcmd.y,v 1.94 2015/08/10 07:45:50 shm Exp $ */
+/* $NetBSD: ftpcmd.y,v 1.94.18.1 2023/10/02 17:16:50 martin Exp $ */
/*-
* Copyright (c) 1997-2009 The NetBSD Foundation, Inc.
@@ -72,7 +72,7 @@
#if 0
static char sccsid[] = "@(#)ftpcmd.y 8.3 (Berkeley) 4/6/94";
#else
-__RCSID("$NetBSD: ftpcmd.y,v 1.94 2015/08/10 07:45:50 shm Exp $");
+__RCSID("$NetBSD: ftpcmd.y,v 1.94.18.1 2023/10/02 17:16:50 martin Exp $");
#endif
#endif /* not lint */
@@ -855,7 +855,8 @@ cmd
| MLST check_login CRLF
{
- mlst(NULL);
+ if ($2)
+mlst(NULL);
}
| MLSD check_login SP pathname CRLF
@@ -868,7 +869,8 @@ cmd
| MLSD check_login CRLF
{
- mlsd(NULL);
+ if ($2)
+mlsd(NULL);
}
| error CRLF
CVS commit: [netbsd-9] src/libexec/ftpd
Module Name:src Committed By: martin Date: Mon Oct 2 17:16:50 UTC 2023 Modified Files: src/libexec/ftpd [netbsd-9]: ftpcmd.y Log Message: Pull up following revision(s) (requested by lukem in ticket #1740): libexec/ftpd/ftpcmd.y: revision 1.95 Add missing check_login checks for MLST and MLSD To generate a diff of this commit: cvs rdiff -u -r1.94 -r1.94.18.1 src/libexec/ftpd/ftpcmd.y Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-10] src/libexec/ftpd
Module Name:src
Committed By: martin
Date: Mon Oct 2 17:15:34 UTC 2023
Modified Files:
src/libexec/ftpd [netbsd-10]: ftpcmd.y
Log Message:
Pull up following revision(s) (requested by lukem in ticket #386):
libexec/ftpd/ftpcmd.y: revision 1.95
Add missing check_login checks for MLST and MLSD
To generate a diff of this commit:
cvs rdiff -u -r1.94 -r1.94.26.1 src/libexec/ftpd/ftpcmd.y
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/libexec/ftpd/ftpcmd.y
diff -u src/libexec/ftpd/ftpcmd.y:1.94 src/libexec/ftpd/ftpcmd.y:1.94.26.1
--- src/libexec/ftpd/ftpcmd.y:1.94 Mon Aug 10 07:45:50 2015
+++ src/libexec/ftpd/ftpcmd.y Mon Oct 2 17:15:33 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: ftpcmd.y,v 1.94 2015/08/10 07:45:50 shm Exp $ */
+/* $NetBSD: ftpcmd.y,v 1.94.26.1 2023/10/02 17:15:33 martin Exp $ */
/*-
* Copyright (c) 1997-2009 The NetBSD Foundation, Inc.
@@ -72,7 +72,7 @@
#if 0
static char sccsid[] = "@(#)ftpcmd.y 8.3 (Berkeley) 4/6/94";
#else
-__RCSID("$NetBSD: ftpcmd.y,v 1.94 2015/08/10 07:45:50 shm Exp $");
+__RCSID("$NetBSD: ftpcmd.y,v 1.94.26.1 2023/10/02 17:15:33 martin Exp $");
#endif
#endif /* not lint */
@@ -855,7 +855,8 @@ cmd
| MLST check_login CRLF
{
- mlst(NULL);
+ if ($2)
+mlst(NULL);
}
| MLSD check_login SP pathname CRLF
@@ -868,7 +869,8 @@ cmd
| MLSD check_login CRLF
{
- mlsd(NULL);
+ if ($2)
+mlsd(NULL);
}
| error CRLF
CVS commit: [netbsd-10] src/libexec/ftpd
Module Name:src Committed By: martin Date: Mon Oct 2 17:15:34 UTC 2023 Modified Files: src/libexec/ftpd [netbsd-10]: ftpcmd.y Log Message: Pull up following revision(s) (requested by lukem in ticket #386): libexec/ftpd/ftpcmd.y: revision 1.95 Add missing check_login checks for MLST and MLSD To generate a diff of this commit: cvs rdiff -u -r1.94 -r1.94.26.1 src/libexec/ftpd/ftpcmd.y Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/libexec/ftpd
Module Name:src
Committed By: martin
Date: Mon Oct 2 17:13:34 UTC 2023
Modified Files:
src/libexec/ftpd [netbsd-9]: ftpd.c version.h
Log Message:
Pull up following revision(s) (requested by lukem in ticket #1739):
libexec/ftpd/ftpd.c: revision 1.207
libexec/ftpd/version.h: revision 1.78
ftpd: improve seteuid error handling
Handle seteuid() failures. Per suggestion by Simon Josefsson.
Consistent logging and fatal exit if uid/gid switching fails.
Log correct errno if dataconn() fails.
To generate a diff of this commit:
cvs rdiff -u -r1.204.4.2 -r1.204.4.3 src/libexec/ftpd/ftpd.c
cvs rdiff -u -r1.76 -r1.76.2.1 src/libexec/ftpd/version.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/libexec/ftpd/ftpd.c
diff -u src/libexec/ftpd/ftpd.c:1.204.4.2 src/libexec/ftpd/ftpd.c:1.204.4.3
--- src/libexec/ftpd/ftpd.c:1.204.4.2 Mon Oct 2 17:11:21 2023
+++ src/libexec/ftpd/ftpd.c Mon Oct 2 17:13:33 2023
@@ -1,7 +1,7 @@
-/* $NetBSD: ftpd.c,v 1.204.4.2 2023/10/02 17:11:21 martin Exp $ */
+/* $NetBSD: ftpd.c,v 1.204.4.3 2023/10/02 17:13:33 martin Exp $ */
/*
- * Copyright (c) 1997-2009 The NetBSD Foundation, Inc.
+ * Copyright (c) 1997-2023 The NetBSD Foundation, Inc.
* All rights reserved.
*
* This code is derived from software contributed to The NetBSD Foundation
@@ -97,7 +97,7 @@ __COPYRIGHT("@(#) Copyright (c) 1985, 19
#if 0
static char sccsid[] = "@(#)ftpd.c 8.5 (Berkeley) 4/28/95";
#else
-__RCSID("$NetBSD: ftpd.c,v 1.204.4.2 2023/10/02 17:11:21 martin Exp $");
+__RCSID("$NetBSD: ftpd.c,v 1.204.4.3 2023/10/02 17:13:33 martin Exp $");
#endif
#endif /* not lint */
@@ -1300,7 +1300,12 @@ end_login(void)
quietmessages = 0;
gidcount = 0;
curclass.type = CLASS_REAL;
- (void) seteuid((uid_t)0);
+ if (!dropprivs) {
+ if (seteuid((uid_t)0) < 0) {
+ syslog(LOG_NOTICE, "end_login: can't seteuid 0: %m");
+ fatal("Can't reset privileges.");
+ }
+ }
#ifdef LOGIN_CAP
setusercontext(NULL, getpwuid(0), 0,
LOGIN_SETPRIORITY|LOGIN_SETRESOURCES|LOGIN_SETUMASK);
@@ -1441,8 +1446,8 @@ do_pass(int pass_checked, int pass_rval,
login_attempts = 0; /* this time successful */
if (setegid((gid_t)pw->pw_gid) < 0) {
- reply(550, "Can't set gid.");
- goto bad;
+ syslog(LOG_NOTICE, "user %s: can't setegid: %m", pw->pw_name);
+ fatal("Can't drop privileges.");
}
#ifdef LOGIN_CAP
if ((lc = login_getpwclass(pw)) != NULL) {
@@ -1615,17 +1620,17 @@ do_pass(int pass_checked, int pass_rval,
ntohs(ctrl_addr.su_port) > IPPORT_RESERVED + 1)) {
dropprivs++;
if (setgid((gid_t)pw->pw_gid) < 0) {
- reply(550, "Can't set gid.");
- goto bad_perms;
+ syslog(LOG_NOTICE, "user %s: can't setgid: %m", pw->pw_name);
+ fatal("Can't drop privileges.");
}
if (setuid((uid_t)pw->pw_uid) < 0) {
- reply(550, "Can't set uid.");
- goto bad_perms;
+ syslog(LOG_NOTICE, "user %s: can't setuid: %m", pw->pw_name);
+ fatal("Can't drop privileges.");
}
} else {
if (seteuid((uid_t)pw->pw_uid) < 0) {
- reply(550, "Can't set uid.");
- goto bad_perms;
+ syslog(LOG_NOTICE, "user %s: can't seteuid: %m", pw->pw_name);
+ fatal("Can't drop privileges.");
}
}
setenv("HOME", homedir, 1);
@@ -1684,11 +1689,6 @@ do_pass(int pass_checked, int pass_rval,
#endif
/* Forget all about it... */
end_login();
- return;
-
-bad_perms:
- syslog(LOG_NOTICE, "user %s: can't setuid/gid: %m", pw->pw_name);
- fatal("Can't drop privileges.");
}
void
@@ -1924,8 +1924,12 @@ getdatasock(const char *fmode)
on = 1;
if (data >= 0)
return (fdopen(data, fmode));
- if (! dropprivs)
- (void) seteuid((uid_t)0);
+ if (! dropprivs) {
+ if (seteuid((uid_t)0) < 0) {
+ syslog(LOG_NOTICE, "getdatasock: can't seteuid 0: %m");
+ fatal("Can't reset privileges.");
+ }
+ }
s = socket(ctrl_addr.su_family, SOCK_STREAM, 0);
if (s < 0)
goto bad;
@@ -1960,8 +1964,12 @@ getdatasock(const char *fmode)
goto bad;
sleep(tries);
}
- if (! dropprivs)
- (void) seteuid((uid_t)pw->pw_uid);
+ if (! dropprivs) {
+ if (seteuid((uid_t)pw->pw_uid) < 0) {
+ syslog(LOG_NOTICE, "user %s: can't seteuid: %m", pw->pw_name);
+ fatal("Can't drop privileges.");
+ }
+ }
#ifdef IP_TOS
if (!mapped && ctrl_addr.su_family == AF_INET) {
on = IPTOS_THROUGHPUT;
@@ -1974,8 +1982,12 @@ getdatasock(const char *fmode)
bad:
/* Return the real value of errno (close may change it) */
t = errno;
- if (! dropprivs)
- (void) seteuid((uid_t)pw->pw_uid);
+ if (! dropprivs) {
+ if (seteuid((uid_t)pw->pw_uid) < 0) {
+ syslog(LOG_NOTICE, "user %s: can't seteuid: %m", pw->pw_name);
+ fatal("Can't drop privileges.");
+ }
+ }
if (s >= 0)
(void) close(s);
errno = t;
@@ -2048,13 +2060,13 @@ dataconn(const char *name, off_t size, c
if (file == NULL) {
char hbuf[NI_MAXHOST];
char pbuf[NI_MAXSERV];
-
+ conerrno = errno;
if (getnameinfo((struct sockaddr
CVS commit: [netbsd-9] src/libexec/ftpd
Module Name:src Committed By: martin Date: Mon Oct 2 17:13:34 UTC 2023 Modified Files: src/libexec/ftpd [netbsd-9]: ftpd.c version.h Log Message: Pull up following revision(s) (requested by lukem in ticket #1739): libexec/ftpd/ftpd.c: revision 1.207 libexec/ftpd/version.h: revision 1.78 ftpd: improve seteuid error handling Handle seteuid() failures. Per suggestion by Simon Josefsson. Consistent logging and fatal exit if uid/gid switching fails. Log correct errno if dataconn() fails. To generate a diff of this commit: cvs rdiff -u -r1.204.4.2 -r1.204.4.3 src/libexec/ftpd/ftpd.c cvs rdiff -u -r1.76 -r1.76.2.1 src/libexec/ftpd/version.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/libexec/ftpd
Module Name:src
Committed By: martin
Date: Mon Oct 2 17:11:21 UTC 2023
Modified Files:
src/libexec/ftpd [netbsd-9]: ftpd.c
Log Message:
Pull up following revision(s) (requested by lukem in ticket #1738):
libexec/ftpd/ftpd.c: revision 1.206
Treat failed chdir/chroot for guest and chroot accounts as fatal.
