date:20180210

Fwd: Re: CVS commit: src/sys/netinet

2018-02-10 Thread Maxime Villard


Le 10/02/2018 à 23:49, David H. Gutteridge a écrit :

On Mon, 05 Feb 2018, at 13:23:11 +, Maxime Villard wrote:

Module Name:src
Committed By:   maxv
Date:   Mon Feb  5 13:23:11 UTC 2018

Modified Files:
src/sys/netinet: ip_input.c

Log Message:
Disable ip_allowsrcrt and ip_forwsrcrt. Enabling them by default was a
completely dumb idea, because they have security implications.

By sending an IPv4 packet containing an LSRR option, an attacker will
cause the system to forward the packet to another IPv4 address - and
this way he white-washes the source of the packet.

It is also possible for an attacker to reach hidden networks: if a

server

has a public address, and a private one on an internal network (network
which has several internal machines connected), the attacker can send a
packet with:

source = 0.0.0.0
destination = public address of the server
LSRR first address = address of a machine on the internal

network


And the packet will be forwarded, by the server, to the internal

machine,

in some cases even with the internal IP address of the server as a

source.

Hello,

This particular fix has been pulled up to the various 6.x and 7.x
branches, but not to 8.0_BETA. Is that still pending because it's part
of a larger planned change set?


Yes.

Maxime

CVS commit: src/share/mk

2018-02-10 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sun Feb 11 03:44:53 UTC 2018

Modified Files:
src/share/mk: bsd.own.mk

Log Message:
switch amd64 to gcc-6. Thanks mrg for all the work!


To generate a diff of this commit:
cvs rdiff -u -r1.1032 -r1.1033 src/share/mk/bsd.own.mk

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/share/mk

2018-02-10 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sun Feb 11 03:44:53 UTC 2018

Modified Files:
src/share/mk: bsd.own.mk

Log Message:
switch amd64 to gcc-6. Thanks mrg for all the work!


To generate a diff of this commit:
cvs rdiff -u -r1.1032 -r1.1033 src/share/mk/bsd.own.mk

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/share/mk/bsd.own.mk
diff -u src/share/mk/bsd.own.mk:1.1032 src/share/mk/bsd.own.mk:1.1033
--- src/share/mk/bsd.own.mk:1.1032	Thu Feb  8 23:38:24 2018
+++ src/share/mk/bsd.own.mk	Sat Feb 10 22:44:53 2018
@@ -1,4 +1,4 @@
-#	$NetBSD: bsd.own.mk,v 1.1032 2018/02/09 04:38:24 christos Exp $
+#	$NetBSD: bsd.own.mk,v 1.1033 2018/02/11 03:44:53 christos Exp $
 
 # This needs to be before bsd.init.mk
 .if defined(BSD_MK_COMPAT_FILE)
@@ -66,6 +66,8 @@ MKGCC?=		no
 #
 .if ${MACHINE_CPU} == "aarch64"
 HAVE_GCC?=	0
+.elif ${MACHINE} == "amd64"
+HAVE_GCC?=	6
 .else
 HAVE_GCC?=	5
 .endif

CVS commit: src/usr.bin/ftp

2018-02-10 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sun Feb 11 02:51:58 UTC 2018

Modified Files:
src/usr.bin/ftp: fetch.c

Log Message:
more volatile to appease gcc.


To generate a diff of this commit:
cvs rdiff -u -r1.229 -r1.230 src/usr.bin/ftp/fetch.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/usr.bin/ftp/fetch.c
diff -u src/usr.bin/ftp/fetch.c:1.229 src/usr.bin/ftp/fetch.c:1.230
--- src/usr.bin/ftp/fetch.c:1.229	Sat Nov 25 10:39:17 2017
+++ src/usr.bin/ftp/fetch.c	Sat Feb 10 21:51:58 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: fetch.c,v 1.229 2017/11/25 15:39:17 christos Exp $	*/
+/*	$NetBSD: fetch.c,v 1.230 2018/02/11 02:51:58 christos Exp $	*/
 
 /*-
  * Copyright (c) 1997-2015 The NetBSD Foundation, Inc.
@@ -37,7 +37,7 @@
 
 #include 
 #ifndef lint
-__RCSID("$NetBSD: fetch.c,v 1.229 2017/11/25 15:39:17 christos Exp $");
+__RCSID("$NetBSD: fetch.c,v 1.230 2018/02/11 02:51:58 christos Exp $");
 #endif /* not lint */
 
 /*
@@ -1277,7 +1277,7 @@ fetch_url(const char *url, const char *p
 	static char		*xferbuf;
 	const char		*cp;
 	char			*ep;
-	char			*auth;
+	char			*volatile auth;
 	char			*volatile savefile;
 	char			*volatile location;
 	char			*volatile message;
@@ -1460,7 +1460,8 @@ fetch_url(const char *url, const char *p
 #ifdef WITH_SSL
 		if (isproxy && oui.utype == HTTPS_URL_T) {
 			switch (connectmethod(fin, url, penv, , ,
-			, , , , )) {
+			, , __UNVOLATILE(), ,
+			)) {
 			case C_CLEANUP:
 goto cleanup_fetch_url;
 			case C_IMPROPER:
@@ -1496,7 +1497,8 @@ fetch_url(const char *url, const char *p
 		alarmtimer(0);
 
 		switch (negotiate_connection(fin, url, penv, ,
-		, , , , , )) {
+		, , , , ,
+		__UNVOLATILE())) {
 		case C_OK:
 			break;
 		case C_CLEANUP:

CVS commit: src/usr.bin/ftp

2018-02-10 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sun Feb 11 02:51:58 UTC 2018

Modified Files:
src/usr.bin/ftp: fetch.c

Log Message:
more volatile to appease gcc.


To generate a diff of this commit:
cvs rdiff -u -r1.229 -r1.230 src/usr.bin/ftp/fetch.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/external/gpl3/gcc/usr.bin

2018-02-10 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sun Feb 11 02:12:29 UTC 2018

Modified Files:
src/external/gpl3/gcc/usr.bin: Makefile Makefile.backend
Makefile.frontend Makefile.inc
src/external/gpl3/gcc/usr.bin/backend: Makefile
src/external/gpl3/gcc/usr.bin/g++: Makefile
src/external/gpl3/gcc/usr.bin/gcov: Makefile
src/external/gpl3/gcc/usr.bin/gcov-dump: Makefile
src/external/gpl3/gcc/usr.bin/include: Makefile
src/external/gpl3/gcc/usr.bin/libcpp: Makefile
src/external/gpl3/gcc/usr.bin/libdecnumber: Makefile

Log Message:
Use bsd.init.mk (instead of bsd.own.mk) consistently so that
Makefile.inc gets called before bsd.own.mk so that we get a chance
to use NOFOO easily in Makefile.inc. Use that to turn CTF off for
everything.


