CVS commit: src/crypto/dist/ipsec-tools
Module Name:src Committed By: tteras Date: Mon Dec 24 08:46:27 UTC 2012 Modified Files: src/crypto/dist/ipsec-tools: configure.ac src/crypto/dist/ipsec-tools/src/racoon: crypto_openssl.c src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2: sha2.c Log Message: From Götz Babin-Ebell g.babin-eb...@novamedia.de: Require OpenSSL 0.9.8s or higher To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 src/crypto/dist/ipsec-tools/configure.ac cvs rdiff -u -r1.22 -r1.23 \ src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c cvs rdiff -u -r1.4 -r1.5 \ src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/dist/ipsec-tools/configure.ac diff -u src/crypto/dist/ipsec-tools/configure.ac:1.11 src/crypto/dist/ipsec-tools/configure.ac:1.12 --- src/crypto/dist/ipsec-tools/configure.ac:1.11 Tue Jan 10 12:07:30 2012 +++ src/crypto/dist/ipsec-tools/configure.ac Mon Dec 24 08:46:27 2012 @@ -207,12 +207,12 @@ AC_MSG_CHECKING(openssl version) AC_TRY_COMPILE( [#include openssl/opensslv.h ], -[#if OPENSSL_VERSION_NUMBER 0x0090602fL +[#if OPENSSL_VERSION_NUMBER 0x0090813fL #error OpenSSL version is too old ... #endif], [AC_MSG_RESULT([ok])], [AC_MSG_RESULT(too old) -AC_MSG_ERROR([OpenSSL version must be 0.9.6 or higher. Aborting.]) +AC_MSG_ERROR([OpenSSL version must be 0.9.8s or higher. Aborting.]) ]) AC_CHECK_HEADERS(openssl/engine.h) Index: src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c diff -u src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c:1.22 src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c:1.23 --- src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c:1.22 Thu Nov 29 15:31:24 2012 +++ src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c Mon Dec 24 08:46:27 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: crypto_openssl.c,v 1.22 2012/11/29 15:31:24 vanhu Exp $ */ +/* $NetBSD: crypto_openssl.c,v 1.23 2012/12/24 08:46:27 tteras Exp $ */ /* Id: crypto_openssl.c,v 1.47 2006/05/06 20:42:09 manubsd Exp */ @@ -44,8 +44,8 @@ /* get openssl/ssleay version number */ #include openssl/opensslv.h -#if !defined(OPENSSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER 0x0090602fL) -#error OpenSSL version 0.9.6 or later required. +#if !defined(OPENSSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER 0x0090813fL) +#error OpenSSL version 0.9.8s or later required. #endif #include openssl/pem.h @@ -91,12 +91,7 @@ #endif #include plog.h -/* 0.9.7 stuff? */ -#if OPENSSL_VERSION_NUMBER 0x0090700fL -typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES; -#else #define USE_NEW_DES_API -#endif #define OpenSSL_BUG() do { plog(LLV_ERROR, LOCATION, NULL, OpenSSL function failed\n); } while(0) @@ -505,10 +500,8 @@ eay_check_x509cert(cert, CApath, CAfile, if (csc == NULL) goto end; X509_STORE_CTX_init(csc, cert_ctx, x509, NULL); -#if OPENSSL_VERSION_NUMBER = 0x00907000L X509_STORE_CTX_set_flags (csc, X509_V_FLAG_CRL_CHECK); X509_STORE_CTX_set_flags (csc, X509_V_FLAG_CRL_CHECK_ALL); -#endif error = X509_verify_cert(csc); X509_STORE_CTX_free(csc); Index: src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c diff -u src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c:1.4 src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c:1.5 --- src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c:1.4 Sat Sep 9 16:22:36 2006 +++ src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c Mon Dec 24 08:46:27 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: sha2.c,v 1.4 2006/09/09 16:22:36 manu Exp $ */ +/* $NetBSD: sha2.c,v 1.5 2012/12/24 08:46:27 tteras Exp $ */ /* Id: sha2.c,v 1.6 2004/09/21 14:35:25 ludvigm Exp */ @@ -56,9 +56,7 @@ #define bzero(a, b) memset((a), 0, (b)) #define panic(a) err(1, (a)) -#if OPENSSL_VERSION_NUMBER = 0x00907000L #define HAVE_EVP_097 -#endif /* * ASSERT NOTE:
CVS commit: [ipsec-tools-0_8-branch] src/crypto/dist/ipsec-tools
Module Name:src Committed By: tteras Date: Mon Dec 24 08:48:09 UTC 2012 Modified Files: src/crypto/dist/ipsec-tools [ipsec-tools-0_8-branch]: configure.ac src/crypto/dist/ipsec-tools/src/racoon [ipsec-tools-0_8-branch]: crypto_openssl.c src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2 [ipsec-tools-0_8-branch]: sha2.c Log Message: From Götz Babin-Ebell g.babin-eb...@novamedia.de: Require OpenSSL 0.9.8s or higher To generate a diff of this commit: cvs rdiff -u -r1.10.6.1 -r1.10.6.2 src/crypto/dist/ipsec-tools/configure.ac cvs rdiff -u -r1.20.4.1 -r1.20.4.2 \ src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c cvs rdiff -u -r1.4 -r1.4.40.1 \ src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/dist/ipsec-tools/configure.ac diff -u src/crypto/dist/ipsec-tools/configure.ac:1.10.6.1 src/crypto/dist/ipsec-tools/configure.ac:1.10.6.2 --- src/crypto/dist/ipsec-tools/configure.ac:1.10.6.1 Fri Mar 18 13:25:12 2011 +++ src/crypto/dist/ipsec-tools/configure.ac Mon Dec 24 08:48:08 2012 @@ -207,12 +207,12 @@ AC_MSG_CHECKING(openssl version) AC_TRY_COMPILE( [#include openssl/opensslv.h ], -[#if OPENSSL_VERSION_NUMBER 0x0090602fL +[#if OPENSSL_VERSION_NUMBER 0x0090813fL #error OpenSSL version is too old ... #endif], [AC_MSG_RESULT([ok])], [AC_MSG_RESULT(too old) -AC_MSG_ERROR([OpenSSL version must be 0.9.6 or higher. Aborting.]) +AC_MSG_ERROR([OpenSSL version must be 0.9.8s or higher. Aborting.]) ]) AC_CHECK_HEADERS(openssl/engine.h) Index: src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c diff -u src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c:1.20.4.1 src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c:1.20.4.2 --- src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c:1.20.4.1 Thu Aug 23 11:46:06 2012 +++ src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c Mon Dec 24 08:48:08 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: crypto_openssl.c,v 1.20.4.1 2012/08/23 11:46:06 tteras Exp $ */ +/* $NetBSD: crypto_openssl.c,v 1.20.4.2 2012/12/24 08:48:08 tteras Exp $ */ /* Id: crypto_openssl.c,v 1.47 2006/05/06 20:42:09 manubsd Exp */ @@ -44,8 +44,8 @@ /* get openssl/ssleay version number */ #include openssl/opensslv.h -#if !defined(OPENSSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER 0x0090602fL) -#error OpenSSL version 0.9.6 or later required. +#if !defined(OPENSSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER 0x0090813fL) +#error OpenSSL version 0.9.8s or later required. #endif #include openssl/pem.h @@ -91,12 +91,7 @@ #endif #include plog.h -/* 0.9.7 stuff? */ -#if OPENSSL_VERSION_NUMBER 0x0090700fL -typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES; -#else #define USE_NEW_DES_API -#endif #define OpenSSL_BUG() do { plog(LLV_ERROR, LOCATION, NULL, OpenSSL function failed\n); } while(0) @@ -505,10 +500,8 @@ eay_check_x509cert(cert, CApath, CAfile, if (csc == NULL) goto end; X509_STORE_CTX_init(csc, cert_ctx, x509, NULL); -#if OPENSSL_VERSION_NUMBER = 0x00907000L X509_STORE_CTX_set_flags (csc, X509_V_FLAG_CRL_CHECK); X509_STORE_CTX_set_flags (csc, X509_V_FLAG_CRL_CHECK_ALL); -#endif error = X509_verify_cert(csc); X509_STORE_CTX_free(csc); Index: src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c