CVS commit: src/usr.bin/make
Module Name:src
Committed By: sjg
Date: Wed Jun 21 04:20:21 UTC 2023
Modified Files:
src/usr.bin/make: cond.c
src/usr.bin/make/unit-tests: directive-include-guard.exp
directive-include-guard.mk
Log Message:
Allow guard targets to use variables.
I commonly use __${.PARSEDIR:tA}__ where a unique guard
is needed, __${.PARSEDIR}__ is also useful in many cases.
Combination of patch from rillig and mine
To generate a diff of this commit:
cvs rdiff -u -r1.350 -r1.351 src/usr.bin/make/cond.c
cvs rdiff -u -r1.6 -r1.7 \
src/usr.bin/make/unit-tests/directive-include-guard.exp
cvs rdiff -u -r1.7 -r1.8 \
src/usr.bin/make/unit-tests/directive-include-guard.mk
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.bin/make/cond.c
diff -u src/usr.bin/make/cond.c:1.350 src/usr.bin/make/cond.c:1.351
--- src/usr.bin/make/cond.c:1.350 Tue Jun 20 09:25:33 2023
+++ src/usr.bin/make/cond.c Wed Jun 21 04:20:20 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: cond.c,v 1.350 2023/06/20 09:25:33 rillig Exp $ */
+/* $NetBSD: cond.c,v 1.351 2023/06/21 04:20:20 sjg Exp $ */
/*
* Copyright (c) 1988, 1989, 1990 The Regents of the University of California.
@@ -92,7 +92,7 @@
#include "dir.h"
/* "@(#)cond.c 8.2 (Berkeley) 1/2/94" */
-MAKE_RCSID("$NetBSD: cond.c,v 1.350 2023/06/20 09:25:33 rillig Exp $");
+MAKE_RCSID("$NetBSD: cond.c,v 1.351 2023/06/21 04:20:20 sjg Exp $");
/*
* Conditional expressions conform to this grammar:
@@ -1252,22 +1252,6 @@ ParseVarnameGuard(const char **pp, const
return false;
}
-static bool
-ParseTargetGuard(const char **pp, const char **target)
-{
- const char *p = *pp;
-
- if (ch_isalpha(*p) || *p == '_') {
- while (ch_isalnum(*p) || *p == '_' || *p == '-'
- || *p == '<' || *p == '>' || *p == '.' || *p == '/')
- p++;
- *target = *pp;
- *pp = p;
- return true;
- }
- return false;
-}
-
/* Extracts the multiple-inclusion guard from a conditional, if any. */
Guard *
Cond_ExtractGuard(const char *line)
@@ -1292,9 +1276,17 @@ Cond_ExtractGuard(const char *line)
&& strcmp(p, ")") == 0)
goto found_variable;
} else if (skip_string(, "!target(")) {
- if (ParseTargetGuard(, )
- && strcmp(p, ")") == 0)
-goto found_target;
+ name = p;
+ free(ParseWord(, false));
+ if (strcmp(p, ")") == 0) {
+char *target;
+p = name;
+target = ParseWord(, true);
+guard = bmake_malloc(sizeof(*guard));
+guard->kind = GK_TARGET;
+guard->name = target;
+return guard;
+ }
}
} else if (Substring_Equals(dir, "ifndef")) {
if (ParseVarnameGuard(, ) && *p == '\0')
@@ -1304,10 +1296,6 @@ Cond_ExtractGuard(const char *line)
found_variable:
kind = GK_VARIABLE;
- goto found;
-found_target:
- kind = GK_TARGET;
-found:
guard = bmake_malloc(sizeof(*guard));
guard->kind = kind;
guard->name = bmake_strsedup(name, p);
Index: src/usr.bin/make/unit-tests/directive-include-guard.exp
diff -u src/usr.bin/make/unit-tests/directive-include-guard.exp:1.6 src/usr.bin/make/unit-tests/directive-include-guard.exp:1.7
--- src/usr.bin/make/unit-tests/directive-include-guard.exp:1.6 Tue Jun 20 09:25:34 2023
+++ src/usr.bin/make/unit-tests/directive-include-guard.exp Wed Jun 21 04:20:21 2023
@@ -47,7 +47,13 @@ Skipping 'target.tmp' because '__target.
Parse_PushInput: file target-sys.tmp, line 1
Skipping 'target-sys.tmp' because '' is defined
Parse_PushInput: file target-indirect.tmp, line 1
-Parse_PushInput: file target-indirect.tmp, line 1
+Skipping 'target-indirect.tmp' because 'target-indirect.tmp' is defined
+Parse_PushInput: file target-indirect-PARSEFILE.tmp, line 1
+Skipping 'target-indirect-PARSEFILE.tmp' because '__target-indirect-PARSEFILE.tmp__' is defined
+Parse_PushInput: file target-indirect-PARSEFILE2.tmp, line 1
+Skipping 'target-indirect-PARSEFILE2.tmp' because '__target-indirect-PARSEFILE2.tmp__' is defined
+Parse_PushInput: file target-indirect-PARSEFILE-tA.tmp, line 1
+Skipping 'target-indirect-PARSEFILE-tA.tmp' because '__target-indirect-PARSEFILE-tA.tmp__' is defined
Parse_PushInput: file target-unguarded.tmp, line 1
Parse_PushInput: file target-unguarded.tmp, line 1
Parse_PushInput: file target-plus.tmp, line 1
Index: src/usr.bin/make/unit-tests/directive-include-guard.mk
diff -u src/usr.bin/make/unit-tests/directive-include-guard.mk:1.7 src/usr.bin/make/unit-tests/directive-include-guard.mk:1.8
--- src/usr.bin/make/unit-tests/directive-include-guard.mk:1.7 Tue Jun 20 09:25:34 2023
+++ src/usr.bin/make/unit-tests/directive-include-guard.mk Wed Jun 21 04:20:21 2023
@@ -1,4 +1,4 @@
-# $NetBSD: directive-include-guard.mk,v 1.7 2023/06/20 09:25:34 rillig Exp $
+# $NetBSD: directive-include-guard.mk,v 1.8 2023/06/21 04:20:21 sjg Exp $
#
# Tests for multiple-inclusion guards in makefiles.
#
@@ -282,14 +282,45 @@ LINES.target-sys= \
# expect: Parse_PushInput: file target-sys.tmp, line 1
# expect:
CVS commit: src/usr.bin/make
Module Name:src
Committed By: sjg
Date: Wed Jun 21 04:20:21 UTC 2023
Modified Files:
src/usr.bin/make: cond.c
src/usr.bin/make/unit-tests: directive-include-guard.exp
directive-include-guard.mk
Log Message:
Allow guard targets to use variables.
I commonly use __${.PARSEDIR:tA}__ where a unique guard
is needed, __${.PARSEDIR}__ is also useful in many cases.
Combination of patch from rillig and mine
To generate a diff of this commit:
cvs rdiff -u -r1.350 -r1.351 src/usr.bin/make/cond.c
cvs rdiff -u -r1.6 -r1.7 \
src/usr.bin/make/unit-tests/directive-include-guard.exp
cvs rdiff -u -r1.7 -r1.8 \
src/usr.bin/make/unit-tests/directive-include-guard.mk
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
CVS commit: src/distrib/sets/lists/debug
Module Name:src Committed By: pgoyette Date: Wed Jun 21 02:48:49 UTC 2023 Modified Files: src/distrib/sets/lists/debug: mi Log Message: Looks like this debug library disappeared with the new heimdal. Mark it obsolete to fix the MKDEBUGLIB build. To generate a diff of this commit: cvs rdiff -u -r1.404 -r1.405 src/distrib/sets/lists/debug/mi Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/distrib/sets/lists/debug/mi diff -u src/distrib/sets/lists/debug/mi:1.404 src/distrib/sets/lists/debug/mi:1.405 --- src/distrib/sets/lists/debug/mi:1.404 Fri Jun 16 20:38:19 2023 +++ src/distrib/sets/lists/debug/mi Wed Jun 21 02:48:49 2023 @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.404 2023/06/16 20:38:19 wiz Exp $ +# $NetBSD: mi,v 1.405 2023/06/21 02:48:49 pgoyette Exp $ ./etc/mtree/set.debug comp-sys-root ./usr/lib comp-sys-usr compatdir ./usr/lib/i18n/libBIG5_g.a comp-c-debuglib debuglib,compatfile @@ -277,7 +277,7 @@ ./usr/lib/libutil_g.acomp-c-debuglib debuglib,compatfile ./usr/lib/libuutil_g.acomp-c-debuglib debuglib,compatfile,zfs ./usr/lib/libuv_g.acomp-obsolete obsolete,compatfile -./usr/lib/libvers_g.acomp-c-debuglib debuglib,compatfile,kerberos +./usr/lib/libvers_g.acomp-obsolete debuglib,compatfile,kerberos,obsolete ./usr/lib/libwind_g.acomp-c-debuglib debuglib,compatfile,kerberos ./usr/lib/libwrap_g.acomp-c-debuglib debuglib,compatfile ./usr/lib/liby_g.acomp-c-debuglib debuglib,compatfile
CVS commit: src/distrib/sets/lists/debug
Module Name:src Committed By: pgoyette Date: Wed Jun 21 02:48:49 UTC 2023 Modified Files: src/distrib/sets/lists/debug: mi Log Message: Looks like this debug library disappeared with the new heimdal. Mark it obsolete to fix the MKDEBUGLIB build. To generate a diff of this commit: cvs rdiff -u -r1.404 -r1.405 src/distrib/sets/lists/debug/mi Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-10] src/doc
Module Name:src Committed By: snj Date: Tue Jun 20 23:46:41 UTC 2023 Modified Files: src/doc [netbsd-10]: CHANGES-10.0 Log Message: 199 To generate a diff of this commit: cvs rdiff -u -r1.1.2.69 -r1.1.2.70 src/doc/CHANGES-10.0 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-10] src/doc
Module Name:src Committed By: snj Date: Tue Jun 20 23:46:41 UTC 2023 Modified Files: src/doc [netbsd-10]: CHANGES-10.0 Log Message: 199 To generate a diff of this commit: cvs rdiff -u -r1.1.2.69 -r1.1.2.70 src/doc/CHANGES-10.0 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-10.0 diff -u src/doc/CHANGES-10.0:1.1.2.69 src/doc/CHANGES-10.0:1.1.2.70 --- src/doc/CHANGES-10.0:1.1.2.69 Thu Jun 8 11:16:40 2023 +++ src/doc/CHANGES-10.0 Tue Jun 20 23:46:41 2023 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-10.0,v 1.1.2.69 2023/06/08 11:16:40 martin Exp $ +# $NetBSD: CHANGES-10.0,v 1.1.2.70 2023/06/20 23:46:41 snj Exp $ A complete list of changes from the initial NetBSD 10.0 branch on 2022-12-16 until the 10.0 release: @@ -2057,3 +2057,59 @@ sys/net/route.c 1.237 to avoid use-after-free of deleted routes. [ozaki-r, ticket #195] +xsrc/external/mit/libX11/dist/ChangeLog up to 1.5 +xsrc/external/mit/libX11/dist/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/README.md up to 1.4 +xsrc/external/mit/libX11/dist/aclocal.m4 up to 1.5 +xsrc/external/mit/libX11/dist/compile up to 1.1.1.13 +xsrc/external/mit/libX11/dist/config.guess up to 1.1.1.18 +xsrc/external/mit/libX11/dist/config.sub up to 1.1.1.17 +xsrc/external/mit/libX11/dist/configure up to 1.5 +xsrc/external/mit/libX11/dist/configure.ac up to 1.5 +xsrc/external/mit/libX11/dist/depcomp up to 1.1.1.16 +xsrc/external/mit/libX11/dist/install-sh up to 1.1.1.15 +xsrc/external/mit/libX11/dist/ltmain.sh up to 1.1.1.19 +xsrc/external/mit/libX11/dist/missing up to 1.1.1.15 +xsrc/external/mit/libX11/dist/test-driver up to 1.1.1.13 +xsrc/external/mit/libX11/dist/include/Makefile.in up to 1.1.1.27 +xsrc/external/mit/libX11/dist/m4/libtool.m4 up to 1.14 +xsrc/external/mit/libX11/dist/m4/ltoptions.m4 up to 1.8 +xsrc/external/mit/libX11/dist/m4/ltsugar.m4 up to 1.8 +xsrc/external/mit/libX11/dist/m4/ltversion.m4 up to 1.8 +xsrc/external/mit/libX11/dist/m4/lt~obsolete.m4 up to 1.8 +xsrc/external/mit/libX11/dist/man/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/man/XSetScreenSaver.man up to 1.1.1.6 +xsrc/external/mit/libX11/dist/man/xkb/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/modules/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/modules/im/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/modules/im/ximcp/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/modules/lc/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/modules/lc/Utf8/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/modules/lc/def/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/modules/lc/gen/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/modules/om/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/modules/om/generic/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/nls/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/nls/am_ET.UTF-8/Compose.pre up to 1.1.1.4 +xsrc/external/mit/libX11/dist/nls/en_US.UTF-8/Compose.pre up to 1.12 +xsrc/external/mit/libX11/dist/nls/pt_BR.UTF-8/Compose.pre up to 1.1.1.7 +xsrc/external/mit/libX11/dist/specs/Makefile.in up to 1.1.1.23 +xsrc/external/mit/libX11/dist/specs/XIM/Makefile.in up to 1.1.1.23 +xsrc/external/mit/libX11/dist/specs/XKB/Makefile.in up to 1.1.1.19 +xsrc/external/mit/libX11/dist/specs/i18n/Makefile.in up to 1.1.1.23 +xsrc/external/mit/libX11/dist/specs/i18n/compose/Makefile.in up to 1.1.1.16 +xsrc/external/mit/libX11/dist/specs/i18n/framework/Makefile.in up to 1.1.1.19 +xsrc/external/mit/libX11/dist/specs/i18n/localedb/Makefile.in up to 1.1.1.19 +xsrc/external/mit/libX11/dist/specs/i18n/trans/Makefile.in up to 1.1.1.19 +xsrc/external/mit/libX11/dist/specs/libX11/Makefile.in up to 1.1.1.23 +xsrc/external/mit/libX11/dist/src/InitExt.c up to 1.1.1.8 +xsrc/external/mit/libX11/dist/src/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/src/config.h.in up to 1.1.1.17 +xsrc/external/mit/libX11/dist/src/util/Makefile.in up to 1.1.1.27 +xsrc/external/mit/libX11/dist/src/xcms/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/src/xkb/Makefile.in up to 1.1.1.26 +xsrc/external/mit/libX11/dist/src/xlibi18n/Makefile.in up to 1.1.1.26 + + update to libX11 1.8.6. fixes CVE-2023-3138. + [mrg, ticket #199] +
