svn commit: r238968 - head/sbin/shutdown
Author: des
Date: Wed Aug 1 09:10:21 2012
New Revision: 238968
URL: http://svn.freebsd.org/changeset/base/238968
Log:
Restore a piece of BSD history.
PR: 169127
Submitted by: Ruben de Groot ru...@hacktor.com
MFC after:1 week
Modified:
head/sbin/shutdown/shutdown.c
Modified: head/sbin/shutdown/shutdown.c
==
--- head/sbin/shutdown/shutdown.c Wed Aug 1 09:00:26 2012
(r238967)
+++ head/sbin/shutdown/shutdown.c Wed Aug 1 09:10:21 2012
(r238968)
@@ -93,7 +93,7 @@ static char mbuf[BUFSIZ];
static const char *nosync, *whom;
static void badtime(void);
-static void perform_shutdown(void);
+static void die_you_gravy_sucking_pig_dog(void);
static void finish(int);
static void getoffset(char *);
static void loop(void);
@@ -282,7 +282,7 @@ loop(void)
if (!tp-timeleft)
break;
}
- perform_shutdown();
+ die_you_gravy_sucking_pig_dog();
}
static jmp_buf alarmbuf;
@@ -349,7 +349,7 @@ timeout(int signo __unused)
}
static void
-perform_shutdown(void)
+die_you_gravy_sucking_pig_dog(void)
{
char *empty_environ[] = { NULL };
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r238602 - head/usr.bin/du
Author: des
Date: Wed Jul 18 19:28:22 2012
New Revision: 238602
URL: http://svn.freebsd.org/changeset/base/238602
Log:
Add -g (gigabyte) flag to complement -k (kilobyte) and -m (megabyte).
MFC after:1 week
Modified:
head/usr.bin/du/du.1
head/usr.bin/du/du.c
Modified: head/usr.bin/du/du.1
==
--- head/usr.bin/du/du.1Wed Jul 18 18:10:27 2012(r238601)
+++ head/usr.bin/du/du.1Wed Jul 18 19:28:22 2012(r238602)
@@ -28,7 +28,7 @@
.\@(#)du.18.2 (Berkeley) 4/1/94
.\ $FreeBSD$
.\
-.Dd December 17, 2011
+.Dd July 18, 2012
.Dt DU 1
.Os
.Sh NAME
@@ -38,7 +38,7 @@
.Nm
.Op Fl Aclnx
.Op Fl H | L | P
-.Op Fl h | k | m
+.Op Fl g | h | k | m
.Op Fl a | s | d Ar depth
.Op Fl B Ar blocksize
.Op Fl I Ar mask
@@ -63,9 +63,9 @@ Calculate block counts in
.Ar blocksize
byte blocks.
This is different from the
-.Fl h, k
+.Fl h, k, m
and
-.Fl m
+.Fl g
options or setting
.Ev BLOCKSIZE
and gives an estimate of how much space the examined file hierarchy would
@@ -95,13 +95,15 @@ Display a grand total.
Display an entry for all files and directories
.Ar depth
directories deep.
+.It Fl g
+Display block counts in 1073741824-byte (1 GiB) blocks.
.It Fl h
.Dq Human-readable
output.
Use unit suffixes: Byte, Kilobyte, Megabyte,
Gigabyte, Terabyte and Petabyte.
.It Fl k
-Display block counts in 1024-byte (1-Kbyte) blocks.
+Display block counts in 1024-byte (1 kiB) blocks.
.It Fl l
If a file has multiple hard links, count its size multiple times.
The default behavior of
@@ -112,7 +114,7 @@ When the
option is specified, the hard link checks are disabled, and these files
are counted (and displayed) as many times as they are found.
.It Fl m
-Display block counts in 1048576-byte (1-Mbyte) blocks.
+Display block counts in 1048576-byte (1 MiB) blocks.
.It Fl n
Ignore files and directories with user
.Dq nodump
Modified: head/usr.bin/du/du.c
==
--- head/usr.bin/du/du.cWed Jul 18 18:10:27 2012(r238601)
+++ head/usr.bin/du/du.cWed Jul 18 19:28:22 2012(r238602)
@@ -109,7 +109,7 @@ main(int argc, char *argv[])
depth = INT_MAX;
SLIST_INIT(ignores);
- while ((ch = getopt(argc, argv, AB:HI:LPasd:chklmnrt:x)) != -1)
+ while ((ch = getopt(argc, argv, AB:HI:LPasd:cghklmnrt:x)) != -1)
switch (ch) {
case 'A':
Aflag = 1;
@@ -156,6 +156,10 @@ main(int argc, char *argv[])
case 'c':
cflag = 1;
break;
+ case 'g':
+ hflag = 0;
+ blocksize = 1073741824;
+ break;
case 'h':
hflag = 1;
break;
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r238605 - head/etc/rc.d
Author: des
Date: Wed Jul 18 23:01:23 2012
New Revision: 238605
URL: http://svn.freebsd.org/changeset/base/238605
Log:
Move -n ${_jail} before ${_flags} so that any -n options in ${_flags}
will override ours instead of the other way around.
Modified:
head/etc/rc.d/jail
Modified: head/etc/rc.d/jail
==
--- head/etc/rc.d/jail Wed Jul 18 21:47:50 2012(r238604)
+++ head/etc/rc.d/jail Wed Jul 18 23:01:23 2012(r238605)
@@ -641,7 +641,7 @@ jail_start()
i=$((i + 1))
done
- eval ${_setfib} jail ${_flags} -n ${_jail} -i ${_rootdir}
${_hostname} \
+ eval ${_setfib} jail -n ${_jail} ${_flags} -i ${_rootdir}
${_hostname} \
\${_addrl}\ ${_exec_start} ${_tmp_jail} 21 \
/dev/null
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r238481 - in stable/9: . bin/rcp etc include lib/libcrypt lib/libutil libexec/rshd release/picobsd/tinyware/passwd share/examples/etc sys/mips/rmi usr.bin/login usr.bin/passwd usr.bin/r...
Author: des
Date: Sun Jul 15 11:39:35 2012
New Revision: 238481
URL: http://svn.freebsd.org/changeset/base/238481
Log:
MFH r236751: document sha256 / sha512 support
MFH r236892: remove mention of auth.conf from programs that don't use it
MFH r236963: remove dead code relating to auth.conf
MFH r236965 r236966 r236967 r237005 r237006 r237011: retire auth.conf
Approved by:re
Deleted:
stable/9/etc/auth.conf
stable/9/lib/libutil/auth.3
stable/9/lib/libutil/auth.conf.5
Modified:
stable/9/ObsoleteFiles.inc (contents, props changed)
stable/9/bin/rcp/rcp.1
stable/9/etc/Makefile
stable/9/include/paths.h
stable/9/lib/libcrypt/Makefile
stable/9/lib/libcrypt/crypt.3
stable/9/lib/libcrypt/crypt.c
stable/9/lib/libutil/Makefile
stable/9/lib/libutil/auth.c
stable/9/lib/libutil/login.conf.5
stable/9/lib/libutil/property.3
stable/9/libexec/rshd/rshd.8
stable/9/release/picobsd/tinyware/passwd/passwd.c
stable/9/share/examples/etc/README.examples
stable/9/sys/mips/rmi/rootfs_list.txt
stable/9/usr.bin/login/login.1
stable/9/usr.bin/passwd/passwd.1
stable/9/usr.bin/rlogin/rlogin.1
stable/9/usr.bin/rsh/rsh.1
Directory Properties:
stable/9/ (props changed)
stable/9/bin/rcp/ (props changed)
stable/9/etc/ (props changed)
stable/9/include/ (props changed)
stable/9/lib/libcrypt/ (props changed)
stable/9/lib/libutil/ (props changed)
stable/9/libexec/rshd/ (props changed)
stable/9/release/picobsd/tinyware/passwd/ (props changed)
stable/9/share/examples/etc/ (props changed)
stable/9/sys/ (props changed)
stable/9/usr.bin/login/ (props changed)
stable/9/usr.bin/passwd/ (props changed)
stable/9/usr.bin/rlogin/ (props changed)
stable/9/usr.bin/rsh/ (props changed)
Modified: stable/9/ObsoleteFiles.inc
==
--- stable/9/ObsoleteFiles.inc Sun Jul 15 11:28:03 2012(r238480)
+++ stable/9/ObsoleteFiles.inc Sun Jul 15 11:39:35 2012(r238481)
@@ -38,6 +38,11 @@
# xargs -n1 | sort | uniq -d;
# done
+# 20120713: auth.conf removed
+OLD_FILES+=etc/auth.conf
+OLD_FILES+=usr/share/examples/etc/auth.conf
+OLD_FILES+=usr/share/man/man3/auth.3.gz
+OLD_FILES+=usr/share/man/man5/auth.conf.5.gz
# 20120415: new clang import which bumps version from 3.0 to 3.1
OLD_FILES+=usr/include/clang/3.0/altivec.h
OLD_FILES+=usr/include/clang/3.0/avxintrin.h
Modified: stable/9/bin/rcp/rcp.1
==
--- stable/9/bin/rcp/rcp.1 Sun Jul 15 11:28:03 2012(r238480)
+++ stable/9/bin/rcp/rcp.1 Sun Jul 15 11:39:35 2012(r238481)
@@ -116,17 +116,11 @@ The
.Nm
utility handles third party copies, where neither source nor target files
are on the current machine.
-.Sh FILES
-.Bl -tag -width .Pa /etc/auth.conf -compact
-.It Pa /etc/auth.conf
-configure authentication services
-.El
.Sh SEE ALSO
.Xr cp 1 ,
.Xr ftp 1 ,
.Xr rlogin 1 ,
.Xr rsh 1 ,
-.Xr auth.conf 5 ,
.Xr hosts.equiv 5
.Sh HISTORY
The
Modified: stable/9/etc/Makefile
==
--- stable/9/etc/Makefile Sun Jul 15 11:28:03 2012(r238480)
+++ stable/9/etc/Makefile Sun Jul 15 11:39:35 2012(r238481)
@@ -7,18 +7,47 @@
SUBDIR=sendmail
.endif
-BIN1= auth.conf \
- crontab devd.conf devfs.conf \
- ddb.conf dhclient.conf disktab fbtab \
- ftpusers gettytab group \
- hosts hosts.allow hosts.equiv \
- inetd.conf libalias.conf login.access login.conf mac.conf motd \
- netconfig network.subr networks newsyslog.conf nsswitch.conf \
- phones profile protocols \
- rc rc.bsdextended rc.firewall rc.initdiskless \
- rc.sendmail rc.shutdown \
- rc.subr remote rpc services shells \
- sysctl.conf syslog.conf termcap.small
+BIN1= crontab \
+ devd.conf \
+ devfs.conf \
+ ddb.conf \
+ dhclient.conf \
+ disktab \
+ fbtab \
+ ftpusers \
+ gettytab \
+ group \
+ hosts \
+ hosts.allow \
+ hosts.equiv \
+ inetd.conf \
+ libalias.conf \
+ login.access \
+ login.conf \
+ mac.conf \
+ motd \
+ netconfig \
+ network.subr \
+ networks \
+ newsyslog.conf \
+ nsswitch.conf \
+ phones \
+ profile \
+ protocols \
+ rc \
+ rc.bsdextended \
+ rc.firewall \
+ rc.initdiskless \
+ rc.sendmail \
+ rc.shutdown \
+ rc.subr \
+ remote \
+ rpc \
+ services \
+ shells \
+ sysctl.conf \
+ syslog.conf \
+ termcap.small
.if exists(${.CURDIR}/etc.${MACHINE}/ttys)
BIN1+= etc.${MACHINE}/ttys
Modified: stable/9/include/paths.h
==
--- stable/9/include/paths.hSun Jul 15
svn commit: r238484 - in stable/9: etc lib/libutil
Author: des Date: Sun Jul 15 12:00:47 2012 New Revision: 238484 URL: http://svn.freebsd.org/changeset/base/238484 Log: MFH r237269: switch default password hash to sha512. Approved by:re Modified: stable/9/etc/login.conf stable/9/lib/libutil/login.conf.5 Directory Properties: stable/9/etc/ (props changed) stable/9/lib/libutil/ (props changed) Modified: stable/9/etc/login.conf == --- stable/9/etc/login.conf Sun Jul 15 11:52:24 2012(r238483) +++ stable/9/etc/login.conf Sun Jul 15 12:00:47 2012(r238484) @@ -23,7 +23,7 @@ # AND SEMANTICS'' section of getcap(3) for more escape sequences). default:\ - :passwd_format=md5:\ + :passwd_format=sha512:\ :copyright=/etc/COPYRIGHT:\ :welcome=/etc/motd:\ :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\ Modified: stable/9/lib/libutil/login.conf.5 == --- stable/9/lib/libutil/login.conf.5 Sun Jul 15 11:52:24 2012 (r238483) +++ stable/9/lib/libutil/login.conf.5 Sun Jul 15 12:00:47 2012 (r238484) @@ -267,7 +267,7 @@ The backoff delay is the number of tries multiplied by 5 seconds. .It login-retries number 10 The number of login attempts allowed before the login fails. -.It passwd_format string md5 The encryption format that new or +.It passwd_format string sha512 The encryption format that new or changed passwords will use. Valid values include des, md5, blf, sha256 and sha512; see .Xr crypt 3 ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r238485 - stable/9/etc
Author: des Date: Sun Jul 15 12:13:15 2012 New Revision: 238485 URL: http://svn.freebsd.org/changeset/base/238485 Log: MFH r237270: no need to specify passive mode, it is the default. Approved by: re Modified: stable/9/etc/login.conf Directory Properties: stable/9/etc/ (props changed) Modified: stable/9/etc/login.conf == --- stable/9/etc/login.conf Sun Jul 15 12:00:47 2012(r238484) +++ stable/9/etc/login.conf Sun Jul 15 12:13:15 2012(r238485) @@ -26,7 +26,7 @@ default:\ :passwd_format=sha512:\ :copyright=/etc/COPYRIGHT:\ :welcome=/etc/motd:\ - :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\ + :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\ :path=/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin ~/bin:\ :nologin=/var/run/nologin:\ :cputime=unlimited:\ ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r238102 - head/etc/rc.d
Author: des
Date: Wed Jul 4 13:37:44 2012
New Revision: 238102
URL: http://svn.freebsd.org/changeset/base/238102
Log:
Name jails automatically.
MFC after:1 week
Modified:
head/etc/rc.d/jail
Modified: head/etc/rc.d/jail
==
--- head/etc/rc.d/jail Wed Jul 4 13:00:48 2012(r238101)
+++ head/etc/rc.d/jail Wed Jul 4 13:37:44 2012(r238102)
@@ -641,7 +641,7 @@ jail_start()
i=$((i + 1))
done
- eval ${_setfib} jail ${_flags} -i ${_rootdir} ${_hostname} \
+ eval ${_setfib} jail ${_flags} -n ${_jail} -i ${_rootdir}
${_hostname} \
\${_addrl}\ ${_exec_start} ${_tmp_jail} 21 \
/dev/null
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r238105 - vendor/ldns/1.6.13
Author: des Date: Wed Jul 4 14:23:28 2012 New Revision: 238105 URL: http://svn.freebsd.org/changeset/base/238105 Log: tag ldns 1.6.13 Added: vendor/ldns/1.6.13/ - copied from r238104, vendor/ldns/dist/ ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r238107 - vendor/unbound/1.4.17
Author: des Date: Wed Jul 4 14:25:14 2012 New Revision: 238107 URL: http://svn.freebsd.org/changeset/base/238107 Log: tag unbound 1.4.17 Added: vendor/unbound/1.4.17/ - copied from r238106, vendor/unbound/dist/ ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r237269 - in head: etc lib/libutil
Author: des Date: Tue Jun 19 14:46:18 2012 New Revision: 237269 URL: http://svn.freebsd.org/changeset/base/237269 Log: Switch the default password hash from md5 to sha512. MFC after:1 week Modified: head/etc/login.conf head/lib/libutil/login.conf.5 Modified: head/etc/login.conf == --- head/etc/login.conf Tue Jun 19 11:39:56 2012(r237268) +++ head/etc/login.conf Tue Jun 19 14:46:18 2012(r237269) @@ -23,7 +23,7 @@ # AND SEMANTICS'' section of getcap(3) for more escape sequences). default:\ - :passwd_format=md5:\ + :passwd_format=sha512:\ :copyright=/etc/COPYRIGHT:\ :welcome=/etc/motd:\ :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\ Modified: head/lib/libutil/login.conf.5 == --- head/lib/libutil/login.conf.5 Tue Jun 19 11:39:56 2012 (r237268) +++ head/lib/libutil/login.conf.5 Tue Jun 19 14:46:18 2012 (r237269) @@ -267,7 +267,7 @@ The backoff delay is the number of tries multiplied by 5 seconds. .It login-retries number 10 The number of login attempts allowed before the login fails. -.It passwd_format string md5 The encryption format that new or +.It passwd_format string sha512 The encryption format that new or changed passwords will use. Valid values include des, md5, blf, sha256 and sha512; see .Xr crypt 3 ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r237157 - in stable/7/lib: libcrypt libmd
Author: des
Date: Sat Jun 16 09:17:21 2012
New Revision: 237157
URL: http://svn.freebsd.org/changeset/base/237157
Log:
Backport sha512 support.
Added:
stable/7/lib/libcrypt/crypt-sha256.c
- copied, changed from r220498, head/lib/libcrypt/crypt-sha256.c
stable/7/lib/libcrypt/crypt-sha512.c
- copied, changed from r220498, head/lib/libcrypt/crypt-sha512.c
stable/7/lib/libmd/sha512.3
- copied, changed from r220496, head/lib/libmd/sha512.3
stable/7/lib/libmd/sha512.h
- copied unchanged from r220496, head/lib/libmd/sha512.h
stable/7/lib/libmd/sha512c.c
- copied unchanged from r220496, head/lib/libmd/sha512c.c
Modified:
stable/7/lib/libcrypt/Makefile
stable/7/lib/libcrypt/crypt.3
stable/7/lib/libcrypt/crypt.c
stable/7/lib/libcrypt/crypt.h
stable/7/lib/libcrypt/misc.c
stable/7/lib/libmd/Makefile
stable/7/lib/libmd/mddriver.c
stable/7/lib/libmd/rmddriver.c
stable/7/lib/libmd/sha256.3
stable/7/lib/libmd/shadriver.c
Directory Properties:
stable/7/lib/libcrypt/ (props changed)
stable/7/lib/libmd/ (props changed)
Modified: stable/7/lib/libcrypt/Makefile
==
--- stable/7/lib/libcrypt/Makefile Sat Jun 16 06:38:11 2012
(r237156)
+++ stable/7/lib/libcrypt/Makefile Sat Jun 16 09:17:21 2012
(r237157)
@@ -12,7 +12,9 @@ LIB= crypt
.PATH: ${.CURDIR}/../libmd
SRCS= crypt.c misc.c \
crypt-md5.c md5c.c \
- crypt-nthash.c md4c.c
+ crypt-nthash.c md4c.c \
+ crypt-sha256.c sha256c.c \
+ crypt-sha512.c sha512c.c
MAN= crypt.3
MLINKS=crypt.3 crypt_get_format.3 crypt.3 crypt_set_format.3
CFLAGS+= -I${.CURDIR}/../libmd -I${.CURDIR}/../libutil
@@ -29,7 +31,9 @@ CFLAGS+= -I${.CURDIR} -DHAS_DES -DHAS_BL
SRCS+= auth.c property.c
.for sym in auth_getval property_find properties_read properties_free \
MD4Init MD4Final MD4Update MD4Pad \
- MD5Init MD5Final MD5Update MD5Pad
+ MD5Init MD5Final MD5Update MD5Pad \
+ SHA256_Init SHA256_Final SHA256_Update \
+ SHA512_Init SHA512_Final SHA512_Update
CFLAGS+= -D${sym}=__${sym}
.endfor
Copied and modified: stable/7/lib/libcrypt/crypt-sha256.c (from r220498,
head/lib/libcrypt/crypt-sha256.c)
==
--- head/lib/libcrypt/crypt-sha256.cSat Apr 9 14:09:46 2011
(r220498, copy source)
+++ stable/7/lib/libcrypt/crypt-sha256.cSat Jun 16 09:17:21 2012
(r237157)
@@ -60,7 +60,7 @@ static const char sha256_rounds_prefix[]
#define ROUNDS_MAX 9
static char *
-sha256_crypt_r(const char *key, const char *salt, char *buffer, int buflen)
+crypt_sha256_r(const char *key, const char *salt, char *buffer, int buflen)
{
u_long srounds;
int n;
@@ -210,7 +210,9 @@ sha256_crypt_r(const char *key, const ch
/* Now we can construct the result string. It consists of three
* parts. */
- cp = stpncpy(buffer, sha256_salt_prefix, MAX(0, buflen));
+ cp = buffer;
+ strncpy(buffer, sha256_salt_prefix, MAX(0, buflen));
+ cp += sizeof(sha256_salt_prefix) - 1;
buflen -= sizeof(sha256_salt_prefix) - 1;
if (rounds_custom) {
@@ -221,7 +223,8 @@ sha256_crypt_r(const char *key, const ch
buflen -= n;
}
- cp = stpncpy(cp, salt, MIN((size_t)MAX(0, buflen), salt_len));
+ strncpy(cp, salt, MIN((size_t)MAX(0, buflen), salt_len));
+ cp += MIN((size_t)MAX(0, buflen), salt_len);
buflen -= MIN((size_t)MAX(0, buflen), salt_len);
if (buflen 0) {
@@ -268,12 +271,12 @@ sha256_crypt_r(const char *key, const ch
/* This entry point is equivalent to crypt(3). */
char *
-sha256_crypt(const char *key, const char *salt)
+crypt_sha256(const char *key, const char *salt)
{
/* We don't want to have an arbitrary limit in the size of the
* password. We can compute an upper bound for the size of the
* result in advance and so we can prepare the buffer we pass to
-* `sha256_crypt_r'. */
+* `crypt_sha256_r'. */
static char *buffer;
static int buflen;
int needed;
@@ -293,7 +296,7 @@ sha256_crypt(const char *key, const char
buflen = needed;
}
- return sha256_crypt_r(key, salt, buffer, buflen);
+ return crypt_sha256_r(key, salt, buffer, buflen);
}
#ifdef TEST
@@ -459,7 +462,7 @@ main(void)
}
for (cnt = 0; cnt ntests2; ++cnt) {
- char *cp = sha256_crypt(tests2[cnt].input, tests2[cnt].salt);
+ char *cp = crypt_sha256(tests2[cnt].input, tests2[cnt].salt);
if (strcmp(cp, tests2[cnt].expected) != 0) {
printf(test %d: expected \%s\, got \%s\\n,
Copied and
svn commit: r237005 - head
Author: des Date: Wed Jun 13 11:59:03 2012 New Revision: 237005 URL: http://svn.freebsd.org/changeset/base/237005 Log: Remove auth.conf and related files. Submitted by: trhodes@ MFC after:3 weeks Modified: head/ObsoleteFiles.inc Modified: head/ObsoleteFiles.inc == --- head/ObsoleteFiles.inc Wed Jun 13 10:42:55 2012(r237004) +++ head/ObsoleteFiles.inc Wed Jun 13 11:59:03 2012(r237005) @@ -38,6 +38,10 @@ # xargs -n1 | sort | uniq -d; # done +# 20120613: auth.conf removed +OLD_FILES+=/etc/auth.conf +OLD_FILES+=/usr/share/man/man3/auth.3.gz +OLD_FILES+=/usr/share/man/man5/auth.conf.5.gz # 20120530: kde pam lives now in ports OLD_FILES+=/etc/pam.d/kde # 20120505: new clang import installed a redundant internal header ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r237006 - head
Author: des Date: Wed Jun 13 11:59:47 2012 New Revision: 237006 URL: http://svn.freebsd.org/changeset/base/237006 Log: Remove leading / MFC after:3 weeks Modified: head/ObsoleteFiles.inc Modified: head/ObsoleteFiles.inc == --- head/ObsoleteFiles.inc Wed Jun 13 11:59:03 2012(r237005) +++ head/ObsoleteFiles.inc Wed Jun 13 11:59:47 2012(r237006) @@ -39,11 +39,11 @@ # done # 20120613: auth.conf removed -OLD_FILES+=/etc/auth.conf -OLD_FILES+=/usr/share/man/man3/auth.3.gz -OLD_FILES+=/usr/share/man/man5/auth.conf.5.gz +OLD_FILES+=etc/auth.conf +OLD_FILES+=usr/share/man/man3/auth.3.gz +OLD_FILES+=usr/share/man/man5/auth.conf.5.gz # 20120530: kde pam lives now in ports -OLD_FILES+=/etc/pam.d/kde +OLD_FILES+=etc/pam.d/kde # 20120505: new clang import installed a redundant internal header OLD_FILES+=usr/include/clang/3.1/stdalign.h # 20120428: MD2 removed from libmd ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r237011 - head
Author: des Date: Wed Jun 13 16:40:47 2012 New Revision: 237011 URL: http://svn.freebsd.org/changeset/base/237011 Log: Also remove /usr/share/examples/etc/auth.conf, which I didn't even realize existed. Noticed by: Andrey Zonov and...@zonov.org MFC after:3 weeks Modified: head/ObsoleteFiles.inc Modified: head/ObsoleteFiles.inc == --- head/ObsoleteFiles.inc Wed Jun 13 16:12:30 2012(r237010) +++ head/ObsoleteFiles.inc Wed Jun 13 16:40:47 2012(r237011) @@ -40,6 +40,7 @@ # 20120613: auth.conf removed OLD_FILES+=etc/auth.conf +OLD_FILES+=usr/share/examples/etc/auth.conf OLD_FILES+=usr/share/man/man3/auth.3.gz OLD_FILES+=usr/share/man/man5/auth.conf.5.gz # 20120530: kde pam lives now in ports ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236963 - head/release/picobsd/tinyware/passwd
Author: des
Date: Tue Jun 12 15:32:14 2012
New Revision: 236963
URL: http://svn.freebsd.org/changeset/base/236963
Log:
Remove dead code.
Modified:
head/release/picobsd/tinyware/passwd/passwd.c
Modified: head/release/picobsd/tinyware/passwd/passwd.c
==
--- head/release/picobsd/tinyware/passwd/passwd.c Tue Jun 12 15:04:18
2012(r236962)
+++ head/release/picobsd/tinyware/passwd/passwd.c Tue Jun 12 15:32:14
2012(r236963)
@@ -64,10 +64,6 @@ int yp_errno = YP_TRUE;
extern int yp_passwd( char * );
#endif
-#ifdef KERBEROS
-#include krb.h
-#endif
-
#include extern.h
static void usage(void);
@@ -81,26 +77,12 @@ main(argc, argv)
{
int ch;
char *uname;
-#ifdef KERBEROS
- char *iflag = 0, *rflag = 0, *uflag = 0;
- char *k;
-#endif
#ifdef YP
-#ifdef KERBEROS
- char realm[REALM_SZ];
-#define OPTIONS d:h:lysfoi:r:u:
-#else
#define OPTIONS d:h:lysfo
-#endif
-#else
-#ifdef KERBEROS
- char realm[REALM_SZ];
-#define OPTIONS li:r:u:
#else
#define OPTIONS l
#endif
-#endif
#ifdef YP
int res = 0;
@@ -113,17 +95,6 @@ main(argc, argv)
case 'l': /* change local password file */
use_local_passwd = 1;
break;
-#ifdef KERBEROS
- case 'i':
- iflag = optarg;
- break;
- case 'r':
- rflag = optarg;
- break;
- case 'u':
- uflag = optarg;
- break;
-#endif /* KERBEROS */
#ifdef YP
case 'y': /* Change NIS password */
__use_yp = 1;
@@ -182,46 +153,29 @@ main(argc, argv)
/*
* If NIS is turned on in the password database, use it, else punt.