To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 src/external/gpl3/gcc/usr.bin/Makefile
cvs rdiff -u -r1.6 -r1.7 src/external/gpl3/gcc/usr.bin/Makefile.backend
cvs rdiff -u -r1.4 -r1.5 src/external/gpl3/gcc/usr.bin/Makefile.frontend
cvs rdiff -u -r1.30 -r1.31 src/external/gpl3/gcc/usr.bin/Makefile.inc
cvs rdiff -u -r1.42 -r1.43 src/external/gpl3/gcc/usr.bin/backend/Makefile
cvs rdiff -u -r1.6 -r1.7 src/external/gpl3/gcc/usr.bin/g++/Makefile
cvs rdiff -u -r1.6 -r1.7 src/external/gpl3/gcc/usr.bin/gcov/Makefile
cvs rdiff -u -r1.1 -r1.2 src/external/gpl3/gcc/usr.bin/gcov-dump/Makefile
cvs rdiff -u -r1.11 -r1.12 src/external/gpl3/gcc/usr.bin/include/Makefile
cvs rdiff -u -r1.7 -r1.8 src/external/gpl3/gcc/usr.bin/libcpp/Makefile
cvs rdiff -u -r1.6 -r1.7 src/external/gpl3/gcc/usr.bin/libdecnumber/Makefile

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/external/gpl3/gcc/usr.bin

2018-02-10 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sun Feb 11 02:12:29 UTC 2018

Modified Files:
src/external/gpl3/gcc/usr.bin: Makefile Makefile.backend
Makefile.frontend Makefile.inc
src/external/gpl3/gcc/usr.bin/backend: Makefile
src/external/gpl3/gcc/usr.bin/g++: Makefile
src/external/gpl3/gcc/usr.bin/gcov: Makefile
src/external/gpl3/gcc/usr.bin/gcov-dump: Makefile
src/external/gpl3/gcc/usr.bin/include: Makefile
src/external/gpl3/gcc/usr.bin/libcpp: Makefile
src/external/gpl3/gcc/usr.bin/libdecnumber: Makefile

Log Message:
Use bsd.init.mk (instead of bsd.own.mk) consistently so that
Makefile.inc gets called before bsd.own.mk so that we get a chance
to use NOFOO easily in Makefile.inc. Use that to turn CTF off for
everything.


To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 src/external/gpl3/gcc/usr.bin/Makefile
cvs rdiff -u -r1.6 -r1.7 src/external/gpl3/gcc/usr.bin/Makefile.backend
cvs rdiff -u -r1.4 -r1.5 src/external/gpl3/gcc/usr.bin/Makefile.frontend
cvs rdiff -u -r1.30 -r1.31 src/external/gpl3/gcc/usr.bin/Makefile.inc
cvs rdiff -u -r1.42 -r1.43 src/external/gpl3/gcc/usr.bin/backend/Makefile
cvs rdiff -u -r1.6 -r1.7 src/external/gpl3/gcc/usr.bin/g++/Makefile
cvs rdiff -u -r1.6 -r1.7 src/external/gpl3/gcc/usr.bin/gcov/Makefile
cvs rdiff -u -r1.1 -r1.2 src/external/gpl3/gcc/usr.bin/gcov-dump/Makefile
cvs rdiff -u -r1.11 -r1.12 src/external/gpl3/gcc/usr.bin/include/Makefile
cvs rdiff -u -r1.7 -r1.8 src/external/gpl3/gcc/usr.bin/libcpp/Makefile
cvs rdiff -u -r1.6 -r1.7 src/external/gpl3/gcc/usr.bin/libdecnumber/Makefile

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/gpl3/gcc/usr.bin/Makefile
diff -u src/external/gpl3/gcc/usr.bin/Makefile:1.9 src/external/gpl3/gcc/usr.bin/Makefile:1.10
--- src/external/gpl3/gcc/usr.bin/Makefile:1.9	Tue Feb  6 18:12:01 2018
+++ src/external/gpl3/gcc/usr.bin/Makefile	Sat Feb 10 21:12:28 2018
@@ -1,8 +1,8 @@
-#	$NetBSD: Makefile,v 1.9 2018/02/06 23:12:01 mrg Exp $
+#	$NetBSD: Makefile,v 1.10 2018/02/11 02:12:28 christos Exp $
 
 NOOBJ=# defined
 
-.include 
+.include 
 
 GCC_MACHINE_ARCH=${MACHINE_ARCH:S/earmv5/earm/}
 

Index: src/external/gpl3/gcc/usr.bin/Makefile.backend
diff -u src/external/gpl3/gcc/usr.bin/Makefile.backend:1.6 src/external/gpl3/gcc/usr.bin/Makefile.backend:1.7
--- src/external/gpl3/gcc/usr.bin/Makefile.backend:1.6	Thu Aug  3 21:18:39 2017
+++ src/external/gpl3/gcc/usr.bin/Makefile.backend	Sat Feb 10 21:12:28 2018
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile.backend,v 1.6 2017/08/04 01:18:39 mrg Exp $
+#	$NetBSD: Makefile.backend,v 1.7 2018/02/11 02:12:28 christos Exp $
 
 .ifndef _EXTERNAL_GPL3_GCC_USR_BIN_MAKEFILE_BACKEND_
 _EXTERNAL_GPL3_GCC_USR_BIN_MAKEFILE_BACKEND_=1
@@ -10,7 +10,7 @@ BINDIR=		/usr/libexec
 CPPFLAGS+=	-I${GCCARCH} -I${BACKENDOBJ} \
 		${G_ALL_CFLAGS:M-D*} ${G_INCLUDES:M-I*:N-I.*}
 
-.include 
+.include 
 
 DPADD+=			${BACKENDOBJ}/libbackend.a
 LDADD+=			${BACKENDOBJ}/libbackend.a

Index: src/external/gpl3/gcc/usr.bin/Makefile.frontend
diff -u src/external/gpl3/gcc/usr.bin/Makefile.frontend:1.4 src/external/gpl3/gcc/usr.bin/Makefile.frontend:1.5
--- src/external/gpl3/gcc/usr.bin/Makefile.frontend:1.4	Thu Apr  3 21:19:14 2014
+++ src/external/gpl3/gcc/usr.bin/Makefile.frontend	Sat Feb 10 21:12:28 2018
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile.frontend,v 1.4 2014/04/04 01:19:14 christos Exp $
+#	$NetBSD: Makefile.frontend,v 1.5 2018/02/11 02:12:28 christos Exp $
 
