| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
PR: 215105
Submitted by: <jtd2004a sbcglobal.net>
Approved by: so
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix link_ntoa(3) buffer overflow in libc. [SA-16:37]
Fix possible escape from bhyve(8) virtual machine. [SA-16:38]
Fix warnings about valid time zone abbreviations. [EN-16:19]
Update timezone database information. [EN-16:20]
Security: FreeBSD-SA-16:36.telnetd
Security: FreeBSD-SA-16:37.libc
Security: FreeBSD-SA-16:38.bhyve
Errata Notice: FreeBSD-EN-16:19.tzcode
Errata Notice: FreeBSD-EN-16:20.tzdata
Approved by: so
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
o Fix YP/NIS client library critical bug. [EN-16:03.yplib]
o Fix SCTP ICMPv6 error message vulnerability. [SA-16:01.sctp]
o Fix ntp panic threshold bypass vulnerability. [SA-16:02.ntp]
o Fix Linux compatibility layer incorrect futex handling. [SA-16:03.linux]
o Fix Linux compatibility layer setgroups(2) system call. [SA-16:04.linux]
o Fix TCP MD5 signature denial of service. [SA-16:05.tcp]
o Fix insecure default bsnmpd.conf permissions. [SA-16:06.bsnmpd]
Errata: FreeBSD-EN-16:02.pf
Errata: FreeBSD-EN-16:03.yplib
Security: FreeBSD-SA-16:01.sctp, CVE-2016-1879
Security: FreeBSD-SA-16:02.ntp, CVE-2015-5300
Security: FreeBSD-SA-16:03.linux, CVE-2016-1880
Security: FreeBSD-SA-16:04.linux, CVE-2016-1881
Security: FreeBSD-SA-16:05.tcp, CVE-2016-1882
Security: FreeBSD-SA-16:06.bsnmpd, CVE-2015-5677
Approved by: so
|
| |
|
|
|
|
|
|
| |
[EN-15:09] Fix inconsistency between locale and rune locale states.
[EN-15:10] Improved iconv(3) UTF-7 support.
Approved by: so
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Security: FreeBSD-SA-14:27.stdio
Security: CVE-2014-8611
Fix multiple vulnerabilities in file(1) and libmagic(3).
Security: FreeBSD-SA-14:28.file
Security: CVE-2014-3710, CVE-2014-8116, CVE-2014-8117
Approved by: so
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Do not override sin6_scope_id in LLA when it is already set to non-zero.
This fixes destination list in output of netstat -r.
- Plug a memory leak.
- Add RTM_VERSION check.
- Fix a bug which can make sysctl() fail when -F is specified.
- Increase WID_IF_DEFAULT() from 6 to 8 (the default for AF_INET6) because
we have interfaces with longer names than 6 chars like epairN{a,b}.
- Style fixes.
MFS r272847:
- Add rwlock to struct dadq. A panic could occur when a large number of
addresses performed DAD at the same time.
MFS r272850:
- Replace Sun RPC license in TI-RPC library with a 3-clause BSD license,
with the explicit permission of Sun Microsystems in 2009.
- Replace Sun Industry Standards Source License for Sun RPC code with a
3-clause BSD license as specified by Oracle America, Inc. in 2010.
This license change was approved by Wim Coekaerts, Senior Vice
President, Linux and Virtualization at Oracle Corporation.
- Replace Sun RPC license with a 3-clause BSD license. This license change
was approved in 2010 by Wim Coekaerts, Senior Vice President, Linux and
Virtualization at Oracle Corporation.
- Replace Sun RPC license for TI-RPC library with a 3-clause BSD license,
with the explicit permission of Sun Microsystems in 2009.
The code in question in this file was copied from
lib/libc/rpc/pmap_getport.c.
MFS r272852,r272853:
- Add relative specification in expiration time.
- Add proto3 option for RTF_PROTO3.
- Use %lu for members of struct rt_metrics.
- Use long explicitly for the time difference.
MFS r272854:
- Return 0 if:
1. "-u N" specified, no -f, and mdN found,
2. no -u, "-f /pathname" specified, and mdN associated with
/pathname found,
3. "-u N" specified, "-f /pathname" specified, and both of them found,
4. "-l" specified and no -f,
5. "-l" specified, "-f /pathname" specified, and /pathname found.
otherwise return -1.
MFS r272856:
- Move configuration of IPv6 NDP flags to a point before handling ifconfig_IF.
This fixes a race that a non-IPv4 interface can get an EUI64 LLA even if it
has IFDISABLED nd6 flag at boot time.
