CVS commit: [pgoyette-compat] src

[Paul Goyette]

Module Name:src
Committed By:   pgoyette
Date:   Sat Apr  7 04:12:21 UTC 2018

Modified Files:
src [pgoyette-compat]: build.sh
src/bin/ed [pgoyette-compat]: ed.1 main.c
src/crypto/dist/ipsec-tools/src/racoon [pgoyette-compat]:
crypto_openssl.c debugrm.c debugrm.h
src/crypto/external/bsd/heimdal/dist/kcm [pgoyette-compat]: cache.c
glue.c
src/crypto/external/bsd/netpgp/dist/include [pgoyette-compat]: netpgp.h
src/crypto/external/bsd/netpgp/dist/src/lib [pgoyette-compat]:
libnetpgp.3
src/crypto/external/bsd/netpgp/dist/src/libbn [pgoyette-compat]:
libnetpgpbn.3
src/crypto/external/bsd/netpgp/dist/src/libmj [pgoyette-compat]:
libmj.3
src/crypto/external/bsd/netpgp/dist/src/netpgpverify [pgoyette-compat]:
netpgpverify.1
src/crypto/external/bsd/openssh [pgoyette-compat]: Makefile.inc
src/crypto/external/bsd/openssh/bin/ssh [pgoyette-compat]: Makefile
src/crypto/external/bsd/openssh/dist [pgoyette-compat]: PROTOCOL
PROTOCOL.certkeys auth-options.c auth-options.h auth-pam.c
auth-pam.h auth-passwd.c auth.c auth.h auth2-hostbased.c
auth2-none.c auth2-passwd.c auth2-pubkey.c auth2.c authfd.c
authfd.h authfile.c bitmap.c bitmap.h blf.h chacha.h channels.c
cipher-aesctr.c cipher-aesctr.h cipher-chachapoly.h cipher-ctr-mt.c
cipher.c cleanup.c clientloop.c clientloop.h compat.c compat.h
crypto_api.h dh.c digest.h dns.c dns.h fe25519.h fmt_scaled.c
ge25519.h hash.c hmac.h includes.h kex.c kexc25519c.c kexdhc.c
kexdhs.c kexecdhc.c kexecdhs.c kexgexc.c kexgexs.c key.c key.h
krl.c krl.h misc.c misc.h moduli.c monitor.c monitor_wrap.c
monitor_wrap.h opacket.c opacket.h packet.c packet.h pathnames.h
pfilter.c pfilter.h poly1305.h readconf.c readconf.h
readpassphrase.c rijndael.c rijndael.h sandbox-pledge.c sc25519.h
scp.1 scp.c servconf.c servconf.h serverloop.c session.c
sftp-client.c sftp.1 sftp.c ssh-add.c ssh-agent.c ssh-dss.c
ssh-ecdsa.c ssh-keygen.1 ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c
ssh-keysign.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c
ssh-rsa.c ssh-sandbox.h ssh.1 ssh.c ssh_config.5 sshbuf.h
sshconnect.c sshconnect.h sshconnect2.c sshd.8 sshd.c sshd_config
sshd_config.5 ssherr.h sshkey.c sshkey.h ttymodes.c umac.c
umac128.c utf8.h version.h
src/crypto/external/bsd/openssh/dist/moduli-gen [pgoyette-compat]:
moduli.2048 moduli.3072 moduli.4096 moduli.6144 moduli.7680
moduli.8192
src/crypto/external/bsd/openssh/lib [pgoyette-compat]: Makefile
shlib_version
src/crypto/external/bsd/openssl [pgoyette-compat]: mkpc
src/crypto/external/bsd/openssl.old [pgoyette-compat]: mkpc
src/crypto/external/bsd/openssl/dist [pgoyette-compat]: .travis.yml
CHANGES Configure LICENSE NEWS README config.com
src/crypto/external/bsd/openssl/dist/Configurations [pgoyette-compat]:
10-main.conf README common.tmpl descrip.mms.tmpl unix-Makefile.tmpl
windows-makefile.tmpl
src/crypto/external/bsd/openssl/dist/apps [pgoyette-compat]: CA.pl.in
app_rand.c apps.c apps.h ca.c ciphers.c cms.c dhparam.c dsa.c
dsaparam.c ecparam.c enc.c errstr.c genrsa.c ocsp.c openssl.c opt.c
passwd.c pkcs12.c pkcs8.c pkeyutl.c prime.c progs.pl rand.c req.c
s_client.c s_server.c s_socket.c s_time.c speed.c srp.c version.c
vms_term_sock.c x509.c
src/crypto/external/bsd/openssl/dist/crypto [pgoyette-compat]:
cryptlib.c init.c mem.c mem_dbg.c mem_sec.c pariscid.pl
src/crypto/external/bsd/openssl/dist/crypto/aes/asm [pgoyette-compat]:
aes-armv4.pl bsaes-armv7.pl
src/crypto/external/bsd/openssl/dist/crypto/asn1 [pgoyette-compat]:
a_i2d_fp.c a_mbstr.c a_object.c a_strex.c ameth_lib.c asn1_err.c
asn1_par.c asn_mime.c bio_asn1.c tasn_dec.c tasn_prn.c
src/crypto/external/bsd/openssl/dist/crypto/async [pgoyette-compat]:
async.c async_wait.c
src/crypto/external/bsd/openssl/dist/crypto/async/arch 
[pgoyette-compat]:
async_posix.h
src/crypto/external/bsd/openssl/dist/crypto/bio [pgoyette-compat]:
b_addr.c b_dump.c b_print.c b_sock2.c bf_buff.c bf_lbuf.c bf_nbio.c
bf_null.c bio_cb.c bio_err.c bio_lib.c bio_meth.c bss_acpt.c
bss_conn.c bss_dgram.c bss_fd.c bss_file.c bss_log.c bss_mem.c
bss_null.c bss_sock.c
src/crypto/external/bsd/openssl/dist/crypto/bn [pgoyette-compat]:
bn_add.c bn_exp.c bn_lib.c bn_mont.c bn_print.c
src/crypto/external/bsd/openssl/dist/crypto/bn/asm 

CVS commit: src/crypto/external/bsd/openssh/dist

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Sat Apr  7 00:36:55 UTC 2018

Modified Files:
src/crypto/external/bsd/openssh/dist: readconf.c scp.c

Log Message:
fix unconst


To generate a diff of this commit:
cvs rdiff -u -r1.23 -r1.24 src/crypto/external/bsd/openssh/dist/readconf.c
cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssh/dist/scp.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/readconf.c
diff -u src/crypto/external/bsd/openssh/dist/readconf.c:1.23 src/crypto/external/bsd/openssh/dist/readconf.c:1.24
--- src/crypto/external/bsd/openssh/dist/readconf.c:1.23	Fri Apr  6 14:59:00 2018
+++ src/crypto/external/bsd/openssh/dist/readconf.c	Fri Apr  6 20:36:55 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: readconf.c,v 1.23 2018/04/06 18:59:00 christos Exp $	*/
+/*	$NetBSD: readconf.c,v 1.24 2018/04/07 00:36:55 christos Exp $	*/
 /* $OpenBSD: readconf.c,v 1.283 2018/02/23 15:58:37 markus Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -14,7 +14,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: readconf.c,v 1.23 2018/04/06 18:59:00 christos Exp $");
+__RCSID("$NetBSD: readconf.c,v 1.24 2018/04/07 00:36:55 christos Exp $");
 #include 
 #include 
 #include 
@@ -2440,7 +2440,7 @@ parse_jump(const char *s, Options *o, in
 int
 parse_ssh_uri(const char *uri, char **userp, char **hostp, int *portp)
 {
-	char *path;
+	const char *path;
 	int r;
 
 	r = parse_uri("ssh", uri, userp, hostp, portp, );

Index: src/crypto/external/bsd/openssh/dist/scp.c
diff -u src/crypto/external/bsd/openssh/dist/scp.c:1.18 src/crypto/external/bsd/openssh/dist/scp.c:1.19
--- src/crypto/external/bsd/openssh/dist/scp.c:1.18	Fri Apr  6 14:59:00 2018
+++ src/crypto/external/bsd/openssh/dist/scp.c	Fri Apr  6 20:36:55 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: scp.c,v 1.18 2018/04/06 18:59:00 christos Exp $	*/
+/*	$NetBSD: scp.c,v 1.19 2018/04/07 00:36:55 christos Exp $	*/
 /* $OpenBSD: scp.c,v 1.195 2018/02/10 06:15:12 djm Exp $ */
 /*
  * scp - secure remote copy.  This is basically patched BSD rcp which
@@ -73,7 +73,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: scp.c,v 1.18 2018/04/06 18:59:00 christos Exp $");
+__RCSID("$NetBSD: scp.c,v 1.19 2018/04/07 00:36:55 christos Exp $");
 
 #include 	/* roundup MAX */
 #include 
@@ -600,7 +600,7 @@ do_times(int fd, int verb, const struct 
 
 static int
 parse_scp_uri(const char *uri, char **userp, char **hostp, int *portp,
- char **pathp)
+ const char **pathp)
 {
 	int r;
 
@@ -613,8 +613,10 @@ parse_scp_uri(const char *uri, char **us
 void
 toremote(int argc, char **argv)
 {
-	char *suser = NULL, *host = NULL, *src = NULL;
-	char *bp, *tuser, *thost, *targ;
+	char *suser = NULL, *host = NULL;
+	const char *src = NULL;
+	char *bp, *tuser, *thost;
+	const char *targ;
 	int sport = -1, tport = -1;
 	arglist alist;
 	int i, r;
@@ -647,7 +649,7 @@ toremote(int argc, char **argv)
 	for (i = 0; i < argc - 1; i++) {
 		free(suser);
 		free(host);
-		free(src);
+		free(__UNCONST(src));
 		r = parse_scp_uri(argv[i], , , , );
 		if (r == -1) {
 			fmprintf(stderr, "%s: invalid uri\n", argv[i]);
@@ -725,16 +727,17 @@ toremote(int argc, char **argv)
 out:
 	free(tuser);
 	free(thost);
-	free(targ);
+	free(__UNCONST(targ));
 	free(suser);
 	free(host);
-	free(src);
+	free(__UNCONST(src));
 }
 
 static void
 tolocal(int argc, char **argv)
 {
-	char *bp, *host = NULL, *src = NULL, *suser = NULL;
+	char *bp, *host = NULL, *suser = NULL;
+	const char *src = NULL;
 	arglist alist;
 	int i, r, sport = -1;
 
@@ -744,7 +747,7 @@ tolocal(int argc, char **argv)
 	for (i = 0; i < argc - 1; i++) {
 		free(suser);
 		free(host);
-		free(src);
+		free(__UNCONST(src));
 		r = parse_scp_uri(argv[i], , , , );
 		if (r == -1) {
 			fmprintf(stderr, "%s: invalid uri\n", argv[i]);
@@ -786,7 +789,7 @@ tolocal(int argc, char **argv)
 	}
 	free(suser);
 	free(host);
-	free(src);
+	free(__UNCONST(src));
 }
 
 void

CVS commit: src/etc/rc.d

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Sat Apr  7 00:41:16 UTC 2018

Modified Files:
src/etc/rc.d: sshd

Log Message:
support xmss keys


To generate a diff of this commit:
cvs rdiff -u -r1.25 -r1.26 src/etc/rc.d/sshd

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/etc/rc.d/sshd
diff -u src/etc/rc.d/sshd:1.25 src/etc/rc.d/sshd:1.26
--- src/etc/rc.d/sshd:1.25	Mon Dec  4 09:50:33 2017
+++ src/etc/rc.d/sshd	Fri Apr  6 20:41:16 2018
@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# $NetBSD: sshd,v 1.25 2017/12/04 14:50:33 kre Exp $
+# $NetBSD: sshd,v 1.26 2018/04/07 00:41:16 christos Exp $
 #
 
 # PROVIDE: sshd
@@ -39,6 +39,7 @@ dsa	1024	ssh_host_dsa_key	2	DSA
 ecdsa	521	ssh_host_ecdsa_key	1	ECDSA
 ed25519	-1	ssh_host_ed25519_key	1	ED25519
 rsa	0	ssh_host_rsa_key	2	RSA
+xmss	0	ssh_host_xmss_key	1	XMSS
 _EOF
 )
 }

CVS commit: src/doc

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Sat Apr  7 00:22:27 UTC 2018

Modified Files:
src/doc: 3RDPARTY CHANGES

Log Message:
new ntp


To generate a diff of this commit:
cvs rdiff -u -r1.1511 -r1.1512 src/doc/3RDPARTY
cvs rdiff -u -r1.2372 -r1.2373 src/doc/CHANGES

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/doc/3RDPARTY
diff -u src/doc/3RDPARTY:1.1511 src/doc/3RDPARTY:1.1512
--- src/doc/3RDPARTY:1.1511	Fri Apr  6 19:08:23 2018
+++ src/doc/3RDPARTY	Fri Apr  6 20:22:27 2018
@@ -1,4 +1,4 @@
-#	$NetBSD: 3RDPARTY,v 1.1511 2018/04/06 23:08:23 christos Exp $
+#	$NetBSD: 3RDPARTY,v 1.1512 2018/04/07 00:22:27 christos Exp $
 #
 # This file contains a list of the software that has been integrated into
 # NetBSD where we are not the primary maintainer.
@@ -955,8 +955,8 @@ and ndbootd-raw.c.  Restore saved config
 HAVE_STRICT_ALIGNMENT.  Fix RCS IDs, import.
 
