zrj [Wed, 17 Apr 2019 01:30:19 +0000 (04:30 +0300)]
libtacplus: Decouple from libmd.
Library is simple enough to not depend on librecrypto.
Use MD5 hash internally and remove inter-lib dep.
zrj [Wed, 17 Apr 2019 01:25:06 +0000 (04:25 +0300)]
libtacplus: Fix single -Wshadow warning.
zrj [Wed, 17 Apr 2019 01:11:02 +0000 (04:11 +0300)]
lib/libcrypt: Use md5 internally from omd.
The libcrypt can be converted to use LibreSSL MD5 API, but to ensure
compatibility between OpenSSL and LibreSSL for now use private md5.
Mark with WITH_OPENSSL that it is ready.
zrj [Wed, 17 Apr 2019 01:08:39 +0000 (04:08 +0300)]
lib/omd: Add very restrictive subset from libmd.
Certain places are not ready to be converted to use LibreSSL api.
For now this includes only md5 hashing functions.
Aim is to remove all use cases of libmd together with omd.
zrj [Wed, 17 Apr 2019 00:35:32 +0000 (03:35 +0300)]
lib/libcrypt: Add missing functions.
Taken-from: NetBSD
zrj [Wed, 17 Apr 2019 00:28:47 +0000 (03:28 +0300)]
lib/libcrypt: Minor WARNS cleanup.
Add missing prototypes, constify few things.
zrj [Wed, 17 Apr 2019 00:19:47 +0000 (03:19 +0300)]
Remove libcipher.
It has been moved out to dports security/libcipher3.
zrj [Fri, 19 Apr 2019 15:40:21 +0000 (18:40 +0300)]
share/examples: Install missing defaults for ssl and ssh.
This would help with config updates merging and local system recovery
when configs in /etc get accidentally deleted or broken beyond repair.
zrj [Fri, 19 Apr 2019 18:08:25 +0000 (21:08 +0300)]
libssh: Bump shlib version for api change.
The private libssh does not install any headers. Make it shpub.
There are few issues that need to be addressed later on.
For now just document its dependency on libutil, adjust order.
The libprivate_ssh.so must be built before libpam shared modules.
zrj [Fri, 19 Apr 2019 10:45:55 +0000 (13:45 +0300)]
OpenSSH: Document contrib local changes.
zrj [Fri, 19 Apr 2019 10:29:26 +0000 (13:29 +0300)]
ssh(1): Restore default behaviour.
This part in
ad5056c75c7ccd8379444d5b953c08015846e23c should be handled
ssh_config. There are no reasons to prevent base ssh(1) and sftp(1) to
fallback to password authentification (ssh_config is in user control).
zrj [Fri, 19 Apr 2019 10:21:18 +0000 (13:21 +0300)]
sshd(8): Add USE_PAM handling defaults.
By default allow to use pam if sshd(8) is compiled against libpam and
disable password authentification only then.
Note: base sshd_config has "PasswordAuthentication no" by default.
zrj [Fri, 19 Apr 2019 10:18:48 +0000 (13:18 +0300)]
sshd(8): Add back custom auth passwd routine.
The OpenSSH misdetects crypt() availability in libcrypt and uses
DES_crypt() that is not compatible.
zrj [Thu, 18 Apr 2019 11:45:20 +0000 (14:45 +0300)]
Inline Makefile.ssh.common
This fixes path, include and libraries order sequences and will be needed
for further PRIV changes.
Requested-by: swildner
zrj [Thu, 18 Apr 2019 09:42:36 +0000 (12:42 +0300)]
sshd(8): Remove not needed dependencies.
The tcp_wrappers support in OpenSSH was removed back in 2014.
The libopie is not needed, same for libpthread.
Tested-with: make buildworld -DNOSHARED -DREALLY_NOSHARED
zrj [Thu, 18 Apr 2019 09:35:16 +0000 (12:35 +0300)]
Adjust makefiles for OpenSSH 8.0p1 update.
Update pam_ssh module to use new sshkey api.
The pkcs11 support explicitly disabled to avoid use of dlopen().
If security token/card support is needed it can be enabled back.