CVS commit: [netbsd-10] xsrc/external/mit/libX11/dist
Module Name:xsrc Committed By: snj Date: Tue Jun 20 23:40:56 UTC 2023 Modified Files: xsrc/external/mit/libX11/dist [netbsd-10]: ChangeLog Makefile.in README.md aclocal.m4 compile config.guess config.sub configure configure.ac depcomp install-sh ltmain.sh missing test-driver xsrc/external/mit/libX11/dist/include [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/m4 [netbsd-10]: libtool.m4 ltoptions.m4 ltsugar.m4 ltversion.m4 lt~obsolete.m4 xsrc/external/mit/libX11/dist/man [netbsd-10]: Makefile.in XSetScreenSaver.man xsrc/external/mit/libX11/dist/man/xkb [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/im [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/im/ximcp [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/lc [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/lc/Utf8 [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/lc/def [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/lc/gen [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/om [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/om/generic [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/nls [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/nls/am_ET.UTF-8 [netbsd-10]: Compose.pre xsrc/external/mit/libX11/dist/nls/en_US.UTF-8 [netbsd-10]: Compose.pre xsrc/external/mit/libX11/dist/nls/pt_BR.UTF-8 [netbsd-10]: Compose.pre xsrc/external/mit/libX11/dist/specs [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/XIM [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/XKB [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/i18n [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/i18n/compose [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/i18n/framework [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/i18n/localedb [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/i18n/trans [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/libX11 [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/src [netbsd-10]: InitExt.c Makefile.in config.h.in xsrc/external/mit/libX11/dist/src/util [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/src/xcms [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/src/xkb [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/src/xlibi18n [netbsd-10]: Makefile.in Log Message: sync to head, requested by mrg in ticket #199: update to libX11 1.8.6. fixes CVE-2023-3138. To generate a diff of this commit: cvs rdiff -u -r1.1.1.27.2.4 -r1.1.1.27.2.5 \ xsrc/external/mit/libX11/dist/ChangeLog \ xsrc/external/mit/libX11/dist/configure \ xsrc/external/mit/libX11/dist/configure.ac cvs rdiff -u -r1.1.1.24.2.1 -r1.1.1.24.2.2 \ xsrc/external/mit/libX11/dist/Makefile.in cvs rdiff -u -r1.1.1.7.2.3 -r1.1.1.7.2.4 \ xsrc/external/mit/libX11/dist/README.md cvs rdiff -u -r1.1.1.23.2.4 -r1.1.1.23.2.5 \ xsrc/external/mit/libX11/dist/aclocal.m4 cvs rdiff -u -r1.1.1.11.2.1 -r1.1.1.11.2.2 \ xsrc/external/mit/libX11/dist/compile \ xsrc/external/mit/libX11/dist/test-driver cvs rdiff -u -r1.1.1.16.2.1 -r1.1.1.16.2.2 \ xsrc/external/mit/libX11/dist/config.guess cvs rdiff -u -r1.1.1.15.2.1 -r1.1.1.15.2.2 \ xsrc/external/mit/libX11/dist/config.sub cvs rdiff -u -r1.1.1.14.2.1 -r1.1.1.14.2.2 \ xsrc/external/mit/libX11/dist/depcomp cvs rdiff -u -r1.1.1.13.2.1 -r1.1.1.13.2.2 \ xsrc/external/mit/libX11/dist/install-sh \ xsrc/external/mit/libX11/dist/missing cvs rdiff -u -r1.1.1.17.2.1 -r1.1.1.17.2.2 \ xsrc/external/mit/libX11/dist/ltmain.sh cvs rdiff -u -r1.1.1.25.2.1 -r1.1.1.25.2.2 \ xsrc/external/mit/libX11/dist/include/Makefile.in cvs rdiff -u -r1.12.2.1 -r1.12.2.2 \ xsrc/external/mit/libX11/dist/m4/libtool.m4 cvs rdiff -u -r1.6.2.1 -r1.6.2.2 \ xsrc/external/mit/libX11/dist/m4/ltoptions.m4 \ xsrc/external/mit/libX11/dist/m4/ltsugar.m4 \ xsrc/external/mit/libX11/dist/m4/ltversion.m4 \ xsrc/external/mit/libX11/dist/m4/lt~obsolete.m4 cvs rdiff -u -r1.1.1.24.2.1 -r1.1.1.24.2.2 \ xsrc/external/mit/libX11/dist/man/Makefile.in cvs rdiff -u -r1.1.1.5 -r1.1.1.5.2.1 \ xsrc/external/mit/libX11/dist/man/XSetScreenSaver.man cvs rdiff -u -r1.1.1.24.2.1 -r1.1.1.24.2.2 \ xsrc/external/mit/libX11/dist/man/xkb/Makefile.in cvs rdiff -u -r1.1.1.24.2.1 -r1.1.1.24.2.2 \ xsrc/external/mit/libX11/dist/modules/Makefile.in cvs rdiff -u -r1.1.1.24.2.1 -r1.1.1.24.2.2 \ xsrc/external/mit/libX11/dist/modules/im/Makefile.in cvs rdiff -u -r1.1.1.24.2.1
CVS commit: [netbsd-10] xsrc/external/mit/libX11/dist
Module Name:xsrc Committed By: snj Date: Tue Jun 20 23:40:56 UTC 2023 Modified Files: xsrc/external/mit/libX11/dist [netbsd-10]: ChangeLog Makefile.in README.md aclocal.m4 compile config.guess config.sub configure configure.ac depcomp install-sh ltmain.sh missing test-driver xsrc/external/mit/libX11/dist/include [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/m4 [netbsd-10]: libtool.m4 ltoptions.m4 ltsugar.m4 ltversion.m4 lt~obsolete.m4 xsrc/external/mit/libX11/dist/man [netbsd-10]: Makefile.in XSetScreenSaver.man xsrc/external/mit/libX11/dist/man/xkb [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/im [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/im/ximcp [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/lc [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/lc/Utf8 [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/lc/def [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/lc/gen [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/om [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/modules/om/generic [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/nls [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/nls/am_ET.UTF-8 [netbsd-10]: Compose.pre xsrc/external/mit/libX11/dist/nls/en_US.UTF-8 [netbsd-10]: Compose.pre xsrc/external/mit/libX11/dist/nls/pt_BR.UTF-8 [netbsd-10]: Compose.pre xsrc/external/mit/libX11/dist/specs [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/XIM [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/XKB [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/i18n [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/i18n/compose [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/i18n/framework [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/i18n/localedb [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/i18n/trans [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/specs/libX11 [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/src [netbsd-10]: InitExt.c Makefile.in config.h.in xsrc/external/mit/libX11/dist/src/util [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/src/xcms [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/src/xkb [netbsd-10]: Makefile.in xsrc/external/mit/libX11/dist/src/xlibi18n [netbsd-10]: Makefile.in Log Message: sync to head, requested by mrg in ticket #199: update to libX11 1.8.6. fixes CVE-2023-3138. To generate a diff of this commit: cvs rdiff -u -r1.1.1.27.2.4 -r1.1.1.27.2.5 \ xsrc/external/mit/libX11/dist/ChangeLog \ xsrc/external/mit/libX11/dist/configure \ xsrc/external/mit/libX11/dist/configure.ac cvs rdiff -u -r1.1.1.24.2.1 -r1.1.1.24.2.2 \ xsrc/external/mit/libX11/dist/Makefile.in cvs rdiff -u -r1.1.1.7.2.3 -r1.1.1.7.2.4 \ xsrc/external/mit/libX11/dist/README.md cvs rdiff -u -r1.1.1.23.2.4 -r1.1.1.23.2.5 \ xsrc/external/mit/libX11/dist/aclocal.m4 cvs rdiff -u -r1.1.1.11.2.1 -r1.1.1.11.2.2 \ xsrc/external/mit/libX11/dist/compile \ xsrc/external/mit/libX11/dist/test-driver cvs rdiff -u -r1.1.1.16.2.1 -r1.1.1.16.2.2 \ xsrc/external/mit/libX11/dist/config.guess cvs rdiff -u -r1.1.1.15.2.1 -r1.1.1.15.2.2 \ xsrc/external/mit/libX11/dist/config.sub cvs rdiff -u -r1.1.1.14.2.1 -r1.1.1.14.2.2 \ xsrc/external/mit/libX11/dist/depcomp cvs rdiff -u -r1.1.1.13.2.1 -r1.1.1.13.2.2 \ xsrc/external/mit/libX11/dist/install-sh \ xsrc/external/mit/libX11/dist/missing cvs rdiff -u -r1.1.1.17.2.1 -r1.1.1.17.2.2 \ xsrc/external/mit/libX11/dist/ltmain.sh cvs rdiff -u -r1.1.1.25.2.1 -r1.1.1.25.2.2 \ xsrc/external/mit/libX11/dist/include/Makefile.in cvs rdiff -u -r1.12.2.1 -r1.12.2.2 \ xsrc/external/mit/libX11/dist/m4/libtool.m4 cvs rdiff -u -r1.6.2.1 -r1.6.2.2 \ xsrc/external/mit/libX11/dist/m4/ltoptions.m4 \ xsrc/external/mit/libX11/dist/m4/ltsugar.m4 \ xsrc/external/mit/libX11/dist/m4/ltversion.m4 \ xsrc/external/mit/libX11/dist/m4/lt~obsolete.m4 cvs rdiff -u -r1.1.1.24.2.1 -r1.1.1.24.2.2 \ xsrc/external/mit/libX11/dist/man/Makefile.in cvs rdiff -u -r1.1.1.5 -r1.1.1.5.2.1 \ xsrc/external/mit/libX11/dist/man/XSetScreenSaver.man cvs rdiff -u -r1.1.1.24.2.1 -r1.1.1.24.2.2 \ xsrc/external/mit/libX11/dist/man/xkb/Makefile.in cvs rdiff -u -r1.1.1.24.2.1 -r1.1.1.24.2.2 \ xsrc/external/mit/libX11/dist/modules/Makefile.in cvs rdiff -u -r1.1.1.24.2.1 -r1.1.1.24.2.2 \ xsrc/external/mit/libX11/dist/modules/im/Makefile.in cvs rdiff -u -r1.1.1.24.2.1
CVS commit: src
Module Name:src
Committed By: wiz
Date: Tue Jun 20 23:09:14 UTC 2023
Modified Files:
src/distrib/sets/lists/comp: mi
src/lib/libedit: Makefile
Added Files:
src/lib/libedit: libedit.pc
Log Message:
install pkg-config file for libedit
version number matches portable libedit
--cflags output matches portable libedit, since users probably want the
readline interface
To generate a diff of this commit:
cvs rdiff -u -r1.2432 -r1.2433 src/distrib/sets/lists/comp/mi
cvs rdiff -u -r1.67 -r1.68 src/lib/libedit/Makefile
cvs rdiff -u -r0 -r1.1 src/lib/libedit/libedit.pc
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/distrib/sets/lists/comp/mi
diff -u src/distrib/sets/lists/comp/mi:1.2432 src/distrib/sets/lists/comp/mi:1.2433