 Package:	ntp
-Version:	4.2.8p10
-Current Vers:	4.2.8p10
+Version:	4.2.8p11
+Current Vers:	4.2.8p11
 Maintainer:	David L. Mills <mi...@udel.edu>
 Archive Site:	http://www.ntp.org/
 Home Page:	http://www.ntp.org/, http://support.ntp.org/

Index: src/doc/CHANGES
diff -u src/doc/CHANGES:1.2372 src/doc/CHANGES:1.2373
--- src/doc/CHANGES:1.2372	Fri Apr  6 19:08:23 2018
+++ src/doc/CHANGES	Fri Apr  6 20:22:27 2018
@@ -1,4 +1,4 @@
-# LIST OF CHANGES FROM LAST RELEASE:			<$Revision: 1.2372 $>
+# LIST OF CHANGES FROM LAST RELEASE:			<$Revision: 1.2373 $>
 #
 #
 # [Note: This file does not mention every change made to the NetBSD source tree.
@@ -135,3 +135,4 @@ Changes from NetBSD 8.0 to NetBSD 9.0:
 	dhcpcd: Import 7.0.3. [roy 20180406]
 	OpenSSH: Imported 7.7. [christos 20180406]
 	OpenSSL: Imported 1.1.0h. [christos 20180406]
+	ntp: Import ntp 4.2.8p10. [christos 20180406]

CVS commit: src/crypto/external/bsd/openssh/dist

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Sat Apr  7 00:26:12 UTC 2018

Modified Files:
src/crypto/external/bsd/openssh/dist: auth-passwd.c

Log Message:
restore default xx salt.


To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/auth-passwd.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/auth-passwd.c
diff -u src/crypto/external/bsd/openssh/dist/auth-passwd.c:1.8 src/crypto/external/bsd/openssh/dist/auth-passwd.c:1.9
--- src/crypto/external/bsd/openssh/dist/auth-passwd.c:1.8	Fri Apr  6 14:58:59 2018
+++ src/crypto/external/bsd/openssh/dist/auth-passwd.c	Fri Apr  6 20:26:12 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: auth-passwd.c,v 1.8 2018/04/06 18:58:59 christos Exp $	*/
+/*	$NetBSD: auth-passwd.c,v 1.9 2018/04/07 00:26:12 christos Exp $	*/
 /* $OpenBSD: auth-passwd.c,v 1.46 2018/03/03 03:15:51 djm Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -38,7 +38,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: auth-passwd.c,v 1.8 2018/04/06 18:58:59 christos Exp $");
+__RCSID("$NetBSD: auth-passwd.c,v 1.9 2018/04/07 00:26:12 christos Exp $");
 #include 
 
 #include 
@@ -189,7 +189,7 @@ sys_auth_passwd(struct ssh *ssh, const c
 	 */
 	if (authctxt->valid && pw_password[0] && pw_password[1])
 		salt = pw_password;
-	encrypted_password = xcrypt(password, salt);
+	encrypted_password = xcrypt(password, salt ? salt : "xx");
 
 	/*
 	 * Authentication is accepted if the encrypted passwords

CVS import: src/external/bsd/ntp/dist

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Sat Apr  7 00:16:21 UTC 2018

Update of /cvsroot/src/external/bsd/ntp/dist
In directory ivanova.netbsd.org:/tmp/cvs-serv9272

Log Message:
---

* [Sec 3454] Unauthenticated packet can reset authenticated interleave
  associations.  HStenn.
* [Sec 3453] Interleaved symmetric mode cannot recover from bad state.  HStenn.
* [Sec 3415] Permit blocking authenticated symmetric/passive associations.
  Implement ippeerlimit.  HStenn, JPerlinger.
* [Sec 3414] ntpq: decodearr() can write beyond its 'buf' limits
  - initial patch by , extended by 
* [Sec 3412] ctl_getitem(): Don't compare names past NUL. 
* [Sec 3012] Sybil vulnerability: noepeer support.  HStenn, JPerlinger.
* [Bug 3457] OpenSSL FIPS mode regression 
* [Bug 3455] ntpd doesn't use scope id when binding multicast 

 - applied patch by Sean Haugh 
* [Bug 3452] PARSE driver prints uninitialized memory. 
* [Bug 3450] Dubious error messages from plausibility checks in get_systime()
 - removed error log caused by rounding/slew, ensured postcondition 

* [Bug 3447] AES-128-CMAC (fixes) 
  - refactoring the MAC code, too
* [Bug 3441] Validate the assumption that AF_UNSPEC is 0.  st...@ntp.org
* [Bug 3439] When running multiple commands / hosts in ntpq... 

 - applied patch by ggarvey
* [Bug 3438] Negative values and values > 999 days in... 
 - applied patch by ggarvey (with minor mods)
* [Bug 3437] ntpd tries to open socket with AF_UNSPEC domain
 - applied patch (with mods) by Miroslav Lichvar 
* [Bug 3435] anchor NTP era alignment 
* [Bug 3433] sntp crashes when run with -a.  
* [Bug 3430] ntpq dumps core (SIGSEGV) for "keytype md2"
  - fixed several issues with hash algos in ntpd, sntp, ntpq,
ntpdc and the test suites 
* [Bug 3424] Trimble Thunderbolt 1024 week millenium bug 
  - initial patch by Daniel Pouzzner
* [Bug 3423] QNX adjtime() implementation error checking is
  wrong 
* [Bug 3417] ntpq ifstats packet counters can be negative
  made IFSTATS counter quantities unsigned 
* [Bug 3411] problem about SIGN(6) packet handling for ntp-4.2.8p10
  - raised receive buffer size to 1200 
* [Bug 3408] refclock_jjy.c: Avoid a wrong report of the coverity static
  analysis tool. 
* [Bug 3405] update-leap.in: general cleanup, HTTPS support.  Paul McMath.
* [Bug 3404] Fix openSSL DLL usage under Windows 
  - fix/drop assumptions on OpenSSL libs directory layout
* [Bug 3399] NTP: linker error in 4.2.8p10 during Linux cross-compilation
  - initial patch by timefl...@mail2tor.com  
* [Bug 3398] tests fail with core dump 
  - patch contributed by Alexander Bluhm
* [Bug 3397] ctl_putstr() asserts that data fits in its buffer
  rework of formatting & data transfer stuff in 'ntp_control.c'
  avoids unecessary buffers and size limitations. 
* [Bug 3394] Leap second deletion does not work on ntpd clients
  - fixed handling of dynamic deletion w/o leap file 
* [Bug 3391] ntpd segfaults on startup due to small warmup thread stack size
  - increased mimimum stack size to 32kB 
* [Bug 3367] Faulty LinuxPPS NMEA clock support in 4.2.8 
  - reverted handling of PPS kernel consumer to 4.2.6 behavior
* [Bug 3365] Updates driver40(-ja).html and miscopt.html 
* [Bug 3358] Spurious KoD log messages in .INIT. phase.  HStenn.
* [Bug 3016] wrong error position reported for bad ":config pool"
  - fixed location counter & ntpq output 
* [Bug 2900] libntp build order problem.  HStenn.
* [Bug 2878] Tests are cluttering up syslog 
* [Bug 2737] Wrong phone number listed for USNO. ntp-b...@bodosom.net,
  perlin...@ntp.org
* [Bug 2557] Fix Thunderbolt init. ntp-b...@bodosom.net, perlinger@ntp.
* [Bug 948] Trustedkey config directive leaks memory. 
* Use strlcpy() to copy strings, not memcpy().  HStenn.
* Typos.  HStenn.
* test_ntp_scanner_LDADD needs ntpd/ntp_io.o.  HStenn.
* refclock_jjy.c: Add missing "%s" to an msyslog() call.  HStenn.
* Build ntpq and libntpq.a with NTP_HARD_*FLAGS.  perlin...@ntp.org
* Fix trivial warnings from 'make check'. perlin...@ntp.org
* Fix bug in the override portion of the compiler hardening macro. HStenn.
* record_raw_stats(): Log entire packet.  Log writes.  HStenn.
* AES-128-CMAC support.  BInglis, HStenn, JPerlinger.
* sntp: tweak key file logging.  HStenn.
* sntp: pkt_output(): Improve debug output.  HStenn.
* update-leap: updates from Paul McMath.
* When using pkg-config, report --modversion.  HStenn.
* Clean up libevent configure checks.  HStenn.
* 

CVS commit: src/doc

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Fri Apr  6 23:08:23 UTC 2018

Modified Files:
src/doc: 3RDPARTY CHANGES

Log Message:
mention openssl


To generate a diff of this commit:
cvs rdiff -u -r1.1510 -r1.1511 src/doc/3RDPARTY
cvs rdiff -u -r1.2371 -r1.2372 src/doc/CHANGES

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/doc/3RDPARTY
diff -u src/doc/3RDPARTY:1.1510 src/doc/3RDPARTY:1.1511
--- src/doc/3RDPARTY:1.1510	Fri Apr  6 15:01:30 2018
+++ src/doc/3RDPARTY	Fri Apr  6 19:08:23 2018
@@ -1,4 +1,4 @@
-#	$NetBSD: 3RDPARTY,v 1.1510 2018/04/06 19:01:30 christos Exp $
+#	$NetBSD: 3RDPARTY,v 1.1511 2018/04/06 23:08:23 christos Exp $
 #
 # This file contains a list of the software that has been integrated into
 # NetBSD where we are not the primary maintainer.
@@ -1071,8 +1071,8 @@ markus is very cooperative about it):
 - make compile with gcc-4.5; const fixes, fileno() checks, shadow fixes.
 
 Package:	OpenSSL
-Version:	1.0.2k
-Current Vers:	1.0.2k/1.1.0d
+Version:	1.0.2o/1.1.0h
+Current Vers:	1.0.2k/1.1.0h
 Maintainer:	The OpenSSL Project
 Archive Site:	ftp://ftp.openssl.org/source/
 Home Page:	http://www.openssl.org/

Index: src/doc/CHANGES
diff -u src/doc/CHANGES:1.2371 src/doc/CHANGES:1.2372
--- src/doc/CHANGES:1.2371	Fri Apr  6 15:01:30 2018
+++ src/doc/CHANGES	Fri Apr  6 19:08:23 2018
@@ -1,4 +1,4 @@
-# LIST OF CHANGES FROM LAST RELEASE:			<$Revision: 1.2371 $>
+# LIST OF CHANGES FROM LAST RELEASE:			<$Revision: 1.2372 $>
 #
 #
 # [Note: This file does not mention every change made to the NetBSD source tree.
@@ -134,3 +134,4 @@ Changes from NetBSD 8.0 to NetBSD 9.0:
 	aarch64: Add initial support for aarch64. [ryo 20180401]
 	dhcpcd: Import 7.0.3. [roy 20180406]
 	OpenSSH: Imported 7.7. [christos 20180406]
+	OpenSSL: Imported 1.1.0h. [christos 20180406]

CVS commit: src/sys/dev/pci

[Michael Lorenz]

Module Name:src
Committed By:   macallan
Date:   Fri Apr  6 22:11:52 UTC 2018

Modified Files:
src/sys/dev/pci: if_rtwn.c

Log Message:
in rtwn_attach(): return; before unconditionally running into fail:


To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 src/sys/dev/pci/if_rtwn.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/dev/pci/if_rtwn.c
diff -u src/sys/dev/pci/if_rtwn.c:1.14 src/sys/dev/pci/if_rtwn.c:1.15
--- src/sys/dev/pci/if_rtwn.c:1.14	Thu Feb  8 09:05:19 2018
+++ src/sys/dev/pci/if_rtwn.c	Fri Apr  6 22:11:51 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: if_rtwn.c,v 1.14 2018/02/08 09:05:19 dholland Exp $	*/
+/*	$NetBSD: if_rtwn.c,v 1.15 2018/04/06 22:11:51 macallan Exp $	*/
 /*	$OpenBSD: if_rtwn.c,v 1.5 2015/06/14 08:02:47 stsp Exp $	*/
 #define	IEEE80211_NO_HT
 /*-
@@ -23,7 +23,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: if_rtwn.c,v 1.14 2018/02/08 09:05:19 dholland Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_rtwn.c,v 1.15 2018/04/06 22:11:51 macallan Exp $");
 
 #include 
 #include 
@@ -396,6 +396,8 @@ rtwn_attach(device_t parent, device_t se
 	if (!pmf_device_register(self, NULL, NULL))
 		aprint_error_dev(self, "couldn't establish power handler\n");
 
+	return;
+
 fail:
 	rtwn_detach(self, 0);
 }

CVS commit: src/crypto/external/bsd/heimdal/dist/kcm

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Fri Apr  6 19:57:03 UTC 2018

Modified Files:
src/crypto/external/bsd/heimdal/dist/kcm: glue.c

Log Message:
- use c99 initializers
- add kdc offset functions


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/heimdal/dist/kcm/glue.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/heimdal/dist/kcm/glue.c
diff -u src/crypto/external/bsd/heimdal/dist/kcm/glue.c:1.2 src/crypto/external/bsd/heimdal/dist/kcm/glue.c:1.3
--- src/crypto/external/bsd/heimdal/dist/kcm/glue.c:1.2	Sat Jan 28 16:31:44 2017
+++ src/crypto/external/bsd/heimdal/dist/kcm/glue.c	Fri Apr  6 15:57:03 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: glue.c,v 1.2 2017/01/28 21:31:44 christos Exp $	*/
+/*	$NetBSD: glue.c,v 1.3 2018/04/06 19:57:03 christos Exp $	*/
 
 /*
  * Copyright (c) 2005, PADL Software Pty Ltd.
@@ -34,7 +34,7 @@
 
 #include "kcm_locl.h"
 
