zrj [Fri, 26 Apr 2019 16:45:52 +0000 (19:45 +0300)]
LIBPRIV: Remove leftover deps from wpa_cli(8).
Currently we use edit.c implemenatation. There is edit_simple.c variant.
Third variant - edit_readline.c is not compatible with libedit
(no support for rl_replace_line() for libreadline compatibility).
Sascha Wildner [Tue, 30 Apr 2019 07:56:41 +0000 (09:56 +0200)]
<net/pf/pfvar.h>: Fix buildworld. Move malloc declaration into _KERNEL.
This header isn't only used by the kernel.
Reported-by: zrj
François Tigeot [Mon, 29 Apr 2019 21:10:54 +0000 (23:10 +0200)]
drm: Bring in the Linux fence implementation from NetBSD
Matthew Dillon [Mon, 29 Apr 2019 19:48:58 +0000 (12:48 -0700)]
pf - Improve SMP counter performance, static array MAXCPU -> kmalloc
* Change the global counters to pcpu counters. Counters are now
incremented in a cache-friendly state and will be aggregated
in the status ioctl.
* Change all static declarations of MAXCPU arrays into kmalloc()d
arrays to reduce kernel bss size.
Sascha Wildner [Mon, 29 Apr 2019 10:44:01 +0000 (12:44 +0200)]
<execinfo.h>: Include <sys/cdefs.h> explicitly for __{BEGIN,END}_DECLS.
Normally this should come in via our <stddef.h>, but ports compilers
might include the compiler's own <stddef.h> that doesn't seem to
include it.
Reported-by: profmax
Peeter Must [Mon, 29 Apr 2019 10:19:54 +0000 (13:19 +0300)]
kernel/ums: Use evdev's private lock for ums
* evdev can use either an internal or an external lock (the
parent driver's lock) to protect its private data in
evdev_dev. For ums evdev uses the ums (external) lock.
However, sometimes this leads to a panic when the usb
mouse is detached. This is because the ums may have cleaned
up its structures, including the lock, while the evdev is
still busy freeing its resources. If this happens, evdev
will panic since it cannot use the lock.
* The remedy is to make evdev use its private lock instead of
ums's lock. This is similar to how evdev and ukbd operate.
* A similar situation may occur for other drivers that we will
need to link to evdev.
* This change will make our ums/evdev deviate from FreeBSD.
Matthew Dillon [Sun, 28 Apr 2019 21:19:08 +0000 (14:19 -0700)]
debug - update kmapinfo
* Update kmapinfo for recent vm_map changes.
Matthew Dillon [Sun, 28 Apr 2019 04:45:35 +0000 (21:45 -0700)]
kernel - Limit console message rate for swap-full warnings
* Limit the message rate on the console for swap-full warnings
to 1hz. This prevents console spam due to a swap-full condition
from making the system unusable.
Matthew Dillon [Sun, 28 Apr 2019 03:45:31 +0000 (20:45 -0700)]
ahci - Reduce livelock warnings with ahci
* Mark the ahci (sata) interrupt as HIFREQ to avoid triggering
livelock warnings.
* Very high interrupt rates are possible with modern SSDs. We
don't use the AHCI chipset's interrupt rate moderation features
because they are a bit problematic (often implemented via an
unconditional delay even for single commands, for example).
By flagging the interrupt as HIFREQ, the livelock code will
trigger at kern.livelock_limit_hi instead of kern.livelock_limit.
Matthew Dillon [Sun, 28 Apr 2019 03:02:39 +0000 (20:02 -0700)]
pf - Fix SMP race in max-src-nodes, max-src-conn tracking
* Fix a SMP race in max-src-nodes tracking where an atomic op was
not being used.
* Fix a possible SMP race in max-src-conn tracking where atomic ops
were not being used.
Reported-by: zach
Matthew Dillon [Sat, 27 Apr 2019 05:29:20 +0000 (22:29 -0700)]
world - Fix deprecated crypto calls
* Fix deprecated crypto calls
Suggested-by: zrj
Matthew Dillon [Sat, 27 Apr 2019 05:27:07 +0000 (22:27 -0700)]
world - Conditionalize MAKEWHATIS path
* Old systems installing a new world have MAKEWHATIS in the old
location.
