From owner-svn-src-releng@freebsd.org  Tue May 14 22:48:42 2019
Return-Path: <owner-svn-src-releng@freebsd.org>
Delivered-To: svn-src-releng@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5BFED159AF42;
 Tue, 14 May 2019 22:48:42 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 0470E88133;
 Tue, 14 May 2019 22:48:42 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id E7D03277D8;
 Tue, 14 May 2019 22:48:41 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x4EMmfjI042359;
 Tue, 14 May 2019 22:48:41 GMT (envelope-from gordon@FreeBSD.org)
Received: (from gordon@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id x4EMmbFR042330;
 Tue, 14 May 2019 22:48:37 GMT (envelope-from gordon@FreeBSD.org)
Message-Id: <201905142248.x4EMmbFR042330@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: gordon set sender to
 gordon@FreeBSD.org using -f
From: Gordon Tetlow <gordon@FreeBSD.org>
Date: Tue, 14 May 2019 22:48:37 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-releng@freebsd.org
Subject: svn commit: r347584 - in releng: 11.2/contrib/tzdata
 12.0/contrib/tzdata
X-SVN-Group: releng
X-SVN-Commit-Author: gordon
X-SVN-Commit-Paths: in releng: 11.2/contrib/tzdata 12.0/contrib/tzdata
X-SVN-Commit-Revision: 347584
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: 0470E88133
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.96 / 15.00];
 local_wl_from(0.00)[FreeBSD.org];
 NEURAL_HAM_MEDIUM(-1.00)[-0.999,0];
 NEURAL_HAM_LONG(-1.00)[-1.000,0];
 NEURAL_HAM_SHORT(-0.96)[-0.962,0];
 ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]
X-BeenThere: svn-src-releng@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the release engineering / security commits to
 the src tree <svn-src-releng.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-releng>, 
 <mailto:svn-src-releng-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-releng/>
List-Post: <mailto:svn-src-releng@freebsd.org>
List-Help: <mailto:svn-src-releng-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-releng>,
 <mailto:svn-src-releng-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 14 May 2019 22:48:42 -0000

Author: gordon
Date: Tue May 14 22:48:36 2019
New Revision: 347584
URL: https://svnweb.freebsd.org/changeset/base/347584

Log:
  Import tzdata 2019a.
  
  Approved by:	so
  Security:	FreeBSD-EN-19:08.tzdata

Modified:
  releng/11.2/contrib/tzdata/Makefile
  releng/11.2/contrib/tzdata/NEWS
  releng/11.2/contrib/tzdata/README
  releng/11.2/contrib/tzdata/africa
  releng/11.2/contrib/tzdata/asia
  releng/11.2/contrib/tzdata/backward
  releng/11.2/contrib/tzdata/backzone
  releng/11.2/contrib/tzdata/etcetera
  releng/11.2/contrib/tzdata/europe
  releng/11.2/contrib/tzdata/leap-seconds.list
  releng/11.2/contrib/tzdata/leapseconds
  releng/11.2/contrib/tzdata/northamerica
  releng/11.2/contrib/tzdata/theory.html
  releng/11.2/contrib/tzdata/version
  releng/12.0/contrib/tzdata/Makefile
  releng/12.0/contrib/tzdata/NEWS
  releng/12.0/contrib/tzdata/README
  releng/12.0/contrib/tzdata/africa
  releng/12.0/contrib/tzdata/asia
  releng/12.0/contrib/tzdata/backward
  releng/12.0/contrib/tzdata/backzone
  releng/12.0/contrib/tzdata/etcetera
  releng/12.0/contrib/tzdata/europe
  releng/12.0/contrib/tzdata/leap-seconds.list
  releng/12.0/contrib/tzdata/leapseconds
  releng/12.0/contrib/tzdata/northamerica
  releng/12.0/contrib/tzdata/theory.html
  releng/12.0/contrib/tzdata/version

Modified: releng/11.2/contrib/tzdata/Makefile
==============================================================================
--- releng/11.2/contrib/tzdata/Makefile	Tue May 14 22:00:47 2019	(r347583)
+++ releng/11.2/contrib/tzdata/Makefile	Tue May 14 22:48:36 2019	(r347584)
@@ -12,7 +12,10 @@ VERSION=	unknown
 # Email address for bug reports.
 BUGEMAIL=	tz@iana.org
 
-# Choose source data features.  To get new features right away, use:
+# DATAFORM selects the data format.
+# Available formats represent essentially the same data, albeit
+# possibly with minor discrepancies that users are not likely to notice.
+# To get new features and the best data right away, use:
 #	DATAFORM=	vanguard
 # To wait a while before using new features, to give downstream users
 # time to upgrade zic (the default), use:
@@ -33,11 +36,11 @@ DATAFORM=		main
 LOCALTIME=	GMT
 
 # If you want something other than Eastern United States time as a template
-# for handling POSIX-style timezone environment variables,
+# for handling ruleless POSIX-style timezone environment variables,
 # change the line below (after finding the timezone you want in the
 # one of the $(TDATA) source files, or adding it to a source file).
-# When a POSIX-style environment variable is handled, the rules in the
-# template file are used to determine "spring forward" and "fall back" days and
+# A ruleless environment setting like TZ='CST6CDT' uses the rules in the
+# template file to determine "spring forward" and "fall back" days and
 # times; the environment variable itself specifies UT offsets of standard and
 # daylight saving time.
 # Alternatively, if you discover you've got the wrong timezone, you can just
@@ -46,7 +49,6 @@ LOCALTIME=	GMT
 # Use the command
 #	make zonenames
 # to get a list of the values you can use for POSIXRULES.
-# If you want POSIX compatibility, use "America/New_York".
 
 POSIXRULES=	America/New_York
 
@@ -113,8 +115,8 @@ TIME_T_ALTERNATIVES = $(TIME_T_ALTERNATIVES_HEAD) $(TI
 TIME_T_ALTERNATIVES_HEAD = int64_t
 TIME_T_ALTERNATIVES_TAIL = int32_t uint32_t uint64_t
 
-# What kind of TZif data files to generate.
-# (TZif is the binary time zone data format that zic generates.)
+# What kind of TZif data files to generate.  (TZif is the binary time
+# zone data format that zic generates; see Internet RFC 8536.)
 # If you want only POSIX time, with time values interpreted as
 # seconds since the epoch (not counting leap seconds), use
 #	REDO=		posix_only
@@ -360,6 +362,9 @@ LEAPSECONDS=
 zic=		./zic
 ZIC=		$(zic) $(ZFLAGS)
 
+# To shrink the size of installed TZif files,
+# append "-r @N" to omit data before N-seconds-after-the-Epoch.
+# See the zic man page for more about -r.
 ZFLAGS=
 
 # How to use zic to install TZif files.
@@ -491,7 +496,8 @@ MANTXTS=	newctime.3.txt newstrftime.3.txt newtzset.3.t
 COMMON=		calendars CONTRIBUTING LICENSE Makefile \
 			NEWS README theory.html version
 WEB_PAGES=	tz-art.html tz-how-to.html tz-link.html
-CHECK_WEB_PAGES=check_tz-art.html check_tz-how-to.html check_tz-link.html
+CHECK_WEB_PAGES=check_theory.html check_tz-art.html \
+			check_tz-how-to.html check_tz-link.html
 DOCS=		$(MANS) date.1 $(MANTXTS) $(WEB_PAGES)
 PRIMARY_YDATA=	africa antarctica asia australasia \
 		europe northamerica southamerica
@@ -804,9 +810,10 @@ check_tzs:	$(TZS) $(TZS_NEW)
 		touch $@
 
 check_web:	$(CHECK_WEB_PAGES)
+check_theory.html: theory.html
 check_tz-art.html: tz-art.html
 check_tz-link.html: tz-link.html
-check_tz-art.html check_tz-link.html:
+check_theory.html check_tz-art.html check_tz-link.html:
 		$(CURL) -sS --url https://validator.w3.org/nu/ -F out=gnu \
 		    -F file=@$$(expr $@ : 'check_\(.*\)') -o $@.out && \
 		  test ! -s $@.out || { cat $@.out; exit 1; }
@@ -840,11 +847,13 @@ check_zishrink_posix check_zishrink_right: \
 		touch $@
 
 clean_misc:
+		rm -fr check_*.dir
 		rm -f *.o *.out $(TIME_T_ALTERNATIVES) \
 		  check_* core typecheck_* \
 		  date tzselect version.h zdump zic yearistype libtz.a
 clean:		clean_misc
-		rm -fr *.dir *.zi tzdb-*/ $(TZS_NEW)
+		rm -fr *.dir tzdb-*/
+		rm -f *.zi $(TZS_NEW)
 
 maintainer-clean: clean
 		@echo 'This command is intended for maintainers to use; it'

Modified: releng/11.2/contrib/tzdata/NEWS
==============================================================================
--- releng/11.2/contrib/tzdata/NEWS	Tue May 14 22:00:47 2019	(r347583)
+++ releng/11.2/contrib/tzdata/NEWS	Tue May 14 22:48:36 2019	(r347584)
@@ -1,5 +1,53 @@
 News for the tz database
 
+Release 20198 - 2019-03-25 22:01:33 -0700
+
+  Briefly:
+    Palestine "springs forward" on 2019-03-30 instead of 2019-03-23.
+    Metlakatla "fell back" to rejoin Alaska Time on 2019-01-20 at 02:00.
+
+  Changes to past and future timestamps
+
+    Palestine will not start DST until 2019-03-30, instead of 2019-03-23 as
+    previously predicted.  Adjust our prediction by guessing that spring
+    transitions will be between 24 and 30 March, which matches recent practice
+    since 2016.  (Thanks to Even Scharning and Tim Parenti.)
+
+    Metlakatla ended its observance of Pacific standard time,
+    rejoining Alaska Time, on 2019-01-20 at 02:00.  (Thanks to Ryan
+    Stanley and Tim Parenti.)
+
+  Changes to past timestamps
+
+    Israel observed DST in 1980 (08-02/09-13) and 1984 (05-05/08-25).
+    (Thanks to Alois Treindl and Isaac Starkman.)
+
+  Changes to time zone abbreviations
+
+    Etc/UCT is now a backward-compatibility link to Etc/UTC, instead
+    of being a separate zone that generates the abbreviation "UCT",
+    which nowadays is typically a typo.  (Problem reported by Isiah
+    Meadows.)
+
+  Changes to code
+
+    zic now has an -r option to limit the time range of output data.
+    For example, 'zic -r @1000000000' limits the output data to
+    timestamps starting 1000000000 seconds after the Epoch.
+    This helps shrink output size and can be useful for applications
+    not needing the full timestamp history, such as TZDIST truncation;
+    see Internet RFC 8536 section 5.1.  (Inspired by a feature request
+    from Christopher Wong, helped along by bug reports from Wong and
+    from Tim Parenti.)
+
+  Changes to documentation
+
+    Mention Internet RFC 8536 (February 2019), which documents TZif.
+
+    tz-link.html now cites tzdata-meta
+    <https://tzdata-meta.timtimeonline.com/>.
+
+
 Release 2018i - 2018-12-30 11:05:43 -0800
 
   Briefly:
@@ -400,8 +448,9 @@ Release 2018d - 2018-03-22 07:05:46 -0700
       downstream parsers do not support it.
 
     * The build procedure constructs three files vanguard.zi, main.zi,
-      and rearguard.zi, one for each format.  The files represent the
-      same data as closely as the formats allow.  These three files
+      and rearguard.zi, one for each format.  Although the files
+      represent essentially the same data, they may have minor
+      discrepancies that users are not likely to notice.  The files
       are intended for downstream data consumers and are not
       installed.  Zoneinfo parsers that do not support negative SAVE values
       should start using rearguard.zi, so that they will be unaffected

Modified: releng/11.2/contrib/tzdata/README
==============================================================================
--- releng/11.2/contrib/tzdata/README	Tue May 14 22:00:47 2019	(r347583)
+++ releng/11.2/contrib/tzdata/README	Tue May 14 22:48:36 2019	(r347584)
@@ -1,7 +1,7 @@
 README for the tz distribution
 
-"What time is it?" -- Richard Deacon as The King
-"Any time you want it to be." -- Frank Baxter as The Scientist
+"Where do I set the hands of the clock?" -- Les Tremayne as The King
+"Oh that--you can set them any place you want." -- Frank Baxter as The Scientist
 					(from the Bell System film "About Time")
 
 The Time Zone Database (called tz, tzdb or zoneinfo) contains code and

Modified: releng/11.2/contrib/tzdata/africa
==============================================================================
--- releng/11.2/contrib/tzdata/africa	Tue May 14 22:00:47 2019	(r347583)
+++ releng/11.2/contrib/tzdata/africa	Tue May 14 22:48:36 2019	(r347584)
@@ -364,6 +364,11 @@ Zone	Africa/Cairo	2:05:09 -	LMT	1900 Oct
 # See Africa/Lagos.
 
 # Eritrea
+# See Africa/Nairobi.
+
+# Eswatini (formerly Swaziland)
+# See Africa/Johannesburg.
+
 # Ethiopia
 # See Africa/Nairobi.
 #
@@ -1188,7 +1193,7 @@ Zone Africa/Johannesburg 1:52:00 -	LMT	1892 Feb 8
 			1:30	-	SAST	1903 Mar
 			2:00	SA	SAST
 Link Africa/Johannesburg Africa/Maseru	   # Lesotho
-Link Africa/Johannesburg Africa/Mbabane    # Swaziland
+Link Africa/Johannesburg Africa/Mbabane    # Eswatini
 #
 # Marion and Prince Edward Is
 # scientific station since 1947
@@ -1229,9 +1234,6 @@ Zone	Africa/Khartoum	2:10:08 -	LMT	1931
 Zone	Africa/Juba	2:06:28 -	LMT	1931
 			2:00	Sudan	CA%sT	2000 Jan 15 12:00
 			3:00	-	EAT
-
-# Swaziland
-# See Africa/Johannesburg.
 
 # Tanzania
 # See Africa/Nairobi.

Modified: releng/11.2/contrib/tzdata/asia
==============================================================================
--- releng/11.2/contrib/tzdata/asia	Tue May 14 22:00:47 2019	(r347583)
+++ releng/11.2/contrib/tzdata/asia	Tue May 14 22:48:36 2019	(r347584)
@@ -1620,6 +1620,24 @@ Rule	Zion	1974	only	-	Jul	 7	0:00	1:00	D
 Rule	Zion	1974	only	-	Oct	13	0:00	0	S
 Rule	Zion	1975	only	-	Apr	20	0:00	1:00	D
 Rule	Zion	1975	only	-	Aug	31	0:00	0	S
+
+# From Alois Treindl (2019-03-06):
+# http://www.moin.gov.il/Documents/שעון קיץ/clock-50-years-7-2014.pdf
+# From Isaac Starkman (2019-03-06):
+# Summer time was in that period in 1980 and 1984, see
+# https://www.ynet.co.il/articles/0,7340,L-3951073,00.html
+# You can of course read it in translation.
+# I checked the local newspapers for that years.
+# It started on midnight and end at 01.00 am.
+# From Paul Eggert (2019-03-06):
+# Also see this thread about the moin.gov.il URL:
+# https://mm.icann.org/pipermail/tz/2018-November/027194.html
+Rule	Zion	1980	only	-	Aug	 2	0:00	1:00	D
+Rule	Zion	1980	only	-	Sep	13	1:00	0	S
+Rule	Zion	1984	only	-	May	 5	0:00	1:00	D
+Rule	Zion	1984	only	-	Aug	25	1:00	0	S
+
+# From Shanks & Pottenger:
 Rule	Zion	1985	only	-	Apr	14	0:00	1:00	D
 Rule	Zion	1985	only	-	Sep	15	0:00	0	S
 Rule	Zion	1986	only	-	May	18	0:00	1:00	D
@@ -3071,9 +3089,15 @@ Zone	Asia/Karachi	4:28:12 -	LMT	1907
 # the official website, though the decree did not specify the exact
 # time of the time shift.
 # http://www.palestinecabinet.gov.ps/Website/AR/NDecrees/ViewFile.ashx?ID=e7a42ab7-ee23-435a-b9c8-a4f7e81f3817
+
+# From Even Scharning (2019-03-23):
+# DST in Palestine will start on 30 March this year, not 23 March as the time
+# zone database predicted.
+# https://ramallah.news/post/123610
 #
-# From Paul Eggert (2018-03-16):
-# For 2016 on, predict spring transitions on March's fourth Saturday at 01:00.
+# From Tim Parenti (2019-03-23):
+# Combining this with the rules observed since 2016, adjust our spring
+# transition guess to Mar Sat>=24.
 
 # Rule	NAME	FROM	TO	TYPE	IN	ON	AT	SAVE	LETTER/S
 Rule EgyptAsia	1957	only	-	May	10	0:00	1:00	S
@@ -3104,7 +3128,7 @@ Rule Palestine	2012	only	-	Sep	21	1:00	0	-
 Rule Palestine	2013	only	-	Sep	Fri>=21	0:00	0	-
 Rule Palestine	2014	2015	-	Oct	Fri>=21	0:00	0	-
 Rule Palestine	2015	only	-	Mar	lastFri	24:00	1:00	S
-Rule Palestine	2016	max	-	Mar	Sat>=22	1:00	1:00	S
+Rule Palestine	2016	max	-	Mar	Sat>=24	1:00	1:00	S
 Rule Palestine	2016	max	-	Oct	lastSat	1:00	0	-
 
 # Zone	NAME		GMTOFF	RULES	FORMAT	[UNTIL]
@@ -3595,6 +3619,18 @@ Zone Asia/Ho_Chi_Minh	7:06:40 -	LMT	1906 Jul  1
 			7:00	-	+07	1959 Dec 31 23:00
 			8:00	-	+08	1975 Jun 13
 			7:00	-	+07
+
+# From Paul Eggert (2019-02-19):
+#
+# The Ho Chi Minh entry suffices for most purposes as it agrees with all of
+# Vietnam since 1975-06-13.  Presumably clocks often changed in south Vietnam
+# in the early 1970s as locations changed hands during the war; however the
+# details are unknown and would likely be too voluminous for this database.
+#
+# For timestamps in north Vietnam back to 1970 (the tzdb cutoff),
+# use Asia/Bangkok; see the VN entries in the file zone1970.tab.
+# For timestamps before 1970, see Asia/Hanoi in the file 'backzone'.
+
 
 # Yemen
 # See Asia/Riyadh.

Modified: releng/11.2/contrib/tzdata/backward
==============================================================================
--- releng/11.2/contrib/tzdata/backward	Tue May 14 22:00:47 2019	(r347583)
+++ releng/11.2/contrib/tzdata/backward	Tue May 14 22:48:36 2019	(r347584)
@@ -77,6 +77,7 @@ Link	Pacific/Easter		Chile/EasterIsland
 Link	America/Havana		Cuba
 Link	Africa/Cairo		Egypt
 Link	Europe/Dublin		Eire
+Link	Etc/UTC			Etc/UCT
 Link	Europe/London		Europe/Belfast
 Link	Europe/Chisinau		Europe/Tiraspol
 Link	Europe/London		GB
@@ -111,7 +112,7 @@ Link	Asia/Taipei		ROC
 Link	Asia/Seoul		ROK
 Link	Asia/Singapore		Singapore
 Link	Europe/Istanbul		Turkey
-Link	Etc/UCT			UCT
+Link	Etc/UTC			UCT
 Link	America/Anchorage	US/Alaska
 Link	America/Adak		US/Aleutian
 Link	America/Phoenix		US/Arizona

Modified: releng/11.2/contrib/tzdata/backzone
==============================================================================
--- releng/11.2/contrib/tzdata/backzone	Tue May 14 22:00:47 2019	(r347583)
+++ releng/11.2/contrib/tzdata/backzone	Tue May 14 22:48:36 2019	(r347584)
@@ -204,7 +204,7 @@ Zone	Africa/Maseru	1:50:00 -	LMT	1903 Mar
 			2:00	1:00	SAST	1944 Mar 19  2:00
 			2:00	-	SAST
 
-# Swaziland
+# Eswatini (formerly Swaziland)
 Zone	Africa/Mbabane	2:04:24 -	LMT	1903 Mar
 			2:00	-	SAST
 
@@ -625,7 +625,7 @@ Zone	Europe/Sarajevo	1:13:40	-	LMT	1884
 			1:00	-	CET	1982 Nov 27
 			1:00	EU	CE%sT
 
-# Macedonia
+# North Macedonia
 Zone	Europe/Skopje	1:25:44	-	LMT	1884
 			1:00	-	CET	1941 Apr 18 23:00
 			1:00	C-Eur	CE%sT	1945 May  8  2:00s

Modified: releng/11.2/contrib/tzdata/etcetera
==============================================================================
--- releng/11.2/contrib/tzdata/etcetera	Tue May 14 22:00:47 2019	(r347583)
+++ releng/11.2/contrib/tzdata/etcetera	Tue May 14 22:48:36 2019	(r347584)
@@ -19,7 +19,6 @@
 
 Zone	Etc/GMT		0	-	GMT
 Zone	Etc/UTC		0	-	UTC
-Zone	Etc/UCT		0	-	UCT
 
 # The following link uses older naming conventions,
 # but it belongs here, not in the file 'backward',

Modified: releng/11.2/contrib/tzdata/europe
==============================================================================
--- releng/11.2/contrib/tzdata/europe	Tue May 14 22:00:47 2019	(r347583)
+++ releng/11.2/contrib/tzdata/europe	Tue May 14 22:48:36 2019	(r347584)
@@ -1855,7 +1855,7 @@ Zone Europe/Luxembourg	0:24:36 -	LMT	1904 Jun
 			1:00	Belgium	CE%sT	1977
 			1:00	EU	CE%sT
 
-# Macedonia
+# North Macedonia
 # See Europe/Belgrade.
 
 # Malta
@@ -3359,7 +3359,7 @@ Zone	Europe/Belgrade	1:22:00	-	LMT	1884
 Link Europe/Belgrade Europe/Ljubljana	# Slovenia
 Link Europe/Belgrade Europe/Podgorica	# Montenegro
 Link Europe/Belgrade Europe/Sarajevo	# Bosnia and Herzegovina
-Link Europe/Belgrade Europe/Skopje	# Macedonia
+Link Europe/Belgrade Europe/Skopje	# North Macedonia
 Link Europe/Belgrade Europe/Zagreb	# Croatia
 
 # Slovakia

Modified: releng/11.2/contrib/tzdata/leap-seconds.list
==============================================================================
--- releng/11.2/contrib/tzdata/leap-seconds.list	Tue May 14 22:00:47 2019	(r347583)
+++ releng/11.2/contrib/tzdata/leap-seconds.list	Tue May 14 22:48:36 2019	(r347584)
@@ -204,10 +204,10 @@
 #	current -- the update time stamp, the data and the name of the file
 #	will not change.
 #
-#	Updated through IERS Bulletin C56
-#	File expires on:  28 June 2019
+#	Updated through IERS Bulletin C57
+#	File expires on:  28 December 2019
 #
-#@	3770668800
+#@	3786480000
 #
 2272060800	10	# 1 Jan 1972
 2287785600	11	# 1 Jul 1972
@@ -252,4 +252,4 @@
 #	the hash line is also ignored in the
 #	computation.
 #
-#h 	62ca19f6 96a4ae0a 3708451c 9f8693f4 016604eb
+#h 	83c68138 d3650221 07dbbbcd 11fcc859 ced1106a

Modified: releng/11.2/contrib/tzdata/leapseconds
==============================================================================
--- releng/11.2/contrib/tzdata/leapseconds	Tue May 14 22:00:47 2019	(r347583)
+++ releng/11.2/contrib/tzdata/leapseconds	Tue May 14 22:48:36 2019	(r347584)
@@ -63,7 +63,7 @@ Leap	2016	Dec	31	23:59:60	+	S
 
 # POSIX timestamps for the data in this file:
 #updated 1467936000
-#expires 1561680000
+#expires 1577491200
 
-#	Updated through IERS Bulletin C56
-#	File expires on:  28 June 2019
+#	Updated through IERS Bulletin C57
+#	File expires on:  28 December 2019

Modified: releng/11.2/contrib/tzdata/northamerica
==============================================================================
--- releng/11.2/contrib/tzdata/northamerica	Tue May 14 22:00:47 2019	(r347583)
+++ releng/11.2/contrib/tzdata/northamerica	Tue May 14 22:48:36 2019	(r347584)
@@ -609,6 +609,15 @@ Zone America/Los_Angeles -7:52:58 -	LMT	1883 Nov 18 12
 # In a 2018-12-11 special election, Metlakatla voted to go back to
 # Alaska time (including daylight saving time) starting next year.
 # https://www.krbd.org/2018/12/12/metlakatla-to-follow-alaska-standard-time-allow-liquor-sales/
+#
+# From Ryan Stanley (2019-01-11):
+# The community will be changing back on the 20th of this month...
+# From Tim Parenti (2019-01-11):
+# Per an announcement on the Metlakatla community's official Facebook page, the
+# "fall back" will be on Sunday 2019-01-20 at 02:00:
+# https://www.facebook.com/141055983004923/photos/607150969728753/
+# So they won't be waiting for Alaska to join them on 2019-03-10, but will
+# rather change their clocks twice in seven weeks.
 
 # Zone	NAME		GMTOFF	RULES	FORMAT	[UNTIL]
 Zone America/Juneau	 15:02:19 -	LMT	1867 Oct 19 15:33:32
@@ -637,7 +646,7 @@ Zone America/Metlakatla	 15:13:42 -	LMT	1867 Oct 19 15
 			 -8:00	US	P%sT	1983 Oct 30  2:00
 			 -8:00	-	PST	2015 Nov  1  2:00
 			 -9:00	US	AK%sT	2018 Nov  4  2:00
-			 -8:00	-	PST	2019 Mar Sun>=8 3:00
+			 -8:00	-	PST	2019 Jan 20  2:00
 			 -9:00	US	AK%sT
 Zone America/Yakutat	 14:41:05 -	LMT	1867 Oct 19 15:12:18
 			 -9:18:55 -	LMT	1900 Aug 20 12:00

Modified: releng/11.2/contrib/tzdata/theory.html
==============================================================================
--- releng/11.2/contrib/tzdata/theory.html	Tue May 14 22:00:47 2019	(r347583)
+++ releng/11.2/contrib/tzdata/theory.html	Tue May 14 22:48:36 2019	(r347584)
@@ -15,7 +15,7 @@
     <ul>
       <li><a href="#scope">Scope of the <code><abbr>tz</abbr></code>
 	  database</a></li>
-      <li><a href="#naming">Names of timezones</a></li>
+      <li><a href="#naming">Timezone identifiers</a></li>
       <li><a href="#abbreviations">Time zone abbreviations</a></li>
       <li><a href="#accuracy">Accuracy of the <code><abbr>tz</abbr></code>
 	  database</a></li>
@@ -107,9 +107,9 @@ It does not always make sense to talk about a timezone
 </section>
 
 <section>
-  <h2 id="naming">Names of timezones</h2>
+  <h2 id="naming">Timezone identifiers</h2>
 <p>
-Each timezone has a unique name.
+Each timezone has a name that uniquely identifies the timezone.
 Inexperienced users are not expected to select these names unaided.
 Distributors should provide documentation and/or a simple selection
 interface that explains each name via a map or via descriptive text like
@@ -142,10 +142,12 @@ among the following goals:
   </li>
   <li>
     Be robust in the presence of political changes.
-    For example, names of countries are ordinarily not used, to avoid
+    For example, names are typically not tied to countries, to avoid
     incompatibilities when countries change their name (e.g.,
-    Zaire&rarr;Congo) or when locations change countries (e.g., Hong
+    Swaziland&rarr;Eswatini) or when locations change countries (e.g., Hong
     Kong from UK colony to China).
+    There is no requirement that every country or national
+    capital must have a timezone name.
   </li>
   <li>
     Be portable to a wide variety of implementations.
@@ -215,19 +217,18 @@ in decreasing order of importance:
     do not need locations, since local time is not defined there.
   </li>
   <li>
-    There should typically be at least one name for each <a
-    href="https://en.wikipedia.org/wiki/ISO_3166-1"><abbr
-    title="International Organization for Standardization">ISO</abbr>
-    3166-1</a> officially assigned two-letter code for an inhabited
-    country or territory.
-  </li>
-  <li>
     If all the clocks in a timezone have agreed since 1970,
     do not bother to include more than one timezone
     even if some of the clocks disagreed before 1970.
     Otherwise these tables would become annoyingly large.
   </li>
   <li>
+    If boundaries between regions are fluid, such as during a war or
+    insurrection, do not bother to create a new timezone merely
+    because of yet another boundary change. This helps prevent table
+    bloat and simplifies maintenance.
+  </li>
+  <li>
     If a name is ambiguous, use a less ambiguous alternative;
     e.g., many cities are named San José and Georgetown, so
     prefer <code>America/Costa_Rica</code> to
@@ -299,29 +300,23 @@ in decreasing order of importance:
 </ul>
 
 <p>
-The file '<code>zone1970.tab</code>' lists geographical locations used
-to name timezones.
-It is intended to be an exhaustive list of names for geographic
-regions as described above; this is a subset of the timezones in the data.
-Although a '<code>zone1970.tab</code>' location's
-<a href="https://en.wikipedia.org/wiki/Longitude">longitude</a>
-corresponds to
-its <a href="https://en.wikipedia.org/wiki/Local_mean_time">local mean
-time (<abbr>LMT</abbr>)</a> offset with one hour for every 15&deg;
-east longitude, this relationship is not exact.
+Guidelines have evolved with time, and names following old versions of
+this guideline might not follow the current version. When guidelines
+have changed, old names continue to be supported. Guideline changes
+have included the following:
 </p>
 
-<p>
-Older versions of this package used a different naming scheme,
-and these older names are still supported.
+<ul>
+<li>
+Older versions of this package used a different naming scheme.
 See the file '<code>backward</code>' for most of these older names
 (e.g., '<code>US/Eastern</code>' instead of '<code>America/New_York</code>').
 The other old-fashioned names still supported are
 '<code>WET</code>', '<code>CET</code>', '<code>MET</code>', and
 '<code>EET</code>' (see the file '<code>europe</code>').
-</p>
+</li>
 
-<p>
+<li>
 Older versions of this package defined legacy names that are
 incompatible with the first guideline of location names, but which are
 still supported.
@@ -332,6 +327,31 @@ Also, the file '<code>backward</code>' defines the leg
 and the file '<code>northamerica</code>' defines the legacy names
 '<code>EST5EDT</code>', '<code>CST6CDT</code>',
 '<code>MST7MDT</code>', and '<code>PST8PDT</code>'.
+</li>
+
+<li>
+Older versions of this guideline said that
+there should typically be at least one name for each <a
+href="https://en.wikipedia.org/wiki/ISO_3166-1"><abbr
+title="International Organization for Standardization">ISO</abbr>
+3166-1</a> officially assigned two-letter code for an inhabited
+country or territory.
+This old guideline has been dropped, as it was not needed to handle
+timestamps correctly and it increased maintenance burden.
+</li>
+</ul>
+
+<p>
+The file '<code>zone1970.tab</code>' lists geographical locations used
+to name timezones.
+It is intended to be an exhaustive list of names for geographic
+regions as described above; this is a subset of the timezones in the data.
+Although a '<code>zone1970.tab</code>' location's
+<a href="https://en.wikipedia.org/wiki/Longitude">longitude</a>
+corresponds to
+its <a href="https://en.wikipedia.org/wiki/Local_mean_time">local mean
+time (<abbr>LMT</abbr>)</a> offset with one hour for every 15&deg;
+east longitude, this relationship is not exact.
 </p>
 
 <p>
@@ -983,7 +1003,9 @@ an older <code>zic</code>.
     constrained to be a string containing abbreviations
     and numeric data as described <a href="#POSIX">above</a>.
     The file's format is <dfn><abbr>TZif</abbr></dfn>,
-    a timezone information format that contains binary data.
+    a timezone information format that contains binary data; see
+    <a href="https://tools.ietf.org/html/8536">Internet
+    <abbr>RFC</abbr> 8536</a>.
     The daylight saving time rules to be used for a
     particular timezone are encoded in the
     <abbr>TZif</abbr> file; the format of the file allows <abbr>US</abbr>,
@@ -1166,7 +1188,7 @@ The <code><abbr>tz</abbr></code> code and data supply 
 <ul>
   <li>
     A set of timezone names as per
-      "<a href="#naming">Names of timezones</a>" above.
+      "<a href="#naming">Timezone identifiers</a>" above.
   </li>
   <li>
     Library functions described in "<a href="#functions">Time and date
@@ -1212,6 +1234,17 @@ Interfaces not listed above are less stable.
 For example, users should not rely on particular <abbr>UT</abbr>
 offsets or abbreviations for timestamps, as data entries are often
 based on guesswork and these guesses may be corrected or improved.
+</p>
+
+<p>
+Timezone boundaries are not part of the stable interface.
+For example, even though the <samp>Asia/Bangkok</samp> timezone
+currently includes Chang Mai, Hanoi, and Phnom Penh, this is not part
+of the stable interface and the timezone can split at any time.
+If a calendar application records a future event in some location other
+than Bangkok by putting "<samp>Asia/Bangkok</samp>" in the event's record,
+the application should be robust in the presence of timezone splits
+between now and the future time.
 </p>
 </section>
 

Modified: releng/11.2/contrib/tzdata/version
==============================================================================
--- releng/11.2/contrib/tzdata/version	Tue May 14 22:00:47 2019	(r347583)
+++ releng/11.2/contrib/tzdata/version	Tue May 14 22:48:36 2019	(r347584)
@@ -1 +1 @@
-2018i
+2019a

Modified: releng/12.0/contrib/tzdata/Makefile
==============================================================================
--- releng/12.0/contrib/tzdata/Makefile	Tue May 14 22:00:47 2019	(r347583)
+++ releng/12.0/contrib/tzdata/Makefile	Tue May 14 22:48:36 2019	(r347584)
@@ -12,7 +12,10 @@ VERSION=	unknown
 # Email address for bug reports.
 BUGEMAIL=	tz@iana.org
 
-# Choose source data features.  To get new features right away, use:
+# DATAFORM selects the data format.
+# Available formats represent essentially the same data, albeit
+# possibly with minor discrepancies that users are not likely to notice.
+# To get new features and the best data right away, use:
 #	DATAFORM=	vanguard
 # To wait a while before using new features, to give downstream users
 # time to upgrade zic (the default), use:
@@ -33,11 +36,11 @@ DATAFORM=		main
 LOCALTIME=	GMT
 
 # If you want something other than Eastern United States time as a template
-# for handling POSIX-style timezone environment variables,
+# for handling ruleless POSIX-style timezone environment variables,
 # change the line below (after finding the timezone you want in the
 # one of the $(TDATA) source files, or adding it to a source file).
-# When a POSIX-style environment variable is handled, the rules in the
-# template file are used to determine "spring forward" and "fall back" days and
+# A ruleless environment setting like TZ='CST6CDT' uses the rules in the
+# template file to determine "spring forward" and "fall back" days and
 # times; the environment variable itself specifies UT offsets of standard and
 # daylight saving time.
 # Alternatively, if you discover you've got the wrong timezone, you can just
@@ -46,7 +49,6 @@ LOCALTIME=	GMT
 # Use the command
 #	make zonenames
 # to get a list of the values you can use for POSIXRULES.
-# If you want POSIX compatibility, use "America/New_York".
 
 POSIXRULES=	America/New_York
 
@@ -113,8 +115,8 @@ TIME_T_ALTERNATIVES = $(TIME_T_ALTERNATIVES_HEAD) $(TI
 TIME_T_ALTERNATIVES_HEAD = int64_t
 TIME_T_ALTERNATIVES_TAIL = int32_t uint32_t uint64_t
 
-# What kind of TZif data files to generate.
-# (TZif is the binary time zone data format that zic generates.)
+# What kind of TZif data files to generate.  (TZif is the binary time
+# zone data format that zic generates; see Internet RFC 8536.)
 # If you want only POSIX time, with time values interpreted as
 # seconds since the epoch (not counting leap seconds), use
 #	REDO=		posix_only
@@ -360,6 +362,9 @@ LEAPSECONDS=
 zic=		./zic
 ZIC=		$(zic) $(ZFLAGS)
 
+# To shrink the size of installed TZif files,
+# append "-r @N" to omit data before N-seconds-after-the-Epoch.
+# See the zic man page for more about -r.
 ZFLAGS=
 
 # How to use zic to install TZif files.
@@ -491,7 +496,8 @@ MANTXTS=	newctime.3.txt newstrftime.3.txt newtzset.3.t
 COMMON=		calendars CONTRIBUTING LICENSE Makefile \
 			NEWS README theory.html version
 WEB_PAGES=	tz-art.html tz-how-to.html tz-link.html
-CHECK_WEB_PAGES=check_tz-art.html check_tz-how-to.html check_tz-link.html
+CHECK_WEB_PAGES=check_theory.html check_tz-art.html \
+			check_tz-how-to.html check_tz-link.html
 DOCS=		$(MANS) date.1 $(MANTXTS) $(WEB_PAGES)
 PRIMARY_YDATA=	africa antarctica asia australasia \
 		europe northamerica southamerica
@@ -804,9 +810,10 @@ check_tzs:	$(TZS) $(TZS_NEW)
 		touch $@
 
 check_web:	$(CHECK_WEB_PAGES)
+check_theory.html: theory.html
 check_tz-art.html: tz-art.html
 check_tz-link.html: tz-link.html
-check_tz-art.html check_tz-link.html:
+check_theory.html check_tz-art.html check_tz-link.html:
 		$(CURL) -sS --url https://validator.w3.org/nu/ -F out=gnu \
 		    -F file=@$$(expr $@ : 'check_\(.*\)') -o $@.out && \
 		  test ! -s $@.out || { cat $@.out; exit 1; }
@@ -840,11 +847,13 @@ check_zishrink_posix check_zishrink_right: \
 		touch $@
 
 clean_misc:
+		rm -fr check_*.dir
 		rm -f *.o *.out $(TIME_T_ALTERNATIVES) \
 		  check_* core typecheck_* \
 		  date tzselect version.h zdump zic yearistype libtz.a
 clean:		clean_misc
-		rm -fr *.dir *.zi tzdb-*/ $(TZS_NEW)
+		rm -fr *.dir tzdb-*/
+		rm -f *.zi $(TZS_NEW)
 
 maintainer-clean: clean
 		@echo 'This command is intended for maintainers to use; it'

Modified: releng/12.0/contrib/tzdata/NEWS
==============================================================================
--- releng/12.0/contrib/tzdata/NEWS	Tue May 14 22:00:47 2019	(r347583)
+++ releng/12.0/contrib/tzdata/NEWS	Tue May 14 22:48:36 2019	(r347584)
@@ -1,5 +1,53 @@
 News for the tz database
 
+Release 20198 - 2019-03-25 22:01:33 -0700
+
+  Briefly:
+    Palestine "springs forward" on 2019-03-30 instead of 2019-03-23.
+    Metlakatla "fell back" to rejoin Alaska Time on 2019-01-20 at 02:00.
+
+  Changes to past and future timestamps
+
+    Palestine will not start DST until 2019-03-30, instead of 2019-03-23 as
+    previously predicted.  Adjust our prediction by guessing that spring
+    transitions will be between 24 and 30 March, which matches recent practice
+    since 2016.  (Thanks to Even Scharning and Tim Parenti.)
+
+    Metlakatla ended its observance of Pacific standard time,
+    rejoining Alaska Time, on 2019-01-20 at 02:00.  (Thanks to Ryan
+    Stanley and Tim Parenti.)
+
+  Changes to past timestamps
+
+    Israel observed DST in 1980 (08-02/09-13) and 1984 (05-05/08-25).
+    (Thanks to Alois Treindl and Isaac Starkman.)
+
+  Changes to time zone abbreviations
+
+    Etc/UCT is now a backward-compatibility link to Etc/UTC, instead
+    of being a separate zone that generates the abbreviation "UCT",
+    which nowadays is typically a typo.  (Problem reported by Isiah
+    Meadows.)
+
+  Changes to code
+
+    zic now has an -r option to limit the time range of output data.
+    For example, 'zic -r @1000000000' limits the output data to
+    timestamps starting 1000000000 seconds after the Epoch.
+    This helps shrink output size and can be useful for applications
+    not needing the full timestamp history, such as TZDIST truncation;
+    see Internet RFC 8536 section 5.1.  (Inspired by a feature request
+    from Christopher Wong, helped along by bug reports from Wong and
+    from Tim Parenti.)
+
+  Changes to documentation
+
+    Mention Internet RFC 8536 (February 2019), which documents TZif.
+
+    tz-link.html now cites tzdata-meta
+    <https://tzdata-meta.timtimeonline.com/>.
+
+
 Release 2018i - 2018-12-30 11:05:43 -0800
 
   Briefly:
@@ -400,8 +448,9 @@ Release 2018d - 2018-03-22 07:05:46 -0700
       downstream parsers do not support it.
 
     * The build procedure constructs three files vanguard.zi, main.zi,
-      and rearguard.zi, one for each format.  The files represent the
-      same data as closely as the formats allow.  These three files
+      and rearguard.zi, one for each format.  Although the files
+      represent essentially the same data, they may have minor
+      discrepancies that users are not likely to notice.  The files
       are intended for downstream data consumers and are not
       installed.  Zoneinfo parsers that do not support negative SAVE values
       should start using rearguard.zi, so that they will be unaffected

Modified: releng/12.0/contrib/tzdata/README
==============================================================================
--- releng/12.0/contrib/tzdata/README	Tue May 14 22:00:47 2019	(r347583)
+++ releng/12.0/contrib/tzdata/README	Tue May 14 22:48:36 2019	(r347584)
@@ -1,7 +1,7 @@
 README for the tz distribution
 
-"What time is it?" -- Richard Deacon as The King
-"Any time you want it to be." -- Frank Baxter as The Scientist
+"Where do I set the hands of the clock?" -- Les Tremayne as The King
+"Oh that--you can set them any place you want." -- Frank Baxter as The Scientist
 					(from the Bell System film "About Time")
 
 The Time Zone Database (called tz, tzdb or zoneinfo) contains code and

Modified: releng/12.0/contrib/tzdata/africa
==============================================================================
--- releng/12.0/contrib/tzdata/africa	Tue May 14 22:00:47 2019	(r347583)
+++ releng/12.0/contrib/tzdata/africa	Tue May 14 22:48:36 2019	(r347584)
@@ -364,6 +364,11 @@ Zone	Africa/Cairo	2:05:09 -	LMT	1900 Oct
 # See Africa/Lagos.
 
 # Eritrea
+# See Africa/Nairobi.
+
+# Eswatini (formerly Swaziland)
+# See Africa/Johannesburg.
+
 # Ethiopia
 # See Africa/Nairobi.
 #
@@ -1188,7 +1193,7 @@ Zone Africa/Johannesburg 1:52:00 -	LMT	1892 Feb 8
 			1:30	-	SAST	1903 Mar
 			2:00	SA	SAST
 Link Africa/Johannesburg Africa/Maseru	   # Lesotho
-Link Africa/Johannesburg Africa/Mbabane    # Swaziland
+Link Africa/Johannesburg Africa/Mbabane    # Eswatini
 #
 # Marion and Prince Edward Is
 # scientific station since 1947
@@ -1229,9 +1234,6 @@ Zone	Africa/Khartoum	2:10:08 -	LMT	1931
 Zone	Africa/Juba	2:06:28 -	LMT	1931
 			2:00	Sudan	CA%sT	2000 Jan 15 12:00
 			3:00	-	EAT
-
-# Swaziland
-# See Africa/Johannesburg.
 
 # Tanzania
 # See Africa/Nairobi.

Modified: releng/12.0/contrib/tzdata/asia
==============================================================================
--- releng/12.0/contrib/tzdata/asia	Tue May 14 22:00:47 2019	(r347583)
+++ releng/12.0/contrib/tzdata/asia	Tue May 14 22:48:36 2019	(r347584)
@@ -1620,6 +1620,24 @@ Rule	Zion	1974	only	-	Jul	 7	0:00	1:00	D
 Rule	Zion	1974	only	-	Oct	13	0:00	0	S
 Rule	Zion	1975	only	-	Apr	20	0:00	1:00	D
 Rule	Zion	1975	only	-	Aug	31	0:00	0	S
+
+# From Alois Treindl (2019-03-06):
+# http://www.moin.gov.il/Documents/שעון קיץ/clock-50-years-7-2014.pdf
+# From Isaac Starkman (2019-03-06):
+# Summer time was in that period in 1980 and 1984, see
+# https://www.ynet.co.il/articles/0,7340,L-3951073,00.html
+# You can of course read it in translation.
+# I checked the local newspapers for that years.
+# It started on midnight and end at 01.00 am.
+# From Paul Eggert (2019-03-06):
+# Also see this thread about the moin.gov.il URL:
+# https://mm.icann.org/pipermail/tz/2018-November/027194.html
+Rule	Zion	1980	only	-	Aug	 2	0:00	1:00	D
+Rule	Zion	1980	only	-	Sep	13	1:00	0	S
+Rule	Zion	1984	only	-	May	 5	0:00	1:00	D
+Rule	Zion	1984	only	-	Aug	25	1:00	0	S
+
+# From Shanks & Pottenger:
 Rule	Zion	1985	only	-	Apr	14	0:00	1:00	D
 Rule	Zion	1985	only	-	Sep	15	0:00	0	S
 Rule	Zion	1986	only	-	May	18	0:00	1:00	D
@@ -3071,9 +3089,15 @@ Zone	Asia/Karachi	4:28:12 -	LMT	1907
 # the official website, though the decree did not specify the exact
 # time of the time shift.
 # http://www.palestinecabinet.gov.ps/Website/AR/NDecrees/ViewFile.ashx?ID=e7a42ab7-ee23-435a-b9c8-a4f7e81f3817
+
+# From Even Scharning (2019-03-23):
+# DST in Palestine will start on 30 March this year, not 23 March as the time
+# zone database predicted.
+# https://ramallah.news/post/123610
 #
-# From Paul Eggert (2018-03-16):
-# For 2016 on, predict spring transitions on March's fourth Saturday at 01:00.
+# From Tim Parenti (2019-03-23):
+# Combining this with the rules observed since 2016, adjust our spring
+# transition guess to Mar Sat>=24.
 
 # Rule	NAME	FROM	TO	TYPE	IN	ON	AT	SAVE	LETTER/S
 Rule EgyptAsia	1957	only	-	May	10	0:00	1:00	S
@@ -3104,7 +3128,7 @@ Rule Palestine	2012	only	-	Sep	21	1:00	0	-
 Rule Palestine	2013	only	-	Sep	Fri>=21	0:00	0	-
 Rule Palestine	2014	2015	-	Oct	Fri>=21	0:00	0	-
 Rule Palestine	2015	only	-	Mar	lastFri	24:00	1:00	S
-Rule Palestine	2016	max	-	Mar	Sat>=22	1:00	1:00	S
+Rule Palestine	2016	max	-	Mar	Sat>=24	1:00	1:00	S
 Rule Palestine	2016	max	-	Oct	lastSat	1:00	0	-
 
 # Zone	NAME		GMTOFF	RULES	FORMAT	[UNTIL]
@@ -3595,6 +3619,18 @@ Zone Asia/Ho_Chi_Minh	7:06:40 -	LMT	1906 Jul  1
 			7:00	-	+07	1959 Dec 31 23:00
 			8:00	-	+08	1975 Jun 13
 			7:00	-	+07
+
+# From Paul Eggert (2019-02-19):
+#
+# The Ho Chi Minh entry suffices for most purposes as it agrees with all of
+# Vietnam since 1975-06-13.  Presumably clocks often changed in south Vietnam
+# in the early 1970s as locations changed hands during the war; however the
+# details are unknown and would likely be too voluminous for this database.
+#
+# For timestamps in north Vietnam back to 1970 (the tzdb cutoff),
+# use Asia/Bangkok; see the VN entries in the file zone1970.tab.
+# For timestamps before 1970, see Asia/Hanoi in the file 'backzone'.
+
 
 # Yemen
 # See Asia/Riyadh.

Modified: releng/12.0/contrib/tzdata/backward
==============================================================================
--- releng/12.0/contrib/tzdata/backward	Tue May 14 22:00:47 2019	(r347583)
+++ releng/12.0/contrib/tzdata/backward	Tue May 14 22:48:36 2019	(r347584)
@@ -77,6 +77,7 @@ Link	Pacific/Easter		Chile/EasterIsland
 Link	America/Havana		Cuba
 Link	Africa/Cairo		Egypt
 Link	Europe/Dublin		Eire
+Link	Etc/UTC			Etc/UCT
 Link	Europe/London		Europe/Belfast
 Link	Europe/Chisinau		Europe/Tiraspol
 Link	Europe/London		GB
@@ -111,7 +112,7 @@ Link	Asia/Taipei		ROC
 Link	Asia/Seoul		ROK
 Link	Asia/Singapore		Singapore
 Link	Europe/Istanbul		Turkey
-Link	Etc/UCT			UCT
+Link	Etc/UTC			UCT
 Link	America/Anchorage	US/Alaska
 Link	America/Adak		US/Aleutian
 Link	America/Phoenix		US/Arizona

Modified: releng/12.0/contrib/tzdata/backzone
==============================================================================
--- releng/12.0/contrib/tzdata/backzone	Tue May 14 22:00:47 2019	(r347583)
+++ releng/12.0/contrib/tzdata/backzone	Tue May 14 22:48:36 2019	(r347584)
@@ -204,7 +204,7 @@ Zone	Africa/Maseru	1:50:00 -	LMT	1903 Mar
 			2:00	1:00	SAST	1944 Mar 19  2:00
 			2:00	-	SAST
 
-# Swaziland
+# Eswatini (formerly Swaziland)
 Zone	Africa/Mbabane	2:04:24 -	LMT	1903 Mar
 			2:00	-	SAST
 
@@ -625,7 +625,7 @@ Zone	Europe/Sarajevo	1:13:40	-	LMT	1884
 			1:00	-	CET	1982 Nov 27
 			1:00	EU	CE%sT
 
-# Macedonia
+# North Macedonia
 Zone	Europe/Skopje	1:25:44	-	LMT	1884
 			1:00	-	CET	1941 Apr 18 23:00
 			1:00	C-Eur	CE%sT	1945 May  8  2:00s

Modified: releng/12.0/contrib/tzdata/etcetera
==============================================================================
--- releng/12.0/contrib/tzdata/etcetera	Tue May 14 22:00:47 2019	(r347583)
+++ releng/12.0/contrib/tzdata/etcetera	Tue May 14 22:48:36 2019	(r347584)
@@ -19,7 +19,6 @@
 
 Zone	Etc/GMT		0	-	GMT
 Zone	Etc/UTC		0	-	UTC
-Zone	Etc/UCT		0	-	UCT
 
 # The following link uses older naming conventions,
 # but it belongs here, not in the file 'backward',

Modified: releng/12.0/contrib/tzdata/europe
==============================================================================
--- releng/12.0/contrib/tzdata/europe	Tue May 14 22:00:47 2019	(r347583)
+++ releng/12.0/contrib/tzdata/europe	Tue May 14 22:48:36 2019	(r347584)
@@ -1855,7 +1855,7 @@ Zone Europe/Luxembourg	0:24:36 -	LMT	1904 Jun
 			1:00	Belgium	CE%sT	1977
 			1:00	EU	CE%sT
 
-# Macedonia
+# North Macedonia
 # See Europe/Belgrade.
 
 # Malta
@@ -3359,7 +3359,7 @@ Zone	Europe/Belgrade	1:22:00	-	LMT	1884
 Link Europe/Belgrade Europe/Ljubljana	# Slovenia
 Link Europe/Belgrade Europe/Podgorica	# Montenegro
 Link Europe/Belgrade Europe/Sarajevo	# Bosnia and Herzegovina
-Link Europe/Belgrade Europe/Skopje	# Macedonia
+Link Europe/Belgrade Europe/Skopje	# North Macedonia
 Link Europe/Belgrade Europe/Zagreb	# Croatia
 
 # Slovakia

Modified: releng/12.0/contrib/tzdata/leap-seconds.list
==============================================================================
--- releng/12.0/contrib/tzdata/leap-seconds.list	Tue May 14 22:00:47 2019	(r347583)
+++ releng/12.0/contrib/tzdata/leap-seconds.list	Tue May 14 22:48:36 2019	(r347584)
@@ -204,10 +204,10 @@
 #	current -- the update time stamp, the data and the name of the file
 #	will not change.
 #
-#	Updated through IERS Bulletin C56
-#	File expires on:  28 June 2019
+#	Updated through IERS Bulletin C57
+#	File expires on:  28 December 2019
 #
-#@	3770668800
+#@	3786480000
 #
 2272060800	10	# 1 Jan 1972
 2287785600	11	# 1 Jul 1972
@@ -252,4 +252,4 @@
 #	the hash line is also ignored in the
 #	computation.
 #
-#h 	62ca19f6 96a4ae0a 3708451c 9f8693f4 016604eb
+#h 	83c68138 d3650221 07dbbbcd 11fcc859 ced1106a

Modified: releng/12.0/contrib/tzdata/leapseconds
==============================================================================
--- releng/12.0/contrib/tzdata/leapseconds	Tue May 14 22:00:47 2019	(r347583)
+++ releng/12.0/contrib/tzdata/leapseconds	Tue May 14 22:48:36 2019	(r347584)
@@ -63,7 +63,7 @@ Leap	2016	Dec	31	23:59:60	+	S
 
 # POSIX timestamps for the data in this file:
 #updated 1467936000
-#expires 1561680000
+#expires 1577491200
 
-#	Updated through IERS Bulletin C56
-#	File expires on:  28 June 2019
+#	Updated through IERS Bulletin C57
+#	File expires on:  28 December 2019

Modified: releng/12.0/contrib/tzdata/northamerica
==============================================================================
--- releng/12.0/contrib/tzdata/northamerica	Tue May 14 22:00:47 2019	(r347583)
+++ releng/12.0/contrib/tzdata/northamerica	Tue May 14 22:48:36 2019	(r347584)
@@ -609,6 +609,15 @@ Zone America/Los_Angeles -7:52:58 -	LMT	1883 Nov 18 12
 # In a 2018-12-11 special election, Metlakatla voted to go back to
 # Alaska time (including daylight saving time) starting next year.
 # https://www.krbd.org/2018/12/12/metlakatla-to-follow-alaska-standard-time-allow-liquor-sales/
+#
+# From Ryan Stanley (2019-01-11):
+# The community will be changing back on the 20th of this month...
+# From Tim Parenti (2019-01-11):
+# Per an announcement on the Metlakatla community's official Facebook page, the
+# "fall back" will be on Sunday 2019-01-20 at 02:00:
+# https://www.facebook.com/141055983004923/photos/607150969728753/
+# So they won't be waiting for Alaska to join them on 2019-03-10, but will
+# rather change their clocks twice in seven weeks.
 
 # Zone	NAME		GMTOFF	RULES	FORMAT	[UNTIL]
 Zone America/Juneau	 15:02:19 -	LMT	1867 Oct 19 15:33:32
@@ -637,7 +646,7 @@ Zone America/Metlakatla	 15:13:42 -	LMT	1867 Oct 19 15
 			 -8:00	US	P%sT	1983 Oct 30  2:00
 			 -8:00	-	PST	2015 Nov  1  2:00
 			 -9:00	US	AK%sT	2018 Nov  4  2:00
-			 -8:00	-	PST	2019 Mar Sun>=8 3:00
+			 -8:00	-	PST	2019 Jan 20  2:00
 			 -9:00	US	AK%sT

*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***

From owner-svn-src-releng@freebsd.org  Tue May 14 22:51:51 2019
Return-Path: <owner-svn-src-releng@freebsd.org>
Delivered-To: svn-src-releng@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1A895159B20D;
 Tue, 14 May 2019 22:51:51 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id B331D88485;
 Tue, 14 May 2019 22:51:50 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8D62627965;
 Tue, 14 May 2019 22:51:50 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x4EMpogj046787;
 Tue, 14 May 2019 22:51:50 GMT (envelope-from gordon@FreeBSD.org)
Received: (from gordon@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id x4EMpnFf046783;
 Tue, 14 May 2019 22:51:49 GMT (envelope-from gordon@FreeBSD.org)
Message-Id: <201905142251.x4EMpnFf046783@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: gordon set sender to
 gordon@FreeBSD.org using -f
From: Gordon Tetlow <gordon@FreeBSD.org>
Date: Tue, 14 May 2019 22:51:49 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-releng@freebsd.org
Subject: svn commit: r347585 - in releng: 11.2/usr.bin/xinstall
 11.2/usr.bin/xinstall/tests 12.0/usr.bin/xinstall 12.0/usr.bin/xinstall/tests
X-SVN-Group: releng
X-SVN-Commit-Author: gordon
X-SVN-Commit-Paths: in releng: 11.2/usr.bin/xinstall
 11.2/usr.bin/xinstall/tests 12.0/usr.bin/xinstall 12.0/usr.bin/xinstall/tests
X-SVN-Commit-Revision: 347585
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: B331D88485
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.95 / 15.00];
 local_wl_from(0.00)[FreeBSD.org];
 NEURAL_HAM_MEDIUM(-1.00)[-0.999,0];
 NEURAL_HAM_SHORT(-0.96)[-0.956,0];
 ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US];
 NEURAL_HAM_LONG(-1.00)[-1.000,0]
X-BeenThere: svn-src-releng@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the release engineering / security commits to
 the src tree <svn-src-releng.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-releng>, 
 <mailto:svn-src-releng-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-releng/>
List-Post: <mailto:svn-src-releng@freebsd.org>
List-Help: <mailto:svn-src-releng-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-releng>,
 <mailto:svn-src-releng-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 14 May 2019 22:51:51 -0000

Author: gordon
Date: Tue May 14 22:51:49 2019
New Revision: 347585
URL: https://svnweb.freebsd.org/changeset/base/347585

Log:
  Fix partially matching relative paths in xinstall.
  