This update brings several backwards compatibilty breakages.
More in official release notes.
zrj [Thu, 18 Apr 2019 08:42:42 +0000 (11:42 +0300)]
libssh: Add sanitized OpenBSD layer.
Only needed parts.
Derived-from: OpenBSD
zrj [Thu, 18 Apr 2019 05:22:02 +0000 (08:22 +0300)]
OpenSSH: Update READMEs.
zrj [Thu, 18 Apr 2019 05:17:03 +0000 (08:17 +0300)]
OpenSSH: Add local patches.
Add back previously reverted changes.
Dummify not implemented functions in platform.h, those functions
contain only "retq".
zrj [Wed, 24 Apr 2019 17:16:54 +0000 (20:16 +0300)]
Merge remote-tracking branch 'origin/vendor/OPENSSH'
zrj [Tue, 16 Apr 2019 08:15:32 +0000 (11:15 +0300)]
OpenSSH: Revert few local modifications.
Some are already in newer version. Others will be re-applied.
zrj [Mon, 15 Apr 2019 14:15:43 +0000 (17:15 +0300)]
ldns: Adjust makefiles for ldns-1.7.0 update.
Several changes:
* move ldns.h to contrib
* use single config.h
* convert ldns headers to private (ldns is a private base lib)
* bump soname for api changesmi, use shpub
* add missing deps on librecrypto.so
* update READMES
Currently only user of the libprivate_ldns is drill(1).
OpenSSH will be adjusted to use this lib next.
zrj [Wed, 24 Apr 2019 17:14:10 +0000 (20:14 +0300)]
Merge remote-tracking branch 'origin/vendor/LDNS'
zrj [Mon, 15 Apr 2019 08:29:10 +0000 (11:29 +0300)]
Revert "drill(1): Use strdup() for known strings."
This reverts commit
471272f59981f2dcc1aac28b61c0a06d49388615.
Already in a new version.
zrj [Sun, 14 Apr 2019 20:21:42 +0000 (23:21 +0300)]
unzip(1): Add missing dependencies.
Satisfies NOSHARED build after libarchive update.
zrj [Sun, 14 Apr 2019 19:53:17 +0000 (22:53 +0300)]
Makefile.inc1: Update library interdeps.
* libarchive no longer depends on libmd
* libarchive and liblzma no longer depends on libthread_xu
* libdevattr can be compiled in standard order
Adjust lib/Makefile to match output of tools/make_libdeps.sh.
zrj [Sun, 14 Apr 2019 16:22:06 +0000 (19:22 +0300)]
xz: Adjust makefiles for xz-5.2.4 update.
Disable multi-threading on liblizma by deafult to prevent libarchive
getting a hard dependency on pthreads. Move whole threading support
directly to usr.bin/xz. This solves static linking and simplifies the
lib/Makefile inter-libs dependencies. This also makes pkg(8) no longer
implicitly depend on pthreads. As bonus, allow crunchgen'ed xz(8)
without multi-threading support. Should be benefitial for initrd/rescue.
zrj [Wed, 24 Apr 2019 17:12:27 +0000 (20:12 +0300)]
Merge remote-tracking branch 'origin/vendor/XZ'
zrj [Sat, 13 Apr 2019 20:59:32 +0000 (23:59 +0300)]
Adjust files for libarchive-3.3.3 import.
This finally drops dependency on libmd. Also avoid pthreads from lzma.
Changes:
* Remove LIBMD
* Add README.DELETED
* Fix Symbol.map
* Adjust tools to take version from config.h
zrj [Wed, 24 Apr 2019 17:12:03 +0000 (20:12 +0300)]
Merge remote-tracking branch 'origin/vendor/LIBARCHIVE'
zrj [Sat, 13 Apr 2019 13:16:07 +0000 (16:16 +0300)]
libarchive: Revert manpage fixes.
zrj [Sat, 13 Apr 2019 13:11:39 +0000 (16:11 +0300)]
libarchive: Revert local changes.
Fixed in new version.
zrj [Sat, 13 Apr 2019 12:29:20 +0000 (15:29 +0300)]
Revert "libarchive: Use memcpy() when constructing buffers."
