CVS commit: src/usr.bin/make
Module Name:src Committed By: sjg Date: Wed Jun 21 04:20:21 UTC 2023 Modified Files: src/usr.bin/make: cond.c src/usr.bin/make/unit-tests: directive-include-guard.exp directive-include-guard.mk Log Message: Allow guard targets to use variables. I commonly use __${.PARSEDIR:tA}__ where a unique guard is needed, __${.PARSEDIR}__ is also useful in many cases. Combination of patch from rillig and mine To generate a diff of this commit: cvs rdiff -u -r1.350 -r1.351 src/usr.bin/make/cond.c cvs rdiff -u -r1.6 -r1.7 \ src/usr.bin/make/unit-tests/directive-include-guard.exp cvs rdiff -u -r1.7 -r1.8 \ src/usr.bin/make/unit-tests/directive-include-guard.mk Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/make/cond.c diff -u src/usr.bin/make/cond.c:1.350 src/usr.bin/make/cond.c:1.351 --- src/usr.bin/make/cond.c:1.350 Tue Jun 20 09:25:33 2023 +++ src/usr.bin/make/cond.c Wed Jun 21 04:20:20 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: cond.c,v 1.350 2023/06/20 09:25:33 rillig Exp $ */ +/* $NetBSD: cond.c,v 1.351 2023/06/21 04:20:20 sjg Exp $ */ /* * Copyright (c) 1988, 1989, 1990 The Regents of the University of California. @@ -92,7 +92,7 @@ #include "dir.h" /* "@(#)cond.c 8.2 (Berkeley) 1/2/94" */ -MAKE_RCSID("$NetBSD: cond.c,v 1.350 2023/06/20 09:25:33 rillig Exp $"); +MAKE_RCSID("$NetBSD: cond.c,v 1.351 2023/06/21 04:20:20 sjg Exp $"); /* * Conditional expressions conform to this grammar: @@ -1252,22 +1252,6 @@ ParseVarnameGuard(const char **pp, const return false; } -static bool -ParseTargetGuard(const char **pp, const char **target) -{ - const char *p = *pp; - - if (ch_isalpha(*p) || *p == '_') { - while (ch_isalnum(*p) || *p == '_' || *p == '-' - || *p == '<' || *p == '>' || *p == '.' || *p == '/') - p++; - *target = *pp; - *pp = p; - return true; - } - return false; -} - /* Extracts the multiple-inclusion guard from a conditional, if any. */ Guard * Cond_ExtractGuard(const char *line) @@ -1292,9 +1276,17 @@ Cond_ExtractGuard(const char *line) && strcmp(p, ")") == 0) goto found_variable; } else if (skip_string(, "!target(")) { - if (ParseTargetGuard(, ) - && strcmp(p, ")") == 0) -goto found_target; + name = p; + free(ParseWord(, false)); + if (strcmp(p, ")") == 0) { +char *target; +p = name; +target = ParseWord(, true); +guard = bmake_malloc(sizeof(*guard)); +guard->kind = GK_TARGET; +guard->name = target; +return guard; + } } } else if (Substring_Equals(dir, "ifndef")) { if (ParseVarnameGuard(, ) && *p == '\0') @@ -1304,10 +1296,6 @@ Cond_ExtractGuard(const char *line) found_variable: kind = GK_VARIABLE; - goto found; -found_target: - kind = GK_TARGET; -found: guard = bmake_malloc(sizeof(*guard)); guard->kind = kind; guard->name = bmake_strsedup(name, p); Index: src/usr.bin/make/unit-tests/directive-include-guard.exp diff -u src/usr.bin/make/unit-tests/directive-include-guard.exp:1.6 src/usr.bin/make/unit-tests/directive-include-guard.exp:1.7 --- src/usr.bin/make/unit-tests/directive-include-guard.exp:1.6 Tue Jun 20 09:25:34 2023 +++ src/usr.bin/make/unit-tests/directive-include-guard.exp Wed Jun 21 04:20:21 2023 @@ -47,7 +47,13 @@ Skipping 'target.tmp' because '__target. Parse_PushInput: file target-sys.tmp, line 1 Skipping 'target-sys.tmp' because '' is defined Parse_PushInput: file target-indirect.tmp, line 1 -Parse_PushInput: file target-indirect.tmp, line 1 +Skipping 'target-indirect.tmp' because 'target-indirect.tmp' is defined +Parse_PushInput: file target-indirect-PARSEFILE.tmp, line 1 +Skipping 'target-indirect-PARSEFILE.tmp' because '__target-indirect-PARSEFILE.tmp__' is defined +Parse_PushInput: file target-indirect-PARSEFILE2.tmp, line 1 +Skipping 'target-indirect-PARSEFILE2.tmp' because '__target-indirect-PARSEFILE2.tmp__' is defined +Parse_PushInput: file target-indirect-PARSEFILE-tA.tmp, line 1 +Skipping 'target-indirect-PARSEFILE-tA.tmp' because '__target-indirect-PARSEFILE-tA.tmp__' is defined Parse_PushInput: file target-unguarded.tmp, line 1 Parse_PushInput: file target-unguarded.tmp, line 1 Parse_PushInput: file target-plus.tmp, line 1 Index: src/usr.bin/make/unit-tests/directive-include-guard.mk diff -u src/usr.bin/make/unit-tests/directive-include-guard.mk:1.7 src/usr.bin/make/unit-tests/directive-include-guard.mk:1.8 --- src/usr.bin/make/unit-tests/directive-include-guard.mk:1.7 Tue Jun 20 09:25:34 2023 +++ src/usr.bin/make/unit-tests/directive-include-guard.mk Wed Jun 21 04:20:21 2023 @@ -1,4 +1,4 @@ -# $NetBSD: directive-include-guard.mk,v 1.7 2023/06/20 09:25:34 rillig Exp $ +# $NetBSD: directive-include-guard.mk,v 1.8 2023/06/21 04:20:21 sjg Exp $ # # Tests for multiple-inclusion guards in makefiles. # @@ -282,14 +282,45 @@ LINES.target-sys= \ # expect: Parse_PushInput: file target-sys.tmp, line 1 # expect:
CVS commit: src/usr.bin/make
Module Name:src Committed By: sjg Date: Wed Jun 21 04:20:21 UTC 2023 Modified Files: src/usr.bin/make: cond.c src/usr.bin/make/unit-tests: directive-include-guard.exp directive-include-guard.mk Log Message: Allow guard targets to use variables. I commonly use __${.PARSEDIR:tA}__ where a unique guard is needed, __${.PARSEDIR}__ is also useful in many cases. Combination of patch from rillig and mine To generate a diff of this commit: cvs rdiff -u -r1.350 -r1.351 src/usr.bin/make/cond.c cvs rdiff -u -r1.6 -r1.7 \ src/usr.bin/make/unit-tests/directive-include-guard.exp cvs rdiff -u -r1.7 -r1.8 \ src/usr.bin/make/unit-tests/directive-include-guard.mk Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/distrib/sets/lists/debug
Module Name:src Committed By: pgoyette Date: Wed Jun 21 02:48:49 UTC 2023 Modified Files: src/distrib/sets/lists/debug: mi Log Message: Looks like this debug library disappeared with the new heimdal. Mark it obsolete to fix the MKDEBUGLIB build. To generate a diff of this commit: cvs rdiff -u -r1.404 -r1.405 src/distrib/sets/lists/debug/mi Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/distrib/sets/lists/debug/mi diff -u src/distrib/sets/lists/debug/mi:1.404 src/distrib/sets/lists/debug/mi:1.405 --- src/distrib/sets/lists/debug/mi:1.404 Fri Jun 16 20:38:19 2023 +++ src/distrib/sets/lists/debug/mi Wed Jun 21 02:48:49 2023 @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.404 2023/06/16 20:38:19 wiz Exp $ +# $NetBSD: mi,v 1.405 2023/06/21 02:48:49 pgoyette Exp $ ./etc/mtree/set.debug comp-sys-root ./usr/lib comp-sys-usr compatdir ./usr/lib/i18n/libBIG5_g.a comp-c-debuglib debuglib,compatfile @@ -277,7 +277,7 @@ ./usr/lib/libutil_g.acomp-c-debuglib debuglib,compatfile ./usr/lib/libuutil_g.acomp-c-debuglib debuglib,compatfile,zfs ./usr/lib/libuv_g.acomp-obsolete obsolete,compatfile -./usr/lib/libvers_g.acomp-c-debuglib debuglib,compatfile,kerberos +./usr/lib/libvers_g.acomp-obsolete debuglib,compatfile,kerberos,obsolete ./usr/lib/libwind_g.acomp-c-debuglib debuglib,compatfile,kerberos ./usr/lib/libwrap_g.acomp-c-debuglib debuglib,compatfile ./usr/lib/liby_g.acomp-c-debuglib debuglib,compatfile
CVS commit: src/distrib/sets/lists/debug
Module Name:src Committed By: pgoyette Date: Wed Jun 21 02:48:49 UTC 2023 Modified Files: src/distrib/sets/lists/debug: mi Log Message: Looks like this debug library disappeared with the new heimdal. Mark it obsolete to fix the MKDEBUGLIB build. To generate a diff of this commit: cvs rdiff -u -r1.404 -r1.405 src/distrib/sets/lists/debug/mi Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-10] src/doc
Module Name:src Committed By: snj Date: Tue Jun 20 23:46:41 UTC 2023 Modified Files: src/doc [netbsd-10]: CHANGES-10.0 Log Message: 199 To generate a diff of this commit: cvs rdiff -u -r1.1.2.69 -r1.1.2.70 src/doc/CHANGES-10.0 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-10] src/doc
Module Name:src Committed By: snj Date: Tue Jun 20 23:46:41 UTC 2023 Modified Files: src/doc [netbsd-10]: CHANGES-10.0 Log Message: 199 To generate a diff of this commit: cvs rdiff -u -r1.1.2.69 -r1.1.2.70 src/doc/CHANGES-10.0 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-10.0 diff -u src/doc/CHANGES-10.0:1.1.2.69 src/doc/CHANGES-10.0:1.1.2.70 --- src/doc/CHANGES-10.0:1.1.2.69 Thu Jun 8 11:16:40 2023 +++ src/doc/CHANGES-10.0 Tue Jun 20 23:46:41 2023 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-10.0,v 1.1.2.69 2023/06/08 11:16:40 martin Exp $ +# $NetBSD: CHANGES-10.0,v 1.1.2.70 2023/06/20 23:46:41 snj Exp $ A complete list of changes from the initial NetBSD 10.0 branch on 2022-12-16 until the 10.0 release: @@ -2057,3 +2057,59 @@ sys/net/route.c 1.237 to avoid use-after-free of deleted routes. [ozaki-r, ticket #195] +xsrc/external/mit/libX11/dist/ChangeLog up to 1.5 +xsrc/external/mit/libX11/dist/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/README.md up to 1.4 +xsrc/external/mit/libX11/dist/aclocal.m4 up to 1.5 +xsrc/external/mit/libX11/dist/compile up to 1.1.1.13 +xsrc/external/mit/libX11/dist/config.guess up to 1.1.1.18 +xsrc/external/mit/libX11/dist/config.sub up to 1.1.1.17 +xsrc/external/mit/libX11/dist/configure up to 1.5 +xsrc/external/mit/libX11/dist/configure.ac up to 1.5 +xsrc/external/mit/libX11/dist/depcomp up to 1.1.1.16 +xsrc/external/mit/libX11/dist/install-sh up to 1.1.1.15 +xsrc/external/mit/libX11/dist/ltmain.sh up to 1.1.1.19 +xsrc/external/mit/libX11/dist/missing up to 1.1.1.15 +xsrc/external/mit/libX11/dist/test-driver up to 1.1.1.13 +xsrc/external/mit/libX11/dist/include/Makefile.in up to 1.1.1.27 +xsrc/external/mit/libX11/dist/m4/libtool.m4 up to 1.14 +xsrc/external/mit/libX11/dist/m4/ltoptions.m4 up to 1.8 +xsrc/external/mit/libX11/dist/m4/ltsugar.m4 up to 1.8 +xsrc/external/mit/libX11/dist/m4/ltversion.m4 up to 1.8 +xsrc/external/mit/libX11/dist/m4/lt~obsolete.m4 up to 1.8 +xsrc/external/mit/libX11/dist/man/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/man/XSetScreenSaver.man up to 1.1.1.6 +xsrc/external/mit/libX11/dist/man/xkb/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/modules/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/modules/im/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/modules/im/ximcp/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/modules/lc/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/modules/lc/Utf8/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/modules/lc/def/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/modules/lc/gen/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/modules/om/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/modules/om/generic/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/nls/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/nls/am_ET.UTF-8/Compose.pre up to 1.1.1.4 +xsrc/external/mit/libX11/dist/nls/en_US.UTF-8/Compose.pre up to 1.12 +xsrc/external/mit/libX11/dist/nls/pt_BR.UTF-8/Compose.pre up to 1.1.1.7 +xsrc/external/mit/libX11/dist/specs/Makefile.in up to 1.1.1.23 +xsrc/external/mit/libX11/dist/specs/XIM/Makefile.in up to 1.1.1.23 +xsrc/external/mit/libX11/dist/specs/XKB/Makefile.in up to 1.1.1.19 +xsrc/external/mit/libX11/dist/specs/i18n/Makefile.in up to 1.1.1.23 +xsrc/external/mit/libX11/dist/specs/i18n/compose/Makefile.in up to 1.1.1.16 +xsrc/external/mit/libX11/dist/specs/i18n/framework/Makefile.in up to 1.1.1.19 +xsrc/external/mit/libX11/dist/specs/i18n/localedb/Makefile.in up to 1.1.1.19 +xsrc/external/mit/libX11/dist/specs/i18n/trans/Makefile.in up to 1.1.1.19 +xsrc/external/mit/libX11/dist/specs/libX11/Makefile.in up to 1.1.1.23 +xsrc/external/mit/libX11/dist/src/InitExt.c up to 1.1.1.8 +xsrc/external/mit/libX11/dist/src/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/src/config.h.in up to 1.1.1.17 +xsrc/external/mit/libX11/dist/src/util/Makefile.in up to 1.1.1.27 +xsrc/external/mit/libX11/dist/src/xcms/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/src/xkb/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/src/xlibi18n/Makefile.in up to 1.1.1.26 + + update to libX11 1.8.6. fixes CVE-2023-3138. + [mrg, ticket #199] +