diff -u src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c:1.4 src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c:1.4.40.1 --- src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c:1.4 Sat Sep 9 16:22:36 2006 +++ src/crypto/dist/ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c Mon Dec 24 08:48:08 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: sha2.c,v 1.4 2006/09/09 16:22:36 manu Exp $ */ +/* $NetBSD: sha2.c,v 1.4.40.1 2012/12/24 08:48:08 tteras Exp $ */ /* Id: sha2.c,v 1.6 2004/09/21 14:35:25 ludvigm Exp */ @@ -56,9 +56,7 @@ #define bzero(a, b) memset((a), 0, (b)) #define panic(a) err(1, (a)) -#if OPENSSL_VERSION_NUMBER = 0x00907000L #define HAVE_EVP_097 -#endif /* * ASSERT NOTE:
CVS commit: src/sys/arch/powerpc/stand/mkbootimage
Module Name:src Committed By: kiyohara Date: Mon Dec 24 14:01:25 UTC 2012 Modified Files: src/sys/arch/powerpc/stand/mkbootimage: bebox_bootrec.h Log Message: Change name of boot image(mount point?) to 'NetBSD' from 'fd'. To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 \ src/sys/arch/powerpc/stand/mkbootimage/bebox_bootrec.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/powerpc/stand/mkbootimage/bebox_bootrec.h diff -u src/sys/arch/powerpc/stand/mkbootimage/bebox_bootrec.h:1.2 src/sys/arch/powerpc/stand/mkbootimage/bebox_bootrec.h:1.3 --- src/sys/arch/powerpc/stand/mkbootimage/bebox_bootrec.h:1.2 Sat May 24 17:34:03 2008 +++ src/sys/arch/powerpc/stand/mkbootimage/bebox_bootrec.h Mon Dec 24 14:01:24 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: bebox_bootrec.h,v 1.2 2008/05/24 17:34:03 kiyohara Exp $ */ +/* $NetBSD: bebox_bootrec.h,v 1.3 2012/12/24 14:01:24 kiyohara Exp $ */ #define BEBOX_HEADER_SIZE 0x6400 #define BEBOX_BLOCK_SIZE 0x200 @@ -14,8 +14,8 @@ u_char bebox_image_data0[] = { 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x0b, 0x40, /* avail size */ 0x00, 0x00, 0x02, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x32, 0x00, 0x00, 0x0b, 0x40, /* used block */ - 0x01, 0x00, 0x00, 0x00, 0x66, 0x64, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x01, 0x00, 0x00, 0x00, 0x4e, 0x65, 0x74, 0x42, + 0x53, 0x44, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
CVS commit: src/crypto/dist/ipsec-tools/src/racoon
Module Name:src Committed By: tteras Date: Mon Dec 24 14:50:04 UTC 2012 Modified Files: src/crypto/dist/ipsec-tools/src/racoon: crypto_openssl.c Log Message: From Götz Babin-Ebell g.babin-eb...@novamedia.de: Smarter X.509 subject name compare. To generate a diff of this commit: cvs rdiff -u -r1.23 -r1.24 \ src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c diff -u src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c:1.23 src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c:1.24 --- src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c:1.23 Mon Dec 24 08:46:27 2012 +++ src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c Mon Dec 24 14:50:04 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: crypto_openssl.c,v 1.23 2012/12/24 08:46:27 tteras Exp $ */ +/* $NetBSD: crypto_openssl.c,v 1.24 2012/12/24 14:50:04 tteras Exp $ */ /* Id: crypto_openssl.c,v 1.47 2006/05/06 20:42:09 manubsd Exp */ @@ -280,145 +280,6 @@ out: } /* - * The following are derived from code in crypto/x509/x509_cmp.c - * in OpenSSL0.9.7c: - * X509_NAME_wildcmp() adds wildcard matching to the original - * X509_NAME_cmp(), nocase_cmp() and nocase_spacenorm_cmp() are as is. - */ -#include ctype.h -/* Case insensitive string comparision */ -static int nocase_cmp(const ASN1_STRING *a, const