svn commit: r238968 - head/sbin/shutdown
Author: des Date: Wed Aug 1 09:10:21 2012 New Revision: 238968 URL: http://svn.freebsd.org/changeset/base/238968 Log: Restore a piece of BSD history. PR: 169127 Submitted by: Ruben de Groot ru...@hacktor.com MFC after:1 week Modified: head/sbin/shutdown/shutdown.c Modified: head/sbin/shutdown/shutdown.c == --- head/sbin/shutdown/shutdown.c Wed Aug 1 09:00:26 2012 (r238967) +++ head/sbin/shutdown/shutdown.c Wed Aug 1 09:10:21 2012 (r238968) @@ -93,7 +93,7 @@ static char mbuf[BUFSIZ]; static const char *nosync, *whom; static void badtime(void); -static void perform_shutdown(void); +static void die_you_gravy_sucking_pig_dog(void); static void finish(int); static void getoffset(char *); static void loop(void); @@ -282,7 +282,7 @@ loop(void) if (!tp-timeleft) break; } - perform_shutdown(); + die_you_gravy_sucking_pig_dog(); } static jmp_buf alarmbuf; @@ -349,7 +349,7 @@ timeout(int signo __unused) } static void -perform_shutdown(void) +die_you_gravy_sucking_pig_dog(void) { char *empty_environ[] = { NULL }; ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r238602 - head/usr.bin/du
Author: des Date: Wed Jul 18 19:28:22 2012 New Revision: 238602 URL: http://svn.freebsd.org/changeset/base/238602 Log: Add -g (gigabyte) flag to complement -k (kilobyte) and -m (megabyte). MFC after:1 week Modified: head/usr.bin/du/du.1 head/usr.bin/du/du.c Modified: head/usr.bin/du/du.1 == --- head/usr.bin/du/du.1Wed Jul 18 18:10:27 2012(r238601) +++ head/usr.bin/du/du.1Wed Jul 18 19:28:22 2012(r238602) @@ -28,7 +28,7 @@ .\@(#)du.18.2 (Berkeley) 4/1/94 .\ $FreeBSD$ .\ -.Dd December 17, 2011 +.Dd July 18, 2012 .Dt DU 1 .Os .Sh NAME @@ -38,7 +38,7 @@ .Nm .Op Fl Aclnx .Op Fl H | L | P -.Op Fl h | k | m +.Op Fl g | h | k | m .Op Fl a | s | d Ar depth .Op Fl B Ar blocksize .Op Fl I Ar mask @@ -63,9 +63,9 @@ Calculate block counts in .Ar blocksize byte blocks. This is different from the -.Fl h, k +.Fl h, k, m and -.Fl m +.Fl g options or setting .Ev BLOCKSIZE and gives an estimate of how much space the examined file hierarchy would @@ -95,13 +95,15 @@ Display a grand total. Display an entry for all files and directories .Ar depth directories deep. +.It Fl g +Display block counts in 1073741824-byte (1 GiB) blocks. .It Fl h .Dq Human-readable output. Use unit suffixes: Byte, Kilobyte, Megabyte, Gigabyte, Terabyte and Petabyte. .It Fl k -Display block counts in 1024-byte (1-Kbyte) blocks. +Display block counts in 1024-byte (1 kiB) blocks. .It Fl l If a file has multiple hard links, count its size multiple times. The default behavior of @@ -112,7 +114,7 @@ When the option is specified, the hard link checks are disabled, and these files are counted (and displayed) as many times as they are found. .It Fl m -Display block counts in 1048576-byte (1-Mbyte) blocks. +Display block counts in 1048576-byte (1 MiB) blocks. .It Fl n Ignore files and directories with user .Dq nodump Modified: head/usr.bin/du/du.c == --- head/usr.bin/du/du.cWed Jul 18 18:10:27 2012(r238601) +++ head/usr.bin/du/du.cWed Jul 18 19:28:22 2012(r238602) @@ -109,7 +109,7 @@ main(int argc, char *argv[]) depth = INT_MAX; SLIST_INIT(ignores); - while ((ch = getopt(argc, argv, AB:HI:LPasd:chklmnrt:x)) != -1) + while ((ch = getopt(argc, argv, AB:HI:LPasd:cghklmnrt:x)) != -1) switch (ch) { case 'A': Aflag = 1; @@ -156,6 +156,10 @@ main(int argc, char *argv[]) case 'c': cflag = 1; break; + case 'g': + hflag = 0; + blocksize = 1073741824; + break; case 'h': hflag = 1; break; ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r238605 - head/etc/rc.d
Author: des Date: Wed Jul 18 23:01:23 2012 New Revision: 238605 URL: http://svn.freebsd.org/changeset/base/238605 Log: Move -n ${_jail} before ${_flags} so that any -n options in ${_flags} will override ours instead of the other way around. Modified: head/etc/rc.d/jail Modified: head/etc/rc.d/jail == --- head/etc/rc.d/jail Wed Jul 18 21:47:50 2012(r238604) +++ head/etc/rc.d/jail Wed Jul 18 23:01:23 2012(r238605) @@ -641,7 +641,7 @@ jail_start() i=$((i + 1)) done - eval ${_setfib} jail ${_flags} -n ${_jail} -i ${_rootdir} ${_hostname} \ + eval ${_setfib} jail -n ${_jail} ${_flags} -i ${_rootdir} ${_hostname} \ \${_addrl}\ ${_exec_start} ${_tmp_jail} 21 \ /dev/null ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r238481 - in stable/9: . bin/rcp etc include lib/libcrypt lib/libutil libexec/rshd release/picobsd/tinyware/passwd share/examples/etc sys/mips/rmi usr.bin/login usr.bin/passwd usr.bin/r...
Author: des Date: Sun Jul 15 11:39:35 2012 New Revision: 238481 URL: http://svn.freebsd.org/changeset/base/238481 Log: MFH r236751: document sha256 / sha512 support MFH r236892: remove mention of auth.conf from programs that don't use it MFH r236963: remove dead code relating to auth.conf MFH r236965 r236966 r236967 r237005 r237006 r237011: retire auth.conf Approved by:re Deleted: stable/9/etc/auth.conf stable/9/lib/libutil/auth.3 stable/9/lib/libutil/auth.conf.5 Modified: stable/9/ObsoleteFiles.inc (contents, props changed) stable/9/bin/rcp/rcp.1 stable/9/etc/Makefile stable/9/include/paths.h stable/9/lib/libcrypt/Makefile stable/9/lib/libcrypt/crypt.3 stable/9/lib/libcrypt/crypt.c stable/9/lib/libutil/Makefile stable/9/lib/libutil/auth.c stable/9/lib/libutil/login.conf.5 stable/9/lib/libutil/property.3 stable/9/libexec/rshd/rshd.8 stable/9/release/picobsd/tinyware/passwd/passwd.c stable/9/share/examples/etc/README.examples stable/9/sys/mips/rmi/rootfs_list.txt stable/9/usr.bin/login/login.1 stable/9/usr.bin/passwd/passwd.1 stable/9/usr.bin/rlogin/rlogin.1 stable/9/usr.bin/rsh/rsh.1 Directory Properties: stable/9/ (props changed) stable/9/bin/rcp/ (props changed) stable/9/etc/ (props changed) stable/9/include/ (props changed) stable/9/lib/libcrypt/ (props changed) stable/9/lib/libutil/ (props changed) stable/9/libexec/rshd/ (props changed) stable/9/release/picobsd/tinyware/passwd/ (props changed) stable/9/share/examples/etc/ (props changed) stable/9/sys/ (props changed) stable/9/usr.bin/login/ (props changed) stable/9/usr.bin/passwd/ (props changed) stable/9/usr.bin/rlogin/ (props changed) stable/9/usr.bin/rsh/ (props changed) Modified: stable/9/ObsoleteFiles.inc == --- stable/9/ObsoleteFiles.inc Sun Jul 15 11:28:03 2012(r238480) +++ stable/9/ObsoleteFiles.inc Sun Jul 15 11:39:35 2012(r238481) @@ -38,6 +38,11 @@ # xargs -n1 | sort | uniq -d; # done +# 20120713: auth.conf removed +OLD_FILES+=etc/auth.conf +OLD_FILES+=usr/share/examples/etc/auth.conf +OLD_FILES+=usr/share/man/man3/auth.3.gz +OLD_FILES+=usr/share/man/man5/auth.conf.5.gz # 20120415: new clang import which bumps version from 3.0 to 3.1 OLD_FILES+=usr/include/clang/3.0/altivec.h OLD_FILES+=usr/include/clang/3.0/avxintrin.h Modified: stable/9/bin/rcp/rcp.1 == --- stable/9/bin/rcp/rcp.1 Sun Jul 15 11:28:03 2012(r238480) +++ stable/9/bin/rcp/rcp.1 Sun Jul 15 11:39:35 2012(r238481) @@ -116,17 +116,11 @@ The .Nm utility handles third party copies, where neither source nor target files are on the current machine. -.Sh FILES -.Bl -tag -width .Pa /etc/auth.conf -compact -.It Pa /etc/auth.conf -configure authentication services -.El .Sh SEE ALSO .Xr cp 1 , .Xr ftp 1 , .Xr rlogin 1 , .Xr rsh 1 , -.Xr auth.conf 5 , .Xr hosts.equiv 5 .Sh HISTORY The Modified: stable/9/etc/Makefile == --- stable/9/etc/Makefile Sun Jul 15 11:28:03 2012(r238480) +++ stable/9/etc/Makefile Sun Jul 15 11:39:35 2012(r238481) @@ -7,18 +7,47 @@ SUBDIR=sendmail .endif -BIN1= auth.conf \ - crontab devd.conf devfs.conf \ - ddb.conf dhclient.conf disktab fbtab \ - ftpusers gettytab group \ - hosts hosts.allow hosts.equiv \ - inetd.conf libalias.conf login.access login.conf mac.conf motd \ - netconfig network.subr networks newsyslog.conf nsswitch.conf \ - phones profile protocols \ - rc rc.bsdextended rc.firewall rc.initdiskless \ - rc.sendmail rc.shutdown \ - rc.subr remote rpc services shells \ - sysctl.conf syslog.conf termcap.small +BIN1= crontab \ + devd.conf \ + devfs.conf \ + ddb.conf \ + dhclient.conf \ + disktab \ + fbtab \ + ftpusers \ + gettytab \ + group \ + hosts \ + hosts.allow \ + hosts.equiv \ + inetd.conf \ + libalias.conf \ + login.access \ + login.conf \ + mac.conf \ + motd \ + netconfig \ + network.subr \ + networks \ + newsyslog.conf \ + nsswitch.conf \ + phones \ + profile \ + protocols \ + rc \ + rc.bsdextended \ + rc.firewall \ + rc.initdiskless \ + rc.sendmail \ + rc.shutdown \ + rc.subr \ + remote \ + rpc \ + services \ + shells \ + sysctl.conf \ + syslog.conf \ + termcap.small .if exists(${.CURDIR}/etc.${MACHINE}/ttys) BIN1+= etc.${MACHINE}/ttys Modified: stable/9/include/paths.h == --- stable/9/include/paths.hSun Jul 15
svn commit: r238484 - in stable/9: etc lib/libutil
Author: des Date: Sun Jul 15 12:00:47 2012 New Revision: 238484 URL: http://svn.freebsd.org/changeset/base/238484 Log: MFH r237269: switch default password hash to sha512. Approved by:re Modified: stable/9/etc/login.conf stable/9/lib/libutil/login.conf.5 Directory Properties: stable/9/etc/ (props changed) stable/9/lib/libutil/ (props changed) Modified: stable/9/etc/login.conf == --- stable/9/etc/login.conf Sun Jul 15 11:52:24 2012(r238483) +++ stable/9/etc/login.conf Sun Jul 15 12:00:47 2012(r238484) @@ -23,7 +23,7 @@ # AND SEMANTICS'' section of getcap(3) for more escape sequences). default:\ - :passwd_format=md5:\ + :passwd_format=sha512:\ :copyright=/etc/COPYRIGHT:\ :welcome=/etc/motd:\ :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\ Modified: stable/9/lib/libutil/login.conf.5 == --- stable/9/lib/libutil/login.conf.5 Sun Jul 15 11:52:24 2012 (r238483) +++ stable/9/lib/libutil/login.conf.5 Sun Jul 15 12:00:47 2012 (r238484) @@ -267,7 +267,7 @@ The backoff delay is the number of tries multiplied by 5 seconds. .It login-retries number 10 The number of login attempts allowed before the login fails. -.It passwd_format string md5 The encryption format that new or +.It passwd_format string sha512 The encryption format that new or changed passwords will use. Valid values include des, md5, blf, sha256 and sha512; see .Xr crypt 3 ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r238485 - stable/9/etc
Author: des Date: Sun Jul 15 12:13:15 2012 New Revision: 238485 URL: http://svn.freebsd.org/changeset/base/238485 Log: MFH r237270: no need to specify passive mode, it is the default. Approved by: re Modified: stable/9/etc/login.conf Directory Properties: stable/9/etc/ (props changed) Modified: stable/9/etc/login.conf == --- stable/9/etc/login.conf Sun Jul 15 12:00:47 2012(r238484) +++ stable/9/etc/login.conf Sun Jul 15 12:13:15 2012(r238485) @@ -26,7 +26,7 @@ default:\ :passwd_format=sha512:\ :copyright=/etc/COPYRIGHT:\ :welcome=/etc/motd:\ - :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\ + :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\ :path=/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin ~/bin:\ :nologin=/var/run/nologin:\ :cputime=unlimited:\ ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r238102 - head/etc/rc.d
Author: des Date: Wed Jul 4 13:37:44 2012 New Revision: 238102 URL: http://svn.freebsd.org/changeset/base/238102 Log: Name jails automatically. MFC after:1 week Modified: head/etc/rc.d/jail Modified: head/etc/rc.d/jail == --- head/etc/rc.d/jail Wed Jul 4 13:00:48 2012(r238101) +++ head/etc/rc.d/jail Wed Jul 4 13:37:44 2012(r238102) @@ -641,7 +641,7 @@ jail_start() i=$((i + 1)) done - eval ${_setfib} jail ${_flags} -i ${_rootdir} ${_hostname} \ + eval ${_setfib} jail ${_flags} -n ${_jail} -i ${_rootdir} ${_hostname} \ \${_addrl}\ ${_exec_start} ${_tmp_jail} 21 \ /dev/null ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r238105 - vendor/ldns/1.6.13
Author: des Date: Wed Jul 4 14:23:28 2012 New Revision: 238105 URL: http://svn.freebsd.org/changeset/base/238105 Log: tag ldns 1.6.13 Added: vendor/ldns/1.6.13/ - copied from r238104, vendor/ldns/dist/ ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r238107 - vendor/unbound/1.4.17
Author: des Date: Wed Jul 4 14:25:14 2012 New Revision: 238107 URL: http://svn.freebsd.org/changeset/base/238107 Log: tag unbound 1.4.17 Added: vendor/unbound/1.4.17/ - copied from r238106, vendor/unbound/dist/ ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r237269 - in head: etc lib/libutil
Author: des Date: Tue Jun 19 14:46:18 2012 New Revision: 237269 URL: http://svn.freebsd.org/changeset/base/237269 Log: Switch the default password hash from md5 to sha512. MFC after:1 week Modified: head/etc/login.conf head/lib/libutil/login.conf.5 Modified: head/etc/login.conf == --- head/etc/login.conf Tue Jun 19 11:39:56 2012(r237268) +++ head/etc/login.conf Tue Jun 19 14:46:18 2012(r237269) @@ -23,7 +23,7 @@ # AND SEMANTICS'' section of getcap(3) for more escape sequences). default:\ - :passwd_format=md5:\ + :passwd_format=sha512:\ :copyright=/etc/COPYRIGHT:\ :welcome=/etc/motd:\ :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\ Modified: head/lib/libutil/login.conf.5 == --- head/lib/libutil/login.conf.5 Tue Jun 19 11:39:56 2012 (r237268) +++ head/lib/libutil/login.conf.5 Tue Jun 19 14:46:18 2012 (r237269) @@ -267,7 +267,7 @@ The backoff delay is the number of tries multiplied by 5 seconds. .It login-retries number 10 The number of login attempts allowed before the login fails. -.It passwd_format string md5 The encryption format that new or +.It passwd_format string sha512 The encryption format that new or changed passwords will use. Valid values include des, md5, blf, sha256 and sha512; see .Xr crypt 3 ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r237157 - in stable/7/lib: libcrypt libmd
Author: des Date: Sat Jun 16 09:17:21 2012 New Revision: 237157 URL: http://svn.freebsd.org/changeset/base/237157 Log: Backport sha512 support. Added: stable/7/lib/libcrypt/crypt-sha256.c - copied, changed from r220498, head/lib/libcrypt/crypt-sha256.c stable/7/lib/libcrypt/crypt-sha512.c - copied, changed from r220498, head/lib/libcrypt/crypt-sha512.c stable/7/lib/libmd/sha512.3 - copied, changed from r220496, head/lib/libmd/sha512.3 stable/7/lib/libmd/sha512.h - copied unchanged from r220496, head/lib/libmd/sha512.h stable/7/lib/libmd/sha512c.c - copied unchanged from r220496, head/lib/libmd/sha512c.c Modified: stable/7/lib/libcrypt/Makefile stable/7/lib/libcrypt/crypt.3 stable/7/lib/libcrypt/crypt.c stable/7/lib/libcrypt/crypt.h stable/7/lib/libcrypt/misc.c stable/7/lib/libmd/Makefile stable/7/lib/libmd/mddriver.c stable/7/lib/libmd/rmddriver.c stable/7/lib/libmd/sha256.3 stable/7/lib/libmd/shadriver.c Directory Properties: stable/7/lib/libcrypt/ (props changed) stable/7/lib/libmd/ (props changed) Modified: stable/7/lib/libcrypt/Makefile == --- stable/7/lib/libcrypt/Makefile Sat Jun 16 06:38:11 2012 (r237156) +++ stable/7/lib/libcrypt/Makefile Sat Jun 16 09:17:21 2012 (r237157) @@ -12,7 +12,9 @@ LIB= crypt .PATH: ${.CURDIR}/../libmd SRCS= crypt.c misc.c \ crypt-md5.c md5c.c \ - crypt-nthash.c md4c.c + crypt-nthash.c md4c.c \ + crypt-sha256.c sha256c.c \ + crypt-sha512.c sha512c.c MAN= crypt.3 MLINKS=crypt.3 crypt_get_format.3 crypt.3 crypt_set_format.3 CFLAGS+= -I${.CURDIR}/../libmd -I${.CURDIR}/../libutil @@ -29,7 +31,9 @@ CFLAGS+= -I${.CURDIR} -DHAS_DES -DHAS_BL SRCS+= auth.c property.c .for sym in auth_getval property_find properties_read properties_free \ MD4Init MD4Final MD4Update MD4Pad \ - MD5Init MD5Final MD5Update MD5Pad + MD5Init MD5Final MD5Update MD5Pad \ + SHA256_Init SHA256_Final SHA256_Update \ + SHA512_Init SHA512_Final SHA512_Update CFLAGS+= -D${sym}=__${sym} .endfor Copied and modified: stable/7/lib/libcrypt/crypt-sha256.c (from r220498, head/lib/libcrypt/crypt-sha256.c) == --- head/lib/libcrypt/crypt-sha256.cSat Apr 9 14:09:46 2011 (r220498, copy source) +++ stable/7/lib/libcrypt/crypt-sha256.cSat Jun 16 09:17:21 2012 (r237157) @@ -60,7 +60,7 @@ static const char sha256_rounds_prefix[] #define ROUNDS_MAX 9 static char * -sha256_crypt_r(const char *key, const char *salt, char *buffer, int buflen) +crypt_sha256_r(const char *key, const char *salt, char *buffer, int buflen) { u_long srounds; int n; @@ -210,7 +210,9 @@ sha256_crypt_r(const char *key, const ch /* Now we can construct the result string. It consists of three * parts. */ - cp = stpncpy(buffer, sha256_salt_prefix, MAX(0, buflen)); + cp = buffer; + strncpy(buffer, sha256_salt_prefix, MAX(0, buflen)); + cp += sizeof(sha256_salt_prefix) - 1; buflen -= sizeof(sha256_salt_prefix) - 1; if (rounds_custom) { @@ -221,7 +223,8 @@ sha256_crypt_r(const char *key, const ch buflen -= n; } - cp = stpncpy(cp, salt, MIN((size_t)MAX(0, buflen), salt_len)); + strncpy(cp, salt, MIN((size_t)MAX(0, buflen), salt_len)); + cp += MIN((size_t)MAX(0, buflen), salt_len); buflen -= MIN((size_t)MAX(0, buflen), salt_len); if (buflen 0) { @@ -268,12 +271,12 @@ sha256_crypt_r(const char *key, const ch /* This entry point is equivalent to crypt(3). */ char * -sha256_crypt(const char *key, const char *salt) +crypt_sha256(const char *key, const char *salt) { /* We don't want to have an arbitrary limit in the size of the * password. We can compute an upper bound for the size of the * result in advance and so we can prepare the buffer we pass to -* `sha256_crypt_r'. */ +* `crypt_sha256_r'. */ static char *buffer; static int buflen; int needed; @@ -293,7 +296,7 @@ sha256_crypt(const char *key, const char buflen = needed; } - return sha256_crypt_r(key, salt, buffer, buflen); + return crypt_sha256_r(key, salt, buffer, buflen); } #ifdef TEST @@ -459,7 +462,7 @@ main(void) } for (cnt = 0; cnt ntests2; ++cnt) { - char *cp = sha256_crypt(tests2[cnt].input, tests2[cnt].salt); + char *cp = crypt_sha256(tests2[cnt].input, tests2[cnt].salt); if (strcmp(cp, tests2[cnt].expected) != 0) { printf(test %d: expected \%s\, got \%s\\n, Copied and
svn commit: r237005 - head
Author: des Date: Wed Jun 13 11:59:03 2012 New Revision: 237005 URL: http://svn.freebsd.org/changeset/base/237005 Log: Remove auth.conf and related files. Submitted by: trhodes@ MFC after:3 weeks Modified: head/ObsoleteFiles.inc Modified: head/ObsoleteFiles.inc == --- head/ObsoleteFiles.inc Wed Jun 13 10:42:55 2012(r237004) +++ head/ObsoleteFiles.inc Wed Jun 13 11:59:03 2012(r237005) @@ -38,6 +38,10 @@ # xargs -n1 | sort | uniq -d; # done +# 20120613: auth.conf removed +OLD_FILES+=/etc/auth.conf +OLD_FILES+=/usr/share/man/man3/auth.3.gz +OLD_FILES+=/usr/share/man/man5/auth.conf.5.gz # 20120530: kde pam lives now in ports OLD_FILES+=/etc/pam.d/kde # 20120505: new clang import installed a redundant internal header ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r237006 - head
Author: des Date: Wed Jun 13 11:59:47 2012 New Revision: 237006 URL: http://svn.freebsd.org/changeset/base/237006 Log: Remove leading / MFC after:3 weeks Modified: head/ObsoleteFiles.inc Modified: head/ObsoleteFiles.inc == --- head/ObsoleteFiles.inc Wed Jun 13 11:59:03 2012(r237005) +++ head/ObsoleteFiles.inc Wed Jun 13 11:59:47 2012(r237006) @@ -39,11 +39,11 @@ # done # 20120613: auth.conf removed -OLD_FILES+=/etc/auth.conf -OLD_FILES+=/usr/share/man/man3/auth.3.gz -OLD_FILES+=/usr/share/man/man5/auth.conf.5.gz +OLD_FILES+=etc/auth.conf +OLD_FILES+=usr/share/man/man3/auth.3.gz +OLD_FILES+=usr/share/man/man5/auth.conf.5.gz # 20120530: kde pam lives now in ports -OLD_FILES+=/etc/pam.d/kde +OLD_FILES+=etc/pam.d/kde # 20120505: new clang import installed a redundant internal header OLD_FILES+=usr/include/clang/3.1/stdalign.h # 20120428: MD2 removed from libmd ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r237011 - head