CVS commit: [netbsd-10] xsrc/external/mit/libX11/dist
Module Name:xsrc Committed By: snj Date: Tue Jun 20 23:40:56 UTC 2023 Modified Files: xsrc/external/mit/libX11/dist [netbsd-10]: ChangeLog Makefile.in README.md aclocal.m4 compile config.guess config.sub configure configure.ac depcomp install-sh ltmain.sh missing test-driver xsrc/external/mit/libX11/dist/include [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/m4 [netbsd-10]: libtool.m4 ltoptions.m4 ltsugar.m4 ltversion.m4 lt~obsolete.m4 xsrc/external/mit/libX11/dist/man [netbsd-10]: Makefile.in XSetScreenSaver.man xsrc/external/mit/libX11/dist/man/xkb [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/im [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/im/ximcp [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/lc [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/lc/Utf8 [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/lc/def [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/lc/gen [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/om [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/om/generic [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/nls [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/nls/am_ET.UTF-8 [netbsd-10]: Compose.pre xsrc/external/mit/libX11/dist/nls/en_US.UTF-8 [netbsd-10]: Compose.pre xsrc/external/mit/libX11/dist/nls/pt_BR.UTF-8 [netbsd-10]: Compose.pre xsrc/external/mit/libX11/dist/specs [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/XIM [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/XKB [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/i18n [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/i18n/compose [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/i18n/framework [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/i18n/localedb [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/i18n/trans [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/libX11 [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/src [netbsd-10]: InitExt.c Makefile.in config.h.in xsrc/external/mit/libX11/dist/src/util [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/src/xcms [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/src/xkb [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/src/xlibi18n [netbsd-10]: Makefile.in Log Message: sync to head, requested by mrg in ticket #199: update to libX11 1.8.6. fixes CVE-2023-3138. To generate a diff of this commit: cvs rdiff -u -r1.1.1.27.2.4 -r1.1.1.27.2.5 \ xsrc/external/mit/libX11/dist/ChangeLog \ xsrc/external/mit/libX11/dist/configure \ xsrc/external/mit/libX11/dist/configure.ac cvs rdiff -u -r1.1.1.24.2.1 -r1.1.1.24.2.2 \ xsrc/external/mit/libX11/dist/Makefile.in cvs rdiff -u -r1.1.1.7.2.3 -r1.1.1.7.2.4 \ xsrc/external/mit/libX11/dist/README.md cvs rdiff -u -r1.1.1.23.2.4 -r1.1.1.23.2.5 \ xsrc/external/mit/libX11/dist/aclocal.m4 cvs rdiff -u -r1.1.1.11.2.1 -r1.1.1.11.2.2 \ xsrc/external/mit/libX11/dist/compile \ xsrc/external/mit/libX11/dist/test-driver cvs rdiff -u -r1.1.1.16.2.1 -r1.1.1.16.2.2 \ xsrc/external/mit/libX11/dist/config.guess cvs rdiff -u -r1.1.1.15.2.1 -r1.1.1.15.2.2 \ xsrc/external/mit/libX11/dist/config.sub cvs rdiff -u -r1.1.1.14.2.1 -r1.1.1.14.2.2 \ xsrc/external/mit/libX11/dist/depcomp cvs rdiff -u -r1.1.1.13.2.1 -r1.1.1.13.2.2 \ xsrc/external/mit/libX11/dist/install-sh \ xsrc/external/mit/libX11/dist/missing cvs rdiff -u -r1.1.1.17.2.1 -r1.1.1.17.2.2 \ xsrc/external/mit/libX11/dist/ltmain.sh cvs rdiff -u -r1.1.1.25.2.1 -r1.1.1.25.2.2 \ xsrc/external/mit/libX11/dist/include/Makefile.in cvs rdiff -u -r1.12.2.1 -r1.12.2.2 \ xsrc/external/mit/libX11/dist/m4/libtool.m4 cvs rdiff -u -r1.6.2.1 -r1.6.2.2 \ xsrc/external/mit/libX11/dist/m4/ltoptions.m4 \ xsrc/external/mit/libX11/dist/m4/ltsugar.m4 \ xsrc/external/mit/libX11/dist/m4/ltversion.m4 \ xsrc/external/mit/libX11/dist/m4/lt~obsolete.m4 cvs rdiff -u -r1.1.1.24.2.1 -r1.1.1.24.2.2 \ xsrc/external/mit/libX11/dist/man/Makefile.in cvs rdiff -u -r1.1.1.5 -r1.1.1.5.2.1 \ xsrc/external/mit/libX11/dist/man/XSetScreenSaver.man cvs rdiff -u -r1.1.1.24.2.1 -r1.1.1.24.2.2 \ xsrc/external/mit/libX11/dist/man/xkb/Makefile.in cvs rdiff -u -r1.1.1.24.2.1 -r1.1.1.24.2.2 \ xsrc/external/mit/libX11/dist/modules/Makefile.in cvs rdiff -u -r1.1.1.24.2.1 -r1.1.1.24.2.2 \ xsrc/external/mit/libX11/dist/modules/im/Makefile.in cvs rdiff -u -r1.1.1.24.2.1
CVS commit: [netbsd-10] xsrc/external/mit/libX11/dist
Module Name:xsrc Committed By: snj Date: Tue Jun 20 23:40:56 UTC 2023 Modified Files: xsrc/external/mit/libX11/dist [netbsd-10]: ChangeLog Makefile.in README.md aclocal.m4 compile config.guess config.sub configure configure.ac depcomp install-sh ltmain.sh missing test-driver xsrc/external/mit/libX11/dist/include [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/m4 [netbsd-10]: libtool.m4 ltoptions.m4 ltsugar.m4 ltversion.m4 lt~obsolete.m4 xsrc/external/mit/libX11/dist/man [netbsd-10]: Makefile.in XSetScreenSaver.man xsrc/external/mit/libX11/dist/man/xkb [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/im [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/im/ximcp [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/lc [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/lc/Utf8 [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/lc/def [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/lc/gen [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/om [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/om/generic [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/nls [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/nls/am_ET.UTF-8 [netbsd-10]: Compose.pre xsrc/external/mit/libX11/dist/nls/en_US.UTF-8 [netbsd-10]: Compose.pre xsrc/external/mit/libX11/dist/nls/pt_BR.UTF-8 [netbsd-10]: Compose.pre xsrc/external/mit/libX11/dist/specs [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/XIM [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/XKB [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/i18n [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/i18n/compose [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/i18n/framework [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/i18n/localedb [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/i18n/trans [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/libX11 [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/src [netbsd-10]: InitExt.c Makefile.in config.h.in xsrc/external/mit/libX11/dist/src/util [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/src/xcms [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/src/xkb [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/src/xlibi18n [netbsd-10]: Makefile.in Log Message: sync to head, requested by mrg in ticket #199: update to libX11 1.8.6. fixes CVE-2023-3138. To generate a diff of this commit: cvs rdiff -u -r1.1.1.27.2.4 -r1.1.1.27.2.5 \ xsrc/external/mit/libX11/dist/ChangeLog \ xsrc/external/mit/libX11/dist/configure \ xsrc/external/mit/libX11/dist/configure.ac cvs rdiff -u -r1.1.1.24.2.1 -r1.1.1.24.2.2 \ xsrc/external/mit/libX11/dist/Makefile.in cvs rdiff -u -r1.1.1.7.2.3 -r1.1.1.7.2.4 \ xsrc/external/mit/libX11/dist/README.md cvs rdiff -u -r1.1.1.23.2.4 -r1.1.1.23.2.5 \ xsrc/external/mit/libX11/dist/aclocal.m4 cvs rdiff -u -r1.1.1.11.2.1 -r1.1.1.11.2.2 \ xsrc/external/mit/libX11/dist/compile \ xsrc/external/mit/libX11/dist/test-driver cvs rdiff -u -r1.1.1.16.2.1 -r1.1.1.16.2.2 \ xsrc/external/mit/libX11/dist/config.guess cvs rdiff -u -r1.1.1.15.2.1 -r1.1.1.15.2.2 \ xsrc/external/mit/libX11/dist/config.sub cvs rdiff -u -r1.1.1.14.2.1 -r1.1.1.14.2.2 \ xsrc/external/mit/libX11/dist/depcomp cvs rdiff -u -r1.1.1.13.2.1 -r1.1.1.13.2.2 \ xsrc/external/mit/libX11/dist/install-sh \ xsrc/external/mit/libX11/dist/missing cvs rdiff -u -r1.1.1.17.2.1 -r1.1.1.17.2.2 \ xsrc/external/mit/libX11/dist/ltmain.sh cvs rdiff -u -r1.1.1.25.2.1 -r1.1.1.25.2.2 \ xsrc/external/mit/libX11/dist/include/Makefile.in cvs rdiff -u -r1.12.2.1 -r1.12.2.2 \ xsrc/external/mit/libX11/dist/m4/libtool.m4 cvs rdiff -u -r1.6.2.1 -r1.6.2.2 \ xsrc/external/mit/libX11/dist/m4/ltoptions.m4 \ xsrc/external/mit/libX11/dist/m4/ltsugar.m4 \ xsrc/external/mit/libX11/dist/m4/ltversion.m4 \ xsrc/external/mit/libX11/dist/m4/lt~obsolete.m4 cvs rdiff -u -r1.1.1.24.2.1 -r1.1.1.24.2.2 \ xsrc/external/mit/libX11/dist/man/Makefile.in cvs rdiff -u -r1.1.1.5 -r1.1.1.5.2.1 \ xsrc/external/mit/libX11/dist/man/XSetScreenSaver.man cvs rdiff -u -r1.1.1.24.2.1 -r1.1.1.24.2.2 \ xsrc/external/mit/libX11/dist/man/xkb/Makefile.in cvs rdiff -u -r1.1.1.24.2.1 -r1.1.1.24.2.2 \ xsrc/external/mit/libX11/dist/modules/Makefile.in cvs rdiff -u -r1.1.1.24.2.1 -r1.1.1.24.2.2 \ xsrc/external/mit/libX11/dist/modules/im/Makefile.in cvs rdiff -u -r1.1.1.24.2.1
CVS commit: src