--- src/distrib/sets/lists/comp/mi:1.2432 Fri Jun 16 22:18:02 2023
+++ src/distrib/sets/lists/comp/mi Tue Jun 20 23:09:13 2023
@@ -1,4 +1,4 @@
-# $NetBSD: mi,v 1.2432 2023/06/16 22:18:02 wiz Exp $
+# $NetBSD: mi,v 1.2433 2023/06/20 23:09:13 wiz Exp $
#
# Note: don't delete entries from here - mark them as "obsolete" instead.
./etc/mtree/set.compcomp-sys-root
@@ -4283,6 +4283,7 @@
./usr/lib/pkgconfig/kyua-testers.pc comp-kyua-lib kyua,share
./usr/lib/pkgconfig/libarchive.pc comp-c-lib share
./usr/lib/pkgconfig/libcrypto.pc comp-crypto-lib share
+./usr/lib/pkgconfig/libedit.pc comp-c-lib
./usr/lib/pkgconfig/libfido2.pc comp-c-lib share
./usr/lib/pkgconfig/liblzma.pc comp-c-lib share
./usr/lib/pkgconfig/libssl.pc comp-crypto-lib share
Index: src/lib/libedit/Makefile
diff -u src/lib/libedit/Makefile:1.67 src/lib/libedit/Makefile:1.68
--- src/lib/libedit/Makefile:1.67 Sat Jun 3 09:09:10 2023
+++ src/lib/libedit/Makefile Tue Jun 20 23:09:14 2023
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.67 2023/06/03 09:09:10 lukem Exp $
+# $NetBSD: Makefile,v 1.68 2023/06/20 23:09:14 wiz Exp $
# @(#)Makefile 8.1 (Berkeley) 6/4/93
USE_SHLIBDIR= yes
@@ -21,6 +21,12 @@ SRCS = chared.c chartype.c common.c el.c
MAN= editline.3 editrc.5 editline.7
+FILES+= libedit.pc
+FILESOWN_libedit.pc= ${BINOWN}
+FILESGRP_libedit.pc= ${BINGRP}
+FILESMODE_libedit.pc= ${NONBINMODE}
+FILESDIR_libedit.pc= /usr/lib/pkgconfig
+
MLINKS= \
editline.3 el_deletestr.3 \
editline.3 el_end.3 \
Added files:
Index: src/lib/libedit/libedit.pc
diff -u /dev/null src/lib/libedit/libedit.pc:1.1
--- /dev/null Tue Jun 20 23:09:14 2023
+++ src/lib/libedit/libedit.pc Tue Jun 20 23:09:14 2023
@@ -0,0 +1,12 @@
+prefix=/usr
+exec_prefix=${prefix}
+libdir=${exec_prefix}/lib
+includedir=${prefix}/include
+
+Name: libedit
+Description: command line editor library providing generic line editing, history, and tokenization functions.
+Version: 3.1
+Requires:
+Libs: -Wl,-R${libdir} -L${libdir} -ledit
+Libs.private: -ltermcap
+Cflags: -I${includedir} -I${includedir}/editline
CVS commit: src
Module Name:src Committed By: wiz Date: Tue Jun 20 23:09:14 UTC 2023 Modified Files: src/distrib/sets/lists/comp: mi src/lib/libedit: Makefile Added Files: src/lib/libedit: libedit.pc Log Message: install pkg-config file for libedit version number matches portable libedit --cflags output matches portable libedit, since users probably want the readline interface To generate a diff of this commit: cvs rdiff -u -r1.2432 -r1.2433 src/distrib/sets/lists/comp/mi cvs rdiff -u -r1.67 -r1.68 src/lib/libedit/Makefile cvs rdiff -u -r0 -r1.1 src/lib/libedit/libedit.pc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] xsrc/external/mit/libX11/dist/src
Module Name:xsrc
Committed By: snj
Date: Tue Jun 20 23:07:25 UTC 2023
Modified Files:
xsrc/external/mit/libX11/dist/src [netbsd-9]: InitExt.c
Log Message:
Apply patch (requested by mrg in ticket #1645):
InitExt.c: Add bounds checks for extension request, event, & error codes
Fixes CVE-2023-3138: X servers could return values from XQueryExtension
that would cause Xlib to write entries out-of-bounds of the arrays to
store them, though this would only overwrite other parts of the Display
struct, not outside the bounds allocated for that structure.
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.7 -r1.1.1.7.4.1 \
xsrc/external/mit/libX11/dist/src/InitExt.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: xsrc/external/mit/libX11/dist/src/InitExt.c
diff -u xsrc/external/mit/libX11/dist/src/InitExt.c:1.1.1.7 xsrc/external/mit/libX11/dist/src/InitExt.c:1.1.1.7.4.1
--- xsrc/external/mit/libX11/dist/src/InitExt.c:1.1.1.7 Sun Jul 19 08:08:36 2015
+++ xsrc/external/mit/libX11/dist/src/InitExt.c Tue Jun 20 23:07:24 2023
@@ -33,6 +33,18 @@ from The Open Group.
#include
#include
+/* The X11 protocol spec reserves events 64 through 127 for extensions */
+#ifndef LastExtensionEvent
+#define LastExtensionEvent 127
+#endif
+
+/* The X11 protocol spec reserves requests 128 through 255 for extensions */
+#ifndef LastExtensionRequest
+#define FirstExtensionRequest 128
+#define LastExtensionRequest 255
+#endif
+
+
/*
* This routine is used to link a extension in so it will be called
* at appropriate times.
@@ -242,6 +254,12 @@ WireToEventType XESetWireToEvent(
WireToEventType proc) /* routine to call when converting event */
{
register WireToEventType oldproc;
+ if (event_number < 0 ||
+ event_number > LastExtensionEvent) {
+ fprintf(stderr, "Xlib: ignoring invalid extension event %d\n",
+ event_number);
+ return (WireToEventType)_XUnknownWireEvent;
+ }
if (proc == NULL) proc = (WireToEventType)_XUnknownWireEvent;
LockDisplay (dpy);
oldproc = dpy->event_vec[event_number];
@@ -263,6 +281,12 @@ WireToEventCookieType XESetWireToEventCo
)
{
WireToEventCookieType oldproc;
+ if (extension < FirstExtensionRequest ||
+ extension > LastExtensionRequest) {
+ fprintf(stderr, "Xlib: ignoring invalid extension opcode %d\n",
+ extension);
+ return (WireToEventCookieType)_XUnknownWireEventCookie;
+ }
if (proc == NULL) proc = (WireToEventCookieType)_XUnknownWireEventCookie;
LockDisplay (dpy);
oldproc = dpy->generic_event_vec[extension & 0x7F];
@@ -284,6 +308,12 @@ CopyEventCookieType XESetCopyEventCookie
)
{
CopyEventCookieType oldproc;
+ if (extension < FirstExtensionRequest ||
+ extension > LastExtensionRequest) {
+ fprintf(stderr, "Xlib: ignoring invalid extension opcode %d\n",
+ extension);
+ return (CopyEventCookieType)_XUnknownCopyEventCookie;
+ }
if (proc == NULL) proc = (CopyEventCookieType)_XUnknownCopyEventCookie;
LockDisplay (dpy);
oldproc = dpy->generic_event_copy_vec[extension & 0x7F];
@@ -305,6 +335,12 @@ EventToWireType XESetEventToWire(
EventToWireType proc) /* routine to call when converting event */
{
register EventToWireType oldproc;
+ if (event_number < 0 ||
+ event_number > LastExtensionEvent) {
+ fprintf(stderr, "Xlib: ignoring invalid extension event %d\n",
+ event_number);
+ return (EventToWireType)_XUnknownNativeEvent;
+ }
if (proc == NULL) proc = (EventToWireType) _XUnknownNativeEvent;
LockDisplay (dpy);
oldproc = dpy->wire_vec[event_number];
@@ -325,6 +361,12 @@ WireToErrorType XESetWireToError(
WireToErrorType proc) /* routine to call when converting error */
{
register WireToErrorType oldproc = NULL;
+ if (error_number < 0 ||
+ error_number > LastExtensionError) {
+ fprintf(stderr, "Xlib: ignoring invalid extension error %d\n",
+ error_number);
+ return (WireToErrorType)_XDefaultWireError;
+ }
if (proc == NULL) proc = (WireToErrorType)_XDefaultWireError;
LockDisplay (dpy);
if (!dpy->error_vec) {
CVS commit: [netbsd-9] xsrc/external/mit/libX11/dist/src
Module Name:xsrc Committed By: snj Date: Tue Jun 20 23:07:25 UTC 2023 Modified Files: xsrc/external/mit/libX11/dist/src [netbsd-9]: InitExt.c Log Message: Apply patch (requested by mrg in ticket #1645): InitExt.c: Add bounds checks for extension request, event, & error codes Fixes CVE-2023-3138: X servers could return values from XQueryExtension that would cause Xlib to write entries out-of-bounds of the arrays to store them, though this would only overwrite other parts of the Display struct, not outside the bounds allocated for that structure. To generate a diff of this commit: cvs rdiff -u -r1.1.1.7 -r1.1.1.7.4.1 \ xsrc/external/mit/libX11/dist/src/InitExt.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] src/doc
Module Name:src Committed By: snj Date: Tue Jun 20 23:03:39 UTC 2023 Modified Files: src/doc [netbsd-8]: CHANGES-8.3 Log Message: 1826 To generate a diff of this commit: cvs rdiff -u -r1.1.2.176 -r1.1.2.177 src/doc/CHANGES-8.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-8.3 diff -u src/doc/CHANGES-8.3:1.1.2.176 src/doc/CHANGES-8.3:1.1.2.177 --- src/doc/CHANGES-8.3:1.1.2.176 Thu Jun 8 11:20:02 2023 +++ src/doc/CHANGES-8.3 Tue Jun 20 23:03:39 2023 @@ -1,4 +1,4 @@ - $NetBSD: CHANGES-8.3,v 1.1.2.176 2023/06/08 11:20:02 martin Exp $ + $NetBSD: CHANGES-8.3,v 1.1.2.177 2023/06/20 23:03:39 snj Exp $ A complete list of changes from the NetBSD 8.2 release to the NetBSD 8.3 release: @@ -3329,3 +3329,9 @@ sys/net/route.c 1.237 to avoid use-after-free of deleted routes. [ozaki-r, ticket #1824] +xsrc/external/mit/libX11/dist/src/InitExt.c patch + + Add bounds checks for extension request, event, & error codes. + Fixes CVE-2023-3138. + [mrg, ticket #1826] +
CVS commit: [netbsd-8] src/doc
Module Name:src Committed By: snj Date: Tue Jun 20 23:03:39 UTC 2023 Modified Files: src/doc [netbsd-8]: CHANGES-8.3 Log Message: 1826 To generate a diff of this commit: cvs rdiff -u -r1.1.2.176 -r1.1.2.177 src/doc/CHANGES-8.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] xsrc/external/mit/libX11/dist/src
Module Name:xsrc Committed By: snj Date: Tue Jun 20 23:00:39 UTC 2023 Modified Files: xsrc/external/mit/libX11/dist/src [netbsd-8]: InitExt.c Log Message: Apply patch (requested by mrg in ticket #1826): InitExt.c: Add bounds checks for extension request, event, & error codes Fixes CVE-2023-3138: X servers could return values from XQueryExtension that would cause Xlib to write entries out-of-bounds of the arrays to store them, though this would only overwrite other parts of the Display struct, not outside the bounds allocated for that structure. To generate a diff of this commit: cvs rdiff -u -r1.1.1.7 -r1.1.1.7.2.1 \ xsrc/external/mit/libX11/dist/src/InitExt.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] xsrc/external/mit/libX11/dist/src
Module Name:xsrc
Committed By: snj
Date: Tue Jun 20 23:00:39 UTC 2023
Modified Files:
xsrc/external/mit/libX11/dist/src [netbsd-8]: InitExt.c
Log Message:
Apply patch (requested by mrg in ticket #1826):
InitExt.c: Add bounds checks for extension request, event, & error codes
Fixes CVE-2023-3138: X servers could return values from XQueryExtension
that would cause Xlib to write entries out-of-bounds of the arrays to
store them, though this would only overwrite other parts of the Display
struct, not outside the bounds allocated for that structure.