  Approved by:	so
  Security:	FreeBSD-EN-19:09.xinstall

Modified:
  releng/11.2/usr.bin/xinstall/tests/install_test.sh
  releng/11.2/usr.bin/xinstall/xinstall.c
  releng/12.0/usr.bin/xinstall/tests/install_test.sh
  releng/12.0/usr.bin/xinstall/xinstall.c

Modified: releng/11.2/usr.bin/xinstall/tests/install_test.sh
==============================================================================
--- releng/11.2/usr.bin/xinstall/tests/install_test.sh	Tue May 14 22:48:36 2019	(r347584)
+++ releng/11.2/usr.bin/xinstall/tests/install_test.sh	Tue May 14 22:51:49 2019	(r347585)
@@ -377,6 +377,29 @@ mkdir_simple_body() {
 	atf_check install -d dir1/dir2/dir3
 }
 
+atf_test_case symbolic_link_relative_absolute_common
+symbolic_link_relative_absolute_common_head() {
+	atf_set "descr" "Verify -l rs with absolute paths having common components"
+}
+symbolic_link_relative_absolute_common_body() {
+	filename=foo.so
+	src_path=lib
+	src_path_prefixed=$PWD/$src_path
+	dest_path=$PWD/libexec/
+	src_file=$src_path_prefixed/$filename
+	dest_file=$dest_path/$filename
+
+	atf_check mkdir $src_path_prefixed $dest_path
+	atf_check touch $src_file
+	atf_check install -l sr $src_file $dest_path
+
+	dest_path_relative=$(readlink $dest_file)
+	src_path_relative="../lib/$filename"
+	if [ "$src_path_relative" != "$dest_path_relative" ]; then
+		atf_fail "unexpected symlink contents ('$src_path_relative' != '$dest_path_relative')"
+	fi
+}
+
 atf_init_test_cases() {
 	atf_add_test_case copy_to_nonexistent
 	atf_add_test_case copy_to_nonexistent_safe
@@ -415,5 +438,6 @@ atf_init_test_cases() {
 	atf_add_test_case symbolic_link_relative_absolute_source_and_dest1
 	atf_add_test_case symbolic_link_relative_absolute_source_and_dest1_double_slash
 	atf_add_test_case symbolic_link_relative_absolute_source_and_dest2
+	atf_add_test_case symbolic_link_relative_absolute_common
 	atf_add_test_case mkdir_simple
 }

Modified: releng/11.2/usr.bin/xinstall/xinstall.c
==============================================================================
--- releng/11.2/usr.bin/xinstall/xinstall.c	Tue May 14 22:48:36 2019	(r347584)
+++ releng/11.2/usr.bin/xinstall/xinstall.c	Tue May 14 22:51:49 2019	(r347585)
@@ -667,7 +667,7 @@ makelink(const char *from_name, const char *to_name,
 	}
 
 	if (dolink & LN_RELATIVE) {
-		char *to_name_copy, *cp, *d, *s;
+		char *to_name_copy, *cp, *d, *ld, *ls, *s;
 
 		if (*from_name != '/') {
 			/* this is already a relative link */
@@ -703,8 +703,19 @@ makelink(const char *from_name, const char *to_name,
 		free(to_name_copy);
 
 		/* Trim common path components. */
-		for (s = src, d = dst; *s == *d; s++, d++)
+		ls = ld = NULL;
+		for (s = src, d = dst; *s == *d; ls = s, ld = d, s++, d++)
 			continue;
+		/*
+		 * If we didn't end after a directory separator, then we've
+		 * falsely matched the last component.  For example, if one
+		 * invoked install -lrs /lib/foo.so /libexec/ then the source
+		 * would terminate just after the separator while the
+		 * destination would terminate in the middle of 'libexec',
+		 * leading to a full directory getting falsely eaten.
+		 */
+		if ((ls != NULL && *ls != '/') || (ld != NULL && *ld != '/'))
+			s--, d--;
 		while (*s != '/')
 			s--, d--;
 

Modified: releng/12.0/usr.bin/xinstall/tests/install_test.sh
==============================================================================
--- releng/12.0/usr.bin/xinstall/tests/install_test.sh	Tue May 14 22:48:36 2019	(r347584)
+++ releng/12.0/usr.bin/xinstall/tests/install_test.sh	Tue May 14 22:51:49 2019	(r347585)
@@ -377,6 +377,29 @@ mkdir_simple_body() {
 	atf_check install -d dir1/dir2/dir3
 }
 
+atf_test_case symbolic_link_relative_absolute_common
+symbolic_link_relative_absolute_common_head() {
+	atf_set "descr" "Verify -l rs with absolute paths having common components"
+}
+symbolic_link_relative_absolute_common_body() {
+	filename=foo.so
+	src_path=lib
+	src_path_prefixed=$PWD/$src_path
+	dest_path=$PWD/libexec/
+	src_file=$src_path_prefixed/$filename
+	dest_file=$dest_path/$filename
+
+	atf_check mkdir $src_path_prefixed $dest_path
+	atf_check touch $src_file
+	atf_check install -l sr $src_file $dest_path
+
+	dest_path_relative=$(readlink $dest_file)
+	src_path_relative="../lib/$filename"
+	if [ "$src_path_relative" != "$dest_path_relative" ]; then
+		atf_fail "unexpected symlink contents ('$src_path_relative' != '$dest_path_relative')"
+	fi
+}
+
 atf_init_test_cases() {
 	atf_add_test_case copy_to_nonexistent
 	atf_add_test_case copy_to_nonexistent_safe
@@ -415,5 +438,6 @@ atf_init_test_cases() {
 	atf_add_test_case symbolic_link_relative_absolute_source_and_dest1
 	atf_add_test_case symbolic_link_relative_absolute_source_and_dest1_double_slash
 	atf_add_test_case symbolic_link_relative_absolute_source_and_dest2
+	atf_add_test_case symbolic_link_relative_absolute_common
 	atf_add_test_case mkdir_simple
 }

Modified: releng/12.0/usr.bin/xinstall/xinstall.c
==============================================================================
--- releng/12.0/usr.bin/xinstall/xinstall.c	Tue May 14 22:48:36 2019	(r347584)
+++ releng/12.0/usr.bin/xinstall/xinstall.c	Tue May 14 22:51:49 2019	(r347585)
@@ -673,7 +673,7 @@ makelink(const char *from_name, const char *to_name,
 	}
 
 	if (dolink & LN_RELATIVE) {
-		char *to_name_copy, *cp, *d, *s;
+		char *to_name_copy, *cp, *d, *ld, *ls, *s;
 
 		if (*from_name != '/') {
 			/* this is already a relative link */
@@ -709,8 +709,19 @@ makelink(const char *from_name, const char *to_name,
 		free(to_name_copy);
 
 		/* Trim common path components. */
-		for (s = src, d = dst; *s == *d; s++, d++)
+		ls = ld = NULL;
+		for (s = src, d = dst; *s == *d; ls = s, ld = d, s++, d++)
 			continue;
+		/*
+		 * If we didn't end after a directory separator, then we've
+		 * falsely matched the last component.  For example, if one
+		 * invoked install -lrs /lib/foo.so /libexec/ then the source
+		 * would terminate just after the separator while the
+		 * destination would terminate in the middle of 'libexec',
+		 * leading to a full directory getting falsely eaten.
+		 */
+		if ((ls != NULL && *ls != '/') || (ld != NULL && *ld != '/'))
+			s--, d--;
 		while (*s != '/')
 			s--, d--;
 

From owner-svn-src-releng@freebsd.org  Tue May 14 22:54:18 2019
Return-Path: <owner-svn-src-releng@freebsd.org>
Delivered-To: svn-src-releng@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id D0522159B63C;
 Tue, 14 May 2019 22:54:18 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 75A5288927;
 Tue, 14 May 2019 22:54:18 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 3538427991;
 Tue, 14 May 2019 22:54:18 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x4EMsIj4047907;
 Tue, 14 May 2019 22:54:18 GMT (envelope-from gordon@FreeBSD.org)
Received: (from gordon@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id x4EMsH6O047905;
 Tue, 14 May 2019 22:54:17 GMT (envelope-from gordon@FreeBSD.org)
Message-Id: <201905142254.x4EMsH6O047905@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: gordon set sender to
 gordon@FreeBSD.org using -f
From: Gordon Tetlow <gordon@FreeBSD.org>
Date: Tue, 14 May 2019 22:54:17 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-releng@freebsd.org
Subject: svn commit: r347586 - releng/12.0/crypto/openssh
X-SVN-Group: releng
X-SVN-Commit-Author: gordon
X-SVN-Commit-Paths: releng/12.0/crypto/openssh
X-SVN-Commit-Revision: 347586
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: 75A5288927
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.97 / 15.00];
 local_wl_from(0.00)[FreeBSD.org];
 NEURAL_HAM_MEDIUM(-1.00)[-0.999,0];
 NEURAL_HAM_LONG(-1.00)[-1.000,0];
 NEURAL_HAM_SHORT(-0.97)[-0.973,0];
 ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]
X-BeenThere: svn-src-releng@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the release engineering / security commits to
 the src tree <svn-src-releng.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-releng>, 
 <mailto:svn-src-releng-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-releng/>
List-Post: <mailto:svn-src-releng@freebsd.org>
List-Help: <mailto:svn-src-releng-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-releng>,
 <mailto:svn-src-releng-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 14 May 2019 22:54:19 -0000

Author: gordon
Date: Tue May 14 22:54:17 2019
New Revision: 347586
URL: https://svnweb.freebsd.org/changeset/base/347586

Log:
  Fix insufficient filename validation in scp client
  
  Approved by:	so
  Security:	FreeBSD-EN-19:10.scp

Modified:
  releng/12.0/crypto/openssh/scp.1
  releng/12.0/crypto/openssh/scp.c

Modified: releng/12.0/crypto/openssh/scp.1
==============================================================================
--- releng/12.0/crypto/openssh/scp.1	Tue May 14 22:51:49 2019	(r347585)
+++ releng/12.0/crypto/openssh/scp.1	Tue May 14 22:54:17 2019	(r347586)
@@ -18,7 +18,7 @@
 .Nd secure copy (remote file copy program)
 .Sh SYNOPSIS
 .Nm scp
-.Op Fl 346BCpqrv
+.Op Fl 346BCpqrTv
 .Op Fl c Ar cipher
 .Op Fl F Ar ssh_config
 .Op Fl i Ar identity_file
@@ -207,6 +207,16 @@ to use for the encrypted connection.
 The program must understand
 .Xr ssh 1
 options.
+.It Fl T
+Disable strict filename checking.
+By default when copying files from a remote host to a local directory
+.Nm
+checks that the received filenames match those requested on the command-line
+to prevent the remote end from sending unexpected or unwanted files.
+Because of differences in how various operating systems and shells interpret
+filename wildcards, these checks may cause wanted files to be rejected.
+This option disables these checks at the expense of fully trusting that
+the server will not send unexpected filenames.
 .It Fl v
 Verbose mode.
 Causes

Modified: releng/12.0/crypto/openssh/scp.c
==============================================================================
--- releng/12.0/crypto/openssh/scp.c	Tue May 14 22:51:49 2019	(r347585)
+++ releng/12.0/crypto/openssh/scp.c	Tue May 14 22:54:17 2019	(r347586)
@@ -1,4 +1,4 @@
-/* $OpenBSD: scp.c,v 1.197 2018/06/01 04:31:48 dtucker Exp $ */
+/* $OpenBSD: scp.c,v 1.204 2019/02/10 11:15:52 djm Exp $ */
 /*
  * scp - secure remote copy.  This is basically patched BSD rcp which
  * uses ssh to do the data transfer (instead of using rcmd).
@@ -94,6 +94,7 @@
 #include <dirent.h>
 #include <errno.h>
 #include <fcntl.h>
+#include <fnmatch.h>
 #include <limits.h>
 #include <locale.h>
 #include <pwd.h>
@@ -375,14 +376,14 @@ void verifydir(char *);
 struct passwd *pwd;
 uid_t userid;
 int errs, remin, remout;
-int pflag, iamremote, iamrecursive, targetshouldbedirectory;
+int Tflag, pflag, iamremote, iamrecursive, targetshouldbedirectory;
 
 #define	CMDNEEDS	64
 char cmd[CMDNEEDS];		/* must hold "rcp -r -p -d\0" */
 
 int response(void);
 void rsource(char *, struct stat *);
-void sink(int, char *[]);
+void sink(int, char *[], const char *);
 void source(int, char *[]);
 void tolocal(int, char *[]);
 void toremote(int, char *[]);
@@ -421,8 +422,9 @@ main(int argc, char **argv)
 	addargs(&args, "-oRemoteCommand=none");
 	addargs(&args, "-oRequestTTY=no");
 
-	fflag = tflag = 0;
-	while ((ch = getopt(argc, argv, "dfl:prtvBCc:i:P:q12346S:o:F:")) != -1)
+	fflag = Tflag = tflag = 0;
+	while ((ch = getopt(argc, argv,
+	    "dfl:prtTvBCc:i:P:q12346S:o:F:")) != -1) {
 		switch (ch) {
 		/* User-visible flags. */
 		case '1':
@@ -501,9 +503,13 @@ main(int argc, char **argv)
 			setmode(0, O_BINARY);
 #endif
 			break;
+		case 'T':
+			Tflag = 1;
+			break;
 		default:
 			usage();
 		}
+	}
 	argc -= optind;
 	argv += optind;
 
@@ -534,7 +540,7 @@ main(int argc, char **argv)
 	}
 	if (tflag) {
 		/* Receive data. */
-		sink(argc, argv);
+		sink(argc, argv, NULL);
 		exit(errs != 0);
 	}
 	if (argc < 2)
@@ -620,6 +626,253 @@ parse_scp_uri(const char *uri, char **userp, char **ho
 	return r;
 }
 
+/* Appends a string to an array; returns 0 on success, -1 on alloc failure */
+static int
+append(char *cp, char ***ap, size_t *np)
+{
+	char **tmp;
+
+	if ((tmp = reallocarray(*ap, *np + 1, sizeof(*tmp))) == NULL)
+		return -1;
+	tmp[(*np)] = cp;
+	(*np)++;
+	*ap = tmp;
+	return 0;
+}
+
+/*
+ * Finds the start and end of the first brace pair in the pattern.
+ * returns 0 on success or -1 for invalid patterns.
+ */
+static int
+find_brace(const char *pattern, int *startp, int *endp)
+{
+	int i;
+	int in_bracket, brace_level;
+
+	*startp = *endp = -1;
+	in_bracket = brace_level = 0;
+	for (i = 0; i < INT_MAX && *endp < 0 && pattern[i] != '\0'; i++) {
+		switch (pattern[i]) {
+		case '\\':
+			/* skip next character */
+			if (pattern[i + 1] != '\0')
+				i++;
+			break;
+		case '[':
+			in_bracket = 1;
+			break;
+		case ']':
+			in_bracket = 0;
+			break;
+		case '{':
+			if (in_bracket)
+				break;
+			if (pattern[i + 1] == '}') {
+				/* Protect a single {}, for find(1), like csh */
+				i++; /* skip */
+				break;
+			}
+			if (*startp == -1)
+				*startp = i;
+			brace_level++;
+			break;
+		case '}':
+			if (in_bracket)
+				break;
+			if (*startp < 0) {
+				/* Unbalanced brace */
+				return -1;
+			}
+			if (--brace_level <= 0)
+				*endp = i;
+			break;
+		}
+	}
+	/* unbalanced brackets/braces */
+	if (*endp < 0 && (*startp >= 0 || in_bracket))
+		return -1;
+	return 0;
+}
+
+/*
+ * Assembles and records a successfully-expanded pattern, returns -1 on
+ * alloc failure.
+ */
+static int
+emit_expansion(const char *pattern, int brace_start, int brace_end,
+    int sel_start, int sel_end, char ***patternsp, size_t *npatternsp)
+{
+	char *cp;
+	int o = 0, tail_len = strlen(pattern + brace_end + 1);
+
+	if ((cp = malloc(brace_start + (sel_end - sel_start) +
+	    tail_len + 1)) == NULL)
+		return -1;
+
+	/* Pattern before initial brace */
+	if (brace_start > 0) {
+		memcpy(cp, pattern, brace_start);
+		o = brace_start;
+	}
+	/* Current braced selection */
+	if (sel_end - sel_start > 0) {
+		memcpy(cp + o, pattern + sel_start,
+		    sel_end - sel_start);
+		o += sel_end - sel_start;
+	}
+	/* Remainder of pattern after closing brace */
+	if (tail_len > 0) {
+		memcpy(cp + o, pattern + brace_end + 1, tail_len);
+		o += tail_len;
+	}
+	cp[o] = '\0';
+	if (append(cp, patternsp, npatternsp) != 0) {
+		free(cp);
+		return -1;
+	}
+	return 0;
+}
+
+/*
+ * Expand the first encountered brace in pattern, appending the expanded
+ * patterns it yielded to the *patternsp array.
+ *
+ * Returns 0 on success or -1 on allocation failure.
+ *
+ * Signals whether expansion was performed via *expanded and whether
+ * pattern was invalid via *invalid.
+ */
+static int
+brace_expand_one(const char *pattern, char ***patternsp, size_t *npatternsp,
+    int *expanded, int *invalid)
+{
+	int i;
+	int in_bracket, brace_start, brace_end, brace_level;
+	int sel_start, sel_end;
+
+	*invalid = *expanded = 0;
+
+	if (find_brace(pattern, &brace_start, &brace_end) != 0) {
+		*invalid = 1;
+		return 0;
+	} else if (brace_start == -1)
+		return 0;
+
+	in_bracket = brace_level = 0;
+	for (i = sel_start = brace_start + 1; i < brace_end; i++) {
+		switch (pattern[i]) {
+		case '{':
+			if (in_bracket)
+				break;
+			brace_level++;
+			break;
+		case '}':
+			if (in_bracket)
+				break;
+			brace_level--;
+			break;
+		case '[':
+			in_bracket = 1;
+			break;
+		case ']':
+			in_bracket = 0;
+			break;
+		case '\\':
+			if (i < brace_end - 1)
+				i++; /* skip */
+			break;
+		}
+		if (pattern[i] == ',' || i == brace_end - 1) {
+			if (in_bracket || brace_level > 0)
+				continue;
+			/* End of a selection, emit an expanded pattern */
+
+			/* Adjust end index for last selection */
+			sel_end = (i == brace_end - 1) ? brace_end : i;
+			if (emit_expansion(pattern, brace_start, brace_end,
+			    sel_start, sel_end, patternsp, npatternsp) != 0)
+				return -1;
+			/* move on to the next selection */
+			sel_start = i + 1;
+			continue;
+		}
+	}
+	if (in_bracket || brace_level > 0) {
+		*invalid = 1;
+		return 0;
+	}
+	/* success */
+	*expanded = 1;
+	return 0;
+}
+
+/* Expand braces from pattern. Returns 0 on success, -1 on failure */
+static int
+brace_expand(const char *pattern, char ***patternsp, size_t *npatternsp)
+{
+	char *cp, *cp2, **active = NULL, **done = NULL;
+	size_t i, nactive = 0, ndone = 0;
+	int ret = -1, invalid = 0, expanded = 0;
+
+	*patternsp = NULL;
+	*npatternsp = 0;
+
+	/* Start the worklist with the original pattern */
+	if ((cp = strdup(pattern)) == NULL)
+		return -1;
+	if (append(cp, &active, &nactive) != 0) {
+		free(cp);
+		return -1;
+	}
+	while (nactive > 0) {
+		cp = active[nactive - 1];
+		nactive--;
+		if (brace_expand_one(cp, &active, &nactive,
+		    &expanded, &invalid) == -1) {
+			free(cp);
+			goto fail;
+		}
+		if (invalid)
+			fatal("%s: invalid brace pattern \"%s\"", __func__, cp);
+		if (expanded) {
+			/*
+			 * Current entry expanded to new entries on the
+			 * active list; discard the progenitor pattern.
+			 */
+			free(cp);
+			continue;
+		}
+		/*
+		 * Pattern did not expand; append the finename component to
+		 * the completed list
+		 */
+		if ((cp2 = strrchr(cp, '/')) != NULL)
+			*cp2++ = '\0';
+		else
+			cp2 = cp;
+		if (append(xstrdup(cp2), &done, &ndone) != 0) {
+			free(cp);
+			goto fail;
+		}
+		free(cp);
+	}
+	/* success */
+	*patternsp = done;
+	*npatternsp = ndone;
+	done = NULL;
+	ndone = 0;
+	ret = 0;
+ fail:
+	for (i = 0; i < nactive; i++)
+		free(active[i]);
+	free(active);
+	for (i = 0; i < ndone; i++)
+		free(done[i]);
+	free(done);
+	return ret;
+}
+
 void
 toremote(int argc, char **argv)
 {
@@ -791,7 +1044,7 @@ tolocal(int argc, char **argv)
 			continue;
 		}
 		free(bp);
-		sink(1, argv + argc - 1);
+		sink(1, argv + argc - 1, src);
 		(void) close(remin);
 		remin = remout = -1;
 	}
@@ -967,7 +1220,7 @@ rsource(char *name, struct stat *statp)
 	 (sizeof(type) != 4 && sizeof(type) != 8))
 
 void
-sink(int argc, char **argv)
+sink(int argc, char **argv, const char *src)
 {
 	static BUF buffer;
 	struct stat stb;
@@ -983,6 +1236,8 @@ sink(int argc, char **argv)
 	unsigned long long ull;
 	int setimes, targisdir, wrerrno = 0;
 	char ch, *cp, *np, *targ, *why, *vect[1], buf[2048], visbuf[2048];
+	char **patterns = NULL;
+	size_t n, npatterns = 0;
 	struct timeval tv[2];
 
 #define	atime	tv[0]
@@ -1007,10 +1262,18 @@ sink(int argc, char **argv)
 	(void) atomicio(vwrite, remout, "", 1);
 	if (stat(targ, &stb) == 0 && S_ISDIR(stb.st_mode))
 		targisdir = 1;
+	if (src != NULL && !iamrecursive && !Tflag) {
+		/*
+		 * Prepare to try to restrict incoming filenames to match
+		 * the requested destination file glob.
+		 */
+		if (brace_expand(src, &patterns, &npatterns) != 0)
+			fatal("%s: could not expand pattern", __func__);
+	}
 	for (first = 1;; first = 0) {
 		cp = buf;
 		if (atomicio(read, remin, cp, 1) != 1)
-			return;
+			goto done;
 		if (*cp++ == '\n')
 			SCREWUP("unexpected <newline>");
 		do {
@@ -1036,7 +1299,7 @@ sink(int argc, char **argv)
 		}
 		if (buf[0] == 'E') {
 			(void) atomicio(vwrite, remout, "", 1);
-			return;
+			goto done;
 		}
 		if (ch == '\n')
 			*--cp = 0;
@@ -1106,10 +1369,19 @@ sink(int argc, char **argv)
 			SCREWUP("size out of range");
 		size = (off_t)ull;
 
-		if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) {
+		if (*cp == '\0' || strchr(cp, '/') != NULL ||
+		    strcmp(cp, ".") == 0 || strcmp(cp, "..") == 0) {
 			run_err("error: unexpected filename: %s", cp);
 			exit(1);
 		}
+		if (npatterns > 0) {
+			for (n = 0; n < npatterns; n++) {
+				if (fnmatch(patterns[n], cp, 0) == 0)
+					break;
+			}
+			if (n >= npatterns)
+				SCREWUP("filename does not match request");
+		}
 		if (targisdir) {
 			static char *namebuf;
 			static size_t cursize;
@@ -1147,7 +1419,7 @@ sink(int argc, char **argv)
 					goto bad;
 			}
 			vect[0] = xstrdup(np);
-			sink(1, vect);
+			sink(1, vect, src);
 			if (setimes) {
 				setimes = 0;
 				if (utimes(vect[0], tv) < 0)
@@ -1268,7 +1540,15 @@ bad:			run_err("%s: %s", np, strerror(errno));
 			break;
 		}
 	}
+done:
+	for (n = 0; n < npatterns; n++)
+		free(patterns[n]);
+	free(patterns);
+	return;
 screwup:
+	for (n = 0; n < npatterns; n++)
+		free(patterns[n]);
+	free(patterns);
 	run_err("protocol error: %s", why);
 	exit(1);
 }
@@ -1315,7 +1595,7 @@ void
 usage(void)
 {
 	(void) fprintf(stderr,
-	    "usage: scp [-346BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file]\n"
+	    "usage: scp [-346BCpqrTv] [-c cipher] [-F ssh_config] [-i identity_file]\n"
 	    "           [-l limit] [-o ssh_option] [-P port] [-S program] source ... target\n");
 	exit(1);
 }

From owner-svn-src-releng@freebsd.org  Tue May 14 22:57:32 2019
Return-Path: <owner-svn-src-releng@freebsd.org>
Delivered-To: svn-src-releng@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5246A159B6ED;
 Tue, 14 May 2019 22:57:32 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id F0D9988AAE;
 Tue, 14 May 2019 22:57:31 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id C955B27994;
 Tue, 14 May 2019 22:57:31 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x4EMvVFo048124;
 Tue, 14 May 2019 22:57:31 GMT (envelope-from gordon@FreeBSD.org)
Received: (from gordon@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id x4EMvU4D048113;
 Tue, 14 May 2019 22:57:30 GMT (envelope-from gordon@FreeBSD.org)
Message-Id: <201905142257.x4EMvU4D048113@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: gordon set sender to
 gordon@FreeBSD.org using -f
From: Gordon Tetlow <gordon@FreeBSD.org>
Date: Tue, 14 May 2019 22:57:30 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-releng@freebsd.org
Subject: svn commit: r347587 - in releng/12.0: . contrib/wpa
 contrib/wpa/hostapd contrib/wpa/hs20/client contrib/wpa/src/ap
 contrib/wpa/src/common contrib/wpa/src/crypto contrib/wpa/src/drivers
 contrib/wpa/...
X-SVN-Group: releng
X-SVN-Commit-Author: gordon
X-SVN-Commit-Paths: in releng/12.0: . contrib/wpa contrib/wpa/hostapd
 contrib/wpa/hs20/client contrib/wpa/src/ap contrib/wpa/src/common
 contrib/wpa/src/crypto contrib/wpa/src/drivers contrib/wpa/src/eap_common
 contrib/wp...
X-SVN-Commit-Revision: 347587
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: F0D9988AAE
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.97 / 15.00];
 local_wl_from(0.00)[FreeBSD.org];
 NEURAL_HAM_SHORT(-0.98)[-0.976,0];
 ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US];
 NEURAL_HAM_MEDIUM(-1.00)[-0.999,0];
 NEURAL_HAM_LONG(-1.00)[-1.000,0]
X-BeenThere: svn-src-releng@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the release engineering / security commits to
 the src tree <svn-src-releng.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-releng>, 
 <mailto:svn-src-releng-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-releng/>
List-Post: <mailto:svn-src-releng@freebsd.org>
List-Help: <mailto:svn-src-releng-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-releng>,
 <mailto:svn-src-releng-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 14 May 2019 22:57:32 -0000

Author: gordon
Date: Tue May 14 22:57:29 2019
New Revision: 347587
URL: https://svnweb.freebsd.org/changeset/base/347587

Log:
  Update hostapd/wpa_supplicant to 2.8 to fix multiple vulnerabilities.
  
  Approved by:	so
  Security:	FreeBSD-SA-19:03.wpa
  Security:	CVE-2019-9494
  Security:	CVE-2019-9495
  Security:	CVE-2019-9496
  Security:	CVE-2019-9497
  Security:	CVE-2019-9498
  Security:	CVE-2019-9499
  Security:	CVE-2019-11555

Added:
  releng/12.0/contrib/wpa/hostapd/README-MULTI-AP
  releng/12.0/contrib/wpa/src/ap/dpp_hostapd.c
  releng/12.0/contrib/wpa/src/ap/dpp_hostapd.h
  releng/12.0/contrib/wpa/src/ap/eth_p_oui.c
  releng/12.0/contrib/wpa/src/ap/eth_p_oui.h
  releng/12.0/contrib/wpa/src/ap/fils_hlp.c
  releng/12.0/contrib/wpa/src/ap/fils_hlp.h
  releng/12.0/contrib/wpa/src/ap/gas_query_ap.c
  releng/12.0/contrib/wpa/src/ap/gas_query_ap.h
  releng/12.0/contrib/wpa/src/ap/ieee802_11_he.c
  releng/12.0/contrib/wpa/src/common/dhcp.h
  releng/12.0/contrib/wpa/src/common/dpp.c
  releng/12.0/contrib/wpa/src/common/dpp.h
  releng/12.0/contrib/wpa/src/common/gas_server.c
  releng/12.0/contrib/wpa/src/common/gas_server.h
  releng/12.0/contrib/wpa/src/common/ocv.c
  releng/12.0/contrib/wpa/src/common/ocv.h
  releng/12.0/contrib/wpa/src/crypto/crypto_linux.c
  releng/12.0/contrib/wpa/src/crypto/crypto_nettle.c
  releng/12.0/contrib/wpa/src/crypto/crypto_wolfssl.c
  releng/12.0/contrib/wpa/src/crypto/fips_prf_wolfssl.c
  releng/12.0/contrib/wpa/src/crypto/sha384-kdf.c
  releng/12.0/contrib/wpa/src/crypto/sha384.c
  releng/12.0/contrib/wpa/src/crypto/sha512-kdf.c
  releng/12.0/contrib/wpa/src/crypto/sha512-prf.c
  releng/12.0/contrib/wpa/src/crypto/sha512.c
  releng/12.0/contrib/wpa/src/crypto/sha512.h
  releng/12.0/contrib/wpa/src/crypto/tls_wolfssl.c
  releng/12.0/contrib/wpa/src/drivers/driver_macsec_linux.c
  releng/12.0/contrib/wpa/src/drivers/driver_wired_common.c
  releng/12.0/contrib/wpa/src/drivers/driver_wired_common.h
  releng/12.0/contrib/wpa/src/utils/const_time.h
  releng/12.0/contrib/wpa/src/utils/crc32.c
  releng/12.0/contrib/wpa/src/utils/crc32.h
  releng/12.0/contrib/wpa/src/utils/json.c
  releng/12.0/contrib/wpa/src/utils/json.h
  releng/12.0/contrib/wpa/wpa_supplicant/README-DPP
  releng/12.0/contrib/wpa/wpa_supplicant/dpp_supplicant.c
  releng/12.0/contrib/wpa/wpa_supplicant/dpp_supplicant.h
  releng/12.0/contrib/wpa/wpa_supplicant/examples/dpp-qrcode.py
  releng/12.0/contrib/wpa/wpa_supplicant/op_classes.c
  releng/12.0/contrib/wpa/wpa_supplicant/rrm.c
Deleted:
  releng/12.0/contrib/wpa/src/ap/peerkey_auth.c
  releng/12.0/contrib/wpa/src/rsn_supp/peerkey.c
  releng/12.0/contrib/wpa/src/rsn_supp/peerkey.h
  releng/12.0/contrib/wpa/wpa_supplicant/dbus/dbus_old.c
  releng/12.0/contrib/wpa/wpa_supplicant/dbus/dbus_old.h
  releng/12.0/contrib/wpa/wpa_supplicant/dbus/dbus_old_handlers.c
  releng/12.0/contrib/wpa/wpa_supplicant/dbus/dbus_old_handlers.h
  releng/12.0/contrib/wpa/wpa_supplicant/dbus/dbus_old_handlers_wps.c
  releng/12.0/contrib/wpa/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in
  releng/12.0/contrib/wpa/wpa_supplicant/examples/wpas-test.py
Modified:
  releng/12.0/Makefile.inc1
  releng/12.0/contrib/wpa/CONTRIBUTIONS
  releng/12.0/contrib/wpa/COPYING
  releng/12.0/contrib/wpa/README
  releng/12.0/contrib/wpa/hostapd/ChangeLog
  releng/12.0/contrib/wpa/hostapd/README
  releng/12.0/contrib/wpa/hostapd/config_file.c
  releng/12.0/contrib/wpa/hostapd/config_file.h
  releng/12.0/contrib/wpa/hostapd/ctrl_iface.c
  releng/12.0/contrib/wpa/hostapd/defconfig
  releng/12.0/contrib/wpa/hostapd/hlr_auc_gw.c
  releng/12.0/contrib/wpa/hostapd/hostapd.conf
  releng/12.0/contrib/wpa/hostapd/hostapd.eap_user_sqlite
  releng/12.0/contrib/wpa/hostapd/hostapd.wpa_psk
  releng/12.0/contrib/wpa/hostapd/hostapd_cli.c
  releng/12.0/contrib/wpa/hostapd/main.c
  releng/12.0/contrib/wpa/hostapd/wps-ap-nfc.py
  releng/12.0/contrib/wpa/hs20/client/Makefile
  releng/12.0/contrib/wpa/hs20/client/est.c
  releng/12.0/contrib/wpa/hs20/client/oma_dm_client.c
  releng/12.0/contrib/wpa/hs20/client/osu_client.c
  releng/12.0/contrib/wpa/hs20/client/osu_client.h
  releng/12.0/contrib/wpa/src/ap/acs.c
  releng/12.0/contrib/wpa/src/ap/acs.h
  releng/12.0/contrib/wpa/src/ap/ap_config.c
  releng/12.0/contrib/wpa/src/ap/ap_config.h
  releng/12.0/contrib/wpa/src/ap/ap_drv_ops.c
  releng/12.0/contrib/wpa/src/ap/ap_drv_ops.h
  releng/12.0/contrib/wpa/src/ap/ap_mlme.c
  releng/12.0/contrib/wpa/src/ap/authsrv.c
  releng/12.0/contrib/wpa/src/ap/beacon.c
  releng/12.0/contrib/wpa/src/ap/beacon.h
  releng/12.0/contrib/wpa/src/ap/bss_load.c
  releng/12.0/contrib/wpa/src/ap/ctrl_iface_ap.c
  releng/12.0/contrib/wpa/src/ap/ctrl_iface_ap.h
  releng/12.0/contrib/wpa/src/ap/dfs.c
  releng/12.0/contrib/wpa/src/ap/dfs.h
  releng/12.0/contrib/wpa/src/ap/dhcp_snoop.c
  releng/12.0/contrib/wpa/src/ap/drv_callbacks.c
  releng/12.0/contrib/wpa/src/ap/eap_user_db.c
  releng/12.0/contrib/wpa/src/ap/gas_serv.c
  releng/12.0/contrib/wpa/src/ap/gas_serv.h
  releng/12.0/contrib/wpa/src/ap/hostapd.c
  releng/12.0/contrib/wpa/src/ap/hostapd.h
  releng/12.0/contrib/wpa/src/ap/hs20.c
  releng/12.0/contrib/wpa/src/ap/hs20.h
  releng/12.0/contrib/wpa/src/ap/hw_features.c
  releng/12.0/contrib/wpa/src/ap/ieee802_11.c
  releng/12.0/contrib/wpa/src/ap/ieee802_11.h
  releng/12.0/contrib/wpa/src/ap/ieee802_11_auth.c
  releng/12.0/contrib/wpa/src/ap/ieee802_11_auth.h
  releng/12.0/contrib/wpa/src/ap/ieee802_11_ht.c
  releng/12.0/contrib/wpa/src/ap/ieee802_11_shared.c
  releng/12.0/contrib/wpa/src/ap/ieee802_11_vht.c
  releng/12.0/contrib/wpa/src/ap/ieee802_1x.c
  releng/12.0/contrib/wpa/src/ap/ieee802_1x.h
  releng/12.0/contrib/wpa/src/ap/ndisc_snoop.c
  releng/12.0/contrib/wpa/src/ap/neighbor_db.c
  releng/12.0/contrib/wpa/src/ap/neighbor_db.h
  releng/12.0/contrib/wpa/src/ap/pmksa_cache_auth.c
  releng/12.0/contrib/wpa/src/ap/pmksa_cache_auth.h
  releng/12.0/contrib/wpa/src/ap/rrm.c
  releng/12.0/contrib/wpa/src/ap/rrm.h
  releng/12.0/contrib/wpa/src/ap/sta_info.c
  releng/12.0/contrib/wpa/src/ap/sta_info.h
  releng/12.0/contrib/wpa/src/ap/taxonomy.c
  releng/12.0/contrib/wpa/src/ap/tkip_countermeasures.c
  releng/12.0/contrib/wpa/src/ap/vlan_full.c
  releng/12.0/contrib/wpa/src/ap/vlan_init.c
  releng/12.0/contrib/wpa/src/ap/wmm.c
  releng/12.0/contrib/wpa/src/ap/wnm_ap.c
  releng/12.0/contrib/wpa/src/ap/wnm_ap.h
  releng/12.0/contrib/wpa/src/ap/wpa_auth.c
  releng/12.0/contrib/wpa/src/ap/wpa_auth.h
  releng/12.0/contrib/wpa/src/ap/wpa_auth_ft.c
  releng/12.0/contrib/wpa/src/ap/wpa_auth_glue.c
  releng/12.0/contrib/wpa/src/ap/wpa_auth_i.h
  releng/12.0/contrib/wpa/src/ap/wpa_auth_ie.c
  releng/12.0/contrib/wpa/src/ap/wpa_auth_ie.h
  releng/12.0/contrib/wpa/src/ap/wps_hostapd.c
  releng/12.0/contrib/wpa/src/common/common_module_tests.c
  releng/12.0/contrib/wpa/src/common/ctrl_iface_common.c
  releng/12.0/contrib/wpa/src/common/ctrl_iface_common.h
  releng/12.0/contrib/wpa/src/common/defs.h
  releng/12.0/contrib/wpa/src/common/gas.c
  releng/12.0/contrib/wpa/src/common/gas.h
  releng/12.0/contrib/wpa/src/common/hw_features_common.c
  releng/12.0/contrib/wpa/src/common/hw_features_common.h
  releng/12.0/contrib/wpa/src/common/ieee802_11_common.c
  releng/12.0/contrib/wpa/src/common/ieee802_11_common.h
  releng/12.0/contrib/wpa/src/common/ieee802_11_defs.h
  releng/12.0/contrib/wpa/src/common/ieee802_1x_defs.h
  releng/12.0/contrib/wpa/src/common/privsep_commands.h
  releng/12.0/contrib/wpa/src/common/qca-vendor.h
  releng/12.0/contrib/wpa/src/common/sae.c
  releng/12.0/contrib/wpa/src/common/sae.h
  releng/12.0/contrib/wpa/src/common/version.h
  releng/12.0/contrib/wpa/src/common/wpa_common.c
  releng/12.0/contrib/wpa/src/common/wpa_common.h
  releng/12.0/contrib/wpa/src/common/wpa_ctrl.c
  releng/12.0/contrib/wpa/src/common/wpa_ctrl.h
  releng/12.0/contrib/wpa/src/common/wpa_helpers.c
  releng/12.0/contrib/wpa/src/crypto/aes-ctr.c
  releng/12.0/contrib/wpa/src/crypto/aes-internal-dec.c
  releng/12.0/contrib/wpa/src/crypto/aes-internal-enc.c
  releng/12.0/contrib/wpa/src/crypto/aes-siv.c
  releng/12.0/contrib/wpa/src/crypto/aes.h
  releng/12.0/contrib/wpa/src/crypto/aes_siv.h
  releng/12.0/contrib/wpa/src/crypto/aes_wrap.h
  releng/12.0/contrib/wpa/src/crypto/crypto.h
  releng/12.0/contrib/wpa/src/crypto/crypto_gnutls.c
  releng/12.0/contrib/wpa/src/crypto/crypto_internal-modexp.c
  releng/12.0/contrib/wpa/src/crypto/crypto_internal.c
  releng/12.0/contrib/wpa/src/crypto/crypto_libtomcrypt.c
  releng/12.0/contrib/wpa/src/crypto/crypto_module_tests.c
  releng/12.0/contrib/wpa/src/crypto/crypto_none.c
  releng/12.0/contrib/wpa/src/crypto/crypto_openssl.c
  releng/12.0/contrib/wpa/src/crypto/des-internal.c
  releng/12.0/contrib/wpa/src/crypto/dh_groups.c
  releng/12.0/contrib/wpa/src/crypto/md4-internal.c
  releng/12.0/contrib/wpa/src/crypto/ms_funcs.c
  releng/12.0/contrib/wpa/src/crypto/ms_funcs.h
  releng/12.0/contrib/wpa/src/crypto/random.c
  releng/12.0/contrib/wpa/src/crypto/sha1-internal.c
  releng/12.0/contrib/wpa/src/crypto/sha1-tlsprf.c
  releng/12.0/contrib/wpa/src/crypto/sha256-internal.c
  releng/12.0/contrib/wpa/src/crypto/sha256-kdf.c
  releng/12.0/contrib/wpa/src/crypto/sha384-prf.c
  releng/12.0/contrib/wpa/src/crypto/sha384.h
  releng/12.0/contrib/wpa/src/crypto/sha512-internal.c
  releng/12.0/contrib/wpa/src/crypto/tls.h
  releng/12.0/contrib/wpa/src/crypto/tls_gnutls.c
  releng/12.0/contrib/wpa/src/crypto/tls_internal.c
  releng/12.0/contrib/wpa/src/crypto/tls_none.c
  releng/12.0/contrib/wpa/src/crypto/tls_openssl.c
  releng/12.0/contrib/wpa/src/drivers/driver.h
  releng/12.0/contrib/wpa/src/drivers/driver_bsd.c
  releng/12.0/contrib/wpa/src/drivers/driver_common.c
  releng/12.0/contrib/wpa/src/drivers/driver_macsec_qca.c
  releng/12.0/contrib/wpa/src/drivers/driver_ndis.c
  releng/12.0/contrib/wpa/src/drivers/driver_nl80211.h
  releng/12.0/contrib/wpa/src/drivers/driver_nl80211_capa.c
  releng/12.0/contrib/wpa/src/drivers/driver_nl80211_event.c
  releng/12.0/contrib/wpa/src/drivers/driver_nl80211_monitor.c
  releng/12.0/contrib/wpa/src/drivers/driver_nl80211_scan.c
  releng/12.0/contrib/wpa/src/drivers/driver_openbsd.c
  releng/12.0/contrib/wpa/src/drivers/driver_privsep.c
  releng/12.0/contrib/wpa/src/drivers/driver_wired.c
  releng/12.0/contrib/wpa/src/drivers/drivers.c
  releng/12.0/contrib/wpa/src/eap_common/eap_eke_common.c
  releng/12.0/contrib/wpa/src/eap_common/eap_fast_common.c
  releng/12.0/contrib/wpa/src/eap_common/eap_pwd_common.c
  releng/12.0/contrib/wpa/src/eap_common/eap_pwd_common.h
  releng/12.0/contrib/wpa/src/eap_common/eap_sake_common.c
  releng/12.0/contrib/wpa/src/eap_common/eap_sake_common.h
  releng/12.0/contrib/wpa/src/eap_common/eap_sim_common.c
  releng/12.0/contrib/wpa/src/eap_peer/eap.c
  releng/12.0/contrib/wpa/src/eap_peer/eap.h
  releng/12.0/contrib/wpa/src/eap_peer/eap_aka.c
  releng/12.0/contrib/wpa/src/eap_peer/eap_config.h
  releng/12.0/contrib/wpa/src/eap_peer/eap_eke.c
  releng/12.0/contrib/wpa/src/eap_peer/eap_fast.c
  releng/12.0/contrib/wpa/src/eap_peer/eap_fast_pac.c
  releng/12.0/contrib/wpa/src/eap_peer/eap_gpsk.c
  releng/12.0/contrib/wpa/src/eap_peer/eap_i.h
  releng/12.0/contrib/wpa/src/eap_peer/eap_ikev2.c
  releng/12.0/contrib/wpa/src/eap_peer/eap_leap.c
  releng/12.0/contrib/wpa/src/eap_peer/eap_mschapv2.c
  releng/12.0/contrib/wpa/src/eap_peer/eap_pax.c
  releng/12.0/contrib/wpa/src/eap_peer/eap_peap.c
  releng/12.0/contrib/wpa/src/eap_peer/eap_proxy.h
  releng/12.0/contrib/wpa/src/eap_peer/eap_proxy_dummy.c
  releng/12.0/contrib/wpa/src/eap_peer/eap_psk.c
  releng/12.0/contrib/wpa/src/eap_peer/eap_pwd.c
  releng/12.0/contrib/wpa/src/eap_peer/eap_sake.c
  releng/12.0/contrib/wpa/src/eap_peer/eap_sim.c
  releng/12.0/contrib/wpa/src/eap_peer/eap_tls.c
  releng/12.0/contrib/wpa/src/eap_peer/eap_tls_common.c
  releng/12.0/contrib/wpa/src/eap_peer/eap_tls_common.h
  releng/12.0/contrib/wpa/src/eap_peer/eap_ttls.c
  releng/12.0/contrib/wpa/src/eap_peer/eap_wsc.c
  releng/12.0/contrib/wpa/src/eap_peer/ikev2.c
  releng/12.0/contrib/wpa/src/eap_peer/tncc.c
  releng/12.0/contrib/wpa/src/eap_server/eap.h
  releng/12.0/contrib/wpa/src/eap_server/eap_i.h
  releng/12.0/contrib/wpa/src/eap_server/eap_server.c
  releng/12.0/contrib/wpa/src/eap_server/eap_server_aka.c
  releng/12.0/contrib/wpa/src/eap_server/eap_server_eke.c
  releng/12.0/contrib/wpa/src/eap_server/eap_server_fast.c
  releng/12.0/contrib/wpa/src/eap_server/eap_server_gpsk.c
  releng/12.0/contrib/wpa/src/eap_server/eap_server_gtc.c
  releng/12.0/contrib/wpa/src/eap_server/eap_server_ikev2.c
  releng/12.0/contrib/wpa/src/eap_server/eap_server_mschapv2.c
  releng/12.0/contrib/wpa/src/eap_server/eap_server_pax.c
  releng/12.0/contrib/wpa/src/eap_server/eap_server_peap.c
  releng/12.0/contrib/wpa/src/eap_server/eap_server_psk.c
  releng/12.0/contrib/wpa/src/eap_server/eap_server_pwd.c
  releng/12.0/contrib/wpa/src/eap_server/eap_server_sake.c
  releng/12.0/contrib/wpa/src/eap_server/eap_server_sim.c
  releng/12.0/contrib/wpa/src/eap_server/eap_server_tls.c
  releng/12.0/contrib/wpa/src/eap_server/eap_server_tls_common.c
  releng/12.0/contrib/wpa/src/eap_server/eap_server_ttls.c
  releng/12.0/contrib/wpa/src/eap_server/eap_server_wsc.c
  releng/12.0/contrib/wpa/src/eap_server/eap_tls_common.h
  releng/12.0/contrib/wpa/src/eap_server/ikev2.c
  releng/12.0/contrib/wpa/src/eap_server/tncs.c
  releng/12.0/contrib/wpa/src/eapol_auth/eapol_auth_sm.c
  releng/12.0/contrib/wpa/src/eapol_auth/eapol_auth_sm.h
  releng/12.0/contrib/wpa/src/eapol_supp/eapol_supp_sm.c
  releng/12.0/contrib/wpa/src/eapol_supp/eapol_supp_sm.h
  releng/12.0/contrib/wpa/src/fst/fst.h
  releng/12.0/contrib/wpa/src/fst/fst_ctrl_aux.h
  releng/12.0/contrib/wpa/src/fst/fst_ctrl_iface.c
  releng/12.0/contrib/wpa/src/fst/fst_group.c
  releng/12.0/contrib/wpa/src/fst/fst_iface.h
  releng/12.0/contrib/wpa/src/fst/fst_session.c
  releng/12.0/contrib/wpa/src/l2_packet/l2_packet.h
  releng/12.0/contrib/wpa/src/l2_packet/l2_packet_privsep.c
  releng/12.0/contrib/wpa/src/p2p/p2p.c
  releng/12.0/contrib/wpa/src/p2p/p2p.h
  releng/12.0/contrib/wpa/src/p2p/p2p_build.c
  releng/12.0/contrib/wpa/src/p2p/p2p_go_neg.c
  releng/12.0/contrib/wpa/src/p2p/p2p_group.c
  releng/12.0/contrib/wpa/src/p2p/p2p_i.h
  releng/12.0/contrib/wpa/src/p2p/p2p_invitation.c
  releng/12.0/contrib/wpa/src/p2p/p2p_pd.c
  releng/12.0/contrib/wpa/src/p2p/p2p_sd.c
  releng/12.0/contrib/wpa/src/p2p/p2p_utils.c
  releng/12.0/contrib/wpa/src/pae/ieee802_1x_cp.c
  releng/12.0/contrib/wpa/src/pae/ieee802_1x_cp.h
  releng/12.0/contrib/wpa/src/pae/ieee802_1x_kay.c
  releng/12.0/contrib/wpa/src/pae/ieee802_1x_kay.h
  releng/12.0/contrib/wpa/src/pae/ieee802_1x_kay_i.h
  releng/12.0/contrib/wpa/src/pae/ieee802_1x_key.c
  releng/12.0/contrib/wpa/src/pae/ieee802_1x_key.h
  releng/12.0/contrib/wpa/src/pae/ieee802_1x_secy_ops.c
  releng/12.0/contrib/wpa/src/pae/ieee802_1x_secy_ops.h
  releng/12.0/contrib/wpa/src/radius/radius.c
  releng/12.0/contrib/wpa/src/radius/radius.h
  releng/12.0/contrib/wpa/src/radius/radius_client.c
  releng/12.0/contrib/wpa/src/radius/radius_das.c
  releng/12.0/contrib/wpa/src/radius/radius_das.h
  releng/12.0/contrib/wpa/src/radius/radius_server.c
  releng/12.0/contrib/wpa/src/radius/radius_server.h
  releng/12.0/contrib/wpa/src/rsn_supp/pmksa_cache.c
  releng/12.0/contrib/wpa/src/rsn_supp/pmksa_cache.h
  releng/12.0/contrib/wpa/src/rsn_supp/preauth.c
  releng/12.0/contrib/wpa/src/rsn_supp/tdls.c
  releng/12.0/contrib/wpa/src/rsn_supp/wpa.c
  releng/12.0/contrib/wpa/src/rsn_supp/wpa.h
  releng/12.0/contrib/wpa/src/rsn_supp/wpa_ft.c
  releng/12.0/contrib/wpa/src/rsn_supp/wpa_i.h
  releng/12.0/contrib/wpa/src/rsn_supp/wpa_ie.c
  releng/12.0/contrib/wpa/src/rsn_supp/wpa_ie.h
  releng/12.0/contrib/wpa/src/tls/asn1.c
  releng/12.0/contrib/wpa/src/tls/bignum.c
  releng/12.0/contrib/wpa/src/tls/libtommath.c
  releng/12.0/contrib/wpa/src/tls/rsa.c
  releng/12.0/contrib/wpa/src/tls/tlsv1_client.c
  releng/12.0/contrib/wpa/src/tls/tlsv1_client.h
  releng/12.0/contrib/wpa/src/tls/tlsv1_client_read.c
  releng/12.0/contrib/wpa/src/tls/tlsv1_client_write.c
  releng/12.0/contrib/wpa/src/tls/tlsv1_common.c
  releng/12.0/contrib/wpa/src/tls/tlsv1_cred.c
  releng/12.0/contrib/wpa/src/tls/tlsv1_server.c
  releng/12.0/contrib/wpa/src/tls/tlsv1_server.h
  releng/12.0/contrib/wpa/src/tls/tlsv1_server_i.h
  releng/12.0/contrib/wpa/src/tls/tlsv1_server_read.c
  releng/12.0/contrib/wpa/src/tls/tlsv1_server_write.c
  releng/12.0/contrib/wpa/src/tls/x509v3.c
  releng/12.0/contrib/wpa/src/utils/base64.c
  releng/12.0/contrib/wpa/src/utils/base64.h
  releng/12.0/contrib/wpa/src/utils/browser-wpadebug.c
  releng/12.0/contrib/wpa/src/utils/browser.c
  releng/12.0/contrib/wpa/src/utils/common.c
  releng/12.0/contrib/wpa/src/utils/common.h
  releng/12.0/contrib/wpa/src/utils/eloop.c
  releng/12.0/contrib/wpa/src/utils/eloop.h
  releng/12.0/contrib/wpa/src/utils/http_curl.c
  releng/12.0/contrib/wpa/src/utils/list.h
  releng/12.0/contrib/wpa/src/utils/os.h
  releng/12.0/contrib/wpa/src/utils/os_internal.c
  releng/12.0/contrib/wpa/src/utils/os_none.c
  releng/12.0/contrib/wpa/src/utils/os_unix.c
  releng/12.0/contrib/wpa/src/utils/os_win32.c
  releng/12.0/contrib/wpa/src/utils/trace.c
  releng/12.0/contrib/wpa/src/utils/utils_module_tests.c
  releng/12.0/contrib/wpa/src/utils/uuid.c
  releng/12.0/contrib/wpa/src/utils/uuid.h
  releng/12.0/contrib/wpa/src/utils/wpa_debug.c
  releng/12.0/contrib/wpa/src/utils/wpa_debug.h
  releng/12.0/contrib/wpa/src/utils/wpabuf.c
  releng/12.0/contrib/wpa/src/utils/xml-utils.c
  releng/12.0/contrib/wpa/src/wps/wps.c
  releng/12.0/contrib/wpa/src/wps/wps.h
  releng/12.0/contrib/wpa/src/wps/wps_attr_build.c
  releng/12.0/contrib/wpa/src/wps/wps_attr_parse.c
  releng/12.0/contrib/wpa/src/wps/wps_attr_parse.h
  releng/12.0/contrib/wpa/src/wps/wps_common.c
  releng/12.0/contrib/wpa/src/wps/wps_defs.h
  releng/12.0/contrib/wpa/src/wps/wps_dev_attr.c
  releng/12.0/contrib/wpa/src/wps/wps_dev_attr.h
  releng/12.0/contrib/wpa/src/wps/wps_enrollee.c
  releng/12.0/contrib/wpa/src/wps/wps_er.c
  releng/12.0/contrib/wpa/src/wps/wps_i.h
  releng/12.0/contrib/wpa/src/wps/wps_registrar.c
  releng/12.0/contrib/wpa/src/wps/wps_upnp.c
  releng/12.0/contrib/wpa/src/wps/wps_validate.c
  releng/12.0/contrib/wpa/wpa_supplicant/Android.mk
  releng/12.0/contrib/wpa/wpa_supplicant/ChangeLog
  releng/12.0/contrib/wpa/wpa_supplicant/README
  releng/12.0/contrib/wpa/wpa_supplicant/README-HS20
  releng/12.0/contrib/wpa/wpa_supplicant/README-P2P
  releng/12.0/contrib/wpa/wpa_supplicant/android.config
  releng/12.0/contrib/wpa/wpa_supplicant/ap.c
  releng/12.0/contrib/wpa/wpa_supplicant/ap.h
  releng/12.0/contrib/wpa/wpa_supplicant/autoscan.c
  releng/12.0/contrib/wpa/wpa_supplicant/bgscan.c
  releng/12.0/contrib/wpa/wpa_supplicant/bgscan_learn.c
  releng/12.0/contrib/wpa/wpa_supplicant/bgscan_simple.c
  releng/12.0/contrib/wpa/wpa_supplicant/bss.c
  releng/12.0/contrib/wpa/wpa_supplicant/bss.h
  releng/12.0/contrib/wpa/wpa_supplicant/config.c
  releng/12.0/contrib/wpa/wpa_supplicant/config.h
  releng/12.0/contrib/wpa/wpa_supplicant/config_file.c
  releng/12.0/contrib/wpa/wpa_supplicant/config_ssid.h
  releng/12.0/contrib/wpa/wpa_supplicant/ctrl_iface.c
  releng/12.0/contrib/wpa/wpa_supplicant/ctrl_iface_named_pipe.c
  releng/12.0/contrib/wpa/wpa_supplicant/ctrl_iface_udp.c
  releng/12.0/contrib/wpa/wpa_supplicant/ctrl_iface_unix.c
  releng/12.0/contrib/wpa/wpa_supplicant/dbus/Makefile
  releng/12.0/contrib/wpa/wpa_supplicant/dbus/dbus-wpa_supplicant.conf
  releng/12.0/contrib/wpa/wpa_supplicant/dbus/dbus_common.c
  releng/12.0/contrib/wpa/wpa_supplicant/dbus/dbus_new.c
  releng/12.0/contrib/wpa/wpa_supplicant/dbus/dbus_new.h
  releng/12.0/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers.c
  releng/12.0/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers.h
  releng/12.0/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_p2p.c
  releng/12.0/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_p2p.h
  releng/12.0/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_wps.c
  releng/12.0/contrib/wpa/wpa_supplicant/defconfig
  releng/12.0/contrib/wpa/wpa_supplicant/driver_i.h
  releng/12.0/contrib/wpa/wpa_supplicant/eapol_test.c
  releng/12.0/contrib/wpa/wpa_supplicant/eapol_test.py
  releng/12.0/contrib/wpa/wpa_supplicant/events.c
  releng/12.0/contrib/wpa/wpa_supplicant/examples/dbus-listen-preq.py
  releng/12.0/contrib/wpa/wpa_supplicant/examples/p2p-nfc.py
  releng/12.0/contrib/wpa/wpa_supplicant/examples/p2p/p2p_connect.py
  releng/12.0/contrib/wpa/wpa_supplicant/examples/p2p/p2p_disconnect.py
  releng/12.0/contrib/wpa/wpa_supplicant/examples/p2p/p2p_find.py
  releng/12.0/contrib/wpa/wpa_supplicant/examples/p2p/p2p_flush.py
  releng/12.0/contrib/wpa/wpa_supplicant/examples/p2p/p2p_group_add.py
  releng/12.0/contrib/wpa/wpa_supplicant/examples/p2p/p2p_invite.py
  releng/12.0/contrib/wpa/wpa_supplicant/examples/p2p/p2p_listen.py
  releng/12.0/contrib/wpa/wpa_supplicant/examples/p2p/p2p_stop_find.py
  releng/12.0/contrib/wpa/wpa_supplicant/examples/wpas-dbus-new-getall.py
  releng/12.0/contrib/wpa/wpa_supplicant/examples/wpas-dbus-new-signals.py
  releng/12.0/contrib/wpa/wpa_supplicant/examples/wpas-dbus-new-wps.py
  releng/12.0/contrib/wpa/wpa_supplicant/examples/wpas-dbus-new.py
  releng/12.0/contrib/wpa/wpa_supplicant/examples/wps-ap-cli
  releng/12.0/contrib/wpa/wpa_supplicant/examples/wps-nfc.py
  releng/12.0/contrib/wpa/wpa_supplicant/gas_query.c
  releng/12.0/contrib/wpa/wpa_supplicant/gas_query.h
  releng/12.0/contrib/wpa/wpa_supplicant/hs20_supplicant.c
  releng/12.0/contrib/wpa/wpa_supplicant/hs20_supplicant.h
  releng/12.0/contrib/wpa/wpa_supplicant/ibss_rsn.c
  releng/12.0/contrib/wpa/wpa_supplicant/interworking.c
  releng/12.0/contrib/wpa/wpa_supplicant/interworking.h
  releng/12.0/contrib/wpa/wpa_supplicant/main.c
  releng/12.0/contrib/wpa/wpa_supplicant/mbo.c
  releng/12.0/contrib/wpa/wpa_supplicant/mesh.c
  releng/12.0/contrib/wpa/wpa_supplicant/mesh_mpm.c
  releng/12.0/contrib/wpa/wpa_supplicant/mesh_rsn.c
  releng/12.0/contrib/wpa/wpa_supplicant/notify.c
  releng/12.0/contrib/wpa/wpa_supplicant/notify.h
  releng/12.0/contrib/wpa/wpa_supplicant/offchannel.c
  releng/12.0/contrib/wpa/wpa_supplicant/p2p_supplicant.c
  releng/12.0/contrib/wpa/wpa_supplicant/p2p_supplicant.h
  releng/12.0/contrib/wpa/wpa_supplicant/preauth_test.c
  releng/12.0/contrib/wpa/wpa_supplicant/scan.c
  releng/12.0/contrib/wpa/wpa_supplicant/sme.c
  releng/12.0/contrib/wpa/wpa_supplicant/sme.h
  releng/12.0/contrib/wpa/wpa_supplicant/systemd/wpa_supplicant.service.in
  releng/12.0/contrib/wpa/wpa_supplicant/utils/log2pcap.py
  releng/12.0/contrib/wpa/wpa_supplicant/wifi_display.c
  releng/12.0/contrib/wpa/wpa_supplicant/wmm_ac.c
  releng/12.0/contrib/wpa/wpa_supplicant/wnm_sta.c
  releng/12.0/contrib/wpa/wpa_supplicant/wnm_sta.h
  releng/12.0/contrib/wpa/wpa_supplicant/wpa_cli.c
  releng/12.0/contrib/wpa/wpa_supplicant/wpa_passphrase.c
  releng/12.0/contrib/wpa/wpa_supplicant/wpa_priv.c
  releng/12.0/contrib/wpa/wpa_supplicant/wpa_supplicant.c
  releng/12.0/contrib/wpa/wpa_supplicant/wpa_supplicant.conf
  releng/12.0/contrib/wpa/wpa_supplicant/wpa_supplicant_i.h
  releng/12.0/contrib/wpa/wpa_supplicant/wpa_supplicant_template.conf
  releng/12.0/contrib/wpa/wpa_supplicant/wpas_glue.c
  releng/12.0/contrib/wpa/wpa_supplicant/wpas_kay.c
  releng/12.0/contrib/wpa/wpa_supplicant/wpas_kay.h
  releng/12.0/contrib/wpa/wpa_supplicant/wps_supplicant.c
  releng/12.0/contrib/wpa/wpa_supplicant/wps_supplicant.h
  releng/12.0/usr.sbin/wpa/Makefile.crypto
  releng/12.0/usr.sbin/wpa/Makefile.inc
  releng/12.0/usr.sbin/wpa/hostapd/Makefile
  releng/12.0/usr.sbin/wpa/wpa_cli/Makefile
  releng/12.0/usr.sbin/wpa/wpa_supplicant/Makefile

Modified: releng/12.0/Makefile.inc1
==============================================================================
--- releng/12.0/Makefile.inc1	Tue May 14 22:54:17 2019	(r347586)
+++ releng/12.0/Makefile.inc1	Tue May 14 22:57:29 2019	(r347587)
@@ -963,6 +963,14 @@ _cleanobj_fast_depend_hack: .PHONY
 		rm -f ${OBJTOP}/usr.sbin/ntp/libntpevent/.depend.*; \
 	fi
 
+# 20181209  r341759 track migration across wpa update
+	@if [ -e "${OBJTOP}/usr.sbin/wpa/wpa_supplicant/.depend.rrm.o" ] && \
+	    egrep -q 'src/ap/rrm.c' \
+	    ${OBJTOP}/usr.sbin/wpa/wpa_supplicant/.depend.rrm.o; then \
+		echo "Removing stale wpa dependencies"; \
+		rm -f ${OBJTOP}/usr.sbin/wpa/*/.depend*; \
+	fi
+
 _worldtmp: .PHONY
 	@echo
 	@echo "--------------------------------------------------------------"

Modified: releng/12.0/contrib/wpa/CONTRIBUTIONS
==============================================================================
--- releng/12.0/contrib/wpa/CONTRIBUTIONS	Tue May 14 22:54:17 2019	(r347586)
+++ releng/12.0/contrib/wpa/CONTRIBUTIONS	Tue May 14 22:57:29 2019	(r347587)
@@ -140,7 +140,7 @@ The license terms used for hostap.git files
 
 Modified BSD license (no advertisement clause):
 
-Copyright (c) 2002-2016, Jouni Malinen <j@w1.fi> and contributors
+Copyright (c) 2002-2019, Jouni Malinen <j@w1.fi> and contributors
 All Rights Reserved.
 
 Redistribution and use in source and binary forms, with or without

Modified: releng/12.0/contrib/wpa/COPYING
==============================================================================
--- releng/12.0/contrib/wpa/COPYING	Tue May 14 22:54:17 2019	(r347586)
+++ releng/12.0/contrib/wpa/COPYING	Tue May 14 22:57:29 2019	(r347587)
@@ -1,7 +1,7 @@
 wpa_supplicant and hostapd
 --------------------------
 
-Copyright (c) 2002-2016, Jouni Malinen <j@w1.fi> and contributors
+Copyright (c) 2002-2019, Jouni Malinen <j@w1.fi> and contributors
 All Rights Reserved.
 
 

Modified: releng/12.0/contrib/wpa/README
==============================================================================
--- releng/12.0/contrib/wpa/README	Tue May 14 22:54:17 2019	(r347586)
+++ releng/12.0/contrib/wpa/README	Tue May 14 22:57:29 2019	(r347587)
@@ -1,7 +1,7 @@
 wpa_supplicant and hostapd
 --------------------------
 
-Copyright (c) 2002-2016, Jouni Malinen <j@w1.fi> and contributors
+Copyright (c) 2002-2019, Jouni Malinen <j@w1.fi> and contributors
 All Rights Reserved.
 