Module Name:src Committed By: wiz Date: Tue Jun 20 23:09:14 UTC 2023 Modified Files: src/distrib/sets/lists/comp: mi src/lib/libedit: Makefile Added Files: src/lib/libedit: libedit.pc Log Message: install pkg-config file for libedit version number matches portable libedit --cflags output matches portable libedit, since users probably want the readline interface To generate a diff of this commit: cvs rdiff -u -r1.2432 -r1.2433 src/distrib/sets/lists/comp/mi cvs rdiff -u -r1.67 -r1.68 src/lib/libedit/Makefile cvs rdiff -u -r0 -r1.1 src/lib/libedit/libedit.pc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/distrib/sets/lists/comp/mi diff -u src/distrib/sets/lists/comp/mi:1.2432 src/distrib/sets/lists/comp/mi:1.2433 --- src/distrib/sets/lists/comp/mi:1.2432 Fri Jun 16 22:18:02 2023 +++ src/distrib/sets/lists/comp/mi Tue Jun 20 23:09:13 2023 @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.2432 2023/06/16 22:18:02 wiz Exp $ +# $NetBSD: mi,v 1.2433 2023/06/20 23:09:13 wiz Exp $ # # Note: don't delete entries from here - mark them as "obsolete" instead. ./etc/mtree/set.compcomp-sys-root @@ -4283,6 +4283,7 @@ ./usr/lib/pkgconfig/kyua-testers.pc comp-kyua-lib kyua,share ./usr/lib/pkgconfig/libarchive.pc comp-c-lib share ./usr/lib/pkgconfig/libcrypto.pc comp-crypto-lib share +./usr/lib/pkgconfig/libedit.pc comp-c-lib ./usr/lib/pkgconfig/libfido2.pc comp-c-lib share ./usr/lib/pkgconfig/liblzma.pc comp-c-lib share ./usr/lib/pkgconfig/libssl.pc comp-crypto-lib share Index: src/lib/libedit/Makefile diff -u src/lib/libedit/Makefile:1.67 src/lib/libedit/Makefile:1.68 --- src/lib/libedit/Makefile:1.67 Sat Jun 3 09:09:10 2023 +++ src/lib/libedit/Makefile Tue Jun 20 23:09:14 2023 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.67 2023/06/03 09:09:10 lukem Exp $ +# $NetBSD: Makefile,v 1.68 2023/06/20 23:09:14 wiz Exp $ # @(#)Makefile 8.1 (Berkeley) 6/4/93 USE_SHLIBDIR= yes @@ -21,6 +21,12 @@ SRCS = chared.c chartype.c common.c el.c MAN= editline.3 editrc.5 editline.7 +FILES+= libedit.pc +FILESOWN_libedit.pc= ${BINOWN} +FILESGRP_libedit.pc= ${BINGRP} +FILESMODE_libedit.pc= ${NONBINMODE} +FILESDIR_libedit.pc= /usr/lib/pkgconfig + MLINKS= \ editline.3 el_deletestr.3 \ editline.3 el_end.3 \ Added files: Index: src/lib/libedit/libedit.pc diff -u /dev/null src/lib/libedit/libedit.pc:1.1 --- /dev/null Tue Jun 20 23:09:14 2023 +++ src/lib/libedit/libedit.pc Tue Jun 20 23:09:14 2023 @@ -0,0 +1,12 @@ +prefix=/usr +exec_prefix=${prefix} +libdir=${exec_prefix}/lib +includedir=${prefix}/include + +Name: libedit +Description: command line editor library providing generic line editing, history, and tokenization functions. +Version: 3.1 +Requires: +Libs: -Wl,-R${libdir} -L${libdir} -ledit +Libs.private: -ltermcap +Cflags: -I${includedir} -I${includedir}/editline
CVS commit: src
Module Name:src Committed By: wiz Date: Tue Jun 20 23:09:14 UTC 2023 Modified Files: src/distrib/sets/lists/comp: mi src/lib/libedit: Makefile Added Files: src/lib/libedit: libedit.pc Log Message: install pkg-config file for libedit version number matches portable libedit --cflags output matches portable libedit, since users probably want the readline interface To generate a diff of this commit: cvs rdiff -u -r1.2432 -r1.2433 src/distrib/sets/lists/comp/mi cvs rdiff -u -r1.67 -r1.68 src/lib/libedit/Makefile cvs rdiff -u -r0 -r1.1 src/lib/libedit/libedit.pc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] xsrc/external/mit/libX11/dist/src
Module Name:xsrc Committed By: snj Date: Tue Jun 20 23:07:25 UTC 2023 Modified Files: xsrc/external/mit/libX11/dist/src [netbsd-9]: InitExt.c Log Message: Apply patch (requested by mrg in ticket #1645): InitExt.c: Add bounds checks for extension request, event, & error codes Fixes CVE-2023-3138: X servers could return values from XQueryExtension that would cause Xlib to write entries out-of-bounds of the arrays to store them, though this would only overwrite other parts of the Display struct, not outside the bounds allocated for that structure. To generate a diff of this commit: cvs rdiff -u -r1.1.1.7 -r1.1.1.7.4.1 \ xsrc/external/mit/libX11/dist/src/InitExt.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: xsrc/external/mit/libX11/dist/src/InitExt.c diff -u xsrc/external/mit/libX11/dist/src/InitExt.c:1.1.1.7 xsrc/external/mit/libX11/dist/src/InitExt.c:1.1.1.7.4.1 --- xsrc/external/mit/libX11/dist/src/InitExt.c:1.1.1.7 Sun Jul 19 08:08:36 2015 +++ xsrc/external/mit/libX11/dist/src/InitExt.c Tue Jun 20 23:07:24 2023 @@ -33,6 +33,18 @@ from The Open Group. #include #include +/* The X11 protocol spec reserves events 64 through 127 for extensions */ +#ifndef LastExtensionEvent +#define LastExtensionEvent 127 +#endif + +/* The X11 protocol spec reserves requests 128 through 255 for extensions */ +#ifndef LastExtensionRequest +#define FirstExtensionRequest 128 +#define LastExtensionRequest 255 +#endif + + /* * This routine is used to link a extension in so it will be called * at appropriate times. @@ -242,6 +254,12 @@ WireToEventType XESetWireToEvent( WireToEventType proc) /* routine to call when converting event */ { register WireToEventType oldproc; + if (event_number < 0 || + event_number > LastExtensionEvent) { + fprintf(stderr, "Xlib: ignoring invalid extension event %d\n", + event_number); + return (WireToEventType)_XUnknownWireEvent; + } if (proc == NULL) proc = (WireToEventType)_XUnknownWireEvent; LockDisplay (dpy); oldproc = dpy->event_vec[event_number]; @@ -263,6 +281,12 @@ WireToEventCookieType XESetWireToEventCo ) { WireToEventCookieType oldproc; + if (extension < FirstExtensionRequest || + extension > LastExtensionRequest) { + fprintf(stderr, "Xlib: ignoring invalid extension opcode %d\n", + extension); + return (WireToEventCookieType)_XUnknownWireEventCookie; + } if (proc == NULL) proc = (WireToEventCookieType)_XUnknownWireEventCookie; LockDisplay (dpy); oldproc = dpy->generic_event_vec[extension & 0x7F]; @@ -284,6 +308,12 @@ CopyEventCookieType XESetCopyEventCookie ) { CopyEventCookieType oldproc; + if (extension < FirstExtensionRequest || + extension > LastExtensionRequest) { + fprintf(stderr, "Xlib: ignoring invalid extension opcode %d\n", + extension); + return (CopyEventCookieType)_XUnknownCopyEventCookie; + } if (proc == NULL) proc = (CopyEventCookieType)_XUnknownCopyEventCookie; LockDisplay (dpy); oldproc = dpy->generic_event_copy_vec[extension & 0x7F]; @@ -305,6 +335,12 @@ EventToWireType XESetEventToWire( EventToWireType proc) /* routine to call when converting event */ { register EventToWireType oldproc; + if (event_number < 0 || + event_number > LastExtensionEvent) { + fprintf(stderr, "Xlib: ignoring invalid extension event %d\n", + event_number); + return (EventToWireType)_XUnknownNativeEvent; + } if (proc == NULL) proc = (EventToWireType) _XUnknownNativeEvent; LockDisplay (dpy); oldproc = dpy->wire_vec[event_number]; @@ -325,6 +361,12 @@ WireToErrorType XESetWireToError( WireToErrorType proc) /* routine to call when converting error */ { register WireToErrorType oldproc = NULL; + if (error_number < 0 || + error_number > LastExtensionError) { + fprintf(stderr, "Xlib: ignoring invalid extension error %d\n", + error_number); + return (WireToErrorType)_XDefaultWireError; + } if (proc == NULL) proc = (WireToErrorType)_XDefaultWireError; LockDisplay (dpy); if (!dpy->error_vec) {
CVS commit: [netbsd-9] xsrc/external/mit/libX11/dist/src
Module Name:xsrc Committed By: snj Date: Tue Jun 20 23:07:25 UTC 2023 Modified Files: xsrc/external/mit/libX11/dist/src [netbsd-9]: InitExt.c Log Message: Apply patch (requested by mrg in ticket #1645): InitExt.c: Add bounds checks for extension request, event, & error codes Fixes CVE-2023-3138: X servers could return values from XQueryExtension that would cause Xlib to write entries out-of-bounds of the arrays to store them, though this would only overwrite other parts of the Display struct, not outside the bounds allocated for that structure. To generate a diff of this commit: cvs rdiff -u -r1.1.1.7 -r1.1.1.7.4.1 \ xsrc/external/mit/libX11/dist/src/InitExt.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] src/doc
Module Name:src Committed By: snj Date: Tue Jun 20 23:03:39 UTC 2023 Modified Files: src/doc [netbsd-8]: CHANGES-8.3 Log Message: 1826 To generate a diff of this commit: cvs rdiff -u -r1.1.2.176 -r1.1.2.177 src/doc/CHANGES-8.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-8.3 diff -u src/doc/CHANGES-8.3:1.1.2.176 src/doc/CHANGES-8.3:1.1.2.177 --- src/doc/CHANGES-8.3:1.1.2.176 Thu Jun 8 11:20:02 2023 +++ src/doc/CHANGES-8.3 Tue Jun 20 23:03:39 2023 @@ -1,4 +1,4 @@ - $NetBSD: CHANGES-8.3,v 1.1.2.176 2023/06/08 11:20:02 martin Exp $ + $NetBSD: CHANGES-8.3,v 1.1.2.177 2023/06/20 23:03:39 snj Exp $ A complete list of changes from the NetBSD 8.2 release to the NetBSD 8.3 release: @@ -3329,3 +3329,9 @@ sys/net/route.c 1.237 to avoid use-after-free of deleted routes. [ozaki-r, ticket #1824] +xsrc/external/mit/libX11/dist/src/InitExt.c patch + + Add bounds checks for extension request, event, & error codes. + Fixes CVE-2023-3138. + [mrg, ticket #1826] +
CVS commit: [netbsd-8] src/doc
Module Name:src Committed By: snj Date: Tue Jun 20 23:03:39 UTC 2023 Modified Files: src/doc [netbsd-8]: CHANGES-8.3 Log Message: 1826 To generate a diff of this commit: cvs rdiff -u -r1.1.2.176 -r1.1.2.177 src/doc/CHANGES-8.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] xsrc/external/mit/libX11/dist/src
Module Name:xsrc Committed By: snj Date: Tue Jun 20 23:00:39 UTC 2023 Modified Files: xsrc/external/mit/libX11/dist/src [netbsd-8]: InitExt.c Log Message: Apply patch (requested by mrg in ticket #1826): InitExt.c: Add bounds checks for extension request, event, & error codes Fixes CVE-2023-3138: X servers could return values from XQueryExtension that would cause Xlib to write entries out-of-bounds of the arrays to store them, though this would only overwrite other parts of the Display struct, not outside the bounds allocated for that structure. To generate a diff of this commit: cvs rdiff -u -r1.1.1.7 -r1.1.1.7.2.1 \ xsrc/external/mit/libX11/dist/src/InitExt.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] xsrc/external/mit/libX11/dist/src