Also treat failed set{e,}(u,g}id calls as fatal.
Addresses CVE-2020-7468, via FreeBSD.
To generate a diff of this commit:
cvs rdiff -u -r1.204.4.1 -r1.204.4.2 src/libexec/ftpd/ftpd.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
CVS commit: [netbsd-9] src/libexec/ftpd
Module Name:src
Committed By: martin
Date: Mon Oct 2 17:11:21 UTC 2023
Modified Files:
src/libexec/ftpd [netbsd-9]: ftpd.c
Log Message:
Pull up following revision(s) (requested by lukem in ticket #1738):
libexec/ftpd/ftpd.c: revision 1.206
Treat failed chdir/chroot for guest and chroot accounts as fatal.
Also treat failed set{e,}(u,g}id calls as fatal.
Addresses CVE-2020-7468, via FreeBSD.
To generate a diff of this commit:
cvs rdiff -u -r1.204.4.1 -r1.204.4.2 src/libexec/ftpd/ftpd.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/libexec/ftpd/ftpd.c
diff -u src/libexec/ftpd/ftpd.c:1.204.4.1 src/libexec/ftpd/ftpd.c:1.204.4.2
--- src/libexec/ftpd/ftpd.c:1.204.4.1 Mon Oct 2 17:09:41 2023
+++ src/libexec/ftpd/ftpd.c Mon Oct 2 17:11:21 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: ftpd.c,v 1.204.4.1 2023/10/02 17:09:41 martin Exp $ */
+/* $NetBSD: ftpd.c,v 1.204.4.2 2023/10/02 17:11:21 martin Exp $ */
/*
* Copyright (c) 1997-2009 The NetBSD Foundation, Inc.
@@ -97,7 +97,7 @@ __COPYRIGHT("@(#) Copyright (c) 1985, 19
#if 0
static char sccsid[] = "@(#)ftpd.c 8.5 (Berkeley) 4/28/95";
#else
-__RCSID("$NetBSD: ftpd.c,v 1.204.4.1 2023/10/02 17:09:41 martin Exp $");
+__RCSID("$NetBSD: ftpd.c,v 1.204.4.2 2023/10/02 17:11:21 martin Exp $");
#endif
#endif /* not lint */
@@ -1547,8 +1547,7 @@ do_pass(int pass_checked, int pass_rval,
"GUEST user %s: can't chdir to %s: %m",
pw->pw_name, homedir);
bad_guest:
- reply(550, "Can't set guest privileges.");
- goto bad;
+ fatal("Can't set guest privileges.");
}
break;
case CLASS_CHROOT:
@@ -1571,8 +1570,7 @@ do_pass(int pass_checked, int pass_rval,
"CHROOT user %s: can't chdir to %s: %m",
pw->pw_name, homedir);
bad_chroot:
- reply(550, "Can't change root.");
- goto bad;
+ fatal("Can't change root.");
}
break;
case CLASS_REAL:
@@ -1618,16 +1616,16 @@ do_pass(int pass_checked, int pass_rval,
dropprivs++;
if (setgid((gid_t)pw->pw_gid) < 0) {
reply(550, "Can't set gid.");
- goto bad;
+ goto bad_perms;
}
if (setuid((uid_t)pw->pw_uid) < 0) {
reply(550, "Can't set uid.");
- goto bad;
+ goto bad_perms;
}
} else {
if (seteuid((uid_t)pw->pw_uid) < 0) {
reply(550, "Can't set uid.");
- goto bad;
+ goto bad_perms;
}
}
setenv("HOME", homedir, 1);
@@ -1686,6 +1684,11 @@ do_pass(int pass_checked, int pass_rval,
#endif
/* Forget all about it... */
end_login();
+ return;
+
+bad_perms:
+ syslog(LOG_NOTICE, "user %s: can't setuid/gid: %m", pw->pw_name);
+ fatal("Can't drop privileges.");
}
void
CVS commit: [netbsd-9] src/libexec/ftpd
Module Name:src
Committed By: martin
Date: Mon Oct 2 17:09:42 UTC 2023
Modified Files:
src/libexec/ftpd [netbsd-9]: extern.h ftpd.c
Log Message:
Pull up following revision(s) (requested by lukem in ticket #1737):
libexec/ftpd/extern.h: revision 1.65
libexec/ftpd/ftpd.c: revision 1.205
bump sizes
To generate a diff of this commit:
cvs rdiff -u -r1.64 -r1.64.4.1 src/libexec/ftpd/extern.h
cvs rdiff -u -r1.204 -r1.204.4.1 src/libexec/ftpd/ftpd.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/libexec/ftpd/extern.h
diff -u src/libexec/ftpd/extern.h:1.64 src/libexec/ftpd/extern.h:1.64.4.1
--- src/libexec/ftpd/extern.h:1.64 Sat Jun 23 07:21:00 2018
+++ src/libexec/ftpd/extern.h Mon Oct 2 17:09:41 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: extern.h,v 1.64 2018/06/23 07:21:00 gson Exp $ */
+/* $NetBSD: extern.h,v 1.64.4.1 2023/10/02 17:09:41 martin Exp $ */
/*-
* Copyright (c) 1992, 1993
@@ -330,7 +330,7 @@ GLOBAL char proctitle[BUFSIZ]; /* initi
GLOBAL struct passwd *pw;
GLOBAL int quietmessages;
GLOBAL char remotehost[MAXHOSTNAMELEN+1];
-GLOBAL char remoteloghost[2 * MAXHOSTNAMELEN+1];
+GLOBAL char remoteloghost[2 * MAXHOSTNAMELEN + 4];
GLOBAL off_t restart_point;
GLOBAL char tmpline[FTP_BUFLEN];
GLOBAL int type;
Index: src/libexec/ftpd/ftpd.c
diff -u src/libexec/ftpd/ftpd.c:1.204 src/libexec/ftpd/ftpd.c:1.204.4.1
--- src/libexec/ftpd/ftpd.c:1.204 Sat Apr 28 13:38:00 2018
+++ src/libexec/ftpd/ftpd.c Mon Oct 2 17:09:41 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: ftpd.c,v 1.204 2018/04/28 13:38:00 riastradh Exp $ */
+/* $NetBSD: ftpd.c,v 1.204.4.1 2023/10/02 17:09:41 martin Exp $ */
/*
* Copyright (c) 1997-2009 The NetBSD Foundation, Inc.