 These programs are licensed under the BSD license (the one with

Modified: releng/12.0/contrib/wpa/hostapd/ChangeLog
==============================================================================
--- releng/12.0/contrib/wpa/hostapd/ChangeLog	Tue May 14 22:54:17 2019	(r347586)
+++ releng/12.0/contrib/wpa/hostapd/ChangeLog	Tue May 14 22:57:29 2019	(r347587)
@@ -1,5 +1,115 @@
 ChangeLog for hostapd
 
+2019-04-21 - v2.8
+	* SAE changes
+	  - added support for SAE Password Identifier
+	  - changed default configuration to enable only group 19
+	    (i.e., disable groups 20, 21, 25, 26 from default configuration) and
+	    disable all unsuitable groups completely based on REVmd changes
+	  - improved anti-clogging token mechanism and SAE authentication
+	    frame processing during heavy CPU load; this mitigates some issues
+	    with potential DoS attacks trying to flood an AP with large number
+	    of SAE messages
+	  - added Finite Cyclic Group field in status code 77 responses
+	  - reject use of unsuitable groups based on new implementation guidance
+	    in REVmd (allow only FFC groups with prime >= 3072 bits and ECC
+	    groups with prime >= 256)
+	  - minimize timing and memory use differences in PWE derivation
+	    [https://w1.fi/security/2019-1/] (CVE-2019-9494)
+	  - fixed confirm message validation in error cases
+	    [https://w1.fi/security/2019-3/] (CVE-2019-9496)
+	* EAP-pwd changes
+	  - minimize timing and memory use differences in PWE derivation
+	    [https://w1.fi/security/2019-2/] (CVE-2019-9495)
+	  - verify peer scalar/element
+	    [https://w1.fi/security/2019-4/] (CVE-2019-9497 and CVE-2019-9498)
+	  - fix message reassembly issue with unexpected fragment
+	    [https://w1.fi/security/2019-5/]
+	  - enforce rand,mask generation rules more strictly
+	  - fix a memory leak in PWE derivation
+	  - disallow ECC groups with a prime under 256 bits (groups 25, 26, and
+	    27)
+	* Hotspot 2.0 changes
+	  - added support for release number 3
+	  - reject release 2 or newer association without PMF
+	* added support for RSN operating channel validation
+	  (CONFIG_OCV=y and configuration parameter ocv=1)
+	* added Multi-AP protocol support
+	* added FTM responder configuration
+	* fixed build with LibreSSL
+	* added FT/RRB workaround for short Ethernet frame padding
+	* fixed KEK2 derivation for FILS+FT
+	* added RSSI-based association rejection from OCE
+	* extended beacon reporting functionality
+	* VLAN changes
+	  - allow local VLAN management with remote RADIUS authentication
+	  - add WPA/WPA2 passphrase/PSK -based VLAN assignment
+	* OpenSSL: allow systemwide policies to be overridden
+	* extended PEAP to derive EMSK to enable use with ERP/FILS
+	* extended WPS to allow SAE configuration to be added automatically
+	  for PSK (wps_cred_add_sae=1)
+	* fixed FT and SA Query Action frame with AP-MLME-in-driver cases
+	* OWE: allow Diffie-Hellman Parameter element to be included with DPP
+	  in preparation for DPP protocol extension
+	* RADIUS server: started to accept ERP keyName-NAI as user identity
+	  automatically without matching EAP database entry
+	* fixed PTK rekeying with FILS and FT
+
+2018-12-02 - v2.7
+	* fixed WPA packet number reuse with replayed messages and key
+	  reinstallation
+	  [http://w1.fi/security/2017-1/] (CVE-2017-13082)
+	* added support for FILS (IEEE 802.11ai) shared key authentication
+	* added support for OWE (Opportunistic Wireless Encryption, RFC 8110;
+	  and transition mode defined by WFA)
+	* added support for DPP (Wi-Fi Device Provisioning Protocol)
+	* FT:
+	  - added local generation of PMK-R0/PMK-R1 for FT-PSK
+	    (ft_psk_generate_local=1)
+	  - replaced inter-AP protocol with a cleaner design that is more
+	    easily extensible; this breaks backward compatibility and requires
+	    all APs in the ESS to be updated at the same time to maintain FT
+	    functionality
+	  - added support for wildcard R0KH/R1KH
+	  - replaced r0_key_lifetime (minutes) parameter with
+	    ft_r0_key_lifetime (seconds)
+	  - fixed wpa_psk_file use for FT-PSK
+	  - fixed FT-SAE PMKID matching
+	  - added expiration to PMK-R0 and PMK-R1 cache
+	  - added IEEE VLAN support (including tagged VLANs)
+	  - added support for SHA384 based AKM
+	* SAE
+	  - fixed some PMKSA caching cases with SAE
+	  - added support for configuring SAE password separately of the
+	    WPA2 PSK/passphrase
+	  - added option to require MFP for SAE associations
+	    (sae_require_pmf=1)
+	  - fixed PTK and EAPOL-Key integrity and key-wrap algorithm selection
+	    for SAE;
+	    note: this is not backwards compatible, i.e., both the AP and
+	    station side implementations will need to be update at the same
+	    time to maintain interoperability
+	  - added support for Password Identifier
+	* hostapd_cli: added support for command history and completion
+	* added support for requesting beacon report
+	* large number of other fixes, cleanup, and extensions
+	* added option to configure EAPOL-Key retry limits
+	  (wpa_group_update_count and wpa_pairwise_update_count)
+	* removed all PeerKey functionality
+	* fixed nl80211 AP mode configuration regression with Linux 4.15 and
+	  newer
+	* added support for using wolfSSL cryptographic library
+	* fixed some 20/40 MHz coexistence cases where the BSS could drop to
+	  20 MHz even when 40 MHz would be allowed
+	* Hotspot 2.0
+	  - added support for setting Venue URL ANQP-element (venue_url)
+	  - added support for advertising Hotspot 2.0 operator icons
+	  - added support for Roaming Consortium Selection element
+	  - added support for Terms and Conditions
+	  - added support for OSEN connection in a shared RSN BSS
+	* added support for using OpenSSL 1.1.1
+	* added EAP-pwd server support for salted passwords
+
 2016-10-02 - v2.6
 	* fixed EAP-pwd last fragment validation
 	  [http://w1.fi/security/2015-7/] (CVE-2015-5314)

Modified: releng/12.0/contrib/wpa/hostapd/README
==============================================================================
--- releng/12.0/contrib/wpa/hostapd/README	Tue May 14 22:54:17 2019	(r347586)
+++ releng/12.0/contrib/wpa/hostapd/README	Tue May 14 22:57:29 2019	(r347587)
@@ -2,7 +2,7 @@ hostapd - user space IEEE 802.11 AP and IEEE 802.1X/WP
 	  Authenticator and RADIUS authentication server
 ================================================================
 
-Copyright (c) 2002-2016, Jouni Malinen <j@w1.fi> and contributors
+Copyright (c) 2002-2019, Jouni Malinen <j@w1.fi> and contributors
 All Rights Reserved.
 
 This program is licensed under the BSD license (the one with
@@ -70,7 +70,7 @@ Requirements
 Current hardware/software requirements:
 - drivers:
 	Host AP driver for Prism2/2.5/3.
-	(http://hostap.epitest.fi/)
+	(http://w1.fi/hostap-driver.html)
 	Please note that station firmware version needs to be 1.7.0 or newer
 	to work in WPA mode.
 
@@ -81,8 +81,7 @@ Current hardware/software requirements:
 	Any wired Ethernet driver for wired IEEE 802.1X authentication
 	(experimental code)
 
-	FreeBSD -current (with some kernel mods that have not yet been
-	committed when hostapd v0.3.0 was released)
+	FreeBSD -current
 	BSD net80211 layer (e.g., Atheros driver)
 
 
@@ -186,24 +185,14 @@ Authenticator and RADIUS encapsulation between the Aut
 the Authentication Server. Other than this, the functionality is similar
 to the case with the co-located Authentication Server.
 
-Authentication Server and Supplicant
-------------------------------------
+Authentication Server
+---------------------
 
 Any RADIUS server supporting EAP should be usable as an IEEE 802.1X
 Authentication Server with hostapd Authenticator. FreeRADIUS
 (http://www.freeradius.org/) has been successfully tested with hostapd
-Authenticator and both Xsupplicant (http://www.open1x.org) and Windows
-XP Supplicants. EAP/TLS was used with Xsupplicant and
-EAP/MD5-Challenge with Windows XP.
+Authenticator.
 
-http://www.missl.cs.umd.edu/wireless/eaptls/ has useful information
-about using EAP/TLS with FreeRADIUS and Xsupplicant (just replace
-Cisco access point with Host AP driver, hostapd daemon, and a Prism2
-card ;-). http://www.freeradius.org/doc/EAP-MD5.html has information
-about using EAP/MD5 with FreeRADIUS, including instructions for WinXP
-configuration. http://www.denobula.com/EAPTLS.pdf has a HOWTO on
-EAP/TLS use with WinXP Supplicant.
-
 Automatic WEP key configuration
 -------------------------------
 
@@ -243,16 +232,15 @@ networks that require some kind of security. Task grou
 of IEEE 802.11 working group (http://www.ieee802.org/11/) has worked
 to address the flaws of the base standard and has in practice
 completed its work in May 2004. The IEEE 802.11i amendment to the IEEE
-802.11 standard was approved in June 2004 and this amendment is likely
-to be published in July 2004.
+802.11 standard was approved in June 2004 and this amendment was
+published in July 2004.
 
 Wi-Fi Alliance (http://www.wi-fi.org/) used a draft version of the
 IEEE 802.11i work (draft 3.0) to define a subset of the security
 enhancements that can be implemented with existing wlan hardware. This
 is called Wi-Fi Protected Access<TM> (WPA). This has now become a
 mandatory component of interoperability testing and certification done
-by Wi-Fi Alliance. Wi-Fi provides information about WPA at its web
-site (http://www.wi-fi.org/OpenSection/protected_access.asp).
+by Wi-Fi Alliance.
 
 IEEE 802.11 standard defined wired equivalent privacy (WEP) algorithm
 for protecting wireless networks. WEP uses RC4 with 40-bit keys,

Added: releng/12.0/contrib/wpa/hostapd/README-MULTI-AP
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ releng/12.0/contrib/wpa/hostapd/README-MULTI-AP	Tue May 14 22:57:29 2019	(r347587)
@@ -0,0 +1,160 @@
+hostapd, wpa_supplicant and the Multi-AP Specification
+======================================================
+
+This document describes how hostapd and wpa_supplicant can be configured to
+support the Multi-AP Specification.
+
+Introduction to Multi-AP
+------------------------
+
+The Wi-Fi Alliance Multi-AP Specification is the technical specification for
+Wi-Fi CERTIFIED EasyMesh(TM) [1], the Wi-Fi Alliance® certification program for
+Multi-AP. It defines control protocols between Wi-Fi® access points (APs) to
+join them into a network with centralized control and operation. It is targeted
+only at routers (repeaters, gateways, ...), not at clients. Clients are not
+involved at all in the protocols.
+
+Most of the Multi-AP specification falls outside of the scope of
+hostapd/wpa_supplicant. hostapd/wpa_supplicant is only involved for the items
+summarized below. The rest of the protocol must be implemented by a separate
+daemon, e.g., prplMesh [2]. That daemon also needs to communicate with hostapd,
+e.g., to get a list of associated clients, but this can be done using the normal
+hostapd interfaces.
+
+hostapd/wpa_supplicant needs to be configured specifically to support:
+- the WPS onboarding process;
+- configuring backhaul links.
+
+The text below refers to "Multi-AP Specification v1.0" [3].
+
+
+Fronthaul and backhaul links
+----------------------------
+
+In a Multi-AP network, the central controller can configure the BSSs on the
+devices that are joined into the network. These are called fronthaul BSSs.
+From the point of view of hostapd, there is nothing special about these
+fronthaul BSSs.
+
+In addition to fronthaul BSSs, the controller can also configure backhaul
+links. A backhaul link is a link between two access point devices, giving
+internet access to access point devices that don't have a wired link. The
+Multi-AP specification doesn't dictate this, but typically the backhaul link
+will be bridged into a LAN together with (one of) the fronthaul BSS(s) and the
+wired Ethernet ports.
+
+A backhaul link must be treated specially by hostapd and wpa_supplicant. One
+side of the backhaul link is configured through the Multi-AP protocol as the
+"backhaul STA", i.e., the client side of the link. A backhaul STA is like any
+station and is handled appropriately by wpa_supplicant, but two additional
+features are required. It must send an additional information element in each
+(Re)Association Request frame ([3], section 5.2, paragraph 4). In addition, it
+must use 4-address mode for all frames sent over this link ([3], section 14).
+Therefore, wpa_supplicant must be configured explicitly as the backhaul STA
+role, by setting 'multi_ap_backhaul_sta=1' in the network configuration block
+or when configuring the network profile through the control interface. When
+'multi_ap_backhaul_sta=1', wpa_supplicant includes the Multi-AP IE in
+(Re)Association Request frame and verifies that it is included in the
+(Re)Association Response frame. If it is not, association fails. If it is,
+wpa_supplicant sets 4-address mode for this interface through a driver
+callback.
+
+The AP side of the backhaul link is called a "backhaul BSS". Such a BSS must
+be handled specially by hostapd, because it must add an additional information
+element in each (Re)Association Response frame, but only to stations that have
+identified themselves as backhaul stations ([3], section 5.2, paragraph 5-6).
+This is important because it is possible to use the same BSS and SSID for
+fronthaul and backhaul at the same time. The additional information element must
+only be used for frames sent to a backhaul STA, not to a normal STA. Also,
+frames sent to a backhaul STA must use 4-address mode, while frames sent to a
+normal STA (fronthaul, when it's a fronthaul and backhaul BSS) must use
+3-address mode.
+
+A BSS is configured in Multi-AP mode in hostapd by setting the 'multi_ap'
+configuration option to 1 (backhaul BSS), 2 (fronthaul BSS), or 3
+(simultaneous backhaul and fronthaul BSS). If this option is set, hostapd
+parses the Multi-AP information element in the Association Request frame. If the
+station is a backhaul STA and the BSS is configured as a backhaul BSS,
+hostapd sets up 4-address mode. Since there may be multiple stations connected
+simultaneously, and each of them has a different RA (receiver address), a VLAN
+is created for each backhaul STA and it is automatically added to a bridge.
+This is the same behavior as for WDS, and the relevant option ('bridge' or
+'wds_bridge') applies here as well.
+
+If 'multi_ap' is 1 (backhaul BSS only), any station that tries to associate
+without the Multi-AP information element will be denied.
+
+If 'multi_ap' is 2 (fronthaul BSS only), any station that tries to associate
+with the Multi-AP information element will be denied. That is also the only
+difference with 'multi_ap' set to 0: in the latter case, the Multi-AP
+information element is simply ignored.
+
+In summary, this is the end-to-end behavior for a backhaul BSS (i.e.,
+multi_ap_backhaul_sta=1 in wpa_supplicant on STA, and multi_ap=1 or 3 in
+hostapd on AP). Note that point 1 means that hostapd must not be configured
+with WPS support on the backhaul BSS (multi_ap=1). hostapd does not check for
+that.
+
+1. Backhaul BSS beacons do not advertise WPS support (other than that, nothing
+   Multi-AP specific).
+2. STA sends Authentication frame (nothing Multi-AP specific).
+3. AP sends Authentication frame (nothing Multi-AP specific).
+4. STA sends Association Request frame with Multi-AP IE.
+5. AP sends Association Response frame with Multi-AP IE.
+6. STA and AP both use 4-address mode for Data frames.
+
+
+WPS support
+-----------
+
+WPS requires more special handling. WPS must only be advertised on fronthaul
+BSSs, not on backhaul BSSs, so WPS should not be enabled on a backhaul-only
+BSS in hostapd.conf. The WPS configuration purely works on the fronthaul BSS.
+When a WPS M1 message has an additional subelement that indicates a request for
+a Multi-AP backhaul link, hostapd must not respond with the normal fronthaul
+BSS credentials; instead, it should respond with the (potentially different)
+backhaul BSS credentials.
+
+To support this, hostapd has the 'multi_ap_backhaul_ssid',
+'multi_ap_backhaul_wpa_psk' and 'multi_ap_backhaul_wpa_passphrase' options.
+When these are set on an BSS with WPS, they are used instead of the normal
+credentials when hostapd receives a WPS M1 message with the Multi-AP IE. Only
+WPA2-Personal is supported in the Multi-AP specification, so there is no need
+to specify authentication or encryption options. For the backhaul credentials,
+per-device PSK is not supported.
+
+If the BSS is a simultaneous backhaul and fronthaul BSS, there is no need to
+specify the backhaul credentials, since the backhaul and fronthaul credentials
+are identical.
+
+To enable the Multi-AP backhaul STA feature when it performs WPS, a new
+parameter has been introduced to the WPS_PBC control interface call. When this
+"multi_ap=1" option is set, it adds the Multi-AP backhaul subelement to the
+Association Request frame and the M1 message. It then configures the new network
+profile with 'multi_ap_backhaul_sta=1'. Note that this means that if the AP does
+not follow the Multi-AP specification, wpa_supplicant will fail to associate.
+
+In summary, this is the end-to-end behavior for WPS of a backhaul link (i.e.,
+multi_ap=1 option is given in the wps_pbc call on the STA side, and multi_ap=2
+and multi_ap_backhaul_ssid and either multi_ap_backhaul_wpa_psk or
+multi_ap_backhaul_wpa_passphrase are set to the credentials of a backhaul BSS
+in hostapd on Registrar AP).
+
+1. Fronthaul BSS Beacon frames advertise WPS support (nothing Multi-AP
+   specific).
+2. Enrollee sends Authentication frame (nothing Multi-AP specific).
+3. AP sends Authentication frame (nothing Multi-AP specific).
+4. Enrollee sends Association Request frame with Multi-AP IE.
+5. AP sends Association Response frame with Multi-AP IE.
+6. Enrollee sends M1 with additional Multi-AP subelement.
+7. AP sends M8 with backhaul instead of fronthaul credentials.
+8. Enrollee sends Deauthentication frame.
+
+
+References
+----------
+
+[1] https://www.wi-fi.org/discover-wi-fi/wi-fi-easymesh
+[2] https://github.com/prplfoundation/prplMesh
+[3] https://www.wi-fi.org/file/multi-ap-specification-v10
+    (requires registration)

Modified: releng/12.0/contrib/wpa/hostapd/config_file.c
==============================================================================
--- releng/12.0/contrib/wpa/hostapd/config_file.c	Tue May 14 22:54:17 2019	(r347586)
+++ releng/12.0/contrib/wpa/hostapd/config_file.c	Tue May 14 22:57:29 2019	(r347587)
@@ -1,6 +1,6 @@
 /*
  * hostapd / Configuration file parser
- * Copyright (c) 2003-2015, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2003-2018, Jouni Malinen <j@w1.fi>
  *
  * This software may be distributed under the terms of the BSD license.
  * See README for more details.
@@ -14,6 +14,8 @@
 #include "utils/common.h"
 #include "utils/uuid.h"
 #include "common/ieee802_11_defs.h"
+#include "crypto/sha256.h"
+#include "crypto/tls.h"
 #include "drivers/driver.h"
 #include "eap_server/eap.h"
 #include "radius/radius_client.h"
@@ -35,7 +37,7 @@ static int hostapd_config_read_vlan_file(struct hostap
 					 const char *fname)
 {
 	FILE *f;
-	char buf[128], *pos, *pos2;
+	char buf[128], *pos, *pos2, *pos3;
 	int line = 0, vlan_id;
 	struct hostapd_vlan *vlan;
 
@@ -80,7 +82,10 @@ static int hostapd_config_read_vlan_file(struct hostap
 		pos2 = pos;
 		while (*pos2 != ' ' && *pos2 != '\t' && *pos2 != '\0')
 			pos2++;
-		*pos2 = '\0';
+
+		if (*pos2 != '\0')
+			*(pos2++) = '\0';
+
 		if (*pos == '\0' || os_strlen(pos) > IFNAMSIZ) {
 			wpa_printf(MSG_ERROR, "Invalid VLAN ifname at line %d "
 				   "in '%s'", line, fname);
@@ -88,6 +93,13 @@ static int hostapd_config_read_vlan_file(struct hostap
 			return -1;
 		}
 
+		while (*pos2 == ' ' || *pos2 == '\t')
+			pos2++;
+		pos3 = pos2;
+		while (*pos3 != ' ' && *pos3 != '\t' && *pos3 != '\0')
+			pos3++;
+		*pos3 = '\0';
+
 		vlan = os_zalloc(sizeof(*vlan));
 		if (vlan == NULL) {
 			wpa_printf(MSG_ERROR, "Out of memory while reading "
@@ -100,6 +112,7 @@ static int hostapd_config_read_vlan_file(struct hostap
 		vlan->vlan_desc.untagged = vlan_id;
 		vlan->vlan_desc.notempty = !!vlan_id;
 		os_strlcpy(vlan->ifname, pos, sizeof(vlan->ifname));
+		os_strlcpy(vlan->bridge, pos2, sizeof(vlan->bridge));
 		vlan->next = bss->vlan;
 		bss->vlan = vlan;
 	}
@@ -111,7 +124,7 @@ static int hostapd_config_read_vlan_file(struct hostap
 #endif /* CONFIG_NO_VLAN */
 
 
-static int hostapd_acl_comp(const void *a, const void *b)
+int hostapd_acl_comp(const void *a, const void *b)
 {
 	const struct mac_acl_entry *aa = a;
 	const struct mac_acl_entry *bb = b;
@@ -119,6 +132,44 @@ static int hostapd_acl_comp(const void *a, const void 
 }
 
 
+int hostapd_add_acl_maclist(struct mac_acl_entry **acl, int *num,
+			    int vlan_id, const u8 *addr)
+{
+	struct mac_acl_entry *newacl;
+
+	newacl = os_realloc_array(*acl, *num + 1, sizeof(**acl));
+	if (!newacl) {
+		wpa_printf(MSG_ERROR, "MAC list reallocation failed");
+		return -1;
+	}
+
+	*acl = newacl;
+	os_memcpy((*acl)[*num].addr, addr, ETH_ALEN);
+	os_memset(&(*acl)[*num].vlan_id, 0, sizeof((*acl)[*num].vlan_id));
+	(*acl)[*num].vlan_id.untagged = vlan_id;
+	(*acl)[*num].vlan_id.notempty = !!vlan_id;
+	(*num)++;
+
+	return 0;
+}
+
+
+void hostapd_remove_acl_mac(struct mac_acl_entry **acl, int *num,
+			    const u8 *addr)
+{
+	int i = 0;
+
+	while (i < *num) {
+		if (os_memcmp((*acl)[i].addr, addr, ETH_ALEN) == 0) {
+			os_remove_in_array(*acl, *num, sizeof(**acl), i);
+			(*num)--;
+		} else {
+			i++;
+		}
+	}
+}
+
+
 static int hostapd_config_read_maclist(const char *fname,
 				       struct mac_acl_entry **acl, int *num)
 {
@@ -126,12 +177,8 @@ static int hostapd_config_read_maclist(const char *fna
 	char buf[128], *pos;
 	int line = 0;
 	u8 addr[ETH_ALEN];
-	struct mac_acl_entry *newacl;
 	int vlan_id;
 
-	if (!fname)
-		return 0;
-
 	f = fopen(fname, "r");
 	if (!f) {
 		wpa_printf(MSG_ERROR, "MAC list file '%s' not found.", fname);
@@ -139,7 +186,7 @@ static int hostapd_config_read_maclist(const char *fna
 	}
 
 	while (fgets(buf, sizeof(buf), f)) {
-		int i, rem = 0;
+		int rem = 0;
 
 		line++;
 
@@ -169,16 +216,7 @@ static int hostapd_config_read_maclist(const char *fna
 		}
 
 		if (rem) {
-			i = 0;
-			while (i < *num) {
-				if (os_memcmp((*acl)[i].addr, addr, ETH_ALEN) ==
-				    0) {
-					os_remove_in_array(*acl, *num,
-							   sizeof(**acl), i);
-					(*num)--;
-				} else
-					i++;
-			}
+			hostapd_remove_acl_mac(acl, num, addr);
 			continue;
 		}
 		vlan_id = 0;
@@ -190,31 +228,78 @@ static int hostapd_config_read_maclist(const char *fna
 		if (*pos != '\0')
 			vlan_id = atoi(pos);
 
-		newacl = os_realloc_array(*acl, *num + 1, sizeof(**acl));
-		if (newacl == NULL) {
-			wpa_printf(MSG_ERROR, "MAC list reallocation failed");
+		if (hostapd_add_acl_maclist(acl, num, vlan_id, addr) < 0) {
 			fclose(f);
 			return -1;
 		}
-
-		*acl = newacl;
-		os_memcpy((*acl)[*num].addr, addr, ETH_ALEN);
-		os_memset(&(*acl)[*num].vlan_id, 0,
-			  sizeof((*acl)[*num].vlan_id));
-		(*acl)[*num].vlan_id.untagged = vlan_id;
-		(*acl)[*num].vlan_id.notempty = !!vlan_id;
-		(*num)++;
 	}
 
 	fclose(f);
 
-	qsort(*acl, *num, sizeof(**acl), hostapd_acl_comp);
+	if (*acl)
+		qsort(*acl, *num, sizeof(**acl), hostapd_acl_comp);
 
 	return 0;
 }
 
 
 #ifdef EAP_SERVER
+
+static int hostapd_config_eap_user_salted(struct hostapd_eap_user *user,
+					  const char *hash, size_t len,
+					  char **pos, int line,
+					  const char *fname)
+{
+	char *pos2 = *pos;
+
+	while (*pos2 != '\0' && *pos2 != ' ' && *pos2 != '\t' && *pos2 != '#')
+		pos2++;
+
+	if (pos2 - *pos < (int) (2 * (len + 1))) { /* at least 1 byte of salt */
+		wpa_printf(MSG_ERROR,
+			   "Invalid salted %s hash on line %d in '%s'",
+			   hash, line, fname);
+		return -1;
+	}
+
+	user->password = os_malloc(len);
+	if (!user->password) {
+		wpa_printf(MSG_ERROR,
+			   "Failed to allocate memory for salted %s hash",
+			   hash);
+		return -1;
+	}
+
+	if (hexstr2bin(*pos, user->password, len) < 0) {
+		wpa_printf(MSG_ERROR,
+			   "Invalid salted password on line %d in '%s'",
+			   line, fname);
+		return -1;
+	}
+	user->password_len = len;
+	*pos += 2 * len;
+
+	user->salt_len = (pos2 - *pos) / 2;
+	user->salt = os_malloc(user->salt_len);
+	if (!user->salt) {
+		wpa_printf(MSG_ERROR,
+			   "Failed to allocate memory for salted %s hash",
+			   hash);
+		return -1;
+	}
+
+	if (hexstr2bin(*pos, user->salt, user->salt_len) < 0) {
+		wpa_printf(MSG_ERROR,
+			   "Invalid salt for password on line %d in '%s'",
+			   line, fname);
+		return -1;
+	}
+
+	*pos = pos2;
+	return 0;
+}
+
+
 static int hostapd_config_read_eap_user(const char *fname,
 					struct hostapd_bss_config *conf)
 {
@@ -223,9 +308,6 @@ static int hostapd_config_read_eap_user(const char *fn
 	int line = 0, ret = 0, num_methods;
 	struct hostapd_eap_user *user = NULL, *tail = NULL, *new_user = NULL;
 
-	if (!fname)
-		return 0;
-
 	if (os_strncmp(fname, "sqlite:", 7) == 0) {
 #ifdef CONFIG_SQLITE
 		os_free(conf->eap_user_sqlite);
@@ -312,13 +394,12 @@ static int hostapd_config_read_eap_user(const char *fn
 				goto failed;
 			}
 
-			user->identity = os_malloc(pos - start);
+			user->identity = os_memdup(start, pos - start);
 			if (user->identity == NULL) {
 				wpa_printf(MSG_ERROR, "Failed to allocate "
 					   "memory for EAP identity");
 				goto failed;
 			}
-			os_memcpy(user->identity, start, pos - start);
 			user->identity_len = pos - start;
 
 			if (pos[0] == '"' && pos[1] == '*') {
@@ -436,13 +517,12 @@ static int hostapd_config_read_eap_user(const char *fn
 				goto failed;
 			}
 
-			user->password = os_malloc(pos - start);
+			user->password = os_memdup(start, pos - start);
 			if (user->password == NULL) {
 				wpa_printf(MSG_ERROR, "Failed to allocate "
 					   "memory for EAP password");
 				goto failed;
 			}
-			os_memcpy(user->password, start, pos - start);
 			user->password_len = pos - start;
 
 			pos++;
@@ -471,6 +551,24 @@ static int hostapd_config_read_eap_user(const char *fn
 			user->password_len = 16;
 			user->password_hash = 1;
 			pos = pos2;
+		} else if (os_strncmp(pos, "ssha1:", 6) == 0) {
+			pos += 6;
+			if (hostapd_config_eap_user_salted(user, "sha1", 20,
+							   &pos,
+							   line, fname) < 0)
+				goto failed;
+		} else if (os_strncmp(pos, "ssha256:", 8) == 0) {
+			pos += 8;
+			if (hostapd_config_eap_user_salted(user, "sha256", 32,
+							   &pos,
+							   line, fname) < 0)
+				goto failed;
+		} else if (os_strncmp(pos, "ssha512:", 8) == 0) {
+			pos += 8;
+			if (hostapd_config_eap_user_salted(user, "sha512", 64,
+							   &pos,
+							   line, fname) < 0)
+				goto failed;
 		} else {
 			pos2 = pos;
 			while (*pos2 != '\0' && *pos2 != ' ' &&
@@ -522,19 +620,15 @@ static int hostapd_config_read_eap_user(const char *fn
 	fclose(f);
 
 	if (ret == 0) {
-		user = conf->eap_user;
-		while (user) {
-			struct hostapd_eap_user *prev;
-
-			prev = user;
-			user = user->next;
-			hostapd_config_free_eap_user(prev);
-		}
+		hostapd_config_free_eap_users(conf->eap_user);
 		conf->eap_user = new_user;
+	} else {
+		hostapd_config_free_eap_users(new_user);
 	}
 
 	return ret;
 }
+
 #endif /* EAP_SERVER */
 
 
@@ -684,12 +778,16 @@ static int hostapd_config_parse_key_mgmt(int line, con
 			val |= WPA_KEY_MGMT_PSK;
 		else if (os_strcmp(start, "WPA-EAP") == 0)
 			val |= WPA_KEY_MGMT_IEEE8021X;
-#ifdef CONFIG_IEEE80211R
+#ifdef CONFIG_IEEE80211R_AP
 		else if (os_strcmp(start, "FT-PSK") == 0)
 			val |= WPA_KEY_MGMT_FT_PSK;
 		else if (os_strcmp(start, "FT-EAP") == 0)
 			val |= WPA_KEY_MGMT_FT_IEEE8021X;
-#endif /* CONFIG_IEEE80211R */
+#ifdef CONFIG_SHA384
+		else if (os_strcmp(start, "FT-EAP-SHA384") == 0)
+			val |= WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
+#endif /* CONFIG_SHA384 */
+#endif /* CONFIG_IEEE80211R_AP */
 #ifdef CONFIG_IEEE80211W
 		else if (os_strcmp(start, "WPA-PSK-SHA256") == 0)
 			val |= WPA_KEY_MGMT_PSK_SHA256;
@@ -710,6 +808,30 @@ static int hostapd_config_parse_key_mgmt(int line, con
 		else if (os_strcmp(start, "WPA-EAP-SUITE-B-192") == 0)
 			val |= WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
 #endif /* CONFIG_SUITEB192 */
+#ifdef CONFIG_FILS
+		else if (os_strcmp(start, "FILS-SHA256") == 0)
+			val |= WPA_KEY_MGMT_FILS_SHA256;
+		else if (os_strcmp(start, "FILS-SHA384") == 0)
+			val |= WPA_KEY_MGMT_FILS_SHA384;
+#ifdef CONFIG_IEEE80211R_AP
+		else if (os_strcmp(start, "FT-FILS-SHA256") == 0)
+			val |= WPA_KEY_MGMT_FT_FILS_SHA256;
+		else if (os_strcmp(start, "FT-FILS-SHA384") == 0)
+			val |= WPA_KEY_MGMT_FT_FILS_SHA384;
+#endif /* CONFIG_IEEE80211R_AP */
+#endif /* CONFIG_FILS */
+#ifdef CONFIG_OWE
+		else if (os_strcmp(start, "OWE") == 0)
+			val |= WPA_KEY_MGMT_OWE;
+#endif /* CONFIG_OWE */
+#ifdef CONFIG_DPP
+		else if (os_strcmp(start, "DPP") == 0)
+			val |= WPA_KEY_MGMT_DPP;
+#endif /* CONFIG_DPP */
+#ifdef CONFIG_HS20
+		else if (os_strcmp(start, "OSEN") == 0)
+			val |= WPA_KEY_MGMT_OSEN;
+#endif /* CONFIG_HS20 */
 		else {
 			wpa_printf(MSG_ERROR, "Line %d: invalid key_mgmt '%s'",
 				   line, start);
@@ -755,17 +877,34 @@ static int hostapd_config_read_wep(struct hostapd_wep_
 {
 	size_t len = os_strlen(val);
 
-	if (keyidx < 0 || keyidx > 3 || wep->key[keyidx] != NULL)
+	if (keyidx < 0 || keyidx > 3)
 		return -1;
 
+	if (len == 0) {
+		int i, set = 0;
+
+		bin_clear_free(wep->key[keyidx], wep->len[keyidx]);
+		wep->key[keyidx] = NULL;
+		wep->len[keyidx] = 0;
+		for (i = 0; i < NUM_WEP_KEYS; i++) {
+			if (wep->key[i])
+				set++;
+		}
+		if (!set)
+			wep->keys_set = 0;
+		return 0;
+	}
+
+	if (wep->key[keyidx] != NULL)
+		return -1;
+
 	if (val[0] == '"') {
 		if (len < 2 || val[len - 1] != '"')
 			return -1;
 		len -= 2;
-		wep->key[keyidx] = os_malloc(len);
+		wep->key[keyidx] = os_memdup(val + 1, len);
 		if (wep->key[keyidx] == NULL)
 			return -1;
-		os_memcpy(wep->key[keyidx], val + 1, len);
 		wep->len[keyidx] = len;
 	} else {
 		if (len & 1)
@@ -978,7 +1117,27 @@ static int hostapd_config_tx_queue(struct hostapd_conf
 }
 
 
-#ifdef CONFIG_IEEE80211R
+#ifdef CONFIG_IEEE80211R_AP
+
+static int rkh_derive_key(const char *pos, u8 *key, size_t key_len)
+{
+	u8 oldkey[16];
+	int ret;
+
+	if (!hexstr2bin(pos, key, key_len))
+		return 0;
+
+	/* Try to use old short key for backwards compatibility */
+	if (hexstr2bin(pos, oldkey, sizeof(oldkey)))
+		return -1;
+
+	ret = hmac_sha256_kdf(oldkey, sizeof(oldkey), "FT OLDKEY", NULL, 0,
+			      key, key_len);
+	os_memset(oldkey, 0, sizeof(oldkey));
+	return ret;
+}
+
+
 static int add_r0kh(struct hostapd_bss_config *bss, char *value)
 {
 	struct ft_remote_r0kh *r0kh;
@@ -1012,7 +1171,7 @@ static int add_r0kh(struct hostapd_bss_config *bss, ch
 	os_memcpy(r0kh->id, pos, r0kh->id_len);
 
 	pos = next;
-	if (hexstr2bin(pos, r0kh->key, sizeof(r0kh->key))) {
+	if (rkh_derive_key(pos, r0kh->key, sizeof(r0kh->key)) < 0) {
 		wpa_printf(MSG_ERROR, "Invalid R0KH key: '%s'", pos);
 		os_free(r0kh);
 		return -1;
@@ -1057,7 +1216,7 @@ static int add_r1kh(struct hostapd_bss_config *bss, ch
 	}
 
 	pos = next;
-	if (hexstr2bin(pos, r1kh->key, sizeof(r1kh->key))) {
+	if (rkh_derive_key(pos, r1kh->key, sizeof(r1kh->key)) < 0) {
 		wpa_printf(MSG_ERROR, "Invalid R1KH key: '%s'", pos);
 		os_free(r1kh);
 		return -1;
@@ -1068,7 +1227,7 @@ static int add_r1kh(struct hostapd_bss_config *bss, ch
 
 	return 0;
 }
-#endif /* CONFIG_IEEE80211R */
+#endif /* CONFIG_IEEE80211R_AP */
 
 
 #ifdef CONFIG_IEEE80211N
@@ -1085,6 +1244,12 @@ static int hostapd_config_ht_capab(struct hostapd_conf
 		conf->ht_capab |= HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET;
 		conf->secondary_channel = 1;
 	}
+	if (os_strstr(capab, "[HT40+]") && os_strstr(capab, "[HT40-]")) {
+		conf->ht_capab |= HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET;
+		conf->ht40_plus_minus_allowed = 1;
+	}
+	if (!os_strstr(capab, "[HT40+]") && !os_strstr(capab, "[HT40-]"))
+		conf->secondary_channel = 0;
 	if (os_strstr(capab, "[SMPS-STATIC]")) {
 		conf->ht_capab &= ~HT_CAP_INFO_SMPS_MASK;
 		conf->ht_capab |= HT_CAP_INFO_SMPS_STATIC;
@@ -1214,6 +1379,30 @@ static int hostapd_config_vht_capab(struct hostapd_con
 #endif /* CONFIG_IEEE80211AC */
 
 
+#ifdef CONFIG_IEEE80211AX
+
+static u8 find_bit_offset(u8 val)
+{
+	u8 res = 0;
+
+	for (; val; val >>= 1) {
+		if (val & 1)
+			break;
+		res++;
+	}
+
+	return res;
+}
+
+
+static u8 set_he_cap(int val, u8 mask)
+{
+	return (u8) (mask & (val << find_bit_offset(mask)));
+}
+
+#endif /* CONFIG_IEEE80211AX */
+
+
 #ifdef CONFIG_INTERWORKING
 static int parse_roaming_consortium(struct hostapd_bss_config *bss, char *pos,
 				    int line)
@@ -1307,6 +1496,44 @@ static int parse_venue_name(struct hostapd_bss_config 
 }
 
 
+static int parse_venue_url(struct hostapd_bss_config *bss, char *pos,
+			    int line)
+{
+	char *sep;
+	size_t nlen;
+	struct hostapd_venue_url *url;
+	int ret = -1;
+
+	sep = os_strchr(pos, ':');
+	if (!sep)
+		goto fail;
+	*sep++ = '\0';
+
+	nlen = os_strlen(sep);
+	if (nlen > 254)
+		goto fail;
+
+	url = os_realloc_array(bss->venue_url, bss->venue_url_count + 1,
+			       sizeof(struct hostapd_venue_url));
+	if (!url)
+		goto fail;
+
+	bss->venue_url = url;
+	url = &bss->venue_url[bss->venue_url_count++];
+
+	url->venue_number = atoi(pos);
+	url->url_len = nlen;
+	os_memcpy(url->url, sep, nlen);
+
+	ret = 0;
+fail:
+	if (ret)
+		wpa_printf(MSG_ERROR, "Line %d: Invalid venue_url '%s'",
+			   line, pos);
+	return ret;
+}
+
+
 static int parse_3gpp_cell_net(struct hostapd_bss_config *bss, char *buf,
 			       int line)
 {
@@ -1857,6 +2084,24 @@ static int hs20_parse_osu_nai(struct hostapd_bss_confi
 }
 
 
+static int hs20_parse_osu_nai2(struct hostapd_bss_config *bss,
+			       char *pos, int line)
+{
+	if (bss->last_osu == NULL) {
+		wpa_printf(MSG_ERROR, "Line %d: Unexpected OSU field", line);
+		return -1;
+	}
+
+	os_free(bss->last_osu->osu_nai2);
+	bss->last_osu->osu_nai2 = os_strdup(pos);
+	if (bss->last_osu->osu_nai2 == NULL)
+		return -1;
+	bss->hs20_osu_providers_nai_count++;
+
+	return 0;
+}
+
+

*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***

From owner-svn-src-releng@freebsd.org  Tue May 14 22:59:35 2019
Return-Path: <owner-svn-src-releng@freebsd.org>
Delivered-To: svn-src-releng@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 65F00159B78B;
 Tue, 14 May 2019 22:59:35 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 042D688C0B;
 Tue, 14 May 2019 22:59:35 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id DB4C527995;
 Tue, 14 May 2019 22:59:34 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x4EMxYE9048271;
 Tue, 14 May 2019 22:59:34 GMT (envelope-from gordon@FreeBSD.org)
Received: (from gordon@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id x4EMxXZ8048261;
 Tue, 14 May 2019 22:59:33 GMT (envelope-from gordon@FreeBSD.org)
Message-Id: <201905142259.x4EMxXZ8048261@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: gordon set sender to
 gordon@FreeBSD.org using -f
From: Gordon Tetlow <gordon@FreeBSD.org>
Date: Tue, 14 May 2019 22:59:33 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-releng@freebsd.org
Subject: svn commit: r347588 - in releng/11.2: contrib/wpa contrib/wpa/hostapd
 contrib/wpa/hs20/client contrib/wpa/patches contrib/wpa/src/ap
 contrib/wpa/src/common contrib/wpa/src/crypto contrib/wpa/src/dr...
X-SVN-Group: releng
X-SVN-Commit-Author: gordon
X-SVN-Commit-Paths: in releng/11.2: contrib/wpa contrib/wpa/hostapd
 contrib/wpa/hs20/client contrib/wpa/patches contrib/wpa/src/ap
 contrib/wpa/src/common contrib/wpa/src/crypto contrib/wpa/src/drivers
 contrib/wpa/src/eap...
X-SVN-Commit-Revision: 347588
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: 042D688C0B
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.97 / 15.00];
 local_wl_from(0.00)[FreeBSD.org];
 NEURAL_HAM_MEDIUM(-1.00)[-0.999,0];
 NEURAL_HAM_SHORT(-0.98)[-0.976,0];
 NEURAL_HAM_LONG(-1.00)[-1.000,0];
 ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]
X-BeenThere: svn-src-releng@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the release engineering / security commits to
 the src tree <svn-src-releng.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-releng>, 
 <mailto:svn-src-releng-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-releng/>
List-Post: <mailto:svn-src-releng@freebsd.org>
List-Help: <mailto:svn-src-releng-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-releng>,
 <mailto:svn-src-releng-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 14 May 2019 22:59:35 -0000

Author: gordon
Date: Tue May 14 22:59:32 2019
New Revision: 347588
URL: https://svnweb.freebsd.org/changeset/base/347588

Log:
  Update hostapd/wpa_supplicant to 2.8 to fix multiple vulnerabilities.
  
  Approved by:	so
  Security:	FreeBSD-SA-19:03.wpa
  Security:	CVE-2019-9494
  Security:	CVE-2019-9495
  Security:	CVE-2019-9496
  Security:	CVE-2019-9497
  Security:	CVE-2019-9498
  Security:	CVE-2019-9499
  Security:	CVE-2019-11555

