diff options
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/bhyve/fwctl.c | 29 | ||||
-rw-r--r-- | usr.sbin/bhyve/iov.c | 57 | ||||
-rw-r--r-- | usr.sbin/bhyve/iov.h | 13 | ||||
-rw-r--r-- | usr.sbin/bhyve/pci_virtio_scsi.c | 30 | ||||
-rw-r--r-- | usr.sbin/boot0cfg/boot0cfg.c | 12 | ||||
-rw-r--r-- | usr.sbin/ctld/kernel.c | 12 | ||||
-rw-r--r-- | usr.sbin/etcupdate/etcupdate.8 | 3 | ||||
-rw-r--r-- | usr.sbin/fstyp/ufs.c | 2 | ||||
-rw-r--r-- | usr.sbin/iscsid/iscsid.c | 12 | ||||
-rw-r--r-- | usr.sbin/jail/jail.8 | 4 | ||||
-rw-r--r-- | usr.sbin/mergemaster/mergemaster.8 | 3 | ||||
-rw-r--r-- | usr.sbin/mountd/mountd.c | 9 | ||||
-rw-r--r-- | usr.sbin/newsyslog/newsyslog.c | 22 | ||||
-rw-r--r-- | usr.sbin/nscd/nscdcli.c | 31 | ||||
-rw-r--r-- | usr.sbin/nscd/query.c | 43 | ||||
-rw-r--r-- | usr.sbin/quot/quot.c | 2 | ||||
-rwxr-xr-x | usr.sbin/unbound/setup/local-unbound-setup.sh | 8 | ||||
-rw-r--r-- | usr.sbin/wpa/Makefile.crypto | 3 | ||||
-rw-r--r-- | usr.sbin/wpa/Makefile.inc | 4 | ||||
-rw-r--r-- | usr.sbin/wpa/hostapd/Makefile | 117 | ||||
-rw-r--r-- | usr.sbin/wpa/wpa_cli/Makefile | 28 | ||||
-rw-r--r-- | usr.sbin/wpa/wpa_supplicant/Makefile | 51 |
22 files changed, 300 insertions, 195 deletions
diff --git a/usr.sbin/bhyve/fwctl.c b/usr.sbin/bhyve/fwctl.c index 00d6ef86813b..0640bc28ba2b 100644 --- a/usr.sbin/bhyve/fwctl.c +++ b/usr.sbin/bhyve/fwctl.c @@ -79,8 +79,8 @@ static u_int ident_idx; struct op_info { int op; - int (*op_start)(int len); - void (*op_data)(uint32_t data, int len); + int (*op_start)(uint32_t len); + void (*op_data)(uint32_t data, uint32_t len); int (*op_result)(struct iovec **data); void (*op_done)(struct iovec *data); }; @@ -119,7 +119,7 @@ errop_set(int err) } static int -errop_start(int len) +errop_start(uint32_t len) { errop_code = ENOENT; @@ -128,7 +128,7 @@ errop_start(int len) } static void -errop_data(uint32_t data, int len) +errop_data(uint32_t data, uint32_t len) { /* ignore */ @@ -188,7 +188,7 @@ static int fget_cnt; static size_t fget_size; static int -fget_start(int len) +fget_start(uint32_t len) { if (len > FGET_STRSZ) @@ -200,7 +200,7 @@ fget_start(int len) } static void -fget_data(uint32_t data, int len) +fget_data(uint32_t data, uint32_t len) { *((uint32_t *) &fget_str[fget_cnt]) = data; @@ -285,8 +285,8 @@ static struct req_info { struct op_info *req_op; int resp_error; int resp_count; - int resp_size; - int resp_off; + size_t resp_size; + size_t resp_off; struct iovec *resp_biov; } rinfo; @@ -346,13 +346,14 @@ fwctl_request_start(void) static int fwctl_request_data(uint32_t value) { - int remlen; /* Make sure remaining size is >= 0 */ - rinfo.req_size -= sizeof(uint32_t); - remlen = MAX(rinfo.req_size, 0); + if (rinfo.req_size <= sizeof(uint32_t)) + rinfo.req_size = 0; + else + rinfo.req_size -= sizeof(uint32_t); - (*rinfo.req_op->op_data)(value, remlen); + (*rinfo.req_op->op_data)(value, rinfo.req_size); if (rinfo.req_size < sizeof(uint32_t)) { fwctl_request_done(); @@ -401,7 +402,7 @@ static int fwctl_response(uint32_t *retval) { uint32_t *dp; - int remlen; + ssize_t remlen; switch(rinfo.resp_count) { case 0: @@ -436,7 +437,7 @@ fwctl_response(uint32_t *retval) } if (rinfo.resp_count > 3 && - rinfo.resp_size - rinfo.resp_off <= 0) { + rinfo.resp_off >= rinfo.resp_size) { fwctl_response_done(); return (1); } diff --git a/usr.sbin/bhyve/iov.c b/usr.sbin/bhyve/iov.c index c564bd8ae50f..54ea22aa9498 100644 --- a/usr.sbin/bhyve/iov.c +++ b/usr.sbin/bhyve/iov.c @@ -2,6 +2,7 @@ * SPDX-License-Identifier: BSD-2-Clause-FreeBSD * * Copyright (c) 2016 Jakub Klama <jceel@FreeBSD.org>. + * Copyright (c) 2018 Alexander Motin <mav@FreeBSD.org> * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -39,12 +40,12 @@ __FBSDID("$FreeBSD$"); #include "iov.h" void -seek_iov(struct iovec *iov1, size_t niov1, struct iovec *iov2, size_t *niov2, +seek_iov(const struct iovec *iov1, int niov1, struct iovec *iov2, int *niov2, size_t seek) { size_t remainder = 0; size_t left = seek; - size_t i, j; + int i, j; for (i = 0; i < niov1; i++) { size_t toseek = MIN(left, iov1[i].iov_len); @@ -69,9 +70,10 @@ seek_iov(struct iovec *iov1, size_t niov1, struct iovec *iov2, size_t *niov2, } size_t -count_iov(struct iovec *iov, size_t niov) +count_iov(const struct iovec *iov, int niov) { - size_t i, total = 0; + size_t total = 0; + int i; for (i = 0; i < niov; i++) total += iov[i].iov_len; @@ -79,35 +81,36 @@ count_iov(struct iovec *iov, size_t niov) return (total); } -size_t -truncate_iov(struct iovec *iov, size_t niov, size_t length) +void +truncate_iov(struct iovec *iov, int *niov, size_t length) { - size_t i, done = 0; + size_t done = 0; + int i; - for (i = 0; i < niov; i++) { + for (i = 0; i < *niov; i++) { size_t toseek = MIN(length - done, iov[i].iov_len); done += toseek; - if (toseek < iov[i].iov_len) { + if (toseek <= iov[i].iov_len) { iov[i].iov_len = toseek; - return (i + 1); + *niov = i + 1; + return; } } - - return (niov); } ssize_t -iov_to_buf(struct iovec *iov, size_t niov, void **buf) +iov_to_buf(const struct iovec *iov, int niov, void **buf) { - size_t i, ptr = 0, total = 0; + size_t ptr, total; + int i; - for (i = 0; i < niov; i++) { - total += iov[i].iov_len; - *buf = realloc(*buf, total); - if (*buf == NULL) - return (-1); + total = count_iov(iov, niov); + *buf = realloc(*buf, total); + if (*buf == NULL) + return (-1); + for (i = 0, ptr = 0; i < niov; i++) { memcpy(*buf + ptr, iov[i].iov_base, iov[i].iov_len); ptr += iov[i].iov_len; } @@ -116,12 +119,12 @@ iov_to_buf(struct iovec *iov, size_t niov, void **buf) } ssize_t -buf_to_iov(void *buf, size_t buflen, struct iovec *iov, size_t niov, +buf_to_iov(const void *buf, size_t buflen, struct iovec *iov, int niov, size_t seek) { struct iovec *diov; - size_t ndiov, i; - uintptr_t off = 0; + int ndiov, i; + size_t off = 0, len; if (seek > 0) { diov = malloc(sizeof(struct iovec) * niov); @@ -131,11 +134,15 @@ buf_to_iov(void *buf, size_t buflen, struct iovec *iov, size_t niov, ndiov = niov; } - for (i = 0; i < ndiov; i++) { - memcpy(diov[i].iov_base, buf + off, diov[i].iov_len); - off += diov[i].iov_len; + for (i = 0; i < ndiov && off < buflen; i++) { + len = MIN(diov[i].iov_len, buflen - off); + memcpy(diov[i].iov_base, buf + off, len); + off += len; } + if (seek > 0) + free(diov); + return ((ssize_t)off); } diff --git a/usr.sbin/bhyve/iov.h b/usr.sbin/bhyve/iov.h index 87fa4c1dcfe6..e3b5916edb10 100644 --- a/usr.sbin/bhyve/iov.h +++ b/usr.sbin/bhyve/iov.h @@ -2,6 +2,7 @@ * SPDX-License-Identifier: BSD-2-Clause-FreeBSD * * Copyright (c) 2016 Jakub Klama <jceel@FreeBSD.org>. + * Copyright (c) 2018 Alexander Motin <mav@FreeBSD.org> * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -32,12 +33,12 @@ #ifndef _IOV_H_ #define _IOV_H_ -void seek_iov(struct iovec *iov1, size_t niov1, struct iovec *iov2, - size_t *niov2, size_t seek); -size_t truncate_iov(struct iovec *iov, size_t niov, size_t length); -size_t count_iov(struct iovec *iov, size_t niov); -ssize_t iov_to_buf(struct iovec *iov, size_t niov, void **buf); -ssize_t buf_to_iov(void *buf, size_t buflen, struct iovec *iov, size_t niov, +void seek_iov(const struct iovec *iov1, int niov1, struct iovec *iov2, + int *niov2, size_t seek); +void truncate_iov(struct iovec *iov, int *niov, size_t length); +size_t count_iov(const struct iovec *iov, int niov); +ssize_t iov_to_buf(const struct iovec *iov, int niov, void **buf); +ssize_t buf_to_iov(const void *buf, size_t buflen, struct iovec *iov, int niov, size_t seek); #endif /* _IOV_H_ */ diff --git a/usr.sbin/bhyve/pci_virtio_scsi.c b/usr.sbin/bhyve/pci_virtio_scsi.c index aa906bb8545c..531073ffd6a3 100644 --- a/usr.sbin/bhyve/pci_virtio_scsi.c +++ b/usr.sbin/bhyve/pci_virtio_scsi.c @@ -389,7 +389,7 @@ pci_vtscsi_tmf_handle(struct pci_vtscsi_softc *sc, ctl_scsi_zero_io(io); io->io_hdr.io_type = CTL_IO_TASK; - io->io_hdr.nexus.targ_port = tmf->lun[1]; + io->io_hdr.nexus.initid = sc->vss_iid; io->io_hdr.nexus.targ_lun = pci_vtscsi_get_lun(tmf->lun); io->taskio.tag_type = CTL_TAG_SIMPLE; io->taskio.tag_num = (uint32_t)tmf->id; @@ -462,7 +462,7 @@ pci_vtscsi_request_handle(struct pci_vtscsi_queue *q, struct iovec *iov_in, struct pci_vtscsi_req_cmd_wr *cmd_wr; struct iovec data_iov_in[VTSCSI_MAXSEG], data_iov_out[VTSCSI_MAXSEG]; union ctl_io *io; - size_t data_niov_in, data_niov_out; + int data_niov_in, data_niov_out; void *ext_data_ptr = NULL; uint32_t ext_data_len = 