@@ -97,7 +97,7 @@ __COPYRIGHT("@(#) Copyright (c) 1985, 19
#if 0
static char sccsid[] = "@(#)ftpd.c 8.5 (Berkeley) 4/28/95";
#else
-__RCSID("$NetBSD: ftpd.c,v 1.204 2018/04/28 13:38:00 riastradh Exp $");
+__RCSID("$NetBSD: ftpd.c,v 1.204.4.1 2023/10/02 17:09:41 martin Exp $");
#endif
#endif /* not lint */
@@ -2863,7 +2863,7 @@ logremotehost(struct sockinet *who)
{
#if defined(HAVE_SOCKADDR_SNPRINTF)
- char abuf[BUFSIZ];
+ char abuf[MAXHOSTNAMELEN];
#endif
struct sockaddr *sa = (struct sockaddr *)>si_su;
CVS commit: [netbsd-9] src/libexec/ftpd
Module Name:src Committed By: martin Date: Mon Oct 2 17:09:42 UTC 2023 Modified Files: src/libexec/ftpd [netbsd-9]: extern.h ftpd.c Log Message: Pull up following revision(s) (requested by lukem in ticket #1737): libexec/ftpd/extern.h: revision 1.65 libexec/ftpd/ftpd.c: revision 1.205 bump sizes To generate a diff of this commit: cvs rdiff -u -r1.64 -r1.64.4.1 src/libexec/ftpd/extern.h cvs rdiff -u -r1.204 -r1.204.4.1 src/libexec/ftpd/ftpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-10] src/libexec/ftpd
Module Name:src Committed By: martin Date: Mon Oct 2 13:45:42 UTC 2023 Modified Files: src/libexec/ftpd [netbsd-10]: ftpd.c version.h Log Message: Pull up following revision(s) (requested by lukem in ticket #385): libexec/ftpd/ftpd.c: revision 1.207 libexec/ftpd/version.h: revision 1.78 ftpd: improve seteuid error handling Handle seteuid() failures. Per suggestion by Simon Josefsson. Consistent logging and fatal exit if uid/gid switching fails. Log correct errno if dataconn() fails. To generate a diff of this commit: cvs rdiff -u -r1.206 -r1.206.2.1 src/libexec/ftpd/ftpd.c cvs rdiff -u -r1.77 -r1.77.6.1 src/libexec/ftpd/version.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-10] src/libexec/ftpd
Module Name:src
Committed By: martin
Date: Mon Oct 2 13:45:42 UTC 2023
Modified Files:
src/libexec/ftpd [netbsd-10]: ftpd.c version.h
Log Message:
Pull up following revision(s) (requested by lukem in ticket #385):
libexec/ftpd/ftpd.c: revision 1.207
libexec/ftpd/version.h: revision 1.78
ftpd: improve seteuid error handling
Handle seteuid() failures. Per suggestion by Simon Josefsson.
Consistent logging and fatal exit if uid/gid switching fails.
Log correct errno if dataconn() fails.
To generate a diff of this commit:
cvs rdiff -u -r1.206 -r1.206.2.1 src/libexec/ftpd/ftpd.c
cvs rdiff -u -r1.77 -r1.77.6.1 src/libexec/ftpd/version.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/libexec/ftpd/ftpd.c
diff -u src/libexec/ftpd/ftpd.c:1.206 src/libexec/ftpd/ftpd.c:1.206.2.1
--- src/libexec/ftpd/ftpd.c:1.206 Sat Jul 3 14:59:49 2021
+++ src/libexec/ftpd/ftpd.c Mon Oct 2 13:45:42 2023
@@ -1,7 +1,7 @@
-/* $NetBSD: ftpd.c,v 1.206 2021/07/03 14:59:49 christos Exp $ */
+/* $NetBSD: ftpd.c,v 1.206.2.1 2023/10/02 13:45:42 martin Exp $ */
/*
- * Copyright (c) 1997-2009 The NetBSD Foundation, Inc.
+ * Copyright (c) 1997-2023 The NetBSD Foundation, Inc.
* All rights reserved.
*
* This code is derived from software contributed to The NetBSD Foundation
@@ -97,7 +97,7 @@ __COPYRIGHT("@(#) Copyright (c) 1985, 19
#if 0
static char sccsid[] = "@(#)ftpd.c 8.5 (Berkeley) 4/28/95";
#else
-__RCSID("$NetBSD: ftpd.c,v 1.206 2021/07/03 14:59:49 christos Exp $");
+__RCSID("$NetBSD: ftpd.c,v 1.206.2.1 2023/10/02 13:45:42 martin Exp $");
#endif
#endif /* not lint */
@@ -1300,7 +1300,12 @@ end_login(void)
quietmessages = 0;
gidcount = 0;
curclass.type = CLASS_REAL;
- (void) seteuid((uid_t)0);
+ if (!dropprivs) {
+ if (seteuid((uid_t)0) < 0) {
+ syslog(LOG_NOTICE, "end_login: can't seteuid 0: %m");
+ fatal("Can't reset privileges.");
+ }
+ }
#ifdef LOGIN_CAP
setusercontext(NULL, getpwuid(0), 0,
LOGIN_SETPRIORITY|LOGIN_SETRESOURCES|LOGIN_SETUMASK);
@@ -1441,8 +1446,8 @@ do_pass(int pass_checked, int pass_rval,
login_attempts = 0; /* this time successful */
if (setegid((gid_t)pw->pw_gid) < 0) {
- reply(550, "Can't set gid.");
- goto bad;
+ syslog(LOG_NOTICE, "user %s: can't setegid: %m", pw->pw_name);
+ fatal("Can't drop privileges.");
}
#ifdef LOGIN_CAP
if ((lc = login_getpwclass(pw)) != NULL) {
@@ -1615,17 +1620,17 @@ do_pass(int pass_checked, int pass_rval,
ntohs(ctrl_addr.su_port) > IPPORT_RESERVED + 1)) {
dropprivs++;
if (setgid((gid_t)pw->pw_gid) < 0) {
- reply(550, "Can't set gid.");
- goto bad_perms;
+ syslog(LOG_NOTICE, "user %s: can't setgid: %m", pw->pw_name);
+ fatal("Can't drop privileges.");
}
if (setuid((uid_t)pw->pw_uid) < 0) {
- reply(550, "Can't set uid.");
- goto bad_perms;
+ syslog(LOG_NOTICE, "user %s: can't setuid: %m", pw->pw_name);
+ fatal("Can't drop privileges.");
}
} else {
if (seteuid((uid_t)pw->pw_uid) < 0) {
- reply(550, "Can't set uid.");
- goto bad_perms;
+ syslog(LOG_NOTICE, "user %s: can't seteuid: %m", pw->pw_name);
+ fatal("Can't drop privileges.");
}
}
setenv("HOME", homedir, 1);
@@ -1684,11 +1689,6 @@ do_pass(int pass_checked, int pass_rval,
#endif
/* Forget all about it... */
end_login();
- return;
-
-bad_perms:
- syslog(LOG_NOTICE, "user %s: can't setuid/gid: %m", pw->pw_name);
- fatal("Can't drop privileges.");
}
void
@@ -1924,8 +1924,12 @@ getdatasock(const char *fmode)
on = 1;
if (data >= 0)
return (fdopen(data, fmode));
- if (! dropprivs)
- (void) seteuid((uid_t)0);
+ if (! dropprivs) {
+ if (seteuid((uid_t)0) < 0) {
+ syslog(LOG_NOTICE, "getdatasock: can't seteuid 0: %m");
+ fatal("Can't reset privileges.");
+ }
+ }
s = socket(ctrl_addr.su_family, SOCK_STREAM, 0);
if (s < 0)
goto bad;
@@ -1960,8 +1964,12 @@ getdatasock(const char *fmode)
goto bad;
sleep(tries);
}
- if (! dropprivs)
- (void) seteuid((uid_t)pw->pw_uid);
+ if (! dropprivs) {
+ if (seteuid((uid_t)pw->pw_uid) < 0) {
+ syslog(LOG_NOTICE, "user %s: can't seteuid: %m", pw->pw_name);
+ fatal("Can't drop privileges.");
+ }
+ }
#ifdef IP_TOS
if (!mapped && ctrl_addr.su_family == AF_INET) {
on = IPTOS_THROUGHPUT;
@@ -1974,8 +1982,12 @@ getdatasock(const char *fmode)
bad:
/* Return the real value of errno (close may change it) */
t = errno;
- if (! dropprivs)
- (void) seteuid((uid_t)pw->pw_uid);
+ if (! dropprivs) {
+ if (seteuid((uid_t)pw->pw_uid) < 0) {
+ syslog(LOG_NOTICE, "user %s: can't seteuid: %m", pw->pw_name);
+ fatal("Can't drop privileges.");
+ }
+ }
if (s >= 0)
(void) close(s);
errno = t;
@@ -2048,13 +2060,13 @@ dataconn(const char *name, off_t size, c
if (file == NULL) {
char hbuf[NI_MAXHOST];
char pbuf[NI_MAXSERV];
-
+ conerrno = errno;
if (getnameinfo((struct sockaddr *)_source.si_su,
CVS commit: [netbsd-8] src/share/examples/wpa_supplicant
Module Name:src
Committed By: martin
Date: Mon Oct 2 13:36:06 UTC 2023
Modified Files:
src/share/examples/wpa_supplicant [netbsd-8]: wpa_supplicant.conf
Log Message:
Pull up following revision(s) (requested by gutteridge in ticket #1899):
share/examples/wpa_supplicant/wpa_supplicant.conf: revision 1.4
wpa_supplicant.conf: fix connection string for Eduroam
"MSCHAPV2" must have an uppercase "V" in the connection string.
Reported by nebbionegiuseppe at gmail.com in PR misc/57634.