 BINDIR=		/usr/bin
 
@@ -6,8 +6,8 @@ CPPFLAGS+=	-I${GCCARCH} -I${FRONTENDOBJ}
 		${G_ALL_CFLAGS:M-D*} ${G_INCLUDES:M-I*:N-I.*} \
 		-DIN_GCC_FRONTEND
 
-NOCTF=	# defined
-.include 
+NOCTF=		# defined
+.include 
 
 DPADD+=			${FRONTENDOBJ}/libfrontend.a
 LDADD+=			-L${FRONTENDOBJ} -lfrontend

Index: src/external/gpl3/gcc/usr.bin/Makefile.inc
diff -u src/external/gpl3/gcc/usr.bin/Makefile.inc:1.30 src/external/gpl3/gcc/usr.bin/Makefile.inc:1.31
--- src/external/gpl3/gcc/usr.bin/Makefile.inc:1.30	Sun Feb  4 04:22:03 2018
+++ src/external/gpl3/gcc/usr.bin/Makefile.inc	Sat Feb 10 21:12:28 2018
@@ -1,9 +1,10 @@
-#	$NetBSD: Makefile.inc,v 1.30 2018/02/04 09:22:03 mrg Exp $
+#	$NetBSD: Makefile.inc,v 1.31 2018/02/11 02:12:28 christos Exp $
 
 .ifndef _EXTERNAL_GPL3_GCC_USR_BIN_MAKEFILE_INC_
 _EXTERNAL_GPL3_GCC_USR_BIN_MAKEFILE_INC_=1
 
-.include 
+NOCTF=	# defined
+.include 
 
 .sinclude "../../Makefile.gcc_path"
 

Index: src/external/gpl3/gcc/usr.bin/backend/Makefile
diff -u src/external/gpl3/gcc/usr.bin/backend/Makefile:1.42 src/external/gpl3/gcc/usr.bin/backend/Makefile:1.43
--- src/external/gpl3/gcc/usr.bin/backend/Makefile:1.42	Tue Feb  6 21:33:05 2018
+++ src/external/gpl3/gcc/usr.bin/backend/Makefile	Sat Feb 10 21:12:28 2018
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.42 2018/02/07 02:33:05 mrg Exp $
+#	$NetBSD: Makefile,v 1.43 2018/02/11 02:12:28 christos Exp $
 
 LIBISPRIVATE=	yes
 
@@

CVS commit: src/external/bsd/openpam/dist/lib/libpam

2018-02-10 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sun Feb 11 00:25:12 UTC 2018

Modified Files:
src/external/bsd/openpam/dist/lib/libpam: pam_getenvlist.c

Log Message:
non-null arg.


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 \
src/external/bsd/openpam/dist/lib/libpam/pam_getenvlist.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/bsd/openpam/dist/lib/libpam/pam_getenvlist.c
diff -u src/external/bsd/openpam/dist/lib/libpam/pam_getenvlist.c:1.3 src/external/bsd/openpam/dist/lib/libpam/pam_getenvlist.c:1.4
--- src/external/bsd/openpam/dist/lib/libpam/pam_getenvlist.c:1.3	Sat May  6 15:50:10 2017
+++ src/external/bsd/openpam/dist/lib/libpam/pam_getenvlist.c	Sat Feb 10 19:25:12 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: pam_getenvlist.c,v 1.3 2017/05/06 19:50:10 christos Exp $	*/
+/*	$NetBSD: pam_getenvlist.c,v 1.4 2018/02/11 00:25:12 christos Exp $	*/
 
 /*-
  * Copyright (c) 2002-2003 Networks Associates Technology, Inc.
@@ -42,7 +42,7 @@
 #endif
 
 #include 
-__RCSID("$NetBSD: pam_getenvlist.c,v 1.3 2017/05/06 19:50:10 christos Exp $");
+__RCSID("$NetBSD: pam_getenvlist.c,v 1.4 2018/02/11 00:25:12 christos Exp $");
 
 #include 
 #include 
@@ -65,8 +65,10 @@ pam_getenvlist(pam_handle_t *pamh)
 	size_t i;
 
 	ENTER();
+#ifdef notdef
 	if (pamh == NULL)
 		RETURNP(NULL);
+#endif
 	envlist = malloc(sizeof(*envlist) * ((size_t)pamh->env_count + 1));
 	if (envlist == NULL) {
 		openpam_log(PAM_LOG_ERROR, "%s",

CVS commit: src/external/bsd/openpam/dist/lib/libpam

2018-02-10 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sun Feb 11 00:25:12 UTC 2018

Modified Files:
src/external/bsd/openpam/dist/lib/libpam: pam_getenvlist.c

Log Message:
non-null arg.


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 \
src/external/bsd/openpam/dist/lib/libpam/pam_getenvlist.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/arch/powerpc/oea

2018-02-10 Thread matthew green

Module Name:src
Committed By:   mrg
Date:   Sun Feb 11 00:01:12 UTC 2018

Modified Files:
src/sys/arch/powerpc/oea: oea_machdep.c

Log Message:
introduce a inline function to set a value to zero while
hiding this fact from GCC.  this allows the PPC code that
writes to address zero to actually work rather than cause
GCC to emit an explicit "trap" instruction, which in early
boot means hang on my pegasosII.  use this in oae_init()
for both rfid->rfi and also setting the jump-to-zero trap.

found with a lot of debugging, but GCC 6's new warning
-Wnull-dereference found it when i was informed of its
existence.  unfortunately, there are dozens of other
violations in our kernel today so simply enabling that
option for everything is not a good idea, but is a goal.


To generate a diff of this commit:
cvs rdiff -u -r1.73 -r1.74 src/sys/arch/powerpc/oea/oea_machdep.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/arch/powerpc/oea

2018-02-10 Thread matthew green

Module Name:src
Committed By:   mrg
Date:   Sun Feb 11 00:01:12 UTC 2018

Modified Files:
src/sys/arch/powerpc/oea: oea_machdep.c

Log Message:
introduce a inline function to set a value to zero while
hiding this fact from GCC.  this allows the PPC code that
writes to address zero to actually work rather than cause
GCC to emit an explicit "trap" instruction, which in early
boot means hang on my pegasosII.  use this in oae_init()
for both rfid->rfi and also setting the jump-to-zero trap.

found with a lot of debugging, but GCC 6's new warning
-Wnull-dereference found it when i was informed of its
existence.  unfortunately, there are dozens of other
violations in our kernel today so simply enabling that
option for everything is not a good idea, but is a goal.