*/
-#ifdef KERBEROS
- if (__use_yp || (iflag == NULL rflag == NULL uflag == NULL)) {
-#endif
- res = use_yp(uname, 0, 0);
- if (res == USER_YP_ONLY) {
- if (!use_local_passwd) {
- exit(yp_passwd(uname));
- } else {
+ res = use_yp(uname, 0, 0);
+ if (res == USER_YP_ONLY) {
+ if (!use_local_passwd) {
+ exit(yp_passwd(uname));
+ } else {
/*
* Reject -l flag if NIS is turned on and the user
* doesn't exist in the local password database.
*/
- errx(1, unknown local user: %s, uname);
- }
- } else if (res == USER_LOCAL_ONLY) {
- /*
-* Reject -y flag if user only exists locally.
-*/
- if (__use_yp)
- errx(1, unknown NIS user: %s, uname);
- } else if (res == USER_YP_AND_LOCAL) {
- if (!use_local_passwd (yp_in_pw_file || __use_yp))
- exit(yp_passwd(uname));
+ errx(1, unknown local user: %s, uname);
}
-#ifdef KERBEROS
+ } else if (res == USER_LOCAL_ONLY) {
+ /*
+* Reject -y flag if user only exists locally.
+*/
+ if (__use_yp)
+ errx(1, unknown NIS user: %s, uname);
+ } else if (res == USER_YP_AND_LOCAL) {
+ if (!use_local_passwd (yp_in_pw_file || __use_yp))
+ exit(yp_passwd(uname));
}
#endif
-#endif
- if (!use_local_passwd) {
-#ifdef KERBEROS
- k = auth_getval(auth_list);
- if (k strstr(k, kerberos))
- if(krb_get_lrealm(realm, 0) == KSUCCESS) {
- setuid(getuid());
- fprintf(stderr, realm %s\n, realm);
- exit(krb_passwd(argv[0], iflag, rflag, uflag));
- }
-#endif
- }
exit(local_passwd(uname));
}
@@ -230,21 +184,10 @@ usage()
{
#ifdef YP
-#ifdef KERBEROS
- fprintf(stderr, %s\n%s\n,
- usage: passwd [-l] [-i instance] [-r realm] [-u fullname],
- passwd [-l] [-y] [-o] [-d domain [-h host]] [user]);
-#else
(void)fprintf(stderr,
usage: passwd [-l] [-y] [-o] [-d domain [-h host]] [user]\n);
-#endif
#else
-#ifdef KERBEROS
- fprintf(stderr,
- usage: passwd [-l] [-i instance] [-r realm] [-u fullname]
[user]\n);
-#else
- (void)fprintf(stderr, usage: passwd user\n);
-#endif
+ (void)fprintf(stderr, usage: passwd [-l] user\n);
#endif
exit(1);
}
___
svn-src-all@freebsd.org mailing list
svn commit: r236965 - in head: etc include lib/libutil share/examples/etc
Author: des
Date: Tue Jun 12 17:02:53 2012
New Revision: 236965
URL: http://svn.freebsd.org/changeset/base/236965
Log:
Finally nuke auth.conf, nine years after it was deprecated. The only
thing it was still used for was to set the global default password
hash. Since the stock auth.conf contained nothing but comments, the
global default was actually the first algorithm in crypt(3)'s list,
which happens to be DES; I take the fact that nobody noticed as proof
that it was not used outside of crypt(3).
The only other use in our tree was in the Kerberos support code in
in tinyware's passwd(1). I removed that code in an earlier commit;
it would not have compiled anyway, as it only supported Kerberos IV.
The auth_getval() function is now a stub that always returns NULL,
which has the same effect as a functional auth_getval() with an
empty auth.conf.
MFC after:3 weeks
Deleted:
head/etc/auth.conf
head/lib/libutil/auth.3
head/lib/libutil/auth.conf.5
Modified:
head/etc/Makefile
head/include/paths.h
head/lib/libutil/Makefile
head/lib/libutil/auth.c
head/lib/libutil/property.3
head/share/examples/etc/README.examples
Modified: head/etc/Makefile
==
--- head/etc/Makefile Tue Jun 12 16:07:03 2012(r236964)
+++ head/etc/Makefile Tue Jun 12 17:02:53 2012(r236965)
@@ -7,8 +7,7 @@
SUBDIR=sendmail
.endif
-BIN1= auth.conf \
- crontab \
+BIN1= crontab \
devd.conf \
devfs.conf \
ddb.conf \
Modified: head/include/paths.h
==
--- head/include/paths.hTue Jun 12 16:07:03 2012(r236964)
+++ head/include/paths.hTue Jun 12 17:02:53 2012(r236965)
@@ -42,7 +42,6 @@
/* Locate system binaries. */
#define_PATH_SYSPATH /sbin:/usr/sbin
-#define_PATH_AUTHCONF /etc/auth.conf
#define_PATH_BSHELL/bin/sh
#define_PATH_CAPABILITY/etc/capability
#define_PATH_CAPABILITY_DB /etc/capability.db
Modified: head/lib/libutil/Makefile
==
--- head/lib/libutil/Makefile Tue Jun 12 16:07:03 2012(r236964)
+++ head/lib/libutil/Makefile Tue Jun 12 17:02:53 2012(r236965)
@@ -25,14 +25,13 @@ CFLAGS+= -DINET6
CFLAGS+= -I${.CURDIR} -I${.CURDIR}/../libc/gen/
-MAN+= auth.3 expand_number.3 flopen.3 fparseln.3 hexdump.3 \
+MAN+= expand_number.3 flopen.3 fparseln.3 hexdump.3 \
humanize_number.3 kinfo_getallproc.3 kinfo_getfile.3 \
kinfo_getproc.3 kinfo_getvmmap.3 kld.3 login_auth.3 login_cap.3 \
login_class.3 login_ok.3 login_times.3 login_tty.3 pidfile.3 \
property.3 pty.3 quotafile.3 realhostname.3 realhostname_sa.3 \
_secure_path.3 trimdomain.3 uucplock.3
-MAN+= auth.conf.5 login.conf.5
-MLINKS+= auth.3 auth_getval.3
+MAN+= login.conf.5
MLINKS+= kld.3 kld_isloaded.3 kld.3 kld_load.3
MLINKS+=login_auth.3 auth_cat.3 login_auth.3 auth_checknologin.3
MLINKS+=login_cap.3 login_close.3 login_cap.3 login_getcapbool.3 \
Modified: head/lib/libutil/auth.c
==
--- head/lib/libutil/auth.c Tue Jun 12 16:07:03 2012(r236964)
+++ head/lib/libutil/auth.c Tue Jun 12 17:02:53 2012(r236965)
@@ -31,40 +31,14 @@
#include sys/cdefs.h
__FBSDID($FreeBSD$);
-#include sys/types.h
-#include fcntl.h
-#include libutil.h
-#include paths.h
-#include syslog.h
-#include unistd.h
-
-static properties P;
-
-static int
-initauthconf(const char *path)
-{
-int fd;
+#include stdlib.h
-if (!P) {
- if ((fd = open(path, O_RDONLY)) 0) {
- syslog(LOG_ERR, initauthconf: unable to open file: %s, path);
- return 1;
- }
- P = properties_read(fd);
- close(fd);
- if (!P) {
- syslog(LOG_ERR, initauthconf: unable to parse file: %s, path);
- return 1;
- }
-}
-return 0;
-}
+#include libutil.h
char *
auth_getval(const char *name)
{
-if (!P initauthconf(_PATH_AUTHCONF))
- return NULL;
-else
- return property_find(P, name);
+
+ (void)name;
+ return (NULL);
}
Modified: head/lib/libutil/property.3
==
--- head/lib/libutil/property.3 Tue Jun 12 16:07:03 2012(r236964)
+++ head/lib/libutil/property.3 Tue Jun 12 17:02:53 2012(r236965)
@@ -90,8 +90,6 @@ are desired, the entire value should be
characters.
Any line beginning with a # or ; character is assumed to
be a comment and will be ignored.
-.Sh SEE ALSO
-.Xr auth_getval 3
.Sh AUTHORS
.An Jordan Hubbard
.Sh BUGS
Modified: head/share/examples/etc/README.examples
==
svn commit: r236966 - head/sys/mips/rmi
Author: des Date: Tue Jun 12 17:04:56 2012 New Revision: 236966 URL: http://svn.freebsd.org/changeset/base/236966 Log: auth.conf is dead. Modified: head/sys/mips/rmi/rootfs_list.txt Modified: head/sys/mips/rmi/rootfs_list.txt == --- head/sys/mips/rmi/rootfs_list.txt Tue Jun 12 17:02:53 2012 (r236965) +++ head/sys/mips/rmi/rootfs_list.txt Tue Jun 12 17:04:56 2012 (r236966) @@ -1,3 +1,5 @@ +# $FreeBSD$ +# # This is the list of files that # should be in your rootfs (copy it from # the build world nfsmount dir. When the rge0 @@ -321,7 +323,6 @@ ./etc/ssh/moduli ./etc/ssl ./etc/ssl/openssl.cnf -./etc/auth.conf ./etc/crontab ./etc/devd.conf ./etc/devfs.conf ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236967 - head/lib/libcrypt
Author: des
Date: Tue Jun 12 17:14:19 2012
New Revision: 236967
URL: http://svn.freebsd.org/changeset/base/236967
Log:
Stop using auth_getval() now that it always returns NULL. Instead,
hardcode the default to what it would be if we didn't hardcode it,
i.e. DES if supported and MD5 otherwise.
MFC after:3 weeks
Modified:
head/lib/libcrypt/Makefile
head/lib/libcrypt/crypt.3
head/lib/libcrypt/crypt.c
Modified: head/lib/libcrypt/Makefile
==
--- head/lib/libcrypt/Makefile Tue Jun 12 17:04:56 2012(r236966)
+++ head/lib/libcrypt/Makefile Tue Jun 12 17:14:19 2012(r236967)
@@ -26,11 +26,7 @@ SRCS+= crypt-des.c crypt-blowfish.c blo
CFLAGS+= -I${.CURDIR} -DHAS_DES -DHAS_BLOWFISH
.endif
-# And the auth_getval() code and support.
-.PATH: ${.CURDIR}/../libutil
-SRCS+= auth.c property.c
-.for sym in auth_getval property_find properties_read properties_free \
- MD4Init MD4Final MD4Update MD4Pad \
+.for sym in MD4Init MD4Final MD4Update MD4Pad \
MD5Init MD5Final MD5Update MD5Pad \
SHA256_Init SHA256_Final SHA256_Update \
SHA512_Init SHA512_Final SHA512_Update
Modified: head/lib/libcrypt/crypt.3
==
--- head/lib/libcrypt/crypt.3 Tue Jun 12 17:04:56 2012(r236966)
+++ head/lib/libcrypt/crypt.3 Tue Jun 12 17:14:19 2012(r236967)
@@ -238,12 +238,6 @@ The
.Fn crypt_set_format
function sets the default encoding format according to the supplied
.Fa string .
-.Pp
-The global default format can be set using the
-.Pa /etc/auth.conf
-file using the
-.Va crypt_default
-property.
.Sh RETURN VALUES
The
.Fn crypt
@@ -260,9 +254,7 @@ Otherwise, a value of 0 is returned.
.Sh SEE ALSO
.Xr login 1 ,
.Xr passwd 1 ,
-.Xr auth_getval 3 ,
.Xr getpass 3 ,
-.Xr auth.conf 5 ,
.Xr passwd 5
.Sh HISTORY
A rotor-based
Modified: head/lib/libcrypt/crypt.c
==
--- head/lib/libcrypt/crypt.c Tue Jun 12 17:04:56 2012(r236966)
+++ head/lib/libcrypt/crypt.c Tue Jun 12 17:14:19 2012(r236967)
@@ -79,23 +79,23 @@ static const struct {
}
};
+#ifdef HAS_DES
+#define CRYPT_DEFAULT des
+#else
+#define CRYPT_DEFAULT md5
+#endif
+
static int crypt_type = -1;
static void
crypt_setdefault(void)
{
- char *def;
size_t i;
if (crypt_type != -1)
return;
- def = auth_getval(crypt_default);
- if (def == NULL) {
- crypt_type = 0;
- return;
- }
for (i = 0; i sizeof(crypt_types) / sizeof(crypt_types[0]) - 1; i++) {
- if (strcmp(def, crypt_types[i].name) == 0) {
+ if (strcmp(CRYPT_DEFAULT, crypt_types[i].name) == 0) {
crypt_type = (int)i;
return;
}
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236892 - in head: bin/rcp libexec/rshd usr.bin/login usr.bin/passwd usr.bin/rlogin usr.bin/rsh
Author: des Date: Mon Jun 11 16:18:39 2012 New Revision: 236892 URL: http://svn.freebsd.org/changeset/base/236892 Log: None of these programs actually use auth.conf. MFC after:1 week Modified: head/bin/rcp/rcp.1 head/libexec/rshd/rshd.8 head/usr.bin/login/login.1 head/usr.bin/passwd/passwd.1 head/usr.bin/rlogin/rlogin.1 head/usr.bin/rsh/rsh.1 Modified: head/bin/rcp/rcp.1 == --- head/bin/rcp/rcp.1 Mon Jun 11 16:08:03 2012(r236891) +++ head/bin/rcp/rcp.1 Mon Jun 11 16:18:39 2012(r236892) @@ -116,17 +116,11 @@ The .Nm utility handles third party copies, where neither source nor target files are on the current machine. -.Sh FILES -.Bl -tag -width .Pa /etc/auth.conf -compact -.It Pa /etc/auth.conf -configure authentication services -.El .Sh SEE ALSO .Xr cp 1 , .Xr ftp 1 , .Xr rlogin 1 , .Xr rsh 1 , -.Xr auth.conf 5 , .Xr hosts.equiv 5 .Sh HISTORY The Modified: head/libexec/rshd/rshd.8 == --- head/libexec/rshd/rshd.8Mon Jun 11 16:08:03 2012(r236891) +++ head/libexec/rshd/rshd.8Mon Jun 11 16:18:39 2012(r236892) @@ -237,7 +237,6 @@ and is not preceded by a flag byte. .Xr gethostbyaddr 3 , .Xr rcmd 3 , .Xr ruserok 3 , -.Xr auth.conf 5 , .Xr hosts 5 , .Xr hosts.equiv 5 , .Xr login.conf 5 , Modified: head/usr.bin/login/login.1 == --- head/usr.bin/login/login.1 Mon Jun 11 16:08:03 2012(r236891) +++ head/usr.bin/login/login.1 Mon Jun 11 16:18:39 2012(r236892) @@ -137,8 +137,6 @@ message-of-the-day system mailboxes .It Pa \.hushlogin makes login quieter -.It Pa /etc/auth.conf -configure authentication services .It Pa /etc/pam.d/login .Xr pam 8 configuration file Modified: head/usr.bin/passwd/passwd.1 == --- head/usr.bin/passwd/passwd.1Mon Jun 11 16:08:03 2012 (r236891) +++ head/usr.bin/passwd/passwd.1Mon Jun 11 16:18:39 2012 (r236892) @@ -221,8 +221,6 @@ a Version 7 format password file temporary copy of the password file .It Pa /etc/login.conf login class capabilities database -.It Pa /etc/auth.conf -configure authentication services .El .Sh SEE ALSO .Xr chpass 1 , Modified: head/usr.bin/rlogin/rlogin.1 == --- head/usr.bin/rlogin/rlogin.1Mon Jun 11 16:08:03 2012 (r236891) +++ head/usr.bin/rlogin/rlogin.1Mon Jun 11 16:18:39 2012 (r236892) @@ -128,7 +128,6 @@ Determines the user's terminal type. .Bl -tag -width /etc/hosts -compact .It Pa /etc/hosts .It Pa /etc/hosts.equiv -.It Pa /etc/auth.conf .It Ev $HOME Ns Pa /.rhosts .El .Sh SEE ALSO @@ -138,7 +137,6 @@ Determines the user's terminal type. .Xr setsockopt 2 , .Xr ruserok 3 , .Xr tty 4 , -.Xr auth.conf 5 , .Xr hosts 5 , .Xr hosts.equiv 5 , .Xr rlogind 8 , Modified: head/usr.bin/rsh/rsh.1 == --- head/usr.bin/rsh/rsh.1 Mon Jun 11 16:08:03 2012(r236891) +++ head/usr.bin/rsh/rsh.1 Mon Jun 11 16:18:39 2012(r236892) @@ -125,14 +125,12 @@ to .Sh FILES .Bl -tag -width /etc/hosts -compact .It Pa /etc/hosts -.It Pa /etc/auth.conf .El .Sh SEE ALSO .Xr rlogin 1 , .Xr setsockopt 2 , .Xr rcmd 3 , .Xr ruserok 3 , -.Xr auth.conf 5 , .Xr hosts 5 , .Xr hosts.equiv 5 , .Xr rlogind 8 , ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236751 - head/lib/libutil
Author: des Date: Fri Jun 8 12:36:08 2012 New Revision: 236751 URL: http://svn.freebsd.org/changeset/base/236751 Log: Document that we also support sha256 and sha512. MFC after:1 week Modified: head/lib/libutil/login.conf.5 Modified: head/lib/libutil/login.conf.5 == --- head/lib/libutil/login.conf.5 Fri Jun 8 12:35:43 2012 (r236750) +++ head/lib/libutil/login.conf.5 Fri Jun 8 12:36:08 2012 (r236751) @@ -269,7 +269,9 @@ multiplied by 5 seconds. allowed before the login fails. .It passwd_format string md5 The encryption format that new or changed passwords will use. -Valid values include des, md5 and blf. +Valid values include des, md5, blf, sha256 and sha512; see +.Xr crypt 3 +for details. NIS clients using a .No non- Ns Fx NIS server should probably use des. ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236614 - head/gnu/lib/libsupc++
Author: des
Date: Tue Jun 5 12:34:08 2012
New Revision: 236614
URL: http://svn.freebsd.org/changeset/base/236614
Log:
Add mangled symbols for operator new / delete on 64-bit platforms.
Reported by: decke@
MFC after:1 week
Modified:
head/gnu/lib/libsupc++/Version.map
Modified: head/gnu/lib/libsupc++/Version.map
==
--- head/gnu/lib/libsupc++/Version.map Tue Jun 5 11:48:32 2012
(r236613)
+++ head/gnu/lib/libsupc++/Version.map Tue Jun 5 12:34:08 2012
(r236614)
@@ -126,11 +126,19 @@ CXXABI_1.3 {
# __gnu_cxx::_verbose_terminate_handler()
_ZN9__gnu_cxx27__verbose_terminate_handlerEv;
-# new / delete operators
+# operator new and new[], 32-bit size_t
_Znaj;
_ZnajRKSt9nothrow_t;
_Znwj;
_ZnwjRKSt9nothrow_t;
+
+# operator new and new[], 64-bit size_t
+_Znam;
+_ZnamRKSt9nothrow_t;
+_Znwm;
+_ZnwmRKSt9nothrow_t;
+
+# operator delete and delete[]
_ZdaPv;
_ZdaPvRKSt9nothrow_t;
_ZdlPv;
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236226 - head/usr.bin/unzip
Author: des
Date: Tue May 29 09:11:19 2012
New Revision: 236226
URL: http://svn.freebsd.org/changeset/base/236226
Log:
Pass a filename, rather than a file descriptor, to libarchive.
Submitted by: Alex Kozlov s...@rm-rf.kiev.ua
MFC after:1 week
Modified:
head/usr.bin/unzip/unzip.c
Modified: head/usr.bin/unzip/unzip.c
==
--- head/usr.bin/unzip/unzip.c Tue May 29 08:56:56 2012(r236225)
+++ head/usr.bin/unzip/unzip.c Tue May 29 09:11:19 2012(r236226)
@@ -865,19 +865,14 @@ unzip(const char *fn)
{
struct archive *a;
struct archive_entry *e;
- int fd, ret;
+ int ret;
uintmax_t total_size, file_count, error_count;
- if (strcmp(fn, -) == 0)
- fd = STDIN_FILENO;
- else if ((fd = open(fn, O_RDONLY)) 0)
- error(%s, fn);
-
if ((a = archive_read_new()) == NULL)
error(archive_read_new failed);
ac(archive_read_support_format_zip(a));
- ac(archive_read_open_fd(a, fd, 8192));
+ ac(archive_read_open_filename(a, fn, 8192));
if (!zipinfo_mode) {
if (!p_opt !q_opt)
@@ -933,9 +928,6 @@ unzip(const char *fn)
ac(archive_read_close(a));
(void)archive_read_finish(a);
- if (fd != STDIN_FILENO close(fd) != 0)
- error(%s, fn);
-
if (t_opt) {
if (error_count 0) {
errorx(%d checksum error(s) found., error_count);
@@ -1061,6 +1053,9 @@ main(int argc, char *argv[])
usage();
zipfile = argv[nopts++];
+ if (strcmp(zipfile, -) == 0)
+ zipfile = NULL; /* STDIN */
+
while (nopts argc *argv[nopts] != '-')
add_pattern(include, argv[nopts++]);
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236187 - stable/7
Author: des
Date: Mon May 28 15:34:55 2012
New Revision: 236187
URL: http://svn.freebsd.org/changeset/base/236187
Log:
Make yacc a bootstrap tool if building on head, since the new yacc is
not 100% backward compatible.
Modified:
stable/7/Makefile.inc1
Modified: stable/7/Makefile.inc1
==
--- stable/7/Makefile.inc1 Mon May 28 14:50:13 2012(r236186)
+++ stable/7/Makefile.inc1 Mon May 28 15:34:55 2012(r236187)
@@ -888,6 +888,10 @@ _colldef= usr.bin/colldef
_gencat= usr.bin/gencat
.endif
+.if ${BOOTSTRAPPING} = 113
+_yacc= usr.bin/yacc
+.endif
+
.if ${BOOTSTRAPPING} 600016
_mklocale= usr.bin/mklocale
.endif
@@ -922,6 +926,7 @@ bootstrap-tools:
${_gencat} \
usr.bin/lorder \
usr.bin/makewhatis \
+${_yacc} \
${_mklocale} \
usr.bin/rpcgen \
usr.bin/xinstall \
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236200 - stable/9/usr.bin/unzip
Author: des
Date: Mon May 28 21:19:33 2012
New Revision: 236200
URL: http://svn.freebsd.org/changeset/base/236200
Log:
MFH r230044, r233456: style and markup nits
Modified:
stable/9/usr.bin/unzip/unzip.1
stable/9/usr.bin/unzip/unzip.c
Directory Properties:
stable/9/usr.bin/unzip/ (props changed)
Modified: stable/9/usr.bin/unzip/unzip.1
==
--- stable/9/usr.bin/unzip/unzip.1 Mon May 28 21:15:54 2012
(r236199)
+++ stable/9/usr.bin/unzip/unzip.1 Mon May 28 21:19:33 2012
(r236200)
@@ -38,7 +38,6 @@
.Ar zipfile
.Sh DESCRIPTION
.\ ...
-.Pp
The following options are available:
.Bl -tag -width Fl
.It Fl a
Modified: stable/9/usr.bin/unzip/unzip.c
==
--- stable/9/usr.bin/unzip/unzip.c Mon May 28 21:15:54 2012
(r236199)
+++ stable/9/usr.bin/unzip/unzip.c Mon May 28 21:19:33 2012
(r236200)
@@ -426,7 +426,7 @@ handle_existing_file(char **path)
fprintf(stderr,
replace %s? [y]es, [n]o, [A]ll, [N]one, [r]ename: ,
*path);
- if (fgets(buf, sizeof(buf), stdin) == 0) {
+ if (fgets(buf, sizeof(buf), stdin) == NULL) {
clearerr(stdin);
printf(NULL\n(EOF or read error,
treating as \[N]one\...)\n);
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236201 - stable/8/usr.bin/unzip
Author: des
Date: Mon May 28 21:25:19 2012
New Revision: 236201
URL: http://svn.freebsd.org/changeset/base/236201
Log:
MFH r208957: check return value from archive_read_new()
MFH r214137, r214140, r214174, r224584: support reading from stdin
MFH r230044, r233456: style and markup nits
MFH r234311: correct name in copyright statement
Modified:
stable/8/usr.bin/unzip/unzip.1
stable/8/usr.bin/unzip/unzip.c
Directory Properties:
stable/8/usr.bin/unzip/ (props changed)
Modified: stable/8/usr.bin/unzip/unzip.1
==
--- stable/8/usr.bin/unzip/unzip.1 Mon May 28 21:19:33 2012
(r236200)
+++ stable/8/usr.bin/unzip/unzip.1 Mon May 28 21:25:19 2012
(r236201)
@@ -1,5 +1,5 @@
.\-
-.\ Copyright (c) 2007-2008 Dag-Erling Co�dan Sm�rgrav
+.\ Copyright (c) 2007-2008 Dag-Erling Smørgrav
.\ All rights reserved.
.\
.\ Redistribution and use in source and binary forms, with or without
@@ -38,7 +38,6 @@
.Ar zipfile
.Sh DESCRIPTION
.\ ...
-.Pp
The following options are available:
.Bl -tag -width Fl
.It Fl a
@@ -121,6 +120,10 @@ Note that only one of
and
.Fl u
may be specified.
+If specified filename is
+.Qq - ,
+then data is read from
+.Va stdin .
.Sh ENVIRONMENT
If the
.Ev UNZIP_DEBUG
Modified: stable/8/usr.bin/unzip/unzip.c
==
--- stable/8/usr.bin/unzip/unzip.c Mon May 28 21:19:33 2012
(r236200)
+++ stable/8/usr.bin/unzip/unzip.c Mon May 28 21:25:19 2012
(r236201)
@@ -1,6 +1,6 @@
/*-
* Copyright (c) 2009 Joerg Sonnenberger jo...@netbsd.org
- * Copyright (c) 2007-2008 Dag-Erling Co�dan Sm�rgrav
+ * Copyright (c) 2007-2008 Dag-Erling Smørgrav
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -426,7 +426,7 @@ handle_existing_file(char **path)
fprintf(stderr,
replace %s? [y]es, [n]o, [A]ll, [N]one, [r]ename: ,
*path);
- if (fgets(buf, sizeof(buf), stdin) == 0) {
+ if (fgets(buf, sizeof(buf), stdin) == NULL) {
clearerr(stdin);
printf(NULL\n(EOF or read error,
treating as \[N]one\...)\n);
@@ -868,10 +868,14 @@ unzip(const char *fn)
int fd, ret;
uintmax_t total_size, file_count, error_count;
- if ((fd = open(fn, O_RDONLY)) 0)
+ if (strcmp(fn, -) == 0)
+ fd = STDIN_FILENO;
+ else if ((fd = open(fn, O_RDONLY)) 0)
error(%s, fn);
- a = archive_read_new();
+ if ((a = archive_read_new()) == NULL)
+ error(archive_read_new failed);
+
ac(archive_read_support_format_zip(a));
ac(archive_read_open_fd(a, fd, 8192));
@@ -929,7 +933,7 @@ unzip(const char *fn)
ac(archive_read_close(a));
(void)archive_read_finish(a);
- if (close(fd) != 0)
+ if (fd != STDIN_FILENO close(fd) != 0)
error(%s, fn);
if (t_opt) {
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236202 - stable/8/usr.bin
Author: des
Date: Mon May 28 21:26:26 2012
New Revision: 236202
URL: http://svn.freebsd.org/changeset/base/236202
Log:
MFH r200068: connect unzip to the build.
