From owner-svn-src-stable-9@freebsd.org Tue May 3 15:06:31 2016 Return-Path: Delivered-To: svn-src-stable-9@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 11E45B2B635; Tue, 3 May 2016 15:06:31 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BE1991AE6; Tue, 3 May 2016 15:06:30 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u43F6Tb5075238; Tue, 3 May 2016 15:06:29 GMT (envelope-from pfg@FreeBSD.org) Received: (from pfg@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u43F6TDV075237; Tue, 3 May 2016 15:06:29 GMT (envelope-from pfg@FreeBSD.org) Message-Id: <201605031506.u43F6TDV075237@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: pfg set sender to pfg@FreeBSD.org using -f From: "Pedro F. Giffuni" Date: Tue, 3 May 2016 15:06:29 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r298980 - stable/9/sbin/ifconfig X-SVN-Group: stable-9 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-9@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for only the 9-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 May 2016 15:06:31 -0000 Author: pfg Date: Tue May 3 15:06:29 2016 New Revision: 298980 URL: https://svnweb.freebsd.org/changeset/base/298980 Log: MFC r298556: ifconfig: prevent some improbable signed integer overflows. ic_nchans, from struct:ieee80211req_chaninfo, is an unsigned int. Use an unsigned index to prevent overflowing the index. Adopt unsigned integers in other cases where it is useful to be aware of the unsigned quantities and there is no risk of the values being negative. Modified: stable/9/sbin/ifconfig/ifieee80211.c Directory Properties: stable/9/sbin/ifconfig/ (props changed) Modified: stable/9/sbin/ifconfig/ifieee80211.c ============================================================================== --- stable/9/sbin/ifconfig/ifieee80211.c Tue May 3 15:04:56 2016 (r298979) +++ stable/9/sbin/ifconfig/ifieee80211.c Tue May 3 15:06:29 2016 (r298980) @@ -223,7 +223,7 @@ static int canpromote(int i, int from, int to) { const struct ieee80211_channel *fc = &chaninfo->ic_chans[i]; - int j; + u_int j; if ((fc->ic_flags & from) != from) return i; @@ -302,7 +302,7 @@ promote(int i) static void mapfreq(struct ieee80211_channel *chan, int freq, int flags) { - int i; + u_int i; for (i = 0; i < chaninfo->ic_nchans; i++) { const struct ieee80211_channel *c = &chaninfo->ic_chans[i]; @@ -322,7 +322,7 @@ mapfreq(struct ieee80211_channel *chan, static void mapchan(struct ieee80211_channel *chan, int ieee, int flags) { - int i; + u_int i; for (i = 0; i < chaninfo->ic_nchans; i++) { const struct ieee80211_channel *c = &chaninfo->ic_chans[i]; @@ -2903,7 +2903,7 @@ copy_essid(char buf[], size_t bufsize, c { const u_int8_t *p; size_t maxlen; - int i; + u_int i; if (essid_len > bufsize) maxlen = bufsize; @@ -4093,7 +4093,7 @@ static void printkey(const struct ieee80211req_key *ik) { static const uint8_t zerodata[IEEE80211_KEYBUF_SIZE]; - int keylen = ik->ik_keylen; + u_int keylen = ik->ik_keylen; int printcontents; printcontents = printkeys && @@ -4130,7 +4130,7 @@ printkey(const struct ieee80211req_key * break; } if (printcontents) { - int i; + u_int i; printf(" <"); for (i = 0; i < keylen; i++) From owner-svn-src-stable-9@freebsd.org Wed May 4 00:19:48 2016 Return-Path: Delivered-To: svn-src-stable-9@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6D364B2B774; Wed, 4 May 2016 00:19:48 +0000 (UTC) (envelope-from ngie@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3A011127F; Wed, 4 May 2016 00:19:48 +0000 (UTC) (envelope-from ngie@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u440JldS044558; Wed, 4 May 2016 00:19:47 GMT (envelope-from ngie@FreeBSD.org) Received: (from ngie@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u440Jlb3044555; Wed, 4 May 2016 00:19:47 GMT (envelope-from ngie@FreeBSD.org) Message-Id: <201605040019.u440Jlb3044555@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: ngie set sender to ngie@FreeBSD.org using -f From: Garrett Cooper Date: Wed, 4 May 2016 00:19:47 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r299017 - stable/9/usr.sbin/bsnmpd/tools/libbsnmptools X-SVN-Group: stable-9 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-9@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for only the 9-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 May 2016 00:19:48 -0000 Author: ngie Date: Wed May 4 00:19:46 2016 New Revision: 299017 URL: https://svnweb.freebsd.org/changeset/base/299017 Log: MFstable/10 r299016: MFC r298451,r298452,r298507,r298750: r298451: Don't use `entry` after free in the "already in lists" case Return with 0 as it isn't an error. CID: 1006085 Obtained from: Isilon OneFS (part of r493633) r298452: Don't try to free `string` (stack allocated char[]) Fix minor style with warnx call while in the neighborhood CID: 1009683 r298507: Fix looking for "UTC" at start of ptr by using strnmp instead of improperly unrolled equivalent CID: 1347118 r298750: Use a better idiom for finding UTC prefixed timezones Instead of copy-pasting the string literal for "UTC" 3 times and using strlen, use a static char[3] buffer and sizeof(..). Modified: stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmpimport.c stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptc.c stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c Directory Properties: stable/9/ (props changed) stable/9/usr.sbin/ (props changed) stable/9/usr.sbin/bsnmpd/ (props changed) Modified: stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmpimport.c ============================================================================== --- stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmpimport.c Wed May 4 00:14:50 2016 (r299016) +++ stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmpimport.c Wed May 4 00:19:46 2016 (r299017) @@ -693,6 +693,7 @@ snmp_import_table(struct snmp_toolinfo * /* Same entry already present in lists. */ free(entry->string); free(entry); + return (0); } (void) snmp_import_update_table(ENTRY_INDEX, entry); Modified: stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptc.c ============================================================================== --- stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptc.c Wed May 4 00:14:50 2016 (r299016) +++ stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptc.c Wed May 4 00:19:46 2016 (r299017) @@ -338,8 +338,9 @@ static char * snmp_date2asn_oid(char *str, struct asn_oid *oid) { char *endptr, *ptr; - uint32_t v; + static const char UTC[3] = "UTC"; int32_t saved_errno; + uint32_t v; if (snmp_suboid_append(oid, (asn_subid_t) SNMP_DATETIME_OCTETS) < 0) return (NULL); @@ -440,8 +441,8 @@ snmp_date2asn_oid(char *str, struct asn_ /* 'UTC' - optional */ ptr = endptr + 1; - if (*ptr == 'U' && *(ptr + 1) == 'T' && *(ptr + 1) == 'C') - ptr += 3; + if (strncmp(ptr, UTC, sizeof(UTC)) == 0) + ptr += sizeof(UTC); /* '+/-' */ if (*ptr == '-' || *ptr == '+') { Modified: stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c ============================================================================== --- stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c Wed May 4 00:14:50 2016 (r299016) +++ stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c Wed May 4 00:19:46 2016 (r299017) @@ -1078,10 +1078,9 @@ snmp_oid2asn_oid(struct snmp_toolinfo *s strlcpy(string, str, i + 1); string[i] = '\0'; if (snmp_lookup_enumoid(snmptoolctx, &obj, string) < 0) { - warnx("Unknown string - %s",string); + warnx("Unknown string - %s", string); return (NULL); } - free(string); } asn_append_oid(oid, &(obj.val.var)); From owner-svn-src-stable-9@freebsd.org Wed May 4 00:26:49 2016 Return-Path: Delivered-To: svn-src-stable-9@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1CF71B2B98A; Wed, 4 May 2016 00:26:49 +0000 (UTC) (envelope-from ngie@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E24C91954; Wed, 4 May 2016 00:26:48 +0000 (UTC) (envelope-from ngie@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u440QmEm047528; Wed, 4 May 2016 00:26:48 GMT (envelope-from ngie@FreeBSD.org) Received: (from