* Adjust /usr/src/share/man/Makefile to find the binary in either
the old or new location.
François Tigeot [Fri, 26 Apr 2019 19:56:59 +0000 (21:56 +0200)]
drm: Remove a debugging message
François Tigeot [Fri, 26 Apr 2019 18:01:09 +0000 (20:01 +0200)]
drm/linux: Improve RCU support
Add more RCU directives, make sure existing ones are more correct.
Sascha Wildner [Fri, 26 Apr 2019 12:03:09 +0000 (14:03 +0200)]
Remove two more files by 'make upgrade'.
zrj [Fri, 26 Apr 2019 11:07:58 +0000 (14:07 +0300)]
libssh: Do not create obj dir for Makefile.etc.
We only install raw moduli file here directly from contrib (TRUST).
Adjust etc/Makefile too.
Note: backup copy is also installed into /usr/share/examples/etc/ssh/
together with current base default sshd_config and ssh_config.
The ssh configs in /etc/ssh/ are left for system administrator to handle
and update when default options are removed or added.
Sascha Wildner [Fri, 26 Apr 2019 08:57:33 +0000 (10:57 +0200)]
nrelease: Reduce the size of /usr/local on the IMG/ISO considerably.
* Exchange git with git-lite which should have everything we need for
our purposes. This gets rid of perl and various p5-* packages.
* Build the bind-tools without option PYTHON. This gets rid of python
and various py27-* packages.
* While here, use <category>_<port>_{,UN}SET to handle options, instead
of rolling our own mechanism.
All in all, this commit cuts the number of installed packages from 40
to 22 and reduces /usr/local's size from 300M to 145M.
Thanks to zrj for help and advice.
Sascha Wildner [Thu, 25 Apr 2019 20:24:41 +0000 (22:24 +0200)]
bsd.libnames.mk: Adjust for recent libobjc removal.
François Tigeot [Thu, 25 Apr 2019 19:44:33 +0000 (21:44 +0200)]
drm: Replace linux/hashtable.h with NetBSD's version
Sascha Wildner [Thu, 25 Apr 2019 13:06:35 +0000 (15:06 +0200)]
nrelease: Install security/ca_root_nss explicitly (non-automatic).
This is to prevent it accidentally being removed by an autoremove
after deleting the package that brought it in as a dependency.
Reported-by: Frank Rehwinkel <frankrehwinkel@gmail.com>
Sascha Wildner [Thu, 25 Apr 2019 09:13:02 +0000 (11:13 +0200)]
kernel: Cleanup pccarddevs file a bit.
Sascha Wildner [Thu, 25 Apr 2019 08:46:08 +0000 (10:46 +0200)]
netgraph: Comment out unimplemented NGIOCSETNAME definition.
Sascha Wildner [Thu, 25 Apr 2019 08:43:27 +0000 (10:43 +0200)]
wi(4): Comment out unimplemented SIOC[GS]PRISM2DEBUG ioctl definitions.
Sascha Wildner [Thu, 25 Apr 2019 08:37:50 +0000 (10:37 +0200)]
cam: Comment out definition of SESIOC_GETTEXT ioctl (unimplemented).
Sascha Wildner [Thu, 25 Apr 2019 08:33:34 +0000 (10:33 +0200)]
devfsctl/mount_dirfs: Save some #include's by including <sys/param.h>.
Sascha Wildner [Thu, 25 Apr 2019 07:09:54 +0000 (09:09 +0200)]
Sync libfetch and fetch(1) with FreeBSD.
zrj [Wed, 24 Apr 2019 17:51:10 +0000 (20:51 +0300)]
Bump __DragonFly_version for recent updates.
Sascha Wildner [Wed, 24 Apr 2019 17:53:42 +0000 (19:53 +0200)]
openssl(1): Add missing manual pages.