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.7 -r1.1.1.7.2.1 \
xsrc/external/mit/libX11/dist/src/InitExt.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: xsrc/external/mit/libX11/dist/src/InitExt.c
diff -u xsrc/external/mit/libX11/dist/src/InitExt.c:1.1.1.7 xsrc/external/mit/libX11/dist/src/InitExt.c:1.1.1.7.2.1
--- xsrc/external/mit/libX11/dist/src/InitExt.c:1.1.1.7 Sun Jul 19 08:08:36 2015
+++ xsrc/external/mit/libX11/dist/src/InitExt.c Tue Jun 20 23:00:39 2023
@@ -33,6 +33,18 @@ from The Open Group.
#include
#include
+/* The X11 protocol spec reserves events 64 through 127 for extensions */
+#ifndef LastExtensionEvent
+#define LastExtensionEvent 127
+#endif
+
+/* The X11 protocol spec reserves requests 128 through 255 for extensions */
+#ifndef LastExtensionRequest
+#define FirstExtensionRequest 128
+#define LastExtensionRequest 255
+#endif
+
+
/*
* This routine is used to link a extension in so it will be called
* at appropriate times.
@@ -242,6 +254,12 @@ WireToEventType XESetWireToEvent(
WireToEventType proc) /* routine to call when converting event */
{
register WireToEventType oldproc;
+ if (event_number < 0 ||
+ event_number > LastExtensionEvent) {
+ fprintf(stderr, "Xlib: ignoring invalid extension event %d\n",
+ event_number);
+ return (WireToEventType)_XUnknownWireEvent;
+ }
if (proc == NULL) proc = (WireToEventType)_XUnknownWireEvent;
LockDisplay (dpy);
oldproc = dpy->event_vec[event_number];
@@ -263,6 +281,12 @@ WireToEventCookieType XESetWireToEventCo
)
{
WireToEventCookieType oldproc;
+ if (extension < FirstExtensionRequest ||
+ extension > LastExtensionRequest) {
+ fprintf(stderr, "Xlib: ignoring invalid extension opcode %d\n",
+ extension);
+ return (WireToEventCookieType)_XUnknownWireEventCookie;
+ }
if (proc == NULL) proc = (WireToEventCookieType)_XUnknownWireEventCookie;
LockDisplay (dpy);
oldproc = dpy->generic_event_vec[extension & 0x7F];
@@ -284,6 +308,12 @@ CopyEventCookieType XESetCopyEventCookie
)
{
CopyEventCookieType oldproc;
+ if (extension < FirstExtensionRequest ||
+ extension > LastExtensionRequest) {
+ fprintf(stderr, "Xlib: ignoring invalid extension opcode %d\n",
+ extension);
+ return (CopyEventCookieType)_XUnknownCopyEventCookie;
+ }
if (proc == NULL) proc = (CopyEventCookieType)_XUnknownCopyEventCookie;
LockDisplay (dpy);
oldproc = dpy->generic_event_copy_vec[extension & 0x7F];
@@ -305,6 +335,12 @@ EventToWireType XESetEventToWire(
EventToWireType proc) /* routine to call when converting event */
{
register EventToWireType oldproc;
+ if (event_number < 0 ||
+ event_number > LastExtensionEvent) {
+ fprintf(stderr, "Xlib: ignoring invalid extension event %d\n",
+ event_number);
+ return (EventToWireType)_XUnknownNativeEvent;
+ }
if (proc == NULL) proc = (EventToWireType) _XUnknownNativeEvent;
LockDisplay (dpy);
oldproc = dpy->wire_vec[event_number];
@@ -325,6 +361,12 @@ WireToErrorType XESetWireToError(
WireToErrorType proc) /* routine to call when converting error */
{
register WireToErrorType oldproc = NULL;
+ if (error_number < 0 ||
+ error_number > LastExtensionError) {
+ fprintf(stderr, "Xlib: ignoring invalid extension error %d\n",
+ error_number);
+ return (WireToErrorType)_XDefaultWireError;
+ }
if (proc == NULL) proc = (WireToErrorType)_XDefaultWireError;
LockDisplay (dpy);
if (!dpy->error_vec) {
CVS commit: src/lib/libpam/modules/pam_krb5
Module Name:src Committed By: riastradh Date: Tue Jun 20 22:17:18 UTC 2023 Modified Files: src/lib/libpam/modules/pam_krb5: pam_krb5.8 pam_krb5.c Log Message: pam_krb5: Refuse to operate without a key to verify tickets. New allow_kdc_spoof overrides this to restore previous behaviour which was vulnerable to KDC spoofing, because without a host or service key, pam_krb5 can't distinguish the legitimate KDC from a spoofed one. This way, having pam_krb5 enabled isn't dangerous even if you create an empty /etc/krb5.conf to use client SSO without any host services. Perhaps this should use krb5_verify_init_creds(3) instead, and thereby respect the rather obscurely named krb5.conf option verify_ap_req_nofail like the Linux pam_krb5 does, but: - verify_ap_req_nofail is default-off (i.e., vulnerable by default), - changing verify_ap_req_nofail to default-on would probably affect more things and therefore be riskier, - allow_kdc_spoof is a much clearer way to spell the idea, - this patch is a smaller semantic change and thus less risky, and - a security change with compatibility issues shouldn't have a workaround that might introduce potentially worse security issues or more compatibility issues. Perhaps this should use krb5_verify_user(3) with secure=1 instead, for simplicity, but it's not clear how to do that without first prompting for the password -- which we shouldn't do at all if we later decide we won't be able to use it anyway -- and without repeating a bunch of the logic here anyway to pick the service name. References about verify_ap_req_nofail: - mit-krb5 discussion about verify_ap_req_nofail: https://mailman.mit.edu/pipermail/krbdev/2011-January/009778.html - Oracle has the default-secure setting in their krb5 system: https://docs.oracle.com/cd/E26505_01/html/E27224/setup-148.html https://docs.oracle.com/cd/E26505_01/html/816-5174/krb5.conf-4.html#REFMAN4krb5.conf-4 https://docs.oracle.com/cd/E19253-01/816-4557/gihyu/ - Heimdal issue on verify_ap_req_nofail default: https://github.com/heimdal/heimdal/issues/1129 To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/lib/libpam/modules/pam_krb5/pam_krb5.8 cvs rdiff -u -r1.30 -r1.31 src/lib/libpam/modules/pam_krb5/pam_krb5.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/lib/libpam/modules/pam_ksu
Module Name:src
Committed By: riastradh
Date: Tue Jun 20 22:17:09 UTC 2023
Modified Files:
src/lib/libpam/modules/pam_ksu: pam_ksu.c
Log Message:
pam_ksu: No need for homedir access.
To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 src/lib/libpam/modules/pam_ksu/pam_ksu.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/lib/libpam/modules/pam_ksu/pam_ksu.c
diff -u src/lib/libpam/modules/pam_ksu/pam_ksu.c:1.9 src/lib/libpam/modules/pam_ksu/pam_ksu.c:1.10
--- src/lib/libpam/modules/pam_ksu/pam_ksu.c:1.9 Thu Feb 27 18:09:38 2014
+++ src/lib/libpam/modules/pam_ksu/pam_ksu.c Tue Jun 20 22:17:09 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: pam_ksu.c,v 1.9 2014/02/27 18:09:38 joerg Exp $ */
+/* $NetBSD: pam_ksu.c,v 1.10 2023/06/20 22:17:09 riastradh Exp $ */
/*-
* Copyright (c) 2002 Jacques A. Vidrine
@@ -29,7 +29,7 @@
#ifdef __FreeBSD__
__FBSDID("$FreeBSD: src/lib/libpam/modules/pam_ksu/pam_ksu.c,v 1.5 2004/02/10 10:13:21 des Exp $");
#else
-__RCSID("$NetBSD: pam_ksu.c,v 1.9 2014/02/27 18:09:38 joerg Exp $");
+__RCSID("$NetBSD: pam_ksu.c,v 1.10 2023/06/20 22:17:09 riastradh Exp $");
#endif
#include
@@ -62,6 +62,7 @@ PAM_EXTERN int
pam_sm_authenticate(pam_handle_t *pamh, int flags __unused,
int argc __unused, const char *argv[] __unused)
{
+ krb5_boolean allow_homedir;
krb5_context context;
krb5_principal su_principal;
const char *user;
@@ -78,20 +79,25 @@ pam_sm_authenticate(pam_handle_t *pamh,
if (pamret != PAM_SUCCESS)
return (pamret);
PAM_LOG("Got ruser: %s", (const char *)ruser);
+ allow_homedir = krb5_set_home_dir_access(NULL, FALSE);
rv = krb5_init_context();
if (rv != 0) {
log_krb5(context, rv, "krb5_init_context failed");
- return (PAM_SERVICE_ERR);
+ pamret = PAM_SERVICE_ERR;
+ goto out;
}
rv = get_su_principal(context, user, ruser, _principal_name, _principal);
- if (rv != 0)
- return (PAM_AUTH_ERR);
+ if (rv != 0) {
+ pamret = PAM_AUTH_ERR;
+ goto out;
+ }
PAM_LOG("kuserok: %s -> %s", su_principal_name, user);
rv = krb5_kuserok(context, su_principal, user);
pamret = rv ? auth_krb5(pamh, context, su_principal_name, su_principal) : PAM_AUTH_ERR;
free(su_principal_name);
krb5_free_principal(context, su_principal);
krb5_free_context(context);
+out: (void)krb5_set_home_dir_access(NULL, allow_homedir);
return (pamret);
}
CVS commit: src/lib/libpam/modules/pam_krb5
Module Name:src
Committed By: riastradh
Date: Tue Jun 20 22:17:18 UTC 2023
Modified Files:
src/lib/libpam/modules/pam_krb5: pam_krb5.8 pam_krb5.c
Log Message:
pam_krb5: Refuse to operate without a key to verify tickets.
New allow_kdc_spoof overrides this to restore previous behaviour
which was vulnerable to KDC spoofing, because without a host or
service key, pam_krb5 can't distinguish the legitimate KDC from a
spoofed one.
This way, having pam_krb5 enabled isn't dangerous even if you create
an empty /etc/krb5.conf to use client SSO without any host services.
Perhaps this should use krb5_verify_init_creds(3) instead, and
thereby respect the rather obscurely named krb5.conf option
verify_ap_req_nofail like the Linux pam_krb5 does, but:
- verify_ap_req_nofail is default-off (i.e., vulnerable by default),
- changing verify_ap_req_nofail to default-on would probably affect
more things and therefore be riskier,
- allow_kdc_spoof is a much clearer way to spell the idea,
- this patch is a smaller semantic change and thus less risky, and
- a security change with compatibility issues shouldn't have a
workaround that might introduce potentially worse security issues
or more compatibility issues.
Perhaps this should use krb5_verify_user(3) with secure=1 instead,
for simplicity, but it's not clear how to do that without first
prompting for the password -- which we shouldn't do at all if we
later decide we won't be able to use it anyway -- and without
repeating a bunch of the logic here anyway to pick the service name.
References about verify_ap_req_nofail:
- mit-krb5 discussion about verify_ap_req_nofail:
https://mailman.mit.edu/pipermail/krbdev/2011-January/009778.html
- Oracle has the default-secure setting in their krb5 system:
https://docs.oracle.com/cd/E26505_01/html/E27224/setup-148.html
https://docs.oracle.com/cd/E26505_01/html/816-5174/krb5.conf-4.html#REFMAN4krb5.conf-4
https://docs.oracle.com/cd/E19253-01/816-4557/gihyu/
- Heimdal issue on verify_ap_req_nofail default:
https://github.com/heimdal/heimdal/issues/1129
To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 src/lib/libpam/modules/pam_krb5/pam_krb5.8
cvs rdiff -u -r1.30 -r1.31 src/lib/libpam/modules/pam_krb5/pam_krb5.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/lib/libpam/modules/pam_krb5/pam_krb5.8
diff -u src/lib/libpam/modules/pam_krb5/pam_krb5.8:1.12 src/lib/libpam/modules/pam_krb5/pam_krb5.8:1.13
--- src/lib/libpam/modules/pam_krb5/pam_krb5.8:1.12 Mon Jul 3 21:32:51 2017
+++ src/lib/libpam/modules/pam_krb5/pam_krb5.8 Tue Jun 20 22:17:18 2023
@@ -1,4 +1,4 @@
-.\" $NetBSD: pam_krb5.8,v 1.12 2017/07/03 21:32:51 wiz Exp $
+.\" $NetBSD: pam_krb5.8,v 1.13 2023/06/20 22:17:18 riastradh Exp $
.\" $FreeBSD: src/lib/libpam/modules/pam_krb5/pam_krb5.8,v 1.6 2001/11/24 23:41:32 dd Exp $
.\"
.\" Copyright (c) Frank Cusack, 1999-2001. All rights reserved.
@@ -142,6 +142,21 @@ and
.Ql %p ,
to designate the current process ID; can be used in
.Ar name .