MFS r272857:
- Cancel DAD for an ifa when the ifp has ND6_IFF_IFDISABLED as early as
possible and do not clear IN6_IFF_TENTATIVE. If IFDISABLED was accidentally
set after a DAD started, TENTATIVE could be cleared because no NA was
received due to IFDISABLED, and as a result it could prevent DAD when
manually clearing IFDISABLED after that.
MFS r272858:
- Fix an issue in range specification handling when a "-foo" is specified in
ifconfig_IF_aliasN.
MFS r272859:
- Fix EtherIP. TOS field must be initialized when the inner protocol is
PF_LINK, and multicast/broadcast flag should always be dropped because
the outer protocol uses unicast even when the inner address is not for
unicast. It had been broken since r236951 when gif_output() started to
use IFQ_HANDOFF().
MFS r272860:
- Recover sin6_scope_id of gateway addresses in riprecv() by using the
if_index where a RIP packet was received. This fixes a bug which
prevented gateway addresses in fe80::/64 from being added.
MFS r272861:
- Fix rc.d/gssd script to define the default values in a standard way.
- Use a parameter argument in jls(8) instead of doing grep.
MFS r272862, r272870:
- Restructure rc.d scripts for kerberos5 daemons.
MFS r272863:
- Return false status only when adding a route is failed. It could
erroneously return false due to an afexists() check loop in routing_start().
MFS r272864:
- Use ipv6_prefer when at least one ifconfig_IF_ipv6 is configured.
MFS r272865:
- Fix a bug which prevented mount.fstab parameter from being converted
when jail_JID_devfs_enable=NO.
MFS r272866:
- Fix header output when -P is specified and (ncpus - 1) != maxid.
MFS r272867:
- Fix a bug which could break extended attributes in a dump output.
This occurred when a file was >892kB long and had a large data (>1kB)
in the extended attributes.
MFS r272868, r272869:
- Make net.inet.ip.sourceroute, net.inet.ip.accept_sourceroute, and
net.inet.ip.process_options vnet-aware.
MFS r272871:
- Revert changes in r269180. It could cause -c N option to enter an
infinite loop if no reply packet is received.
MFS r272874:
- Resurrect set_rcvar() as a function to define a rc.conf variable.
It defines a variable and its default value in load_rc_config() just after
rc.conf is loaded. "rcvar" command shows the current and the default
values.
MFS r272960:
- Do not add late flag when file= is specified because it has a bad
side-effect. The specified file should exist before the fstab line.
Approved by: re (gjb)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
In ARM asm code, ensure that every ENTRY(foo) has a matching END(foo).
The EABI unwind info requires a .fnend for every .fnstart, and newer
binutils will complain about seeing two .fnstart in a row. This change
allows newer tools to compile our code.
Do not generate unwind info in asm functions if _STANDALONE is defined.
The .fnend op causes the assembler to emit RELOC references to unwind
support functions that don't exist in libstand.
Approved by: re(gjb)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Always seek back to the beginning of a regular directory, even if the
previous seek location was 0. Without this, readdir() would see
dd_loc of zero and call getdirentries() which would start reading
entries at the current seek location of the directory ignoring the
first batch of entries. Also, rewinddir() should always seek so that
it reads the directory from the beginning to get updated entries.
PR: 192935
Approved by: re (gjb)
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix broken pointer overflow check ns_name_unpack()
Many compilers may optimize away the overflow check `msg + l < msg',
where `msg' is a pointer and `l' is an integer, because pointer
overflow is undefined behavior in C.
Use a safe precondition test `l >= eom - msg' instead.
Reference:
https://android-review.googlesource.com/#/c/50570/
Requested by: pfg
Obtained from: NetBSD (CVS rev. 1.10)
|
| |
|
|
|
|
|
| |
Update our stub resolver to final version of libbind
(libbind-6.0).
Obtained from: ISC
|
| |
|
|
|
|
| |
Bring the md5 functions into libc for internal use only.
It is required to support ID randomization for our stub
resolver.
|
| |
|
|
|
|
|
|
|
|
|
| |
Fix "make checkdpadd" for lib/libc when MK_SSP != no
Add LIBSSP_NONSHARED to bsd.libnames.mk and append LIBSSP_NONSHARED to DPADD in
lib/libc when MK_SSP != no
Approved by: rpaulo (mentor)
Phabric: D675 (as part of a larger diff)
PR: 192728
|
| |
|
|
|
|
|
|
| |
Add support for the SCTP_PR_STREAM_STATUS and SCTP_PR_ASSOC_STATUS
socket options. This includes managing the correspoing stat counters.