ASN1_STRING *b) -{ - int i; - - if (a-length != b-length) - return (a-length - b-length); - - for (i=0; ia-length; i++) - { - int ca, cb; - - ca = tolower(a-data[i]); - cb = tolower(b-data[i]); - - if (ca != cb) - return(ca-cb); - } - return 0; -} - -/* Case insensitive string comparision with space normalization - * Space normalization - ignore leading, trailing spaces, - * multiple spaces between characters are replaced by single space - */ -static int nocase_spacenorm_cmp(const ASN1_STRING *a, const ASN1_STRING *b) -{ - unsigned char *pa = NULL, *pb = NULL; - int la, lb; - - la = a-length; - lb = b-length; - pa = a-data; - pb = b-data; - - /* skip leading spaces */ - while (la 0 isspace(*pa)) - { - la--; - pa++; - } - while (lb 0 isspace(*pb)) - { - lb--; - pb++; - } - - /* skip trailing spaces */ - while (la 0 isspace(pa[la-1])) - la--; - while (lb 0 isspace(pb[lb-1])) - lb--; - - /* compare strings with space normalization */ - while (la 0 lb 0) - { - int ca, cb; - - /* compare character */ - ca = tolower(*pa); - cb = tolower(*pb); - if (ca != cb) - return (ca - cb); - - pa++; pb++; - la--; lb--; - - if (la = 0 || lb = 0) - break; - - /* is white space next character ? */ - if (isspace(*pa) isspace(*pb)) - { - /* skip remaining white spaces */ - while (la 0 isspace(*pa)) - { -la--; -pa++; - } - while (lb 0 isspace(*pb)) - { -lb--; -pb++; - } - } - } - if (la 0 || lb 0) - return la - lb; - - return 0; -} - -static int X509_NAME_wildcmp(const X509_NAME *a, const X509_NAME *b) -{ -int i,j; -X509_NAME_ENTRY *na,*nb; - -if (sk_X509_NAME_ENTRY_num(a-entries) - != sk_X509_NAME_ENTRY_num(b-entries)) - return sk_X509_NAME_ENTRY_num(a-entries) - -sk_X509_NAME_ENTRY_num(b-entries); -for (i=sk_X509_NAME_ENTRY_num(a-entries)-1; i=0; i--) -{ - na=sk_X509_NAME_ENTRY_value(a-entries,i); - nb=sk_X509_NAME_ENTRY_value(b-entries,i); - j=OBJ_cmp(na-object,nb-object); - if (j) return(j); - if ((na-value-length == 1 na-value-data[0] == '*') - || (nb-value-length == 1 nb-value-data[0] == '*')) - continue; - j=na-value-type-nb-value-type; - if (j) return(j); - if (na-value-type == V_ASN1_PRINTABLESTRING) - j=nocase_spacenorm_cmp(na-value, nb-value); - else if (na-value-type == V_ASN1_IA5STRING - OBJ_obj2nid(na-object) == NID_pkcs9_emailAddress) - j=nocase_cmp(na-value, nb-value); - else - { - j=na-value-length-nb-value-length; - if (j) return(j); - j=memcmp(na-value-data,nb-value-data, - na-value-length); - } - if (j) return(j); - j=na-set-nb-set; - if (j) return(j); -} - -return(0); -} - -/* * compare two subjectNames. * OUT:0: equal * positive: @@ -430,16 +291,49 @@ eay_cmp_asn1dn(n1, n2) { X509_NAME *a = NULL, *b = NULL; caddr_t p; + char oneLine[512]; int i = -1; + int idx; p = n1-v; - if (!d2i_X509_NAME(a, (void *)p, n1-l)) + if (!d2i_X509_NAME(a, (void *)p, n1-l)) { + plog(LLV_ERROR, LOCATION, NULL, eay_cmp_asn1dn: first dn not a dn); goto end; + } + plog(LLV_DEBUG, LOCATION, NULL, 1st name: %s\n, X509_NAME_oneline(a, oneLine, sizeof(oneLine))); p = n2-v; - if (!d2i_X509_NAME(b, (void *)p, n2-l)) + if (!d2i_X509_NAME(b, (void *)p, n2-l)) { + plog(LLV_ERROR, LOCATION, NULL, eay_cmp_asn1dn: second dn not a dn); goto end; + } + plog(LLV_DEBUG, LOCATION, NULL, 2nd name: %s\n,
CVS commit: [ipsec-tools-0_8-branch] src/crypto/dist/ipsec-tools/src/racoon
