From owner-svn-src-user@FreeBSD.ORG Tue Dec 9 06:40:43 2014 Return-Path: Delivered-To: svn-src-user@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9149B8D9; Tue, 9 Dec 2014 06:40:43 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7B924253; Tue, 9 Dec 2014 06:40:43 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id sB96ehZ8048879; Tue, 9 Dec 2014 06:40:43 GMT (envelope-from delphij@FreeBSD.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id sB96ecVL048847; Tue, 9 Dec 2014 06:40:38 GMT (envelope-from delphij@FreeBSD.org) Message-Id: <201412090640.sB96ecVL048847@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: delphij set sender to delphij@FreeBSD.org using -f From: Xin LI Date: Tue, 9 Dec 2014 06:40:38 +0000 (UTC) To: src-committers@freebsd.org, svn-src-user@freebsd.org Subject: svn commit: r275629 - in user/cperciva/freebsd-update-build/patches: 10.0-RELEASE 10.1-RELEASE 8.4-RELEASE 9.1-RELEASE 9.2-RELEASE 9.3-RELEASE X-SVN-Group: user MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-user@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "SVN commit messages for the experimental " user" src tree" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Dec 2014 06:40:43 -0000 Author: delphij Date: Tue Dec 9 06:40:38 2014 New Revision: 275629 URL: https://svnweb.freebsd.org/changeset/base/275629 Log: Add patches for previous patch batch. Added: user/cperciva/freebsd-update-build/patches/10.0-RELEASE/12-EN-14:12.zfs user/cperciva/freebsd-update-build/patches/10.0-RELEASE/12-SA-14:24.sshd user/cperciva/freebsd-update-build/patches/10.0-RELEASE/12-SA-14:25.setlogin user/cperciva/freebsd-update-build/patches/10.0-RELEASE/12-SA-14:26.ftp user/cperciva/freebsd-update-build/patches/10.1-RELEASE/ user/cperciva/freebsd-update-build/patches/8.4-RELEASE/19-EN-14:12.zfs user/cperciva/freebsd-update-build/patches/8.4-RELEASE/19-SA-14:25.setlogin user/cperciva/freebsd-update-build/patches/8.4-RELEASE/19-SA-14:26.ftp user/cperciva/freebsd-update-build/patches/9.1-RELEASE/22-EN-14:12.zfs user/cperciva/freebsd-update-build/patches/9.1-RELEASE/22-SA-14:24.sshd user/cperciva/freebsd-update-build/patches/9.1-RELEASE/22-SA-14:25.setlogin user/cperciva/freebsd-update-build/patches/9.1-RELEASE/22-SA-14:26.ftp user/cperciva/freebsd-update-build/patches/9.2-RELEASE/15-EN-14:12.zfs user/cperciva/freebsd-update-build/patches/9.2-RELEASE/15-SA-14:24.sshd user/cperciva/freebsd-update-build/patches/9.2-RELEASE/15-SA-14:25.setlogin user/cperciva/freebsd-update-build/patches/9.2-RELEASE/15-SA-14:26.ftp user/cperciva/freebsd-update-build/patches/9.3-RELEASE/5-EN-14:12.zfs user/cperciva/freebsd-update-build/patches/9.3-RELEASE/5-SA-14:25.setlogin user/cperciva/freebsd-update-build/patches/9.3-RELEASE/5-SA-14:26.ftp Added: user/cperciva/freebsd-update-build/patches/10.0-RELEASE/12-EN-14:12.zfs ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/10.0-RELEASE/12-EN-14:12.zfs Tue Dec 9 06:40:38 2014 (r275629) @@ -0,0 +1,12 @@ +Index: sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c +=================================================================== +--- sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c.orig ++++ sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c +@@ -2827,6 +2827,7 @@ zfs_getattr(vnode_t *vp, vattr_t *vap, int flags, + #endif + vap->va_seq = zp->z_seq; + vap->va_flags = 0; /* FreeBSD: Reset chflags(2) flags. */ ++ vap->va_filerev = zp->z_seq; + + /* + * Add in any requested optional attributes and the create time. Added: user/cperciva/freebsd-update-build/patches/10.0-RELEASE/12-SA-14:24.sshd ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/10.0-RELEASE/12-SA-14:24.sshd