Modified:
stable/8/usr.bin/Makefile
Directory Properties:
stable/8/usr.bin/ (props changed)
Modified: stable/8/usr.bin/Makefile
==
--- stable/8/usr.bin/Makefile Mon May 28 21:25:19 2012(r236201)
+++ stable/8/usr.bin/Makefile Mon May 28 21:26:26 2012(r236202)
@@ -205,6 +205,7 @@ SUBDIR= alias \
unexpand \
${_unifdef} \
uniq \
+ unzip \
units \
unvis \
${_usbhidaction} \
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236203 - stable/8/lib/libpam
Author: des Date: Mon May 28 21:59:05 2012 New Revision: 236203 URL: http://svn.freebsd.org/changeset/base/236203 Log: Forgot to commit mergeinfo when I MFHed pam_unix last month. Modified: Directory Properties: stable/8/lib/libpam/ (props changed) ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236204 - stable/8
Author: des
Date: Mon May 28 22:07:32 2012
New Revision: 236204
URL: http://svn.freebsd.org/changeset/base/236204
Log:
MFH r230622: use build tools, not host tools, to build aicasm.
Modified:
stable/8/Makefile.inc1 (contents, props changed)
Directory Properties:
stable/8/ (props changed)
Modified: stable/8/Makefile.inc1
==
--- stable/8/Makefile.inc1 Mon May 28 21:59:05 2012(r236203)
+++ stable/8/Makefile.inc1 Mon May 28 22:07:32 2012(r236204)
@@ -775,6 +775,7 @@ buildkernel:
@echo stage 2.3: build tools
@echo --
cd ${KRNLOBJDIR}/${_kernel}; \
+ PATH=${BPATH}:${PATH} \
MAKESRCPATH=${KERNSRCDIR}/dev/aic7xxx/aicasm \
${MAKE} SSP_CFLAGS= -DNO_CPU_CFLAGS -DNO_CTF \
-f ${KERNSRCDIR}/dev/aic7xxx/aicasm/Makefile
@@ -782,6 +783,7 @@ buildkernel:
.if !defined(MODULES_WITH_WORLD) !defined(NO_MODULES)
exists(${KERNSRCDIR}/modules)
.for target in obj depend all
cd ${KERNSRCDIR}/modules/aic7xxx/aicasm; \
+ PATH=${BPATH}:${PATH} \
MAKEOBJDIRPREFIX=${KRNLOBJDIR}/${_kernel}/modules \
${MAKE} SSP_CFLAGS= -DNO_CPU_CFLAGS -DNO_CTF ${target}
.endfor
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236205 - stable/7
Author: des
Date: Mon May 28 22:09:50 2012
New Revision: 236205
URL: http://svn.freebsd.org/changeset/base/236205
Log:
MFH r230622: use build tools, not host tools, to build aicasm.
Modified:
stable/7/Makefile.inc1 (contents, props changed)
Directory Properties:
stable/7/ (props changed)
Modified: stable/7/Makefile.inc1
==
--- stable/7/Makefile.inc1 Mon May 28 22:07:32 2012(r236204)
+++ stable/7/Makefile.inc1 Mon May 28 22:09:50 2012(r236205)
@@ -735,6 +735,7 @@ buildkernel:
@echo stage 2.3: build tools
@echo --
cd ${KRNLOBJDIR}/${_kernel}; \
+ PATH=${BPATH}:${PATH} \
MAKESRCPATH=${KERNSRCDIR}/dev/aic7xxx/aicasm \
${MAKE} -DNO_CPU_CFLAGS -DNO_CTF \
-f ${KERNSRCDIR}/dev/aic7xxx/aicasm/Makefile
@@ -742,6 +743,7 @@ buildkernel:
.if !defined(MODULES_WITH_WORLD) !defined(NO_MODULES)
exists(${KERNSRCDIR}/modules)
.for target in obj depend all
cd ${KERNSRCDIR}/modules/aic7xxx/aicasm; \
+ PATH=${BPATH}:${PATH} \
MAKEOBJDIRPREFIX=${KRNLOBJDIR}/${_kernel}/modules \
${MAKE} -DNO_CPU_CFLAGS -DNO_CTF ${target}
.endfor
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236099 - in vendor/openpam/dist: . bin bin/openpam_dump_policy bin/pamtest bin/su doc/man include/security lib misc t
Author: des Date: Sat May 26 14:23:18 2012 New Revision: 236099 URL: http://svn.freebsd.org/changeset/base/236099 Log: Vendor import of OpenPAM Micrampelis. Added: vendor/openpam/dist/TODO vendor/openpam/dist/bin/openpam_dump_policy/ vendor/openpam/dist/bin/openpam_dump_policy/Makefile.am vendor/openpam/dist/bin/openpam_dump_policy/Makefile.in vendor/openpam/dist/bin/openpam_dump_policy/openpam_dump_policy.c vendor/openpam/dist/doc/man/openpam_get_feature.3 vendor/openpam/dist/doc/man/openpam_readlinev.3 vendor/openpam/dist/doc/man/openpam_readword.3 vendor/openpam/dist/doc/man/openpam_set_feature.3 vendor/openpam/dist/doc/man/openpam_straddch.3 vendor/openpam/dist/lib/openpam_ctype.h vendor/openpam/dist/lib/openpam_features.c vendor/openpam/dist/lib/openpam_features.h vendor/openpam/dist/lib/openpam_get_feature.c vendor/openpam/dist/lib/openpam_readlinev.c vendor/openpam/dist/lib/openpam_readword.c vendor/openpam/dist/lib/openpam_set_feature.c vendor/openpam/dist/lib/openpam_straddch.c vendor/openpam/dist/lib/openpam_strlcat.h vendor/openpam/dist/pamgdb.in vendor/openpam/dist/t/ vendor/openpam/dist/t/Makefile.am vendor/openpam/dist/t/Makefile.in vendor/openpam/dist/t/t.h vendor/openpam/dist/t/t_main.c vendor/openpam/dist/t/t_openpam_readlinev.c vendor/openpam/dist/t/t_openpam_readword.c Modified: vendor/openpam/dist/CREDITS vendor/openpam/dist/HISTORY vendor/openpam/dist/LICENSE vendor/openpam/dist/Makefile.am vendor/openpam/dist/Makefile.in vendor/openpam/dist/RELNOTES vendor/openpam/dist/aclocal.m4 vendor/openpam/dist/bin/Makefile.am vendor/openpam/dist/bin/Makefile.in vendor/openpam/dist/bin/pamtest/pamtest.1 vendor/openpam/dist/bin/pamtest/pamtest.c vendor/openpam/dist/bin/su/su.1 vendor/openpam/dist/config.h.in vendor/openpam/dist/configure vendor/openpam/dist/configure.ac vendor/openpam/dist/doc/man/Makefile.am vendor/openpam/dist/doc/man/Makefile.in vendor/openpam/dist/doc/man/openpam.3 vendor/openpam/dist/doc/man/openpam_borrow_cred.3 vendor/openpam/dist/doc/man/openpam_free_data.3 vendor/openpam/dist/doc/man/openpam_free_envlist.3 vendor/openpam/dist/doc/man/openpam_get_option.3 vendor/openpam/dist/doc/man/openpam_log.3 vendor/openpam/dist/doc/man/openpam_nullconv.3 vendor/openpam/dist/doc/man/openpam_readline.3 vendor/openpam/dist/doc/man/openpam_restore_cred.3 vendor/openpam/dist/doc/man/openpam_set_option.3 vendor/openpam/dist/doc/man/openpam_subst.3 vendor/openpam/dist/doc/man/openpam_ttyconv.3 vendor/openpam/dist/doc/man/pam.3 vendor/openpam/dist/doc/man/pam.conf.5 vendor/openpam/dist/doc/man/pam_acct_mgmt.3 vendor/openpam/dist/doc/man/pam_authenticate.3 vendor/openpam/dist/doc/man/pam_chauthtok.3 vendor/openpam/dist/doc/man/pam_close_session.3 vendor/openpam/dist/doc/man/pam_conv.3 vendor/openpam/dist/doc/man/pam_end.3 vendor/openpam/dist/doc/man/pam_error.3 vendor/openpam/dist/doc/man/pam_get_authtok.3 vendor/openpam/dist/doc/man/pam_get_data.3 vendor/openpam/dist/doc/man/pam_get_item.3 vendor/openpam/dist/doc/man/pam_get_user.3 vendor/openpam/dist/doc/man/pam_getenv.3 vendor/openpam/dist/doc/man/pam_getenvlist.3 vendor/openpam/dist/doc/man/pam_info.3 vendor/openpam/dist/doc/man/pam_open_session.3 vendor/openpam/dist/doc/man/pam_prompt.3 vendor/openpam/dist/doc/man/pam_putenv.3 vendor/openpam/dist/doc/man/pam_set_data.3 vendor/openpam/dist/doc/man/pam_set_item.3 vendor/openpam/dist/doc/man/pam_setcred.3 vendor/openpam/dist/doc/man/pam_setenv.3 vendor/openpam/dist/doc/man/pam_sm_acct_mgmt.3 vendor/openpam/dist/doc/man/pam_sm_authenticate.3 vendor/openpam/dist/doc/man/pam_sm_chauthtok.3 vendor/openpam/dist/doc/man/pam_sm_close_session.3 vendor/openpam/dist/doc/man/pam_sm_open_session.3 vendor/openpam/dist/doc/man/pam_sm_setcred.3 vendor/openpam/dist/doc/man/pam_start.3 vendor/openpam/dist/doc/man/pam_strerror.3 vendor/openpam/dist/doc/man/pam_verror.3 vendor/openpam/dist/doc/man/pam_vinfo.3 vendor/openpam/dist/doc/man/pam_vprompt.3 vendor/openpam/dist/include/security/openpam.h vendor/openpam/dist/include/security/openpam_version.h vendor/openpam/dist/lib/Makefile.am vendor/openpam/dist/lib/Makefile.in vendor/openpam/dist/lib/openpam_check_owner_perms.c vendor/openpam/dist/lib/openpam_configure.c vendor/openpam/dist/lib/openpam_constants.h vendor/openpam/dist/lib/openpam_debug.h vendor/openpam/dist/lib/openpam_dynamic.c vendor/openpam/dist/lib/openpam_get_option.c vendor/openpam/dist/lib/openpam_impl.h vendor/openpam/dist/lib/openpam_load.c vendor/openpam/dist/lib/openpam_log.c vendor/openpam/dist/lib/openpam_readline.c vendor/openpam/dist/lib/openpam_set_option.c vendor/openpam/dist/lib/openpam_strlcmp.h vendor/openpam/dist/lib/openpam_strlcpy.h vendor/openpam/dist/lib/openpam_subst.c vendor/openpam/dist/lib/openpam_ttyconv.c vendor/openpam/dist/lib/pam_get_authtok.c
svn commit: r236100 - vendor/openpam/MICRAMPELIS
Author: des Date: Sat May 26 14:24:14 2012 New Revision: 236100 URL: http://svn.freebsd.org/changeset/base/236100 Log: Tag OpenPAM Micrampelis. Added: vendor/openpam/MICRAMPELIS/ - copied from r236099, vendor/openpam/dist/ ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236103 - stable/9/lib/libfetch
Author: des Date: Sat May 26 16:34:39 2012 New Revision: 236103 URL: http://svn.freebsd.org/changeset/base/236103 Log: MFH r225813,r225814,r226537: cosmetic Modified: stable/9/lib/libfetch/common.c stable/9/lib/libfetch/common.h stable/9/lib/libfetch/fetch.3 stable/9/lib/libfetch/fetch.c stable/9/lib/libfetch/fetch.h stable/9/lib/libfetch/file.c stable/9/lib/libfetch/ftp.c stable/9/lib/libfetch/http.c Directory Properties: stable/9/lib/libfetch/ (props changed) Modified: stable/9/lib/libfetch/common.c == --- stable/9/lib/libfetch/common.c Sat May 26 16:26:23 2012 (r236102) +++ stable/9/lib/libfetch/common.c Sat May 26 16:34:39 2012 (r236103) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: stable/9/lib/libfetch/common.h == --- stable/9/lib/libfetch/common.h Sat May 26 16:26:23 2012 (r236102) +++ stable/9/lib/libfetch/common.h Sat May 26 16:34:39 2012 (r236103) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: stable/9/lib/libfetch/fetch.3 == --- stable/9/lib/libfetch/fetch.3 Sat May 26 16:26:23 2012 (r236102) +++ stable/9/lib/libfetch/fetch.3 Sat May 26 16:34:39 2012 (r236103) @@ -1,5 +1,5 @@ .\- -.\ Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav +.\ Copyright (c) 1998-2011 Dag-Erling Smørgrav .\ All rights reserved. .\ .\ Redistribution and use in source and binary forms, with or without @@ -25,7 +25,7 @@ .\ .\ $FreeBSD$ .\ -.Dd January 26, 2010 +.Dd September 27, 2011 .Dt FETCH 3 .Os .Sh NAME Modified: stable/9/lib/libfetch/fetch.c == --- stable/9/lib/libfetch/fetch.c Sat May 26 16:26:23 2012 (r236102) +++ stable/9/lib/libfetch/fetch.c Sat May 26 16:34:39 2012 (r236103) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2004 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: stable/9/lib/libfetch/fetch.h == --- stable/9/lib/libfetch/fetch.h Sat May 26 16:26:23 2012 (r236102) +++ stable/9/lib/libfetch/fetch.h Sat May 26 16:34:39 2012 (r236103) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2004 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: stable/9/lib/libfetch/file.c == --- stable/9/lib/libfetch/file.cSat May 26 16:26:23 2012 (r236102) +++ stable/9/lib/libfetch/file.cSat May 26 16:34:39 2012 (r236103) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: stable/9/lib/libfetch/ftp.c == --- stable/9/lib/libfetch/ftp.c Sat May 26 16:26:23 2012(r236102) +++ stable/9/lib/libfetch/ftp.c Sat May 26 16:34:39 2012(r236103) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -41,7 +41,7 @@ __FBSDID($FreeBSD$); * * Major Changelog: * - * Dag-Erling Co�dan Sm�rgrav + * Dag-Erling Smørgrav * 9 Jun 1998 * * Incorporated into libfetch Modified: stable/9/lib/libfetch/http.c == --- stable/9/lib/libfetch/http.cSat May 26 16:26:23 2012 (r236102) +++ stable/9/lib/libfetch/http.cSat May 26 16:34:39 2012 (r236103) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2000-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 2000-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send
svn commit: r236104 - stable/9/lib/libfetch
Author: des
Date: Sat May 26 16:37:43 2012
New Revision: 236104
URL: http://svn.freebsd.org/changeset/base/236104
Log:
MFH r230478: fix nits in already-merged r230307.
Modified:
stable/9/lib/libfetch/common.c
Directory Properties:
stable/9/lib/libfetch/ (props changed)
Modified: stable/9/lib/libfetch/common.c
==
--- stable/9/lib/libfetch/common.c Sat May 26 16:34:39 2012
(r236103)
+++ stable/9/lib/libfetch/common.c Sat May 26 16:37:43 2012
(r236104)
@@ -416,7 +416,6 @@ fetch_cache_data(conn_t *conn, char *src
if (conn-cache.size nbytes) {
tmp = realloc(conn-cache.buf, nbytes);
if (tmp == NULL) {
- errno = ENOMEM;
fetch_syserr();
return (-1);
}
@@ -481,7 +480,7 @@ fetch_read(conn_t *conn, char *buf, size
conn-cache.len -= total;
conn-cache.pos += total;
len -= total;
- buf+= total;
+ buf += total;
}
while (len 0) {
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236105 - stable/9/lib/libfetch
Author: des Date: Sat May 26 16:42:47 2012 New Revision: 236105 URL: http://svn.freebsd.org/changeset/base/236105 Log: MFH r233648: cosmetic Modified: stable/9/lib/libfetch/fetch.3 Directory Properties: stable/9/lib/libfetch/ (props changed) Modified: stable/9/lib/libfetch/fetch.3 == --- stable/9/lib/libfetch/fetch.3 Sat May 26 16:37:43 2012 (r236104) +++ stable/9/lib/libfetch/fetch.3 Sat May 26 16:42:47 2012 (r236105) @@ -375,7 +375,7 @@ If the (if-modified-since) flag is specified, and the .Va ims_time -field is set in +field is set in .Vt struct url , then .Fn fetchXGetHTTP ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236106 - head/lib/libpam/modules/pam_ssh
Author: des
Date: Sat May 26 17:03:45 2012
New Revision: 236106
URL: http://svn.freebsd.org/changeset/base/236106
Log:
Passing NULL as a key casues a segfault when loading SSH 1 keys. Use
an empty string instead.
Modified:
head/lib/libpam/modules/pam_ssh/pam_ssh.c
Modified: head/lib/libpam/modules/pam_ssh/pam_ssh.c
==
--- head/lib/libpam/modules/pam_ssh/pam_ssh.c Sat May 26 16:42:47 2012
(r236105)
+++ head/lib/libpam/modules/pam_ssh/pam_ssh.c Sat May 26 17:03:45 2012
(r236106)
@@ -112,7 +112,7 @@ pam_ssh_load_key(const char *dir, const
* with an empty passphrase, and if the key is not encrypted,
* accept only an empty passphrase.
*/
- key = key_load_private(fn, NULL, comment);
+ key = key_load_private(fn, , comment);
if (key != NULL !(*passphrase == '\0' nullok)) {
key_free(key);
return (NULL);
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236108 - stable/9/lib/libfetch
Author: des
Date: Sat May 26 17:08:01 2012
New Revision: 236108
URL: http://svn.freebsd.org/changeset/base/236108
Log:
MFH r234837: avoid busy-loop on slow connections when no timeout is set.
MFH r234838: don't reuse credentials when redirected to a different host.
Modified:
stable/9/lib/libfetch/common.c
stable/9/lib/libfetch/http.c
Directory Properties:
stable/9/lib/libfetch/ (props changed)
Modified: stable/9/lib/libfetch/common.c
==
--- stable/9/lib/libfetch/common.c Sat May 26 17:07:34 2012
(r236107)
+++ stable/9/lib/libfetch/common.c Sat May 26 17:08:01 2012
(r236108)
@@ -455,11 +455,9 @@ fetch_read(conn_t *conn, char *buf, size
struct timeval now, timeout, delta;
fd_set readfds;
ssize_t rlen, total;
- int r;
char *start;
- if (fetchTimeout) {
- FD_ZERO(readfds);
+ if (fetchTimeout 0) {
gettimeofday(timeout, NULL);
timeout.tv_sec += fetchTimeout;
}
@@ -523,23 +521,21 @@ fetch_read(conn_t *conn, char *buf, size
return (-1);
}
// assert(rlen == FETCH_READ_WAIT);
- while (fetchTimeout !FD_ISSET(conn-sd, readfds)) {
+ FD_ZERO(readfds);
+ while (!FD_ISSET(conn-sd, readfds)) {
FD_SET(conn-sd, readfds);
- gettimeofday(now, NULL);
- delta.tv_sec = timeout.tv_sec - now.tv_sec;
- delta.tv_usec = timeout.tv_usec - now.tv_usec;
- if (delta.tv_usec 0) {
- delta.tv_usec += 100;
- delta.tv_sec--;
- }
- if (delta.tv_sec 0) {
- errno = ETIMEDOUT;
- fetch_syserr();
- return (-1);
+ if (fetchTimeout 0) {
+ gettimeofday(now, NULL);
+ if (!timercmp(timeout, now, )) {
+ errno = ETIMEDOUT;
+ fetch_syserr();
+ return (-1);
+ }
+ timersub(timeout, now, delta);
}
errno = 0;
- r = select(conn-sd + 1, readfds, NULL, NULL, delta);
- if (r == -1) {
+ if (select(conn-sd + 1, readfds, NULL, NULL,
+ fetchTimeout 0 ? delta : NULL) 0) {
if (errno == EINTR) {
if (fetchRestartCalls)
continue;
Modified: stable/9/lib/libfetch/http.c
==
--- stable/9/lib/libfetch/http.cSat May 26 17:07:34 2012
(r236107)
+++ stable/9/lib/libfetch/http.cSat May 26 17:08:01 2012
(r236108)
@@ -1779,7 +1779,9 @@ http_request(struct url *URL, const char
DEBUG(fprintf(stderr, failed to parse
new URL\n));
goto ouch;
}
- if (!*new-user !*new-pwd) {
+
+ /* Only copy credentials if the host matches */
+ if (!strcmp(new-host, url-host)
!*new-user !*new-pwd) {
strcpy(new-user, url-user);
strcpy(new-pwd, url-pwd);
}
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236109 - in head: contrib/openpam contrib/openpam/bin contrib/openpam/bin/openpam_dump_policy contrib/openpam/bin/pamtest contrib/openpam/bin/su contrib/openpam/doc/man contrib/openpam...