-__RCSID("$NetBSD: glue.c,v 1.2 2017/01/28 21:31:44 christos Exp $");
+__RCSID("$NetBSD: glue.c,v 1.3 2018/04/06 19:57:03 christos Exp $");
 
 /*
  * Server-side loopback glue for credentials cache operations; this
@@ -248,33 +248,60 @@ kcmss_get_version(krb5_context context,
 return 0;
 }
 
+static krb5_error_code
+kcmss_get_kdc_sec_offset(krb5_context context,
+			 krb5_ccache id,
+			 krb5_deltat *t)
+{
+kcm_ccache c = KCMCACHE(id);
+
+KCM_ASSERT_VALID(c);
+
+*t = c->kdc_offset;
+
+return 0;
+}
+
+static krb5_error_code
+kcmss_set_kdc_sec_offset(krb5_context context,
+			 krb5_ccache id, krb5_deltat t)
+{
+kcm_ccache c = KCMCACHE(id);
+
+KCM_ASSERT_VALID(c);
+
+c->kdc_offset = t;
+
+return 0;
+}
+
 static const krb5_cc_ops krb5_kcmss_ops = {
-KRB5_CC_OPS_VERSION,
-"KCM",
-kcmss_get_name,
-kcmss_resolve,
-kcmss_gen_new,
-kcmss_initialize,
-kcmss_destroy,
-kcmss_close,
-kcmss_store_cred,
-kcmss_retrieve,
-kcmss_get_principal,
-kcmss_get_first,
-kcmss_get_next,
-kcmss_end_get,
-kcmss_remove_cred,
-kcmss_set_flags,
-kcmss_get_version,
-NULL,
-NULL,
-NULL,
-NULL,
-NULL,
-NULL,
-NULL,
-NULL,
-NULL,
+.version =		KRB5_CC_OPS_VERSION,
+.prefix =		"KCM",
+.get_name =		kcmss_get_name,
+.resolve =		kcmss_resolve,
+.gen_new =		kcmss_gen_new,
+.init =		kcmss_initialize,
+.destroy =		kcmss_destroy,
+.close =		kcmss_close,
+.store =		kcmss_store_cred,
+.retrieve =		kcmss_retrieve,
+.get_princ =	kcmss_get_principal,
+.get_first =	kcmss_get_first,
+.get_next =		kcmss_get_next,
+.end_get =		kcmss_end_get,
+.remove_cred =	kcmss_remove_cred,
+.set_flags =	kcmss_set_flags,
+.get_version =	kcmss_get_version,
+.get_cache_first =	NULL,
+.get_cache_next =	NULL,
+.end_cache_get =	NULL,
+.move =		NULL,
+.get_default_name =	NULL,
+.set_default =	NULL,
+.lastchange =	NULL,
+.set_kdc_offset =	kcmss_set_kdc_sec_offset,
+.get_kdc_offset =	kcmss_get_kdc_sec_offset,
 };
 
 krb5_error_code

CVS commit: src/crypto/external/bsd/heimdal/dist/kcm

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Fri Apr  6 19:56:43 UTC 2018

Modified Files:
src/crypto/external/bsd/heimdal/dist/kcm: cache.c

Log Message:
don't forget to initialize the kdc_offset (it was random before)


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/dist/kcm/cache.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/heimdal/dist/kcm/cache.c
diff -u src/crypto/external/bsd/heimdal/dist/kcm/cache.c:1.3 src/crypto/external/bsd/heimdal/dist/kcm/cache.c:1.4
--- src/crypto/external/bsd/heimdal/dist/kcm/cache.c:1.3	Sat Jan 28 16:31:44 2017
+++ src/crypto/external/bsd/heimdal/dist/kcm/cache.c	Fri Apr  6 15:56:43 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: cache.c,v 1.3 2017/01/28 21:31:44 christos Exp $	*/
+/*	$NetBSD: cache.c,v 1.4 2018/04/06 19:56:43 christos Exp $	*/
 
 /*
  * Copyright (c) 2005, PADL Software Pty Ltd.
@@ -324,6 +324,7 @@ kcm_ccache_alloc(krb5_context context,
 slot->key.keytab = NULL;
 slot->tkt_life = 0;
 slot->renew_life = 0;
+slot->kdc_offset = 0;
 
 if (new_slot)
 	ccache_head = slot;

CVS commit: src/distrib/sets/lists

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Fri Apr  6 19:00:08 UTC 2018

Modified Files:
src/distrib/sets/lists/base: shl.mi
src/distrib/sets/lists/debug: shl.mi

Log Message:
new openssh


To generate a diff of this commit:
cvs rdiff -u -r1.832 -r1.833 src/distrib/sets/lists/base/shl.mi
cvs rdiff -u -r1.193 -r1.194 src/distrib/sets/lists/debug/shl.mi

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/distrib/sets/lists/base/shl.mi
diff -u src/distrib/sets/lists/base/shl.mi:1.832 src/distrib/sets/lists/base/shl.mi:1.833
--- src/distrib/sets/lists/base/shl.mi:1.832	Tue Feb 13 05:02:12 2018
+++ src/distrib/sets/lists/base/shl.mi	Fri Apr  6 15:00:08 2018
@@ -1,4 +1,4 @@
-# $NetBSD: shl.mi,v 1.832 2018/02/13 10:02:12 mrg Exp $
+# $NetBSD: shl.mi,v 1.833 2018/04/06 19:00:08 christos Exp $
 #
 # Note:	Don't delete entries from here - mark them as "obsolete" instead,
 #	unless otherwise stated below.
@@ -803,8 +803,8 @@
 ./usr/lib/libsqlite3.so.1.3			base-sys-shlib		compatfile
 ./usr/lib/libss.sobase-obsolete		obsolete
 ./usr/lib/libssh.sobase-secsh-shlib	compatfile
-./usr/lib/libssh.so.31base-secsh-shlib	compatfile
-./usr/lib/libssh.so.31.0			base-secsh-shlib	compatfile
+./usr/lib/libssh.so.32base-secsh-shlib	compatfile
+./usr/lib/libssh.so.32.0			base-secsh-shlib	compatfile
 ./usr/lib/libssl.sobase-crypto-shlib	compatfile
 ./usr/lib/libssl.so.12base-crypto-shlib	compatfile,openssl=10
 ./usr/lib/libssl.so.12.0			base-crypto-shlib	compatfile,openssl=10

Index: src/distrib/sets/lists/debug/shl.mi
diff -u src/distrib/sets/lists/debug/shl.mi:1.193 src/distrib/sets/lists/debug/shl.mi:1.194
--- src/distrib/sets/lists/debug/shl.mi:1.193	Tue Feb 13 05:02:12 2018
+++ src/distrib/sets/lists/debug/shl.mi	Fri Apr  6 15:00:08 2018
@@ -1,4 +1,4 @@
-# $NetBSD: shl.mi,v 1.193 2018/02/13 10:02:12 mrg Exp $
+# $NetBSD: shl.mi,v 1.194 2018/04/06 19:00:08 christos Exp $
 ./usr/lib/libbfd_g.a		comp-c-debuglib	debuglib,compatfile,binutils
 ./usr/libdata/debug/lib		base-sys-usr	debug,dynamicroot,compatdir
 ./usr/libdata/debug/lib/libblacklist.so.0.0.debug		comp-sys-debug	debug,dynamicroot
@@ -271,7 +271,7 @@
 ./usr/libdata/debug/usr/lib/libskey.so.2.0.debug		comp-sys-debug	debug,compatfile,skey
 ./usr/libdata/debug/usr/lib/libsl.so.6.0.debug			comp-krb5-debug	debug,compatfile,kerberos
 ./usr/libdata/debug/usr/lib/libsqlite3.so.1.3.debug		comp-sys-debug	debug,compatfile
-./usr/libdata/debug/usr/lib/libssh.so.31.0.debug		comp-secsh-debug	debug,compatfile
+./usr/libdata/debug/usr/lib/libssh.so.32.0.debug		comp-secsh-debug	debug,compatfile
 ./usr/libdata/debug/usr/lib/libssl.so.12.0.debug		comp-crypto-debug	debug,compatfile,openssl=10
 ./usr/libdata/debug/usr/lib/libssl.so.13.0.debug		comp-crypto-debug	debug,compatfile,openssl=11
 ./usr/libdata/debug/usr/lib/libstdc++.so.8.0.debug		comp-sys-debug	debug,compatfile,gcc=5,cxx,libstdcxx

CVS commit: src/doc

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Fri Apr  6 19:01:30 UTC 2018

Modified Files:
src/doc: 3RDPARTY CHANGES

Log Message:
new openssh


To generate a diff of this commit:
cvs rdiff -u -r1.1509 -r1.1510 src/doc/3RDPARTY
cvs rdiff -u -r1.2370 -r1.2371 src/doc/CHANGES

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/doc/3RDPARTY
diff -u src/doc/3RDPARTY:1.1509 src/doc/3RDPARTY:1.1510
--- src/doc/3RDPARTY:1.1509	Fri Apr  6 06:48:44 2018
+++ src/doc/3RDPARTY	Fri Apr  6 15:01:30 2018
@@ -1,4 +1,4 @@
-#	$NetBSD: 3RDPARTY,v 1.1509 2018/04/06 10:48:44 roy Exp $
+#	$NetBSD: 3RDPARTY,v 1.1510 2018/04/06 19:01:30 christos Exp $
 #
 # This file contains a list of the software that has been integrated into
 # NetBSD where we are not the primary maintainer.
@@ -1030,7 +1030,7 @@ Notes:
 Patch applied after OpenSSH import.
 
 Package:	OpenSSH
-Version:	7.6
+Version:	7.7
 Current Vers:	7.7 / portable 7.7p1
 Maintainer:	OpenSSH
 Archive Site:	http://www.openssh.com/ftp.html

Index: src/doc/CHANGES
diff -u src/doc/CHANGES:1.2370 src/doc/CHANGES:1.2371
--- src/doc/CHANGES:1.2370	Fri Apr  6 06:48:44 2018
+++ src/doc/CHANGES	Fri Apr  6 15:01:30 2018
@@ -1,4 +1,4 @@
-# LIST OF CHANGES FROM LAST RELEASE:			<$Revision: 1.2370 $>
+# LIST OF CHANGES FROM LAST RELEASE:			<$Revision: 1.2371 $>
 #
 #
 # [Note: This file does not mention every change made to the NetBSD source tree.
@@ -133,3 +133,4 @@ Changes from NetBSD 8.0 to NetBSD 9.0:
 	dhcpcd: Import 7.0.2. [roy 20180327]
 	aarch64: Add initial support for aarch64. [ryo 20180401]
 	dhcpcd: Import 7.0.3. [roy 20180406]
+	OpenSSH: Imported 7.7. [christos 20180406]

CVS import: src/crypto/external/bsd/openssh/dist

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Fri Apr  6 18:56:14 UTC 2018

Update of /cvsroot/src/crypto/external/bsd/openssh/dist
In directory ivanova.netbsd.org:/tmp/cvs-serv6065

Log Message:
OpenSSH 7.7 was released on 2018-04-02. It is available from the
mirrors listed at http://www.openssh.com/ shortly.

OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.

Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
http://www.openssh.com/donations.html

Potentially-incompatible changes


This release includes a number of changes that may affect existing
configurations:

 * ssh(1)/sshd(8): Drop compatibility support for some very old SSH
   implementations, including ssh.com <=2.* and OpenSSH <= 3.*. These
   versions were all released in or before 2001 and predate the final
   SSH RFCs. The support in question isn't necessary for RFC-compliant
   SSH implementations.

Changes since OpenSSH 7.6
=

This is primarily a bugfix release.

New Features


 * All: Add experimental support for PQC XMSS keys (Extended Hash-
   Based Signatures) based on the algorithm described in
   https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12
   The XMSS signature code is experimental and not compiled in by
   default.

 * sshd(8): Add a "rdomain" criteria for the sshd_config Match keyword
   to allow conditional configuration that depends on which routing
   domain a connection was received on (currently supported on OpenBSD
   and Linux).

 * sshd_config(5): Add an optional rdomain qualifier to the
   ListenAddress directive to allow listening on different routing
   domains. This is supported only on OpenBSD and Linux at present.

 * sshd_config(5): Add RDomain directive to allow the authenticated
   session to be placed in an explicit routing domain. This is only
   supported on OpenBSD at present.

 * sshd(8): Add "expiry-time" option for authorized_keys files to
   allow for expiring keys.

 * ssh(1): Add a BindInterface option to allow binding the outgoing
   connection to an interface's address (basically a more usable
   BindAddress)

 * ssh(1): Expose device allocated for tun/tap forwarding via a new
   %T expansion for LocalCommand. This allows LocalCommand to be used
   to prepare the interface.

 * sshd(8): Expose the device allocated for tun/tap forwarding via a
   new SSH_TUNNEL environment variable. This allows automatic setup of
   the interface and surrounding network configuration automatically on
   the server.

 * ssh(1)/scp(1)/sftp(1): Add URI support to ssh, sftp and scp, e.g.
   ssh://user@host or sftp://user@host/path.  Additional connection
   parameters described in draft-ietf-secsh-scp-sftp-ssh-uri-04 are not
   implemented since the ssh fingerprint format in the draft uses the
   deprecated MD5 hash with no way to specify the any other algorithm.

 * ssh-keygen(1): Allow certificate validity intervals that specify
   only a start or stop time (instead of both or neither).

 * sftp(1): Allow "cd" and "lcd" commands with no explicit path
   argument. lcd will change to the local user's home directory as
   usual. cd will change to the starting directory for session (because
   the protocol offers no way to obtain the remote user's home
   directory). bz#2760

 * sshd(8): When doing a config test with sshd -T, only require the
   attributes that are actually used in Match criteria rather than (an
   incomplete list of) all criteria.