Tue Dec 9 06:40:38 2014 (r275629) @@ -0,0 +1,21 @@ +Index: secure/usr.sbin/sshd/Makefile +=================================================================== +--- secure/usr.sbin/sshd/Makefile.orig ++++ secure/usr.sbin/sshd/Makefile +@@ -57,6 +57,16 @@ + DPADD+= ${LIBCRYPT} ${LIBCRYPTO} ${LIBZ} + LDADD+= -lcrypt -lcrypto -lz + ++# Fix the order of NEEDED entries for libthr and libc. The libthr ++# needs to interpose libc symbols, leaving the libthr loading as ++# dependency of krb causes reversed order and broken interposing. Put ++# the threading library last on the linker command line, just before ++# the -lc added by a compiler driver. ++.if ${MK_KERBEROS_SUPPORT} != "no" ++DPADD+= ${LIBPTHREAD} ++LDADD+= -lpthread ++.endif ++ + .if defined(LOCALBASE) + CFLAGS+= -DXAUTH_PATH=\"${LOCALBASE}/bin/xauth\" + .endif Added: user/cperciva/freebsd-update-build/patches/10.0-RELEASE/12-SA-14:25.setlogin ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/10.0-RELEASE/12-SA-14:25.setlogin Tue Dec 9 06:40:38 2014 (r275629) @@ -0,0 +1,64 @@ +Index: sys/kern/kern_prot.c +=================================================================== +--- sys/kern/kern_prot.c.orig ++++ sys/kern/kern_prot.c +@@ -2066,21 +2066,20 @@ + int + sys_getlogin(struct thread *td, struct getlogin_args *uap) + { +- int error; + char login[MAXLOGNAME]; + struct proc *p = td->td_proc; ++ size_t len; + + if (uap->namelen > MAXLOGNAME) + uap->namelen = MAXLOGNAME; + PROC_LOCK(p); + SESS_LOCK(p->p_session); +- bcopy(p->p_session->s_login, login, uap->namelen); ++ len = strlcpy(login, p->p_session->s_login, uap->namelen) + 1; + SESS_UNLOCK(p->p_session); + PROC_UNLOCK(p); +- if (strlen(login) + 1 > uap->namelen) ++ if (len > uap->namelen) + return (ERANGE); +- error = copyout(login, uap->namebuf, uap->namelen); +- return (error); ++ return (copyout(login, uap->namebuf, len)); + } + + /* +@@ -2099,21 +2098,23 @@ + int error; + char logintmp[MAXLOGNAME]; + ++ CTASSERT(sizeof(p->p_session->s_login) >= sizeof(logintmp)); ++ + error = priv_check(td, PRIV_PROC_SETLOGIN); + if (error) + return (error); + error = copyinstr(uap->namebuf, logintmp, sizeof(logintmp), NULL); +- if (error == ENAMETOOLONG) +- error = EINVAL; +- else if (!error) { +- PROC_LOCK(p); +- SESS_LOCK(p->p_session); +- (void) memcpy(p->p_session->s_login, logintmp, +- sizeof(logintmp)); +- SESS_UNLOCK(p->p_session); +- PROC_UNLOCK(p); ++ if (error != 0) { ++ if (error == ENAMETOOLONG) ++ error = EINVAL; ++ return (error); + } +- return (error); ++ PROC_LOCK(p); ++ SESS_LOCK(p->p_session); ++ strcpy(p->p_session->s_login, logintmp); ++ SESS_UNLOCK(p->p_session); ++ PROC_UNLOCK(p); ++ return (0); + } + + void Added: user/cperciva/freebsd-update-build/patches/10.0-RELEASE/12-SA-14:26.ftp ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/10.0-RELEASE/12-SA-14:26.ftp Tue Dec 9 06:40:38 2014 (r275629) @@ -0,0 +1,69 @@ +Index: contrib/tnftp/src/fetch.c +=================================================================== +--- contrib/tnftp/src/fetch.c.orig ++++ contrib/tnftp/src/fetch.c +@@ -547,7 +547,7 @@ + url_decode(decodedpath); + + if (outfile) +- savefile = ftp_strdup(outfile); ++ savefile = outfile; + else { + cp = strrchr(decodedpath, '/'); /* find savefile */ + if (cp != NULL) +@@ -571,8 +571,7 @@ + rangestart = rangeend = entitylen = -1; + mtime = -1; + if (restartautofetch) { +- if (strcmp(savefile, "-") != 0 && *savefile != '|' && +- stat(savefile, &sb) == 0) ++ if (stat(savefile, &sb) == 0) + restart_point = sb.st_size; + } + if (urltype == FILE_URL_T) { /* file:// URLs */ +@@ -1098,17 +1097,25 @@ + } /* end of ftp:// or http:// specific setup */ + + /* Open the output file. */ +- if (strcmp(savefile, "-") == 0) { +- fout = stdout; +- } else if (*savefile == '|') { +- oldintp = xsignal(SIGPIPE, SIG_IGN); +- fout = popen(savefile + 1, "w"); +- if (fout == NULL) { +- warn("Can't execute `%s'", savefile + 1); +- goto cleanup_fetch_url; ++ ++ /* ++ * Only trust filenames with special meaning if they came from ++ * the command line ++ */ ++ if (outfile == savefile) { ++ if (strcmp(savefile, "-") == 0) { ++ fout = stdout; ++ } else if (*savefile == '|') { ++ oldintp = xsignal(SIGPIPE, SIG_IGN); ++ fout = popen(savefile + 1, "w"); ++ if (fout == NULL) { ++ warn("Can't execute `%s'", savefile + 1); ++ goto cleanup_fetch_url; ++ } ++ closefunc = pclose; + } +- closefunc = pclose; +- } else { ++ } ++ if (fout == NULL) { + if ((rangeend != -1 && rangeend <= restart_point) || + (rangestart == -1 && filesize != -1 && filesize <= restart_point)) { + /* already done */ +@@ -1318,7 +1325,8 @@ + (*closefunc)(fout); + if (res0) + freeaddrinfo(res0); +- FREEPTR(savefile); ++ if (savefile != outfile) ++ FREEPTR(savefile); + FREEPTR(uuser); + if (pass != NULL) + memset(pass, 0, strlen(pass)); Added: user/cperciva/freebsd-update-build/patches/8.4-RELEASE/19-EN-14:12.zfs ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/8.4-RELEASE/19-EN-14:12.zfs Tue Dec 9 06:40:38 2014 (r275629) @@ -0,0 +1,12 @@ +Index: sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c +=================================================================== +--- sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c.orig ++++ sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c +@@ -2827,6 +2827,7 @@ zfs_getattr(vnode_t *vp, vattr_t *vap, int flags, + #endif + vap->va_seq = zp->z_seq; + vap->va_flags = 0; /* FreeBSD: Reset chflags(2) flags. */ ++ vap->va_filerev = zp->z_seq; + + /* + * Add in any requested optional attributes and the create time. Added: user/cperciva/freebsd-update-build/patches/8.4-RELEASE/19-SA-14:25.setlogin ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/8.4-RELEASE/19-SA-14:25.setlogin Tue Dec 9 06:40:38 2014 (r275629) @@ -0,0 +1,64 @@ +Index: sys/kern/kern_prot.c +=================================================================== +--- sys/kern/kern_prot.c.orig ++++ sys/kern/kern_prot.c +@@ -2066,21 +2066,20 @@ + int + sys_getlogin(struct thread *td, struct getlogin_args *uap) + { +- int error; + char login[MAXLOGNAME]; + struct proc *p = td->td_proc; ++ size_t len; + + if (uap->namelen > MAXLOGNAME) + uap->namelen = MAXLOGNAME; + PROC_LOCK(p); + SESS_LOCK(p->p_session); +- bcopy(p->p_session->s_login, login, uap->namelen); ++ len = strlcpy(login, p->p_session->s_login, uap->namelen) + 1; + SESS_UNLOCK(p->p_session); + PROC_UNLOCK(p); +- if (strlen(login) + 1 > uap->namelen) ++ if (len > uap->namelen) + return (ERANGE); +- error = copyout(login, uap->namebuf, uap->namelen); +- return (error); ++ return (copyout(login, uap->namebuf, len)); + } + + /* +@@ -2099,21 +2098,23 @@ + int error; + char logintmp[MAXLOGNAME]; + ++ CTASSERT(sizeof(p->p_session->s_login) >= sizeof(logintmp)); ++ + error = priv_check(td, PRIV_PROC_SETLOGIN); + if (error) + return (error); + error = copyinstr(uap->namebuf, logintmp, sizeof(logintmp), NULL); +- if (error == ENAMETOOLONG) +- error = EINVAL; +- else if (!error) { +- PROC_LOCK(p); +- SESS_LOCK(p->p_session); +- (void) memcpy(p->p_session->s_login, logintmp, +- sizeof(logintmp)); +- SESS_UNLOCK(p->p_session); +- PROC_UNLOCK(p); ++ if (error != 0) { ++ if (error == ENAMETOOLONG) ++ error = EINVAL; ++ return (error); + } +- return (error); ++ PROC_LOCK(p); ++ SESS_LOCK(p->p_session); ++ strcpy(p->p_session->s_login, logintmp); ++ SESS_UNLOCK(p->p_session); ++ PROC_UNLOCK(p); ++ return (0); + } + + void Added: user/cperciva/freebsd-update-build/patches/8.4-RELEASE/19-SA-14:26.ftp ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/8.4-RELEASE/19-SA-14:26.ftp Tue Dec 9 06:40:38 2014 (r275629) @@ -0,0 +1,69 @@ +Index: contrib/lukemftp/src/fetch.c +=================================================================== +--- contrib/lukemftp/src/fetch.c.orig ++++ contrib/lukemftp/src/fetch.c +@@ -540,7 +540,7 @@ + url_decode(decodedpath); + + if (outfile) +- savefile = xstrdup(outfile); ++ savefile = outfile; + else { + cp = strrchr(decodedpath, '/'); /* find savefile */ + if (cp != NULL) +@@ -566,8 +566,7 @@ + rangestart = rangeend = entitylen = -1; + mtime = -1; + if (restartautofetch) { +- if (strcmp(savefile, "-") != 0 && *savefile != '|' && +- stat(savefile, &sb) == 0) ++ if (stat(savefile, &sb) == 0) + restart_point = sb.st_size; + } + if (urltype == FILE_URL_T) { /* file:// URLs */ +@@ -1085,17 +1084,25 @@ + } /* end of ftp:// or http:// specific setup */ + + /* Open the output file. */ +- if (strcmp(savefile, "-") == 0) { +- fout = stdout; +- } else if (*savefile == '|') { +- oldintp = xsignal(SIGPIPE, SIG_IGN); +- fout = popen(savefile + 1, "w"); +- if (fout == NULL) { +- warn("Can't run `%s'", savefile + 1); +- goto cleanup_fetch_url; ++ ++ /* ++ * Only trust filenames with special meaning if they came from ++ * the command line ++ */ ++ if (outfile == savefile) { ++ if (strcmp(savefile, "-") == 0) { ++ fout = stdout; ++ } else if (*savefile == '|') { ++ oldintp = xsignal(SIGPIPE, SIG_IGN); ++ fout = popen(savefile + 1, "w"); ++ if (fout == NULL) { ++ warn("Can't execute `%s'", savefile + 1); ++ goto cleanup_fetch_url; ++ } ++ closefunc = pclose; + } +- closefunc = pclose; +- } else { ++ } ++ if (fout == NULL) { + if ((rangeend != -1 && rangeend <= restart_point) || + (rangestart == -1 && filesize != -1 && filesize <= restart_point)) { + /* already done */ +@@ -1278,7 +1285,8 @@ + (*closefunc)(fout); + if (res0) + freeaddrinfo(res0); +- FREEPTR(savefile); ++ if (savefile != outfile) ++ FREEPTR(savefile); + FREEPTR(user); + FREEPTR(pass); + FREEPTR(host); Added: user/cperciva/freebsd-update-build/patches/9.1-RELEASE/22-EN-14:12.zfs ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/9.1-RELEASE/22-EN-14:12.zfs Tue Dec 9 06:40:38 2014 (r275629) @@ -0,0 +1,12 @@ +Index: sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c +=================================================================== +--- sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c.orig ++++ sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c +@@ -2827,6 +2827,7 @@ zfs_getattr(vnode_t *vp, vattr_t *vap, int flags, + #endif + vap->va_seq = zp->z_seq; + vap->va_flags = 0; /* FreeBSD: Reset chflags(2) flags. */ ++ vap->va_filerev = zp->z_seq; + + /* + * Add in any requested optional attributes and the create time. Added: user/cperciva/freebsd-update-build/patches/9.1-RELEASE/22-SA-14:24.sshd ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/9.1-RELEASE/22-SA-14:24.sshd Tue Dec 9 06:40:38 2014 (r275629) @@ -0,0 +1,21 @@ +Index: secure/usr.sbin/sshd/Makefile +=================================================================== +--- secure/usr.sbin/sshd/Makefile.orig ++++ secure/usr.sbin/sshd/Makefile +@@ -57,6 +57,16 @@ + DPADD+= ${LIBCRYPT} ${LIBCRYPTO} ${LIBZ} + LDADD+= -lcrypt -lcrypto -lz + ++# Fix the order of NEEDED entries for libthr and libc. The libthr ++# needs to interpose libc symbols, leaving the libthr loading as ++# dependency of krb causes reversed order and broken interposing. Put ++# the threading library