Added:
  releng/11.2/contrib/wpa/hostapd/README-MULTI-AP
  releng/11.2/contrib/wpa/src/ap/dpp_hostapd.c
  releng/11.2/contrib/wpa/src/ap/dpp_hostapd.h
  releng/11.2/contrib/wpa/src/ap/eth_p_oui.c
  releng/11.2/contrib/wpa/src/ap/eth_p_oui.h
  releng/11.2/contrib/wpa/src/ap/fils_hlp.c
  releng/11.2/contrib/wpa/src/ap/fils_hlp.h
  releng/11.2/contrib/wpa/src/ap/gas_query_ap.c
  releng/11.2/contrib/wpa/src/ap/gas_query_ap.h
  releng/11.2/contrib/wpa/src/ap/ieee802_11_he.c
  releng/11.2/contrib/wpa/src/ap/mbo_ap.c
  releng/11.2/contrib/wpa/src/ap/mbo_ap.h
  releng/11.2/contrib/wpa/src/ap/neighbor_db.c
  releng/11.2/contrib/wpa/src/ap/neighbor_db.h
  releng/11.2/contrib/wpa/src/ap/rrm.c
  releng/11.2/contrib/wpa/src/ap/rrm.h
  releng/11.2/contrib/wpa/src/ap/taxonomy.c
  releng/11.2/contrib/wpa/src/ap/taxonomy.h
  releng/11.2/contrib/wpa/src/ap/vlan.c
  releng/11.2/contrib/wpa/src/ap/vlan.h
  releng/11.2/contrib/wpa/src/ap/vlan_full.c
  releng/11.2/contrib/wpa/src/ap/vlan_ifconfig.c
  releng/11.2/contrib/wpa/src/ap/vlan_ioctl.c
  releng/11.2/contrib/wpa/src/common/cli.c
  releng/11.2/contrib/wpa/src/common/cli.h
  releng/11.2/contrib/wpa/src/common/ctrl_iface_common.c
  releng/11.2/contrib/wpa/src/common/ctrl_iface_common.h
  releng/11.2/contrib/wpa/src/common/dhcp.h
  releng/11.2/contrib/wpa/src/common/dpp.c
  releng/11.2/contrib/wpa/src/common/dpp.h
  releng/11.2/contrib/wpa/src/common/gas_server.c
  releng/11.2/contrib/wpa/src/common/gas_server.h
  releng/11.2/contrib/wpa/src/common/ocv.c
  releng/11.2/contrib/wpa/src/common/ocv.h
  releng/11.2/contrib/wpa/src/crypto/crypto_linux.c
  releng/11.2/contrib/wpa/src/crypto/crypto_nettle.c
  releng/11.2/contrib/wpa/src/crypto/crypto_wolfssl.c
  releng/11.2/contrib/wpa/src/crypto/fips_prf_wolfssl.c
  releng/11.2/contrib/wpa/src/crypto/sha384-internal.c
  releng/11.2/contrib/wpa/src/crypto/sha384-kdf.c
  releng/11.2/contrib/wpa/src/crypto/sha384.c
  releng/11.2/contrib/wpa/src/crypto/sha384_i.h
  releng/11.2/contrib/wpa/src/crypto/sha512-internal.c
  releng/11.2/contrib/wpa/src/crypto/sha512-kdf.c
  releng/11.2/contrib/wpa/src/crypto/sha512-prf.c
  releng/11.2/contrib/wpa/src/crypto/sha512.c
  releng/11.2/contrib/wpa/src/crypto/sha512.h
  releng/11.2/contrib/wpa/src/crypto/sha512_i.h
  releng/11.2/contrib/wpa/src/crypto/tls_openssl.h
  releng/11.2/contrib/wpa/src/crypto/tls_openssl_ocsp.c
  releng/11.2/contrib/wpa/src/crypto/tls_wolfssl.c
  releng/11.2/contrib/wpa/src/drivers/driver_macsec_linux.c
  releng/11.2/contrib/wpa/src/drivers/driver_wired_common.c
  releng/11.2/contrib/wpa/src/drivers/driver_wired_common.h
  releng/11.2/contrib/wpa/src/tls/tlsv1_client_ocsp.c
  releng/11.2/contrib/wpa/src/utils/const_time.h
  releng/11.2/contrib/wpa/src/utils/crc32.c
  releng/11.2/contrib/wpa/src/utils/crc32.h
  releng/11.2/contrib/wpa/src/utils/json.c
  releng/11.2/contrib/wpa/src/utils/json.h
  releng/11.2/contrib/wpa/src/utils/module_tests.h
  releng/11.2/contrib/wpa/wpa_supplicant/Android.mk
  releng/11.2/contrib/wpa/wpa_supplicant/README-DPP
  releng/11.2/contrib/wpa/wpa_supplicant/README-Windows.txt
  releng/11.2/contrib/wpa/wpa_supplicant/android.config
  releng/11.2/contrib/wpa/wpa_supplicant/binder/
  releng/11.2/contrib/wpa/wpa_supplicant/binder/.clang-format
  releng/11.2/contrib/wpa/wpa_supplicant/binder/binder.cpp
  releng/11.2/contrib/wpa/wpa_supplicant/binder/binder.h
  releng/11.2/contrib/wpa/wpa_supplicant/binder/binder_constants.cpp
  releng/11.2/contrib/wpa/wpa_supplicant/binder/binder_constants.h
  releng/11.2/contrib/wpa/wpa_supplicant/binder/binder_i.h
  releng/11.2/contrib/wpa/wpa_supplicant/binder/binder_manager.cpp
  releng/11.2/contrib/wpa/wpa_supplicant/binder/binder_manager.h
  releng/11.2/contrib/wpa/wpa_supplicant/binder/fi/
  releng/11.2/contrib/wpa/wpa_supplicant/binder/fi/w1/
  releng/11.2/contrib/wpa/wpa_supplicant/binder/fi/w1/wpa_supplicant/
  releng/11.2/contrib/wpa/wpa_supplicant/binder/fi/w1/wpa_supplicant/IIface.aidl
  releng/11.2/contrib/wpa/wpa_supplicant/binder/fi/w1/wpa_supplicant/ISupplicant.aidl
  releng/11.2/contrib/wpa/wpa_supplicant/binder/fi/w1/wpa_supplicant/ISupplicantCallbacks.aidl
  releng/11.2/contrib/wpa/wpa_supplicant/binder/iface.cpp
  releng/11.2/contrib/wpa/wpa_supplicant/binder/iface.h
  releng/11.2/contrib/wpa/wpa_supplicant/binder/supplicant.cpp
  releng/11.2/contrib/wpa/wpa_supplicant/binder/supplicant.h
  releng/11.2/contrib/wpa/wpa_supplicant/dpp_supplicant.c
  releng/11.2/contrib/wpa/wpa_supplicant/dpp_supplicant.h
  releng/11.2/contrib/wpa/wpa_supplicant/examples/dpp-qrcode.py
  releng/11.2/contrib/wpa/wpa_supplicant/libwpa_test.c
  releng/11.2/contrib/wpa/wpa_supplicant/mbo.c
  releng/11.2/contrib/wpa/wpa_supplicant/op_classes.c
  releng/11.2/contrib/wpa/wpa_supplicant/rrm.c
  releng/11.2/contrib/wpa/wpa_supplicant/systemd/
  releng/11.2/contrib/wpa/wpa_supplicant/systemd/wpa_supplicant-nl80211.service.arg.in
  releng/11.2/contrib/wpa/wpa_supplicant/systemd/wpa_supplicant-wired.service.arg.in
  releng/11.2/contrib/wpa/wpa_supplicant/systemd/wpa_supplicant.service.arg.in
  releng/11.2/contrib/wpa/wpa_supplicant/systemd/wpa_supplicant.service.in
  releng/11.2/contrib/wpa/wpa_supplicant/vs2005/
  releng/11.2/contrib/wpa/wpa_supplicant/vs2005/eapol_test/
  releng/11.2/contrib/wpa/wpa_supplicant/vs2005/eapol_test/eapol_test.vcproj
  releng/11.2/contrib/wpa/wpa_supplicant/vs2005/win_if_list/
  releng/11.2/contrib/wpa/wpa_supplicant/vs2005/win_if_list/win_if_list.vcproj
  releng/11.2/contrib/wpa/wpa_supplicant/vs2005/wpa_cli/
  releng/11.2/contrib/wpa/wpa_supplicant/vs2005/wpa_cli/wpa_cli.vcproj
  releng/11.2/contrib/wpa/wpa_supplicant/vs2005/wpa_passphrase/
  releng/11.2/contrib/wpa/wpa_supplicant/vs2005/wpa_passphrase/wpa_passphrase.vcproj
  releng/11.2/contrib/wpa/wpa_supplicant/vs2005/wpa_supplicant/
  releng/11.2/contrib/wpa/wpa_supplicant/vs2005/wpa_supplicant.sln
  releng/11.2/contrib/wpa/wpa_supplicant/vs2005/wpa_supplicant/wpa_supplicant.vcproj
  releng/11.2/contrib/wpa/wpa_supplicant/vs2005/wpasvc/
  releng/11.2/contrib/wpa/wpa_supplicant/vs2005/wpasvc/wpasvc.vcproj
Deleted:
  releng/11.2/contrib/wpa/patches/
  releng/11.2/contrib/wpa/src/ap/peerkey_auth.c
  releng/11.2/contrib/wpa/src/rsn_supp/peerkey.c
  releng/11.2/contrib/wpa/src/rsn_supp/peerkey.h
  releng/11.2/contrib/wpa/wpa_supplicant/dbus/dbus_old.c
  releng/11.2/contrib/wpa/wpa_supplicant/dbus/dbus_old.h
  releng/11.2/contrib/wpa/wpa_supplicant/dbus/dbus_old_handlers.c
  releng/11.2/contrib/wpa/wpa_supplicant/dbus/dbus_old_handlers.h
  releng/11.2/contrib/wpa/wpa_supplicant/dbus/dbus_old_handlers_wps.c
  releng/11.2/contrib/wpa/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in
  releng/11.2/contrib/wpa/wpa_supplicant/examples/wpas-test.py
  releng/11.2/contrib/wpa/wpa_supplicant/tests/
Modified:
  releng/11.2/contrib/wpa/CONTRIBUTIONS
  releng/11.2/contrib/wpa/COPYING
  releng/11.2/contrib/wpa/README
  releng/11.2/contrib/wpa/hostapd/ChangeLog
  releng/11.2/contrib/wpa/hostapd/README
  releng/11.2/contrib/wpa/hostapd/config_file.c
  releng/11.2/contrib/wpa/hostapd/config_file.h
  releng/11.2/contrib/wpa/hostapd/ctrl_iface.c
  releng/11.2/contrib/wpa/hostapd/defconfig
  releng/11.2/contrib/wpa/hostapd/hapd_module_tests.c
  releng/11.2/contrib/wpa/hostapd/hlr_auc_gw.c
  releng/11.2/contrib/wpa/hostapd/hostapd.conf
  releng/11.2/contrib/wpa/hostapd/hostapd.eap_user_sqlite
  releng/11.2/contrib/wpa/hostapd/hostapd.wpa_psk
  releng/11.2/contrib/wpa/hostapd/hostapd_cli.c
  releng/11.2/contrib/wpa/hostapd/main.c
  releng/11.2/contrib/wpa/hostapd/wps-ap-nfc.py
  releng/11.2/contrib/wpa/hs20/client/Android.mk
  releng/11.2/contrib/wpa/hs20/client/Makefile
  releng/11.2/contrib/wpa/hs20/client/est.c
  releng/11.2/contrib/wpa/hs20/client/oma_dm_client.c
  releng/11.2/contrib/wpa/hs20/client/osu_client.c
  releng/11.2/contrib/wpa/hs20/client/osu_client.h
  releng/11.2/contrib/wpa/src/ap/accounting.c
  releng/11.2/contrib/wpa/src/ap/accounting.h
  releng/11.2/contrib/wpa/src/ap/acs.c
  releng/11.2/contrib/wpa/src/ap/acs.h
  releng/11.2/contrib/wpa/src/ap/ap_config.c
  releng/11.2/contrib/wpa/src/ap/ap_config.h
  releng/11.2/contrib/wpa/src/ap/ap_drv_ops.c
  releng/11.2/contrib/wpa/src/ap/ap_drv_ops.h
  releng/11.2/contrib/wpa/src/ap/ap_mlme.c
  releng/11.2/contrib/wpa/src/ap/authsrv.c
  releng/11.2/contrib/wpa/src/ap/beacon.c
  releng/11.2/contrib/wpa/src/ap/beacon.h
  releng/11.2/contrib/wpa/src/ap/bss_load.c
  releng/11.2/contrib/wpa/src/ap/ctrl_iface_ap.c
  releng/11.2/contrib/wpa/src/ap/ctrl_iface_ap.h
  releng/11.2/contrib/wpa/src/ap/dfs.c
  releng/11.2/contrib/wpa/src/ap/dfs.h
  releng/11.2/contrib/wpa/src/ap/dhcp_snoop.c
  releng/11.2/contrib/wpa/src/ap/drv_callbacks.c
  releng/11.2/contrib/wpa/src/ap/eap_user_db.c
  releng/11.2/contrib/wpa/src/ap/gas_serv.c
  releng/11.2/contrib/wpa/src/ap/gas_serv.h
  releng/11.2/contrib/wpa/src/ap/hostapd.c
  releng/11.2/contrib/wpa/src/ap/hostapd.h
  releng/11.2/contrib/wpa/src/ap/hs20.c
  releng/11.2/contrib/wpa/src/ap/hs20.h
  releng/11.2/contrib/wpa/src/ap/hw_features.c
  releng/11.2/contrib/wpa/src/ap/iapp.c
  releng/11.2/contrib/wpa/src/ap/ieee802_11.c
  releng/11.2/contrib/wpa/src/ap/ieee802_11.h
  releng/11.2/contrib/wpa/src/ap/ieee802_11_auth.c
  releng/11.2/contrib/wpa/src/ap/ieee802_11_auth.h
  releng/11.2/contrib/wpa/src/ap/ieee802_11_ht.c
  releng/11.2/contrib/wpa/src/ap/ieee802_11_shared.c
  releng/11.2/contrib/wpa/src/ap/ieee802_11_vht.c
  releng/11.2/contrib/wpa/src/ap/ieee802_1x.c
  releng/11.2/contrib/wpa/src/ap/ieee802_1x.h
  releng/11.2/contrib/wpa/src/ap/ndisc_snoop.c
  releng/11.2/contrib/wpa/src/ap/pmksa_cache_auth.c
  releng/11.2/contrib/wpa/src/ap/pmksa_cache_auth.h
  releng/11.2/contrib/wpa/src/ap/sta_info.c
  releng/11.2/contrib/wpa/src/ap/sta_info.h
  releng/11.2/contrib/wpa/src/ap/tkip_countermeasures.c
  releng/11.2/contrib/wpa/src/ap/vlan_init.c
  releng/11.2/contrib/wpa/src/ap/vlan_init.h
  releng/11.2/contrib/wpa/src/ap/vlan_util.c
  releng/11.2/contrib/wpa/src/ap/vlan_util.h
  releng/11.2/contrib/wpa/src/ap/wmm.c
  releng/11.2/contrib/wpa/src/ap/wnm_ap.c
  releng/11.2/contrib/wpa/src/ap/wnm_ap.h
  releng/11.2/contrib/wpa/src/ap/wpa_auth.c
  releng/11.2/contrib/wpa/src/ap/wpa_auth.h
  releng/11.2/contrib/wpa/src/ap/wpa_auth_ft.c
  releng/11.2/contrib/wpa/src/ap/wpa_auth_glue.c
  releng/11.2/contrib/wpa/src/ap/wpa_auth_i.h
  releng/11.2/contrib/wpa/src/ap/wpa_auth_ie.c
  releng/11.2/contrib/wpa/src/ap/wpa_auth_ie.h
  releng/11.2/contrib/wpa/src/ap/wps_hostapd.c
  releng/11.2/contrib/wpa/src/common/common_module_tests.c
  releng/11.2/contrib/wpa/src/common/defs.h
  releng/11.2/contrib/wpa/src/common/eapol_common.h
  releng/11.2/contrib/wpa/src/common/gas.c
  releng/11.2/contrib/wpa/src/common/gas.h
  releng/11.2/contrib/wpa/src/common/hw_features_common.c
  releng/11.2/contrib/wpa/src/common/hw_features_common.h
  releng/11.2/contrib/wpa/src/common/ieee802_11_common.c
  releng/11.2/contrib/wpa/src/common/ieee802_11_common.h
  releng/11.2/contrib/wpa/src/common/ieee802_11_defs.h
  releng/11.2/contrib/wpa/src/common/ieee802_1x_defs.h
  releng/11.2/contrib/wpa/src/common/privsep_commands.h
  releng/11.2/contrib/wpa/src/common/qca-vendor.h
  releng/11.2/contrib/wpa/src/common/sae.c
  releng/11.2/contrib/wpa/src/common/sae.h
  releng/11.2/contrib/wpa/src/common/version.h
  releng/11.2/contrib/wpa/src/common/wpa_common.c
  releng/11.2/contrib/wpa/src/common/wpa_common.h
  releng/11.2/contrib/wpa/src/common/wpa_ctrl.c
  releng/11.2/contrib/wpa/src/common/wpa_ctrl.h
  releng/11.2/contrib/wpa/src/common/wpa_helpers.c
  releng/11.2/contrib/wpa/src/crypto/aes-cbc.c
  releng/11.2/contrib/wpa/src/crypto/aes-ctr.c
  releng/11.2/contrib/wpa/src/crypto/aes-internal-dec.c
  releng/11.2/contrib/wpa/src/crypto/aes-internal-enc.c
  releng/11.2/contrib/wpa/src/crypto/aes-omac1.c
  releng/11.2/contrib/wpa/src/crypto/aes-siv.c
  releng/11.2/contrib/wpa/src/crypto/aes.h
  releng/11.2/contrib/wpa/src/crypto/aes_siv.h
  releng/11.2/contrib/wpa/src/crypto/aes_wrap.h
  releng/11.2/contrib/wpa/src/crypto/crypto.h
  releng/11.2/contrib/wpa/src/crypto/crypto_gnutls.c
  releng/11.2/contrib/wpa/src/crypto/crypto_internal-modexp.c
  releng/11.2/contrib/wpa/src/crypto/crypto_internal.c
  releng/11.2/contrib/wpa/src/crypto/crypto_libtomcrypt.c
  releng/11.2/contrib/wpa/src/crypto/crypto_module_tests.c
  releng/11.2/contrib/wpa/src/crypto/crypto_none.c
  releng/11.2/contrib/wpa/src/crypto/crypto_openssl.c
  releng/11.2/contrib/wpa/src/crypto/des-internal.c
  releng/11.2/contrib/wpa/src/crypto/dh_group5.c
  releng/11.2/contrib/wpa/src/crypto/dh_groups.c
  releng/11.2/contrib/wpa/src/crypto/fips_prf_openssl.c
  releng/11.2/contrib/wpa/src/crypto/md4-internal.c
  releng/11.2/contrib/wpa/src/crypto/md5-internal.c
  releng/11.2/contrib/wpa/src/crypto/ms_funcs.c
  releng/11.2/contrib/wpa/src/crypto/ms_funcs.h
  releng/11.2/contrib/wpa/src/crypto/random.c
  releng/11.2/contrib/wpa/src/crypto/sha1-internal.c
  releng/11.2/contrib/wpa/src/crypto/sha1-tlsprf.c
  releng/11.2/contrib/wpa/src/crypto/sha256-internal.c
  releng/11.2/contrib/wpa/src/crypto/sha256-kdf.c
  releng/11.2/contrib/wpa/src/crypto/sha256-prf.c
  releng/11.2/contrib/wpa/src/crypto/sha256.h
  releng/11.2/contrib/wpa/src/crypto/sha384-prf.c
  releng/11.2/contrib/wpa/src/crypto/sha384.h
  releng/11.2/contrib/wpa/src/crypto/tls.h
  releng/11.2/contrib/wpa/src/crypto/tls_gnutls.c
  releng/11.2/contrib/wpa/src/crypto/tls_internal.c
  releng/11.2/contrib/wpa/src/crypto/tls_none.c
  releng/11.2/contrib/wpa/src/crypto/tls_openssl.c
  releng/11.2/contrib/wpa/src/drivers/driver.h
  releng/11.2/contrib/wpa/src/drivers/driver_bsd.c
  releng/11.2/contrib/wpa/src/drivers/driver_common.c
  releng/11.2/contrib/wpa/src/drivers/driver_macsec_qca.c
  releng/11.2/contrib/wpa/src/drivers/driver_ndis.c
  releng/11.2/contrib/wpa/src/drivers/driver_nl80211.h
  releng/11.2/contrib/wpa/src/drivers/driver_nl80211_capa.c
  releng/11.2/contrib/wpa/src/drivers/driver_nl80211_event.c
  releng/11.2/contrib/wpa/src/drivers/driver_nl80211_monitor.c
  releng/11.2/contrib/wpa/src/drivers/driver_nl80211_scan.c
  releng/11.2/contrib/wpa/src/drivers/driver_openbsd.c
  releng/11.2/contrib/wpa/src/drivers/driver_privsep.c
  releng/11.2/contrib/wpa/src/drivers/driver_wired.c
  releng/11.2/contrib/wpa/src/drivers/drivers.c
  releng/11.2/contrib/wpa/src/eap_common/eap_eke_common.c
  releng/11.2/contrib/wpa/src/eap_common/eap_fast_common.c
  releng/11.2/contrib/wpa/src/eap_common/eap_fast_common.h
  releng/11.2/contrib/wpa/src/eap_common/eap_gpsk_common.c
  releng/11.2/contrib/wpa/src/eap_common/eap_pax_common.c
  releng/11.2/contrib/wpa/src/eap_common/eap_pwd_common.c
  releng/11.2/contrib/wpa/src/eap_common/eap_pwd_common.h
  releng/11.2/contrib/wpa/src/eap_common/eap_sake_common.c
  releng/11.2/contrib/wpa/src/eap_common/eap_sake_common.h
  releng/11.2/contrib/wpa/src/eap_common/eap_sim_common.c
  releng/11.2/contrib/wpa/src/eap_common/ikev2_common.c
  releng/11.2/contrib/wpa/src/eap_peer/eap.c
  releng/11.2/contrib/wpa/src/eap_peer/eap.h
  releng/11.2/contrib/wpa/src/eap_peer/eap_aka.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_config.h
  releng/11.2/contrib/wpa/src/eap_peer/eap_eke.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_fast.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_fast_pac.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_gpsk.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_gtc.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_i.h
  releng/11.2/contrib/wpa/src/eap_peer/eap_ikev2.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_leap.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_md5.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_methods.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_methods.h
  releng/11.2/contrib/wpa/src/eap_peer/eap_mschapv2.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_otp.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_pax.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_peap.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_proxy.h
  releng/11.2/contrib/wpa/src/eap_peer/eap_proxy_dummy.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_psk.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_pwd.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_sake.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_sim.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_tls.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_tls_common.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_tls_common.h
  releng/11.2/contrib/wpa/src/eap_peer/eap_tnc.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_ttls.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_vendor_test.c
  releng/11.2/contrib/wpa/src/eap_peer/eap_wsc.c
  releng/11.2/contrib/wpa/src/eap_peer/ikev2.c
  releng/11.2/contrib/wpa/src/eap_peer/tncc.c
  releng/11.2/contrib/wpa/src/eap_server/eap.h
  releng/11.2/contrib/wpa/src/eap_server/eap_i.h
  releng/11.2/contrib/wpa/src/eap_server/eap_methods.h
  releng/11.2/contrib/wpa/src/eap_server/eap_server.c
  releng/11.2/contrib/wpa/src/eap_server/eap_server_aka.c
  releng/11.2/contrib/wpa/src/eap_server/eap_server_eke.c
  releng/11.2/contrib/wpa/src/eap_server/eap_server_fast.c
  releng/11.2/contrib/wpa/src/eap_server/eap_server_gpsk.c
  releng/11.2/contrib/wpa/src/eap_server/eap_server_gtc.c
  releng/11.2/contrib/wpa/src/eap_server/eap_server_identity.c
  releng/11.2/contrib/wpa/src/eap_server/eap_server_ikev2.c
  releng/11.2/contrib/wpa/src/eap_server/eap_server_md5.c
  releng/11.2/contrib/wpa/src/eap_server/eap_server_methods.c
  releng/11.2/contrib/wpa/src/eap_server/eap_server_mschapv2.c
  releng/11.2/contrib/wpa/src/eap_server/eap_server_pax.c
  releng/11.2/contrib/wpa/src/eap_server/eap_server_peap.c
  releng/11.2/contrib/wpa/src/eap_server/eap_server_psk.c
  releng/11.2/contrib/wpa/src/eap_server/eap_server_pwd.c
  releng/11.2/contrib/wpa/src/eap_server/eap_server_sake.c
  releng/11.2/contrib/wpa/src/eap_server/eap_server_sim.c
  releng/11.2/contrib/wpa/src/eap_server/eap_server_tls.c
  releng/11.2/contrib/wpa/src/eap_server/eap_server_tls_common.c
  releng/11.2/contrib/wpa/src/eap_server/eap_server_tnc.c
  releng/11.2/contrib/wpa/src/eap_server/eap_server_ttls.c
  releng/11.2/contrib/wpa/src/eap_server/eap_server_vendor_test.c
  releng/11.2/contrib/wpa/src/eap_server/eap_server_wsc.c
  releng/11.2/contrib/wpa/src/eap_server/eap_sim_db.c
  releng/11.2/contrib/wpa/src/eap_server/eap_sim_db.h
  releng/11.2/contrib/wpa/src/eap_server/eap_tls_common.h
  releng/11.2/contrib/wpa/src/eap_server/ikev2.c
  releng/11.2/contrib/wpa/src/eap_server/tncs.c
  releng/11.2/contrib/wpa/src/eapol_auth/eapol_auth_sm.c
  releng/11.2/contrib/wpa/src/eapol_auth/eapol_auth_sm.h
  releng/11.2/contrib/wpa/src/eapol_auth/eapol_auth_sm_i.h
  releng/11.2/contrib/wpa/src/eapol_supp/eapol_supp_sm.c
  releng/11.2/contrib/wpa/src/eapol_supp/eapol_supp_sm.h
  releng/11.2/contrib/wpa/src/fst/fst.c
  releng/11.2/contrib/wpa/src/fst/fst.h
  releng/11.2/contrib/wpa/src/fst/fst_ctrl_aux.c
  releng/11.2/contrib/wpa/src/fst/fst_ctrl_aux.h
  releng/11.2/contrib/wpa/src/fst/fst_ctrl_iface.c
  releng/11.2/contrib/wpa/src/fst/fst_defs.h
  releng/11.2/contrib/wpa/src/fst/fst_group.c
  releng/11.2/contrib/wpa/src/fst/fst_group.h
  releng/11.2/contrib/wpa/src/fst/fst_iface.c
  releng/11.2/contrib/wpa/src/fst/fst_iface.h
  releng/11.2/contrib/wpa/src/fst/fst_session.c
  releng/11.2/contrib/wpa/src/l2_packet/l2_packet.h
  releng/11.2/contrib/wpa/src/l2_packet/l2_packet_privsep.c
  releng/11.2/contrib/wpa/src/p2p/p2p.c
  releng/11.2/contrib/wpa/src/p2p/p2p.h
  releng/11.2/contrib/wpa/src/p2p/p2p_build.c
  releng/11.2/contrib/wpa/src/p2p/p2p_go_neg.c
  releng/11.2/contrib/wpa/src/p2p/p2p_group.c
  releng/11.2/contrib/wpa/src/p2p/p2p_i.h
  releng/11.2/contrib/wpa/src/p2p/p2p_invitation.c
  releng/11.2/contrib/wpa/src/p2p/p2p_parse.c
  releng/11.2/contrib/wpa/src/p2p/p2p_pd.c
  releng/11.2/contrib/wpa/src/p2p/p2p_sd.c
  releng/11.2/contrib/wpa/src/p2p/p2p_utils.c
  releng/11.2/contrib/wpa/src/pae/ieee802_1x_cp.c
  releng/11.2/contrib/wpa/src/pae/ieee802_1x_cp.h
  releng/11.2/contrib/wpa/src/pae/ieee802_1x_kay.c
  releng/11.2/contrib/wpa/src/pae/ieee802_1x_kay.h
  releng/11.2/contrib/wpa/src/pae/ieee802_1x_kay_i.h
  releng/11.2/contrib/wpa/src/pae/ieee802_1x_key.c
  releng/11.2/contrib/wpa/src/pae/ieee802_1x_key.h
  releng/11.2/contrib/wpa/src/pae/ieee802_1x_secy_ops.c
  releng/11.2/contrib/wpa/src/pae/ieee802_1x_secy_ops.h
  releng/11.2/contrib/wpa/src/radius/radius.c
  releng/11.2/contrib/wpa/src/radius/radius.h
  releng/11.2/contrib/wpa/src/radius/radius_client.c
  releng/11.2/contrib/wpa/src/radius/radius_client.h
  releng/11.2/contrib/wpa/src/radius/radius_das.c
  releng/11.2/contrib/wpa/src/radius/radius_das.h
  releng/11.2/contrib/wpa/src/radius/radius_server.c
  releng/11.2/contrib/wpa/src/radius/radius_server.h
  releng/11.2/contrib/wpa/src/rsn_supp/pmksa_cache.c
  releng/11.2/contrib/wpa/src/rsn_supp/pmksa_cache.h
  releng/11.2/contrib/wpa/src/rsn_supp/preauth.c
  releng/11.2/contrib/wpa/src/rsn_supp/preauth.h
  releng/11.2/contrib/wpa/src/rsn_supp/tdls.c
  releng/11.2/contrib/wpa/src/rsn_supp/wpa.c
  releng/11.2/contrib/wpa/src/rsn_supp/wpa.h
  releng/11.2/contrib/wpa/src/rsn_supp/wpa_ft.c
  releng/11.2/contrib/wpa/src/rsn_supp/wpa_i.h
  releng/11.2/contrib/wpa/src/rsn_supp/wpa_ie.c
  releng/11.2/contrib/wpa/src/rsn_supp/wpa_ie.h
  releng/11.2/contrib/wpa/src/tls/asn1.c
  releng/11.2/contrib/wpa/src/tls/asn1.h
  releng/11.2/contrib/wpa/src/tls/bignum.c
  releng/11.2/contrib/wpa/src/tls/libtommath.c
  releng/11.2/contrib/wpa/src/tls/pkcs5.c
  releng/11.2/contrib/wpa/src/tls/rsa.c
  releng/11.2/contrib/wpa/src/tls/tlsv1_client.c
  releng/11.2/contrib/wpa/src/tls/tlsv1_client.h
  releng/11.2/contrib/wpa/src/tls/tlsv1_client_i.h
  releng/11.2/contrib/wpa/src/tls/tlsv1_client_read.c
  releng/11.2/contrib/wpa/src/tls/tlsv1_client_write.c
  releng/11.2/contrib/wpa/src/tls/tlsv1_common.c
  releng/11.2/contrib/wpa/src/tls/tlsv1_common.h
  releng/11.2/contrib/wpa/src/tls/tlsv1_cred.c
  releng/11.2/contrib/wpa/src/tls/tlsv1_cred.h
  releng/11.2/contrib/wpa/src/tls/tlsv1_server.c
  releng/11.2/contrib/wpa/src/tls/tlsv1_server.h
  releng/11.2/contrib/wpa/src/tls/tlsv1_server_i.h
  releng/11.2/contrib/wpa/src/tls/tlsv1_server_read.c
  releng/11.2/contrib/wpa/src/tls/tlsv1_server_write.c
  releng/11.2/contrib/wpa/src/tls/x509v3.c
  releng/11.2/contrib/wpa/src/tls/x509v3.h
  releng/11.2/contrib/wpa/src/utils/base64.c
  releng/11.2/contrib/wpa/src/utils/base64.h
  releng/11.2/contrib/wpa/src/utils/browser-android.c
  releng/11.2/contrib/wpa/src/utils/browser-wpadebug.c
  releng/11.2/contrib/wpa/src/utils/browser.c
  releng/11.2/contrib/wpa/src/utils/common.c
  releng/11.2/contrib/wpa/src/utils/common.h
  releng/11.2/contrib/wpa/src/utils/edit_simple.c
  releng/11.2/contrib/wpa/src/utils/eloop.c
  releng/11.2/contrib/wpa/src/utils/eloop.h
  releng/11.2/contrib/wpa/src/utils/eloop_win.c
  releng/11.2/contrib/wpa/src/utils/ext_password.c
  releng/11.2/contrib/wpa/src/utils/ext_password_i.h
  releng/11.2/contrib/wpa/src/utils/http_curl.c
  releng/11.2/contrib/wpa/src/utils/list.h
  releng/11.2/contrib/wpa/src/utils/os.h
  releng/11.2/contrib/wpa/src/utils/os_internal.c
  releng/11.2/contrib/wpa/src/utils/os_none.c
  releng/11.2/contrib/wpa/src/utils/os_unix.c
  releng/11.2/contrib/wpa/src/utils/os_win32.c
  releng/11.2/contrib/wpa/src/utils/pcsc_funcs.c
  releng/11.2/contrib/wpa/src/utils/platform.h
  releng/11.2/contrib/wpa/src/utils/radiotap.c
  releng/11.2/contrib/wpa/src/utils/radiotap.h
  releng/11.2/contrib/wpa/src/utils/radiotap_iter.h
  releng/11.2/contrib/wpa/src/utils/trace.c
  releng/11.2/contrib/wpa/src/utils/trace.h
  releng/11.2/contrib/wpa/src/utils/utils_module_tests.c
  releng/11.2/contrib/wpa/src/utils/uuid.c
  releng/11.2/contrib/wpa/src/utils/uuid.h
  releng/11.2/contrib/wpa/src/utils/wpa_debug.c
  releng/11.2/contrib/wpa/src/utils/wpa_debug.h
  releng/11.2/contrib/wpa/src/utils/wpabuf.c
  releng/11.2/contrib/wpa/src/utils/wpabuf.h
  releng/11.2/contrib/wpa/src/utils/xml-utils.c
  releng/11.2/contrib/wpa/src/utils/xml_libxml2.c
  releng/11.2/contrib/wpa/src/wps/wps.c
  releng/11.2/contrib/wpa/src/wps/wps.h
  releng/11.2/contrib/wpa/src/wps/wps_attr_build.c
  releng/11.2/contrib/wpa/src/wps/wps_attr_parse.c
  releng/11.2/contrib/wpa/src/wps/wps_attr_parse.h
  releng/11.2/contrib/wpa/src/wps/wps_attr_process.c
  releng/11.2/contrib/wpa/src/wps/wps_common.c
  releng/11.2/contrib/wpa/src/wps/wps_defs.h
  releng/11.2/contrib/wpa/src/wps/wps_dev_attr.c
  releng/11.2/contrib/wpa/src/wps/wps_dev_attr.h
  releng/11.2/contrib/wpa/src/wps/wps_enrollee.c
  releng/11.2/contrib/wpa/src/wps/wps_er.c
  releng/11.2/contrib/wpa/src/wps/wps_i.h
  releng/11.2/contrib/wpa/src/wps/wps_module_tests.c
  releng/11.2/contrib/wpa/src/wps/wps_registrar.c
  releng/11.2/contrib/wpa/src/wps/wps_upnp.c
  releng/11.2/contrib/wpa/src/wps/wps_upnp.h
  releng/11.2/contrib/wpa/src/wps/wps_upnp_i.h
  releng/11.2/contrib/wpa/src/wps/wps_upnp_ssdp.c
  releng/11.2/contrib/wpa/src/wps/wps_upnp_web.c
  releng/11.2/contrib/wpa/src/wps/wps_validate.c
  releng/11.2/contrib/wpa/wpa_supplicant/ChangeLog
  releng/11.2/contrib/wpa/wpa_supplicant/README
  releng/11.2/contrib/wpa/wpa_supplicant/README-HS20
  releng/11.2/contrib/wpa/wpa_supplicant/README-P2P
  releng/11.2/contrib/wpa/wpa_supplicant/ap.c
  releng/11.2/contrib/wpa/wpa_supplicant/ap.h
  releng/11.2/contrib/wpa/wpa_supplicant/autoscan.c
  releng/11.2/contrib/wpa/wpa_supplicant/autoscan.h
  releng/11.2/contrib/wpa/wpa_supplicant/bgscan.c
  releng/11.2/contrib/wpa/wpa_supplicant/bgscan.h
  releng/11.2/contrib/wpa/wpa_supplicant/bgscan_learn.c
  releng/11.2/contrib/wpa/wpa_supplicant/bgscan_simple.c
  releng/11.2/contrib/wpa/wpa_supplicant/bss.c
  releng/11.2/contrib/wpa/wpa_supplicant/bss.h
  releng/11.2/contrib/wpa/wpa_supplicant/config.c
  releng/11.2/contrib/wpa/wpa_supplicant/config.h
  releng/11.2/contrib/wpa/wpa_supplicant/config_file.c
  releng/11.2/contrib/wpa/wpa_supplicant/config_ssid.h
  releng/11.2/contrib/wpa/wpa_supplicant/ctrl_iface.c
  releng/11.2/contrib/wpa/wpa_supplicant/ctrl_iface_named_pipe.c
  releng/11.2/contrib/wpa/wpa_supplicant/ctrl_iface_udp.c
  releng/11.2/contrib/wpa/wpa_supplicant/ctrl_iface_unix.c
  releng/11.2/contrib/wpa/wpa_supplicant/dbus/Makefile
  releng/11.2/contrib/wpa/wpa_supplicant/dbus/dbus-wpa_supplicant.conf
  releng/11.2/contrib/wpa/wpa_supplicant/dbus/dbus_common.c
  releng/11.2/contrib/wpa/wpa_supplicant/dbus/dbus_common_i.h
  releng/11.2/contrib/wpa/wpa_supplicant/dbus/dbus_dict_helpers.c
  releng/11.2/contrib/wpa/wpa_supplicant/dbus/dbus_dict_helpers.h
  releng/11.2/contrib/wpa/wpa_supplicant/dbus/dbus_new.c
  releng/11.2/contrib/wpa/wpa_supplicant/dbus/dbus_new.h
  releng/11.2/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers.c
  releng/11.2/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers.h
  releng/11.2/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_p2p.c
  releng/11.2/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_p2p.h
  releng/11.2/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_wps.c
  releng/11.2/contrib/wpa/wpa_supplicant/dbus/dbus_new_helpers.c
  releng/11.2/contrib/wpa/wpa_supplicant/dbus/dbus_new_helpers.h
  releng/11.2/contrib/wpa/wpa_supplicant/dbus/dbus_new_introspect.c
  releng/11.2/contrib/wpa/wpa_supplicant/defconfig
  releng/11.2/contrib/wpa/wpa_supplicant/driver_i.h
  releng/11.2/contrib/wpa/wpa_supplicant/eapol_test.c
  releng/11.2/contrib/wpa/wpa_supplicant/eapol_test.py
  releng/11.2/contrib/wpa/wpa_supplicant/events.c
  releng/11.2/contrib/wpa/wpa_supplicant/examples/dbus-listen-preq.py
  releng/11.2/contrib/wpa/wpa_supplicant/examples/p2p-nfc.py
  releng/11.2/contrib/wpa/wpa_supplicant/examples/p2p/p2p_connect.py
  releng/11.2/contrib/wpa/wpa_supplicant/examples/p2p/p2p_disconnect.py
  releng/11.2/contrib/wpa/wpa_supplicant/examples/p2p/p2p_find.py
  releng/11.2/contrib/wpa/wpa_supplicant/examples/p2p/p2p_flush.py
  releng/11.2/contrib/wpa/wpa_supplicant/examples/p2p/p2p_group_add.py
  releng/11.2/contrib/wpa/wpa_supplicant/examples/p2p/p2p_invite.py
  releng/11.2/contrib/wpa/wpa_supplicant/examples/p2p/p2p_listen.py
  releng/11.2/contrib/wpa/wpa_supplicant/examples/p2p/p2p_stop_find.py
  releng/11.2/contrib/wpa/wpa_supplicant/examples/wpas-dbus-new-getall.py
  releng/11.2/contrib/wpa/wpa_supplicant/examples/wpas-dbus-new-signals.py
  releng/11.2/contrib/wpa/wpa_supplicant/examples/wpas-dbus-new-wps.py
  releng/11.2/contrib/wpa/wpa_supplicant/examples/wpas-dbus-new.py
  releng/11.2/contrib/wpa/wpa_supplicant/examples/wps-ap-cli
  releng/11.2/contrib/wpa/wpa_supplicant/examples/wps-nfc.py
  releng/11.2/contrib/wpa/wpa_supplicant/gas_query.c
  releng/11.2/contrib/wpa/wpa_supplicant/gas_query.h
  releng/11.2/contrib/wpa/wpa_supplicant/hs20_supplicant.c
  releng/11.2/contrib/wpa/wpa_supplicant/hs20_supplicant.h
  releng/11.2/contrib/wpa/wpa_supplicant/ibss_rsn.c
  releng/11.2/contrib/wpa/wpa_supplicant/ibss_rsn.h
  releng/11.2/contrib/wpa/wpa_supplicant/interworking.c
  releng/11.2/contrib/wpa/wpa_supplicant/interworking.h
  releng/11.2/contrib/wpa/wpa_supplicant/main.c
  releng/11.2/contrib/wpa/wpa_supplicant/mesh.c
  releng/11.2/contrib/wpa/wpa_supplicant/mesh.h
  releng/11.2/contrib/wpa/wpa_supplicant/mesh_mpm.c
  releng/11.2/contrib/wpa/wpa_supplicant/mesh_mpm.h
  releng/11.2/contrib/wpa/wpa_supplicant/mesh_rsn.c
  releng/11.2/contrib/wpa/wpa_supplicant/mesh_rsn.h
  releng/11.2/contrib/wpa/wpa_supplicant/notify.c
  releng/11.2/contrib/wpa/wpa_supplicant/notify.h
  releng/11.2/contrib/wpa/wpa_supplicant/offchannel.c
  releng/11.2/contrib/wpa/wpa_supplicant/p2p_supplicant.c
  releng/11.2/contrib/wpa/wpa_supplicant/p2p_supplicant.h
  releng/11.2/contrib/wpa/wpa_supplicant/p2p_supplicant_sd.c
  releng/11.2/contrib/wpa/wpa_supplicant/preauth_test.c
  releng/11.2/contrib/wpa/wpa_supplicant/scan.c
  releng/11.2/contrib/wpa/wpa_supplicant/scan.h
  releng/11.2/contrib/wpa/wpa_supplicant/sme.c
  releng/11.2/contrib/wpa/wpa_supplicant/sme.h
  releng/11.2/contrib/wpa/wpa_supplicant/utils/log2pcap.py
  releng/11.2/contrib/wpa/wpa_supplicant/wifi_display.c
  releng/11.2/contrib/wpa/wpa_supplicant/wmm_ac.c
  releng/11.2/contrib/wpa/wpa_supplicant/wmm_ac.h
  releng/11.2/contrib/wpa/wpa_supplicant/wnm_sta.c
  releng/11.2/contrib/wpa/wpa_supplicant/wnm_sta.h
  releng/11.2/contrib/wpa/wpa_supplicant/wpa_cli.c
  releng/11.2/contrib/wpa/wpa_supplicant/wpa_passphrase.c
  releng/11.2/contrib/wpa/wpa_supplicant/wpa_priv.c
  releng/11.2/contrib/wpa/wpa_supplicant/wpa_supplicant.c
  releng/11.2/contrib/wpa/wpa_supplicant/wpa_supplicant.conf
  releng/11.2/contrib/wpa/wpa_supplicant/wpa_supplicant_i.h
  releng/11.2/contrib/wpa/wpa_supplicant/wpa_supplicant_template.conf
  releng/11.2/contrib/wpa/wpa_supplicant/wpas_glue.c
  releng/11.2/contrib/wpa/wpa_supplicant/wpas_kay.c
  releng/11.2/contrib/wpa/wpa_supplicant/wpas_kay.h
  releng/11.2/contrib/wpa/wpa_supplicant/wpas_module_tests.c
  releng/11.2/contrib/wpa/wpa_supplicant/wps_supplicant.c
  releng/11.2/contrib/wpa/wpa_supplicant/wps_supplicant.h
  releng/11.2/usr.sbin/wpa/Makefile.crypto
  releng/11.2/usr.sbin/wpa/Makefile.inc
  releng/11.2/usr.sbin/wpa/hostapd/Makefile
  releng/11.2/usr.sbin/wpa/hostapd_cli/Makefile
  releng/11.2/usr.sbin/wpa/wpa_cli/Makefile
  releng/11.2/usr.sbin/wpa/wpa_supplicant/Makefile

Modified: releng/11.2/contrib/wpa/CONTRIBUTIONS
==============================================================================
--- releng/11.2/contrib/wpa/CONTRIBUTIONS	Tue May 14 22:57:29 2019	(r347587)
+++ releng/11.2/contrib/wpa/CONTRIBUTIONS	Tue May 14 22:59:32 2019	(r347588)
@@ -29,6 +29,34 @@ using your real name. Pseudonyms or anonymous contribu
 unfortunately be accepted.
 
 
+The preferred method of submitting the contribution to the project is by
+email to the hostap mailing list:
+hostap@lists.infradead.org
+Note that the list may require subscription before accepting message
+without moderation. You can subscribe to the list at this address:
+http://lists.infradead.org/mailman/listinfo/hostap
+
+The message should contain an inlined patch against the current
+development branch (i.e., the master branch of
+git://w1.fi/hostap.git). Please make sure the software you use for
+sending the patch does not corrupt whitespace. If that cannot be fixed
+for some reason, it is better to include an attached version of the
+patch file than just send a whitespace damaged version in the message
+body.
+
+The patches should be separate logical changes rather than doing
+everything in a single patch. In other words, please keep cleanup, new
+features, and bug fixes all in their own patches. Each patch needs a
+commit log that describes the changes (what the changes fix, what
+functionality is added, why the changes are useful, etc.).
+
+Please try to follow the coding style used in the project.
+
+In general, the best way of generating a suitable formatted patch file
+is by committing the changes to a cloned git repository and using git
+format-patch. The patch can then be sent, e.g., with git send-email.
+
+
 History of license and contributions terms
 ------------------------------------------
 
@@ -112,7 +140,7 @@ The license terms used for hostap.git files
 
 Modified BSD license (no advertisement clause):
 
-Copyright (c) 2002-2015, Jouni Malinen <j@w1.fi> and contributors
+Copyright (c) 2002-2019, Jouni Malinen <j@w1.fi> and contributors
 All Rights Reserved.
 
 Redistribution and use in source and binary forms, with or without

Modified: releng/11.2/contrib/wpa/COPYING
==============================================================================
--- releng/11.2/contrib/wpa/COPYING	Tue May 14 22:57:29 2019	(r347587)
+++ releng/11.2/contrib/wpa/COPYING	Tue May 14 22:59:32 2019	(r347588)
@@ -1,7 +1,7 @@
 wpa_supplicant and hostapd
 --------------------------
 
-Copyright (c) 2002-2015, Jouni Malinen <j@w1.fi> and contributors
+Copyright (c) 2002-2019, Jouni Malinen <j@w1.fi> and contributors
 All Rights Reserved.
 
 

Modified: releng/11.2/contrib/wpa/README
==============================================================================
--- releng/11.2/contrib/wpa/README	Tue May 14 22:57:29 2019	(r347587)
+++ releng/11.2/contrib/wpa/README	Tue May 14 22:59:32 2019	(r347588)
@@ -1,7 +1,7 @@
 wpa_supplicant and hostapd
 --------------------------
 
-Copyright (c) 2002-2015, Jouni Malinen <j@w1.fi> and contributors
+Copyright (c) 2002-2019, Jouni Malinen <j@w1.fi> and contributors
 All Rights Reserved.
 
 These programs are licensed under the BSD license (the one with

Modified: releng/11.2/contrib/wpa/hostapd/ChangeLog
==============================================================================
--- releng/11.2/contrib/wpa/hostapd/ChangeLog	Tue May 14 22:57:29 2019	(r347587)
+++ releng/11.2/contrib/wpa/hostapd/ChangeLog	Tue May 14 22:59:32 2019	(r347588)
@@ -1,5 +1,188 @@
 ChangeLog for hostapd
 
+2019-04-21 - v2.8
+	* SAE changes
+	  - added support for SAE Password Identifier
+	  - changed default configuration to enable only group 19
+	    (i.e., disable groups 20, 21, 25, 26 from default configuration) and
+	    disable all unsuitable groups completely based on REVmd changes
+	  - improved anti-clogging token mechanism and SAE authentication
+	    frame processing during heavy CPU load; this mitigates some issues
+	    with potential DoS attacks trying to flood an AP with large number
+	    of SAE messages
+	  - added Finite Cyclic Group field in status code 77 responses
+	  - reject use of unsuitable groups based on new implementation guidance
+	    in REVmd (allow only FFC groups with prime >= 3072 bits and ECC
+	    groups with prime >= 256)
+	  - minimize timing and memory use differences in PWE derivation
+	    [https://w1.fi/security/2019-1/] (CVE-2019-9494)
+	  - fixed confirm message validation in error cases
+	    [https://w1.fi/security/2019-3/] (CVE-2019-9496)
+	* EAP-pwd changes
+	  - minimize timing and memory use differences in PWE derivation
+	    [https://w1.fi/security/2019-2/] (CVE-2019-9495)
+	  - verify peer scalar/element
+	    [https://w1.fi/security/2019-4/] (CVE-2019-9497 and CVE-2019-9498)
+	  - fix message reassembly issue with unexpected fragment
+	    [https://w1.fi/security/2019-5/]
+	  - enforce rand,mask generation rules more strictly
+	  - fix a memory leak in PWE derivation
+	  - disallow ECC groups with a prime under 256 bits (groups 25, 26, and
+	    27)
+	* Hotspot 2.0 changes
+	  - added support for release number 3
+	  - reject release 2 or newer association without PMF
+	* added support for RSN operating channel validation
+	  (CONFIG_OCV=y and configuration parameter ocv=1)
+	* added Multi-AP protocol support
+	* added FTM responder configuration
+	* fixed build with LibreSSL
+	* added FT/RRB workaround for short Ethernet frame padding
+	* fixed KEK2 derivation for FILS+FT
+	* added RSSI-based association rejection from OCE
+	* extended beacon reporting functionality
+	* VLAN changes
+	  - allow local VLAN management with remote RADIUS authentication
+	  - add WPA/WPA2 passphrase/PSK -based VLAN assignment
+	* OpenSSL: allow systemwide policies to be overridden
+	* extended PEAP to derive EMSK to enable use with ERP/FILS
+	* extended WPS to allow SAE configuration to be added automatically
+	  for PSK (wps_cred_add_sae=1)
+	* fixed FT and SA Query Action frame with AP-MLME-in-driver cases
+	* OWE: allow Diffie-Hellman Parameter element to be included with DPP
+	  in preparation for DPP protocol extension
+	* RADIUS server: started to accept ERP keyName-NAI as user identity
+	  automatically without matching EAP database entry
+	* fixed PTK rekeying with FILS and FT
+
+2018-12-02 - v2.7
+	* fixed WPA packet number reuse with replayed messages and key
+	  reinstallation
+	  [http://w1.fi/security/2017-1/] (CVE-2017-13082)
+	* added support for FILS (IEEE 802.11ai) shared key authentication
+	* added support for OWE (Opportunistic Wireless Encryption, RFC 8110;
+	  and transition mode defined by WFA)
+	* added support for DPP (Wi-Fi Device Provisioning Protocol)
+	* FT:
+	  - added local generation of PMK-R0/PMK-R1 for FT-PSK
+	    (ft_psk_generate_local=1)
+	  - replaced inter-AP protocol with a cleaner design that is more
+	    easily extensible; this breaks backward compatibility and requires
+	    all APs in the ESS to be updated at the same time to maintain FT
+	    functionality
+	  - added support for wildcard R0KH/R1KH
+	  - replaced r0_key_lifetime (minutes) parameter with
+	    ft_r0_key_lifetime (seconds)
+	  - fixed wpa_psk_file use for FT-PSK
+	  - fixed FT-SAE PMKID matching
+	  - added expiration to PMK-R0 and PMK-R1 cache
+	  - added IEEE VLAN support (including tagged VLANs)
+	  - added support for SHA384 based AKM
+	* SAE
+	  - fixed some PMKSA caching cases with SAE
+	  - added support for configuring SAE password separately of the
+	    WPA2 PSK/passphrase
+	  - added option to require MFP for SAE associations
+	    (sae_require_pmf=1)
+	  - fixed PTK and EAPOL-Key integrity and key-wrap algorithm selection
+	    for SAE;
+	    note: this is not backwards compatible, i.e., both the AP and
+	    station side implementations will need to be update at the same
+	    time to maintain interoperability
+	  - added support for Password Identifier
+	* hostapd_cli: added support for command history and completion
+	* added support for requesting beacon report
+	* large number of other fixes, cleanup, and extensions
+	* added option to configure EAPOL-Key retry limits
+	  (wpa_group_update_count and wpa_pairwise_update_count)
+	* removed all PeerKey functionality
+	* fixed nl80211 AP mode configuration regression with Linux 4.15 and
+	  newer
+	* added support for using wolfSSL cryptographic library
+	* fixed some 20/40 MHz coexistence cases where the BSS could drop to
+	  20 MHz even when 40 MHz would be allowed
+	* Hotspot 2.0
+	  - added support for setting Venue URL ANQP-element (venue_url)
+	  - added support for advertising Hotspot 2.0 operator icons
+	  - added support for Roaming Consortium Selection element
+	  - added support for Terms and Conditions
+	  - added support for OSEN connection in a shared RSN BSS
+	* added support for using OpenSSL 1.1.1
+	* added EAP-pwd server support for salted passwords
+
+2016-10-02 - v2.6
+	* fixed EAP-pwd last fragment validation
+	  [http://w1.fi/security/2015-7/] (CVE-2015-5314)
+	* fixed WPS configuration update vulnerability with malformed passphrase
+	  [http://w1.fi/security/2016-1/] (CVE-2016-4476)
+	* extended channel switch support for VHT bandwidth changes
+	* added support for configuring new ANQP-elements with
+	  anqp_elem=<InfoID>:<hexdump of payload>
+	* fixed Suite B 192-bit AKM to use proper PMK length
+	  (note: this makes old releases incompatible with the fixed behavior)
+	* added no_probe_resp_if_max_sta=1 parameter to disable Probe Response
+	  frame sending for not-associated STAs if max_num_sta limit has been
+	  reached
+	* added option (-S as command line argument) to request all interfaces
+	  to be started at the same time
+	* modified rts_threshold and fragm_threshold configuration parameters
+	  to allow -1 to be used to disable RTS/fragmentation
+	* EAP-pwd: added support for Brainpool Elliptic Curves
+	  (with OpenSSL 1.0.2 and newer)
+	* fixed EAPOL reauthentication after FT protocol run
+	* fixed FTIE generation for 4-way handshake after FT protocol run
+	* fixed and improved various FST operations
+	* TLS server
+	  - support SHA384 and SHA512 hashes
+	  - support TLS v1.2 signature algorithm with SHA384 and SHA512
+	  - support PKCS #5 v2.0 PBES2
+	  - support PKCS #5 with PKCS #12 style key decryption
+	  - minimal support for PKCS #12
+	  - support OCSP stapling (including ocsp_multi)
+	* added support for OpenSSL 1.1 API changes
+	  - drop support for OpenSSL 0.9.8
+	  - drop support for OpenSSL 1.0.0
+	* EAP-PEAP: support fast-connect crypto binding
+	* RADIUS
+	  - fix Called-Station-Id to not escape SSID
+	  - add Event-Timestamp to all Accounting-Request packets
+	  - add Acct-Session-Id to Accounting-On/Off
+	  - add Acct-Multi-Session-Id  ton Access-Request packets
+	  - add Service-Type (= Frames)
+	  - allow server to provide PSK instead of passphrase for WPA-PSK
+	    Tunnel_password case
+	  - update full message for interim accounting updates
+	  - add Acct-Delay-Time into Accounting messages
+	  - add require_message_authenticator configuration option to require
+	    CoA/Disconnect-Request packets to be authenticated
+	* started to postpone WNM-Notification frame sending by 100 ms so that
+	  the STA has some more time to configure the key before this frame is
+	  received after the 4-way handshake
+	* VHT: added interoperability workaround for 80+80 and 160 MHz channels
+	* extended VLAN support (per-STA vif, etc.)
+	* fixed PMKID derivation with SAE
+	* nl80211
+	  - added support for full station state operations
+	  - fix IEEE 802.1X/WEP EAP reauthentication and rekeying to use
+	    unencrypted EAPOL frames
+	* added initial MBO support; number of extensions to WNM BSS Transition
+	  Management
+	* added initial functionality for location related operations
+	* added assocresp_elements parameter to allow vendor specific elements
+	  to be added into (Re)Association Response frames
+	* improved Public Action frame addressing
+	  - use Address 3 = wildcard BSSID in GAS response if a query from an
+	    unassociated STA used that address
+	  - fix TX status processing for Address 3 = wildcard BSSID
+	  - add gas_address3 configuration parameter to control Address 3
+	    behavior
+	* added command line parameter -i to override interface parameter in
+	  hostapd.conf
+	* added command completion support to hostapd_cli
+	* added passive client taxonomy determination (CONFIG_TAXONOMY=y
+	  compile option and "SIGNATURE <addr>" control interface command)
+	* number of small fixes
+
 2015-09-27 - v2.5
 	* fixed WPS UPnP vulnerability with HTTP chunked transfer encoding
 	  [http://w1.fi/security/2015-2/] (CVE-2015-4141)

Modified: releng/11.2/contrib/wpa/hostapd/README
==============================================================================
--- releng/11.2/contrib/wpa/hostapd/README	Tue May 14 22:57:29 2019	(r347587)
+++ releng/11.2/contrib/wpa/hostapd/README	Tue May 14 22:59:32 2019	(r347588)
@@ -2,7 +2,7 @@ hostapd - user space IEEE 802.11 AP and IEEE 802.1X/WP
 	  Authenticator and RADIUS authentication server
 ================================================================
 
-Copyright (c) 2002-2015, Jouni Malinen <j@w1.fi> and contributors
+Copyright (c) 2002-2019, Jouni Malinen <j@w1.fi> and contributors
 All Rights Reserved.
 
 This program is licensed under the BSD license (the one with
@@ -70,7 +70,7 @@ Requirements
 Current hardware/software requirements:
 - drivers:
 	Host AP driver for Prism2/2.5/3.
-	(http://hostap.epitest.fi/)
+	(http://w1.fi/hostap-driver.html)
 	Please note that station firmware version needs to be 1.7.0 or newer
 	to work in WPA mode.
 
@@ -81,8 +81,7 @@ Current hardware/software requirements:
 	Any wired Ethernet driver for wired IEEE 802.1X authentication
 	(experimental code)
 
-	FreeBSD -current (with some kernel mods that have not yet been
-	committed when hostapd v0.3.0 was released)
+	FreeBSD -current
 	BSD net80211 layer (e.g., Atheros driver)
 
 
@@ -186,24 +185,14 @@ Authenticator and RADIUS encapsulation between the Aut
 the Authentication Server. Other than this, the functionality is similar
 to the case with the co-located Authentication Server.
 
-Authentication Server and Supplicant
-------------------------------------
+Authentication Server
+---------------------
 
 Any RADIUS server supporting EAP should be usable as an IEEE 802.1X
 Authentication Server with hostapd Authenticator. FreeRADIUS
 (http://www.freeradius.org/) has been successfully tested with hostapd
-Authenticator and both Xsupplicant (http://www.open1x.org) and Windows
-XP Supplicants. EAP/TLS was used with Xsupplicant and
-EAP/MD5-Challenge with Windows XP.
+Authenticator.
 
-http://www.missl.cs.umd.edu/wireless/eaptls/ has useful information
-about using EAP/TLS with FreeRADIUS and Xsupplicant (just replace
-Cisco access point with Host AP driver, hostapd daemon, and a Prism2
-card ;-). http://www.freeradius.org/doc/EAP-MD5.html has information
-about using EAP/MD5 with FreeRADIUS, including instructions for WinXP
-configuration. http://www.denobula.com/EAPTLS.pdf has a HOWTO on
-EAP/TLS use with WinXP Supplicant.
-
 Automatic WEP key configuration
 -------------------------------
 
@@ -243,16 +232,15 @@ networks that require some kind of security. Task grou
 of IEEE 802.11 working group (http://www.ieee802.org/11/) has worked
 to address the flaws of the base standard and has in practice
 completed its work in May 2004. The IEEE 802.11i amendment to the IEEE
-802.11 standard was approved in June 2004 and this amendment is likely
-to be published in July 2004.
+802.11 standard was approved in June 2004 and this amendment was
+published in July 2004.
 
 Wi-Fi Alliance (http://www.wi-fi.org/) used a draft version of the
 IEEE 802.11i work (draft 3.0) to define a subset of the security
 enhancements that can be implemented with existing wlan hardware. This
 is called Wi-Fi Protected Access<TM> (WPA). This has now become a
 mandatory component of interoperability testing and certification done
-by Wi-Fi Alliance. Wi-Fi provides information about WPA at its web
-site (http://www.wi-fi.org/OpenSection/protected_access.asp).
+by Wi-Fi Alliance.
 
 IEEE 802.11 standard defined wired equivalent privacy (WEP) algorithm
 for protecting wireless networks. WEP uses RC4 with 40-bit keys,

Added: releng/11.2/contrib/wpa/hostapd/README-MULTI-AP
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ releng/11.2/contrib/wpa/hostapd/README-MULTI-AP	Tue May 14 22:59:32 2019	(r347588)
@@ -0,0 +1,160 @@
+hostapd, wpa_supplicant and the Multi-AP Specification
+======================================================
+
+This document describes how hostapd and wpa_supplicant can be configured to
+support the Multi-AP Specification.
+
+Introduction to Multi-AP
+------------------------
+
+The Wi-Fi Alliance Multi-AP Specification is the technical specification for
+Wi-Fi CERTIFIED EasyMesh(TM) [1], the Wi-Fi Alliance® certification program for
+Multi-AP. It defines control protocols between Wi-Fi® access points (APs) to
+join them into a network with centralized control and operation. It is targeted
+only at routers (repeaters, gateways, ...), not at clients. Clients are not
+involved at all in the protocols.
+
+Most of the Multi-AP specification falls outside of the scope of
+hostapd/wpa_supplicant. hostapd/wpa_supplicant is only involved for the items
+summarized below. The rest of the protocol must be implemented by a separate
+daemon, e.g., prplMesh [2]. That daemon also needs to communicate with hostapd,
+e.g., to get a list of associated clients, but this can be done using the normal
+hostapd interfaces.
+
+hostapd/wpa_supplicant needs to be configured specifically to support:
+- the WPS onboarding process;
+- configuring backhaul links.
+
+The text below refers to "Multi-AP Specification v1.0" [3].
+
+
+Fronthaul and backhaul links
+----------------------------
+
+In a Multi-AP network, the central controller can configure the BSSs on the
+devices that are joined into the network. These are called fronthaul BSSs.
+From the point of view of hostapd, there is nothing special about these
+fronthaul BSSs.
+
+In addition to fronthaul BSSs, the controller can also configure backhaul
+links. A backhaul link is a link between two access point devices, giving
+internet access to access point devices that don't have a wired link. The
+Multi-AP specification doesn't dictate this, but typically the backhaul link
+will be bridged into a LAN together with (one of) the fronthaul BSS(s) and the
+wired Ethernet ports.
+
+A backhaul link must be treated specially by hostapd and wpa_supplicant. One
+side of the backhaul link is configured through the Multi-AP protocol as the
+"backhaul STA", i.e., the client side of the link. A backhaul STA is like any
+station and is handled appropriately by wpa_supplicant, but two additional
+features are required. It must send an additional information element in each
+(Re)Association Request frame ([3], section 5.2, paragraph 4). In addition, it
+must use 4-address mode for all frames sent over this link ([3], section 14).
+Therefore, wpa_supplicant must be configured explicitly as the backhaul STA
+role, by setting 'multi_ap_backhaul_sta=1' in the network configuration block
+or when configuring the network profile through the control interface. When
+'multi_ap_backhaul_sta=1', wpa_supplicant includes the Multi-AP IE in
+(Re)Association Request frame and verifies that it is included in the
+(Re)Association Response frame. If it is not, association fails. If it is,
+wpa_supplicant sets 4-address mode for this interface through a driver
+callback.
+
+The AP side of the backhaul link is called a "backhaul BSS". Such a BSS must
+be handled specially by hostapd, because it must add an additional information
+element in each (Re)Association Response frame, but only to stations that have
+identified themselves as backhaul stations ([3], section 5.2, paragraph 5-6).
+This is important because it is possible to use the same BSS and SSID for
+fronthaul and backhaul at the same time. The additional information element must
+only be used for frames sent to a backhaul STA, not to a normal STA. Also,
+frames sent to a backhaul STA must use 4-address mode, while frames sent to a
+normal STA (fronthaul, when it's a fronthaul and backhaul BSS) must use
+3-address mode.
+
+A BSS is configured in Multi-AP mode in hostapd by setting the 'multi_ap'
+configuration option to 1 (backhaul BSS), 2 (fronthaul BSS), or 3
+(simultaneous backhaul and fronthaul BSS). If this option is set, hostapd
+parses the Multi-AP information element in the Association Request frame. If the
+station is a backhaul STA and the BSS is configured as a backhaul BSS,
+hostapd sets up 4-address mode. Since there may be multiple stations connected
+simultaneously, and each of them has a different RA (receiver address), a VLAN
+is created for each backhaul STA and it is automatically added to a bridge.
+This is the same behavior as for WDS, and the relevant option ('bridge' or
+'wds_bridge') applies here as well.
+
+If 'multi_ap' is 1 (backhaul BSS only), any station that tries to associate
+without the Multi-AP information element will be denied.
+
+If 'multi_ap' is 2 (fronthaul BSS only), any station that tries to associate
+with the Multi-AP information element will be denied. That is also the only
+difference with 'multi_ap' set to 0: in the latter case, the Multi-AP
+information element is simply ignored.
+
+In summary, this is the end-to-end behavior for a backhaul BSS (i.e.,
+multi_ap_backhaul_sta=1 in wpa_supplicant on STA, and multi_ap=1 or 3 in
+hostapd on AP). Note that point 1 means that hostapd must not be configured
+with WPS support on the backhaul BSS (multi_ap=1). hostapd does not check for
+that.
+
+1. Backhaul BSS beacons do not advertise WPS support (other than that, nothing
+   Multi-AP specific).
+2. STA sends Authentication frame (nothing Multi-AP specific).
+3. AP sends Authentication frame (nothing Multi-AP specific).
+4. STA sends Association Request frame with Multi-AP IE.
+5. AP sends Association Response frame with Multi-AP IE.
+6. STA and AP both use 4-address mode for Data frames.
+
+
+WPS support
+-----------
+
+WPS requires more special handling. WPS must only be advertised on fronthaul
+BSSs, not on backhaul BSSs, so WPS should not be enabled on a backhaul-only
+BSS in hostapd.conf. The WPS configuration purely works on the fronthaul BSS.
+When a WPS M1 message has an additional subelement that indicates a request for
+a Multi-AP backhaul link, hostapd must not respond with the normal fronthaul
+BSS credentials; instead, it should respond with the (potentially different)
+backhaul BSS credentials.
+
+To support this, hostapd has the 'multi_ap_backhaul_ssid',
+'multi_ap_backhaul_wpa_psk' and 'multi_ap_backhaul_wpa_passphrase' options.
+When these are set on an BSS with WPS, they are used instead of the normal
+credentials when hostapd receives a WPS M1 message with the Multi-AP IE. Only
+WPA2-Personal is supported in the Multi-AP specification, so there is no need
+to specify authentication or encryption options. For the backhaul credentials,
+per-device PSK is not supported.
+
+If the BSS is a simultaneous backhaul and fronthaul BSS, there is no need to
+specify the backhaul credentials, since the backhaul and fronthaul credentials
+are identical.
+
+To enable the Multi-AP backhaul STA feature when it performs WPS, a new
+parameter has been introduced to the WPS_PBC control interface call. When this
+"multi_ap=1" option is set, it adds the Multi-AP backhaul subelement to the
+Association Request frame and the M1 message. It then configures the new network
+profile with 'multi_ap_backhaul_sta=1'. Note that this means that if the AP does
+not follow the Multi-AP specification, wpa_supplicant will fail to associate.
+
+In summary, this is the end-to-end behavior for WPS of a backhaul link (i.e.,
+multi_ap=1 option is given in the wps_pbc call on the STA side, and multi_ap=2
+and multi_ap_backhaul_ssid and either multi_ap_backhaul_wpa_psk or
+multi_ap_backhaul_wpa_passphrase are set to the credentials of a backhaul BSS
+in hostapd on Registrar AP).
+
+1. Fronthaul BSS Beacon frames advertise WPS support (nothing Multi-AP
+   specific).
+2. Enrollee sends Authentication frame (nothing Multi-AP specific).
+3. AP sends Authentication frame (nothing Multi-AP specific).
+4. Enrollee sends Association Request frame with Multi-AP IE.
+5. AP sends Association Response frame with Multi-AP IE.
+6. Enrollee sends M1 with additional Multi-AP subelement.
+7. AP sends M8 with backhaul instead of fronthaul credentials.
+8. Enrollee sends Deauthentication frame.
+
+
+References
+----------
+
+[1] https://www.wi-fi.org/discover-wi-fi/wi-fi-easymesh
+[2] https://github.com/prplfoundation/prplMesh
+[3] https://www.wi-fi.org/file/multi-ap-specification-v10
+    (requires registration)

Modified: releng/11.2/contrib/wpa/hostapd/config_file.c
==============================================================================
--- releng/11.2/contrib/wpa/hostapd/config_file.c	Tue May 14 22:57:29 2019	(r347587)
+++ releng/11.2/contrib/wpa/hostapd/config_file.c	Tue May 14 22:59:32 2019	(r347588)
@@ -1,6 +1,6 @@
 /*
  * hostapd / Configuration file parser
- * Copyright (c) 2003-2015, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2003-2018, Jouni Malinen <j@w1.fi>
  *
  * This software may be distributed under the terms of the BSD license.
  * See README for more details.
@@ -14,6 +14,8 @@
 #include "utils/common.h"
 #include "utils/uuid.h"
 #include "common/ieee802_11_defs.h"
+#include "crypto/sha256.h"
+#include "crypto/tls.h"
 #include "drivers/driver.h"
 #include "eap_server/eap.h"
 #include "radius/radius_client.h"
@@ -35,7 +37,7 @@ static int hostapd_config_read_vlan_file(struct hostap
 					 const char *fname)
 {
 	FILE *f;
-	char buf[128], *pos, *pos2;
+	char buf[128], *pos, *pos2, *pos3;
 	int line = 0, vlan_id;
 	struct hostapd_vlan *vlan;
 
@@ -80,7 +82,10 @@ static int hostapd_config_read_vlan_file(struct hostap
 		pos2 = pos;
 		while (*pos2 != ' ' && *pos2 != '\t' && *pos2 != '\0')
 			pos2++;
-		*pos2 = '\0';
+
+		if (*pos2 != '\0')
+			*(pos2++) = '\0';
+
 		if (*pos == '\0' || os_strlen(pos) > IFNAMSIZ) {
 			wpa_printf(MSG_ERROR, "Invalid VLAN ifname at line %d "
 				   "in '%s'", line, fname);
@@ -88,6 +93,13 @@ static int hostapd_config_read_vlan_file(struct hostap
 			return -1;
 		}
 
+		while (*pos2 == ' ' || *pos2 == '\t')
+			pos2++;
+		pos3 = pos2;
+		while (*pos3 != ' ' && *pos3 != '\t' && *pos3 != '\0')
+			pos3++;
+		*pos3 = '\0';
+
 		vlan = os_zalloc(sizeof(*vlan));
 		if (vlan == NULL) {
 			wpa_printf(MSG_ERROR, "Out of memory while reading "
@@ -97,7 +109,10 @@ static int hostapd_config_read_vlan_file(struct hostap
 		}
 
 		vlan->vlan_id = vlan_id;
+		vlan->vlan_desc.untagged = vlan_id;
+		vlan->vlan_desc.notempty = !!vlan_id;
 		os_strlcpy(vlan->ifname, pos, sizeof(vlan->ifname));
+		os_strlcpy(vlan->bridge, pos2, sizeof(vlan->bridge));
 		vlan->next = bss->vlan;
 		bss->vlan = vlan;
 	}
@@ -109,7 +124,7 @@ static int hostapd_config_read_vlan_file(struct hostap
 #endif /* CONFIG_NO_VLAN */
 
 
-static int hostapd_acl_comp(const void *a, const void *b)
+int hostapd_acl_comp(const void *a, const void *b)
 {
 	const struct mac_acl_entry *aa = a;
 	const struct mac_acl_entry *bb = b;
@@ -117,6 +132,44 @@ static int hostapd_acl_comp(const void *a, const void 
 }
 
 
+int hostapd_add_acl_maclist(struct mac_acl_entry **acl, int *num,
+			    int vlan_id, const u8 *addr)
+{
+	struct mac_acl_entry *newacl;
+
+	newacl = os_realloc_array(*acl, *num + 1, sizeof(**acl));
+	if (!newacl) {
+		wpa_printf(MSG_ERROR, "MAC list reallocation failed");
+		return -1;
+	}
+
+	*acl = newacl;
+	os_memcpy((*acl)[*num].addr, addr, ETH_ALEN);
+	os_memset(&(*acl)[*num].vlan_id, 0, sizeof((*acl)[*num].vlan_id));
+	(*acl)[*num].vlan_id.untagged = vlan_id;
+	(*acl)[*num].vlan_id.notempty = !!vlan_id;
+	(*num)++;
+
+	return 0;
+}
+
+
+void hostapd_remove_acl_mac(struct mac_acl_entry **acl, int *num,
+			    const u8 *addr)
+{
+	int i = 0;
+
+	while (i < *num) {
+		if (os_memcmp((*acl)[i].addr, addr, ETH_ALEN) == 0) {
+			os_remove_in_array(*acl, *num, sizeof(**acl), i);
+			(*num)--;
+		} else {
+			i++;
+		}
+	}
+}
+
+
 static int hostapd_config_read_maclist(const char *fname,
 				       struct mac_acl_entry **acl, int *num)
 {
@@ -124,12 +177,8 @@ static int hostapd_config_read_maclist(const char *fna
 	char buf[128], *pos;
 	int line = 0;
 	u8 addr[ETH_ALEN];
-	struct mac_acl_entry *newacl;
 	int vlan_id;
 
-	if (!fname)
-		return 0;
-
 	f = fopen(fname, "r");
 	if (!f) {
 		wpa_printf(MSG_ERROR, "MAC list file '%s' not found.", fname);
@@ -137,7 +186,7 @@ static int hostapd_config_read_maclist(const char *fna
 	}
 
 	while (fgets(buf, sizeof(buf), f)) {
-		int i, rem = 0;
+		int rem = 0;
 
 		line++;
 
@@ -167,16 +216,7 @@ static int hostapd_config_read_maclist(const char *fna
 		}
 
 		if (rem) {
-			i = 0;
-			while (i < *num) {
-				if (os_memcmp((*acl)[i].addr, addr, ETH_ALEN) ==
-				    0) {
-					os_remove_in_array(*acl, *num,
-							   sizeof(**acl), i);
-					(*num)--;
-				} else
-					i++;
-			}
+			hostapd_remove_acl_mac(acl, num, addr);
 			continue;
 		}
 		vlan_id = 0;
@@ -188,28 +228,78 @@ static int hostapd_config_read_maclist(const char *fna
 		if (*pos != '\0')
 			vlan_id = atoi(pos);
 
-		newacl = os_realloc_array(*acl, *num + 1, sizeof(**acl));
-		if (newacl == NULL) {
-			wpa_printf(MSG_ERROR, "MAC list reallocation failed");
+		if (hostapd_add_acl_maclist(acl, num, vlan_id, addr) < 0) {
 			fclose(f);
 			return -1;
 		}
-
-		*acl = newacl;
-		os_memcpy((*acl)[*num].addr, addr, ETH_ALEN);
-		(*acl)[*num].vlan_id = vlan_id;
-		(*num)++;
 	}
 
 	fclose(f);
 
-	qsort(*acl, *num, sizeof(**acl), hostapd_acl_comp);
+	if (*acl)
+		qsort(*acl, *num, sizeof(**acl), hostapd_acl_comp);
 
 	return 0;
 }
 
 
 #ifdef EAP_SERVER
+
+static int hostapd_config_eap_user_salted(struct hostapd_eap_user *user,
+					  const char *hash, size_t len,
+					  char **pos, int line,
+					  const char *fname)
+{
+	char *pos2 = *pos;
+
+	while (*pos2 != '\0' && *pos2 != ' ' && *pos2 != '\t' && *pos2 != '#')
+		pos2++;
+
+	if (pos2 - *pos < (int) (2 * (len + 1))) { /* at least 1 byte of salt */
+		wpa_printf(MSG_ERROR,
+			   "Invalid salted %s hash on line %d in '%s'",
+			   hash, line, fname);
+		return -1;
+	}
+
+	user->password = os_malloc(len);
+	if (!user->password) {
+		wpa_printf(MSG_ERROR,
+			   "Failed to allocate memory for salted %s hash",
+			   hash);
+		return -1;
+	}
+
+	if (hexstr2bin(*pos, user->password, len) < 0) {
+		wpa_printf(MSG_ERROR,
+			   "Invalid salted password on line %d in '%s'",
+			   line, fname);
+		return -1;
+	}
+	user->password_len = len;
+	*pos += 2 * len;
+
+	user->salt_len = (pos2 - *pos) / 2;
+	user->salt = os_malloc(user->salt_len);
+	if (!user->salt) {
+		wpa_printf(MSG_ERROR,
+			   "Failed to allocate memory for salted %s hash",
+			   hash);
+		return -1;
+	}
+
+	if (hexstr2bin(*pos, user->salt, user->salt_len) < 0) {
+		wpa_printf(MSG_ERROR,
+			   "Invalid salt for password on line %d in '%s'",
+			   line, fname);
+		return -1;
+	}
+
+	*pos = pos2;
+	return 0;
+}
+
+
 static int hostapd_config_read_eap_user(const char *fname,
 					struct hostapd_bss_config *conf)
 {
@@ -218,9 +308,6 @@ static int hostapd_config_read_eap_user(const char *fn
 	int line = 0, ret = 0, num_methods;
 	struct hostapd_eap_user *user = NULL, *tail = NULL, *new_user = NULL;
 
-	if (!fname)
-		return 0;
-
 	if (os_strncmp(fname, "sqlite:", 7) == 0) {
 #ifdef CONFIG_SQLITE
 		os_free(conf->eap_user_sqlite);
@@ -307,13 +394,12 @@ static int hostapd_config_read_eap_user(const char *fn
 				goto failed;
 			}
 
-			user->identity = os_malloc(pos - start);
+			user->identity = os_memdup(start, pos - start);
 			if (user->identity == NULL) {
 				wpa_printf(MSG_ERROR, "Failed to allocate "
 					   "memory for EAP identity");
 				goto failed;
 			}
-			os_memcpy(user->identity, start, pos - start);
 			user->identity_len = pos - start;
 
 			if (pos[0] == '"' && pos[1] == '*') {
@@ -431,13 +517,12 @@ static int hostapd_config_read_eap_user(const char *fn
 				goto failed;
 			}
 