Module Name:src Committed By: tteras Date: Mon Dec 24 14:50:39 UTC 2012 Modified Files: src/crypto/dist/ipsec-tools/src/racoon [ipsec-tools-0_8-branch]: crypto_openssl.c Log Message: From Götz Babin-Ebell g.babin-eb...@novamedia.de: Smarter X.509 subject name compare. To generate a diff of this commit: cvs rdiff -u -r1.20.4.2 -r1.20.4.3 \ src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c diff -u src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c:1.20.4.2 src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c:1.20.4.3 --- src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c:1.20.4.2 Mon Dec 24 08:48:08 2012 +++ src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c Mon Dec 24 14:50:39 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: crypto_openssl.c,v 1.20.4.2 2012/12/24 08:48:08 tteras Exp $ */ +/* $NetBSD: crypto_openssl.c,v 1.20.4.3 2012/12/24 14:50:39 tteras Exp $ */ /* Id: crypto_openssl.c,v 1.47 2006/05/06 20:42:09 manubsd Exp */ @@ -280,145 +280,6 @@ out: } /* - * The following are derived from code in crypto/x509/x509_cmp.c - * in OpenSSL0.9.7c: - * X509_NAME_wildcmp() adds wildcard matching to the original - * X509_NAME_cmp(), nocase_cmp() and nocase_spacenorm_cmp() are as is. - */ -#include ctype.h -/* Case insensitive string comparision */ -static int nocase_cmp(const ASN1_STRING *a, const ASN1_STRING *b) -{ - int i; - - if (a-length != b-length) - return (a-length - b-length); - - for (i=0; ia-length; i++) - { - int ca, cb; - - ca = tolower(a-data[i]); - cb = tolower(b-data[i]); - - if (ca != cb) - return(ca-cb); - } - return 0; -} - -/* Case insensitive string comparision with space normalization - * Space normalization - ignore leading, trailing spaces, - * multiple spaces between characters are replaced by single space - */ -static int nocase_spacenorm_cmp(const ASN1_STRING *a, const ASN1_STRING *b) -{ - unsigned char *pa = NULL, *pb = NULL; - int la, lb; - - la = a-length; - lb = b-length; - pa = a-data; - pb = b-data; - - /* skip leading spaces */ - while (la 0 isspace(*pa)) - { - la--; - pa++; - } - while (lb 0 isspace(*pb)) - { - lb--; - pb++; - } - - /* skip trailing spaces */ - while (la 0 isspace(pa[la-1])) - la--; - while (lb 0 isspace(pb[lb-1])) - lb--; - - /* compare strings with space normalization */ - while (la 0 lb 0) - { - int ca, cb; - - /* compare character */ - ca = tolower(*pa); - cb = tolower(*pb); - if (ca != cb) - return (ca - cb); - - pa++; pb++; - la--; lb--; - - if (la = 0 || lb = 0) - break; - - /* is white space next character ? */ - if (isspace(*pa) isspace(*pb)) - { - /* skip remaining white spaces */ - while (la 0 isspace(*pa)) - { -la--; -pa++; - } - while (lb 0 isspace(*pb)) - { -lb--; -pb++; - } - } - } - if (la 0 || lb 0) - return la - lb; - - return 0; -} - -static int X509_NAME_wildcmp(const X509_NAME *a, const X509_NAME *b) -{ -int i,j; -X509_NAME_ENTRY *na,*nb; - -if (sk_X509_NAME_ENTRY_num(a-entries) - != sk_X509_NAME_ENTRY_num(b-entries)) - return sk_X509_NAME_ENTRY_num(a-entries) - -sk_X509_NAME_ENTRY_num(b-entries); -for (i=sk_X509_NAME_ENTRY_num(a-entries)-1; i=0; i--) -{ - na=sk_X509_NAME_ENTRY_value(a-entries,i); - nb=sk_X509_NAME_ENTRY_value(b-entries,i); - j=OBJ_cmp(na-object,nb-object); - if (j) return(j); - if ((na-value-length == 1 na-value-data[0] == '*') - || (nb-value-length == 1 nb-value-data[0] == '*')) - continue; - j=na-value-type-nb-value-type; - if (j) return(j); - if (na-value-type == V_ASN1_PRINTABLESTRING) - j=nocase_spacenorm_cmp(na-value, nb-value); - else if (na-value-type == V_ASN1_IA5STRING - OBJ_obj2nid(na-object) == NID_pkcs9_emailAddress) - j=nocase_cmp(na-value, nb-value); - else - { - j=na-value-length-nb-value-length; - if (j) return(j); - j=memcmp(na-value-data,nb-value-data, - na-value-length); - } - if (j) return(j); - j=na-set-nb-set; - if (j) return(j); -} - -return(0); -} - -/* * compare two subjectNames. * OUT:0: equal * positive: @@ -430,16 +291,49 @@ eay_cmp_asn1dn(n1, n2) { X509_NAME *a = NULL, *b = NULL; caddr_t p; + char oneLine[512]; int i = -1; + int idx; p = n1-v; - if (!d2i_X509_NAME(a, (void *)p, n1-l)) + if (!d2i_X509_NAME(a, (void *)p, n1-l)) { + plog(LLV_ERROR, LOCATION, NULL, eay_cmp_asn1dn: first dn not a dn); goto end; + } + plog(LLV_DEBUG, LOCATION, NULL, 1st name: %s\n, X509_NAME_oneline(a, oneLine, sizeof(oneLine))); p = n2-v; - if (!d2i_X509_NAME(b, (void *)p, n2-l)) + if (!d2i_X509_NAME(b, (void *)p, n2-l)) { + plog(LLV_ERROR, LOCATION, NULL, eay_cmp_asn1dn: second dn not a dn);
CVS commit: src/external/bsd/cron/dist
Module Name:src Committed By: christos Date: Mon Dec 24 19:30:46 UTC 2012 Modified Files: src/external/bsd/cron/dist: database.c Log Message: PR/47362: Brian Marcotte: cron is too restrictive on file permissions Allow file being writable by owner. XXX: pullup to 6. To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 src/external/bsd/cron/dist/database.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/cron/dist/database.c diff -u src/external/bsd/cron/dist/database.c:1.7 src/external/bsd/cron/dist/database.c:1.8 --- src/external/bsd/cron/dist/database.c:1.7 Fri Oct 14 10:38:20 2011 +++ src/external/bsd/cron/dist/database.c Mon Dec 24 14:30:46 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: database.c,v 1.7 2011/10/14 14:38:20 christos Exp $ */ +/* $NetBSD: database.c,v 1.8 2012/12/24 19:30:46 christos Exp $ */ /* Copyright 1988,1990,1993,1994 by Paul Vixie * All rights reserved @@ -25,7 +25,7 @@ #if 0 static char rcsid[] = Id: database.c,v 1.7 2004/01/23 18:56:42 vixie Exp; #else -__RCSID($NetBSD: database.c,v 1.7 2011/10/14 14:38:20 christos Exp $); +__RCSID($NetBSD: database.c,v 1.8 2012/12/24 19:30:46 christos Exp $); #endif #endif @@ -237,7 +237,7 @@ process_crontab(const char *uname, const { struct passwd *pw = NULL; int crontab_fd = OK - 1; - mode_t eqmode = 0600, badmode = 0; + mode_t eqmode = 0400, badmode = 0; user *u; if (fname == NULL) { @@ -272,7 +272,7 @@ process_crontab(const char *uname, const log_it(fname, getpid(), NOT REGULAR, tabname); goto next_crontab; } - if ((eqmode (statbuf-st_mode 0) != eqmode) || + if ((eqmode (statbuf-st_mode 07577) != eqmode) || (badmode (statbuf-st_mode badmode) != 0)) { log_it(fname, getpid(), BAD FILE MODE, tabname); goto next_crontab;
CVS commit: src/usr.bin/ftp
Module Name:src Committed By: christos Date: Mon Dec 24 22:12:29 UTC 2012 Modified Files: src/usr.bin/ftp: ssl.c Log Message: backwards compatible with netbsd-6. To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/usr.bin/ftp/ssl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/ftp/ssl.c diff -u src/usr.bin/ftp/ssl.c:1.1 src/usr.bin/ftp/ssl.c:1.2 --- src/usr.bin/ftp/ssl.c:1.1 Fri Dec 21 13:07:36 2012 +++ src/usr.bin/ftp/ssl.c Mon Dec 24 17:12:28 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: ssl.c,v 1.1 2012/12/21 18:07:36 christos Exp $ */ +/* $NetBSD: ssl.c,v 1.2 2012/12/24 22:12:28 christos Exp $ */ /*- * Copyright (c) 1998-2004 Dag-Erling Coïdan Smørgrav @@ -33,7 +33,7 @@ #include sys/cdefs.h #ifndef lint -__RCSID($NetBSD: ssl.c,v 1.1 2012/12/21 18:07:36 christos Exp $); +__RCSID($NetBSD: ssl.c,v 1.2 2012/12/24 22:12:28 christos Exp $); #endif #include time.h @@ -248,7 +248,9 @@ struct fetch_connect * fetch_fdopen(int sd, const char *fmode) { struct fetch_connect *conn; +#if defined(SO_NOSIGPIPE) || defined(TCP_NOPUSH) int opt = 1; +#endif if ((conn = calloc(1, sizeof(*conn))) == NULL) return NULL; @@ -256,7 +258,9 @@ fetch_fdopen(int sd, const char *fmode) conn-sd = sd; conn-issock = 1; fcntl(sd, F_SETFD, FD_CLOEXEC); +#ifdef SO_NOSIGPIPE setsockopt(sd, SOL_SOCKET, SO_NOSIGPIPE, opt, sizeof(opt)); +#endif #ifdef TCP_NOPUSH setsockopt(sd, IPPROTO_TCP, TCP_NOPUSH, opt, sizeof(opt)); #endif