last on the linker command line, just before ++# the -lc added by a compiler driver. ++.if ${MK_KERBEROS_SUPPORT} != "no" ++DPADD+= ${LIBPTHREAD} ++LDADD+= -lpthread ++.endif ++ + .if defined(LOCALBASE) + CFLAGS+= -DXAUTH_PATH=\"${LOCALBASE}/bin/xauth\" + .endif Added: user/cperciva/freebsd-update-build/patches/9.1-RELEASE/22-SA-14:25.setlogin ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/9.1-RELEASE/22-SA-14:25.setlogin Tue Dec 9 06:40:38 2014 (r275629) @@ -0,0 +1,63 @@ +Index: sys/kern/kern_prot.c +=================================================================== +--- sys/kern/kern_prot.c.orig ++++ sys/kern/kern_prot.c +@@ -2073,19 +2073,20 @@ + int + sys_getlogin(struct thread *td, struct getlogin_args *uap) + { +- int error; + char login[MAXLOGNAME]; + struct proc *p = td->td_proc; ++ size_t len; + + if (uap->namelen > MAXLOGNAME) + uap->namelen = MAXLOGNAME; + PROC_LOCK(p); + SESS_LOCK(p->p_session); +- bcopy(p->p_session->s_login, login, uap->namelen); ++ len = strlcpy(login, p->p_session->s_login, uap->namelen) + 1; + SESS_UNLOCK(p->p_session); + PROC_UNLOCK(p); +- error = copyout(login, uap->namebuf, uap->namelen); +- return(error); ++ if (len > uap->namelen) ++ return (ERANGE); ++ return (copyout(login, uap->namebuf, len)); + } + + /* +@@ -2104,21 +2105,23 @@ + int error; + char logintmp[MAXLOGNAME]; + ++ CTASSERT(sizeof(p->p_session->s_login) >= sizeof(logintmp)); ++ + error = priv_check(td, PRIV_PROC_SETLOGIN); + if (error) + return (error); + error = copyinstr(uap->namebuf, logintmp, sizeof(logintmp), NULL); +- if (error == ENAMETOOLONG) +- error = EINVAL; +- else if (!error) { +- PROC_LOCK(p); +- SESS_LOCK(p->p_session); +- (void) memcpy(p->p_session->s_login, logintmp, +- sizeof(logintmp)); +- SESS_UNLOCK(p->p_session); +- PROC_UNLOCK(p); ++ if (error != 0) { ++ if (error == ENAMETOOLONG) ++ error = EINVAL; ++ return (error); + } +- return (error); ++ PROC_LOCK(p); ++ SESS_LOCK(p->p_session); ++ strcpy(p->p_session->s_login, logintmp); ++ SESS_UNLOCK(p->p_session); ++ PROC_UNLOCK(p); ++ return (0); + } + + void Added: user/cperciva/freebsd-update-build/patches/9.1-RELEASE/22-SA-14:26.ftp ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/9.1-RELEASE/22-SA-14:26.ftp Tue Dec 9 06:40:38 2014 (r275629) @@ -0,0 +1,69 @@ +Index: contrib/tnftp/src/fetch.c +=================================================================== +--- contrib/tnftp/src/fetch.c.orig ++++ contrib/tnftp/src/fetch.c +@@ -547,7 +547,7 @@ + url_decode(decodedpath); + + if (outfile) +- savefile = ftp_strdup(outfile); ++ savefile = outfile; + else { + cp = strrchr(decodedpath, '/'); /* find savefile */ + if (cp != NULL) +@@ -571,8 +571,7 @@ + rangestart = rangeend = entitylen = -1; + mtime = -1; + if (restartautofetch) { +- if (strcmp(savefile, "-") != 0 && *savefile != '|' && +- stat(savefile, &sb) == 0) ++ if (stat(savefile, &sb) == 0) + restart_point = sb.st_size; + } + if (urltype == FILE_URL_T) { /* file:// URLs */ +@@ -1098,17 +1097,25 @@ + } /* end of ftp:// or http:// specific setup */ + + /* Open the output file. */ +- if (strcmp(savefile, "-") == 0) { +- fout = stdout; +- } else if (*savefile == '|') { +- oldintp = xsignal(SIGPIPE, SIG_IGN); +- fout = popen(savefile + 1, "w"); +- if (fout == NULL) { +- warn("Can't execute `%s'", savefile + 1); +- goto cleanup_fetch_url; ++ ++ /* ++ * Only trust filenames with special meaning if they came from ++ * the command line ++ */ ++ if (outfile == savefile) { ++ if (strcmp(savefile, "-") == 0) { ++ fout = stdout; ++ } else if (*savefile == '|') { ++ oldintp = xsignal(SIGPIPE, SIG_IGN); ++ fout = popen(savefile + 1, "w"); ++ if (fout == NULL) { ++ warn("Can't execute `%s'", savefile + 1); ++ goto cleanup_fetch_url; ++ } ++ closefunc = pclose; + } +- closefunc = pclose; +- } else { ++ } ++ if (fout == NULL) { + if ((rangeend != -1 && rangeend <= restart_point) || + (rangestart == -1 && filesize != -1 && filesize <= restart_point)) { + /* already done */ +@@ -1318,7 +1325,8 @@ + (*closefunc)(fout); + if (res0) + freeaddrinfo(res0); +- FREEPTR(savefile); ++ if (savefile != outfile) ++ FREEPTR(savefile); + FREEPTR(uuser); + if (pass != NULL) + memset(pass, 0, strlen(pass)); Added: user/cperciva/freebsd-update-build/patches/9.2-RELEASE/15-EN-14:12.zfs ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/9.2-RELEASE/15-EN-14:12.zfs Tue Dec 9 06:40:38 2014 (r275629) @@ -0,0 +1,12 @@ +Index: sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c +=================================================================== +--- sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c.orig ++++ sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c +@@ -2827,6 +2827,7 @@ zfs_getattr(vnode_t *vp, vattr_t *vap, int flags, + #endif + vap->va_seq = zp->z_seq; + vap->va_flags = 0; /* FreeBSD: Reset chflags(2) flags. */ ++ vap->va_filerev = zp->z_seq; + + /* + * Add in any requested optional attributes and the create time. Added: user/cperciva/freebsd-update-build/patches/9.2-RELEASE/15-SA-14:24.sshd ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/9.2-RELEASE/15-SA-14:24.sshd Tue Dec 9 06:40:38 2014 (r275629) @@ -0,0 +1,21 @@ +Index: secure/usr.sbin/sshd/Makefile +=================================================================== +--- secure/usr.sbin/sshd/Makefile.orig ++++ secure/usr.sbin/sshd/Makefile +@@ -57,6 +57,16 @@ + DPADD+= ${LIBCRYPT} ${LIBCRYPTO} ${LIBZ} + LDADD+= -lcrypt -lcrypto -lz + ++# Fix the order of NEEDED entries for libthr and libc. The libthr ++# needs to interpose libc symbols, leaving the libthr loading as ++# dependency of krb causes reversed order and broken interposing. Put ++# the threading library last on the linker command line, just before ++# the -lc added by a compiler driver. ++.if ${MK_KERBEROS_SUPPORT} != "no" ++DPADD+= ${LIBPTHREAD} ++LDADD+= -lpthread ++.endif ++ + .if defined(LOCALBASE) + CFLAGS+= -DXAUTH_PATH=\"${LOCALBASE}/bin/xauth\" + .endif Added: user/cperciva/freebsd-update-build/patches/9.2-RELEASE/15-SA-14:25.setlogin ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/9.2-RELEASE/15-SA-14:25.setlogin Tue Dec 9 06:40:38 2014 (r275629) @@ -0,0 +1,64 @@ +Index: sys/kern/kern_prot.c +=================================================================== +--- sys/kern/kern_prot.c.orig ++++ sys/kern/kern_prot.c +@@ -2066,21 +2066,20 @@ + int + sys_getlogin(struct thread *td, struct getlogin_args *uap) + { +- int error; + char login[MAXLOGNAME]; + struct proc *p = td->td_proc; ++ size_t len; + + if (uap->namelen > MAXLOGNAME) + uap->namelen = MAXLOGNAME; + PROC_LOCK(p); + SESS_LOCK(p->p_session); +- bcopy(p->p_session->s_login, login, uap->namelen); ++ len = strlcpy(login, p->p_session->s_login, uap->namelen) + 1; + SESS_UNLOCK(p->p_session); + PROC_UNLOCK(p); +- if (strlen(login) + 1 > uap->namelen) ++ if (len > uap->namelen) + return (ERANGE); +- error = copyout(login, uap->namebuf, uap->namelen); +- return (error); ++ return (copyout(login, uap->namebuf, len)); + } + + /* +@@ -2099,21 +2098,23 @@ + int error; + char logintmp[MAXLOGNAME]; + ++ CTASSERT(sizeof(p->p_session->s_login) >= sizeof(logintmp)); ++ + error = priv_check(td, PRIV_PROC_SETLOGIN); + if (error) + return (error); + error = copyinstr(uap->namebuf, logintmp, sizeof(logintmp), NULL); +- if (error == ENAMETOOLONG) +- error = EINVAL; +- else