-			user->password = os_malloc(pos - start);
+			user->password = os_memdup(start, pos - start);
 			if (user->password == NULL) {
 				wpa_printf(MSG_ERROR, "Failed to allocate "
 					   "memory for EAP password");
 				goto failed;
 			}
-			os_memcpy(user->password, start, pos - start);
 			user->password_len = pos - start;
 
 			pos++;
@@ -466,6 +551,24 @@ static int hostapd_config_read_eap_user(const char *fn
 			user->password_len = 16;
 			user->password_hash = 1;
 			pos = pos2;
+		} else if (os_strncmp(pos, "ssha1:", 6) == 0) {
+			pos += 6;
+			if (hostapd_config_eap_user_salted(user, "sha1", 20,
+							   &pos,
+							   line, fname) < 0)
+				goto failed;
+		} else if (os_strncmp(pos, "ssha256:", 8) == 0) {
+			pos += 8;
+			if (hostapd_config_eap_user_salted(user, "sha256", 32,
+							   &pos,
+							   line, fname) < 0)
+				goto failed;
+		} else if (os_strncmp(pos, "ssha512:", 8) == 0) {
+			pos += 8;
+			if (hostapd_config_eap_user_salted(user, "sha512", 64,
+							   &pos,
+							   line, fname) < 0)
+				goto failed;
 		} else {
 			pos2 = pos;
 			while (*pos2 != '\0' && *pos2 != ' ' &&
@@ -517,19 +620,15 @@ static int hostapd_config_read_eap_user(const char *fn
 	fclose(f);
 
 	if (ret == 0) {
-		user = conf->eap_user;
-		while (user) {
-			struct hostapd_eap_user *prev;
-
-			prev = user;
-			user = user->next;
-			hostapd_config_free_eap_user(prev);
-		}
+		hostapd_config_free_eap_users(conf->eap_user);
 		conf->eap_user = new_user;
+	} else {
+		hostapd_config_free_eap_users(new_user);
 	}
 
 	return ret;
 }
+
 #endif /* EAP_SERVER */
 
 
@@ -631,8 +730,7 @@ hostapd_parse_radius_attr(const char *value)
 }
 
 
-static int hostapd_parse_das_client(struct hostapd_bss_config *bss,
-				    const char *val)
+static int hostapd_parse_das_client(struct hostapd_bss_config *bss, char *val)
 {
 	char *secret;
 
@@ -640,7 +738,7 @@ static int hostapd_parse_das_client(struct hostapd_bss
 	if (secret == NULL)
 		return -1;
 
-	secret++;
+	*secret++ = '\0';
 
 	if (hostapd_parse_ip_addr(val, &bss->radius_das_client_addr))
 		return -1;
@@ -680,12 +778,16 @@ static int hostapd_config_parse_key_mgmt(int line, con
 			val |= WPA_KEY_MGMT_PSK;
 		else if (os_strcmp(start, "WPA-EAP") == 0)
 			val |= WPA_KEY_MGMT_IEEE8021X;
-#ifdef CONFIG_IEEE80211R
+#ifdef CONFIG_IEEE80211R_AP
 		else if (os_strcmp(start, "FT-PSK") == 0)
 			val |= WPA_KEY_MGMT_FT_PSK;
 		else if (os_strcmp(start, "FT-EAP") == 0)
 			val |= WPA_KEY_MGMT_FT_IEEE8021X;
-#endif /* CONFIG_IEEE80211R */
+#ifdef CONFIG_SHA384
+		else if (os_strcmp(start, "FT-EAP-SHA384") == 0)
+			val |= WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
+#endif /* CONFIG_SHA384 */
+#endif /* CONFIG_IEEE80211R_AP */
 #ifdef CONFIG_IEEE80211W
 		else if (os_strcmp(start, "WPA-PSK-SHA256") == 0)
 			val |= WPA_KEY_MGMT_PSK_SHA256;
@@ -706,6 +808,30 @@ static int hostapd_config_parse_key_mgmt(int line, con
 		else if (os_strcmp(start, "WPA-EAP-SUITE-B-192") == 0)
 			val |= WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
 #endif /* CONFIG_SUITEB192 */
+#ifdef CONFIG_FILS
+		else if (os_strcmp(start, "FILS-SHA256") == 0)
+			val |= WPA_KEY_MGMT_FILS_SHA256;
+		else if (os_strcmp(start, "FILS-SHA384") == 0)
+			val |= WPA_KEY_MGMT_FILS_SHA384;
+#ifdef CONFIG_IEEE80211R_AP
+		else if (os_strcmp(start, "FT-FILS-SHA256") == 0)
+			val |= WPA_KEY_MGMT_FT_FILS_SHA256;
+		else if (os_strcmp(start, "FT-FILS-SHA384") == 0)
+			val |= WPA_KEY_MGMT_FT_FILS_SHA384;
+#endif /* CONFIG_IEEE80211R_AP */
+#endif /* CONFIG_FILS */
+#ifdef CONFIG_OWE
+		else if (os_strcmp(start, "OWE") == 0)
+			val |= WPA_KEY_MGMT_OWE;
+#endif /* CONFIG_OWE */
+#ifdef CONFIG_DPP
+		else if (os_strcmp(start, "DPP") == 0)
+			val |= WPA_KEY_MGMT_DPP;
+#endif /* CONFIG_DPP */
+#ifdef CONFIG_HS20
+		else if (os_strcmp(start, "OSEN") == 0)
+			val |= WPA_KEY_MGMT_OSEN;
+#endif /* CONFIG_HS20 */
 		else {
 			wpa_printf(MSG_ERROR, "Line %d: invalid key_mgmt '%s'",
 				   line, start);
@@ -751,17 +877,34 @@ static int hostapd_config_read_wep(struct hostapd_wep_
 {
 	size_t len = os_strlen(val);
 
-	if (keyidx < 0 || keyidx > 3 || wep->key[keyidx] != NULL)
+	if (keyidx < 0 || keyidx > 3)
 		return -1;
 
+	if (len == 0) {
+		int i, set = 0;
+
+		bin_clear_free(wep->key[keyidx], wep->len[keyidx]);
+		wep->key[keyidx] = NULL;
+		wep->len[keyidx] = 0;
+		for (i = 0; i < NUM_WEP_KEYS; i++) {
+			if (wep->key[i])
+				set++;
+		}
+		if (!set)
+			wep->keys_set = 0;
+		return 0;
+	}
+
+	if (wep->key[keyidx] != NULL)
+		return -1;
+
 	if (val[0] == '"') {
 		if (len < 2 || val[len - 1] != '"')
 			return -1;
 		len -= 2;
-		wep->key[keyidx] = os_malloc(len);
+		wep->key[keyidx] = os_memdup(val + 1, len);
 		if (wep->key[keyidx] == NULL)
 			return -1;
-		os_memcpy(wep->key[keyidx], val + 1, len);
 		wep->len[keyidx] = len;
 	} else {
 		if (len & 1)
@@ -974,7 +1117,27 @@ static int hostapd_config_tx_queue(struct hostapd_conf
 }
 
 
-#ifdef CONFIG_IEEE80211R
+#ifdef CONFIG_IEEE80211R_AP
+
+static int rkh_derive_key(const char *pos, u8 *key, size_t key_len)
+{
+	u8 oldkey[16];
+	int ret;
+
+	if (!hexstr2bin(pos, key, key_len))
+		return 0;
+
+	/* Try to use old short key for backwards compatibility */
+	if (hexstr2bin(pos, oldkey, sizeof(oldkey)))
+		return -1;
+
+	ret = hmac_sha256_kdf(oldkey, sizeof(oldkey), "FT OLDKEY", NULL, 0,
+			      key, key_len);
+	os_memset(oldkey, 0, sizeof(oldkey));
+	return ret;
+}
+
+
 static int add_r0kh(struct hostapd_bss_config *bss, char *value)
 {
 	struct ft_remote_r0kh *r0kh;
@@ -1008,7 +1171,7 @@ static int add_r0kh(struct hostapd_bss_config *bss, ch
 	os_memcpy(r0kh->id, pos, r0kh->id_len);
 
 	pos = next;
-	if (hexstr2bin(pos, r0kh->key, sizeof(r0kh->key))) {
+	if (rkh_derive_key(pos, r0kh->key, sizeof(r0kh->key)) < 0) {
 		wpa_printf(MSG_ERROR, "Invalid R0KH key: '%s'", pos);
 		os_free(r0kh);
 		return -1;
@@ -1053,7 +1216,7 @@ static int add_r1kh(struct hostapd_bss_config *bss, ch
 	}
 
 	pos = next;
-	if (hexstr2bin(pos, r1kh->key, sizeof(r1kh->key))) {
+	if (rkh_derive_key(pos, r1kh->key, sizeof(r1kh->key)) < 0) {
 		wpa_printf(MSG_ERROR, "Invalid R1KH key: '%s'", pos);
 		os_free(r1kh);
 		return -1;
@@ -1064,7 +1227,7 @@ static int add_r1kh(struct hostapd_bss_config *bss, ch
 
 	return 0;
 }
-#endif /* CONFIG_IEEE80211R */
+#endif /* CONFIG_IEEE80211R_AP */
 
 
 #ifdef CONFIG_IEEE80211N
@@ -1081,6 +1244,12 @@ static int hostapd_config_ht_capab(struct hostapd_conf

*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***

From owner-svn-src-releng@freebsd.org  Tue May 14 23:05:18 2019
Return-Path: <owner-svn-src-releng@freebsd.org>
Delivered-To: svn-src-releng@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 47FB1159BA9F;
 Tue, 14 May 2019 23:05:18 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id E35AB89038;
 Tue, 14 May 2019 23:05:17 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id D13B627B38;
 Tue, 14 May 2019 23:05:17 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x4EN5Hdp053367;
 Tue, 14 May 2019 23:05:17 GMT (envelope-from gordon@FreeBSD.org)
Received: (from gordon@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id x4EN2v8u053243;
 Tue, 14 May 2019 23:02:57 GMT (envelope-from gordon@FreeBSD.org)
Message-Id: <201905142302.x4EN2v8u053243@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: gordon set sender to
 gordon@FreeBSD.org using -f
From: Gordon Tetlow <gordon@FreeBSD.org>
Date: Tue, 14 May 2019 23:02:57 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-releng@freebsd.org
Subject: svn commit: r347589 - in releng/12.0: contrib/ntp
 contrib/ntp/adjtimed contrib/ntp/clockstuff contrib/ntp/include
 contrib/ntp/include/isc contrib/ntp/kernel contrib/ntp/kernel/sys
 contrib/ntp/libnt...
X-SVN-Group: releng
X-SVN-Commit-Author: gordon
X-SVN-Commit-Paths: in releng/12.0: contrib/ntp contrib/ntp/adjtimed
 contrib/ntp/clockstuff contrib/ntp/include contrib/ntp/include/isc
 contrib/ntp/kernel contrib/ntp/kernel/sys contrib/ntp/libntp
 contrib/ntp/libparse co...
X-SVN-Commit-Revision: 347589
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: E35AB89038
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.97 / 15.00];
 local_wl_from(0.00)[FreeBSD.org];
 NEURAL_HAM_MEDIUM(-1.00)[-0.997,0];
 NEURAL_HAM_SHORT(-0.98)[-0.976,0];
 ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US];
 NEURAL_HAM_LONG(-1.00)[-1.000,0]
X-BeenThere: svn-src-releng@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the release engineering / security commits to
 the src tree <svn-src-releng.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-releng>, 
 <mailto:svn-src-releng-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-releng/>
List-Post: <mailto:svn-src-releng@freebsd.org>
List-Help: <mailto:svn-src-releng-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-releng>,
 <mailto:svn-src-releng-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 14 May 2019 23:05:18 -0000

Author: gordon
Date: Tue May 14 23:02:56 2019
New Revision: 347589
URL: https://svnweb.freebsd.org/changeset/base/347589

Log:
  Update ntpd to 4.2.8p13 to fix authenticated denial of service.
  
  Approved by:	so
  Security:	FreeBSD-SA-19:04.ntp
  Security:	CVE-2019-8936

Added:
  releng/12.0/contrib/ntp/libntp/xsbprintf.c
Modified:
  releng/12.0/contrib/ntp/COPYRIGHT
  releng/12.0/contrib/ntp/ChangeLog
  releng/12.0/contrib/ntp/CommitLog
  releng/12.0/contrib/ntp/Makefile.in
  releng/12.0/contrib/ntp/NEWS
  releng/12.0/contrib/ntp/aclocal.m4
  releng/12.0/contrib/ntp/adjtimed/Makefile.in
  releng/12.0/contrib/ntp/build
  releng/12.0/contrib/ntp/clockstuff/Makefile.in
  releng/12.0/contrib/ntp/config.h.in
  releng/12.0/contrib/ntp/configure
  releng/12.0/contrib/ntp/configure.ac
  releng/12.0/contrib/ntp/include/Makefile.in
  releng/12.0/contrib/ntp/include/isc/Makefile.in
  releng/12.0/contrib/ntp/include/ntp_calendar.h
  releng/12.0/contrib/ntp/include/ntp_stdlib.h
  releng/12.0/contrib/ntp/include/ntpd.h
  releng/12.0/contrib/ntp/include/parse.h
  releng/12.0/contrib/ntp/kernel/Makefile.in
  releng/12.0/contrib/ntp/kernel/sys/Makefile.in
  releng/12.0/contrib/ntp/libntp/Makefile.am
  releng/12.0/contrib/ntp/libntp/Makefile.in
  releng/12.0/contrib/ntp/libntp/authreadkeys.c
  releng/12.0/contrib/ntp/libntp/calyearstart.c
  releng/12.0/contrib/ntp/libntp/ntp_calendar.c
  releng/12.0/contrib/ntp/libntp/work_fork.c
  releng/12.0/contrib/ntp/libparse/Makefile.in
  releng/12.0/contrib/ntp/libparse/clk_trimtsip.c
  releng/12.0/contrib/ntp/libparse/gpstolfp.c
  releng/12.0/contrib/ntp/ntpd/Makefile.in
  releng/12.0/contrib/ntp/ntpd/invoke-ntp.conf.texi
  releng/12.0/contrib/ntp/ntpd/invoke-ntp.keys.texi
  releng/12.0/contrib/ntp/ntpd/invoke-ntpd.texi
  releng/12.0/contrib/ntp/ntpd/ntp.conf.5man
  releng/12.0/contrib/ntp/ntpd/ntp.conf.5mdoc
  releng/12.0/contrib/ntp/ntpd/ntp.conf.html
  releng/12.0/contrib/ntp/ntpd/ntp.conf.man.in
  releng/12.0/contrib/ntp/ntpd/ntp.conf.mdoc.in
  releng/12.0/contrib/ntp/ntpd/ntp.keys.5man
  releng/12.0/contrib/ntp/ntpd/ntp.keys.5mdoc
  releng/12.0/contrib/ntp/ntpd/ntp.keys.html
  releng/12.0/contrib/ntp/ntpd/ntp.keys.man.in
  releng/12.0/contrib/ntp/ntpd/ntp.keys.mdoc.in
  releng/12.0/contrib/ntp/ntpd/ntp_config.c
  releng/12.0/contrib/ntp/ntpd/ntp_control.c
  releng/12.0/contrib/ntp/ntpd/ntp_crypto.c
  releng/12.0/contrib/ntp/ntpd/ntp_loopfilter.c
  releng/12.0/contrib/ntp/ntpd/ntp_proto.c
  releng/12.0/contrib/ntp/ntpd/ntp_request.c
  releng/12.0/contrib/ntp/ntpd/ntp_timer.c
  releng/12.0/contrib/ntp/ntpd/ntpd-opts.c
  releng/12.0/contrib/ntp/ntpd/ntpd-opts.h
  releng/12.0/contrib/ntp/ntpd/ntpd.1ntpdman
  releng/12.0/contrib/ntp/ntpd/ntpd.1ntpdmdoc
  releng/12.0/contrib/ntp/ntpd/ntpd.c
  releng/12.0/contrib/ntp/ntpd/ntpd.html
  releng/12.0/contrib/ntp/ntpd/ntpd.man.in
  releng/12.0/contrib/ntp/ntpd/ntpd.mdoc.in
  releng/12.0/contrib/ntp/ntpd/refclock_bancomm.c
  releng/12.0/contrib/ntp/ntpd/refclock_jupiter.c
  releng/12.0/contrib/ntp/ntpd/refclock_parse.c
  releng/12.0/contrib/ntp/ntpdate/Makefile.in
  releng/12.0/contrib/ntp/ntpdate/ntpdate.c
  releng/12.0/contrib/ntp/ntpdc/Makefile.in
  releng/12.0/contrib/ntp/ntpdc/invoke-ntpdc.texi
  releng/12.0/contrib/ntp/ntpdc/nl.pl
  releng/12.0/contrib/ntp/ntpdc/ntpdc-opts.c
  releng/12.0/contrib/ntp/ntpdc/ntpdc-opts.h
  releng/12.0/contrib/ntp/ntpdc/ntpdc.1ntpdcman
  releng/12.0/contrib/ntp/ntpdc/ntpdc.1ntpdcmdoc
  releng/12.0/contrib/ntp/ntpdc/ntpdc.html
  releng/12.0/contrib/ntp/ntpdc/ntpdc.man.in
  releng/12.0/contrib/ntp/ntpdc/ntpdc.mdoc.in
  releng/12.0/contrib/ntp/ntpdc/ntpdc_ops.c
  releng/12.0/contrib/ntp/ntpq/Makefile.in
  releng/12.0/contrib/ntp/ntpq/invoke-ntpq.texi
  releng/12.0/contrib/ntp/ntpq/ntpq-opts.c
  releng/12.0/contrib/ntp/ntpq/ntpq-opts.h
  releng/12.0/contrib/ntp/ntpq/ntpq.1ntpqman
  releng/12.0/contrib/ntp/ntpq/ntpq.1ntpqmdoc
  releng/12.0/contrib/ntp/ntpq/ntpq.html
  releng/12.0/contrib/ntp/ntpq/ntpq.man.in
  releng/12.0/contrib/ntp/ntpq/ntpq.mdoc.in
  releng/12.0/contrib/ntp/ntpsnmpd/Makefile.in
  releng/12.0/contrib/ntp/ntpsnmpd/invoke-ntpsnmpd.texi
  releng/12.0/contrib/ntp/ntpsnmpd/ntpsnmpd-opts.c
  releng/12.0/contrib/ntp/ntpsnmpd/ntpsnmpd-opts.h
  releng/12.0/contrib/ntp/ntpsnmpd/ntpsnmpd.1ntpsnmpdman
  releng/12.0/contrib/ntp/ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc
  releng/12.0/contrib/ntp/ntpsnmpd/ntpsnmpd.html
  releng/12.0/contrib/ntp/ntpsnmpd/ntpsnmpd.man.in
  releng/12.0/contrib/ntp/ntpsnmpd/ntpsnmpd.mdoc.in
  releng/12.0/contrib/ntp/packageinfo.sh
  releng/12.0/contrib/ntp/parseutil/Makefile.in
  releng/12.0/contrib/ntp/scripts/Makefile.in
  releng/12.0/contrib/ntp/scripts/build/Makefile.in
  releng/12.0/contrib/ntp/scripts/build/check--help
  releng/12.0/contrib/ntp/scripts/calc_tickadj/Makefile.in
  releng/12.0/contrib/ntp/scripts/calc_tickadj/calc_tickadj.1calc_tickadjman
  releng/12.0/contrib/ntp/scripts/calc_tickadj/calc_tickadj.1calc_tickadjmdoc
  releng/12.0/contrib/ntp/scripts/calc_tickadj/calc_tickadj.html
  releng/12.0/contrib/ntp/scripts/calc_tickadj/calc_tickadj.man.in
  releng/12.0/contrib/ntp/scripts/calc_tickadj/calc_tickadj.mdoc.in
  releng/12.0/contrib/ntp/scripts/calc_tickadj/invoke-calc_tickadj.texi
  releng/12.0/contrib/ntp/scripts/invoke-plot_summary.texi
  releng/12.0/contrib/ntp/scripts/invoke-summary.texi
  releng/12.0/contrib/ntp/scripts/lib/Makefile.in
  releng/12.0/contrib/ntp/scripts/ntp-wait/Makefile.in
  releng/12.0/contrib/ntp/scripts/ntp-wait/invoke-ntp-wait.texi
  releng/12.0/contrib/ntp/scripts/ntp-wait/ntp-wait-opts
  releng/12.0/contrib/ntp/scripts/ntp-wait/ntp-wait.1ntp-waitman
  releng/12.0/contrib/ntp/scripts/ntp-wait/ntp-wait.1ntp-waitmdoc
  releng/12.0/contrib/ntp/scripts/ntp-wait/ntp-wait.html
  releng/12.0/contrib/ntp/scripts/ntp-wait/ntp-wait.man.in
  releng/12.0/contrib/ntp/scripts/ntp-wait/ntp-wait.mdoc.in
  releng/12.0/contrib/ntp/scripts/ntpsweep/Makefile.in
  releng/12.0/contrib/ntp/scripts/ntpsweep/invoke-ntpsweep.texi
  releng/12.0/contrib/ntp/scripts/ntpsweep/ntpsweep-opts
  releng/12.0/contrib/ntp/scripts/ntpsweep/ntpsweep.1ntpsweepman
  releng/12.0/contrib/ntp/scripts/ntpsweep/ntpsweep.1ntpsweepmdoc
  releng/12.0/contrib/ntp/scripts/ntpsweep/ntpsweep.html
  releng/12.0/contrib/ntp/scripts/ntpsweep/ntpsweep.man.in
  releng/12.0/contrib/ntp/scripts/ntpsweep/ntpsweep.mdoc.in
  releng/12.0/contrib/ntp/scripts/ntptrace/Makefile.in
  releng/12.0/contrib/ntp/scripts/ntptrace/invoke-ntptrace.texi
  releng/12.0/contrib/ntp/scripts/ntptrace/ntptrace-opts
  releng/12.0/contrib/ntp/scripts/ntptrace/ntptrace.1ntptraceman
  releng/12.0/contrib/ntp/scripts/ntptrace/ntptrace.1ntptracemdoc
  releng/12.0/contrib/ntp/scripts/ntptrace/ntptrace.html
  releng/12.0/contrib/ntp/scripts/ntptrace/ntptrace.man.in
  releng/12.0/contrib/ntp/scripts/ntptrace/ntptrace.mdoc.in
  releng/12.0/contrib/ntp/scripts/plot_summary-opts
  releng/12.0/contrib/ntp/scripts/plot_summary.1plot_summaryman
  releng/12.0/contrib/ntp/scripts/plot_summary.1plot_summarymdoc
  releng/12.0/contrib/ntp/scripts/plot_summary.html
  releng/12.0/contrib/ntp/scripts/plot_summary.man.in
  releng/12.0/contrib/ntp/scripts/plot_summary.mdoc.in
  releng/12.0/contrib/ntp/scripts/summary-opts
  releng/12.0/contrib/ntp/scripts/summary.1summaryman
  releng/12.0/contrib/ntp/scripts/summary.1summarymdoc
  releng/12.0/contrib/ntp/scripts/summary.html
  releng/12.0/contrib/ntp/scripts/summary.man.in
  releng/12.0/contrib/ntp/scripts/summary.mdoc.in
  releng/12.0/contrib/ntp/scripts/update-leap/Makefile.in
  releng/12.0/contrib/ntp/scripts/update-leap/invoke-update-leap.texi
  releng/12.0/contrib/ntp/scripts/update-leap/update-leap-opts
  releng/12.0/contrib/ntp/scripts/update-leap/update-leap.1update-leapman
  releng/12.0/contrib/ntp/scripts/update-leap/update-leap.1update-leapmdoc
  releng/12.0/contrib/ntp/scripts/update-leap/update-leap.html
  releng/12.0/contrib/ntp/scripts/update-leap/update-leap.man.in
  releng/12.0/contrib/ntp/scripts/update-leap/update-leap.mdoc.in
  releng/12.0/contrib/ntp/sntp/COPYRIGHT
  releng/12.0/contrib/ntp/sntp/Makefile.in
  releng/12.0/contrib/ntp/sntp/aclocal.m4
  releng/12.0/contrib/ntp/sntp/config.h.in
  releng/12.0/contrib/ntp/sntp/configure
  releng/12.0/contrib/ntp/sntp/include/Makefile.in
  releng/12.0/contrib/ntp/sntp/include/version.def
  releng/12.0/contrib/ntp/sntp/include/version.texi
  releng/12.0/contrib/ntp/sntp/invoke-sntp.texi
  releng/12.0/contrib/ntp/sntp/libevent/Makefile.in
  releng/12.0/contrib/ntp/sntp/libevent/aclocal.m4
  releng/12.0/contrib/ntp/sntp/libevent/build-aux/ar-lib
  releng/12.0/contrib/ntp/sntp/libevent/build-aux/compile
  releng/12.0/contrib/ntp/sntp/libevent/build-aux/config.guess
  releng/12.0/contrib/ntp/sntp/libevent/build-aux/config.sub
  releng/12.0/contrib/ntp/sntp/libevent/build-aux/depcomp
  releng/12.0/contrib/ntp/sntp/libevent/build-aux/install-sh
  releng/12.0/contrib/ntp/sntp/libevent/build-aux/missing
  releng/12.0/contrib/ntp/sntp/libevent/build-aux/test-driver
  releng/12.0/contrib/ntp/sntp/libevent/build-aux/ylwrap
  releng/12.0/contrib/ntp/sntp/libevent/config.h.in
  releng/12.0/contrib/ntp/sntp/libevent/configure
  releng/12.0/contrib/ntp/sntp/libevent/evconfig-private.h
  releng/12.0/contrib/ntp/sntp/libevent/test/regress.gen.c
  releng/12.0/contrib/ntp/sntp/libevent/test/regress.gen.h
  releng/12.0/contrib/ntp/sntp/libopts/Makefile.in
  releng/12.0/contrib/ntp/sntp/libopts/autoopts/options.h
  releng/12.0/contrib/ntp/sntp/libopts/genshell.h
  releng/12.0/contrib/ntp/sntp/m4/ntp_libntp.m4
  releng/12.0/contrib/ntp/sntp/m4/version.m4
  releng/12.0/contrib/ntp/sntp/main.c
  releng/12.0/contrib/ntp/sntp/networking.c
  releng/12.0/contrib/ntp/sntp/scm-rev
  releng/12.0/contrib/ntp/sntp/scripts/Makefile.in
  releng/12.0/contrib/ntp/sntp/sntp-opts.c
  releng/12.0/contrib/ntp/sntp/sntp-opts.h
  releng/12.0/contrib/ntp/sntp/sntp.1sntpman
  releng/12.0/contrib/ntp/sntp/sntp.1sntpmdoc
  releng/12.0/contrib/ntp/sntp/sntp.html
  releng/12.0/contrib/ntp/sntp/sntp.man.in
  releng/12.0/contrib/ntp/sntp/sntp.mdoc.in
  releng/12.0/contrib/ntp/sntp/tests/Makefile.in
  releng/12.0/contrib/ntp/sntp/unity/Makefile.in
  releng/12.0/contrib/ntp/sntp/version.c
  releng/12.0/contrib/ntp/util/Makefile.in
  releng/12.0/contrib/ntp/util/invoke-ntp-keygen.texi
  releng/12.0/contrib/ntp/util/ntp-keygen-opts.c
  releng/12.0/contrib/ntp/util/ntp-keygen-opts.h
  releng/12.0/contrib/ntp/util/ntp-keygen.1ntp-keygenman
  releng/12.0/contrib/ntp/util/ntp-keygen.1ntp-keygenmdoc
  releng/12.0/contrib/ntp/util/ntp-keygen.html
  releng/12.0/contrib/ntp/util/ntp-keygen.man.in
  releng/12.0/contrib/ntp/util/ntp-keygen.mdoc.in
  releng/12.0/contrib/ntp/util/ntptime.c
  releng/12.0/usr.sbin/ntp/libntp/Makefile

Modified: releng/12.0/contrib/ntp/COPYRIGHT
==============================================================================
--- releng/12.0/contrib/ntp/COPYRIGHT	Tue May 14 22:59:32 2019	(r347588)
+++ releng/12.0/contrib/ntp/COPYRIGHT	Tue May 14 23:02:56 2019	(r347589)
@@ -1,16 +1,15 @@
 This file is automatically generated from html/copyright.html
-
   Copyright Notice
-  
+
    jpg "Clone me," says Dolly sheepishly.
-   
+
    Last update: 2-Jan-2017 11:58 UTC
-     _________________________________________________________________
-   
-   The following copyright notice applies to all files collectively
-   called the Network Time Protocol Version 4 Distribution. Unless
-   specifically declared otherwise in an individual file, this entire
-   notice applies as if the text was explicitly included in the file.
+     __________________________________________________________________
+
+   The following copyright notice applies to all files collectively called
+   the Network Time Protocol Version 4 Distribution. Unless specifically
+   declared otherwise in an individual file, this entire notice applies as
+   if the text was explicitly included in the file.
 ***********************************************************************
 *                                                                     *
 * Copyright (c) University of Delaware 1992-2015                      *
@@ -62,13 +61,13 @@ This file is automatically generated from html/copyrig
 ***********************************************************************
 
    The following individuals contributed in part to the Network Time
-   Protocol Distribution Version 4 and are acknowledged as authors of
-   this work.
+   Protocol Distribution Version 4 and are acknowledged as authors of this
+   work.
     1. [1]Takao Abe <takao_abe@xurb.jp> Clock driver for JJY receivers
     2. [2]Mark Andrews <mark_andrews@isc.org> Leitch atomic clock
        controller
-    3. [3]Bernd Altmeier <altmeier@atlsoft.de> hopf Elektronik serial
-       line and PCI-bus devices
+    3. [3]Bernd Altmeier <altmeier@atlsoft.de> hopf Elektronik serial line
+       and PCI-bus devices
     4. [4]Viraj Bais <vbais@mailman1.intel.com> and [5]Clayton Kirkwood
        <kirkwood@striderfm.intel.com> port to WindowsNT 3.5
     5. [6]Michael Barone <michael,barone@lmco.com> GPSVME fixes
@@ -84,13 +83,12 @@ This file is automatically generated from html/copyrig
        <Jean-Francois.Boudreault@viagenie.qc.ca> IPv6 support
    12. [13]Reg Clemens <reg@dwf.com> Oncore driver (Current maintainer)
    13. [14]Steve Clift <clift@ml.csiro.au> OMEGA clock driver
-   14. [15]Casey Crellin <casey@csc.co.za> vxWorks (Tornado) port and
-       help with target configuration
+   14. [15]Casey Crellin <casey@csc.co.za> vxWorks (Tornado) port and help
+       with target configuration
    15. [16]Sven Dietrich <sven_dietrich@trimble.com> Palisade reference
        clock driver, NT adj. residuals, integrated Greg's Winnt port.
    16. [17]John A. Dundas III <dundas@salt.jpl.nasa.gov> Apple A/UX port
-   17. [18]Torsten Duwe <duwe@immd4.informatik.uni-erlangen.de> Linux
-       port
+   17. [18]Torsten Duwe <duwe@immd4.informatik.uni-erlangen.de> Linux port
    18. [19]Dennis Ferguson <dennis@mrbill.canet.ca> foundation code for
        NTP Version 2 as specified in RFC-1119
    19. [20]John Hay <jhay@icomtek.csir.co.za> IPv6 support and testing
@@ -122,9 +120,8 @@ This file is automatically generated from html/copyrig
        code for Version 3 as specified in RFC-1305
    36. [39]Danny Mayer <mayer@ntp.org>Network I/O, Windows Port, Code
        Maintenance
-   37. [40]David L. Mills <mills@udel.edu> Version 4 foundation,
-       precision kernel; clock drivers: 1, 3, 4, 6, 7, 11, 13, 18, 19,
-       22, 36
+   37. [40]David L. Mills <mills@udel.edu> Version 4 foundation, precision
+       kernel; clock drivers: 1, 3, 4, 6, 7, 11, 13, 18, 19, 22, 36
    38. [41]Wolfgang Moeller <moeller@gwdgv1.dnet.gwdg.de> VMS port
    39. [42]Jeffrey Mogul <mogul@pa.dec.com> ntptrace utility
    40. [43]Tom Moore <tmoore@fievel.daytonoh.ncr.com> i386 svr4 port
@@ -136,22 +133,18 @@ This file is automatically generated from html/copyrig
    44. [48]Rainer Pruy <Rainer.Pruy@informatik.uni-erlangen.de>
        monitoring/trap scripts, statistics file handling
    45. [49]Dirce Richards <dirce@zk3.dec.com> Digital UNIX V4.0 port
-   46. [50]Wilfredo Sánchez <wsanchez@apple.com> added support for
-       NetInfo
+   46. [50]Wilfredo Sánchez <wsanchez@apple.com> added support for NetInfo
    47. [51]Nick Sayer <mrapple@quack.kfu.com> SunOS streams modules
    48. [52]Jack Sasportas <jack@innovativeinternet.com> Saved a Lot of
        space on the stuff in the html/pic/ subdirectory
    49. [53]Ray Schnitzler <schnitz@unipress.com> Unixware1 port
    50. [54]Michael Shields <shields@tembel.org> USNO clock driver
-   51. [55]Jeff Steinman <jss@pebbles.jpl.nasa.gov> Datum PTS clock
-       driver
+   51. [55]Jeff Steinman <jss@pebbles.jpl.nasa.gov> Datum PTS clock driver
    52. [56]Harlan Stenn <harlan@pfcs.com> GNU automake/autoconfigure
        makeover, various other bits (see the ChangeLog)
    53. [57]Kenneth Stone <ken@sdd.hp.com> HP-UX port
-   54. [58]Ajit Thyagarajan <ajit@ee.udel.edu>IP multicast/anycast
-       support
-   55. [59]Tomoaki TSURUOKA <tsuruoka@nc.fukuoka-u.ac.jp>TRAK clock
-       driver
+   54. [58]Ajit Thyagarajan <ajit@ee.udel.edu>IP multicast/anycast support
+   55. [59]Tomoaki TSURUOKA <tsuruoka@nc.fukuoka-u.ac.jp>TRAK clock driver
    56. [60]Brian Utterback <brian.utterback@oracle.com> General codebase,
        Solaris issues
    57. [61]Loganaden Velvindron <loganaden@gmail.com> Sandboxing
@@ -160,7 +153,7 @@ This file is automatically generated from html/copyrig
        TrueTime clock driver
    59. [63]Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de> corrected and
        validated HTML documents according to the HTML DTD
-     _________________________________________________________________
+     __________________________________________________________________
 
 References
 

Modified: releng/12.0/contrib/ntp/ChangeLog
==============================================================================
--- releng/12.0/contrib/ntp/ChangeLog	Tue May 14 22:59:32 2019	(r347588)
+++ releng/12.0/contrib/ntp/ChangeLog	Tue May 14 23:02:56 2019	(r347589)
@@ -1,4 +1,49 @@
 ---
+(4.2.8p13) 2019/03/07 Released by Harlan Stenn <stenn@ntp.org>
+
+* [Sec 3565] Crafted null dereference attack in authenticated
+	     mode 6 packet <perlinger@ntp.org>
+  - reported by Magnus Stubman
+* [Bug 3560] Fix build when HAVE_DROPROOT is not defined <perlinger@ntp.org>
+  - applied patch by Ian Lepore
+* [Bug 3558] Crash and integer size bug <perlinger@ntp.org>
+  - isolate and fix linux/windows specific code issue
+* [Bug 3556] ntp_loopfilter.c snprintf compilation warnings <perlinger@ntp.org>
+  - provide better function for incremental string formatting
+* [Bug 3555] Tidy up print alignment of debug output from ntpdate <perlinger@ntp.org>
+  - applied patch by Gerry Garvey
+* [Bug 3554] config revoke stores incorrect value <perlinger@ntp.org>
+  - original finding by Gerry Garvey, additional cleanup needed
+* [Bug 3549] Spurious initgroups() error message <perlinger@ntp.org>
+  - patch by Christous Zoulas
+* [Bug 3548] Signature not verified on windows system <perlinger@ntp.org>
+  - finding by Chen Jiabin, plus another one by me
+* [Bug 3541] patch to fix STA_NANO struct timex units <perlinger@ntp.org>
+  - applied patch by Maciej Szmigiero
+* [Bug 3540] Cannot set minsane to 0 anymore <perlinger@ntp.org>
+  - applied patch by Andre Charbonneau
+* [Bug 3539] work_fork build fails when droproot is not supported <perlinger@ntp.org>
+  - applied patch by Baruch Siach
+* [Bug 3538] Build fails for no-MMU targets <perlinger@ntp.org>
+  - applied patch by Baruch Siach
+* [Bug 3535] libparse won't handle GPS week rollover <perlinger@ntp.org>
+  - refactored handling of GPS era based on 'tos basedate' for
+    parse (TSIP) and JUPITER clocks
+* [Bug 3529] Build failures on Mac OS X 10.13 (High Sierra) <perlinger@ntp.org>
+  - patch by Daniel J. Luke; this does not fix a potential linker
+    regression issue on MacOS.
+* [Bug 3527 - Backward Incompatible] mode7 clockinfo fudgeval2 packet
+  anomaly <perlinger@ntp.org>, reported by GGarvey.
+  - --enable-bug3527-fix support by HStenn
+* [Bug 3526] Incorrect poll interval in packet <perlinger@ntp.org>
+  - applied patch by Gerry Garvey
+* [Bug 3471] Check for openssl/[ch]mac.h.  <perlinger@ntp.org>
+  - added missing check, reported by Reinhard Max <perlinger@ntp.org>
+* [Bug 1674] runtime crashes and sync problems affecting both x86 and x86_64
+  - this is a variant of [bug 3558] and should be fixed with it
+* Implement --disable-signalled-io
+
+---
 (4.2.8p12) 2018/08/14 Released by Harlan Stenn <stenn@ntp.org>
 
 * [Sec 3505] CVE-2018-12327 - Arbitrary Code Execution Vulnerability

Modified: releng/12.0/contrib/ntp/CommitLog
==============================================================================
--- releng/12.0/contrib/ntp/CommitLog	Tue May 14 22:59:32 2019	(r347588)
+++ releng/12.0/contrib/ntp/CommitLog	Tue May 14 23:02:56 2019	(r347589)
@@ -1,363 +1,6898 @@
-ChangeSet@1.3729, 2017-02-01 07:39:35-05:00, stenn@deacon.udel.edu
+ChangeSet@1.3849, 2019-02-20 17:13:36-08:00, harlan@ntp-build.tal1.ntfo.org
+  Update NEWS file
+
+  NEWS@1.200 +3 -0
+    Update NEWS file
+
+ChangeSet@1.3848, 2019-02-20 09:44:58-08:00, harlan@ntp-build.tal1.ntfo.org
+  build system cleanups
+
+  build@1.50 +1 -1
+    build system cleanups
+
+  scripts/build/check--help@1.4 +2 -2
+    build system cleanups
+
+  sntp/libopts/autoopts/options.h@1.31 +1 -1
+    build system cleanups
+
+  sntp/libopts/genshell.h@1.31 +1 -1
+    build system cleanups
+
+ChangeSet@1.3847, 2019-02-18 22:26:26-08:00, harlan@ntp-build.tal1.ntfo.org
+  ChangeLog and NEWS description cleanups
+
+  ChangeLog@1.1971 +4 -4
+    ChangeLog and NEWS description cleanups
+
+  NEWS@1.199 +4 -2
+    ChangeLog and NEWS description cleanups
+
+ChangeSet@1.3844.1.4, 2019-02-18 20:10:25-08:00, harlan@ntp-build.tal1.ntfo.org
+  NEWS file update
+
+  NEWS@1.198 +49 -2
+    NEWS file update
+
+ChangeSet@1.3844.1.3, 2019-02-16 07:36:50+00:00, stenn@stenn.ntp.org
+  Improve messages around signalled IO handling in configure
+
+  sntp/m4/ntp_libntp.m4@1.38 +5 -0
+    Improve messages around signalled IO handling in configure
+
+ChangeSet@1.3844.1.2, 2019-02-15 13:27:05+00:00, stenn@stenn.ntp.org
+  Implement --disable-signalled-io
+
+  ChangeLog@1.1968.1.2 +1 -0
+    Implement --disable-signalled-io
+
+  sntp/m4/ntp_libntp.m4@1.37 +22 -2
+    Implement --disable-signalled-io
+
+ChangeSet@1.3844.1.1, 2019-01-17 04:16:52+00:00, stenn@psp-deb1.ntp.org
+  Cleanup
+
+  ChangeLog@1.1968.1.1 +0 -1
+    Cleanup
+
+ChangeSet@1.3845, 2019-01-16 21:42:59+01:00, perlinger@ntp.org
+  [Sec 3565] null pointer crash by remote attack
+
+  ChangeLog@1.1969 +3 -0
+    [Sec 3565] null pointer crash by remote attack
+
+  ntpd/ntp_control.c@1.233 +17 -9
+    [Sec 3565] null pointer crash by remote attack
+
+ChangeSet@1.3827.1.2, 2018-12-15 13:25:25+00:00, stenn@psp-deb1.ntp.org
+  bug3527 fixes
+
+  ChangeLog@1.1952.1.2 +3 -3
+    bug3527 fixes
+
+  configure.ac@1.614.1.1 +18 -0
+    bug3527 fixes
+
+  ntpd/ntp_request.c@1.129 +7 -4
+    bug3527 fixes
+
+  ntpdc/ntpdc_ops.c@1.85 +8 -3
+    bug3527 fixes
+
+ChangeSet@1.3827.15.1, 2018-12-12 07:37:12+01:00, perlinger@ntp.org
+  [Bug 3560] Fix build when HAVE_DROPROOT is not defined
+
+  ChangeLog@1.1952.15.1 +4 -0
+    [Bug 3560] Fix build when HAVE_DROPROOT is not defined
+
+  libntp/work_fork.c@1.20.2.1 +2 -0
+    [Bug 3560] Fix build when HAVE_DROPROOT is not defined
+
+ChangeSet@1.3827.14.1, 2018-12-11 07:42:01+01:00, perlinger@ntp.org
+  [Bug 3558] Crash and integer size bug
+  [Bug 1674] runtime crashes and sync problems affecting both x86 and x86_64
+   - isolate & fix LP64/LLP64 problem with BANCOMM SDK
+
+  ChangeLog@1.1952.14.1 +6 -0
+    [Bug 3558] Crash and integer size bug
+    [Bug 1674] runtime crashes and sync problems affecting both x86 and x86_64
+     - isolate & fix LP64/LLP64 problem with BANCOMM SDK
+
+  configure.ac@1.615 +1 -0
+    [Bug 3558] Crash and integer size bug
+    [Bug 1674] runtime crashes and sync problems affecting both x86 and x86_64
+     - search for BANCOMM SDK lib
+
+  ntpd/refclock_bancomm.c@1.17 +96 -23
+    [Bug 3558] Crash and integer size bug
+    [Bug 1674] runtime crashes and sync problems affecting both x86 and x86_64
+     - isolate & fix LP64/LLP64 problem with BANCOMM SDK
+
+ChangeSet@1.3827.11.2, 2018-12-05 06:58:13+01:00, perlinger@ntp.org
+  Bug 3556 - ntp_loopfilter.c snprintf compilation warnings
+   - stricter buffer range checks
+
+  libntp/xsbprintf.c@1.2 +11 -13
+    Bug 3556 - ntp_loopfilter.c snprintf compilation warnings
+     - stricter buffer range checks
+
+  tests/libntp/run-sbprintf.c@1.2 +8 -4
+    Bug 3556 - ntp_loopfilter.c snprintf compilation warnings
+     - stricter buffer range checks
+
+  tests/libntp/sbprintf.c@1.2 +28 -0
+    Bug 3556 - ntp_loopfilter.c snprintf compilation warnings
+     - stricter buffer range checks
+
+ChangeSet@1.3827.10.2, 2018-12-03 02:29:24-05:00, stenn@psp-fb1.ntp.org
+  Update Changelog for latest fix for 3471
+
+  ChangeLog@1.1952.10.2 +6 -1
+    Update Changelog for latest fix for 3471
+
+ChangeSet@1.3827.13.1, 2018-12-02 09:05:37+01:00, perlinger@ntp.org
+  [Bug 3555] Tidy up print alignment of debug output from ntpdate
+
+  ChangeLog@1.1952.13.1 +4 -0
+    [Bug 3555] Tidy up print alignment of debug output from ntpdate
+
+  ntpdate/ntpdate.c@1.102 +12 -9
+    [Bug 3555] Tidy up print alignment of debug output from ntpdate
+
+ChangeSet@1.3827.12.1, 2018-12-02 08:17:05+01:00, perlinger@ntp.org
+  [Bug 3554] config revoke stores incorrect value
+   - plus some additional cleanup
+
+  ChangeLog@1.1952.12.1 +4 -0
+    [Bug 3554] config revoke stores incorrect value
+
+  include/ntpd.h@1.204 +2 -2
+    [Bug 3554] config revoke stores incorrect value
+     - sys_{revoke,automax} hold positive log2 value -- unsigned char is enough.
+
+  ntpd/ntp_config.c@1.365.2.1 +12 -3
+    [Bug 3554] config revoke stores incorrect value
+     - sys_{revoke,automax} hold positive log2 value for shift; clamp values
+
+  ntpd/ntp_crypto.c@1.190.1.1 +2 -2
+    [Bug 3554] config revoke stores incorrect value
+     - avoid possible integer truncation
+
+  ntpd/ntp_timer.c@1.97 +4 -4
+    [Bug 3554] config revoke stores incorrect value
+     - sys_{revoke,automax} hold positive log2 value -- unsigned char is enough.
+     - avoid possible integer truncation
+
+ChangeSet@1.3827.11.1, 2018-12-01 12:10:51+01:00, perlinger@ntp.org
+  [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+   - provide better function for incremental string formatting
+
+  ChangeLog@1.1952.11.1 +4 -0
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - provide better function for incremental string formatting
+
+  include/ntp_stdlib.h@1.87 +3 -0
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - provide better API for incremental string formatting
+
+  libntp/Makefile.am@1.82 +1 -0
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - add source of new API for incremental string formatting
+
+  libntp/xsbprintf.c@1.1 +77 -0
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - implement new API for incremental string formatting
+
+  libntp/xsbprintf.c@1.0 +0 -0
+
+  ntpd/ntp_loopfilter.c@1.192 +18 -14
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - use new API for incremental string formatting
+
+  ports/winnt/vs2005/libntp.vcproj@1.27 +4 -0
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - add source of new API for incremental string formatting
+
+  ports/winnt/vs2008/libntp/libntp.vcproj@1.58 +4 -0
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - add source of new API for incremental string formatting
+
+  ports/winnt/vs2013/libntp/libntp.vcxproj@1.14 +3 -2
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - add source of new API for incremental string formatting
+
+  ports/winnt/vs2013/libntp/libntp.vcxproj.filters@1.12 +5 -2
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - add source of new API for incremental string formatting
+
+  ports/winnt/vs2015/libntp/libntp.vcxproj@1.4 +3 -2
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - add source of new API for incremental string formatting
+
+  ports/winnt/vs2015/libntp/libntp.vcxproj.filters@1.4 +5 -2
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - add source of new API for incremental string formatting
+
+  tests/libntp/Makefile.am@1.100 +12 -0
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - add string buffer formatting tests
+
+  tests/libntp/run-sbprintf.c@1.1 +72 -0
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - add string buffer formatting tests
+
+  tests/libntp/run-sbprintf.c@1.0 +0 -0
+
+  tests/libntp/sbprintf.c@1.1 +67 -0
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - add string buffer formatting tests
+
+  tests/libntp/sbprintf.c@1.0 +0 -0
+
+ChangeSet@1.3827.10.1, 2018-11-30 06:34:35+01:00, perlinger@ntp.org
+  [Bug 3471] Check for openssl/[ch]mac.h
+   - added missing check in code
+
+  ChangeLog@1.1952.10.1 +1 -0
+    [Bug 3471] Check for openssl/[ch]mac.h
+     - added missing check in code
+
+  libntp/authreadkeys.c@1.33 +2 -0
+    [Bug 3471] Check for openssl/[ch]mac.h
+     - added missing check in code
+
+ChangeSet@1.3827.9.1, 2018-11-11 12:03:14+01:00, perlinger@ntp.org
+  [Bug 3549] Spurious initgroups() error message
+
+  ChangeLog@1.1952.9.1 +4 -0
+    [Bug 3549] Spurious initgroups() error message
+
+  ntpd/ntpd.c@1.177.2.1 +33 -17
+    [Bug 3549] Spurious initgroups() error message
+     - make 'set_user_group_ids()' idempotent: If we're already there, don't complain.
+
+ChangeSet@1.3827.8.1, 2018-11-11 11:07:23+01:00, perlinger@ntp.org
+  [Bug 3548] Signature not verified on windows system
+
+  ChangeLog@1.1952.8.1 +4 -0
+    [Bug 3548] Signature not verified on windows system
+
+  ntpd/ntp_crypto.c@1.191 +2 -1
+    [Bug 3548] Signature not verified on windows system
+     - ntohl() can be a macro
+
+  sntp/networking.c@1.70 +2 -1
+    [Bug 3548] Signature not verified on windows system
+     - ntohl() can be a macro
+
+ChangeSet@1.3827.7.1, 2018-11-11 09:56:34+01:00, perlinger@ntp.org
+  [Bug 3541] patch to fix STA_NANO struct timex units
+
+  ChangeLog@1.1952.7.1 +4 -0
+    [Bug 3541] patch to fix STA_NANO struct timex units
+
+  ntpd/ntp_control.c@1.232 +9 -7
+    [Bug 3541] patch to fix STA_NANO struct timex units
+
+  ntpdc/ntpdc_ops.c@1.83.1.1 +7 -7
+    [Bug 3541] patch to fix STA_NANO struct timex units
+
+  util/ntptime.c@1.28 +0 -4
+    [Bug 3541] patch to fix STA_NANO struct timex units
+
+ChangeSet@1.3827.6.1, 2018-10-27 11:00:56+02:00, perlinger@ntp.org
+  [Bug 3540] Cannot set minsane to 0 anymore
+
+  ChangeLog@1.1952.6.1 +4 -0
+    [Bug 3540] Cannot set minsane to 0 anymore
+
+  ntpd/ntp_config.c@1.365.1.1 +2 -2
+    [Bug 3540] Cannot set minsane to 0 anymore
+
+ChangeSet@1.3827.5.1, 2018-10-27 10:33:55+02:00, perlinger@ntp.org
+  [Bug 3539] work_fork build fails when droproot is not supported
+
+  ChangeLog@1.1952.5.1 +4 -0
+    [Bug 3539] work_fork build fails when droproot is not supported
+
+  libntp/work_fork.c@1.20.1.1 +2 -0
+    [Bug 3539] work_fork build fails when droproot is not supported
+
+ChangeSet@1.3827.4.1, 2018-10-27 10:23:05+02:00, perlinger@ntp.org
+  [Bug 3538] Build fails for no-MMU targets
+
+  ChangeLog@1.1952.4.1 +4 -0
+    [Bug 3538] Build fails for no-MMU targets
+
+  ntpd/ntpd.c@1.177.1.1 +2 -0
+    [Bug 3538] Build fails for no-MMU targets
+
+ChangeSet@1.3827.3.1, 2018-10-13 08:03:48+02:00, perlinger@ntp.org
+  [Bug 3535] libparse won't handle GPS week rollover
+
+  ChangeLog@1.1952.3.1 +5 -0
+    [Bug 3535] libparse won't handle GPS week rollover
+
+  include/ntp_calendar.h@1.20 +21 -3
+    [Bug 3535] libparse won't handle GPS week rollover
+     - GPS week era support
+
+  include/parse.h@1.15 +0 -1
+    [Bug 3535] libparse won't handle GPS week rollover
+     - remove GPSWRAP definition to avoid lurking uses
+
+  libntp/calyearstart.c@1.7 +1 -1
+    [Bug 3535] libparse won't handle GPS week rollover
+
+  libntp/ntp_calendar.c@1.21 +38 -0
+    [Bug 3535] libparse won't handle GPS week rollover
+     - set GPS base week as first Sunday on or after base date
+
+  libparse/clk_trimtsip.c@1.15 +5 -9
+    [Bug 3535] libparse won't handle GPS week rollover
+     - use centralized week expansion code
+
+  libparse/gpstolfp.c@1.14 +0 -5
+    [Bug 3535] libparse won't handle GPS week rollover
+     - don't try to expand weeks in the conversion
+
+  ntpd/ntp_config.c@1.366 +4 -0
+    [Bug 3535] libparse won't handle GPS week rollover
+     - set basedate based on build stamp if not set explicitely
+
+  ntpd/refclock_jupiter.c@1.32 +1 -56
+    [Bug 3535] libparse won't handle GPS week rollover
+     - use centralized week expansion code instead of local copy
+
+  ntpd/refclock_parse.c@1.87 +1 -2
+    [Bug 3535] libparse won't handle GPS week rollover
+     - use centralized week expansion code
+
+ChangeSet@1.3827.2.1, 2018-10-02 18:03:33+02:00, perlinger@ntp.org
+  [Bug 3529] Build failures on Mac OS X 10.13 (High Sierra)
+
+  ChangeLog@1.1952.2.1 +5 -0
+    [Bug 3529] Build failures on Mac OS X 10.13 (High Sierra)
+
+  libntp/work_fork.c@1.21 +6 -3
+    [Bug 3529] Build failures on Mac OS X 10.13 (High Sierra)
+     - make existence of 'set_user_group_ids()' depend on HAVE_DROPROOT
+
+ChangeSet@1.3827.1.1, 2018-10-02 17:38:18+02:00, perlinger@ntp.org
+  [Bug 3527] fudgeval2 anomaly in mode7 clock info packet
+
+  ChangeLog@1.1952.1.1 +5 -0
+    [Bug 3527] fudgeval2 anomaly in mode7 clock info packet
+
+  ntpd/ntp_request.c@1.128 +5 -0
+    [Bug 3527] fudgeval2 anomaly in mode7 clock info packet
+
+  ntpdc/ntpdc_ops.c@1.84 +4 -0
+    [Bug 3527] fudgeval2 anomaly in mode7 clock info packet
+
+ChangeSet@1.3828, 2018-09-12 22:52:00+02:00, perlinger@ntp.org
+  [Bug 3526] Incorrect poll interval in packet
+
+  ChangeLog@1.1953 +4 -0
+    [Bug 3526] Incorrect poll interval in packet
+
+  ntpd/ntp_proto.c@1.423 +4 -4
+    [Bug 3526] Incorrect poll interval in packet
+
+  ntpd/ntpd.c@1.178 +4 -4
+    [Bug 3526] Incorrect poll interval in packet
+     (side kick: fix function prototypes. C is not C++.)
+
+  sntp/main.c@1.104 +2 -3
+    [Bug 3526] Incorrect poll interval in packet
+     (side kick: fix function prototypes. C is not C++.)
+
+ChangeSet@1.3827, 2018-08-14 08:31:08-04:00, stenn@deacon.udel.edu
+  NTP_4_2_8P12
+  TAG: NTP_4_2_8P12
+
+  ChangeLog@1.1952 +1 -0
+    NTP_4_2_8P12
+
+  ntpd/invoke-ntp.conf.texi@1.217 +1 -1
+    NTP_4_2_8P12
+
+  ntpd/invoke-ntp.keys.texi@1.202 +1 -1
+    NTP_4_2_8P12
+
+  ntpd/invoke-ntpd.texi@1.516 +2 -2
+    NTP_4_2_8P12
+
+  ntpd/ntp.conf.5man@1.251 +3 -3
+    NTP_4_2_8P12
+
+  ntpd/ntp.conf.5mdoc@1.251 +2 -2
+    NTP_4_2_8P12
+
+  ntpd/ntp.conf.html@1.200 +92 -105
+    NTP_4_2_8P12
+
+  ntpd/ntp.conf.man.in@1.251 +3 -3
+    NTP_4_2_8P12
+
+  ntpd/ntp.conf.mdoc.in@1.251 +2 -2
+    NTP_4_2_8P12
+
+  ntpd/ntp.keys.5man@1.236 +2 -2
+    NTP_4_2_8P12
+
+  ntpd/ntp.keys.5mdoc@1.236 +3 -3
+    NTP_4_2_8P12
+
+  ntpd/ntp.keys.html@1.199 +17 -29
+    NTP_4_2_8P12
+
+  ntpd/ntp.keys.man.in@1.236 +2 -2
+    NTP_4_2_8P12
+
+  ntpd/ntp.keys.mdoc.in@1.236 +3 -3
+    NTP_4_2_8P12
+
+  ntpd/ntpd-opts.c@1.538 +7 -7
+    NTP_4_2_8P12
+
+  ntpd/ntpd-opts.h@1.537 +3 -3
+    NTP_4_2_8P12
+
+  ntpd/ntpd.1ntpdman@1.345 +3 -3
+    NTP_4_2_8P12
+
+  ntpd/ntpd.1ntpdmdoc@1.345 +2 -2
+    NTP_4_2_8P12
+
+  ntpd/ntpd.html@1.191 +101 -145
+    NTP_4_2_8P12
+
+  ntpd/ntpd.man.in@1.345 +3 -3
+    NTP_4_2_8P12
+
+  ntpd/ntpd.mdoc.in@1.345 +2 -2
+    NTP_4_2_8P12
+
+  ntpdc/invoke-ntpdc.texi@1.513 +2 -2
+    NTP_4_2_8P12
+
+  ntpdc/ntpdc-opts.c@1.531 +7 -7
+    NTP_4_2_8P12
+
+  ntpdc/ntpdc-opts.h@1.530 +3 -3
+    NTP_4_2_8P12
+
+  ntpdc/ntpdc.1ntpdcman@1.344 +3 -3
+    NTP_4_2_8P12
+
+  ntpdc/ntpdc.1ntpdcmdoc@1.344 +2 -2
+    NTP_4_2_8P12
+
+  ntpdc/ntpdc.html@1.359 +57 -77
+    NTP_4_2_8P12
+
+  ntpdc/ntpdc.man.in@1.344 +3 -3
+    NTP_4_2_8P12
+
+  ntpdc/ntpdc.mdoc.in@1.344 +2 -2
+    NTP_4_2_8P12
+
+  ntpq/invoke-ntpq.texi@1.523 +2 -2
+    NTP_4_2_8P12
+
+  ntpq/ntpq-opts.c@1.540 +7 -7
+    NTP_4_2_8P12
+
+  ntpq/ntpq-opts.h@1.538 +3 -3
+    NTP_4_2_8P12
+
+  ntpq/ntpq.1ntpqman@1.351 +3 -3
+    NTP_4_2_8P12
+
+  ntpq/ntpq.1ntpqmdoc@1.351 +2 -2
+    NTP_4_2_8P12
+
+  ntpq/ntpq.html@1.190 +105 -129
+    NTP_4_2_8P12
+
+  ntpq/ntpq.man.in@1.351 +3 -3
+    NTP_4_2_8P12
+
+  ntpq/ntpq.mdoc.in@1.351 +2 -2
+    NTP_4_2_8P12
+
+  ntpsnmpd/invoke-ntpsnmpd.texi@1.515 +1 -1
+    NTP_4_2_8P12
+
+  ntpsnmpd/ntpsnmpd-opts.c@1.533 +7 -7
+    NTP_4_2_8P12
+
+  ntpsnmpd/ntpsnmpd-opts.h@1.532 +3 -3
+    NTP_4_2_8P12
+
+  ntpsnmpd/ntpsnmpd.1ntpsnmpdman@1.344 +3 -3
+    NTP_4_2_8P12
+
+  ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc@1.344 +2 -2
+    NTP_4_2_8P12
+
+  ntpsnmpd/ntpsnmpd.html@1.185 +10 -14
+    NTP_4_2_8P12
+
+  ntpsnmpd/ntpsnmpd.man.in@1.344 +3 -3
+    NTP_4_2_8P12
+
+  ntpsnmpd/ntpsnmpd.mdoc.in@1.344 +2 -2
+    NTP_4_2_8P12
+
+  packageinfo.sh@1.542 +2 -2
+    NTP_4_2_8P12
+
+  scripts/calc_tickadj/calc_tickadj.1calc_tickadjman@1.105 +3 -3
+    NTP_4_2_8P12
+
+  scripts/calc_tickadj/calc_tickadj.1calc_tickadjmdoc@1.106 +2 -2
+    NTP_4_2_8P12
+
+  scripts/calc_tickadj/calc_tickadj.html@1.106 +1 -1
+    NTP_4_2_8P12
+
+  scripts/calc_tickadj/calc_tickadj.man.in@1.104 +3 -3
+    NTP_4_2_8P12
+
+  scripts/calc_tickadj/calc_tickadj.mdoc.in@1.106 +2 -2
+    NTP_4_2_8P12
+
+  scripts/calc_tickadj/invoke-calc_tickadj.texi@1.109 +1 -1
+    NTP_4_2_8P12
+
+  scripts/invoke-plot_summary.texi@1.127 +2 -2
+    NTP_4_2_8P12
+
+  scripts/invoke-summary.texi@1.126 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntp-wait/invoke-ntp-wait.texi@1.336 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntp-wait/ntp-wait-opts@1.72 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntp-wait/ntp-wait.1ntp-waitman@1.333 +3 -3
+    NTP_4_2_8P12
+
+  scripts/ntp-wait/ntp-wait.1ntp-waitmdoc@1.334 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntp-wait/ntp-wait.html@1.355 +31 -49
+    NTP_4_2_8P12
+
+  scripts/ntp-wait/ntp-wait.man.in@1.333 +3 -3
+    NTP_4_2_8P12
+
+  scripts/ntp-wait/ntp-wait.mdoc.in@1.334 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntpsweep/invoke-ntpsweep.texi@1.124 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntpsweep/ntpsweep-opts@1.74 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntpsweep/ntpsweep.1ntpsweepman@1.112 +3 -3
+    NTP_4_2_8P12
+
+  scripts/ntpsweep/ntpsweep.1ntpsweepmdoc@1.112 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntpsweep/ntpsweep.html@1.127 +33 -44
+    NTP_4_2_8P12
+
+  scripts/ntpsweep/ntpsweep.man.in@1.112 +3 -3
+    NTP_4_2_8P12
+
+  scripts/ntpsweep/ntpsweep.mdoc.in@1.113 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntptrace/invoke-ntptrace.texi@1.125 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntptrace/ntptrace-opts@1.74 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntptrace/ntptrace.1ntptraceman@1.112 +3 -3
+    NTP_4_2_8P12
+
+  scripts/ntptrace/ntptrace.1ntptracemdoc@1.113 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntptrace/ntptrace.html@1.128 +27 -36
+    NTP_4_2_8P12
+
+  scripts/ntptrace/ntptrace.man.in@1.112 +3 -3
+    NTP_4_2_8P12
+
+  scripts/ntptrace/ntptrace.mdoc.in@1.114 +2 -2
+    NTP_4_2_8P12
+
+  scripts/plot_summary-opts@1.75 +2 -2
+    NTP_4_2_8P12
+
+  scripts/plot_summary.1plot_summaryman@1.125 +3 -3
+    NTP_4_2_8P12
+
+  scripts/plot_summary.1plot_summarymdoc@1.125 +2 -2
+    NTP_4_2_8P12
+
+  scripts/plot_summary.html@1.130 +29 -47
+    NTP_4_2_8P12
+
+  scripts/plot_summary.man.in@1.125 +3 -3
+    NTP_4_2_8P12
+
+  scripts/plot_summary.mdoc.in@1.125 +2 -2
+    NTP_4_2_8P12
+
+  scripts/summary-opts@1.74 +2 -2
+    NTP_4_2_8P12
+
+  scripts/summary.1summaryman@1.124 +3 -3
+    NTP_4_2_8P12
+
+  scripts/summary.1summarymdoc@1.124 +2 -2
+    NTP_4_2_8P12
+
+  scripts/summary.html@1.129 +27 -39
+    NTP_4_2_8P12
+
+  scripts/summary.man.in@1.124 +3 -3
+    NTP_4_2_8P12
+
+  scripts/summary.mdoc.in@1.124 +2 -2
+    NTP_4_2_8P12
+
+  scripts/update-leap/invoke-update-leap.texi@1.25 +1 -1
+    NTP_4_2_8P12
+
+  scripts/update-leap/update-leap-opts@1.25 +2 -2
+    NTP_4_2_8P12
+
+  scripts/update-leap/update-leap.1update-leapman@1.25 +3 -3
+    NTP_4_2_8P12
+
+  scripts/update-leap/update-leap.1update-leapmdoc@1.25 +2 -2
+    NTP_4_2_8P12
+
+  scripts/update-leap/update-leap.html@1.27 +35 -59
+    NTP_4_2_8P12
+
+  scripts/update-leap/update-leap.man.in@1.25 +3 -3
+    NTP_4_2_8P12
+
+  scripts/update-leap/update-leap.mdoc.in@1.25 +2 -2
+    NTP_4_2_8P12
+
+  sntp/invoke-sntp.texi@1.515 +23 -27
+    NTP_4_2_8P12
+
+  sntp/sntp-opts.c@1.534 +7 -7
+    NTP_4_2_8P12
+
+  sntp/sntp-opts.h@1.532 +3 -3
+    NTP_4_2_8P12
+
+  sntp/sntp.1sntpman@1.350 +3 -3
+    NTP_4_2_8P12
+
+  sntp/sntp.1sntpmdoc@1.350 +2 -2
+    NTP_4_2_8P12
+
+  sntp/sntp.html@1.531 +106 -134
+    NTP_4_2_8P12
+
+  sntp/sntp.man.in@1.350 +3 -3
+    NTP_4_2_8P12
+
+  sntp/sntp.mdoc.in@1.350 +2 -2
+    NTP_4_2_8P12
+
+  util/invoke-ntp-keygen.texi@1.518 +2 -2
+    NTP_4_2_8P12
+
+  util/ntp-keygen-opts.c@1.536 +7 -7
+    NTP_4_2_8P12
+
+  util/ntp-keygen-opts.h@1.534 +3 -3
+    NTP_4_2_8P12
+
+  util/ntp-keygen.1ntp-keygenman@1.346 +3 -3
+    NTP_4_2_8P12
+
+  util/ntp-keygen.1ntp-keygenmdoc@1.346 +2 -2
+    NTP_4_2_8P12
+
+  util/ntp-keygen.html@1.191 +148 -206
+    NTP_4_2_8P12
+
+  util/ntp-keygen.man.in@1.346 +3 -3
+    NTP_4_2_8P12
+
+  util/ntp-keygen.mdoc.in@1.346 +2 -2
+    NTP_4_2_8P12
+
+ChangeSet@1.3826, 2018-08-14 07:16:23-04:00, stenn@deacon.udel.edu
+  Trigger the release of ntp-4.2.8p12
+
+  packageinfo.sh@1.541 +1 -1
+    Trigger the release of ntp-4.2.8p12
+
+ChangeSet@1.3825, 2018-08-13 04:31:37+00:00, stenn@psp-deb1.ntp.org
+  NEWS update
+
+  NEWS@1.197 +1 -1
+    NEWS update
+
+ChangeSet@1.3812.1.10, 2018-08-04 10:31:58+00:00, stenn@psp-deb1.ntp.org
+  [Bug 3521] Fix a logic bug in the INVALIDNAK checks
+
+  ChangeLog@1.1942.1.9 +1 -0
+    [Bug 3521] Fix a logic bug in the INVALIDNAK checks
+
+  NEWS@1.192.1.2 +1 -0
+    [Bug 3521] Fix a logic bug in the INVALIDNAK checks
+
+  ntpd/ntp_proto.c@1.422 +46 -35
+    [Bug 3521] Fix a logic bug in the INVALIDNAK checks
+
+ChangeSet@1.3823, 2018-07-28 05:03:57+00:00, stenn@psp-deb1.ntp.org
+  3505 description updates
+
+  ChangeLog@1.1950 +2 -1
+    3505 description updates
+
+  NEWS@1.195 +2 -2
+    3505 description updates
+
+ChangeSet@1.3812.1.9, 2018-07-25 09:56:39+00:00, stenn@psp-deb1.ntp.org
+  updates
+
+  ChangeLog@1.1942.1.8 +1 -0
+    updates
+
+  NEWS@1.192.1.1 +2 -2
+    updates
+
+  html/authentic.html@1.18 +219 -87
+    updates
+
+ChangeSet@1.3821, 2018-07-25 07:41:01+00:00, stenn@psp-deb1.ntp.org
+  updates
+
+  ntpd/ntp.conf.html@1.199 +104 -91
+    updates
+
+  ntpd/ntp.keys.html@1.198 +28 -16
+    updates
+
+  ntpd/ntpd.html@1.190 +145 -101
+    updates
+
+  ntpdc/ntpdc.html@1.358 +75 -55
+    updates
+
+  ntpsnmpd/ntpsnmpd.html@1.184 +13 -9
+    updates
+
+  scripts/ntp-wait/ntp-wait.html@1.354 +47 -29
+    updates
+
+  scripts/ntpsweep/ntpsweep.html@1.126 +42 -31
+    updates
+
+  scripts/ntptrace/ntptrace.html@1.127 +34 -25
+    updates
+
+  scripts/plot_summary.html@1.129 +45 -27
+    updates
+
+  scripts/summary.html@1.128 +37 -25
+    updates
+
+  scripts/update-leap/update-leap.html@1.26 +132 -34
+    updates
+
+  sntp/sntp.html@1.530 +107 -83
+    updates
+
+ChangeSet@1.3820, 2018-07-25 07:38:42+00:00, stenn@psp-deb1.ntp.org
+  Bug 3509 tweaks
+
+  NEWS@1.193 +6 -1
+    Bug 3509 tweaks
+
+  sntp/m4/ntp_libntp.m4@1.36 +1 -1
+    Bug 3509 tweaks
+
+ChangeSet@1.3816.1.1, 2018-07-25 07:08:13+02:00, perlinger@ntp.org
+  [Bug 3509] Add support for running as non-root on FreeBSD, Darwin, other TrustedBSD platforms
+
+  ChangeLog@1.1946.1.1 +3 -0
+    [Bug 3509] Add support for running as non-root on FreeBSD, Darwin, other TrustedBSD platforms
+
+  ntpd/ntpd.c@1.177 +20 -2
+    [Bug 3509] Add support for running as non-root on FreeBSD, Darwin, other TrustedBSD platforms
+
+  sntp/m4/ntp_libntp.m4@1.35 +22 -1
+    [Bug 3509] Add support for running as non-root on FreeBSD, Darwin, other TrustedBSD platforms
+
+ChangeSet@1.3812.1.8, 2018-07-24 09:16:25+00:00, stenn@psp-deb1.ntp.org
+  Symmetric key range is 1-65535.  Update docs.
+
+  html/authentic.html@1.17 +3 -3
+    Symmetric key range is 1-65535.  Update docs.
+