Author: des Date: Wed Jun 13 16:40:47 2012 New Revision: 237011 URL: http://svn.freebsd.org/changeset/base/237011 Log: Also remove /usr/share/examples/etc/auth.conf, which I didn't even realize existed. Noticed by: Andrey Zonov and...@zonov.org MFC after:3 weeks Modified: head/ObsoleteFiles.inc Modified: head/ObsoleteFiles.inc == --- head/ObsoleteFiles.inc Wed Jun 13 16:12:30 2012(r237010) +++ head/ObsoleteFiles.inc Wed Jun 13 16:40:47 2012(r237011) @@ -40,6 +40,7 @@ # 20120613: auth.conf removed OLD_FILES+=etc/auth.conf +OLD_FILES+=usr/share/examples/etc/auth.conf OLD_FILES+=usr/share/man/man3/auth.3.gz OLD_FILES+=usr/share/man/man5/auth.conf.5.gz # 20120530: kde pam lives now in ports ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236963 - head/release/picobsd/tinyware/passwd
Author: des Date: Tue Jun 12 15:32:14 2012 New Revision: 236963 URL: http://svn.freebsd.org/changeset/base/236963 Log: Remove dead code. Modified: head/release/picobsd/tinyware/passwd/passwd.c Modified: head/release/picobsd/tinyware/passwd/passwd.c == --- head/release/picobsd/tinyware/passwd/passwd.c Tue Jun 12 15:04:18 2012(r236962) +++ head/release/picobsd/tinyware/passwd/passwd.c Tue Jun 12 15:32:14 2012(r236963) @@ -64,10 +64,6 @@ int yp_errno = YP_TRUE; extern int yp_passwd( char * ); #endif -#ifdef KERBEROS -#include krb.h -#endif - #include extern.h static void usage(void); @@ -81,26 +77,12 @@ main(argc, argv) { int ch; char *uname; -#ifdef KERBEROS - char *iflag = 0, *rflag = 0, *uflag = 0; - char *k; -#endif #ifdef YP -#ifdef KERBEROS - char realm[REALM_SZ]; -#define OPTIONS d:h:lysfoi:r:u: -#else #define OPTIONS d:h:lysfo -#endif -#else -#ifdef KERBEROS - char realm[REALM_SZ]; -#define OPTIONS li:r:u: #else #define OPTIONS l #endif -#endif #ifdef YP int res = 0; @@ -113,17 +95,6 @@ main(argc, argv) case 'l': /* change local password file */ use_local_passwd = 1; break; -#ifdef KERBEROS - case 'i': - iflag = optarg; - break; - case 'r': - rflag = optarg; - break; - case 'u': - uflag = optarg; - break; -#endif /* KERBEROS */ #ifdef YP case 'y': /* Change NIS password */ __use_yp = 1; @@ -182,46 +153,29 @@ main(argc, argv) /* * If NIS is turned on in the password database, use it, else punt. */ -#ifdef KERBEROS - if (__use_yp || (iflag == NULL rflag == NULL uflag == NULL)) { -#endif - res = use_yp(uname, 0, 0); - if (res == USER_YP_ONLY) { - if (!use_local_passwd) { - exit(yp_passwd(uname)); - } else { + res = use_yp(uname, 0, 0); + if (res == USER_YP_ONLY) { + if (!use_local_passwd) { + exit(yp_passwd(uname)); + } else { /* * Reject -l flag if NIS is turned on and the user * doesn't exist in the local password database. */ - errx(1, unknown local user: %s, uname); - } - } else if (res == USER_LOCAL_ONLY) { - /* -* Reject -y flag if user only exists locally. -*/ - if (__use_yp) - errx(1, unknown NIS user: %s, uname); - } else if (res == USER_YP_AND_LOCAL) { - if (!use_local_passwd (yp_in_pw_file || __use_yp)) - exit(yp_passwd(uname)); + errx(1, unknown local user: %s, uname); } -#ifdef KERBEROS + } else if (res == USER_LOCAL_ONLY) { + /* +* Reject -y flag if user only exists locally. +*/ + if (__use_yp) + errx(1, unknown NIS user: %s, uname); + } else if (res == USER_YP_AND_LOCAL) { + if (!use_local_passwd (yp_in_pw_file || __use_yp)) + exit(yp_passwd(uname)); } #endif -#endif - if (!use_local_passwd) { -#ifdef KERBEROS - k = auth_getval(auth_list); - if (k strstr(k, kerberos)) - if(krb_get_lrealm(realm, 0) == KSUCCESS) { - setuid(getuid()); - fprintf(stderr, realm %s\n, realm); - exit(krb_passwd(argv[0], iflag, rflag, uflag)); - } -#endif - } exit(local_passwd(uname)); } @@ -230,21 +184,10 @@ usage() { #ifdef YP -#ifdef KERBEROS - fprintf(stderr, %s\n%s\n, - usage: passwd [-l] [-i instance] [-r realm] [-u fullname], - passwd [-l] [-y] [-o] [-d domain [-h host]] [user]); -#else (void)fprintf(stderr, usage: passwd [-l] [-y] [-o] [-d domain [-h host]] [user]\n); -#endif #else -#ifdef KERBEROS - fprintf(stderr, - usage: passwd [-l] [-i instance] [-r realm] [-u fullname] [user]\n); -#else - (void)fprintf(stderr, usage: passwd user\n); -#endif + (void)fprintf(stderr, usage: passwd [-l] user\n); #endif exit(1); } ___ svn-src-all@freebsd.org mailing list
svn commit: r236965 - in head: etc include lib/libutil share/examples/etc
Author: des Date: Tue Jun 12 17:02:53 2012 New Revision: 236965 URL: http://svn.freebsd.org/changeset/base/236965 Log: Finally nuke auth.conf, nine years after it was deprecated. The only thing it was still used for was to set the global default password hash. Since the stock auth.conf contained nothing but comments, the global default was actually the first algorithm in crypt(3)'s list, which happens to be DES; I take the fact that nobody noticed as proof that it was not used outside of crypt(3). The only other use in our tree was in the Kerberos support code in in tinyware's passwd(1). I removed that code in an earlier commit; it would not have compiled anyway, as it only supported Kerberos IV. The auth_getval() function is now a stub that always returns NULL, which has the same effect as a functional auth_getval() with an empty auth.conf. MFC after:3 weeks Deleted: head/etc/auth.conf head/lib/libutil/auth.3 head/lib/libutil/auth.conf.5 Modified: head/etc/Makefile head/include/paths.h head/lib/libutil/Makefile head/lib/libutil/auth.c head/lib/libutil/property.3 head/share/examples/etc/README.examples Modified: head/etc/Makefile == --- head/etc/Makefile Tue Jun 12 16:07:03 2012(r236964) +++ head/etc/Makefile Tue Jun 12 17:02:53 2012(r236965) @@ -7,8 +7,7 @@ SUBDIR=sendmail .endif -BIN1= auth.conf \ - crontab \ +BIN1= crontab \ devd.conf \ devfs.conf \ ddb.conf \ Modified: head/include/paths.h == --- head/include/paths.hTue Jun 12 16:07:03 2012(r236964) +++ head/include/paths.hTue Jun 12 17:02:53 2012(r236965) @@ -42,7 +42,6 @@ /* Locate system binaries. */ #define_PATH_SYSPATH /sbin:/usr/sbin -#define_PATH_AUTHCONF /etc/auth.conf #define_PATH_BSHELL/bin/sh #define_PATH_CAPABILITY/etc/capability #define_PATH_CAPABILITY_DB /etc/capability.db Modified: head/lib/libutil/Makefile == --- head/lib/libutil/Makefile Tue Jun 12 16:07:03 2012(r236964) +++ head/lib/libutil/Makefile Tue Jun 12 17:02:53 2012(r236965) @@ -25,14 +25,13 @@ CFLAGS+= -DINET6 CFLAGS+= -I${.CURDIR} -I${.CURDIR}/../libc/gen/ -MAN+= auth.3 expand_number.3 flopen.3 fparseln.3 hexdump.3 \ +MAN+= expand_number.3 flopen.3 fparseln.3 hexdump.3 \ humanize_number.3 kinfo_getallproc.3 kinfo_getfile.3 \ kinfo_getproc.3 kinfo_getvmmap.3 kld.3 login_auth.3 login_cap.3 \ login_class.3 login_ok.3 login_times.3 login_tty.3 pidfile.3 \ property.3 pty.3 quotafile.3 realhostname.3 realhostname_sa.3 \ _secure_path.3 trimdomain.3 uucplock.3 -MAN+= auth.conf.5 login.conf.5 -MLINKS+= auth.3 auth_getval.3 +MAN+= login.conf.5 MLINKS+= kld.3 kld_isloaded.3 kld.3 kld_load.3 MLINKS+=login_auth.3 auth_cat.3 login_auth.3 auth_checknologin.3 MLINKS+=login_cap.3 login_close.3 login_cap.3 login_getcapbool.3 \ Modified: head/lib/libutil/auth.c == --- head/lib/libutil/auth.c Tue Jun 12 16:07:03 2012(r236964) +++ head/lib/libutil/auth.c Tue Jun 12 17:02:53 2012(r236965) @@ -31,40 +31,14 @@ #include sys/cdefs.h __FBSDID($FreeBSD$); -#include sys/types.h -#include fcntl.h -#include libutil.h -#include paths.h -#include syslog.h -#include unistd.h - -static properties P; - -static int -initauthconf(const char *path) -{ -int fd; +#include stdlib.h -if (!P) { - if ((fd = open(path, O_RDONLY)) 0) { - syslog(LOG_ERR, initauthconf: unable to open file: %s, path); - return 1; - } - P = properties_read(fd); - close(fd); - if (!P) { - syslog(LOG_ERR, initauthconf: unable to parse file: %s, path); - return 1; - } -} -return 0; -} +#include libutil.h char * auth_getval(const char *name) { -if (!P initauthconf(_PATH_AUTHCONF)) - return NULL; -else - return property_find(P, name); + + (void)name; + return (NULL); } Modified: head/lib/libutil/property.3 == --- head/lib/libutil/property.3 Tue Jun 12 16:07:03 2012(r236964) +++ head/lib/libutil/property.3 Tue Jun 12 17:02:53 2012(r236965) @@ -90,8 +90,6 @@ are desired, the entire value should be characters. Any line beginning with a # or ; character is assumed to be a comment and will be ignored. -.Sh SEE ALSO -.Xr auth_getval 3 .Sh AUTHORS .An Jordan Hubbard .Sh BUGS Modified: head/share/examples/etc/README.examples ==
svn commit: r236966 - head/sys/mips/rmi
Author: des Date: Tue Jun 12 17:04:56 2012 New Revision: 236966 URL: http://svn.freebsd.org/changeset/base/236966 Log: auth.conf is dead. Modified: head/sys/mips/rmi/rootfs_list.txt Modified: head/sys/mips/rmi/rootfs_list.txt == --- head/sys/mips/rmi/rootfs_list.txt Tue Jun 12 17:02:53 2012 (r236965) +++ head/sys/mips/rmi/rootfs_list.txt Tue Jun 12 17:04:56 2012 (r236966) @@ -1,3 +1,5 @@ +# $FreeBSD$ +# # This is the list of files that # should be in your rootfs (copy it from # the build world nfsmount dir. When the rge0 @@ -321,7 +323,6 @@ ./etc/ssh/moduli ./etc/ssl ./etc/ssl/openssl.cnf -./etc/auth.conf ./etc/crontab ./etc/devd.conf ./etc/devfs.conf ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236967 - head/lib/libcrypt
Author: des Date: Tue Jun 12 17:14:19 2012 New Revision: 236967 URL: http://svn.freebsd.org/changeset/base/236967 Log: Stop using auth_getval() now that it always returns NULL. Instead, hardcode the default to what it would be if we didn't hardcode it, i.e. DES if supported and MD5 otherwise. MFC after:3 weeks Modified: head/lib/libcrypt/Makefile head/lib/libcrypt/crypt.3 head/lib/libcrypt/crypt.c Modified: head/lib/libcrypt/Makefile == --- head/lib/libcrypt/Makefile Tue Jun 12 17:04:56 2012(r236966) +++ head/lib/libcrypt/Makefile Tue Jun 12 17:14:19 2012(r236967) @@ -26,11 +26,7 @@ SRCS+= crypt-des.c crypt-blowfish.c blo CFLAGS+= -I${.CURDIR} -DHAS_DES -DHAS_BLOWFISH .endif -# And the auth_getval() code and support. -.PATH: ${.CURDIR}/../libutil -SRCS+= auth.c property.c -.for sym in auth_getval property_find properties_read properties_free \ - MD4Init MD4Final MD4Update MD4Pad \ +.for sym in MD4Init MD4Final MD4Update MD4Pad \ MD5Init MD5Final MD5Update MD5Pad \ SHA256_Init SHA256_Final SHA256_Update \ SHA512_Init SHA512_Final SHA512_Update Modified: head/lib/libcrypt/crypt.3 == --- head/lib/libcrypt/crypt.3 Tue Jun 12 17:04:56 2012(r236966) +++ head/lib/libcrypt/crypt.3 Tue Jun 12 17:14:19 2012(r236967) @@ -238,12 +238,6 @@ The .Fn crypt_set_format function sets the default encoding format according to the supplied .Fa string . -.Pp -The global default format can be set using the -.Pa /etc/auth.conf -file using the -.Va crypt_default -property. .Sh RETURN VALUES The .Fn crypt @@ -260,9 +254,7 @@ Otherwise, a value of 0 is returned. .Sh SEE ALSO .Xr login 1 , .Xr passwd 1 , -.Xr auth_getval 3 , .Xr getpass 3 , -.Xr auth.conf 5 , .Xr passwd 5 .Sh HISTORY A rotor-based Modified: head/lib/libcrypt/crypt.c == --- head/lib/libcrypt/crypt.c Tue Jun 12 17:04:56 2012(r236966) +++ head/lib/libcrypt/crypt.c Tue Jun 12 17:14:19 2012(r236967) @@ -79,23 +79,23 @@ static const struct { } }; +#ifdef HAS_DES +#define CRYPT_DEFAULT des +#else +#define CRYPT_DEFAULT md5 +#endif + static int crypt_type = -1; static void crypt_setdefault(void) { - char *def; size_t i; if (crypt_type != -1) return; - def = auth_getval(crypt_default); - if (def == NULL) { - crypt_type = 0; - return; - } for (i = 0; i sizeof(crypt_types) / sizeof(crypt_types[0]) - 1; i++) { - if (strcmp(def, crypt_types[i].name) == 0) { + if (strcmp(CRYPT_DEFAULT, crypt_types[i].name) == 0) { crypt_type = (int)i; return; } ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236892 - in head: bin/rcp libexec/rshd usr.bin/login usr.bin/passwd usr.bin/rlogin usr.bin/rsh
Author: des Date: Mon Jun 11 16:18:39 2012 New Revision: 236892 URL: http://svn.freebsd.org/changeset/base/236892 Log: None of these programs actually use auth.conf. MFC after:1 week Modified: head/bin/rcp/rcp.1 head/libexec/rshd/rshd.8 head/usr.bin/login/login.1 head/usr.bin/passwd/passwd.1 head/usr.bin/rlogin/rlogin.1 head/usr.bin/rsh/rsh.1 Modified: head/bin/rcp/rcp.1 == --- head/bin/rcp/rcp.1 Mon Jun 11 16:08:03 2012(r236891) +++ head/bin/rcp/rcp.1 Mon Jun 11 16:18:39 2012(r236892) @@ -116,17 +116,11 @@ The .Nm utility handles third party copies, where neither source nor target files are on the current machine. -.Sh FILES -.Bl -tag -width .Pa /etc/auth.conf -compact -.It Pa /etc/auth.conf -configure authentication services -.El .Sh SEE ALSO .Xr cp 1 , .Xr ftp 1 , .Xr rlogin 1 , .Xr rsh 1 , -.Xr auth.conf 5 , .Xr hosts.equiv 5 .Sh HISTORY The Modified: head/libexec/rshd/rshd.8 == --- head/libexec/rshd/rshd.8Mon Jun 11 16:08:03 2012(r236891) +++ head/libexec/rshd/rshd.8Mon Jun 11 16:18:39 2012(r236892) @@ -237,7 +237,6 @@ and is not preceded by a flag byte. .Xr gethostbyaddr 3 , .Xr rcmd 3 , .Xr ruserok 3 , -.Xr auth.conf 5 , .Xr hosts 5 , .Xr hosts.equiv 5 , .Xr login.conf 5 , Modified: head/usr.bin/login/login.1 == --- head/usr.bin/login/login.1 Mon Jun 11 16:08:03 2012(r236891) +++ head/usr.bin/login/login.1 Mon Jun 11 16:18:39 2012(r236892) @@ -137,8 +137,6 @@ message-of-the-day system mailboxes .It Pa \.hushlogin makes login quieter -.It Pa /etc/auth.conf -configure authentication services .It Pa /etc/pam.d/login .Xr pam 8 configuration file Modified: head/usr.bin/passwd/passwd.1 == --- head/usr.bin/passwd/passwd.1Mon Jun 11 16:08:03 2012 (r236891) +++ head/usr.bin/passwd/passwd.1Mon Jun 11 16:18:39 2012 (r236892) @@ -221,8 +221,6 @@ a Version 7 format password file temporary copy of the password file .It Pa /etc/login.conf login class capabilities database -.It Pa /etc/auth.conf -configure authentication services .El .Sh SEE ALSO .Xr chpass 1 , Modified: head/usr.bin/rlogin/rlogin.1 == --- head/usr.bin/rlogin/rlogin.1Mon Jun 11 16:08:03 2012 (r236891) +++ head/usr.bin/rlogin/rlogin.1Mon Jun 11 16:18:39 2012 (r236892) @@ -128,7 +128,6 @@ Determines the user's terminal type. .Bl -tag -width /etc/hosts -compact .It Pa /etc/hosts .It Pa /etc/hosts.equiv -.It Pa /etc/auth.conf .It Ev $HOME Ns Pa /.rhosts .El .Sh SEE ALSO @@ -138,7 +137,6 @@ Determines the user's terminal type. .Xr setsockopt 2 , .Xr ruserok 3 , .Xr tty 4 , -.Xr auth.conf 5 , .Xr hosts 5 , .Xr hosts.equiv 5 , .Xr rlogind 8 , Modified: head/usr.bin/rsh/rsh.1 == --- head/usr.bin/rsh/rsh.1 Mon Jun 11 16:08:03 2012(r236891) +++ head/usr.bin/rsh/rsh.1 Mon Jun 11 16:18:39 2012(r236892) @@ -125,14 +125,12 @@ to .Sh FILES .Bl -tag -width /etc/hosts -compact .It Pa /etc/hosts -.It Pa /etc/auth.conf .El .Sh SEE ALSO .Xr rlogin 1 , .Xr setsockopt 2 , .Xr rcmd 3 , .Xr ruserok 3 , -.Xr auth.conf 5 , .Xr hosts 5 , .Xr hosts.equiv 5 , .Xr rlogind 8 , ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236751 - head/lib/libutil
Author: des Date: Fri Jun 8 12:36:08 2012 New Revision: 236751 URL: http://svn.freebsd.org/changeset/base/236751 Log: Document that we also support sha256 and sha512. MFC after:1 week Modified: head/lib/libutil/login.conf.5 Modified: head/lib/libutil/login.conf.5 == --- head/lib/libutil/login.conf.5 Fri Jun 8 12:35:43 2012 (r236750) +++ head/lib/libutil/login.conf.5 Fri Jun 8 12:36:08 2012 (r236751) @@ -269,7 +269,9 @@ multiplied by 5 seconds. allowed before the login fails. .It passwd_format string md5 The encryption format that new or changed passwords will use. -Valid values include des, md5 and blf. +Valid values include des, md5, blf, sha256 and sha512; see +.Xr crypt 3 +for details. NIS clients using a .No non- Ns Fx NIS server should probably use des. ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236614 - head/gnu/lib/libsupc++
Author: des Date: Tue Jun 5 12:34:08 2012 New Revision: 236614 URL: http://svn.freebsd.org/changeset/base/236614 Log: Add mangled symbols for operator new / delete on 64-bit platforms. Reported by: decke@ MFC after:1 week Modified: head/gnu/lib/libsupc++/Version.map Modified: head/gnu/lib/libsupc++/Version.map == --- head/gnu/lib/libsupc++/Version.map Tue Jun 5 11:48:32 2012 (r236613) +++ head/gnu/lib/libsupc++/Version.map Tue Jun 5 12:34:08 2012 (r236614) @@ -126,11 +126,19 @@ CXXABI_1.3 { # __gnu_cxx::_verbose_terminate_handler() _ZN9__gnu_cxx27__verbose_terminate_handlerEv; -# new / delete operators +# operator new and new[], 32-bit size_t _Znaj; _ZnajRKSt9nothrow_t; _Znwj; _ZnwjRKSt9nothrow_t; + +# operator new and new[], 64-bit size_t +_Znam; +_ZnamRKSt9nothrow_t; +_Znwm; +_ZnwmRKSt9nothrow_t; + +# operator delete and delete[] _ZdaPv; _ZdaPvRKSt9nothrow_t; _ZdlPv; ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236226 - head/usr.bin/unzip
Author: des Date: Tue May 29 09:11:19 2012 New Revision: 236226 URL: http://svn.freebsd.org/changeset/base/236226 Log: Pass a filename, rather than a file descriptor, to libarchive. Submitted by: Alex Kozlov s...@rm-rf.kiev.ua MFC after:1 week Modified: head/usr.bin/unzip/unzip.c Modified: head/usr.bin/unzip/unzip.c == --- head/usr.bin/unzip/unzip.c Tue May 29 08:56:56 2012(r236225) +++ head/usr.bin/unzip/unzip.c Tue May 29 09:11:19 2012(r236226) @@ -865,19 +865,14 @@ unzip(const char *fn) { struct archive *a; struct archive_entry *e; - int fd, ret; + int ret; uintmax_t total_size, file_count, error_count; - if (strcmp(fn, -) == 0) - fd = STDIN_FILENO; - else if ((fd = open(fn, O_RDONLY)) 0) - error(%s, fn); - if ((a = archive_read_new()) == NULL) error(archive_read_new failed); ac(archive_read_support_format_zip(a)); - ac(archive_read_open_fd(a, fd, 8192)); + ac(archive_read_open_filename(a, fn, 8192)); if (!zipinfo_mode) { if (!p_opt !q_opt) @@ -933,9 +928,6 @@ unzip(const char *fn) ac(archive_read_close(a)); (void)archive_read_finish(a); - if (fd != STDIN_FILENO close(fd) != 0) - error(%s, fn); - if (t_opt) { if (error_count 0) { errorx(%d checksum error(s) found., error_count); @@ -1061,6 +1053,9 @@ main(int argc, char *argv[]) usage(); zipfile = argv[nopts++]; + if (strcmp(zipfile, -) == 0) + zipfile = NULL; /* STDIN */ + while (nopts argc *argv[nopts] != '-') add_pattern(include, argv[nopts++]); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236187 - stable/7
Author: des Date: Mon May 28 15:34:55 2012 New Revision: 236187 URL: http://svn.freebsd.org/changeset/base/236187 Log: Make yacc a bootstrap tool if building on head, since the new yacc is not 100% backward compatible. Modified: stable/7/Makefile.inc1 Modified: stable/7/Makefile.inc1 == --- stable/7/Makefile.inc1 Mon May 28 14:50:13 2012(r236186) +++ stable/7/Makefile.inc1 Mon May 28 15:34:55 2012(r236187) @@ -888,6 +888,10 @@ _colldef= usr.bin/colldef _gencat= usr.bin/gencat .endif +.if ${BOOTSTRAPPING} = 113 +_yacc= usr.bin/yacc +.endif + .if ${BOOTSTRAPPING} 600016 _mklocale= usr.bin/mklocale .endif @@ -922,6 +926,7 @@ bootstrap-tools: ${_gencat} \ usr.bin/lorder \ usr.bin/makewhatis \ +${_yacc} \ ${_mklocale} \ usr.bin/rpcgen \ usr.bin/xinstall \ ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236200 - stable/9/usr.bin/unzip
Author: des Date: Mon May 28 21:19:33 2012 New Revision: 236200 URL: http://svn.freebsd.org/changeset/base/236200 Log: MFH r230044, r233456: style and markup nits Modified: stable/9/usr.bin/unzip/unzip.1 stable/9/usr.bin/unzip/unzip.c Directory Properties: stable/9/usr.bin/unzip/ (props changed) Modified: stable/9/usr.bin/unzip/unzip.1 == --- stable/9/usr.bin/unzip/unzip.1 Mon May 28 21:15:54 2012 (r236199) +++ stable/9/usr.bin/unzip/unzip.1 Mon May 28 21:19:33 2012 (r236200) @@ -38,7 +38,6 @@ .Ar zipfile .Sh DESCRIPTION .\ ... -.Pp The following options are available: .Bl -tag -width Fl .It Fl a Modified: stable/9/usr.bin/unzip/unzip.c == --- stable/9/usr.bin/unzip/unzip.c Mon May 28 21:15:54 2012 (r236199) +++ stable/9/usr.bin/unzip/unzip.c Mon May 28 21:19:33 2012 (r236200) @@ -426,7 +426,7 @@ handle_existing_file(char **path) fprintf(stderr, replace %s? [y]es, [n]o, [A]ll, [N]one, [r]ename: , *path); - if (fgets(buf, sizeof(buf), stdin) == 0) { + if (fgets(buf, sizeof(buf), stdin) == NULL) { clearerr(stdin); printf(NULL\n(EOF or read error, treating as \[N]one\...)\n); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236201 - stable/8/usr.bin/unzip