Sascha Wildner [Wed, 24 Apr 2019 17:50:21 +0000 (19:50 +0200)]
Merge branch 'vendor/LIBRESSL'
Sascha Wildner [Wed, 24 Apr 2019 17:49:43 +0000 (19:49 +0200)]
Add a missing manual page to LIBRESSL's vendor branch.
zrj [Wed, 17 Apr 2019 04:09:33 +0000 (07:09 +0300)]
initrd: Adjust for dependencies removal.
The libmd no longer needed.
zrj [Wed, 17 Apr 2019 04:04:23 +0000 (07:04 +0300)]
tools/dumpvfscache: Remove not needed dependency on libmd.
Tool is not ported and does not build.
This is the last buildworld part where libmd is referenced.
zrj [Wed, 17 Apr 2019 04:01:20 +0000 (07:01 +0300)]
hammer(8): Convert to LibreSSL SHA2 hash API.
zrj [Wed, 17 Apr 2019 03:58:45 +0000 (06:58 +0300)]
md5(1): Convert to LibreSSL all hash API.
This includes MD5, RIPEMD160 and various SHA variants.
Prune no longer needed sources.
zrj [Wed, 17 Apr 2019 03:56:33 +0000 (06:56 +0300)]
dhcpcd(8): Convert to LibreSSL MD5 and SHA2 hash API.
zrj [Wed, 17 Apr 2019 03:55:49 +0000 (06:55 +0300)]
ping6(8): Convert to LibreSSL MD5 hash API.
zrj [Wed, 17 Apr 2019 03:54:31 +0000 (06:54 +0300)]
iscontrol(8): Convert to LibreSSL MD5 and SHA1 hash API.
zrj [Wed, 17 Apr 2019 03:53:32 +0000 (06:53 +0300)]
routed(8): Convert to LibreSSL MD5 hash API.
zrj [Wed, 17 Apr 2019 03:51:44 +0000 (06:51 +0300)]
sort(1): Convert to LibreSSL MD5 hash API.
Only used for "sort -R" random mode.
While there, simplify crunchgen rescue tools build.
zrj [Wed, 17 Apr 2019 03:50:23 +0000 (06:50 +0300)]
ppp(8): Convert to LibreSSL MD4 and MD5 hash API.
zrj [Wed, 17 Apr 2019 03:49:08 +0000 (06:49 +0300)]
pfctl(8): Convert to LibreSSL MD5 hash API.
zrj [Wed, 17 Apr 2019 03:43:57 +0000 (06:43 +0300)]
mtree(8): Convert to LibreSSL hash API.
Add new function dohash() that handles md5, rmd160 and all sha variants.
This change makes SHA384 available to use too. Utility is too complicated
and need to be split up.
While there, simplify crunchgen rescue build.
zrj [Wed, 17 Apr 2019 03:39:45 +0000 (06:39 +0300)]
chkdist(8): Convert to LibreSSL MD5 hash API.
zrj [Wed, 17 Apr 2019 03:38:07 +0000 (06:38 +0300)]
authpf(8): Remove not needed dependency on libmd.
zrj [Wed, 17 Apr 2019 03:35:08 +0000 (06:35 +0300)]
cpdup(1): Convert to LibreSSL MD5 hash API.
While there, simplify crunchgen by excluding md5 functionality in
rescue tools as in btools.
zrj [Wed, 17 Apr 2019 02:26:32 +0000 (05:26 +0300)]
pw(8): Conditionalize OPIE handling.
zrj [Wed, 17 Apr 2019 02:15:30 +0000 (05:15 +0300)]
telnet(1): Disable use of OPIE.
Move <sys/wait.h> it is needed for another call site.
zrj [Wed, 17 Apr 2019 02:11:48 +0000 (05:11 +0300)]
ftpd(8): Decouple from libmd.
Reimplement site command "md5" using LibreSSL MD5 API.
zrj [Wed, 17 Apr 2019 02:09:55 +0000 (05:09 +0300)]
ftpd(8): Add OPIE checks to conditionally disable it.
zrj [Wed, 17 Apr 2019 01:30:19 +0000 (04:30 +0300)]
libtacplus: Decouple from libmd.