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.3.8.1 \
src/share/examples/wpa_supplicant/wpa_supplicant.conf
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/share/examples/wpa_supplicant/wpa_supplicant.conf
diff -u src/share/examples/wpa_supplicant/wpa_supplicant.conf:1.3 src/share/examples/wpa_supplicant/wpa_supplicant.conf:1.3.8.1
--- src/share/examples/wpa_supplicant/wpa_supplicant.conf:1.3 Thu Nov 26 16:07:40 2015
+++ src/share/examples/wpa_supplicant/wpa_supplicant.conf Mon Oct 2 13:36:06 2023
@@ -1,4 +1,4 @@
-# $NetBSD: wpa_supplicant.conf,v 1.3 2015/11/26 16:07:40 hubertf Exp $
+# $NetBSD: wpa_supplicant.conf,v 1.3.8.1 2023/10/02 13:36:06 martin Exp $
#
# example wpa_supplicant config
#
@@ -60,7 +60,7 @@ network={
# key_mgmt=WPA-EAP
# auth_alg=OPEN
# eap=PEAP
-# phase2="auth=MSCHAPv2"
+# phase2="auth=MSCHAPV2"
#
# priority=5
#}
CVS commit: [netbsd-8] src/share/examples/wpa_supplicant
Module Name:src Committed By: martin Date: Mon Oct 2 13:36:06 UTC 2023 Modified Files: src/share/examples/wpa_supplicant [netbsd-8]: wpa_supplicant.conf Log Message: Pull up following revision(s) (requested by gutteridge in ticket #1899): share/examples/wpa_supplicant/wpa_supplicant.conf: revision 1.4 wpa_supplicant.conf: fix connection string for Eduroam "MSCHAPV2" must have an uppercase "V" in the connection string. Reported by nebbionegiuseppe at gmail.com in PR misc/57634. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.3.8.1 \ src/share/examples/wpa_supplicant/wpa_supplicant.conf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/share/examples/wpa_supplicant
Module Name:src
Committed By: martin
Date: Mon Oct 2 13:34:57 UTC 2023
Modified Files:
src/share/examples/wpa_supplicant [netbsd-9]: wpa_supplicant.conf
Log Message:
Pull up following revision(s) (requested by gutteridge in ticket #1736):
share/examples/wpa_supplicant/wpa_supplicant.conf: revision 1.4
wpa_supplicant.conf: fix connection string for Eduroam
"MSCHAPV2" must have an uppercase "V" in the connection string.
Reported by nebbionegiuseppe at gmail.com in PR misc/57634.
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.3.18.1 \
src/share/examples/wpa_supplicant/wpa_supplicant.conf
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/share/examples/wpa_supplicant/wpa_supplicant.conf
diff -u src/share/examples/wpa_supplicant/wpa_supplicant.conf:1.3 src/share/examples/wpa_supplicant/wpa_supplicant.conf:1.3.18.1
--- src/share/examples/wpa_supplicant/wpa_supplicant.conf:1.3 Thu Nov 26 16:07:40 2015
+++ src/share/examples/wpa_supplicant/wpa_supplicant.conf Mon Oct 2 13:34:57 2023
@@ -1,4 +1,4 @@
-# $NetBSD: wpa_supplicant.conf,v 1.3 2015/11/26 16:07:40 hubertf Exp $
+# $NetBSD: wpa_supplicant.conf,v 1.3.18.1 2023/10/02 13:34:57 martin Exp $
#
# example wpa_supplicant config
#
@@ -60,7 +60,7 @@ network={
# key_mgmt=WPA-EAP
# auth_alg=OPEN
# eap=PEAP
-# phase2="auth=MSCHAPv2"
+# phase2="auth=MSCHAPV2"
#
# priority=5
#}
CVS commit: [netbsd-9] src/share/examples/wpa_supplicant
Module Name:src Committed By: martin Date: Mon Oct 2 13:34:57 UTC 2023 Modified Files: src/share/examples/wpa_supplicant [netbsd-9]: wpa_supplicant.conf Log Message: Pull up following revision(s) (requested by gutteridge in ticket #1736): share/examples/wpa_supplicant/wpa_supplicant.conf: revision 1.4 wpa_supplicant.conf: fix connection string for Eduroam "MSCHAPV2" must have an uppercase "V" in the connection string. Reported by nebbionegiuseppe at gmail.com in PR misc/57634. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.3.18.1 \ src/share/examples/wpa_supplicant/wpa_supplicant.conf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-10] src/share/examples/wpa_supplicant
Module Name:src
Committed By: martin
Date: Mon Oct 2 13:33:44 UTC 2023
Modified Files:
src/share/examples/wpa_supplicant [netbsd-10]: wpa_supplicant.conf
Log Message:
Pull up following revision(s) (requested by gutteridge in ticket #384):
share/examples/wpa_supplicant/wpa_supplicant.conf: revision 1.4
wpa_supplicant.conf: fix connection string for Eduroam
"MSCHAPV2" must have an uppercase "V" in the connection string.
Reported by nebbionegiuseppe at gmail.com in PR misc/57634.
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.3.26.1 \
src/share/examples/wpa_supplicant/wpa_supplicant.conf
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/share/examples/wpa_supplicant/wpa_supplicant.conf
diff -u src/share/examples/wpa_supplicant/wpa_supplicant.conf:1.3 src/share/examples/wpa_supplicant/wpa_supplicant.conf:1.3.26.1
--- src/share/examples/wpa_supplicant/wpa_supplicant.conf:1.3 Thu Nov 26 16:07:40 2015
+++ src/share/examples/wpa_supplicant/wpa_supplicant.conf Mon Oct 2 13:33:44 2023
@@ -1,4 +1,4 @@
-# $NetBSD: wpa_supplicant.conf,v 1.3 2015/11/26 16:07:40 hubertf Exp $
+# $NetBSD: wpa_supplicant.conf,v 1.3.26.1 2023/10/02 13:33:44 martin Exp $
#
# example wpa_supplicant config
#
@@ -60,7 +60,7 @@ network={
# key_mgmt=WPA-EAP
# auth_alg=OPEN
# eap=PEAP
-# phase2="auth=MSCHAPv2"
+# phase2="auth=MSCHAPV2"
#
# priority=5
#}
CVS commit: [netbsd-10] src/share/examples/wpa_supplicant
Module Name:src Committed By: martin Date: Mon Oct 2 13:33:44 UTC 2023 Modified Files: src/share/examples/wpa_supplicant [netbsd-10]: wpa_supplicant.conf Log Message: Pull up following revision(s) (requested by gutteridge in ticket #384): share/examples/wpa_supplicant/wpa_supplicant.conf: revision 1.4 wpa_supplicant.conf: fix connection string for Eduroam "MSCHAPV2" must have an uppercase "V" in the connection string. Reported by nebbionegiuseppe at gmail.com in PR misc/57634. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.3.26.1 \ src/share/examples/wpa_supplicant/wpa_supplicant.conf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/external/cddl/osnet/sys/kern
Module Name:src Committed By: martin Date: Mon Oct 2 13:31:14 UTC 2023 Modified Files: src/external/cddl/osnet/sys/kern [netbsd-9]: kmem.c Log Message: Pull up following revision(s) (requested by riastradh in ticket #1735): external/cddl/osnet/sys/kern/kmem.c: revision 1.4 solaris: Use pool_cache_reclaim, not pool_cache_invalidate. pool_cache_invalidate invalidates cached objects, but doesn't return any backing pages to the underlying page allocator. pool_cache_reclaim does pool_cache_invalidate _and_ reutrns backing pages to the underlying page alloator, so it is actually useful for the page daemon to do when trying to free memory. PR kern/57558 To generate a diff of this commit: cvs rdiff -u -r1.2.2.1 -r1.2.2.2 src/external/cddl/osnet/sys/kern/kmem.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/external/cddl/osnet/sys/kern
Module Name:src
Committed By: martin
Date: Mon Oct 2 13:31:14 UTC 2023
Modified Files:
src/external/cddl/osnet/sys/kern [netbsd-9]: kmem.c
Log Message:
Pull up following revision(s) (requested by riastradh in ticket #1735):
external/cddl/osnet/sys/kern/kmem.c: revision 1.4
solaris: Use pool_cache_reclaim, not pool_cache_invalidate.
pool_cache_invalidate invalidates cached objects, but doesn't return
any backing pages to the underlying page allocator.
pool_cache_reclaim does pool_cache_invalidate _and_ reutrns backing
pages to the underlying page alloator, so it is actually useful for
the page daemon to do when trying to free memory.
PR kern/57558
To generate a diff of this commit:
cvs rdiff -u -r1.2.2.1 -r1.2.2.2 src/external/cddl/osnet/sys/kern/kmem.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/cddl/osnet/sys/kern/kmem.c
diff -u src/external/cddl/osnet/sys/kern/kmem.c:1.2.2.1 src/external/cddl/osnet/sys/kern/kmem.c:1.2.2.2
--- src/external/cddl/osnet/sys/kern/kmem.c:1.2.2.1 Wed Aug 3 15:54:23 2022
+++ src/external/cddl/osnet/sys/kern/kmem.c Mon Oct 2 13:31:14 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: kmem.c,v 1.2.2.1 2022/08/03 15:54:23 martin Exp $ */
+/* $NetBSD: kmem.c,v 1.2.2.2 2023/10/02 13:31:14 martin Exp $ */
/*-
* Copyright (c) 2017 The NetBSD Foundation, Inc.