To generate a diff of this commit:
cvs rdiff -u -r1.73 -r1.74 src/sys/arch/powerpc/oea/oea_machdep.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/arch/powerpc/oea/oea_machdep.c
diff -u src/sys/arch/powerpc/oea/oea_machdep.c:1.73 src/sys/arch/powerpc/oea/oea_machdep.c:1.74
--- src/sys/arch/powerpc/oea/oea_machdep.c:1.73	Mon May 30 13:04:24 2016
+++ src/sys/arch/powerpc/oea/oea_machdep.c	Sun Feb 11 00:01:12 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: oea_machdep.c,v 1.73 2016/05/30 13:04:24 chs Exp $	*/
+/*	$NetBSD: oea_machdep.c,v 1.74 2018/02/11 00:01:12 mrg Exp $	*/
 
 /*
  * Copyright (C) 2002 Matt Thomas
@@ -33,7 +33,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: oea_machdep.c,v 1.73 2016/05/30 13:04:24 chs Exp $");
+__KERNEL_RCSID(0, "$NetBSD: oea_machdep.c,v 1.74 2018/02/11 00:01:12 mrg Exp $");
 
 #include "opt_ppcarch.h"
 #include "opt_compat_netbsd.h"
@@ -109,6 +109,19 @@ extern int dsitrap_fix_dbat5[];
 extern int dsitrap_fix_dbat6[];
 extern int dsitrap_fix_dbat7[];
 
+/*
+ * Load pointer with 0 behind GCC's back, otherwise it will
+ * emit a "trap" instead.
+ */
+static __inline__ uintptr_t
+zero_value(void)
+{
+	uintptr_t dont_tell_gcc;
+
+	__asm volatile ("li %0, 0" : "=r"(dont_tell_gcc) :);
+	return dont_tell_gcc;
+}
+
 void
 oea_init(void (*handler)(void))
 {
@@ -144,7 +157,7 @@ oea_init(void (*handler)(void))
 #ifdef PPC_HIGH_VEC
 	exc_base = EXC_HIGHVEC;
 #else
-	exc_base = 0;
+	exc_base = zero_value();
 #endif
 	KASSERT(mfspr(SPR_SPRG0) == (uintptr_t)ci);
 
@@ -289,8 +302,10 @@ oea_init(void (*handler)(void))
 	 * Install a branch absolute to trap0 to force a panic.
 	 */
 	if ((uintptr_t)trap0 < 0x200) {
-		*(volatile uint32_t *) 0 = 0x7c6802a6;
-		*(volatile uint32_t *) 4 = 0x4802 | (uintptr_t) trap0;
+		uint32_t *p = (uint32_t *)zero_value();
+
+		p[0] = 0x7c6802a6;
+		p[1] = 0x4802 | (uintptr_t) trap0;
 	}
 
 	/*

CVS commit: src/external/bsd/elftoolchain/dist/libdwarf

2018-02-10 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sat Feb 10 23:46:44 UTC 2018

Modified Files:
src/external/bsd/elftoolchain/dist/libdwarf: dwarf_attrval.c

Log Message:
remove more unreachable code.


To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 \
src/external/bsd/elftoolchain/dist/libdwarf/dwarf_attrval.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/bsd/elftoolchain/dist/libdwarf/dwarf_attrval.c
diff -u src/external/bsd/elftoolchain/dist/libdwarf/dwarf_attrval.c:1.9 src/external/bsd/elftoolchain/dist/libdwarf/dwarf_attrval.c:1.10
--- src/external/bsd/elftoolchain/dist/libdwarf/dwarf_attrval.c:1.9	Sat Feb 10 18:39:29 2018
+++ src/external/bsd/elftoolchain/dist/libdwarf/dwarf_attrval.c	Sat Feb 10 18:46:44 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: dwarf_attrval.c,v 1.9 2018/02/10 23:39:29 christos Exp $	*/
+/*	$NetBSD: dwarf_attrval.c,v 1.10 2018/02/10 23:46:44 christos Exp $	*/
 
 /*-
  * Copyright (c) 2007 John Birrell (j...@freebsd.org)
@@ -28,7 +28,7 @@
 
 #include "_libdwarf.h"
 
-__RCSID("$NetBSD: dwarf_attrval.c,v 1.9 2018/02/10 23:39:29 christos Exp $");
+__RCSID("$NetBSD: dwarf_attrval.c,v 1.10 2018/02/10 23:46:44 christos Exp $");
 ELFTC_VCSID("Id: dwarf_attrval.c 3159 2015-02-15 21:43:27Z emaste ");
 
 int
@@ -201,13 +201,9 @@ dwarf_attrval_unsigned(Dwarf_Die die, Dw
 		*valp = at->u[0].u64;
 		break;
 	default:
-		if (at->at_die != die)
-			dwarf_dealloc(dbg, at->at_die, DW_DLA_DIE);
 		DWARF_SET_ERROR(dbg, err, DW_DLE_ATTR_FORM_BAD);
 		return (DW_DLV_ERROR);
 	}
 
-	if (at->at_die != die)
-		dwarf_dealloc(dbg, at->at_die, DW_DLA_DIE);
 	return (DW_DLV_OK);
 }

CVS commit: src/external/bsd/elftoolchain/dist/libdwarf

2018-02-10 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sat Feb 10 23:46:44 UTC 2018

Modified Files:
src/external/bsd/elftoolchain/dist/libdwarf: dwarf_attrval.c

Log Message:
remove more unreachable code.


To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 \
src/external/bsd/elftoolchain/dist/libdwarf/dwarf_attrval.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/external/bsd/elftoolchain/dist/libdwarf

2018-02-10 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sat Feb 10 23:39:29 UTC 2018

Modified Files:
src/external/bsd/elftoolchain/dist/libdwarf: dwarf_attrval.c

Log Message:
Convert to full recursive attr/die lookup instead of one level since gcc 6
creates indirect attributes that point to indirect attributes. The code is
smaller this way too :-)


To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 \
src/external/bsd/elftoolchain/dist/libdwarf/dwarf_attrval.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/external/bsd/elftoolchain/dist/libdwarf

2018-02-10 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sat Feb 10 23:39:29 UTC 2018

Modified Files:
src/external/bsd/elftoolchain/dist/libdwarf: dwarf_attrval.c

Log Message:
Convert to full recursive attr/die lookup instead of one level since gcc 6
creates indirect attributes that point to indirect attributes. The code is
smaller this way too :-)


To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 \
src/external/bsd/elftoolchain/dist/libdwarf/dwarf_attrval.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/bsd/elftoolchain/dist/libdwarf/dwarf_attrval.c
diff -u src/external/bsd/elftoolchain/dist/libdwarf/dwarf_attrval.c:1.8 src/external/bsd/elftoolchain/dist/libdwarf/dwarf_attrval.c:1.9
--- src/external/bsd/elftoolchain/dist/libdwarf/dwarf_attrval.c:1.8	Thu Mar 31 11:53:33 2016
+++ src/external/bsd/elftoolchain/dist/libdwarf/dwarf_attrval.c	Sat Feb 10 18:39:29 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: dwarf_attrval.c,v 1.8 2016/03/31 15:53:33 christos Exp $	*/
+/*	$NetBSD: dwarf_attrval.c,v 1.9 2018/02/10 23:39:29 christos Exp $	*/
 