This reverts commit
be16867234e89aa9cc5f9a12e3836f84f5268b80.
Before libarchive update.
zrj [Fri, 12 Apr 2019 17:36:59 +0000 (20:36 +0300)]
Update LibreSSL makefiles.
Version 2.9.1, add local CRYPTO_free.c CRYPTO_malloc.c to avoid extra deps.
zrj [Fri, 12 Apr 2019 17:34:28 +0000 (20:34 +0300)]
libressl: Add missing timespecsub().
The <sys/time.h> needs update for 3 arg macros.
zrj [Fri, 12 Apr 2019 17:33:43 +0000 (20:33 +0300)]
Add local patches to LibreSSL.
Document local changes.
zrj [Wed, 24 Apr 2019 17:10:42 +0000 (20:10 +0300)]
Merge remote-tracking branch 'origin/vendor/LIBRESSL'
zrj [Tue, 9 Apr 2019 12:20:00 +0000 (15:20 +0300)]
Revert "libressl: Few local modifications for netcat."
This reverts commit
66ceb5e9b7ccc1005b0b710f32228c0b69070e98.
Before LibreSSL update.
zrj [Tue, 9 Apr 2019 10:34:41 +0000 (13:34 +0300)]
Revert "security/libressl: Fix ECDSA P-256 timing attack vulnerability"
This reverts commit
bd84e83893b298face58762e1fec24667126c8c7.
Before LibreSSL update.
zrj [Fri, 12 Apr 2019 18:05:47 +0000 (21:05 +0300)]
wpa_supplicant(8): Add LibreSSL v2.9.0 compat fixes.
The tls_connection_get_keyblock_size() seems to be unused.
The wpa_supplicant really needs a proper update.
zrj [Fri, 12 Apr 2019 17:24:53 +0000 (20:24 +0300)]
libssh: Disable use of openssl engine.
zrj [Fri, 12 Apr 2019 17:23:56 +0000 (20:23 +0300)]
ldns: Add OPENSSL_NO_ENGINE checks.
Functionality is unused.
zrj [Thu, 18 Apr 2019 05:07:17 +0000 (08:07 +0300)]
Import OpenSSH-8.0p1
zrj [Mon, 15 Apr 2019 14:01:32 +0000 (17:01 +0300)]
ldns: Update vendor branch from 1.6.16 to 1.7.0
zrj [Sun, 14 Apr 2019 15:58:31 +0000 (18:58 +0300)]
Upgrade xz from 5.2.2 to 5.2.4 on the vendor branch.
Remove not needed sources.
zrj [Sat, 13 Apr 2019 15:52:14 +0000 (18:52 +0300)]
Import libarchive-3.3.3
Remove README.DELETED, it will be recreated on master branch.
Maxim Ag [Sat, 20 Apr 2019 09:51:47 +0000 (12:51 +0300)]
Update LibreSSL from version 2.4.4 => 2.9.1
Submitted-by: Maxim + v2 update to 2.9.1 stable
François Tigeot [Wed, 24 Apr 2019 09:11:40 +0000 (11:11 +0200)]
drm/linux: Add trace/events/dma_fence.h
Sascha Wildner [Wed, 24 Apr 2019 08:51:49 +0000 (10:51 +0200)]
<unistd.h>: FWIW, set _XOPEN_ENH_I18N, per the standard.
We support all functions that it originally required, when it was
still optional. It won't have any impact on anything, as far as I
can see, so this commit is more cosmetic than anything else.
While here, improve some comments.
Sascha Wildner [Wed, 24 Apr 2019 07:10:38 +0000 (09:10 +0200)]
Sync indent(1) with FreeBSD.
A number of new options. Also -troff is gone.
Sascha Wildner [Wed, 24 Apr 2019 06:59:07 +0000 (08:59 +0200)]
<unistd.h>: Bump _POSIX_THREAD_SAFE_FUNCTIONS to 200112L.
It became non-optional anyway in 200809. We have all the functions
that 200112 required in the option, so I don't see why not.
Thanks to zrj for checking with a dports bulk build.