Module Name:xsrc Committed By: snj Date: Tue Jun 20 23:00:39 UTC 2023 Modified Files: xsrc/external/mit/libX11/dist/src [netbsd-8]: InitExt.c Log Message: Apply patch (requested by mrg in ticket #1826): InitExt.c: Add bounds checks for extension request, event, & error codes Fixes CVE-2023-3138: X servers could return values from XQueryExtension that would cause Xlib to write entries out-of-bounds of the arrays to store them, though this would only overwrite other parts of the Display struct, not outside the bounds allocated for that structure. To generate a diff of this commit: cvs rdiff -u -r1.1.1.7 -r1.1.1.7.2.1 \ xsrc/external/mit/libX11/dist/src/InitExt.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: xsrc/external/mit/libX11/dist/src/InitExt.c diff -u xsrc/external/mit/libX11/dist/src/InitExt.c:1.1.1.7 xsrc/external/mit/libX11/dist/src/InitExt.c:1.1.1.7.2.1 --- xsrc/external/mit/libX11/dist/src/InitExt.c:1.1.1.7 Sun Jul 19 08:08:36 2015 +++ xsrc/external/mit/libX11/dist/src/InitExt.c Tue Jun 20 23:00:39 2023 @@ -33,6 +33,18 @@ from The Open Group. #include #include +/* The X11 protocol spec reserves events 64 through 127 for extensions */ +#ifndef LastExtensionEvent +#define LastExtensionEvent 127 +#endif + +/* The X11 protocol spec reserves requests 128 through 255 for extensions */ +#ifndef LastExtensionRequest +#define FirstExtensionRequest 128 +#define LastExtensionRequest 255 +#endif + + /* * This routine is used to link a extension in so it will be called * at appropriate times. @@ -242,6 +254,12 @@ WireToEventType XESetWireToEvent( WireToEventType proc) /* routine to call when converting event */ { register WireToEventType oldproc; + if (event_number < 0 || + event_number > LastExtensionEvent) { + fprintf(stderr, "Xlib: ignoring invalid extension event %d\n", + event_number); + return (WireToEventType)_XUnknownWireEvent; + } if (proc == NULL) proc = (WireToEventType)_XUnknownWireEvent; LockDisplay (dpy); oldproc = dpy->event_vec[event_number]; @@ -263,6 +281,12 @@ WireToEventCookieType XESetWireToEventCo ) { WireToEventCookieType oldproc; + if (extension < FirstExtensionRequest || + extension > LastExtensionRequest) { + fprintf(stderr, "Xlib: ignoring invalid extension opcode %d\n", + extension); + return (WireToEventCookieType)_XUnknownWireEventCookie; + } if (proc == NULL) proc = (WireToEventCookieType)_XUnknownWireEventCookie; LockDisplay (dpy); oldproc = dpy->generic_event_vec[extension & 0x7F]; @@ -284,6 +308,12 @@ CopyEventCookieType XESetCopyEventCookie ) { CopyEventCookieType oldproc; + if (extension < FirstExtensionRequest || + extension > LastExtensionRequest) { + fprintf(stderr, "Xlib: ignoring invalid extension opcode %d\n", + extension); + return (CopyEventCookieType)_XUnknownCopyEventCookie; + } if (proc == NULL) proc = (CopyEventCookieType)_XUnknownCopyEventCookie; LockDisplay (dpy); oldproc = dpy->generic_event_copy_vec[extension & 0x7F]; @@ -305,6 +335,12 @@ EventToWireType XESetEventToWire( EventToWireType proc) /* routine to call when converting event */ { register EventToWireType oldproc; + if (event_number < 0 || + event_number > LastExtensionEvent) { + fprintf(stderr, "Xlib: ignoring invalid extension event %d\n", + event_number); + return (EventToWireType)_XUnknownNativeEvent; + } if (proc == NULL) proc = (EventToWireType) _XUnknownNativeEvent; LockDisplay (dpy); oldproc = dpy->wire_vec[event_number]; @@ -325,6 +361,12 @@ WireToErrorType XESetWireToError( WireToErrorType proc) /* routine to call when converting error */ { register WireToErrorType oldproc = NULL; + if (error_number < 0 || + error_number > LastExtensionError) { + fprintf(stderr, "Xlib: ignoring invalid extension error %d\n", + error_number); + return (WireToErrorType)_XDefaultWireError; + } if (proc == NULL) proc = (WireToErrorType)_XDefaultWireError; LockDisplay (dpy); if (!dpy->error_vec) {
CVS commit: src/lib/libpam/modules/pam_krb5
Module Name:src Committed By: riastradh Date: Tue Jun 20 22:17:18 UTC 2023 Modified Files: src/lib/libpam/modules/pam_krb5: pam_krb5.8 pam_krb5.c Log Message: pam_krb5: Refuse to operate without a key to verify tickets. New allow_kdc_spoof overrides this to restore previous behaviour which was vulnerable to KDC spoofing, because without a host or service key, pam_krb5 can't distinguish the legitimate KDC from a spoofed one. This way, having pam_krb5 enabled isn't dangerous even if you create an empty /etc/krb5.conf to use client SSO without any host services. Perhaps this should use krb5_verify_init_creds(3) instead, and thereby respect the rather obscurely named krb5.conf option verify_ap_req_nofail like the Linux pam_krb5 does, but: - verify_ap_req_nofail is default-off (i.e., vulnerable by default), - changing verify_ap_req_nofail to default-on would probably affect more things and therefore be riskier, - allow_kdc_spoof is a much clearer way to spell the idea, - this patch is a smaller semantic change and thus less risky, and - a security change with compatibility issues shouldn't have a workaround that might introduce potentially worse security issues or more compatibility issues. Perhaps this should use krb5_verify_user(3) with secure=1 instead, for simplicity, but it's not clear how to do that without first prompting for the password -- which we shouldn't do at all if we later decide we won't be able to use it anyway -- and without repeating a bunch of the logic here anyway to pick the service name. References about verify_ap_req_nofail: - mit-krb5 discussion about verify_ap_req_nofail: https://mailman.mit.edu/pipermail/krbdev/2011-January/009778.html - Oracle has the default-secure setting in their krb5 system: https://docs.oracle.com/cd/E26505_01/html/E27224/setup-148.html https://docs.oracle.com/cd/E26505_01/html/816-5174/krb5.conf-4.html#REFMAN4krb5.conf-4 https://docs.oracle.com/cd/E19253-01/816-4557/gihyu/ - Heimdal issue on verify_ap_req_nofail default: https://github.com/heimdal/heimdal/issues/1129 To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/lib/libpam/modules/pam_krb5/pam_krb5.8 cvs rdiff -u -r1.30 -r1.31 src/lib/libpam/modules/pam_krb5/pam_krb5.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/lib/libpam/modules/pam_ksu
Module Name:src Committed By: riastradh Date: Tue Jun 20 22:17:09 UTC 2023 Modified Files: src/lib/libpam/modules/pam_ksu: pam_ksu.c Log Message: pam_ksu: No need for homedir access. To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 src/lib/libpam/modules/pam_ksu/pam_ksu.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libpam/modules/pam_ksu/pam_ksu.c diff -u src/lib/libpam/modules/pam_ksu/pam_ksu.c:1.9 src/lib/libpam/modules/pam_ksu/pam_ksu.c:1.10 --- src/lib/libpam/modules/pam_ksu/pam_ksu.c:1.9 Thu Feb 27 18:09:38 2014 +++ src/lib/libpam/modules/pam_ksu/pam_ksu.c Tue Jun 20 22:17:09 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: pam_ksu.c,v 1.9 2014/02/27 18:09:38 joerg Exp $ */ +/* $NetBSD: pam_ksu.c,v 1.10 2023/06/20 22:17:09 riastradh Exp $ */ /*- * Copyright (c) 2002 Jacques A. Vidrine @@ -29,7 +29,7 @@ #ifdef __FreeBSD__ __FBSDID("$FreeBSD: src/lib/libpam/modules/pam_ksu/pam_ksu.c,v 1.5 2004/02/10 10:13:21 des Exp $"); #else -__RCSID("$NetBSD: pam_ksu.c,v 1.9 2014/02/27 18:09:38 joerg Exp $"); +__RCSID("$NetBSD: pam_ksu.c,v 1.10 2023/06/20 22:17:09 riastradh Exp $"); #endif #include @@ -62,6 +62,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, int argc __unused, const char *argv[] __unused) { + krb5_boolean allow_homedir; krb5_context context; krb5_principal su_principal; const char *user; @@ -78,20 +79,25 @@ pam_sm_authenticate(pam_handle_t *pamh, if (pamret != PAM_SUCCESS) return (pamret); PAM_LOG("Got ruser: %s", (const char *)ruser); + allow_homedir = krb5_set_home_dir_access(NULL, FALSE); rv = krb5_init_context(); if (rv != 0) { log_krb5(context, rv, "krb5_init_context failed"); - return (PAM_SERVICE_ERR); + pamret = PAM_SERVICE_ERR; + goto out; } rv = get_su_principal(context, user, ruser, _principal_name, _principal); - if (rv != 0) - return (PAM_AUTH_ERR); + if (rv != 0) { + pamret = PAM_AUTH_ERR; + goto out; + } PAM_LOG("kuserok: %s -> %s", su_principal_name, user); rv = krb5_kuserok(context, su_principal, user); pamret = rv ? auth_krb5(pamh, context, su_principal_name, su_principal) : PAM_AUTH_ERR; free(su_principal_name); krb5_free_principal(context, su_principal); krb5_free_context(context); +out: (void)krb5_set_home_dir_access(NULL, allow_homedir); return (pamret); }
CVS commit: src/lib/libpam/modules/pam_krb5
Module Name:src Committed By: riastradh Date: Tue Jun 20 22:17:18 UTC 2023 Modified Files: src/lib/libpam/modules/pam_krb5: pam_krb5.8 pam_krb5.c Log Message: pam_krb5: Refuse to operate without a key to verify tickets. New allow_kdc_spoof overrides this to restore previous behaviour which was vulnerable to KDC spoofing, because without a host or service key, pam_krb5 can't distinguish the legitimate KDC from a spoofed one. This way, having pam_krb5 enabled isn't dangerous even if you create an empty /etc/krb5.conf to use client SSO without any host services. Perhaps this should use krb5_verify_init_creds(3) instead, and thereby respect the rather obscurely named krb5.conf option verify_ap_req_nofail like the Linux pam_krb5 does, but: - verify_ap_req_nofail is default-off (i.e., vulnerable by default), - changing verify_ap_req_nofail to default-on would probably affect more things and therefore be riskier, - allow_kdc_spoof is a much clearer way to spell the idea, - this patch is a smaller semantic change and thus less risky, and - a security change with compatibility issues shouldn't have a workaround that might introduce potentially worse security issues or more compatibility issues. Perhaps this should use krb5_verify_user(3) with secure=1 instead, for simplicity, but it's not clear how to do that without first prompting for the password -- which we shouldn't do at all if we later decide we won't be able to use it anyway -- and without repeating a bunch of the logic here anyway to pick the service name. References about verify_ap_req_nofail: - mit-krb5 discussion about verify_ap_req_nofail: https://mailman.mit.edu/pipermail/krbdev/2011-January/009778.html - Oracle has the default-secure setting in their krb5 system: https://docs.oracle.com/cd/E26505_01/html/E27224/setup-148.html https://docs.oracle.com/cd/E26505_01/html/816-5174/krb5.conf-4.html#REFMAN4krb5.conf-4 https://docs.oracle.com/cd/E19253-01/816-4557/gihyu/ - Heimdal issue on verify_ap_req_nofail default: https://github.com/heimdal/heimdal/issues/1129 To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/lib/libpam/modules/pam_krb5/pam_krb5.8 cvs rdiff -u -r1.30 -r1.31 src/lib/libpam/modules/pam_krb5/pam_krb5.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libpam/modules/pam_krb5/pam_krb5.8 diff -u src/lib/libpam/modules/pam_krb5/pam_krb5.8:1.12 src/lib/libpam/modules/pam_krb5/pam_krb5.8:1.13 --- src/lib/libpam/modules/pam_krb5/pam_krb5.8:1.12 Mon Jul 3 21:32:51 2017 +++ src/lib/libpam/modules/pam_krb5/pam_krb5.8 Tue Jun 20 22:17:18 2023 @@ -1,4 +1,4 @@ -.\" $NetBSD: pam_krb5.8,v 1.12 2017/07/03 21:32:51 wiz Exp $ +.\" $NetBSD: pam_krb5.8,v 1.13 2023/06/20 22:17:18 riastradh Exp $ .\" $FreeBSD: src/lib/libpam/modules/pam_krb5/pam_krb5.8,v 1.6 2001/11/24 23:41:32 dd Exp $ .\" .\" Copyright (c) Frank Cusack, 1999-2001. All rights reserved. @@ -142,6 +142,21 @@ and .Ql %p , to designate the current process ID; can be used in .Ar name . +.It Cm allow_kdc_spoof +Allow +.Nm +to succeed even if there is no host or service key available in a +keytab to authenticate the Kerberos KDC's ticket. +If there is no such key, for example on a host with no keytabs, +.Nm +will fail immediately without prompting the user. +.Pp +.Sy Warning : +If the host has not been configured with a keytab from the KDC, setting +this option makes it vulnerable to malicious KDCs, e.g. via DNS +flooding, because +.Nm +has no way to distinguish the legitimate KDC from a spoofed KDC. .El .Ss Kerberos 5 Account Management Module The Kerberos 5 account management component Index: src/lib/libpam/modules/pam_krb5/pam_krb5.c diff -u src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.30 src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.31 --- src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.30 Sun Jan 16 10:52:18 2022 +++ src/lib/libpam/modules/pam_krb5/pam_krb5.c Tue Jun 20 22:17:18 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: pam_krb5.c,v 1.30 2022/01/16 10:52:18 rillig Exp $ */ +/* $NetBSD: pam_krb5.c,v 1.31 2023/06/20 22:17:18 riastradh Exp $ */ /*- * This pam_krb5 module contains code that is: @@ -53,7 +53,7 @@ #ifdef __FreeBSD__ __FBSDID("$FreeBSD: src/lib/libpam/modules/pam_krb5/pam_krb5.c,v 1.22 2005/01/24 16:49:50 rwatson Exp $"); #else -__RCSID("$NetBSD: pam_krb5.c,v 1.30 2022/01/16 10:52:18 rillig Exp $"); +__RCSID("$NetBSD: pam_krb5.c,v 1.31 2023/06/20 22:17:18 riastradh Exp $"); #endif #include @@ -85,7 +85,12 @@ __RCSID("$NetBSD: pam_krb5.c,v 1.30 2022 static void log_krb5(krb5_context, krb5_error_code, struct syslog_data *, const char *, ...) __printflike(4, 5); -static int verify_krb_v5_tgt(krb5_context, krb5_ccache, char *, int); +static int verify_krb_v5_tgt_begin(krb5_context, char *, int, +const char **, krb5_principal *, char[static BUFSIZ], struct syslog_data *); +static int