 /*-
  * Copyright (c) 2007 John Birrell (j...@freebsd.org)
@@ -28,7 +28,7 @@
 
 #include "_libdwarf.h"
 
-__RCSID("$NetBSD: dwarf_attrval.c,v 1.8 2016/03/31 15:53:33 christos Exp $");
+__RCSID("$NetBSD: dwarf_attrval.c,v 1.9 2018/02/10 23:39:29 christos Exp $");
 ELFTC_VCSID("Id: dwarf_attrval.c 3159 2015-02-15 21:43:27Z emaste ");
 
 int
@@ -141,23 +141,13 @@ dwarf_attrval_signed(Dwarf_Die die, Dwar
 	return (DW_DLV_OK);
 }
 
-static Dwarf_Attribute
-dwarf_indirect_find(Dwarf_Debug dbg, Dwarf_Die die, Dwarf_Half attr,
-Dwarf_Unsigned val)
-{
-	Dwarf_Die die1;
-
-	if ((die1 = _dwarf_die_find(die, val)) == NULL)
-		return NULL;
-
-	return _dwarf_attr_find(die1, attr);
-}
-
 int
 dwarf_attrval_unsigned(Dwarf_Die die, Dwarf_Half attr, Dwarf_Unsigned *valp, Dwarf_Error *err)
 {
 	Dwarf_Attribute at;
 	Dwarf_Debug dbg;
+	Dwarf_Die die1;
+	int rv;
 
 	dbg = die != NULL ? die->die_dbg : NULL;
 
@@ -167,13 +157,7 @@ dwarf_attrval_unsigned(Dwarf_Die die, Dw
 	}
 
 	*valp = 0;
-
-	if ((at = _dwarf_attr_find(die, attr)) == NULL && attr != DW_AT_type) {
-		DWARF_SET_ERROR(dbg, err, DW_DLE_NO_ENTRY);
-		return (DW_DLV_NO_ENTRY);
-	}
-
-	if (at == NULL &&
+	if ((at = _dwarf_attr_find(die, attr)) == NULL &&
 	((at = _dwarf_attr_find(die, DW_AT_specification)) != NULL ||
 	(at = _dwarf_attr_find(die, DW_AT_abstract_origin)) != NULL)) {
 		switch (at->at_form) {
@@ -182,8 +166,15 @@ dwarf_attrval_unsigned(Dwarf_Die die, Dw
 		case DW_FORM_ref4:
 		case DW_FORM_ref8:
 		case DW_FORM_ref_udata:
-			at = dwarf_indirect_find(dbg, die, attr, at->u[0].u64);
-			break;
+			if ((die1 = _dwarf_die_find(die, at->u[0].u64)) == NULL)
+			{
+at = NULL;
+break;
+			}
+			rv = dwarf_attrval_unsigned(die1, attr, valp, err);
+			if (die != die1)
+dwarf_dealloc(dbg, die1, DW_DLA_DIE);
+			return rv;
 		default:
 			DWARF_SET_ERROR(dbg, err, DW_DLE_ATTR_FORM_BAD);
 			return (DW_DLV_ERROR);

Re: CVS commit: src/sys/netinet

2018-02-10 Thread David H. Gutteridge

On Mon, 05 Feb 2018, at 13:23:11 +, Maxime Villard wrote:
>Module Name:src
>Committed By:   maxv
>Date:   Mon Feb  5 13:23:11 UTC 2018
>
>Modified Files:
>src/sys/netinet: ip_input.c
>
>Log Message:
>Disable ip_allowsrcrt and ip_forwsrcrt. Enabling them by default was a
>completely dumb idea, because they have security implications.
>
>By sending an IPv4 packet containing an LSRR option, an attacker will
>cause the system to forward the packet to another IPv4 address - and
>this way he white-washes the source of the packet.
>
>It is also possible for an attacker to reach hidden networks: if a
server
>has a public address, and a private one on an internal network (network
>which has several internal machines connected), the attacker can send a
>packet with:
>
>source = 0.0.0.0
>destination = public address of the server
>LSRR first address = address of a machine on the internal
network
>
>And the packet will be forwarded, by the server, to the internal
machine,
>in some cases even with the internal IP address of the server as a
source.

Hello,

This particular fix has been pulled up to the various 6.x and 7.x
branches, but not to 8.0_BETA. Is that still pending because it's part
of a larger planned change set?

Thanks for all the improvements you've been making!

Regards,

Dave

CVS commit: src/libexec/telnetd

2018-02-10 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sat Feb 10 19:34:34 UTC 2018

Modified Files:
src/libexec/telnetd: Makefile

Log Message:
We need authentication || encryption even when we are not building
kerberos. They are needed for telnet_net_write() which is used in libtelnet.


To generate a diff of this commit:
cvs rdiff -u -r1.51 -r1.52 src/libexec/telnetd/Makefile

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/libexec/telnetd

2018-02-10 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sat Feb 10 19:34:34 UTC 2018

Modified Files:
src/libexec/telnetd: Makefile

Log Message:
We need authentication || encryption even when we are not building
kerberos. They are needed for telnet_net_write() which is used in libtelnet.


To generate a diff of this commit:
cvs rdiff -u -r1.51 -r1.52 src/libexec/telnetd/Makefile

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/libexec/telnetd/Makefile
diff -u src/libexec/telnetd/Makefile:1.51 src/libexec/telnetd/Makefile:1.52
--- src/libexec/telnetd/Makefile:1.51	Sun May 21 11:28:41 2017
+++ src/libexec/telnetd/Makefile	Sat Feb 10 14:34:34 2018
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.51 2017/05/21 15:28:41 riastradh Exp $
+#	$NetBSD: Makefile,v 1.52 2018/02/10 19:34:34 christos Exp $
 #	from: @(#)Makefile	8.2 (Berkeley) 12/15/93
 
 WARNS?=	4		# XXX: const issues in sys_term.c
@@ -21,11 +21,12 @@ CPPFLAGS+=-I${.CURDIR}
 LIBTELNETDIR!=	cd ${.CURDIR}/../../lib/libtelnet; ${PRINTOBJDIR}
 
 .if (${USE_KERBEROS} != "no")
-CPPFLAGS+=-DKRB5 -DAUTHENTICATION -DENCRYPTION
+CPPFLAGS+=-DKRB5
 LDADD+= -lkrb5 -lasn1 -lcom_err -lroken -lsqlite3
 DPADD+=	${LIBKRB5} ${LIBASN1} ${LIBCOM_ERR} ${LIBROKEN} ${LIBSQLITE3}
 .endif
 