Author: des Date: Sat May 26 17:10:16 2012 New Revision: 236109 URL: http://svn.freebsd.org/changeset/base/236109 Log: Update to OpenPAM Micrampelis. Added: head/contrib/openpam/TODO - copied unchanged from r236101, vendor/openpam/dist/TODO head/contrib/openpam/bin/openpam_dump_policy/ - copied from r236101, vendor/openpam/dist/bin/openpam_dump_policy/ head/contrib/openpam/doc/man/openpam_get_feature.3 - copied unchanged from r236101, vendor/openpam/dist/doc/man/openpam_get_feature.3 head/contrib/openpam/doc/man/openpam_readlinev.3 - copied unchanged from r236101, vendor/openpam/dist/doc/man/openpam_readlinev.3 head/contrib/openpam/doc/man/openpam_readword.3 - copied unchanged from r236101, vendor/openpam/dist/doc/man/openpam_readword.3 head/contrib/openpam/doc/man/openpam_set_feature.3 - copied unchanged from r236101, vendor/openpam/dist/doc/man/openpam_set_feature.3 head/contrib/openpam/doc/man/openpam_straddch.3 - copied unchanged from r236101, vendor/openpam/dist/doc/man/openpam_straddch.3 head/contrib/openpam/lib/openpam_ctype.h - copied unchanged from r236101, vendor/openpam/dist/lib/openpam_ctype.h head/contrib/openpam/lib/openpam_features.c - copied unchanged from r236101, vendor/openpam/dist/lib/openpam_features.c head/contrib/openpam/lib/openpam_features.h - copied unchanged from r236101, vendor/openpam/dist/lib/openpam_features.h head/contrib/openpam/lib/openpam_get_feature.c - copied unchanged from r236101, vendor/openpam/dist/lib/openpam_get_feature.c head/contrib/openpam/lib/openpam_readlinev.c - copied unchanged from r236101, vendor/openpam/dist/lib/openpam_readlinev.c head/contrib/openpam/lib/openpam_readword.c - copied unchanged from r236101, vendor/openpam/dist/lib/openpam_readword.c head/contrib/openpam/lib/openpam_set_feature.c - copied unchanged from r236101, vendor/openpam/dist/lib/openpam_set_feature.c head/contrib/openpam/lib/openpam_straddch.c - copied unchanged from r236101, vendor/openpam/dist/lib/openpam_straddch.c head/contrib/openpam/lib/openpam_strlcat.h - copied unchanged from r236101, vendor/openpam/dist/lib/openpam_strlcat.h head/contrib/openpam/pamgdb.in - copied unchanged from r236101, vendor/openpam/dist/pamgdb.in head/contrib/openpam/t/ - copied from r236101, vendor/openpam/dist/t/ head/usr.bin/pamtest/ head/usr.bin/pamtest/Makefile (contents, props changed) Modified: head/contrib/openpam/CREDITS head/contrib/openpam/HISTORY head/contrib/openpam/LICENSE head/contrib/openpam/Makefile.am head/contrib/openpam/Makefile.in head/contrib/openpam/RELNOTES head/contrib/openpam/aclocal.m4 head/contrib/openpam/bin/Makefile.am head/contrib/openpam/bin/Makefile.in head/contrib/openpam/bin/pamtest/pamtest.1 head/contrib/openpam/bin/pamtest/pamtest.c head/contrib/openpam/bin/su/su.1 head/contrib/openpam/config.h.in head/contrib/openpam/configure head/contrib/openpam/configure.ac head/contrib/openpam/doc/man/Makefile.am head/contrib/openpam/doc/man/Makefile.in head/contrib/openpam/doc/man/openpam.3 head/contrib/openpam/doc/man/openpam_borrow_cred.3 head/contrib/openpam/doc/man/openpam_free_data.3 head/contrib/openpam/doc/man/openpam_free_envlist.3 head/contrib/openpam/doc/man/openpam_get_option.3 head/contrib/openpam/doc/man/openpam_log.3 head/contrib/openpam/doc/man/openpam_nullconv.3 head/contrib/openpam/doc/man/openpam_readline.3 head/contrib/openpam/doc/man/openpam_restore_cred.3 head/contrib/openpam/doc/man/openpam_set_option.3 head/contrib/openpam/doc/man/openpam_subst.3 head/contrib/openpam/doc/man/openpam_ttyconv.3 head/contrib/openpam/doc/man/pam.3 head/contrib/openpam/doc/man/pam.conf.5 head/contrib/openpam/doc/man/pam_acct_mgmt.3 head/contrib/openpam/doc/man/pam_authenticate.3 head/contrib/openpam/doc/man/pam_chauthtok.3 head/contrib/openpam/doc/man/pam_close_session.3 head/contrib/openpam/doc/man/pam_conv.3 head/contrib/openpam/doc/man/pam_end.3 head/contrib/openpam/doc/man/pam_error.3 head/contrib/openpam/doc/man/pam_get_authtok.3 head/contrib/openpam/doc/man/pam_get_data.3 head/contrib/openpam/doc/man/pam_get_item.3 head/contrib/openpam/doc/man/pam_get_user.3 head/contrib/openpam/doc/man/pam_getenv.3 head/contrib/openpam/doc/man/pam_getenvlist.3 head/contrib/openpam/doc/man/pam_info.3 head/contrib/openpam/doc/man/pam_open_session.3 head/contrib/openpam/doc/man/pam_prompt.3 head/contrib/openpam/doc/man/pam_putenv.3 head/contrib/openpam/doc/man/pam_set_data.3 head/contrib/openpam/doc/man/pam_set_item.3 head/contrib/openpam/doc/man/pam_setcred.3 head/contrib/openpam/doc/man/pam_setenv.3 head/contrib/openpam/doc/man/pam_sm_acct_mgmt.3 head/contrib/openpam/doc/man/pam_sm_authenticate.3 head/contrib/openpam/doc/man/pam_sm_chauthtok.3 head/contrib/openpam/doc/man/pam_sm_close_session.3
svn commit: r236110 - head/usr.bin/fetch
Author: des Date: Sat May 26 17:19:41 2012 New Revision: 236110 URL: http://svn.freebsd.org/changeset/base/236110 Log: Revert r232274 - unauthorized, unnecessary and incorrect. Modified: head/usr.bin/fetch/fetch.1 Modified: head/usr.bin/fetch/fetch.1 == --- head/usr.bin/fetch/fetch.1 Sat May 26 17:10:16 2012(r236109) +++ head/usr.bin/fetch/fetch.1 Sat May 26 17:19:41 2012(r236110) @@ -1,5 +1,5 @@ .\- -.\ Copyright (c) 2000-2012 Dag-Erling Smørgrav +.\ Copyright (c) 2000-2011 Dag-Erling Smørgrav .\ All rights reserved. .\ Portions Copyright (c) 1999 Massachusetts Institute of Technology; used .\ by permission. @@ -29,7 +29,7 @@ .\ .\ $FreeBSD$ .\ -.Dd February 28, 2012 +.Dd September 27, 2011 .Dt FETCH 1 .Os .Sh NAME @@ -214,11 +214,6 @@ When the flag is specified, wait this many seconds between successive retries. .El .Pp -.Ar URL -.Bd -literal -scheme:(//(user(:pwd)?@)?host(:port)?)?/(document)? -.Ed -.Pp If .Nm receives a ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236111 - stable/9/lib/msun/src
Author: des Date: Sat May 26 17:28:57 2012 New Revision: 236111 URL: http://svn.freebsd.org/changeset/base/236111 Log: MFH r234685: utf8 and drop middle name Modified: stable/9/lib/msun/src/s_fabsl.c Directory Properties: stable/9/lib/msun/ (props changed) Modified: stable/9/lib/msun/src/s_fabsl.c == --- stable/9/lib/msun/src/s_fabsl.c Sat May 26 17:19:41 2012 (r236110) +++ stable/9/lib/msun/src/s_fabsl.c Sat May 26 17:28:57 2012 (r236111) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2003 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 2003 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236112 - stable/9/usr.bin/unzip
Author: des Date: Sat May 26 17:37:07 2012 New Revision: 236112 URL: http://svn.freebsd.org/changeset/base/236112 Log: MFH r234311: utf8 and drop middle name Modified: stable/9/usr.bin/unzip/unzip.1 stable/9/usr.bin/unzip/unzip.c Directory Properties: stable/9/usr.bin/unzip/ (props changed) Modified: stable/9/usr.bin/unzip/unzip.1 == --- stable/9/usr.bin/unzip/unzip.1 Sat May 26 17:28:57 2012 (r236111) +++ stable/9/usr.bin/unzip/unzip.1 Sat May 26 17:37:07 2012 (r236112) @@ -1,5 +1,5 @@ .\- -.\ Copyright (c) 2007-2008 Dag-Erling Co�dan Sm�rgrav +.\ Copyright (c) 2007-2008 Dag-Erling Smørgrav .\ All rights reserved. .\ .\ Redistribution and use in source and binary forms, with or without Modified: stable/9/usr.bin/unzip/unzip.c == --- stable/9/usr.bin/unzip/unzip.c Sat May 26 17:28:57 2012 (r236111) +++ stable/9/usr.bin/unzip/unzip.c Sat May 26 17:37:07 2012 (r236112) @@ -1,6 +1,6 @@ /*- * Copyright (c) 2009 Joerg Sonnenberger jo...@netbsd.org - * Copyright (c) 2007-2008 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 2007-2008 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236113 - stable/9/sbin/geom/class/part
Author: des Date: Sat May 26 17:38:55 2012 New Revision: 236113 URL: http://svn.freebsd.org/changeset/base/236113 Log: MFH r230059: improve examples Modified: stable/9/sbin/geom/class/part/gpart.8 Directory Properties: stable/9/sbin/geom/class/part/ (props changed) Modified: stable/9/sbin/geom/class/part/gpart.8 == --- stable/9/sbin/geom/class/part/gpart.8 Sat May 26 17:37:07 2012 (r236112) +++ stable/9/sbin/geom/class/part/gpart.8 Sat May 26 17:38:55 2012 (r236113) @@ -996,17 +996,21 @@ partition that can boot from a .Cm freebsd-ufs partition, and install bootstrap code into it. -This partition must be larger than -.Pa /boot/gptboot , -or the GPT boot you are planning to write, but smaller than 545 KB. -A size of 15 blocks (7680 bytes) would be sufficient for -booting from UFS but 128 blocks (64 KB) is used in -this example to reserve some space for potential -future need (e.g.\ a larger +This partition must be larger than the bootstrap code +.Po +usually either +.Pa /boot/gptboot +or .Pa /boot/gptzfsboot -for booting from a ZFS partition). +.Pc , +but smaller than 545 kB since the first-stage loader will load the +entire partition into memory during boot, regardless of how much data +it actually contains. +This example uses 94 blocks (47 kB) so the next partition will be +aligned on a 64 kB boundary without the need to specify an explicit +offset or alignment. .Bd -literal -offset indent -/sbin/gpart add -b 34 -s 128 -t freebsd-boot ad0 +/sbin/gpart add -b 34 -s 94 -t freebsd-boot ad0 /sbin/gpart bootcode -p /boot/gptboot -i 1 ad0 .Ed .Pp @@ -1014,7 +1018,7 @@ Create a 512MB-sized .Cm freebsd-ufs partition to contain a UFS filesystem from which the system can boot. .Bd -literal -offset indent -/sbin/gpart add -b 162 -s 1048576 -t freebsd-ufs ad0 +/sbin/gpart add -s 512M -t freebsd-ufs ad0 .Ed .Pp Create an MBR scheme on ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236114 - stable/9/share/mk
Author: des
Date: Sat May 26 17:53:35 2012
New Revision: 236114
URL: http://svn.freebsd.org/changeset/base/236114
Log:
MFH r227797, 227932: add {STATIC,SHARED}_{C,CXX}FLAGS
Modified:
stable/9/share/mk/bsd.lib.mk
Directory Properties:
stable/9/share/mk/ (props changed)
Modified: stable/9/share/mk/bsd.lib.mk
==
--- stable/9/share/mk/bsd.lib.mkSat May 26 17:38:55 2012
(r236113)
+++ stable/9/share/mk/bsd.lib.mkSat May 26 17:53:35 2012
(r236114)
@@ -67,23 +67,32 @@ PICFLAG=-fpic
PO_FLAG=-pg
+.c.o:
+ ${CC} ${STATIC_CFLAGS} ${CFLAGS} -c ${.IMPSRC} -o ${.TARGET}
+ @[ -z ${CTFCONVERT} -o -n ${NO_CTF} ] || \
+ (${ECHO} ${CTFCONVERT} ${CTFFLAGS} ${.TARGET} \
+ ${CTFCONVERT} ${CTFFLAGS} ${.TARGET})
+
.c.po:
- ${CC} ${PO_FLAG} ${PO_CFLAGS} -c ${.IMPSRC} -o ${.TARGET}
+ ${CC} ${PO_FLAG} ${STATIC_CFLAGS} ${PO_CFLAGS} -c ${.IMPSRC} -o
${.TARGET}
@[ -z ${CTFCONVERT} -o -n ${NO_CTF} ] || \
(${ECHO} ${CTFCONVERT} ${CTFFLAGS} ${.TARGET} \
${CTFCONVERT} ${CTFFLAGS} ${.TARGET})
.c.So:
- ${CC} ${PICFLAG} -DPIC ${CFLAGS} -c ${.IMPSRC} -o ${.TARGET}
+ ${CC} ${PICFLAG} -DPIC ${SHARED_CFLAGS} ${CFLAGS} -c ${.IMPSRC} -o
${.TARGET}
@[ -z ${CTFCONVERT} -o -n ${NO_CTF} ] || \
(${ECHO} ${CTFCONVERT} ${CTFFLAGS} ${.TARGET} \
${CTFCONVERT} ${CTFFLAGS} ${.TARGET})
+.cc.o:
+ ${CXX} ${STATIC_CXXFLAGS} ${CXXFLAGS} -c ${.IMPSRC} -o ${.TARGET}
+
.cc.po .C.po .cpp.po .cxx.po:
- ${CXX} ${PO_FLAG} ${PO_CXXFLAGS} -c ${.IMPSRC} -o ${.TARGET}
+ ${CXX} ${PO_FLAG} ${STATIC_CXXFLAGS} ${PO_CXXFLAGS} -c ${.IMPSRC} -o
${.TARGET}
.cc.So .C.So .cpp.So .cxx.So:
- ${CXX} ${PICFLAG} -DPIC ${CXXFLAGS} -c ${.IMPSRC} -o ${.TARGET}
+ ${CXX} ${PICFLAG} -DPIC ${SHARED_CXXFLAGS} ${CXXFLAGS} -c ${.IMPSRC} -o
${.TARGET}
.f.po:
${FC} -pg ${FFLAGS} -o ${.TARGET} -c ${.IMPSRC}
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236115 - in stable/9/lib/libpam: . modules
Author: des
Date: Sat May 26 17:56:54 2012
New Revision: 236115
URL: http://svn.freebsd.org/changeset/base/236115
Log:
MFH r227798, r227933: simplify build by using STATIC_CFLAGS
Modified:
stable/9/lib/libpam/Makefile.inc
stable/9/lib/libpam/modules/Makefile.inc
Directory Properties:
stable/9/lib/libpam/ (props changed)
Modified: stable/9/lib/libpam/Makefile.inc
==
--- stable/9/lib/libpam/Makefile.incSat May 26 17:53:35 2012
(r236114)
+++ stable/9/lib/libpam/Makefile.incSat May 26 17:56:54 2012
(r236115)
@@ -31,4 +31,6 @@ DEBUG_FLAGS+= -DDEBUG
SHLIB_MAJOR= 5
PAM_MOD_DIR= ${LIBDIR}
+STATIC_CFLAGS+=-DOPENPAM_STATIC_MODULES
+
.include ../Makefile.inc
Modified: stable/9/lib/libpam/modules/Makefile.inc
==
--- stable/9/lib/libpam/modules/Makefile.incSat May 26 17:53:35 2012
(r236114)
+++ stable/9/lib/libpam/modules/Makefile.incSat May 26 17:56:54 2012
(r236115)
@@ -18,7 +18,4 @@ DPADD+= ${LIBPAM}
LDADD+=-lpam
.endif
-.c.o:
- ${CC} ${CFLAGS} -DOPENPAM_STATIC_MODULES -c ${.IMPSRC}
-
.include ../Makefile.inc
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236116 - stable/9/lib/libpam/libpam
Author: des
Date: Sat May 26 18:20:30 2012
New Revision: 236116
URL: http://svn.freebsd.org/changeset/base/236116
Log:
MFH r226625, 226632: document what openpam_static.c is for
Modified:
stable/9/lib/libpam/libpam/Makefile
Directory Properties:
stable/9/lib/libpam/ (props changed)
Modified: stable/9/lib/libpam/libpam/Makefile
==
--- stable/9/lib/libpam/libpam/Makefile Sat May 26 17:56:54 2012
(r236115)
+++ stable/9/lib/libpam/libpam/Makefile Sat May 26 18:20:30 2012
(r236116)
@@ -148,7 +148,15 @@ HEADERS= security/openpam.h \
ADD_HEADERS= security/pam_mod_misc.h
+#
# Static modules
+#
+# We build static versions of all modules and of openpam_static.o,
+# then link them all together into openpam_static_modules.o. None of
+# the modules export any symbols, but they store structures with
+# pointers to their service functions in a linker set which the code
+# in openpam_static.c traverses to locate the individual modules.
+#
MODULE_DIR=../modules
.include ${.CURDIR}/${MODULE_DIR}/modules.inc
STATIC_MODULES=${MODULES:C/.*/${MODULE_DIR}\/\/lib.a/}
@@ -159,7 +167,8 @@ CLEANFILES+=openpam_static.o \
openpam_static_modules.o: openpam_static.o ${STATIC_MODULES}
${LD} -o ${.TARGET} -r --whole-archive ${.ALLSRC}
-# Can't put openpam_static.c in SRCS but want .o in .depend.
+# We can't put openpam_static.c in SRCS, but we still want to scan it
+# for dependencies.
DPSRCS=openpam_static.c
# Headers
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236124 - vendor/openpam/dist/lib
Author: des
Date: Sat May 26 23:07:45 2012
New Revision: 236124
URL: http://svn.freebsd.org/changeset/base/236124
Log:
OpenPAM Micrampelis was re-rolled due to a showstopper bug.
Modified:
vendor/openpam/dist/lib/openpam_configure.c
Modified: vendor/openpam/dist/lib/openpam_configure.c
==
--- vendor/openpam/dist/lib/openpam_configure.c Sat May 26 22:47:56 2012
(r236123)
+++ vendor/openpam/dist/lib/openpam_configure.c Sat May 26 23:07:45 2012
(r236124)
@@ -32,7 +32,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: openpam_configure.c 601 2012-04-14 20:37:45Z des $
+ * $Id: openpam_configure.c 612 2012-05-26 23:02:55Z des $
*/
#ifdef HAVE_CONFIG_H
@@ -261,6 +261,8 @@ openpam_parse_chain(pam_handle_t *pamh,
this-optc = wordc - i;
for (i = 0; i wordc - this-optc; ++i) {
FREE(wordv[i]);
+ }
+ for (i = 0; i this-optc; ++i) {
wordv[i] = wordv[wordc - this-optc + i];
wordv[wordc - this-optc + i] = NULL;
}
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236125 - vendor/openpam/MICRAMPELIS/lib
Author: des
Date: Sat May 26 23:08:53 2012
New Revision: 236125
URL: http://svn.freebsd.org/changeset/base/236125
Log:
OpenPAM Micrampelis was re-rolled due to a showstopper bug.
Modified:
vendor/openpam/MICRAMPELIS/lib/openpam_configure.c
Directory Properties:
vendor/openpam/MICRAMPELIS/ (props changed)
Modified: vendor/openpam/MICRAMPELIS/lib/openpam_configure.c
==
--- vendor/openpam/MICRAMPELIS/lib/openpam_configure.c Sat May 26 23:07:45
2012(r236124)
+++ vendor/openpam/MICRAMPELIS/lib/openpam_configure.c Sat May 26 23:08:53
2012(r236125)
@@ -32,7 +32,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: openpam_configure.c 601 2012-04-14 20:37:45Z des $
+ * $Id: openpam_configure.c 612 2012-05-26 23:02:55Z des $
*/
#ifdef HAVE_CONFIG_H
@@ -261,6 +261,8 @@ openpam_parse_chain(pam_handle_t *pamh,
this-optc = wordc - i;
for (i = 0; i wordc - this-optc; ++i) {
FREE(wordv[i]);
+ }
+ for (i = 0; i this-optc; ++i) {
wordv[i] = wordv[wordc - this-optc + i];
wordv[wordc - this-optc + i] = NULL;
}
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236126 - head/contrib/openpam/lib
Author: des
Date: Sat May 26 23:10:21 2012
New Revision: 236126
URL: http://svn.freebsd.org/changeset/base/236126
Log:
OpenPAM Micrampelis was re-rolled due to a showstopper bug.
Modified:
head/contrib/openpam/lib/openpam_configure.c
Directory Properties:
head/contrib/openpam/ (props changed)
Modified: head/contrib/openpam/lib/openpam_configure.c
==
--- head/contrib/openpam/lib/openpam_configure.cSat May 26 23:08:53
2012(r236125)
+++ head/contrib/openpam/lib/openpam_configure.cSat May 26 23:10:21
2012(r236126)
@@ -32,7 +32,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: openpam_configure.c 601 2012-04-14 20:37:45Z des $
+ * $Id: openpam_configure.c 612 2012-05-26 23:02:55Z des $
*/
#ifdef HAVE_CONFIG_H
@@ -261,6 +261,8 @@ openpam_parse_chain(pam_handle_t *pamh,
this-optc = wordc - i;
for (i = 0; i wordc - this-optc; ++i) {
FREE(wordv[i]);
+ }
+ for (i = 0; i this-optc; ++i) {
wordv[i] = wordv[wordc - this-optc + i];
wordv[wordc - this-optc + i] = NULL;
}
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236128 - stable/9
Author: des
Date: Sat May 26 23:42:52 2012
New Revision: 236128
URL: http://svn.freebsd.org/changeset/base/236128
Log:
Make yacc a bootstrap tool if building on head, since the new yacc is
not 100% backward compatible. Also, build yacc before lex, because lex
requires yacc but not vice versa.
Modified:
stable/9/Makefile.inc1
Modified: stable/9/Makefile.inc1
==
--- stable/9/Makefile.inc1 Sat May 26 23:10:36 2012(r236127)
+++ stable/9/Makefile.inc1 Sat May 26 23:42:52 2012(r236128)
@@ -1026,6 +1026,9 @@ _sed= usr.bin/sed
.if ${BOOTSTRAPPING} 96
_lex= usr.bin/lex
+.endif
+
+.if ${BOOTSTRAPPING} 96 || ${BOOTSTRAPPING} 112
_yacc= usr.bin/yacc
.endif
@@ -1080,8 +1083,8 @@ bootstrap-tools:
${_mklocale} \
usr.bin/rpcgen \
${_sed} \
-${_lex} \
${_yacc} \
+${_lex} \
usr.bin/xinstall \
${_gensnmptree} \
usr.sbin/config \
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236129 - stable/9
Author: des
Date: Sat May 26 23:48:56 2012
New Revision: 236129
URL: http://svn.freebsd.org/changeset/base/236129
Log:
nit: use = 113 instead of 112
Modified:
stable/9/Makefile.inc1
Modified: stable/9/Makefile.inc1
==
--- stable/9/Makefile.inc1 Sat May 26 23:42:52 2012(r236128)
+++ stable/9/Makefile.inc1 Sat May 26 23:48:56 2012(r236129)
@@ -1028,7 +1028,7 @@ _sed= usr.bin/sed
_lex= usr.bin/lex
.endif
-.if ${BOOTSTRAPPING} 96 || ${BOOTSTRAPPING} 112
+.if ${BOOTSTRAPPING} 96 || ${BOOTSTRAPPING} = 113
_yacc= usr.bin/yacc
.endif
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236131 - stable/8
Author: des
Date: Sun May 27 00:21:27 2012
New Revision: 236131
URL: http://svn.freebsd.org/changeset/base/236131
Log:
Make yacc a bootstrap tool if building on head, since the new yacc is
not 100% backward compatible.
Modified:
stable/8/Makefile.inc1
Modified: stable/8/Makefile.inc1
==
--- stable/8/Makefile.inc1 Sat May 26 23:58:51 2012(r236130)
+++ stable/8/Makefile.inc1 Sun May 27 00:21:27 2012(r236131)
@@ -934,6 +934,10 @@ _ar= usr.bin/ar
_lex= usr.bin/lex
.endif
+.if ${BOOTSTRAPPING} = 113
+_yacc= usr.bin/yacc
+.endif
+
.if ${BOOTSTRAPPING} 800013
_mklocale= usr.bin/mklocale
.endif
@@ -959,6 +963,7 @@ bootstrap-tools:
${_gperf} \
${_groff} \
${_ar} \
+${_yacc} \
${_lex} \
usr.bin/lorder \
usr.bin/makewhatis \
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r235788 - in head: . sys/sys
Author: des
Date: Tue May 22 15:59:07 2012
New Revision: 235788
URL: http://svn.freebsd.org/changeset/base/235788
Log:
Bump __FreeBSD_version for the byacc import, and update _bootstrap_tools.
Modified:
head/Makefile.inc1
head/sys/sys/param.h
Modified: head/Makefile.inc1
==
--- head/Makefile.inc1 Tue May 22 15:58:27 2012(r235787)
+++ head/Makefile.inc1 Tue May 22 15:59:07 2012(r235788)
@@ -1021,6 +1021,9 @@ _sed= usr.bin/sed
.if ${BOOTSTRAPPING} 96
_lex= usr.bin/lex
+.endif
+
+.if ${BOOTSTRAPPING} 113
_yacc= usr.bin/yacc
.endif
@@ -1081,8 +1084,8 @@ bootstrap-tools:
${_mklocale} \
usr.bin/rpcgen \
${_sed} \
-${_lex} \
${_yacc} \
+${_lex} \
usr.bin/xinstall \
${_gensnmptree} \
usr.sbin/config
Modified: head/sys/sys/param.h
==
--- head/sys/sys/param.hTue May 22 15:58:27 2012(r235787)
+++ head/sys/sys/param.hTue May 22 15:59:07 2012(r235788)
@@ -58,7 +58,7 @@
* in the range 5 to 9.
*/
#undef __FreeBSD_version
-#define __FreeBSD_version 112 /* Master, propagated to newvers */
+#define __FreeBSD_version 113 /* Master, propagated to newvers */
/*
* __FreeBSD_kernel__ indicates that this system uses the kernel of FreeBSD,
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r234837 - head/lib/libfetch
Author: des
Date: Mon Apr 30 12:11:45 2012
New Revision: 234837
URL: http://svn.freebsd.org/changeset/base/234837
Log:
Since the socket is non-blocking, it is necessary to use select(2) even
when there is no timeout, because read(2) will return immediately if there
is no data waiting in the TCP buffer, causing fetch_read() to busy-loop on
slow connections.
MFC after:3 weeks
Noticed by: Yanhui Shen shen@gmail.com
Modified:
head/lib/libfetch/common.c
Modified: head/lib/libfetch/common.c
==
--- head/lib/libfetch/common.c Mon Apr 30 11:28:17 2012(r234836)
+++ head/lib/libfetch/common.c Mon Apr 30 12:11:45 2012(r234837)
@@ -455,11 +455,9 @@ fetch_read(conn_t *conn, char *buf, size
struct timeval now, timeout, delta;
fd_set readfds;
ssize_t rlen, total;
- int r;
char *start;
- if (fetchTimeout) {
- FD_ZERO(readfds);
+ if (fetchTimeout 0) {
gettimeofday(timeout, NULL);
timeout.tv_sec += fetchTimeout;
}
@@ -523,23 +521,21 @@ fetch_read(conn_t *conn, char *buf, size
return (-1);
}
// assert(rlen == FETCH_READ_WAIT);
- while (fetchTimeout !FD_ISSET(conn-sd, readfds)) {
+ FD_ZERO(readfds);
+ while (!FD_ISSET(conn-sd, readfds)) {
FD_SET(conn-sd, readfds);
- gettimeofday(now, NULL);
- delta.tv_sec = timeout.tv_sec - now.tv_sec;
- delta.tv_usec = timeout.tv_usec - now.tv_usec;
- if (delta.tv_usec 0) {
- delta.tv_usec += 100;
- delta.tv_sec--;
- }
- if (delta.tv_sec 0) {
- errno = ETIMEDOUT;
- fetch_syserr();
- return (-1);
+ if (fetchTimeout 0) {
+ gettimeofday(now, NULL);
+ if (!timercmp(timeout, now, )) {
+ errno = ETIMEDOUT;
+ fetch_syserr();
+ return (-1);
+ }
+ timersub(timeout, now, delta);
}
errno = 0;
- r = select(conn-sd + 1, readfds, NULL, NULL, delta);
- if (r == -1) {
+ if (select(conn-sd + 1, readfds, NULL, NULL,
+ fetchTimeout 0 ? delta : NULL) 0) {
if (errno == EINTR) {
if (fetchRestartCalls)
continue;
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r234838 - head/lib/libfetch
Author: des
Date: Mon Apr 30 12:12:48 2012
New Revision: 234838
URL: http://svn.freebsd.org/changeset/base/234838
Log:
Don't reuse credentials if redirected to a different host.
Submitted by: Niels Heinen hein...@google.com
MFC after:3 weeks
Modified:
head/lib/libfetch/http.c
Modified: head/lib/libfetch/http.c
==
--- head/lib/libfetch/http.cMon Apr 30 12:11:45 2012(r234837)
+++ head/lib/libfetch/http.cMon Apr 30 12:12:48 2012(r234838)
@@ -1779,7 +1779,9 @@ http_request(struct url *URL, const char
DEBUG(fprintf(stderr, failed to parse
new URL\n));
goto ouch;
}
- if (!*new-user !*new-pwd) {
+
+ /* Only copy credentials if the host matches */
+ if (!strcmp(new-host, url-host)
!*new-user !*new-pwd) {
strcpy(new-user, url-user);
strcpy(new-pwd, url-pwd);
}
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r234729 - head/contrib/openpam/lib
Author: des Date: Fri Apr 27 11:29:09 2012 New Revision: 234729 URL: http://svn.freebsd.org/changeset/base/234729 Log: r234173 missed one instance of FREE(line). Noticed by: glebius@ Modified: head/contrib/openpam/lib/openpam_configure.c Modified: head/contrib/openpam/lib/openpam_configure.c == --- head/contrib/openpam/lib/openpam_configure.cFri Apr 27 09:22:46 2012(r234728) +++ head/contrib/openpam/lib/openpam_configure.cFri Apr 27 11:29:09 2012(r234729) @@ -501,7 +501,7 @@ fail: FREE(this-optv); } FREE(this); - FREE(line); + FREE(line0); FREE(name); fclose(f); return (PAM_SYSTEM_ERR); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r234741 - stable/8/lib/libpam/modules/pam_unix
Author: des Date: Fri Apr 27 21:40:51 2012 New Revision: 234741 URL: http://svn.freebsd.org/changeset/base/234741 Log: MFH r203377, r215680, r227044, r227105: mainly, respect passwordtime. PR: 93310, 93473 Modified: stable/8/lib/libpam/modules/pam_unix/pam_unix.8 stable/8/lib/libpam/modules/pam_unix/pam_unix.c Modified: stable/8/lib/libpam/modules/pam_unix/pam_unix.8 == --- stable/8/lib/libpam/modules/pam_unix/pam_unix.8 Fri Apr 27 20:23:24 2012(r234740) +++ stable/8/lib/libpam/modules/pam_unix/pam_unix.8 Fri Apr 27 21:40:51 2012(r234741) @@ -188,3 +188,9 @@ password database. .Xr pam 8 , .Xr pw 8 , .Xr yp 8 +.Sh BUGS +The +.Nm +module ignores the +.Dv PAM_CHANGE_EXPIRED_AUTHTOK +flag. Modified: stable/8/lib/libpam/modules/pam_unix/pam_unix.c == --- stable/8/lib/libpam/modules/pam_unix/pam_unix.c Fri Apr 27 20:23:24 2012(r234740) +++ stable/8/lib/libpam/modules/pam_unix/pam_unix.c Fri Apr 27 21:40:51 2012(r234741) @@ -50,6 +50,7 @@ __FBSDID($FreeBSD$); #include string.h #include stdio.h #include syslog.h +#include time.h #include unistd.h #include libutil.h @@ -80,8 +81,6 @@ static char password_hash[] = PASSWORD_ #define PAM_OPT_LOCAL_PASS local_pass #define PAM_OPT_NIS_PASS nis_pass -char *tempname = NULL; - /* * authentication management */ @@ -271,10 +270,11 @@ pam_sm_chauthtok(pam_handle_t *pamh, int const void *yp_domain, *yp_server; #endif char salt[SALTSIZE + 1]; - login_cap_t * lc; + login_cap_t *lc; struct passwd *pwd, *old_pwd; const char *user, *old_pass, *new_pass; char *encrypted; + time_t passwordtime; int pfd, tfd, retval; if (openpam_get_option(pamh, PAM_OPT_AUTH_AS_SELF)) @@ -377,11 +377,17 @@ pam_sm_chauthtok(pam_handle_t *pamh, int if ((old_pwd = pw_dup(pwd)) == NULL) return (PAM_BUF_ERR); - pwd-pw_change = 0; lc = login_getclass(pwd-pw_class); if (login_setcryptfmt(lc, password_hash, NULL) == NULL) openpam_log(PAM_LOG_ERROR, can't set password cipher, relying on default); + + /* set password expiry date */ + pwd-pw_change = 0; + passwordtime = login_getcaptime(lc, passwordtime, 0, 0); + if (passwordtime 0) + pwd-pw_change = time(NULL) + passwordtime; + login_close(lc); makesalt(salt); pwd-pw_passwd = crypt(new_pass, salt); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r234685 - head/lib/msun/src
Author: des Date: Wed Apr 25 18:07:35 2012 New Revision: 234685 URL: http://svn.freebsd.org/changeset/base/234685 Log: I stopped using my middle name years ago. Modified: head/lib/msun/src/s_fabsl.c Modified: head/lib/msun/src/s_fabsl.c == --- head/lib/msun/src/s_fabsl.c Wed Apr 25 17:54:26 2012(r234684) +++ head/lib/msun/src/s_fabsl.c Wed Apr 25 18:07:35 2012(r234685) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2003 Dag-Erling Coïdan Smørgrav + * Copyright (c) 2003 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r234311 - head/usr.bin/unzip
Author: des Date: Sun Apr 15 13:39:39 2012 New Revision: 234311 URL: http://svn.freebsd.org/changeset/base/234311 Log: Correct my name in the copyright statement. Modified: head/usr.bin/unzip/unzip.1 head/usr.bin/unzip/unzip.c Modified: head/usr.bin/unzip/unzip.1 == --- head/usr.bin/unzip/unzip.1 Sun Apr 15 13:25:51 2012(r234310) +++ head/usr.bin/unzip/unzip.1 Sun Apr 15 13:39:39 2012(r234311) @@ -1,5 +1,5 @@ .\- -.\ Copyright (c) 2007-2008 Dag-Erling Coïdan Smørgrav +.\ Copyright (c) 2007-2008 Dag-Erling Smørgrav .\ All rights reserved. .\ .\ Redistribution and use in source and binary forms, with or without Modified: head/usr.bin/unzip/unzip.c == --- head/usr.bin/unzip/unzip.c Sun Apr 15 13:25:51 2012(r234310) +++ head/usr.bin/unzip/unzip.c Sun Apr 15 13:39:39 2012(r234311) @@ -1,6 +1,6 @@ /*- * Copyright (c) 2009 Joerg Sonnenberger jo...@netbsd.org - * Copyright (c) 2007-2008 Dag-Erling Coïdan Smørgrav + * Copyright (c) 2007-2008 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r234173 - head/contrib/openpam/lib
Author: des
Date: Thu Apr 12 11:23:24 2012
New Revision: 234173
URL: http://svn.freebsd.org/changeset/base/234173
Log:
Keep a copy of the original pointer returned by openpam_readline() so
we can free it later, instead of trying to free a pointer that points
to the end of the buffer.