Bugfixes


 * ssh(1)/sshd(8): More strictly check signature types during key
   exchange against what was negotiated. Prevents downgrade of RSA
   signatures made with SHA-256/512 to SHA-1.

 * sshd(8): Fix support for client that advertise a protocol version
   of "1.99" (indicating that they are prepared to accept both SSHv1 and
   SSHv2). This was broken in OpenSSH 7.6 during the removal of SSHv1
   support. bz#2810

 * ssh(1): Warn when the agent returns a ssh-rsa (SHA1) signature when
   a rsa-sha2-256/512 signature was requested. This condition is possible
   when an old or non-OpenSSH agent is in use. bz#2799

 * ssh-agent(1): Fix regression introduced in 7.6 that caused ssh-agent
   to fatally exit if presented an invalid signature request message.

 * sshd_config(5): Accept yes/no flag options case-insensitively, as
   has been the case in ssh_config(5) for a long time. bz#2664

 * ssh(1): Improve error reporting for failures during connection.
   Under some circumstances misleading errors were being shown. bz#2814

 * ssh-keyscan(1): Add -D option to allow printing of results directly
   in SSHFP format. bz#2821

 * regress tests: fix PuTTY interop test broken in last release's SSHv1
   removal. 

CVS commit: src/sys/dev/acpi

[Maxime Villard]

Module Name:src
Committed By:   maxv
Date:   Fri Apr  6 17:30:25 UTC 2018

Modified Files:
src/sys/dev/acpi: acpi_mcfg.c

Log Message:
Change the iteration, to make sure the ACPI_MCFG_ALLOCATION structure we're
reading fits the table we allocated. Linux does the same.

I have a laptop which, for some reason, reports a table size of 62 bytes.
Clearly that's incorrect, it should be 60 (44 + 16). Because of the stray
+2, here the kernel reads past the end of the allocated buffer, hits an
unmapped VA, and panics at boot time. So the laptop can't boot.

Now it boots fine.


To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 src/sys/dev/acpi/acpi_mcfg.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/dev/acpi/acpi_mcfg.c
diff -u src/sys/dev/acpi/acpi_mcfg.c:1.5 src/sys/dev/acpi/acpi_mcfg.c:1.6
--- src/sys/dev/acpi/acpi_mcfg.c:1.5	Wed Feb 28 05:50:06 2018
+++ src/sys/dev/acpi/acpi_mcfg.c	Fri Apr  6 17:30:25 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: acpi_mcfg.c,v 1.5 2018/02/28 05:50:06 msaitoh Exp $	*/
+/*	$NetBSD: acpi_mcfg.c,v 1.6 2018/04/06 17:30:25 maxv Exp $	*/
 
 /*-
  * Copyright (C) 2015 NONAKA Kimihiro 
@@ -26,7 +26,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: acpi_mcfg.c,v 1.5 2018/02/28 05:50:06 msaitoh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: acpi_mcfg.c,v 1.6 2018/04/06 17:30:25 maxv Exp $");
 
 #include 
 #include 
@@ -287,7 +287,8 @@ acpimcfg_probe(struct acpi_softc *sc)
 	nsegs = 0;
 	offset = sizeof(ACPI_TABLE_MCFG);
 	ama = ACPI_ADD_PTR(ACPI_MCFG_ALLOCATION, mcfg, offset);
-	for (i = 0; offset < mcfg->Header.Length; i++) {
+	for (i = 0; offset + sizeof(ACPI_MCFG_ALLOCATION) <=
+	mcfg->Header.Length; i++) {
 		aprint_debug_dev(sc->sc_dev,
 		"MCFG: segment %d, bus %d-%d, address 0x%016" PRIx64 "\n",
 		ama->PciSegment, ama->StartBusNumber, ama->EndBusNumber,

CVS commit: src/lib/libc

[David A. Holland]

Module Name:src
Committed By:   dholland
Date:   Fri Apr  6 17:04:00 UTC 2018

Modified Files:
src/lib/libc: shlib_version

Log Message:
note to get rid of statfs() when bump time comes


To generate a diff of this commit:
cvs rdiff -u -r1.278 -r1.279 src/lib/libc/shlib_version

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/lib/libc/shlib_version
diff -u src/lib/libc/shlib_version:1.278 src/lib/libc/shlib_version:1.279
--- src/lib/libc/shlib_version:1.278	Wed Oct 25 06:32:59 2017
+++ src/lib/libc/shlib_version	Fri Apr  6 17:03:59 2018
@@ -1,4 +1,4 @@
-#	$NetBSD: shlib_version,v 1.278 2017/10/25 06:32:59 kre Exp $
+#	$NetBSD: shlib_version,v 1.279 2018/04/06 17:03:59 dholland Exp $
 #	Remember to update distrib/sets/lists/base/shl.* when changing
 #
 # things we wish to do on next major version bump:
@@ -51,5 +51,6 @@
 # - punt gethostid/sethostid(3) to libcompat or remove entirely
 # - clean-up initialisation order between crt0.o, rtld and libc.
 # - move environ and __ps_strings from crt0.o into libc.
+# - move statfs() to libcompat since we have statvfs()
 major=12
 minor=209

CVS commit: src/sys

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Fri Apr  6 16:03:16 UTC 2018

Modified Files:
src/sys/netinet: in.c
src/sys/netinet6: in6.c

Log Message:
Make GARP work again when DAD is disabled

The change avoids setting an IP address tentative on initializing it when the
IPv4 DAD is disabled (net.inet.ip.dad_count=0), which allows a GARP packet to be
sent (see arpannounce).  This is the same behavior of NetBSD 7, i.e., before
introducing the IPv4 DAD.

Additionally do the same change to IPv6 DAD for consistency.

The change is suggested by roy@


To generate a diff of this commit:
cvs rdiff -u -r1.226 -r1.227 src/sys/netinet/in.c
cvs rdiff -u -r1.264 -r1.265 src/sys/netinet6/in6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet/in.c
diff -u src/sys/netinet/in.c:1.226 src/sys/netinet/in.c:1.227
--- src/sys/netinet/in.c:1.226	Fri Apr  6 16:01:16 2018
+++ src/sys/netinet/in.c	Fri Apr  6 16:03:16 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: in.c,v 1.226 2018/04/06 16:01:16 ozaki-r Exp $	*/
+/*	$NetBSD: in.c,v 1.227 2018/04/06 16:03:16 ozaki-r Exp $	*/
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -91,7 +91,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: in.c,v 1.226 2018/04/06 16:01:16 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: in.c,v 1.227 2018/04/06 16:03:16 ozaki-r Exp $");
 
 #include "arp.h"
 
@@ -1150,7 +1150,7 @@ in_ifinit(struct ifnet *ifp, struct in_i
 	if (ifp->if_link_state == LINK_STATE_DOWN) {
 		ia->ia4_flags |= IN_IFF_DETACHED;
 		ia->ia4_flags &= ~IN_IFF_TENTATIVE;
-	} else if (hostIsNew && if_do_dad(ifp))
+	} else if (hostIsNew && if_do_dad(ifp) && ip_dad_count > 0)
 		ia->ia4_flags |= IN_IFF_TRYTENTATIVE;
 
 	/*

Index: src/sys/netinet6/in6.c
diff -u src/sys/netinet6/in6.c:1.264 src/sys/netinet6/in6.c:1.265
--- src/sys/netinet6/in6.c:1.264	Tue Mar  6 07:27:55 2018
+++ src/sys/netinet6/in6.c	Fri Apr  6 16:03:16 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: in6.c,v 1.264 2018/03/06 07:27:55 ozaki-r Exp $	*/
+/*	$NetBSD: in6.c,v 1.265 2018/04/06 16:03:16 ozaki-r Exp $	*/
 /*	$KAME: in6.c,v 1.198 2001/07/18 09:12:38 itojun Exp $	*/
 
 /*
@@ -62,7 +62,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: in6.c,v 1.264 2018/03/06 07:27:55 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: in6.c,v 1.265 2018/04/06 16:03:16 ozaki-r Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -1240,8 +1240,10 @@ in6_update_ifa1(struct ifnet *ifp, struc
 	if (ifp->if_link_state == LINK_STATE_DOWN) {
 		ia->ia6_flags |= IN6_IFF_DETACHED;
 		ia->ia6_flags &= ~IN6_IFF_TENTATIVE;
-	} else if ((hostIsNew || was_tentative) && if_do_dad(ifp))
+	} else if ((hostIsNew || was_tentative) && if_do_dad(ifp) &&
+	   ip6_dad_count > 0) {
 		ia->ia6_flags |= IN6_IFF_TENTATIVE;
+	}
 
 	/*
 	 * backward compatibility - if IN6_IFF_DEPRECATED is set from the

CVS commit: src/sys/netinet

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Fri Apr  6 16:01:16 UTC 2018

Modified Files:
src/sys/netinet: in.c

Log Message:
Revert the previous two commits as per roy@'s request

It broke the ip_dad_count > 0 case unexpectedly.


To generate a diff of this commit:
cvs rdiff -u -r1.225 -r1.226 src/sys/netinet/in.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet/in.c
diff -u src/sys/netinet/in.c:1.225 src/sys/netinet/in.c:1.226
--- src/sys/netinet/in.c:1.225	Fri Apr  6 09:20:29 2018
+++ src/sys/netinet/in.c	Fri Apr  6 16:01:16 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: in.c,v 1.225 2018/04/06 09:20:29 ozaki-r Exp $	*/
+/*	$NetBSD: in.c,v 1.226 2018/04/06 16:01:16 ozaki-r Exp $	*/
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -91,7 +91,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: in.c,v 1.225 2018/04/06 09:20:29 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: in.c,v 1.226 2018/04/06 16:01:16 ozaki-r Exp $");
 
 #include "arp.h"
 
@@ -1143,15 +1143,15 @@ in_ifinit(struct ifnet *ifp, struct in_i
 	 * We need to do this early because they maybe adjusted
 	 * by if_addr_init depending on the address.
 	 */
-	if (ia->ia4_flags & IN_IFF_DUPLICATED)
+	if (ia->ia4_flags & IN_IFF_DUPLICATED) {
+		ia->ia4_flags &= ~IN_IFF_DUPLICATED;
 		hostIsNew = 1;
-	ia->ia4_flags = 0;
-	if (ip_dad_count > 0) {
-		if (ifp->if_link_state == LINK_STATE_DOWN)
-			ia->ia4_flags |= IN_IFF_DETACHED;
-		else if (hostIsNew && if_do_dad(ifp))
-			ia->ia4_flags |= IN_IFF_TRYTENTATIVE;
 	}
+	if (ifp->if_link_state == LINK_STATE_DOWN) {
+		ia->ia4_flags |= IN_IFF_DETACHED;
+		ia->ia4_flags &= ~IN_IFF_TENTATIVE;
+	} else if (hostIsNew && if_do_dad(ifp))
+		ia->ia4_flags |= IN_IFF_TRYTENTATIVE;
 
 	/*
 	 * Give the interface a chance to initialize

CVS commit: src/crypto/external/bsd

[Ryo Shimizu]

Module Name:src
Committed By:   ryo
Date:   Fri Apr  6 15:47:08 UTC 2018

Modified Files:
src/crypto/external/bsd/openssl: mkpc
src/crypto/external/bsd/openssl.old: mkpc

Log Message:
when CPPFLAGS include a parameter that has any spaces (e.g. 
CPPFLAGS="-DBN_LLONG=\"long long\""),
$CPP $CPPFLAGS fails. (aarch64--netbsd-clang: error: no such file or directory: 
'long"')

advice to use "eval" by soda@. thanks.


To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssl/mkpc
cvs rdiff -u -r1.1.1.1 -r1.2 src/crypto/external/bsd/openssl.old/mkpc

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/mkpc
diff -u src/crypto/external/bsd/openssl/mkpc:1.5 src/crypto/external/bsd/openssl/mkpc:1.6
--- src/crypto/external/bsd/openssl/mkpc:1.5	Thu Feb  8 21:57:23 2018
+++ src/crypto/external/bsd/openssl/mkpc	Fri Apr  6 15:47:08 2018
@@ -1,9 +1,9 @@
 #!/bin/sh
-#	$NetBSD: mkpc,v 1.5 2018/02/08 21:57:23 christos Exp $
+#	$NetBSD: mkpc,v 1.6 2018/04/06 15:47:08 ryo Exp $
 
 getversion() {
 	(echo '#include "openssl/opensslv.h"'; echo OPENSSL_VERSION_TEXT) |
-	$CPP $CPPFLAGS -I$1 | grep OpenSSL | cut -d ' ' -f 2
+	eval "$CPP $CPPFLAGS" -I$1 | grep OpenSSL | cut -d ' ' -f 2
 }
 VERSION="$(getversion $1)"
 
@@ -32,7 +32,7 @@ openssl.pc)
 esac
 
 cat << EOF > "$2"
-# \$NetBSD: mkpc,v 1.5 2018/02/08 21:57:23 christos Exp $
+# \$NetBSD: mkpc,v 1.6 2018/04/06 15:47:08 ryo Exp $
 prefix=/usr
 exec_prefix=/usr
 libdir=/usr/lib

Index: src/crypto/external/bsd/openssl.old/mkpc
diff -u src/crypto/external/bsd/openssl.old/mkpc:1.1.1.1 src/crypto/external/bsd/openssl.old/mkpc:1.2
--- src/crypto/external/bsd/openssl.old/mkpc:1.1.1.1	Sat Feb  3 22:43:37 2018
+++ src/crypto/external/bsd/openssl.old/mkpc	Fri Apr  6 15:47:08 2018
@@ -1,9 +1,9 @@
 #!/bin/sh
-#	$NetBSD: mkpc,v 1.1.1.1 2018/02/03 22:43:37 christos Exp $
+#	$NetBSD: mkpc,v 1.2 2018/04/06 15:47:08 ryo Exp $
 
 getversion() {
 	(echo '#include "opensslv.h"'; echo OPENSSL_VERSION_TEXT) |
-	$CPP $CPPFLAGS -I$1 | grep OpenSSL | cut -d ' ' -f 2
+	eval "$CPP $CPPFLAGS" -I$1 | grep OpenSSL | cut -d ' ' -f 2
 }
 VERSION="$(getversion $1)"
 
@@ -32,7 +32,7 @@ openssl.pc)
 esac
 
 cat << EOF > "$2"
-# \$NetBSD: mkpc,v 1.1.1.1 2018/02/03 22:43:37 christos Exp $
+# \$NetBSD: mkpc,v 1.2 2018/04/06 15:47:08 ryo Exp $
 prefix=/usr
 exec_prefix=/usr
 libdir=/usr/lib

CVS commit: src/sys/net/npf

[Maxime Villard]

Module Name:src
Committed By:   maxv
Date:   Fri Apr  6 14:50:55 UTC 2018

Modified Files:
src/sys/net/npf: npf_inet.c

Log Message:
If we're trying to read the mss on a packet that for some reason has two
MAXSEG options, we find ourselves patching the second option with the
value of the first one.