+CPPFLAGS+=-DAUTHENTICATION -DENCRYPTION
 LDADD+=-ldes -lcrypto -lcrypt
 DPADD+=${LIBDES} ${LIBCRYPTO} ${LIBCRYPT}

CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto

2018-02-10 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sat Feb 10 16:16:28 UTC 2018

Modified Files:
src/crypto/external/bsd/openssl/lib/libcrypto: chacha.inc

Log Message:
fix pasto


To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 \
src/crypto/external/bsd/openssl/lib/libcrypto/chacha.inc

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/lib/libcrypto/chacha.inc
diff -u src/crypto/external/bsd/openssl/lib/libcrypto/chacha.inc:1.1 src/crypto/external/bsd/openssl/lib/libcrypto/chacha.inc:1.2
--- src/crypto/external/bsd/openssl/lib/libcrypto/chacha.inc:1.1	Thu Feb  8 16:57:24 2018
+++ src/crypto/external/bsd/openssl/lib/libcrypto/chacha.inc	Sat Feb 10 11:16:28 2018
@@ -1,4 +1,4 @@
-#	$NetBSD: chacha.inc,v 1.1 2018/02/08 21:57:24 christos Exp $
+#	$NetBSD: chacha.inc,v 1.2 2018/02/10 16:16:28 christos Exp $
 #
 #	@(#) Copyright (c) 1995 Simon J. Gerraty
 #
@@ -9,7 +9,7 @@
 
 
 CHACHA_SRCS ?= \
-poly_enc.c
+chacha_enc.c
 
 SRCS += ${CHACHA_SRCS}

CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto

2018-02-10 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sat Feb 10 16:16:28 UTC 2018

Modified Files:
src/crypto/external/bsd/openssl/lib/libcrypto: chacha.inc

Log Message:
fix pasto


To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 \
src/crypto/external/bsd/openssl/lib/libcrypto/chacha.inc

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386

2018-02-10 Thread Takeshi Nakayama

Module Name:src
Committed By:   nakayama
Date:   Sat Feb 10 13:29:55 UTC 2018

Modified Files:
src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386: Makefile
aes-586.S aesni-x86.S bn-586.S chacha-x86.S crypt586.S
ecp_nistz256-x86.S ghash-x86.S poly1305-x86.S rc4-586.S sha1-586.S
sha256-586.S sha512-586.S x86cpuid.S

Log Message:
Restore pic and sse2 enabled code to make libcrypto works as before.


To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 \
src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386/Makefile
cvs rdiff -u -r1.10 -r1.11 \
src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386/aes-586.S
cvs rdiff -u -r1.9 -r1.10 \
src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386/aesni-x86.S \
src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386/bn-586.S
cvs rdiff -u -r1.2 -r1.3 \
src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386/chacha-x86.S \
src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386/ecp_nistz256-x86.S \
src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386/poly1305-x86.S
cvs rdiff -u -r1.7 -r1.8 \
src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386/crypt586.S \
src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386/rc4-586.S \
src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386/sha1-586.S
cvs rdiff -u -r1.6 -r1.7 \
src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386/ghash-x86.S \
src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386/sha256-586.S \
src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386/sha512-586.S
cvs rdiff -u -r1.15 -r1.16 \
src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386/x86cpuid.S

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/arch/i386/i386

2018-02-10 Thread Robert Elz

Module Name:src
Committed By:   kre
Date:   Sat Feb 10 11:50:39 UTC 2018

Modified Files:
src/sys/arch/i386/i386: db_interface.c

Log Message:
Do for i386 what was done for amd64 (but in a more KNF conformant way...)


To generate a diff of this commit:
cvs rdiff -u -r1.77 -r1.78 src/sys/arch/i386/i386/db_interface.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/arch/i386/i386/db_interface.c
diff -u src/sys/arch/i386/i386/db_interface.c:1.77 src/sys/arch/i386/i386/db_interface.c:1.78
--- src/sys/arch/i386/i386/db_interface.c:1.77	Fri Feb  9 09:36:42 2018
+++ src/sys/arch/i386/i386/db_interface.c	Sat Feb 10 11:50:39 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: db_interface.c,v 1.77 2018/02/09 09:36:42 maxv Exp $	*/
+/*	$NetBSD: db_interface.c,v 1.78 2018/02/10 11:50:39 kre Exp $	*/
 
 /*
  * Mach Operating System
@@ -33,7 +33,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: db_interface.c,v 1.77 2018/02/09 09:36:42 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: db_interface.c,v 1.78 2018/02/10 11:50:39 kre Exp $");
 
 #include "opt_ddb.h"
 #include "opt_multiprocessor.h"
@@ -195,7 +195,9 @@ int
 kdb_trap(int type, int code, db_regs_t *regs)
 {
 	int s, flags;
+#ifdef MULTIPROCESSOR
 	db_regs_t dbreg;
+#endif
 
 	flags = regs->tf_err & TC_FLAGMASK;
 	regs->tf_err &= ~TC_FLAGMASK;

CVS commit: src/sys/arch/i386/i386

2018-02-10 Thread Robert Elz

Module Name:src
Committed By:   kre
Date:   Sat Feb 10 11:50:39 UTC 2018

Modified Files:
src/sys/arch/i386/i386: db_interface.c

Log Message:
Do for i386 what was done for amd64 (but in a more KNF conformant way...)


To generate a diff of this commit:
cvs rdiff -u -r1.77 -r1.78 src/sys/arch/i386/i386/db_interface.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/share/man/man8

2018-02-10 Thread Maxime Villard

Module Name:src
Committed By:   maxv
Date:   Sat Feb 10 08:54:22 UTC 2018

Modified Files:
src/share/man/man8: compat_freebsd.8

Log Message:
Add a note, to say that basically the recent FreeBSD binaries can't be
expected to work, and that we keep compat_freebsd only for tw_cli.