CVS commit: src/lib/libpam/modules/pam_ksu
Module Name:src Committed By: riastradh Date: Tue Jun 20 22:17:09 UTC 2023 Modified Files: src/lib/libpam/modules/pam_ksu: pam_ksu.c Log Message: pam_ksu: No need for homedir access. To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 src/lib/libpam/modules/pam_ksu/pam_ksu.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/pam.d
Module Name:src Committed By: riastradh Date: Tue Jun 20 22:00:00 UTC 2023 Modified Files: src/etc/pam.d: display_manager ftpd sshd su system Log Message: pam: Disable pam_krb5, pam_ksu by default. These are not useful unless you also set up /etc/krb5.conf and a keytab for the host from the Kerberos KDC. But having them enabled by default means that creating /etc/krb5.conf just to enable use of Kerberos for _client-side_ single sign-on creates usability issues. As proposed on tech-security: https://mail-index.netbsd.org/tech-security/2023/06/16/msg001160.html To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/etc/pam.d/display_manager cvs rdiff -u -r1.7 -r1.8 src/etc/pam.d/ftpd cvs rdiff -u -r1.9 -r1.10 src/etc/pam.d/sshd cvs rdiff -u -r1.8 -r1.9 src/etc/pam.d/su src/etc/pam.d/system Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/etc/pam.d/display_manager diff -u src/etc/pam.d/display_manager:1.5 src/etc/pam.d/display_manager:1.6 --- src/etc/pam.d/display_manager:1.5 Sat Nov 13 19:19:40 2010 +++ src/etc/pam.d/display_manager Tue Jun 20 22:00:00 2023 @@ -1,4 +1,4 @@ -# $NetBSD: display_manager,v 1.5 2010/11/13 19:19:40 christos Exp $ +# $NetBSD: display_manager,v 1.6 2023/06/20 22:00:00 riastradh Exp $ # # PAM configuration for the display manager services. Specific display # manager service configurations can include this one. @@ -7,14 +7,14 @@ # auth auth required pam_nologin.so no_warn auth sufficient pam_skey.so no_warn try_first_pass -auth sufficient pam_krb5.so no_warn try_first_pass +#auth sufficient pam_krb5.so no_warn try_first_pass auth optional pam_afslog.so no_warn try_first_pass # pam_ssh has potential security risks. See pam_ssh(8). #auth sufficient pam_ssh.so no_warn try_first_pass auth required pam_unix.so no_warn try_first_pass # account -account required pam_krb5.so +#account required pam_krb5.so account required pam_unix.so # session Index: src/etc/pam.d/ftpd diff -u src/etc/pam.d/ftpd:1.7 src/etc/pam.d/ftpd:1.8 --- src/etc/pam.d/ftpd:1.7 Wed Mar 26 11:31:17 2008 +++ src/etc/pam.d/ftpd Tue Jun 20 22:00:00 2023 @@ -1,4 +1,4 @@ -# $NetBSD: ftpd,v 1.7 2008/03/26 11:31:17 lukem Exp $ +# $NetBSD: ftpd,v 1.8 2023/06/20 22:00:00 riastradh Exp $ # # PAM configuration for the "ftpd" service # @@ -8,14 +8,14 @@ # pam_unix. auth required pam_nologin.so no_warn auth sufficient pam_skey.so no_warn try_first_pass -auth sufficient pam_krb5.so no_warn try_first_pass +#auth sufficient pam_krb5.so no_warn try_first_pass auth optional pam_afslog.so no_warn try_first_pass auth required pam_unix.so no_warn try_first_pass # account # Even though this is identical to "system", we open code it here because # we open code the auth stack. -account required pam_krb5.so +#account required pam_krb5.so account required pam_unix.so # session Index: src/etc/pam.d/sshd diff -u src/etc/pam.d/sshd:1.9 src/etc/pam.d/sshd:1.10 --- src/etc/pam.d/sshd:1.9 Wed Mar 26 11:31:17 2008 +++ src/etc/pam.d/sshd Tue Jun 20 22:00:00 2023 @@ -1,4 +1,4 @@ -# $NetBSD: sshd,v 1.9 2008/03/26 11:31:17 lukem Exp $ +# $NetBSD: sshd,v 1.10 2023/06/20 22:00:00 riastradh Exp $ # # PAM configuration for the "sshd" service # @@ -6,14 +6,14 @@ # auth auth required pam_nologin.so no_warn auth sufficient pam_skey.so no_warn try_first_pass -auth sufficient pam_krb5.so no_warn try_first_pass +#auth sufficient pam_krb5.so no_warn try_first_pass auth optional pam_afslog.so no_warn try_first_pass # pam_ssh has potential security risks. See pam_ssh(8). #auth sufficient pam_ssh.so no_warn try_first_pass auth required pam_unix.so no_warn try_first_pass # account -account required pam_krb5.so +#account required pam_krb5.so account required pam_login_access.so account required pam_unix.so @@ -23,5 +23,5 @@ account required pam_unix.so session required pam_permit.so # password -password sufficient pam_krb5.so no_warn try_first_pass +#password sufficient pam_krb5.so no_warn try_first_pass password required pam_unix.so no_warn try_first_pass Index: src/etc/pam.d/su diff -u src/etc/pam.d/su:1.8 src/etc/pam.d/su:1.9 --- src/etc/pam.d/su:1.8 Tue Mar 3 00:47:33 2020 +++ src/etc/pam.d/su Tue Jun 20 22:00:00 2023 @@ -1,4 +1,4 @@ -# $NetBSD: su,v 1.8 2020/03/03 00:47:33 christos Exp $ +# $NetBSD: su,v 1.9 2023/06/20 22:00:00 riastradh Exp $ # # PAM configuration for the "su" service # @@ -8,7 +8,7 @@ auth sufficient pam_rootok.so no_warn auth sufficient pam_self.so no_warn auth sufficient pam_skey.so no_warn try_first_pass #auth sufficient pam_u2f.so authfile=/etc/u2f_mappings cue -auth sufficient pam_ksu.so no_warn try_first_pass +#auth sufficient pam_ksu.so no_warn try_first_pass #auth sufficient pam_group.so no_warn group=rootauth root_only authenticate auth requisite pam_group.so no_warn group=wheel
CVS commit: src/etc/pam.d
Module Name:src Committed By: riastradh Date: Tue Jun 20 22:00:00 UTC 2023 Modified Files: src/etc/pam.d: display_manager ftpd sshd su system Log Message: pam: Disable pam_krb5, pam_ksu by default. These are not useful unless you also set up /etc/krb5.conf and a keytab for the host from the Kerberos KDC. But having them enabled by default means that creating /etc/krb5.conf just to enable use of Kerberos for _client-side_ single sign-on creates usability issues. As proposed on tech-security: https://mail-index.netbsd.org/tech-security/2023/06/16/msg001160.html To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/etc/pam.d/display_manager cvs rdiff -u -r1.7 -r1.8 src/etc/pam.d/ftpd cvs rdiff -u -r1.9 -r1.10 src/etc/pam.d/sshd cvs rdiff -u -r1.8 -r1.9 src/etc/pam.d/su src/etc/pam.d/system Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/heimdal
Module Name:src Committed By: christos Date: Tue Jun 20 17:23:05 UTC 2023 Modified Files: src/crypto/external/bsd/heimdal: Makefile.inc src/crypto/external/bsd/heimdal/bin: Makefile.inc src/crypto/external/bsd/heimdal/bin/gsstool: Makefile src/crypto/external/bsd/heimdal/bin/hxtool: Makefile src/crypto/external/bsd/heimdal/bin/kcc: Makefile src/crypto/external/bsd/heimdal/bin/kdestroy: Makefile src/crypto/external/bsd/heimdal/bin/kgetcred: Makefile src/crypto/external/bsd/heimdal/bin/kinit: Makefile src/crypto/external/bsd/heimdal/bin/kpasswd: Makefile src/crypto/external/bsd/heimdal/bin/kvno: Makefile src/crypto/external/bsd/heimdal/bin/string2key: Makefile src/crypto/external/bsd/heimdal/bin/verify_krb5_conf: Makefile src/crypto/external/bsd/heimdal/lib/libkrb5: Makefile src/crypto/external/bsd/heimdal/lib/libvers: Makefile src/crypto/external/bsd/heimdal/libexec: Makefile.inc src/crypto/external/bsd/heimdal/libexec/digest-service: Makefile src/crypto/external/bsd/heimdal/libexec/hpropd: Makefile src/crypto/external/bsd/heimdal/libexec/ipropd-master: Makefile src/crypto/external/bsd/heimdal/libexec/ipropd-slave: Makefile src/crypto/external/bsd/heimdal/libexec/kadmind: Makefile src/crypto/external/bsd/heimdal/libexec/kpasswdd: Makefile src/crypto/external/bsd/heimdal/sbin: Makefile.inc src/crypto/external/bsd/heimdal/sbin/hprop: Makefile src/crypto/external/bsd/heimdal/sbin/iprop-log: Makefile src/crypto/external/bsd/heimdal/sbin/kadmin: Makefile src/crypto/external/bsd/heimdal/sbin/kcm: Makefile src/crypto/external/bsd/heimdal/sbin/kdc: Makefile src/crypto/external/bsd/heimdal/sbin/kdigest: Makefile src/crypto/external/bsd/heimdal/sbin/kimpersonate: Makefile src/crypto/external/bsd/heimdal/sbin/kstash: Makefile src/crypto/external/bsd/heimdal/sbin/ktutil: Makefile Log Message: Use PROGDPLIBS instead of LDADD/DPADD; remove ui.c kludges To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/heimdal/Makefile.inc cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/heimdal/bin/Makefile.inc cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/heimdal/bin/gsstool/Makefile cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/heimdal/bin/hxtool/Makefile cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/heimdal/bin/kcc/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/bin/kdestroy/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/bin/kgetcred/Makefile cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/bin/kinit/Makefile cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/bin/kpasswd/Makefile cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/heimdal/bin/kvno/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/bin/string2key/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/bin/verify_krb5_conf/Makefile cvs rdiff -u -r1.14 -r1.15 \ src/crypto/external/bsd/heimdal/lib/libkrb5/Makefile cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/heimdal/lib/libvers/Makefile cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/heimdal/libexec/Makefile.inc cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/libexec/digest-service/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/libexec/hpropd/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/libexec/ipropd-master/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/libexec/ipropd-slave/Makefile cvs rdiff -u -r1.5 -r1.6 \ src/crypto/external/bsd/heimdal/libexec/kadmind/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/libexec/kpasswdd/Makefile cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/heimdal/sbin/Makefile.inc cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/sbin/hprop/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/sbin/iprop-log/Makefile cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/heimdal/sbin/kadmin/Makefile cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/sbin/kcm/Makefile cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/sbin/kdc/Makefile cvs rdiff -u -r1.4 -r1.5 \ src/crypto/external/bsd/heimdal/sbin/kdigest/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/sbin/kimpersonate/Makefile cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/sbin/kstash/Makefile cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/heimdal/sbin/ktutil/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/heimdal/Makefile.inc diff -u src/crypto/external/bsd/heimdal/Makefile.inc:1.6 src/crypto/external/bsd/heimdal/Makefile.inc:1.7