Author: des Date: Mon May 28 21:25:19 2012 New Revision: 236201 URL: http://svn.freebsd.org/changeset/base/236201 Log: MFH r208957: check return value from archive_read_new() MFH r214137, r214140, r214174, r224584: support reading from stdin MFH r230044, r233456: style and markup nits MFH r234311: correct name in copyright statement Modified: stable/8/usr.bin/unzip/unzip.1 stable/8/usr.bin/unzip/unzip.c Directory Properties: stable/8/usr.bin/unzip/ (props changed) Modified: stable/8/usr.bin/unzip/unzip.1 == --- stable/8/usr.bin/unzip/unzip.1 Mon May 28 21:19:33 2012 (r236200) +++ stable/8/usr.bin/unzip/unzip.1 Mon May 28 21:25:19 2012 (r236201) @@ -1,5 +1,5 @@ .\- -.\ Copyright (c) 2007-2008 Dag-Erling Co�dan Sm�rgrav +.\ Copyright (c) 2007-2008 Dag-Erling Smørgrav .\ All rights reserved. .\ .\ Redistribution and use in source and binary forms, with or without @@ -38,7 +38,6 @@ .Ar zipfile .Sh DESCRIPTION .\ ... -.Pp The following options are available: .Bl -tag -width Fl .It Fl a @@ -121,6 +120,10 @@ Note that only one of and .Fl u may be specified. +If specified filename is +.Qq - , +then data is read from +.Va stdin . .Sh ENVIRONMENT If the .Ev UNZIP_DEBUG Modified: stable/8/usr.bin/unzip/unzip.c == --- stable/8/usr.bin/unzip/unzip.c Mon May 28 21:19:33 2012 (r236200) +++ stable/8/usr.bin/unzip/unzip.c Mon May 28 21:25:19 2012 (r236201) @@ -1,6 +1,6 @@ /*- * Copyright (c) 2009 Joerg Sonnenberger jo...@netbsd.org - * Copyright (c) 2007-2008 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 2007-2008 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -426,7 +426,7 @@ handle_existing_file(char **path) fprintf(stderr, replace %s? [y]es, [n]o, [A]ll, [N]one, [r]ename: , *path); - if (fgets(buf, sizeof(buf), stdin) == 0) { + if (fgets(buf, sizeof(buf), stdin) == NULL) { clearerr(stdin); printf(NULL\n(EOF or read error, treating as \[N]one\...)\n); @@ -868,10 +868,14 @@ unzip(const char *fn) int fd, ret; uintmax_t total_size, file_count, error_count; - if ((fd = open(fn, O_RDONLY)) 0) + if (strcmp(fn, -) == 0) + fd = STDIN_FILENO; + else if ((fd = open(fn, O_RDONLY)) 0) error(%s, fn); - a = archive_read_new(); + if ((a = archive_read_new()) == NULL) + error(archive_read_new failed); + ac(archive_read_support_format_zip(a)); ac(archive_read_open_fd(a, fd, 8192)); @@ -929,7 +933,7 @@ unzip(const char *fn) ac(archive_read_close(a)); (void)archive_read_finish(a); - if (close(fd) != 0) + if (fd != STDIN_FILENO close(fd) != 0) error(%s, fn); if (t_opt) { ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236202 - stable/8/usr.bin
Author: des Date: Mon May 28 21:26:26 2012 New Revision: 236202 URL: http://svn.freebsd.org/changeset/base/236202 Log: MFH r200068: connect unzip to the build. Modified: stable/8/usr.bin/Makefile Directory Properties: stable/8/usr.bin/ (props changed) Modified: stable/8/usr.bin/Makefile == --- stable/8/usr.bin/Makefile Mon May 28 21:25:19 2012(r236201) +++ stable/8/usr.bin/Makefile Mon May 28 21:26:26 2012(r236202) @@ -205,6 +205,7 @@ SUBDIR= alias \ unexpand \ ${_unifdef} \ uniq \ + unzip \ units \ unvis \ ${_usbhidaction} \ ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236203 - stable/8/lib/libpam
Author: des Date: Mon May 28 21:59:05 2012 New Revision: 236203 URL: http://svn.freebsd.org/changeset/base/236203 Log: Forgot to commit mergeinfo when I MFHed pam_unix last month. Modified: Directory Properties: stable/8/lib/libpam/ (props changed) ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236204 - stable/8
Author: des Date: Mon May 28 22:07:32 2012 New Revision: 236204 URL: http://svn.freebsd.org/changeset/base/236204 Log: MFH r230622: use build tools, not host tools, to build aicasm. Modified: stable/8/Makefile.inc1 (contents, props changed) Directory Properties: stable/8/ (props changed) Modified: stable/8/Makefile.inc1 == --- stable/8/Makefile.inc1 Mon May 28 21:59:05 2012(r236203) +++ stable/8/Makefile.inc1 Mon May 28 22:07:32 2012(r236204) @@ -775,6 +775,7 @@ buildkernel: @echo stage 2.3: build tools @echo -- cd ${KRNLOBJDIR}/${_kernel}; \ + PATH=${BPATH}:${PATH} \ MAKESRCPATH=${KERNSRCDIR}/dev/aic7xxx/aicasm \ ${MAKE} SSP_CFLAGS= -DNO_CPU_CFLAGS -DNO_CTF \ -f ${KERNSRCDIR}/dev/aic7xxx/aicasm/Makefile @@ -782,6 +783,7 @@ buildkernel: .if !defined(MODULES_WITH_WORLD) !defined(NO_MODULES) exists(${KERNSRCDIR}/modules) .for target in obj depend all cd ${KERNSRCDIR}/modules/aic7xxx/aicasm; \ + PATH=${BPATH}:${PATH} \ MAKEOBJDIRPREFIX=${KRNLOBJDIR}/${_kernel}/modules \ ${MAKE} SSP_CFLAGS= -DNO_CPU_CFLAGS -DNO_CTF ${target} .endfor ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236205 - stable/7
Author: des Date: Mon May 28 22:09:50 2012 New Revision: 236205 URL: http://svn.freebsd.org/changeset/base/236205 Log: MFH r230622: use build tools, not host tools, to build aicasm. Modified: stable/7/Makefile.inc1 (contents, props changed) Directory Properties: stable/7/ (props changed) Modified: stable/7/Makefile.inc1 == --- stable/7/Makefile.inc1 Mon May 28 22:07:32 2012(r236204) +++ stable/7/Makefile.inc1 Mon May 28 22:09:50 2012(r236205) @@ -735,6 +735,7 @@ buildkernel: @echo stage 2.3: build tools @echo -- cd ${KRNLOBJDIR}/${_kernel}; \ + PATH=${BPATH}:${PATH} \ MAKESRCPATH=${KERNSRCDIR}/dev/aic7xxx/aicasm \ ${MAKE} -DNO_CPU_CFLAGS -DNO_CTF \ -f ${KERNSRCDIR}/dev/aic7xxx/aicasm/Makefile @@ -742,6 +743,7 @@ buildkernel: .if !defined(MODULES_WITH_WORLD) !defined(NO_MODULES) exists(${KERNSRCDIR}/modules) .for target in obj depend all cd ${KERNSRCDIR}/modules/aic7xxx/aicasm; \ + PATH=${BPATH}:${PATH} \ MAKEOBJDIRPREFIX=${KRNLOBJDIR}/${_kernel}/modules \ ${MAKE} -DNO_CPU_CFLAGS -DNO_CTF ${target} .endfor ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236099 - in vendor/openpam/dist: . bin bin/openpam_dump_policy bin/pamtest bin/su doc/man include/security lib misc t
Author: des Date: Sat May 26 14:23:18 2012 New Revision: 236099 URL: http://svn.freebsd.org/changeset/base/236099 Log: Vendor import of OpenPAM Micrampelis. Added: vendor/openpam/dist/TODO vendor/openpam/dist/bin/openpam_dump_policy/ vendor/openpam/dist/bin/openpam_dump_policy/Makefile.am vendor/openpam/dist/bin/openpam_dump_policy/Makefile.in vendor/openpam/dist/bin/openpam_dump_policy/openpam_dump_policy.c vendor/openpam/dist/doc/man/openpam_get_feature.3 vendor/openpam/dist/doc/man/openpam_readlinev.3 vendor/openpam/dist/doc/man/openpam_readword.3 vendor/openpam/dist/doc/man/openpam_set_feature.3 vendor/openpam/dist/doc/man/openpam_straddch.3 vendor/openpam/dist/lib/openpam_ctype.h vendor/openpam/dist/lib/openpam_features.c vendor/openpam/dist/lib/openpam_features.h vendor/openpam/dist/lib/openpam_get_feature.c vendor/openpam/dist/lib/openpam_readlinev.c vendor/openpam/dist/lib/openpam_readword.c vendor/openpam/dist/lib/openpam_set_feature.c vendor/openpam/dist/lib/openpam_straddch.c vendor/openpam/dist/lib/openpam_strlcat.h vendor/openpam/dist/pamgdb.in vendor/openpam/dist/t/ vendor/openpam/dist/t/Makefile.am vendor/openpam/dist/t/Makefile.in vendor/openpam/dist/t/t.h vendor/openpam/dist/t/t_main.c vendor/openpam/dist/t/t_openpam_readlinev.c vendor/openpam/dist/t/t_openpam_readword.c Modified: vendor/openpam/dist/CREDITS vendor/openpam/dist/HISTORY vendor/openpam/dist/LICENSE vendor/openpam/dist/Makefile.am vendor/openpam/dist/Makefile.in vendor/openpam/dist/RELNOTES vendor/openpam/dist/aclocal.m4 vendor/openpam/dist/bin/Makefile.am vendor/openpam/dist/bin/Makefile.in vendor/openpam/dist/bin/pamtest/pamtest.1 vendor/openpam/dist/bin/pamtest/pamtest.c vendor/openpam/dist/bin/su/su.1 vendor/openpam/dist/config.h.in vendor/openpam/dist/configure vendor/openpam/dist/configure.ac vendor/openpam/dist/doc/man/Makefile.am vendor/openpam/dist/doc/man/Makefile.in vendor/openpam/dist/doc/man/openpam.3 vendor/openpam/dist/doc/man/openpam_borrow_cred.3 vendor/openpam/dist/doc/man/openpam_free_data.3 vendor/openpam/dist/doc/man/openpam_free_envlist.3 vendor/openpam/dist/doc/man/openpam_get_option.3 vendor/openpam/dist/doc/man/openpam_log.3 vendor/openpam/dist/doc/man/openpam_nullconv.3 vendor/openpam/dist/doc/man/openpam_readline.3 vendor/openpam/dist/doc/man/openpam_restore_cred.3 vendor/openpam/dist/doc/man/openpam_set_option.3 vendor/openpam/dist/doc/man/openpam_subst.3 vendor/openpam/dist/doc/man/openpam_ttyconv.3 vendor/openpam/dist/doc/man/pam.3 vendor/openpam/dist/doc/man/pam.conf.5 vendor/openpam/dist/doc/man/pam_acct_mgmt.3 vendor/openpam/dist/doc/man/pam_authenticate.3 vendor/openpam/dist/doc/man/pam_chauthtok.3 vendor/openpam/dist/doc/man/pam_close_session.3 vendor/openpam/dist/doc/man/pam_conv.3 vendor/openpam/dist/doc/man/pam_end.3 vendor/openpam/dist/doc/man/pam_error.3 vendor/openpam/dist/doc/man/pam_get_authtok.3 vendor/openpam/dist/doc/man/pam_get_data.3 vendor/openpam/dist/doc/man/pam_get_item.3 vendor/openpam/dist/doc/man/pam_get_user.3 vendor/openpam/dist/doc/man/pam_getenv.3 vendor/openpam/dist/doc/man/pam_getenvlist.3 vendor/openpam/dist/doc/man/pam_info.3 vendor/openpam/dist/doc/man/pam_open_session.3 vendor/openpam/dist/doc/man/pam_prompt.3 vendor/openpam/dist/doc/man/pam_putenv.3 vendor/openpam/dist/doc/man/pam_set_data.3 vendor/openpam/dist/doc/man/pam_set_item.3 vendor/openpam/dist/doc/man/pam_setcred.3 vendor/openpam/dist/doc/man/pam_setenv.3 vendor/openpam/dist/doc/man/pam_sm_acct_mgmt.3 vendor/openpam/dist/doc/man/pam_sm_authenticate.3 vendor/openpam/dist/doc/man/pam_sm_chauthtok.3 vendor/openpam/dist/doc/man/pam_sm_close_session.3 vendor/openpam/dist/doc/man/pam_sm_open_session.3 vendor/openpam/dist/doc/man/pam_sm_setcred.3 vendor/openpam/dist/doc/man/pam_start.3 vendor/openpam/dist/doc/man/pam_strerror.3 vendor/openpam/dist/doc/man/pam_verror.3 vendor/openpam/dist/doc/man/pam_vinfo.3 vendor/openpam/dist/doc/man/pam_vprompt.3 vendor/openpam/dist/include/security/openpam.h vendor/openpam/dist/include/security/openpam_version.h vendor/openpam/dist/lib/Makefile.am vendor/openpam/dist/lib/Makefile.in vendor/openpam/dist/lib/openpam_check_owner_perms.c vendor/openpam/dist/lib/openpam_configure.c vendor/openpam/dist/lib/openpam_constants.h vendor/openpam/dist/lib/openpam_debug.h vendor/openpam/dist/lib/openpam_dynamic.c vendor/openpam/dist/lib/openpam_get_option.c vendor/openpam/dist/lib/openpam_impl.h vendor/openpam/dist/lib/openpam_load.c vendor/openpam/dist/lib/openpam_log.c vendor/openpam/dist/lib/openpam_readline.c vendor/openpam/dist/lib/openpam_set_option.c vendor/openpam/dist/lib/openpam_strlcmp.h vendor/openpam/dist/lib/openpam_strlcpy.h vendor/openpam/dist/lib/openpam_subst.c vendor/openpam/dist/lib/openpam_ttyconv.c vendor/openpam/dist/lib/pam_get_authtok.c
svn commit: r236100 - vendor/openpam/MICRAMPELIS
Author: des Date: Sat May 26 14:24:14 2012 New Revision: 236100 URL: http://svn.freebsd.org/changeset/base/236100 Log: Tag OpenPAM Micrampelis. Added: vendor/openpam/MICRAMPELIS/ - copied from r236099, vendor/openpam/dist/ ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236103 - stable/9/lib/libfetch
Author: des Date: Sat May 26 16:34:39 2012 New Revision: 236103 URL: http://svn.freebsd.org/changeset/base/236103 Log: MFH r225813,r225814,r226537: cosmetic Modified: stable/9/lib/libfetch/common.c stable/9/lib/libfetch/common.h stable/9/lib/libfetch/fetch.3 stable/9/lib/libfetch/fetch.c stable/9/lib/libfetch/fetch.h stable/9/lib/libfetch/file.c stable/9/lib/libfetch/ftp.c stable/9/lib/libfetch/http.c Directory Properties: stable/9/lib/libfetch/ (props changed) Modified: stable/9/lib/libfetch/common.c == --- stable/9/lib/libfetch/common.c Sat May 26 16:26:23 2012 (r236102) +++ stable/9/lib/libfetch/common.c Sat May 26 16:34:39 2012 (r236103) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: stable/9/lib/libfetch/common.h == --- stable/9/lib/libfetch/common.h Sat May 26 16:26:23 2012 (r236102) +++ stable/9/lib/libfetch/common.h Sat May 26 16:34:39 2012 (r236103) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: stable/9/lib/libfetch/fetch.3 == --- stable/9/lib/libfetch/fetch.3 Sat May 26 16:26:23 2012 (r236102) +++ stable/9/lib/libfetch/fetch.3 Sat May 26 16:34:39 2012 (r236103) @@ -1,5 +1,5 @@ .\- -.\ Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav +.\ Copyright (c) 1998-2011 Dag-Erling Smørgrav .\ All rights reserved. .\ .\ Redistribution and use in source and binary forms, with or without @@ -25,7 +25,7 @@ .\ .\ $FreeBSD$ .\ -.Dd January 26, 2010 +.Dd September 27, 2011 .Dt FETCH 3 .Os .Sh NAME Modified: stable/9/lib/libfetch/fetch.c == --- stable/9/lib/libfetch/fetch.c Sat May 26 16:26:23 2012 (r236102) +++ stable/9/lib/libfetch/fetch.c Sat May 26 16:34:39 2012 (r236103) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2004 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: stable/9/lib/libfetch/fetch.h == --- stable/9/lib/libfetch/fetch.h Sat May 26 16:26:23 2012 (r236102) +++ stable/9/lib/libfetch/fetch.h Sat May 26 16:34:39 2012 (r236103) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2004 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: stable/9/lib/libfetch/file.c == --- stable/9/lib/libfetch/file.cSat May 26 16:26:23 2012 (r236102) +++ stable/9/lib/libfetch/file.cSat May 26 16:34:39 2012 (r236103) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: stable/9/lib/libfetch/ftp.c == --- stable/9/lib/libfetch/ftp.c Sat May 26 16:26:23 2012(r236102) +++ stable/9/lib/libfetch/ftp.c Sat May 26 16:34:39 2012(r236103) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -41,7 +41,7 @@ __FBSDID($FreeBSD$); * * Major Changelog: * - * Dag-Erling Co�dan Sm�rgrav + * Dag-Erling Smørgrav * 9 Jun 1998 * * Incorporated into libfetch Modified: stable/9/lib/libfetch/http.c == --- stable/9/lib/libfetch/http.cSat May 26 16:26:23 2012 (r236102) +++ stable/9/lib/libfetch/http.cSat May 26 16:34:39 2012 (r236103) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2000-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 2000-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send
svn commit: r236104 - stable/9/lib/libfetch
Author: des Date: Sat May 26 16:37:43 2012 New Revision: 236104 URL: http://svn.freebsd.org/changeset/base/236104 Log: MFH r230478: fix nits in already-merged r230307. Modified: stable/9/lib/libfetch/common.c Directory Properties: stable/9/lib/libfetch/ (props changed) Modified: stable/9/lib/libfetch/common.c == --- stable/9/lib/libfetch/common.c Sat May 26 16:34:39 2012 (r236103) +++ stable/9/lib/libfetch/common.c Sat May 26 16:37:43 2012 (r236104) @@ -416,7 +416,6 @@ fetch_cache_data(conn_t *conn, char *src if (conn-cache.size nbytes) { tmp = realloc(conn-cache.buf, nbytes); if (tmp == NULL) { - errno = ENOMEM; fetch_syserr(); return (-1); } @@ -481,7 +480,7 @@ fetch_read(conn_t *conn, char *buf, size conn-cache.len -= total; conn-cache.pos += total; len -= total; - buf+= total; + buf += total; } while (len 0) { ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236105 - stable/9/lib/libfetch
Author: des Date: Sat May 26 16:42:47 2012 New Revision: 236105 URL: http://svn.freebsd.org/changeset/base/236105 Log: MFH r233648: cosmetic Modified: stable/9/lib/libfetch/fetch.3 Directory Properties: stable/9/lib/libfetch/ (props changed) Modified: stable/9/lib/libfetch/fetch.3 == --- stable/9/lib/libfetch/fetch.3 Sat May 26 16:37:43 2012 (r236104) +++ stable/9/lib/libfetch/fetch.3 Sat May 26 16:42:47 2012 (r236105) @@ -375,7 +375,7 @@ If the (if-modified-since) flag is specified, and the .Va ims_time -field is set in +field is set in .Vt struct url , then .Fn fetchXGetHTTP ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236106 - head/lib/libpam/modules/pam_ssh
Author: des Date: Sat May 26 17:03:45 2012 New Revision: 236106 URL: http://svn.freebsd.org/changeset/base/236106 Log: Passing NULL as a key casues a segfault when loading SSH 1 keys. Use an empty string instead. Modified: head/lib/libpam/modules/pam_ssh/pam_ssh.c Modified: head/lib/libpam/modules/pam_ssh/pam_ssh.c == --- head/lib/libpam/modules/pam_ssh/pam_ssh.c Sat May 26 16:42:47 2012 (r236105) +++ head/lib/libpam/modules/pam_ssh/pam_ssh.c Sat May 26 17:03:45 2012 (r236106) @@ -112,7 +112,7 @@ pam_ssh_load_key(const char *dir, const * with an empty passphrase, and if the key is not encrypted, * accept only an empty passphrase. */ - key = key_load_private(fn, NULL, comment); + key = key_load_private(fn, , comment); if (key != NULL !(*passphrase == '\0' nullok)) { key_free(key); return (NULL); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236108 - stable/9/lib/libfetch
Author: des Date: Sat May 26 17:08:01 2012 New Revision: 236108 URL: http://svn.freebsd.org/changeset/base/236108 Log: MFH r234837: avoid busy-loop on slow connections when no timeout is set. MFH r234838: don't reuse credentials when redirected to a different host. Modified: stable/9/lib/libfetch/common.c stable/9/lib/libfetch/http.c Directory Properties: stable/9/lib/libfetch/ (props changed) Modified: stable/9/lib/libfetch/common.c == --- stable/9/lib/libfetch/common.c Sat May 26 17:07:34 2012 (r236107) +++ stable/9/lib/libfetch/common.c Sat May 26 17:08:01 2012 (r236108) @@ -455,11 +455,9 @@ fetch_read(conn_t *conn, char *buf, size struct timeval now, timeout, delta; fd_set readfds; ssize_t rlen, total; - int r; char *start; - if (fetchTimeout) { - FD_ZERO(readfds); + if (fetchTimeout 0) { gettimeofday(timeout, NULL); timeout.tv_sec += fetchTimeout; } @@ -523,23 +521,21 @@ fetch_read(conn_t *conn, char *buf, size return (-1); } // assert(rlen == FETCH_READ_WAIT); - while (fetchTimeout !FD_ISSET(conn-sd, readfds)) { + FD_ZERO(readfds); + while (!FD_ISSET(conn-sd, readfds)) { FD_SET(conn-sd, readfds); - gettimeofday(now, NULL); - delta.tv_sec = timeout.tv_sec - now.tv_sec; - delta.tv_usec = timeout.tv_usec - now.tv_usec; - if (delta.tv_usec 0) { - delta.tv_usec += 100; - delta.tv_sec--; - } - if (delta.tv_sec 0) { - errno = ETIMEDOUT; - fetch_syserr(); - return (-1); + if (fetchTimeout 0) { + gettimeofday(now, NULL); + if (!timercmp(timeout, now, )) { + errno = ETIMEDOUT; + fetch_syserr(); + return (-1); + } + timersub(timeout, now, delta); } errno = 0; - r = select(conn-sd + 1, readfds, NULL, NULL, delta); - if (r == -1) { + if (select(conn-sd + 1, readfds, NULL, NULL, + fetchTimeout 0 ? delta : NULL) 0) { if (errno == EINTR) { if (fetchRestartCalls) continue; Modified: stable/9/lib/libfetch/http.c == --- stable/9/lib/libfetch/http.cSat May 26 17:07:34 2012 (r236107) +++ stable/9/lib/libfetch/http.cSat May 26 17:08:01 2012 (r236108) @@ -1779,7 +1779,9 @@ http_request(struct url *URL, const char DEBUG(fprintf(stderr, failed to parse new URL\n)); goto ouch; } - if (!*new-user !*new-pwd) { + + /* Only copy credentials if the host matches */ + if (!strcmp(new-host, url-host) !*new-user !*new-pwd) { strcpy(new-user, url-user); strcpy(new-pwd, url-pwd); } ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236109 - in head: contrib/openpam contrib/openpam/bin contrib/openpam/bin/openpam_dump_policy contrib/openpam/bin/pamtest contrib/openpam/bin/su contrib/openpam/doc/man contrib/openpam...