To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 src/share/man/man8/compat_freebsd.8

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/share/man/man8/compat_freebsd.8
diff -u src/share/man/man8/compat_freebsd.8:1.18 src/share/man/man8/compat_freebsd.8:1.19
--- src/share/man/man8/compat_freebsd.8:1.18	Mon Jul  3 21:31:00 2017
+++ src/share/man/man8/compat_freebsd.8	Sat Feb 10 08:54:22 2018
@@ -1,4 +1,4 @@
-.\"	$NetBSD: compat_freebsd.8,v 1.18 2017/07/03 21:31:00 wiz Exp $
+.\"	$NetBSD: compat_freebsd.8,v 1.19 2018/02/10 08:54:22 maxv Exp $
 .\"	from: compat_linux.8,v 1.1 1995/03/05 23:30:36 fvdl Exp
 .\"
 .\" Copyright (c) 1995 Frank van der Linden
@@ -30,13 +30,20 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd April 30, 2017
+.Dd February 10, 2018
 .Dt COMPAT_FREEBSD 8
 .Os
 .Sh NAME
 .Nm compat_freebsd
 .Nd setup procedure for running FreeBSD binaries
 .Sh DESCRIPTION
+.Bf -symbolic
+compat_freebsd is not maintained anymore, and new FreeBSD binaries cannot
+be expected to work.
+The compat_freebsd feature is available in NetBSD only to support the
+FreeBSD tw_cli driver.
+.Ef
+.Pp
 .Nx
 supports running
 .Fx

CVS commit: src/share/man/man8

2018-02-10 Thread Maxime Villard

Module Name:src
Committed By:   maxv
Date:   Sat Feb 10 08:54:22 UTC 2018

Modified Files:
src/share/man/man8: compat_freebsd.8

Log Message:
Add a note, to say that basically the recent FreeBSD binaries can't be
expected to work, and that we keep compat_freebsd only for tw_cli.


To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 src/share/man/man8/compat_freebsd.8

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

re: CVS commit: src/include

2018-02-10 Thread matthew green

Christos Zoulas writes:
> In article <20180207130259.ga21...@britannica.bec.de>,
> Joerg Sonnenberger   wrote:
> >On Tue, Feb 06, 2018 at 03:21:21PM -0500, Christos Zoulas wrote:
> >> Module Name:   src
> >> Committed By:  christos
> >> Date:  Tue Feb  6 20:21:21 UTC 2018
> >> 
> >> Modified Files:
> >>src/include: unistd.h
> >> 
> >> Log Message:
> >> detect duplicate declaration of pthread_atfork() in pthread.h
> >
> >Is this for some new broken GCC warning?
> >
> 
> This is what the compiler said, and we have prior art for this (macro
> protect to avoid dup declarations -- grep for _DECLARED).

why is it a problem to declare the functino twice?

what was the context of the compiler?


.mrg.

CVS commit: src/sys/netinet

2018-02-10 Thread Maxime Villard

Module Name:src
Committed By:   maxv
Date:   Sat Feb 10 08:17:00 UTC 2018

Modified Files:
src/sys/netinet: udp_usrreq.c

Log Message:
If the socket wants a ESP-over-UDP packet, and the packet is incorrect,
stop processing it instead of giving it to udp4_sendup. It just doesn't
make any sense not to drop it.

I was already telling myself this the other day when I visited this place,
but I just saw PR/36782 (11 years old) that suggests the exact same thing,
so fix it.

Now, udp4_espinudp always frees the mbuf, and is made void. The packet is
not processed any further afterwards.


To generate a diff of this commit:
cvs rdiff -u -r1.239 -r1.240 src/sys/netinet/udp_usrreq.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet/udp_usrreq.c
diff -u src/sys/netinet/udp_usrreq.c:1.239 src/sys/netinet/udp_usrreq.c:1.240
--- src/sys/netinet/udp_usrreq.c:1.239	Thu Feb  8 10:24:46 2018
+++ src/sys/netinet/udp_usrreq.c	Sat Feb 10 08:17:00 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: udp_usrreq.c,v 1.239 2018/02/08 10:24:46 maxv Exp $	*/
+/*	$NetBSD: udp_usrreq.c,v 1.240 2018/02/10 08:17:00 maxv Exp $	*/
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -66,7 +66,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: udp_usrreq.c,v 1.239 2018/02/08 10:24:46 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: udp_usrreq.c,v 1.240 2018/02/10 08:17:00 maxv Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -139,7 +139,7 @@ percpu_t *udpstat_percpu;
 
 #ifdef INET
 #ifdef IPSEC
-static int udp4_espinudp(struct mbuf **, int, struct sockaddr *,
+static void udp4_espinudp(struct mbuf *, int, struct sockaddr *,
 struct socket *);
 #endif
 static void udp4_sendup(struct mbuf *, int, struct sockaddr *,
@@ -606,25 +606,9 @@ udp4_realinput(struct sockaddr_in *src, 
 		/* Handle ESP over UDP */
 		if (inp->inp_flags & INP_ESPINUDP_ALL) {
 			struct sockaddr *sa = (struct sockaddr *)src;
-
-			switch (udp4_espinudp(mp, off, sa, inp->inp_socket)) {
-			case -1: /* Error, m was freed */
-rcvcnt = -1;
-goto bad;
-
-			case 1: /* ESP over UDP */
-rcvcnt++;
-goto bad;
-
-			case 0: /* plain UDP */
-			default: /* Unexpected */
-/*
- * Normal UDP processing will take place,
- * m may have changed.
- */
-m = *mp;
-break;
-			}
+			udp4_espinudp(m, off, sa, inp->inp_socket);
+			*mp = NULL;
+			goto bad;
 		}
 #endif
 
@@ -1246,13 +1230,10 @@ udp_statinc(u_int stat)
 
 #if defined(INET) && defined(IPSEC)
 /*
- * Returns:
- * 1 if the packet was processed
- * 0 if normal UDP processing should take place
- *-1 if an error occurred and m was freed
+ * This function always frees the mbuf.
  */
-static int
-udp4_espinudp(struct mbuf **mp, int off, struct sockaddr *src,
+static void
+udp4_espinudp(struct mbuf *m, int off, struct sockaddr *src,
 struct socket *so)
 {
 	size_t len;
@@ -1265,7 +1246,6 @@ udp4_espinudp(struct mbuf **mp, int off,
 	struct m_tag *tag;
 	struct udphdr *udphdr;
 	u_int16_t sport, dport;
-	struct mbuf *m = *mp;
 
 	/*
 	 * Collapse the mbuf chain if the first mbuf is too short
@@ -1276,10 +1256,9 @@ udp4_espinudp(struct mbuf **mp, int off,
 		minlen = m->m_pkthdr.len;
 
 	if (m->m_len < minlen) {
-		if ((*mp = m_pullup(m, minlen)) == NULL) {
-			return -1;
+		if ((m = m_pullup(m, minlen)) == NULL) {
+			return;
 		}
-		m = *mp;
 	}
 
 	len = m->m_len - off;
@@ -1288,9 +1267,7 @@ udp4_espinudp(struct mbuf **mp, int off,
 
 	/* Ignore keepalive packets */
 	if ((len == 1) && (*(unsigned char *)data == 0xff)) {
-		m_freem(m);
-		*mp = NULL; /* avoid any further processing by caller ... */
-		return 1;
+		goto out;
 	}
 