CVS commit: [matt-nb6-plus] src/gnu/dist/binutils
Module Name:src Committed By: matt Date: Mon Dec 24 22:16:19 UTC 2012 Modified Files: src/gnu/dist/binutils/gas/config [matt-nb6-plus]: tc-arm.c src/gnu/dist/binutils/opcodes [matt-nb6-plus]: arm-dis.c Log Message: Add support for the armv7 movw instruction. To generate a diff of this commit: cvs rdiff -u -r1.6.6.4 -r1.6.6.5 src/gnu/dist/binutils/gas/config/tc-arm.c cvs rdiff -u -r1.2.6.3 -r1.2.6.4 src/gnu/dist/binutils/opcodes/arm-dis.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/gnu/dist/binutils/gas/config/tc-arm.c diff -u src/gnu/dist/binutils/gas/config/tc-arm.c:1.6.6.4 src/gnu/dist/binutils/gas/config/tc-arm.c:1.6.6.5 --- src/gnu/dist/binutils/gas/config/tc-arm.c:1.6.6.4 Mon Dec 3 18:44:40 2012 +++ src/gnu/dist/binutils/gas/config/tc-arm.c Mon Dec 24 22:16:18 2012 @@ -6757,6 +6757,51 @@ do_dsb (char * str) } static void +do_movw (char * str) +{ + expressionS expr; + int reg; + + skip_whitespace (str); + + if ((reg = reg_required_here (str, 12)) == FAIL + || skip_past_comma (str) == FAIL) +return; + + if (reg == REG_PC) +{ + inst.error = BAD_PC; + return; +} + + if (is_immediate_prefix (*str)) +str++; + else +{ + inst.error = _(immediate expression expected); + return; +} + + if (my_get_expression (expr, str)) +return; + + if (expr.X_op != O_constant) +{ + inst.error = _(constant expression expected); + return; +} + + if ((expr.X_add_number 16) != 0) +{ + inst.error = _(invalid unsigned 16-bit value); + return; +} + + inst.instruction |= (expr.X_add_number 0xf000) 4; + inst.instruction |= (expr.X_add_number 0x0fff); +} + +static void do_bfci (char * str) { expressionS expr; @@ -10195,12 +10240,13 @@ static const struct asm_opcode insns[] = { smi, 0xe1600070, 3, ARM_EXT_V6Z, do_smi}, /* ARM V7A. */ + { bfi, 0xe7c00010, 3, ARM_EXT_V7A, do_bfci}, + { bfc, 0xe7c0001f, 3, ARM_EXT_V7A, do_bfci}, { dmb, 0xf57ff05f, 0, ARM_EXT_V7A, do_dsb}, { dsb, 0xf57ff04f, 0, ARM_EXT_V7A, do_dsb}, { isb, 0xf57ff06f, 0, ARM_EXT_V7A, do_dsb}, + { movw, 0xe300, 2, ARM_EXT_V7A, do_movw}, { sbfx, 0xe7a00050, 4, ARM_EXT_V7A, do_bfx}, - { bfi, 0xe7c00010, 3, ARM_EXT_V7A, do_bfci}, - { bfc, 0xe7c0001f, 3, ARM_EXT_V7A, do_bfci}, { ubfx, 0xe7e00050, 4, ARM_EXT_V7A, do_bfx}, /* Core FPA instruction set (V1). */ Index: src/gnu/dist/binutils/opcodes/arm-dis.c diff -u src/gnu/dist/binutils/opcodes/arm-dis.c:1.2.6.3 src/gnu/dist/binutils/opcodes/arm-dis.c:1.2.6.4 --- src/gnu/dist/binutils/opcodes/arm-dis.c:1.2.6.3 Wed Nov 21 08:52:09 2012 +++ src/gnu/dist/binutils/opcodes/arm-dis.c Mon Dec 24 22:16:19 2012 @@ -123,6 +123,7 @@ static const struct arm_opcode arm_opcod {ARM_EXT_V7A, 0x07a00050, 0x0fa00070, %22?usbfx%c\t%12-15r, %0-3r, #%7-11d, #%16-20W}, {ARM_EXT_V7A, 0x07c0001f, 0x0fa0007f, bfc%c\t%12-15R, %E}, {ARM_EXT_V7A, 0x07c00010, 0x0fa00070, bfi%c\t%12-15R, %0-3r, %E}, + {ARM_EXT_V7A, 0x0300, 0x0ff0, movw%c\t%12-15r, #%16-19,0-11d}, {ARM_EXT_V7A, 0xf57ff05f, 0x, dmb}, {ARM_EXT_V7A, 0xf57ff050, 0xfff0, dmb\t#%0-3d}, {ARM_EXT_V7A, 0xf57ff05f, 0x, dsb}, @@ -392,7 +393,8 @@ static const struct arm_opcode arm_opcod {ARM_EXT_V1, 0x00e0, 0x0de0, rsc%c%20's\t%12-15r, %16-19r, %o}, {ARM_EXT_V3, 0x0120f000, 