Fix that by using a local variable.


To generate a diff of this commit:
cvs rdiff -u -r1.47 -r1.48 src/sys/net/npf/npf_inet.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/net/npf/npf_inet.c
diff -u src/sys/net/npf/npf_inet.c:1.47 src/sys/net/npf/npf_inet.c:1.48
--- src/sys/net/npf/npf_inet.c:1.47	Fri Mar 23 08:28:54 2018
+++ src/sys/net/npf/npf_inet.c	Fri Apr  6 14:50:55 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: npf_inet.c,v 1.47 2018/03/23 08:28:54 maxv Exp $	*/
+/*	$NetBSD: npf_inet.c,v 1.48 2018/04/06 14:50:55 maxv Exp $	*/
 
 /*-
  * Copyright (c) 2009-2014 The NetBSD Foundation, Inc.
@@ -40,7 +40,7 @@
 
 #ifdef _KERNEL
 #include 
-__KERNEL_RCSID(0, "$NetBSD: npf_inet.c,v 1.47 2018/03/23 08:28:54 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: npf_inet.c,v 1.48 2018/04/06 14:50:55 maxv Exp $");
 
 #include 
 #include 
@@ -230,6 +230,7 @@ npf_fetch_tcpopts(npf_cache_t *npc, uint
 	nbuf_t *nbuf = npc->npc_nbuf;
 	const struct tcphdr *th = npc->npc_l4.tcp;
 	int topts_len, step;
+	bool setmss = false;
 	uint8_t *nptr;
 	uint8_t val;
 	bool ok;
@@ -245,6 +246,11 @@ npf_fetch_tcpopts(npf_cache_t *npc, uint
 	}
 	KASSERT(topts_len <= MAX_TCPOPTLEN);
 
+	/* Determine if we want to set or get the mss. */
+	if (mss) {
+		setmss = (*mss != 0);
+	}
+
 	/* First step: IP and TCP header up to options. */
 	step = npc->npc_hlen + sizeof(struct tcphdr);
 	nbuf_reset(nbuf);
@@ -270,7 +276,7 @@ next:
 			goto done;
 		}
 		if (mss) {
-			if (*mss) {
+			if (setmss) {
 memcpy(nptr + 2, mss, sizeof(uint16_t));
 			} else {
 memcpy(mss, nptr + 2, sizeof(uint16_t));

CVS commit: src/doc

[Roy Marples]

Module Name:src
Committed By:   roy
Date:   Fri Apr  6 10:48:44 UTC 2018

Modified Files:
src/doc: 3RDPARTY CHANGES

Log Message:
Note import of dhcpcd-7.0.3


To generate a diff of this commit:
cvs rdiff -u -r1.1508 -r1.1509 src/doc/3RDPARTY
cvs rdiff -u -r1.2369 -r1.2370 src/doc/CHANGES

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/doc/3RDPARTY
diff -u src/doc/3RDPARTY:1.1508 src/doc/3RDPARTY:1.1509
--- src/doc/3RDPARTY:1.1508	Tue Apr  3 06:11:14 2018
+++ src/doc/3RDPARTY	Fri Apr  6 10:48:44 2018
@@ -1,4 +1,4 @@
-#	$NetBSD: 3RDPARTY,v 1.1508 2018/04/03 06:11:14 wiz Exp $
+#	$NetBSD: 3RDPARTY,v 1.1509 2018/04/06 10:48:44 roy Exp $
 #
 # This file contains a list of the software that has been integrated into
 # NetBSD where we are not the primary maintainer.
@@ -334,8 +334,8 @@ Notes:
 Use the dhcp2netbsd script.
 
 Package:	dhcpcd
-Version:	7.0.2
-Current Vers:	7.0.2
+Version:	7.0.3
+Current Vers:	7.0.3
 Maintainer:	roy
 Archive Site:	ftp://roy.marples.name/pub/dhcpcd/
 Home Page:	http://roy.marples.name/projects/dhcpcd/

Index: src/doc/CHANGES
diff -u src/doc/CHANGES:1.2369 src/doc/CHANGES:1.2370
--- src/doc/CHANGES:1.2369	Mon Apr  2 05:52:31 2018
+++ src/doc/CHANGES	Fri Apr  6 10:48:44 2018
@@ -1,4 +1,4 @@
-# LIST OF CHANGES FROM LAST RELEASE:			<$Revision: 1.2369 $>
+# LIST OF CHANGES FROM LAST RELEASE:			<$Revision: 1.2370 $>
 #
 #
 # [Note: This file does not mention every change made to the NetBSD source tree.
@@ -132,3 +132,4 @@ Changes from NetBSD 8.0 to NetBSD 9.0:
 	tzdata updated to 2017d [kre 20180324]
 	dhcpcd: Import 7.0.2. [roy 20180327]
 	aarch64: Add initial support for aarch64. [ryo 20180401]
+	dhcpcd: Import 7.0.3. [roy 20180406]

CVS commit: src/external/bsd/dhcpcd/dist/src

[Roy Marples]

Module Name:src
Committed By:   roy
Date:   Fri Apr  6 10:47:47 UTC 2018

Modified Files:
src/external/bsd/dhcpcd/dist/src: dhcpcd.c if-options.c

Log Message:
Sync


To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 src/external/bsd/dhcpcd/dist/src/dhcpcd.c
cvs rdiff -u -r1.7 -r1.8 src/external/bsd/dhcpcd/dist/src/if-options.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/bsd/dhcpcd/dist/src/dhcpcd.c
diff -u src/external/bsd/dhcpcd/dist/src/dhcpcd.c:1.9 src/external/bsd/dhcpcd/dist/src/dhcpcd.c:1.10
--- src/external/bsd/dhcpcd/dist/src/dhcpcd.c:1.9	Tue Mar 27 06:16:34 2018
+++ src/external/bsd/dhcpcd/dist/src/dhcpcd.c	Fri Apr  6 10:47:47 2018
@@ -577,7 +577,7 @@ dhcpcd_selectprofile(struct interface *i
 	} else
 		*ifp->profile = '\0';
 
-	free_options(ifp->options);
+	free_options(ifp->ctx, ifp->options);
 	ifp->options = ifo;
 	if (profile) {
 		add_options(ifp->ctx, ifp->name, ifp->options,
@@ -995,6 +995,7 @@ dhcpcd_handleinterface(void *arg, int ac
 	}
 	/* Check if we already have the interface */
 	iff = if_find(ctx->ifaces, ifp->name);
+
 	if (iff != NULL) {
 		if (iff->active)
 			logdebugx("%s: interface updated", iff->name);
@@ -1013,9 +1014,12 @@ dhcpcd_handleinterface(void *arg, int ac
 		}
 		iff = ifp;
 	}
-	if_learnaddrs(ctx, ifs, );
-	if (action > 0 && iff->active)
-		dhcpcd_prestartinterface(iff);
+
+	if (action > 0) {
+		if_learnaddrs(ctx, ifs, );
+		if (iff->active)
+			dhcpcd_prestartinterface(iff);
+	}
 
 	/* Free our discovered list */
 	while ((ifp = TAILQ_FIRST(ifs))) {
@@ -1161,7 +1165,7 @@ reload_config(struct dhcpcd_ctx *ctx)
 	if (ctx->options & DHCPCD_DAEMONISED)
 		ifo->options |= DHCPCD_DAEMONISED;
 	ctx->options = ifo->options;
-	free_options(ifo);
+	free_options(ctx, ifo);
 }
 
 static void
@@ -1519,6 +1523,8 @@ main(int argc, char **argv)
 #ifdef INET
 	ctx.udp_fd = -1;
 #endif
+	rt_init();
+
 	logopts = LOGERR_ERR|LOGERR_LOG|LOGERR_LOG_DATE|LOGERR_LOG_PID;
 	i = 0;
 	while ((opt = getopt_long(argc, argv,
@@ -1613,7 +1619,7 @@ main(int argc, char **argv)
 	if (i == 2) {
 		printf("Interface options:\n");
 		if (optind == argc - 1) {
-			free_options(ifo);
+			free_options(, ifo);
 			ifo = read_config(, argv[optind], NULL, NULL);
 			if (ifo == NULL)
 goto exit_failure;
@@ -1929,8 +1935,6 @@ printpidfile:
 		}
 	}
 
-	rt_init();
-
 	TAILQ_FOREACH(ifp, ctx.ifaces, next) {
 		if (ifp->active)
 			dhcpcd_initstate1(ifp, argc, argv, 0);
@@ -1981,7 +1985,7 @@ printpidfile:
 			handle_exit_timeout, );
 		}
 	}
-	free_options(ifo);
+	free_options(, ifo);
 	ifo = NULL;
 
 	if_sortinterfaces();
@@ -2018,6 +2022,7 @@ exit1:
 		}
 		free(ctx.ifaces);
 	}
+	free_options(, ifo);
 	rt_dispose();
 	free(ctx.duid);
 	if (ctx.link_fd != -1) {
@@ -2025,7 +2030,6 @@ exit1:
 		close(ctx.link_fd);
 	}
 	if_closesockets();
-	free_options(ifo);
 	free_globals();
 	ipv6_ctxfree();
 	dev_stop();

Index: src/external/bsd/dhcpcd/dist/src/if-options.c
diff -u src/external/bsd/dhcpcd/dist/src/if-options.c:1.7 src/external/bsd/dhcpcd/dist/src/if-options.c:1.8
--- src/external/bsd/dhcpcd/dist/src/if-options.c:1.7	Mon Jan 29 11:13:06 2018
+++ src/external/bsd/dhcpcd/dist/src/if-options.c	Fri Apr  6 10:47:47 2018
@@ -1086,14 +1086,8 @@ parse_option(struct dhcpcd_ctx *ctx, con
 		strncmp(arg, "ms_classless_static_routes=",
 		strlen("ms_classless_static_routes=")) == 0)
 		{
-			struct interface *ifp;
 			struct in_addr addr3;
 
-			ifp = if_find(ctx->ifaces, ifname);
-			if (ifp == NULL) {
-logerrx("static routes require an interface");
-return -1;
-			}
 			fp = np = strwhite(p);
 			if (np == NULL) {
 logerrx("all routes need a gateway");
@@ -1107,7 +1101,7 @@ parse_option(struct dhcpcd_ctx *ctx, con
 *fp = ' ';
 return -1;
 			}
-			if ((rt = rt_new(ifp)) == NULL) {
+			if ((rt = rt_new0(ctx)) == NULL) {
 *fp = ' ';
 return -1;
 			}
@@ -1117,16 +,9 @@ parse_option(struct dhcpcd_ctx *ctx, con
 			TAILQ_INSERT_TAIL(>routes, rt, rt_next);
 			*fp = ' ';
 		} else if (strncmp(arg, "routers=", strlen("routers=")) == 0) {
-			struct interface *ifp;
-
-			ifp = if_find(ctx->ifaces, ifname);
-			if (ifp == NULL) {
-logerrx("static routes require an interface");
-return -1;
-			}
 			if (parse_addr(, NULL, p) == -1)
 return -1;
-			if ((rt = rt_new(ifp)) == NULL)
+			if ((rt = rt_new0(ctx)) == NULL)
 return -1;
 			addr2.s_addr = INADDR_ANY;
 			sa_in_init(>rt_dest, );
@@ -2367,7 +2354,7 @@ read_config(struct dhcpcd_ctx *ctx,
 		buf = malloc(buflen);
 		if (buf == NULL) {
 			logerr(__func__);
-			free_options(ifo);
+			free_options(ctx, ifo);
 			return NULL;
 		}
 		ldop = edop = NULL;
@@ -2381,7 +2368,7 @@ read_config(struct dhcpcd_ctx *ctx,
 if (nbuf == NULL) {
 	logerr(__func__);
 	free(buf);
-	free_options(ifo);
+	free_options(ctx, ifo);
 	return NULL;
 }
 buf = nbuf;
@@ 

CVS import: src/external/bsd/dhcpcd/dist

[Roy Marples]

Module Name:src
Committed By:   roy
Date:   Fri Apr  6 10:46:38 UTC 2018

Update of /cvsroot/src/external/bsd/dhcpcd/dist
In directory ivanova.netbsd.org:/tmp/cvs-serv25576