@@ -123,7 +123,7 @@ void
kmem_cache_reap_now(kmem_cache_t *km)
{
- pool_cache_invalidate(km->km_pool);
+ pool_cache_reclaim(km->km_pool);
}
#undef kmem_alloc
CVS commit: [netbsd-10] src/external/cddl/osnet/sys/kern
Module Name:src
Committed By: martin
Date: Mon Oct 2 13:29:59 UTC 2023
Modified Files:
src/external/cddl/osnet/sys/kern [netbsd-10]: kmem.c
Log Message:
Pull up following revision(s) (requested by riastradh in ticket #383):
external/cddl/osnet/sys/kern/kmem.c: revision 1.4
solaris: Use pool_cache_reclaim, not pool_cache_invalidate.
pool_cache_invalidate invalidates cached objects, but doesn't return
any backing pages to the underlying page allocator.
pool_cache_reclaim does pool_cache_invalidate _and_ reutrns backing
pages to the underlying page alloator, so it is actually useful for
the page daemon to do when trying to free memory.
PR kern/57558
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.3.6.1 src/external/cddl/osnet/sys/kern/kmem.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/cddl/osnet/sys/kern/kmem.c
diff -u src/external/cddl/osnet/sys/kern/kmem.c:1.3 src/external/cddl/osnet/sys/kern/kmem.c:1.3.6.1
--- src/external/cddl/osnet/sys/kern/kmem.c:1.3 Wed Nov 11 03:31:04 2020
+++ src/external/cddl/osnet/sys/kern/kmem.c Mon Oct 2 13:29:59 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: kmem.c,v 1.3 2020/11/11 03:31:04 chs Exp $ */
+/* $NetBSD: kmem.c,v 1.3.6.1 2023/10/02 13:29:59 martin Exp $ */
/*-
* Copyright (c) 2017 The NetBSD Foundation, Inc.
@@ -123,7 +123,7 @@ void
kmem_cache_reap_now(kmem_cache_t *km)
{
- pool_cache_invalidate(km->km_pool);
+ pool_cache_reclaim(km->km_pool);
}
#undef kmem_alloc
CVS commit: [netbsd-10] src/external/cddl/osnet/sys/kern
Module Name:src Committed By: martin Date: Mon Oct 2 13:29:59 UTC 2023 Modified Files: src/external/cddl/osnet/sys/kern [netbsd-10]: kmem.c Log Message: Pull up following revision(s) (requested by riastradh in ticket #383): external/cddl/osnet/sys/kern/kmem.c: revision 1.4 solaris: Use pool_cache_reclaim, not pool_cache_invalidate. pool_cache_invalidate invalidates cached objects, but doesn't return any backing pages to the underlying page allocator. pool_cache_reclaim does pool_cache_invalidate _and_ reutrns backing pages to the underlying page alloator, so it is actually useful for the page daemon to do when trying to free memory. PR kern/57558 To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.3.6.1 src/external/cddl/osnet/sys/kern/kmem.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-10] src/distrib/utils/embedded/files
Module Name:src Committed By: martin Date: Mon Oct 2 13:27:41 UTC 2023 Modified Files: src/distrib/utils/embedded/files [netbsd-10]: ec2_init Log Message: Pull up following revision(s) (requested by riastradh in ticket #382): distrib/utils/embedded/files/ec2_init: revision 1.6 ec2_init: Suppress error message for nonexistent sysctl. We're querying to see whether the sysctl node is available and if so what its text is, not interested in the error message. To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.5.2.1 src/distrib/utils/embedded/files/ec2_init Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-10] src/distrib/utils/embedded/files
Module Name:src Committed By: martin Date: Mon Oct 2 13:27:41 UTC 2023 Modified Files: src/distrib/utils/embedded/files [netbsd-10]: ec2_init Log Message: Pull up following revision(s) (requested by riastradh in ticket #382): distrib/utils/embedded/files/ec2_init: revision 1.6 ec2_init: Suppress error message for nonexistent sysctl. We're querying to see whether the sysctl node is available and if so what its text is, not interested in the error message. To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.5.2.1 src/distrib/utils/embedded/files/ec2_init Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/distrib/utils/embedded/files/ec2_init diff -u src/distrib/utils/embedded/files/ec2_init:1.5 src/distrib/utils/embedded/files/ec2_init:1.5.2.1 --- src/distrib/utils/embedded/files/ec2_init:1.5 Sat Oct 15 18:32:30 2022 +++ src/distrib/utils/embedded/files/ec2_init Mon Oct 2 13:27:41 2023 @@ -1,6 +1,6 @@ #!/bin/sh # -# $NetBSD: ec2_init,v 1.5 2022/10/15 18:32:30 jmcneill Exp $ +# $NetBSD: ec2_init,v 1.5.2.1 2023/10/02 13:27:41 martin Exp $ # # PROVIDE: ec2_init # REQUIRE: NETWORKING @@ -15,7 +15,7 @@ stop_cmd=":" CLOUD_TYPE=EC2 # default -case "$(/sbin/sysctl -n machdep.dmi.chassis-asset-tag)" in +case "$(/sbin/sysctl -n machdep.dmi.chassis-asset-tag 2>/dev/null)" in OracleCloud*) CLOUD_TYPE=OCI ;;
CVS commit: [netbsd-10] src
Module Name:src Committed By: martin Date: Mon Oct 2 13:26:04 UTC 2023 Modified Files: src/distrib/amd64/liveimage/emuimage [netbsd-10]: rc.conf.emuimage src/distrib/evbarm/liveimage/armimage [netbsd-10]: rc.conf.armimage src/distrib/sets/lists/etc [netbsd-10]: mi src/distrib/utils/embedded/conf [netbsd-10]: evbarm.conf evbmips.conf usermode.conf x86.conf src/etc/defaults [netbsd-10]: rc.conf src/etc/rc.d [netbsd-10]: Makefile Added Files: src/etc/rc.d [netbsd-10]: certctl_init Log Message: Pull up following revision(s) (requested by riastradh in ticket #381): distrib/utils/embedded/conf/evbarm.conf: revision 1.42 distrib/sets/lists/etc/mi: revision 1.273 etc/rc.d/Makefile: revision 1.118 distrib/utils/embedded/conf/usermode.conf: revision 1.7 etc/rc.d/certctl_init: revision 1.1 distrib/evbarm/liveimage/armimage/rc.conf.armimage: revision 1.2 etc/defaults/rc.conf: revision 1.166 distrib/amd64/liveimage/emuimage/rc.conf.emuimage: revision 1.3 distrib/utils/embedded/conf/x86.conf: revision 1.11 distrib/utils/embedded/conf/evbmips.conf: revision 1.4 /etc/rc.d/cerctl_init: New script for certctl rehash in live images. This is very limited -- it does not supplant postinstall to rehash certificates on upgrade; it only runs certctl rehash if /etc/openssl/certs is an empty directory, as you get in live images not created with sysinst. We could also have a more general-purpose way to run postinstall(8) on first boot of an image, but that has a lot more moving parts to think about, so let's start with this limited-scope low-risk approach. PR install/57629 /etc/rc.d/certctl_init: Default off. Otherwise in systems without certctl_init=YES, such as systems installed with sysinst(8) where it's unnecessary because the rehash has already happened at install time, you'll get spurious warnings. To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.2.2.1 \ src/distrib/amd64/liveimage/emuimage/rc.conf.emuimage cvs rdiff -u -r1.1 -r1.1.2.1 \ src/distrib/evbarm/liveimage/armimage/rc.conf.armimage cvs rdiff -u -r1.270.2.1 -r1.270.2.2 src/distrib/sets/lists/etc/mi cvs rdiff -u -r1.41 -r1.41.2.1 src/distrib/utils/embedded/conf/evbarm.conf cvs rdiff -u -r1.3 -r1.3.2.1 src/distrib/utils/embedded/conf/evbmips.conf cvs rdiff -u -r1.6 -r1.6.2.1 src/distrib/utils/embedded/conf/usermode.conf cvs rdiff -u -r1.10 -r1.10.2.1 src/distrib/utils/embedded/conf/x86.conf cvs rdiff -u -r1.162.2.1 -r1.162.2.2 src/etc/defaults/rc.conf cvs rdiff -u -r1.116 -r1.116.2.1 src/etc/rc.d/Makefile cvs rdiff -u -r0 -r1.1.2.2 src/etc/rc.d/certctl_init Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-10] src
Module Name:src
Committed By: martin
Date: Mon Oct 2 13:26:04 UTC 2023
Modified Files:
src/distrib/amd64/liveimage/emuimage [netbsd-10]: rc.conf.emuimage
src/distrib/evbarm/liveimage/armimage [netbsd-10]: rc.conf.armimage
src/distrib/sets/lists/etc [netbsd-10]: mi
src/distrib/utils/embedded/conf [netbsd-10]: evbarm.conf evbmips.conf
usermode.conf x86.conf
src/etc/defaults [netbsd-10]: rc.conf
src/etc/rc.d [netbsd-10]: Makefile
Added Files:
src/etc/rc.d [netbsd-10]: certctl_init
Log Message:
Pull up following revision(s) (requested by riastradh in ticket #381):
distrib/utils/embedded/conf/evbarm.conf: revision 1.42
distrib/sets/lists/etc/mi: revision 1.273
etc/rc.d/Makefile: revision 1.118
distrib/utils/embedded/conf/usermode.conf: revision 1.7
etc/rc.d/certctl_init: revision 1.1
distrib/evbarm/liveimage/armimage/rc.conf.armimage: revision 1.2
etc/defaults/rc.conf: revision 1.166
distrib/amd64/liveimage/emuimage/rc.conf.emuimage: revision 1.3
distrib/utils/embedded/conf/x86.conf: revision 1.11
distrib/utils/embedded/conf/evbmips.conf: revision 1.4
/etc/rc.d/cerctl_init: New script for certctl rehash in live images.