*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***

From owner-svn-src-releng@freebsd.org  Tue May 14 23:08:49 2019
Return-Path: <owner-svn-src-releng@freebsd.org>
Delivered-To: svn-src-releng@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id C5A79159BB64;
 Tue, 14 May 2019 23:08:48 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 69F8A89192;
 Tue, 14 May 2019 23:08:48 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 40C2127B3B;
 Tue, 14 May 2019 23:08:48 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x4EN8mn5053587;
 Tue, 14 May 2019 23:08:48 GMT (envelope-from gordon@FreeBSD.org)
Received: (from gordon@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id x4EN6RWs053471;
 Tue, 14 May 2019 23:06:27 GMT (envelope-from gordon@FreeBSD.org)
Message-Id: <201905142306.x4EN6RWs053471@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: gordon set sender to
 gordon@FreeBSD.org using -f
From: Gordon Tetlow <gordon@FreeBSD.org>
Date: Tue, 14 May 2019 23:06:27 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-releng@freebsd.org
Subject: svn commit: r347590 - in releng/11.2: contrib/ntp
 contrib/ntp/adjtimed contrib/ntp/clockstuff contrib/ntp/html
 contrib/ntp/include contrib/ntp/include/isc contrib/ntp/kernel
 contrib/ntp/kernel/sys ...
X-SVN-Group: releng
X-SVN-Commit-Author: gordon
X-SVN-Commit-Paths: in releng/11.2: contrib/ntp contrib/ntp/adjtimed
 contrib/ntp/clockstuff contrib/ntp/html contrib/ntp/include
 contrib/ntp/include/isc contrib/ntp/kernel contrib/ntp/kernel/sys
 contrib/ntp/libntp contri...
X-SVN-Commit-Revision: 347590
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: 69F8A89192
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.97 / 15.00];
 local_wl_from(0.00)[FreeBSD.org];
 NEURAL_HAM_MEDIUM(-1.00)[-0.997,0];
 NEURAL_HAM_SHORT(-0.98)[-0.976,0];
 ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US];
 NEURAL_HAM_LONG(-1.00)[-1.000,0]
X-BeenThere: svn-src-releng@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the release engineering / security commits to
 the src tree <svn-src-releng.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-releng>, 
 <mailto:svn-src-releng-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-releng/>
List-Post: <mailto:svn-src-releng@freebsd.org>
List-Help: <mailto:svn-src-releng-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-releng>,
 <mailto:svn-src-releng-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 14 May 2019 23:08:49 -0000

Author: gordon
Date: Tue May 14 23:06:26 2019
New Revision: 347590
URL: https://svnweb.freebsd.org/changeset/base/347590

Log:
  Update ntpd to 4.2.8p13 to fix authenticated denial of service.
  
  Approved by:	so
  Security:	FreeBSD-SA-19:04.ntp
  Security:	CVE-2019-8936

Added:
  releng/11.2/contrib/ntp/libntp/xsbprintf.c
Modified:
  releng/11.2/contrib/ntp/COPYRIGHT
  releng/11.2/contrib/ntp/ChangeLog
  releng/11.2/contrib/ntp/CommitLog
  releng/11.2/contrib/ntp/Makefile.in
  releng/11.2/contrib/ntp/NEWS
  releng/11.2/contrib/ntp/aclocal.m4
  releng/11.2/contrib/ntp/adjtimed/Makefile.in
  releng/11.2/contrib/ntp/build
  releng/11.2/contrib/ntp/clockstuff/Makefile.in
  releng/11.2/contrib/ntp/config.h.in
  releng/11.2/contrib/ntp/configure
  releng/11.2/contrib/ntp/configure.ac
  releng/11.2/contrib/ntp/html/authentic.html
  releng/11.2/contrib/ntp/html/authopt.html
  releng/11.2/contrib/ntp/html/confopt.html
  releng/11.2/contrib/ntp/html/keygen.html
  releng/11.2/contrib/ntp/html/ntpdate.html
  releng/11.2/contrib/ntp/include/Makefile.in
  releng/11.2/contrib/ntp/include/isc/Makefile.in
  releng/11.2/contrib/ntp/include/ntp.h
  releng/11.2/contrib/ntp/include/ntp_calendar.h
  releng/11.2/contrib/ntp/include/ntp_md5.h
  releng/11.2/contrib/ntp/include/ntp_stdlib.h
  releng/11.2/contrib/ntp/include/ntpd.h
  releng/11.2/contrib/ntp/include/parse.h
  releng/11.2/contrib/ntp/kernel/Makefile.in
  releng/11.2/contrib/ntp/kernel/sys/Makefile.in
  releng/11.2/contrib/ntp/libntp/Makefile.am
  releng/11.2/contrib/ntp/libntp/Makefile.in
  releng/11.2/contrib/ntp/libntp/a_md5encrypt.c
  releng/11.2/contrib/ntp/libntp/authreadkeys.c
  releng/11.2/contrib/ntp/libntp/calyearstart.c
  releng/11.2/contrib/ntp/libntp/ntp_calendar.c
  releng/11.2/contrib/ntp/libntp/prettydate.c
  releng/11.2/contrib/ntp/libntp/ssl_init.c
  releng/11.2/contrib/ntp/libntp/syssignal.c
  releng/11.2/contrib/ntp/libntp/work_fork.c
  releng/11.2/contrib/ntp/libntp/work_thread.c
  releng/11.2/contrib/ntp/libparse/Makefile.in
  releng/11.2/contrib/ntp/libparse/clk_trimtsip.c
  releng/11.2/contrib/ntp/libparse/gpstolfp.c
  releng/11.2/contrib/ntp/ntpd/Makefile.in
  releng/11.2/contrib/ntp/ntpd/complete.conf.in
  releng/11.2/contrib/ntp/ntpd/invoke-ntp.conf.texi
  releng/11.2/contrib/ntp/ntpd/invoke-ntp.keys.texi
  releng/11.2/contrib/ntp/ntpd/invoke-ntpd.texi
  releng/11.2/contrib/ntp/ntpd/ntp.conf.5man
  releng/11.2/contrib/ntp/ntpd/ntp.conf.5mdoc
  releng/11.2/contrib/ntp/ntpd/ntp.conf.def
  releng/11.2/contrib/ntp/ntpd/ntp.conf.html
  releng/11.2/contrib/ntp/ntpd/ntp.conf.man.in
  releng/11.2/contrib/ntp/ntpd/ntp.conf.mdoc.in
  releng/11.2/contrib/ntp/ntpd/ntp.keys.5man
  releng/11.2/contrib/ntp/ntpd/ntp.keys.5mdoc
  releng/11.2/contrib/ntp/ntpd/ntp.keys.def
  releng/11.2/contrib/ntp/ntpd/ntp.keys.html
  releng/11.2/contrib/ntp/ntpd/ntp.keys.man.in
  releng/11.2/contrib/ntp/ntpd/ntp.keys.mdoc.in
  releng/11.2/contrib/ntp/ntpd/ntp_config.c
  releng/11.2/contrib/ntp/ntpd/ntp_control.c
  releng/11.2/contrib/ntp/ntpd/ntp_crypto.c
  releng/11.2/contrib/ntp/ntpd/ntp_io.c
  releng/11.2/contrib/ntp/ntpd/ntp_loopfilter.c
  releng/11.2/contrib/ntp/ntpd/ntp_parser.c
  releng/11.2/contrib/ntp/ntpd/ntp_parser.h
  releng/11.2/contrib/ntp/ntpd/ntp_proto.c
  releng/11.2/contrib/ntp/ntpd/ntp_refclock.c
  releng/11.2/contrib/ntp/ntpd/ntp_request.c
  releng/11.2/contrib/ntp/ntpd/ntp_timer.c
  releng/11.2/contrib/ntp/ntpd/ntpd-opts.c
  releng/11.2/contrib/ntp/ntpd/ntpd-opts.h
  releng/11.2/contrib/ntp/ntpd/ntpd.1ntpdman
  releng/11.2/contrib/ntp/ntpd/ntpd.1ntpdmdoc
  releng/11.2/contrib/ntp/ntpd/ntpd.c
  releng/11.2/contrib/ntp/ntpd/ntpd.html
  releng/11.2/contrib/ntp/ntpd/ntpd.man.in
  releng/11.2/contrib/ntp/ntpd/ntpd.mdoc.in
  releng/11.2/contrib/ntp/ntpd/rc_cmdlength.c
  releng/11.2/contrib/ntp/ntpd/refclock_bancomm.c
  releng/11.2/contrib/ntp/ntpd/refclock_datum.c
  releng/11.2/contrib/ntp/ntpd/refclock_gpsdjson.c
  releng/11.2/contrib/ntp/ntpd/refclock_jupiter.c
  releng/11.2/contrib/ntp/ntpd/refclock_parse.c
  releng/11.2/contrib/ntp/ntpd/refclock_shm.c
  releng/11.2/contrib/ntp/ntpd/refclock_true.c
  releng/11.2/contrib/ntp/ntpdate/Makefile.in
  releng/11.2/contrib/ntp/ntpdate/ntpdate.c
  releng/11.2/contrib/ntp/ntpdc/Makefile.in
  releng/11.2/contrib/ntp/ntpdc/invoke-ntpdc.texi
  releng/11.2/contrib/ntp/ntpdc/nl.pl
  releng/11.2/contrib/ntp/ntpdc/ntpdc-opts.c
  releng/11.2/contrib/ntp/ntpdc/ntpdc-opts.h
  releng/11.2/contrib/ntp/ntpdc/ntpdc.1ntpdcman
  releng/11.2/contrib/ntp/ntpdc/ntpdc.1ntpdcmdoc
  releng/11.2/contrib/ntp/ntpdc/ntpdc.c
  releng/11.2/contrib/ntp/ntpdc/ntpdc.html
  releng/11.2/contrib/ntp/ntpdc/ntpdc.man.in
  releng/11.2/contrib/ntp/ntpdc/ntpdc.mdoc.in
  releng/11.2/contrib/ntp/ntpdc/ntpdc_ops.c
  releng/11.2/contrib/ntp/ntpq/Makefile.in
  releng/11.2/contrib/ntp/ntpq/invoke-ntpq.texi
  releng/11.2/contrib/ntp/ntpq/ntpq-opts.c
  releng/11.2/contrib/ntp/ntpq/ntpq-opts.h
  releng/11.2/contrib/ntp/ntpq/ntpq-subs.c
  releng/11.2/contrib/ntp/ntpq/ntpq.1ntpqman
  releng/11.2/contrib/ntp/ntpq/ntpq.1ntpqmdoc
  releng/11.2/contrib/ntp/ntpq/ntpq.c
  releng/11.2/contrib/ntp/ntpq/ntpq.html
  releng/11.2/contrib/ntp/ntpq/ntpq.man.in
  releng/11.2/contrib/ntp/ntpq/ntpq.mdoc.in
  releng/11.2/contrib/ntp/ntpq/ntpq.texi
  releng/11.2/contrib/ntp/ntpsnmpd/Makefile.in
  releng/11.2/contrib/ntp/ntpsnmpd/invoke-ntpsnmpd.texi
  releng/11.2/contrib/ntp/ntpsnmpd/ntpsnmpd-opts.c
  releng/11.2/contrib/ntp/ntpsnmpd/ntpsnmpd-opts.h
  releng/11.2/contrib/ntp/ntpsnmpd/ntpsnmpd.1ntpsnmpdman
  releng/11.2/contrib/ntp/ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc
  releng/11.2/contrib/ntp/ntpsnmpd/ntpsnmpd.html
  releng/11.2/contrib/ntp/ntpsnmpd/ntpsnmpd.man.in
  releng/11.2/contrib/ntp/ntpsnmpd/ntpsnmpd.mdoc.in
  releng/11.2/contrib/ntp/packageinfo.sh
  releng/11.2/contrib/ntp/parseutil/Makefile.in
  releng/11.2/contrib/ntp/scripts/Makefile.in
  releng/11.2/contrib/ntp/scripts/build/Makefile.in
  releng/11.2/contrib/ntp/scripts/build/check--help
  releng/11.2/contrib/ntp/scripts/calc_tickadj/Makefile.in
  releng/11.2/contrib/ntp/scripts/calc_tickadj/calc_tickadj.1calc_tickadjman
  releng/11.2/contrib/ntp/scripts/calc_tickadj/calc_tickadj.1calc_tickadjmdoc
  releng/11.2/contrib/ntp/scripts/calc_tickadj/calc_tickadj.html
  releng/11.2/contrib/ntp/scripts/calc_tickadj/calc_tickadj.man.in
  releng/11.2/contrib/ntp/scripts/calc_tickadj/calc_tickadj.mdoc.in
  releng/11.2/contrib/ntp/scripts/calc_tickadj/invoke-calc_tickadj.texi
  releng/11.2/contrib/ntp/scripts/invoke-plot_summary.texi
  releng/11.2/contrib/ntp/scripts/invoke-summary.texi
  releng/11.2/contrib/ntp/scripts/lib/Makefile.in
  releng/11.2/contrib/ntp/scripts/ntp-wait/Makefile.in
  releng/11.2/contrib/ntp/scripts/ntp-wait/invoke-ntp-wait.texi
  releng/11.2/contrib/ntp/scripts/ntp-wait/ntp-wait-opts
  releng/11.2/contrib/ntp/scripts/ntp-wait/ntp-wait.1ntp-waitman
  releng/11.2/contrib/ntp/scripts/ntp-wait/ntp-wait.1ntp-waitmdoc
  releng/11.2/contrib/ntp/scripts/ntp-wait/ntp-wait.html
  releng/11.2/contrib/ntp/scripts/ntp-wait/ntp-wait.man.in
  releng/11.2/contrib/ntp/scripts/ntp-wait/ntp-wait.mdoc.in
  releng/11.2/contrib/ntp/scripts/ntpsweep/Makefile.in
  releng/11.2/contrib/ntp/scripts/ntpsweep/invoke-ntpsweep.texi
  releng/11.2/contrib/ntp/scripts/ntpsweep/ntpsweep-opts
  releng/11.2/contrib/ntp/scripts/ntpsweep/ntpsweep.1ntpsweepman
  releng/11.2/contrib/ntp/scripts/ntpsweep/ntpsweep.1ntpsweepmdoc
  releng/11.2/contrib/ntp/scripts/ntpsweep/ntpsweep.html
  releng/11.2/contrib/ntp/scripts/ntpsweep/ntpsweep.man.in
  releng/11.2/contrib/ntp/scripts/ntpsweep/ntpsweep.mdoc.in
  releng/11.2/contrib/ntp/scripts/ntptrace/Makefile.in
  releng/11.2/contrib/ntp/scripts/ntptrace/invoke-ntptrace.texi
  releng/11.2/contrib/ntp/scripts/ntptrace/ntptrace-opts
  releng/11.2/contrib/ntp/scripts/ntptrace/ntptrace.1ntptraceman
  releng/11.2/contrib/ntp/scripts/ntptrace/ntptrace.1ntptracemdoc
  releng/11.2/contrib/ntp/scripts/ntptrace/ntptrace.html
  releng/11.2/contrib/ntp/scripts/ntptrace/ntptrace.man.in
  releng/11.2/contrib/ntp/scripts/ntptrace/ntptrace.mdoc.in
  releng/11.2/contrib/ntp/scripts/plot_summary-opts
  releng/11.2/contrib/ntp/scripts/plot_summary.1plot_summaryman
  releng/11.2/contrib/ntp/scripts/plot_summary.1plot_summarymdoc
  releng/11.2/contrib/ntp/scripts/plot_summary.html
  releng/11.2/contrib/ntp/scripts/plot_summary.man.in
  releng/11.2/contrib/ntp/scripts/plot_summary.mdoc.in
  releng/11.2/contrib/ntp/scripts/summary-opts
  releng/11.2/contrib/ntp/scripts/summary.1summaryman
  releng/11.2/contrib/ntp/scripts/summary.1summarymdoc
  releng/11.2/contrib/ntp/scripts/summary.html
  releng/11.2/contrib/ntp/scripts/summary.man.in
  releng/11.2/contrib/ntp/scripts/summary.mdoc.in
  releng/11.2/contrib/ntp/scripts/update-leap/Makefile.in
  releng/11.2/contrib/ntp/scripts/update-leap/invoke-update-leap.texi
  releng/11.2/contrib/ntp/scripts/update-leap/update-leap-opts
  releng/11.2/contrib/ntp/scripts/update-leap/update-leap.1update-leapman
  releng/11.2/contrib/ntp/scripts/update-leap/update-leap.1update-leapmdoc
  releng/11.2/contrib/ntp/scripts/update-leap/update-leap.html
  releng/11.2/contrib/ntp/scripts/update-leap/update-leap.man.in
  releng/11.2/contrib/ntp/scripts/update-leap/update-leap.mdoc.in
  releng/11.2/contrib/ntp/sntp/COPYRIGHT
  releng/11.2/contrib/ntp/sntp/Makefile.in
  releng/11.2/contrib/ntp/sntp/aclocal.m4
  releng/11.2/contrib/ntp/sntp/config.h.in
  releng/11.2/contrib/ntp/sntp/configure
  releng/11.2/contrib/ntp/sntp/crypto.c
  releng/11.2/contrib/ntp/sntp/include/Makefile.in
  releng/11.2/contrib/ntp/sntp/include/version.def
  releng/11.2/contrib/ntp/sntp/include/version.texi
  releng/11.2/contrib/ntp/sntp/invoke-sntp.texi
  releng/11.2/contrib/ntp/sntp/libevent/Makefile.in
  releng/11.2/contrib/ntp/sntp/libevent/aclocal.m4
  releng/11.2/contrib/ntp/sntp/libevent/build-aux/ar-lib
  releng/11.2/contrib/ntp/sntp/libevent/build-aux/compile
  releng/11.2/contrib/ntp/sntp/libevent/build-aux/config.guess
  releng/11.2/contrib/ntp/sntp/libevent/build-aux/config.sub
  releng/11.2/contrib/ntp/sntp/libevent/build-aux/depcomp
  releng/11.2/contrib/ntp/sntp/libevent/build-aux/install-sh
  releng/11.2/contrib/ntp/sntp/libevent/build-aux/missing
  releng/11.2/contrib/ntp/sntp/libevent/build-aux/test-driver
  releng/11.2/contrib/ntp/sntp/libevent/build-aux/ylwrap
  releng/11.2/contrib/ntp/sntp/libevent/config.h.in
  releng/11.2/contrib/ntp/sntp/libevent/configure
  releng/11.2/contrib/ntp/sntp/libevent/evconfig-private.h
  releng/11.2/contrib/ntp/sntp/libevent/test/regress.gen.c
  releng/11.2/contrib/ntp/sntp/libevent/test/regress.gen.h
  releng/11.2/contrib/ntp/sntp/libopts/Makefile.in
  releng/11.2/contrib/ntp/sntp/libopts/autoopts/options.h
  releng/11.2/contrib/ntp/sntp/libopts/genshell.h
  releng/11.2/contrib/ntp/sntp/m4/ntp_libntp.m4
  releng/11.2/contrib/ntp/sntp/m4/ntp_openssl.m4
  releng/11.2/contrib/ntp/sntp/m4/version.m4
  releng/11.2/contrib/ntp/sntp/main.c
  releng/11.2/contrib/ntp/sntp/networking.c
  releng/11.2/contrib/ntp/sntp/scm-rev
  releng/11.2/contrib/ntp/sntp/scripts/Makefile.in
  releng/11.2/contrib/ntp/sntp/sntp-opts.c
  releng/11.2/contrib/ntp/sntp/sntp-opts.h
  releng/11.2/contrib/ntp/sntp/sntp.1sntpman
  releng/11.2/contrib/ntp/sntp/sntp.1sntpmdoc
  releng/11.2/contrib/ntp/sntp/sntp.html
  releng/11.2/contrib/ntp/sntp/sntp.man.in
  releng/11.2/contrib/ntp/sntp/sntp.mdoc.in
  releng/11.2/contrib/ntp/sntp/tests/Makefile.in
  releng/11.2/contrib/ntp/sntp/tests/crypto.c
  releng/11.2/contrib/ntp/sntp/tests/packetProcessing.c
  releng/11.2/contrib/ntp/sntp/unity/Makefile.in
  releng/11.2/contrib/ntp/sntp/version.c
  releng/11.2/contrib/ntp/util/Makefile.in
  releng/11.2/contrib/ntp/util/invoke-ntp-keygen.texi
  releng/11.2/contrib/ntp/util/ntp-keygen-opts.c
  releng/11.2/contrib/ntp/util/ntp-keygen-opts.def
  releng/11.2/contrib/ntp/util/ntp-keygen-opts.h
  releng/11.2/contrib/ntp/util/ntp-keygen.1ntp-keygenman
  releng/11.2/contrib/ntp/util/ntp-keygen.1ntp-keygenmdoc
  releng/11.2/contrib/ntp/util/ntp-keygen.html
  releng/11.2/contrib/ntp/util/ntp-keygen.man.in
  releng/11.2/contrib/ntp/util/ntp-keygen.mdoc.in
  releng/11.2/contrib/ntp/util/ntp-keygen.texi
  releng/11.2/contrib/ntp/util/ntptime.c
  releng/11.2/contrib/ntp/util/sht.c
  releng/11.2/usr.sbin/ntp/config.h
  releng/11.2/usr.sbin/ntp/doc/ntp-keygen.8
  releng/11.2/usr.sbin/ntp/doc/ntp.conf.5
  releng/11.2/usr.sbin/ntp/doc/ntp.keys.5
  releng/11.2/usr.sbin/ntp/doc/ntpd.8
  releng/11.2/usr.sbin/ntp/doc/ntpdc.8
  releng/11.2/usr.sbin/ntp/doc/ntpq.8
  releng/11.2/usr.sbin/ntp/doc/sntp.8
  releng/11.2/usr.sbin/ntp/libntp/Makefile
  releng/11.2/usr.sbin/ntp/scripts/mkver

Modified: releng/11.2/contrib/ntp/COPYRIGHT
==============================================================================
--- releng/11.2/contrib/ntp/COPYRIGHT	Tue May 14 23:02:56 2019	(r347589)
+++ releng/11.2/contrib/ntp/COPYRIGHT	Tue May 14 23:06:26 2019	(r347590)
@@ -1,16 +1,15 @@
 This file is automatically generated from html/copyright.html
-
   Copyright Notice
-  
+
    jpg "Clone me," says Dolly sheepishly.
-   
+
    Last update: 2-Jan-2017 11:58 UTC
-     _________________________________________________________________
-   
-   The following copyright notice applies to all files collectively
-   called the Network Time Protocol Version 4 Distribution. Unless
-   specifically declared otherwise in an individual file, this entire
-   notice applies as if the text was explicitly included in the file.
+     __________________________________________________________________
+
+   The following copyright notice applies to all files collectively called
+   the Network Time Protocol Version 4 Distribution. Unless specifically
+   declared otherwise in an individual file, this entire notice applies as
+   if the text was explicitly included in the file.
 ***********************************************************************
 *                                                                     *
 * Copyright (c) University of Delaware 1992-2015                      *
@@ -62,13 +61,13 @@ This file is automatically generated from html/copyrig
 ***********************************************************************
 
    The following individuals contributed in part to the Network Time
-   Protocol Distribution Version 4 and are acknowledged as authors of
-   this work.
+   Protocol Distribution Version 4 and are acknowledged as authors of this
+   work.
     1. [1]Takao Abe <takao_abe@xurb.jp> Clock driver for JJY receivers
     2. [2]Mark Andrews <mark_andrews@isc.org> Leitch atomic clock
        controller
-    3. [3]Bernd Altmeier <altmeier@atlsoft.de> hopf Elektronik serial
-       line and PCI-bus devices
+    3. [3]Bernd Altmeier <altmeier@atlsoft.de> hopf Elektronik serial line
+       and PCI-bus devices
     4. [4]Viraj Bais <vbais@mailman1.intel.com> and [5]Clayton Kirkwood
        <kirkwood@striderfm.intel.com> port to WindowsNT 3.5
     5. [6]Michael Barone <michael,barone@lmco.com> GPSVME fixes
@@ -84,13 +83,12 @@ This file is automatically generated from html/copyrig
        <Jean-Francois.Boudreault@viagenie.qc.ca> IPv6 support
    12. [13]Reg Clemens <reg@dwf.com> Oncore driver (Current maintainer)
    13. [14]Steve Clift <clift@ml.csiro.au> OMEGA clock driver
-   14. [15]Casey Crellin <casey@csc.co.za> vxWorks (Tornado) port and
-       help with target configuration
+   14. [15]Casey Crellin <casey@csc.co.za> vxWorks (Tornado) port and help
+       with target configuration
    15. [16]Sven Dietrich <sven_dietrich@trimble.com> Palisade reference
        clock driver, NT adj. residuals, integrated Greg's Winnt port.
    16. [17]John A. Dundas III <dundas@salt.jpl.nasa.gov> Apple A/UX port
-   17. [18]Torsten Duwe <duwe@immd4.informatik.uni-erlangen.de> Linux
-       port
+   17. [18]Torsten Duwe <duwe@immd4.informatik.uni-erlangen.de> Linux port
    18. [19]Dennis Ferguson <dennis@mrbill.canet.ca> foundation code for
        NTP Version 2 as specified in RFC-1119
    19. [20]John Hay <jhay@icomtek.csir.co.za> IPv6 support and testing
@@ -122,9 +120,8 @@ This file is automatically generated from html/copyrig
        code for Version 3 as specified in RFC-1305
    36. [39]Danny Mayer <mayer@ntp.org>Network I/O, Windows Port, Code
        Maintenance
-   37. [40]David L. Mills <mills@udel.edu> Version 4 foundation,
-       precision kernel; clock drivers: 1, 3, 4, 6, 7, 11, 13, 18, 19,
-       22, 36
+   37. [40]David L. Mills <mills@udel.edu> Version 4 foundation, precision
+       kernel; clock drivers: 1, 3, 4, 6, 7, 11, 13, 18, 19, 22, 36
    38. [41]Wolfgang Moeller <moeller@gwdgv1.dnet.gwdg.de> VMS port
    39. [42]Jeffrey Mogul <mogul@pa.dec.com> ntptrace utility
    40. [43]Tom Moore <tmoore@fievel.daytonoh.ncr.com> i386 svr4 port
@@ -136,22 +133,18 @@ This file is automatically generated from html/copyrig
    44. [48]Rainer Pruy <Rainer.Pruy@informatik.uni-erlangen.de>
        monitoring/trap scripts, statistics file handling
    45. [49]Dirce Richards <dirce@zk3.dec.com> Digital UNIX V4.0 port
-   46. [50]Wilfredo Sánchez <wsanchez@apple.com> added support for
-       NetInfo
+   46. [50]Wilfredo Sánchez <wsanchez@apple.com> added support for NetInfo
    47. [51]Nick Sayer <mrapple@quack.kfu.com> SunOS streams modules
    48. [52]Jack Sasportas <jack@innovativeinternet.com> Saved a Lot of
        space on the stuff in the html/pic/ subdirectory
    49. [53]Ray Schnitzler <schnitz@unipress.com> Unixware1 port
    50. [54]Michael Shields <shields@tembel.org> USNO clock driver
-   51. [55]Jeff Steinman <jss@pebbles.jpl.nasa.gov> Datum PTS clock
-       driver
+   51. [55]Jeff Steinman <jss@pebbles.jpl.nasa.gov> Datum PTS clock driver
    52. [56]Harlan Stenn <harlan@pfcs.com> GNU automake/autoconfigure
        makeover, various other bits (see the ChangeLog)
    53. [57]Kenneth Stone <ken@sdd.hp.com> HP-UX port
-   54. [58]Ajit Thyagarajan <ajit@ee.udel.edu>IP multicast/anycast
-       support
-   55. [59]Tomoaki TSURUOKA <tsuruoka@nc.fukuoka-u.ac.jp>TRAK clock
-       driver
+   54. [58]Ajit Thyagarajan <ajit@ee.udel.edu>IP multicast/anycast support
+   55. [59]Tomoaki TSURUOKA <tsuruoka@nc.fukuoka-u.ac.jp>TRAK clock driver
    56. [60]Brian Utterback <brian.utterback@oracle.com> General codebase,
        Solaris issues
    57. [61]Loganaden Velvindron <loganaden@gmail.com> Sandboxing
@@ -160,7 +153,7 @@ This file is automatically generated from html/copyrig
        TrueTime clock driver
    59. [63]Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de> corrected and
        validated HTML documents according to the HTML DTD
-     _________________________________________________________________
+     __________________________________________________________________
 
 References
 

Modified: releng/11.2/contrib/ntp/ChangeLog
==============================================================================
--- releng/11.2/contrib/ntp/ChangeLog	Tue May 14 23:02:56 2019	(r347589)
+++ releng/11.2/contrib/ntp/ChangeLog	Tue May 14 23:06:26 2019	(r347590)
@@ -1,5 +1,114 @@
 ---
+(4.2.8p13) 2019/03/07 Released by Harlan Stenn <stenn@ntp.org>
 
+* [Sec 3565] Crafted null dereference attack in authenticated
+	     mode 6 packet <perlinger@ntp.org>
+  - reported by Magnus Stubman
+* [Bug 3560] Fix build when HAVE_DROPROOT is not defined <perlinger@ntp.org>
+  - applied patch by Ian Lepore
+* [Bug 3558] Crash and integer size bug <perlinger@ntp.org>
+  - isolate and fix linux/windows specific code issue
+* [Bug 3556] ntp_loopfilter.c snprintf compilation warnings <perlinger@ntp.org>
+  - provide better function for incremental string formatting
+* [Bug 3555] Tidy up print alignment of debug output from ntpdate <perlinger@ntp.org>
+  - applied patch by Gerry Garvey
+* [Bug 3554] config revoke stores incorrect value <perlinger@ntp.org>
+  - original finding by Gerry Garvey, additional cleanup needed
+* [Bug 3549] Spurious initgroups() error message <perlinger@ntp.org>
+  - patch by Christous Zoulas
+* [Bug 3548] Signature not verified on windows system <perlinger@ntp.org>
+  - finding by Chen Jiabin, plus another one by me
+* [Bug 3541] patch to fix STA_NANO struct timex units <perlinger@ntp.org>
+  - applied patch by Maciej Szmigiero
+* [Bug 3540] Cannot set minsane to 0 anymore <perlinger@ntp.org>
+  - applied patch by Andre Charbonneau
+* [Bug 3539] work_fork build fails when droproot is not supported <perlinger@ntp.org>
+  - applied patch by Baruch Siach
+* [Bug 3538] Build fails for no-MMU targets <perlinger@ntp.org>
+  - applied patch by Baruch Siach
+* [Bug 3535] libparse won't handle GPS week rollover <perlinger@ntp.org>
+  - refactored handling of GPS era based on 'tos basedate' for
+    parse (TSIP) and JUPITER clocks
+* [Bug 3529] Build failures on Mac OS X 10.13 (High Sierra) <perlinger@ntp.org>
+  - patch by Daniel J. Luke; this does not fix a potential linker
+    regression issue on MacOS.
+* [Bug 3527 - Backward Incompatible] mode7 clockinfo fudgeval2 packet
+  anomaly <perlinger@ntp.org>, reported by GGarvey.
+  - --enable-bug3527-fix support by HStenn
+* [Bug 3526] Incorrect poll interval in packet <perlinger@ntp.org>
+  - applied patch by Gerry Garvey
+* [Bug 3471] Check for openssl/[ch]mac.h.  <perlinger@ntp.org>
+  - added missing check, reported by Reinhard Max <perlinger@ntp.org>
+* [Bug 1674] runtime crashes and sync problems affecting both x86 and x86_64
+  - this is a variant of [bug 3558] and should be fixed with it
+* Implement --disable-signalled-io
+
+---
+(4.2.8p12) 2018/08/14 Released by Harlan Stenn <stenn@ntp.org>
+
+* [Sec 3505] CVE-2018-12327 - Arbitrary Code Execution Vulnerability
+  - fixed stack buffer overflow in the openhost() command-line call
+    of NTPQ/NTPDC <perlinger@ntp.org>
+* [Sec 3012] noepeer tweaks.  <stenn@ntp.org>
+* [Bug 3521] Fix a logic bug in the INVALIDNAK checks.  <stenn@ntp.org>
+* [Bug 3509] Add support for running as non-root on FreeBSD, Darwin,
+             other TrustedBSD platforms
+  - applied patch by Ian Lepore <perlinger@ntp.org>
+* [Bug 3506] Service Control Manager interacts poorly with NTPD <perlinger@ntp.org>
+  - changed interaction with SCM to signal pending startup
+* [Bug 3486] Buffer overflow in ntpq/ntpq.c:tstflags() <perlinger@ntp.org>
+  - applied patch by Gerry Garvey
+* [Bug 3485] Undefined sockaddr used in error messages in ntp_config.c <perlinger@ntp.org>
+  - applied patch by Gerry Garvey
+* [Bug 3484] ntpq response from ntpd is incorrect when REFID is null <perlinger@ntp.org>
+  - rework of ntpq 'nextvar()' key/value parsing
+* [Bug 3482] Fixes for compilation warnings (ntp_io.c & ntpq-subs.c) <perlinger@ntp.org>
+  - applied patch by Gerry Garvey (with mods)
+* [Bug 3480] Refclock sample filter not cleared on clock STEP <perlinger@ntp.org>
+  - applied patch by Gerry Garvey
+* [Bug 3479] ctl_putrefid() allows unsafe characters through to ntpq <perlinger@ntp.org>
+  - applied patch by Gerry Garvey (with mods)
+* [Bug 3476]ctl_putstr() sends empty unquoted string [...] <perlinger@ntp.org>
+  - applied patch by Gerry Garvey (with mods); not sure if that's bug or feature, though
+* [Bug 3475] modify prettydate() to suppress output of zero time <perlinger@ntp.org>
+  - applied patch by Gerry Garvey
+* [Bug 3474] Missing pmode in mode7 peer info response <perlinger@ntp.org>
+  - applied patch by Gerry Garvey
+* [Bug 3471] Check for openssl/[ch]mac.h.  HStenn.
+  - add #define ENABLE_CMAC support in configure.  HStenn.
+* [Bug 3470] ntpd4.2.8p11 fails to compile without OpenSSL <perlinger@ntp.org>
+* [Bug 3469] Incomplete string compare [...] in is_refclk_addr <perlinger@ntp.org>
+  - patch by Stephen Friedl
+* [Bug 3467] Potential memory fault in ntpq [...] <perlinger@ntp.org>
+  - fixed IO redirection and CTRL-C handling in ntq and ntpdc
+* [Bug 3465] Default TTL values cannot be used <perlinger@ntp.org>
+* [Bug 3461] refclock_shm.c: clear error status on clock recovery <perlinger@ntp.org>
+  - initial patch by Hal Murray; also fixed refclock_report() trouble
+* [Bug 3460] Fix typo in ntpq.texi, reported by Kenyon Ralph.  <stenn@ntp.org>
+* [Bug 3456] Use uintptr_t rather than size_t to store an integer in a pointer
+  - According to Brooks Davis, there was only one location <perlinger@ntp.org>
+* [Bug 3449] ntpq - display "loop" instead of refid [...] <perlinger@ntp.org>
+  - applied patch by Gerry Garvey
+* [Bug 3445] Symmetric peer won't sync on startup <perlinger@ntp.org>
+  - applied patch by Gerry Garvey
+* [Bug 3442] Fixes for ntpdate as suggested by Gerry Garvey,
+  with modifications
+  New macro REFID_ISTEXT() which is also used in ntpd/ntp_control.c.
+* [Bug 3434] ntpd clears STA_UNSYNC on start <perlinger@ntp.org>
+  - applied patch by Miroslav Lichvar
+* [Bug 3426] ntpdate.html -t default is 2 seconds.  Leonid Evdokimov.
+* [Bug 3121] Drop root privileges for the forked DNS worker <perlinger@ntp.org>
+  - integrated patch by  Reinhard Max
+* [Bug 2821] minor build issues <perlinger@ntp.org>
+  - applied patches by Christos Zoulas, including real bug fixes
+* html/authopt.html: cleanup, from <stenn@ntp.org>
+* ntpd/ntpd.c: DROPROOT cleanup.  <stenn@ntp.org>
+* Symmetric key range is 1-65535.  Update docs.  <stenn@ntp.org>
+* html/authentic.html: cleanup, from <stenn@ntp.org>
+
+---
+(4.2.8p11) 2018/02/27 Released by Harlan Stenn <stenn@ntp.org>
+
 * [Sec 3454] Unauthenticated packet can reset authenticated interleave
   associations.  HStenn.
 * [Sec 3453] Interleaved symmetric mode cannot recover from bad state.  HStenn.
@@ -14,16 +123,16 @@
  - applied patch by Sean Haugh 
 * [Bug 3452] PARSE driver prints uninitialized memory. <perlinger@ntp.org>
 * [Bug 3450] Dubious error messages from plausibility checks in get_systime()
- - removed error log caused by rounding/slew, ensured postcondition <perlinger@ntp.org>
+  - removed error log caused by rounding/slew, ensured postcondition <perlinger@ntp.org>
 * [Bug 3447] AES-128-CMAC (fixes) <perlinger@ntp.org>
   - refactoring the MAC code, too
 * [Bug 3441] Validate the assumption that AF_UNSPEC is 0.  stenn@ntp.org
 * [Bug 3439] When running multiple commands / hosts in ntpq... <perlinger@ntp.org>
- - applied patch by ggarvey
+  - applied patch by ggarvey
 * [Bug 3438] Negative values and values > 999 days in... <perlinger@ntp.org>
- - applied patch by ggarvey (with minor mods)
+  - applied patch by ggarvey (with minor mods)
 * [Bug 3437] ntpd tries to open socket with AF_UNSPEC domain
- - applied patch (with mods) by Miroslav Lichvar <perlinger@ntp.org>
+  - applied patch (with mods) by Miroslav Lichvar <perlinger@ntp.org>
 * [Bug 3435] anchor NTP era alignment <perlinger@ntp.org>
 * [Bug 3433] sntp crashes when run with -a.  <stenn@ntp.org>
 * [Bug 3430] ntpq dumps core (SIGSEGV) for "keytype md2"