Sascha Wildner [Wed, 24 Apr 2019 05:30:33 +0000 (07:30 +0200)]
man(1): Adjust manual page search path a bit.
Our old one, basically.
Sascha Wildner [Tue, 23 Apr 2019 23:02:27 +0000 (01:02 +0200)]
makedb: Ignore makewhatis(8) errors.
Might occur with make distribution building a master IMG on release or
vice versa, due to the location change of makewhatis (its database
format has changed too).
François Tigeot [Tue, 23 Apr 2019 20:23:51 +0000 (22:23 +0200)]
drm/linux: Add config_enabled()
Sascha Wildner [Tue, 23 Apr 2019 19:51:08 +0000 (21:51 +0200)]
Link mandoc(1) as 'whatis' too.
Reported-by: zrj
zrj [Tue, 23 Apr 2019 16:26:55 +0000 (19:26 +0300)]
hammer2(8): Document dependency on thread library.
While there, start using PRIVATELIB_CFLAGS.
zrj [Tue, 23 Apr 2019 16:16:12 +0000 (19:16 +0300)]
libc: Move out locking from vsyslog() core.
For consistency with openlog() and closelog().
While there, use SOCK_CLOEXEC directly and do not attempt to closelog()
several times for badly written programs (LogFile is handled internally).
zrj [Tue, 23 Apr 2019 15:54:32 +0000 (18:54 +0300)]
libc: Fix few typos in vsyslog().
While there, move variable declarations to top and remove braces.
zrj [Tue, 23 Apr 2019 15:47:56 +0000 (18:47 +0300)]
gcc47: Disconnect objc components from world.
Sascha Wildner [Tue, 23 Apr 2019 17:45:56 +0000 (19:45 +0200)]
Remove groff from base.
There is a dports package available for people who need it. Also,
for some manual pages in dports, man(1) will report that mandoc(1)
cannot render them, and advise to install groff too, which man(1)
will then use.
Also remove vgrind(1) and the old base me(7) macros.
Disable the groff part of manlint for now, also mandiff. I will
decide later if it should be made to work with dports groff.
There are a number of related utilities, like colcrt, checknr etc.
that I have not touched yet. Their fate will be decided later.
There are also some references to these tools left in existing
manual pages.
Sascha Wildner [Mon, 22 Apr 2019 22:42:11 +0000 (00:42 +0200)]
Remove no longer needed catman periodic via 'make upgrade'.
François Tigeot [Mon, 22 Apr 2019 20:55:13 +0000 (22:55 +0200)]
drm/linux: Add list_for_each_entry_continue_reverse()
Obtained-from: OpenBSD
zrj [Mon, 22 Apr 2019 08:42:16 +0000 (11:42 +0300)]
Deprecate and remove OPIE from PAM.
This will require user intervention to manually disable OPIE usage or
cleanly reinstall pam.d/* (even better if no modifications were done).
Due to very strict used "requisite" requirements any pam_opie loading
error will result in unusable system except for singe user mode.
Add warning for the user. Sooner or later this will need to be done.
While there, disable installing /etc/pam.d/rsh script. It can be removed.
zrj [Fri, 19 Apr 2019 10:32:55 +0000 (13:32 +0300)]
kernel/tty: Use GID_TTY for non root users by default.
Previous behaviour defaulting to GID_WHEEL was confusing OpenSSH tests.
Sascha Wildner [Mon, 22 Apr 2019 15:27:08 +0000 (17:27 +0200)]
Remove the old GNU man, makewhatis and manpath.config.5 manual page.
Sascha Wildner [Mon, 22 Apr 2019 15:24:19 +0000 (17:24 +0200)]
Switch to the new man(1) command.
* Exchange our old GNU man(1) command with the one from FreeBSD that I
recently imported. It uses mandoc(1) by default. If mandoc(1) reports
that it cannot render a page, man(1) will fall back to groff (right
now our base groff, later the groff pkg when we remove it).
* Install mandoc(1) as apropos(1) and makewhatis(8). This means
makewhatis moves from /usr/sbin to /usr/bin.
* Use mandoc(1) instead of groff for most purposes of bsd.man.mk.