Log Message:
Import dhcpcd-7.0.3 with the following changes:

  *  dhcp6: fix a null termination overflow on status messages
  *  options: static routes can be setup in global context again
  *  routes: dhcpcd added host routes are now reported correctly 

Status:

Vendor Tag: roy
Release Tags:   dhcpcd-7-0-3

U src/external/bsd/dhcpcd/dist/.arcconfig
U src/external/bsd/dhcpcd/dist/.gitignore
U src/external/bsd/dhcpcd/dist/BUILDING.md
U src/external/bsd/dhcpcd/dist/LICENSE
U src/external/bsd/dhcpcd/dist/Makefile
U src/external/bsd/dhcpcd/dist/Makefile.inc
U src/external/bsd/dhcpcd/dist/README.md
U src/external/bsd/dhcpcd/dist/config-null.mk
U src/external/bsd/dhcpcd/dist/configure
U src/external/bsd/dhcpcd/dist/iconfig.mk
U src/external/bsd/dhcpcd/dist/compat/_strtoi.h
U src/external/bsd/dhcpcd/dist/compat/arc4random.c
U src/external/bsd/dhcpcd/dist/compat/arc4random.h
U src/external/bsd/dhcpcd/dist/compat/bitops.h
U src/external/bsd/dhcpcd/dist/compat/queue.h
U src/external/bsd/dhcpcd/dist/compat/arc4random_uniform.c
U src/external/bsd/dhcpcd/dist/compat/arc4random_uniform.h
U src/external/bsd/dhcpcd/dist/compat/reallocarray.c
U src/external/bsd/dhcpcd/dist/compat/dprintf.c
U src/external/bsd/dhcpcd/dist/compat/dprintf.h
U src/external/bsd/dhcpcd/dist/compat/endian.h
U src/external/bsd/dhcpcd/dist/compat/pidfile.c
U src/external/bsd/dhcpcd/dist/compat/pidfile.h
U src/external/bsd/dhcpcd/dist/compat/reallocarray.h
U src/external/bsd/dhcpcd/dist/compat/strlcpy.c
U src/external/bsd/dhcpcd/dist/compat/strlcpy.h
U src/external/bsd/dhcpcd/dist/compat/strtoi.c
U src/external/bsd/dhcpcd/dist/compat/strtoi.h
U src/external/bsd/dhcpcd/dist/compat/strtou.c
U src/external/bsd/dhcpcd/dist/compat/crypt/hmac.c
U src/external/bsd/dhcpcd/dist/compat/crypt/hmac.h
U src/external/bsd/dhcpcd/dist/compat/crypt/md5.c
U src/external/bsd/dhcpcd/dist/compat/crypt/md5.h
U src/external/bsd/dhcpcd/dist/compat/crypt/sha256.c
U src/external/bsd/dhcpcd/dist/compat/crypt/sha256.h
U src/external/bsd/dhcpcd/dist/src/dhcp.c
U src/external/bsd/dhcpcd/dist/src/GNUmakefile
U src/external/bsd/dhcpcd/dist/src/Makefile
U src/external/bsd/dhcpcd/dist/src/arp.c
U src/external/bsd/dhcpcd/dist/src/arp.h
U src/external/bsd/dhcpcd/dist/src/auth.c
U src/external/bsd/dhcpcd/dist/src/auth.h
U src/external/bsd/dhcpcd/dist/src/bpf.c
U src/external/bsd/dhcpcd/dist/src/bpf.h
U src/external/bsd/dhcpcd/dist/src/common.c
U src/external/bsd/dhcpcd/dist/src/common.h
U src/external/bsd/dhcpcd/dist/src/control.c
U src/external/bsd/dhcpcd/dist/src/control.h
U src/external/bsd/dhcpcd/dist/src/defs.h
U src/external/bsd/dhcpcd/dist/src/dev.c
U src/external/bsd/dhcpcd/dist/src/dev.h
U src/external/bsd/dhcpcd/dist/src/dhcp-common.c
U src/external/bsd/dhcpcd/dist/src/dhcp-common.h
U src/external/bsd/dhcpcd/dist/src/dhcp.h
U src/external/bsd/dhcpcd/dist/src/dhcp6.c
U src/external/bsd/dhcpcd/dist/src/dhcp6.h
U src/external/bsd/dhcpcd/dist/src/dhcpcd.conf.5.in
U src/external/bsd/dhcpcd/dist/src/dhcpcd.8.in
U src/external/bsd/dhcpcd/dist/src/dhcpcd-definitions-small.conf
U src/external/bsd/dhcpcd/dist/src/dhcpcd-definitions.conf
U src/external/bsd/dhcpcd/dist/src/dhcpcd-embedded.c.in
U src/external/bsd/dhcpcd/dist/src/dhcpcd-embedded.h.in
C src/external/bsd/dhcpcd/dist/src/dhcpcd.c
U src/external/bsd/dhcpcd/dist/src/dhcpcd.conf
U src/external/bsd/dhcpcd/dist/src/genembedc
U src/external/bsd/dhcpcd/dist/src/dhcpcd.h
U src/external/bsd/dhcpcd/dist/src/duid.c
U src/external/bsd/dhcpcd/dist/src/duid.h
U src/external/bsd/dhcpcd/dist/src/eloop.c
U src/external/bsd/dhcpcd/dist/src/eloop.h
U src/external/bsd/dhcpcd/dist/src/if-linux-wext.c
U src/external/bsd/dhcpcd/dist/src/genembedh
U src/external/bsd/dhcpcd/dist/src/if-bsd.c
U src/external/bsd/dhcpcd/dist/src/if-linux.c
C src/external/bsd/dhcpcd/dist/src/if-options.c
U src/external/bsd/dhcpcd/dist/src/if-options.h
U src/external/bsd/dhcpcd/dist/src/if-sun.c
U src/external/bsd/dhcpcd/dist/src/if.c
U src/external/bsd/dhcpcd/dist/src/if.h
U src/external/bsd/dhcpcd/dist/src/ipv4.c
U src/external/bsd/dhcpcd/dist/src/ipv4.h
U src/external/bsd/dhcpcd/dist/src/ipv4ll.c
U src/external/bsd/dhcpcd/dist/src/ipv4ll.h
U src/external/bsd/dhcpcd/dist/src/ipv6.c
U src/external/bsd/dhcpcd/dist/src/ipv6.h
U src/external/bsd/dhcpcd/dist/src/ipv6nd.c
U src/external/bsd/dhcpcd/dist/src/ipv6nd.h
U src/external/bsd/dhcpcd/dist/src/logerr.c
U src/external/bsd/dhcpcd/dist/src/logerr.h
U src/external/bsd/dhcpcd/dist/src/route.c
U src/external/bsd/dhcpcd/dist/src/route.h
U src/external/bsd/dhcpcd/dist/src/sa.c
U src/external/bsd/dhcpcd/dist/src/sa.h
U src/external/bsd/dhcpcd/dist/src/script.c
U src/external/bsd/dhcpcd/dist/src/script.h
U src/external/bsd/dhcpcd/dist/src/dev/Makefile
U src/external/bsd/dhcpcd/dist/src/dev/udev.c
U 

CVS commit: src/sys

[Kengo NAKAHARA]

Module Name:src
Committed By:   knakahara
Date:   Fri Apr  6 10:38:53 UTC 2018

Modified Files:
src/sys/net: if_ipsec.c
src/sys/netipsec: ipsecif.c ipsecif.h

Log Message:
Fix unexpected failure when ipsecif(4) over IPv6 is changed port number only.

Here is an example of the operation which causes this problem.
# ifconfig ipsec0 create link0
# ifconfig ipsec0 tunnel fc00:1001::2,4500 fc00:1001::1,4501
# ifconfig ipsec0 tunnel fc00:1001::2,4500 fc00:1001::1,4502


To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 src/sys/net/if_ipsec.c
cvs rdiff -u -r1.6 -r1.7 src/sys/netipsec/ipsecif.c
cvs rdiff -u -r1.1 -r1.2 src/sys/netipsec/ipsecif.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/net/if_ipsec.c
diff -u src/sys/net/if_ipsec.c:1.10 src/sys/net/if_ipsec.c:1.11
--- src/sys/net/if_ipsec.c:1.10	Fri Apr  6 09:30:09 2018
+++ src/sys/net/if_ipsec.c	Fri Apr  6 10:38:53 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: if_ipsec.c,v 1.10 2018/04/06 09:30:09 knakahara Exp $  */
+/*	$NetBSD: if_ipsec.c,v 1.11 2018/04/06 10:38:53 knakahara Exp $  */
 
 /*
  * Copyright (c) 2017 Internet Initiative Japan Inc.
@@ -27,7 +27,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.10 2018/04/06 09:30:09 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.11 2018/04/06 10:38:53 knakahara Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -280,7 +280,7 @@ if_ipsec_fwd_ipv6(struct ipsec_softc *sc
 int
 if_ipsec_encap_func(struct mbuf *m, int off, int proto, void *arg)
 {
-	struct ip ip;
+	uint8_t v;
 	struct ipsec_softc *sc;
 	struct ipsec_variant *var = NULL;
 	struct psref psref;
@@ -304,18 +304,39 @@ if_ipsec_encap_func(struct mbuf *m, int 
 		goto out;
 	}
 
-	if (m->m_pkthdr.len < sizeof(ip))
-		goto out;
+	m_copydata(m, 0, sizeof(v), );
+	v = (v >> 4) & 0xff;  /* Get the IP version number. */
 
-	m_copydata(m, 0, sizeof(ip), );
-	switch (ip.ip_v) {
+	switch (v) {
 #ifdef INET
-	case IPVERSION:
+	case IPVERSION: {
+		struct ip ip;
+
+		if (m->m_pkthdr.len < sizeof(ip))
+			goto out;
+
+		m_copydata(m, 0, sizeof(ip), );
 		if (var->iv_psrc->sa_family != AF_INET ||
 		var->iv_pdst->sa_family != AF_INET)
 			goto out;
 		ret = ipsecif4_encap_func(m, , var);
 		break;
+	}
+#endif
+#ifdef INET6
+	case (IPV6_VERSION >> 4): {
+		struct ip6_hdr ip6;
+
+		if (m->m_pkthdr.len < sizeof(ip6))
+			goto out;
+
+		m_copydata(m, 0, sizeof(ip6), );
+		if (var->iv_psrc->sa_family != AF_INET6 ||
+		var->iv_pdst->sa_family != AF_INET6)
+			goto out;
+		ret = ipsecif6_encap_func(m, , var);
+		break;
+	}
 #endif
 	default:
 		goto out;

Index: src/sys/netipsec/ipsecif.c
diff -u src/sys/netipsec/ipsecif.c:1.6 src/sys/netipsec/ipsecif.c:1.7
--- src/sys/netipsec/ipsecif.c:1.6	Fri Apr  6 10:31:35 2018
+++ src/sys/netipsec/ipsecif.c	Fri Apr  6 10:38:53 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: ipsecif.c,v 1.6 2018/04/06 10:31:35 knakahara Exp $  */
+/*	$NetBSD: ipsecif.c,v 1.7 2018/04/06 10:38:53 knakahara Exp $  */
 
 /*
  * Copyright (c) 2017 Internet Initiative Japan Inc.
@@ -27,7 +27,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: ipsecif.c,v 1.6 2018/04/06 10:31:35 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsecif.c,v 1.7 2018/04/06 10:38:53 knakahara Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -412,6 +412,57 @@ done:
 }
 
 #ifdef INET6
+int
+ipsecif6_encap_func(struct mbuf *m, struct ip6_hdr *ip6, struct ipsec_variant *var)
+{
+	struct m_tag *mtag;
+	struct sockaddr_in6 *src, *dst;
+	u_int16_t src_port = 0;
+	u_int16_t dst_port = 0;
+
+	KASSERT(var != NULL);
+
+	src = satosin6(var->iv_psrc);
+	dst = satosin6(var->iv_pdst);
+	mtag = m_tag_find(m, PACKET_TAG_IPSEC_NAT_T_PORTS, NULL);
+	if (mtag) {
+		u_int16_t *ports;
+
+		ports = (u_int16_t *)(mtag + 1);
+		src_port = ports[0];
+		dst_port = ports[1];
+	}
+
+	/* address match */
+	if (!IN6_ARE_ADDR_EQUAL(>sin6_addr, >ip6_dst) ||
+	!IN6_ARE_ADDR_EQUAL(>sin6_addr, >ip6_src))
+		return 0;
+
+	/* UDP encap? */
+	if (mtag == NULL && var->iv_sport == 0 && var->iv_dport == 0)
+		goto match;
+
+	/* port match */
+	if (src_port != var->iv_dport ||
+	dst_port != var->iv_sport) {
+#ifdef DEBUG
+		printf("%s: port mismatch: pkt(%u, %u), if(%u, %u)\n",
+		__func__, ntohs(src_port), ntohs(dst_port),
+		ntohs(var->iv_sport), ntohs(var->iv_dport));
+#endif
+		return 0;
+	}
+
+match:
+	/*
+	 * hide NAT-T information from encapsulated traffics.
+	 * they don't know about IPsec.
+	 */
+	if (mtag)
+		m_tag_delete(m, mtag);
+	return sizeof(src->sin6_addr) + sizeof(dst->sin6_addr);
+}
+
 static int
 ipsecif6_output(struct ipsec_variant *var, int family, struct mbuf *m)
 {
@@ -841,9 +892,7 @@ ipsecif6_attach(struct ipsec_variant *va
 	mask6.sin6_addr.s6_addr32[0] = mask6.sin6_addr.s6_addr32[1] =
 	mask6.sin6_addr.s6_addr32[2] = mask6.sin6_addr.s6_addr32[3] = ~0;
 
-	var->iv_encap_cookie6 = encap_attach(AF_INET6, -1,

CVS commit: src/sys/netipsec

[Kengo NAKAHARA]

Module Name:src
Committed By:   knakahara
Date:   Fri Apr  6 10:31:35 UTC 2018

Modified Files:
src/sys/netipsec: ipsecif.c

Log Message:
Add IPv4 ID when the ipsecif(4) packet can be fragmented. Implemented by 
hsuenaga@IIJ and ohishi@IIJ, thanks.