Modified: releng/11.2/contrib/ntp/CommitLog
==============================================================================
--- releng/11.2/contrib/ntp/CommitLog	Tue May 14 23:02:56 2019	(r347589)
+++ releng/11.2/contrib/ntp/CommitLog	Tue May 14 23:06:26 2019	(r347590)
@@ -1,363 +1,6898 @@
-ChangeSet@1.3729, 2017-02-01 07:39:35-05:00, stenn@deacon.udel.edu
+ChangeSet@1.3849, 2019-02-20 17:13:36-08:00, harlan@ntp-build.tal1.ntfo.org
+  Update NEWS file
+
+  NEWS@1.200 +3 -0
+    Update NEWS file
+
+ChangeSet@1.3848, 2019-02-20 09:44:58-08:00, harlan@ntp-build.tal1.ntfo.org
+  build system cleanups
+
+  build@1.50 +1 -1
+    build system cleanups
+
+  scripts/build/check--help@1.4 +2 -2
+    build system cleanups
+
+  sntp/libopts/autoopts/options.h@1.31 +1 -1
+    build system cleanups
+
+  sntp/libopts/genshell.h@1.31 +1 -1
+    build system cleanups
+
+ChangeSet@1.3847, 2019-02-18 22:26:26-08:00, harlan@ntp-build.tal1.ntfo.org
+  ChangeLog and NEWS description cleanups
+
+  ChangeLog@1.1971 +4 -4
+    ChangeLog and NEWS description cleanups
+
+  NEWS@1.199 +4 -2
+    ChangeLog and NEWS description cleanups
+
+ChangeSet@1.3844.1.4, 2019-02-18 20:10:25-08:00, harlan@ntp-build.tal1.ntfo.org
+  NEWS file update
+
+  NEWS@1.198 +49 -2
+    NEWS file update
+
+ChangeSet@1.3844.1.3, 2019-02-16 07:36:50+00:00, stenn@stenn.ntp.org
+  Improve messages around signalled IO handling in configure
+
+  sntp/m4/ntp_libntp.m4@1.38 +5 -0
+    Improve messages around signalled IO handling in configure
+
+ChangeSet@1.3844.1.2, 2019-02-15 13:27:05+00:00, stenn@stenn.ntp.org
+  Implement --disable-signalled-io
+
+  ChangeLog@1.1968.1.2 +1 -0
+    Implement --disable-signalled-io
+
+  sntp/m4/ntp_libntp.m4@1.37 +22 -2
+    Implement --disable-signalled-io
+
+ChangeSet@1.3844.1.1, 2019-01-17 04:16:52+00:00, stenn@psp-deb1.ntp.org
+  Cleanup
+
+  ChangeLog@1.1968.1.1 +0 -1
+    Cleanup
+
+ChangeSet@1.3845, 2019-01-16 21:42:59+01:00, perlinger@ntp.org
+  [Sec 3565] null pointer crash by remote attack
+
+  ChangeLog@1.1969 +3 -0
+    [Sec 3565] null pointer crash by remote attack
+
+  ntpd/ntp_control.c@1.233 +17 -9
+    [Sec 3565] null pointer crash by remote attack
+
+ChangeSet@1.3827.1.2, 2018-12-15 13:25:25+00:00, stenn@psp-deb1.ntp.org
+  bug3527 fixes
+
+  ChangeLog@1.1952.1.2 +3 -3
+    bug3527 fixes
+
+  configure.ac@1.614.1.1 +18 -0
+    bug3527 fixes
+
+  ntpd/ntp_request.c@1.129 +7 -4
+    bug3527 fixes
+
+  ntpdc/ntpdc_ops.c@1.85 +8 -3
+    bug3527 fixes
+
+ChangeSet@1.3827.15.1, 2018-12-12 07:37:12+01:00, perlinger@ntp.org
+  [Bug 3560] Fix build when HAVE_DROPROOT is not defined
+
+  ChangeLog@1.1952.15.1 +4 -0
+    [Bug 3560] Fix build when HAVE_DROPROOT is not defined
+
+  libntp/work_fork.c@1.20.2.1 +2 -0
+    [Bug 3560] Fix build when HAVE_DROPROOT is not defined
+
+ChangeSet@1.3827.14.1, 2018-12-11 07:42:01+01:00, perlinger@ntp.org
+  [Bug 3558] Crash and integer size bug
+  [Bug 1674] runtime crashes and sync problems affecting both x86 and x86_64
+   - isolate & fix LP64/LLP64 problem with BANCOMM SDK
+
+  ChangeLog@1.1952.14.1 +6 -0
+    [Bug 3558] Crash and integer size bug
+    [Bug 1674] runtime crashes and sync problems affecting both x86 and x86_64
+     - isolate & fix LP64/LLP64 problem with BANCOMM SDK
+
+  configure.ac@1.615 +1 -0
+    [Bug 3558] Crash and integer size bug
+    [Bug 1674] runtime crashes and sync problems affecting both x86 and x86_64
+     - search for BANCOMM SDK lib
+
+  ntpd/refclock_bancomm.c@1.17 +96 -23
+    [Bug 3558] Crash and integer size bug
+    [Bug 1674] runtime crashes and sync problems affecting both x86 and x86_64
+     - isolate & fix LP64/LLP64 problem with BANCOMM SDK
+
+ChangeSet@1.3827.11.2, 2018-12-05 06:58:13+01:00, perlinger@ntp.org
+  Bug 3556 - ntp_loopfilter.c snprintf compilation warnings
+   - stricter buffer range checks
+
+  libntp/xsbprintf.c@1.2 +11 -13
+    Bug 3556 - ntp_loopfilter.c snprintf compilation warnings
+     - stricter buffer range checks
+
+  tests/libntp/run-sbprintf.c@1.2 +8 -4
+    Bug 3556 - ntp_loopfilter.c snprintf compilation warnings
+     - stricter buffer range checks
+
+  tests/libntp/sbprintf.c@1.2 +28 -0
+    Bug 3556 - ntp_loopfilter.c snprintf compilation warnings
+     - stricter buffer range checks
+
+ChangeSet@1.3827.10.2, 2018-12-03 02:29:24-05:00, stenn@psp-fb1.ntp.org
+  Update Changelog for latest fix for 3471
+
+  ChangeLog@1.1952.10.2 +6 -1
+    Update Changelog for latest fix for 3471
+
+ChangeSet@1.3827.13.1, 2018-12-02 09:05:37+01:00, perlinger@ntp.org
+  [Bug 3555] Tidy up print alignment of debug output from ntpdate
+
+  ChangeLog@1.1952.13.1 +4 -0
+    [Bug 3555] Tidy up print alignment of debug output from ntpdate
+
+  ntpdate/ntpdate.c@1.102 +12 -9
+    [Bug 3555] Tidy up print alignment of debug output from ntpdate
+
+ChangeSet@1.3827.12.1, 2018-12-02 08:17:05+01:00, perlinger@ntp.org
+  [Bug 3554] config revoke stores incorrect value
+   - plus some additional cleanup
+
+  ChangeLog@1.1952.12.1 +4 -0
+    [Bug 3554] config revoke stores incorrect value
+
+  include/ntpd.h@1.204 +2 -2
+    [Bug 3554] config revoke stores incorrect value
+     - sys_{revoke,automax} hold positive log2 value -- unsigned char is enough.
+
+  ntpd/ntp_config.c@1.365.2.1 +12 -3
+    [Bug 3554] config revoke stores incorrect value
+     - sys_{revoke,automax} hold positive log2 value for shift; clamp values
+
+  ntpd/ntp_crypto.c@1.190.1.1 +2 -2
+    [Bug 3554] config revoke stores incorrect value
+     - avoid possible integer truncation
+
+  ntpd/ntp_timer.c@1.97 +4 -4
+    [Bug 3554] config revoke stores incorrect value
+     - sys_{revoke,automax} hold positive log2 value -- unsigned char is enough.
+     - avoid possible integer truncation
+
+ChangeSet@1.3827.11.1, 2018-12-01 12:10:51+01:00, perlinger@ntp.org
+  [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+   - provide better function for incremental string formatting
+
+  ChangeLog@1.1952.11.1 +4 -0
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - provide better function for incremental string formatting
+
+  include/ntp_stdlib.h@1.87 +3 -0
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - provide better API for incremental string formatting
+
+  libntp/Makefile.am@1.82 +1 -0
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - add source of new API for incremental string formatting
+
+  libntp/xsbprintf.c@1.1 +77 -0
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - implement new API for incremental string formatting
+
+  libntp/xsbprintf.c@1.0 +0 -0
+
+  ntpd/ntp_loopfilter.c@1.192 +18 -14
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - use new API for incremental string formatting
+
+  ports/winnt/vs2005/libntp.vcproj@1.27 +4 -0
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - add source of new API for incremental string formatting
+
+  ports/winnt/vs2008/libntp/libntp.vcproj@1.58 +4 -0
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - add source of new API for incremental string formatting
+
+  ports/winnt/vs2013/libntp/libntp.vcxproj@1.14 +3 -2
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - add source of new API for incremental string formatting
+
+  ports/winnt/vs2013/libntp/libntp.vcxproj.filters@1.12 +5 -2
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - add source of new API for incremental string formatting
+
+  ports/winnt/vs2015/libntp/libntp.vcxproj@1.4 +3 -2
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - add source of new API for incremental string formatting
+
+  ports/winnt/vs2015/libntp/libntp.vcxproj.filters@1.4 +5 -2
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - add source of new API for incremental string formatting
+
+  tests/libntp/Makefile.am@1.100 +12 -0
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - add string buffer formatting tests
+
+  tests/libntp/run-sbprintf.c@1.1 +72 -0
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - add string buffer formatting tests
+
+  tests/libntp/run-sbprintf.c@1.0 +0 -0
+
+  tests/libntp/sbprintf.c@1.1 +67 -0
+    [Bug 3556] ntp_loopfilter.c snprintf compilation warnings
+     - add string buffer formatting tests
+
+  tests/libntp/sbprintf.c@1.0 +0 -0
+
+ChangeSet@1.3827.10.1, 2018-11-30 06:34:35+01:00, perlinger@ntp.org
+  [Bug 3471] Check for openssl/[ch]mac.h
+   - added missing check in code
+
+  ChangeLog@1.1952.10.1 +1 -0
+    [Bug 3471] Check for openssl/[ch]mac.h
+     - added missing check in code
+
+  libntp/authreadkeys.c@1.33 +2 -0
+    [Bug 3471] Check for openssl/[ch]mac.h
+     - added missing check in code
+
+ChangeSet@1.3827.9.1, 2018-11-11 12:03:14+01:00, perlinger@ntp.org
+  [Bug 3549] Spurious initgroups() error message
+
+  ChangeLog@1.1952.9.1 +4 -0
+    [Bug 3549] Spurious initgroups() error message
+
+  ntpd/ntpd.c@1.177.2.1 +33 -17
+    [Bug 3549] Spurious initgroups() error message
+     - make 'set_user_group_ids()' idempotent: If we're already there, don't complain.
+
+ChangeSet@1.3827.8.1, 2018-11-11 11:07:23+01:00, perlinger@ntp.org
+  [Bug 3548] Signature not verified on windows system
+
+  ChangeLog@1.1952.8.1 +4 -0
+    [Bug 3548] Signature not verified on windows system
+
+  ntpd/ntp_crypto.c@1.191 +2 -1
+    [Bug 3548] Signature not verified on windows system
+     - ntohl() can be a macro
+
+  sntp/networking.c@1.70 +2 -1
+    [Bug 3548] Signature not verified on windows system
+     - ntohl() can be a macro
+
+ChangeSet@1.3827.7.1, 2018-11-11 09:56:34+01:00, perlinger@ntp.org
+  [Bug 3541] patch to fix STA_NANO struct timex units
+
+  ChangeLog@1.1952.7.1 +4 -0
+    [Bug 3541] patch to fix STA_NANO struct timex units
+
+  ntpd/ntp_control.c@1.232 +9 -7
+    [Bug 3541] patch to fix STA_NANO struct timex units
+
+  ntpdc/ntpdc_ops.c@1.83.1.1 +7 -7
+    [Bug 3541] patch to fix STA_NANO struct timex units
+
+  util/ntptime.c@1.28 +0 -4
+    [Bug 3541] patch to fix STA_NANO struct timex units
+
+ChangeSet@1.3827.6.1, 2018-10-27 11:00:56+02:00, perlinger@ntp.org
+  [Bug 3540] Cannot set minsane to 0 anymore
+
+  ChangeLog@1.1952.6.1 +4 -0
+    [Bug 3540] Cannot set minsane to 0 anymore
+
+  ntpd/ntp_config.c@1.365.1.1 +2 -2
+    [Bug 3540] Cannot set minsane to 0 anymore
+
+ChangeSet@1.3827.5.1, 2018-10-27 10:33:55+02:00, perlinger@ntp.org
+  [Bug 3539] work_fork build fails when droproot is not supported
+
+  ChangeLog@1.1952.5.1 +4 -0
+    [Bug 3539] work_fork build fails when droproot is not supported
+
+  libntp/work_fork.c@1.20.1.1 +2 -0
+    [Bug 3539] work_fork build fails when droproot is not supported
+
+ChangeSet@1.3827.4.1, 2018-10-27 10:23:05+02:00, perlinger@ntp.org
+  [Bug 3538] Build fails for no-MMU targets
+
+  ChangeLog@1.1952.4.1 +4 -0
+    [Bug 3538] Build fails for no-MMU targets
+
+  ntpd/ntpd.c@1.177.1.1 +2 -0
+    [Bug 3538] Build fails for no-MMU targets
+
+ChangeSet@1.3827.3.1, 2018-10-13 08:03:48+02:00, perlinger@ntp.org
+  [Bug 3535] libparse won't handle GPS week rollover
+
+  ChangeLog@1.1952.3.1 +5 -0
+    [Bug 3535] libparse won't handle GPS week rollover
+
+  include/ntp_calendar.h@1.20 +21 -3
+    [Bug 3535] libparse won't handle GPS week rollover
+     - GPS week era support
+
+  include/parse.h@1.15 +0 -1
+    [Bug 3535] libparse won't handle GPS week rollover
+     - remove GPSWRAP definition to avoid lurking uses
+
+  libntp/calyearstart.c@1.7 +1 -1
+    [Bug 3535] libparse won't handle GPS week rollover
+
+  libntp/ntp_calendar.c@1.21 +38 -0
+    [Bug 3535] libparse won't handle GPS week rollover
+     - set GPS base week as first Sunday on or after base date
+
+  libparse/clk_trimtsip.c@1.15 +5 -9
+    [Bug 3535] libparse won't handle GPS week rollover
+     - use centralized week expansion code
+
+  libparse/gpstolfp.c@1.14 +0 -5
+    [Bug 3535] libparse won't handle GPS week rollover
+     - don't try to expand weeks in the conversion
+
+  ntpd/ntp_config.c@1.366 +4 -0
+    [Bug 3535] libparse won't handle GPS week rollover
+     - set basedate based on build stamp if not set explicitely
+
+  ntpd/refclock_jupiter.c@1.32 +1 -56
+    [Bug 3535] libparse won't handle GPS week rollover
+     - use centralized week expansion code instead of local copy
+
+  ntpd/refclock_parse.c@1.87 +1 -2
+    [Bug 3535] libparse won't handle GPS week rollover
+     - use centralized week expansion code
+
+ChangeSet@1.3827.2.1, 2018-10-02 18:03:33+02:00, perlinger@ntp.org
+  [Bug 3529] Build failures on Mac OS X 10.13 (High Sierra)
+
+  ChangeLog@1.1952.2.1 +5 -0
+    [Bug 3529] Build failures on Mac OS X 10.13 (High Sierra)
+
+  libntp/work_fork.c@1.21 +6 -3
+    [Bug 3529] Build failures on Mac OS X 10.13 (High Sierra)
+     - make existence of 'set_user_group_ids()' depend on HAVE_DROPROOT
+
+ChangeSet@1.3827.1.1, 2018-10-02 17:38:18+02:00, perlinger@ntp.org
+  [Bug 3527] fudgeval2 anomaly in mode7 clock info packet
+
+  ChangeLog@1.1952.1.1 +5 -0
+    [Bug 3527] fudgeval2 anomaly in mode7 clock info packet
+
+  ntpd/ntp_request.c@1.128 +5 -0
+    [Bug 3527] fudgeval2 anomaly in mode7 clock info packet
+
+  ntpdc/ntpdc_ops.c@1.84 +4 -0
+    [Bug 3527] fudgeval2 anomaly in mode7 clock info packet
+
+ChangeSet@1.3828, 2018-09-12 22:52:00+02:00, perlinger@ntp.org
+  [Bug 3526] Incorrect poll interval in packet
+
+  ChangeLog@1.1953 +4 -0
+    [Bug 3526] Incorrect poll interval in packet
+
+  ntpd/ntp_proto.c@1.423 +4 -4
+    [Bug 3526] Incorrect poll interval in packet
+
+  ntpd/ntpd.c@1.178 +4 -4
+    [Bug 3526] Incorrect poll interval in packet
+     (side kick: fix function prototypes. C is not C++.)
+
+  sntp/main.c@1.104 +2 -3
+    [Bug 3526] Incorrect poll interval in packet
+     (side kick: fix function prototypes. C is not C++.)
+
+ChangeSet@1.3827, 2018-08-14 08:31:08-04:00, stenn@deacon.udel.edu
+  NTP_4_2_8P12
+  TAG: NTP_4_2_8P12
+
+  ChangeLog@1.1952 +1 -0
+    NTP_4_2_8P12
+
+  ntpd/invoke-ntp.conf.texi@1.217 +1 -1
+    NTP_4_2_8P12
+
+  ntpd/invoke-ntp.keys.texi@1.202 +1 -1
+    NTP_4_2_8P12
+
+  ntpd/invoke-ntpd.texi@1.516 +2 -2
+    NTP_4_2_8P12
+
+  ntpd/ntp.conf.5man@1.251 +3 -3
+    NTP_4_2_8P12
+
+  ntpd/ntp.conf.5mdoc@1.251 +2 -2
+    NTP_4_2_8P12
+
+  ntpd/ntp.conf.html@1.200 +92 -105
+    NTP_4_2_8P12
+
+  ntpd/ntp.conf.man.in@1.251 +3 -3
+    NTP_4_2_8P12
+
+  ntpd/ntp.conf.mdoc.in@1.251 +2 -2
+    NTP_4_2_8P12
+
+  ntpd/ntp.keys.5man@1.236 +2 -2
+    NTP_4_2_8P12
+
+  ntpd/ntp.keys.5mdoc@1.236 +3 -3
+    NTP_4_2_8P12
+
+  ntpd/ntp.keys.html@1.199 +17 -29
+    NTP_4_2_8P12
+
+  ntpd/ntp.keys.man.in@1.236 +2 -2
+    NTP_4_2_8P12
+
+  ntpd/ntp.keys.mdoc.in@1.236 +3 -3
+    NTP_4_2_8P12
+
+  ntpd/ntpd-opts.c@1.538 +7 -7
+    NTP_4_2_8P12
+
+  ntpd/ntpd-opts.h@1.537 +3 -3
+    NTP_4_2_8P12
+
+  ntpd/ntpd.1ntpdman@1.345 +3 -3
+    NTP_4_2_8P12
+
+  ntpd/ntpd.1ntpdmdoc@1.345 +2 -2
+    NTP_4_2_8P12
+
+  ntpd/ntpd.html@1.191 +101 -145
+    NTP_4_2_8P12
+
+  ntpd/ntpd.man.in@1.345 +3 -3
+    NTP_4_2_8P12
+
+  ntpd/ntpd.mdoc.in@1.345 +2 -2
+    NTP_4_2_8P12
+
+  ntpdc/invoke-ntpdc.texi@1.513 +2 -2
+    NTP_4_2_8P12
+
+  ntpdc/ntpdc-opts.c@1.531 +7 -7
+    NTP_4_2_8P12
+
+  ntpdc/ntpdc-opts.h@1.530 +3 -3
+    NTP_4_2_8P12
+
+  ntpdc/ntpdc.1ntpdcman@1.344 +3 -3
+    NTP_4_2_8P12
+
+  ntpdc/ntpdc.1ntpdcmdoc@1.344 +2 -2
+    NTP_4_2_8P12
+
+  ntpdc/ntpdc.html@1.359 +57 -77
+    NTP_4_2_8P12
+
+  ntpdc/ntpdc.man.in@1.344 +3 -3
+    NTP_4_2_8P12
+
+  ntpdc/ntpdc.mdoc.in@1.344 +2 -2
+    NTP_4_2_8P12
+
+  ntpq/invoke-ntpq.texi@1.523 +2 -2
+    NTP_4_2_8P12
+
+  ntpq/ntpq-opts.c@1.540 +7 -7
+    NTP_4_2_8P12
+
+  ntpq/ntpq-opts.h@1.538 +3 -3
+    NTP_4_2_8P12
+
+  ntpq/ntpq.1ntpqman@1.351 +3 -3
+    NTP_4_2_8P12
+
+  ntpq/ntpq.1ntpqmdoc@1.351 +2 -2
+    NTP_4_2_8P12
+
+  ntpq/ntpq.html@1.190 +105 -129
+    NTP_4_2_8P12
+
+  ntpq/ntpq.man.in@1.351 +3 -3
+    NTP_4_2_8P12
+
+  ntpq/ntpq.mdoc.in@1.351 +2 -2
+    NTP_4_2_8P12
+
+  ntpsnmpd/invoke-ntpsnmpd.texi@1.515 +1 -1
+    NTP_4_2_8P12
+
+  ntpsnmpd/ntpsnmpd-opts.c@1.533 +7 -7
+    NTP_4_2_8P12
+
+  ntpsnmpd/ntpsnmpd-opts.h@1.532 +3 -3
+    NTP_4_2_8P12
+
+  ntpsnmpd/ntpsnmpd.1ntpsnmpdman@1.344 +3 -3
+    NTP_4_2_8P12
+
+  ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc@1.344 +2 -2
+    NTP_4_2_8P12
+
+  ntpsnmpd/ntpsnmpd.html@1.185 +10 -14
+    NTP_4_2_8P12
+
+  ntpsnmpd/ntpsnmpd.man.in@1.344 +3 -3
+    NTP_4_2_8P12
+
+  ntpsnmpd/ntpsnmpd.mdoc.in@1.344 +2 -2
+    NTP_4_2_8P12
+
+  packageinfo.sh@1.542 +2 -2
+    NTP_4_2_8P12
+
+  scripts/calc_tickadj/calc_tickadj.1calc_tickadjman@1.105 +3 -3
+    NTP_4_2_8P12
+
+  scripts/calc_tickadj/calc_tickadj.1calc_tickadjmdoc@1.106 +2 -2
+    NTP_4_2_8P12
+
+  scripts/calc_tickadj/calc_tickadj.html@1.106 +1 -1
+    NTP_4_2_8P12
+
+  scripts/calc_tickadj/calc_tickadj.man.in@1.104 +3 -3
+    NTP_4_2_8P12
+
+  scripts/calc_tickadj/calc_tickadj.mdoc.in@1.106 +2 -2
+    NTP_4_2_8P12
+
+  scripts/calc_tickadj/invoke-calc_tickadj.texi@1.109 +1 -1
+    NTP_4_2_8P12
+
+  scripts/invoke-plot_summary.texi@1.127 +2 -2
+    NTP_4_2_8P12
+
+  scripts/invoke-summary.texi@1.126 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntp-wait/invoke-ntp-wait.texi@1.336 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntp-wait/ntp-wait-opts@1.72 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntp-wait/ntp-wait.1ntp-waitman@1.333 +3 -3
+    NTP_4_2_8P12
+
+  scripts/ntp-wait/ntp-wait.1ntp-waitmdoc@1.334 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntp-wait/ntp-wait.html@1.355 +31 -49
+    NTP_4_2_8P12
+
+  scripts/ntp-wait/ntp-wait.man.in@1.333 +3 -3
+    NTP_4_2_8P12
+
+  scripts/ntp-wait/ntp-wait.mdoc.in@1.334 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntpsweep/invoke-ntpsweep.texi@1.124 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntpsweep/ntpsweep-opts@1.74 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntpsweep/ntpsweep.1ntpsweepman@1.112 +3 -3
+    NTP_4_2_8P12
+
+  scripts/ntpsweep/ntpsweep.1ntpsweepmdoc@1.112 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntpsweep/ntpsweep.html@1.127 +33 -44
+    NTP_4_2_8P12
+
+  scripts/ntpsweep/ntpsweep.man.in@1.112 +3 -3
+    NTP_4_2_8P12
+
+  scripts/ntpsweep/ntpsweep.mdoc.in@1.113 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntptrace/invoke-ntptrace.texi@1.125 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntptrace/ntptrace-opts@1.74 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntptrace/ntptrace.1ntptraceman@1.112 +3 -3
+    NTP_4_2_8P12
+
+  scripts/ntptrace/ntptrace.1ntptracemdoc@1.113 +2 -2
+    NTP_4_2_8P12
+
+  scripts/ntptrace/ntptrace.html@1.128 +27 -36
+    NTP_4_2_8P12
+
+  scripts/ntptrace/ntptrace.man.in@1.112 +3 -3
+    NTP_4_2_8P12
+
+  scripts/ntptrace/ntptrace.mdoc.in@1.114 +2 -2
+    NTP_4_2_8P12
+
+  scripts/plot_summary-opts@1.75 +2 -2
+    NTP_4_2_8P12
+
+  scripts/plot_summary.1plot_summaryman@1.125 +3 -3
+    NTP_4_2_8P12
+
+  scripts/plot_summary.1plot_summarymdoc@1.125 +2 -2
+    NTP_4_2_8P12
+
+  scripts/plot_summary.html@1.130 +29 -47
+    NTP_4_2_8P12
+
+  scripts/plot_summary.man.in@1.125 +3 -3
+    NTP_4_2_8P12
+
+  scripts/plot_summary.mdoc.in@1.125 +2 -2
+    NTP_4_2_8P12
+
+  scripts/summary-opts@1.74 +2 -2
+    NTP_4_2_8P12
+
+  scripts/summary.1summaryman@1.124 +3 -3
+    NTP_4_2_8P12
+
+  scripts/summary.1summarymdoc@1.124 +2 -2
+    NTP_4_2_8P12
+
+  scripts/summary.html@1.129 +27 -39
+    NTP_4_2_8P12
+
+  scripts/summary.man.in@1.124 +3 -3
+    NTP_4_2_8P12
+
+  scripts/summary.mdoc.in@1.124 +2 -2
+    NTP_4_2_8P12
+
+  scripts/update-leap/invoke-update-leap.texi@1.25 +1 -1
+    NTP_4_2_8P12
+
+  scripts/update-leap/update-leap-opts@1.25 +2 -2
+    NTP_4_2_8P12
+
+  scripts/update-leap/update-leap.1update-leapman@1.25 +3 -3
+    NTP_4_2_8P12
+
+  scripts/update-leap/update-leap.1update-leapmdoc@1.25 +2 -2
+    NTP_4_2_8P12
+
+  scripts/update-leap/update-leap.html@1.27 +35 -59
+    NTP_4_2_8P12
+
+  scripts/update-leap/update-leap.man.in@1.25 +3 -3
+    NTP_4_2_8P12
+
+  scripts/update-leap/update-leap.mdoc.in@1.25 +2 -2
+    NTP_4_2_8P12
+
+  sntp/invoke-sntp.texi@1.515 +23 -27
+    NTP_4_2_8P12
+
+  sntp/sntp-opts.c@1.534 +7 -7
+    NTP_4_2_8P12
+
+  sntp/sntp-opts.h@1.532 +3 -3
+    NTP_4_2_8P12
+
+  sntp/sntp.1sntpman@1.350 +3 -3
+    NTP_4_2_8P12
+
+  sntp/sntp.1sntpmdoc@1.350 +2 -2
+    NTP_4_2_8P12
+
+  sntp/sntp.html@1.531 +106 -134
+    NTP_4_2_8P12
+
+  sntp/sntp.man.in@1.350 +3 -3
+    NTP_4_2_8P12
+
+  sntp/sntp.mdoc.in@1.350 +2 -2
+    NTP_4_2_8P12
+
+  util/invoke-ntp-keygen.texi@1.518 +2 -2
+    NTP_4_2_8P12
+
+  util/ntp-keygen-opts.c@1.536 +7 -7
+    NTP_4_2_8P12
+
+  util/ntp-keygen-opts.h@1.534 +3 -3
+    NTP_4_2_8P12
+
+  util/ntp-keygen.1ntp-keygenman@1.346 +3 -3
+    NTP_4_2_8P12
+
+  util/ntp-keygen.1ntp-keygenmdoc@1.346 +2 -2
+    NTP_4_2_8P12
+
+  util/ntp-keygen.html@1.191 +148 -206
+    NTP_4_2_8P12
+
+  util/ntp-keygen.man.in@1.346 +3 -3
+    NTP_4_2_8P12
+
+  util/ntp-keygen.mdoc.in@1.346 +2 -2
+    NTP_4_2_8P12
+
+ChangeSet@1.3826, 2018-08-14 07:16:23-04:00, stenn@deacon.udel.edu
+  Trigger the release of ntp-4.2.8p12
+
+  packageinfo.sh@1.541 +1 -1
+    Trigger the release of ntp-4.2.8p12
+
+ChangeSet@1.3825, 2018-08-13 04:31:37+00:00, stenn@psp-deb1.ntp.org
+  NEWS update
+
+  NEWS@1.197 +1 -1
+    NEWS update
+
+ChangeSet@1.3812.1.10, 2018-08-04 10:31:58+00:00, stenn@psp-deb1.ntp.org
+  [Bug 3521] Fix a logic bug in the INVALIDNAK checks
+
+  ChangeLog@1.1942.1.9 +1 -0
+    [Bug 3521] Fix a logic bug in the INVALIDNAK checks
+
+  NEWS@1.192.1.2 +1 -0
+    [Bug 3521] Fix a logic bug in the INVALIDNAK checks
+
+  ntpd/ntp_proto.c@1.422 +46 -35
+    [Bug 3521] Fix a logic bug in the INVALIDNAK checks
+
+ChangeSet@1.3823, 2018-07-28 05:03:57+00:00, stenn@psp-deb1.ntp.org

*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***

From owner-svn-src-releng@freebsd.org  Tue May 14 23:10:23 2019
Return-Path: <owner-svn-src-releng@freebsd.org>
Delivered-To: svn-src-releng@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 31FE4159BC1B;
 Tue, 14 May 2019 23:10:23 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id CA4CB892DE;
 Tue, 14 May 2019 23:10:22 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id A443E27B40;
 Tue, 14 May 2019 23:10:22 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x4ENAMRK053738;
 Tue, 14 May 2019 23:10:22 GMT (envelope-from gordon@FreeBSD.org)
Received: (from gordon@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id x4ENAMtQ053736;
 Tue, 14 May 2019 23:10:22 GMT (envelope-from gordon@FreeBSD.org)
Message-Id: <201905142310.x4ENAMtQ053736@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: gordon set sender to
 gordon@FreeBSD.org using -f
From: Gordon Tetlow <gordon@FreeBSD.org>
Date: Tue, 14 May 2019 23:10:22 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-releng@freebsd.org
Subject: svn commit: r347591 - in releng: 11.2/sys/netpfil/pf
 12.0/sys/netpfil/pf
X-SVN-Group: releng
X-SVN-Commit-Author: gordon
X-SVN-Commit-Paths: in releng: 11.2/sys/netpfil/pf 12.0/sys/netpfil/pf
X-SVN-Commit-Revision: 347591
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: CA4CB892DE
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.97 / 15.00];
 local_wl_from(0.00)[FreeBSD.org];
 NEURAL_HAM_MEDIUM(-1.00)[-0.998,0];
 NEURAL_HAM_LONG(-1.00)[-1.000,0];
 NEURAL_HAM_SHORT(-0.97)[-0.970,0];
 ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]
X-BeenThere: svn-src-releng@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the release engineering / security commits to
 the src tree <svn-src-releng.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-releng>, 
 <mailto:svn-src-releng-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-releng/>
List-Post: <mailto:svn-src-releng@freebsd.org>
List-Help: <mailto:svn-src-releng-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-releng>,
 <mailto:svn-src-releng-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 14 May 2019 23:10:23 -0000

Author: gordon
Date: Tue May 14 23:10:21 2019
New Revision: 347591
URL: https://svnweb.freebsd.org/changeset/base/347591

Log:
  Fix IPv6 fragment reassembly panic in pf
  
  Approved by:	so
  Security:	FreeBSD-SA-19:05.pf
  Security:	CVE-2019-5597

Modified:
  releng/11.2/sys/netpfil/pf/pf_norm.c
  releng/12.0/sys/netpfil/pf/pf_norm.c

Modified: releng/11.2/sys/netpfil/pf/pf_norm.c
==============================================================================
--- releng/11.2/sys/netpfil/pf/pf_norm.c	Tue May 14 23:06:26 2019	(r347590)
+++ releng/11.2/sys/netpfil/pf/pf_norm.c	Tue May 14 23:10:21 2019	(r347591)
@@ -652,11 +652,11 @@ pf_reassemble6(struct mbuf **m0, struct ip6_hdr *ip6, 
 	}
 
 	/* We have all the data. */
+	frent = TAILQ_FIRST(&frag->fr_queue);
+	KASSERT(frent != NULL, ("frent != NULL"));
 	extoff = frent->fe_extoff;
 	maxlen = frag->fr_maxlen;
 	frag_id = frag->fr_id;
-	frent = TAILQ_FIRST(&frag->fr_queue);
-	KASSERT(frent != NULL, ("frent != NULL"));
 	total = TAILQ_LAST(&frag->fr_queue, pf_fragq)->fe_off +
 		TAILQ_LAST(&frag->fr_queue, pf_fragq)->fe_len;
 	hdrlen = frent->fe_hdrlen - sizeof(struct ip6_frag);

Modified: releng/12.0/sys/netpfil/pf/pf_norm.c
==============================================================================
--- releng/12.0/sys/netpfil/pf/pf_norm.c	Tue May 14 23:06:26 2019	(r347590)
+++ releng/12.0/sys/netpfil/pf/pf_norm.c	Tue May 14 23:10:21 2019	(r347591)
@@ -668,11 +668,11 @@ pf_reassemble6(struct mbuf **m0, struct ip6_hdr *ip6, 
 	}
 
 	/* We have all the data. */
+	frent = TAILQ_FIRST(&frag->fr_queue);
+	KASSERT(frent != NULL, ("frent != NULL"));
 	extoff = frent->fe_extoff;
 	maxlen = frag->fr_maxlen;
 	frag_id = frag->fr_id;
-	frent = TAILQ_FIRST(&frag->fr_queue);
-	KASSERT(frent != NULL, ("frent != NULL"));
 	total = TAILQ_LAST(&frag->fr_queue, pf_fragq)->fe_off +
 		TAILQ_LAST(&frag->fr_queue, pf_fragq)->fe_len;
 	hdrlen = frent->fe_hdrlen - sizeof(struct ip6_frag);

From owner-svn-src-releng@freebsd.org  Tue May 14 23:12:28 2019
Return-Path: <owner-svn-src-releng@freebsd.org>
Delivered-To: svn-src-releng@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id E0C67159BEA2;
 Tue, 14 May 2019 23:12:27 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 7CB4A89775;
 Tue, 14 May 2019 23:12:27 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 58A4D27CD1;
 Tue, 14 May 2019 23:12:23 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x4ENCNHb058468;
 Tue, 14 May 2019 23:12:23 GMT (envelope-from gordon@FreeBSD.org)
Received: (from gordon@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id x4ENCMrM058466;
 Tue, 14 May 2019 23:12:22 GMT (envelope-from gordon@FreeBSD.org)
Message-Id: <201905142312.x4ENCMrM058466@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: gordon set sender to
 gordon@FreeBSD.org using -f
From: Gordon Tetlow <gordon@FreeBSD.org>
Date: Tue, 14 May 2019 23:12:22 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-releng@freebsd.org
Subject: svn commit: r347593 - in releng: 11.2/sys/netpfil/pf
 12.0/sys/netpfil/pf
X-SVN-Group: releng
X-SVN-Commit-Author: gordon
X-SVN-Commit-Paths: in releng: 11.2/sys/netpfil/pf 12.0/sys/netpfil/pf
X-SVN-Commit-Revision: 347593
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: 7CB4A89775
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.97 / 15.00];
 local_wl_from(0.00)[FreeBSD.org];
 NEURAL_HAM_MEDIUM(-1.00)[-0.998,0];
 NEURAL_HAM_SHORT(-0.97)[-0.971,0];
 ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US];
 NEURAL_HAM_LONG(-1.00)[-1.000,0]
X-BeenThere: svn-src-releng@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the release engineering / security commits to
 the src tree <svn-src-releng.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-releng>, 
 <mailto:svn-src-releng-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-releng/>
List-Post: <mailto:svn-src-releng@freebsd.org>
List-Help: <mailto:svn-src-releng-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-releng>,
 <mailto:svn-src-releng-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 14 May 2019 23:12:28 -0000

Author: gordon
Date: Tue May 14 23:12:22 2019
New Revision: 347593
URL: https://svnweb.freebsd.org/changeset/base/347593

Log:
  Fix ICMP/ICMP6 packet filter bypass in pf.
  
  Approved by:	so
  Security:	FreeBSD-SA-19:06.pf
  Security:	CVE-2019-5598

Modified:
  releng/11.2/sys/netpfil/pf/pf.c
  releng/12.0/sys/netpfil/pf/pf.c

Modified: releng/11.2/sys/netpfil/pf/pf.c
==============================================================================
--- releng/11.2/sys/netpfil/pf/pf.c	Tue May 14 23:12:14 2019	(r347592)
+++ releng/11.2/sys/netpfil/pf/pf.c	Tue May 14 23:12:22 2019	(r347593)
@@ -4550,7 +4550,7 @@ pf_test_state_icmp(struct pf_state **state, int direct
 {
 	struct pf_addr  *saddr = pd->src, *daddr = pd->dst;
 	u_int16_t	 icmpid = 0, *icmpsum;
-	u_int8_t	 icmptype;
+	u_int8_t	 icmptype, icmpcode;
 	int		 state_icmp = 0;
 	struct pf_state_key_cmp key;
 
@@ -4559,6 +4559,7 @@ pf_test_state_icmp(struct pf_state **state, int direct
 #ifdef INET
 	case IPPROTO_ICMP:
 		icmptype = pd->hdr.icmp->icmp_type;
+		icmpcode = pd->hdr.icmp->icmp_code;
 		icmpid = pd->hdr.icmp->icmp_id;
 		icmpsum = &pd->hdr.icmp->icmp_cksum;
 
@@ -4573,6 +4574,7 @@ pf_test_state_icmp(struct pf_state **state, int direct
 #ifdef INET6
 	case IPPROTO_ICMPV6:
 		icmptype = pd->hdr.icmp6->icmp6_type;
+		icmpcode = pd->hdr.icmp6->icmp6_code;
 		icmpid = pd->hdr.icmp6->icmp6_id;
 		icmpsum = &pd->hdr.icmp6->icmp6_cksum;
 
@@ -4771,6 +4773,23 @@ pf_test_state_icmp(struct pf_state **state, int direct
 #endif /* INET6 */
 		}
 
+		if (PF_ANEQ(pd->dst, pd2.src, pd->af)) {
+			if (V_pf_status.debug >= PF_DEBUG_MISC) {
+				printf("pf: BAD ICMP %d:%d outer dst: ",
+				    icmptype, icmpcode);
+				pf_print_host(pd->src, 0, pd->af);
+				printf(" -> ");
+				pf_print_host(pd->dst, 0, pd->af);
+				printf(" inner src: ");
+				pf_print_host(pd2.src, 0, pd2.af);
+				printf(" -> ");
+				pf_print_host(pd2.dst, 0, pd2.af);
+				printf("\n");
+			}
+			REASON_SET(reason, PFRES_BADSTATE);
+			return (PF_DROP);
+		}
+
 		switch (pd2.proto) {
 		case IPPROTO_TCP: {
 			struct tcphdr		 th;
@@ -4827,7 +4846,7 @@ pf_test_state_icmp(struct pf_state **state, int direct
 			    !SEQ_GEQ(seq, src->seqlo - (dst->max_win << dws)))) {
 				if (V_pf_status.debug >= PF_DEBUG_MISC) {
 					printf("pf: BAD ICMP %d:%d ",
-					    icmptype, pd->hdr.icmp->icmp_code);
+					    icmptype, icmpcode);
 					pf_print_host(pd->src, 0, pd->af);
 					printf(" -> ");
 					pf_print_host(pd->dst, 0, pd->af);
@@ -4840,7 +4859,7 @@ pf_test_state_icmp(struct pf_state **state, int direct
 			} else {
 				if (V_pf_status.debug >= PF_DEBUG_MISC) {
 					printf("pf: OK ICMP %d:%d ",
-					    icmptype, pd->hdr.icmp->icmp_code);
+					    icmptype, icmpcode);
 					pf_print_host(pd->src, 0, pd->af);
 					printf(" -> ");
 					pf_print_host(pd->dst, 0, pd->af);

Modified: releng/12.0/sys/netpfil/pf/pf.c
==============================================================================
--- releng/12.0/sys/netpfil/pf/pf.c	Tue May 14 23:12:14 2019	(r347592)
+++ releng/12.0/sys/netpfil/pf/pf.c	Tue May 14 23:12:22 2019	(r347593)
@@ -4588,7 +4588,7 @@ pf_test_state_icmp(struct pf_state **state, int direct
 {
 	struct pf_addr  *saddr = pd->src, *daddr = pd->dst;
 	u_int16_t	 icmpid = 0, *icmpsum;
-	u_int8_t	 icmptype;
+	u_int8_t	 icmptype, icmpcode;
 	int		 state_icmp = 0;
 	struct pf_state_key_cmp key;
 
@@ -4597,6 +4597,7 @@ pf_test_state_icmp(struct pf_state **state, int direct
 #ifdef INET
 	case IPPROTO_ICMP:
 		icmptype = pd->hdr.icmp->icmp_type;
+		icmpcode = pd->hdr.icmp->icmp_code;
 		icmpid = pd->hdr.icmp->icmp_id;
 		icmpsum = &pd->hdr.icmp->icmp_cksum;
 
@@ -4611,6 +4612,7 @@ pf_test_state_icmp(struct pf_state **state, int direct
 #ifdef INET6
 	case IPPROTO_ICMPV6:
 		icmptype = pd->hdr.icmp6->icmp6_type;
+		icmpcode = pd->hdr.icmp6->icmp6_code;
 		icmpid = pd->hdr.icmp6->icmp6_id;
 		icmpsum = &pd->hdr.icmp6->icmp6_cksum;
 
@@ -4809,6 +4811,23 @@ pf_test_state_icmp(struct pf_state **state, int direct
 #endif /* INET6 */
 		}
 
+		if (PF_ANEQ(pd->dst, pd2.src, pd->af)) {
+			if (V_pf_status.debug >= PF_DEBUG_MISC) {
+				printf("pf: BAD ICMP %d:%d outer dst: ",
+				    icmptype, icmpcode);
+				pf_print_host(pd->src, 0, pd->af);
+				printf(" -> ");
+				pf_print_host(pd->dst, 0, pd->af);
+				printf(" inner src: ");
+				pf_print_host(pd2.src, 0, pd2.af);
+				printf(" -> ");
+				pf_print_host(pd2.dst, 0, pd2.af);
+				printf("\n");
+			}
+			REASON_SET(reason, PFRES_BADSTATE);
+			return (PF_DROP);
+		}
+
 		switch (pd2.proto) {
 		case IPPROTO_TCP: {
 			struct tcphdr		 th;
@@ -4865,7 +4884,7 @@ pf_test_state_icmp(struct pf_state **state, int direct
 			    !SEQ_GEQ(seq, src->seqlo - (dst->max_win << dws)))) {
 				if (V_pf_status.debug >= PF_DEBUG_MISC) {
 					printf("pf: BAD ICMP %d:%d ",
-					    icmptype, pd->hdr.icmp->icmp_code);
+					    icmptype, icmpcode);
 					pf_print_host(pd->src, 0, pd->af);
 					printf(" -> ");
 					pf_print_host(pd->dst, 0, pd->af);
@@ -4878,7 +4897,7 @@ pf_test_state_icmp(struct pf_state **state, int direct
 			} else {
 				if (V_pf_status.debug >= PF_DEBUG_MISC) {
 					printf("pf: OK ICMP %d:%d ",
-					    icmptype, pd->hdr.icmp->icmp_code);
+					    icmptype, icmpcode);
 					pf_print_host(pd->src, 0, pd->af);
 					printf(" -> ");
 					pf_print_host(pd->dst, 0, pd->af);

From owner-svn-src-releng@freebsd.org  Tue May 14 23:19:12 2019
Return-Path: <owner-svn-src-releng@freebsd.org>
Delivered-To: svn-src-releng@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 685F4159C076;
 Tue, 14 May 2019 23:19:12 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 166508999F;
 Tue, 14 May 2019 23:19:12 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id DE98727CE4;
 Tue, 14 May 2019 23:19:11 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x4ENJBVc058895;
 Tue, 14 May 2019 23:19:11 GMT (envelope-from gordon@FreeBSD.org)
Received: (from gordon@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id x4ENJ82G058878;
 Tue, 14 May 2019 23:19:08 GMT (envelope-from gordon@FreeBSD.org)
Message-Id: <201905142319.x4ENJ82G058878@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: gordon set sender to
 gordon@FreeBSD.org using -f
From: Gordon Tetlow <gordon@FreeBSD.org>
Date: Tue, 14 May 2019 23:19:08 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-releng@freebsd.org
Subject: svn commit: r347594 - in releng/12.0/sys: amd64/amd64 amd64/include
 dev/cpuctl i386/i386 i386/include x86/include x86/x86
X-SVN-Group: releng
X-SVN-Commit-Author: gordon
X-SVN-Commit-Paths: in releng/12.0/sys: amd64/amd64 amd64/include dev/cpuctl
 i386/i386 i386/include x86/include x86/x86
X-SVN-Commit-Revision: 347594
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: 166508999F
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.97 / 15.00];
 local_wl_from(0.00)[FreeBSD.org];
 NEURAL_HAM_MEDIUM(-1.00)[-0.997,0];
 NEURAL_HAM_LONG(-1.00)[-1.000,0];
 NEURAL_HAM_SHORT(-0.97)[-0.974,0];
 ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]
X-BeenThere: svn-src-releng@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the release engineering / security commits to
 the src tree <svn-src-releng.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-releng>, 
 <mailto:svn-src-releng-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-releng/>
List-Post: <mailto:svn-src-releng@freebsd.org>
List-Help: <mailto:svn-src-releng-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-releng>,
 <mailto:svn-src-releng-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 14 May 2019 23:19:12 -0000

Author: gordon
Date: Tue May 14 23:19:08 2019
New Revision: 347594
URL: https://svnweb.freebsd.org/changeset/base/347594

Log:
  Mitigations for Microarchitectural Data Sampling.
  
  Approved by:	so
  Security:	FreeBSD-SA-19:07.mds
  Security:	CVE-2018-12126
  Security:	CVE-2018-12127
  Security:	CVE-2018-12130
  Security:	CVE-2019-11091

Modified:
  releng/12.0/sys/amd64/amd64/exception.S
  releng/12.0/sys/amd64/amd64/genassym.c
  releng/12.0/sys/amd64/amd64/initcpu.c
  releng/12.0/sys/amd64/amd64/machdep.c
  releng/12.0/sys/amd64/amd64/support.S
  releng/12.0/sys/amd64/include/pcpu.h
  releng/12.0/sys/dev/cpuctl/cpuctl.c
  releng/12.0/sys/i386/i386/exception.s
  releng/12.0/sys/i386/i386/genassym.c
  releng/12.0/sys/i386/i386/initcpu.c
  releng/12.0/sys/i386/i386/support.s
  releng/12.0/sys/i386/include/pcpu.h
  releng/12.0/sys/x86/include/specialreg.h
  releng/12.0/sys/x86/include/x86_var.h
  releng/12.0/sys/x86/x86/cpu_machdep.c

Modified: releng/12.0/sys/amd64/amd64/exception.S
==============================================================================
--- releng/12.0/sys/amd64/amd64/exception.S	Tue May 14 23:12:22 2019	(r347593)
+++ releng/12.0/sys/amd64/amd64/exception.S	Tue May 14 23:19:08 2019	(r347594)
@@ -512,6 +512,7 @@ fast_syscall_common:
 	testl	$TDF_ASTPENDING | TDF_NEEDRESCHED,TD_FLAGS(%rax)
 	jne	3f
 	call	handle_ibrs_exit
+	callq	*mds_handler
 	/* Restore preserved registers. */
 	MEXITCOUNT
 	movq	TF_RDI(%rsp),%rdi	/* bonus; preserve arg 1 */
@@ -1157,6 +1158,7 @@ ld_regs:
 	jz	2f			/* keep running with kernel GS.base */
 	cli
 	call	handle_ibrs_exit_rs
+	callq	*mds_handler
 	cmpq	$~0,PCPU(UCR3)
 	je	1f
 	pushq	%rdx

Modified: releng/12.0/sys/amd64/amd64/genassym.c
==============================================================================
--- releng/12.0/sys/amd64/amd64/genassym.c	Tue May 14 23:12:22 2019	(r347593)
+++ releng/12.0/sys/amd64/amd64/genassym.c	Tue May 14 23:19:08 2019	(r347594)
@@ -233,6 +233,9 @@ ASSYM(PC_PTI_STACK, offsetof(struct pcpu, pc_pti_stack
 ASSYM(PC_PTI_STACK_SZ, PC_PTI_STACK_SZ);
 ASSYM(PC_PTI_RSP0, offsetof(struct pcpu, pc_pti_rsp0));
 ASSYM(PC_IBPB_SET, offsetof(struct pcpu, pc_ibpb_set));
+ASSYM(PC_MDS_TMP, offsetof(struct pcpu, pc_mds_tmp));
+ASSYM(PC_MDS_BUF, offsetof(struct pcpu, pc_mds_buf));
+ASSYM(PC_MDS_BUF64, offsetof(struct pcpu, pc_mds_buf64));
  
 ASSYM(LA_EOI, LAPIC_EOI * LAPIC_MEM_MUL);
 ASSYM(LA_ISR, LAPIC_ISR0 * LAPIC_MEM_MUL);

Modified: releng/12.0/sys/amd64/amd64/initcpu.c
==============================================================================
--- releng/12.0/sys/amd64/amd64/initcpu.c	Tue May 14 23:12:22 2019	(r347593)
+++ releng/12.0/sys/amd64/amd64/initcpu.c	Tue May 14 23:19:08 2019	(r347594)
@@ -253,6 +253,7 @@ initializecpu(void)
 	}
 	hw_ibrs_recalculate();
 	hw_ssb_recalculate(false);
+	hw_mds_recalculate();
 	switch (cpu_vendor_id) {
 	case CPU_VENDOR_AMD:
 		init_amd();

Modified: releng/12.0/sys/amd64/amd64/machdep.c
==============================================================================
--- releng/12.0/sys/amd64/amd64/machdep.c	Tue May 14 23:12:22 2019	(r347593)
+++ releng/12.0/sys/amd64/amd64/machdep.c	Tue May 14 23:19:08 2019	(r347594)
@@ -1878,6 +1878,7 @@ hammer_time(u_int64_t modulep, u_int64_t physfree)
 
 	TUNABLE_INT_FETCH("hw.ibrs_disable", &hw_ibrs_disable);
 	TUNABLE_INT_FETCH("hw.spec_store_bypass_disable", &hw_ssb_disable);
+	TUNABLE_INT_FETCH("hw.mds_disable", &hw_mds_disable);
 
 	TSEXIT();
 

Modified: releng/12.0/sys/amd64/amd64/support.S
==============================================================================
--- releng/12.0/sys/amd64/amd64/support.S	Tue May 14 23:12:22 2019	(r347593)
+++ releng/12.0/sys/amd64/amd64/support.S	Tue May 14 23:19:08 2019	(r347594)
@@ -1,8 +1,13 @@
 /*-
+ * Copyright (c) 2018-2019 The FreeBSD Foundation
  * Copyright (c) 2003 Peter Wemm.
  * Copyright (c) 1993 The Regents of the University of California.
  * All rights reserved.
  *
+ * Portions of this software were developed by
+ * Konstantin Belousov <kib@FreeBSD.org> under sponsorship from
+ * the FreeBSD Foundation.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -1586,3 +1591,246 @@ ENTRY(flush_l1d_sw)
 	ret
 #undef	L1D_FLUSH_SIZE
 END(flush_l1d_sw)
+
+ENTRY(mds_handler_void)
+	retq
+END(mds_handler_void)
+
+ENTRY(mds_handler_verw)
+	subq	$8, %rsp
+	movw	%ds, (%rsp)
+	verw	(%rsp)
+	addq	$8, %rsp
+	retq
+END(mds_handler_verw)
+
+ENTRY(mds_handler_ivb)
+	pushq	%rax
+	pushq	%rdx
+	pushq	%rcx
+
+	movq	%cr0, %rax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movq	PCPU(MDS_BUF), %rdx
+	movdqa	%xmm0, PCPU(MDS_TMP)
+	pxor	%xmm0, %xmm0
+
+	lfence
+	orpd	(%rdx), %xmm0
+	orpd	(%rdx), %xmm0
+	mfence
+	movl	$40, %ecx
+	addq	$16, %rdx
+2:	movntdq	%xmm0, (%rdx)
+	addq	$16, %rdx
+	decl	%ecx
+	jnz	2b
+	mfence
+
+	movdqa	PCPU(MDS_TMP),%xmm0
+	testb	$CR0_TS, %al
+	je	3f
+	movq	%rax, %cr0
+3:	popq	%rcx
+	popq	%rdx
+	popq	%rax
+	retq
+END(mds_handler_ivb)
+
+ENTRY(mds_handler_bdw)
+	pushq	%rax
+	pushq	%rbx
+	pushq	%rcx
+	pushq	%rdi
+	pushq	%rsi
+
+	movq	%cr0, %rax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movq	PCPU(MDS_BUF), %rbx
+	movdqa	%xmm0, PCPU(MDS_TMP)
+	pxor	%xmm0, %xmm0
+
+	movq	%rbx, %rdi
+	movq	%rbx, %rsi
+	movl	$40, %ecx
+2:	movntdq	%xmm0, (%rbx)
+	addq	$16, %rbx
+	decl	%ecx
+	jnz	2b
+	mfence
+	movl	$1536, %ecx
+	rep; movsb
+	lfence
+
+	movdqa	PCPU(MDS_TMP),%xmm0
+	testb	$CR0_TS, %al
+	je	3f
+	movq	%rax, %cr0
+3:	popq	%rsi
+	popq	%rdi
+	popq	%rcx
+	popq	%rbx
+	popq	%rax
+	retq
+END(mds_handler_bdw)
+
+ENTRY(mds_handler_skl_sse)
+	pushq	%rax
+	pushq	%rdx
+	pushq	%rcx
+	pushq	%rdi
+
+	movq	%cr0, %rax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movq	PCPU(MDS_BUF), %rdi
+	movq	PCPU(MDS_BUF64), %rdx
+	movdqa	%xmm0, PCPU(MDS_TMP)
+	pxor	%xmm0, %xmm0
+
+	lfence
+	orpd	(%rdx), %xmm0
+	orpd	(%rdx), %xmm0
+	xorl	%eax, %eax
+2:	clflushopt	5376(%rdi, %rax, 8)
+	addl	$8, %eax
+	cmpl	$8 * 12, %eax
+	jb	2b
+	sfence
+	movl	$6144, %ecx
+	xorl	%eax, %eax
+	rep; stosb
+	mfence
+
+	movdqa	PCPU(MDS_TMP), %xmm0
+	testb	$CR0_TS, %al
+	je	3f
+	movq	%rax, %cr0
+3:	popq	%rdi
+	popq	%rcx
+	popq	%rdx
+	popq	%rax
+	retq
+END(mds_handler_skl_sse)
+
+ENTRY(mds_handler_skl_avx)
+	pushq	%rax
+	pushq	%rdx
+	pushq	%rcx
+	pushq	%rdi
+
+	movq	%cr0, %rax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movq	PCPU(MDS_BUF), %rdi
+	movq	PCPU(MDS_BUF64), %rdx
+	vmovdqa	%ymm0, PCPU(MDS_TMP)
+	vpxor	%ymm0, %ymm0, %ymm0
+
+	lfence
+	vorpd	(%rdx), %ymm0, %ymm0
+	vorpd	(%rdx), %ymm0, %ymm0
+	xorl	%eax, %eax
+2:	clflushopt	5376(%rdi, %rax, 8)
+	addl	$8, %eax
+	cmpl	$8 * 12, %eax
+	jb	2b
+	sfence
+	movl	$6144, %ecx
+	xorl	%eax, %eax
+	rep; stosb
+	mfence
+
+	vmovdqa	PCPU(MDS_TMP), %ymm0
+	testb	$CR0_TS, %al
+	je	3f
+	movq	%rax, %cr0
+3:	popq	%rdi
+	popq	%rcx
+	popq	%rdx
+	popq	%rax
+	retq
+END(mds_handler_skl_avx)
+
+ENTRY(mds_handler_skl_avx512)
+	pushq	%rax
+	pushq	%rdx
+	pushq	%rcx
+	pushq	%rdi
+
+	movq	%cr0, %rax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movq	PCPU(MDS_BUF), %rdi
+	movq	PCPU(MDS_BUF64), %rdx
+/*	vmovdqa64	%zmm0, PCPU(MDS_TMP) */
+	.byte	0x65, 0x62, 0xf1, 0xfd, 0x48, 0x7f, 0x04, 0x25
+	.long	PC_MDS_TMP
+/*	vpxor	%zmm0, %zmm0, %zmm0 */
+	.byte	0x62, 0xf1, 0xfd, 0x48, 0xef, 0xc0
+
+	lfence
+/*	vorpd	(%rdx), %zmm0, %zmm0 */
+	.byte	0x62, 0xf1, 0xfd, 0x48, 0x56, 0x02
+/*	vorpd	(%rdx), %zmm0, %zmm0 */
+	.byte	0x62, 0xf1, 0xfd, 0x48, 0x56, 0x02
+	xorl	%eax, %eax
+2:	clflushopt	5376(%rdi, %rax, 8)
+	addl	$8, %eax
+	cmpl	$8 * 12, %eax
+	jb	2b
+	sfence
+	movl	$6144, %ecx
+	xorl	%eax, %eax
+	rep; stosb
+	mfence
+
+/*	vmovdqa64	PCPU(MDS_TMP), %zmm0 */
+	.byte	0x65, 0x62, 0xf1, 0xfd, 0x48, 0x6f, 0x04, 0x25
+	.long	PC_MDS_TMP
+	testb	$CR0_TS, %al
+	je	3f
+	movq	%rax, %cr0
+3:	popq	%rdi
+	popq	%rcx
+	popq	%rdx
+	popq	%rax
+	retq
+END(mds_handler_skl_avx512)
+
+ENTRY(mds_handler_silvermont)
+	pushq	%rax
+	pushq	%rdx
+	pushq	%rcx
+
+	movq	%cr0, %rax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movq	PCPU(MDS_BUF), %rdx
+	movdqa	%xmm0, PCPU(MDS_TMP)
+	pxor	%xmm0, %xmm0
+
+	movl	$16, %ecx
+2:	movntdq	%xmm0, (%rdx)
+	addq	$16, %rdx
+	decl	%ecx
+	jnz	2b
+	mfence
+
+	movdqa	PCPU(MDS_TMP),%xmm0
+	testb	$CR0_TS, %al
+	je	3f
+	movq	%rax, %cr0
+3:	popq	%rcx
+	popq	%rdx
+	popq	%rax
+	retq
+END(mds_handler_silvermont)

Modified: releng/12.0/sys/amd64/include/pcpu.h
==============================================================================
--- releng/12.0/sys/amd64/include/pcpu.h	Tue May 14 23:12:22 2019	(r347593)
+++ releng/12.0/sys/amd64/include/pcpu.h	Tue May 14 23:19:08 2019	(r347594)
@@ -76,7 +76,11 @@
 	uint32_t pc_pcid_gen;						\
 	uint32_t pc_smp_tlb_done;	/* TLB op acknowledgement */	\
 	uint32_t pc_ibpb_set;						\
-	char	__pad[3288]		/* pad to UMA_PCPU_ALLOC_SIZE */
+	void	*pc_mds_buf;						\
+	void	*pc_mds_buf64;						\
+	uint32_t pc_pad[2];						\
+	uint8_t	pc_mds_tmp[64];						\
+	char	__pad[3176]		/* pad to UMA_PCPU_ALLOC_SIZE */
 
 #define	PC_DBREG_CMD_NONE	0
 #define	PC_DBREG_CMD_LOAD	1

Modified: releng/12.0/sys/dev/cpuctl/cpuctl.c
==============================================================================
--- releng/12.0/sys/dev/cpuctl/cpuctl.c	Tue May 14 23:12:22 2019	(r347593)
+++ releng/12.0/sys/dev/cpuctl/cpuctl.c	Tue May 14 23:19:08 2019	(r347594)
@@ -521,6 +521,7 @@ cpuctl_do_eval_cpu_features(int cpu, struct thread *td
 	hw_ibrs_recalculate();
 	restore_cpu(oldcpu, is_bound, td);
 	hw_ssb_recalculate(true);
+	hw_mds_recalculate();
 	printcpuinfo();
 	return (0);
 }

Modified: releng/12.0/sys/i386/i386/exception.s
==============================================================================
--- releng/12.0/sys/i386/i386/exception.s	Tue May 14 23:12:22 2019	(r347593)
+++ releng/12.0/sys/i386/i386/exception.s	Tue May 14 23:19:08 2019	(r347594)
@@ -518,6 +518,8 @@ doreti_exit:
 2:	movl	$handle_ibrs_exit,%eax
 	pushl	%ecx			/* preserve enough call-used regs */
 	call	*%eax
+	movl	mds_handler,%eax
+	call	*%eax
 	popl	%ecx
 	movl	%esp, %esi
 	movl	PCPU(TRAMPSTK), %edx

Modified: releng/12.0/sys/i386/i386/genassym.c
==============================================================================
--- releng/12.0/sys/i386/i386/genassym.c	Tue May 14 23:12:22 2019	(r347593)
+++ releng/12.0/sys/i386/i386/genassym.c	Tue May 14 23:19:08 2019	(r347594)
@@ -222,6 +222,9 @@ ASSYM(PC_KESP0, offsetof(struct pcpu, pc_kesp0));
 ASSYM(PC_TRAMPSTK, offsetof(struct pcpu, pc_trampstk));
 ASSYM(PC_COPYOUT_BUF, offsetof(struct pcpu, pc_copyout_buf));
 ASSYM(PC_IBPB_SET, offsetof(struct pcpu, pc_ibpb_set));
+ASSYM(PC_MDS_TMP, offsetof(struct pcpu, pc_mds_tmp));
+ASSYM(PC_MDS_BUF, offsetof(struct pcpu, pc_mds_buf));
+ASSYM(PC_MDS_BUF64, offsetof(struct pcpu, pc_mds_buf64));
 
 #ifdef DEV_APIC
 ASSYM(LA_EOI, LAPIC_EOI * LAPIC_MEM_MUL);

Modified: releng/12.0/sys/i386/i386/initcpu.c
==============================================================================
--- releng/12.0/sys/i386/i386/initcpu.c	Tue May 14 23:12:22 2019	(r347593)
+++ releng/12.0/sys/i386/i386/initcpu.c	Tue May 14 23:19:08 2019	(r347594)
@@ -745,6 +745,7 @@ initializecpu(void)
 		cpu_fxsr = hw_instruction_sse = 1;
 	}
 #if defined(PAE) || defined(PAE_TABLES)
+	hw_mds_recalculate();
 	if ((amd_feature & AMDID_NX) != 0) {
 		uint64_t msr;
 

Modified: releng/12.0/sys/i386/i386/support.s
==============================================================================
--- releng/12.0/sys/i386/i386/support.s	Tue May 14 23:12:22 2019	(r347593)
+++ releng/12.0/sys/i386/i386/support.s	Tue May 14 23:19:08 2019	(r347594)
@@ -472,3 +472,194 @@ ENTRY(handle_ibrs_exit)
 	movb	$0,PCPU(IBPB_SET)
 1:	ret
 END(handle_ibrs_exit)
+
+ENTRY(mds_handler_void)
+	ret
+END(mds_handler_void)
+
+ENTRY(mds_handler_verw)
+	subl	$4, %esp
+	movw	%ds, (%esp)
+	verw	(%esp)
+	addl	$4, %esp
+	ret
+END(mds_handler_verw)
+
+ENTRY(mds_handler_ivb)
+	movl	%cr0, %eax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movl	PCPU(MDS_BUF), %edx
+	movdqa	%xmm0, PCPU(MDS_TMP)
+	pxor	%xmm0, %xmm0
+
+	lfence
+	orpd	(%edx), %xmm0
+	orpd	(%edx), %xmm0
+	mfence
+	movl	$40, %ecx
+	addl	$16, %edx
+2:	movntdq	%xmm0, (%edx)
+	addl	$16, %edx
+	decl	%ecx
+	jnz	2b
+	mfence
+
+	movdqa	PCPU(MDS_TMP),%xmm0
+	testb	$CR0_TS, %al
+	je	3f
+	movl	%eax, %cr0
+3:	ret
+END(mds_handler_ivb)
+
+ENTRY(mds_handler_bdw)
+	movl	%cr0, %eax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movl	PCPU(MDS_BUF), %ebx
+	movdqa	%xmm0, PCPU(MDS_TMP)
+	pxor	%xmm0, %xmm0
+
+	movl	%ebx, %edi
+	movl	%ebx, %esi
+	movl	$40, %ecx
+2:	movntdq	%xmm0, (%ebx)
+	addl	$16, %ebx
+	decl	%ecx
+	jnz	2b
+	mfence
+	movl	$1536, %ecx
+	rep; movsb
+	lfence
+
+	movdqa	PCPU(MDS_TMP),%xmm0
+	testb	$CR0_TS, %al
+	je	3f
+	movl	%eax, %cr0
+3:	ret
+END(mds_handler_bdw)
+
+ENTRY(mds_handler_skl_sse)
+	movl	%cr0, %eax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movl	PCPU(MDS_BUF), %edi
+	movl	PCPU(MDS_BUF64), %edx
+	movdqa	%xmm0, PCPU(MDS_TMP)
+	pxor	%xmm0, %xmm0
+
+	lfence
+	orpd	(%edx), %xmm0
+	orpd	(%edx), %xmm0
+	xorl	%eax, %eax
+2:	clflushopt	5376(%edi, %eax, 8)
+	addl	$8, %eax
+	cmpl	$8 * 12, %eax
+	jb	2b
+	sfence
+	movl	$6144, %ecx
+	xorl	%eax, %eax
+	rep; stosb
+	mfence
+
+	movdqa	PCPU(MDS_TMP), %xmm0
+	testb	$CR0_TS, %al
+	je	3f
+	movl	%eax, %cr0
+3:	ret
+END(mds_handler_skl_sse)
+
+ENTRY(mds_handler_skl_avx)
+	movl	%cr0, %eax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movl	PCPU(MDS_BUF), %edi
+	movl	PCPU(MDS_BUF64), %edx
+	vmovdqa	%ymm0, PCPU(MDS_TMP)
+	vpxor	%ymm0, %ymm0, %ymm0
+
+	lfence
+	vorpd	(%edx), %ymm0, %ymm0
+	vorpd	(%edx), %ymm0, %ymm0
+	xorl	%eax, %eax
+2:	clflushopt	5376(%edi, %eax, 8)
+	addl	$8, %eax
+	cmpl	$8 * 12, %eax
+	jb	2b
+	sfence
+	movl	$6144, %ecx
+	xorl	%eax, %eax
+	rep; stosb
+	mfence
+
+	vmovdqa	PCPU(MDS_TMP), %ymm0
+	testb	$CR0_TS, %al
+	je	3f
+	movl	%eax, %cr0
+3:	ret
+END(mds_handler_skl_avx)
+
+ENTRY(mds_handler_skl_avx512)
+	movl	%cr0, %eax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movl	PCPU(MDS_BUF), %edi
+	movl	PCPU(MDS_BUF64), %edx
+/*	vmovdqa64	%zmm0, PCPU(MDS_TMP) */
+	.byte	0x64, 0x62, 0xf1, 0xfd, 0x48, 0x7f, 0x05
+	.long	PC_MDS_TMP
+/*	vpxor	%zmm0, %zmm0, %zmm0 */
+	.byte	0x62, 0xf1, 0xfd, 0x48, 0xef, 0xc0
+
+	lfence
+/*	vorpd	(%edx), %zmm0, %zmm0 */
+	.byte	0x62, 0xf1, 0xfd, 0x48, 0x56, 0x02
+/*	vorpd	(%edx), %zmm0, %zmm0 */
+	.byte	0x62, 0xf1, 0xfd, 0x48, 0x56, 0x02
+	xorl	%eax, %eax
+2:	clflushopt	5376(%edi, %eax, 8)
+	addl	$8, %eax
+	cmpl	$8 * 12, %eax
+	jb	2b
+	sfence
+	movl	$6144, %ecx
+	xorl	%eax, %eax
+	rep; stosb
+	mfence
+
+/*	vmovdqa64	PCPU(MDS_TMP), %zmm0 */
+	.byte	0x64, 0x62, 0xf1, 0xfd, 0x48, 0x6f, 0x05
+	.long	PC_MDS_TMP
+	testb	$CR0_TS, %al
+	je	3f
+	movl	%eax, %cr0
+3:	ret
+END(mds_handler_skl_avx512)
+
+ENTRY(mds_handler_silvermont)
+	movl	%cr0, %eax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movl	PCPU(MDS_BUF), %edx
+	movdqa	%xmm0, PCPU(MDS_TMP)
+	pxor	%xmm0, %xmm0
+
+	movl	$16, %ecx
+2:	movntdq	%xmm0, (%edx)
+	addl	$16, %edx
+	decl	%ecx
+	jnz	2b
+	mfence
+
+	movdqa	PCPU(MDS_TMP),%xmm0
+	testb	$CR0_TS, %al
+	je	3f
+	movl	%eax, %cr0
+3:	ret
+END(mds_handler_silvermont)

Modified: releng/12.0/sys/i386/include/pcpu.h
==============================================================================
--- releng/12.0/sys/i386/include/pcpu.h	Tue May 14 23:12:22 2019	(r347593)
+++ releng/12.0/sys/i386/include/pcpu.h	Tue May 14 23:19:08 2019	(r347594)
@@ -77,10 +77,14 @@
 	struct	sx pc_copyout_slock;					\
 	char	*pc_copyout_buf;					\
 	vm_offset_t pc_pmap_eh_va;					\
-	caddr_t pc_pmap_eh_ptep;						\
+	caddr_t pc_pmap_eh_ptep;					\
 	uint32_t pc_smp_tlb_done;	/* TLB op acknowledgement */	\
 	uint32_t pc_ibpb_set;						\
-	char	__pad[3610]
+	void	*pc_mds_buf;						\
+	void	*pc_mds_buf64;						\
+	uint32_t pc_pad[4];						\
+	uint8_t	pc_mds_tmp[64];						\
+	char	__pad[3522]
 
 #ifdef _KERNEL
 

Modified: releng/12.0/sys/x86/include/specialreg.h
==============================================================================
--- releng/12.0/sys/x86/include/specialreg.h	Tue May 14 23:12:22 2019	(r347593)
+++ releng/12.0/sys/x86/include/specialreg.h	Tue May 14 23:19:08 2019	(r347594)
@@ -425,6 +425,7 @@
 /*
  * CPUID instruction 7 Structured Extended Features, leaf 0 edx info
  */
+#define	CPUID_STDEXT3_MD_CLEAR	0x00000400
 #define	CPUID_STDEXT3_IBPB	0x04000000
 #define	CPUID_STDEXT3_STIBP	0x08000000
 #define	CPUID_STDEXT3_L1D_FLUSH	0x10000000
@@ -437,6 +438,7 @@
 #define	IA32_ARCH_CAP_RSBA	0x00000004
 #define	IA32_ARCH_CAP_SKIP_L1DFL_VMENTRY	0x00000008
 #define	IA32_ARCH_CAP_SSB_NO	0x00000010
+#define	IA32_ARCH_CAP_MDS_NO	0x00000020
 
 /*
  * CPUID manufacturers identifiers

Modified: releng/12.0/sys/x86/include/x86_var.h
==============================================================================
--- releng/12.0/sys/x86/include/x86_var.h	Tue May 14 23:12:22 2019	(r347593)
+++ releng/12.0/sys/x86/include/x86_var.h	Tue May 14 23:19:08 2019	(r347594)
@@ -85,6 +85,7 @@ extern	uint64_t xsave_mask;
 extern	u_int	max_apic_id;
 extern	int	pti;
 extern	int	hw_ibrs_active;
+extern	int	hw_mds_disable;
 extern	int	hw_ssb_active;
 
 struct	pcb;
@@ -139,6 +140,7 @@ int	isa_nmi(int cd);
 void	handle_ibrs_entry(void);
 void	handle_ibrs_exit(void);
 void	hw_ibrs_recalculate(void);
+void	hw_mds_recalculate(void);
 void	hw_ssb_recalculate(bool all_cpus);
 void	nmi_call_kdb(u_int cpu, u_int type, struct trapframe *frame);
 void	nmi_call_kdb_smp(u_int type, struct trapframe *frame);

Modified: releng/12.0/sys/x86/x86/cpu_machdep.c
==============================================================================
--- releng/12.0/sys/x86/x86/cpu_machdep.c	Tue May 14 23:12:22 2019	(r347593)
+++ releng/12.0/sys/x86/x86/cpu_machdep.c	Tue May 14 23:19:08 2019	(r347594)
@@ -61,6 +61,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/systm.h>
 #include <sys/bus.h>
 #include <sys/cpu.h>
+#include <sys/domainset.h>
 #include <sys/kdb.h>
 #include <sys/kernel.h>
 #include <sys/ktr.h>
@@ -914,6 +915,203 @@ SYSCTL_PROC(_hw, OID_AUTO, spec_store_bypass_disable, 
     CTLFLAG_RWTUN | CTLFLAG_NOFETCH | CTLFLAG_MPSAFE, NULL, 0,
     hw_ssb_disable_handler, "I",
     "Speculative Store Bypass Disable (0 - off, 1 - on, 2 - auto");
+
+int hw_mds_disable;
+
+/*
+ * Handler for Microarchitectural Data Sampling issues.  Really not a
+ * pointer to C function: on amd64 the code must not change any CPU
+ * architectural state except possibly %rflags. Also, it is always
+ * called with interrupts disabled.
+ */
+void (*mds_handler)(void);
+void mds_handler_void(void);
+void mds_handler_verw(void);
+void mds_handler_ivb(void);
+void mds_handler_bdw(void);
+void mds_handler_skl_sse(void);
+void mds_handler_skl_avx(void);
+void mds_handler_skl_avx512(void);
+void mds_handler_silvermont(void);
+
+static int
+sysctl_hw_mds_disable_state_handler(SYSCTL_HANDLER_ARGS)
+{
+	const char *state;
+
+	if (mds_handler == mds_handler_void)
+		state = "inactive";
+	else if (mds_handler == mds_handler_verw)
+		state = "VERW";
+	else if (mds_handler == mds_handler_ivb)
+		state = "software IvyBridge";
+	else if (mds_handler == mds_handler_bdw)
+		state = "software Broadwell";
+	else if (mds_handler == mds_handler_skl_sse)
+		state = "software Skylake SSE";
+	else if (mds_handler == mds_handler_skl_avx)
+		state = "software Skylake AVX";
+	else if (mds_handler == mds_handler_skl_avx512)
+		state = "software Skylake AVX512";
+	else if (mds_handler == mds_handler_silvermont)
+		state = "software Silvermont";
+	else
+		state = "unknown";
+	return (SYSCTL_OUT(req, state, strlen(state)));
+}
+
+SYSCTL_PROC(_hw, OID_AUTO, mds_disable_state,
+    CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, 0,
+    sysctl_hw_mds_disable_state_handler, "A",
+    "Microarchitectural Data Sampling Mitigation state");
+
+_Static_assert(__offsetof(struct pcpu, pc_mds_tmp) % 64 == 0, "MDS AVX512");
+
+void
+hw_mds_recalculate(void)
+{
+	struct pcpu *pc;
+	vm_offset_t b64;
+	u_long xcr0;
+	int i;
+
+	/*
+	 * Allow user to force VERW variant even if MD_CLEAR is not
+	 * reported.  For instance, hypervisor might unknowingly
+	 * filter the cap out.
+	 * For the similar reasons, and for testing, allow to enable
+	 * mitigation even for RDCL_NO or MDS_NO caps.
+	 */
+	if (cpu_vendor_id != CPU_VENDOR_INTEL || hw_mds_disable == 0 ||
+	    ((cpu_ia32_arch_caps & (IA32_ARCH_CAP_RDCL_NO |
+	    IA32_ARCH_CAP_MDS_NO)) != 0 && hw_mds_disable == 3)) {
+		mds_handler = mds_handler_void;
+	} else if (((cpu_stdext_feature3 & CPUID_STDEXT3_MD_CLEAR) != 0 &&
+	    hw_mds_disable == 3) || hw_mds_disable == 1) {
+		mds_handler = mds_handler_verw;
+	} else if (CPUID_TO_FAMILY(cpu_id) == 0x6 &&
+	    (CPUID_TO_MODEL(cpu_id) == 0x2e || CPUID_TO_MODEL(cpu_id) == 0x1e ||
+	    CPUID_TO_MODEL(cpu_id) == 0x1f || CPUID_TO_MODEL(cpu_id) == 0x1a ||
+	    CPUID_TO_MODEL(cpu_id) == 0x2f || CPUID_TO_MODEL(cpu_id) == 0x25 ||
+	    CPUID_TO_MODEL(cpu_id) == 0x2c || CPUID_TO_MODEL(cpu_id) == 0x2d ||
+	    CPUID_TO_MODEL(cpu_id) == 0x2a || CPUID_TO_MODEL(cpu_id) == 0x3e ||
+	    CPUID_TO_MODEL(cpu_id) == 0x3a) &&
+	    (hw_mds_disable == 2 || hw_mds_disable == 3)) {
+		/*
+		 * Nehalem, SandyBridge, IvyBridge
+		 */
+		CPU_FOREACH(i) {
+			pc = pcpu_find(i);
+			if (pc->pc_mds_buf == NULL) {
+				pc->pc_mds_buf = malloc_domainset(672, M_TEMP,
+				    DOMAINSET_PREF(pc->pc_domain), M_WAITOK);
+				bzero(pc->pc_mds_buf, 16);
+			}
+		}
+		mds_handler = mds_handler_ivb;
+	} else if (CPUID_TO_FAMILY(cpu_id) == 0x6 &&
+	    (CPUID_TO_MODEL(cpu_id) == 0x3f || CPUID_TO_MODEL(cpu_id) == 0x3c ||
+	    CPUID_TO_MODEL(cpu_id) == 0x45 || CPUID_TO_MODEL(cpu_id) == 0x46 ||
+	    CPUID_TO_MODEL(cpu_id) == 0x56 || CPUID_TO_MODEL(cpu_id) == 0x4f ||
+	    CPUID_TO_MODEL(cpu_id) == 0x47 || CPUID_TO_MODEL(cpu_id) == 0x3d) &&
+	    (hw_mds_disable == 2 || hw_mds_disable == 3)) {
+		/*
+		 * Haswell, Broadwell
+		 */
+		CPU_FOREACH(i) {
+			pc = pcpu_find(i);
+			if (pc->pc_mds_buf == NULL) {
+				pc->pc_mds_buf = malloc_domainset(1536, M_TEMP,
+				    DOMAINSET_PREF(pc->pc_domain), M_WAITOK);
+				bzero(pc->pc_mds_buf, 16);
+			}
+		}
+		mds_handler = mds_handler_bdw;
+	} else if (CPUID_TO_FAMILY(cpu_id) == 0x6 &&
+	    ((CPUID_TO_MODEL(cpu_id) == 0x55 && (cpu_id &
+	    CPUID_STEPPING) <= 5) ||
+	    CPUID_TO_MODEL(cpu_id) == 0x4e || CPUID_TO_MODEL(cpu_id) == 0x5e ||
+	    (CPUID_TO_MODEL(cpu_id) == 0x8e && (cpu_id &
+	    CPUID_STEPPING) <= 0xb) ||
+	    (CPUID_TO_MODEL(cpu_id) == 0x9e && (cpu_id &
+	    CPUID_STEPPING) <= 0xc)) &&
+	    (hw_mds_disable == 2 || hw_mds_disable == 3)) {
+		/*
+		 * Skylake, KabyLake, CoffeeLake, WhiskeyLake,
+		 * CascadeLake
+		 */
+		CPU_FOREACH(i) {
+			pc = pcpu_find(i);
+			if (pc->pc_mds_buf == NULL) {
+				pc->pc_mds_buf = malloc_domainset(6 * 1024,
+				    M_TEMP, DOMAINSET_PREF(pc->pc_domain),
+				    M_WAITOK);
+				b64 = (vm_offset_t)malloc_domainset(64 + 63,
+				    M_TEMP, DOMAINSET_PREF(pc->pc_domain),
+				    M_WAITOK);
+				pc->pc_mds_buf64 = (void *)roundup2(b64, 64);
+				bzero(pc->pc_mds_buf64, 64);
+			}
+		}
+		xcr0 = rxcr(0);
+		if ((xcr0 & XFEATURE_ENABLED_ZMM_HI256) != 0 &&
+		    (cpu_stdext_feature2 & CPUID_STDEXT_AVX512DQ) != 0)
+			mds_handler = mds_handler_skl_avx512;
+		else if ((xcr0 & XFEATURE_ENABLED_AVX) != 0 &&
+		    (cpu_feature2 & CPUID2_AVX) != 0)
+			mds_handler = mds_handler_skl_avx;
+		else
+			mds_handler = mds_handler_skl_sse;
+	} else if (CPUID_TO_FAMILY(cpu_id) == 0x6 &&
+	    ((CPUID_TO_MODEL(cpu_id) == 0x37 ||
+	    CPUID_TO_MODEL(cpu_id) == 0x4a ||
+	    CPUID_TO_MODEL(cpu_id) == 0x4c ||
+	    CPUID_TO_MODEL(cpu_id) == 0x4d ||
+	    CPUID_TO_MODEL(cpu_id) == 0x5a ||
+	    CPUID_TO_MODEL(cpu_id) == 0x5d ||
+	    CPUID_TO_MODEL(cpu_id) == 0x6e ||
+	    CPUID_TO_MODEL(cpu_id) == 0x65 ||
+	    CPUID_TO_MODEL(cpu_id) == 0x75 ||
+	    CPUID_TO_MODEL(cpu_id) == 0x1c ||
+	    CPUID_TO_MODEL(cpu_id) == 0x26 ||
+	    CPUID_TO_MODEL(cpu_id) == 0x27 ||
+	    CPUID_TO_MODEL(cpu_id) == 0x35 ||
+	    CPUID_TO_MODEL(cpu_id) == 0x36 ||
+	    CPUID_TO_MODEL(cpu_id) == 0x7a))) {
+		/* Silvermont, Airmont */
+		CPU_FOREACH(i) {
+			pc = pcpu_find(i);
+			if (pc->pc_mds_buf == NULL)
+				pc->pc_mds_buf = malloc(256, M_TEMP, M_WAITOK);
+		}
+		mds_handler = mds_handler_silvermont;
+	} else {
+		hw_mds_disable = 0;
+		mds_handler = mds_handler_void;
+	}
+}
+
+static int
+sysctl_mds_disable_handler(SYSCTL_HANDLER_ARGS)
+{
+	int error, val;
+
+	val = hw_mds_disable;
+	error = sysctl_handle_int(oidp, &val, 0, req);
+	if (error != 0 || req->newptr == NULL)
+		return (error);
+	if (val < 0 || val > 3)
+		return (EINVAL);
+	hw_mds_disable = val;
+	hw_mds_recalculate();
+	return (0);
+}
+
+SYSCTL_PROC(_hw, OID_AUTO, mds_disable, CTLTYPE_INT |
+    CTLFLAG_RWTUN | CTLFLAG_NOFETCH | CTLFLAG_MPSAFE, NULL, 0,
+    sysctl_mds_disable_handler, "I",
+    "Microarchitectural Data Sampling Mitigation "
+    "(0 - off, 1 - on VERW, 2 - on SW, 3 - on AUTO");
 
 /*
  * Enable and restore kernel text write permissions.