0, ext_sg_entries = 0; int err; @@ -472,15 +472,15 @@ pci_vtscsi_request_handle(struct pci_vtscsi_queue *q, struct iovec *iov_in, seek_iov(iov_out, niov_out, data_iov_out, &data_niov_out, VTSCSI_OUT_HEADER_LEN(sc)); - truncate_iov(iov_in, niov_in, VTSCSI_IN_HEADER_LEN(sc)); - truncate_iov(iov_out, niov_out, VTSCSI_OUT_HEADER_LEN(sc)); + truncate_iov(iov_in, &niov_in, VTSCSI_IN_HEADER_LEN(sc)); + truncate_iov(iov_out, &niov_out, VTSCSI_OUT_HEADER_LEN(sc)); iov_to_buf(iov_in, niov_in, (void **)&cmd_rd); cmd_wr = malloc(VTSCSI_OUT_HEADER_LEN(sc)); io = ctl_scsi_alloc_io(sc->vss_iid); ctl_scsi_zero_io(io); - io->io_hdr.nexus.targ_port = cmd_rd->lun[1]; + io->io_hdr.nexus.initid = sc->vss_iid; io->io_hdr.nexus.targ_lun = pci_vtscsi_get_lun(cmd_rd->lun); io->io_hdr.io_type = CTL_IO_SCSI; @@ -499,7 +499,21 @@ pci_vtscsi_request_handle(struct pci_vtscsi_queue *q, struct iovec *iov_in, io->scsiio.sense_len = sc->vss_config.sense_size; io->scsiio.tag_num = (uint32_t)cmd_rd->id; - io->scsiio.tag_type = CTL_TAG_SIMPLE; + switch (cmd_rd->task_attr) { + case VIRTIO_SCSI_S_ORDERED: + io->scsiio.tag_type = CTL_TAG_ORDERED; + break; + case VIRTIO_SCSI_S_HEAD: + io->scsiio.tag_type = CTL_TAG_HEAD_OF_QUEUE; + break; + case VIRTIO_SCSI_S_ACA: + io->scsiio.tag_type = CTL_TAG_ACA; + break; + case VIRTIO_SCSI_S_SIMPLE: + default: + io->scsiio.tag_type = CTL_TAG_SIMPLE; + break; + } io->scsiio.ext_sg_entries = ext_sg_entries; io->scsiio.ext_data_ptr = ext_data_ptr; io->scsiio.ext_data_len = ext_data_len; @@ -552,7 +566,8 @@ pci_vtscsi_controlq_notify(void *vsc, struct vqueue_info *vq) n = vq_getchain(vq, &idx, iov, VTSCSI_MAXSEG, NULL); bufsize = iov_to_buf(iov, n, &buf); iolen = pci_vtscsi_control_handle(sc, buf, bufsize); - buf_to_iov(buf + bufsize - iolen, iolen, iov, n, iolen); + buf_to_iov(buf + bufsize - iolen, iolen, iov, n, + bufsize - iolen); /* * Release this chain and handle more @@ -560,6 +575,7 @@ pci_vtscsi_controlq_notify(void *vsc, struct vqueue_info *vq) vq_relchain(vq, idx, iolen); } vq_endchains(vq, 1); /* Generate interrupt if appropriate. */ + free(buf); } static void diff --git a/usr.sbin/boot0cfg/boot0cfg.c b/usr.sbin/boot0cfg/boot0cfg.c index 501283d28471..f6f12c0bd58b 100644 --- a/usr.sbin/boot0cfg/boot0cfg.c +++ b/usr.sbin/boot0cfg/boot0cfg.c @@ -100,7 +100,7 @@ static const char fmt1[] = "%d 0x%02x %4u:%3u:%2u 0x%02x" static int geom_class_available(const char *); static int read_mbr(const char *, u_int8_t **, int); -static void write_mbr(const char *, int, u_int8_t *, int); +static void write_mbr(const char *, int, u_int8_t *, int, int); static void display_mbr(u_int8_t *); static int boot0version(const u_int8_t *); static int boot0bs(const u_int8_t *); @@ -200,7 +200,7 @@ main(int argc, char *argv[]) /* save the existing MBR if we are asked to do so */ if (fpath) - write_mbr(fpath, O_CREAT | O_TRUNC, mbr, mbr_size); + write_mbr(fpath, O_CREAT | O_TRUNC, mbr, mbr_size, 0); /* * If we are installing the boot loader, read it from disk and copy the @@ -256,7 +256,7 @@ main(int argc, char *argv[]) } /* write the MBR back to disk */ if (up) - write_mbr(disk, 0, boot0, boot0_size); + write_mbr(disk, 0, boot0, boot0_size, vol_id[4] || b0_ver == 1); /* display the MBR */ if (v_flag) @@ -372,7 +372,8 @@ geom_class_available(const char *name) * Write out the mbr to the specified file. */ static void -write_mbr(const char *fname, int flags, u_int8_t *mbr, int mbr_size) +write_mbr(const char *fname, int flags, u_int8_t *mbr, int mbr_size, + int disable_dsn) { struct gctl_req *grq; const char *errmsg; @@ -417,6 +418,9 @@ write_mbr(const char *fname, int flags, u_int8_t *mbr, int mbr_size) gctl_ro_param(grq, "verb", -1, "bootcode"); gctl_ro_param(grq, "bootcode", mbr_size, mbr); gctl_ro_param(grq, "flags", -1, "C"); + if (disable_dsn) + gctl_ro_param(grq, "skip_dsn", sizeof(int), + &disable_dsn); errmsg = gctl_issue(grq); if (errmsg != NULL && errmsg[0] != '\0') errx(1, "GEOM_PART: write bootcode to %s failed: %s", diff --git a/usr.sbin/ctld/kernel.c b/usr.sbin/ctld/kernel.c index 166025f4587e..4da7c05f1e66 100644 --- a/usr.sbin/ctld/kernel.c +++ b/usr.sbin/ctld/kernel.c @@ -52,6 +52,7 @@ __FBSDID("$FreeBSD$"); #include <sys/stat.h> #include <assert.h> #include <bsdxml.h> +#include <capsicum_helpers.h> #include <ctype.h> #include <errno.h> #include <fcntl.h> @@ -1313,22 +1314,17 @@ kernel_receive(struct pdu *pdu) void kernel_capsicate(void) { - int error; cap_rights_t rights; const unsigned long cmds[] = { CTL_ISCSI }; cap_rights_init(&rights, CAP_IOCTL); - error = cap_rights_limit(ctl_fd, &rights); - if (error != 0 && errno != ENOSYS) + if (caph_rights_limit(ctl_fd, &rights) < 0) log_err(1, "cap_rights_limit"); - error = cap_ioctls_limit(ctl_fd, cmds, nitems(cmds)); - - if (error != 0 && errno != ENOSYS) + if (caph_ioctls_limit(ctl_fd, cmds, nitems(cmds)) < 0) log_err(1, "cap_ioctls_limit"); - error = cap_enter(); - if (error != 0 && errno != ENOSYS) + if (caph_enter() < 0) log_err(1, "cap_enter"); if (cap_sandboxed()) diff --git a/usr.sbin/etcupdate/etcupdate.8 b/usr.sbin/etcupdate/etcupdate.8 index 4cc5d69eb195..24afbca12951 100644 --- a/usr.sbin/etcupdate/etcupdate.8 +++ b/usr.sbin/etcupdate/etcupdate.8 @@ -25,7 +25,7 @@ .\" .\" $FreeBSD$ .\" -.Dd September 29, 2015 +.Dd November 27, 2018 .Dt ETCUPDATE 8 .Os .Sh NAME @@ -853,6 +853,7 @@ but it has been removed in the destination directory. .Xr make 1 , .Xr newaliases 1 , .Xr sh 1 , +.Xr mergemaster 8 , .Xr pwd_mkdb 8 , .Xr services_mkdb 8 , .Xr tzsetup 8 diff --git a/usr.sbin/fstyp/ufs.c b/usr.sbin/fstyp/ufs.c index 340119dada4c..4002fc89c9ee 100644 --- a/usr.sbin/fstyp/ufs.c +++ b/usr.sbin/fstyp/ufs.c @@ -50,7 +50,7 @@ fstyp_ufs(FILE *fp, char *label, size_t labelsize) { struct fs *fs; - switch (sbget(fileno(fp), &fs, -1)) { + switch (sbget(fileno(fp), &fs, STDSB)) { case 0: strlcpy(label, fs->fs_volname, labelsize); return (0); diff --git a/usr.sbin/iscsid/iscsid.c b/usr.sbin/iscsid/iscsid.c index 15dbe55927ea..aaf8f78d718b 100644 --- a/usr.sbin/iscsid/iscsid.c +++ b/usr.sbin/iscsid/iscsid.c @@ -42,6 +42,7 @@ __FBSDID("$FreeBSD$"); #include <sys/capsicum.h> #include <sys/wait.h> #include <assert.h> +#include <capsicum_helpers.h> #include <errno.h> #include <fcntl.h> #include <libutil.h> @@ -349,7 +350,6 @@ fail(const struct connection *conn, const char *reason) static void capsicate(struct connection *conn) { - int error; cap_rights_t rights; #ifdef ICL_KERNEL_PROXY const unsigned long cmds[] = { ISCSIDCONNECT, ISCSIDSEND, ISCSIDRECEIVE, @@ -360,17 +360,13 @@ capsicate(struct connection *conn) #endif cap_rights_init(&rights, CAP_IOCTL); - error = cap_rights_limit(conn->conn_iscsi_fd, &rights); - if (error != 0 && errno != ENOSYS) + if (caph_rights_limit(conn->conn_iscsi_fd, &rights) < 0) log_err(1, "cap_rights_limit"); - error = cap_ioctls_limit(conn->conn_iscsi_fd, cmds, nitems(cmds)); - - if (error != 0 && errno != ENOSYS) + if (caph_ioctls_limit(conn->conn_iscsi_fd, cmds, nitems(cmds)) < 0) log_err(1, "cap_ioctls_limit"); - error = cap_enter(); - if (error != 0 && errno != ENOSYS) + if (caph_enter() != 0) log_err(1, "cap_enter"); if (cap_sandboxed()) diff --git a/usr.sbin/jail/jail.8 b/usr.sbin/jail/jail.8 index 4018513aa9bf..36122182d82a 100644 --- a/usr.sbin/jail/jail.8 +++ b/usr.sbin/jail/jail.8 @@ -25,7 +25,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 10, 2018 +.Dd November 27, 2018 .Dt JAIL 8 .Os .Sh NAME @@ -582,6 +582,8 @@ memory subject to and resource limits. .It Va allow.reserved_ports The jail root may bind to ports lower than 1024. +.It Va allow.unprivileged_proc_debug +Unprivileged processes in the jail may use debugging facilities. .El .El .Pp diff --git a/usr.sbin/mergemaster/mergemaster.8 b/usr.sbin/mergemaster/mergemaster.8 index b37b173d3c67..b76799e39cd5 100644 --- a/usr.sbin/mergemaster/mergemaster.8 +++ b/usr.sbin/mergemaster/mergemaster.8 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd August 8, 2018 +.Dd November 27, 2018 .Dt MERGEMASTER 8 .Os .Sh NAME @@ -453,6 +453,7 @@ comparison, use: .Xr make 1 , .Xr less 1 , .Xr sdiff 1 , +.Xr etcupdate 8 , .Xr pwd_mkdb 8 .Pp .Pa /usr/src/etc/Makefile diff --git a/usr.sbin/mountd/mountd.c b/usr.sbin/mountd/mountd.c index 1a10e9dc1c60..03a084dec033 100644 --- a/usr.sbin/mountd/mountd.c +++ b/usr.sbin/mountd/mountd.c @@ -1026,8 +1026,13 @@ mntsrv(struct svc_req *rqstp, SVCXPRT *transp) syslog(LOG_ERR, "request from