Author: des Date: Sat May 26 17:10:16 2012 New Revision: 236109 URL: http://svn.freebsd.org/changeset/base/236109 Log: Update to OpenPAM Micrampelis. Added: head/contrib/openpam/TODO - copied unchanged from r236101, vendor/openpam/dist/TODO head/contrib/openpam/bin/openpam_dump_policy/ - copied from r236101, vendor/openpam/dist/bin/openpam_dump_policy/ head/contrib/openpam/doc/man/openpam_get_feature.3 - copied unchanged from r236101, vendor/openpam/dist/doc/man/openpam_get_feature.3 head/contrib/openpam/doc/man/openpam_readlinev.3 - copied unchanged from r236101, vendor/openpam/dist/doc/man/openpam_readlinev.3 head/contrib/openpam/doc/man/openpam_readword.3 - copied unchanged from r236101, vendor/openpam/dist/doc/man/openpam_readword.3 head/contrib/openpam/doc/man/openpam_set_feature.3 - copied unchanged from r236101, vendor/openpam/dist/doc/man/openpam_set_feature.3 head/contrib/openpam/doc/man/openpam_straddch.3 - copied unchanged from r236101, vendor/openpam/dist/doc/man/openpam_straddch.3 head/contrib/openpam/lib/openpam_ctype.h - copied unchanged from r236101, vendor/openpam/dist/lib/openpam_ctype.h head/contrib/openpam/lib/openpam_features.c - copied unchanged from r236101, vendor/openpam/dist/lib/openpam_features.c head/contrib/openpam/lib/openpam_features.h - copied unchanged from r236101, vendor/openpam/dist/lib/openpam_features.h head/contrib/openpam/lib/openpam_get_feature.c - copied unchanged from r236101, vendor/openpam/dist/lib/openpam_get_feature.c head/contrib/openpam/lib/openpam_readlinev.c - copied unchanged from r236101, vendor/openpam/dist/lib/openpam_readlinev.c head/contrib/openpam/lib/openpam_readword.c - copied unchanged from r236101, vendor/openpam/dist/lib/openpam_readword.c head/contrib/openpam/lib/openpam_set_feature.c - copied unchanged from r236101, vendor/openpam/dist/lib/openpam_set_feature.c head/contrib/openpam/lib/openpam_straddch.c - copied unchanged from r236101, vendor/openpam/dist/lib/openpam_straddch.c head/contrib/openpam/lib/openpam_strlcat.h - copied unchanged from r236101, vendor/openpam/dist/lib/openpam_strlcat.h head/contrib/openpam/pamgdb.in - copied unchanged from r236101, vendor/openpam/dist/pamgdb.in head/contrib/openpam/t/ - copied from r236101, vendor/openpam/dist/t/ head/usr.bin/pamtest/ head/usr.bin/pamtest/Makefile (contents, props changed) Modified: head/contrib/openpam/CREDITS head/contrib/openpam/HISTORY head/contrib/openpam/LICENSE head/contrib/openpam/Makefile.am head/contrib/openpam/Makefile.in head/contrib/openpam/RELNOTES head/contrib/openpam/aclocal.m4 head/contrib/openpam/bin/Makefile.am head/contrib/openpam/bin/Makefile.in head/contrib/openpam/bin/pamtest/pamtest.1 head/contrib/openpam/bin/pamtest/pamtest.c head/contrib/openpam/bin/su/su.1 head/contrib/openpam/config.h.in head/contrib/openpam/configure head/contrib/openpam/configure.ac head/contrib/openpam/doc/man/Makefile.am head/contrib/openpam/doc/man/Makefile.in head/contrib/openpam/doc/man/openpam.3 head/contrib/openpam/doc/man/openpam_borrow_cred.3 head/contrib/openpam/doc/man/openpam_free_data.3 head/contrib/openpam/doc/man/openpam_free_envlist.3 head/contrib/openpam/doc/man/openpam_get_option.3 head/contrib/openpam/doc/man/openpam_log.3 head/contrib/openpam/doc/man/openpam_nullconv.3 head/contrib/openpam/doc/man/openpam_readline.3 head/contrib/openpam/doc/man/openpam_restore_cred.3 head/contrib/openpam/doc/man/openpam_set_option.3 head/contrib/openpam/doc/man/openpam_subst.3 head/contrib/openpam/doc/man/openpam_ttyconv.3 head/contrib/openpam/doc/man/pam.3 head/contrib/openpam/doc/man/pam.conf.5 head/contrib/openpam/doc/man/pam_acct_mgmt.3 head/contrib/openpam/doc/man/pam_authenticate.3 head/contrib/openpam/doc/man/pam_chauthtok.3 head/contrib/openpam/doc/man/pam_close_session.3 head/contrib/openpam/doc/man/pam_conv.3 head/contrib/openpam/doc/man/pam_end.3 head/contrib/openpam/doc/man/pam_error.3 head/contrib/openpam/doc/man/pam_get_authtok.3 head/contrib/openpam/doc/man/pam_get_data.3 head/contrib/openpam/doc/man/pam_get_item.3 head/contrib/openpam/doc/man/pam_get_user.3 head/contrib/openpam/doc/man/pam_getenv.3 head/contrib/openpam/doc/man/pam_getenvlist.3 head/contrib/openpam/doc/man/pam_info.3 head/contrib/openpam/doc/man/pam_open_session.3 head/contrib/openpam/doc/man/pam_prompt.3 head/contrib/openpam/doc/man/pam_putenv.3 head/contrib/openpam/doc/man/pam_set_data.3 head/contrib/openpam/doc/man/pam_set_item.3 head/contrib/openpam/doc/man/pam_setcred.3 head/contrib/openpam/doc/man/pam_setenv.3 head/contrib/openpam/doc/man/pam_sm_acct_mgmt.3 head/contrib/openpam/doc/man/pam_sm_authenticate.3 head/contrib/openpam/doc/man/pam_sm_chauthtok.3 head/contrib/openpam/doc/man/pam_sm_close_session.3
svn commit: r236110 - head/usr.bin/fetch
Author: des Date: Sat May 26 17:19:41 2012 New Revision: 236110 URL: http://svn.freebsd.org/changeset/base/236110 Log: Revert r232274 - unauthorized, unnecessary and incorrect. Modified: head/usr.bin/fetch/fetch.1 Modified: head/usr.bin/fetch/fetch.1 == --- head/usr.bin/fetch/fetch.1 Sat May 26 17:10:16 2012(r236109) +++ head/usr.bin/fetch/fetch.1 Sat May 26 17:19:41 2012(r236110) @@ -1,5 +1,5 @@ .\- -.\ Copyright (c) 2000-2012 Dag-Erling Smørgrav +.\ Copyright (c) 2000-2011 Dag-Erling Smørgrav .\ All rights reserved. .\ Portions Copyright (c) 1999 Massachusetts Institute of Technology; used .\ by permission. @@ -29,7 +29,7 @@ .\ .\ $FreeBSD$ .\ -.Dd February 28, 2012 +.Dd September 27, 2011 .Dt FETCH 1 .Os .Sh NAME @@ -214,11 +214,6 @@ When the flag is specified, wait this many seconds between successive retries. .El .Pp -.Ar URL -.Bd -literal -scheme:(//(user(:pwd)?@)?host(:port)?)?/(document)? -.Ed -.Pp If .Nm receives a ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236111 - stable/9/lib/msun/src
Author: des Date: Sat May 26 17:28:57 2012 New Revision: 236111 URL: http://svn.freebsd.org/changeset/base/236111 Log: MFH r234685: utf8 and drop middle name Modified: stable/9/lib/msun/src/s_fabsl.c Directory Properties: stable/9/lib/msun/ (props changed) Modified: stable/9/lib/msun/src/s_fabsl.c == --- stable/9/lib/msun/src/s_fabsl.c Sat May 26 17:19:41 2012 (r236110) +++ stable/9/lib/msun/src/s_fabsl.c Sat May 26 17:28:57 2012 (r236111) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2003 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 2003 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236112 - stable/9/usr.bin/unzip
Author: des Date: Sat May 26 17:37:07 2012 New Revision: 236112 URL: http://svn.freebsd.org/changeset/base/236112 Log: MFH r234311: utf8 and drop middle name Modified: stable/9/usr.bin/unzip/unzip.1 stable/9/usr.bin/unzip/unzip.c Directory Properties: stable/9/usr.bin/unzip/ (props changed) Modified: stable/9/usr.bin/unzip/unzip.1 == --- stable/9/usr.bin/unzip/unzip.1 Sat May 26 17:28:57 2012 (r236111) +++ stable/9/usr.bin/unzip/unzip.1 Sat May 26 17:37:07 2012 (r236112) @@ -1,5 +1,5 @@ .\- -.\ Copyright (c) 2007-2008 Dag-Erling Co�dan Sm�rgrav +.\ Copyright (c) 2007-2008 Dag-Erling Smørgrav .\ All rights reserved. .\ .\ Redistribution and use in source and binary forms, with or without Modified: stable/9/usr.bin/unzip/unzip.c == --- stable/9/usr.bin/unzip/unzip.c Sat May 26 17:28:57 2012 (r236111) +++ stable/9/usr.bin/unzip/unzip.c Sat May 26 17:37:07 2012 (r236112) @@ -1,6 +1,6 @@ /*- * Copyright (c) 2009 Joerg Sonnenberger jo...@netbsd.org - * Copyright (c) 2007-2008 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 2007-2008 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236113 - stable/9/sbin/geom/class/part
Author: des Date: Sat May 26 17:38:55 2012 New Revision: 236113 URL: http://svn.freebsd.org/changeset/base/236113 Log: MFH r230059: improve examples Modified: stable/9/sbin/geom/class/part/gpart.8 Directory Properties: stable/9/sbin/geom/class/part/ (props changed) Modified: stable/9/sbin/geom/class/part/gpart.8 == --- stable/9/sbin/geom/class/part/gpart.8 Sat May 26 17:37:07 2012 (r236112) +++ stable/9/sbin/geom/class/part/gpart.8 Sat May 26 17:38:55 2012 (r236113) @@ -996,17 +996,21 @@ partition that can boot from a .Cm freebsd-ufs partition, and install bootstrap code into it. -This partition must be larger than -.Pa /boot/gptboot , -or the GPT boot you are planning to write, but smaller than 545 KB. -A size of 15 blocks (7680 bytes) would be sufficient for -booting from UFS but 128 blocks (64 KB) is used in -this example to reserve some space for potential -future need (e.g.\ a larger +This partition must be larger than the bootstrap code +.Po +usually either +.Pa /boot/gptboot +or .Pa /boot/gptzfsboot -for booting from a ZFS partition). +.Pc , +but smaller than 545 kB since the first-stage loader will load the +entire partition into memory during boot, regardless of how much data +it actually contains. +This example uses 94 blocks (47 kB) so the next partition will be +aligned on a 64 kB boundary without the need to specify an explicit +offset or alignment. .Bd -literal -offset indent -/sbin/gpart add -b 34 -s 128 -t freebsd-boot ad0 +/sbin/gpart add -b 34 -s 94 -t freebsd-boot ad0 /sbin/gpart bootcode -p /boot/gptboot -i 1 ad0 .Ed .Pp @@ -1014,7 +1018,7 @@ Create a 512MB-sized .Cm freebsd-ufs partition to contain a UFS filesystem from which the system can boot. .Bd -literal -offset indent -/sbin/gpart add -b 162 -s 1048576 -t freebsd-ufs ad0 +/sbin/gpart add -s 512M -t freebsd-ufs ad0 .Ed .Pp Create an MBR scheme on ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236114 - stable/9/share/mk
Author: des Date: Sat May 26 17:53:35 2012 New Revision: 236114 URL: http://svn.freebsd.org/changeset/base/236114 Log: MFH r227797, 227932: add {STATIC,SHARED}_{C,CXX}FLAGS Modified: stable/9/share/mk/bsd.lib.mk Directory Properties: stable/9/share/mk/ (props changed) Modified: stable/9/share/mk/bsd.lib.mk == --- stable/9/share/mk/bsd.lib.mkSat May 26 17:38:55 2012 (r236113) +++ stable/9/share/mk/bsd.lib.mkSat May 26 17:53:35 2012 (r236114) @@ -67,23 +67,32 @@ PICFLAG=-fpic PO_FLAG=-pg +.c.o: + ${CC} ${STATIC_CFLAGS} ${CFLAGS} -c ${.IMPSRC} -o ${.TARGET} + @[ -z ${CTFCONVERT} -o -n ${NO_CTF} ] || \ + (${ECHO} ${CTFCONVERT} ${CTFFLAGS} ${.TARGET} \ + ${CTFCONVERT} ${CTFFLAGS} ${.TARGET}) + .c.po: - ${CC} ${PO_FLAG} ${PO_CFLAGS} -c ${.IMPSRC} -o ${.TARGET} + ${CC} ${PO_FLAG} ${STATIC_CFLAGS} ${PO_CFLAGS} -c ${.IMPSRC} -o ${.TARGET} @[ -z ${CTFCONVERT} -o -n ${NO_CTF} ] || \ (${ECHO} ${CTFCONVERT} ${CTFFLAGS} ${.TARGET} \ ${CTFCONVERT} ${CTFFLAGS} ${.TARGET}) .c.So: - ${CC} ${PICFLAG} -DPIC ${CFLAGS} -c ${.IMPSRC} -o ${.TARGET} + ${CC} ${PICFLAG} -DPIC ${SHARED_CFLAGS} ${CFLAGS} -c ${.IMPSRC} -o ${.TARGET} @[ -z ${CTFCONVERT} -o -n ${NO_CTF} ] || \ (${ECHO} ${CTFCONVERT} ${CTFFLAGS} ${.TARGET} \ ${CTFCONVERT} ${CTFFLAGS} ${.TARGET}) +.cc.o: + ${CXX} ${STATIC_CXXFLAGS} ${CXXFLAGS} -c ${.IMPSRC} -o ${.TARGET} + .cc.po .C.po .cpp.po .cxx.po: - ${CXX} ${PO_FLAG} ${PO_CXXFLAGS} -c ${.IMPSRC} -o ${.TARGET} + ${CXX} ${PO_FLAG} ${STATIC_CXXFLAGS} ${PO_CXXFLAGS} -c ${.IMPSRC} -o ${.TARGET} .cc.So .C.So .cpp.So .cxx.So: - ${CXX} ${PICFLAG} -DPIC ${CXXFLAGS} -c ${.IMPSRC} -o ${.TARGET} + ${CXX} ${PICFLAG} -DPIC ${SHARED_CXXFLAGS} ${CXXFLAGS} -c ${.IMPSRC} -o ${.TARGET} .f.po: ${FC} -pg ${FFLAGS} -o ${.TARGET} -c ${.IMPSRC} ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236115 - in stable/9/lib/libpam: . modules
Author: des Date: Sat May 26 17:56:54 2012 New Revision: 236115 URL: http://svn.freebsd.org/changeset/base/236115 Log: MFH r227798, r227933: simplify build by using STATIC_CFLAGS Modified: stable/9/lib/libpam/Makefile.inc stable/9/lib/libpam/modules/Makefile.inc Directory Properties: stable/9/lib/libpam/ (props changed) Modified: stable/9/lib/libpam/Makefile.inc == --- stable/9/lib/libpam/Makefile.incSat May 26 17:53:35 2012 (r236114) +++ stable/9/lib/libpam/Makefile.incSat May 26 17:56:54 2012 (r236115) @@ -31,4 +31,6 @@ DEBUG_FLAGS+= -DDEBUG SHLIB_MAJOR= 5 PAM_MOD_DIR= ${LIBDIR} +STATIC_CFLAGS+=-DOPENPAM_STATIC_MODULES + .include ../Makefile.inc Modified: stable/9/lib/libpam/modules/Makefile.inc == --- stable/9/lib/libpam/modules/Makefile.incSat May 26 17:53:35 2012 (r236114) +++ stable/9/lib/libpam/modules/Makefile.incSat May 26 17:56:54 2012 (r236115) @@ -18,7 +18,4 @@ DPADD+= ${LIBPAM} LDADD+=-lpam .endif -.c.o: - ${CC} ${CFLAGS} -DOPENPAM_STATIC_MODULES -c ${.IMPSRC} - .include ../Makefile.inc ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236116 - stable/9/lib/libpam/libpam
Author: des Date: Sat May 26 18:20:30 2012 New Revision: 236116 URL: http://svn.freebsd.org/changeset/base/236116 Log: MFH r226625, 226632: document what openpam_static.c is for Modified: stable/9/lib/libpam/libpam/Makefile Directory Properties: stable/9/lib/libpam/ (props changed) Modified: stable/9/lib/libpam/libpam/Makefile == --- stable/9/lib/libpam/libpam/Makefile Sat May 26 17:56:54 2012 (r236115) +++ stable/9/lib/libpam/libpam/Makefile Sat May 26 18:20:30 2012 (r236116) @@ -148,7 +148,15 @@ HEADERS= security/openpam.h \ ADD_HEADERS= security/pam_mod_misc.h +# # Static modules +# +# We build static versions of all modules and of openpam_static.o, +# then link them all together into openpam_static_modules.o. None of +# the modules export any symbols, but they store structures with +# pointers to their service functions in a linker set which the code +# in openpam_static.c traverses to locate the individual modules. +# MODULE_DIR=../modules .include ${.CURDIR}/${MODULE_DIR}/modules.inc STATIC_MODULES=${MODULES:C/.*/${MODULE_DIR}\/\/lib.a/} @@ -159,7 +167,8 @@ CLEANFILES+=openpam_static.o \ openpam_static_modules.o: openpam_static.o ${STATIC_MODULES} ${LD} -o ${.TARGET} -r --whole-archive ${.ALLSRC} -# Can't put openpam_static.c in SRCS but want .o in .depend. +# We can't put openpam_static.c in SRCS, but we still want to scan it +# for dependencies. DPSRCS=openpam_static.c # Headers ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236124 - vendor/openpam/dist/lib
Author: des Date: Sat May 26 23:07:45 2012 New Revision: 236124 URL: http://svn.freebsd.org/changeset/base/236124 Log: OpenPAM Micrampelis was re-rolled due to a showstopper bug. Modified: vendor/openpam/dist/lib/openpam_configure.c Modified: vendor/openpam/dist/lib/openpam_configure.c == --- vendor/openpam/dist/lib/openpam_configure.c Sat May 26 22:47:56 2012 (r236123) +++ vendor/openpam/dist/lib/openpam_configure.c Sat May 26 23:07:45 2012 (r236124) @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_configure.c 601 2012-04-14 20:37:45Z des $ + * $Id: openpam_configure.c 612 2012-05-26 23:02:55Z des $ */ #ifdef HAVE_CONFIG_H @@ -261,6 +261,8 @@ openpam_parse_chain(pam_handle_t *pamh, this-optc = wordc - i; for (i = 0; i wordc - this-optc; ++i) { FREE(wordv[i]); + } + for (i = 0; i this-optc; ++i) { wordv[i] = wordv[wordc - this-optc + i]; wordv[wordc - this-optc + i] = NULL; } ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236125 - vendor/openpam/MICRAMPELIS/lib
Author: des Date: Sat May 26 23:08:53 2012 New Revision: 236125 URL: http://svn.freebsd.org/changeset/base/236125 Log: OpenPAM Micrampelis was re-rolled due to a showstopper bug. Modified: vendor/openpam/MICRAMPELIS/lib/openpam_configure.c Directory Properties: vendor/openpam/MICRAMPELIS/ (props changed) Modified: vendor/openpam/MICRAMPELIS/lib/openpam_configure.c == --- vendor/openpam/MICRAMPELIS/lib/openpam_configure.c Sat May 26 23:07:45 2012(r236124) +++ vendor/openpam/MICRAMPELIS/lib/openpam_configure.c Sat May 26 23:08:53 2012(r236125) @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_configure.c 601 2012-04-14 20:37:45Z des $ + * $Id: openpam_configure.c 612 2012-05-26 23:02:55Z des $ */ #ifdef HAVE_CONFIG_H @@ -261,6 +261,8 @@ openpam_parse_chain(pam_handle_t *pamh, this-optc = wordc - i; for (i = 0; i wordc - this-optc; ++i) { FREE(wordv[i]); + } + for (i = 0; i this-optc; ++i) { wordv[i] = wordv[wordc - this-optc + i]; wordv[wordc - this-optc + i] = NULL; } ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236126 - head/contrib/openpam/lib
Author: des Date: Sat May 26 23:10:21 2012 New Revision: 236126 URL: http://svn.freebsd.org/changeset/base/236126 Log: OpenPAM Micrampelis was re-rolled due to a showstopper bug. Modified: head/contrib/openpam/lib/openpam_configure.c Directory Properties: head/contrib/openpam/ (props changed) Modified: head/contrib/openpam/lib/openpam_configure.c == --- head/contrib/openpam/lib/openpam_configure.cSat May 26 23:08:53 2012(r236125) +++ head/contrib/openpam/lib/openpam_configure.cSat May 26 23:10:21 2012(r236126) @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_configure.c 601 2012-04-14 20:37:45Z des $ + * $Id: openpam_configure.c 612 2012-05-26 23:02:55Z des $ */ #ifdef HAVE_CONFIG_H @@ -261,6 +261,8 @@ openpam_parse_chain(pam_handle_t *pamh, this-optc = wordc - i; for (i = 0; i wordc - this-optc; ++i) { FREE(wordv[i]); + } + for (i = 0; i this-optc; ++i) { wordv[i] = wordv[wordc - this-optc + i]; wordv[wordc - this-optc + i] = NULL; } ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236128 - stable/9
Author: des Date: Sat May 26 23:42:52 2012 New Revision: 236128 URL: http://svn.freebsd.org/changeset/base/236128 Log: Make yacc a bootstrap tool if building on head, since the new yacc is not 100% backward compatible. Also, build yacc before lex, because lex requires yacc but not vice versa. Modified: stable/9/Makefile.inc1 Modified: stable/9/Makefile.inc1 == --- stable/9/Makefile.inc1 Sat May 26 23:10:36 2012(r236127) +++ stable/9/Makefile.inc1 Sat May 26 23:42:52 2012(r236128) @@ -1026,6 +1026,9 @@ _sed= usr.bin/sed .if ${BOOTSTRAPPING} 96 _lex= usr.bin/lex +.endif + +.if ${BOOTSTRAPPING} 96 || ${BOOTSTRAPPING} 112 _yacc= usr.bin/yacc .endif @@ -1080,8 +1083,8 @@ bootstrap-tools: ${_mklocale} \ usr.bin/rpcgen \ ${_sed} \ -${_lex} \ ${_yacc} \ +${_lex} \ usr.bin/xinstall \ ${_gensnmptree} \ usr.sbin/config \ ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236129 - stable/9
Author: des Date: Sat May 26 23:48:56 2012 New Revision: 236129 URL: http://svn.freebsd.org/changeset/base/236129 Log: nit: use = 113 instead of 112 Modified: stable/9/Makefile.inc1 Modified: stable/9/Makefile.inc1 == --- stable/9/Makefile.inc1 Sat May 26 23:42:52 2012(r236128) +++ stable/9/Makefile.inc1 Sat May 26 23:48:56 2012(r236129) @@ -1028,7 +1028,7 @@ _sed= usr.bin/sed _lex= usr.bin/lex .endif -.if ${BOOTSTRAPPING} 96 || ${BOOTSTRAPPING} 112 +.if ${BOOTSTRAPPING} 96 || ${BOOTSTRAPPING} = 113 _yacc= usr.bin/yacc .endif ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236131 - stable/8
Author: des Date: Sun May 27 00:21:27 2012 New Revision: 236131 URL: http://svn.freebsd.org/changeset/base/236131 Log: Make yacc a bootstrap tool if building on head, since the new yacc is not 100% backward compatible. Modified: stable/8/Makefile.inc1 Modified: stable/8/Makefile.inc1 == --- stable/8/Makefile.inc1 Sat May 26 23:58:51 2012(r236130) +++ stable/8/Makefile.inc1 Sun May 27 00:21:27 2012(r236131) @@ -934,6 +934,10 @@ _ar= usr.bin/ar _lex= usr.bin/lex .endif +.if ${BOOTSTRAPPING} = 113 +_yacc= usr.bin/yacc +.endif + .if ${BOOTSTRAPPING} 800013 _mklocale= usr.bin/mklocale .endif @@ -959,6 +963,7 @@ bootstrap-tools: ${_gperf} \ ${_groff} \ ${_ar} \ +${_yacc} \ ${_lex} \ usr.bin/lorder \ usr.bin/makewhatis \ ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r235788 - in head: . sys/sys
Author: des Date: Tue May 22 15:59:07 2012 New Revision: 235788 URL: http://svn.freebsd.org/changeset/base/235788 Log: Bump __FreeBSD_version for the byacc import, and update _bootstrap_tools. Modified: head/Makefile.inc1 head/sys/sys/param.h Modified: head/Makefile.inc1 == --- head/Makefile.inc1 Tue May 22 15:58:27 2012(r235787) +++ head/Makefile.inc1 Tue May 22 15:59:07 2012(r235788) @@ -1021,6 +1021,9 @@ _sed= usr.bin/sed .if ${BOOTSTRAPPING} 96 _lex= usr.bin/lex +.endif + +.if ${BOOTSTRAPPING} 113 _yacc= usr.bin/yacc .endif @@ -1081,8 +1084,8 @@ bootstrap-tools: ${_mklocale} \ usr.bin/rpcgen \ ${_sed} \ -${_lex} \ ${_yacc} \ +${_lex} \ usr.bin/xinstall \ ${_gensnmptree} \ usr.sbin/config Modified: head/sys/sys/param.h == --- head/sys/sys/param.hTue May 22 15:58:27 2012(r235787) +++ head/sys/sys/param.hTue May 22 15:59:07 2012(r235788) @@ -58,7 +58,7 @@ * in the range 5 to 9. */ #undef __FreeBSD_version -#define __FreeBSD_version 112 /* Master, propagated to newvers */ +#define __FreeBSD_version 113 /* Master, propagated to newvers */ /* * __FreeBSD_kernel__ indicates that this system uses the kernel of FreeBSD, ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r234837 - head/lib/libfetch
Author: des Date: Mon Apr 30 12:11:45 2012 New Revision: 234837 URL: http://svn.freebsd.org/changeset/base/234837 Log: Since the socket is non-blocking, it is necessary to use select(2) even when there is no timeout, because read(2) will return immediately if there is no data waiting in the TCP buffer, causing fetch_read() to busy-loop on slow connections. MFC after:3 weeks Noticed by: Yanhui Shen shen@gmail.com Modified: head/lib/libfetch/common.c Modified: head/lib/libfetch/common.c == --- head/lib/libfetch/common.c Mon Apr 30 11:28:17 2012(r234836) +++ head/lib/libfetch/common.c Mon Apr 30 12:11:45 2012(r234837) @@ -455,11 +455,9 @@ fetch_read(conn_t *conn, char *buf, size struct timeval now, timeout, delta; fd_set readfds; ssize_t rlen, total; - int r; char *start; - if (fetchTimeout) { - FD_ZERO(readfds); + if (fetchTimeout 0) { gettimeofday(timeout, NULL); timeout.tv_sec += fetchTimeout; } @@ -523,23 +521,21 @@ fetch_read(conn_t *conn, char *buf, size return (-1); } // assert(rlen == FETCH_READ_WAIT); - while (fetchTimeout !FD_ISSET(conn-sd, readfds)) { + FD_ZERO(readfds); + while (!FD_ISSET(conn-sd, readfds)) { FD_SET(conn-sd, readfds); - gettimeofday(now, NULL); - delta.tv_sec = timeout.tv_sec - now.tv_sec; - delta.tv_usec = timeout.tv_usec - now.tv_usec; - if (delta.tv_usec 0) { - delta.tv_usec += 100; - delta.tv_sec--; - } - if (delta.tv_sec 0) { - errno = ETIMEDOUT; - fetch_syserr(); - return (-1); + if (fetchTimeout 0) { + gettimeofday(now, NULL); + if (!timercmp(timeout, now, )) { + errno = ETIMEDOUT; + fetch_syserr(); + return (-1); + } + timersub(timeout, now, delta); } errno = 0; - r = select(conn-sd + 1, readfds, NULL, NULL, delta); - if (r == -1) { + if (select(conn-sd + 1, readfds, NULL, NULL, + fetchTimeout 0 ? delta : NULL) 0) { if (errno == EINTR) { if (fetchRestartCalls) continue; ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r234838 - head/lib/libfetch
Author: des Date: Mon Apr 30 12:12:48 2012 New Revision: 234838 URL: http://svn.freebsd.org/changeset/base/234838 Log: Don't reuse credentials if redirected to a different host. Submitted by: Niels Heinen hein...@google.com MFC after:3 weeks Modified: head/lib/libfetch/http.c Modified: head/lib/libfetch/http.c == --- head/lib/libfetch/http.cMon Apr 30 12:11:45 2012(r234837) +++ head/lib/libfetch/http.cMon Apr 30 12:12:48 2012(r234838) @@ -1779,7 +1779,9 @@ http_request(struct url *URL, const char DEBUG(fprintf(stderr, failed to parse new URL\n)); goto ouch; } - if (!*new-user !*new-pwd) { + + /* Only copy credentials if the host matches */ + if (!strcmp(new-host, url-host) !*new-user !*new-pwd) { strcpy(new-user, url-user); strcpy(new-pwd, url-pwd); } ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r234729 - head/contrib/openpam/lib
Author: des Date: Fri Apr 27 11:29:09 2012 New Revision: 234729 URL: http://svn.freebsd.org/changeset/base/234729 Log: r234173 missed one instance of FREE(line). Noticed by: glebius@ Modified: head/contrib/openpam/lib/openpam_configure.c Modified: head/contrib/openpam/lib/openpam_configure.c == --- head/contrib/openpam/lib/openpam_configure.cFri Apr 27 09:22:46 2012(r234728) +++ head/contrib/openpam/lib/openpam_configure.cFri Apr 27 11:29:09 2012(r234729) @@ -501,7 +501,7 @@ fail: FREE(this-optv); } FREE(this); - FREE(line); + FREE(line0); FREE(name); fclose(f); return (PAM_SYSTEM_ERR); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r234741 - stable/8/lib/libpam/modules/pam_unix