Library is simple enough to not depend on librecrypto.
Use MD5 hash internally and remove inter-lib dep.
zrj [Wed, 17 Apr 2019 01:25:06 +0000 (04:25 +0300)]
libtacplus: Fix single -Wshadow warning.
zrj [Wed, 17 Apr 2019 01:11:02 +0000 (04:11 +0300)]
lib/libcrypt: Use md5 internally from omd.
The libcrypt can be converted to use LibreSSL MD5 API, but to ensure
compatibility between OpenSSL and LibreSSL for now use private md5.
Mark with WITH_OPENSSL that it is ready.
zrj [Wed, 17 Apr 2019 01:08:39 +0000 (04:08 +0300)]
lib/omd: Add very restrictive subset from libmd.
Certain places are not ready to be converted to use LibreSSL api.
For now this includes only md5 hashing functions.
Aim is to remove all use cases of libmd together with omd.
zrj [Wed, 17 Apr 2019 00:35:32 +0000 (03:35 +0300)]
lib/libcrypt: Add missing functions.
Taken-from: NetBSD
zrj [Wed, 17 Apr 2019 00:28:47 +0000 (03:28 +0300)]
lib/libcrypt: Minor WARNS cleanup.
Add missing prototypes, constify few things.
zrj [Wed, 17 Apr 2019 00:19:47 +0000 (03:19 +0300)]
Remove libcipher.
It has been moved out to dports security/libcipher3.
zrj [Fri, 19 Apr 2019 15:40:21 +0000 (18:40 +0300)]
share/examples: Install missing defaults for ssl and ssh.
This would help with config updates merging and local system recovery
when configs in /etc get accidentally deleted or broken beyond repair.
zrj [Fri, 19 Apr 2019 18:08:25 +0000 (21:08 +0300)]
libssh: Bump shlib version for api change.
The private libssh does not install any headers. Make it shpub.
There are few issues that need to be addressed later on.
For now just document its dependency on libutil, adjust order.
The libprivate_ssh.so must be built before libpam shared modules.
zrj [Fri, 19 Apr 2019 10:45:55 +0000 (13:45 +0300)]
OpenSSH: Document contrib local changes.
zrj [Fri, 19 Apr 2019 10:29:26 +0000 (13:29 +0300)]
ssh(1): Restore default behaviour.
This part in
ad5056c75c7ccd8379444d5b953c08015846e23c should be handled
ssh_config. There are no reasons to prevent base ssh(1) and sftp(1) to
fallback to password authentification (ssh_config is in user control).
zrj [Fri, 19 Apr 2019 10:21:18 +0000 (13:21 +0300)]
sshd(8): Add USE_PAM handling defaults.
By default allow to use pam if sshd(8) is compiled against libpam and
disable password authentification only then.
Note: base sshd_config has "PasswordAuthentication no" by default.
zrj [Fri, 19 Apr 2019 10:18:48 +0000 (13:18 +0300)]
sshd(8): Add back custom auth passwd routine.
The OpenSSH misdetects crypt() availability in libcrypt and uses
DES_crypt() that is not compatible.
zrj [Thu, 18 Apr 2019 11:45:20 +0000 (14:45 +0300)]
Inline Makefile.ssh.common
This fixes path, include and libraries order sequences and will be needed
for further PRIV changes.
Requested-by: swildner
zrj [Thu, 18 Apr 2019 09:42:36 +0000 (12:42 +0300)]
sshd(8): Remove not needed dependencies.
The tcp_wrappers support in OpenSSH was removed back in 2014.
The libopie is not needed, same for libpthread.
Tested-with: make buildworld -DNOSHARED -DREALLY_NOSHARED
zrj [Thu, 18 Apr 2019 09:35:16 +0000 (12:35 +0300)]
Adjust makefiles for OpenSSH 8.0p1 update.
Update pam_ssh module to use new sshkey api.
The pkcs11 support explicitly disabled to avoid use of dlopen().
If security token/card support is needed it can be enabled back.
This update brings several backwards compatibilty breakages.