0x0db0f000, msr%c\t%22?SCPSR%C, %o}, {ARM_EXT_V3, 0x010f, 0x0fbf0fff, mrs%c\t%12-15r, %22?SCPSR}, - {ARM_EXT_V1, 0x0100, 0x0de0, tst%c%p\t%16-19r, %o}, + {ARM_EXT_V1, 0x0110, 0x0df0, tst%c%p\t%16-19r, %o}, + {ARM_EXT_V1, 0x0310, 0x0df0, tst%c%p\t%16-19r, %o}, {ARM_EXT_V1, 0x0120, 0x0de0, teq%c%p\t%16-19r, %o}, {ARM_EXT_V1, 0x0140, 0x0de0, cmp%c%p\t%16-19r, %o}, {ARM_EXT_V1, 0x0160, 0x0de0, cmn%c%p\t%16-19r, %o}, @@ -1332,60 +1334,59 @@ print_insn_arm (pc, info, given) { int bitstart = *c++ - '0'; int bitend = 0; + long value = 0; + while (*c = '0' *c = '9') bitstart = (bitstart * 10) + *c++ - '0'; switch (*c) { case '-': - c++; + while (*c == '-') + { +c++; +bitend = 0; +while (*c = '0' *c = '9') + bitend = (bitend * 10) + *c++ - '0'; - while (*c = '0' *c = '9') - bitend = (bitend * 10) + *c++ - '0'; +if (!bitend) + abort (); - if (!bitend) - abort (); +if (*c == ',') + { +c++; +value = (bitend - bitstart + 1); +value |= (given ((2 bitend) - 1)) bitstart; + +bitstart = 0; +while (*c = '0' *c = '9') + bitstart = (bitstart * 10) + *c++ - '0'; + } + } + + value = (bitend - bitstart + 1); + value |=
CVS commit: src/sys/net/npf
Module Name:src Committed By: rmind Date: Mon Dec 24 23:11:25 UTC 2012 Modified Files: src/sys/net/npf: npf_inet.c Log Message: Silence gcc in npf_recache(). To generate a diff of this commit: cvs rdiff -u -r1.19 -r1.20 src/sys/net/npf/npf_inet.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/net/npf/npf_inet.c diff -u src/sys/net/npf/npf_inet.c:1.19 src/sys/net/npf/npf_inet.c:1.20 --- src/sys/net/npf/npf_inet.c:1.19 Mon Dec 24 19:05:43 2012 +++ src/sys/net/npf/npf_inet.c Mon Dec 24 23:11:25 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: npf_inet.c,v 1.19 2012/12/24 19:05:43 rmind Exp $ */ +/* $NetBSD: npf_inet.c,v 1.20 2012/12/24 23:11:25 rmind Exp $ */ /*- * Copyright (c) 2009-2012 The NetBSD Foundation, Inc. @@ -39,7 +39,7 @@ */ #include sys/cdefs.h -__KERNEL_RCSID(0, $NetBSD: npf_inet.c,v 1.19 2012/12/24 19:05:43 rmind Exp $); +__KERNEL_RCSID(0, $NetBSD: npf_inet.c,v 1.20 2012/12/24 23:11:25 rmind Exp $); #include sys/param.h #include sys/types.h @@ -487,7 +487,7 @@ again: void npf_recache(npf_cache_t *npc, nbuf_t *nbuf) { - const int mflags = npc-npc_info (NPC_IP46 | NPC_LAYER4); + const int mflags __unused = npc-npc_info (NPC_IP46 | NPC_LAYER4); int flags; nbuf_reset(nbuf);
CVS commit: src/sys/arch/evbarm/conf
Module Name:src Committed By: msaitoh Date: Tue Dec 25 05:04:56 UTC 2012 Modified Files: src/sys/arch/evbarm/conf: SHEEVAPLUG Log Message: Add ukphy. This change fixes the problem described in: http://mail-index.netbsd.org/port-arm/2012/12/20/msg001636.html To generate a diff of this commit: cvs rdiff -u -r1.26 -r1.27 src/sys/arch/evbarm/conf/SHEEVAPLUG Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/evbarm/conf/SHEEVAPLUG diff -u src/sys/arch/evbarm/conf/SHEEVAPLUG:1.26 src/sys/arch/evbarm/conf/SHEEVAPLUG:1.27 --- src/sys/arch/evbarm/conf/SHEEVAPLUG:1.26 Mon Dec 3 23:38:29 2012 +++ src/sys/arch/evbarm/conf/SHEEVAPLUG Tue Dec 25 05:04:56 2012 @@ -1,4 +1,4 @@ -# $NetBSD: SHEEVAPLUG,v 1.26 2012/12/03 23:38:29 msaitoh Exp $ +# $NetBSD: SHEEVAPLUG,v 1.27 2012/12/25 05:04:56 msaitoh Exp $ # # This configuration supports for generically Marvell SheevaPlug # @@ -200,7 +200,10 @@ mvsata* at mvsoc? offset ? irq ? # On-chip Gigabit Ethernet Controller Interface mvgbec* at mvsoc? offset ? mvgbe* at mvgbec? port ? irq ? + +# MII/PHY support makphy* at mii? phy ? +ukphy* at mii? phy ? # generic unknown PHYs # On-chip USB 2.0 Interface ehci* at mvsoc? offset ? irq ?