This is very limited -- it does not supplant postinstall to rehash
certificates on upgrade; it only runs certctl rehash if
/etc/openssl/certs is an empty directory, as you get in live images
not created with sysinst.
We could also have a more general-purpose way to run postinstall(8)
on first boot of an image, but that has a lot more moving parts to
think about, so let's start with this limited-scope low-risk
approach.
PR install/57629
/etc/rc.d/certctl_init: Default off.
Otherwise in systems without certctl_init=YES, such as systems
installed with sysinst(8) where it's unnecessary because the rehash
has already happened at install time, you'll get spurious warnings.
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.2.2.1 \
src/distrib/amd64/liveimage/emuimage/rc.conf.emuimage
cvs rdiff -u -r1.1 -r1.1.2.1 \
src/distrib/evbarm/liveimage/armimage/rc.conf.armimage
cvs rdiff -u -r1.270.2.1 -r1.270.2.2 src/distrib/sets/lists/etc/mi
cvs rdiff -u -r1.41 -r1.41.2.1 src/distrib/utils/embedded/conf/evbarm.conf
cvs rdiff -u -r1.3 -r1.3.2.1 src/distrib/utils/embedded/conf/evbmips.conf
cvs rdiff -u -r1.6 -r1.6.2.1 src/distrib/utils/embedded/conf/usermode.conf
cvs rdiff -u -r1.10 -r1.10.2.1 src/distrib/utils/embedded/conf/x86.conf
cvs rdiff -u -r1.162.2.1 -r1.162.2.2 src/etc/defaults/rc.conf
cvs rdiff -u -r1.116 -r1.116.2.1 src/etc/rc.d/Makefile
cvs rdiff -u -r0 -r1.1.2.2 src/etc/rc.d/certctl_init
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/distrib/amd64/liveimage/emuimage/rc.conf.emuimage
diff -u src/distrib/amd64/liveimage/emuimage/rc.conf.emuimage:1.2 src/distrib/amd64/liveimage/emuimage/rc.conf.emuimage:1.2.2.1
--- src/distrib/amd64/liveimage/emuimage/rc.conf.emuimage:1.2 Wed Jul 13 18:51:03 2022
+++ src/distrib/amd64/liveimage/emuimage/rc.conf.emuimage Mon Oct 2 13:26:04 2023
@@ -1,4 +1,4 @@
-# $NetBSD: rc.conf.emuimage,v 1.2 2022/07/13 18:51:03 hgutch Exp $
+# $NetBSD: rc.conf.emuimage,v 1.2.2.1 2023/10/02 13:26:04 martin Exp $
is_ec2() {
val=NO
@@ -24,6 +24,7 @@ is_ec2() {
printf $val
}
+certctl_init=YES
resize_disklabel=YES
resize_root=YES
resize_root_flags="-p"
Index: src/distrib/evbarm/liveimage/armimage/rc.conf.armimage
diff -u src/distrib/evbarm/liveimage/armimage/rc.conf.armimage:1.1 src/distrib/evbarm/liveimage/armimage/rc.conf.armimage:1.1.2.1
--- src/distrib/evbarm/liveimage/armimage/rc.conf.armimage:1.1 Sat Jul 24 14:00:08 2021
+++ src/distrib/evbarm/liveimage/armimage/rc.conf.armimage Mon Oct 2 13:26:04 2023
@@ -1,4 +1,4 @@
-# $NetBSD: rc.conf.armimage,v 1.1 2021/07/24 14:00:08 jmcneill Exp $
+# $NetBSD: rc.conf.armimage,v 1.1.2.1 2023/10/02 13:26:04 martin Exp $
is_ec2() {
val=NO
@@ -23,6 +23,7 @@ is_ec2() {
printf $val
}
+certctl_init=YES
resize_gpt=YES
resize_root=YES
resize_root_flags="-p"
Index: src/distrib/sets/lists/etc/mi
diff -u src/distrib/sets/lists/etc/mi:1.270.2.1 src/distrib/sets/lists/etc/mi:1.270.2.2
--- src/distrib/sets/lists/etc/mi:1.270.2.1 Mon Sep 4 17:33:27 2023
+++ src/distrib/sets/lists/etc/mi Mon Oct 2 13:26:04 2023
@@ -1,4 +1,4 @@
-# $NetBSD: mi,v 1.270.2.1 2023/09/04 17:33:27 martin Exp $
+# $NetBSD: mi,v 1.270.2.2 2023/10/02 13:26:04 martin Exp $
#
# Note: end-user configuration files that are moved to another location
# should not be marked "obsolete"; they should just be removed from
@@ -203,6 +203,7 @@
./etc/rc.d/bthcidetc-obsolete obsolete
./etc/rc.d/btuartdetc-obsolete obsolete
./etc/rc.d/ccd etc-sys-rc
+./etc/rc.d/certctl_initetc-sys-rc
./etc/rc.d/cgd etc-sys-rc
./etc/rc.d/clearcritlocaletc-sys-rc
CVS commit: [netbsd-8] src/lib/libpam/modules/pam_krb5
Module Name:src
Committed By: martin
Date: Mon Oct 2 13:09:01 UTC 2023
Modified Files:
src/lib/libpam/modules/pam_krb5 [netbsd-8]: pam_krb5.c
Log Message:
Pull up following revision(s) (requested by riastradh in ticket #1898):
lib/libpam/modules/pam_krb5/pam_krb5.c: revision 1.32
pam_krb5: Fix PR lib/57631.
Loose ends in the fix for NetBSD-SA2023-006 that weren't caught by
review or, somehow, by my own testing. Evidently we need automatic
tests for this pam business.
To generate a diff of this commit:
cvs rdiff -u -r1.26.18.1 -r1.26.18.2 \
src/lib/libpam/modules/pam_krb5/pam_krb5.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/lib/libpam/modules/pam_krb5/pam_krb5.c
diff -u src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.26.18.1 src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.26.18.2
--- src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.26.18.1 Wed Jun 21 22:04:13 2023
+++ src/lib/libpam/modules/pam_krb5/pam_krb5.c Mon Oct 2 13:09:01 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: pam_krb5.c,v 1.26.18.1 2023/06/21 22:04:13 martin Exp $ */
+/* $NetBSD: pam_krb5.c,v 1.26.18.2 2023/10/02 13:09:01 martin Exp $ */
/*-
* This pam_krb5 module contains code that is:
@@ -53,7 +53,7 @@
#ifdef __FreeBSD__
__FBSDID("$FreeBSD: src/lib/libpam/modules/pam_krb5/pam_krb5.c,v 1.22 2005/01/24 16:49:50 rwatson Exp $");
#else
-__RCSID("$NetBSD: pam_krb5.c,v 1.26.18.1 2023/06/21 22:04:13 martin Exp $");
+__RCSID("$NetBSD: pam_krb5.c,v 1.26.18.2 2023/10/02 13:09:01 martin Exp $");
#endif
#include
@@ -341,7 +341,6 @@ pam_sm_authenticate(pam_handle_t *pamh,
krbret = verify_krb_v5_tgt(pam_context, ccache, srvdup,
debug,
auth_service, auth_princ, auth_phost, _data);
- free(srvdup);
if (krbret == -1) {
PAM_VERBOSE_ERROR("Kerberos 5 error");
krb5_cc_destroy(pam_context, ccache);
@@ -940,6 +939,7 @@ verify_krb_v5_tgt_begin(krb5_context con
const char *services[3], **service;
*servicep = NULL;
+ *princp = NULL;
if (debug)
openlog_r("pam_krb5", LOG_PID, LOG_AUTHPRIV, datap);
@@ -982,6 +982,8 @@ verify_krb_v5_tgt_begin(krb5_context con
);
if (retval != 0)
continue;
+ *servicep = *service;
+ *princp = princ;
break;
}
if (keyblock)
CVS commit: [netbsd-8] src/lib/libpam/modules/pam_krb5
Module Name:src Committed By: martin Date: Mon Oct 2 13:09:01 UTC 2023 Modified Files: src/lib/libpam/modules/pam_krb5 [netbsd-8]: pam_krb5.c Log Message: Pull up following revision(s) (requested by riastradh in ticket #1898): lib/libpam/modules/pam_krb5/pam_krb5.c: revision 1.32 pam_krb5: Fix PR lib/57631. Loose ends in the fix for NetBSD-SA2023-006 that weren't caught by review or, somehow, by my own testing. Evidently we need automatic tests for this pam business. To generate a diff of this commit: cvs rdiff -u -r1.26.18.1 -r1.26.18.2 \ src/lib/libpam/modules/pam_krb5/pam_krb5.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/lib/libpam/modules/pam_krb5
Module Name:src Committed By: martin Date: Mon Oct 2 13:07:12 UTC 2023 Modified Files: src/lib/libpam/modules/pam_krb5 [netbsd-9]: pam_krb5.c Log Message: Pull up following revision(s) (requested by riastradh in ticket #1734): lib/libpam/modules/pam_krb5/pam_krb5.c: revision 1.32 pam_krb5: Fix PR lib/57631. Loose ends in the fix for NetBSD-SA2023-006 that weren't caught by review or, somehow, by my own testing. Evidently we need automatic tests for this pam business. To generate a diff of this commit: cvs rdiff -u -r1.26.28.1 -r1.26.28.2 \ src/lib/libpam/modules/pam_krb5/pam_krb5.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/lib/libpam/modules/pam_krb5
Module Name:src
Committed By: martin
Date: Mon Oct 2 13:07:12 UTC 2023
Modified Files:
src/lib/libpam/modules/pam_krb5 [netbsd-9]: pam_krb5.c
Log Message:
Pull up following revision(s) (requested by riastradh in ticket #1734):
lib/libpam/modules/pam_krb5/pam_krb5.c: revision 1.32
pam_krb5: Fix PR lib/57631.