Author: des Date: Fri Apr 27 21:40:51 2012 New Revision: 234741 URL: http://svn.freebsd.org/changeset/base/234741 Log: MFH r203377, r215680, r227044, r227105: mainly, respect passwordtime. PR: 93310, 93473 Modified: stable/8/lib/libpam/modules/pam_unix/pam_unix.8 stable/8/lib/libpam/modules/pam_unix/pam_unix.c Modified: stable/8/lib/libpam/modules/pam_unix/pam_unix.8 == --- stable/8/lib/libpam/modules/pam_unix/pam_unix.8 Fri Apr 27 20:23:24 2012(r234740) +++ stable/8/lib/libpam/modules/pam_unix/pam_unix.8 Fri Apr 27 21:40:51 2012(r234741) @@ -188,3 +188,9 @@ password database. .Xr pam 8 , .Xr pw 8 , .Xr yp 8 +.Sh BUGS +The +.Nm +module ignores the +.Dv PAM_CHANGE_EXPIRED_AUTHTOK +flag. Modified: stable/8/lib/libpam/modules/pam_unix/pam_unix.c == --- stable/8/lib/libpam/modules/pam_unix/pam_unix.c Fri Apr 27 20:23:24 2012(r234740) +++ stable/8/lib/libpam/modules/pam_unix/pam_unix.c Fri Apr 27 21:40:51 2012(r234741) @@ -50,6 +50,7 @@ __FBSDID($FreeBSD$); #include string.h #include stdio.h #include syslog.h +#include time.h #include unistd.h #include libutil.h @@ -80,8 +81,6 @@ static char password_hash[] = PASSWORD_ #define PAM_OPT_LOCAL_PASS local_pass #define PAM_OPT_NIS_PASS nis_pass -char *tempname = NULL; - /* * authentication management */ @@ -271,10 +270,11 @@ pam_sm_chauthtok(pam_handle_t *pamh, int const void *yp_domain, *yp_server; #endif char salt[SALTSIZE + 1]; - login_cap_t * lc; + login_cap_t *lc; struct passwd *pwd, *old_pwd; const char *user, *old_pass, *new_pass; char *encrypted; + time_t passwordtime; int pfd, tfd, retval; if (openpam_get_option(pamh, PAM_OPT_AUTH_AS_SELF)) @@ -377,11 +377,17 @@ pam_sm_chauthtok(pam_handle_t *pamh, int if ((old_pwd = pw_dup(pwd)) == NULL) return (PAM_BUF_ERR); - pwd-pw_change = 0; lc = login_getclass(pwd-pw_class); if (login_setcryptfmt(lc, password_hash, NULL) == NULL) openpam_log(PAM_LOG_ERROR, can't set password cipher, relying on default); + + /* set password expiry date */ + pwd-pw_change = 0; + passwordtime = login_getcaptime(lc, passwordtime, 0, 0); + if (passwordtime 0) + pwd-pw_change = time(NULL) + passwordtime; + login_close(lc); makesalt(salt); pwd-pw_passwd = crypt(new_pass, salt); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r234685 - head/lib/msun/src
Author: des Date: Wed Apr 25 18:07:35 2012 New Revision: 234685 URL: http://svn.freebsd.org/changeset/base/234685 Log: I stopped using my middle name years ago. Modified: head/lib/msun/src/s_fabsl.c Modified: head/lib/msun/src/s_fabsl.c == --- head/lib/msun/src/s_fabsl.c Wed Apr 25 17:54:26 2012(r234684) +++ head/lib/msun/src/s_fabsl.c Wed Apr 25 18:07:35 2012(r234685) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2003 Dag-Erling Coïdan Smørgrav + * Copyright (c) 2003 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r234311 - head/usr.bin/unzip
Author: des Date: Sun Apr 15 13:39:39 2012 New Revision: 234311 URL: http://svn.freebsd.org/changeset/base/234311 Log: Correct my name in the copyright statement. Modified: head/usr.bin/unzip/unzip.1 head/usr.bin/unzip/unzip.c Modified: head/usr.bin/unzip/unzip.1 == --- head/usr.bin/unzip/unzip.1 Sun Apr 15 13:25:51 2012(r234310) +++ head/usr.bin/unzip/unzip.1 Sun Apr 15 13:39:39 2012(r234311) @@ -1,5 +1,5 @@ .\- -.\ Copyright (c) 2007-2008 Dag-Erling Coïdan Smørgrav +.\ Copyright (c) 2007-2008 Dag-Erling Smørgrav .\ All rights reserved. .\ .\ Redistribution and use in source and binary forms, with or without Modified: head/usr.bin/unzip/unzip.c == --- head/usr.bin/unzip/unzip.c Sun Apr 15 13:25:51 2012(r234310) +++ head/usr.bin/unzip/unzip.c Sun Apr 15 13:39:39 2012(r234311) @@ -1,6 +1,6 @@ /*- * Copyright (c) 2009 Joerg Sonnenberger jo...@netbsd.org - * Copyright (c) 2007-2008 Dag-Erling Coïdan Smørgrav + * Copyright (c) 2007-2008 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r234173 - head/contrib/openpam/lib
Author: des Date: Thu Apr 12 11:23:24 2012 New Revision: 234173 URL: http://svn.freebsd.org/changeset/base/234173 Log: Keep a copy of the original pointer returned by openpam_readline() so we can free it later, instead of trying to free a pointer that points to the end of the buffer. Committed to head because this code no longer exists upstream. Submitted by: jasone@ Modified: head/contrib/openpam/lib/openpam_configure.c Modified: head/contrib/openpam/lib/openpam_configure.c == --- head/contrib/openpam/lib/openpam_configure.cThu Apr 12 10:48:43 2012(r234172) +++ head/contrib/openpam/lib/openpam_configure.cThu Apr 12 11:23:24 2012(r234173) @@ -360,7 +360,7 @@ openpam_parse_chain(pam_handle_t *pamh, pam_chain_t *this, **next; pam_facility_t fclt; pam_control_t ctlf; - char *line, *str, *name; + char *line0, *line, *str, *name; char *option, **optv; int len, lineno, ret; FILE *f; @@ -377,18 +377,18 @@ openpam_parse_chain(pam_handle_t *pamh, this = NULL; name = NULL; lineno = 0; - while ((line = openpam_readline(f, lineno, NULL)) != NULL) { + while ((line0 = line = openpam_readline(f, lineno, NULL)) != NULL) { /* get service name if necessary */ if (style == pam_conf_style) { if ((len = parse_service_name(line, str)) == 0) { openpam_log(PAM_LOG_NOTICE, %s(%d): invalid service name (ignored), filename, lineno); - FREE(line); + FREE(line0); continue; } if (strlcmp(service, str, len) != 0) { - FREE(line); + FREE(line0); continue; } } @@ -401,7 +401,7 @@ openpam_parse_chain(pam_handle_t *pamh, goto fail; } if (facility != fclt facility != PAM_FACILITY_ANY) { - FREE(line); + FREE(line0); continue; } @@ -425,7 +425,7 @@ openpam_parse_chain(pam_handle_t *pamh, FREE(name); if (ret != PAM_SUCCESS) goto fail; - FREE(line); + FREE(line0); continue; } @@ -486,7 +486,7 @@ openpam_parse_chain(pam_handle_t *pamh, this = NULL; /* next please... */ - FREE(line); + FREE(line0); } if (!feof(f)) goto syserr; ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r231676 - in stable/9: etc etc/rc.d share/man/man8
Author: des Date: Tue Feb 14 12:43:33 2012 New Revision: 231676 URL: http://svn.freebsd.org/changeset/base/231676 Log: MFH r230007, r230388: document quiet*, fix devd/dhclient interaction. Modified: stable/9/etc/rc.d/dhclient stable/9/etc/rc.subr stable/9/share/man/man8/rc.subr.8 Directory Properties: stable/9/etc/ (props changed) stable/9/share/man/ (props changed) Modified: stable/9/etc/rc.d/dhclient == --- stable/9/etc/rc.d/dhclient Tue Feb 14 12:13:04 2012(r231675) +++ stable/9/etc/rc.d/dhclient Tue Feb 14 12:43:33 2012(r231676) @@ -22,7 +22,14 @@ stop_precmd=dhclient_pre_check dhclient_pre_check() { if [ -z ${rc_force} ] ! dhcpif $ifn; then - err 1 '$ifn' is not a DHCP-enabled interface + local msg + msg='$ifn' is not a DHCP-enabled interface + if [ -z ${rc_quiet} ]; then + echo $msg + else + debug $msg + fi + exit 1 fi } Modified: stable/9/etc/rc.subr == --- stable/9/etc/rc.subrTue Feb 14 12:13:04 2012(r231675) +++ stable/9/etc/rc.subrTue Feb 14 12:43:33 2012(r231676) @@ -1117,7 +1117,7 @@ load_rc_config_var() # rc_usage() { - echo -n 12 Usage: $0 [fast|force|one]( + echo -n 12 Usage: $0 [fast|force|one|quiet]( _sep= for _elem; do Modified: stable/9/share/man/man8/rc.subr.8 == --- stable/9/share/man/man8/rc.subr.8 Tue Feb 14 12:13:04 2012 (r231675) +++ stable/9/share/man/man8/rc.subr.8 Tue Feb 14 12:43:33 2012 (r231676) @@ -339,7 +339,7 @@ with being the list of valid arguments prefixed by .Sm off -.Dq Bq Li fast | force | one . +.Dq Bq Li fast | force | one | quiet . .Sm on .It Ic reverse_list Ar item ... Print the list of @@ -427,6 +427,22 @@ Skip the checks for being set to .Dq Li YES , but performs all the other prerequisite tests. +.It Li quiet +Inhibits some verbose diagnostics. +Currently, this includes messages +.Qq Starting ${name} +(as checked by +.Ic check_startmsgs +inside +.Nm ) +and errors about usage of services that are not enabled in +.Xr rc.conf 5 . +This prefix also sets +.Va rc_quiet Ns = Ns Li YES . +.Em Please, note: +.Va rc_quiet +is not intended to completely mask all debug and warning messages, +but only certain small classes of them. .El .Pp .Ic run_rc_command ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r231677 - in stable/8: etc etc/rc.d share/man/man8
Author: des Date: Tue Feb 14 12:47:57 2012 New Revision: 231677 URL: http://svn.freebsd.org/changeset/base/231677 Log: MFH r230007, r230388: document quiet*, fix devd/dhclient interaction. Modified: stable/8/etc/rc.d/dhclient stable/8/etc/rc.subr stable/8/share/man/man8/rc.subr.8 Directory Properties: stable/8/etc/ (props changed) stable/8/share/man/ (props changed) stable/8/share/man/man8/ (props changed) Modified: stable/8/etc/rc.d/dhclient == --- stable/8/etc/rc.d/dhclient Tue Feb 14 12:43:33 2012(r231676) +++ stable/8/etc/rc.d/dhclient Tue Feb 14 12:47:57 2012(r231677) @@ -22,7 +22,14 @@ stop_precmd=dhclient_pre_check dhclient_pre_check() { if [ -z ${rc_force} ] ! dhcpif $ifn; then - err 1 '$ifn' is not a DHCP-enabled interface + local msg + msg='$ifn' is not a DHCP-enabled interface + if [ -z ${rc_quiet} ]; then + echo $msg + else + debug $msg + fi + exit 1 fi } Modified: stable/8/etc/rc.subr == --- stable/8/etc/rc.subrTue Feb 14 12:43:33 2012(r231676) +++ stable/8/etc/rc.subrTue Feb 14 12:47:57 2012(r231677) @@ -1121,7 +1121,7 @@ load_rc_config_var() # rc_usage() { - echo -n 12 Usage: $0 [fast|force|one]( + echo -n 12 Usage: $0 [fast|force|one|quiet]( _sep= for _elem; do Modified: stable/8/share/man/man8/rc.subr.8 == --- stable/8/share/man/man8/rc.subr.8 Tue Feb 14 12:43:33 2012 (r231676) +++ stable/8/share/man/man8/rc.subr.8 Tue Feb 14 12:47:57 2012 (r231677) @@ -375,7 +375,7 @@ with being the list of valid arguments prefixed by .Sm off -.Dq Bq Li fast | force | one . +.Dq Bq Li fast | force | one | quiet . .Sm on .It Ic reverse_list Ar item ... Print the list of @@ -463,6 +463,22 @@ Skip the checks for being set to .Dq Li YES , but performs all the other prerequisite tests. +.It Li quiet +Inhibits some verbose diagnostics. +Currently, this includes messages +.Qq Starting ${name} +(as checked by +.Ic check_startmsgs +inside +.Nm ) +and errors about usage of services that are not enabled in +.Xr rc.conf 5 . +This prefix also sets +.Va rc_quiet Ns = Ns Li YES . +.Em Please, note: +.Va rc_quiet +is not intended to completely mask all debug and warning messages, +but only certain small classes of them. .El .Pp .Ic run_rc_command ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r230478 - head/lib/libfetch
Author: des Date: Mon Jan 23 09:23:07 2012 New Revision: 230478 URL: http://svn.freebsd.org/changeset/base/230478 Log: Fix two nits in previous commit pointed out by pjd@. MFC after:3 weeks Modified: head/lib/libfetch/common.c Modified: head/lib/libfetch/common.c == --- head/lib/libfetch/common.c Mon Jan 23 08:30:17 2012(r230477) +++ head/lib/libfetch/common.c Mon Jan 23 09:23:07 2012(r230478) @@ -416,7 +416,6 @@ fetch_cache_data(conn_t *conn, char *src if (conn-cache.size nbytes) { tmp = realloc(conn-cache.buf, nbytes); if (tmp == NULL) { - errno = ENOMEM; fetch_syserr(); return (-1); } @@ -481,7 +480,7 @@ fetch_read(conn_t *conn, char *buf, size conn-cache.len -= total; conn-cache.pos += total; len -= total; - buf+= total; + buf += total; } while (len 0) { ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r230307 - in head: lib/libfetch usr.bin/fetch
Author: des Date: Wed Jan 18 15:13:21 2012 New Revision: 230307 URL: http://svn.freebsd.org/changeset/base/230307 Log: Fix two issues related to the use of SIGINFO in fetch(1) to display progress information. The first is that fetch_read() (used in the HTTP code but not the FTP code) can enter an infinite loop if it has previously been interrupted by a signal. The second is that when it is interrupted, fetch_read() will discard any data it may have read up to that point. Luckily, both bugs are extremely timing-sensitive and therefore difficult to trigger. PR: bin/153240 Submitted by: Mark mark...@gmail.com MFC after:3 weeks Modified: head/lib/libfetch/common.c head/lib/libfetch/common.h head/lib/libfetch/http.c head/usr.bin/fetch/fetch.c Modified: head/lib/libfetch/common.c == --- head/lib/libfetch/common.c Wed Jan 18 14:41:26 2012(r230306) +++ head/lib/libfetch/common.c Wed Jan 18 15:13:21 2012(r230307) @@ -404,6 +404,34 @@ fetch_ssl_read(SSL *ssl, char *buf, size } #endif +/* + * Cache some data that was read from a socket but cannot be immediately + * returned because of an interrupted system call. + */ +static int +fetch_cache_data(conn_t *conn, char *src, size_t nbytes) +{ + char *tmp; + + if (conn-cache.size nbytes) { + tmp = realloc(conn-cache.buf, nbytes); + if (tmp == NULL) { + errno = ENOMEM; + fetch_syserr(); + return (-1); + } + conn-cache.buf = tmp; + conn-cache.size = nbytes; + } + + memcpy(conn-cache.buf, src, nbytes); + conn-cache.len = nbytes; + conn-cache.pos = 0; + + return (0); +} + + static ssize_t fetch_socket_read(int sd, char *buf, size_t len) { @@ -429,6 +457,7 @@ fetch_read(conn_t *conn, char *buf, size fd_set readfds; ssize_t rlen, total; int r; + char *start; if (fetchTimeout) { FD_ZERO(readfds); @@ -437,6 +466,24 @@ fetch_read(conn_t *conn, char *buf, size } total = 0; + start = buf; + + if (conn-cache.len 0) { + /* +* The last invocation of fetch_read was interrupted by a +* signal after some data had been read from the socket. Copy +* the cached data into the supplied buffer before trying to +* read from the socket again. +*/ + total = (conn-cache.len len) ? conn-cache.len : len; + memcpy(buf, conn-cache.buf, total); + + conn-cache.len -= total; + conn-cache.pos += total; + len -= total; + buf+= total; + } + while (len 0) { /* * The socket is non-blocking. Instead of the canonical @@ -472,6 +519,8 @@ fetch_read(conn_t *conn, char *buf, size total += rlen; continue; } else if (rlen == FETCH_READ_ERROR) { + if (errno == EINTR) + fetch_cache_data(conn, start, total); return (-1); } // assert(rlen == FETCH_READ_WAIT); @@ -492,8 +541,12 @@ fetch_read(conn_t *conn, char *buf, size errno = 0; r = select(conn-sd + 1, readfds, NULL, NULL, delta); if (r == -1) { - if (errno == EINTR fetchRestartCalls) - continue; + if (errno == EINTR) { + if (fetchRestartCalls) + continue; + /* Save anything that was read. */ + fetch_cache_data(conn, start, total); + } fetch_syserr(); return (-1); } @@ -677,6 +730,7 @@ fetch_close(conn_t *conn) if (--conn-ref 0) return (0); ret = close(conn-sd); + free(conn-cache.buf); free(conn-buf); free(conn); return (ret); Modified: head/lib/libfetch/common.h == --- head/lib/libfetch/common.h Wed Jan 18 14:41:26 2012(r230306) +++ head/lib/libfetch/common.h Wed Jan 18 15:13:21 2012(r230307) @@ -52,6 +52,13 @@ struct fetchconn { size_t bufsize; /* buffer size */ size_t buflen;/* length of buffer contents */ int err; /* last protocol reply code */ + struct {/*
svn commit: r230059 - head/sbin/geom/class/part
Author: des Date: Fri Jan 13 12:40:33 2012 New Revision: 230059 URL: http://svn.freebsd.org/changeset/base/230059 Log: Provide a better explanation for the sizing of the boot partition, and reduce the size of the partition in the example from 128 blocks to 94 blocks so it will end on a 128-block boundary. Also remove the -b option from the next example. MFC after:3 weeks Modified: head/sbin/geom/class/part/gpart.8 Modified: head/sbin/geom/class/part/gpart.8 == --- head/sbin/geom/class/part/gpart.8 Fri Jan 13 11:58:06 2012 (r230058) +++ head/sbin/geom/class/part/gpart.8 Fri Jan 13 12:40:33 2012 (r230059) @@ -960,17 +960,21 @@ partition that can boot from a .Cm freebsd-ufs partition, and install bootstrap code into it. -This partition must be larger than -.Pa /boot/gptboot , -or the GPT boot you are planning to write, but smaller than 545 KB. -A size of 15 blocks (7680 bytes) would be sufficient for -booting from UFS but 128 blocks (64 KB) is used in -this example to reserve some space for potential -future need (e.g.\ a larger +This partition must be larger than the bootstrap code +.Po +usually either +.Pa /boot/gptboot +or .Pa /boot/gptzfsboot -for booting from a ZFS partition). +.Pc , +but smaller than 545 kB since the first-stage loader will load the +entire partition into memory during boot, regardless of how much data +it actually contains. +This example uses 94 blocks (47 kB) so the next partition will be +aligned on a 64 kB boundary without the need to specify an explicit +offset or alignment. .Bd -literal -offset indent -/sbin/gpart add -b 34 -s 128 -t freebsd-boot ad0 +/sbin/gpart add -b 34 -s 94 -t freebsd-boot ad0 /sbin/gpart bootcode -p /boot/gptboot -i 1 ad0 .Ed .Pp @@ -978,7 +982,7 @@ Create a 512MB-sized .Cm freebsd-ufs partition to contain a UFS filesystem from which the system can boot. .Bd -literal -offset indent -/sbin/gpart add -b 162 -s 1048576 -t freebsd-ufs ad0 +/sbin/gpart add -s 512M -t freebsd-ufs ad0 .Ed .Pp Create an MBR scheme on ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228848 - svnadmin/conf
Author: des Date: Fri Dec 23 20:03:18 2011 New Revision: 228848 URL: http://svn.freebsd.org/changeset/base/228848 Log: give bapt@ a src bit Approved by: core Modified: svnadmin/conf/access svnadmin/conf/mentors Modified: svnadmin/conf/access == --- svnadmin/conf/accessFri Dec 23 19:53:28 2011(r228847) +++ svnadmin/conf/accessFri Dec 23 20:03:18 2011(r228848) @@ -34,6 +34,7 @@ art attilio avatar avg +bapt bde benl benno Modified: svnadmin/conf/mentors == --- svnadmin/conf/mentors Fri Dec 23 19:53:28 2011(r228847) +++ svnadmin/conf/mentors Fri Dec 23 20:03:18 2011(r228848) @@ -13,6 +13,7 @@ anchie bz andrew imp artavg Co-mentor: marcel +bapt des benl philip Co-mentor: simon erimlaier Co-mentor: thompsa gber cognet ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228809 - vendor/openpam/dist/lib
Author: des Date: Thu Dec 22 18:10:15 2011 New Revision: 228809 URL: http://svn.freebsd.org/changeset/base/228809 Log: Merge upstream r509: don't log an error in the common case (ENOENT). Modified: vendor/openpam/dist/lib/openpam_check_owner_perms.c Modified: vendor/openpam/dist/lib/openpam_check_owner_perms.c == --- vendor/openpam/dist/lib/openpam_check_owner_perms.c Thu Dec 22 16:40:35 2011(r228808) +++ vendor/openpam/dist/lib/openpam_check_owner_perms.c Thu Dec 22 18:10:15 2011(r228809) @@ -104,9 +104,11 @@ openpam_check_path_owner_perms(const cha len = strlen(pathbuf); while (len 0) { if (stat(pathbuf, sb) != 0) { - serrno = errno; - openpam_log(PAM_LOG_ERROR, %s: %m, pathbuf); - errno = serrno; + if (errno != ENOENT) { + serrno = errno; + openpam_log(PAM_LOG_ERROR, %s: %m, pathbuf); + errno = serrno; + } return (-1); } if ((sb.st_uid != root sb.st_uid != arbitrator) || ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228810 - head/contrib/openpam/lib
Author: des Date: Thu Dec 22 18:12:51 2011 New Revision: 228810 URL: http://svn.freebsd.org/changeset/base/228810 Log: Merge upstream r509: don't log an error in the common case (ENOENT). Modified: head/contrib/openpam/lib/openpam_check_owner_perms.c Directory Properties: head/contrib/openpam/ (props changed) Modified: head/contrib/openpam/lib/openpam_check_owner_perms.c == --- head/contrib/openpam/lib/openpam_check_owner_perms.cThu Dec 22 18:10:15 2011(r228809) +++ head/contrib/openpam/lib/openpam_check_owner_perms.cThu Dec 22 18:12:51 2011(r228810) @@ -104,9 +104,11 @@ openpam_check_path_owner_perms(const cha len = strlen(pathbuf); while (len 0) { if (stat(pathbuf, sb) != 0) { - serrno = errno; - openpam_log(PAM_LOG_ERROR, %s: %m, pathbuf); - errno = serrno; + if (errno != ENOENT) { + serrno = errno; + openpam_log(PAM_LOG_ERROR, %s: %m, pathbuf); + errno = serrno; + } return (-1); } if ((sb.st_uid != root sb.st_uid != arbitrator) || ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228690 - in vendor/openpam/dist: . bin bin/pamtest bin/su doc doc/man include include/security lib misc modules modules/pam_deny modules/pam_permit modules/pam_unix
Author: des Date: Sun Dec 18 17:08:40 2011 New Revision: 228690 URL: http://svn.freebsd.org/changeset/base/228690 Log: Vendor import of OpenPAM Lycopsida. Added: vendor/openpam/dist/bin/pamtest/ vendor/openpam/dist/bin/pamtest/Makefile.am vendor/openpam/dist/bin/pamtest/Makefile.in vendor/openpam/dist/bin/pamtest/pamtest.1 vendor/openpam/dist/bin/pamtest/pamtest.c vendor/openpam/dist/bin/su/su.1 vendor/openpam/dist/doc/man/openpam_subst.3 vendor/openpam/dist/lib/openpam_check_owner_perms.c vendor/openpam/dist/lib/openpam_constants.c vendor/openpam/dist/lib/openpam_constants.h vendor/openpam/dist/lib/openpam_debug.h vendor/openpam/dist/lib/openpam_strlcmp.h vendor/openpam/dist/lib/openpam_strlcpy.h vendor/openpam/dist/lib/openpam_subst.c Modified: vendor/openpam/dist/CREDITS vendor/openpam/dist/HISTORY vendor/openpam/dist/LICENSE vendor/openpam/dist/Makefile.am vendor/openpam/dist/Makefile.in vendor/openpam/dist/README vendor/openpam/dist/RELNOTES vendor/openpam/dist/aclocal.m4 vendor/openpam/dist/bin/Makefile.am vendor/openpam/dist/bin/Makefile.in vendor/openpam/dist/bin/su/Makefile.am vendor/openpam/dist/bin/su/Makefile.in vendor/openpam/dist/bin/su/su.c vendor/openpam/dist/config.h.in vendor/openpam/dist/configure vendor/openpam/dist/configure.ac vendor/openpam/dist/depcomp vendor/openpam/dist/doc/Makefile.in vendor/openpam/dist/doc/man/Makefile.am vendor/openpam/dist/doc/man/Makefile.in vendor/openpam/dist/doc/man/openpam.3 vendor/openpam/dist/doc/man/openpam_borrow_cred.3 vendor/openpam/dist/doc/man/openpam_free_data.3 vendor/openpam/dist/doc/man/openpam_free_envlist.3 vendor/openpam/dist/doc/man/openpam_get_option.3 vendor/openpam/dist/doc/man/openpam_log.3 vendor/openpam/dist/doc/man/openpam_nullconv.3 vendor/openpam/dist/doc/man/openpam_readline.3 vendor/openpam/dist/doc/man/openpam_restore_cred.3 vendor/openpam/dist/doc/man/openpam_set_option.3 vendor/openpam/dist/doc/man/openpam_ttyconv.3 vendor/openpam/dist/doc/man/pam.3 vendor/openpam/dist/doc/man/pam.conf.5 vendor/openpam/dist/doc/man/pam_acct_mgmt.3 vendor/openpam/dist/doc/man/pam_authenticate.3 vendor/openpam/dist/doc/man/pam_chauthtok.3 vendor/openpam/dist/doc/man/pam_close_session.3 vendor/openpam/dist/doc/man/pam_conv.3 vendor/openpam/dist/doc/man/pam_end.3 vendor/openpam/dist/doc/man/pam_error.3 vendor/openpam/dist/doc/man/pam_get_authtok.3 vendor/openpam/dist/doc/man/pam_get_data.3 vendor/openpam/dist/doc/man/pam_get_item.3 vendor/openpam/dist/doc/man/pam_get_user.3 vendor/openpam/dist/doc/man/pam_getenv.3 vendor/openpam/dist/doc/man/pam_getenvlist.3 vendor/openpam/dist/doc/man/pam_info.3 vendor/openpam/dist/doc/man/pam_open_session.3 vendor/openpam/dist/doc/man/pam_prompt.3 vendor/openpam/dist/doc/man/pam_putenv.3 vendor/openpam/dist/doc/man/pam_set_data.3 vendor/openpam/dist/doc/man/pam_set_item.3 vendor/openpam/dist/doc/man/pam_setcred.3 vendor/openpam/dist/doc/man/pam_setenv.3 vendor/openpam/dist/doc/man/pam_sm_acct_mgmt.3 vendor/openpam/dist/doc/man/pam_sm_authenticate.3 vendor/openpam/dist/doc/man/pam_sm_chauthtok.3 vendor/openpam/dist/doc/man/pam_sm_close_session.3 vendor/openpam/dist/doc/man/pam_sm_open_session.3 vendor/openpam/dist/doc/man/pam_sm_setcred.3 vendor/openpam/dist/doc/man/pam_start.3 vendor/openpam/dist/doc/man/pam_strerror.3 vendor/openpam/dist/doc/man/pam_verror.3 vendor/openpam/dist/doc/man/pam_vinfo.3 vendor/openpam/dist/doc/man/pam_vprompt.3 vendor/openpam/dist/include/Makefile.in vendor/openpam/dist/include/security/Makefile.in vendor/openpam/dist/include/security/openpam.h vendor/openpam/dist/include/security/openpam_version.h vendor/openpam/dist/include/security/pam_appl.h vendor/openpam/dist/include/security/pam_constants.h vendor/openpam/dist/include/security/pam_modules.h vendor/openpam/dist/include/security/pam_types.h vendor/openpam/dist/install-sh vendor/openpam/dist/lib/Makefile.am vendor/openpam/dist/lib/Makefile.in vendor/openpam/dist/lib/openpam_borrow_cred.c vendor/openpam/dist/lib/openpam_configure.c vendor/openpam/dist/lib/openpam_dispatch.c vendor/openpam/dist/lib/openpam_dynamic.c vendor/openpam/dist/lib/openpam_findenv.c vendor/openpam/dist/lib/openpam_free_data.c vendor/openpam/dist/lib/openpam_free_envlist.c vendor/openpam/dist/lib/openpam_get_option.c vendor/openpam/dist/lib/openpam_impl.h vendor/openpam/dist/lib/openpam_load.c vendor/openpam/dist/lib/openpam_log.c vendor/openpam/dist/lib/openpam_nullconv.c vendor/openpam/dist/lib/openpam_readline.c vendor/openpam/dist/lib/openpam_restore_cred.c vendor/openpam/dist/lib/openpam_set_option.c vendor/openpam/dist/lib/openpam_static.c vendor/openpam/dist/lib/openpam_ttyconv.c vendor/openpam/dist/lib/pam_acct_mgmt.c vendor/openpam/dist/lib/pam_authenticate.c vendor/openpam/dist/lib/pam_authenticate_secondary.c
svn commit: r228691 - vendor/openpam/LYCOPSIDA
Author: des Date: Sun Dec 18 17:11:18 2011 New Revision: 228691 URL: http://svn.freebsd.org/changeset/base/228691 Log: Tag OpenPAM Lycopsida Added: vendor/openpam/LYCOPSIDA/ - copied from r228690, vendor/openpam/dist/ ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228692 - in head: contrib/openpam contrib/openpam/bin contrib/openpam/bin/pamtest contrib/openpam/bin/su contrib/openpam/doc contrib/openpam/doc/man contrib/openpam/include contrib/ope...