More in official release notes.
zrj [Thu, 18 Apr 2019 08:42:42 +0000 (11:42 +0300)]
libssh: Add sanitized OpenBSD layer.
Only needed parts.
Derived-from: OpenBSD
zrj [Thu, 18 Apr 2019 05:22:02 +0000 (08:22 +0300)]
OpenSSH: Update READMEs.
zrj [Thu, 18 Apr 2019 05:17:03 +0000 (08:17 +0300)]
OpenSSH: Add local patches.
Add back previously reverted changes.
Dummify not implemented functions in platform.h, those functions
contain only "retq".
zrj [Wed, 24 Apr 2019 17:16:54 +0000 (20:16 +0300)]
Merge remote-tracking branch 'origin/vendor/OPENSSH'
zrj [Tue, 16 Apr 2019 08:15:32 +0000 (11:15 +0300)]
OpenSSH: Revert few local modifications.
Some are already in newer version. Others will be re-applied.
zrj [Mon, 15 Apr 2019 14:15:43 +0000 (17:15 +0300)]
ldns: Adjust makefiles for ldns-1.7.0 update.
Several changes:
* move ldns.h to contrib
* use single config.h
* convert ldns headers to private (ldns is a private base lib)
* bump soname for api changesmi, use shpub
* add missing deps on librecrypto.so
* update READMES
Currently only user of the libprivate_ldns is drill(1).
OpenSSH will be adjusted to use this lib next.
zrj [Wed, 24 Apr 2019 17:14:10 +0000 (20:14 +0300)]
Merge remote-tracking branch 'origin/vendor/LDNS'
zrj [Mon, 15 Apr 2019 08:29:10 +0000 (11:29 +0300)]
Revert "drill(1): Use strdup() for known strings."
This reverts commit
471272f59981f2dcc1aac28b61c0a06d49388615.
Already in a new version.
zrj [Sun, 14 Apr 2019 20:21:42 +0000 (23:21 +0300)]
unzip(1): Add missing dependencies.
Satisfies NOSHARED build after libarchive update.
zrj [Sun, 14 Apr 2019 19:53:17 +0000 (22:53 +0300)]
Makefile.inc1: Update library interdeps.
* libarchive no longer depends on libmd
* libarchive and liblzma no longer depends on libthread_xu
* libdevattr can be compiled in standard order
Adjust lib/Makefile to match output of tools/make_libdeps.sh.
zrj [Sun, 14 Apr 2019 16:22:06 +0000 (19:22 +0300)]
xz: Adjust makefiles for xz-5.2.4 update.
Disable multi-threading on liblizma by deafult to prevent libarchive
getting a hard dependency on pthreads. Move whole threading support
directly to usr.bin/xz. This solves static linking and simplifies the
lib/Makefile inter-libs dependencies. This also makes pkg(8) no longer
implicitly depend on pthreads. As bonus, allow crunchgen'ed xz(8)
without multi-threading support. Should be benefitial for initrd/rescue.
zrj [Wed, 24 Apr 2019 17:12:27 +0000 (20:12 +0300)]
Merge remote-tracking branch 'origin/vendor/XZ'
zrj [Sat, 13 Apr 2019 20:59:32 +0000 (23:59 +0300)]
Adjust files for libarchive-3.3.3 import.
This finally drops dependency on libmd. Also avoid pthreads from lzma.
Changes:
* Remove LIBMD
* Add README.DELETED
* Fix Symbol.map
* Adjust tools to take version from config.h
zrj [Wed, 24 Apr 2019 17:12:03 +0000 (20:12 +0300)]
Merge remote-tracking branch 'origin/vendor/LIBARCHIVE'
zrj [Sat, 13 Apr 2019 13:16:07 +0000 (16:16 +0300)]
libarchive: Revert manpage fixes.
zrj [Sat, 13 Apr 2019 13:11:39 +0000 (16:11 +0300)]
libarchive: Revert local changes.
Fixed in new version.
zrj [Sat, 13 Apr 2019 12:29:20 +0000 (15:29 +0300)]
Revert "libarchive: Use memcpy() when constructing buffers."