Committed to head because this code no longer exists upstream.
Submitted by: jasone@
Modified:
head/contrib/openpam/lib/openpam_configure.c
Modified: head/contrib/openpam/lib/openpam_configure.c
==
--- head/contrib/openpam/lib/openpam_configure.cThu Apr 12 10:48:43
2012(r234172)
+++ head/contrib/openpam/lib/openpam_configure.cThu Apr 12 11:23:24
2012(r234173)
@@ -360,7 +360,7 @@ openpam_parse_chain(pam_handle_t *pamh,
pam_chain_t *this, **next;
pam_facility_t fclt;
pam_control_t ctlf;
- char *line, *str, *name;
+ char *line0, *line, *str, *name;
char *option, **optv;
int len, lineno, ret;
FILE *f;
@@ -377,18 +377,18 @@ openpam_parse_chain(pam_handle_t *pamh,
this = NULL;
name = NULL;
lineno = 0;
- while ((line = openpam_readline(f, lineno, NULL)) != NULL) {
+ while ((line0 = line = openpam_readline(f, lineno, NULL)) != NULL) {
/* get service name if necessary */
if (style == pam_conf_style) {
if ((len = parse_service_name(line, str)) == 0) {
openpam_log(PAM_LOG_NOTICE,
%s(%d): invalid service name (ignored),
filename, lineno);
- FREE(line);
+ FREE(line0);
continue;
}
if (strlcmp(service, str, len) != 0) {
- FREE(line);
+ FREE(line0);
continue;
}
}
@@ -401,7 +401,7 @@ openpam_parse_chain(pam_handle_t *pamh,
goto fail;
}
if (facility != fclt facility != PAM_FACILITY_ANY) {
- FREE(line);
+ FREE(line0);
continue;
}
@@ -425,7 +425,7 @@ openpam_parse_chain(pam_handle_t *pamh,
FREE(name);
if (ret != PAM_SUCCESS)
goto fail;
- FREE(line);
+ FREE(line0);
continue;
}
@@ -486,7 +486,7 @@ openpam_parse_chain(pam_handle_t *pamh,
this = NULL;
/* next please... */
- FREE(line);
+ FREE(line0);
}
if (!feof(f))
goto syserr;
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r231676 - in stable/9: etc etc/rc.d share/man/man8
Author: des
Date: Tue Feb 14 12:43:33 2012
New Revision: 231676
URL: http://svn.freebsd.org/changeset/base/231676
Log:
MFH r230007, r230388: document quiet*, fix devd/dhclient interaction.
Modified:
stable/9/etc/rc.d/dhclient
stable/9/etc/rc.subr
stable/9/share/man/man8/rc.subr.8
Directory Properties:
stable/9/etc/ (props changed)
stable/9/share/man/ (props changed)
Modified: stable/9/etc/rc.d/dhclient
==
--- stable/9/etc/rc.d/dhclient Tue Feb 14 12:13:04 2012(r231675)
+++ stable/9/etc/rc.d/dhclient Tue Feb 14 12:43:33 2012(r231676)
@@ -22,7 +22,14 @@ stop_precmd=dhclient_pre_check
dhclient_pre_check()
{
if [ -z ${rc_force} ] ! dhcpif $ifn; then
- err 1 '$ifn' is not a DHCP-enabled interface
+ local msg
+ msg='$ifn' is not a DHCP-enabled interface
+ if [ -z ${rc_quiet} ]; then
+ echo $msg
+ else
+ debug $msg
+ fi
+ exit 1
fi
}
Modified: stable/9/etc/rc.subr
==
--- stable/9/etc/rc.subrTue Feb 14 12:13:04 2012(r231675)
+++ stable/9/etc/rc.subrTue Feb 14 12:43:33 2012(r231676)
@@ -1117,7 +1117,7 @@ load_rc_config_var()
#
rc_usage()
{
- echo -n 12 Usage: $0 [fast|force|one](
+ echo -n 12 Usage: $0 [fast|force|one|quiet](
_sep=
for _elem; do
Modified: stable/9/share/man/man8/rc.subr.8
==
--- stable/9/share/man/man8/rc.subr.8 Tue Feb 14 12:13:04 2012
(r231675)
+++ stable/9/share/man/man8/rc.subr.8 Tue Feb 14 12:43:33 2012
(r231676)
@@ -339,7 +339,7 @@ with
being the list of valid arguments
prefixed by
.Sm off
-.Dq Bq Li fast | force | one .
+.Dq Bq Li fast | force | one | quiet .
.Sm on
.It Ic reverse_list Ar item ...
Print the list of
@@ -427,6 +427,22 @@ Skip the checks for
being set to
.Dq Li YES ,
but performs all the other prerequisite tests.
+.It Li quiet
+Inhibits some verbose diagnostics.
+Currently, this includes messages
+.Qq Starting ${name}
+(as checked by
+.Ic check_startmsgs
+inside
+.Nm )
+and errors about usage of services that are not enabled in
+.Xr rc.conf 5 .
+This prefix also sets
+.Va rc_quiet Ns = Ns Li YES .
+.Em Please, note:
+.Va rc_quiet
+is not intended to completely mask all debug and warning messages,
+but only certain small classes of them.
.El
.Pp
.Ic run_rc_command
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r231677 - in stable/8: etc etc/rc.d share/man/man8
Author: des
Date: Tue Feb 14 12:47:57 2012
New Revision: 231677
URL: http://svn.freebsd.org/changeset/base/231677
Log:
MFH r230007, r230388: document quiet*, fix devd/dhclient interaction.
Modified:
stable/8/etc/rc.d/dhclient
stable/8/etc/rc.subr
stable/8/share/man/man8/rc.subr.8
Directory Properties:
stable/8/etc/ (props changed)
stable/8/share/man/ (props changed)
stable/8/share/man/man8/ (props changed)
Modified: stable/8/etc/rc.d/dhclient
==
--- stable/8/etc/rc.d/dhclient Tue Feb 14 12:43:33 2012(r231676)
+++ stable/8/etc/rc.d/dhclient Tue Feb 14 12:47:57 2012(r231677)
@@ -22,7 +22,14 @@ stop_precmd=dhclient_pre_check
dhclient_pre_check()
{
if [ -z ${rc_force} ] ! dhcpif $ifn; then
- err 1 '$ifn' is not a DHCP-enabled interface
+ local msg
+ msg='$ifn' is not a DHCP-enabled interface
+ if [ -z ${rc_quiet} ]; then
+ echo $msg
+ else
+ debug $msg
+ fi
+ exit 1
fi
}
Modified: stable/8/etc/rc.subr
==
--- stable/8/etc/rc.subrTue Feb 14 12:43:33 2012(r231676)
+++ stable/8/etc/rc.subrTue Feb 14 12:47:57 2012(r231677)
@@ -1121,7 +1121,7 @@ load_rc_config_var()
#
rc_usage()
{
- echo -n 12 Usage: $0 [fast|force|one](
+ echo -n 12 Usage: $0 [fast|force|one|quiet](
_sep=
for _elem; do
Modified: stable/8/share/man/man8/rc.subr.8
==
--- stable/8/share/man/man8/rc.subr.8 Tue Feb 14 12:43:33 2012
(r231676)
+++ stable/8/share/man/man8/rc.subr.8 Tue Feb 14 12:47:57 2012
(r231677)
@@ -375,7 +375,7 @@ with
being the list of valid arguments
prefixed by
.Sm off
-.Dq Bq Li fast | force | one .
+.Dq Bq Li fast | force | one | quiet .
.Sm on
.It Ic reverse_list Ar item ...
Print the list of
@@ -463,6 +463,22 @@ Skip the checks for
being set to
.Dq Li YES ,
but performs all the other prerequisite tests.
+.It Li quiet
+Inhibits some verbose diagnostics.
+Currently, this includes messages
+.Qq Starting ${name}
+(as checked by
+.Ic check_startmsgs
+inside
+.Nm )
+and errors about usage of services that are not enabled in
+.Xr rc.conf 5 .
+This prefix also sets
+.Va rc_quiet Ns = Ns Li YES .
+.Em Please, note:
+.Va rc_quiet
+is not intended to completely mask all debug and warning messages,
+but only certain small classes of them.
.El
.Pp
.Ic run_rc_command
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r230478 - head/lib/libfetch
Author: des
Date: Mon Jan 23 09:23:07 2012
New Revision: 230478
URL: http://svn.freebsd.org/changeset/base/230478
Log:
Fix two nits in previous commit pointed out by pjd@.
MFC after:3 weeks
Modified:
head/lib/libfetch/common.c
Modified: head/lib/libfetch/common.c
==
--- head/lib/libfetch/common.c Mon Jan 23 08:30:17 2012(r230477)
+++ head/lib/libfetch/common.c Mon Jan 23 09:23:07 2012(r230478)
@@ -416,7 +416,6 @@ fetch_cache_data(conn_t *conn, char *src
if (conn-cache.size nbytes) {
tmp = realloc(conn-cache.buf, nbytes);
if (tmp == NULL) {
- errno = ENOMEM;
fetch_syserr();
return (-1);
}
@@ -481,7 +480,7 @@ fetch_read(conn_t *conn, char *buf, size
conn-cache.len -= total;
conn-cache.pos += total;
len -= total;
- buf+= total;
+ buf += total;
}
while (len 0) {
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r230307 - in head: lib/libfetch usr.bin/fetch
Author: des
Date: Wed Jan 18 15:13:21 2012
New Revision: 230307
URL: http://svn.freebsd.org/changeset/base/230307
Log:
Fix two issues related to the use of SIGINFO in fetch(1) to display
progress information. The first is that fetch_read() (used in the HTTP
code but not the FTP code) can enter an infinite loop if it has previously
been interrupted by a signal. The second is that when it is interrupted,
fetch_read() will discard any data it may have read up to that point.
Luckily, both bugs are extremely timing-sensitive and therefore difficult
to trigger.
PR: bin/153240
Submitted by: Mark mark...@gmail.com
MFC after:3 weeks
Modified:
head/lib/libfetch/common.c
head/lib/libfetch/common.h
head/lib/libfetch/http.c
head/usr.bin/fetch/fetch.c
Modified: head/lib/libfetch/common.c
==
--- head/lib/libfetch/common.c Wed Jan 18 14:41:26 2012(r230306)
+++ head/lib/libfetch/common.c Wed Jan 18 15:13:21 2012(r230307)
@@ -404,6 +404,34 @@ fetch_ssl_read(SSL *ssl, char *buf, size
}
#endif
+/*
+ * Cache some data that was read from a socket but cannot be immediately
+ * returned because of an interrupted system call.
+ */
+static int
+fetch_cache_data(conn_t *conn, char *src, size_t nbytes)
+{
+ char *tmp;
+
+ if (conn-cache.size nbytes) {
+ tmp = realloc(conn-cache.buf, nbytes);
+ if (tmp == NULL) {
+ errno = ENOMEM;
+ fetch_syserr();
+ return (-1);
+ }
+ conn-cache.buf = tmp;
+ conn-cache.size = nbytes;
+ }
+
+ memcpy(conn-cache.buf, src, nbytes);
+ conn-cache.len = nbytes;
+ conn-cache.pos = 0;
+
+ return (0);
+}
+
+
static ssize_t
fetch_socket_read(int sd, char *buf, size_t len)
{
@@ -429,6 +457,7 @@ fetch_read(conn_t *conn, char *buf, size
fd_set readfds;
ssize_t rlen, total;
int r;
+ char *start;
if (fetchTimeout) {
FD_ZERO(readfds);
@@ -437,6 +466,24 @@ fetch_read(conn_t *conn, char *buf, size
}
total = 0;
+ start = buf;
+
+ if (conn-cache.len 0) {
+ /*
+* The last invocation of fetch_read was interrupted by a
+* signal after some data had been read from the socket. Copy
+* the cached data into the supplied buffer before trying to
+* read from the socket again.
+*/
+ total = (conn-cache.len len) ? conn-cache.len : len;
+ memcpy(buf, conn-cache.buf, total);
+
+ conn-cache.len -= total;
+ conn-cache.pos += total;
+ len -= total;
+ buf+= total;
+ }
+
while (len 0) {
/*
* The socket is non-blocking. Instead of the canonical
@@ -472,6 +519,8 @@ fetch_read(conn_t *conn, char *buf, size
total += rlen;
continue;
} else if (rlen == FETCH_READ_ERROR) {
+ if (errno == EINTR)
+ fetch_cache_data(conn, start, total);
return (-1);
}
// assert(rlen == FETCH_READ_WAIT);
@@ -492,8 +541,12 @@ fetch_read(conn_t *conn, char *buf, size
errno = 0;
r = select(conn-sd + 1, readfds, NULL, NULL, delta);
if (r == -1) {
- if (errno == EINTR fetchRestartCalls)
- continue;
+ if (errno == EINTR) {
+ if (fetchRestartCalls)
+ continue;
+ /* Save anything that was read. */
+ fetch_cache_data(conn, start, total);
+ }
fetch_syserr();
return (-1);
}
@@ -677,6 +730,7 @@ fetch_close(conn_t *conn)
if (--conn-ref 0)
return (0);
ret = close(conn-sd);
+ free(conn-cache.buf);
free(conn-buf);
free(conn);
return (ret);
Modified: head/lib/libfetch/common.h
==
--- head/lib/libfetch/common.h Wed Jan 18 14:41:26 2012(r230306)
+++ head/lib/libfetch/common.h Wed Jan 18 15:13:21 2012(r230307)
@@ -52,6 +52,13 @@ struct fetchconn {
size_t bufsize; /* buffer size */
size_t buflen;/* length of buffer contents */
int err; /* last protocol reply code */
+ struct {/*
svn commit: r230059 - head/sbin/geom/class/part
Author: des Date: Fri Jan 13 12:40:33 2012 New Revision: 230059 URL: http://svn.freebsd.org/changeset/base/230059 Log: Provide a better explanation for the sizing of the boot partition, and reduce the size of the partition in the example from 128 blocks to 94 blocks so it will end on a 128-block boundary. Also remove the -b option from the next example. MFC after:3 weeks Modified: head/sbin/geom/class/part/gpart.8 Modified: head/sbin/geom/class/part/gpart.8 == --- head/sbin/geom/class/part/gpart.8 Fri Jan 13 11:58:06 2012 (r230058) +++ head/sbin/geom/class/part/gpart.8 Fri Jan 13 12:40:33 2012 (r230059) @@ -960,17 +960,21 @@ partition that can boot from a .Cm freebsd-ufs partition, and install bootstrap code into it. -This partition must be larger than -.Pa /boot/gptboot , -or the GPT boot you are planning to write, but smaller than 545 KB. -A size of 15 blocks (7680 bytes) would be sufficient for -booting from UFS but 128 blocks (64 KB) is used in -this example to reserve some space for potential -future need (e.g.\ a larger +This partition must be larger than the bootstrap code +.Po +usually either +.Pa /boot/gptboot +or .Pa /boot/gptzfsboot -for booting from a ZFS partition). +.Pc , +but smaller than 545 kB since the first-stage loader will load the +entire partition into memory during boot, regardless of how much data +it actually contains. +This example uses 94 blocks (47 kB) so the next partition will be +aligned on a 64 kB boundary without the need to specify an explicit +offset or alignment. .Bd -literal -offset indent -/sbin/gpart add -b 34 -s 128 -t freebsd-boot ad0 +/sbin/gpart add -b 34 -s 94 -t freebsd-boot ad0 /sbin/gpart bootcode -p /boot/gptboot -i 1 ad0 .Ed .Pp @@ -978,7 +982,7 @@ Create a 512MB-sized .Cm freebsd-ufs partition to contain a UFS filesystem from which the system can boot. .Bd -literal -offset indent -/sbin/gpart add -b 162 -s 1048576 -t freebsd-ufs ad0 +/sbin/gpart add -s 512M -t freebsd-ufs ad0 .Ed .Pp Create an MBR scheme on ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228848 - svnadmin/conf
Author: des Date: Fri Dec 23 20:03:18 2011 New Revision: 228848 URL: http://svn.freebsd.org/changeset/base/228848 Log: give bapt@ a src bit Approved by: core Modified: svnadmin/conf/access svnadmin/conf/mentors Modified: svnadmin/conf/access == --- svnadmin/conf/accessFri Dec 23 19:53:28 2011(r228847) +++ svnadmin/conf/accessFri Dec 23 20:03:18 2011(r228848) @@ -34,6 +34,7 @@ art attilio avatar avg +bapt bde benl benno Modified: svnadmin/conf/mentors == --- svnadmin/conf/mentors Fri Dec 23 19:53:28 2011(r228847) +++ svnadmin/conf/mentors Fri Dec 23 20:03:18 2011(r228848) @@ -13,6 +13,7 @@ anchie bz andrew imp artavg Co-mentor: marcel +bapt des benl philip Co-mentor: simon erimlaier Co-mentor: thompsa gber cognet ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228809 - vendor/openpam/dist/lib
Author: des
Date: Thu Dec 22 18:10:15 2011
New Revision: 228809
URL: http://svn.freebsd.org/changeset/base/228809
Log:
Merge upstream r509: don't log an error in the common case (ENOENT).
Modified:
vendor/openpam/dist/lib/openpam_check_owner_perms.c
Modified: vendor/openpam/dist/lib/openpam_check_owner_perms.c
==
--- vendor/openpam/dist/lib/openpam_check_owner_perms.c Thu Dec 22 16:40:35
2011(r228808)
+++ vendor/openpam/dist/lib/openpam_check_owner_perms.c Thu Dec 22 18:10:15
2011(r228809)
@@ -104,9 +104,11 @@ openpam_check_path_owner_perms(const cha
len = strlen(pathbuf);
while (len 0) {
if (stat(pathbuf, sb) != 0) {
- serrno = errno;
- openpam_log(PAM_LOG_ERROR, %s: %m, pathbuf);
- errno = serrno;
+ if (errno != ENOENT) {
+ serrno = errno;
+ openpam_log(PAM_LOG_ERROR, %s: %m, pathbuf);
+ errno = serrno;
+ }
return (-1);
}
if ((sb.st_uid != root sb.st_uid != arbitrator) ||
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228810 - head/contrib/openpam/lib
Author: des
Date: Thu Dec 22 18:12:51 2011
New Revision: 228810
URL: http://svn.freebsd.org/changeset/base/228810
Log:
Merge upstream r509: don't log an error in the common case (ENOENT).
Modified:
head/contrib/openpam/lib/openpam_check_owner_perms.c
Directory Properties:
head/contrib/openpam/ (props changed)
Modified: head/contrib/openpam/lib/openpam_check_owner_perms.c
==
--- head/contrib/openpam/lib/openpam_check_owner_perms.cThu Dec 22
18:10:15 2011(r228809)
+++ head/contrib/openpam/lib/openpam_check_owner_perms.cThu Dec 22
18:12:51 2011(r228810)
@@ -104,9 +104,11 @@ openpam_check_path_owner_perms(const cha
len = strlen(pathbuf);
while (len 0) {
if (stat(pathbuf, sb) != 0) {
- serrno = errno;
- openpam_log(PAM_LOG_ERROR, %s: %m, pathbuf);
- errno = serrno;
+ if (errno != ENOENT) {
+ serrno = errno;
+ openpam_log(PAM_LOG_ERROR, %s: %m, pathbuf);
+ errno = serrno;
+ }
return (-1);
}
if ((sb.st_uid != root sb.st_uid != arbitrator) ||
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228690 - in vendor/openpam/dist: . bin bin/pamtest bin/su doc doc/man include include/security lib misc modules modules/pam_deny modules/pam_permit modules/pam_unix
Author: des Date: Sun Dec 18 17:08:40 2011 New Revision: 228690 URL: http://svn.freebsd.org/changeset/base/228690 Log: Vendor import of OpenPAM Lycopsida. Added: vendor/openpam/dist/bin/pamtest/ vendor/openpam/dist/bin/pamtest/Makefile.am vendor/openpam/dist/bin/pamtest/Makefile.in vendor/openpam/dist/bin/pamtest/pamtest.1 vendor/openpam/dist/bin/pamtest/pamtest.c vendor/openpam/dist/bin/su/su.1 vendor/openpam/dist/doc/man/openpam_subst.3 vendor/openpam/dist/lib/openpam_check_owner_perms.c vendor/openpam/dist/lib/openpam_constants.c vendor/openpam/dist/lib/openpam_constants.h vendor/openpam/dist/lib/openpam_debug.h vendor/openpam/dist/lib/openpam_strlcmp.h vendor/openpam/dist/lib/openpam_strlcpy.h vendor/openpam/dist/lib/openpam_subst.c Modified: vendor/openpam/dist/CREDITS vendor/openpam/dist/HISTORY vendor/openpam/dist/LICENSE vendor/openpam/dist/Makefile.am vendor/openpam/dist/Makefile.in vendor/openpam/dist/README vendor/openpam/dist/RELNOTES vendor/openpam/dist/aclocal.m4 vendor/openpam/dist/bin/Makefile.am vendor/openpam/dist/bin/Makefile.in vendor/openpam/dist/bin/su/Makefile.am vendor/openpam/dist/bin/su/Makefile.in vendor/openpam/dist/bin/su/su.c vendor/openpam/dist/config.h.in vendor/openpam/dist/configure vendor/openpam/dist/configure.ac vendor/openpam/dist/depcomp vendor/openpam/dist/doc/Makefile.in vendor/openpam/dist/doc/man/Makefile.am vendor/openpam/dist/doc/man/Makefile.in vendor/openpam/dist/doc/man/openpam.3 vendor/openpam/dist/doc/man/openpam_borrow_cred.3 vendor/openpam/dist/doc/man/openpam_free_data.3 vendor/openpam/dist/doc/man/openpam_free_envlist.3 vendor/openpam/dist/doc/man/openpam_get_option.3 vendor/openpam/dist/doc/man/openpam_log.3 vendor/openpam/dist/doc/man/openpam_nullconv.3 vendor/openpam/dist/doc/man/openpam_readline.3 vendor/openpam/dist/doc/man/openpam_restore_cred.3 vendor/openpam/dist/doc/man/openpam_set_option.3 vendor/openpam/dist/doc/man/openpam_ttyconv.3 vendor/openpam/dist/doc/man/pam.3 vendor/openpam/dist/doc/man/pam.conf.5 vendor/openpam/dist/doc/man/pam_acct_mgmt.3 vendor/openpam/dist/doc/man/pam_authenticate.3 vendor/openpam/dist/doc/man/pam_chauthtok.3 vendor/openpam/dist/doc/man/pam_close_session.3 vendor/openpam/dist/doc/man/pam_conv.3 vendor/openpam/dist/doc/man/pam_end.3 vendor/openpam/dist/doc/man/pam_error.3 vendor/openpam/dist/doc/man/pam_get_authtok.3 vendor/openpam/dist/doc/man/pam_get_data.3 vendor/openpam/dist/doc/man/pam_get_item.3 vendor/openpam/dist/doc/man/pam_get_user.3 vendor/openpam/dist/doc/man/pam_getenv.3 vendor/openpam/dist/doc/man/pam_getenvlist.3 vendor/openpam/dist/doc/man/pam_info.3 vendor/openpam/dist/doc/man/pam_open_session.3 vendor/openpam/dist/doc/man/pam_prompt.3 vendor/openpam/dist/doc/man/pam_putenv.3 vendor/openpam/dist/doc/man/pam_set_data.3 vendor/openpam/dist/doc/man/pam_set_item.3 vendor/openpam/dist/doc/man/pam_setcred.3 vendor/openpam/dist/doc/man/pam_setenv.3 vendor/openpam/dist/doc/man/pam_sm_acct_mgmt.3 vendor/openpam/dist/doc/man/pam_sm_authenticate.3 vendor/openpam/dist/doc/man/pam_sm_chauthtok.3 vendor/openpam/dist/doc/man/pam_sm_close_session.3 vendor/openpam/dist/doc/man/pam_sm_open_session.3 vendor/openpam/dist/doc/man/pam_sm_setcred.3 vendor/openpam/dist/doc/man/pam_start.3 vendor/openpam/dist/doc/man/pam_strerror.3 vendor/openpam/dist/doc/man/pam_verror.3 vendor/openpam/dist/doc/man/pam_vinfo.3 vendor/openpam/dist/doc/man/pam_vprompt.3 vendor/openpam/dist/include/Makefile.in vendor/openpam/dist/include/security/Makefile.in vendor/openpam/dist/include/security/openpam.h vendor/openpam/dist/include/security/openpam_version.h vendor/openpam/dist/include/security/pam_appl.h vendor/openpam/dist/include/security/pam_constants.h vendor/openpam/dist/include/security/pam_modules.h vendor/openpam/dist/include/security/pam_types.h vendor/openpam/dist/install-sh vendor/openpam/dist/lib/Makefile.am vendor/openpam/dist/lib/Makefile.in vendor/openpam/dist/lib/openpam_borrow_cred.c vendor/openpam/dist/lib/openpam_configure.c vendor/openpam/dist/lib/openpam_dispatch.c vendor/openpam/dist/lib/openpam_dynamic.c vendor/openpam/dist/lib/openpam_findenv.c vendor/openpam/dist/lib/openpam_free_data.c vendor/openpam/dist/lib/openpam_free_envlist.c vendor/openpam/dist/lib/openpam_get_option.c vendor/openpam/dist/lib/openpam_impl.h vendor/openpam/dist/lib/openpam_load.c vendor/openpam/dist/lib/openpam_log.c vendor/openpam/dist/lib/openpam_nullconv.c vendor/openpam/dist/lib/openpam_readline.c vendor/openpam/dist/lib/openpam_restore_cred.c vendor/openpam/dist/lib/openpam_set_option.c vendor/openpam/dist/lib/openpam_static.c vendor/openpam/dist/lib/openpam_ttyconv.c vendor/openpam/dist/lib/pam_acct_mgmt.c vendor/openpam/dist/lib/pam_authenticate.c vendor/openpam/dist/lib/pam_authenticate_secondary.c
svn commit: r228691 - vendor/openpam/LYCOPSIDA
Author: des Date: Sun Dec 18 17:11:18 2011 New Revision: 228691 URL: http://svn.freebsd.org/changeset/base/228691 Log: Tag OpenPAM Lycopsida Added: vendor/openpam/LYCOPSIDA/ - copied from r228690, vendor/openpam/dist/ ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228692 - in head: contrib/openpam contrib/openpam/bin contrib/openpam/bin/pamtest contrib/openpam/bin/su contrib/openpam/doc contrib/openpam/doc/man contrib/openpam/include contrib/ope...