ngie@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u440QmmJ047526; Wed, 4 May 2016 00:26:48 GMT (envelope-from ngie@FreeBSD.org) Message-Id: <201605040026.u440QmmJ047526@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: ngie set sender to ngie@FreeBSD.org using -f From: Garrett Cooper Date: Wed, 4 May 2016 00:26:47 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r299019 - stable/9/contrib/bsnmp/snmpd X-SVN-Group: stable-9 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-9@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for only the 9-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 May 2016 00:26:49 -0000 Author: ngie Date: Wed May 4 00:26:47 2016 New Revision: 299019 URL: https://svnweb.freebsd.org/changeset/base/299019 Log: MFstable/10 r299018: MFC r298448,r298464: r298448: Don't leak `string` in parse_define(..) when a macro has been found and the parser token != TOK_ASSIGN CID: 1007187, 1007188 Obtained from: Isilon OneFS (part of r445479) r298464: Use `sizeof(*uuser)` instead of `sizeof(struct usm_user)` for consistency with the rest of the users in the file No functional change Modified: stable/9/contrib/bsnmp/snmpd/config.c stable/9/contrib/bsnmp/snmpd/main.c Directory Properties: stable/9/ (props changed) stable/9/contrib/ (props changed) stable/9/contrib/bsnmp/ (props changed) Modified: stable/9/contrib/bsnmp/snmpd/config.c ============================================================================== --- stable/9/contrib/bsnmp/snmpd/config.c Wed May 4 00:25:20 2016 (r299018) +++ stable/9/contrib/bsnmp/snmpd/config.c Wed May 4 00:26:47 2016 (r299019) @@ -1150,7 +1150,8 @@ parse_define(const char *varname) free(m->value); m->value = string; m->length = length; - } + } else + free(string); } token = TOK_EOL; Modified: stable/9/contrib/bsnmp/snmpd/main.c ============================================================================== --- stable/9/contrib/bsnmp/snmpd/main.c Wed May 4 00:25:20 2016 (r299018) +++ stable/9/contrib/bsnmp/snmpd/main.c Wed May 4 00:26:47 2016 (r299019) @@ -2813,7 +2813,7 @@ usm_new_user(uint8_t *eid, uint32_t elen if ((uuser = (struct usm_user *)malloc(sizeof(*uuser))) == NULL) return (NULL); - memset(uuser, 0, sizeof(struct usm_user)); + memset(uuser, 0, sizeof(*uuser)); strlcpy(uuser->suser.sec_name, uname, SNMP_ADM_STR32_SIZ); memcpy(uuser->user_engine_id, eid, elen); uuser->user_engine_len = elen; From owner-svn-src-stable-9@freebsd.org Wed May 4 00:35:42 2016 Return-Path: Delivered-To: svn-src-stable-9@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CA68DB2BD11; Wed, 4 May 2016 00:35:42 +0000 (UTC) (envelope-from ngie@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 97D04135B; Wed, 4 May 2016 00:35:42 +0000 (UTC) (envelope-from ngie@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u440ZfVa050756; Wed, 4 May 2016 00:35:41 GMT (envelope-from ngie@FreeBSD.org) Received: (from ngie@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u440ZfWu050755; Wed, 4 May 2016 00:35:41 GMT (envelope-from ngie@FreeBSD.org) Message-Id: <201605040035.u440ZfWu050755@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: ngie set sender to ngie@FreeBSD.org using -f From: Garrett Cooper Date: Wed, 4 May 2016 00:35:41 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r299023 - stable/9/contrib/bsnmp/gensnmptree X-SVN-Group: stable-9 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-9@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for only the 9-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 May 2016 00:35:42 -0000 Author: ngie Date: Wed May 4 00:35:41 2016 New Revision: 299023 URL: https://svnweb.freebsd.org/changeset/base/299023 Log: MFstable/10 r299022: MFC r298450: Simplify always evaluated branch (`e != NULL`) - xalloc(..) ensures that e will be non-null via malloc + err. - `e` is already dereferenced above, so logically it's impossible to hit the lower test without crashing if it was indeed NULL. CID: 1007408 Modified: stable/9/contrib/bsnmp/gensnmptree/gensnmptree.c Directory Properties: stable/9/ (props changed) stable/9/contrib/ (props changed) stable/9/contrib/bsnmp/ (props changed) Modified: stable/9/contrib/bsnmp/gensnmptree/gensnmptree.c ============================================================================== --- stable/9/contrib/bsnmp/gensnmptree/gensnmptree.c Wed May 4 00:34:45 2016 (r299022) +++ stable/9/contrib/bsnmp/gensnmptree/gensnmptree.c Wed May 4 00:35:41 2016 (r299023) @@ -743,10 +743,8 @@ parse_type(enum tok *tok, struct type *t report("need value for ENUM/BITS"); if (gettoken() != TOK_STR) report("need string in ENUM/BITS"); - if (e != NULL) { - e->name = savetok(); - TAILQ_INSERT_TAIL(&t->enums, e, link); - } + e->name = savetok(); + TAILQ_INSERT_TAIL(&t->enums, e, link); if ((*tok = gettoken()) == TOK_EOF) report("unexpected EOF in ENUM/BITS"); } while (*tok != ')'); From owner-svn-src-stable-9@freebsd.org Wed May 4 06:53:04 2016 Return-Path: Delivered-To: svn-src-stable-9@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 62FC4B2C801; Wed, 4 May 2016 06:53:04 +0000 (UTC) (envelope-from delphij@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 256091A52; Wed, 4 May 2016 06:53:04 +0000 (UTC) (envelope-from delphij@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u446r3vZ068169; Wed, 4 May 2016 06:53:03 GMT (envelope-from delphij@FreeBSD.org) Received: (from delphij@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u446r2fP068163; Wed, 4 May 2016 06:53:02 GMT (envelope-from delphij@FreeBSD.org) Message-Id: <201605040653.u446r2fP068163@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: delphij set sender to delphij@FreeBSD.org using -f From: Xin LI Date: Wed, 4 May 2016 06:53:02 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r299053 - in stable/9/crypto/openssl/crypto: asn1 evp x509 X-SVN-Group: stable-9 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-9@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for only the 9-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 May 2016 06:53:04 -0000 Author: delphij Date: Wed May 4 06:53:02 2016 New Revision: 299053 URL: https://svnweb.freebsd.org/changeset/base/299053 Log: Fix several OpenSSL vulnerabilities. Security: CVE-2016-2105, CVE-2016-2106, CVE-2016-2109 Security: CVE-2016-2176 (does not affect FreeBSD) Security: FreeBSD-SA-16:17.openssl Modified: stable/9/crypto/openssl/crypto/asn1/a_type.c stable/9/crypto/openssl/crypto/asn1/tasn_dec.c stable/9/crypto/openssl/crypto/asn1/tasn_enc.c stable/9/crypto/openssl/crypto/evp/encode.c stable/9/crypto/openssl/crypto/evp/evp_enc.c stable/9/crypto/openssl/crypto/x509/x509_obj.c Modified: stable/9/crypto/openssl/crypto/asn1/a_type.c ============================================================================== --- stable/9/crypto/openssl/crypto/asn1/a_type.c Wed May 4 06:26:27 2016 (r299052) +++ stable/9/crypto/openssl/crypto/asn1/a_type.c Wed May 4 06:53:02 2016 (r299053) @@ -123,9 +123,7 @@ int ASN1_TYPE_cmp(const ASN1_TYPE *a, co result = 0; /* They do not have content. */ break; case V_ASN1_INTEGER: - case V_ASN1_NEG_INTEGER: case V_ASN1_ENUMERATED: - case V_ASN1_NEG_ENUMERATED: case V_ASN1_BIT_STRING: case V_ASN1_OCTET_STRING: case V_ASN1_SEQUENCE: Modified: stable/9/crypto/openssl/crypto/asn1/tasn_dec.c ============================================================================== --- stable/9/crypto/openssl/crypto/asn1/tasn_dec.c Wed May 4 06:26:27 2016 (r299052) +++ stable/9/crypto/openssl/crypto/asn1/tasn_dec.c Wed May 4 06:53:02 2016 (r299053) @@ -901,9 +901,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const break; case V_ASN1_INTEGER: - case V_ASN1_NEG_INTEGER: case V_ASN1_ENUMERATED: - case V_ASN1_NEG_ENUMERATED: tint = (ASN1_INTEGER **)pval; if (!c2i_ASN1_INTEGER(tint, &cont, len)) goto err; Modified: stable/9/crypto/openssl/crypto/asn1/tasn_enc.c ============================================================================== --- stable/9/crypto/openssl/crypto/asn1/tasn_enc.c Wed May 4 06:26:27 2016 (r299052) +++ stable/9/crypto/openssl/crypto/asn1/tasn_enc.c Wed May 4 06:53:02 