Add the SCTP_DETAILED_STR_STATS kernel option to control per policy
counters on every stream. The default is off and only an aggregated
counter is available. This is sufficient for the RTCWeb usecase.
|
| |
|
|
|
| |
Add support for the SCTP_AUTH_SUPPORTED and SCTP_ASCONF_SUPPORTED
socket options. Add also a sysctl to control the support of ASCONF.
|
| |
|
|
|
| |
Add support for the SCTP_RECONFIG_SUPPORTED and the corresponding
sysctl controlling the negotiation of the RE-CONFIG extension.
|
| |
|
|
|
|
| |
Add support for the SCTP_PKTDROP_SUPPORTED socket option and
the corresponding sysctl variable.
The default is off, since the specification is not an RFC yet.
|
| |
|
|
|
|
|
| |
Add SCTP socket option SCTP_NRSACK_SUPPORTED to control the
NRSACK extension. The default will still be off, since it
it not an RFC (yet).
Changing the sysctl name will be in a separate commit.
|
| |
|
|
|
|
| |
Add support for the SCTP_PR_SUPPORTED socket option as specified in
http://tools.ietf.org/html/draft-ietf-tsvwg-sctp-prpolicies
Add also a sysctl controlling the default of the end-points.
|
| |
|
|
|
|
|
|
| |
Cleanup the ECN configuration handling and provide an SCTP socket
option for controlling ECN on future associations and get the
status on current associations.
A simialar pattern will be used for controlling SCTP extensions in
upcoming commits.
|
| |
|
|
|
|
|
|
|
|
|
| |
Update fflush(3) to return success on a read-only stream.
This is done for compliance with SUSv3. The changes cause
no secondary effects in the gnulib tests (we pass them).
Obtained from: Apple Inc. (Libc 997.90.3 with changes)
Reviewed by: bde
Phabric: D440
|
| |
|
|
|
|
| |
Minor style tweaks.
Obtained from: OpenBSD (CVS rev. 1.7)
|
| |
|
|
|
|
|
| |
Const-ify character string
Obtained from: Apple Inc. (Libc 997.90.3)
MFC after: 3 days
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix various edge cases with rewinddir(), seekdir(), and telldir():
- In the unionfs case, opendir() and fdopendir() read the directory's full
contents and cache it. This cache is not refreshed when rewinddir() is
called, so rewinddir() will not notice updates to a directory. Fix this
by splitting the code to fetch a directory's contents out of
__opendir_common() into a new _filldir() function and call this from
rewinddir() when operating on a unionfs directory.
- If rewinddir() is called on a directory opened with fdopendir() before
any directory entries are fetched, rewinddir() will not adjust the seek
location of the backing file descriptor. If the file descriptor passed
to fdopendir() had a non-zero offset, the rewinddir() will not rewind to
the beginning. Fix this by always seeking back to 0 in rewinddir().
This means the dd_rewind hack can also be removed.
- Add missing locking to rewinddir()
- POSIX says that passing a location returned by telldir() to seekdir()
after an intervening call to rewinddir() is undefined, so reclaim any
pending telldir() cookies in the directory when rewinddir() is called.
- If telldir() is called immediately after a call to seekdir(), POSIX
requires the return value of telldir() to equal the value passed to
seekdir(). The current seekdir code with SINGLEUSE enabled breaks
this case as each call to telldir() allocates a new cookie. Instead,
remove the SINGLEUSE code and change telldir() to look for an existing
cookie for the directory's current location rather than always creating
a new cookie.
PR: 121656
|
| |
|
|
|
|
|
|
| |
Fix C++ exception handling for ARM EABI.
Just the part of r264070 that creates the FBSD_1.4 namespace in libc
is hand-applied, and then r264082 which creates the Versions.def entry
is MFC'd.
|
| |
|
|
|
|
|
| |
In the "Too many open files" edge cases don't try to preserve old
number for non-std* descriptors, but close old file and retry.
Obtained from: inspired by Apple's change from pfg@
|
| |
|
|
|
|
| |
For "a"-mode files and rewind/fseek + fwrite combination return meaningful
value now, like Apple does, but avoid their __sflush physical write
performance degradation as much as possible.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix hdestroy() compliance issue.
The hcreate(3) implementation and related functions we inherited
from NetBSD used to free() the key value, something that is not
supported by the standard implementation.