Author: des Date: Sun Dec 18 17:22:45 2011 New Revision: 228692 URL: http://svn.freebsd.org/changeset/base/228692 Log: Upgrade to OpenPAM Lycopsida. Added: head/contrib/openpam/bin/pamtest/ - copied from r228691, vendor/openpam/dist/bin/pamtest/ head/contrib/openpam/bin/su/su.1 - copied unchanged from r228691, vendor/openpam/dist/bin/su/su.1 head/contrib/openpam/doc/man/openpam_subst.3 - copied unchanged from r228691, vendor/openpam/dist/doc/man/openpam_subst.3 head/contrib/openpam/lib/openpam_check_owner_perms.c - copied unchanged from r228691, vendor/openpam/dist/lib/openpam_check_owner_perms.c head/contrib/openpam/lib/openpam_constants.c - copied unchanged from r228691, vendor/openpam/dist/lib/openpam_constants.c head/contrib/openpam/lib/openpam_constants.h - copied unchanged from r228691, vendor/openpam/dist/lib/openpam_constants.h head/contrib/openpam/lib/openpam_debug.h - copied unchanged from r228691, vendor/openpam/dist/lib/openpam_debug.h head/contrib/openpam/lib/openpam_strlcmp.h - copied unchanged from r228691, vendor/openpam/dist/lib/openpam_strlcmp.h head/contrib/openpam/lib/openpam_strlcpy.h - copied unchanged from r228691, vendor/openpam/dist/lib/openpam_strlcpy.h head/contrib/openpam/lib/openpam_subst.c - copied unchanged from r228691, vendor/openpam/dist/lib/openpam_subst.c Modified: head/contrib/openpam/CREDITS head/contrib/openpam/HISTORY head/contrib/openpam/LICENSE head/contrib/openpam/Makefile.am head/contrib/openpam/Makefile.in head/contrib/openpam/README head/contrib/openpam/RELNOTES head/contrib/openpam/aclocal.m4 head/contrib/openpam/bin/Makefile.am head/contrib/openpam/bin/Makefile.in head/contrib/openpam/bin/su/Makefile.am head/contrib/openpam/bin/su/Makefile.in head/contrib/openpam/bin/su/su.c head/contrib/openpam/config.h.in head/contrib/openpam/configure head/contrib/openpam/configure.ac head/contrib/openpam/depcomp head/contrib/openpam/doc/Makefile.in head/contrib/openpam/doc/man/Makefile.am head/contrib/openpam/doc/man/Makefile.in head/contrib/openpam/doc/man/openpam.3 head/contrib/openpam/doc/man/openpam_borrow_cred.3 head/contrib/openpam/doc/man/openpam_free_data.3 head/contrib/openpam/doc/man/openpam_free_envlist.3 head/contrib/openpam/doc/man/openpam_get_option.3 head/contrib/openpam/doc/man/openpam_log.3 head/contrib/openpam/doc/man/openpam_nullconv.3 head/contrib/openpam/doc/man/openpam_readline.3 head/contrib/openpam/doc/man/openpam_restore_cred.3 head/contrib/openpam/doc/man/openpam_set_option.3 head/contrib/openpam/doc/man/openpam_ttyconv.3 head/contrib/openpam/doc/man/pam.3 head/contrib/openpam/doc/man/pam.conf.5 head/contrib/openpam/doc/man/pam_acct_mgmt.3 head/contrib/openpam/doc/man/pam_authenticate.3 head/contrib/openpam/doc/man/pam_chauthtok.3 head/contrib/openpam/doc/man/pam_close_session.3 head/contrib/openpam/doc/man/pam_conv.3 head/contrib/openpam/doc/man/pam_end.3 head/contrib/openpam/doc/man/pam_error.3 head/contrib/openpam/doc/man/pam_get_authtok.3 head/contrib/openpam/doc/man/pam_get_data.3 head/contrib/openpam/doc/man/pam_get_item.3 head/contrib/openpam/doc/man/pam_get_user.3 head/contrib/openpam/doc/man/pam_getenv.3 head/contrib/openpam/doc/man/pam_getenvlist.3 head/contrib/openpam/doc/man/pam_info.3 head/contrib/openpam/doc/man/pam_open_session.3 head/contrib/openpam/doc/man/pam_prompt.3 head/contrib/openpam/doc/man/pam_putenv.3 head/contrib/openpam/doc/man/pam_set_data.3 head/contrib/openpam/doc/man/pam_set_item.3 head/contrib/openpam/doc/man/pam_setcred.3 head/contrib/openpam/doc/man/pam_setenv.3 head/contrib/openpam/doc/man/pam_sm_acct_mgmt.3 head/contrib/openpam/doc/man/pam_sm_authenticate.3 head/contrib/openpam/doc/man/pam_sm_chauthtok.3 head/contrib/openpam/doc/man/pam_sm_close_session.3 head/contrib/openpam/doc/man/pam_sm_open_session.3 head/contrib/openpam/doc/man/pam_sm_setcred.3 head/contrib/openpam/doc/man/pam_start.3 head/contrib/openpam/doc/man/pam_strerror.3 head/contrib/openpam/doc/man/pam_verror.3 head/contrib/openpam/doc/man/pam_vinfo.3 head/contrib/openpam/doc/man/pam_vprompt.3 head/contrib/openpam/include/Makefile.in head/contrib/openpam/include/security/Makefile.in head/contrib/openpam/include/security/openpam.h head/contrib/openpam/include/security/openpam_version.h head/contrib/openpam/include/security/pam_appl.h head/contrib/openpam/include/security/pam_constants.h head/contrib/openpam/include/security/pam_modules.h head/contrib/openpam/include/security/pam_types.h head/contrib/openpam/install-sh head/contrib/openpam/lib/Makefile.am head/contrib/openpam/lib/Makefile.in head/contrib/openpam/lib/openpam_borrow_cred.c head/contrib/openpam/lib/openpam_configure.c head/contrib/openpam/lib/openpam_dispatch.c head/contrib/openpam/lib/openpam_dynamic.c head/contrib/openpam/lib/openpam_findenv.c
svn commit: r228464 - stable/9/contrib/openpam/lib
Author: des
Date: Tue Dec 13 12:59:39 2011
New Revision: 228464
URL: http://svn.freebsd.org/changeset/base/228464
Log:
MFH r228384: validate the service name
Approved by: re (kib)
Security: some poorly thought out programs allow the user to specify
the service name; this patch makes it harder to trick these
programs into loading and executing arbitrary code.
Modified:
stable/9/contrib/openpam/lib/openpam_configure.c
Directory Properties:
stable/9/contrib/openpam/ (props changed)
Modified: stable/9/contrib/openpam/lib/openpam_configure.c
==
--- stable/9/contrib/openpam/lib/openpam_configure.cTue Dec 13 11:54:51
2011(r228463)
+++ stable/9/contrib/openpam/lib/openpam_configure.cTue Dec 13 12:59:39
2011(r228464)
@@ -285,6 +285,13 @@ openpam_load_chain(pam_handle_t *pamh,
size_t len;
int r;
+ /* don't allow to escape from policy_path */
+ if (strchr(service, '/')) {
+ openpam_log(PAM_LOG_ERROR, invalid service name: %s,
+ service);
+ return (-PAM_SYSTEM_ERR);
+ }
+
for (path = openpam_policy_path; *path != NULL; ++path) {
len = strlen(*path);
if ((*path)[len - 1] == '/') {
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228465 - releng/9.0/contrib/openpam/lib
Author: des
Date: Tue Dec 13 13:02:31 2011
New Revision: 228465
URL: http://svn.freebsd.org/changeset/base/228465
Log:
MFH r228384: validate the service name
Approved by: re (kib)
Security: some poorly thought out programs allow the user to specify
the service name; this patch makes it harder to trick these
programs into loading and executing arbitrary code.
Modified:
releng/9.0/contrib/openpam/lib/openpam_configure.c
Directory Properties:
releng/9.0/contrib/openpam/ (props changed)
Modified: releng/9.0/contrib/openpam/lib/openpam_configure.c
==
--- releng/9.0/contrib/openpam/lib/openpam_configure.c Tue Dec 13 12:59:39
2011(r228464)
+++ releng/9.0/contrib/openpam/lib/openpam_configure.c Tue Dec 13 13:02:31
2011(r228465)
@@ -285,6 +285,13 @@ openpam_load_chain(pam_handle_t *pamh,
size_t len;
int r;
+ /* don't allow to escape from policy_path */
+ if (strchr(service, '/')) {
+ openpam_log(PAM_LOG_ERROR, invalid service name: %s,
+ service);
+ return (-PAM_SYSTEM_ERR);
+ }
+
for (path = openpam_policy_path; *path != NULL; ++path) {
len = strlen(*path);
if ((*path)[len - 1] == '/') {
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228466 - stable/8/contrib/openpam/lib
Author: des
Date: Tue Dec 13 13:02:52 2011
New Revision: 228466
URL: http://svn.freebsd.org/changeset/base/228466
Log:
MFH r228384: validate the service name
Security: some poorly thought out programs allow the user to specify
the service name; this patch makes it harder to trick these
programs into loading and executing arbitrary code.
Modified:
stable/8/contrib/openpam/lib/openpam_configure.c
Directory Properties:
stable/8/contrib/openpam/ (props changed)
Modified: stable/8/contrib/openpam/lib/openpam_configure.c
==
--- stable/8/contrib/openpam/lib/openpam_configure.cTue Dec 13 13:02:31
2011(r228465)
+++ stable/8/contrib/openpam/lib/openpam_configure.cTue Dec 13 13:02:52
2011(r228466)
@@ -285,6 +285,13 @@ openpam_load_chain(pam_handle_t *pamh,
size_t len;
int r;
+ /* don't allow to escape from policy_path */
+ if (strchr(service, '/')) {
+ openpam_log(PAM_LOG_ERROR, invalid service name: %s,
+ service);
+ return (-PAM_SYSTEM_ERR);
+ }
+
for (path = openpam_policy_path; *path != NULL; ++path) {
len = strlen(*path);
if ((*path)[len - 1] == '/') {
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228467 - stable/7/contrib/openpam/lib
Author: des
Date: Tue Dec 13 13:03:11 2011
New Revision: 228467
URL: http://svn.freebsd.org/changeset/base/228467
Log:
MFH r228384: validate the service name
Security: some poorly thought out programs allow the user to specify
the service name; this patch makes it harder to trick these
programs into loading and executing arbitrary code.
Modified:
stable/7/contrib/openpam/lib/openpam_configure.c
Directory Properties:
stable/7/contrib/openpam/ (props changed)
Modified: stable/7/contrib/openpam/lib/openpam_configure.c
==
--- stable/7/contrib/openpam/lib/openpam_configure.cTue Dec 13 13:02:52
2011(r228466)
+++ stable/7/contrib/openpam/lib/openpam_configure.cTue Dec 13 13:03:11
2011(r228467)
@@ -285,6 +285,13 @@ openpam_load_chain(pam_handle_t *pamh,
size_t len;
int r;
+ /* don't allow to escape from policy_path */
+ if (strchr(service, '/')) {
+ openpam_log(PAM_LOG_ERROR, invalid service name: %s,
+ service);
+ return (-PAM_SYSTEM_ERR);
+ }
+
for (path = openpam_policy_path; *path != NULL; ++path) {
len = strlen(*path);
if ((*path)[len - 1] == '/') {
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228410 - stable/9/lib/libpam/modules/pam_ssh
Author: des
Date: Sun Dec 11 16:57:27 2011
New Revision: 228410
URL: http://svn.freebsd.org/changeset/base/228410
Log:
MFH r227757: check for null passphrases, since openssl doesn't
Approved by: re (kib)
Security: prevents users with unencrypted ssh keys (prohibited
unless the nullok option is specified) from logging in
by providing a bogus non-null passphrase.
Modified:
stable/9/lib/libpam/modules/pam_ssh/pam_ssh.c
Directory Properties:
stable/9/lib/libpam/ (props changed)
Modified: stable/9/lib/libpam/modules/pam_ssh/pam_ssh.c
==
--- stable/9/lib/libpam/modules/pam_ssh/pam_ssh.c Sun Dec 11 14:01:11
2011(r228409)
+++ stable/9/lib/libpam/modules/pam_ssh/pam_ssh.c Sun Dec 11 16:57:27
2011(r228410)
@@ -91,7 +91,8 @@ static char *const pam_ssh_agent_envp[]
* struct pam_ssh_key containing the key and its comment.
*/
static struct pam_ssh_key *
-pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase)
+pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase,
+int nullok)
{
struct pam_ssh_key *psk;
char fn[PATH_MAX];
@@ -101,7 +102,21 @@ pam_ssh_load_key(const char *dir, const
if (snprintf(fn, sizeof(fn), %s/%s, dir, kfn) (int)sizeof(fn))
return (NULL);
comment = NULL;
- key = key_load_private(fn, passphrase, comment);
+ /*
+* If the key is unencrypted, OpenSSL ignores the passphrase, so
+* it will seem like the user typed in the right one. This allows
+* a user to circumvent nullok by providing a dummy passphrase.
+* Verify that the key really *is* encrypted by trying to load it
+* with an empty passphrase, and if the key is not encrypted,
+* accept only an empty passphrase.
+*/
+ key = key_load_private(fn, NULL, comment);
+ if (key != NULL !(*passphrase == '\0' nullok)) {
+ key_free(key);
+ return (NULL);
+ }
+ if (key == NULL)
+ key = key_load_private(fn, passphrase, comment);
if (key == NULL) {
openpam_log(PAM_LOG_DEBUG, failed to load key from %s, fn);
return (NULL);
@@ -168,9 +183,6 @@ pam_sm_authenticate(pam_handle_t *pamh,
if (pam_err != PAM_SUCCESS)
return (pam_err);
- if (*passphrase == '\0' !nullok)
- goto skip_keys;
-
/* switch to user credentials */
pam_err = openpam_borrow_cred(pamh, pwd);
if (pam_err != PAM_SUCCESS)
@@ -178,7 +190,7 @@ pam_sm_authenticate(pam_handle_t *pamh,
/* try to load keys from all keyfiles we know of */
for (kfn = pam_ssh_keyfiles; *kfn != NULL; ++kfn) {
- psk = pam_ssh_load_key(pwd-pw_dir, *kfn, passphrase);
+ psk = pam_ssh_load_key(pwd-pw_dir, *kfn, passphrase, nullok);
if (psk != NULL) {
pam_set_data(pamh, *kfn, psk, pam_ssh_free_key);
++nkeys;
@@ -188,7 +200,6 @@ pam_sm_authenticate(pam_handle_t *pamh,
/* switch back to arbitrator credentials */
openpam_restore_cred(pamh);
- skip_keys:
/*
* If we tried an old token and didn't get anything, and
* try_first_pass was specified, try again after prompting the
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228414 - releng/9.0/lib/libpam/modules/pam_ssh
Author: des
Date: Sun Dec 11 17:32:37 2011
New Revision: 228414
URL: http://svn.freebsd.org/changeset/base/228414
Log:
MFH r228410: check for null passphrases, since openssl doesn't
Approved by: re (kib)
Security: prevents users with unencrypted ssh keys (prohibited
unless the nullok option is specified) from logging in
by providing a bogus non-null passphrase.
Modified:
releng/9.0/lib/libpam/modules/pam_ssh/pam_ssh.c
Directory Properties:
releng/9.0/lib/libpam/ (props changed)
Modified: releng/9.0/lib/libpam/modules/pam_ssh/pam_ssh.c
==
--- releng/9.0/lib/libpam/modules/pam_ssh/pam_ssh.c Sun Dec 11 17:23:03
2011(r228413)
+++ releng/9.0/lib/libpam/modules/pam_ssh/pam_ssh.c Sun Dec 11 17:32:37
2011(r228414)
@@ -91,7 +91,8 @@ static char *const pam_ssh_agent_envp[]
* struct pam_ssh_key containing the key and its comment.
*/
static struct pam_ssh_key *
-pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase)
+pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase,
+int nullok)
{
struct pam_ssh_key *psk;
char fn[PATH_MAX];
@@ -101,7 +102,21 @@ pam_ssh_load_key(const char *dir, const
if (snprintf(fn, sizeof(fn), %s/%s, dir, kfn) (int)sizeof(fn))
return (NULL);
comment = NULL;
- key = key_load_private(fn, passphrase, comment);
+ /*
+* If the key is unencrypted, OpenSSL ignores the passphrase, so
+* it will seem like the user typed in the right one. This allows
+* a user to circumvent nullok by providing a dummy passphrase.
+* Verify that the key really *is* encrypted by trying to load it
+* with an empty passphrase, and if the key is not encrypted,
+* accept only an empty passphrase.
+*/
+ key = key_load_private(fn, NULL, comment);
+ if (key != NULL !(*passphrase == '\0' nullok)) {
+ key_free(key);
+ return (NULL);
+ }
+ if (key == NULL)
+ key = key_load_private(fn, passphrase, comment);
if (key == NULL) {
openpam_log(PAM_LOG_DEBUG, failed to load key from %s, fn);
return (NULL);
@@ -168,9 +183,6 @@ pam_sm_authenticate(pam_handle_t *pamh,
if (pam_err != PAM_SUCCESS)
return (pam_err);
- if (*passphrase == '\0' !nullok)
- goto skip_keys;
-
/* switch to user credentials */
pam_err = openpam_borrow_cred(pamh, pwd);
if (pam_err != PAM_SUCCESS)
@@ -178,7 +190,7 @@ pam_sm_authenticate(pam_handle_t *pamh,
/* try to load keys from all keyfiles we know of */
for (kfn = pam_ssh_keyfiles; *kfn != NULL; ++kfn) {
- psk = pam_ssh_load_key(pwd-pw_dir, *kfn, passphrase);
+ psk = pam_ssh_load_key(pwd-pw_dir, *kfn, passphrase, nullok);
if (psk != NULL) {
pam_set_data(pamh, *kfn, psk, pam_ssh_free_key);
++nkeys;
@@ -188,7 +200,6 @@ pam_sm_authenticate(pam_handle_t *pamh,
/* switch back to arbitrator credentials */
openpam_restore_cred(pamh);
- skip_keys:
/*
* If we tried an old token and didn't get anything, and
* try_first_pass was specified, try again after prompting the
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228420 - stable/8/lib/libpam/modules/pam_ssh
Author: des
Date: Sun Dec 11 20:38:36 2011
New Revision: 228420
URL: http://svn.freebsd.org/changeset/base/228420
Log:
MFH r227757: check for null passphrases, since openssl doesn't
Security: prevents users with unencrypted ssh keys (prohibited
unless the nullok option is specified) from logging in
by providing a bogus non-null passphrase.
Modified:
stable/8/lib/libpam/modules/pam_ssh/pam_ssh.c
Directory Properties:
stable/8/lib/libpam/ (props changed)
Modified: stable/8/lib/libpam/modules/pam_ssh/pam_ssh.c
==
--- stable/8/lib/libpam/modules/pam_ssh/pam_ssh.c Sun Dec 11 20:01:37
2011(r228419)
+++ stable/8/lib/libpam/modules/pam_ssh/pam_ssh.c Sun Dec 11 20:38:36
2011(r228420)
@@ -91,7 +91,8 @@ static char *const pam_ssh_agent_envp[]
* struct pam_ssh_key containing the key and its comment.
*/
static struct pam_ssh_key *
-pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase)
+pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase,
+int nullok)
{
struct pam_ssh_key *psk;
char fn[PATH_MAX];
@@ -101,7 +102,21 @@ pam_ssh_load_key(const char *dir, const
if (snprintf(fn, sizeof(fn), %s/%s, dir, kfn) (int)sizeof(fn))
return (NULL);
comment = NULL;
- key = key_load_private(fn, passphrase, comment);
+ /*
+* If the key is unencrypted, OpenSSL ignores the passphrase, so
+* it will seem like the user typed in the right one. This allows
+* a user to circumvent nullok by providing a dummy passphrase.
+* Verify that the key really *is* encrypted by trying to load it
+* with an empty passphrase, and if the key is not encrypted,
+* accept only an empty passphrase.
+*/
+ key = key_load_private(fn, NULL, comment);
+ if (key != NULL !(*passphrase == '\0' nullok)) {
+ key_free(key);
+ return (NULL);
+ }
+ if (key == NULL)
+ key = key_load_private(fn, passphrase, comment);
if (key == NULL) {
openpam_log(PAM_LOG_DEBUG, failed to load key from %s\n, fn);
return (NULL);
@@ -168,9 +183,6 @@ pam_sm_authenticate(pam_handle_t *pamh,
if (pam_err != PAM_SUCCESS)
return (pam_err);
- if (*passphrase == '\0' !nullok)
- goto skip_keys;
-
/* switch to user credentials */
pam_err = openpam_borrow_cred(pamh, pwd);
if (pam_err != PAM_SUCCESS)
@@ -178,7 +190,7 @@ pam_sm_authenticate(pam_handle_t *pamh,
/* try to load keys from all keyfiles we know of */
for (kfn = pam_ssh_keyfiles; *kfn != NULL; ++kfn) {
- psk = pam_ssh_load_key(pwd-pw_dir, *kfn, passphrase);
+ psk = pam_ssh_load_key(pwd-pw_dir, *kfn, passphrase, nullok);
if (psk != NULL) {
pam_set_data(pamh, *kfn, psk, pam_ssh_free_key);
++nkeys;
@@ -188,7 +200,6 @@ pam_sm_authenticate(pam_handle_t *pamh,
/* switch back to arbitrator credentials */
openpam_restore_cred(pamh);
- skip_keys:
/*
* If we tried an old token and didn't get anything, and
* try_first_pass was specified, try again after prompting the
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228421 - stable/7/lib/libpam/modules/pam_ssh
Author: des
Date: Sun Dec 11 20:40:23 2011
New Revision: 228421
URL: http://svn.freebsd.org/changeset/base/228421
Log:
MFH r227757: check for null passphrases, since openssl doesn't
Security: prevents users with unencrypted ssh keys (prohibited
unless the nullok option is specified) from logging in
by providing a bogus non-null passphrase.
Modified:
stable/7/lib/libpam/modules/pam_ssh/pam_ssh.c
Directory Properties:
stable/7/lib/libpam/ (props changed)
Modified: stable/7/lib/libpam/modules/pam_ssh/pam_ssh.c
==
--- stable/7/lib/libpam/modules/pam_ssh/pam_ssh.c Sun Dec 11 20:38:36
2011(r228420)
+++ stable/7/lib/libpam/modules/pam_ssh/pam_ssh.c Sun Dec 11 20:40:23
2011(r228421)
@@ -88,7 +88,8 @@ static char *const pam_ssh_agent_envp[]
* struct pam_ssh_key containing the key and its comment.
*/
static struct pam_ssh_key *
-pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase)
+pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase,
+int nullok)
{
struct pam_ssh_key *psk;
char fn[PATH_MAX];
@@ -98,7 +99,21 @@ pam_ssh_load_key(const char *dir, const
if (snprintf(fn, sizeof(fn), %s/%s, dir, kfn) (int)sizeof(fn))
return (NULL);
comment = NULL;
- key = key_load_private(fn, passphrase, comment);
+ /*
+* If the key is unencrypted, OpenSSL ignores the passphrase, so
+* it will seem like the user typed in the right one. This allows
+* a user to circumvent nullok by providing a dummy passphrase.
+* Verify that the key really *is* encrypted by trying to load it
+* with an empty passphrase, and if the key is not encrypted,
+* accept only an empty passphrase.
+*/
+ key = key_load_private(fn, NULL, comment);
+ if (key != NULL !(*passphrase == '\0' nullok)) {
+ key_free(key);
+ return (NULL);
+ }
+ if (key == NULL)
+ key = key_load_private(fn, passphrase, comment);
if (key == NULL) {
openpam_log(PAM_LOG_DEBUG, failed to load key from %s\n, fn);
return (NULL);
@@ -165,9 +180,6 @@ pam_sm_authenticate(pam_handle_t *pamh,
if (pam_err != PAM_SUCCESS)
return (pam_err);
- if (*passphrase == '\0' !nullok)
- goto skip_keys;
-
/* switch to user credentials */
pam_err = openpam_borrow_cred(pamh, pwd);
if (pam_err != PAM_SUCCESS)
@@ -175,7 +187,7 @@ pam_sm_authenticate(pam_handle_t *pamh,
/* try to load keys from all keyfiles we know of */
for (kfn = pam_ssh_keyfiles; *kfn != NULL; ++kfn) {
- psk = pam_ssh_load_key(pwd-pw_dir, *kfn, passphrase);
+ psk = pam_ssh_load_key(pwd-pw_dir, *kfn, passphrase, nullok);
if (psk != NULL) {
pam_set_data(pamh, *kfn, psk, pam_ssh_free_key);
++nkeys;
@@ -185,7 +197,6 @@ pam_sm_authenticate(pam_handle_t *pamh,
/* switch back to arbitrator credentials */
openpam_restore_cred(pamh);
- skip_keys:
/*
* If we tried an old token and didn't get anything, and
* try_first_pass was specified, try again after prompting the
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228384 - head/contrib/openpam/lib
Author: des
Date: Sat Dec 10 01:44:24 2011
New Revision: 228384
URL: http://svn.freebsd.org/changeset/base/228384
Log:
Add minimal validation of the service name to fend off at least one
attack vector against applications that allow the applicant to specify
which policy to apply.
Submitted by: Matthias Drochner droch...@netbsd.org
MFC after:1 week
Modified:
head/contrib/openpam/lib/openpam_configure.c
Modified: head/contrib/openpam/lib/openpam_configure.c
==
--- head/contrib/openpam/lib/openpam_configure.cSat Dec 10 01:01:44
2011(r228383)
+++ head/contrib/openpam/lib/openpam_configure.cSat Dec 10 01:44:24
2011(r228384)
@@ -285,6 +285,13 @@ openpam_load_chain(pam_handle_t *pamh,
size_t len;
int r;
+ /* don't allow to escape from policy_path */
+ if (strchr(service, '/')) {
+ openpam_log(PAM_LOG_ERROR, invalid service name: %s,
+ service);
+ return (-PAM_SYSTEM_ERR);
+ }
+
for (path = openpam_policy_path; *path != NULL; ++path) {
len = strlen(*path);
if ((*path)[len - 1] == '/') {
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r227932 - head/share/mk
Author: des
Date: Thu Nov 24 13:13:50 2011
New Revision: 227932
URL: http://svn.freebsd.org/changeset/base/227932
Log:
Add CTF magic to the new .c.o rule.