This modification reduces packet loss of fragmented packets on a
network where reordering occurs.

Alghough this modification has been applied, IPv4 ID is not set for
the packet smaller then IP_MINFRAGSIZE. According to RFC 6864, that
must not cause problems.

XXX pullup-8


To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 src/sys/netipsec/ipsecif.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netipsec/ipsecif.c
diff -u src/sys/netipsec/ipsecif.c:1.5 src/sys/netipsec/ipsecif.c:1.6
--- src/sys/netipsec/ipsecif.c:1.5	Tue Mar 13 03:05:12 2018
+++ src/sys/netipsec/ipsecif.c	Fri Apr  6 10:31:35 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: ipsecif.c,v 1.5 2018/03/13 03:05:12 knakahara Exp $  */
+/*	$NetBSD: ipsecif.c,v 1.6 2018/04/06 10:31:35 knakahara Exp $  */
 
 /*
  * Copyright (c) 2017 Internet Initiative Japan Inc.
@@ -27,7 +27,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: ipsecif.c,v 1.5 2018/03/13 03:05:12 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsecif.c,v 1.6 2018/04/06 10:31:35 knakahara Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -135,7 +135,10 @@ ipsecif4_prepend_hdr(struct ipsec_varian
 	ip = mtod(m, struct ip *);
 	ip->ip_v = IPVERSION;
 	ip->ip_off = htons(0);
-	ip->ip_id = 0;
+	if (m->m_pkthdr.len < IP_MINFRAGSIZE)
+		ip->ip_id = 0;
+	else
+		ip->ip_id = ip_newid(NULL);
 	ip->ip_hl = sizeof(*ip) >> 2;
 	if (ip_ipsec_copy_tos)
 		ip->ip_tos = tos;

CVS commit: src/sys/net

[Kengo NAKAHARA]

Module Name:src
Committed By:   knakahara
Date:   Fri Apr  6 09:30:09 UTC 2018

Modified Files:
src/sys/net: if_ipsec.c

Log Message:
fix ipsecif(4) stack overflow.

XXX pullup-8


To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 src/sys/net/if_ipsec.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/net/if_ipsec.c
diff -u src/sys/net/if_ipsec.c:1.9 src/sys/net/if_ipsec.c:1.10
--- src/sys/net/if_ipsec.c:1.9	Fri Apr  6 09:28:26 2018
+++ src/sys/net/if_ipsec.c	Fri Apr  6 09:30:09 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: if_ipsec.c,v 1.9 2018/04/06 09:28:26 knakahara Exp $  */
+/*	$NetBSD: if_ipsec.c,v 1.10 2018/04/06 09:30:09 knakahara Exp $  */
 
 /*
  * Copyright (c) 2017 Internet Initiative Japan Inc.
@@ -27,7 +27,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.9 2018/04/06 09:28:26 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.10 2018/04/06 09:30:09 knakahara Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -76,6 +76,7 @@ __KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v
 #include 
 
 #include 
+#include  /* for union sockaddr_union */
 #include 
 #include 
 
@@ -1340,10 +1341,11 @@ if_ipsec_add_mbuf_addr_port(struct mbuf 
 	if (port == 0) {
 		if_ipsec_add_mbuf_optalign(m0, addr, addr->sa_len, align);
 	} else {
-		struct sockaddr addrport;
+		union sockaddr_union addrport_u;
+		struct sockaddr *addrport = _u.sa;
 
-		if_ipsec_set_addr_port(, addr, port);
-		if_ipsec_add_mbuf_optalign(m0, , addrport.sa_len, align);
+		if_ipsec_set_addr_port(addrport, addr, port);
+		if_ipsec_add_mbuf_optalign(m0, addrport, addrport->sa_len, align);
 	}
 }
 

CVS commit: src/sys/net

[Kengo NAKAHARA]

Module Name:src
Committed By:   knakahara
Date:   Fri Apr  6 09:28:26 UTC 2018

Modified Files:
src/sys/net: if_ipsec.c

Log Message:
fix ipsecif(4) unmatch curlwp_bind.

XXX pullup-8


To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 src/sys/net/if_ipsec.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/net/if_ipsec.c
diff -u src/sys/net/if_ipsec.c:1.8 src/sys/net/if_ipsec.c:1.9
--- src/sys/net/if_ipsec.c:1.8	Fri Apr  6 09:24:13 2018
+++ src/sys/net/if_ipsec.c	Fri Apr  6 09:28:26 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: if_ipsec.c,v 1.8 2018/04/06 09:24:13 knakahara Exp $  */
+/*	$NetBSD: if_ipsec.c,v 1.9 2018/04/06 09:28:26 knakahara Exp $  */
 
 /*
  * Copyright (c) 2017 Internet Initiative Japan Inc.
@@ -27,7 +27,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.8 2018/04/06 09:24:13 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.9 2018/04/06 09:28:26 knakahara Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -637,6 +637,7 @@ if_ipsec_ioctl(struct ifnet *ifp, u_long
 		error = if_ipsec_set_tunnel(>ipsec_if, src, dst);
 		if (error)
 			goto bad;
+		curlwp_bindx(bound);
 		break;
 
 	case SIOCDIFPHYADDR:
@@ -769,6 +770,7 @@ if_ipsec_ioctl(struct ifnet *ifp, u_long
 			error = if_ipsec_ensure_flags(>ipsec_if, oflags);
 			if (error)
 goto bad;
+			curlwp_bindx(bound);
 		}
 		break;
 	}

CVS commit: src/sys/net

[Kengo NAKAHARA]

Module Name:src
Committed By:   knakahara
Date:   Fri Apr  6 09:24:13 UTC 2018

Modified Files:
src/sys/net: if_ipsec.c

Log Message:
fix ipsec(4) encap_lock leak.

XXX pullup-8


To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 src/sys/net/if_ipsec.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/net/if_ipsec.c
diff -u src/sys/net/if_ipsec.c:1.7 src/sys/net/if_ipsec.c:1.8
--- src/sys/net/if_ipsec.c:1.7	Tue Mar 13 02:12:05 2018
+++ src/sys/net/if_ipsec.c	Fri Apr  6 09:24:13 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: if_ipsec.c,v 1.7 2018/03/13 02:12:05 knakahara Exp $  */
+/*	$NetBSD: if_ipsec.c,v 1.8 2018/04/06 09:24:13 knakahara Exp $  */
 
 /*
  * Copyright (c) 2017 Internet Initiative Japan Inc.
@@ -27,7 +27,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.7 2018/03/13 02:12:05 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.8 2018/04/06 09:24:13 knakahara Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -1166,6 +1166,7 @@ if_ipsec_ensure_flags(struct ifnet *ifp,
 	if (if_ipsec_variant_is_unconfigured(ovar)) {
 		/* nothing to do */
 		mutex_exit(>ipsec_lock);
+		encap_lock_exit();
 		return 0;
 	}
 

CVS commit: src/tests/net/arp

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Fri Apr  6 09:23:36 UTC 2018

Modified Files:
src/tests/net/arp: t_arp.sh

Log Message:
Add tests for GARP without DAD

Additionally make the existing tests for GARP more explicit.


To generate a diff of this commit:
cvs rdiff -u -r1.35 -r1.36 src/tests/net/arp/t_arp.sh

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/tests/net/arp/t_arp.sh
diff -u src/tests/net/arp/t_arp.sh:1.35 src/tests/net/arp/t_arp.sh:1.36
--- src/tests/net/arp/t_arp.sh:1.35	Fri Apr  6 09:21:57 2018
+++ src/tests/net/arp/t_arp.sh	Fri Apr  6 09:23:36 2018
@@ -1,4 +1,4 @@
-#	$NetBSD: t_arp.sh,v 1.35 2018/04/06 09:21:57 ozaki-r Exp $
+#	$NetBSD: t_arp.sh,v 1.36 2018/04/06 09:23:36 ozaki-r Exp $
 #
 # Copyright (c) 2015 The NetBSD Foundation, Inc.
 # All rights reserved.
@@ -41,6 +41,7 @@ atf_test_case arp_cache_expiration_5s cl
 atf_test_case arp_cache_expiration_10s cleanup
 atf_test_case arp_command cleanup
 atf_test_case arp_garp cleanup
+atf_test_case arp_garp_without_dad cleanup
 atf_test_case arp_cache_overwriting cleanup
 atf_test_case arp_proxy_arp_pub cleanup
 atf_test_case arp_proxy_arp_pubproxy cleanup
@@ -71,6 +72,13 @@ arp_garp_head()
 	atf_set "require.progs" "rump_server"
 }
 
+arp_garp_without_dad_head()
+{
+
+	atf_set "descr" "Tests for GARP with DAD disabled"
+	atf_set "require.progs" "rump_server"
+}
+
 arp_cache_overwriting_head()
 {
 	atf_set "descr" "Tests for behavior of overwriting ARP caches"
@@ -297,45 +305,100 @@ make_pkt_str_arpreq()
 	echo $pkt
 }
 
-arp_garp_body()
+test_garp_common()
 {
+	local no_dad=$1
 	local pkt=
 
 	rump_server_start $SOCKSRC
 
 	export RUMP_SERVER=$SOCKSRC
 
+	if $no_dad; then
+		atf_check -s exit:0 -o match:'3 -> 0' \
+		rump.sysctl -w net.inet.ip.dad_count=0
+	fi
+
 	# Setup an interface
 	rump_server_add_iface $SOCKSRC shmif0 bus1
 	atf_check -s exit:0 rump.ifconfig shmif0 inet 10.0.0.1/24
-	atf_check -s exit:0 rump.ifconfig shmif0 inet 10.0.0.2/24 alias
 	atf_check -s exit:0 rump.ifconfig shmif0 up
 	$DEBUG && rump.ifconfig shmif0
 
 	atf_check -s exit:0 sleep 1
 	extract_new_packets bus1 > ./out
 
+	#
+	# Assign an address to an interface without IFF_UP
+	#
 	# A GARP packet is sent for the primary address
 	pkt=$(make_pkt_str_arpreq 10.0.0.1 10.0.0.1)
 	atf_check -s exit:0 -o match:"$pkt" cat ./out
-	# No GARP packet is sent for the alias address
+
+	atf_check -s exit:0 rump.ifconfig shmif0 down
+	atf_check -s exit:0 rump.ifconfig shmif0 inet 10.0.0.2/24 alias
+
+	atf_check -s exit:0 sleep 1
+	extract_new_packets bus1 > ./out
+
+	# A GARP packet is sent for the alias address
 	pkt=$(make_pkt_str_arpreq 10.0.0.2 10.0.0.2)
-	atf_check -s exit:0 -o not-match:"$pkt" cat ./out
+	atf_check -s exit:0 -o match:"$pkt" cat ./out
 
-	atf_check -s exit:0 rump.ifconfig -w 10
+	# Clean up
+	atf_check -s exit:0 rump.ifconfig shmif0 inet 10.0.0.1/24 delete
+	atf_check -s exit:0 rump.ifconfig shmif0 inet 10.0.0.2/24 delete
+
+	#
+	# Assign an address to an interface with IFF_UP
+	#
+	atf_check -s exit:0 rump.ifconfig shmif0 up
+
+	# Primary address
 	atf_check -s exit:0 rump.ifconfig shmif0 inet 10.0.0.3/24
-	atf_check -s exit:0 rump.ifconfig shmif0 inet 10.0.0.4/24 alias
 
-	# No GARP packets are sent during IFF_UP
+	atf_check -s exit:0 sleep 1
 	extract_new_packets bus1 > ./out
+
 	pkt=$(make_pkt_str_arpreq 10.0.0.3 10.0.0.3)
-	atf_check -s exit:0 -o not-match:"$pkt" cat ./out
+	if $no_dad; then
+		# A GARP packet is sent
+		atf_check -s exit:0 -o match:"$pkt" cat ./out
+	else
+		# No GARP packet is sent
+		atf_check -s exit:0 -o not-match:"$pkt" cat ./out
+	fi
+
+	# Alias address
+	atf_check -s exit:0 rump.ifconfig shmif0 inet 10.0.0.4/24 alias
+
+	atf_check -s exit:0 sleep 1
+	extract_new_packets bus1 > ./out
+
 	pkt=$(make_pkt_str_arpreq 10.0.0.4 10.0.0.4)
-	atf_check -s exit:0 -o not-match:"$pkt" cat ./out
+	if $no_dad; then
+		# A GARP packet is sent
+		atf_check -s exit:0 -o match:"$pkt" cat ./out
+	else
+		# No GARP packet is sent
+		atf_check -s exit:0 -o not-match:"$pkt" cat ./out
+	fi
 
 	rump_server_destroy_ifaces
 }
 
+arp_garp_body()
+{
+
+	test_garp_common false
+}
+
+arp_garp_without_dad_body()
+{
+
+	test_garp_common true
+}
+
 arp_cache_overwriting_body()
 {
 	local bonus=2
@@ -583,6 +646,13 @@ arp_garp_cleanup()
 	cleanup
 }
 