This would cause a segmentation fault when attempting to run
the examples from the opengroup and linux manpages.
There is no need to bump the __FreeBSD_version as we have
always claimed XPG4.2 compliance but if some reference is
required, the bump for r269484 can be used.
Reference:
http://bugs.dragonflybsd.org/issues/1398
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
regex(3): Add support for \< and \> word delimiters
Solaris and other OSs have support for \< and \> as word
delimiters in utilities like sed(1). These are useful to
have for general compatiblity with Solaris but should be
avoided for portability with other systems, including the
traditional BSDs.
Bump __FreeBSD_version as this is likely to affect some
userland utilities.
Reference:
https://www.illumos.org/issues/516
PR: bin/153257
Obtained from: Illumos
|
| |
|
|
|
|
|
|
|
|
|
|
| |
strftime() xlocale cleanups.
Replace fprintf_l with fputs when output is unformatted.
Use locale_t in _conv() since it was using sprintf (now sprintf_l)
Use locale_t on _yconv() since it calls _conv()
Obtained from: Apple Inc. (Libc 997.90.3)
CR: D482
Reviewed by: theraven
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Use a correct errno in freopen.
Use EBADF instead of EINVAL when working around incorrect O_ACCMODE.
Adjust errno on failed prepwrite.
rewind: always clear error indicator as required by POSIX.
Obtained from: Apple Inc. (Libc 997.90.3)
Phabric: D442
|
| |
|
|
|
|
| |
Use more consistent type for optlen in getsourcefilter()
Proposed by: bde
|
| |
|
|
|
|
| |
programs that are unaware of RFC 3542 can construct control messages.
Obtained from: Juniper Networks, Inc.
|
| |
|
|
|
|
| |
a 0 status with a NULL pointer for the login name (result).
Obtained from: Juniper Networks, Inc.
|
| |
|
|
| |
Fix a typo.
|
| |
|
|
|
|
|
|
|
| |
Avoid possible cast degradation.
Assign iov_len first, avoiding the cast to uio_resid
(int in stdio) from degrading the value.
Small cosmetical fix while here.
|
| |
|
|
| |
Document that listen(2) can fail with EDESTADDRREQ.
|
| |
|
|
|
|
| |
Const-ify a character string.
Obtained from: Apple Inc. (Libc 997.90.3)
|
| |
|
|
|
|
|
|
| |
libc/stdlib: Minor cleanups to code originating in NetBSD
Mostly ANSIfication and typos.
Obtained from: NetBSD
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
libc/gen: small updates to code originating at OpenBSD
arc4random.c
- CVS rev. 1.22
Change arc4random_uniform() to calculate ``2**32 % upper_bound'' as
``-upper_bound % upper_bound''. Simplifies the code and makes it the
same on both ILP32 and LP64 architectures, and also slightly faster on
LP64 architectures by using a 32-bit remainder instead of a 64-bit
remainder.
- CVS rev. 1.23
Spacing
readpassphrase.c
-CVS rev. v 1.24
most obvious unsigned char casts for ctype
Obtained from: OpenBSD
|
| |
|
|
|
|
|
|
| |
strfmon: reduce unnecessary snprintf.
No need for the snprintf/asprintf dance; use fixed width formats.
Obtained from: NetBSD (CVS rev. 1.8)
|
| |
|
|
| |
Implement sysconf(_SC_GETGR_R_SIZE_MAX) and sysconf(_SC_GETPW_R_SIZE_MAX).
|
| |
|
|
| |
Fix syntax error.
|
| |
|
|
|
|
|
|
|
|
|
| |
minor perf enhancement for UTF-8
Reduce some duplicate code.
Reference:
https://www.illumos.org/issues/628
Obtained from: Illumos
|
| |
|
|
|
| |
Note that most errors are possible for all syscalls from utimes(2)
family. Minor wording corrections.
|
| | |
|
| |
|
|
|
| |
Merge intermediate OpenBSD v1.25 changes (almost identical to ours)
to reduce diff and bump OpenBSD patch level to v1.26.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
getopt(3): recognize option:: as GNU extension for "optional options".
Also ANSIfy a function declaration.
While here update the OpenBSD patch level in getopt_long.c as we
already have the corresponding change.
Obtained from: NetBSD
MFC after: 2 weeks
|
| |
|
|
| |
PR: 191382
|
| |
|
|
|
|
|
| |
- Exclude loopback address rather than loopback interface.
- style(9)
Spotted by: melifaro
|