* Remove /usr/share/man/cat*. It's not necessary anymore to cache
formatted manual pages.
Sascha Wildner [Sun, 21 Apr 2019 16:23:05 +0000 (18:23 +0200)]
Kind of sync makewhatis.local with FreeBSD. Ignore r/o directories.
One or two improvements to the manual page by me.
François Tigeot [Sun, 21 Apr 2019 15:41:42 +0000 (17:41 +0200)]
drm/linux: Add down_read_trylock()
Sascha Wildner [Sun, 21 Apr 2019 08:29:12 +0000 (10:29 +0200)]
Sync manctl(8) with FreeBSD.
Basically, don't mention the unimplemented purge command anymore.
Sascha Wildner [Sun, 21 Apr 2019 08:24:11 +0000 (10:24 +0200)]
Remove catman(1) since it is no longer needed in modern times.
It was used to bulk format manual pages for faster displaying.
su(1)'s EXAMPLES section was taken from FreeBSD.
Our man(1) command still stores and utilizes manual pages in
/usr/share/man/cat* after this commit.
Sascha Wildner [Sun, 21 Apr 2019 07:32:35 +0000 (09:32 +0200)]
usr.bin/man: Some local adjustments, also bump .Dd.
Sascha Wildner [Sun, 21 Apr 2019 07:30:26 +0000 (09:30 +0200)]
Add FreeBSD's man(1) command unchanged but don't hook in just yet.
It will use mandoc if the manual page is supported by it (all our
base manual pages are). If unsupported, as could be the case for
ports manual pages, it will fall back to groff. If groff isn't
found, it will advise to install the groff package.
Matthew Dillon [Sat, 20 Apr 2019 22:19:20 +0000 (15:19 -0700)]
hammer2 - Improve verbosity of CHECK errors on the console (2)
* Also print the PFS name along with the device.
Matthew Dillon [Sat, 20 Apr 2019 22:01:06 +0000 (15:01 -0700)]
hammer2 - Improve verbosity of CHECK errors on the console
* Improve the verbosity of CHECK errors on the console. Print
the block-type in human-readable form, and attempt to trace
it back to its governing inode and report the inode number
the error is in.
* Also print the device path string associated with the mount
so we know what block device the error occurred on.
Matthew Dillon [Sat, 20 Apr 2019 21:27:01 +0000 (14:27 -0700)]
CAM - A few more kmalloc -> xpt_alloc_ccb fixes
* Fix (now improper) kmalloc()s of ccbs in the ASR and MPS
drivers. Properly use xpt_alloc_ccb().
zrj [Fri, 19 Apr 2019 17:01:56 +0000 (20:01 +0300)]
cross-tools: Do not install manpages during this stage.
Saves ~1s and few KBs in /usr/obj/.
zrj [Thu, 18 Apr 2019 20:02:31 +0000 (23:02 +0300)]
libutil: Prevent leaking slave fd on failed fork.
zrj [Thu, 18 Apr 2019 20:01:47 +0000 (23:01 +0300)]
libc: Implement properly pthread_equal() stub.
Functional stub is needed to avoid forcing thread library on librecrypto.
Sascha Wildner [Thu, 18 Apr 2019 14:53:24 +0000 (16:53 +0200)]
Fix a couple of NULL dereferences in error paths.
Sascha Wildner [Thu, 18 Apr 2019 07:34:20 +0000 (09:34 +0200)]
kernel: Use NULL for pointers, not 0.
Sascha Wildner [Thu, 18 Apr 2019 07:34:01 +0000 (09:34 +0200)]
kernel/libiconv: Compare a char with \0.
Matthew Dillon [Thu, 18 Apr 2019 05:14:23 +0000 (22:14 -0700)]
hammer2: Improve bulkfree console logging
* Improve console logging, only print one buf= line and make the
'pass' lines fit in 80 columns. Improve the media coverage
message so users are not confused.
* There is no need to allocate an excessively-large buffer when
the bitmap for the entire media fits. Cap the buffer size for
this case.
Sascha Wildner [Tue, 16 Apr 2019 08:13:52 +0000 (10:13 +0200)]
libc/rpc: Fix -Wtype-limits.