+.It Cm allow_kdc_spoof
+Allow
+.Nm
+to succeed even if there is no host or service key available in a
+keytab to authenticate the Kerberos KDC's ticket.
+If there is no such key, for example on a host with no keytabs,
+.Nm
+will fail immediately without prompting the user.
+.Pp
+.Sy Warning :
+If the host has not been configured with a keytab from the KDC, setting
+this option makes it vulnerable to malicious KDCs, e.g. via DNS
+flooding, because
+.Nm
+has no way to distinguish the legitimate KDC from a spoofed KDC.
.El
.Ss Kerberos 5 Account Management Module
The Kerberos 5 account management component
Index: src/lib/libpam/modules/pam_krb5/pam_krb5.c
diff -u src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.30 src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.31
--- src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.30 Sun Jan 16 10:52:18 2022
+++ src/lib/libpam/modules/pam_krb5/pam_krb5.c Tue Jun 20 22:17:18 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: pam_krb5.c,v 1.30 2022/01/16 10:52:18 rillig Exp $ */
+/* $NetBSD: pam_krb5.c,v 1.31 2023/06/20 22:17:18 riastradh Exp $ */
/*-
* This pam_krb5 module contains code that is:
@@ -53,7 +53,7 @@
#ifdef __FreeBSD__
__FBSDID("$FreeBSD: src/lib/libpam/modules/pam_krb5/pam_krb5.c,v 1.22 2005/01/24 16:49:50 rwatson Exp $");
#else
-__RCSID("$NetBSD: pam_krb5.c,v 1.30 2022/01/16 10:52:18 rillig Exp $");
+__RCSID("$NetBSD: pam_krb5.c,v 1.31 2023/06/20 22:17:18 riastradh Exp $");
#endif
#include
@@ -85,7 +85,12 @@ __RCSID("$NetBSD: pam_krb5.c,v 1.30 2022
static void log_krb5(krb5_context, krb5_error_code, struct syslog_data *,
const char *, ...) __printflike(4, 5);
-static int verify_krb_v5_tgt(krb5_context, krb5_ccache, char *, int);
+static int verify_krb_v5_tgt_begin(krb5_context, char *, int,
+const char **, krb5_principal *, char[static BUFSIZ], struct syslog_data *);
+static int
CVS commit: src/lib/libpam/modules/pam_ksu
Module Name:src Committed By: riastradh Date: Tue Jun 20 22:17:09 UTC 2023 Modified Files: src/lib/libpam/modules/pam_ksu: pam_ksu.c Log Message: pam_ksu: No need for homedir access. To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 src/lib/libpam/modules/pam_ksu/pam_ksu.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/pam.d
Module Name:src Committed By: riastradh Date: Tue Jun 20 22:00:00 UTC 2023 Modified Files: src/etc/pam.d: display_manager ftpd sshd su system Log Message: pam: Disable pam_krb5, pam_ksu by default. These are not useful unless you also set up /etc/krb5.conf and a keytab for the host from the Kerberos KDC. But having them enabled by default means that creating /etc/krb5.conf just to enable use of Kerberos for _client-side_ single sign-on creates usability issues. As proposed on tech-security: https://mail-index.netbsd.org/tech-security/2023/06/16/msg001160.html To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/etc/pam.d/display_manager cvs rdiff -u -r1.7 -r1.8 src/etc/pam.d/ftpd cvs rdiff -u -r1.9 -r1.10 src/etc/pam.d/sshd cvs rdiff -u -r1.8 -r1.9 src/etc/pam.d/su src/etc/pam.d/system Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/etc/pam.d/display_manager diff -u src/etc/pam.d/display_manager:1.5 src/etc/pam.d/display_manager:1.6 --- src/etc/pam.d/display_manager:1.5 Sat Nov 13 19:19:40 2010 +++ src/etc/pam.d/display_manager Tue Jun 20 22:00:00 2023 @@ -1,4 +1,4 @@ -# $NetBSD: display_manager,v 1.5 2010/11/13 19:19:40 christos Exp $ +# $NetBSD: display_manager,v 1.6 2023/06/20 22:00:00 riastradh Exp $ # # PAM configuration for the display manager services. Specific display # manager service configurations can include this one. @@ -7,14 +7,14 @@ # auth auth required pam_nologin.so no_warn auth sufficient pam_skey.so no_warn try_first_pass -auth sufficient pam_krb5.so no_warn try_first_pass +#auth sufficient pam_krb5.so no_warn try_first_pass auth optional pam_afslog.so no_warn try_first_pass # pam_ssh has potential security risks. See pam_ssh(8). #auth sufficient pam_ssh.so no_warn try_first_pass auth required pam_unix.so no_warn try_first_pass # account -account required pam_krb5.so +#account required pam_krb5.so account required pam_unix.so # session Index: src/etc/pam.d/ftpd diff -u src/etc/pam.d/ftpd:1.7 src/etc/pam.d/ftpd:1.8 --- src/etc/pam.d/ftpd:1.7 Wed Mar 26 11:31:17 2008 +++ src/etc/pam.d/ftpd Tue Jun 20 22:00:00 2023 @@ -1,4 +1,4 @@ -# $NetBSD: ftpd,v 1.7 2008/03/26 11:31:17 lukem Exp $ +# $NetBSD: ftpd,v 1.8 2023/06/20 22:00:00 riastradh Exp $ # # PAM configuration for the "ftpd" service # @@ -8,14 +8,14 @@ # pam_unix. auth required pam_nologin.so no_warn auth sufficient pam_skey.so no_warn try_first_pass -auth sufficient pam_krb5.so no_warn try_first_pass +#auth sufficient pam_krb5.so no_warn try_first_pass auth optional pam_afslog.so no_warn try_first_pass auth required pam_unix.so no_warn try_first_pass # account # Even though this is identical to "system", we open code it here because # we open code the auth stack. -account required pam_krb5.so +#account required pam_krb5.so account required pam_unix.so # session Index: src/etc/pam.d/sshd diff -u src/etc/pam.d/sshd:1.9 src/etc/pam.d/sshd:1.10 --- src/etc/pam.d/sshd:1.9 Wed Mar 26 11:31:17 2008 +++ src/etc/pam.d/sshd Tue Jun 20 22:00:00 2023 @@ -1,4 +1,4 @@ -# $NetBSD: sshd,v 1.9 2008/03/26 11:31:17 lukem Exp $ +# $NetBSD: sshd,v 1.10 2023/06/20 22:00:00 riastradh Exp $ # # PAM configuration for the "sshd" service # @@ -6,14 +6,14 @@ # auth auth required pam_nologin.so no_warn auth sufficient pam_skey.so no_warn try_first_pass -auth sufficient pam_krb5.so no_warn try_first_pass +#auth sufficient pam_krb5.so no_warn try_first_pass auth optional pam_afslog.so no_warn try_first_pass # pam_ssh has potential security risks. See pam_ssh(8). #auth sufficient pam_ssh.so no_warn try_first_pass auth required pam_unix.so no_warn try_first_pass # account -account required pam_krb5.so +#account required pam_krb5.so account required pam_login_access.so account required pam_unix.so @@ -23,5 +23,5 @@ account required pam_unix.so session required pam_permit.so # password -password sufficient pam_krb5.so no_warn try_first_pass +#password sufficient pam_krb5.so no_warn try_first_pass password required pam_unix.so no_warn try_first_pass Index: src/etc/pam.d/su diff -u src/etc/pam.d/su:1.8 src/etc/pam.d/su:1.9 --- src/etc/pam.d/su:1.8 Tue Mar 3 00:47:33 2020 +++ src/etc/pam.d/su Tue Jun 20 22:00:00 2023 @@ -1,4 +1,4 @@ -# $NetBSD: su,v 1.8 2020/03/03 00:47:33 christos Exp $ +# $NetBSD: su,v 1.9 2023/06/20 22:00:00 riastradh Exp $ # # PAM configuration for the "su" service # @@ -8,7 +8,7 @@ auth sufficient pam_rootok.so no_warn auth sufficient pam_self.so no_warn auth sufficient pam_skey.so no_warn try_first_pass #auth sufficient pam_u2f.so authfile=/etc/u2f_mappings cue -auth sufficient pam_ksu.so no_warn try_first_pass +#auth sufficient pam_ksu.so no_warn try_first_pass #auth sufficient pam_group.so no_warn group=rootauth root_only authenticate auth requisite pam_group.so no_warn group=wheel
CVS commit: src/etc/pam.d
Module Name:src Committed By: riastradh Date: Tue Jun 20 22:00:00 UTC 2023 Modified Files: src/etc/pam.d: display_manager ftpd sshd su system Log Message: pam: Disable pam_krb5, pam_ksu by default. These are not useful unless you also set up /etc/krb5.conf and a keytab for the host from the Kerberos KDC. But having them enabled by default means that creating /etc/krb5.conf just to enable use of Kerberos for _client-side_ single sign-on creates usability issues. As proposed on tech-security: https://mail-index.netbsd.org/tech-security/2023/06/16/msg001160.html To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/etc/pam.d/display_manager cvs rdiff -u -r1.7 -r1.8 src/etc/pam.d/ftpd cvs rdiff -u -r1.9 -r1.10 src/etc/pam.d/sshd cvs rdiff -u -r1.8 -r1.9 src/etc/pam.d/su src/etc/pam.d/system Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/heimdal
Module Name:src Committed By: christos Date: Tue Jun 20 17:23:05 UTC 2023 Modified Files: src/crypto/external/bsd/heimdal: Makefile.inc src/crypto/external/bsd/heimdal/bin: Makefile.inc src/crypto/external/bsd/heimdal/bin/gsstool: Makefile src/crypto/external/bsd/heimdal/bin/hxtool: Makefile src/crypto/external/bsd/heimdal/bin/kcc: Makefile src/crypto/external/bsd/heimdal/bin/kdestroy: Makefile src/crypto/external/bsd/heimdal/bin/kgetcred: Makefile src/crypto/external/bsd/heimdal/bin/kinit: Makefile src/crypto/external/bsd/heimdal/bin/kpasswd: Makefile src/crypto/external/bsd/heimdal/bin/kvno: Makefile src/crypto/external/bsd/heimdal/bin/string2key: Makefile src/crypto/external/bsd/heimdal/bin/verify_krb5_conf: Makefile src/crypto/external/bsd/heimdal/lib/libkrb5: Makefile src/crypto/external/bsd/heimdal/lib/libvers: Makefile src/crypto/external/bsd/heimdal/libexec: Makefile.inc src/crypto/external/bsd/heimdal/libexec/digest-service: Makefile src/crypto/external/bsd/heimdal/libexec/hpropd: Makefile src/crypto/external/bsd/heimdal/libexec/ipropd-master: Makefile src/crypto/external/bsd/heimdal/libexec/ipropd-slave: Makefile src/crypto/external/bsd/heimdal/libexec/kadmind: Makefile src/crypto/external/bsd/heimdal/libexec/kpasswdd: Makefile src/crypto/external/bsd/heimdal/sbin: Makefile.inc src/crypto/external/bsd/heimdal/sbin/hprop: Makefile src/crypto/external/bsd/heimdal/sbin/iprop-log: Makefile src/crypto/external/bsd/heimdal/sbin/kadmin: Makefile src/crypto/external/bsd/heimdal/sbin/kcm: Makefile src/crypto/external/bsd/heimdal/sbin/kdc: Makefile src/crypto/external/bsd/heimdal/sbin/kdigest: Makefile src/crypto/external/bsd/heimdal/sbin/kimpersonate: Makefile src/crypto/external/bsd/heimdal/sbin/kstash: Makefile src/crypto/external/bsd/heimdal/sbin/ktutil: Makefile Log Message: Use PROGDPLIBS instead of LDADD/DPADD; remove ui.c kludges To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/heimdal/Makefile.inc cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/heimdal/bin/Makefile.inc cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/heimdal/bin/gsstool/Makefile cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/heimdal/bin/hxtool/Makefile cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/heimdal/bin/kcc/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/bin/kdestroy/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/bin/kgetcred/Makefile cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/bin/kinit/Makefile cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/bin/kpasswd/Makefile cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/heimdal/bin/kvno/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/bin/string2key/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/bin/verify_krb5_conf/Makefile cvs rdiff -u -r1.14 -r1.15 \ src/crypto/external/bsd/heimdal/lib/libkrb5/Makefile cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/heimdal/lib/libvers/Makefile cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/heimdal/libexec/Makefile.inc cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/libexec/digest-service/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/libexec/hpropd/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/libexec/ipropd-master/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/libexec/ipropd-slave/Makefile cvs rdiff -u -r1.5 -r1.6 \ src/crypto/external/bsd/heimdal/libexec/kadmind/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/libexec/kpasswdd/Makefile cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/heimdal/sbin/Makefile.inc cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/sbin/hprop/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/sbin/iprop-log/Makefile cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/heimdal/sbin/kadmin/Makefile cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/sbin/kcm/Makefile cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/sbin/kdc/Makefile cvs rdiff -u -r1.4 -r1.5 \ src/crypto/external/bsd/heimdal/sbin/kdigest/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/sbin/kimpersonate/Makefile cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/sbin/kstash/Makefile cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/heimdal/sbin/ktutil/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/heimdal/Makefile.inc diff -u src/crypto/external/bsd/heimdal/Makefile.inc:1.6 src/crypto/external/bsd/heimdal/Makefile.inc:1.7