Author: des Date: Sun Dec 18 17:22:45 2011 New Revision: 228692 URL: http://svn.freebsd.org/changeset/base/228692 Log: Upgrade to OpenPAM Lycopsida. Added: head/contrib/openpam/bin/pamtest/ - copied from r228691, vendor/openpam/dist/bin/pamtest/ head/contrib/openpam/bin/su/su.1 - copied unchanged from r228691, vendor/openpam/dist/bin/su/su.1 head/contrib/openpam/doc/man/openpam_subst.3 - copied unchanged from r228691, vendor/openpam/dist/doc/man/openpam_subst.3 head/contrib/openpam/lib/openpam_check_owner_perms.c - copied unchanged from r228691, vendor/openpam/dist/lib/openpam_check_owner_perms.c head/contrib/openpam/lib/openpam_constants.c - copied unchanged from r228691, vendor/openpam/dist/lib/openpam_constants.c head/contrib/openpam/lib/openpam_constants.h - copied unchanged from r228691, vendor/openpam/dist/lib/openpam_constants.h head/contrib/openpam/lib/openpam_debug.h - copied unchanged from r228691, vendor/openpam/dist/lib/openpam_debug.h head/contrib/openpam/lib/openpam_strlcmp.h - copied unchanged from r228691, vendor/openpam/dist/lib/openpam_strlcmp.h head/contrib/openpam/lib/openpam_strlcpy.h - copied unchanged from r228691, vendor/openpam/dist/lib/openpam_strlcpy.h head/contrib/openpam/lib/openpam_subst.c - copied unchanged from r228691, vendor/openpam/dist/lib/openpam_subst.c Modified: head/contrib/openpam/CREDITS head/contrib/openpam/HISTORY head/contrib/openpam/LICENSE head/contrib/openpam/Makefile.am head/contrib/openpam/Makefile.in head/contrib/openpam/README head/contrib/openpam/RELNOTES head/contrib/openpam/aclocal.m4 head/contrib/openpam/bin/Makefile.am head/contrib/openpam/bin/Makefile.in head/contrib/openpam/bin/su/Makefile.am head/contrib/openpam/bin/su/Makefile.in head/contrib/openpam/bin/su/su.c head/contrib/openpam/config.h.in head/contrib/openpam/configure head/contrib/openpam/configure.ac head/contrib/openpam/depcomp head/contrib/openpam/doc/Makefile.in head/contrib/openpam/doc/man/Makefile.am head/contrib/openpam/doc/man/Makefile.in head/contrib/openpam/doc/man/openpam.3 head/contrib/openpam/doc/man/openpam_borrow_cred.3 head/contrib/openpam/doc/man/openpam_free_data.3 head/contrib/openpam/doc/man/openpam_free_envlist.3 head/contrib/openpam/doc/man/openpam_get_option.3 head/contrib/openpam/doc/man/openpam_log.3 head/contrib/openpam/doc/man/openpam_nullconv.3 head/contrib/openpam/doc/man/openpam_readline.3 head/contrib/openpam/doc/man/openpam_restore_cred.3 head/contrib/openpam/doc/man/openpam_set_option.3 head/contrib/openpam/doc/man/openpam_ttyconv.3 head/contrib/openpam/doc/man/pam.3 head/contrib/openpam/doc/man/pam.conf.5 head/contrib/openpam/doc/man/pam_acct_mgmt.3 head/contrib/openpam/doc/man/pam_authenticate.3 head/contrib/openpam/doc/man/pam_chauthtok.3 head/contrib/openpam/doc/man/pam_close_session.3 head/contrib/openpam/doc/man/pam_conv.3 head/contrib/openpam/doc/man/pam_end.3 head/contrib/openpam/doc/man/pam_error.3 head/contrib/openpam/doc/man/pam_get_authtok.3 head/contrib/openpam/doc/man/pam_get_data.3 head/contrib/openpam/doc/man/pam_get_item.3 head/contrib/openpam/doc/man/pam_get_user.3 head/contrib/openpam/doc/man/pam_getenv.3 head/contrib/openpam/doc/man/pam_getenvlist.3 head/contrib/openpam/doc/man/pam_info.3 head/contrib/openpam/doc/man/pam_open_session.3 head/contrib/openpam/doc/man/pam_prompt.3 head/contrib/openpam/doc/man/pam_putenv.3 head/contrib/openpam/doc/man/pam_set_data.3 head/contrib/openpam/doc/man/pam_set_item.3 head/contrib/openpam/doc/man/pam_setcred.3 head/contrib/openpam/doc/man/pam_setenv.3 head/contrib/openpam/doc/man/pam_sm_acct_mgmt.3 head/contrib/openpam/doc/man/pam_sm_authenticate.3 head/contrib/openpam/doc/man/pam_sm_chauthtok.3 head/contrib/openpam/doc/man/pam_sm_close_session.3 head/contrib/openpam/doc/man/pam_sm_open_session.3 head/contrib/openpam/doc/man/pam_sm_setcred.3 head/contrib/openpam/doc/man/pam_start.3 head/contrib/openpam/doc/man/pam_strerror.3 head/contrib/openpam/doc/man/pam_verror.3 head/contrib/openpam/doc/man/pam_vinfo.3 head/contrib/openpam/doc/man/pam_vprompt.3 head/contrib/openpam/include/Makefile.in head/contrib/openpam/include/security/Makefile.in head/contrib/openpam/include/security/openpam.h head/contrib/openpam/include/security/openpam_version.h head/contrib/openpam/include/security/pam_appl.h head/contrib/openpam/include/security/pam_constants.h head/contrib/openpam/include/security/pam_modules.h head/contrib/openpam/include/security/pam_types.h head/contrib/openpam/install-sh head/contrib/openpam/lib/Makefile.am head/contrib/openpam/lib/Makefile.in head/contrib/openpam/lib/openpam_borrow_cred.c head/contrib/openpam/lib/openpam_configure.c head/contrib/openpam/lib/openpam_dispatch.c head/contrib/openpam/lib/openpam_dynamic.c head/contrib/openpam/lib/openpam_findenv.c
svn commit: r228464 - stable/9/contrib/openpam/lib
Author: des Date: Tue Dec 13 12:59:39 2011 New Revision: 228464 URL: http://svn.freebsd.org/changeset/base/228464 Log: MFH r228384: validate the service name Approved by: re (kib) Security: some poorly thought out programs allow the user to specify the service name; this patch makes it harder to trick these programs into loading and executing arbitrary code. Modified: stable/9/contrib/openpam/lib/openpam_configure.c Directory Properties: stable/9/contrib/openpam/ (props changed) Modified: stable/9/contrib/openpam/lib/openpam_configure.c == --- stable/9/contrib/openpam/lib/openpam_configure.cTue Dec 13 11:54:51 2011(r228463) +++ stable/9/contrib/openpam/lib/openpam_configure.cTue Dec 13 12:59:39 2011(r228464) @@ -285,6 +285,13 @@ openpam_load_chain(pam_handle_t *pamh, size_t len; int r; + /* don't allow to escape from policy_path */ + if (strchr(service, '/')) { + openpam_log(PAM_LOG_ERROR, invalid service name: %s, + service); + return (-PAM_SYSTEM_ERR); + } + for (path = openpam_policy_path; *path != NULL; ++path) { len = strlen(*path); if ((*path)[len - 1] == '/') { ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228465 - releng/9.0/contrib/openpam/lib
Author: des Date: Tue Dec 13 13:02:31 2011 New Revision: 228465 URL: http://svn.freebsd.org/changeset/base/228465 Log: MFH r228384: validate the service name Approved by: re (kib) Security: some poorly thought out programs allow the user to specify the service name; this patch makes it harder to trick these programs into loading and executing arbitrary code. Modified: releng/9.0/contrib/openpam/lib/openpam_configure.c Directory Properties: releng/9.0/contrib/openpam/ (props changed) Modified: releng/9.0/contrib/openpam/lib/openpam_configure.c == --- releng/9.0/contrib/openpam/lib/openpam_configure.c Tue Dec 13 12:59:39 2011(r228464) +++ releng/9.0/contrib/openpam/lib/openpam_configure.c Tue Dec 13 13:02:31 2011(r228465) @@ -285,6 +285,13 @@ openpam_load_chain(pam_handle_t *pamh, size_t len; int r; + /* don't allow to escape from policy_path */ + if (strchr(service, '/')) { + openpam_log(PAM_LOG_ERROR, invalid service name: %s, + service); + return (-PAM_SYSTEM_ERR); + } + for (path = openpam_policy_path; *path != NULL; ++path) { len = strlen(*path); if ((*path)[len - 1] == '/') { ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228466 - stable/8/contrib/openpam/lib
Author: des Date: Tue Dec 13 13:02:52 2011 New Revision: 228466 URL: http://svn.freebsd.org/changeset/base/228466 Log: MFH r228384: validate the service name Security: some poorly thought out programs allow the user to specify the service name; this patch makes it harder to trick these programs into loading and executing arbitrary code. Modified: stable/8/contrib/openpam/lib/openpam_configure.c Directory Properties: stable/8/contrib/openpam/ (props changed) Modified: stable/8/contrib/openpam/lib/openpam_configure.c == --- stable/8/contrib/openpam/lib/openpam_configure.cTue Dec 13 13:02:31 2011(r228465) +++ stable/8/contrib/openpam/lib/openpam_configure.cTue Dec 13 13:02:52 2011(r228466) @@ -285,6 +285,13 @@ openpam_load_chain(pam_handle_t *pamh, size_t len; int r; + /* don't allow to escape from policy_path */ + if (strchr(service, '/')) { + openpam_log(PAM_LOG_ERROR, invalid service name: %s, + service); + return (-PAM_SYSTEM_ERR); + } + for (path = openpam_policy_path; *path != NULL; ++path) { len = strlen(*path); if ((*path)[len - 1] == '/') { ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228467 - stable/7/contrib/openpam/lib
Author: des Date: Tue Dec 13 13:03:11 2011 New Revision: 228467 URL: http://svn.freebsd.org/changeset/base/228467 Log: MFH r228384: validate the service name Security: some poorly thought out programs allow the user to specify the service name; this patch makes it harder to trick these programs into loading and executing arbitrary code. Modified: stable/7/contrib/openpam/lib/openpam_configure.c Directory Properties: stable/7/contrib/openpam/ (props changed) Modified: stable/7/contrib/openpam/lib/openpam_configure.c == --- stable/7/contrib/openpam/lib/openpam_configure.cTue Dec 13 13:02:52 2011(r228466) +++ stable/7/contrib/openpam/lib/openpam_configure.cTue Dec 13 13:03:11 2011(r228467) @@ -285,6 +285,13 @@ openpam_load_chain(pam_handle_t *pamh, size_t len; int r; + /* don't allow to escape from policy_path */ + if (strchr(service, '/')) { + openpam_log(PAM_LOG_ERROR, invalid service name: %s, + service); + return (-PAM_SYSTEM_ERR); + } + for (path = openpam_policy_path; *path != NULL; ++path) { len = strlen(*path); if ((*path)[len - 1] == '/') { ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228410 - stable/9/lib/libpam/modules/pam_ssh
Author: des Date: Sun Dec 11 16:57:27 2011 New Revision: 228410 URL: http://svn.freebsd.org/changeset/base/228410 Log: MFH r227757: check for null passphrases, since openssl doesn't Approved by: re (kib) Security: prevents users with unencrypted ssh keys (prohibited unless the nullok option is specified) from logging in by providing a bogus non-null passphrase. Modified: stable/9/lib/libpam/modules/pam_ssh/pam_ssh.c Directory Properties: stable/9/lib/libpam/ (props changed) Modified: stable/9/lib/libpam/modules/pam_ssh/pam_ssh.c == --- stable/9/lib/libpam/modules/pam_ssh/pam_ssh.c Sun Dec 11 14:01:11 2011(r228409) +++ stable/9/lib/libpam/modules/pam_ssh/pam_ssh.c Sun Dec 11 16:57:27 2011(r228410) @@ -91,7 +91,8 @@ static char *const pam_ssh_agent_envp[] * struct pam_ssh_key containing the key and its comment. */ static struct pam_ssh_key * -pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase) +pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase, +int nullok) { struct pam_ssh_key *psk; char fn[PATH_MAX]; @@ -101,7 +102,21 @@ pam_ssh_load_key(const char *dir, const if (snprintf(fn, sizeof(fn), %s/%s, dir, kfn) (int)sizeof(fn)) return (NULL); comment = NULL; - key = key_load_private(fn, passphrase, comment); + /* +* If the key is unencrypted, OpenSSL ignores the passphrase, so +* it will seem like the user typed in the right one. This allows +* a user to circumvent nullok by providing a dummy passphrase. +* Verify that the key really *is* encrypted by trying to load it +* with an empty passphrase, and if the key is not encrypted, +* accept only an empty passphrase. +*/ + key = key_load_private(fn, NULL, comment); + if (key != NULL !(*passphrase == '\0' nullok)) { + key_free(key); + return (NULL); + } + if (key == NULL) + key = key_load_private(fn, passphrase, comment); if (key == NULL) { openpam_log(PAM_LOG_DEBUG, failed to load key from %s, fn); return (NULL); @@ -168,9 +183,6 @@ pam_sm_authenticate(pam_handle_t *pamh, if (pam_err != PAM_SUCCESS) return (pam_err); - if (*passphrase == '\0' !nullok) - goto skip_keys; - /* switch to user credentials */ pam_err = openpam_borrow_cred(pamh, pwd); if (pam_err != PAM_SUCCESS) @@ -178,7 +190,7 @@ pam_sm_authenticate(pam_handle_t *pamh, /* try to load keys from all keyfiles we know of */ for (kfn = pam_ssh_keyfiles; *kfn != NULL; ++kfn) { - psk = pam_ssh_load_key(pwd-pw_dir, *kfn, passphrase); + psk = pam_ssh_load_key(pwd-pw_dir, *kfn, passphrase, nullok); if (psk != NULL) { pam_set_data(pamh, *kfn, psk, pam_ssh_free_key); ++nkeys; @@ -188,7 +200,6 @@ pam_sm_authenticate(pam_handle_t *pamh, /* switch back to arbitrator credentials */ openpam_restore_cred(pamh); - skip_keys: /* * If we tried an old token and didn't get anything, and * try_first_pass was specified, try again after prompting the ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228414 - releng/9.0/lib/libpam/modules/pam_ssh
Author: des Date: Sun Dec 11 17:32:37 2011 New Revision: 228414 URL: http://svn.freebsd.org/changeset/base/228414 Log: MFH r228410: check for null passphrases, since openssl doesn't Approved by: re (kib) Security: prevents users with unencrypted ssh keys (prohibited unless the nullok option is specified) from logging in by providing a bogus non-null passphrase. Modified: releng/9.0/lib/libpam/modules/pam_ssh/pam_ssh.c Directory Properties: releng/9.0/lib/libpam/ (props changed) Modified: releng/9.0/lib/libpam/modules/pam_ssh/pam_ssh.c == --- releng/9.0/lib/libpam/modules/pam_ssh/pam_ssh.c Sun Dec 11 17:23:03 2011(r228413) +++ releng/9.0/lib/libpam/modules/pam_ssh/pam_ssh.c Sun Dec 11 17:32:37 2011(r228414) @@ -91,7 +91,8 @@ static char *const pam_ssh_agent_envp[] * struct pam_ssh_key containing the key and its comment. */ static struct pam_ssh_key * -pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase) +pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase, +int nullok) { struct pam_ssh_key *psk; char fn[PATH_MAX]; @@ -101,7 +102,21 @@ pam_ssh_load_key(const char *dir, const if (snprintf(fn, sizeof(fn), %s/%s, dir, kfn) (int)sizeof(fn)) return (NULL); comment = NULL; - key = key_load_private(fn, passphrase, comment); + /* +* If the key is unencrypted, OpenSSL ignores the passphrase, so +* it will seem like the user typed in the right one. This allows +* a user to circumvent nullok by providing a dummy passphrase. +* Verify that the key really *is* encrypted by trying to load it +* with an empty passphrase, and if the key is not encrypted, +* accept only an empty passphrase. +*/ + key = key_load_private(fn, NULL, comment); + if (key != NULL !(*passphrase == '\0' nullok)) { + key_free(key); + return (NULL); + } + if (key == NULL) + key = key_load_private(fn, passphrase, comment); if (key == NULL) { openpam_log(PAM_LOG_DEBUG, failed to load key from %s, fn); return (NULL); @@ -168,9 +183,6 @@ pam_sm_authenticate(pam_handle_t *pamh, if (pam_err != PAM_SUCCESS) return (pam_err); - if (*passphrase == '\0' !nullok) - goto skip_keys; - /* switch to user credentials */ pam_err = openpam_borrow_cred(pamh, pwd); if (pam_err != PAM_SUCCESS) @@ -178,7 +190,7 @@ pam_sm_authenticate(pam_handle_t *pamh, /* try to load keys from all keyfiles we know of */ for (kfn = pam_ssh_keyfiles; *kfn != NULL; ++kfn) { - psk = pam_ssh_load_key(pwd-pw_dir, *kfn, passphrase); + psk = pam_ssh_load_key(pwd-pw_dir, *kfn, passphrase, nullok); if (psk != NULL) { pam_set_data(pamh, *kfn, psk, pam_ssh_free_key); ++nkeys; @@ -188,7 +200,6 @@ pam_sm_authenticate(pam_handle_t *pamh, /* switch back to arbitrator credentials */ openpam_restore_cred(pamh); - skip_keys: /* * If we tried an old token and didn't get anything, and * try_first_pass was specified, try again after prompting the ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228420 - stable/8/lib/libpam/modules/pam_ssh
Author: des Date: Sun Dec 11 20:38:36 2011 New Revision: 228420 URL: http://svn.freebsd.org/changeset/base/228420 Log: MFH r227757: check for null passphrases, since openssl doesn't Security: prevents users with unencrypted ssh keys (prohibited unless the nullok option is specified) from logging in by providing a bogus non-null passphrase. Modified: stable/8/lib/libpam/modules/pam_ssh/pam_ssh.c Directory Properties: stable/8/lib/libpam/ (props changed) Modified: stable/8/lib/libpam/modules/pam_ssh/pam_ssh.c == --- stable/8/lib/libpam/modules/pam_ssh/pam_ssh.c Sun Dec 11 20:01:37 2011(r228419) +++ stable/8/lib/libpam/modules/pam_ssh/pam_ssh.c Sun Dec 11 20:38:36 2011(r228420) @@ -91,7 +91,8 @@ static char *const pam_ssh_agent_envp[] * struct pam_ssh_key containing the key and its comment. */ static struct pam_ssh_key * -pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase) +pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase, +int nullok) { struct pam_ssh_key *psk; char fn[PATH_MAX]; @@ -101,7 +102,21 @@ pam_ssh_load_key(const char *dir, const if (snprintf(fn, sizeof(fn), %s/%s, dir, kfn) (int)sizeof(fn)) return (NULL); comment = NULL; - key = key_load_private(fn, passphrase, comment); + /* +* If the key is unencrypted, OpenSSL ignores the passphrase, so +* it will seem like the user typed in the right one. This allows +* a user to circumvent nullok by providing a dummy passphrase. +* Verify that the key really *is* encrypted by trying to load it +* with an empty passphrase, and if the key is not encrypted, +* accept only an empty passphrase. +*/ + key = key_load_private(fn, NULL, comment); + if (key != NULL !(*passphrase == '\0' nullok)) { + key_free(key); + return (NULL); + } + if (key == NULL) + key = key_load_private(fn, passphrase, comment); if (key == NULL) { openpam_log(PAM_LOG_DEBUG, failed to load key from %s\n, fn); return (NULL); @@ -168,9 +183,6 @@ pam_sm_authenticate(pam_handle_t *pamh, if (pam_err != PAM_SUCCESS) return (pam_err); - if (*passphrase == '\0' !nullok) - goto skip_keys; - /* switch to user credentials */ pam_err = openpam_borrow_cred(pamh, pwd); if (pam_err != PAM_SUCCESS) @@ -178,7 +190,7 @@ pam_sm_authenticate(pam_handle_t *pamh, /* try to load keys from all keyfiles we know of */ for (kfn = pam_ssh_keyfiles; *kfn != NULL; ++kfn) { - psk = pam_ssh_load_key(pwd-pw_dir, *kfn, passphrase); + psk = pam_ssh_load_key(pwd-pw_dir, *kfn, passphrase, nullok); if (psk != NULL) { pam_set_data(pamh, *kfn, psk, pam_ssh_free_key); ++nkeys; @@ -188,7 +200,6 @@ pam_sm_authenticate(pam_handle_t *pamh, /* switch back to arbitrator credentials */ openpam_restore_cred(pamh); - skip_keys: /* * If we tried an old token and didn't get anything, and * try_first_pass was specified, try again after prompting the ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228421 - stable/7/lib/libpam/modules/pam_ssh
Author: des Date: Sun Dec 11 20:40:23 2011 New Revision: 228421 URL: http://svn.freebsd.org/changeset/base/228421 Log: MFH r227757: check for null passphrases, since openssl doesn't Security: prevents users with unencrypted ssh keys (prohibited unless the nullok option is specified) from logging in by providing a bogus non-null passphrase. Modified: stable/7/lib/libpam/modules/pam_ssh/pam_ssh.c Directory Properties: stable/7/lib/libpam/ (props changed) Modified: stable/7/lib/libpam/modules/pam_ssh/pam_ssh.c == --- stable/7/lib/libpam/modules/pam_ssh/pam_ssh.c Sun Dec 11 20:38:36 2011(r228420) +++ stable/7/lib/libpam/modules/pam_ssh/pam_ssh.c Sun Dec 11 20:40:23 2011(r228421) @@ -88,7 +88,8 @@ static char *const pam_ssh_agent_envp[] * struct pam_ssh_key containing the key and its comment. */ static struct pam_ssh_key * -pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase) +pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase, +int nullok) { struct pam_ssh_key *psk; char fn[PATH_MAX]; @@ -98,7 +99,21 @@ pam_ssh_load_key(const char *dir, const if (snprintf(fn, sizeof(fn), %s/%s, dir, kfn) (int)sizeof(fn)) return (NULL); comment = NULL; - key = key_load_private(fn, passphrase, comment); + /* +* If the key is unencrypted, OpenSSL ignores the passphrase, so +* it will seem like the user typed in the right one. This allows +* a user to circumvent nullok by providing a dummy passphrase. +* Verify that the key really *is* encrypted by trying to load it +* with an empty passphrase, and if the key is not encrypted, +* accept only an empty passphrase. +*/ + key = key_load_private(fn, NULL, comment); + if (key != NULL !(*passphrase == '\0' nullok)) { + key_free(key); + return (NULL); + } + if (key == NULL) + key = key_load_private(fn, passphrase, comment); if (key == NULL) { openpam_log(PAM_LOG_DEBUG, failed to load key from %s\n, fn); return (NULL); @@ -165,9 +180,6 @@ pam_sm_authenticate(pam_handle_t *pamh, if (pam_err != PAM_SUCCESS) return (pam_err); - if (*passphrase == '\0' !nullok) - goto skip_keys; - /* switch to user credentials */ pam_err = openpam_borrow_cred(pamh, pwd); if (pam_err != PAM_SUCCESS) @@ -175,7 +187,7 @@ pam_sm_authenticate(pam_handle_t *pamh, /* try to load keys from all keyfiles we know of */ for (kfn = pam_ssh_keyfiles; *kfn != NULL; ++kfn) { - psk = pam_ssh_load_key(pwd-pw_dir, *kfn, passphrase); + psk = pam_ssh_load_key(pwd-pw_dir, *kfn, passphrase, nullok); if (psk != NULL) { pam_set_data(pamh, *kfn, psk, pam_ssh_free_key); ++nkeys; @@ -185,7 +197,6 @@ pam_sm_authenticate(pam_handle_t *pamh, /* switch back to arbitrator credentials */ openpam_restore_cred(pamh); - skip_keys: /* * If we tried an old token and didn't get anything, and * try_first_pass was specified, try again after prompting the ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r228384 - head/contrib/openpam/lib