CVS commit: src/crypto/external/bsd/heimdal
Module Name:src Committed By: christos Date: Tue Jun 20 17:23:05 UTC 2023 Modified Files: src/crypto/external/bsd/heimdal: Makefile.inc src/crypto/external/bsd/heimdal/bin: Makefile.inc src/crypto/external/bsd/heimdal/bin/gsstool: Makefile src/crypto/external/bsd/heimdal/bin/hxtool: Makefile src/crypto/external/bsd/heimdal/bin/kcc: Makefile src/crypto/external/bsd/heimdal/bin/kdestroy: Makefile src/crypto/external/bsd/heimdal/bin/kgetcred: Makefile src/crypto/external/bsd/heimdal/bin/kinit: Makefile src/crypto/external/bsd/heimdal/bin/kpasswd: Makefile src/crypto/external/bsd/heimdal/bin/kvno: Makefile src/crypto/external/bsd/heimdal/bin/string2key: Makefile src/crypto/external/bsd/heimdal/bin/verify_krb5_conf: Makefile src/crypto/external/bsd/heimdal/lib/libkrb5: Makefile src/crypto/external/bsd/heimdal/lib/libvers: Makefile src/crypto/external/bsd/heimdal/libexec: Makefile.inc src/crypto/external/bsd/heimdal/libexec/digest-service: Makefile src/crypto/external/bsd/heimdal/libexec/hpropd: Makefile src/crypto/external/bsd/heimdal/libexec/ipropd-master: Makefile src/crypto/external/bsd/heimdal/libexec/ipropd-slave: Makefile src/crypto/external/bsd/heimdal/libexec/kadmind: Makefile src/crypto/external/bsd/heimdal/libexec/kpasswdd: Makefile src/crypto/external/bsd/heimdal/sbin: Makefile.inc src/crypto/external/bsd/heimdal/sbin/hprop: Makefile src/crypto/external/bsd/heimdal/sbin/iprop-log: Makefile src/crypto/external/bsd/heimdal/sbin/kadmin: Makefile src/crypto/external/bsd/heimdal/sbin/kcm: Makefile src/crypto/external/bsd/heimdal/sbin/kdc: Makefile src/crypto/external/bsd/heimdal/sbin/kdigest: Makefile src/crypto/external/bsd/heimdal/sbin/kimpersonate: Makefile src/crypto/external/bsd/heimdal/sbin/kstash: Makefile src/crypto/external/bsd/heimdal/sbin/ktutil: Makefile Log Message: Use PROGDPLIBS instead of LDADD/DPADD; remove ui.c kludges To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/heimdal/Makefile.inc cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/heimdal/bin/Makefile.inc cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/heimdal/bin/gsstool/Makefile cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/heimdal/bin/hxtool/Makefile cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/heimdal/bin/kcc/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/bin/kdestroy/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/bin/kgetcred/Makefile cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/bin/kinit/Makefile cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/bin/kpasswd/Makefile cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/heimdal/bin/kvno/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/bin/string2key/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/bin/verify_krb5_conf/Makefile cvs rdiff -u -r1.14 -r1.15 \ src/crypto/external/bsd/heimdal/lib/libkrb5/Makefile cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/heimdal/lib/libvers/Makefile cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/heimdal/libexec/Makefile.inc cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/libexec/digest-service/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/libexec/hpropd/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/libexec/ipropd-master/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/libexec/ipropd-slave/Makefile cvs rdiff -u -r1.5 -r1.6 \ src/crypto/external/bsd/heimdal/libexec/kadmind/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/libexec/kpasswdd/Makefile cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/heimdal/sbin/Makefile.inc cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/sbin/hprop/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/sbin/iprop-log/Makefile cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/heimdal/sbin/kadmin/Makefile cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/sbin/kcm/Makefile cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/sbin/kdc/Makefile cvs rdiff -u -r1.4 -r1.5 \ src/crypto/external/bsd/heimdal/sbin/kdigest/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/sbin/kimpersonate/Makefile cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/sbin/kstash/Makefile cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/heimdal/sbin/ktutil/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/heimdal/include/hcrypto
Module Name:src Committed By: christos Date: Tue Jun 20 17:22:01 UTC 2023 Modified Files: src/crypto/external/bsd/heimdal/include/hcrypto: ui.h Log Message: Don't use the hcrypto version, use the OpenSSL one. To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/crypto/external/bsd/heimdal/include/hcrypto/ui.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/heimdal/include/hcrypto
Module Name:src Committed By: christos Date: Tue Jun 20 17:22:01 UTC 2023 Modified Files: src/crypto/external/bsd/heimdal/include/hcrypto: ui.h Log Message: Don't use the hcrypto version, use the OpenSSL one. To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/crypto/external/bsd/heimdal/include/hcrypto/ui.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/heimdal/include/hcrypto/ui.h diff -u src/crypto/external/bsd/heimdal/include/hcrypto/ui.h:1.1 src/crypto/external/bsd/heimdal/include/hcrypto/ui.h:1.2 --- src/crypto/external/bsd/heimdal/include/hcrypto/ui.h:1.1 Tue Jun 20 12:49:46 2023 +++ src/crypto/external/bsd/heimdal/include/hcrypto/ui.h Tue Jun 20 13:22:01 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: ui.h,v 1.1 2023/06/20 16:49:46 christos Exp $ */ +/* $NetBSD: ui.h,v 1.2 2023/06/20 17:22:01 christos Exp $ */ /* * Copyright (c) 2005 Kungliga Tekniska Högskolan @@ -39,7 +39,10 @@ #define _HEIM_UI_H 1 /* symbol renaming */ +#if 0 +/* use the OpenSSL symbol, not worth it for a "Verify failed" printf */ #define UI_UTIL_read_pw_string hc_UI_UTIL_read_pw_string +#endif /* OpenSSL API extensions */ #define UI_UTIL_FLAG_VERIFY 0x1 /* ask to verify password */
CVS commit: src/crypto/external/bsd/heimdal/include/hcrypto
Module Name:src Committed By: christos Date: Tue Jun 20 16:49:46 UTC 2023 Added Files: src/crypto/external/bsd/heimdal/include/hcrypto: ui.h Log Message: Add hcrypto/ui.h to avoid -I gymnastics everywhere else To generate a diff of this commit: cvs rdiff -u -r0 -r1.1 src/crypto/external/bsd/heimdal/include/hcrypto/ui.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/heimdal/include/hcrypto
Module Name:src Committed By: christos Date: Tue Jun 20 16:49:46 UTC 2023 Added Files: src/crypto/external/bsd/heimdal/include/hcrypto: ui.h Log Message: Add hcrypto/ui.h to avoid -I gymnastics everywhere else To generate a diff of this commit: cvs rdiff -u -r0 -r1.1 src/crypto/external/bsd/heimdal/include/hcrypto/ui.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Added files: Index: src/crypto/external/bsd/heimdal/include/hcrypto/ui.h diff -u /dev/null src/crypto/external/bsd/heimdal/include/hcrypto/ui.h:1.1 --- /dev/null Tue Jun 20 12:49:46 2023 +++ src/crypto/external/bsd/heimdal/include/hcrypto/ui.h Tue Jun 20 12:49:46 2023 @@ -0,0 +1,51 @@ +/* $NetBSD: ui.h,v 1.1 2023/06/20 16:49:46 christos Exp $ */ + +/* + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + *may be used to endorse or promote products derived from this software + *without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* Id */ + +#ifndef _HEIM_UI_H +#define _HEIM_UI_H 1 + +/* symbol renaming */ +#define UI_UTIL_read_pw_string hc_UI_UTIL_read_pw_string + +/* OpenSSL API extensions */ +#define UI_UTIL_FLAG_VERIFY 0x1 /* ask to verify password */ +#define UI_UTIL_FLAG_VERIFY_SILENT 0x2 /* silence on verify failure */ + +int UI_UTIL_read_pw_string(char *, int, const char *, int); /* XXX */ + +#endif /* _HEIM_UI_H */ +
CVS commit: src/sys/compat/linux32/arch/amd64
Module Name:src Committed By: riastradh Date: Tue Jun 20 15:22:15 UTC 2023 Modified Files: src/sys/compat/linux32/arch/amd64: linux32_machdep.c Log Message: linux32_rt_sendsig: Memset zero before copyout. Not sure if there's any padding here, but it's a pretty big structure, fairly likely, so let's be rather safe than sorry. XXX pullup-8 XXX pullup-9 XXX pullup-10 To generate a diff of this commit: cvs rdiff -u -r1.47 -r1.48 \ src/sys/compat/linux32/arch/amd64/linux32_machdep.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/compat/linux32/arch/amd64/linux32_machdep.c diff -u src/sys/compat/linux32/arch/amd64/linux32_machdep.c:1.47 src/sys/compat/linux32/arch/amd64/linux32_machdep.c:1.48 --- src/sys/compat/linux32/arch/amd64/linux32_machdep.c:1.47 Mon Nov 1 05:07:16 2021 +++ src/sys/compat/linux32/arch/amd64/linux32_machdep.c Tue Jun 20 15:22:15 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: linux32_machdep.c,v 1.47 2021/11/01 05:07:16 thorpej Exp $ */ +/* $NetBSD: linux32_machdep.c,v 1.48 2023/06/20 15:22:15 riastradh Exp $ */ /*- * Copyright (c) 2006 Emmanuel Dreyfus, all rights reserved. @@ -31,7 +31,7 @@ * POSSIBILITY OF SUCH DAMAGE. */ #include -__KERNEL_RCSID(0, "$NetBSD: linux32_machdep.c,v 1.47 2021/11/01 05:07:16 thorpej Exp $"); +__KERNEL_RCSID(0, "$NetBSD: linux32_machdep.c,v 1.48 2023/06/20 15:22:15 riastradh Exp $"); #if defined(_KERNEL_OPT) #include "opt_user_ldt.h" @@ -195,6 +195,7 @@ linux32_rt_sendsig(const ksiginfo_t *ksi fp--; /* Build stack frame for signal trampoline. */ + memset(, 0, sizeof(frame)); NETBSD32PTR32(frame.sf_handler, catcher); frame.sf_sig = native_to_linux32_signo[sig]; NETBSD32PTR32(frame.sf_sip, >sf_si);