2016 (r299053) @@ -610,9 +610,7 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsig break; case V_ASN1_INTEGER: - case V_ASN1_NEG_INTEGER: case V_ASN1_ENUMERATED: - case V_ASN1_NEG_ENUMERATED: /* * These are all have the same content format as ASN1_INTEGER */ Modified: stable/9/crypto/openssl/crypto/evp/encode.c ============================================================================== --- stable/9/crypto/openssl/crypto/evp/encode.c Wed May 4 06:26:27 2016 (r299052) +++ stable/9/crypto/openssl/crypto/evp/encode.c Wed May 4 06:53:02 2016 (r299053) @@ -57,6 +57,7 @@ */ #include +#include #include "cryptlib.h" #include @@ -134,13 +135,13 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ct const unsigned char *in, int inl) { int i, j; - unsigned int total = 0; + size_t total = 0; *outl = 0; if (inl == 0) return; OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data)); - if ((ctx->num + inl) < ctx->length) { + if (ctx->length - ctx->num > inl) { memcpy(&(ctx->enc_data[ctx->num]), in, inl); ctx->num += inl; return; @@ -157,7 +158,7 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ct *out = '\0'; total = j + 1; } - while (inl >= ctx->length) { + while (inl >= ctx->length && total <= INT_MAX) { j = EVP_EncodeBlock(out, in, ctx->length); in += ctx->length; inl -= ctx->length; @@ -166,6 +167,11 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ct *out = '\0'; total += j + 1; } + if (total > INT_MAX) { + /* Too much output data! */ + *outl = 0; + return; + } if (inl != 0) memcpy(&(ctx->enc_data[0]), in, inl); ctx->num = inl; Modified: stable/9/crypto/openssl/crypto/evp/evp_enc.c ============================================================================== --- stable/9/crypto/openssl/crypto/evp/evp_enc.c Wed May 4 06:26:27 2016 (r299052) +++ stable/9/crypto/openssl/crypto/evp/evp_enc.c Wed May 4 06:53:02 2016 (r299053) @@ -166,7 +166,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ct bl = ctx->cipher->block_size; OPENSSL_assert(bl <= (int)sizeof(ctx->buf)); if (i != 0) { - if (i + inl < bl) { + if (bl - i > inl) { memcpy(&(ctx->buf[i]), in, inl); ctx->buf_len += inl; *outl = 0; Modified: stable/9/crypto/openssl/crypto/x509/x509_obj.c ============================================================================== --- stable/9/crypto/openssl/crypto/x509/x509_obj.c Wed May 4 06:26:27 2016 (r299052) +++ stable/9/crypto/openssl/crypto/x509/x509_obj.c Wed May 4 06:53:02 2016 (r299053) @@ -117,8 +117,9 @@ char *X509_NAME_oneline(X509_NAME *a, ch type == V_ASN1_PRINTABLESTRING || type == V_ASN1_TELETEXSTRING || type == V_ASN1_VISIBLESTRING || type == V_ASN1_IA5STRING) { - ascii2ebcdic(ebcdic_buf, q, (num > sizeof ebcdic_buf) - ? sizeof ebcdic_buf : num); + if (num > (int)sizeof(ebcdic_buf)) + num = sizeof(ebcdic_buf); + ascii2ebcdic(ebcdic_buf, q, num); q = ebcdic_buf; } #endif From owner-svn-src-stable-9@freebsd.org Thu May 5 01:30:54 2016 Return-Path: Delivered-To: svn-src-stable-9@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2B135B2CEE7; Thu, 5 May 2016 01:30:54 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F183B1BCD; Thu, 5 May 2016 01:30:53 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u451Ur0P009235; Thu, 5 May 2016 01:30:53 GMT (envelope-from pfg@FreeBSD.org) Received: (from pfg@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u451UrnY009234; Thu, 5 May 2016 01:30:53 GMT (envelope-from pfg@FreeBSD.org) Message-Id: <201605050130.u451UrnY009234@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: pfg set sender to pfg@FreeBSD.org using -f From: "Pedro F. Giffuni" Date: Thu, 5 May 2016 01:30:53 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r299105 - stable/9/sys/compat/ndis X-SVN-Group: stable-9 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-9@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for only the 9-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 May 2016 01:30:54 -0000 Author: pfg Date: Thu May 5 01:30:53 2016 New Revision: 299105 URL: https://svnweb.freebsd.org/changeset/base/299105 Log: MFC r298731, r298734: ndis(4): unsign some indexes to prevent overflows. The "len" parameter is uint32_t, indexing it with an int may end up in a signed integer overflow. strlen(3) returns an integer of size_t but a correponding index of type u_int is more than enough. Modified: stable/9/sys/compat/ndis/subr_ndis.c Directory Properties: stable/9/sys/ (props changed) Modified: stable/9/sys/compat/ndis/subr_ndis.c ============================================================================== --- stable/9/sys/compat/ndis/subr_ndis.c Thu May 5 01:30:00 2016 (r299104) +++ stable/9/sys/compat/ndis/subr_ndis.c Thu May 5 01:30:53 2016 (r299105) @@ -895,7 +895,7 @@ NdisReadPciSlotInformation(adapter, slot uint32_t len; { ndis_miniport_block *block; - int i; + uint32_t i; char *dest; device_t dev; @@ -938,7 +938,7 @@ NdisWritePciSlotInformation(adapter, slo uint32_t len; { ndis_miniport_block *block; - int i; + uint32_t i; char *dest; device_t dev; @@ -2431,7 +2431,7 @@ NdisReadPcmciaAttributeMemory(handle, of bus_space_handle_t bh; bus_space_tag_t bt; char *dest; - int i; + uint32_t i; if (handle == NULL) return (0); @@ -2461,7 +2461,7 @@ NdisWritePcmciaAttributeMemory(handle, o bus_space_handle_t bh; bus_space_tag_t bt; char *src; - int i; + uint32_t i; if (handle == NULL) return (0); @@ -2669,7 +2669,7 @@ ndis_find_sym(lf, filename, suffix, sym) { char *fullsym; char *suf; - int i; + u_int i; fullsym = ExAllocatePoolWithTag(NonPagedPool, MAXPATHLEN, 0); if (fullsym == NULL) From owner-svn-src-stable-9@freebsd.org Thu May 5 01:35:43 2016 Return-Path: Delivered-To: svn-src-stable-9@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4F84DB2D112; Thu, 5 May 2016 01:35:43 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2080810FB; Thu, 5 May 2016 01:35:43 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u451Zgba011474; Thu, 5 May 2016 01:35:42 GMT (envelope-from pfg@FreeBSD.org) Received: (from pfg@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u451ZgYd011473; Thu, 5 May 2016 01:35:42 GMT (envelope-from pfg@FreeBSD.org) Message-Id: <201605050135.u451ZgYd011473@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: pfg set sender to pfg@FreeBSD.org using -f From: "Pedro F. Giffuni" Date: Thu, 5 May 2016 01:35:42 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r299107 - stable/9/sys/fs/devfs X-SVN-Group: stable-9 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-9@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for only the 9-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 May 2016 01:35:43 -0000 Author: pfg Date: Thu May 5 01:35:42 2016 New Revision: 299107 URL: https://svnweb.freebsd.org/changeset/base/299107 Log: MFC r298732: sys/devfs: unsign an index to prevent signed integer overflow. cdp_maxdirent in struct:cdev_priv is of type u_int. Use the same type for the corresponding index in devfs_revoke(). Modified: stable/9/sys/fs/devfs/devfs_vnops.c Directory Properties: stable/9/sys/ (props changed) stable/9/sys/fs/ (props changed) Modified: stable/9/sys/fs/devfs/devfs_vnops.c ============================================================================== --- stable/9/sys/fs/devfs/devfs_vnops.c Thu May 5 01:34:58 2016 (r299106) +++ stable/9/sys/fs/devfs/devfs_vnops.c Thu May 5 01:35:42 2016 (r299107) @@ -1374,7 +1374,7 @@ devfs_revoke(struct vop_revoke_args *ap) struct cdev *dev; struct cdev_priv *cdp; struct devfs_dirent *de; - int i; + u_int i; KASSERT((ap->a_flags & REVOKEALL) != 0, ("devfs_revoke !REVOKEALL")); From owner-svn-src-stable-9@freebsd.org Thu May 5 08:17:56 2016 Return-Path: Delivered-To: svn-src-stable-9@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9088EB2D3F6; Thu, 5 May 2016 08:17:56 +0000 (UTC) (envelope-from ngie@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 593E61F4B; Thu, 5 May 2016 08:17:56 +0000 (UTC) (envelope-from ngie@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u458HtJt031129; Thu, 5 May 2016 08:17:55 GMT (envelope-from ngie@FreeBSD.org) Received: (from