CVS commit: src/crypto/external/bsd/heimdal
Module Name:src Committed By: christos Date: Tue Jun 20 17:23:05 UTC 2023 Modified Files: src/crypto/external/bsd/heimdal: Makefile.inc src/crypto/external/bsd/heimdal/bin: Makefile.inc src/crypto/external/bsd/heimdal/bin/gsstool: Makefile src/crypto/external/bsd/heimdal/bin/hxtool: Makefile src/crypto/external/bsd/heimdal/bin/kcc: Makefile src/crypto/external/bsd/heimdal/bin/kdestroy: Makefile src/crypto/external/bsd/heimdal/bin/kgetcred: Makefile src/crypto/external/bsd/heimdal/bin/kinit: Makefile src/crypto/external/bsd/heimdal/bin/kpasswd: Makefile src/crypto/external/bsd/heimdal/bin/kvno: Makefile src/crypto/external/bsd/heimdal/bin/string2key: Makefile src/crypto/external/bsd/heimdal/bin/verify_krb5_conf: Makefile src/crypto/external/bsd/heimdal/lib/libkrb5: Makefile src/crypto/external/bsd/heimdal/lib/libvers: Makefile src/crypto/external/bsd/heimdal/libexec: Makefile.inc src/crypto/external/bsd/heimdal/libexec/digest-service: Makefile src/crypto/external/bsd/heimdal/libexec/hpropd: Makefile src/crypto/external/bsd/heimdal/libexec/ipropd-master: Makefile src/crypto/external/bsd/heimdal/libexec/ipropd-slave: Makefile src/crypto/external/bsd/heimdal/libexec/kadmind: Makefile src/crypto/external/bsd/heimdal/libexec/kpasswdd: Makefile src/crypto/external/bsd/heimdal/sbin: Makefile.inc src/crypto/external/bsd/heimdal/sbin/hprop: Makefile src/crypto/external/bsd/heimdal/sbin/iprop-log: Makefile src/crypto/external/bsd/heimdal/sbin/kadmin: Makefile src/crypto/external/bsd/heimdal/sbin/kcm: Makefile src/crypto/external/bsd/heimdal/sbin/kdc: Makefile src/crypto/external/bsd/heimdal/sbin/kdigest: Makefile src/crypto/external/bsd/heimdal/sbin/kimpersonate: Makefile src/crypto/external/bsd/heimdal/sbin/kstash: Makefile src/crypto/external/bsd/heimdal/sbin/ktutil: Makefile Log Message: Use PROGDPLIBS instead of LDADD/DPADD; remove ui.c kludges To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/heimdal/Makefile.inc cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/heimdal/bin/Makefile.inc cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/heimdal/bin/gsstool/Makefile cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/heimdal/bin/hxtool/Makefile cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/heimdal/bin/kcc/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/bin/kdestroy/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/bin/kgetcred/Makefile cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/bin/kinit/Makefile cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/bin/kpasswd/Makefile cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/heimdal/bin/kvno/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/bin/string2key/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/bin/verify_krb5_conf/Makefile cvs rdiff -u -r1.14 -r1.15 \ src/crypto/external/bsd/heimdal/lib/libkrb5/Makefile cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/heimdal/lib/libvers/Makefile cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/heimdal/libexec/Makefile.inc cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/libexec/digest-service/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/libexec/hpropd/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/libexec/ipropd-master/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/libexec/ipropd-slave/Makefile cvs rdiff -u -r1.5 -r1.6 \ src/crypto/external/bsd/heimdal/libexec/kadmind/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/libexec/kpasswdd/Makefile cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/heimdal/sbin/Makefile.inc cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/sbin/hprop/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/sbin/iprop-log/Makefile cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/heimdal/sbin/kadmin/Makefile cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/sbin/kcm/Makefile cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/sbin/kdc/Makefile cvs rdiff -u -r1.4 -r1.5 \ src/crypto/external/bsd/heimdal/sbin/kdigest/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/sbin/kimpersonate/Makefile cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/heimdal/sbin/kstash/Makefile cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/heimdal/sbin/ktutil/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/heimdal/include/hcrypto
Module Name:src Committed By: christos Date: Tue Jun 20 17:22:01 UTC 2023 Modified Files: src/crypto/external/bsd/heimdal/include/hcrypto: ui.h Log Message: Don't use the hcrypto version, use the OpenSSL one. To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/crypto/external/bsd/heimdal/include/hcrypto/ui.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/heimdal/include/hcrypto
Module Name:src Committed By: christos Date: Tue Jun 20 17:22:01 UTC 2023 Modified Files: src/crypto/external/bsd/heimdal/include/hcrypto: ui.h Log Message: Don't use the hcrypto version, use the OpenSSL one. To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/crypto/external/bsd/heimdal/include/hcrypto/ui.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/heimdal/include/hcrypto/ui.h diff -u src/crypto/external/bsd/heimdal/include/hcrypto/ui.h:1.1 src/crypto/external/bsd/heimdal/include/hcrypto/ui.h:1.2 --- src/crypto/external/bsd/heimdal/include/hcrypto/ui.h:1.1 Tue Jun 20 12:49:46 2023 +++ src/crypto/external/bsd/heimdal/include/hcrypto/ui.h Tue Jun 20 13:22:01 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: ui.h,v 1.1 2023/06/20 16:49:46 christos Exp $ */ +/* $NetBSD: ui.h,v 1.2 2023/06/20 17:22:01 christos Exp $ */ /* * Copyright (c) 2005 Kungliga Tekniska Högskolan @@ -39,7 +39,10 @@ #define _HEIM_UI_H 1 /* symbol renaming */ +#if 0 +/* use the OpenSSL symbol, not worth it for a "Verify failed" printf */ #define UI_UTIL_read_pw_string hc_UI_UTIL_read_pw_string +#endif /* OpenSSL API extensions */ #define UI_UTIL_FLAG_VERIFY 0x1 /* ask to verify password */
CVS commit: src/crypto/external/bsd/heimdal/include/hcrypto
Module Name:src Committed By: christos Date: Tue Jun 20 16:49:46 UTC 2023 Added Files: src/crypto/external/bsd/heimdal/include/hcrypto: ui.h Log Message: Add hcrypto/ui.h to avoid -I gymnastics everywhere else To generate a diff of this commit: cvs rdiff -u -r0 -r1.1 src/crypto/external/bsd/heimdal/include/hcrypto/ui.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/heimdal/include/hcrypto
Module Name:src Committed By: christos Date: Tue Jun 20 16:49:46 UTC 2023 Added Files: src/crypto/external/bsd/heimdal/include/hcrypto: ui.h Log Message: Add hcrypto/ui.h to avoid -I gymnastics everywhere else To generate a diff of this commit: cvs rdiff -u -r0 -r1.1 src/crypto/external/bsd/heimdal/include/hcrypto/ui.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Added files: Index: src/crypto/external/bsd/heimdal/include/hcrypto/ui.h diff -u /dev/null src/crypto/external/bsd/heimdal/include/hcrypto/ui.h:1.1 --- /dev/null Tue Jun 20 12:49:46 2023 +++ src/crypto/external/bsd/heimdal/include/hcrypto/ui.h Tue Jun 20 12:49:46 2023 @@ -0,0 +1,51 @@ +/* $NetBSD: ui.h,v 1.1 2023/06/20 16:49:46 christos Exp $ */ + +/* + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + *may be used to endorse or promote products derived from this software + *without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* Id */ + +#ifndef _HEIM_UI_H +#define _HEIM_UI_H 1 + +/* symbol renaming */ +#define UI_UTIL_read_pw_string hc_UI_UTIL_read_pw_string + +/* OpenSSL API extensions */ +#define UI_UTIL_FLAG_VERIFY 0x1 /* ask to verify password */ +#define UI_UTIL_FLAG_VERIFY_SILENT 0x2 /* silence on verify failure */ + +int UI_UTIL_read_pw_string(char *, int, const char *, int); /* XXX */ + +#endif /* _HEIM_UI_H */ +
CVS commit: src/sys/compat/linux32/arch/amd64
Module Name:src Committed By: riastradh Date: Tue Jun 20 15:22:15 UTC 2023 Modified Files: src/sys/compat/linux32/arch/amd64: linux32_machdep.c Log Message: linux32_rt_sendsig: Memset zero before copyout. Not sure if there's any padding here, but it's a pretty big structure, fairly likely, so let's be rather safe than sorry. XXX pullup-8 XXX pullup-9 XXX pullup-10 To generate a diff of this commit: cvs rdiff -u -r1.47 -r1.48 \ src/sys/compat/linux32/arch/amd64/linux32_machdep.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/compat/linux32/arch/amd64/linux32_machdep.c diff -u src/sys/compat/linux32/arch/amd64/linux32_machdep.c:1.47 src/sys/compat/linux32/arch/amd64/linux32_machdep.c:1.48 --- src/sys/compat/linux32/arch/amd64/linux32_machdep.c:1.47 Mon Nov 1 05:07:16 2021 +++ src/sys/compat/linux32/arch/amd64/linux32_machdep.c Tue Jun 20 15:22:15 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: linux32_machdep.c,v 1.47 2021/11/01 05:07:16 thorpej Exp $ */ +/* $NetBSD: linux32_machdep.c,v 1.48 2023/06/20 15:22:15 riastradh Exp $ */ /*- * Copyright (c) 2006 Emmanuel Dreyfus, all rights reserved. @@ -31,7 +31,7 @@ * POSSIBILITY OF SUCH DAMAGE. */ #include -__KERNEL_RCSID(0, "$NetBSD: linux32_machdep.c,v 1.47 2021/11/01 05:07:16 thorpej Exp $"); +__KERNEL_RCSID(0, "$NetBSD: linux32_machdep.c,v 1.48 2023/06/20 15:22:15 riastradh Exp $"); #if defined(_KERNEL_OPT) #include "opt_user_ldt.h" @@ -195,6 +195,7 @@ linux32_rt_sendsig(const ksiginfo_t *ksi fp--; /* Build stack frame for signal trampoline. */ + memset(, 0, sizeof(frame)); NETBSD32PTR32(frame.sf_handler, catcher); frame.sf_sig = native_to_linux32_signo[sig]; NETBSD32PTR32(frame.sf_sip, >sf_si);
CVS commit: src/sys/compat/linux32/arch/amd64
Module Name:src Committed By: riastradh Date: Tue Jun 20 15:22:15 UTC 2023 Modified Files: src/sys/compat/linux32/arch/amd64: linux32_machdep.c Log Message: linux32_rt_sendsig: Memset zero before copyout. Not sure if there's any padding here, but it's a pretty big structure, fairly likely, so let's be rather safe than sorry. XXX pullup-8 XXX pullup-9 XXX pullup-10 To generate a diff of this commit: cvs rdiff -u -r1.47 -r1.48 \ src/sys/compat/linux32/arch/amd64/linux32_machdep.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/compat/ossaudio
Module Name:src Committed By: riastradh Date: Tue Jun 20 15:22:05 UTC 2023 Modified Files: src/sys/compat/ossaudio: ossaudio.c Log Message: compat_ossaudio: Zero-initialize idat before copyout. Unclear if there are any paths to the copyout without initialization, but let's play it safe to keep the auditing effort low. XXX pullup-8 XXX pullup-9 XXX pullup-10 To generate a diff of this commit: cvs rdiff -u -r1.84 -r1.85 src/sys/compat/ossaudio/ossaudio.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/compat/ossaudio/ossaudio.c diff -u src/sys/compat/ossaudio/ossaudio.c:1.84 src/sys/compat/ossaudio/ossaudio.c:1.85 --- src/sys/compat/ossaudio/ossaudio.c:1.84 Tue Sep 7 11:43:05 2021 +++ src/sys/compat/ossaudio/ossaudio.c Tue Jun 20 15:22:04 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: ossaudio.c,v 1.84 2021/09/07 11:43:05 riastradh Exp $ */ +/* $NetBSD: ossaudio.c,v 1.85 2023/06/20 15:22:04 riastradh Exp $ */ /*- * Copyright (c) 1997, 2008 The NetBSD Foundation, Inc. @@ -27,7 +27,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: ossaudio.c,v 1.84 2021/09/07 11:43:05 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ossaudio.c,v 1.85 2023/06/20 15:22:04 riastradh Exp $"); #include #include @@ -1069,7 +1069,7 @@ oss_ioctl_mixer(struct lwp *lwp, const s mixer_ctrl_t mc; struct oss_mixer_info omi; struct audio_device adev; - int idat; + int idat = 0; int i; int error; int l, r, n, e;
CVS commit: src/sys/compat/ossaudio
Module Name:src Committed By: riastradh Date: Tue Jun 20 15:22:05 UTC 2023 Modified Files: src/sys/compat/ossaudio: ossaudio.c Log Message: compat_ossaudio: Zero-initialize idat before copyout. Unclear if there are any paths to the copyout without initialization, but let's play it safe to keep the auditing effort low. XXX pullup-8 XXX pullup-9 XXX pullup-10 To generate a diff of this commit: cvs rdiff -u -r1.84 -r1.85 src/sys/compat/ossaudio/ossaudio.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/compat/sunos32
Module Name:src
Committed By: riastradh
Date: Tue Jun 20 15:21:55 UTC 2023
Modified Files:
src/sys/compat/sunos32: sunos32_misc.c
Log Message:
compat_sunos32: Memset zero before copyout.