unknown address family"); return; } - lookup_failed = getnameinfo(saddr, saddr->sa_len, host, sizeof host, - NULL, 0, 0); + switch (rqstp->rq_proc) { + case MOUNTPROC_MNT: + case MOUNTPROC_UMNT: + case MOUNTPROC_UMNTALL: + lookup_failed = getnameinfo(saddr, saddr->sa_len, host, + sizeof host, NULL, 0, 0); + } getnameinfo(saddr, saddr->sa_len, numerichost, sizeof numerichost, NULL, 0, NI_NUMERICHOST); switch (rqstp->rq_proc) { diff --git a/usr.sbin/newsyslog/newsyslog.c b/usr.sbin/newsyslog/newsyslog.c index b292dc641f16..07fa2439ede9 100644 --- a/usr.sbin/newsyslog/newsyslog.c +++ b/usr.sbin/newsyslog/newsyslog.c @@ -2426,6 +2426,7 @@ age_old_log(const char *file) const char *logfile_suffix; static unsigned int suffix_maxlen = 0; char *tmp; + size_t tmpsiz; time_t mtime; int c; @@ -2435,33 +2436,34 @@ age_old_log(const char *file) strlen(compress_type[c].suffix)); } - tmp = alloca(MAXPATHLEN + sizeof(".0") + suffix_maxlen + 1); + tmpsiz = MAXPATHLEN + sizeof(".0") + suffix_maxlen + 1; + tmp = alloca(tmpsiz); if (archtodir) { char *p; /* build name of archive directory into tmp */ if (*archdirname == '/') { /* absolute */ - strlcpy(tmp, archdirname, sizeof(tmp)); + strlcpy(tmp, archdirname, tmpsiz); } else { /* relative */ /* get directory part of logfile */ - strlcpy(tmp, file, sizeof(tmp)); + strlcpy(tmp, file, tmpsiz); if ((p = strrchr(tmp, '/')) == NULL) tmp[0] = '\0'; else *(p + 1) = '\0'; - strlcat(tmp, archdirname, sizeof(tmp)); + strlcat(tmp, archdirname, tmpsiz); } - strlcat(tmp, "/", sizeof(tmp)); + strlcat(tmp, "/", tmpsiz); /* get filename part of logfile */ if ((p = strrchr(file, '/')) == NULL) - strlcat(tmp, file, sizeof(tmp)); + strlcat(tmp, file, tmpsiz); else - strlcat(tmp, p + 1, sizeof(tmp)); + strlcat(tmp, p + 1, tmpsiz); } else { - (void) strlcpy(tmp, file, sizeof(tmp)); + (void) strlcpy(tmp, file, tmpsiz); } if (timefnamefmt != NULL) { @@ -2469,11 +2471,11 @@ age_old_log(const char *file) if (mtime == -1) return (-1); } else { - strlcat(tmp, ".0", sizeof(tmp)); + strlcat(tmp, ".0", tmpsiz); logfile_suffix = get_logfile_suffix(tmp); if (logfile_suffix == NULL) return (-1); - (void) strlcat(tmp, logfile_suffix, sizeof(tmp)); + (void) strlcat(tmp, logfile_suffix, tmpsiz); if (stat(tmp, &sb) < 0) return (-1); mtime = sb.st_mtime; diff --git a/usr.sbin/nscd/nscdcli.c b/usr.sbin/nscd/nscdcli.c index 4cbcd79c9fe7..326acfae7dea 100644 --- a/usr.sbin/nscd/nscdcli.c +++ b/usr.sbin/nscd/nscdcli.c @@ -130,44 +130,41 @@ safe_read(struct nscd_connection_ *connection, void *data, size_t data_size) static int send_credentials(struct nscd_connection_ *connection, int type) { + union { + struct cmsghdr hdr; + char pad[CMSG_SPACE(sizeof(struct cmsgcred))]; + } cmsg; + struct msghdr mhdr; + struct iovec iov; struct kevent eventlist; int nevents; ssize_t result; int res; - struct msghdr cred_hdr; - struct iovec iov; - - union { - struct cmsghdr hdr; - char cred[CMSG_SPACE(sizeof(struct cmsgcred))]; - } cmsg; - TRACE_IN(send_credentials); memset(&cmsg, 0, sizeof(cmsg)); cmsg.hdr.cmsg_len = CMSG_LEN(sizeof(struct cmsgcred)); cmsg.hdr.cmsg_level = SOL_SOCKET; cmsg.hdr.cmsg_type = SCM_CREDS; - memset(&cred_hdr, 0, sizeof(struct msghdr)); - cred_hdr.msg_iov = &iov; - cred_hdr.msg_iovlen = 1; - cred_hdr.msg_control = &cmsg; - cred_hdr.msg_controllen = CMSG_SPACE(sizeof(struct cmsgcred)); + memset(&mhdr, 0, sizeof(mhdr)); + mhdr.msg_iov = &iov; + mhdr.msg_iovlen = 1; + mhdr.msg_control = &cmsg; + mhdr.msg_controllen = CMSG_SPACE(sizeof(struct cmsgcred)); iov.iov_base = &type; iov.iov_len = sizeof(int); EV_SET(&eventlist, connection->sockfd, EVFILT_WRITE, EV_ADD, - NOTE_LOWAT, sizeof(int), NULL); + NOTE_LOWAT, sizeof(int), NULL); res = kevent(connection->write_queue, &eventlist, 1, NULL, 0, NULL); nevents = kevent(connection->write_queue, NULL, 0, &eventlist, 1, NULL); if ((nevents == 1) && (eventlist.filter == EVFILT_WRITE)) { - result = (sendmsg(connection->sockfd, &cred_hdr, 0) == -1) ? -1 - : 0; + result = sendmsg(connection->sockfd, &mhdr, 0) == -1 ? -1 : 0; EV_SET(&eventlist, connection->sockfd, EVFILT_WRITE, EV_ADD, - 0, 0, NULL); + 0, 0, NULL); kevent(connection->write_queue, &eventlist, 1, NULL, 0, NULL); TRACE_OUT(send_credentials); return (result); diff --git a/usr.sbin/nscd/query.c b/usr.sbin/nscd/query.c index db7992b32c58..a7737c0ea9aa 100644 --- a/usr.sbin/nscd/query.c +++ b/usr.sbin/nscd/query.c @@ -155,38 +155,37 @@ clear_config_entry_part(struct configuration_entry *config_entry, static int on_query_startup(struct query_state *qstate) { - struct msghdr cred_hdr; - struct iovec iov; - struct cmsgcred *cred; - int elem_type; - union { - struct cmsghdr hdr; - char cred[CMSG_SPACE(sizeof(struct cmsgcred))]; + struct cmsghdr hdr; + char pad[CMSG_SPACE(sizeof(struct cmsgcred))]; } cmsg; + struct msghdr mhdr; + struct iovec iov; + struct cmsgcred *cred; + int elem_type; TRACE_IN(on_query_startup); assert(qstate != NULL); - memset(&cred_hdr, 0, sizeof(struct msghdr)); - cred_hdr.msg_iov = &iov; - cred_hdr.msg_iovlen = 1; - cred_hdr.msg_control = &cmsg; - cred_hdr.msg_controllen = CMSG_SPACE(sizeof(struct cmsgcred)); + memset(&mhdr, 0, sizeof(mhdr)); + mhdr.msg_iov = &iov; + mhdr.msg_iovlen = 1; + mhdr.msg_control = &cmsg; + mhdr.msg_controllen = sizeof(cmsg); - memset(&iov, 0, sizeof(struct iovec)); + memset(&iov, 0, sizeof(iov)); iov.iov_base = &elem_type; - iov.iov_len = sizeof(int); + iov.iov_len = sizeof(elem_type); - if (recvmsg(qstate->sockfd, &cred_hdr, 0) == -1) { + if (recvmsg(qstate->sockfd, &mhdr, 0) == -1) { TRACE_OUT(on_query_startup); return (-1); } - if (cred_hdr.msg_controllen < CMSG_LEN(sizeof(struct cmsgcred)) - || cmsg.hdr.cmsg_len < CMSG_LEN(sizeof(struct cmsgcred)) - || cmsg.hdr.cmsg_level != SOL_SOCKET - || cmsg.hdr.cmsg_type != SCM_CREDS) { + if (mhdr.msg_controllen != CMSG_SPACE(sizeof(struct cmsgcred)) || + cmsg.hdr.cmsg_len != CMSG_LEN(sizeof(struct cmsgcred)) || + cmsg.hdr.cmsg_level != SOL_SOCKET || + cmsg.hdr.cmsg_type != SCM_CREDS) { TRACE_OUT(on_query_startup); return (-1); } @@ -206,9 +205,9 @@ on_query_startup(struct query_state *qstate) return (-1); #else if ((elem_type != CET_READ_REQUEST) && - (elem_type != CET_MP_READ_SESSION_REQUEST) && - (elem_type != CET_WRITE_REQUEST) && - (elem_type != CET_MP_WRITE_SESSION_REQUEST)) { + (elem_type != CET_MP_READ_SESSION_REQUEST) && + (elem_type != CET_WRITE_REQUEST) && + (elem_type != CET_MP_WRITE_SESSION_REQUEST)) { TRACE_OUT(on_query_startup); return (-1); } diff --git a/usr.sbin/quot/quot.c b/usr.sbin/quot/quot.c index 348946ff7dbb..18b1e398ec09 100644 --- a/usr.sbin/quot/quot.c +++ b/usr.sbin/quot/quot.c @@ -550,7 +550,7 @@ quot(char *name, char *mp) close(fd); return; } - switch (sbget(fd, &fs, -1)) { + switch (sbget(fd, &fs, STDSB)) { case 0: break; case ENOENT: diff --git a/usr.sbin/unbound/setup/local-unbound-setup.sh b/usr.sbin/unbound/setup/local-unbound-setup.sh index 0e75112dd99b..c51145cf2312 100755 --- a/usr.sbin/unbound/setup/local-unbound-setup.sh +++ b/usr.sbin/unbound/setup/local-unbound-setup.sh @@ -218,7 +218,7 @@ gen_forward_conf() { if [ "${use_tls}" = "yes" ] ; then echo " forward-tls-upstream: yes" sed -nE \ - -e "s/^(${RE_forward_tls})$/ forward-addr: \\1/p" + -e "s/^${RE_forward_tls}\$/ forward-addr: \\1/p" else sed -nE \ -e "s/^${RE_forward_addr}\$/ forward-addr: \\1/p" \ @@ -411,8 +411,10 @@ main() { style=recursing ;; "") - echo "Extracting forwarders from ${resolv_conf}." - forwarders=$(get_nameservers <"${D}${resolv_conf}") + if [ -f "${D}${resolv_conf}" ] ; then + echo "Extracting forwarders from ${resolv_conf}." + forwarders=$(get_nameservers <"${D}${resolv_conf}") + fi style=dynamic ;; *) diff --git a/usr.sbin/wpa/Makefile.crypto b/usr.sbin/wpa/Makefile.crypto index 5c03f7d21d0e..a5a721417715 100644 --- a/usr.sbin/wpa/Makefile.crypto +++ b/usr.sbin/wpa/Makefile.crypto @@ -21,6 +21,7 @@ CONFIG_INTERNAL_DH=y NEED_AES_ENC=true NEED_AES_CBC=true .endif +NEED_AES_OMAC1=true .if defined(TLS_FUNCS) NEED_TLS_PRF=y @@ -49,7 +50,7 @@ NEED_MD4=y NEED_RC4=y .else CFLAGS+=-DEAP_TLS_OPENSSL -SRCS+= tls_openssl.c +SRCS+= tls_openssl.c tls_openssl_ocsp.c .endif .endif diff --git a/usr.sbin/wpa/Makefile.inc b/usr.sbin/wpa/Makefile.inc index ebde81533cef..af957ff4f3c4 100644 --- a/usr.sbin/wpa/Makefile.inc +++ b/usr.sbin/wpa/Makefile.inc @@ -7,13 +7,10 @@ WPA_SUPPLICANT_DISTDIR?=${WPA_DISTDIR}/wpa_supplicant HOSTAPD_DISTDIR?