 	/*
@@ -1301,8 +1278,9 @@ udp4_espinudp(struct mbuf **mp, int off,
 	if (inp->inp_flags & INP_ESPINUDP) {
 		u_int32_t *st = (u_int32_t *)data;
 
-		if ((len <= sizeof(struct esp)) || (*st == 0))
-			return 0; /* Normal UDP processing */
+		if ((len <= sizeof(struct esp)) || (*st == 0)) {
+			goto out;
+		}
 
 		skip = sizeof(struct udphdr);
 	}
@@ -1311,8 +1289,9 @@ udp4_espinudp(struct mbuf **mp, int off,
 		u_int32_t *st = (u_int32_t *)data;
 
 		if ((len <= sizeof(u_int64_t) + sizeof(struct esp)) ||
-		((st[0] | st[1]) != 0))
-			return 0; /* Normal UDP processing */
+		((st[0] | st[1]) != 0)) {
+			goto out;
+		}
 
 		skip = sizeof(struct udphdr) + sizeof(u_int64_t);
 	}
@@ -1359,8 +1338,7 @@ udp4_espinudp(struct mbuf **mp, int off,
 	 */
 	if ((tag = m_tag_get(PACKET_TAG_IPSEC_NAT_T_PORTS,
 	sizeof(sport) + sizeof(dport), M_DONTWAIT)) == NULL) {
-		m_freem(m);
-		return -1;
+		goto out;
 	}
 	((u_int16_t *)(tag + 1))[0] = sport;
 	((u_int16_t *)(tag + 1))[1] = dport;
@@ -1371,9 +1349,11 @@ udp4_espinudp(struct mbuf **mp, int off,
 	else
 		m_freem(m);
 
-	/* We handled it, it shouldn't be handled by UDP */
-	*mp = NULL; /* avoid free by caller ... */
-	return 1;
+	return;
+
+out:
+	m_freem(m);
+	return;
 }

CVS commit: src/sys/netinet

2018-02-10 Thread Maxime Villard

Module Name:src
Committed By:   maxv
Date:   Sat Feb 10 08:17:00 UTC 2018

Modified Files:
src/sys/netinet: udp_usrreq.c

Log Message:
If the socket wants a ESP-over-UDP packet, and the packet is incorrect,
stop processing it instead of giving it to udp4_sendup. It just doesn't
make any sense not to drop it.

I was already telling myself this the other day when I visited this place,
but I just saw PR/36782 (11 years old) that suggests the exact same thing,
so fix it.

Now, udp4_espinudp always frees the mbuf, and is made void. The packet is
not processed any further afterwards.


To generate a diff of this commit:
cvs rdiff -u -r1.239 -r1.240 src/sys/netinet/udp_usrreq.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/arch/sun2/conf

2018-02-10 Thread Maxime Villard

Module Name:src
Committed By:   maxv
Date:   Sat Feb 10 07:59:54 UTC 2018

Modified Files:
src/sys/arch/sun2/conf: GENERIC

Log Message:
Remove the last reference to IPSEC_ESP. This option was deleted in
2013.


To generate a diff of this commit:
cvs rdiff -u -r1.99 -r1.100 src/sys/arch/sun2/conf/GENERIC

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/arch/sun2/conf/GENERIC
diff -u src/sys/arch/sun2/conf/GENERIC:1.99 src/sys/arch/sun2/conf/GENERIC:1.100
--- src/sys/arch/sun2/conf/GENERIC:1.99	Tue Jan 23 14:47:56 2018
+++ src/sys/arch/sun2/conf/GENERIC	Sat Feb 10 07:59:54 2018
@@ -1,4 +1,4 @@
-# $NetBSD: GENERIC,v 1.99 2018/01/23 14:47:56 sevan Exp $
+# $NetBSD: GENERIC,v 1.100 2018/02/10 07:59:54 maxv Exp $
 #
 # GENERIC machine description file
 # 
@@ -25,7 +25,7 @@ include 	"arch/sun2/conf/std.sun2"
 
 #options 	INCLUDE_CONFIG_FILE	# embed config file in kernel binary
 
-#ident 		"GENERIC-$Revision: 1.99 $"
+#ident 		"GENERIC-$Revision: 1.100 $"
 
 makeoptions	COPTS="-Os"	# optimize for size
 
@@ -100,7 +100,6 @@ options 	FFS_NO_SNAPSHOT	# No FFS snapsh
 options 	INET		# IP protocol stack support
 #options 	INET6		# IPV6
 #options 	IPSEC		# IP security
-#options 	IPSEC_ESP	# IP security (encryption part; define w/IPSEC)
 #options 	IPSEC_DEBUG	# debug for IP security
 #options 	GATEWAY		# IP packet forwarding
 #options 	TCP_DEBUG	# Record last TCP_NDEBUG packets with SO_DEBUG

CVS commit: src/sys/arch/sun2/conf

2018-02-10 Thread Maxime Villard

Module Name:src
Committed By:   maxv
Date:   Sat Feb 10 07:59:54 UTC 2018

Modified Files:
src/sys/arch/sun2/conf: GENERIC

Log Message:
Remove the last reference to IPSEC_ESP. This option was deleted in
2013.


To generate a diff of this commit:
cvs rdiff -u -r1.99 -r1.100 src/sys/arch/sun2/conf/GENERIC

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Fwd: Re: CVS commit: src/sys/netinet

CVS commit: src/share/mk

CVS commit: src/share/mk

CVS commit: src/usr.bin/ftp

CVS commit: src/usr.bin/ftp

CVS commit: src/external/gpl3/gcc/usr.bin

CVS commit: src/external/gpl3/gcc/usr.bin

CVS commit: src/external/bsd/openpam/dist/lib/libpam

CVS commit: src/external/bsd/openpam/dist/lib/libpam

CVS commit: src/sys/arch/powerpc/oea

CVS commit: src/sys/arch/powerpc/oea

CVS commit: src/external/bsd/elftoolchain/dist/libdwarf

CVS commit: src/external/bsd/elftoolchain/dist/libdwarf

CVS commit: src/external/bsd/elftoolchain/dist/libdwarf

CVS commit: src/external/bsd/elftoolchain/dist/libdwarf

Re: CVS commit: src/sys/netinet

CVS commit: src/libexec/telnetd

CVS commit: src/libexec/telnetd

CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto

CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto

CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386

CVS commit: src/sys/arch/i386/i386

CVS commit: src/sys/arch/i386/i386

CVS commit: src/share/man/man8

CVS commit: src/share/man/man8

re: CVS commit: src/include

CVS commit: src/sys/netinet

CVS commit: src/sys/netinet

CVS commit: src/sys/arch/sun2/conf

CVS commit: src/sys/arch/sun2/conf

30 matches

Site Navigation

Mail list logo

Footer information