Unclear if this can leak anything but let's be on the safe side.
XXX pullup-8
XXX pullup-9
XXX pullup-10
To generate a diff of this commit:
cvs rdiff -u -r1.85 -r1.86 src/sys/compat/sunos32/sunos32_misc.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/compat/sunos32/sunos32_misc.c
diff -u src/sys/compat/sunos32/sunos32_misc.c:1.85 src/sys/compat/sunos32/sunos32_misc.c:1.86
--- src/sys/compat/sunos32/sunos32_misc.c:1.85 Tue Sep 7 11:43:05 2021
+++ src/sys/compat/sunos32/sunos32_misc.c Tue Jun 20 15:21:55 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: sunos32_misc.c,v 1.85 2021/09/07 11:43:05 riastradh Exp $ */
+/* $NetBSD: sunos32_misc.c,v 1.86 2023/06/20 15:21:55 riastradh Exp $ */
/* from :NetBSD: sunos_misc.c,v 1.107 2000/12/01 19:25:10 jdolecek Exp */
/*
@@ -77,7 +77,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: sunos32_misc.c,v 1.85 2021/09/07 11:43:05 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sunos32_misc.c,v 1.86 2023/06/20 15:21:55 riastradh Exp $");
#define COMPAT_SUNOS 1
@@ -242,6 +242,7 @@ static inline void sunos32_from___stat13
static inline void
sunos32_from___stat13(struct stat *sbp, struct netbsd32_stat43 *sb32p)
{
+ memset(sb32p, 0, sizeof(*sb32p));
sb32p->st_dev = sbp->st_dev;
sb32p->st_ino = sbp->st_ino;
sb32p->st_mode = sbp->st_mode;
CVS commit: src/sys/compat/sunos32
Module Name:src Committed By: riastradh Date: Tue Jun 20 15:21:55 UTC 2023 Modified Files: src/sys/compat/sunos32: sunos32_misc.c Log Message: compat_sunos32: Memset zero before copyout. Unclear if this can leak anything but let's be on the safe side. XXX pullup-8 XXX pullup-9 XXX pullup-10 To generate a diff of this commit: cvs rdiff -u -r1.85 -r1.86 src/sys/compat/sunos32/sunos32_misc.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/distrib/sets/lists
Module Name:src Committed By: martin Date: Tue Jun 20 11:00:29 UTC 2023 Modified Files: src/distrib/sets/lists/xdebug: md.alpha md.cats md.macppc md.ofppc md.sparc md.sparc64 src/distrib/sets/lists/xserver: md.alpha md.cats md.macppc md.ofppc md.sparc md.sparc64 Log Message: Obsolete ati_drv.so.19 and add .22 in the other md.* files affected by the recentish X update. To generate a diff of this commit: cvs rdiff -u -r1.20 -r1.21 src/distrib/sets/lists/xdebug/md.alpha \ src/distrib/sets/lists/xdebug/md.ofppc \ src/distrib/sets/lists/xdebug/md.sparc \ src/distrib/sets/lists/xdebug/md.sparc64 cvs rdiff -u -r1.21 -r1.22 src/distrib/sets/lists/xdebug/md.cats cvs rdiff -u -r1.19 -r1.20 src/distrib/sets/lists/xdebug/md.macppc cvs rdiff -u -r1.60 -r1.61 src/distrib/sets/lists/xserver/md.alpha cvs rdiff -u -r1.70 -r1.71 src/distrib/sets/lists/xserver/md.cats cvs rdiff -u -r1.89 -r1.90 src/distrib/sets/lists/xserver/md.macppc cvs rdiff -u -r1.39 -r1.40 src/distrib/sets/lists/xserver/md.ofppc cvs rdiff -u -r1.81 -r1.82 src/distrib/sets/lists/xserver/md.sparc cvs rdiff -u -r1.77 -r1.78 src/distrib/sets/lists/xserver/md.sparc64 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/distrib/sets/lists/xdebug/md.alpha diff -u src/distrib/sets/lists/xdebug/md.alpha:1.20 src/distrib/sets/lists/xdebug/md.alpha:1.21 --- src/distrib/sets/lists/xdebug/md.alpha:1.20 Fri Jul 15 04:47:56 2022 +++ src/distrib/sets/lists/xdebug/md.alpha Tue Jun 20 11:00:29 2023 @@ -1,4 +1,4 @@ -# $NetBSD: md.alpha,v 1.20 2022/07/15 04:47:56 mrg Exp $ +# $NetBSD: md.alpha,v 1.21 2023/06/20 11:00:29 martin Exp $ ./usr/X11R7/lib/modules/extensions/libdri2_g.a xdebug-obsolete xorg,obsolete ./usr/libdata/debug/usr/X11R7/bin/Xorg.debug xdebug-xorg-server-debug xorg,debug ./usr/libdata/debug/usr/X11R7/bin/gtf.debug xdebug-xorg-server-debug xorg,debug @@ -8,7 +8,8 @@ ./usr/libdata/debug/usr/X11R7/lib/modules/drivers/ark_drv.so.0.debug xdebug-xf86-video-ark-debug xorg,debug,xorg_server_ver=110 ./usr/libdata/debug/usr/X11R7/lib/modules/drivers/ast_drv.so.1.debug xdebug-xf86-video-ast-debug xorg,debug ./usr/libdata/debug/usr/X11R7/lib/modules/drivers/ati_drv.so.6.debug xdebug-obsolete obsolete -./usr/libdata/debug/usr/X11R7/lib/modules/drivers/ati_drv.so.19.debug xdebug-xf86-video-ati-debug xorg,debug +./usr/libdata/debug/usr/X11R7/lib/modules/drivers/ati_drv.so.19.debug xdebug-obsolete obsolete +./usr/libdata/debug/usr/X11R7/lib/modules/drivers/ati_drv.so.22.debug xdebug-xf86-video-ati-debug xorg,debug ./usr/libdata/debug/usr/X11R7/lib/modules/drivers/chips_drv.so.1.debug xdebug-xf86-video-chips-debug xorg,debug ./usr/libdata/debug/usr/X11R7/lib/modules/drivers/cirrus_alpine.so.1.debug xdebug-obsolete obsolete ./usr/libdata/debug/usr/X11R7/lib/modules/drivers/cirrus_drv.so.1.debug xdebug-xf86-video-cirrus-debug xorg,debug Index: src/distrib/sets/lists/xdebug/md.ofppc diff -u src/distrib/sets/lists/xdebug/md.ofppc:1.20 src/distrib/sets/lists/xdebug/md.ofppc:1.21 --- src/distrib/sets/lists/xdebug/md.ofppc:1.20 Fri Jul 15 04:47:56 2022 +++ src/distrib/sets/lists/xdebug/md.ofppc Tue Jun 20 11:00:29 2023 @@ -1,4 +1,4 @@ -# $NetBSD: md.ofppc,v 1.20 2022/07/15 04:47:56 mrg Exp $ +# $NetBSD: md.ofppc,v 1.21 2023/06/20 11:00:29 martin Exp $ ./usr/X11R7/lib/modules/extensions/libdbe_g.a xdebug-obsolete xorg,obsolete ./usr/X11R7/lib/modules/extensions/libdri2_g.a xdebug-obsolete xorg,obsolete ./usr/X11R7/lib/modules/extensions/libdri_g.a xdebug-obsolete xorg,obsolete @@ -33,7 +33,8 @@ ./usr/libdata/debug/usr/X11R7/lib/modules/dri/radeon_dri.so.0.debug xdebug-obsolete xorg,obsolete,xorg ./usr/libdata/debug/usr/X11R7/lib/modules/dri/tdfx_dri.so.0.debug xdebug-obsolete xorg,obsolete ./usr/libdata/debug/usr/X11R7/lib/modules/drivers/ati_drv.so.6.debug xdebug-obsolete obsolete -./usr/libdata/debug/usr/X11R7/lib/modules/drivers/ati_drv.so.19.debug xdebug-xf86-video-ati-debug xorg,debug +./usr/libdata/debug/usr/X11R7/lib/modules/drivers/ati_drv.so.19.debug xdebug-obsolete obsolete +./usr/libdata/debug/usr/X11R7/lib/modules/drivers/ati_drv.so.22.debug xdebug-xf86-video-ati-debug xorg,debug ./usr/libdata/debug/usr/X11R7/lib/modules/drivers/chips_drv.so.1.debug xdebug-xf86-video-chips-debug xorg,debug ./usr/libdata/debug/usr/X11R7/lib/modules/drivers/kbd_drv.so.2.debug xdebug-xf86-input-keyboard-debug xorg,debug ./usr/libdata/debug/usr/X11R7/lib/modules/drivers/libati_drv.so.6.debug xdebug-obsolete xorg,obsolete Index: src/distrib/sets/lists/xdebug/md.sparc diff -u src/distrib/sets/lists/xdebug/md.sparc:1.20 src/distrib/sets/lists/xdebug/md.sparc:1.21 --- src/distrib/sets/lists/xdebug/md.sparc:1.20 Fri Jul 15 04:47:56 2022 +++ src/distrib/sets/lists/xdebug/md.sparc Tue Jun 20 11:00:29 2023 @@ -1,4 +1,4 @@ -# $NetBSD: md.sparc,v 1.20 2022/07/15 04:47:56 mrg Exp $ +# $NetBSD: md.sparc,v
CVS commit: src/distrib/sets/lists
Module Name:src Committed By: martin Date: Tue Jun 20 11:00:29 UTC 2023 Modified Files: src/distrib/sets/lists/xdebug: md.alpha md.cats md.macppc md.ofppc md.sparc md.sparc64 src/distrib/sets/lists/xserver: md.alpha md.cats md.macppc md.ofppc md.sparc md.sparc64 Log Message: Obsolete ati_drv.so.19 and add .22 in the other md.* files affected by the recentish X update. To generate a diff of this commit: cvs rdiff -u -r1.20 -r1.21 src/distrib/sets/lists/xdebug/md.alpha \ src/distrib/sets/lists/xdebug/md.ofppc \ src/distrib/sets/lists/xdebug/md.sparc \ src/distrib/sets/lists/xdebug/md.sparc64 cvs rdiff -u -r1.21 -r1.22 src/distrib/sets/lists/xdebug/md.cats cvs rdiff -u -r1.19 -r1.20 src/distrib/sets/lists/xdebug/md.macppc cvs rdiff -u -r1.60 -r1.61 src/distrib/sets/lists/xserver/md.alpha cvs rdiff -u -r1.70 -r1.71 src/distrib/sets/lists/xserver/md.cats cvs rdiff -u -r1.89 -r1.90 src/distrib/sets/lists/xserver/md.macppc cvs rdiff -u -r1.39 -r1.40 src/distrib/sets/lists/xserver/md.ofppc cvs rdiff -u -r1.81 -r1.82 src/distrib/sets/lists/xserver/md.sparc cvs rdiff -u -r1.77 -r1.78 src/distrib/sets/lists/xserver/md.sparc64 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.bin/make
Module Name:src
Committed By: rillig
Date: Tue Jun 20 09:25:34 UTC 2023
Modified Files:
src/usr.bin/make: cond.c make.h parse.c
src/usr.bin/make/unit-tests: Makefile directive-include-guard.exp
directive-include-guard.mk
Log Message:
make: allow targets to be used as multiple-inclusion guards
This style is used by FreeBSD, among others.