This reverts commit
be16867234e89aa9cc5f9a12e3836f84f5268b80.
Before libarchive update.
zrj [Fri, 12 Apr 2019 17:36:59 +0000 (20:36 +0300)]
Update LibreSSL makefiles.
Version 2.9.1, add local CRYPTO_free.c CRYPTO_malloc.c to avoid extra deps.
zrj [Fri, 12 Apr 2019 17:34:28 +0000 (20:34 +0300)]
libressl: Add missing timespecsub().
The <sys/time.h> needs update for 3 arg macros.
zrj [Fri, 12 Apr 2019 17:33:43 +0000 (20:33 +0300)]
Add local patches to LibreSSL.
Document local changes.
zrj [Wed, 24 Apr 2019 17:10:42 +0000 (20:10 +0300)]
Merge remote-tracking branch 'origin/vendor/LIBRESSL'
zrj [Tue, 9 Apr 2019 12:20:00 +0000 (15:20 +0300)]
Revert "libressl: Few local modifications for netcat."
This reverts commit
66ceb5e9b7ccc1005b0b710f32228c0b69070e98.
Before LibreSSL update.
zrj [Tue, 9 Apr 2019 10:34:41 +0000 (13:34 +0300)]
Revert "security/libressl: Fix ECDSA P-256 timing attack vulnerability"
This reverts commit
bd84e83893b298face58762e1fec24667126c8c7.
Before LibreSSL update.
zrj [Fri, 12 Apr 2019 18:05:47 +0000 (21:05 +0300)]
wpa_supplicant(8): Add LibreSSL v2.9.0 compat fixes.
The tls_connection_get_keyblock_size() seems to be unused.
The wpa_supplicant really needs a proper update.
zrj [Fri, 12 Apr 2019 17:24:53 +0000 (20:24 +0300)]
libssh: Disable use of openssl engine.
zrj [Fri, 12 Apr 2019 17:23:56 +0000 (20:23 +0300)]
ldns: Add OPENSSL_NO_ENGINE checks.
Functionality is unused.
zrj [Thu, 18 Apr 2019 05:07:17 +0000 (08:07 +0300)]
Import OpenSSH-8.0p1
zrj [Mon, 15 Apr 2019 14:01:32 +0000 (17:01 +0300)]
ldns: Update vendor branch from 1.6.16 to 1.7.0
zrj [Sun, 14 Apr 2019 15:58:31 +0000 (18:58 +0300)]
Upgrade xz from 5.2.2 to 5.2.4 on the vendor branch.
Remove not needed sources.
zrj [Sat, 13 Apr 2019 15:52:14 +0000 (18:52 +0300)]
Import libarchive-3.3.3
Remove README.DELETED, it will be recreated on master branch.
Maxim Ag [Sat, 20 Apr 2019 09:51:47 +0000 (12:51 +0300)]
Update LibreSSL from version 2.4.4 => 2.9.1
Submitted-by: Maxim + v2 update to 2.9.1 stable
François Tigeot [Wed, 24 Apr 2019 09:11:40 +0000 (11:11 +0200)]
drm/linux: Add trace/events/dma_fence.h
Sascha Wildner [Wed, 24 Apr 2019 08:51:49 +0000 (10:51 +0200)]
<unistd.h>: FWIW, set _XOPEN_ENH_I18N, per the standard.
We support all functions that it originally required, when it was
still optional. It won't have any impact on anything, as far as I
can see, so this commit is more cosmetic than anything else.
While here, improve some comments.
Sascha Wildner [Wed, 24 Apr 2019 07:10:38 +0000 (09:10 +0200)]
Sync indent(1) with FreeBSD.
A number of new options. Also -troff is gone.
Sascha Wildner [Wed, 24 Apr 2019 06:59:07 +0000 (08:59 +0200)]
<unistd.h>: Bump _POSIX_THREAD_SAFE_FUNCTIONS to 200112L.
It became non-optional anyway in 200809. We have all the functions
that 200112 required in the option, so I don't see why not.
Thanks to zrj for checking with a dports bulk build.