if (!error) { +- PROC_LOCK(p); +- SESS_LOCK(p->p_session); +- (void) memcpy(p->p_session->s_login, logintmp, +- sizeof(logintmp)); +- SESS_UNLOCK(p->p_session); +- PROC_UNLOCK(p); ++ if (error != 0) { ++ if (error == ENAMETOOLONG) ++ error = EINVAL; ++ return (error); + } +- return (error); ++ PROC_LOCK(p); ++ SESS_LOCK(p->p_session); ++ strcpy(p->p_session->s_login, logintmp); ++ SESS_UNLOCK(p->p_session); ++ PROC_UNLOCK(p); ++ return (0); + } + + void Added: user/cperciva/freebsd-update-build/patches/9.2-RELEASE/15-SA-14:26.ftp ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/9.2-RELEASE/15-SA-14:26.ftp Tue Dec 9 06:40:38 2014 (r275629) @@ -0,0 +1,69 @@ +Index: contrib/tnftp/src/fetch.c +=================================================================== +--- contrib/tnftp/src/fetch.c.orig ++++ contrib/tnftp/src/fetch.c +@@ -547,7 +547,7 @@ + url_decode(decodedpath); + + if (outfile) +- savefile = ftp_strdup(outfile); ++ savefile = outfile; + else { + cp = strrchr(decodedpath, '/'); /* find savefile */ + if (cp != NULL) +@@ -571,8 +571,7 @@ + rangestart = rangeend = entitylen = -1; + mtime = -1; + if (restartautofetch) { +- if (strcmp(savefile, "-") != 0 && *savefile != '|' && +- stat(savefile, &sb) == 0) ++ if (stat(savefile, &sb) == 0) + restart_point = sb.st_size; + } + if (urltype == FILE_URL_T) { /* file:// URLs */ +@@ -1098,17 +1097,25 @@ + } /* end of ftp:// or http:// specific setup */ + + /* Open the output file. */ +- if (strcmp(savefile, "-") == 0) { +- fout = stdout; +- } else if (*savefile == '|') { +- oldintp = xsignal(SIGPIPE, SIG_IGN); +- fout = popen(savefile + 1, "w"); +- if (fout == NULL) { +- warn("Can't execute `%s'", savefile + 1); +- goto cleanup_fetch_url; ++ ++ /* ++ * Only trust filenames with special meaning if they came from ++ * the command line ++ */ ++ if (outfile == savefile) { ++ if (strcmp(savefile, "-") == 0) { ++ fout = stdout; ++ } else if (*savefile == '|') { ++ oldintp = xsignal(SIGPIPE, SIG_IGN); ++ fout = popen(savefile + 1, "w"); ++ if (fout == NULL) { ++ warn("Can't execute `%s'", savefile + 1); ++ goto cleanup_fetch_url; ++ } ++ closefunc = pclose; + } +- closefunc = pclose; +- } else { ++ } ++ if (fout == NULL) { + if ((rangeend != -1 && rangeend <= restart_point) || + (rangestart == -1 && filesize != -1 && filesize <= restart_point)) { + /* already done */ +@@ -1318,7 +1325,8 @@ + (*closefunc)(fout); + if (res0) + freeaddrinfo(res0); +- FREEPTR(savefile); ++ if (savefile != outfile) ++ FREEPTR(savefile); + FREEPTR(uuser); + if (pass != NULL) + memset(pass, 0, strlen(pass)); Added: user/cperciva/freebsd-update-build/patches/9.3-RELEASE/5-EN-14:12.zfs ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/9.3-RELEASE/5-EN-14:12.zfs Tue Dec 9 06:40:38 2014 (r275629) @@ -0,0 +1,12 @@ +Index: sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c +=================================================================== +--- sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c.orig ++++ sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c +@@ -2827,6 +2827,7 @@ zfs_getattr(vnode_t *vp, vattr_t *vap, int flags, + #endif + vap->va_seq = zp->z_seq; + vap->va_flags = 0; /* FreeBSD: Reset chflags(2) flags. */ ++ vap->va_filerev = zp->z_seq; + + /* + * Add in any requested optional attributes and the create time. Added: user/cperciva/freebsd-update-build/patches/9.3-RELEASE/5-SA-14:25.setlogin ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/9.3-RELEASE/5-SA-14:25.setlogin Tue Dec 9 06:40:38 2014 (r275629) @@ -0,0 +1,64 @@ +Index: sys/kern/kern_prot.c +=================================================================== +--- sys/kern/kern_prot.c.orig ++++ sys/kern/kern_prot.c +@@ -2066,21 +2066,20 @@ + int + sys_getlogin(struct thread *td, struct getlogin_args *uap) + { +- int error; + char login[MAXLOGNAME]; + struct proc *p = td->td_proc; ++ size_t len; + + if (uap->namelen > MAXLOGNAME) + uap->namelen = MAXLOGNAME; + PROC_LOCK(p); + SESS_LOCK(p->p_session); +- bcopy(p->p_session->s_login, login, uap->namelen); ++ len = strlcpy(login, p->p_session->s_login, uap->namelen) + 1; + SESS_UNLOCK(p->p_session); + PROC_UNLOCK(p); +- if (strlen(login) + 1 > uap->namelen) ++ if (len > uap->namelen) + return (ERANGE); +- error = copyout(login, uap->namebuf, uap->namelen); +- return (error); ++ return (copyout(login, uap->namebuf, len)); + } + + /* +@@ -2099,21 +2098,23 @@ + int error; + char logintmp[MAXLOGNAME]; + ++ CTASSERT(sizeof(p->p_session->s_login) >= sizeof(logintmp)); ++ + error = priv_check(td, PRIV_PROC_SETLOGIN); + if (error) + return (error); + error = copyinstr(uap->namebuf, logintmp, sizeof(logintmp), NULL); +- if (error == ENAMETOOLONG) +- error = EINVAL; +- else if (!error) { +- PROC_LOCK(p); +- SESS_LOCK(p->p_session); +- (void) memcpy(p->p_session->s_login, logintmp, +- sizeof(logintmp)); +- SESS_UNLOCK(p->p_session); +- PROC_UNLOCK(p); ++ if (error != 0) { ++ if (error == ENAMETOOLONG) ++ error = EINVAL; ++ return (error); + } +- return (error); ++ PROC_LOCK(p); ++ SESS_LOCK(p->p_session); ++ strcpy(p->p_session->s_login, logintmp); ++ SESS_UNLOCK(p->p_session); ++ PROC_UNLOCK(p); ++ return (0); + } + + void Added: user/cperciva/freebsd-update-build/patches/9.3-RELEASE/5-SA-14:26.ftp ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/cperciva/freebsd-update-build/patches/9.3-RELEASE/5-SA-14:26.ftp Tue Dec 9 06:40:38 2014 (r275629) @@ -0,0 +1,69 @@ +Index: contrib/tnftp/src/fetch.c +=================================================================== +--- contrib/tnftp/src/fetch.c.orig ++++ contrib/tnftp/src/fetch.c +@@ -547,7 +547,7 @@ + url_decode(decodedpath); + + if (outfile) +- savefile = ftp_strdup(outfile); ++ savefile = outfile; + else { + cp = strrchr(decodedpath, '/'); /* find savefile */ + if (cp != NULL) +@@ -571,8 +571,7 @@ + rangestart = rangeend = entitylen = -1; + mtime = -1; + if (restartautofetch) { +- if (strcmp(savefile, "-") != 0 && *savefile != '|' && +- stat(savefile, &sb) == 0) ++ if (stat(savefile, &sb) == 0) + restart_point = sb.st_size; + } + if (urltype == FILE_URL_T) { /* file:// URLs */ +@@ -1098,17 +1097,25 @@ + } /* end of ftp:// or http:// specific setup */ + + /* Open the output file. */ +- if (strcmp(savefile, "-") == 0) { +- fout = stdout; +- } else if (*savefile == '|') { +- oldintp = xsignal(SIGPIPE, SIG_IGN); +- fout = popen(savefile + 1, "w"); +- if (fout == NULL) { +- warn("Can't execute `%s'", savefile + 1); +- goto cleanup_fetch_url; ++ ++ /* ++ * Only trust filenames with special meaning if they came from ++ * the command line ++ */ ++ if (outfile == savefile) { ++ if (strcmp(savefile, "-") == 0) { ++ fout = stdout; ++ } else if (*savefile == '|') { ++ oldintp = xsignal(SIGPIPE, SIG_IGN); ++ fout = popen(savefile + 1, "w"); ++ if (fout == NULL) { ++ warn("Can't execute `%s'", savefile + 1); ++ goto cleanup_fetch_url; ++ } ++ closefunc = pclose; + } +- closefunc = pclose; +- } else { ++ } ++ if (fout == NULL) { + if ((rangeend != -1 && rangeend <= restart_point) || + (rangestart == -1 && filesize != -1 && filesize <= restart_point)) { + /* already done */ +@@ -1318,7 +1325,8 @@ + (*closefunc)(fout); + if (res0) + freeaddrinfo(res0); +- FREEPTR(savefile); ++ if (savefile != outfile) ++ FREEPTR(savefile); + FREEPTR(uuser); + if (pass != NULL) + memset(pass, 0, strlen(pass));