From owner-svn-src-releng@freebsd.org  Tue May 14 23:20:20 2019
Return-Path: <owner-svn-src-releng@freebsd.org>
Delivered-To: svn-src-releng@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id E22DB159C112;
 Tue, 14 May 2019 23:20:19 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 93B2F89AED;
 Tue, 14 May 2019 23:20:19 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 670E227CE8;
 Tue, 14 May 2019 23:20:19 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x4ENKJNZ059045;
 Tue, 14 May 2019 23:20:19 GMT (envelope-from gordon@FreeBSD.org)
Received: (from gordon@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id x4ENKGLW059031;
 Tue, 14 May 2019 23:20:16 GMT (envelope-from gordon@FreeBSD.org)
Message-Id: <201905142320.x4ENKGLW059031@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: gordon set sender to
 gordon@FreeBSD.org using -f
From: Gordon Tetlow <gordon@FreeBSD.org>
Date: Tue, 14 May 2019 23:20:16 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-releng@freebsd.org
Subject: svn commit: r347595 - in releng/11.2/sys: amd64/amd64 amd64/include
 dev/cpuctl i386/i386 i386/include x86/include x86/x86
X-SVN-Group: releng
X-SVN-Commit-Author: gordon
X-SVN-Commit-Paths: in releng/11.2/sys: amd64/amd64 amd64/include dev/cpuctl
 i386/i386 i386/include x86/include x86/x86
X-SVN-Commit-Revision: 347595
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: 93B2F89AED
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.97 / 15.00];
 local_wl_from(0.00)[FreeBSD.org];
 NEURAL_HAM_MEDIUM(-1.00)[-0.997,0];
 NEURAL_HAM_LONG(-1.00)[-1.000,0];
 NEURAL_HAM_SHORT(-0.97)[-0.974,0];
 ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]
X-BeenThere: svn-src-releng@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the release engineering / security commits to
 the src tree <svn-src-releng.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-releng>, 
 <mailto:svn-src-releng-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-releng/>
List-Post: <mailto:svn-src-releng@freebsd.org>
List-Help: <mailto:svn-src-releng-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-releng>,
 <mailto:svn-src-releng-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 14 May 2019 23:20:20 -0000

Author: gordon
Date: Tue May 14 23:20:16 2019
New Revision: 347595
URL: https://svnweb.freebsd.org/changeset/base/347595

Log:
  Mitigations for Microarchitectural Data Sampling.
  
  Approved by:	so
  Security:	FreeBSD-SA-19:07.mds
  Security:	CVE-2018-12126
  Security:	CVE-2018-12127
  Security:	CVE-2018-12130
  Security:	CVE-2019-11091

Modified:
  releng/11.2/sys/amd64/amd64/exception.S
  releng/11.2/sys/amd64/amd64/genassym.c
  releng/11.2/sys/amd64/amd64/initcpu.c
  releng/11.2/sys/amd64/amd64/machdep.c
  releng/11.2/sys/amd64/amd64/support.S
  releng/11.2/sys/amd64/include/pcpu.h
  releng/11.2/sys/dev/cpuctl/cpuctl.c
  releng/11.2/sys/i386/i386/exception.s
  releng/11.2/sys/i386/i386/genassym.c
  releng/11.2/sys/i386/i386/initcpu.c
  releng/11.2/sys/i386/i386/support.s
  releng/11.2/sys/i386/include/pcpu.h
  releng/11.2/sys/x86/include/specialreg.h
  releng/11.2/sys/x86/include/x86_var.h
  releng/11.2/sys/x86/x86/cpu_machdep.c

Modified: releng/11.2/sys/amd64/amd64/exception.S
==============================================================================
--- releng/11.2/sys/amd64/amd64/exception.S	Tue May 14 23:19:08 2019	(r347594)
+++ releng/11.2/sys/amd64/amd64/exception.S	Tue May 14 23:20:16 2019	(r347595)
@@ -487,6 +487,7 @@ fast_syscall_common:
 	testl	$TDF_ASTPENDING | TDF_NEEDRESCHED,TD_FLAGS(%rax)
 	jne	3f
 	call	handle_ibrs_exit
+	callq	*mds_handler
 	/* Restore preserved registers. */
 	MEXITCOUNT
 	movq	TF_RDI(%rsp),%rdi	/* bonus; preserve arg 1 */
@@ -1121,6 +1122,7 @@ ld_regs:
 	jz	2f			/* keep running with kernel GS.base */
 	cli
 	call	handle_ibrs_exit_rs
+	callq	*mds_handler
 	cmpb	$0,pti
 	je	1f
 	pushq	%rdx

Modified: releng/11.2/sys/amd64/amd64/genassym.c
==============================================================================
--- releng/11.2/sys/amd64/amd64/genassym.c	Tue May 14 23:19:08 2019	(r347594)
+++ releng/11.2/sys/amd64/amd64/genassym.c	Tue May 14 23:20:16 2019	(r347595)
@@ -230,6 +230,9 @@ ASSYM(PC_SAVED_UCR3, offsetof(struct pcpu, pc_saved_uc
 ASSYM(PC_PTI_STACK, offsetof(struct pcpu, pc_pti_stack));
 ASSYM(PC_PTI_STACK_SZ, PC_PTI_STACK_SZ);
 ASSYM(PC_IBPB_SET, offsetof(struct pcpu, pc_ibpb_set));
+ASSYM(PC_MDS_TMP, offsetof(struct pcpu, pc_mds_tmp));
+ASSYM(PC_MDS_BUF, offsetof(struct pcpu, pc_mds_buf));
+ASSYM(PC_MDS_BUF64, offsetof(struct pcpu, pc_mds_buf64));
  
 ASSYM(LA_EOI, LAPIC_EOI * LAPIC_MEM_MUL);
 ASSYM(LA_ISR, LAPIC_ISR0 * LAPIC_MEM_MUL);

Modified: releng/11.2/sys/amd64/amd64/initcpu.c
==============================================================================
--- releng/11.2/sys/amd64/amd64/initcpu.c	Tue May 14 23:19:08 2019	(r347594)
+++ releng/11.2/sys/amd64/amd64/initcpu.c	Tue May 14 23:20:16 2019	(r347595)
@@ -223,6 +223,7 @@ initializecpu(void)
 	}
 	hw_ibrs_recalculate();
 	hw_ssb_recalculate(false);
+	hw_mds_recalculate();
 	switch (cpu_vendor_id) {
 	case CPU_VENDOR_AMD:
 		init_amd();

Modified: releng/11.2/sys/amd64/amd64/machdep.c
==============================================================================
--- releng/11.2/sys/amd64/amd64/machdep.c	Tue May 14 23:19:08 2019	(r347594)
+++ releng/11.2/sys/amd64/amd64/machdep.c	Tue May 14 23:20:16 2019	(r347595)
@@ -1851,6 +1851,7 @@ hammer_time(u_int64_t modulep, u_int64_t physfree)
 
 	TUNABLE_INT_FETCH("hw.ibrs_disable", &hw_ibrs_disable);
 	TUNABLE_INT_FETCH("hw.spec_store_bypass_disable", &hw_ssb_disable);
+	TUNABLE_INT_FETCH("hw.mds_disable", &hw_mds_disable);
 
 	/* Location of kernel stack for locore */
 	return ((u_int64_t)thread0.td_pcb);

Modified: releng/11.2/sys/amd64/amd64/support.S
==============================================================================
--- releng/11.2/sys/amd64/amd64/support.S	Tue May 14 23:19:08 2019	(r347594)
+++ releng/11.2/sys/amd64/amd64/support.S	Tue May 14 23:20:16 2019	(r347595)
@@ -1,8 +1,13 @@
 /*-
+ * Copyright (c) 2018-2019 The FreeBSD Foundation
  * Copyright (c) 2003 Peter Wemm.
  * Copyright (c) 1993 The Regents of the University of California.
  * All rights reserved.
  *
+ * Portions of this software were developed by
+ * Konstantin Belousov <kib@FreeBSD.org> under sponsorship from
+ * the FreeBSD Foundation.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -892,3 +897,246 @@ ENTRY(handle_ibrs_exit_rs)
 END(handle_ibrs_exit_rs)
 
 	.noaltmacro
+
+ENTRY(mds_handler_void)
+	retq
+END(mds_handler_void)
+
+ENTRY(mds_handler_verw)
+	subq	$8, %rsp
+	movw	%ds, (%rsp)
+	verw	(%rsp)
+	addq	$8, %rsp
+	retq
+END(mds_handler_verw)
+
+ENTRY(mds_handler_ivb)
+	pushq	%rax
+	pushq	%rdx
+	pushq	%rcx
+
+	movq	%cr0, %rax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movq	PCPU(MDS_BUF), %rdx
+	movdqa	%xmm0, PCPU(MDS_TMP)
+	pxor	%xmm0, %xmm0
+
+	lfence
+	orpd	(%rdx), %xmm0
+	orpd	(%rdx), %xmm0
+	mfence
+	movl	$40, %ecx
+	addq	$16, %rdx
+2:	movntdq	%xmm0, (%rdx)
+	addq	$16, %rdx
+	decl	%ecx
+	jnz	2b
+	mfence
+
+	movdqa	PCPU(MDS_TMP),%xmm0
+	testb	$CR0_TS, %al
+	je	3f
+	movq	%rax, %cr0
+3:	popq	%rcx
+	popq	%rdx
+	popq	%rax
+	retq
+END(mds_handler_ivb)
+
+ENTRY(mds_handler_bdw)
+	pushq	%rax
+	pushq	%rbx
+	pushq	%rcx
+	pushq	%rdi
+	pushq	%rsi
+
+	movq	%cr0, %rax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movq	PCPU(MDS_BUF), %rbx
+	movdqa	%xmm0, PCPU(MDS_TMP)
+	pxor	%xmm0, %xmm0
+
+	movq	%rbx, %rdi
+	movq	%rbx, %rsi
+	movl	$40, %ecx
+2:	movntdq	%xmm0, (%rbx)
+	addq	$16, %rbx
+	decl	%ecx
+	jnz	2b
+	mfence
+	movl	$1536, %ecx
+	rep; movsb
+	lfence
+
+	movdqa	PCPU(MDS_TMP),%xmm0
+	testb	$CR0_TS, %al
+	je	3f
+	movq	%rax, %cr0
+3:	popq	%rsi
+	popq	%rdi
+	popq	%rcx
+	popq	%rbx
+	popq	%rax
+	retq
+END(mds_handler_bdw)
+
+ENTRY(mds_handler_skl_sse)
+	pushq	%rax
+	pushq	%rdx
+	pushq	%rcx
+	pushq	%rdi
+
+	movq	%cr0, %rax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movq	PCPU(MDS_BUF), %rdi
+	movq	PCPU(MDS_BUF64), %rdx
+	movdqa	%xmm0, PCPU(MDS_TMP)
+	pxor	%xmm0, %xmm0
+
+	lfence
+	orpd	(%rdx), %xmm0
+	orpd	(%rdx), %xmm0
+	xorl	%eax, %eax
+2:	clflushopt	5376(%rdi, %rax, 8)
+	addl	$8, %eax
+	cmpl	$8 * 12, %eax
+	jb	2b
+	sfence
+	movl	$6144, %ecx
+	xorl	%eax, %eax
+	rep; stosb
+	mfence
+
+	movdqa	PCPU(MDS_TMP), %xmm0
+	testb	$CR0_TS, %al
+	je	3f
+	movq	%rax, %cr0
+3:	popq	%rdi
+	popq	%rcx
+	popq	%rdx
+	popq	%rax
+	retq
+END(mds_handler_skl_sse)
+
+ENTRY(mds_handler_skl_avx)
+	pushq	%rax
+	pushq	%rdx
+	pushq	%rcx
+	pushq	%rdi
+
+	movq	%cr0, %rax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movq	PCPU(MDS_BUF), %rdi
+	movq	PCPU(MDS_BUF64), %rdx
+	vmovdqa	%ymm0, PCPU(MDS_TMP)
+	vpxor	%ymm0, %ymm0, %ymm0
+
+	lfence
+	vorpd	(%rdx), %ymm0, %ymm0
+	vorpd	(%rdx), %ymm0, %ymm0
+	xorl	%eax, %eax
+2:	clflushopt	5376(%rdi, %rax, 8)
+	addl	$8, %eax
+	cmpl	$8 * 12, %eax
+	jb	2b
+	sfence
+	movl	$6144, %ecx
+	xorl	%eax, %eax
+	rep; stosb
+	mfence
+
+	vmovdqa	PCPU(MDS_TMP), %ymm0
+	testb	$CR0_TS, %al
+	je	3f
+	movq	%rax, %cr0
+3:	popq	%rdi
+	popq	%rcx
+	popq	%rdx
+	popq	%rax
+	retq
+END(mds_handler_skl_avx)
+
+ENTRY(mds_handler_skl_avx512)
+	pushq	%rax
+	pushq	%rdx
+	pushq	%rcx
+	pushq	%rdi
+
+	movq	%cr0, %rax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movq	PCPU(MDS_BUF), %rdi
+	movq	PCPU(MDS_BUF64), %rdx
+/*	vmovdqa64	%zmm0, PCPU(MDS_TMP) */
+	.byte	0x65, 0x62, 0xf1, 0xfd, 0x48, 0x7f, 0x04, 0x25
+	.long	PC_MDS_TMP
+/*	vpxor	%zmm0, %zmm0, %zmm0 */
+	.byte	0x62, 0xf1, 0xfd, 0x48, 0xef, 0xc0
+
+	lfence
+/*	vorpd	(%rdx), %zmm0, %zmm0 */
+	.byte	0x62, 0xf1, 0xfd, 0x48, 0x56, 0x02
+/*	vorpd	(%rdx), %zmm0, %zmm0 */
+	.byte	0x62, 0xf1, 0xfd, 0x48, 0x56, 0x02
+	xorl	%eax, %eax
+2:	clflushopt	5376(%rdi, %rax, 8)
+	addl	$8, %eax
+	cmpl	$8 * 12, %eax
+	jb	2b
+	sfence
+	movl	$6144, %ecx
+	xorl	%eax, %eax
+	rep; stosb
+	mfence
+
+/*	vmovdqa64	PCPU(MDS_TMP), %zmm0 */
+	.byte	0x65, 0x62, 0xf1, 0xfd, 0x48, 0x6f, 0x04, 0x25
+	.long	PC_MDS_TMP
+	testb	$CR0_TS, %al
+	je	3f
+	movq	%rax, %cr0
+3:	popq	%rdi
+	popq	%rcx
+	popq	%rdx
+	popq	%rax
+	retq
+END(mds_handler_skl_avx512)
+
+ENTRY(mds_handler_silvermont)
+	pushq	%rax
+	pushq	%rdx
+	pushq	%rcx
+
+	movq	%cr0, %rax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movq	PCPU(MDS_BUF), %rdx
+	movdqa	%xmm0, PCPU(MDS_TMP)
+	pxor	%xmm0, %xmm0
+
+	movl	$16, %ecx
+2:	movntdq	%xmm0, (%rdx)
+	addq	$16, %rdx
+	decl	%ecx
+	jnz	2b
+	mfence
+
+	movdqa	PCPU(MDS_TMP),%xmm0
+	testb	$CR0_TS, %al
+	je	3f
+	movq	%rax, %cr0
+3:	popq	%rcx
+	popq	%rdx
+	popq	%rax
+	retq
+END(mds_handler_silvermont)

Modified: releng/11.2/sys/amd64/include/pcpu.h
==============================================================================
--- releng/11.2/sys/amd64/include/pcpu.h	Tue May 14 23:19:08 2019	(r347594)
+++ releng/11.2/sys/amd64/include/pcpu.h	Tue May 14 23:20:16 2019	(r347595)
@@ -73,7 +73,11 @@
 	uint32_t pc_pcid_gen;						\
 	uint32_t pc_smp_tlb_done;	/* TLB op acknowledgement */	\
 	uint32_t pc_ibpb_set;						\
-	char	__pad[96]		/* be divisor of PAGE_SIZE	\
+	void	*pc_mds_buf;						\
+	void	*pc_mds_buf64;						\
+	uint32_t pc_pad[20];						\
+	uint8_t	pc_mds_tmp[64];						\
+	char	__pad[960]		/* be divisor of PAGE_SIZE	\
 					   after cache alignment */
 
 #define	PC_DBREG_CMD_NONE	0

Modified: releng/11.2/sys/dev/cpuctl/cpuctl.c
==============================================================================
--- releng/11.2/sys/dev/cpuctl/cpuctl.c	Tue May 14 23:19:08 2019	(r347594)
+++ releng/11.2/sys/dev/cpuctl/cpuctl.c	Tue May 14 23:20:16 2019	(r347595)
@@ -530,6 +530,7 @@ cpuctl_do_eval_cpu_features(int cpu, struct thread *td
 	hw_ibrs_recalculate();
 	restore_cpu(oldcpu, is_bound, td);
 	hw_ssb_recalculate(true);
+	hw_mds_recalculate();
 	printcpuinfo();
 	return (0);
 }

Modified: releng/11.2/sys/i386/i386/exception.s
==============================================================================
--- releng/11.2/sys/i386/i386/exception.s	Tue May 14 23:19:08 2019	(r347594)
+++ releng/11.2/sys/i386/i386/exception.s	Tue May 14 23:20:16 2019	(r347595)
@@ -406,6 +406,7 @@ doreti_ast:
 	 */
 doreti_exit:
 	MEXITCOUNT
+	call	*mds_handler
 
 	.globl	doreti_popl_fs
 doreti_popl_fs:

Modified: releng/11.2/sys/i386/i386/genassym.c
==============================================================================
--- releng/11.2/sys/i386/i386/genassym.c	Tue May 14 23:19:08 2019	(r347594)
+++ releng/11.2/sys/i386/i386/genassym.c	Tue May 14 23:20:16 2019	(r347595)
@@ -217,6 +217,9 @@ ASSYM(PC_CURRENTLDT, offsetof(struct pcpu, pc_currentl
 ASSYM(PC_CPUID, offsetof(struct pcpu, pc_cpuid));
 ASSYM(PC_CURPMAP, offsetof(struct pcpu, pc_curpmap));
 ASSYM(PC_PRIVATE_TSS, offsetof(struct pcpu, pc_private_tss));
+ASSYM(PC_MDS_TMP, offsetof(struct pcpu, pc_mds_tmp));
+ASSYM(PC_MDS_BUF, offsetof(struct pcpu, pc_mds_buf));
+ASSYM(PC_MDS_BUF64, offsetof(struct pcpu, pc_mds_buf64));
 
 #ifdef DEV_APIC
 ASSYM(LA_EOI, LAPIC_EOI * LAPIC_MEM_MUL);

Modified: releng/11.2/sys/i386/i386/initcpu.c
==============================================================================
--- releng/11.2/sys/i386/i386/initcpu.c	Tue May 14 23:19:08 2019	(r347594)
+++ releng/11.2/sys/i386/i386/initcpu.c	Tue May 14 23:20:16 2019	(r347595)
@@ -768,6 +768,7 @@ initializecpu(void)
 		elf32_nxstack = 1;
 	}
 #endif
+	hw_mds_recalculate();
 }
 
 void

Modified: releng/11.2/sys/i386/i386/support.s
==============================================================================
--- releng/11.2/sys/i386/i386/support.s	Tue May 14 23:19:08 2019	(r347594)
+++ releng/11.2/sys/i386/i386/support.s	Tue May 14 23:20:16 2019	(r347595)
@@ -826,3 +826,194 @@ END(handle_ibrs_entry)
 ENTRY(handle_ibrs_exit)
 	ret
 END(handle_ibrs_exit)
+
+ENTRY(mds_handler_void)
+	ret
+END(mds_handler_void)
+
+ENTRY(mds_handler_verw)
+	subl	$4, %esp
+	movw	%ds, (%esp)
+	verw	(%esp)
+	addl	$4, %esp
+	ret
+END(mds_handler_verw)
+
+ENTRY(mds_handler_ivb)
+	movl	%cr0, %eax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movl	PCPU(MDS_BUF), %edx
+	movdqa	%xmm0, PCPU(MDS_TMP)
+	pxor	%xmm0, %xmm0
+
+	lfence
+	orpd	(%edx), %xmm0
+	orpd	(%edx), %xmm0
+	mfence
+	movl	$40, %ecx
+	addl	$16, %edx
+2:	movntdq	%xmm0, (%edx)
+	addl	$16, %edx
+	decl	%ecx
+	jnz	2b
+	mfence
+
+	movdqa	PCPU(MDS_TMP),%xmm0
+	testb	$CR0_TS, %al
+	je	3f
+	movl	%eax, %cr0
+3:	ret
+END(mds_handler_ivb)
+
+ENTRY(mds_handler_bdw)
+	movl	%cr0, %eax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movl	PCPU(MDS_BUF), %ebx
+	movdqa	%xmm0, PCPU(MDS_TMP)
+	pxor	%xmm0, %xmm0
+
+	movl	%ebx, %edi
+	movl	%ebx, %esi
+	movl	$40, %ecx
+2:	movntdq	%xmm0, (%ebx)
+	addl	$16, %ebx
+	decl	%ecx
+	jnz	2b
+	mfence
+	movl	$1536, %ecx
+	rep; movsb
+	lfence
+
+	movdqa	PCPU(MDS_TMP),%xmm0
+	testb	$CR0_TS, %al
+	je	3f
+	movl	%eax, %cr0
+3:	ret
+END(mds_handler_bdw)
+
+ENTRY(mds_handler_skl_sse)
+	movl	%cr0, %eax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movl	PCPU(MDS_BUF), %edi
+	movl	PCPU(MDS_BUF64), %edx
+	movdqa	%xmm0, PCPU(MDS_TMP)
+	pxor	%xmm0, %xmm0
+
+	lfence
+	orpd	(%edx), %xmm0
+	orpd	(%edx), %xmm0
+	xorl	%eax, %eax
+2:	clflushopt	5376(%edi, %eax, 8)
+	addl	$8, %eax
+	cmpl	$8 * 12, %eax
+	jb	2b
+	sfence
+	movl	$6144, %ecx
+	xorl	%eax, %eax
+	rep; stosb
+	mfence
+
+	movdqa	PCPU(MDS_TMP), %xmm0
+	testb	$CR0_TS, %al
+	je	3f
+	movl	%eax, %cr0
+3:	ret
+END(mds_handler_skl_sse)
+
+ENTRY(mds_handler_skl_avx)
+	movl	%cr0, %eax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movl	PCPU(MDS_BUF), %edi
+	movl	PCPU(MDS_BUF64), %edx
+	vmovdqa	%ymm0, PCPU(MDS_TMP)
+	vpxor	%ymm0, %ymm0, %ymm0
+
+	lfence
+	vorpd	(%edx), %ymm0, %ymm0
+	vorpd	(%edx), %ymm0, %ymm0
+	xorl	%eax, %eax
+2:	clflushopt	5376(%edi, %eax, 8)
+	addl	$8, %eax
+	cmpl	$8 * 12, %eax
+	jb	2b
+	sfence
+	movl	$6144, %ecx
+	xorl	%eax, %eax
+	rep; stosb
+	mfence
+
+	vmovdqa	PCPU(MDS_TMP), %ymm0
+	testb	$CR0_TS, %al
+	je	3f
+	movl	%eax, %cr0
+3:	ret
+END(mds_handler_skl_avx)
+
+ENTRY(mds_handler_skl_avx512)
+	movl	%cr0, %eax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movl	PCPU(MDS_BUF), %edi
+	movl	PCPU(MDS_BUF64), %edx
+/*	vmovdqa64	%zmm0, PCPU(MDS_TMP) */
+	.byte	0x64, 0x62, 0xf1, 0xfd, 0x48, 0x7f, 0x05
+	.long	PC_MDS_TMP
+/*	vpxor	%zmm0, %zmm0, %zmm0 */
+	.byte	0x62, 0xf1, 0xfd, 0x48, 0xef, 0xc0
+
+	lfence
+/*	vorpd	(%edx), %zmm0, %zmm0 */
+	.byte	0x62, 0xf1, 0xfd, 0x48, 0x56, 0x02
+/*	vorpd	(%edx), %zmm0, %zmm0 */
+	.byte	0x62, 0xf1, 0xfd, 0x48, 0x56, 0x02
+	xorl	%eax, %eax
+2:	clflushopt	5376(%edi, %eax, 8)
+	addl	$8, %eax
+	cmpl	$8 * 12, %eax
+	jb	2b
+	sfence
+	movl	$6144, %ecx
+	xorl	%eax, %eax
+	rep; stosb
+	mfence
+
+/*	vmovdqa64	PCPU(MDS_TMP), %zmm0 */
+	.byte	0x64, 0x62, 0xf1, 0xfd, 0x48, 0x6f, 0x05
+	.long	PC_MDS_TMP
+	testb	$CR0_TS, %al
+	je	3f
+	movl	%eax, %cr0
+3:	ret
+END(mds_handler_skl_avx512)
+
+ENTRY(mds_handler_silvermont)
+	movl	%cr0, %eax
+	testb	$CR0_TS, %al
+	je	1f
+	clts
+1:	movl	PCPU(MDS_BUF), %edx
+	movdqa	%xmm0, PCPU(MDS_TMP)
+	pxor	%xmm0, %xmm0
+
+	movl	$16, %ecx
+2:	movntdq	%xmm0, (%edx)
+	addl	$16, %edx
+	decl	%ecx
+	jnz	2b
+	mfence
+
+	movdqa	PCPU(MDS_TMP),%xmm0
+	testb	$CR0_TS, %al
+	je	3f
+	movl	%eax, %cr0
+3:	ret
+END(mds_handler_silvermont)

Modified: releng/11.2/sys/i386/include/pcpu.h
==============================================================================
--- releng/11.2/sys/i386/include/pcpu.h	Tue May 14 23:19:08 2019	(r347594)
+++ releng/11.2/sys/i386/include/pcpu.h	Tue May 14 23:20:16 2019	(r347595)
@@ -69,7 +69,11 @@
 	vm_offset_t pc_qmap_addr;	/* KVA for temporary mappings */\
 	uint32_t pc_smp_tlb_done;	/* TLB op acknowledgement */	\
 	uint32_t pc_ibpb_set;						\
-	char	__pad[185]
+	void	*pc_mds_buf;						\
+	void	*pc_mds_buf64;						\
+	uint32_t pc_pad[12];						\
+	uint8_t	pc_mds_tmp[64];						\
+	char	__pad[153]
 
 #ifdef _KERNEL
 

Modified: releng/11.2/sys/x86/include/specialreg.h
==============================================================================
--- releng/11.2/sys/x86/include/specialreg.h	Tue May 14 23:19:08 2019	(r347594)
+++ releng/11.2/sys/x86/include/specialreg.h	Tue May 14 23:20:16 2019	(r347595)
@@ -385,6 +385,7 @@
 /*
  * CPUID instruction 7 Structured Extended Features, leaf 0 edx info
  */
+#define	CPUID_STDEXT3_MD_CLEAR	0x00000400
 #define	CPUID_STDEXT3_IBPB	0x04000000
 #define	CPUID_STDEXT3_STIBP	0x08000000
 #define	CPUID_STDEXT3_L1D_FLUSH	0x10000000
@@ -395,6 +396,7 @@
 #define	IA32_ARCH_CAP_RDCL_NO	0x00000001
 #define	IA32_ARCH_CAP_IBRS_ALL	0x00000002
 #define	IA32_ARCH_CAP_SSBD_NO	0x00000004
+#define	IA32_ARCH_CAP_MDS_NO	0x00000020
 
 /*
  * CPUID manufacturers identifiers

Modified: releng/11.2/sys/x86/include/x86_var.h
==============================================================================
--- releng/11.2/sys/x86/include/x86_var.h	Tue May 14 23:19:08 2019	(r347594)
+++ releng/11.2/sys/x86/include/x86_var.h	Tue May 14 23:20:16 2019	(r347595)
@@ -83,6 +83,7 @@ extern	int	use_xsave;
 extern	uint64_t xsave_mask;
 extern	int	pti;
 extern	int	hw_ibrs_active;
+extern	int	hw_mds_disable;
 extern	int	hw_ssb_active;
 
 struct	pcb;
@@ -134,6 +135,7 @@ int	isa_nmi(int cd);
 void	handle_ibrs_entry(void);
 void	handle_ibrs_exit(void);
 void	hw_ibrs_recalculate(void);
+void	hw_mds_recalculate(void);
 void	hw_ssb_recalculate(bool all_cpus);
 void	nmi_call_kdb(u_int cpu, u_int type, struct trapframe *frame);
 void	nmi_call_kdb_smp(u_int type, struct trapframe *frame);

Modified: releng/11.2/sys/x86/x86/cpu_machdep.c
==============================================================================
--- releng/11.2/sys/x86/x86/cpu_machdep.c	Tue May 14 23:19:08 2019	(r347594)
+++ releng/11.2/sys/x86/x86/cpu_machdep.c	Tue May 14 23:20:16 2019	(r347595)
@@ -938,3 +938,198 @@ SYSCTL_PROC(_hw, OID_AUTO, spec_store_bypass_disable, 
     hw_ssb_disable_handler, "I",
     "Speculative Store Bypass Disable (0 - off, 1 - on, 2 - auto");
 
+int hw_mds_disable;
+
+/*
+ * Handler for Microarchitectural Data Sampling issues.  Really not a
+ * pointer to C function: on amd64 the code must not change any CPU
+ * architectural state except possibly %rflags. Also, it is always
+ * called with interrupts disabled.
+ */
+void (*mds_handler)(void);
+void mds_handler_void(void);
+void mds_handler_verw(void);
+void mds_handler_ivb(void);
+void mds_handler_bdw(void);
+void mds_handler_skl_sse(void);
+void mds_handler_skl_avx(void);
+void mds_handler_skl_avx512(void);
+void mds_handler_silvermont(void);
+
+static int
+sysctl_hw_mds_disable_state_handler(SYSCTL_HANDLER_ARGS)
+{
+	const char *state;
+
+	if (mds_handler == mds_handler_void)
+		state = "inactive";
+	else if (mds_handler == mds_handler_verw)
+		state = "VERW";
+	else if (mds_handler == mds_handler_ivb)
+		state = "software IvyBridge";
+	else if (mds_handler == mds_handler_bdw)
+		state = "software Broadwell";
+	else if (mds_handler == mds_handler_skl_sse)
+		state = "software Skylake SSE";
+	else if (mds_handler == mds_handler_skl_avx)
+		state = "software Skylake AVX";
+	else if (mds_handler == mds_handler_skl_avx512)
+		state = "software Skylake AVX512";
+	else if (mds_handler == mds_handler_silvermont)
+		state = "software Silvermont";
+	else
+		state = "unknown";
+	return (SYSCTL_OUT(req, state, strlen(state)));
+}
+
+SYSCTL_PROC(_hw, OID_AUTO, mds_disable_state,
+    CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, 0,
+    sysctl_hw_mds_disable_state_handler, "A",
+    "Microarchitectural Data Sampling Mitigation state");
+
+_Static_assert(__offsetof(struct pcpu, pc_mds_tmp) % 64 == 0, "MDS AVX512");
+
+void
+hw_mds_recalculate(void)
+{
+	struct pcpu *pc;
+	vm_offset_t b64;
+	u_long xcr0;
+	int i;
+
+	/*
+	 * Allow user to force VERW variant even if MD_CLEAR is not
+	 * reported.  For instance, hypervisor might unknowingly
+	 * filter the cap out.
+	 * For the similar reasons, and for testing, allow to enable
+	 * mitigation even for RDCL_NO or MDS_NO caps.
+	 */
+	if (cpu_vendor_id != CPU_VENDOR_INTEL || hw_mds_disable == 0 ||
+	    ((cpu_ia32_arch_caps & (IA32_ARCH_CAP_RDCL_NO |
+	    IA32_ARCH_CAP_MDS_NO)) != 0 && hw_mds_disable == 3)) {
+		mds_handler = mds_handler_void;
+	} else if (((cpu_stdext_feature3 & CPUID_STDEXT3_MD_CLEAR) != 0 &&
+	    hw_mds_disable == 3) || hw_mds_disable == 1) {
+		mds_handler = mds_handler_verw;
+	} else if (CPUID_TO_FAMILY(cpu_id) == 0x6 &&
+	    (CPUID_TO_MODEL(cpu_id) == 0x2e || CPUID_TO_MODEL(cpu_id) == 0x1e ||
+	    CPUID_TO_MODEL(cpu_id) == 0x1f || CPUID_TO_MODEL(cpu_id) == 0x1a ||
+	    CPUID_TO_MODEL(cpu_id) == 0x2f || CPUID_TO_MODEL(cpu_id) == 0x25 ||
+	    CPUID_TO_MODEL(cpu_id) == 0x2c || CPUID_TO_MODEL(cpu_id) == 0x2d ||
+	    CPUID_TO_MODEL(cpu_id) == 0x2a || CPUID_TO_MODEL(cpu_id) == 0x3e ||
+	    CPUID_TO_MODEL(cpu_id) == 0x3a) &&
+	    (hw_mds_disable == 2 || hw_mds_disable == 3)) {
+		/*
+		 * Nehalem, SandyBridge, IvyBridge
+		 */
+		CPU_FOREACH(i) {
+			pc = pcpu_find(i);
+			if (pc->pc_mds_buf == NULL) {
+				pc->pc_mds_buf = malloc(672, M_TEMP,
+				    M_WAITOK);
+				bzero(pc->pc_mds_buf, 16);
+			}
+		}
+		mds_handler = mds_handler_ivb;
+	} else if (CPUID_TO_FAMILY(cpu_id) == 0x6 &&
+	    (CPUID_TO_MODEL(cpu_id) == 0x3f || CPUID_TO_MODEL(cpu_id) == 0x3c ||
+	    CPUID_TO_MODEL(cpu_id) == 0x45 || CPUID_TO_MODEL(cpu_id) == 0x46 ||
+	    CPUID_TO_MODEL(cpu_id) == 0x56 || CPUID_TO_MODEL(cpu_id) == 0x4f ||
+	    CPUID_TO_MODEL(cpu_id) == 0x47 || CPUID_TO_MODEL(cpu_id) == 0x3d) &&
+	    (hw_mds_disable == 2 || hw_mds_disable == 3)) {
+		/*
+		 * Haswell, Broadwell
+		 */
+		CPU_FOREACH(i) {
+			pc = pcpu_find(i);
+			if (pc->pc_mds_buf == NULL) {
+				pc->pc_mds_buf = malloc(1536, M_TEMP,
+				    M_WAITOK);
+				bzero(pc->pc_mds_buf, 16);
+			}
+		}
+		mds_handler = mds_handler_bdw;
+	} else if (CPUID_TO_FAMILY(cpu_id) == 0x6 &&
+	    ((CPUID_TO_MODEL(cpu_id) == 0x55 && (cpu_id &
+	    CPUID_STEPPING) <= 5) ||
+	    CPUID_TO_MODEL(cpu_id) == 0x4e || CPUID_TO_MODEL(cpu_id) == 0x5e ||
+	    (CPUID_TO_MODEL(cpu_id) == 0x8e && (cpu_id &
+	    CPUID_STEPPING) <= 0xb) ||
+	    (CPUID_TO_MODEL(cpu_id) == 0x9e && (cpu_id &
+	    CPUID_STEPPING) <= 0xc)) &&
+	    (hw_mds_disable == 2 || hw_mds_disable == 3)) {
+		/*
+		 * Skylake, KabyLake, CoffeeLake, WhiskeyLake,
+		 * CascadeLake
+		 */
+		CPU_FOREACH(i) {
+			pc = pcpu_find(i);
+			if (pc->pc_mds_buf == NULL) {
+				pc->pc_mds_buf = malloc(6 * 1024,
+				    M_TEMP, M_WAITOK);
+				b64 = (vm_offset_t)malloc(64 + 63,
+				    M_TEMP, M_WAITOK);
+				pc->pc_mds_buf64 = (void *)roundup2(b64, 64);
+				bzero(pc->pc_mds_buf64, 64);
+			}
+		}
+		xcr0 = rxcr(0);
+		if ((xcr0 & XFEATURE_ENABLED_ZMM_HI256) != 0 &&
+		    (cpu_stdext_feature2 & CPUID_STDEXT_AVX512DQ) != 0)
+			mds_handler = mds_handler_skl_avx512;
+		else if ((xcr0 & XFEATURE_ENABLED_AVX) != 0 &&
+		    (cpu_feature2 & CPUID2_AVX) != 0)
+			mds_handler = mds_handler_skl_avx;
+		else
+			mds_handler = mds_handler_skl_sse;
+	} else if (CPUID_TO_FAMILY(cpu_id) == 0x6 &&
+	    ((CPUID_TO_MODEL(cpu_id) == 0x37 ||
+	    CPUID_TO_MODEL(cpu_id) == 0x4a ||
+	    CPUID_TO_MODEL(cpu_id) == 0x4c ||
+	    CPUID_TO_MODEL(cpu_id) == 0x4d ||
+	    CPUID_TO_MODEL(cpu_id) == 0x5a ||
+	    CPUID_TO_MODEL(cpu_id) == 0x5d ||
+	    CPUID_TO_MODEL(cpu_id) == 0x6e ||
+	    CPUID_TO_MODEL(cpu_id) == 0x65 ||
+	    CPUID_TO_MODEL(cpu_id) == 0x75 ||
+	    CPUID_TO_MODEL(cpu_id) == 0x1c ||
+	    CPUID_TO_MODEL(cpu_id) == 0x26 ||
+	    CPUID_TO_MODEL(cpu_id) == 0x27 ||
+	    CPUID_TO_MODEL(cpu_id) == 0x35 ||
+	    CPUID_TO_MODEL(cpu_id) == 0x36 ||
+	    CPUID_TO_MODEL(cpu_id) == 0x7a))) {
+		/* Silvermont, Airmont */
+		CPU_FOREACH(i) {
+			pc = pcpu_find(i);
+			if (pc->pc_mds_buf == NULL)
+				pc->pc_mds_buf = malloc(256, M_TEMP, M_WAITOK);
+		}
+		mds_handler = mds_handler_silvermont;
+	} else {
+		hw_mds_disable = 0;
+		mds_handler = mds_handler_void;
+	}
+}
+
+static int
+sysctl_mds_disable_handler(SYSCTL_HANDLER_ARGS)
+{
+	int error, val;
+
+	val = hw_mds_disable;
+	error = sysctl_handle_int(oidp, &val, 0, req);
+	if (error != 0 || req->newptr == NULL)
+		return (error);
+	if (val < 0 || val > 3)
+		return (EINVAL);
+	hw_mds_disable = val;
+	hw_mds_recalculate();
+	return (0);
+}
+
+SYSCTL_PROC(_hw, OID_AUTO, mds_disable, CTLTYPE_INT |
+    CTLFLAG_RWTUN | CTLFLAG_NOFETCH | CTLFLAG_MPSAFE, NULL, 0,
+    sysctl_mds_disable_handler, "I",
+    "Microarchitectural Data Sampling Mitigation "
+    "(0 - off, 1 - on VERW, 2 - on SW, 3 - on AUTO");
+

From owner-svn-src-releng@freebsd.org  Tue May 14 23:22:32 2019
Return-Path: <owner-svn-src-releng@freebsd.org>
Delivered-To: svn-src-releng@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 80AF9159C3DB;
 Tue, 14 May 2019 23:22:32 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 24E0289FFF;
 Tue, 14 May 2019 23:22:32 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id EC59D27E86;
 Tue, 14 May 2019 23:22:31 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x4ENMVMi063998;
 Tue, 14 May 2019 23:22:31 GMT (envelope-from gordon@FreeBSD.org)
Received: (from gordon@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id x4ENMVbe063993;
 Tue, 14 May 2019 23:22:31 GMT (envelope-from gordon@FreeBSD.org)
Message-Id: <201905142322.x4ENMVbe063993@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: gordon set sender to
 gordon@FreeBSD.org using -f
From: Gordon Tetlow <gordon@FreeBSD.org>
Date: Tue, 14 May 2019 23:22:31 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-releng@freebsd.org
Subject: svn commit: r347597 - in releng: 11.2 11.2/sys/conf 12.0 12.0/sys/conf
X-SVN-Group: releng
X-SVN-Commit-Author: gordon
X-SVN-Commit-Paths: in releng: 11.2 11.2/sys/conf 12.0 12.0/sys/conf
X-SVN-Commit-Revision: 347597
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: 24E0289FFF
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.97 / 15.00];
 local_wl_from(0.00)[FreeBSD.org];
 NEURAL_HAM_MEDIUM(-1.00)[-0.998,0];
 NEURAL_HAM_SHORT(-0.97)[-0.971,0];
 ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US];
 NEURAL_HAM_LONG(-1.00)[-1.000,0]
X-BeenThere: svn-src-releng@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the release engineering / security commits to
 the src tree <svn-src-releng.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-releng>, 
 <mailto:svn-src-releng-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-releng/>
List-Post: <mailto:svn-src-releng@freebsd.org>
List-Help: <mailto:svn-src-releng-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-releng>,
 <mailto:svn-src-releng-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 14 May 2019 23:22:32 -0000

Author: gordon
Date: Tue May 14 23:22:30 2019
New Revision: 347597
URL: https://svnweb.freebsd.org/changeset/base/347597

Log:
  Bump newvers.sh and add UPDATING block.
  
  Approved by:	so

Modified:
  releng/11.2/UPDATING
  releng/11.2/sys/conf/newvers.sh
  releng/12.0/UPDATING
  releng/12.0/sys/conf/newvers.sh

Modified: releng/11.2/UPDATING
==============================================================================
--- releng/11.2/UPDATING	Tue May 14 23:21:20 2019	(r347596)
+++ releng/11.2/UPDATING	Tue May 14 23:22:30 2019	(r347597)
@@ -16,6 +16,29 @@ from older versions of FreeBSD, try WITHOUT_CLANG and 
 the tip of head, and then rebuild without this option. The bootstrap process
 from older version of current across the gcc/clang cutover is a bit fragile.
 
+20190514	p10	FreeBSD-EN-19:08.tzdata
+			FreeBSD-EN-19:09.xinstall
+			FreeBSD-SA-19:03.wpa
+			FreeBSD-SA-19:04.ntp
+			FreeBSD-SA-19:05.pf
+			FreeBSD-SA-19:06.pf
+			FreeBSD-SA-19:07.mds
+
+	Import tzdata 2019a. [EN-19:08.tzdata]
+
+	Fix install with partially matching relative paths. [EN-19:09.xinstall]
+
+	Fix multiple vulnerabilities in hostapd/wpa_supplicant. [SA-19:03.wpa]
+
+	Fix authenticated denial of service in ntpd. [SA-19:04.ntp]
+
+	Fix IPv6 fragment reassembly in pf. [SA-19:05.pf]
+
+	Fix ICMP/ICMP6 packet filter bypass in pf. [SA-19:06.pf]
+
+	Add mitigations for Microarchitectural Data Sampling. [SA-19:07.mds]
+
+
 20190205	p9	FreeBSD-SA-19:01.syscall
 
 	amd64: clear callee-preserved registers on syscall exit

Modified: releng/11.2/sys/conf/newvers.sh
==============================================================================
--- releng/11.2/sys/conf/newvers.sh	Tue May 14 23:21:20 2019	(r347596)
+++ releng/11.2/sys/conf/newvers.sh	Tue May 14 23:22:30 2019	(r347597)
@@ -44,7 +44,7 @@
 
 TYPE="FreeBSD"
 REVISION="11.2"
-BRANCH="RELEASE-p9"
+BRANCH="RELEASE-p10"
 if [ -n "${BRANCH_OVERRIDE}" ]; then
 	BRANCH=${BRANCH_OVERRIDE}
 fi

Modified: releng/12.0/UPDATING
==============================================================================
--- releng/12.0/UPDATING	Tue May 14 23:21:20 2019	(r347596)
+++ releng/12.0/UPDATING	Tue May 14 23:22:30 2019	(r347597)
@@ -16,6 +16,32 @@ from older versions of FreeBSD, try WITHOUT_CLANG and 
 the tip of head, and then rebuild without this option. The bootstrap process
 from older version of current across the gcc/clang cutover is a bit fragile.
 
+20190514	p4	FreeBSD-EN-19:08.tzdata
+			FreeBSD-EN-19:09.xinstall
+			FreeBSD-EN-19:10.scp
+			FreeBSD-SA-19:03.wpa
+			FreeBSD-SA-19:04.ntp
+			FreeBSD-SA-19:05.pf
+			FreeBSD-SA-19:06.pf
+			FreeBSD-SA-19:07.mds
+
+	Import tzdata 2019a. [EN-19:08.tzdata]
+
+	Fix install with partially matching relative paths. [EN-19:09.xinstall]
+
+	Fix filename validation in scp. [EN-19:10.scp]
+
+	Fix multiple vulnerabilities in hostapd/wpa_supplicant. [SA-19:03.wpa]
+
+	Fix authenticated denial of service in ntpd. [SA-19:04.ntp]
+
+	Fix IPv6 fragment reassembly in pf. [SA-19:05.pf]
+
+	Fix ICMP/ICMP6 packet filter bypass in pf. [SA-19:06.pf]
+
+	Add mitigations for Microarchitectural Data Sampling. [SA-19:07.mds]
+
+
 20190205:	p3	FreeBSD-SA-19:01.syscall
 			FreeBSD-SA-19:02.fd
 			FreeBSD-EN-19:06.dtrace

Modified: releng/12.0/sys/conf/newvers.sh
==============================================================================
--- releng/12.0/sys/conf/newvers.sh	Tue May 14 23:21:20 2019	(r347596)
+++ releng/12.0/sys/conf/newvers.sh	Tue May 14 23:22:30 2019	(r347597)
@@ -46,7 +46,7 @@
 
 TYPE="FreeBSD"
 REVISION="12.0"
-BRANCH="RELEASE-p3"
+BRANCH="RELEASE-p4"
 if [ -n "${BRANCH_OVERRIDE}" ]; then
 	BRANCH=${BRANCH_OVERRIDE}
 fi

From owner-svn-src-releng@freebsd.org  Wed May 15 20:44:28 2019
Return-Path: <owner-svn-src-releng@freebsd.org>
Delivered-To: svn-src-releng@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 515FB15A1C76;
 Wed, 15 May 2019 20:44:28 +0000 (UTC) (envelope-from kib@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id E92A970E59;
 Wed, 15 May 2019 20:44:27 +0000 (UTC) (envelope-from kib@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id BD182EE3E;
 Wed, 15 May 2019 20:44:27 +0000 (UTC) (envelope-from kib@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x4FKiRnC044355;
 Wed, 15 May 2019 20:44:27 GMT (envelope-from kib@FreeBSD.org)
Received: (from kib@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id x4FKiRKg044354;
 Wed, 15 May 2019 20:44:27 GMT (envelope-from kib@FreeBSD.org)
Message-Id: <201905152044.x4FKiRKg044354@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: kib set sender to kib@FreeBSD.org
 using -f
From: Konstantin Belousov <kib@FreeBSD.org>
Date: Wed, 15 May 2019 20:44:27 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-releng@freebsd.org
Subject: svn commit: r347632 - releng/12.0/sys/i386/i386
X-SVN-Group: releng
X-SVN-Commit-Author: kib
X-SVN-Commit-Paths: releng/12.0/sys/i386/i386
X-SVN-Commit-Revision: 347632
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: E92A970E59
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.96 / 15.00];
 local_wl_from(0.00)[FreeBSD.org];
 NEURAL_HAM_MEDIUM(-1.00)[-0.999,0];
 NEURAL_HAM_SHORT(-0.96)[-0.958,0];
 NEURAL_HAM_LONG(-1.00)[-1.000,0];
 ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]
X-BeenThere: svn-src-releng@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the release engineering / security commits to
 the src tree <svn-src-releng.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-releng>, 
 <mailto:svn-src-releng-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-releng/>
List-Post: <mailto:svn-src-releng@freebsd.org>
List-Help: <mailto:svn-src-releng-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-releng>,
 <mailto:svn-src-releng-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 15 May 2019 20:44:28 -0000

Author: kib
Date: Wed May 15 20:44:27 2019
New Revision: 347632
URL: https://svnweb.freebsd.org/changeset/base/347632

Log:
  Fix mismerge.
  
  Pointy hat to:	kib
  Tested by: so (emaste, gtetlow)
  Approved by: so (emaste, gtetlow)

Modified:
  releng/12.0/sys/i386/i386/initcpu.c

Modified: releng/12.0/sys/i386/i386/initcpu.c
==============================================================================
--- releng/12.0/sys/i386/i386/initcpu.c	Wed May 15 20:01:41 2019	(r347631)
+++ releng/12.0/sys/i386/i386/initcpu.c	Wed May 15 20:44:27 2019	(r347632)
@@ -745,7 +745,6 @@ initializecpu(void)
 		cpu_fxsr = hw_instruction_sse = 1;
 	}
 #if defined(PAE) || defined(PAE_TABLES)
-	hw_mds_recalculate();
 	if ((amd_feature & AMDID_NX) != 0) {
 		uint64_t msr;
 
@@ -755,6 +754,7 @@ initializecpu(void)
 		elf32_nxstack = 1;
 	}
 #endif
+	hw_mds_recalculate();
 }
 
 void

From owner-svn-src-releng@freebsd.org  Wed May 15 21:25:45 2019
Return-Path: <owner-svn-src-releng@freebsd.org>
Delivered-To: svn-src-releng@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5746515A29E3;
 Wed, 15 May 2019 21:25:45 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id EC4EF7240D;
 Wed, 15 May 2019 21:25:44 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id C07CDF519;
 Wed, 15 May 2019 21:25:44 +0000 (UTC)
 (envelope-from gordon@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x4FLPi96066136;
 Wed, 15 May 2019 21:25:44 GMT (envelope-from gordon@FreeBSD.org)
Received: (from gordon@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id x4FLPi6q066135;
 Wed, 15 May 2019 21:25:44 GMT (envelope-from gordon@FreeBSD.org)
Message-Id: <201905152125.x4FLPi6q066135@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: gordon set sender to
 gordon@FreeBSD.org using -f
From: Gordon Tetlow <gordon@FreeBSD.org>
Date: Wed, 15 May 2019 21:25:44 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-releng@freebsd.org
Subject: svn commit: r347633 - in releng/12.0: . sys/conf
X-SVN-Group: releng
X-SVN-Commit-Author: gordon
X-SVN-Commit-Paths: in releng/12.0: . sys/conf
X-SVN-Commit-Revision: 347633
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: EC4EF7240D
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.96 / 15.00];
 local_wl_from(0.00)[FreeBSD.org];
 NEURAL_HAM_MEDIUM(-1.00)[-0.999,0];
 NEURAL_HAM_LONG(-1.00)[-1.000,0];
 NEURAL_HAM_SHORT(-0.96)[-0.958,0];
 ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]
X-BeenThere: svn-src-releng@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the release engineering / security commits to
 the src tree <svn-src-releng.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-releng>, 
 <mailto:svn-src-releng-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-releng/>
List-Post: <mailto:svn-src-releng@freebsd.org>
List-Help: <mailto:svn-src-releng-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-releng>,
 <mailto:svn-src-releng-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 15 May 2019 21:25:45 -0000

Author: gordon
Date: Wed May 15 21:25:44 2019
New Revision: 347633
URL: https://svnweb.freebsd.org/changeset/base/347633

Log:
  Bump patch revision for updated mds patches.
  
  Approved by:	so

Modified:
  releng/12.0/UPDATING
  releng/12.0/sys/conf/newvers.sh

Modified: releng/12.0/UPDATING
==============================================================================
--- releng/12.0/UPDATING	Wed May 15 20:44:27 2019	(r347632)
+++ releng/12.0/UPDATING	Wed May 15 21:25:44 2019	(r347633)
@@ -16,6 +16,11 @@ from older versions of FreeBSD, try WITHOUT_CLANG and 
 the tip of head, and then rebuild without this option. The bootstrap process
 from older version of current across the gcc/clang cutover is a bit fragile.
 
+20190515	p5	FreeBSD-EN-19:07.mds [revised]
+
+	Fixed error in patch causing panic on i386 architecture. [SA-19:07.mds]
+
+
 20190514	p4	FreeBSD-EN-19:08.tzdata
 			FreeBSD-EN-19:09.xinstall
 			FreeBSD-EN-19:10.scp

Modified: releng/12.0/sys/conf/newvers.sh
==============================================================================
--- releng/12.0/sys/conf/newvers.sh	Wed May 15 20:44:27 2019	(r347632)
+++ releng/12.0/sys/conf/newvers.sh	Wed May 15 21:25:44 2019	(r347633)
@@ -46,7 +46,7 @@
 
 TYPE="FreeBSD"
 REVISION="12.0"
-BRANCH="RELEASE-p4"
+BRANCH="RELEASE-p5"
 if [ -n "${BRANCH_OVERRIDE}" ]; then
 	BRANCH=${BRANCH_OVERRIDE}
 fi