Loose ends in the fix for NetBSD-SA2023-006 that weren't caught by
review or, somehow, by my own testing. Evidently we need automatic
tests for this pam business.
To generate a diff of this commit:
cvs rdiff -u -r1.26.28.1 -r1.26.28.2 \
src/lib/libpam/modules/pam_krb5/pam_krb5.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/lib/libpam/modules/pam_krb5/pam_krb5.c
diff -u src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.26.28.1 src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.26.28.2
--- src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.26.28.1 Wed Jun 21 22:00:57 2023
+++ src/lib/libpam/modules/pam_krb5/pam_krb5.c Mon Oct 2 13:07:12 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: pam_krb5.c,v 1.26.28.1 2023/06/21 22:00:57 martin Exp $ */
+/* $NetBSD: pam_krb5.c,v 1.26.28.2 2023/10/02 13:07:12 martin Exp $ */
/*-
* This pam_krb5 module contains code that is:
@@ -53,7 +53,7 @@
#ifdef __FreeBSD__
__FBSDID("$FreeBSD: src/lib/libpam/modules/pam_krb5/pam_krb5.c,v 1.22 2005/01/24 16:49:50 rwatson Exp $");
#else
-__RCSID("$NetBSD: pam_krb5.c,v 1.26.28.1 2023/06/21 22:00:57 martin Exp $");
+__RCSID("$NetBSD: pam_krb5.c,v 1.26.28.2 2023/10/02 13:07:12 martin Exp $");
#endif
#include
@@ -341,7 +341,6 @@ pam_sm_authenticate(pam_handle_t *pamh,
krbret = verify_krb_v5_tgt(pam_context, ccache, srvdup,
debug,
auth_service, auth_princ, auth_phost, _data);
- free(srvdup);
if (krbret == -1) {
PAM_VERBOSE_ERROR("Kerberos 5 error");
krb5_cc_destroy(pam_context, ccache);
@@ -940,6 +939,7 @@ verify_krb_v5_tgt_begin(krb5_context con
const char *services[3], **service;
*servicep = NULL;
+ *princp = NULL;
if (debug)
openlog_r("pam_krb5", LOG_PID, LOG_AUTHPRIV, datap);
@@ -982,6 +982,8 @@ verify_krb_v5_tgt_begin(krb5_context con
);
if (retval != 0)
continue;
+ *servicep = *service;
+ *princp = princ;
break;
}
if (keyblock)
CVS commit: [netbsd-10] src/lib/libpam/modules/pam_krb5
Module Name:src
Committed By: martin
Date: Mon Oct 2 13:05:41 UTC 2023
Modified Files:
src/lib/libpam/modules/pam_krb5 [netbsd-10]: pam_krb5.c
Log Message:
Pull up following revision(s) (requested by riastradh in ticket #380):
lib/libpam/modules/pam_krb5/pam_krb5.c: revision 1.32
pam_krb5: Fix PR lib/57631.
Loose ends in the fix for NetBSD-SA2023-006 that weren't caught by
review or, somehow, by my own testing. Evidently we need automatic
tests for this pam business.
To generate a diff of this commit:
cvs rdiff -u -r1.30.2.1 -r1.30.2.2 src/lib/libpam/modules/pam_krb5/pam_krb5.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/lib/libpam/modules/pam_krb5/pam_krb5.c
diff -u src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.30.2.1 src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.30.2.2
--- src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.30.2.1 Wed Jun 21 21:54:12 2023
+++ src/lib/libpam/modules/pam_krb5/pam_krb5.c Mon Oct 2 13:05:41 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: pam_krb5.c,v 1.30.2.1 2023/06/21 21:54:12 martin Exp $ */
+/* $NetBSD: pam_krb5.c,v 1.30.2.2 2023/10/02 13:05:41 martin Exp $ */
/*-
* This pam_krb5 module contains code that is:
@@ -53,7 +53,7 @@
#ifdef __FreeBSD__
__FBSDID("$FreeBSD: src/lib/libpam/modules/pam_krb5/pam_krb5.c,v 1.22 2005/01/24 16:49:50 rwatson Exp $");
#else
-__RCSID("$NetBSD: pam_krb5.c,v 1.30.2.1 2023/06/21 21:54:12 martin Exp $");
+__RCSID("$NetBSD: pam_krb5.c,v 1.30.2.2 2023/10/02 13:05:41 martin Exp $");
#endif
#include
@@ -341,7 +341,6 @@ pam_sm_authenticate(pam_handle_t *pamh,
krbret = verify_krb_v5_tgt(pam_context, ccache, srvdup,
debug,
auth_service, auth_princ, auth_phost, _data);
- free(srvdup);
if (krbret == -1) {
PAM_VERBOSE_ERROR("Kerberos 5 error");
krb5_cc_destroy(pam_context, ccache);
@@ -955,6 +954,7 @@ verify_krb_v5_tgt_begin(krb5_context con
const char *services[3], **service;
*servicep = NULL;
+ *princp = NULL;
if (debug)
openlog_r("pam_krb5", LOG_PID, LOG_AUTHPRIV, datap);
@@ -996,6 +996,8 @@ verify_krb_v5_tgt_begin(krb5_context con
);
if (retval != 0)
continue;
+ *servicep = *service;
+ *princp = princ;
break;
}
if (keyblock)
CVS commit: [netbsd-10] src/lib/libpam/modules/pam_krb5
Module Name:src Committed By: martin Date: Mon Oct 2 13:05:41 UTC 2023 Modified Files: src/lib/libpam/modules/pam_krb5 [netbsd-10]: pam_krb5.c Log Message: Pull up following revision(s) (requested by riastradh in ticket #380): lib/libpam/modules/pam_krb5/pam_krb5.c: revision 1.32 pam_krb5: Fix PR lib/57631. Loose ends in the fix for NetBSD-SA2023-006 that weren't caught by review or, somehow, by my own testing. Evidently we need automatic tests for this pam business. To generate a diff of this commit: cvs rdiff -u -r1.30.2.1 -r1.30.2.2 src/lib/libpam/modules/pam_krb5/pam_krb5.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-10] src/sys/uvm
Module Name:src Committed By: martin Date: Mon Oct 2 13:01:46 UTC 2023 Modified Files: src/sys/uvm [netbsd-10]: uvm_pdaemon.c Log Message: Pull up following revision(s) (requested by ad in ticket #379): sys/uvm/uvm_pdaemon.c: revision 1.134 uvmpd_trylockowner(): release pg->interlock before calling rw_obj_free() since it can call back into the VM system. To generate a diff of this commit: cvs rdiff -u -r1.133 -r1.133.16.1 src/sys/uvm/uvm_pdaemon.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-10] src/sys/uvm
Module Name:src
Committed By: martin
Date: Mon Oct 2 13:01:46 UTC 2023
Modified Files:
src/sys/uvm [netbsd-10]: uvm_pdaemon.c
Log Message:
Pull up following revision(s) (requested by ad in ticket #379):
sys/uvm/uvm_pdaemon.c: revision 1.134
uvmpd_trylockowner(): release pg->interlock before calling rw_obj_free()
since it can call back into the VM system.
To generate a diff of this commit:
cvs rdiff -u -r1.133 -r1.133.16.1 src/sys/uvm/uvm_pdaemon.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/uvm/uvm_pdaemon.c
diff -u src/sys/uvm/uvm_pdaemon.c:1.133 src/sys/uvm/uvm_pdaemon.c:1.133.16.1
--- src/sys/uvm/uvm_pdaemon.c:1.133 Sat Apr 17 21:37:21 2021
+++ src/sys/uvm/uvm_pdaemon.c Mon Oct 2 13:01:46 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: uvm_pdaemon.c,v 1.133 2021/04/17 21:37:21 mrg Exp $ */
+/* $NetBSD: uvm_pdaemon.c,v 1.133.16.1 2023/10/02 13:01:46 martin Exp $ */
/*
* Copyright (c) 1997 Charles D. Cranor and Washington University.
@@ -66,7 +66,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: uvm_pdaemon.c,v 1.133 2021/04/17 21:37:21 mrg Exp $");
+__KERNEL_RCSID(0, "$NetBSD: uvm_pdaemon.c,v 1.133.16.1 2023/10/02 13:01:46 martin Exp $");
#include "opt_uvmhist.h"
#include "opt_readahead.h"
@@ -416,7 +416,7 @@ uvmpd_page_owner_lock(struct vm_page *pg
krwlock_t *
uvmpd_trylockowner(struct vm_page *pg)
{
- krwlock_t *slock, *heldslock;
+ krwlock_t *slock, *heldslock = NULL;
KASSERT(mutex_owned(>interlock));
@@ -453,9 +453,7 @@ uvmpd_trylockowner(struct vm_page *pg)
if (heldslock != slock) {
rw_exit(heldslock);
slock = NULL;
- }
- rw_obj_free(heldslock);
- if (slock != NULL) {
+ } else {
success:
/*
* Set PG_ANON if it isn't set already.