Instead of triggering a warning by checking if the passed type is signed
split the INT_STRLEN_MACRO() into two, one for unsigned and the other for
signed types. The latter isn't used and was added just for completeness.
Sascha Wildner [Tue, 16 Apr 2019 07:06:03 +0000 (09:06 +0200)]
libc: Fix some more -Wmissing-prototypes warnings.
Sascha Wildner [Sat, 13 Apr 2019 22:40:01 +0000 (00:40 +0200)]
<time.h>: Provide time2posix(), posix2time() prototypes.
They have a manual page too. Also provide offtime() and timeoff()
prototypes.
Fixes some -Wmissing-prototypes warnings.
Sascha Wildner [Tue, 16 Apr 2019 06:55:41 +0000 (08:55 +0200)]
Update the pciconf(8) database.
April 12, 2019 snapshot from https://pci-ids.ucw.cz
zrj [Tue, 16 Apr 2019 04:15:47 +0000 (07:15 +0300)]
gcc80: Document -save-temps=objects addition.
zrj [Tue, 16 Apr 2019 03:38:32 +0000 (06:38 +0300)]
gcc80: Update manpages.
zrj [Tue, 16 Apr 2019 02:43:32 +0000 (05:43 +0300)]
Adjust makefiles for GCC80 update.
zrj [Tue, 16 Apr 2019 03:28:06 +0000 (06:28 +0300)]
Merge remote-tracking branch 'origin/vendor/GCC80'
zrj [Tue, 16 Apr 2019 02:39:06 +0000 (05:39 +0300)]
Bring in branch-8 bugfixes into GCC80.
Bugfixes as of April 15.
Huge thanks to gcc developers for keeping longterm branches and
backporting/testing all the bugfixes.
zrj [Tue, 16 Apr 2019 02:37:34 +0000 (05:37 +0300)]
Update GCC80 to version 8.3
zrj [Mon, 15 Apr 2019 17:37:14 +0000 (20:37 +0300)]
bsd.lib.mk: Fix SHLIB_LINK handling.
Checks should be for TARGETs. Also .so should be created in LIBDIR version.
No functional change intended on master.
zrj [Mon, 15 Apr 2019 17:33:42 +0000 (20:33 +0300)]
gcc80: Make LTO plugins installation consistent.
Previously my LTO additions were (ab)using bug in bsd.lib.mk.
All other cases in world override both variables.
Do the same fix for gcc47 too.
No functional change intended.
Sascha Wildner [Sun, 14 Apr 2019 10:58:07 +0000 (12:58 +0200)]
libc: Adjust HISTORY sections in a few recently added manual pages.
Sascha Wildner [Sun, 14 Apr 2019 01:06:43 +0000 (03:06 +0200)]
timingsafe_bcmp.3: Add missing .Lb.
zrj [Fri, 12 Apr 2019 13:03:44 +0000 (16:03 +0300)]
PRIV: Add transitional handling in bsd.lib.mk.
Allow certain versioned private libraries to be installed into public
libraries directory. PRIVATELIB libraries already have mangled names.
zrj [Fri, 12 Apr 2019 07:55:29 +0000 (10:55 +0300)]
PRIV: Add helper tool.
To speed up vendor updates.
zrj [Fri, 12 Apr 2019 07:51:56 +0000 (10:51 +0300)]
factor(6): Convert to BN_is_prime_ex().
Matthew Dillon [Fri, 12 Apr 2019 06:16:32 +0000 (23:16 -0700)]
hammer2 - Performance work
* Implement immediate (async) flush follow-through when OS requests
it, with write-clustering support at the device level if enabled.
Write-clustering support at the device level is disabled by default
because H2 already uses a fairly large and efficient 64K block size.
* Change the XOP dispatch for strategy functions. Further partition
strategy functions by read or write to prevent reads from getting
stuck behind long write chains.
Also do not span-out I/O related to a single inode across too many
XOP threads as doing so creates a massive amount of unnecessary
lock contention.
* Significantly improves concurrent filesystem ops and I/O and
significantly improves sequential filesystem write I/O.