CVS commit: src/sys/compat/linux32/arch/amd64
Module Name:src Committed By: riastradh Date: Tue Jun 20 15:22:15 UTC 2023 Modified Files: src/sys/compat/linux32/arch/amd64: linux32_machdep.c Log Message: linux32_rt_sendsig: Memset zero before copyout. Not sure if there's any padding here, but it's a pretty big structure, fairly likely, so let's be rather safe than sorry. XXX pullup-8 XXX pullup-9 XXX pullup-10 To generate a diff of this commit: cvs rdiff -u -r1.47 -r1.48 \ src/sys/compat/linux32/arch/amd64/linux32_machdep.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/compat/ossaudio
Module Name:src Committed By: riastradh Date: Tue Jun 20 15:22:05 UTC 2023 Modified Files: src/sys/compat/ossaudio: ossaudio.c Log Message: compat_ossaudio: Zero-initialize idat before copyout. Unclear if there are any paths to the copyout without initialization, but let's play it safe to keep the auditing effort low. XXX pullup-8 XXX pullup-9 XXX pullup-10 To generate a diff of this commit: cvs rdiff -u -r1.84 -r1.85 src/sys/compat/ossaudio/ossaudio.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/compat/ossaudio/ossaudio.c diff -u src/sys/compat/ossaudio/ossaudio.c:1.84 src/sys/compat/ossaudio/ossaudio.c:1.85 --- src/sys/compat/ossaudio/ossaudio.c:1.84 Tue Sep 7 11:43:05 2021 +++ src/sys/compat/ossaudio/ossaudio.c Tue Jun 20 15:22:04 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: ossaudio.c,v 1.84 2021/09/07 11:43:05 riastradh Exp $ */ +/* $NetBSD: ossaudio.c,v 1.85 2023/06/20 15:22:04 riastradh Exp $ */ /*- * Copyright (c) 1997, 2008 The NetBSD Foundation, Inc. @@ -27,7 +27,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: ossaudio.c,v 1.84 2021/09/07 11:43:05 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ossaudio.c,v 1.85 2023/06/20 15:22:04 riastradh Exp $"); #include #include @@ -1069,7 +1069,7 @@ oss_ioctl_mixer(struct lwp *lwp, const s mixer_ctrl_t mc; struct oss_mixer_info omi; struct audio_device adev; - int idat; + int idat = 0; int i; int error; int l, r, n, e;
CVS commit: src/sys/compat/ossaudio
Module Name:src Committed By: riastradh Date: Tue Jun 20 15:22:05 UTC 2023 Modified Files: src/sys/compat/ossaudio: ossaudio.c Log Message: compat_ossaudio: Zero-initialize idat before copyout. Unclear if there are any paths to the copyout without initialization, but let's play it safe to keep the auditing effort low. XXX pullup-8 XXX pullup-9 XXX pullup-10 To generate a diff of this commit: cvs rdiff -u -r1.84 -r1.85 src/sys/compat/ossaudio/ossaudio.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/compat/sunos32
Module Name:src Committed By: riastradh Date: Tue Jun 20 15:21:55 UTC 2023 Modified Files: src/sys/compat/sunos32: sunos32_misc.c Log Message: compat_sunos32: Memset zero before copyout. Unclear if this can leak anything but let's be on the safe side. XXX pullup-8 XXX pullup-9 XXX pullup-10 To generate a diff of this commit: cvs rdiff -u -r1.85 -r1.86 src/sys/compat/sunos32/sunos32_misc.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/compat/sunos32/sunos32_misc.c diff -u src/sys/compat/sunos32/sunos32_misc.c:1.85 src/sys/compat/sunos32/sunos32_misc.c:1.86 --- src/sys/compat/sunos32/sunos32_misc.c:1.85 Tue Sep 7 11:43:05 2021 +++ src/sys/compat/sunos32/sunos32_misc.c Tue Jun 20 15:21:55 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: sunos32_misc.c,v 1.85 2021/09/07 11:43:05 riastradh Exp $ */ +/* $NetBSD: sunos32_misc.c,v 1.86 2023/06/20 15:21:55 riastradh Exp $ */ /* from :NetBSD: sunos_misc.c,v 1.107 2000/12/01 19:25:10 jdolecek Exp */ /* @@ -77,7 +77,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: sunos32_misc.c,v 1.85 2021/09/07 11:43:05 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: sunos32_misc.c,v 1.86 2023/06/20 15:21:55 riastradh Exp $"); #define COMPAT_SUNOS 1 @@ -242,6 +242,7 @@ static inline void sunos32_from___stat13 static inline void sunos32_from___stat13(struct stat *sbp, struct netbsd32_stat43 *sb32p) { + memset(sb32p, 0, sizeof(*sb32p)); sb32p->st_dev = sbp->st_dev; sb32p->st_ino = sbp->st_ino; sb32p->st_mode = sbp->st_mode;
CVS commit: src/sys/compat/sunos32
Module Name:src Committed By: riastradh Date: Tue Jun 20 15:21:55 UTC 2023 Modified Files: src/sys/compat/sunos32: sunos32_misc.c Log Message: compat_sunos32: Memset zero before copyout. Unclear if this can leak anything but let's be on the safe side. XXX pullup-8 XXX pullup-9 XXX pullup-10 To generate a diff of this commit: cvs rdiff -u -r1.85 -r1.86 src/sys/compat/sunos32/sunos32_misc.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/distrib/sets/lists
Module Name:src Committed By: martin Date: Tue Jun 20 11:00:29 UTC 2023 Modified Files: src/distrib/sets/lists/xdebug: md.alpha md.cats md.macppc md.ofppc md.sparc md.sparc64 src/distrib/sets/lists/xserver: md.alpha md.cats md.macppc md.ofppc md.sparc md.sparc64 Log Message: Obsolete ati_drv.so.19 and add .22 in the other md.* files affected by the recentish X update. To generate a diff of this commit: cvs rdiff -u -r1.20 -r1.21 src/distrib/sets/lists/xdebug/md.alpha \ src/distrib/sets/lists/xdebug/md.ofppc \ src/distrib/sets/lists/xdebug/md.sparc \ src/distrib/sets/lists/xdebug/md.sparc64 cvs rdiff -u -r1.21 -r1.22 src/distrib/sets/lists/xdebug/md.cats cvs rdiff -u -r1.19 -r1.20 src/distrib/sets/lists/xdebug/md.macppc cvs rdiff -u -r1.60 -r1.61 src/distrib/sets/lists/xserver/md.alpha cvs rdiff -u -r1.70 -r1.71 src/distrib/sets/lists/xserver/md.cats cvs rdiff -u -r1.89 -r1.90 src/distrib/sets/lists/xserver/md.macppc cvs rdiff -u -r1.39 -r1.40 src/distrib/sets/lists/xserver/md.ofppc cvs rdiff -u -r1.81 -r1.82 src/distrib/sets/lists/xserver/md.sparc cvs rdiff -u -r1.77 -r1.78 src/distrib/sets/lists/xserver/md.sparc64 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/distrib/sets/lists/xdebug/md.alpha diff -u src/distrib/sets/lists/xdebug/md.alpha:1.20 src/distrib/sets/lists/xdebug/md.alpha:1.21 --- src/distrib/sets/lists/xdebug/md.alpha:1.20 Fri Jul 15 04:47:56 2022 +++ src/distrib/sets/lists/xdebug/md.alpha Tue Jun 20 11:00:29 2023 @@ -1,4 +1,4 @@ -# $NetBSD: md.alpha,v 1.20 2022/07/15 04:47:56 mrg Exp $ +# $NetBSD: md.alpha,v 1.21 2023/06/20 11:00:29 martin Exp $ ./usr/X11R7/lib/modules/extensions/libdri2_g.a xdebug-obsolete xorg,obsolete ./usr/libdata/debug/usr/X11R7/bin/Xorg.debug xdebug-xorg-server-debug xorg,debug ./usr/libdata/debug/usr/X11R7/bin/gtf.debug xdebug-xorg-server-debug xorg,debug @@ -8,7 +8,8 @@ ./usr/libdata/debug/usr/X11R7/lib/modules/drivers/ark_drv.so.0.debug xdebug-xf86-video-ark-debug xorg,debug,xorg_server_ver=110 ./usr/libdata/debug/usr/X11R7/lib/modules/drivers/ast_drv.so.1.debug xdebug-xf86-video-ast-debug xorg,debug ./usr/libdata/debug/usr/X11R7/lib/modules/drivers/ati_drv.so.6.debug xdebug-obsolete obsolete -./usr/libdata/debug/usr/X11R7/lib/modules/drivers/ati_drv.so.19.debug xdebug-xf86-video-ati-debug xorg,debug +./usr/libdata/debug/usr/X11R7/lib/modules/drivers/ati_drv.so.19.debug xdebug-obsolete obsolete +./usr/libdata/debug/usr/X11R7/lib/modules/drivers/ati_drv.so.22.debug xdebug-xf86-video-ati-debug xorg,debug ./usr/libdata/debug/usr/X11R7/lib/modules/drivers/chips_drv.so.1.debug xdebug-xf86-video-chips-debug xorg,debug ./usr/libdata/debug/usr/X11R7/lib/modules/drivers/cirrus_alpine.so.1.debug xdebug-obsolete obsolete ./usr/libdata/debug/usr/X11R7/lib/modules/drivers/cirrus_drv.so.1.debug xdebug-xf86-video-cirrus-debug xorg,debug Index: src/distrib/sets/lists/xdebug/md.ofppc diff -u src/distrib/sets/lists/xdebug/md.ofppc:1.20 src/distrib/sets/lists/xdebug/md.ofppc:1.21 --- src/distrib/sets/lists/xdebug/md.ofppc:1.20 Fri Jul 15 04:47:56 2022 +++ src/distrib/sets/lists/xdebug/md.ofppc Tue Jun 20 11:00:29 2023 @@ -1,4 +1,4 @@ -# $NetBSD: md.ofppc,v 1.20 2022/07/15 04:47:56 mrg Exp $ +# $NetBSD: md.ofppc,v 1.21 2023/06/20 11:00:29 martin Exp $ ./usr/X11R7/lib/modules/extensions/libdbe_g.a xdebug-obsolete xorg,obsolete ./usr/X11R7/lib/modules/extensions/libdri2_g.a xdebug-obsolete xorg,obsolete ./usr/X11R7/lib/modules/extensions/libdri_g.a xdebug-obsolete xorg,obsolete @@ -33,7 +33,8 @@ ./usr/libdata/debug/usr/X11R7/lib/modules/dri/radeon_dri.so.0.debug xdebug-obsolete xorg,obsolete,xorg ./usr/libdata/debug/usr/X11R7/lib/modules/dri/tdfx_dri.so.0.debug xdebug-obsolete xorg,obsolete ./usr/libdata/debug/usr/X11R7/lib/modules/drivers/ati_drv.so.6.debug xdebug-obsolete obsolete -./usr/libdata/debug/usr/X11R7/lib/modules/drivers/ati_drv.so.19.debug xdebug-xf86-video-ati-debug xorg,debug +./usr/libdata/debug/usr/X11R7/lib/modules/drivers/ati_drv.so.19.debug xdebug-obsolete obsolete +./usr/libdata/debug/usr/X11R7/lib/modules/drivers/ati_drv.so.22.debug xdebug-xf86-video-ati-debug xorg,debug ./usr/libdata/debug/usr/X11R7/lib/modules/drivers/chips_drv.so.1.debug xdebug-xf86-video-chips-debug xorg,debug ./usr/libdata/debug/usr/X11R7/lib/modules/drivers/kbd_drv.so.2.debug xdebug-xf86-input-keyboard-debug xorg,debug ./usr/libdata/debug/usr/X11R7/lib/modules/drivers/libati_drv.so.6.debug xdebug-obsolete xorg,obsolete Index: src/distrib/sets/lists/xdebug/md.sparc diff -u src/distrib/sets/lists/xdebug/md.sparc:1.20 src/distrib/sets/lists/xdebug/md.sparc:1.21 --- src/distrib/sets/lists/xdebug/md.sparc:1.20 Fri Jul 15 04:47:56 2022 +++ src/distrib/sets/lists/xdebug/md.sparc Tue Jun 20 11:00:29 2023 @@ -1,4 +1,4 @@ -# $NetBSD: md.sparc,v 1.20 2022/07/15 04:47:56 mrg Exp $ +# $NetBSD: md.sparc,v
CVS commit: src/distrib/sets/lists
Module Name:src Committed By: martin Date: Tue Jun 20 11:00:29 UTC 2023 Modified Files: src/distrib/sets/lists/xdebug: md.alpha md.cats md.macppc md.ofppc md.sparc md.sparc64 src/distrib/sets/lists/xserver: md.alpha md.cats md.macppc md.ofppc md.sparc md.sparc64 Log Message: Obsolete ati_drv.so.19 and add .22 in the other md.* files affected by the recentish X update. To generate a diff of this commit: cvs rdiff -u -r1.20 -r1.21 src/distrib/sets/lists/xdebug/md.alpha \ src/distrib/sets/lists/xdebug/md.ofppc \ src/distrib/sets/lists/xdebug/md.sparc \ src/distrib/sets/lists/xdebug/md.sparc64 cvs rdiff -u -r1.21 -r1.22 src/distrib/sets/lists/xdebug/md.cats cvs rdiff -u -r1.19 -r1.20 src/distrib/sets/lists/xdebug/md.macppc cvs rdiff -u -r1.60 -r1.61 src/distrib/sets/lists/xserver/md.alpha cvs rdiff -u -r1.70 -r1.71 src/distrib/sets/lists/xserver/md.cats cvs rdiff -u -r1.89 -r1.90 src/distrib/sets/lists/xserver/md.macppc cvs rdiff -u -r1.39 -r1.40 src/distrib/sets/lists/xserver/md.ofppc cvs rdiff -u -r1.81 -r1.82 src/distrib/sets/lists/xserver/md.sparc cvs rdiff -u -r1.77 -r1.78 src/distrib/sets/lists/xserver/md.sparc64 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.bin/make