Author: des Date: Sat Dec 10 01:44:24 2011 New Revision: 228384 URL: http://svn.freebsd.org/changeset/base/228384 Log: Add minimal validation of the service name to fend off at least one attack vector against applications that allow the applicant to specify which policy to apply. Submitted by: Matthias Drochner droch...@netbsd.org MFC after:1 week Modified: head/contrib/openpam/lib/openpam_configure.c Modified: head/contrib/openpam/lib/openpam_configure.c == --- head/contrib/openpam/lib/openpam_configure.cSat Dec 10 01:01:44 2011(r228383) +++ head/contrib/openpam/lib/openpam_configure.cSat Dec 10 01:44:24 2011(r228384) @@ -285,6 +285,13 @@ openpam_load_chain(pam_handle_t *pamh, size_t len; int r; + /* don't allow to escape from policy_path */ + if (strchr(service, '/')) { + openpam_log(PAM_LOG_ERROR, invalid service name: %s, + service); + return (-PAM_SYSTEM_ERR); + } + for (path = openpam_policy_path; *path != NULL; ++path) { len = strlen(*path); if ((*path)[len - 1] == '/') { ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r227932 - head/share/mk
Author: des Date: Thu Nov 24 13:13:50 2011 New Revision: 227932 URL: http://svn.freebsd.org/changeset/base/227932 Log: Add CTF magic to the new .c.o rule. MFC after:3 weeks Modified: head/share/mk/bsd.lib.mk Modified: head/share/mk/bsd.lib.mk == --- head/share/mk/bsd.lib.mkThu Nov 24 10:58:48 2011(r227931) +++ head/share/mk/bsd.lib.mkThu Nov 24 13:13:50 2011(r227932) @@ -69,6 +69,9 @@ PO_FLAG=-pg .c.o: ${CC} ${STATIC_CFLAGS} ${CFLAGS} -c ${.IMPSRC} -o ${.TARGET} + @[ -z ${CTFCONVERT} -o -n ${NO_CTF} ] || \ + (${ECHO} ${CTFCONVERT} ${CTFFLAGS} ${.TARGET} \ + ${CTFCONVERT} ${CTFFLAGS} ${.TARGET}) .c.po: ${CC} ${PO_FLAG} ${STATIC_CFLAGS} ${PO_CFLAGS} -c ${.IMPSRC} -o ${.TARGET} ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r227933 - in head: . lib/libpam/modules
Author: des Date: Thu Nov 24 13:18:58 2011 New Revision: 227933 URL: http://svn.freebsd.org/changeset/base/227933 Log: Revert r227841 and part of r227798. We still build libpam in two passes, but we use STATIC_CFLAGS instead of our own private .c.o rule. MFC after:3 weeks Modified: head/Makefile.inc1 head/lib/libpam/modules/Makefile.inc Modified: head/Makefile.inc1 == --- head/Makefile.inc1 Thu Nov 24 13:13:50 2011(r227932) +++ head/Makefile.inc1 Thu Nov 24 13:18:58 2011(r227933) @@ -1230,7 +1230,7 @@ _prebuild_libs= ${_kerberos5_lib_libasn1 ${_lib_libgssapi} ${_lib_libipx} \ lib/libkiconv lib/libkvm lib/liblzma lib/libmd \ lib/ncurses/ncurses lib/ncurses/ncursesw \ - lib/libopie ${_lib_libthr} \ + lib/libopie lib/libpam ${_lib_libthr} \ lib/libradius lib/libsbuf lib/libtacplus \ ${_cddl_lib_libumem} \ lib/libutil ${_lib_libypclnt} lib/libz lib/msun \ @@ -1323,7 +1323,7 @@ ${_lib}__PL: .PHONY .endif .endfor -.for _lib in ${_startup_libs} ${_prebuild_libs} ${_generic_libs} +.for _lib in ${_startup_libs} ${_prebuild_libs:Nlib/libpam} ${_generic_libs} ${_lib}__L: .PHONY .if exists(${.CURDIR}/${_lib}) ${_+_}@${ECHODIR} === ${_lib} (obj,depend,all,install); \ @@ -1335,6 +1335,17 @@ ${_lib}__L: .PHONY .endif .endfor +# libpam is special: we need to build static PAM modules before +# static PAM library, and dynamic PAM library before dynamic PAM +# modules. +lib/libpam__L: .PHONY + ${_+_}@${ECHODIR} === lib/libpam (obj,depend,all,install); \ + cd ${.CURDIR}/lib/libpam; \ + ${MAKE} DIRPRFX=lib/libpam/ obj; \ + ${MAKE} DIRPRFX=lib/libpam/ depend; \ + ${MAKE} DIRPRFX=lib/libpam/ -D_NO_LIBPAM_SO_YET all; \ + ${MAKE} DIRPRFX=lib/libpam/ -D_NO_LIBPAM_SO_YET install + _prereq_libs: ${_prereq_libs:S/$/__PL/} _startup_libs: ${_startup_libs:S/$/__L/} _prebuild_libs: ${_prebuild_libs:S/$/__L/} Modified: head/lib/libpam/modules/Makefile.inc == --- head/lib/libpam/modules/Makefile.incThu Nov 24 13:13:50 2011 (r227932) +++ head/lib/libpam/modules/Makefile.incThu Nov 24 13:18:58 2011 (r227933) @@ -5,8 +5,17 @@ PAMDIR=${.CURDIR}/../../../../contrib/ NO_INSTALLLIB= NO_PROFILE= -CFLAGS+= -I${PAMDIR}/include -I${.CURDIR}/../../libpam +CFLAGS+= -I${PAMDIR}/include -I${.CURDIR}/../../libpam +# This is nasty. +# For the static case, libpam.a depends on the modules. +# For the dynamic case, the modules depend on libpam.so.N +.if defined(_NO_LIBPAM_SO_YET) +NO_PIC= +.else SHLIB_NAME?= ${LIB}.so.${SHLIB_MAJOR} +DPADD+=${LIBPAM} +LDADD+=-lpam +.endif .include ../Makefile.inc ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r227841 - head
Author: des Date: Tue Nov 22 21:18:14 2011 New Revision: 227841 URL: http://svn.freebsd.org/changeset/base/227841 Log: Remove libpam from _prebuild_libs. This should unbreak the -jX build. MFC after:3 weeks Modified: head/Makefile.inc1 Modified: head/Makefile.inc1 == --- head/Makefile.inc1 Tue Nov 22 21:14:46 2011(r227840) +++ head/Makefile.inc1 Tue Nov 22 21:18:14 2011(r227841) @@ -1235,8 +1235,7 @@ _prebuild_libs= ${_kerberos5_lib_libasn1 ${_cddl_lib_libumem} \ lib/libutil ${_lib_libypclnt} lib/libz lib/msun \ ${_secure_lib_libcrypto} ${_secure_lib_libssh} \ - ${_secure_lib_libssl} \ - lib/libpam + ${_secure_lib_libssl} .if ${MK_LIBTHR} != no _lib_libthr= lib/libthr ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r227797 - head/share/mk
Author: des Date: Mon Nov 21 16:35:57 2011 New Revision: 227797 URL: http://svn.freebsd.org/changeset/base/227797 Log: As threatened on -arch, add {SHARED,STATIC}_{C,CXX}FLAGS, which allow a Makefile to specify different CFLAGS for shared and static libraries. MFC after:3 weeks Modified: head/share/mk/bsd.lib.mk Modified: head/share/mk/bsd.lib.mk == --- head/share/mk/bsd.lib.mkMon Nov 21 16:06:23 2011(r227796) +++ head/share/mk/bsd.lib.mkMon Nov 21 16:35:57 2011(r227797) @@ -67,23 +67,29 @@ PICFLAG=-fpic PO_FLAG=-pg +.c.o: + ${CC} ${STATIC_CFLAGS} ${CFLAGS} -c ${.IMPSRC} -o ${.TARGET} + .c.po: - ${CC} ${PO_FLAG} ${PO_CFLAGS} -c ${.IMPSRC} -o ${.TARGET} + ${CC} ${PO_FLAG} ${STATIC_CFLAGS} ${PO_CFLAGS} -c ${.IMPSRC} -o ${.TARGET} @[ -z ${CTFCONVERT} -o -n ${NO_CTF} ] || \ (${ECHO} ${CTFCONVERT} ${CTFFLAGS} ${.TARGET} \ ${CTFCONVERT} ${CTFFLAGS} ${.TARGET}) .c.So: - ${CC} ${PICFLAG} -DPIC ${CFLAGS} -c ${.IMPSRC} -o ${.TARGET} + ${CC} ${PICFLAG} -DPIC ${SHARED_CFLAGS} ${CFLAGS} -c ${.IMPSRC} -o ${.TARGET} @[ -z ${CTFCONVERT} -o -n ${NO_CTF} ] || \ (${ECHO} ${CTFCONVERT} ${CTFFLAGS} ${.TARGET} \ ${CTFCONVERT} ${CTFFLAGS} ${.TARGET}) +.cc.o: + ${CXX} ${STATIC_CXXFLAGS} ${CXXFLAGS} -c ${.IMPSRC} -o ${.TARGET} + .cc.po .C.po .cpp.po .cxx.po: - ${CXX} ${PO_FLAG} ${PO_CXXFLAGS} -c ${.IMPSRC} -o ${.TARGET} + ${CXX} ${PO_FLAG} ${STATIC_CXXFLAGS} ${PO_CXXFLAGS} -c ${.IMPSRC} -o ${.TARGET} .cc.So .C.So .cpp.So .cxx.So: - ${CXX} ${PICFLAG} -DPIC ${CXXFLAGS} -c ${.IMPSRC} -o ${.TARGET} + ${CXX} ${PICFLAG} -DPIC ${SHARED_CXXFLAGS} ${CXXFLAGS} -c ${.IMPSRC} -o ${.TARGET} .f.po: ${FC} -pg ${FFLAGS} -o ${.TARGET} -c ${.IMPSRC} ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r227798 - in head: . lib/libpam lib/libpam/modules
Author: des Date: Mon Nov 21 16:40:39 2011 New Revision: 227798 URL: http://svn.freebsd.org/changeset/base/227798 Log: Simplify the libpam build by removing the shared modules' dependency on the shared library. The modules are loaded by the library, so we know it'll be there when we need it. MFC after:3 weeks Modified: head/Makefile.inc1 head/lib/libpam/Makefile.inc head/lib/libpam/modules/Makefile.inc Modified: head/Makefile.inc1 == --- head/Makefile.inc1 Mon Nov 21 16:35:57 2011(r227797) +++ head/Makefile.inc1 Mon Nov 21 16:40:39 2011(r227798) @@ -1230,12 +1230,13 @@ _prebuild_libs= ${_kerberos5_lib_libasn1 ${_lib_libgssapi} ${_lib_libipx} \ lib/libkiconv lib/libkvm lib/liblzma lib/libmd \ lib/ncurses/ncurses lib/ncurses/ncursesw \ - lib/libopie lib/libpam ${_lib_libthr} \ + lib/libopie ${_lib_libthr} \ lib/libradius lib/libsbuf lib/libtacplus \ ${_cddl_lib_libumem} \ lib/libutil ${_lib_libypclnt} lib/libz lib/msun \ ${_secure_lib_libcrypto} ${_secure_lib_libssh} \ - ${_secure_lib_libssl} + ${_secure_lib_libssl} \ + lib/libpam .if ${MK_LIBTHR} != no _lib_libthr= lib/libthr @@ -1323,7 +1324,7 @@ ${_lib}__PL: .PHONY .endif .endfor -.for _lib in ${_startup_libs} ${_prebuild_libs:Nlib/libpam} ${_generic_libs} +.for _lib in ${_startup_libs} ${_prebuild_libs} ${_generic_libs} ${_lib}__L: .PHONY .if exists(${.CURDIR}/${_lib}) ${_+_}@${ECHODIR} === ${_lib} (obj,depend,all,install); \ @@ -1335,17 +1336,6 @@ ${_lib}__L: .PHONY .endif .endfor -# libpam is special: we need to build static PAM modules before -# static PAM library, and dynamic PAM library before dynamic PAM -# modules. -lib/libpam__L: .PHONY - ${_+_}@${ECHODIR} === lib/libpam (obj,depend,all,install); \ - cd ${.CURDIR}/lib/libpam; \ - ${MAKE} DIRPRFX=lib/libpam/ obj; \ - ${MAKE} DIRPRFX=lib/libpam/ depend; \ - ${MAKE} DIRPRFX=lib/libpam/ -D_NO_LIBPAM_SO_YET all; \ - ${MAKE} DIRPRFX=lib/libpam/ -D_NO_LIBPAM_SO_YET install - _prereq_libs: ${_prereq_libs:S/$/__PL/} _startup_libs: ${_startup_libs:S/$/__L/} _prebuild_libs: ${_prebuild_libs:S/$/__L/} Modified: head/lib/libpam/Makefile.inc == --- head/lib/libpam/Makefile.incMon Nov 21 16:35:57 2011 (r227797) +++ head/lib/libpam/Makefile.incMon Nov 21 16:40:39 2011 (r227798) @@ -31,4 +31,6 @@ DEBUG_FLAGS+= -DDEBUG SHLIB_MAJOR= 5 PAM_MOD_DIR= ${LIBDIR} +STATIC_CFLAGS+=-DOPENPAM_STATIC_MODULES + .include ../Makefile.inc Modified: head/lib/libpam/modules/Makefile.inc == --- head/lib/libpam/modules/Makefile.incMon Nov 21 16:35:57 2011 (r227797) +++ head/lib/libpam/modules/Makefile.incMon Nov 21 16:40:39 2011 (r227798) @@ -5,20 +5,8 @@ PAMDIR=${.CURDIR}/../../../../contrib/ NO_INSTALLLIB= NO_PROFILE= -CFLAGS+= -I${PAMDIR}/include -I${.CURDIR}/../../libpam +CFLAGS+= -I${PAMDIR}/include -I${.CURDIR}/../../libpam -# This is nasty. -# For the static case, libpam.a depends on the modules. -# For the dynamic case, the modules depend on libpam.so.N -.if defined(_NO_LIBPAM_SO_YET) -NO_PIC= -.else SHLIB_NAME?= ${LIB}.so.${SHLIB_MAJOR} -DPADD+=${LIBPAM} -LDADD+=-lpam -.endif - -.c.o: - ${CC} ${CFLAGS} -DOPENPAM_STATIC_MODULES -c ${.IMPSRC} .include ../Makefile.inc ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r227757 - head/lib/libpam/modules/pam_ssh
Author: des Date: Sun Nov 20 15:18:49 2011 New Revision: 227757 URL: http://svn.freebsd.org/changeset/base/227757 Log: key_load_private() ignores the passphrase argument if the private key is unencrypted. This defeats the nullok check, because it means a non-null passphrase will successfully unlock the key. To address this, try at first to load the key without a passphrase. If this succeeds and the user provided a non-empty passphrase *or* nullok is false, reject the key. MFC after:1 week Noticed by: Guy Helmer guy.hel...@palisadesystems.com Modified: head/lib/libpam/modules/pam_ssh/pam_ssh.c Modified: head/lib/libpam/modules/pam_ssh/pam_ssh.c == --- head/lib/libpam/modules/pam_ssh/pam_ssh.c Sun Nov 20 15:06:39 2011 (r227756) +++ head/lib/libpam/modules/pam_ssh/pam_ssh.c Sun Nov 20 15:18:49 2011 (r227757) @@ -93,7 +93,8 @@ static char *const pam_ssh_agent_envp[] * struct pam_ssh_key containing the key and its comment. */ static struct pam_ssh_key * -pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase) +pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase, +int nullok) { struct pam_ssh_key *psk; char fn[PATH_MAX]; @@ -103,7 +104,21 @@ pam_ssh_load_key(const char *dir, const if (snprintf(fn, sizeof(fn), %s/%s, dir, kfn) (int)sizeof(fn)) return (NULL); comment = NULL; - key = key_load_private(fn, passphrase, comment); + /* +* If the key is unencrypted, OpenSSL ignores the passphrase, so +* it will seem like the user typed in the right one. This allows +* a user to circumvent nullok by providing a dummy passphrase. +* Verify that the key really *is* encrypted by trying to load it +* with an empty passphrase, and if the key is not encrypted, +* accept only an empty passphrase. +*/ + key = key_load_private(fn, NULL, comment); + if (key != NULL !(*passphrase == '\0' nullok)) { + key_free(key); + return (NULL); + } + if (key == NULL) + key = key_load_private(fn, passphrase, comment); if (key == NULL) { openpam_log(PAM_LOG_DEBUG, failed to load key from %s, fn); return (NULL); @@ -170,9 +185,6 @@ pam_sm_authenticate(pam_handle_t *pamh, if (pam_err != PAM_SUCCESS) return (pam_err); - if (*passphrase == '\0' !nullok) - goto skip_keys; - /* switch to user credentials */ pam_err = openpam_borrow_cred(pamh, pwd); if (pam_err != PAM_SUCCESS) @@ -180,7 +192,7 @@ pam_sm_authenticate(pam_handle_t *pamh, /* try to load keys from all keyfiles we know of */ for (kfn = pam_ssh_keyfiles; *kfn != NULL; ++kfn) { - psk = pam_ssh_load_key(pwd-pw_dir, *kfn, passphrase); + psk = pam_ssh_load_key(pwd-pw_dir, *kfn, passphrase, nullok); if (psk != NULL) { pam_set_data(pamh, *kfn, psk, pam_ssh_free_key); ++nkeys; @@ -190,7 +202,6 @@ pam_sm_authenticate(pam_handle_t *pamh, /* switch back to arbitrator credentials */ openpam_restore_cred(pamh); - skip_keys: /* * If we tried an old token and didn't get anything, and * try_first_pass was specified, try again after prompting the ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r227531 - head/rescue/rescue
Author: des Date: Tue Nov 15 16:20:39 2011 New Revision: 227531 URL: http://svn.freebsd.org/changeset/base/227531 Log: Add netcat (nc) to /rescue. MFC after:3 weeks Modified: head/rescue/rescue/Makefile Modified: head/rescue/rescue/Makefile == --- head/rescue/rescue/Makefile Tue Nov 15 14:40:00 2011(r227530) +++ head/rescue/rescue/Makefile Tue Nov 15 16:20:39 2011(r227531) @@ -181,7 +181,7 @@ CRUNCH_BUILDOPTS_dhclient= -DRELEASE_CRU # CRUNCH_SRCDIRS+= usr.bin -CRUNCH_PROGS_usr.bin= head mt sed tail tee +CRUNCH_PROGS_usr.bin= head mt nc sed tail tee CRUNCH_PROGS_usr.bin+= gzip CRUNCH_ALIAS_gzip= gunzip gzcat zcat ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r227044 - head/lib/libpam/modules/pam_unix
Author: des Date: Wed Nov 2 23:40:21 2011 New Revision: 227044 URL: http://svn.freebsd.org/changeset/base/227044 Log: Note that pam_unix(8) does not respect PAM_CHANGE_EXPIRED_AUTHTOK. Modified: head/lib/libpam/modules/pam_unix/pam_unix.8 Modified: head/lib/libpam/modules/pam_unix/pam_unix.8 == --- head/lib/libpam/modules/pam_unix/pam_unix.8 Wed Nov 2 23:23:19 2011 (r227043) +++ head/lib/libpam/modules/pam_unix/pam_unix.8 Wed Nov 2 23:40:21 2011 (r227044) @@ -199,3 +199,9 @@ password database. .Xr pam 8 , .Xr pw 8 , .Xr yp 8 +.Sh BUGS +The +.Nm +module ignores the +.Dv PAM_CHANGE_EXPIRED_AUTHTOK +flag. ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r226632 - head/lib/libpam/libpam
Author: des Date: Sat Oct 22 14:08:21 2011 New Revision: 226632 URL: http://svn.freebsd.org/changeset/base/226632 Log: Revert the previous commit and add a comment explaining why it was wrong. Modified: head/lib/libpam/libpam/Makefile Modified: head/lib/libpam/libpam/Makefile == --- head/lib/libpam/libpam/Makefile Sat Oct 22 11:42:48 2011 (r226631) +++ head/lib/libpam/libpam/Makefile Sat Oct 22 14:08:21 2011 (r226632) @@ -55,7 +55,6 @@ SRCS= openpam_borrow_cred.c \ openpam_readline.c \ openpam_restore_cred.c \ openpam_set_option.c \ - openpam_static.c \ openpam_ttyconv.c \ pam_acct_mgmt.c \ pam_authenticate.c \ @@ -149,16 +148,29 @@ HEADERS= security/openpam.h \ ADD_HEADERS= security/pam_mod_misc.h +# # Static modules +# +# We build static versions of all modules and of openpam_static.o, +# then link them all together into openpam_static_modules.o. None of +# the modules export any symbols, but they store structures with +# pointers to their service functions in a linker set which the code +# in openpam_static.c traverses to locate the individual modules. +# MODULE_DIR=../modules .include ${.CURDIR}/${MODULE_DIR}/modules.inc STATIC_MODULES=${MODULES:C/.*/${MODULE_DIR}\/\/lib.a/} STATICOBJS+= openpam_static_modules.o -CLEANFILES+= openpam_static_modules.o +CLEANFILES+= openpam_static.o \ + openpam_static_modules.o openpam_static_modules.o: openpam_static.o ${STATIC_MODULES} ${LD} -o ${.TARGET} -r --whole-archive ${.ALLSRC} +# We can't put openpam_static.c in SRCS, but we still want to scan it +# for dependencies. +DPSRCS=openpam_static.c + # Headers INCS= ${HEADERS} ${ADD_HEADERS} INCSDIR= ${INCLUDEDIR}/security ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r226608 - in head/usr.bin: kdump truss
Author: des Date: Fri Oct 21 11:08:25 2011 New Revision: 226608 URL: http://svn.freebsd.org/changeset/base/226608 Log: It turns out that truss also used kdump's mkioctls script, and expected ioctlname() to return a pointer to the name rather than print it. This did not show up in testing because truss had its own prototype for ioctlname(), so it would build fine and run fine as long as the program being traced did not issue an ioctl. Teach mkioctls to generate different versions of ioctlname() based on its first command-line argument. Pointed out by: Garrett Cooper yaneg...@gmail.com Modified: head/usr.bin/kdump/Makefile head/usr.bin/kdump/mkioctls head/usr.bin/truss/Makefile head/usr.bin/truss/extern.h Modified: head/usr.bin/kdump/Makefile == --- head/usr.bin/kdump/Makefile Fri Oct 21 06:41:46 2011(r226607) +++ head/usr.bin/kdump/Makefile Fri Oct 21 11:08:25 2011(r226608) @@ -22,7 +22,7 @@ CLEANFILES= ioctl.c kdump_subr.c kdump_s ioctl.c: mkioctls env MACHINE=${MACHINE} \ - sh ${.CURDIR}/mkioctls ${DESTDIR}/usr/include ${.TARGET} + sh ${.CURDIR}/mkioctls print ${DESTDIR}/usr/include ${.TARGET} kdump_subr.h: mksubr sh ${.CURDIR}/mksubr ${DESTDIR}/usr/include | \ Modified: head/usr.bin/kdump/mkioctls == --- head/usr.bin/kdump/mkioctls Fri Oct 21 06:41:46 2011(r226607) +++ head/usr.bin/kdump/mkioctls Fri Oct 21 11:08:25 2011(r226608) @@ -1,20 +1,26 @@ #!/bin/sh # # $FreeBSD$ +# +# When editing this script, keep in mind that truss also uses it. +# set -e -if [ -z $1 ]; then - echo usage: sh $0 include-dir +if [ $# -ne 2 -o \( $1 != print -a $1 != return \) ]; then + echo usage: sh $0 print|return include-dir exit 1 fi +style=$1 +includedir=$2 + LC_ALL=C; export LC_ALL # Build a list of headers that have ioctls in them. # XXX should we use an ANSI cpp? ioctl_includes=$( - cd $1 + cd $includedir find -H -s * -name '*.h' | grep -v '.*disk.*\.h' | \ xargs egrep -l \ '^#[ ]*define[ ]+[A-Za-z_][A-Za-z0-9_]*[ ]+_IO[^a-z0-9_]' | @@ -33,7 +39,7 @@ esac awk -v x=$ioctl_includes 'BEGIN {print x}' | gcc -E -I$1 -dM -DCOMPAT_43TTY - | - awk -v ioctl_includes=$ioctl_includes ' + awk -v ioctl_includes=$ioctl_includes -v style=$style ' BEGIN { print /* XXX obnoxious prerequisites. */ print #define COMPAT_43 @@ -58,12 +64,19 @@ BEGIN { print #include stdio.h print #include cam/cam.h print - print void ioctlname(unsigned long val, int decimal); - print print ioctl_includes print - print void - print ioctlname(unsigned long val, int decimal) + if (style == print) { + print void ioctlname(unsigned long val, int decimal); + print + print void + print ioctlname(unsigned long val, int decimal) + } else { + print const char *ioctlname(unsigned long val); + print + print const char * + print ioctlname(unsigned long val) + } print { print \tconst char *str = NULL; print @@ -77,20 +90,24 @@ BEGIN { break; ++i; # - print(\t); + printf(\t); if (n++ 0) - print(else ); + printf(else ); printf(if (val == %s)\n, $i); printf(\t\tstr = \%s\;\n, $i); } END { - print \n - print \tif (str != NULL)\n - print \t\tprintf(\%s\, str);\n - print \telse if (decimal)\n - print \t\tprintf(\%lu\, val);\n - print \telse\n - print \t\tprintf(\%#lx\, val);\n + print + if (style == print) { + print \tif (str != NULL) + print \t\tprintf(\%s\, str); + print \telse if (decimal) + print \t\tprintf(\%lu\, val); + print \telse + print \t\tprintf(\%#lx\, val); + } else { + print \treturn (str); + } print } } ' Modified: head/usr.bin/truss/Makefile == --- head/usr.bin/truss/Makefile Fri Oct 21 06:41:46 2011(r226607) +++ head/usr.bin/truss/Makefile Fri Oct 21 11:08:25 2011(r226608) @@ -23,7 +23,8 @@ syscalls.h: syscalls.master ${.CURDIR}/i386.conf ioctl.c: ${.CURDIR}/../kdump/mkioctls - sh ${.CURDIR}/../kdump/mkioctls ${DESTDIR}/usr/include ${.TARGET} + env MACHINE=${MACHINE} \ + /bin/sh ${.CURDIR}/../kdump/mkioctls return ${DESTDIR}/usr/include ${.TARGET} .if ${MACHINE_CPUARCH} == i386 SRCS+= i386-linux.c linux_syscalls.h Modified:
svn commit: r226625 - head/lib/libpam/libpam
Author: des Date: Sat Oct 22 04:39:12 2011 New Revision: 226625 URL: http://svn.freebsd.org/changeset/base/226625 Log: openpam_static.c isn't auto-generated. Modified: head/lib/libpam/libpam/Makefile Modified: head/lib/libpam/libpam/Makefile == --- head/lib/libpam/libpam/Makefile Sat Oct 22 01:29:35 2011 (r226624) +++ head/lib/libpam/libpam/Makefile Sat Oct 22 04:39:12 2011 (r226625) @@ -55,6 +55,7 @@ SRCS= openpam_borrow_cred.c \ openpam_readline.c \ openpam_restore_cred.c \ openpam_set_option.c \ + openpam_static.c \ openpam_ttyconv.c \ pam_acct_mgmt.c \ pam_authenticate.c \ @@ -153,15 +154,11 @@ MODULE_DIR= ../modules .include ${.CURDIR}/${MODULE_DIR}/modules.inc STATIC_MODULES=${MODULES:C/.*/${MODULE_DIR}\/\/lib.a/} STATICOBJS+= openpam_static_modules.o -CLEANFILES+= openpam_static.o \ - openpam_static_modules.o +CLEANFILES+= openpam_static_modules.o openpam_static_modules.o: openpam_static.o ${STATIC_MODULES} ${LD} -o ${.TARGET} -r --whole-archive ${.ALLSRC} -# Can't put openpam_static.c in SRCS but want .o in .depend. -DPSRCS=openpam_static.c - # Headers INCS= ${HEADERS} ${ADD_HEADERS} INCSDIR= ${INCLUDEDIR}/security ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r226537 - head/lib/libfetch