= ${WPA_DISTDIR}/hostapd .PATH.c:${.CURDIR:H} \ - ${WPA_DISTDIR}/src/ap \ ${WPA_DISTDIR}/src/common \ ${WPA_DISTDIR}/src/crypto \ ${WPA_DISTDIR}/src/eapol_auth \ ${WPA_DISTDIR}/src/eap_common \ - ${WPA_DISTDIR}/src/eap_peer \ - ${WPA_DISTDIR}/src/eap_server \ ${WPA_DISTDIR}/src/eapol_supp \ ${WPA_DISTDIR}/src/l2_packet \ ${WPA_DISTDIR}/src/radius \ @@ -35,5 +32,6 @@ CFLAGS+=-I${WPA_DISTDIR}/src/wps CFLAGS+= -DCONFIG_CTRL_IFACE CFLAGS+= -DCONFIG_CTRL_IFACE_UNIX CFLAGS+= -DNEED_AP_MLME +CFLAGS+= -DTLS_DEFAULT_CIPHERS=\"$(CONFIG_TLS_DEFAULT_CIPHERS)\" .include <bsd.own.mk> diff --git a/usr.sbin/wpa/hostapd/Makefile b/usr.sbin/wpa/hostapd/Makefile index 63200fe72d8b..eace6cb74d3a 100644 --- a/usr.sbin/wpa/hostapd/Makefile +++ b/usr.sbin/wpa/hostapd/Makefile @@ -4,33 +4,90 @@ .include "../Makefile.inc" .PATH.c:${HOSTAPD_DISTDIR} \ - ${WPA_DISTDIR}/src/drivers + ${WPA_DISTDIR}/src/ap \ + ${WPA_DISTDIR}/src/eap_server \ + ${WPA_DISTDIR}/src/eap_peer \ + ${WPA_DISTDIR}/src/drivers \ + ${WPA_DISTDIR}/wpa_supplicant PROG= hostapd -SRCS= accounting.c aes-omac1.c ap_config.c ap_drv_ops.c ap_list.c \ - ap_mlme.c authsrv.c \ - base64.c beacon.c bss_load.c chap.c common.c config_file.c \ +SRCS= accounting.c \ + ap_config.c \ + ap_drv_ops.c \ + ap_list.c \ + ap_mlme.c \ + authsrv.c \ + base64.c \ + beacon.c \ + bss_load.c \ + chap.c \ + common.c \ + config_file.c \ ctrl_iface.c \ - ctrl_iface_ap.c ctrl_iface_common.c dfs.c \ - driver_common.c l2_packet_freebsd.c driver_bsd.c \ - drivers.c drv_callbacks.c eap_common.c eap_peap_common.c \ - eap_register.c eap_server.c eap_server_methods.c eap_user_db.c \ - eapol_auth_dump.c eapol_auth_sm.c eloop.c gas.c gas_serv.c hostapd.c \ - hs20.c http_client.c http_server.c httpread.c \ - hw_features.c hw_features_common.c \ - ieee802_11.c ieee802_11_auth.c ieee802_11_common.c \ - ieee802_11_shared.c ieee802_1x.c \ + ctrl_iface_ap.c \ + ctrl_iface_common.c \ + dfs.c \ + driver_bsd.c \ + driver_common.c \ + drivers.c \ + drv_callbacks.c \ + eloop.c \ + gas.c \ + gas_serv.c \ + http_client.c \ + http_server.c \ + httpread.c \ + hostapd.c \ + hs20.c \ + hw_features.c \ + hw_features_common.c \ + ieee802_11.c \ + ieee802_11_auth.c \ + ieee802_11_common.c \ + ieee802_11_shared.c \ + ieee802_1x.c \ ip_addr.c \ - main.c ms_funcs.c neighbor_db.c \ - os_unix.c peerkey_auth.c pmksa_cache_auth.c \ - preauth_auth.c radius.c radius_client.c radius_das.c rrm.c sta_info.c \ - tkip_countermeasures.c upnp_xml.c utils.c uuid.c \ - vlan.c vlan_ifconfig.c vlan_init.c wmm.c \ - wpa_auth.c wpa_auth_glue.c wpa_auth_ie.c wpa_common.c wpa_debug.c \ - wpabuf.c wps.c wps_attr_build.c wps_attr_parse.c wps_attr_process.c \ - wps_common.c wps_dev_attr.c wps_enrollee.c wps_hostapd.c \ - wps_registrar.c wps_upnp.c wps_upnp_ap.c wps_upnp_event.c \ - wps_upnp_ssdp.c wps_upnp_web.c + l2_packet_freebsd.c \ + main.c \ + ms_funcs.c \ + neighbor_db.c \ + os_unix.c \ + pmksa_cache_auth.c \ + preauth_auth.c \ + radius.c \ + radius_client.c \ + radius_das.c \ + rrm.c \ + sta_info.c \ + tkip_countermeasures.c \ + upnp_xml.c \ + utils.c \ + uuid.c \ + vlan.c \ + vlan_ifconfig.c \ + vlan_init.c \ + wmm.c \ + wpa_auth.c \ + wpa_auth_glue.c \ + wpa_auth_ie.c \ + wpa_common.c \ + wpa_ctrl.c \ + wpa_debug.c \ + wpabuf.c \ + wps.c \ + wps_attr_build.c \ + wps_attr_process.c \ + wps_attr_parse.c \ + wps_common.c \ + wps_dev_attr.c \ + wps_enrollee.c \ + wps_hostapd.c \ + wps_registrar.c \ + wps_upnp.c \ + wps_upnp_ap.c \ + wps_upnp_event.c \ + wps_upnp_ssdp.c \ + wps_upnp_web.c MAN= hostapd.8 hostapd.conf.5 @@ -40,7 +97,9 @@ FILESDIR= ${SHAREDIR}/examples/hostapd FILES= hostapd.conf hostapd.eap_user hostapd.wpa_psk .endif -CFLAGS+=-DCONFIG_DRIVER_BSD \ +CFLAGS+=-I${.CURDIR:H}/wpa_supplicant \ + -I${WPA_DISTDIR}/src/eap_peer \ + -DCONFIG_DRIVER_BSD \ -DCONFIG_DRIVER_RADIUS_ACL \ -DCONFIG_HS20 \ -DCONFIG_INTERWORKING \ @@ -75,15 +134,23 @@ CFLAGS+=-DDPKCS12_FUNCS \ -DEAP_TLS_FUNCS SRCS+= eap_server_gtc.c \ + eap_common.c \ + eap_peap_common.c \ + eap_register.c \ + eap_server.c \ eap_server_identity.c \ eap_server_md5.c \ + eap_server_methods.c \ eap_server_mschapv2.c \ eap_server_peap.c \ eap_server_tls.c \ eap_server_tls_common.c \ eap_server_ttls.c \ eap_server_wsc.c \ - eap_wsc_common.c + eap_user_db.c \ + eap_wsc_common.c \ + eapol_auth_dump.c \ + eapol_auth_sm.c TLS_FUNCS=y .if !empty(CFLAGS:M*-DCONFIG_WPS) diff --git a/usr.sbin/wpa/wpa_cli/Makefile b/usr.sbin/wpa/wpa_cli/Makefile index e90d69f21acb..f6db85ee989e 100644 --- a/usr.sbin/wpa/wpa_cli/Makefile +++ b/usr.sbin/wpa/wpa_cli/Makefile @@ -1,21 +1,41 @@ # $FreeBSD$ +.include <src.opts.mk> + .include "../Makefile.inc" -.PATH.c:${WPA_SUPPLICANT_DISTDIR} +.PATH.c:${WPA_SUPPLICANT_DISTDIR} \ + ${WPA_DISTDIR}/wpa_supplicant \ + ${WPA_DISTDIR}/src/eap_peer \ + ${WPA_DISTDIR}/src/drivers PROG= wpa_cli -SRCS= cli.c common.c edit.c eloop.c os_unix.c wpa_cli.c \ - wpa_ctrl.c wpa_debug.c +SRCS= base64.c bitfield.c blacklist.c bss.c cli.c common.c config.c \ + config_file.c \ + ctrl_iface.c ctrl_iface_common.c ctrl_iface_unix.c \ + drivers.c driver_common.c \ + eap_register.c \ + edit.c eloop.c events.c hw_features_common.c \ + ieee802_11_common.c l2_packet_freebsd.c notify.c \ + op_classes.c \ + os_unix.c rrm.c scan.c wmm_ac.c \ + wpa.c wpa_cli.c \ + wpa_ctrl.c wpa_common.c \ + wpa_debug.c wpa_ie.c wpa_supplicant.c wpabuf.c wpas_glue.c MAN= wpa_cli.8 CFLAGS+= -DCONFIG_CTRL_IFACE CFLAGS+= -DCONFIG_CTRL_IFACE_UNIX +CFLAGS+= -DCONFIG_TLS=openssl # enable use of d_type to identify unix domain sockets CFLAGS+= -D_DIRENT_HAVE_D_TYPE CFLAGS+= -DCONFIG_WPA_CLI_EDIT=y -LIBADD+= util +LIBADD+= pcap util + +TLS_FUNCS=y + +.include "../Makefile.crypto" .include <bsd.prog.mk> diff --git a/usr.sbin/wpa/wpa_supplicant/Makefile b/usr.sbin/wpa/wpa_supplicant/Makefile index bdb8fa9488bf..673e45bec20e 100644 --- a/usr.sbin/wpa/wpa_supplicant/Makefile +++ b/usr.sbin/wpa/wpa_supplicant/Makefile @@ -5,41 +5,30 @@ .include "../Makefile.inc" .PATH.c:${WPA_SUPPLICANT_DISTDIR} \ + ${WPA_DISTDIR}/src/eap_peer \ ${WPA_DISTDIR}/src/drivers PROG= wpa_supplicant -SRCS= accounting.c ap_drv_ops.c ap_config.c ap_list.c \ - ap_mlme.c \ - authsrv.c \ - base64.c beacon.c blacklist.c bss.c bss_load.c common.c config.c \ - config_file.c ctrl_iface.c ctrl_iface_common.c \ - ctrl_iface_unix.c dfs.c driver_bsd.c \ - driver_common.c driver_ndis.c driver_wired.c drivers.c \ - eap_register.c eapol_auth_sm.c eap_server_methods.c eap_server.c \ - eap_user_db.c \ - eloop.c events.c gas.c gas_query.c gas_serv.c hostapd.c hs20.c \ - hs20_supplicant.c http_client.c http_server.c httpread.c \ - hw_features.c hw_features_common.c \ - ieee802_11.c ieee802_11_auth.c ieee802_11_common.c \ - ieee802_11_shared.c ieee802_1x.c \ - interworking.c ip_addr.c l2_packet_freebsd.c main.c \ - neighbor_db.c \ - notify.c offchannel.c os_unix.c peerkey.c peerkey_auth.c \ - pmksa_cache.c \ - pmksa_cache_auth.c \ - preauth.c scan.c radius.c radius_client.c radius_das.c rrm.c \ - sta_info.c \ - tkip_countermeasures.c \ - upnp_xml.c utils.c uuid.c vlan.c vlan_ifconfig.c \ - vlan_init.c wmm.c wmm_ac.c \ - wpa.c wpa_auth.c wpa_auth_ft.c wpa_common.c wpa_debug.c \ - wpa_auth_glue.c wpa_auth_ie.c wpa_ft.c \ - wpa_ie.c wpa_supplicant.c wpabuf.c wpas_glue.c wps.c \ - wps_attr_build.c wps_attr_parse.c wps_attr_process.c \ - wps_common.c wps_dev_attr.c wps_enrollee.c wps_hostapd.c \ - wps_registrar.c \ + +SRCS= base64.c bitfield.c blacklist.c bss.c cli.c common.c \ + config.c config_file.c \ + ctrl_iface.c ctrl_iface_common.c ctrl_iface_unix.c \ + dh_groups.c driver_bsd.c driver_common.c \ + driver_ndis.c driver_wired.c driver_wired_common.c drivers.c \ + eap_register.c eap_wsc.c eap_wsc_common.c eloop.c \ + events.c gas.c gas_query.c hs20_supplicant.c \ + http_client.c http_server.c \ + httpread.c hw_features_common.c \ + ieee802_11_common.c interworking.c l2_packet_freebsd.c main.c \ + notify.c offchannel.c op_classes.c os_unix.c pmksa_cache.c preauth.c \ + rrm.c scan.c upnp_xml.c uuid.c \ + wmm_ac.c wpa.c wpa_common.c wpa_ctrl.c \ + wpa_debug.c wpa_ft.c wpa_ie.c wpa_supplicant.c wpabuf.c wpas_glue.c \ + wps.c wps_attr_build.c wps_attr_parse.c wps_attr_process.c \ + wps_common.c wps_dev_attr.c wps_enrollee.c wps_registrar.c \ wps_supplicant.c wps_upnp.c wps_upnp_ap.c wps_upnp_event.c \ - wps_upnp_ssdp.c wps_upnp_web.c Packet32.c + wps_upnp_ssdp.c wps_upnp_web.c \ + Packet32.c MAN= wpa_supplicant.8 wpa_supplicant.conf.5 |