Module Name:src Committed By: rillig Date: Tue Jun 20 09:25:34 UTC 2023 Modified Files: src/usr.bin/make: cond.c make.h parse.c src/usr.bin/make/unit-tests: Makefile directive-include-guard.exp directive-include-guard.mk Log Message: make: allow targets to be used as multiple-inclusion guards This style is used by FreeBSD, among others. To generate a diff of this commit: cvs rdiff -u -r1.349 -r1.350 src/usr.bin/make/cond.c cvs rdiff -u -r1.322 -r1.323 src/usr.bin/make/make.h cvs rdiff -u -r1.701 -r1.702 src/usr.bin/make/parse.c cvs rdiff -u -r1.338 -r1.339 src/usr.bin/make/unit-tests/Makefile cvs rdiff -u -r1.5 -r1.6 \ src/usr.bin/make/unit-tests/directive-include-guard.exp cvs rdiff -u -r1.6 -r1.7 \ src/usr.bin/make/unit-tests/directive-include-guard.mk Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/make/cond.c diff -u src/usr.bin/make/cond.c:1.349 src/usr.bin/make/cond.c:1.350 --- src/usr.bin/make/cond.c:1.349 Mon Jun 19 20:07:35 2023 +++ src/usr.bin/make/cond.c Tue Jun 20 09:25:33 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: cond.c,v 1.349 2023/06/19 20:07:35 rillig Exp $ */ +/* $NetBSD: cond.c,v 1.350 2023/06/20 09:25:33 rillig Exp $ */ /* * Copyright (c) 1988, 1989, 1990 The Regents of the University of California. @@ -92,7 +92,7 @@ #include "dir.h" /* "@(#)cond.c 8.2 (Berkeley) 1/2/94" */ -MAKE_RCSID("$NetBSD: cond.c,v 1.349 2023/06/19 20:07:35 rillig Exp $"); +MAKE_RCSID("$NetBSD: cond.c,v 1.350 2023/06/20 09:25:33 rillig Exp $"); /* * Conditional expressions conform to this grammar: @@ -1252,15 +1252,30 @@ ParseVarnameGuard(const char **pp, const return false; } -/* - * Tests whether the line is a conditional that forms a multiple-inclusion - * guard, and if so, extracts the guard variable name. - */ -char * +static bool +ParseTargetGuard(const char **pp, const char **target) +{ + const char *p = *pp; + + if (ch_isalpha(*p) || *p == '_') { + while (ch_isalnum(*p) || *p == '_' || *p == '-' + || *p == '<' || *p == '>' || *p == '.' || *p == '/') + p++; + *target = *pp; + *pp = p; + return true; + } + return false; +} + +/* Extracts the multiple-inclusion guard from a conditional, if any. */ +Guard * Cond_ExtractGuard(const char *line) { - const char *p, *varname; + const char *p, *name; Substring dir; + enum GuardKind kind; + Guard *guard; p = line + 1; /* skip the '.' */ cpp_skip_hspace(); @@ -1271,14 +1286,32 @@ Cond_ExtractGuard(const char *line) dir.end = p; cpp_skip_hspace(); - if (Substring_Equals(dir, "if")) - return skip_string(, "!defined(") - && ParseVarnameGuard(, ) && strcmp(p, ")") == 0 - ? bmake_strsedup(varname, p) : NULL; - if (Substring_Equals(dir, "ifndef")) - return ParseVarnameGuard(, ) && *p == '\0' - ? bmake_strsedup(varname, p) : NULL; + if (Substring_Equals(dir, "if")) { + if (skip_string(, "!defined(")) { + if (ParseVarnameGuard(, ) + && strcmp(p, ")") == 0) +goto found_variable; + } else if (skip_string(, "!target(")) { + if (ParseTargetGuard(, ) + && strcmp(p, ")") == 0) +goto found_target; + } + } else if (Substring_Equals(dir, "ifndef")) { + if (ParseVarnameGuard(, ) && *p == '\0') + goto found_variable; + } return NULL; + +found_variable: + kind = GK_VARIABLE; + goto found; +found_target: + kind = GK_TARGET; +found: + guard = bmake_malloc(sizeof(*guard)); + guard->kind = kind; + guard->name = bmake_strsedup(name, p); + return guard; } void Index: src/usr.bin/make/make.h diff -u src/usr.bin/make/make.h:1.322 src/usr.bin/make/make.h:1.323 --- src/usr.bin/make/make.h:1.322 Mon Jun 19 12:53:57 2023 +++ src/usr.bin/make/make.h Tue Jun 20 09:25:33 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: make.h,v 1.322 2023/06/19 12:53:57 rillig Exp $ */ +/* $NetBSD: make.h,v 1.323 2023/06/20 09:25:33 rillig Exp $ */ /* * Copyright (c) 1988, 1989, 1990, 1993 @@ -539,6 +539,14 @@ typedef enum CondResult { CR_ERROR /* Unknown directive or parse error */ } CondResult; +typedef struct { + enum GuardKind { + GK_VARIABLE, + GK_TARGET + } kind; + char *name; +} Guard; + /* Names of the variables that are "local" to a specific target. */ #define TARGET "@" /* Target of dependency */ #define OODATE "?" /* All out-of-date sources */ @@ -793,7 +801,7 @@ void Compat_Make(GNode *, GNode *); extern unsigned int cond_depth; CondResult Cond_EvalCondition(const char *) MAKE_ATTR_USE; CondResult Cond_EvalLine(const char *) MAKE_ATTR_USE; -char *Cond_ExtractGuard(const char *) MAKE_ATTR_USE; +Guard *Cond_ExtractGuard(const char *) MAKE_ATTR_USE; void Cond_EndFile(void); /* dir.c; see also dir.h */ Index: src/usr.bin/make/parse.c diff -u src/usr.bin/make/parse.c:1.701 src/usr.bin/make/parse.c:1.702 --- src/usr.bin/make/parse.c:1.701 Mon Jun 19 17:30:56 2023 +++ src/usr.bin/make/parse.c Tue Jun 20 09:25:33 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: parse.c,v
CVS commit: src/usr.bin/make
Module Name:src Committed By: rillig Date: Tue Jun 20 09:25:34 UTC 2023 Modified Files: src/usr.bin/make: cond.c make.h parse.c src/usr.bin/make/unit-tests: Makefile directive-include-guard.exp directive-include-guard.mk Log Message: make: allow targets to be used as multiple-inclusion guards This style is used by FreeBSD, among others. To generate a diff of this commit: cvs rdiff -u -r1.349 -r1.350 src/usr.bin/make/cond.c cvs rdiff -u -r1.322 -r1.323 src/usr.bin/make/make.h cvs rdiff -u -r1.701 -r1.702 src/usr.bin/make/parse.c cvs rdiff -u -r1.338 -r1.339 src/usr.bin/make/unit-tests/Makefile cvs rdiff -u -r1.5 -r1.6 \ src/usr.bin/make/unit-tests/directive-include-guard.exp cvs rdiff -u -r1.6 -r1.7 \ src/usr.bin/make/unit-tests/directive-include-guard.mk Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.bin/nc
Module Name:src Committed By: rin Date: Tue Jun 20 08:51:24 UTC 2023 Modified Files: src/usr.bin/nc: netcat.c Log Message: nc(1): Declare and initialize ``on'' ifdef SO_BINDANY. NFC yet for us. To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/usr.bin/nc/netcat.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.bin/nc
Module Name:src Committed By: rin Date: Tue Jun 20 08:51:24 UTC 2023 Modified Files: src/usr.bin/nc: netcat.c Log Message: nc(1): Declare and initialize ``on'' ifdef SO_BINDANY. NFC yet for us. To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/usr.bin/nc/netcat.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/nc/netcat.c diff -u src/usr.bin/nc/netcat.c:1.6 src/usr.bin/nc/netcat.c:1.7 --- src/usr.bin/nc/netcat.c:1.6 Thu Oct 3 01:15:19 2019 +++ src/usr.bin/nc/netcat.c Tue Jun 20 08:51:24 2023 @@ -27,7 +27,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include -__RCSID("$NetBSD: netcat.c,v 1.6 2019/10/03 01:15:19 sevan Exp $"); +__RCSID("$NetBSD: netcat.c,v 1.7 2023/06/20 08:51:24 rin Exp $"); /* * Re-written nc(1) for OpenBSD. Original implementation by @@ -915,6 +915,9 @@ remote_connect(const char *host, const c { struct addrinfo *res, *res0; int s = -1, error, save_errno; +#ifdef SO_BINDANY + int on = 1; +#endif if ((error = getaddrinfo(host, port, , ))) errx(1, "getaddrinfo: %s", gai_strerror(error));
CVS commit: src/sys/arch/i386/stand/efiboot
Module Name:src Committed By: rin Date: Tue Jun 20 07:46:03 UTC 2023 Modified Files: src/sys/arch/i386/stand/efiboot: devopen.c Log Message: ``int i'' is used only for SUPPORT_NFS || SUPPORT_TFTP. To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 src/sys/arch/i386/stand/efiboot/devopen.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/arch/i386/stand/efiboot
Module Name:src Committed By: rin Date: Tue Jun 20 07:46:03 UTC 2023 Modified Files: src/sys/arch/i386/stand/efiboot: devopen.c Log Message: ``int i'' is used only for SUPPORT_NFS || SUPPORT_TFTP. To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 src/sys/arch/i386/stand/efiboot/devopen.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/i386/stand/efiboot/devopen.c diff -u src/sys/arch/i386/stand/efiboot/devopen.c:1.13 src/sys/arch/i386/stand/efiboot/devopen.c:1.14 --- src/sys/arch/i386/stand/efiboot/devopen.c:1.13 Mon Dec 27 12:19:27 2021 +++ src/sys/arch/i386/stand/efiboot/devopen.c Tue Jun 20 07:46:03 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: devopen.c,v 1.13 2021/12/27 12:19:27 simonb Exp $ */ +/* $NetBSD: devopen.c,v 1.14 2023/06/20 07:46:03 rin Exp $ */ /*- * Copyright (c) 2005 The NetBSD Foundation, Inc. @@ -154,13 +154,13 @@ devopen(struct open_file *f, const char const char *xname = NULL; int unit, partition; int biosdev; - int i, error; + int error; #if defined(SUPPORT_NFS) || defined(SUPPORT_TFTP) struct devdesc desc; const struct netboot_fstab *nf; char *filename; size_t fsnamelen; - int n; + int i, n; #endif error = parsebootfile(fname, , , , ,
CVS commit: src/crypto/external/bsd/heimdal/libexec/kadmind
Module Name:src Committed By: mrg Date: Tue Jun 20 07:17:11 UTC 2023 Modified Files: src/crypto/external/bsd/heimdal/libexec/kadmind: Makefile Log Message: re-fix the previous - i had only fixed one case, not the general one. guard the .BEGIN: rule with: .if !make(clean) && !make(cleandir) && !make(distclean) && !make(obj) so that it doesn't trigger in cases where we don't expect the objdir to exist already, or we don't want to be adding things while we're cleaning them out. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 \ src/crypto/external/bsd/heimdal/libexec/kadmind/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/heimdal/libexec/kadmind/Makefile diff -u src/crypto/external/bsd/heimdal/libexec/kadmind/Makefile:1.4 src/crypto/external/bsd/heimdal/libexec/kadmind/Makefile:1.5 --- src/crypto/external/bsd/heimdal/libexec/kadmind/Makefile:1.4 Tue Jun 20 05:06:04 2023 +++ src/crypto/external/bsd/heimdal/libexec/kadmind/Makefile Tue Jun 20 07:17:11 2023 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.4 2023/06/20 05:06:04 mrg Exp $ +# $NetBSD: Makefile,v 1.5 2023/06/20 07:17:11 mrg Exp $ .include .include <${.CURDIR}/../../Makefile.inc> @@ -27,5 +27,7 @@ DPADD+= ${LIBGSSAPI} ${LIBKADM5SRV} ${LI # XXX CLEANFILES+=hcrypto -${OBJS}: +.if !make(clean) && !make(cleandir) && !make(distclean) && !make(obj) +.BEGIN: @ln -sf ${HEIMDIST}/lib/hcrypto . +.endif
CVS commit: src/crypto/external/bsd/heimdal/libexec/kadmind
Module Name:src Committed By: mrg Date: Tue Jun 20 07:17:11 UTC 2023 Modified Files: src/crypto/external/bsd/heimdal/libexec/kadmind: Makefile Log Message: re-fix the previous - i had only fixed one case, not the general one. guard the .BEGIN: rule with: .if !make(clean) && !make(cleandir) && !make(distclean) && !make(obj) so that it doesn't trigger in cases where we don't expect the objdir to exist already, or we don't want to be adding things while we're cleaning them out. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 \ src/crypto/external/bsd/heimdal/libexec/kadmind/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.