Author: des Date: Wed Oct 19 11:43:51 2011 New Revision: 226537 URL: http://svn.freebsd.org/changeset/base/226537 Log: latin1 - utf8 Modified: head/lib/libfetch/common.c head/lib/libfetch/common.h head/lib/libfetch/fetch.3 head/lib/libfetch/fetch.c head/lib/libfetch/fetch.h head/lib/libfetch/file.c head/lib/libfetch/ftp.c head/lib/libfetch/http.c Modified: head/lib/libfetch/common.c == --- head/lib/libfetch/common.c Wed Oct 19 11:04:49 2011(r226536) +++ head/lib/libfetch/common.c Wed Oct 19 11:43:51 2011(r226537) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2011 Dag-Erling Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: head/lib/libfetch/common.h == --- head/lib/libfetch/common.h Wed Oct 19 11:04:49 2011(r226536) +++ head/lib/libfetch/common.h Wed Oct 19 11:43:51 2011(r226537) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2011 Dag-Erling Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: head/lib/libfetch/fetch.3 == --- head/lib/libfetch/fetch.3 Wed Oct 19 11:04:49 2011(r226536) +++ head/lib/libfetch/fetch.3 Wed Oct 19 11:43:51 2011(r226537) @@ -1,5 +1,5 @@ .\- -.\ Copyright (c) 1998-2011 Dag-Erling Sm�rgrav +.\ Copyright (c) 1998-2011 Dag-Erling Smørgrav .\ All rights reserved. .\ .\ Redistribution and use in source and binary forms, with or without Modified: head/lib/libfetch/fetch.c == --- head/lib/libfetch/fetch.c Wed Oct 19 11:04:49 2011(r226536) +++ head/lib/libfetch/fetch.c Wed Oct 19 11:43:51 2011(r226537) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Sm�rgrav + * Copyright (c) 1998-2004 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: head/lib/libfetch/fetch.h == --- head/lib/libfetch/fetch.h Wed Oct 19 11:04:49 2011(r226536) +++ head/lib/libfetch/fetch.h Wed Oct 19 11:43:51 2011(r226537) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Sm�rgrav + * Copyright (c) 1998-2004 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: head/lib/libfetch/file.c == --- head/lib/libfetch/file.cWed Oct 19 11:04:49 2011(r226536) +++ head/lib/libfetch/file.cWed Oct 19 11:43:51 2011(r226537) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2011 Dag-Erling Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: head/lib/libfetch/ftp.c == --- head/lib/libfetch/ftp.c Wed Oct 19 11:04:49 2011(r226536) +++ head/lib/libfetch/ftp.c Wed Oct 19 11:43:51 2011(r226537) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2011 Dag-Erling Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -41,7 +41,7 @@ __FBSDID($FreeBSD$); * * Major Changelog: * - * Dag-Erling Co�dan Sm�rgrav + * Dag-Erling Smørgrav * 9 Jun 1998 * * Incorporated into libfetch Modified: head/lib/libfetch/http.c == --- head/lib/libfetch/http.cWed Oct 19 11:04:49 2011(r226536) +++ head/lib/libfetch/http.cWed Oct 19 11:43:51 2011(r226537) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2000-2011 Dag-Erling Sm�rgrav + * Copyright (c) 2000-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r226538 - stable/8/lib/libfetch
Author: des Date: Wed Oct 19 11:48:21 2011 New Revision: 226538 URL: http://svn.freebsd.org/changeset/base/226538 Log: MFH r221820-221823,225814,22653: whitespace, warnings, cosmetic nits Modified: stable/8/lib/libfetch/Makefile stable/8/lib/libfetch/common.c stable/8/lib/libfetch/common.h stable/8/lib/libfetch/fetch.3 stable/8/lib/libfetch/fetch.c stable/8/lib/libfetch/fetch.h stable/8/lib/libfetch/file.c stable/8/lib/libfetch/ftp.c stable/8/lib/libfetch/http.c Directory Properties: stable/8/lib/libfetch/ (props changed) Modified: stable/8/lib/libfetch/Makefile == --- stable/8/lib/libfetch/Makefile Wed Oct 19 11:43:51 2011 (r226537) +++ stable/8/lib/libfetch/Makefile Wed Oct 19 11:48:21 2011 (r226538) @@ -26,7 +26,6 @@ LDADD=-lmd CFLAGS+= -DFTP_COMBINE_CWDS CSTD?= c99 -WARNS?=2 SHLIB_MAJOR=6 Modified: stable/8/lib/libfetch/common.c == --- stable/8/lib/libfetch/common.c Wed Oct 19 11:43:51 2011 (r226537) +++ stable/8/lib/libfetch/common.c Wed Oct 19 11:48:21 2011 (r226538) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: stable/8/lib/libfetch/common.h == --- stable/8/lib/libfetch/common.h Wed Oct 19 11:43:51 2011 (r226537) +++ stable/8/lib/libfetch/common.h Wed Oct 19 11:48:21 2011 (r226538) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: stable/8/lib/libfetch/fetch.3 == --- stable/8/lib/libfetch/fetch.3 Wed Oct 19 11:43:51 2011 (r226537) +++ stable/8/lib/libfetch/fetch.3 Wed Oct 19 11:48:21 2011 (r226538) @@ -1,5 +1,5 @@ .\- -.\ Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav +.\ Copyright (c) 1998-2011 Dag-Erling Smørgrav .\ All rights reserved. .\ .\ Redistribution and use in source and binary forms, with or without Modified: stable/8/lib/libfetch/fetch.c == --- stable/8/lib/libfetch/fetch.c Wed Oct 19 11:43:51 2011 (r226537) +++ stable/8/lib/libfetch/fetch.c Wed Oct 19 11:48:21 2011 (r226538) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2004 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: stable/8/lib/libfetch/fetch.h == --- stable/8/lib/libfetch/fetch.h Wed Oct 19 11:43:51 2011 (r226537) +++ stable/8/lib/libfetch/fetch.h Wed Oct 19 11:48:21 2011 (r226538) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2004 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: stable/8/lib/libfetch/file.c == --- stable/8/lib/libfetch/file.cWed Oct 19 11:43:51 2011 (r226537) +++ stable/8/lib/libfetch/file.cWed Oct 19 11:48:21 2011 (r226538) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without Modified: stable/8/lib/libfetch/ftp.c == --- stable/8/lib/libfetch/ftp.c Wed Oct 19 11:43:51 2011(r226537) +++ stable/8/lib/libfetch/ftp.c Wed Oct 19 11:48:21 2011(r226538) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1998-2004 Dag-Erling Co�dan Sm�rgrav + * Copyright (c) 1998-2011 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -41,7 +41,7 @@ __FBSDID($FreeBSD$); * * Major Changelog: * - * Dag-Erling Co�dan Sm�rgrav + * Dag-Erling Smørgrav * 9 Jun 1998 * * Incorporated into libfetch @@ -127,7 +127,7 @@ unmappedaddr(struct sockaddr_in6 *sin6) !IN6_IS_ADDR_V4MAPPED(sin6-sin6_addr)) return; sin4 = (struct sockaddr_in *)sin6; - addr = *(u_int32_t *)sin6-sin6_addr.s6_addr[12]; + addr = *(u_int32_t
svn commit: r226539 - stable/8/lib/libfetch
Author: des Date: Wed Oct 19 11:49:14 2011 New Revision: 226539 URL: http://svn.freebsd.org/changeset/base/226539 Log: MFH r221830: mark all sockets and file descriptors close-on-exec PR: bin/151866 Modified: stable/8/lib/libfetch/common.c stable/8/lib/libfetch/file.c Directory Properties: stable/8/lib/libfetch/ (props changed) Modified: stable/8/lib/libfetch/common.c == --- stable/8/lib/libfetch/common.c Wed Oct 19 11:48:21 2011 (r226538) +++ stable/8/lib/libfetch/common.c Wed Oct 19 11:49:14 2011 (r226539) @@ -213,6 +213,7 @@ fetch_reopen(int sd) /* allocate and fill connection structure */ if ((conn = calloc(1, sizeof(*conn))) == NULL) return (NULL); + fcntl(sd, F_SETFD, FD_CLOEXEC); conn-sd = sd; ++conn-ref; return (conn); Modified: stable/8/lib/libfetch/file.c == --- stable/8/lib/libfetch/file.cWed Oct 19 11:48:21 2011 (r226538) +++ stable/8/lib/libfetch/file.cWed Oct 19 11:49:14 2011 (r226539) @@ -33,6 +33,7 @@ __FBSDID($FreeBSD$); #include sys/stat.h #include dirent.h +#include fcntl.h #include stdio.h #include string.h @@ -57,6 +58,7 @@ fetchXGetFile(struct url *u, struct url_ fetch_syserr(); } + fcntl(fileno(f), F_SETFD, FD_CLOEXEC); return (f); } @@ -84,6 +86,7 @@ fetchPutFile(struct url *u, const char * fetch_syserr(); } + fcntl(fileno(f), F_SETFD, FD_CLOEXEC); return (f); } ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r226540 - stable/8/usr.bin/fetch
Author: des Date: Wed Oct 19 12:14:14 2011 New Revision: 226540 URL: http://svn.freebsd.org/changeset/base/226540 Log: MFH r225599,225800,225805: improve handling of resumed http transfers PR: bin/117277 Modified: stable/8/usr.bin/fetch/fetch.c Directory Properties: stable/8/usr.bin/fetch/ (props changed) Modified: stable/8/usr.bin/fetch/fetch.c == --- stable/8/usr.bin/fetch/fetch.c Wed Oct 19 11:49:14 2011 (r226539) +++ stable/8/usr.bin/fetch/fetch.c Wed Oct 19 12:14:14 2011 (r226540) @@ -522,6 +522,12 @@ fetch(char *URL, const char *path) does not match remote, path); goto failure_keep; } + } else if (url-offset sb.st_size) { + /* gap between what we asked for and what we got */ + warnx(%s: gap in resume mode, URL); + fclose(of); + of = NULL; + /* picked up again later */ } else if (us.size != -1) { if (us.size == sb.st_size) /* nothing to do */ @@ -534,7 +540,7 @@ fetch(char *URL, const char *path) goto failure; } /* we got it, open local file */ - if ((of = fopen(path, a)) == NULL) { + if ((of = fopen(path, r+)) == NULL) { warn(%s: fopen(), path); goto failure; } @@ -551,8 +557,16 @@ fetch(char *URL, const char *path) fclose(of); of = NULL; sb = nsb; + /* picked up again later */ } } + /* seek to where we left off */ + if (of != NULL fseeko(of, url-offset, SEEK_SET) != 0) { + warn(%s: fseeko(), path); + fclose(of); + of = NULL; + /* picked up again later */ + } } else if (m_flag sb.st_size != -1) { /* mirror mode, local file exists */ if (sb.st_size == us.size sb.st_mtime == us.mtime) ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r226541 - stable/8/usr.bin/fetch
Author: des Date: Wed Oct 19 12:15:16 2011 New Revision: 226541 URL: http://svn.freebsd.org/changeset/base/226541 Log: MFH r225982: fix name in copyright statements Modified: stable/8/usr.bin/fetch/fetch.1 stable/8/usr.bin/fetch/fetch.c Directory Properties: stable/8/usr.bin/fetch/ (props changed) Modified: stable/8/usr.bin/fetch/fetch.1 == --- stable/8/usr.bin/fetch/fetch.1 Wed Oct 19 12:14:14 2011 (r226540) +++ stable/8/usr.bin/fetch/fetch.1 Wed Oct 19 12:15:16 2011 (r226541) @@ -1,5 +1,5 @@ .\- -.\ Copyright (c) 2000-2004 Dag-Erling Co�dan Sm�rgrav +.\ Copyright (c) 2000-2004 Dag-Erling Smørgrav .\ All rights reserved. .\ Portions Copyright (c) 1999 Massachusetts Institute of Technology; used .\ by permission. Modified: stable/8/usr.bin/fetch/fetch.c == --- stable/8/usr.bin/fetch/fetch.c Wed Oct 19 12:14:14 2011 (r226540) +++ stable/8/usr.bin/fetch/fetch.c Wed Oct 19 12:15:16 2011 (r226541) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2000-2004 Dag-Erling Coïdan Smørgrav + * Copyright (c) 2000-2004 Dag-Erling Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r226546 - head/bin/ls
Author: des Date: Wed Oct 19 15:35:41 2011 New Revision: 226546 URL: http://svn.freebsd.org/changeset/base/226546 Log: If ls was invoked with -i but neither -l nor -s, blocksize was used in display() to calculate column widths, but was not initialized in main(). This resulted in a division by zero. Noticed by: Michael Butler i...@protected-networks.net Modified: head/bin/ls/ls.c Modified: head/bin/ls/ls.c == --- head/bin/ls/ls.cWed Oct 19 14:38:01 2011(r226545) +++ head/bin/ls/ls.cWed Oct 19 15:35:41 2011(r226546) @@ -414,8 +414,8 @@ main(int argc, char *argv[]) fts_options |= FTS_WHITEOUT; #endif - /* If -l or -s, figure out block size. */ - if (f_longform || f_size) { + /* If -i, -l or -s, figure out block size. */ + if (f_inode || f_longform || f_size) { if (f_kblocks) blocksize = 2; else { ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r226495 - in head: sys/kern sys/sys usr.bin/kdump
Author: des Date: Tue Oct 18 07:28:58 2011 New Revision: 226495 URL: http://svn.freebsd.org/changeset/base/226495 Log: Revisit the capability failure trace points. The initial implementation only logged instances where an operation on a file descriptor required capabilities which the file descriptor did not have. By adding a type enum to struct ktr_cap_fail, we can catch other types of capability failures as well, such as disallowed system calls or attempts to wrap a file descriptor with more capabilities than it had to begin with. Modified: head/sys/kern/kern_ktrace.c head/sys/kern/sys_capability.c head/sys/kern/vfs_lookup.c head/sys/sys/ktrace.h head/usr.bin/kdump/kdump.c Modified: head/sys/kern/kern_ktrace.c == --- head/sys/kern/kern_ktrace.c Tue Oct 18 07:17:44 2011(r226494) +++ head/sys/kern/kern_ktrace.c Tue Oct 18 07:28:58 2011(r226495) @@ -772,7 +772,8 @@ ktrstruct(name, data, datalen) } void -ktrcapfail(needed, held) +ktrcapfail(type, needed, held) + enum ktr_cap_fail_type type; cap_rights_t needed; cap_rights_t held; { @@ -784,6 +785,7 @@ ktrcapfail(needed, held) if (req == NULL) return; kcf = req-ktr_data.ktr_cap_fail; + kcf-cap_type = type; kcf-cap_needed = needed; kcf-cap_held = held; ktr_enqueuerequest(td, req); Modified: head/sys/kern/sys_capability.c == --- head/sys/kern/sys_capability.c Tue Oct 18 07:17:44 2011 (r226494) +++ head/sys/kern/sys_capability.c Tue Oct 18 07:28:58 2011 (r226495) @@ -218,7 +218,7 @@ cap_check(struct capability *c, cap_righ if ((c-cap_rights | rights) != c-cap_rights) { #ifdef KTRACE if (KTRPOINT(curthread, KTR_CAPFAIL)) - ktrcapfail(rights, c-cap_rights); + ktrcapfail(CAPFAIL_NOTCAPABLE, rights, c-cap_rights); #endif return (ENOTCAPABLE); } @@ -314,8 +314,14 @@ kern_capwrap(struct thread *td, struct f */ if (fp-f_type == DTYPE_CAPABILITY) { cp_old = fp-f_data; - if ((cp_old-cap_rights | rights) != cp_old-cap_rights) + if ((cp_old-cap_rights | rights) != cp_old-cap_rights) { +#ifdef KTRACE + if (KTRPOINT(curthread, KTR_CAPFAIL)) + ktrcapfail(CAPFAIL_INCREASE, + rights, cp_old-cap_rights); +#endif return (ENOTCAPABLE); + } } /* Modified: head/sys/kern/vfs_lookup.c == --- head/sys/kern/vfs_lookup.c Tue Oct 18 07:17:44 2011(r226494) +++ head/sys/kern/vfs_lookup.c Tue Oct 18 07:28:58 2011(r226495) @@ -188,8 +188,13 @@ namei(struct nameidata *ndp) */ if (IN_CAPABILITY_MODE(td)) { ndp-ni_strictrelative = 1; - if (ndp-ni_dirfd == AT_FDCWD) + if (ndp-ni_dirfd == AT_FDCWD) { +#ifdef KTRACE + if (KTRPOINT(td, KTR_CAPFAIL)) + ktrcapfail(CAPFAIL_LOOKUP, 0, 0); +#endif error = ECAPMODE; + } } #endif if (error) { @@ -281,8 +286,13 @@ namei(struct nameidata *ndp) if (*(cnp-cn_nameptr) == '/') { vrele(dp); VFS_UNLOCK_GIANT(vfslocked); - if (ndp-ni_strictrelative != 0) + if (ndp-ni_strictrelative != 0) { +#ifdef KTRACE + if (KTRPOINT(curthread, KTR_CAPFAIL)) + ktrcapfail(CAPFAIL_LOOKUP, 0, 0); +#endif return (ENOTCAPABLE); + } while (*(cnp-cn_nameptr) == '/') { cnp-cn_nameptr++; ndp-ni_pathlen--; @@ -644,6 +654,10 @@ dirloop: */ if (cnp-cn_flags ISDOTDOT) { if (ndp-ni_strictrelative != 0) { +#ifdef KTRACE + if (KTRPOINT(curthread, KTR_CAPFAIL)) + ktrcapfail(CAPFAIL_LOOKUP, 0, 0); +#endif error = ENOTCAPABLE; goto bad; } Modified: head/sys/sys/ktrace.h == --- head/sys/sys/ktrace.h Tue Oct 18 07:17:44 2011(r226494) +++ head/sys/sys/ktrace.h Tue Oct 18 07:28:58 2011(r226495) @@ -181,7 +181,14 @@ struct ktr_proc_ctor { * KTR_CAPFAIL - trace capability check failures */ #define KTR_CAPFAIL12 +enum ktr_cap_fail_type { + CAPFAIL_NOTCAPABLE, /*
svn commit: r226497 - head/sys/fs/portalfs
Author: des Date: Tue Oct 18 07:31:49 2011 New Revision: 226497 URL: http://svn.freebsd.org/changeset/base/226497 Log: Trace attempts to open a portal device. Ceterum censeo portalfs esse delendam. Modified: head/sys/fs/portalfs/portal_vnops.c Modified: head/sys/fs/portalfs/portal_vnops.c == --- head/sys/fs/portalfs/portal_vnops.c Tue Oct 18 07:29:21 2011 (r226496) +++ head/sys/fs/portalfs/portal_vnops.c Tue Oct 18 07:31:49 2011 (r226497) @@ -240,8 +240,13 @@ portal_open(ap) * This may require access to a global namespace (e.g. an IP address); * disallow it entirely, as we do open(2). */ - if (IN_CAPABILITY_MODE(td)) + if (IN_CAPABILITY_MODE(td)) { +#ifdef KTRACE + if (KTRPOINT(td, KTR_CAPFAIL)) + ktrcapfail(CAPFAIL_SYSCALL, 0, 0); +#endif return (ECAPMODE); + } #endif /* ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r226498 - in head/sys: amd64/amd64 arm/arm i386/i386 sparc64/sparc64
Author: des Date: Tue Oct 18 07:39:27 2011 New Revision: 226498 URL: http://svn.freebsd.org/changeset/base/226498 Log: Trace attempts to call restricted MD syscalls. Modified: head/sys/amd64/amd64/sys_machdep.c head/sys/arm/arm/sys_machdep.c head/sys/i386/i386/sys_machdep.c head/sys/sparc64/sparc64/sys_machdep.c Modified: head/sys/amd64/amd64/sys_machdep.c == --- head/sys/amd64/amd64/sys_machdep.c Tue Oct 18 07:31:49 2011 (r226497) +++ head/sys/amd64/amd64/sys_machdep.c Tue Oct 18 07:39:27 2011 (r226498) @@ -203,6 +203,10 @@ sysarch(td, uap) case I386_SET_IOPERM: default: +#ifdef KTRACE + if (KTRPOINT(td, KTR_CAPFAIL)) + ktrcapfail(CAPFAIL_SYSCALL, 0, 0); +#endif return (ECAPMODE); } } Modified: head/sys/arm/arm/sys_machdep.c == --- head/sys/arm/arm/sys_machdep.c Tue Oct 18 07:31:49 2011 (r226497) +++ head/sys/arm/arm/sys_machdep.c Tue Oct 18 07:39:27 2011 (r226498) @@ -122,6 +122,10 @@ sysarch(td, uap) break; default: +#ifdef KTRACE + if (KTRPOINT(td, KTR_CAPFAIL)) + ktrcapfail(CAPFAIL_SYSCALL, 0, 0); +#endif return (ECAPMODE); } } Modified: head/sys/i386/i386/sys_machdep.c == --- head/sys/i386/i386/sys_machdep.cTue Oct 18 07:31:49 2011 (r226497) +++ head/sys/i386/i386/sys_machdep.cTue Oct 18 07:39:27 2011 (r226498) @@ -130,6 +130,10 @@ sysarch(td, uap) case I386_SET_IOPERM: default: +#ifdef KTRACE + if (KTRPOINT(td, KTR_CAPFAIL)) + ktrcapfail(CAPFAIL_SYSCALL, 0, 0); +#endif return (ECAPMODE); } } Modified: head/sys/sparc64/sparc64/sys_machdep.c == --- head/sys/sparc64/sparc64/sys_machdep.c Tue Oct 18 07:31:49 2011 (r226497) +++ head/sys/sparc64/sparc64/sys_machdep.c Tue Oct 18 07:39:27 2011 (r226498) @@ -69,6 +69,10 @@ sysarch(struct thread *td, struct sysarc break; default: +#ifdef KTRACE + if (KTRPOINT(td, KTR_CAPFAIL)) + ktrcapfail(CAPFAIL_SYSCALL, 0, 0); +#endif return (ECAPMODE); } } ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r226502 - head/bin/df
Author: des Date: Tue Oct 18 08:18:26 2011 New Revision: 226502 URL: http://svn.freebsd.org/changeset/base/226502 Log: Simplify df(1) by factoring out most of the common code: - In the argc == 0 case, just populate the mount list as before, but do not calculate widths, update totals or print anything. - In the argv 0 case, collect information about the requested file systems and store it in the mount list, but do not calculate widths, update totals or print anything. - In either case, once all the information has been collected, iterate once through the mount list to calculate widths and totals, then once more to print everything. This also fixes two bugs: firstly, column widths were not calculated correctly if more than one file system was specified on the command line; and secondly, file systems with MNT_IGNORE were included in the totals even if -a was not specified. Noticed by: Paul Schenkeveld MFC after:3 weeks Modified: head/bin/df/df.c Modified: head/bin/df/df.c == --- head/bin/df/df.cTue Oct 18 08:10:23 2011(r226501) +++ head/bin/df/df.cTue Oct 18 08:18:26 2011(r226502) @@ -107,7 +107,7 @@ main(int argc, char *argv[]) const char *fstype; char *mntpath, *mntpt; const char **vfslist; - size_t i, mntsize; + int i, mntsize; int ch, rv; fstype = ufs; @@ -187,30 +187,21 @@ main(int argc, char *argv[]) argc -= optind; argv += optind; - mntsize = getmntinfo(mntbuf, MNT_NOWAIT); - bzero(maxwidths, sizeof(maxwidths)); - for (i = 0; i mntsize; i++) - update_maxwidths(maxwidths, mntbuf[i]); - rv = 0; if (!*argv) { + /* everything (modulo -t) */ + mntsize = getmntinfo(mntbuf, MNT_NOWAIT); mntsize = regetmntinfo(mntbuf, mntsize, vfslist); - bzero(maxwidths, sizeof(maxwidths)); - for (i = 0; i mntsize; i++) { - if (cflag) - addstat(totalbuf, mntbuf[i]); - update_maxwidths(maxwidths, mntbuf[i]); - } - if (cflag) - update_maxwidths(maxwidths, totalbuf); - for (i = 0; i mntsize; i++) - if (aflag || (mntbuf[i].f_flags MNT_IGNORE) == 0) - prtstat(mntbuf[i], maxwidths); - if (cflag) - prtstat(totalbuf, maxwidths); - exit(rv); + } else { + /* just the filesystems specified on the command line */ + mntbuf = malloc(argc * sizeof(*mntbuf)); + if (mntbuf == 0) + err(1, malloc()); + mntsize = 0; + /* continued in for loop below */ } + /* iterate through specified filesystems */ for (; *argv; argv++) { if (stat(*argv, stbuf) 0) { if ((mntpt = getmntpt(*argv)) == 0) { @@ -279,14 +270,24 @@ main(int argc, char *argv[]) continue; } - if (argc == 1) { - bzero(maxwidths, sizeof(maxwidths)); - update_maxwidths(maxwidths, statfsbuf); + /* the user asked for it, so ignore the ignore flag */ + statfsbuf.f_flags = ~MNT_IGNORE; + + /* add to list */ + mntbuf[mntsize++] = statfsbuf; + } + + bzero(maxwidths, sizeof(maxwidths)); + for (i = 0; i mntsize; i++) { + if (aflag || (mntbuf[i].f_flags MNT_IGNORE) == 0) { + update_maxwidths(maxwidths, mntbuf[i]); + if (cflag) + addstat(totalbuf, mntbuf[i]); } - prtstat(statfsbuf, maxwidths); - if (cflag) - addstat(totalbuf, statfsbuf); } + for (i = 0; i mntsize; i++) + if (aflag || (mntbuf[i].f_flags MNT_IGNORE) == 0) + prtstat(mntbuf[i], maxwidths); if (cflag) prtstat(totalbuf, maxwidths); return (rv); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r226503 - head/bin/df
Author: des Date: Tue Oct 18 08:20:36 2011 New Revision: 226503 URL: http://svn.freebsd.org/changeset/base/226503 Log: Minor clarification MFC after:3 weeks Modified: head/bin/df/df.1 Modified: head/bin/df/df.1 == --- head/bin/df/df.1Tue Oct 18 08:18:26 2011(r226502) +++ head/bin/df/df.1Tue Oct 18 08:20:36 2011(r226503) @@ -29,7 +29,7 @@ .\ @(#)df.1 8.3 (Berkeley) 5/8/95 .\ $FreeBSD$ .\ -.Dd November 23, 2008 +.Dd October 18, 2011 .Dt DF 1 .Os .Sh NAME @@ -63,6 +63,7 @@ The following options are available: Show all mount points, including those that were mounted with the .Dv MNT_IGNORE flag. +This is implied for file systems specified on the command line. .It Fl b Use 512-byte blocks rather than the default. Note that ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org