@@ -468,6 +466,9 @@ success:
}
}
mutex_exit(>interlock);
+ if (heldslock != NULL) {
+ rw_obj_free(heldslock);
+ }
return slock;
}
CVS commit: [netbsd-10] src
Module Name:src
Committed By: martin
Date: Mon Oct 2 12:58:51 UTC 2023
Modified Files:
src/sys/net [netbsd-10]: if_ipsec.c
src/sys/netipsec [netbsd-10]: key.c
src/tests/net/if_ipsec [netbsd-10]: t_ipsec_unnumbered.sh
Log Message:
Pull up following revision(s) (requested by knakahara in ticket #378):
tests/net/if_ipsec/t_ipsec_unnumbered.sh: revision 1.2
sys/net/if_ipsec.c: revision 1.35
sys/netipsec/key.c: revision 1.281
Use kmem_free instead of kmem_intr_free, as key_freesaval() is not called in
softint after key.c:r1.223.
E.g. key_freesaval() was called the following call path before SAD MP-ify.
esp_input_cb()
KEY_FREESAV()
key_freesav()
key_delsav()
key_freesaval()
ok'ed by ozaki-r@n.o.
Use unit id instead of if_index to reduce fixed_reqid space.
Update for sys/net/if_ipsec.c:r1.35
To generate a diff of this commit:
cvs rdiff -u -r1.34 -r1.34.2.1 src/sys/net/if_ipsec.c
cvs rdiff -u -r1.280 -r1.280.2.1 src/sys/netipsec/key.c
cvs rdiff -u -r1.1 -r1.1.2.1 src/tests/net/if_ipsec/t_ipsec_unnumbered.sh
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/if_ipsec.c
diff -u src/sys/net/if_ipsec.c:1.34 src/sys/net/if_ipsec.c:1.34.2.1
--- src/sys/net/if_ipsec.c:1.34 Tue Oct 11 09:51:47 2022
+++ src/sys/net/if_ipsec.c Mon Oct 2 12:58:51 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: if_ipsec.c,v 1.34 2022/10/11 09:51:47 knakahara Exp $ */
+/* $NetBSD: if_ipsec.c,v 1.34.2.1 2023/10/02 12:58:51 martin Exp $ */
/*
* Copyright (c) 2017 Internet Initiative Japan Inc.
@@ -27,7 +27,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.34 2022/10/11 09:51:47 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.34.2.1 2023/10/02 12:58:51 martin Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -1798,9 +1798,10 @@ if_ipsec_get_reqids(struct ipsec_variant
mutex_enter(_softcs.lock);
if (ipsec_softcs.use_fixed_reqid) {
- uint32_t reqid_base;
+ uint32_t unit, reqid_base;
- reqid_base = ipsec_softcs.reqid_base + ifp->if_index * 2;
+ unit = strtoul(ifp->if_xname + sizeof("ipsec") - 1, NULL, 10);
+ reqid_base = ipsec_softcs.reqid_base + unit * 2;
if (reqid_base + 1 > ipsec_softcs.reqid_last) {
log(LOG_ERR,
"%s: invalid fixed reqid(%"PRIu32"), "
Index: src/sys/netipsec/key.c
diff -u src/sys/netipsec/key.c:1.280 src/sys/netipsec/key.c:1.280.2.1
--- src/sys/netipsec/key.c:1.280 Thu Dec 8 08:07:07 2022
+++ src/sys/netipsec/key.c Mon Oct 2 12:58:51 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: key.c,v 1.280 2022/12/08 08:07:07 knakahara Exp $ */
+/* $NetBSD: key.c,v 1.280.2.1 2023/10/02 12:58:51 martin Exp $ */
/* $FreeBSD: key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $ */
/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */
@@ -32,7 +32,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.280 2022/12/08 08:07:07 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.280.2.1 2023/10/02 12:58:51 martin Exp $");
/*
* This code is referred to RFC 2367
@@ -3589,21 +3589,21 @@ key_freesaval(struct secasvar *sav)
key_sa_refcnt(sav));
if (sav->replay != NULL)
- kmem_intr_free(sav->replay, sav->replay_len);
+ kmem_free(sav->replay, sav->replay_len);
if (sav->key_auth != NULL)
- kmem_intr_free(sav->key_auth, sav->key_auth_len);
+ kmem_free(sav->key_auth, sav->key_auth_len);
if (sav->key_enc != NULL)
- kmem_intr_free(sav->key_enc, sav->key_enc_len);
+ kmem_free(sav->key_enc, sav->key_enc_len);
if (sav->lft_c_counters_percpu != NULL) {
percpu_free(sav->lft_c_counters_percpu,
sizeof(lifetime_counters_t));
}
if (sav->lft_c != NULL)
- kmem_intr_free(sav->lft_c, sizeof(*(sav->lft_c)));
+ kmem_free(sav->lft_c, sizeof(*(sav->lft_c)));
if (sav->lft_h != NULL)
- kmem_intr_free(sav->lft_h, sizeof(*(sav->lft_h)));
+ kmem_free(sav->lft_h, sizeof(*(sav->lft_h)));
if (sav->lft_s != NULL)
- kmem_intr_free(sav->lft_s, sizeof(*(sav->lft_s)));
+ kmem_free(sav->lft_s, sizeof(*(sav->lft_s)));
}
/*
Index: src/tests/net/if_ipsec/t_ipsec_unnumbered.sh
diff -u src/tests/net/if_ipsec/t_ipsec_unnumbered.sh:1.1 src/tests/net/if_ipsec/t_ipsec_unnumbered.sh:1.1.2.1
--- src/tests/net/if_ipsec/t_ipsec_unnumbered.sh:1.1 Fri Nov 25 08:43:16 2022
+++ src/tests/net/if_ipsec/t_ipsec_unnumbered.sh Mon Oct 2 12:58:50 2023
@@ -1,4 +1,4 @@
-# $NetBSD: t_ipsec_unnumbered.sh,v 1.1 2022/11/25 08:43:16 knakahara Exp $
+# $NetBSD: t_ipsec_unnumbered.sh,v 1.1.2.1 2023/10/02 12:58:50 martin Exp $
#
# Copyright (c) 2022 Internet Initiative Japan Inc.
# All rights reserved.
@@ -73,7 +73,7 @@ add_sa()
local tmpfile=./tmp
local spi=1
local algo_args="$(generate_algo_args esp $algo)"
- local uniq=8200 # 8192(reqid_base) + 2 * 4(lo0, shmif0, shmif1 and ipsec0)
+ local uniq=8192 # 8192(reqid_base) + 2 * 0(unit id of "ipsec0")
export RUMP_SERVER=$SOCK_LOCAL
CVS commit: [netbsd-10] src
Module Name:src Committed By: martin Date: Mon Oct 2 12:58:51 UTC 2023 Modified Files: src/sys/net [netbsd-10]: if_ipsec.c src/sys/netipsec [netbsd-10]: key.c src/tests/net/if_ipsec [netbsd-10]: t_ipsec_unnumbered.sh Log Message: Pull up following revision(s) (requested by knakahara in ticket #378): tests/net/if_ipsec/t_ipsec_unnumbered.sh: revision 1.2 sys/net/if_ipsec.c: revision 1.35 sys/netipsec/key.c: revision 1.281 Use kmem_free instead of kmem_intr_free, as key_freesaval() is not called in softint after key.c:r1.223. E.g. key_freesaval() was called the following call path before SAD MP-ify. esp_input_cb() KEY_FREESAV() key_freesav() key_delsav() key_freesaval() ok'ed by ozaki-r@n.o. Use unit id instead of if_index to reduce fixed_reqid space. Update for sys/net/if_ipsec.c:r1.35 To generate a diff of this commit: cvs rdiff -u -r1.34 -r1.34.2.1 src/sys/net/if_ipsec.c cvs rdiff -u -r1.280 -r1.280.2.1 src/sys/netipsec/key.c cvs rdiff -u -r1.1 -r1.1.2.1 src/tests/net/if_ipsec/t_ipsec_unnumbered.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/arch/arm/fdt
Module Name:src
Committed By: riastradh
Date: Mon Oct 2 08:42:20 UTC 2023
Modified Files:
src/sys/arch/arm/fdt: pmu_fdt.c
Log Message:
armpmu(4): Add missing newline to error message.
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 src/sys/arch/arm/fdt/pmu_fdt.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/arch/arm/fdt/pmu_fdt.c
diff -u src/sys/arch/arm/fdt/pmu_fdt.c:1.11 src/sys/arch/arm/fdt/pmu_fdt.c:1.12
--- src/sys/arch/arm/fdt/pmu_fdt.c:1.11 Wed Nov 9 19:03:38 2022
+++ src/sys/arch/arm/fdt/pmu_fdt.c Mon Oct 2 08:42:20 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: pmu_fdt.c,v 1.11 2022/11/09 19:03:38 ryo Exp $ */
+/* $NetBSD: pmu_fdt.c,v 1.12 2023/10/02 08:42:20 riastradh Exp $ */
/*-
* Copyright (c) 2018 Jared McNeill
@@ -27,7 +27,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: pmu_fdt.c,v 1.11 2022/11/09 19:03:38 ryo Exp $");
+__KERNEL_RCSID(0, "$NetBSD: pmu_fdt.c,v 1.12 2023/10/02 08:42:20 riastradh Exp $");
#include
#include
@@ -136,7 +136,7 @@ pmu_fdt_init(device_t self)
error = arm_pmu_init();
if (error) {
aprint_error_dev(self,
- "couldn't initialise PMU event counter");
+ "couldn't initialise PMU event counter\n");
return;
}
}
CVS commit: src/sys/arch/arm/fdt
Module Name:src Committed By: riastradh Date: Mon Oct 2 08:42:20 UTC 2023 Modified Files: src/sys/arch/arm/fdt: pmu_fdt.c Log Message: armpmu(4): Add missing newline to error message. To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 src/sys/arch/arm/fdt/pmu_fdt.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