+arp_garp_without_dad_cleanup()
+{
+
+	$DEBUG && dump
+	cleanup
+}
+
 arp_cache_overwriting_cleanup()
 {
 	$DEBUG && dump
@@ -879,6 +949,7 @@ atf_init_test_cases()
 	atf_add_test_case arp_cache_expiration_10s
 	atf_add_test_case arp_command
 	atf_add_test_case arp_garp
+	atf_add_test_case arp_garp_without_dad
 	atf_add_test_case arp_cache_overwriting
 	atf_add_test_case arp_proxy_arp_pub
 	atf_add_test_case arp_proxy_arp_pubproxy

CVS commit: src/tests/net

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Fri Apr  6 09:22:38 UTC 2018

Modified Files:
src/tests/net: net_common.sh

Log Message:
Show outputs of commands if $DEBUG


To generate a diff of this commit:
cvs rdiff -u -r1.26 -r1.27 src/tests/net/net_common.sh

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/tests/net/net_common.sh
diff -u src/tests/net/net_common.sh:1.26 src/tests/net/net_common.sh:1.27
--- src/tests/net/net_common.sh:1.26	Thu Feb  1 05:22:01 2018
+++ src/tests/net/net_common.sh	Fri Apr  6 09:22:38 2018
@@ -1,4 +1,4 @@
-#	$NetBSD: net_common.sh,v 1.26 2018/02/01 05:22:01 ozaki-r Exp $
+#	$NetBSD: net_common.sh,v 1.27 2018/04/06 09:22:38 ozaki-r Exp $
 #
 # Copyright (c) 2016 Internet Initiative Japan Inc.
 # All rights reserved.
@@ -319,19 +319,23 @@ rump_server_add_iface()
 rump_server_destroy_ifaces()
 {
 	local backup=$RUMP_SERVER
+	local outout=ignore
 
 	$DEBUG && cat $_rump_server_ifaces
 
 	# Try to dump states before destroying interfaces
 	for sock in $(cat $_rump_server_socks); do
 		export RUMP_SERVER=$sock
-		atf_check -s exit:0 -o ignore rump.ifconfig
-		atf_check -s exit:0 -o ignore rump.netstat -nr
+		if $DEBUG; then
+			output=save:/dev/stdout
+		fi
+		atf_check -s exit:0 -o $output rump.ifconfig
+		atf_check -s exit:0 -o $output rump.netstat -nr
 		# XXX still need hijacking
-		atf_check -s exit:0 -o ignore $HIJACKING rump.netstat -nai
-		atf_check -s exit:0 -o ignore rump.arp -na
-		atf_check -s exit:0 -o ignore rump.ndp -na
-		atf_check -s exit:0 -o ignore $HIJACKING ifmcstat
+		atf_check -s exit:0 -o $output $HIJACKING rump.netstat -nai
+		atf_check -s exit:0 -o $output rump.arp -na
+		atf_check -s exit:0 -o $output rump.ndp -na
+		atf_check -s exit:0 -o $output $HIJACKING ifmcstat
 	done
 
 	# XXX using pipe doesn't work. See PR bin/51667

CVS commit: src/tests/net/arp

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Fri Apr  6 09:21:57 UTC 2018

Modified Files:
src/tests/net/arp: t_arp.sh

Log Message:
Improve packet checks and error reporting


To generate a diff of this commit:
cvs rdiff -u -r1.34 -r1.35 src/tests/net/arp/t_arp.sh

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/tests/net/arp/t_arp.sh
diff -u src/tests/net/arp/t_arp.sh:1.34 src/tests/net/arp/t_arp.sh:1.35
--- src/tests/net/arp/t_arp.sh:1.34	Thu Nov 23 06:22:12 2017
+++ src/tests/net/arp/t_arp.sh	Fri Apr  6 09:21:57 2018
@@ -1,4 +1,4 @@
-#	$NetBSD: t_arp.sh,v 1.34 2017/11/23 06:22:12 kre Exp $
+#	$NetBSD: t_arp.sh,v 1.35 2018/04/06 09:21:57 ozaki-r Exp $
 #
 # Copyright (c) 2015 The NetBSD Foundation, Inc.
 # All rights reserved.
@@ -292,7 +292,7 @@ make_pkt_str_arpreq()
 {
 	local target=$1
 	local sender=$2
-	pkt="> ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42:"
+	pkt="> ff:ff:ff:ff:ff:ff, ethertype ARP \(0x0806\), length 42:"
 	pkt="$pkt Request who-has $target tell $sender, length 28"
 	echo $pkt
 }
@@ -313,25 +313,25 @@ arp_garp_body()
 	$DEBUG && rump.ifconfig shmif0
 
 	atf_check -s exit:0 sleep 1
-	shmif_dumpbus -p - bus1 2>/dev/null| tcpdump -n -e -r - > ./out
+	extract_new_packets bus1 > ./out
 
 	# A GARP packet is sent for the primary address
 	pkt=$(make_pkt_str_arpreq 10.0.0.1 10.0.0.1)
-	atf_check -s exit:0 -x "cat ./out |grep -q '$pkt'"
+	atf_check -s exit:0 -o match:"$pkt" cat ./out
 	# No GARP packet is sent for the alias address
 	pkt=$(make_pkt_str_arpreq 10.0.0.2 10.0.0.2)
-	atf_check -s not-exit:0 -x "cat ./out |grep -q '$pkt'"
+	atf_check -s exit:0 -o not-match:"$pkt" cat ./out
 
 	atf_check -s exit:0 rump.ifconfig -w 10
 	atf_check -s exit:0 rump.ifconfig shmif0 inet 10.0.0.3/24
 	atf_check -s exit:0 rump.ifconfig shmif0 inet 10.0.0.4/24 alias
 
 	# No GARP packets are sent during IFF_UP
-	shmif_dumpbus -p - bus1 2>/dev/null| tcpdump -n -e -r - > ./out
+	extract_new_packets bus1 > ./out
 	pkt=$(make_pkt_str_arpreq 10.0.0.3 10.0.0.3)
-	atf_check -s not-exit:0 -x "cat ./out |grep -q '$pkt'"
+	atf_check -s exit:0 -o not-match:"$pkt" cat ./out
 	pkt=$(make_pkt_str_arpreq 10.0.0.4 10.0.0.4)
-	atf_check -s not-exit:0 -x "cat ./out |grep -q '$pkt'"
+	atf_check -s exit:0 -o not-match:"$pkt" cat ./out
 
 	rump_server_destroy_ifaces
 }
@@ -519,7 +519,7 @@ arp_link_activation_body()
 	$DEBUG && cat ./out
 
 	pkt=$(make_pkt_str_arpreq $IP4SRC $IP4SRC)
-	atf_check -s not-exit:0 -x "cat ./out |grep -q '$pkt'"
+	atf_check -s exit:0 -o not-match:"$pkt" cat ./out
 
 	atf_check -s exit:0 -o ignore rump.ifconfig shmif0 link \
 	b2:a1:00:00:00:02 active
@@ -529,8 +529,7 @@ arp_link_activation_body()
 	$DEBUG && cat ./out
 
 	pkt=$(make_pkt_str_arpreq $IP4SRC $IP4SRC)
-	atf_check -s exit:0 -x \
-	"cat ./out |grep '$pkt' |grep -q 'b2:a1:00:00:00:02'"
+	atf_check -s exit:0 -o match:"b2:a1:00:00:00:02 $pkt" cat ./out
 
 	rump_server_destroy_ifaces
 }

CVS commit: src/sys/netinet

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Fri Apr  6 09:20:29 UTC 2018

Modified Files:
src/sys/netinet: in.c

Log Message:
Don't set IN_IFF_* flags to ia4_flags if DAD is disabled

This fix allows that a GARP packet is sent when adding an IP address to an
interface with IFF_UP on a kernel with IPv4 DAD is disabled
(net.inet.ip.dad_count=0), which is the same behavior of NetBSD 7, i.e.,
before introducing the IPv4 DAD.


To generate a diff of this commit:
cvs rdiff -u -r1.224 -r1.225 src/sys/netinet/in.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet/in.c
diff -u src/sys/netinet/in.c:1.224 src/sys/netinet/in.c:1.225
--- src/sys/netinet/in.c:1.224	Fri Apr  6 09:19:16 2018
+++ src/sys/netinet/in.c	Fri Apr  6 09:20:29 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: in.c,v 1.224 2018/04/06 09:19:16 ozaki-r Exp $	*/
+/*	$NetBSD: in.c,v 1.225 2018/04/06 09:20:29 ozaki-r Exp $	*/
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -91,7 +91,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: in.c,v 1.224 2018/04/06 09:19:16 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: in.c,v 1.225 2018/04/06 09:20:29 ozaki-r Exp $");
 
 #include "arp.h"
 
@@ -1146,10 +1146,12 @@ in_ifinit(struct ifnet *ifp, struct in_i
 	if (ia->ia4_flags & IN_IFF_DUPLICATED)
 		hostIsNew = 1;
 	ia->ia4_flags = 0;
-	if (ifp->if_link_state == LINK_STATE_DOWN)
-		ia->ia4_flags |= IN_IFF_DETACHED;
-	else if (hostIsNew && if_do_dad(ifp))
-		ia->ia4_flags |= IN_IFF_TRYTENTATIVE;
+	if (ip_dad_count > 0) {
+		if (ifp->if_link_state == LINK_STATE_DOWN)
+			ia->ia4_flags |= IN_IFF_DETACHED;
+		else if (hostIsNew && if_do_dad(ifp))
+			ia->ia4_flags |= IN_IFF_TRYTENTATIVE;
+	}
 
 	/*
 	 * Give the interface a chance to initialize

CVS commit: src/sys/netinet

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Fri Apr  6 09:19:16 UTC 2018

Modified Files:
src/sys/netinet: in.c

Log Message:
Simplify; clear then set flags to ia4_flags (NFCI)


To generate a diff of this commit:
cvs rdiff -u -r1.223 -r1.224 src/sys/netinet/in.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet/in.c
diff -u src/sys/netinet/in.c:1.223 src/sys/netinet/in.c:1.224
--- src/sys/netinet/in.c:1.223	Tue Mar  6 07:27:55 2018
+++ src/sys/netinet/in.c	Fri Apr  6 09:19:16 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: in.c,v 1.223 2018/03/06 07:27:55 ozaki-r Exp $	*/
+/*	$NetBSD: in.c,v 1.224 2018/04/06 09:19:16 ozaki-r Exp $	*/
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -91,7 +91,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: in.c,v 1.223 2018/03/06 07:27:55 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: in.c,v 1.224 2018/04/06 09:19:16 ozaki-r Exp $");
 
 #include "arp.h"
 
@@ -1143,14 +1143,12 @@ in_ifinit(struct ifnet *ifp, struct in_i
 	 * We need to do this early because they maybe adjusted
 	 * by if_addr_init depending on the address.
 	 */
-	if (ia->ia4_flags & IN_IFF_DUPLICATED) {
-		ia->ia4_flags &= ~IN_IFF_DUPLICATED;
+	if (ia->ia4_flags & IN_IFF_DUPLICATED)
 		hostIsNew = 1;
-	}
-	if (ifp->if_link_state == LINK_STATE_DOWN) {
+	ia->ia4_flags = 0;
+	if (ifp->if_link_state == LINK_STATE_DOWN)
 		ia->ia4_flags |= IN_IFF_DETACHED;
-		ia->ia4_flags &= ~IN_IFF_TENTATIVE;
-	} else if (hostIsNew && if_do_dad(ifp))
+	else if (hostIsNew && if_do_dad(ifp))
 		ia->ia4_flags |= IN_IFF_TRYTENTATIVE;
 
 	/*

CVS commit: src/sys/arch/arm/sunxi

[Manuel Bouyer]

Module Name:src
Committed By:   bouyer
Date:   Fri Apr  6 08:23:40 UTC 2018

Modified Files:
src/sys/arch/arm/sunxi: sunxi_tcon.c

Log Message:
Fix bad cut'n'paste, pointed out by David Binderman in PR port-arm/53158


To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 src/sys/arch/arm/sunxi/sunxi_tcon.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/arch/arm/sunxi/sunxi_tcon.c
diff -u src/sys/arch/arm/sunxi/sunxi_tcon.c:1.4 src/sys/arch/arm/sunxi/sunxi_tcon.c:1.5
--- src/sys/arch/arm/sunxi/sunxi_tcon.c:1.4	Wed Apr  4 16:01:05 2018
+++ src/sys/arch/arm/sunxi/sunxi_tcon.c	Fri Apr  6 08:23:40 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: sunxi_tcon.c,v 1.4 2018/04/04 16:01:05 bouyer Exp $ */
+/* $NetBSD: sunxi_tcon.c,v 1.5 2018/04/06 08:23:40 bouyer Exp $ */
 
 /*-
  * Copyright (c) 2018 Manuel Bouyer 
@@ -30,7 +30,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: sunxi_tcon.c,v 1.4 2018/04/04 16:01:05 bouyer Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sunxi_tcon.c,v 1.5 2018/04/06 08:23:40 bouyer Exp $");
 
 #include 
 #include 
@@ -140,7 +140,7 @@ sunxi_tcon_attach(device_t parent, devic
 	sc->sc_clk_ch1 = fdtbus_clock_get(phandle, "tcon-ch1");
 
 	if (sc->sc_clk_ahb == NULL || sc->sc_clk_ch0 == NULL
-	|| sc->sc_clk_ch0 == NULL) {
+	|| sc->sc_clk_ch1 == NULL) {
 		aprint_error(": couldn't get clocks\n");
 		aprint_debug_dev(self, "clk ahb %s tcon-ch0 %s tcon-ch1 %s\n",
 		sc->sc_clk_ahb == NULL ? "missing" : "present",