MFC after:3 weeks
Modified:
head/share/mk/bsd.lib.mk
Modified: head/share/mk/bsd.lib.mk
==
--- head/share/mk/bsd.lib.mkThu Nov 24 10:58:48 2011(r227931)
+++ head/share/mk/bsd.lib.mkThu Nov 24 13:13:50 2011(r227932)
@@ -69,6 +69,9 @@ PO_FLAG=-pg
.c.o:
${CC} ${STATIC_CFLAGS} ${CFLAGS} -c ${.IMPSRC} -o ${.TARGET}
+ @[ -z ${CTFCONVERT} -o -n ${NO_CTF} ] || \
+ (${ECHO} ${CTFCONVERT} ${CTFFLAGS} ${.TARGET} \
+ ${CTFCONVERT} ${CTFFLAGS} ${.TARGET})
.c.po:
${CC} ${PO_FLAG} ${STATIC_CFLAGS} ${PO_CFLAGS} -c ${.IMPSRC} -o
${.TARGET}
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r227933 - in head: . lib/libpam/modules
Author: des
Date: Thu Nov 24 13:18:58 2011
New Revision: 227933
URL: http://svn.freebsd.org/changeset/base/227933
Log:
Revert r227841 and part of r227798. We still build libpam in two passes,
but we use STATIC_CFLAGS instead of our own private .c.o rule.
MFC after:3 weeks
Modified:
head/Makefile.inc1
head/lib/libpam/modules/Makefile.inc
Modified: head/Makefile.inc1
==
--- head/Makefile.inc1 Thu Nov 24 13:13:50 2011(r227932)
+++ head/Makefile.inc1 Thu Nov 24 13:18:58 2011(r227933)
@@ -1230,7 +1230,7 @@ _prebuild_libs= ${_kerberos5_lib_libasn1
${_lib_libgssapi} ${_lib_libipx} \
lib/libkiconv lib/libkvm lib/liblzma lib/libmd \
lib/ncurses/ncurses lib/ncurses/ncursesw \
- lib/libopie ${_lib_libthr} \
+ lib/libopie lib/libpam ${_lib_libthr} \
lib/libradius lib/libsbuf lib/libtacplus \
${_cddl_lib_libumem} \
lib/libutil ${_lib_libypclnt} lib/libz lib/msun \
@@ -1323,7 +1323,7 @@ ${_lib}__PL: .PHONY
.endif
.endfor
-.for _lib in ${_startup_libs} ${_prebuild_libs} ${_generic_libs}
+.for _lib in ${_startup_libs} ${_prebuild_libs:Nlib/libpam} ${_generic_libs}
${_lib}__L: .PHONY
.if exists(${.CURDIR}/${_lib})
${_+_}@${ECHODIR} === ${_lib} (obj,depend,all,install); \
@@ -1335,6 +1335,17 @@ ${_lib}__L: .PHONY
.endif
.endfor
+# libpam is special: we need to build static PAM modules before
+# static PAM library, and dynamic PAM library before dynamic PAM
+# modules.
+lib/libpam__L: .PHONY
+ ${_+_}@${ECHODIR} === lib/libpam (obj,depend,all,install); \
+ cd ${.CURDIR}/lib/libpam; \
+ ${MAKE} DIRPRFX=lib/libpam/ obj; \
+ ${MAKE} DIRPRFX=lib/libpam/ depend; \
+ ${MAKE} DIRPRFX=lib/libpam/ -D_NO_LIBPAM_SO_YET all; \
+ ${MAKE} DIRPRFX=lib/libpam/ -D_NO_LIBPAM_SO_YET install
+
_prereq_libs: ${_prereq_libs:S/$/__PL/}
_startup_libs: ${_startup_libs:S/$/__L/}
_prebuild_libs: ${_prebuild_libs:S/$/__L/}
Modified: head/lib/libpam/modules/Makefile.inc
==
--- head/lib/libpam/modules/Makefile.incThu Nov 24 13:13:50 2011
(r227932)
+++ head/lib/libpam/modules/Makefile.incThu Nov 24 13:18:58 2011
(r227933)
@@ -5,8 +5,17 @@ PAMDIR=${.CURDIR}/../../../../contrib/
NO_INSTALLLIB=
NO_PROFILE=
-CFLAGS+= -I${PAMDIR}/include -I${.CURDIR}/../../libpam
+CFLAGS+= -I${PAMDIR}/include -I${.CURDIR}/../../libpam
+# This is nasty.
+# For the static case, libpam.a depends on the modules.
+# For the dynamic case, the modules depend on libpam.so.N
+.if defined(_NO_LIBPAM_SO_YET)
+NO_PIC=
+.else
SHLIB_NAME?= ${LIB}.so.${SHLIB_MAJOR}
+DPADD+=${LIBPAM}
+LDADD+=-lpam
+.endif
.include ../Makefile.inc
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r227841 - head
Author: des
Date: Tue Nov 22 21:18:14 2011
New Revision: 227841
URL: http://svn.freebsd.org/changeset/base/227841
Log:
Remove libpam from _prebuild_libs. This should unbreak the -jX build.
MFC after:3 weeks
Modified:
head/Makefile.inc1
Modified: head/Makefile.inc1
==
--- head/Makefile.inc1 Tue Nov 22 21:14:46 2011(r227840)
+++ head/Makefile.inc1 Tue Nov 22 21:18:14 2011(r227841)
@@ -1235,8 +1235,7 @@ _prebuild_libs= ${_kerberos5_lib_libasn1
${_cddl_lib_libumem} \
lib/libutil ${_lib_libypclnt} lib/libz lib/msun \
${_secure_lib_libcrypto} ${_secure_lib_libssh} \
- ${_secure_lib_libssl} \
- lib/libpam
+ ${_secure_lib_libssl}
.if ${MK_LIBTHR} != no
_lib_libthr= lib/libthr
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r227797 - head/share/mk
Author: des
Date: Mon Nov 21 16:35:57 2011
New Revision: 227797
URL: http://svn.freebsd.org/changeset/base/227797
Log:
As threatened on -arch, add {SHARED,STATIC}_{C,CXX}FLAGS, which allow a
Makefile to specify different CFLAGS for shared and static libraries.
MFC after:3 weeks
Modified:
head/share/mk/bsd.lib.mk
Modified: head/share/mk/bsd.lib.mk
==
--- head/share/mk/bsd.lib.mkMon Nov 21 16:06:23 2011(r227796)
+++ head/share/mk/bsd.lib.mkMon Nov 21 16:35:57 2011(r227797)
@@ -67,23 +67,29 @@ PICFLAG=-fpic
PO_FLAG=-pg
+.c.o:
+ ${CC} ${STATIC_CFLAGS} ${CFLAGS} -c ${.IMPSRC} -o ${.TARGET}
+
.c.po:
- ${CC} ${PO_FLAG} ${PO_CFLAGS} -c ${.IMPSRC} -o ${.TARGET}
+ ${CC} ${PO_FLAG} ${STATIC_CFLAGS} ${PO_CFLAGS} -c ${.IMPSRC} -o
${.TARGET}
@[ -z ${CTFCONVERT} -o -n ${NO_CTF} ] || \
(${ECHO} ${CTFCONVERT} ${CTFFLAGS} ${.TARGET} \
${CTFCONVERT} ${CTFFLAGS} ${.TARGET})
.c.So:
- ${CC} ${PICFLAG} -DPIC ${CFLAGS} -c ${.IMPSRC} -o ${.TARGET}
+ ${CC} ${PICFLAG} -DPIC ${SHARED_CFLAGS} ${CFLAGS} -c ${.IMPSRC} -o
${.TARGET}
@[ -z ${CTFCONVERT} -o -n ${NO_CTF} ] || \
(${ECHO} ${CTFCONVERT} ${CTFFLAGS} ${.TARGET} \
${CTFCONVERT} ${CTFFLAGS} ${.TARGET})
+.cc.o:
+ ${CXX} ${STATIC_CXXFLAGS} ${CXXFLAGS} -c ${.IMPSRC} -o ${.TARGET}
+
.cc.po .C.po .cpp.po .cxx.po:
- ${CXX} ${PO_FLAG} ${PO_CXXFLAGS} -c ${.IMPSRC} -o ${.TARGET}
+ ${CXX} ${PO_FLAG} ${STATIC_CXXFLAGS} ${PO_CXXFLAGS} -c ${.IMPSRC} -o
${.TARGET}
.cc.So .C.So .cpp.So .cxx.So:
- ${CXX} ${PICFLAG} -DPIC ${CXXFLAGS} -c ${.IMPSRC} -o ${.TARGET}
+ ${CXX} ${PICFLAG} -DPIC ${SHARED_CXXFLAGS} ${CXXFLAGS} -c ${.IMPSRC} -o
${.TARGET}
.f.po:
${FC} -pg ${FFLAGS} -o ${.TARGET} -c ${.IMPSRC}
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r227798 - in head: . lib/libpam lib/libpam/modules
Author: des
Date: Mon Nov 21 16:40:39 2011
New Revision: 227798
URL: http://svn.freebsd.org/changeset/base/227798
Log:
Simplify the libpam build by removing the shared modules' dependency
on the shared library. The modules are loaded by the library, so we
know it'll be there when we need it.
MFC after:3 weeks
Modified:
head/Makefile.inc1
head/lib/libpam/Makefile.inc
head/lib/libpam/modules/Makefile.inc
Modified: head/Makefile.inc1
==
--- head/Makefile.inc1 Mon Nov 21 16:35:57 2011(r227797)
+++ head/Makefile.inc1 Mon Nov 21 16:40:39 2011(r227798)
@@ -1230,12 +1230,13 @@ _prebuild_libs= ${_kerberos5_lib_libasn1
${_lib_libgssapi} ${_lib_libipx} \
lib/libkiconv lib/libkvm lib/liblzma lib/libmd \
lib/ncurses/ncurses lib/ncurses/ncursesw \
- lib/libopie lib/libpam ${_lib_libthr} \
+ lib/libopie ${_lib_libthr} \
lib/libradius lib/libsbuf lib/libtacplus \
${_cddl_lib_libumem} \
lib/libutil ${_lib_libypclnt} lib/libz lib/msun \
${_secure_lib_libcrypto} ${_secure_lib_libssh} \
- ${_secure_lib_libssl}
+ ${_secure_lib_libssl} \
+ lib/libpam
.if ${MK_LIBTHR} != no
_lib_libthr= lib/libthr
@@ -1323,7 +1324,7 @@ ${_lib}__PL: .PHONY
.endif
.endfor
-.for _lib in ${_startup_libs} ${_prebuild_libs:Nlib/libpam} ${_generic_libs}
+.for _lib in ${_startup_libs} ${_prebuild_libs} ${_generic_libs}
${_lib}__L: .PHONY
.if exists(${.CURDIR}/${_lib})
${_+_}@${ECHODIR} === ${_lib} (obj,depend,all,install); \
@@ -1335,17 +1336,6 @@ ${_lib}__L: .PHONY
.endif
.endfor
-# libpam is special: we need to build static PAM modules before
-# static PAM library, and dynamic PAM library before dynamic PAM
-# modules.
-lib/libpam__L: .PHONY
- ${_+_}@${ECHODIR} === lib/libpam (obj,depend,all,install); \
- cd ${.CURDIR}/lib/libpam; \
- ${MAKE} DIRPRFX=lib/libpam/ obj; \
- ${MAKE} DIRPRFX=lib/libpam/ depend; \
- ${MAKE} DIRPRFX=lib/libpam/ -D_NO_LIBPAM_SO_YET all; \
- ${MAKE} DIRPRFX=lib/libpam/ -D_NO_LIBPAM_SO_YET install
-
_prereq_libs: ${_prereq_libs:S/$/__PL/}
_startup_libs: ${_startup_libs:S/$/__L/}
_prebuild_libs: ${_prebuild_libs:S/$/__L/}
Modified: head/lib/libpam/Makefile.inc
==
--- head/lib/libpam/Makefile.incMon Nov 21 16:35:57 2011
(r227797)
+++ head/lib/libpam/Makefile.incMon Nov 21 16:40:39 2011
(r227798)
@@ -31,4 +31,6 @@ DEBUG_FLAGS+= -DDEBUG
SHLIB_MAJOR= 5
PAM_MOD_DIR= ${LIBDIR}
+STATIC_CFLAGS+=-DOPENPAM_STATIC_MODULES
+
.include ../Makefile.inc
Modified: head/lib/libpam/modules/Makefile.inc
==
--- head/lib/libpam/modules/Makefile.incMon Nov 21 16:35:57 2011
(r227797)
+++ head/lib/libpam/modules/Makefile.incMon Nov 21 16:40:39 2011
(r227798)
@@ -5,20 +5,8 @@ PAMDIR=${.CURDIR}/../../../../contrib/
NO_INSTALLLIB=
NO_PROFILE=
-CFLAGS+= -I${PAMDIR}/include -I${.CURDIR}/../../libpam
+CFLAGS+= -I${PAMDIR}/include -I${.CURDIR}/../../libpam
-# This is nasty.
-# For the static case, libpam.a depends on the modules.
-# For the dynamic case, the modules depend on libpam.so.N
-.if defined(_NO_LIBPAM_SO_YET)
-NO_PIC=
-.else
SHLIB_NAME?= ${LIB}.so.${SHLIB_MAJOR}
-DPADD+=${LIBPAM}
-LDADD+=-lpam
-.endif
-
-.c.o:
- ${CC} ${CFLAGS} -DOPENPAM_STATIC_MODULES -c ${.IMPSRC}
.include ../Makefile.inc
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r227757 - head/lib/libpam/modules/pam_ssh
Author: des
Date: Sun Nov 20 15:18:49 2011
New Revision: 227757
URL: http://svn.freebsd.org/changeset/base/227757
Log:
key_load_private() ignores the passphrase argument if the private key
is unencrypted. This defeats the nullok check, because it means a
non-null passphrase will successfully unlock the key.
To address this, try at first to load the key without a passphrase.
If this succeeds and the user provided a non-empty passphrase *or*
nullok is false, reject the key.
MFC after:1 week
Noticed by: Guy Helmer guy.hel...@palisadesystems.com
Modified:
head/lib/libpam/modules/pam_ssh/pam_ssh.c
Modified: head/lib/libpam/modules/pam_ssh/pam_ssh.c
==
--- head/lib/libpam/modules/pam_ssh/pam_ssh.c Sun Nov 20 15:06:39 2011
(r227756)
+++ head/lib/libpam/modules/pam_ssh/pam_ssh.c Sun Nov 20 15:18:49 2011
(r227757)
@@ -93,7 +93,8 @@ static char *const pam_ssh_agent_envp[]
* struct pam_ssh_key containing the key and its comment.
*/
static struct pam_ssh_key *
-pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase)
+pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase,
+int nullok)
{
struct pam_ssh_key *psk;
char fn[PATH_MAX];
@@ -103,7 +104,21 @@ pam_ssh_load_key(const char *dir, const
if (snprintf(fn, sizeof(fn), %s/%s, dir, kfn) (int)sizeof(fn))
return (NULL);
comment = NULL;
- key = key_load_private(fn, passphrase, comment);
+ /*
+* If the key is unencrypted, OpenSSL ignores the passphrase, so
+* it will seem like the user typed in the right one. This allows
+* a user to circumvent nullok by providing a dummy passphrase.
+* Verify that the key really *is* encrypted by trying to load it
+* with an empty passphrase, and if the key is not encrypted,
+* accept only an empty passphrase.
+*/
+ key = key_load_private(fn, NULL, comment);
+ if (key != NULL !(*passphrase == '\0' nullok)) {
+ key_free(key);
+ return (NULL);
+ }
+ if (key == NULL)
+ key = key_load_private(fn, passphrase, comment);
if (key == NULL) {
openpam_log(PAM_LOG_DEBUG, failed to load key from %s, fn);
return (NULL);
@@ -170,9 +185,6 @@ pam_sm_authenticate(pam_handle_t *pamh,
if (pam_err != PAM_SUCCESS)
return (pam_err);
- if (*passphrase == '\0' !nullok)
- goto skip_keys;
-
/* switch to user credentials */
pam_err = openpam_borrow_cred(pamh, pwd);
if (pam_err != PAM_SUCCESS)
@@ -180,7 +192,7 @@ pam_sm_authenticate(pam_handle_t *pamh,
/* try to load keys from all keyfiles we know of */
for (kfn = pam_ssh_keyfiles; *kfn != NULL; ++kfn) {
- psk = pam_ssh_load_key(pwd-pw_dir, *kfn, passphrase);
+ psk = pam_ssh_load_key(pwd-pw_dir, *kfn, passphrase, nullok);
if (psk != NULL) {
pam_set_data(pamh, *kfn, psk, pam_ssh_free_key);
++nkeys;
@@ -190,7 +202,6 @@ pam_sm_authenticate(pam_handle_t *pamh,
/* switch back to arbitrator credentials */
openpam_restore_cred(pamh);
- skip_keys:
/*
* If we tried an old token and didn't get anything, and
* try_first_pass was specified, try again after prompting the
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r227531 - head/rescue/rescue
Author: des Date: Tue Nov 15 16:20:39 2011 New Revision: 227531 URL: http://svn.freebsd.org/changeset/base/227531 Log: Add netcat (nc) to /rescue. MFC after:3 weeks Modified: head/rescue/rescue/Makefile Modified: head/rescue/rescue/Makefile == --- head/rescue/rescue/Makefile Tue Nov 15 14:40:00 2011(r227530) +++ head/rescue/rescue/Makefile Tue Nov 15 16:20:39 2011(r227531) @@ -181,7 +181,7 @@ CRUNCH_BUILDOPTS_dhclient= -DRELEASE_CRU # CRUNCH_SRCDIRS+= usr.bin -CRUNCH_PROGS_usr.bin= head mt sed tail tee +CRUNCH_PROGS_usr.bin= head mt nc sed tail tee CRUNCH_PROGS_usr.bin+= gzip CRUNCH_ALIAS_gzip= gunzip gzcat zcat ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r227044 - head/lib/libpam/modules/pam_unix
Author: des Date: Wed Nov 2 23:40:21 2011 New Revision: 227044 URL: http://svn.freebsd.org/changeset/base/227044 Log: Note that pam_unix(8) does not respect PAM_CHANGE_EXPIRED_AUTHTOK. Modified: head/lib/libpam/modules/pam_unix/pam_unix.8 Modified: head/lib/libpam/modules/pam_unix/pam_unix.8 == --- head/lib/libpam/modules/pam_unix/pam_unix.8 Wed Nov 2 23:23:19 2011 (r227043) +++ head/lib/libpam/modules/pam_unix/pam_unix.8 Wed Nov 2 23:40:21 2011 (r227044) @@ -199,3 +199,9 @@ password database. .Xr pam 8 , .Xr pw 8 , .Xr yp 8 +.Sh BUGS +The +.Nm +module ignores the +.Dv PAM_CHANGE_EXPIRED_AUTHTOK +flag. ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r226632 - head/lib/libpam/libpam
Author: des
Date: Sat Oct 22 14:08:21 2011
New Revision: 226632
URL: http://svn.freebsd.org/changeset/base/226632
Log:
Revert the previous commit and add a comment explaining why it was wrong.
Modified:
head/lib/libpam/libpam/Makefile
Modified: head/lib/libpam/libpam/Makefile
==
--- head/lib/libpam/libpam/Makefile Sat Oct 22 11:42:48 2011
(r226631)
+++ head/lib/libpam/libpam/Makefile Sat Oct 22 14:08:21 2011
(r226632)
@@ -55,7 +55,6 @@ SRCS= openpam_borrow_cred.c \
openpam_readline.c \
openpam_restore_cred.c \
openpam_set_option.c \
- openpam_static.c \
openpam_ttyconv.c \
pam_acct_mgmt.c \
pam_authenticate.c \
@@ -149,16 +148,29 @@ HEADERS= security/openpam.h \
ADD_HEADERS= security/pam_mod_misc.h
+#
# Static modules
+#
+# We build static versions of all modules and of openpam_static.o,
+# then link them all together into openpam_static_modules.o. None of
+# the modules export any symbols, but they store structures with
+# pointers to their service functions in a linker set which the code
+# in openpam_static.c traverses to locate the individual modules.
+#
MODULE_DIR=../modules
.include ${.CURDIR}/${MODULE_DIR}/modules.inc
STATIC_MODULES=${MODULES:C/.*/${MODULE_DIR}\/\/lib.a/}
STATICOBJS+= openpam_static_modules.o
-CLEANFILES+= openpam_static_modules.o
+CLEANFILES+= openpam_static.o \
+ openpam_static_modules.o
openpam_static_modules.o: openpam_static.o ${STATIC_MODULES}
${LD} -o ${.TARGET} -r --whole-archive ${.ALLSRC}
+# We can't put openpam_static.c in SRCS, but we still want to scan it
+# for dependencies.
+DPSRCS=openpam_static.c
+
# Headers
INCS= ${HEADERS} ${ADD_HEADERS}
INCSDIR= ${INCLUDEDIR}/security
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r226608 - in head/usr.bin: kdump truss
Author: des
Date: Fri Oct 21 11:08:25 2011
New Revision: 226608
URL: http://svn.freebsd.org/changeset/base/226608
Log:
It turns out that truss also used kdump's mkioctls script, and expected
ioctlname() to return a pointer to the name rather than print it. This did
not show up in testing because truss had its own prototype for ioctlname(),
so it would build fine and run fine as long as the program being traced did
not issue an ioctl.
Teach mkioctls to generate different versions of ioctlname() based on its
first command-line argument.
Pointed out by: Garrett Cooper yaneg...@gmail.com
Modified:
head/usr.bin/kdump/Makefile
head/usr.bin/kdump/mkioctls
head/usr.bin/truss/Makefile
head/usr.bin/truss/extern.h
Modified: head/usr.bin/kdump/Makefile
==
--- head/usr.bin/kdump/Makefile Fri Oct 21 06:41:46 2011(r226607)
+++ head/usr.bin/kdump/Makefile Fri Oct 21 11:08:25 2011(r226608)
@@ -22,7 +22,7 @@ CLEANFILES= ioctl.c kdump_subr.c kdump_s
ioctl.c: mkioctls
env MACHINE=${MACHINE} \
- sh ${.CURDIR}/mkioctls ${DESTDIR}/usr/include ${.TARGET}
+ sh ${.CURDIR}/mkioctls print ${DESTDIR}/usr/include ${.TARGET}
kdump_subr.h: mksubr
sh ${.CURDIR}/mksubr ${DESTDIR}/usr/include | \
Modified: head/usr.bin/kdump/mkioctls
==
--- head/usr.bin/kdump/mkioctls Fri Oct 21 06:41:46 2011(r226607)
+++ head/usr.bin/kdump/mkioctls Fri Oct 21 11:08:25 2011(r226608)
@@ -1,20 +1,26 @@
#!/bin/sh
#
# $FreeBSD$
+#
+# When editing this script, keep in mind that truss also uses it.
+#
set -e
-if [ -z $1 ]; then
- echo usage: sh $0 include-dir
+if [ $# -ne 2 -o \( $1 != print -a $1 != return \) ]; then
+ echo usage: sh $0 print|return include-dir
exit 1
fi
+style=$1
+includedir=$2
+
LC_ALL=C; export LC_ALL
# Build a list of headers that have ioctls in them.
# XXX should we use an ANSI cpp?
ioctl_includes=$(
- cd $1
+ cd $includedir
find -H -s * -name '*.h' | grep -v '.*disk.*\.h' | \
xargs egrep -l \
'^#[ ]*define[ ]+[A-Za-z_][A-Za-z0-9_]*[ ]+_IO[^a-z0-9_]' |
@@ -33,7 +39,7 @@ esac
awk -v x=$ioctl_includes 'BEGIN {print x}' |
gcc -E -I$1 -dM -DCOMPAT_43TTY - |
- awk -v ioctl_includes=$ioctl_includes '
+ awk -v ioctl_includes=$ioctl_includes -v style=$style '
BEGIN {
print /* XXX obnoxious prerequisites. */
print #define COMPAT_43
@@ -58,12 +64,19 @@ BEGIN {
print #include stdio.h
print #include cam/cam.h
print
- print void ioctlname(unsigned long val, int decimal);
- print
print ioctl_includes
print
- print void
- print ioctlname(unsigned long val, int decimal)
+ if (style == print) {
+ print void ioctlname(unsigned long val, int decimal);
+ print
+ print void
+ print ioctlname(unsigned long val, int decimal)
+ } else {
+ print const char *ioctlname(unsigned long val);
+ print
+ print const char *
+ print ioctlname(unsigned long val)
+ }
print {
print \tconst char *str = NULL;
print
@@ -77,20 +90,24 @@ BEGIN {
break;
++i;
#
- print(\t);
+ printf(\t);
if (n++ 0)
- print(else );
+ printf(else );
printf(if (val == %s)\n, $i);
printf(\t\tstr = \%s\;\n, $i);
}
END {
- print \n
- print \tif (str != NULL)\n
- print \t\tprintf(\%s\, str);\n
- print \telse if (decimal)\n
- print \t\tprintf(\%lu\, val);\n
- print \telse\n
- print \t\tprintf(\%#lx\, val);\n
+ print
+ if (style == print) {
+ print \tif (str != NULL)
+ print \t\tprintf(\%s\, str);
+ print \telse if (decimal)
+ print \t\tprintf(\%lu\, val);
+ print \telse
+ print \t\tprintf(\%#lx\, val);
+ } else {
+ print \treturn (str);
+ }
print }
}
'
Modified: head/usr.bin/truss/Makefile
==
--- head/usr.bin/truss/Makefile Fri Oct 21 06:41:46 2011(r226607)
+++ head/usr.bin/truss/Makefile Fri Oct 21 11:08:25 2011(r226608)
@@ -23,7 +23,8 @@ syscalls.h: syscalls.master
${.CURDIR}/i386.conf
ioctl.c: ${.CURDIR}/../kdump/mkioctls
- sh ${.CURDIR}/../kdump/mkioctls ${DESTDIR}/usr/include ${.TARGET}
+ env MACHINE=${MACHINE} \
+ /bin/sh ${.CURDIR}/../kdump/mkioctls return
${DESTDIR}/usr/include ${.TARGET}
.if ${MACHINE_CPUARCH} == i386
SRCS+= i386-linux.c linux_syscalls.h
Modified:
svn commit: r226625 - head/lib/libpam/libpam
Author: des
Date: Sat Oct 22 04:39:12 2011
New Revision: 226625
URL: http://svn.freebsd.org/changeset/base/226625
Log:
openpam_static.c isn't auto-generated.
Modified:
head/lib/libpam/libpam/Makefile
Modified: head/lib/libpam/libpam/Makefile
==
--- head/lib/libpam/libpam/Makefile Sat Oct 22 01:29:35 2011
(r226624)
+++ head/lib/libpam/libpam/Makefile Sat Oct 22 04:39:12 2011
(r226625)
@@ -55,6 +55,7 @@ SRCS= openpam_borrow_cred.c \
openpam_readline.c \
openpam_restore_cred.c \
openpam_set_option.c \
+ openpam_static.c \
openpam_ttyconv.c \
pam_acct_mgmt.c \
pam_authenticate.c \
@@ -153,15 +154,11 @@ MODULE_DIR= ../modules
.include ${.CURDIR}/${MODULE_DIR}/modules.inc
STATIC_MODULES=${MODULES:C/.*/${MODULE_DIR}\/\/lib.a/}
STATICOBJS+= openpam_static_modules.o
-CLEANFILES+= openpam_static.o \
- openpam_static_modules.o
+CLEANFILES+= openpam_static_modules.o
openpam_static_modules.o: openpam_static.o ${STATIC_MODULES}
${LD} -o ${.TARGET} -r --whole-archive ${.ALLSRC}
-# Can't put openpam_static.c in SRCS but want .o in .depend.