To generate a diff of this commit:
cvs rdiff -u -r1.349 -r1.350 src/usr.bin/make/cond.c
cvs rdiff -u -r1.322 -r1.323 src/usr.bin/make/make.h
cvs rdiff -u -r1.701 -r1.702 src/usr.bin/make/parse.c
cvs rdiff -u -r1.338 -r1.339 src/usr.bin/make/unit-tests/Makefile
cvs rdiff -u -r1.5 -r1.6 \
src/usr.bin/make/unit-tests/directive-include-guard.exp
cvs rdiff -u -r1.6 -r1.7 \
src/usr.bin/make/unit-tests/directive-include-guard.mk
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.bin/make/cond.c
diff -u src/usr.bin/make/cond.c:1.349 src/usr.bin/make/cond.c:1.350
--- src/usr.bin/make/cond.c:1.349 Mon Jun 19 20:07:35 2023
+++ src/usr.bin/make/cond.c Tue Jun 20 09:25:33 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: cond.c,v 1.349 2023/06/19 20:07:35 rillig Exp $ */
+/* $NetBSD: cond.c,v 1.350 2023/06/20 09:25:33 rillig Exp $ */
/*
* Copyright (c) 1988, 1989, 1990 The Regents of the University of California.
@@ -92,7 +92,7 @@
#include "dir.h"
/* "@(#)cond.c 8.2 (Berkeley) 1/2/94" */
-MAKE_RCSID("$NetBSD: cond.c,v 1.349 2023/06/19 20:07:35 rillig Exp $");
+MAKE_RCSID("$NetBSD: cond.c,v 1.350 2023/06/20 09:25:33 rillig Exp $");
/*
* Conditional expressions conform to this grammar:
@@ -1252,15 +1252,30 @@ ParseVarnameGuard(const char **pp, const
return false;
}
-/*
- * Tests whether the line is a conditional that forms a multiple-inclusion
- * guard, and if so, extracts the guard variable name.
- */
-char *
+static bool
+ParseTargetGuard(const char **pp, const char **target)
+{
+ const char *p = *pp;
+
+ if (ch_isalpha(*p) || *p == '_') {
+ while (ch_isalnum(*p) || *p == '_' || *p == '-'
+ || *p == '<' || *p == '>' || *p == '.' || *p == '/')
+ p++;
+ *target = *pp;
+ *pp = p;
+ return true;
+ }
+ return false;
+}
+
+/* Extracts the multiple-inclusion guard from a conditional, if any. */
+Guard *
Cond_ExtractGuard(const char *line)
{
- const char *p, *varname;
+ const char *p, *name;
Substring dir;
+ enum GuardKind kind;
+ Guard *guard;
p = line + 1; /* skip the '.' */
cpp_skip_hspace();
@@ -1271,14 +1286,32 @@ Cond_ExtractGuard(const char *line)
dir.end = p;
cpp_skip_hspace();
- if (Substring_Equals(dir, "if"))
- return skip_string(, "!defined(")
- && ParseVarnameGuard(, ) && strcmp(p, ")") == 0
- ? bmake_strsedup(varname, p) : NULL;
- if (Substring_Equals(dir, "ifndef"))
- return ParseVarnameGuard(, ) && *p == '\0'
- ? bmake_strsedup(varname, p) : NULL;
+ if (Substring_Equals(dir, "if")) {
+ if (skip_string(, "!defined(")) {
+ if (ParseVarnameGuard(, )
+ && strcmp(p, ")") == 0)
+goto found_variable;
+ } else if (skip_string(, "!target(")) {
+ if (ParseTargetGuard(, )
+ && strcmp(p, ")") == 0)
+goto found_target;
+ }
+ } else if (Substring_Equals(dir, "ifndef")) {
+ if (ParseVarnameGuard(, ) && *p == '\0')
+ goto found_variable;
+ }
return NULL;
+
+found_variable:
+ kind = GK_VARIABLE;
+ goto found;
+found_target:
+ kind = GK_TARGET;
+found:
+ guard = bmake_malloc(sizeof(*guard));
+ guard->kind = kind;
+ guard->name = bmake_strsedup(name, p);
+ return guard;
}
void
Index: src/usr.bin/make/make.h
diff -u src/usr.bin/make/make.h:1.322 src/usr.bin/make/make.h:1.323
--- src/usr.bin/make/make.h:1.322 Mon Jun 19 12:53:57 2023
+++ src/usr.bin/make/make.h Tue Jun 20 09:25:33 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: make.h,v 1.322 2023/06/19 12:53:57 rillig Exp $ */
+/* $NetBSD: make.h,v 1.323 2023/06/20 09:25:33 rillig Exp $ */
/*
* Copyright (c) 1988, 1989, 1990, 1993
@@ -539,6 +539,14 @@ typedef enum CondResult {
CR_ERROR /* Unknown directive or parse error */
} CondResult;
+typedef struct {
+ enum GuardKind {
+ GK_VARIABLE,
+ GK_TARGET
+ } kind;
+ char *name;
+} Guard;
+
/* Names of the variables that are "local" to a specific target. */
#define TARGET "@" /* Target of dependency */
#define OODATE "?" /* All out-of-date sources */
@@ -793,7 +801,7 @@ void Compat_Make(GNode *, GNode *);
extern unsigned int cond_depth;
CondResult Cond_EvalCondition(const char *) MAKE_ATTR_USE;
CondResult Cond_EvalLine(const char *) MAKE_ATTR_USE;
-char *Cond_ExtractGuard(const char *) MAKE_ATTR_USE;
+Guard *Cond_ExtractGuard(const char *) MAKE_ATTR_USE;
void Cond_EndFile(void);
/* dir.c; see also dir.h */
Index: src/usr.bin/make/parse.c
diff -u src/usr.bin/make/parse.c:1.701 src/usr.bin/make/parse.c:1.702
--- src/usr.bin/make/parse.c:1.701 Mon Jun 19 17:30:56 2023
+++ src/usr.bin/make/parse.c Tue Jun 20 09:25:33 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: parse.c,v
CVS commit: src/usr.bin/make
Module Name:src Committed By: rillig Date: Tue Jun 20 09:25:34 UTC 2023 Modified Files: src/usr.bin/make: cond.c make.h parse.c src/usr.bin/make/unit-tests: Makefile directive-include-guard.exp directive-include-guard.mk Log Message: make: allow targets to be used as multiple-inclusion guards This style is used by FreeBSD, among others. To generate a diff of this commit: cvs rdiff -u -r1.349 -r1.350 src/usr.bin/make/cond.c cvs rdiff -u -r1.322 -r1.323 src/usr.bin/make/make.h cvs rdiff -u -r1.701 -r1.702 src/usr.bin/make/parse.c cvs rdiff -u -r1.338 -r1.339 src/usr.bin/make/unit-tests/Makefile cvs rdiff -u -r1.5 -r1.6 \ src/usr.bin/make/unit-tests/directive-include-guard.exp cvs rdiff -u -r1.6 -r1.7 \ src/usr.bin/make/unit-tests/directive-include-guard.mk Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.bin/nc
Module Name:src Committed By: rin Date: Tue Jun 20 08:51:24 UTC 2023 Modified Files: src/usr.bin/nc: netcat.c Log Message: nc(1): Declare and initialize ``on'' ifdef SO_BINDANY. NFC yet for us. To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/usr.bin/nc/netcat.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.bin/nc
Module Name:src
Committed By: rin
Date: Tue Jun 20 08:51:24 UTC 2023
Modified Files:
src/usr.bin/nc: netcat.c
Log Message:
nc(1): Declare and initialize ``on'' ifdef SO_BINDANY. NFC yet for us.
To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/usr.bin/nc/netcat.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.bin/nc/netcat.c
diff -u src/usr.bin/nc/netcat.c:1.6 src/usr.bin/nc/netcat.c:1.7
--- src/usr.bin/nc/netcat.c:1.6 Thu Oct 3 01:15:19 2019
+++ src/usr.bin/nc/netcat.c Tue Jun 20 08:51:24 2023
@@ -27,7 +27,7 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include
-__RCSID("$NetBSD: netcat.c,v 1.6 2019/10/03 01:15:19 sevan Exp $");
+__RCSID("$NetBSD: netcat.c,v 1.7 2023/06/20 08:51:24 rin Exp $");
/*
* Re-written nc(1) for OpenBSD. Original implementation by
@@ -915,6 +915,9 @@ remote_connect(const char *host, const c
{
struct addrinfo *res, *res0;
int s = -1, error, save_errno;
+#ifdef SO_BINDANY
+ int on = 1;
+#endif
if ((error = getaddrinfo(host, port, , )))
errx(1, "getaddrinfo: %s", gai_strerror(error));
CVS commit: src/sys/arch/i386/stand/efiboot
Module Name:src Committed By: rin Date: Tue Jun 20 07:46:03 UTC 2023 Modified Files: src/sys/arch/i386/stand/efiboot: devopen.c Log Message: ``int i'' is used only for SUPPORT_NFS || SUPPORT_TFTP. To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 src/sys/arch/i386/stand/efiboot/devopen.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/arch/i386/stand/efiboot
Module Name:src Committed By: rin Date: Tue Jun 20 07:46:03 UTC 2023 Modified Files: src/sys/arch/i386/stand/efiboot: devopen.c Log Message: ``int i'' is used only for SUPPORT_NFS || SUPPORT_TFTP. To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 src/sys/arch/i386/stand/efiboot/devopen.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/i386/stand/efiboot/devopen.c diff -u src/sys/arch/i386/stand/efiboot/devopen.c:1.13 src/sys/arch/i386/stand/efiboot/devopen.c:1.14 --- src/sys/arch/i386/stand/efiboot/devopen.c:1.13 Mon Dec 27 12:19:27 2021 +++ src/sys/arch/i386/stand/efiboot/devopen.c Tue Jun 20 07:46:03 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: devopen.c,v 1.13 2021/12/27 12:19:27 simonb Exp $ */ +/* $NetBSD: devopen.c,v 1.14 2023/06/20 07:46:03 rin Exp $ */ /*- * Copyright (c) 2005 The NetBSD Foundation, Inc. @@ -154,13 +154,13 @@ devopen(struct open_file *f, const char const char *xname = NULL; int unit, partition; int biosdev; - int i, error; + int error; #if defined(SUPPORT_NFS) || defined(SUPPORT_TFTP) struct devdesc desc; const struct netboot_fstab *nf; char *filename; size_t fsnamelen; - int n; + int i, n; #endif error = parsebootfile(fname, , , , ,
CVS commit: src/crypto/external/bsd/heimdal/libexec/kadmind
Module Name:src
Committed By: mrg
Date: Tue Jun 20 07:17:11 UTC 2023
Modified Files:
src/crypto/external/bsd/heimdal/libexec/kadmind: Makefile
Log Message:
re-fix the previous - i had only fixed one case, not the general one.
guard the .BEGIN: rule with:
.if !make(clean) && !make(cleandir) && !make(distclean) && !make(obj)
so that it doesn't trigger in cases where we don't expect the objdir
to exist already, or we don't want to be adding things while we're
cleaning them out.
To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 \
src/crypto/external/bsd/heimdal/libexec/kadmind/Makefile
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/heimdal/libexec/kadmind/Makefile
diff -u src/crypto/external/bsd/heimdal/libexec/kadmind/Makefile:1.4 src/crypto/external/bsd/heimdal/libexec/kadmind/Makefile:1.5
--- src/crypto/external/bsd/heimdal/libexec/kadmind/Makefile:1.4 Tue Jun 20 05:06:04 2023
+++ src/crypto/external/bsd/heimdal/libexec/kadmind/Makefile Tue Jun 20 07:17:11 2023
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.4 2023/06/20 05:06:04 mrg Exp $
+# $NetBSD: Makefile,v 1.5 2023/06/20 07:17:11 mrg Exp $
.include
.include <${.CURDIR}/../../Makefile.inc>
@@ -27,5 +27,7 @@ DPADD+= ${LIBGSSAPI} ${LIBKADM5SRV} ${LI
# XXX
CLEANFILES+=hcrypto
-${OBJS}:
+.if !make(clean) && !make(cleandir) && !make(distclean) && !make(obj)
+.BEGIN:
@ln -sf ${HEIMDIST}/lib/hcrypto .
+.endif
CVS commit: src/crypto/external/bsd/heimdal/libexec/kadmind
Module Name:src Committed By: mrg Date: Tue Jun 20 07:17:11 UTC 2023 Modified Files: src/crypto/external/bsd/heimdal/libexec/kadmind: Makefile Log Message: re-fix the previous - i had only fixed one case, not the general one. guard the .BEGIN: rule with: .if !make(clean) && !make(cleandir) && !make(distclean) && !make(obj) so that it doesn't trigger in cases where we don't expect the objdir to exist already, or we don't want to be adding things while we're cleaning them out. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 \ src/crypto/external/bsd/heimdal/libexec/kadmind/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