-DPSRCS=openpam_static.c
-
# Headers
INCS= ${HEADERS} ${ADD_HEADERS}
INCSDIR= ${INCLUDEDIR}/security
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r226537 - head/lib/libfetch
Author: des Date: Wed Oct 19 11:43:51 2011 New Revision: 226537 URL: http://svn.freebsd.org/changeset/base/226537 Log: latin1 - utf8 Modified: head/lib/libfetch/common.c head/lib/libfetch/common.h head/lib/libfetch/fetch.3 head/lib/libfetch/fetch.c head/lib/libfetch/fetch.h head/lib/libfetch/file.c head/lib/libfetch/ftp.c head/lib/libfetch/http.c Modified: head/lib/libfetch/common.c == --- head/lib/libfetch/common.c Wed Oct 19 11:04:49 2011(r226536) +++ head/lib/libfetch/common.c Wed Oct 19 11:43:51 2011(r226537) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2011 Dag-Erling Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: head/lib/libfetch/common.h == --- head/lib/libfetch/common.h Wed Oct 19 11:04:49 2011(r226536) +++ head/lib/libfetch/common.h Wed Oct 19 11:43:51 2011(r226537) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2011 Dag-Erling Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: head/lib/libfetch/fetch.3 == --- head/lib/libfetch/fetch.3 Wed Oct 19 11:04:49 2011(r226536) +++ head/lib/libfetch/fetch.3 Wed Oct 19 11:43:51 2011(r226537) @@ -1,5 +1,5 @@ .\- -.\ Copyright (c) 1998-2011 Dag-Erling Sm�rgrav +.\ Copyright (c) 1998-2011 Dag-Erling Smørgrav .\ All rights reserved. .\ .\ Redistribution and use in source and binary forms, with or without Modified: head/lib/libfetch/fetch.c == --- head/lib/libfetch/fetch.c Wed Oct 19 11:04:49 2011(r226536) +++ head/lib/libfetch/fetch.c Wed Oct 19 11:43:51 2011(r226537) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Sm�rgrav + * Copyright (c) 1998-2004 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: head/lib/libfetch/fetch.h == --- head/lib/libfetch/fetch.h Wed Oct 19 11:04:49 2011(r226536) +++ head/lib/libfetch/fetch.h Wed Oct 19 11:43:51 2011(r226537) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Sm�rgrav + * Copyright (c) 1998-2004 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: head/lib/libfetch/file.c == --- head/lib/libfetch/file.cWed Oct 19 11:04:49 2011(r226536) +++ head/lib/libfetch/file.cWed Oct 19 11:43:51 2011(r226537) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2011 Dag-Erling Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: head/lib/libfetch/ftp.c == --- head/lib/libfetch/ftp.c Wed Oct 19 11:04:49 2011(r226536) +++ head/lib/libfetch/ftp.c Wed Oct 19 11:43:51 2011(r226537) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2011 Dag-Erling Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -41,7 +41,7 @@ __FBSDID($FreeBSD$); * * Major Changelog: * - * Dag-Erling Co�dan Sm�rgrav + * Dag-Erling Smørgrav * 9 Jun 1998 * * Incorporated into libfetch Modified: head/lib/libfetch/http.c == --- head/lib/libfetch/http.cWed Oct 19 11:04:49 2011(r226536) +++ head/lib/libfetch/http.cWed Oct 19 11:43:51 2011(r226537) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2000-2011 Dag-Erling Sm�rgrav + * Copyright (c) 2000-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r226538 - stable/8/lib/libfetch
Author: des Date: Wed Oct 19 11:48:21 2011 New Revision: 226538 URL: http://svn.freebsd.org/changeset/base/226538 Log: MFH r221820-221823,225814,22653: whitespace, warnings, cosmetic nits Modified: stable/8/lib/libfetch/Makefile stable/8/lib/libfetch/common.c stable/8/lib/libfetch/common.h stable/8/lib/libfetch/fetch.3 stable/8/lib/libfetch/fetch.c stable/8/lib/libfetch/fetch.h stable/8/lib/libfetch/file.c stable/8/lib/libfetch/ftp.c stable/8/lib/libfetch/http.c Directory Properties: stable/8/lib/libfetch/ (props changed) Modified: stable/8/lib/libfetch/Makefile == --- stable/8/lib/libfetch/Makefile Wed Oct 19 11:43:51 2011 (r226537) +++ stable/8/lib/libfetch/Makefile Wed Oct 19 11:48:21 2011 (r226538) @@ -26,7 +26,6 @@ LDADD=-lmd CFLAGS+= -DFTP_COMBINE_CWDS CSTD?= c99 -WARNS?=2 SHLIB_MAJOR=6 Modified: stable/8/lib/libfetch/common.c == --- stable/8/lib/libfetch/common.c Wed Oct 19 11:43:51 2011 (r226537) +++ stable/8/lib/libfetch/common.c Wed Oct 19 11:48:21 2011 (r226538) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: stable/8/lib/libfetch/common.h == --- stable/8/lib/libfetch/common.h Wed Oct 19 11:43:51 2011 (r226537) +++ stable/8/lib/libfetch/common.h Wed Oct 19 11:48:21 2011 (r226538) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: stable/8/lib/libfetch/fetch.3 == --- stable/8/lib/libfetch/fetch.3 Wed Oct 19 11:43:51 2011 (r226537) +++ stable/8/lib/libfetch/fetch.3 Wed Oct 19 11:48:21 2011 (r226538) @@ -1,5 +1,5 @@ .\- -.\ Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav +.\ Copyright (c) 1998-2011 Dag-Erling Smørgrav .\ All rights reserved. .\ .\ Redistribution and use in source and binary forms, with or without Modified: stable/8/lib/libfetch/fetch.c == --- stable/8/lib/libfetch/fetch.c Wed Oct 19 11:43:51 2011 (r226537) +++ stable/8/lib/libfetch/fetch.c Wed Oct 19 11:48:21 2011 (r226538) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2004 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: stable/8/lib/libfetch/fetch.h == --- stable/8/lib/libfetch/fetch.h Wed Oct 19 11:43:51 2011 (r226537) +++ stable/8/lib/libfetch/fetch.h Wed Oct 19 11:48:21 2011 (r226538) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2004 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: stable/8/lib/libfetch/file.c == --- stable/8/lib/libfetch/file.cWed Oct 19 11:43:51 2011 (r226537) +++ stable/8/lib/libfetch/file.cWed Oct 19 11:48:21 2011 (r226538) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: stable/8/lib/libfetch/ftp.c == --- stable/8/lib/libfetch/ftp.c Wed Oct 19 11:43:51 2011(r226537) +++ stable/8/lib/libfetch/ftp.c Wed Oct 19 11:48:21 2011(r226538) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -41,7 +41,7 @@ __FBSDID($FreeBSD$); * * Major Changelog: * - * Dag-Erling Co�dan Sm�rgrav + * Dag-Erling Smørgrav * 9 Jun 1998 * * Incorporated into libfetch @@ -127,7 +127,7 @@ unmappedaddr(struct sockaddr_in6 *sin6) !IN6_IS_ADDR_V4MAPPED(sin6-sin6_addr)) return; sin4 = (struct sockaddr_in *)sin6; - addr = *(u_int32_t *)sin6-sin6_addr.s6_addr[12]; + addr = *(u_int32_t
svn commit: r226539 - stable/8/lib/libfetch
Author: des Date: Wed Oct 19 11:49:14 2011 New Revision: 226539 URL: http://svn.freebsd.org/changeset/base/226539 Log: MFH r221830: mark all sockets and file descriptors close-on-exec PR: bin/151866 Modified: stable/8/lib/libfetch/common.c stable/8/lib/libfetch/file.c Directory Properties: stable/8/lib/libfetch/ (props changed) Modified: stable/8/lib/libfetch/common.c == --- stable/8/lib/libfetch/common.c Wed Oct 19 11:48:21 2011 (r226538) +++ stable/8/lib/libfetch/common.c Wed Oct 19 11:49:14 2011 (r226539) @@ -213,6 +213,7 @@ fetch_reopen(int sd) /* allocate and fill connection structure */ if ((conn = calloc(1, sizeof(*conn))) == NULL) return (NULL); + fcntl(sd, F_SETFD, FD_CLOEXEC); conn-sd = sd; ++conn-ref; return (conn); Modified: stable/8/lib/libfetch/file.c == --- stable/8/lib/libfetch/file.cWed Oct 19 11:48:21 2011 (r226538) +++ stable/8/lib/libfetch/file.cWed Oct 19 11:49:14 2011 (r226539) @@ -33,6 +33,7 @@ __FBSDID($FreeBSD$); #include sys/stat.h #include dirent.h +#include fcntl.h #include stdio.h #include string.h @@ -57,6 +58,7 @@ fetchXGetFile(struct url *u, struct url_ fetch_syserr(); } + fcntl(fileno(f), F_SETFD, FD_CLOEXEC); return (f); } @@ -84,6 +86,7 @@ fetchPutFile(struct url *u, const char * fetch_syserr(); } + fcntl(fileno(f), F_SETFD, FD_CLOEXEC); return (f); } ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r226540 - stable/8/usr.bin/fetch
Author: des
Date: Wed Oct 19 12:14:14 2011
New Revision: 226540
URL: http://svn.freebsd.org/changeset/base/226540
Log:
MFH r225599,225800,225805: improve handling of resumed http transfers
PR: bin/117277
Modified:
stable/8/usr.bin/fetch/fetch.c
Directory Properties:
stable/8/usr.bin/fetch/ (props changed)
Modified: stable/8/usr.bin/fetch/fetch.c
==
--- stable/8/usr.bin/fetch/fetch.c Wed Oct 19 11:49:14 2011
(r226539)
+++ stable/8/usr.bin/fetch/fetch.c Wed Oct 19 12:14:14 2011
(r226540)
@@ -522,6 +522,12 @@ fetch(char *URL, const char *path)
does not match remote, path);
goto failure_keep;
}
+ } else if (url-offset sb.st_size) {
+ /* gap between what we asked for and what we got */
+ warnx(%s: gap in resume mode, URL);
+ fclose(of);
+ of = NULL;
+ /* picked up again later */
} else if (us.size != -1) {
if (us.size == sb.st_size)
/* nothing to do */
@@ -534,7 +540,7 @@ fetch(char *URL, const char *path)
goto failure;
}
/* we got it, open local file */
- if ((of = fopen(path, a)) == NULL) {
+ if ((of = fopen(path, r+)) == NULL) {
warn(%s: fopen(), path);
goto failure;
}
@@ -551,8 +557,16 @@ fetch(char *URL, const char *path)
fclose(of);
of = NULL;
sb = nsb;
+ /* picked up again later */
}
}
+ /* seek to where we left off */
+ if (of != NULL fseeko(of, url-offset, SEEK_SET) != 0) {
+ warn(%s: fseeko(), path);
+ fclose(of);
+ of = NULL;
+ /* picked up again later */
+ }
} else if (m_flag sb.st_size != -1) {
/* mirror mode, local file exists */
if (sb.st_size == us.size sb.st_mtime == us.mtime)
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r226541 - stable/8/usr.bin/fetch
Author: des Date: Wed Oct 19 12:15:16 2011 New Revision: 226541 URL: http://svn.freebsd.org/changeset/base/226541 Log: MFH r225982: fix name in copyright statements Modified: stable/8/usr.bin/fetch/fetch.1 stable/8/usr.bin/fetch/fetch.c Directory Properties: stable/8/usr.bin/fetch/ (props changed) Modified: stable/8/usr.bin/fetch/fetch.1 == --- stable/8/usr.bin/fetch/fetch.1 Wed Oct 19 12:14:14 2011 (r226540) +++ stable/8/usr.bin/fetch/fetch.1 Wed Oct 19 12:15:16 2011 (r226541) @@ -1,5 +1,5 @@ .\- -.\ Copyright (c) 2000-2004 Dag-Erling Co�dan Sm�rgrav +.\ Copyright (c) 2000-2004 Dag-Erling Smørgrav .\ All rights reserved. .\ Portions Copyright (c) 1999 Massachusetts Institute of Technology; used .\ by permission. Modified: stable/8/usr.bin/fetch/fetch.c == --- stable/8/usr.bin/fetch/fetch.c Wed Oct 19 12:14:14 2011 (r226540) +++ stable/8/usr.bin/fetch/fetch.c Wed Oct 19 12:15:16 2011 (r226541) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2000-2004 Dag-Erling Coïdan Smørgrav + * Copyright (c) 2000-2004 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r226546 - head/bin/ls
Author: des
Date: Wed Oct 19 15:35:41 2011
New Revision: 226546
URL: http://svn.freebsd.org/changeset/base/226546
Log:
If ls was invoked with -i but neither -l nor -s, blocksize was used in
display() to calculate column widths, but was not initialized in
main(). This resulted in a division by zero.
Noticed by: Michael Butler i...@protected-networks.net
Modified:
head/bin/ls/ls.c
Modified: head/bin/ls/ls.c
==
--- head/bin/ls/ls.cWed Oct 19 14:38:01 2011(r226545)
+++ head/bin/ls/ls.cWed Oct 19 15:35:41 2011(r226546)
@@ -414,8 +414,8 @@ main(int argc, char *argv[])
fts_options |= FTS_WHITEOUT;
#endif
- /* If -l or -s, figure out block size. */
- if (f_longform || f_size) {
+ /* If -i, -l or -s, figure out block size. */
+ if (f_inode || f_longform || f_size) {
if (f_kblocks)
blocksize = 2;
else {
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r226495 - in head: sys/kern sys/sys usr.bin/kdump
Author: des
Date: Tue Oct 18 07:28:58 2011
New Revision: 226495
URL: http://svn.freebsd.org/changeset/base/226495
Log:
Revisit the capability failure trace points. The initial implementation
only logged instances where an operation on a file descriptor required
capabilities which the file descriptor did not have. By adding a type enum
to struct ktr_cap_fail, we can catch other types of capability failures as
well, such as disallowed system calls or attempts to wrap a file descriptor
with more capabilities than it had to begin with.
Modified:
head/sys/kern/kern_ktrace.c
head/sys/kern/sys_capability.c
head/sys/kern/vfs_lookup.c
head/sys/sys/ktrace.h
head/usr.bin/kdump/kdump.c
Modified: head/sys/kern/kern_ktrace.c
==
--- head/sys/kern/kern_ktrace.c Tue Oct 18 07:17:44 2011(r226494)
+++ head/sys/kern/kern_ktrace.c Tue Oct 18 07:28:58 2011(r226495)
@@ -772,7 +772,8 @@ ktrstruct(name, data, datalen)
}
void
-ktrcapfail(needed, held)
+ktrcapfail(type, needed, held)
+ enum ktr_cap_fail_type type;
cap_rights_t needed;
cap_rights_t held;
{
@@ -784,6 +785,7 @@ ktrcapfail(needed, held)
if (req == NULL)
return;
kcf = req-ktr_data.ktr_cap_fail;
+ kcf-cap_type = type;
kcf-cap_needed = needed;
kcf-cap_held = held;
ktr_enqueuerequest(td, req);
Modified: head/sys/kern/sys_capability.c
==
--- head/sys/kern/sys_capability.c Tue Oct 18 07:17:44 2011
(r226494)
+++ head/sys/kern/sys_capability.c Tue Oct 18 07:28:58 2011
(r226495)
@@ -218,7 +218,7 @@ cap_check(struct capability *c, cap_righ
if ((c-cap_rights | rights) != c-cap_rights) {
#ifdef KTRACE
if (KTRPOINT(curthread, KTR_CAPFAIL))
- ktrcapfail(rights, c-cap_rights);
+ ktrcapfail(CAPFAIL_NOTCAPABLE, rights, c-cap_rights);
#endif
return (ENOTCAPABLE);
}
@@ -314,8 +314,14 @@ kern_capwrap(struct thread *td, struct f
*/
if (fp-f_type == DTYPE_CAPABILITY) {
cp_old = fp-f_data;
- if ((cp_old-cap_rights | rights) != cp_old-cap_rights)
+ if ((cp_old-cap_rights | rights) != cp_old-cap_rights) {
+#ifdef KTRACE
+ if (KTRPOINT(curthread, KTR_CAPFAIL))
+ ktrcapfail(CAPFAIL_INCREASE,
+ rights, cp_old-cap_rights);
+#endif
return (ENOTCAPABLE);
+ }
}
/*
Modified: head/sys/kern/vfs_lookup.c
==
--- head/sys/kern/vfs_lookup.c Tue Oct 18 07:17:44 2011(r226494)
+++ head/sys/kern/vfs_lookup.c Tue Oct 18 07:28:58 2011(r226495)
@@ -188,8 +188,13 @@ namei(struct nameidata *ndp)
*/
if (IN_CAPABILITY_MODE(td)) {
ndp-ni_strictrelative = 1;
- if (ndp-ni_dirfd == AT_FDCWD)
+ if (ndp-ni_dirfd == AT_FDCWD) {
+#ifdef KTRACE
+ if (KTRPOINT(td, KTR_CAPFAIL))
+ ktrcapfail(CAPFAIL_LOOKUP, 0, 0);
+#endif
error = ECAPMODE;
+ }
}
#endif
if (error) {
@@ -281,8 +286,13 @@ namei(struct nameidata *ndp)
if (*(cnp-cn_nameptr) == '/') {
vrele(dp);
VFS_UNLOCK_GIANT(vfslocked);
- if (ndp-ni_strictrelative != 0)
+ if (ndp-ni_strictrelative != 0) {
+#ifdef KTRACE
+ if (KTRPOINT(curthread, KTR_CAPFAIL))
+ ktrcapfail(CAPFAIL_LOOKUP, 0, 0);
+#endif
return (ENOTCAPABLE);
+ }
while (*(cnp-cn_nameptr) == '/') {
cnp-cn_nameptr++;
ndp-ni_pathlen--;
@@ -644,6 +654,10 @@ dirloop:
*/
if (cnp-cn_flags ISDOTDOT) {
if (ndp-ni_strictrelative != 0) {
+#ifdef KTRACE
+ if (KTRPOINT(curthread, KTR_CAPFAIL))
+ ktrcapfail(CAPFAIL_LOOKUP, 0, 0);
+#endif
error = ENOTCAPABLE;
goto bad;
}
Modified: head/sys/sys/ktrace.h
==
--- head/sys/sys/ktrace.h Tue Oct 18 07:17:44 2011(r226494)
+++ head/sys/sys/ktrace.h Tue Oct 18 07:28:58 2011(r226495)
@@ -181,7 +181,14 @@ struct ktr_proc_ctor {
* KTR_CAPFAIL - trace capability check failures
*/
#define KTR_CAPFAIL12
+enum ktr_cap_fail_type {
+ CAPFAIL_NOTCAPABLE, /*
svn commit: r226497 - head/sys/fs/portalfs
Author: des
Date: Tue Oct 18 07:31:49 2011
New Revision: 226497
URL: http://svn.freebsd.org/changeset/base/226497
Log:
Trace attempts to open a portal device.
Ceterum censeo portalfs esse delendam.
Modified:
head/sys/fs/portalfs/portal_vnops.c
Modified: head/sys/fs/portalfs/portal_vnops.c
==
--- head/sys/fs/portalfs/portal_vnops.c Tue Oct 18 07:29:21 2011
(r226496)
+++ head/sys/fs/portalfs/portal_vnops.c Tue Oct 18 07:31:49 2011
(r226497)
@@ -240,8 +240,13 @@ portal_open(ap)
* This may require access to a global namespace (e.g. an IP address);
* disallow it entirely, as we do open(2).
*/
- if (IN_CAPABILITY_MODE(td))
+ if (IN_CAPABILITY_MODE(td)) {
+#ifdef KTRACE
+ if (KTRPOINT(td, KTR_CAPFAIL))
+ ktrcapfail(CAPFAIL_SYSCALL, 0, 0);
+#endif
return (ECAPMODE);
+ }
#endif
/*
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r226498 - in head/sys: amd64/amd64 arm/arm i386/i386 sparc64/sparc64
Author: des Date: Tue Oct 18 07:39:27 2011 New Revision: 226498 URL: http://svn.freebsd.org/changeset/base/226498 Log: Trace attempts to call restricted MD syscalls. Modified: head/sys/amd64/amd64/sys_machdep.c head/sys/arm/arm/sys_machdep.c head/sys/i386/i386/sys_machdep.c head/sys/sparc64/sparc64/sys_machdep.c Modified: head/sys/amd64/amd64/sys_machdep.c == --- head/sys/amd64/amd64/sys_machdep.c Tue Oct 18 07:31:49 2011 (r226497) +++ head/sys/amd64/amd64/sys_machdep.c Tue Oct 18 07:39:27 2011 (r226498) @@ -203,6 +203,10 @@ sysarch(td, uap) case I386_SET_IOPERM: default: +#ifdef KTRACE + if (KTRPOINT(td, KTR_CAPFAIL)) + ktrcapfail(CAPFAIL_SYSCALL, 0, 0); +#endif return (ECAPMODE); } } Modified: head/sys/arm/arm/sys_machdep.c == --- head/sys/arm/arm/sys_machdep.c Tue Oct 18 07:31:49 2011 (r226497) +++ head/sys/arm/arm/sys_machdep.c Tue Oct 18 07:39:27 2011 (r226498) @@ -122,6 +122,10 @@ sysarch(td, uap) break; default: +#ifdef KTRACE + if (KTRPOINT(td, KTR_CAPFAIL)) + ktrcapfail(CAPFAIL_SYSCALL, 0, 0); +#endif return (ECAPMODE); } } Modified: head/sys/i386/i386/sys_machdep.c == --- head/sys/i386/i386/sys_machdep.cTue Oct 18 07:31:49 2011 (r226497) +++ head/sys/i386/i386/sys_machdep.cTue Oct 18 07:39:27 2011 (r226498) @@ -130,6 +130,10 @@ sysarch(td, uap) case I386_SET_IOPERM: default: +#ifdef KTRACE + if (KTRPOINT(td, KTR_CAPFAIL)) + ktrcapfail(CAPFAIL_SYSCALL, 0, 0); +#endif return (ECAPMODE); } } Modified: head/sys/sparc64/sparc64/sys_machdep.c == --- head/sys/sparc64/sparc64/sys_machdep.c Tue Oct 18 07:31:49 2011 (r226497) +++ head/sys/sparc64/sparc64/sys_machdep.c Tue Oct 18 07:39:27 2011 (r226498) @@ -69,6 +69,10 @@ sysarch(struct thread *td, struct sysarc break; default: +#ifdef KTRACE + if (KTRPOINT(td, KTR_CAPFAIL)) + ktrcapfail(CAPFAIL_SYSCALL, 0, 0); +#endif return (ECAPMODE); } } ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r226502 - head/bin/df
Author: des
Date: Tue Oct 18 08:18:26 2011
New Revision: 226502
URL: http://svn.freebsd.org/changeset/base/226502
Log:
Simplify df(1) by factoring out most of the common code:
- In the argc == 0 case, just populate the mount list as before, but
do not calculate widths, update totals or print anything.
- In the argv 0 case, collect information about the requested file
systems and store it in the mount list, but do not calculate
widths, update totals or print anything.
- In either case, once all the information has been collected,
iterate once through the mount list to calculate widths and totals,
then once more to print everything.
This also fixes two bugs: firstly, column widths were not calculated
correctly if more than one file system was specified on the command
line; and secondly, file systems with MNT_IGNORE were included in the
totals even if -a was not specified.
Noticed by: Paul Schenkeveld
MFC after:3 weeks
Modified:
head/bin/df/df.c
Modified: head/bin/df/df.c
==
--- head/bin/df/df.cTue Oct 18 08:10:23 2011(r226501)
+++ head/bin/df/df.cTue Oct 18 08:18:26 2011(r226502)
@@ -107,7 +107,7 @@ main(int argc, char *argv[])
const char *fstype;
char *mntpath, *mntpt;
const char **vfslist;
- size_t i, mntsize;
+ int i, mntsize;
int ch, rv;
fstype = ufs;
@@ -187,30 +187,21 @@ main(int argc, char *argv[])
argc -= optind;
argv += optind;
- mntsize = getmntinfo(mntbuf, MNT_NOWAIT);
- bzero(maxwidths, sizeof(maxwidths));
- for (i = 0; i mntsize; i++)
- update_maxwidths(maxwidths, mntbuf[i]);
-
rv = 0;
if (!*argv) {
+ /* everything (modulo -t) */
+ mntsize = getmntinfo(mntbuf, MNT_NOWAIT);
mntsize = regetmntinfo(mntbuf, mntsize, vfslist);
- bzero(maxwidths, sizeof(maxwidths));
- for (i = 0; i mntsize; i++) {
- if (cflag)
- addstat(totalbuf, mntbuf[i]);
- update_maxwidths(maxwidths, mntbuf[i]);
- }
- if (cflag)
- update_maxwidths(maxwidths, totalbuf);
- for (i = 0; i mntsize; i++)
- if (aflag || (mntbuf[i].f_flags MNT_IGNORE) == 0)
- prtstat(mntbuf[i], maxwidths);
- if (cflag)
- prtstat(totalbuf, maxwidths);
- exit(rv);
+ } else {
+ /* just the filesystems specified on the command line */
+ mntbuf = malloc(argc * sizeof(*mntbuf));
+ if (mntbuf == 0)
+ err(1, malloc());
+ mntsize = 0;
+ /* continued in for loop below */
}
+ /* iterate through specified filesystems */
for (; *argv; argv++) {
if (stat(*argv, stbuf) 0) {
if ((mntpt = getmntpt(*argv)) == 0) {
@@ -279,14 +270,24 @@ main(int argc, char *argv[])
continue;
}
- if (argc == 1) {
- bzero(maxwidths, sizeof(maxwidths));
- update_maxwidths(maxwidths, statfsbuf);
+ /* the user asked for it, so ignore the ignore flag */
+ statfsbuf.f_flags = ~MNT_IGNORE;
+
+ /* add to list */
+ mntbuf[mntsize++] = statfsbuf;
+ }
+
+ bzero(maxwidths, sizeof(maxwidths));
+ for (i = 0; i mntsize; i++) {
+ if (aflag || (mntbuf[i].f_flags MNT_IGNORE) == 0) {
+ update_maxwidths(maxwidths, mntbuf[i]);
+ if (cflag)
+ addstat(totalbuf, mntbuf[i]);
}
- prtstat(statfsbuf, maxwidths);
- if (cflag)
- addstat(totalbuf, statfsbuf);
}
+ for (i = 0; i mntsize; i++)
+ if (aflag || (mntbuf[i].f_flags MNT_IGNORE) == 0)
+ prtstat(mntbuf[i], maxwidths);
if (cflag)
prtstat(totalbuf, maxwidths);
return (rv);
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r226503 - head/bin/df
Author: des Date: Tue Oct 18 08:20:36 2011 New Revision: 226503 URL: http://svn.freebsd.org/changeset/base/226503 Log: Minor clarification MFC after:3 weeks Modified: head/bin/df/df.1 Modified: head/bin/df/df.1 == --- head/bin/df/df.1Tue Oct 18 08:18:26 2011(r226502) +++ head/bin/df/df.1Tue Oct 18 08:20:36 2011(r226503) @@ -29,7 +29,7 @@ .\ @(#)df.1 8.3 (Berkeley) 5/8/95 .\ $FreeBSD$ .\ -.Dd November 23, 2008 +.Dd October 18, 2011 .Dt DF 1 .Os .Sh NAME @@ -63,6 +63,7 @@ The following options are available: Show all mount points, including those that were mounted with the .Dv MNT_IGNORE flag. +This is implied for file systems specified on the command line. .It Fl b Use 512-byte blocks rather than the default. Note that ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