ngie@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u458Htqu031127; Thu, 5 May 2016 08:17:55 GMT (envelope-from ngie@FreeBSD.org) Message-Id: <201605050817.u458Htqu031127@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: ngie set sender to ngie@FreeBSD.org using -f From: Garrett Cooper Date: Thu, 5 May 2016 08:17:55 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r299112 - stable/9/lib/libcam X-SVN-Group: stable-9 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-9@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for only the 9-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 May 2016 08:17:56 -0000 Author: ngie Date: Thu May 5 08:17:55 2016 New Revision: 299112 URL: https://svnweb.freebsd.org/changeset/base/299112 Log: MFstable/10 r299111: MFC r297999: Clean up trailing whitespace in lib/libcam; no functional change Modified: stable/9/lib/libcam/camlib.c stable/9/lib/libcam/camlib.h Directory Properties: stable/9/ (props changed) stable/9/lib/ (props changed) stable/9/lib/libcam/ (props changed) Modified: stable/9/lib/libcam/camlib.c ============================================================================== --- stable/9/lib/libcam/camlib.c Thu May 5 08:11:36 2016 (r299111) +++ stable/9/lib/libcam/camlib.c Thu May 5 08:17:55 2016 (r299112) @@ -101,7 +101,7 @@ cam_freeccb(union ccb *ccb) * /dev/foo0 * foo0 * nfoo0 - * + * * Some peripheral drivers create separate device nodes with 'n' prefix for * non-rewind operations. Currently only sa(4) tape driver has this feature. * We extract pure peripheral name as device name for this special case. @@ -193,7 +193,7 @@ cam_get_device(const char *path, char *d /* * At this point, if the last character of the string isn't a - * number, we know the user either didn't give us a device number, + * number, we know the user either didn't give us a device number, * or he gave us a device name/number format we don't recognize. */ if (!isdigit(tmpstr[strlen(tmpstr) - 1])) { @@ -274,7 +274,7 @@ cam_open_btl(path_id_t path_id, target_i int fd, bufsize; if ((fd = open(XPT_DEVICE, O_RDWR)) < 0) { - snprintf(cam_errbuf, CAM_ERRBUF_SIZE, + snprintf(cam_errbuf, CAM_ERRBUF_SIZE, "%s: couldn't open %s\n%s: %s", func_name, XPT_DEVICE, func_name, strerror(errno)); return(NULL); @@ -291,7 +291,7 @@ cam_open_btl(path_id_t path_id, target_i ccb.cdm.match_buf_len = bufsize; ccb.cdm.matches = (struct dev_match_result *)malloc(bufsize); if (ccb.cdm.matches == NULL) { - snprintf(cam_errbuf, CAM_ERRBUF_SIZE, + snprintf(cam_errbuf, CAM_ERRBUF_SIZE, "%s: couldn't malloc match buffer", func_name); close(fd); return(NULL); @@ -304,14 +304,14 @@ cam_open_btl(path_id_t path_id, target_i ccb.cdm.patterns = (struct dev_match_pattern *)malloc( sizeof(struct dev_match_pattern)); if (ccb.cdm.patterns == NULL) { - snprintf(cam_errbuf, CAM_ERRBUF_SIZE, + snprintf(cam_errbuf, CAM_ERRBUF_SIZE, "%s: couldn't malloc pattern buffer", func_name); free(ccb.cdm.matches); close(fd); return(NULL); } ccb.cdm.patterns[0].type = DEV_MATCH_PERIPH; - match_pat = &ccb.cdm.patterns[0].pattern.periph_pattern; + match_pat = &ccb.cdm.patterns[0].pattern.periph_pattern; /* * We're looking for the passthrough device associated with this @@ -420,7 +420,7 @@ cam_lookup_pass(const char *dev_name, in * passthrough device. */ if ((fd = open(XPT_DEVICE, O_RDWR)) < 0) { - snprintf(cam_errbuf, CAM_ERRBUF_SIZE, + snprintf(cam_errbuf, CAM_ERRBUF_SIZE, "%s: couldn't open %s\n%s: %s", func_name, XPT_DEVICE, func_name, strerror(errno)); return(NULL); @@ -434,7 +434,7 @@ cam_lookup_pass(const char *dev_name, in ccb.cgdl.unit_number = unit; /* - * Attempt to get the passthrough device. This ioctl will fail if + * Attempt to get the passthrough device. This ioctl will fail if * the device name is null, if the device doesn't exist, or if the * passthrough driver isn't in the kernel. */ @@ -511,7 +511,7 @@ cam_real_open_device(const char *path, i } device->fd = -1; malloced_device = 1; - } + } /* * If the user passed in a path, save it for him. @@ -550,7 +550,7 @@ cam_real_open_device(const char *path, i * we don't have to set any fields. */ ccb.ccb_h.func_code = XPT_GDEVLIST; - + /* * We're only doing this to get some information on the device in * question. Otherwise, we'd have to pass in yet another @@ -610,7 +610,7 @@ cam_real_open_device(const char *path, i goto crod_bailout; } device->pd_type = SID_TYPE(&ccb.cgd.inq_data); - bcopy(&ccb.cgd.inq_data, &device->inq_data, + bcopy(&ccb.cgd.inq_data, &device->inq_data, sizeof(struct scsi_inquiry_data)); device->serial_num_len = ccb.cgd.serial_num_len; bcopy(&ccb.cgd.serial_num, &device->serial_num, device->serial_num_len); @@ -718,7 +718,7 @@ cam_device_dup(struct cam_device *device newdev = malloc(sizeof(struct cam_device)); if (newdev == NULL) { - snprintf(cam_errbuf, CAM_ERRBUF_SIZE, + snprintf(cam_errbuf, CAM_ERRBUF_SIZE, "%s: couldn't malloc CAM device structure", func_name); return(NULL); } Modified: stable/9/lib/libcam/camlib.h ============================================================================== --- stable/9/lib/libcam/camlib.h Thu May 5 08:11:36 2016 (r299111) +++ stable/9/lib/libcam/camlib.h Thu May 5 08:17:55 2016 (r299112) @@ -83,7 +83,7 @@ extern char cam_errbuf[]; struct cam_device { char device_path[MAXPATHLEN];/* - * Pathname of the device + * Pathname of the device * given by the user. This * may be null if the * user states the device @@ -98,15 +98,15 @@ struct cam_device { * Unit number given by * the user. */ - char device_name[DEV_IDLEN+1];/* - * Name of the device, - * e.g. 'pass' + char device_name[DEV_IDLEN+1];/* + * Name of the device, + * e.g. 'pass' */ u_int32_t dev_unit_num; /* Unit number of the passthrough * device associated with this * particular device. */ - + char sim_name[SIM_IDLEN+1]; /* Controller name, e.g. 'ahc' */ u_int32_t sim_unit_number; /* Controller unit number */ u_int32_t bus_id; /* Controller bus number */ @@ -142,7 +142,7 @@ int cam_send_ccb(struct cam_device *de char * cam_path_string(struct cam_device *dev, char *str, int len); struct cam_device * cam_device_dup(struct cam_device *device); -void cam_device_copy(struct cam_device *src, +void cam_device_copy(struct cam_device *src, struct cam_device *dst); int cam_get_device(const char *path, char *dev_name, int devnamelen, int *unit); From owner-svn-src-stable-9@freebsd.org Fri May 6 01:27:03 2016 Return-Path: Delivered-To: svn-src-stable-9@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0C68BB2E6D6; Fri, 6 May 2016 01:27:03 +0000 (UTC) (envelope-from jtl@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CF1E916B1; Fri, 6 May 2016 01:27:02 +0000 (UTC) (envelope-from jtl@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u461R23Q047802; Fri, 6 May 2016 01:27:02 GMT (envelope-from jtl@FreeBSD.org) Received: (from jtl@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u461R2rp047801; Fri, 6 May 2016 01:27:02 GMT (envelope-from jtl@FreeBSD.org) Message-Id: <201605060127.u461R2rp047801@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jtl set sender to jtl@FreeBSD.org using -f From: "Jonathan T. Looney" Date: Fri, 6 May 2016 01:27:02 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r299147 - stable/9/sys/netinet X-SVN-Group: stable-9 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-9@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for only the 9-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 May 2016 01:27:03 -0000 Author: jtl Date: Fri May 6 01:27:01 2016 New Revision: 299147 URL: https://svnweb.freebsd.org/changeset/base/299147 Log: MFC r298408: Prevent underflows in tp->snd_wnd if the remote side ACKs more than tp->snd_wnd. This can happen, for example, when the remote side responds to a window probe by ACKing the one byte it contains. Modified: stable/9/sys/netinet/tcp_input.c Directory Properties: stable/9/sys/ (props changed) Modified: stable/9/sys/netinet/tcp_input.c ============================================================================== --- stable/9/sys/netinet/tcp_input.c Fri May 6 01:26:58 2016 (r299146) +++ stable/9/sys/netinet/tcp_input.c Fri May 6 01:27:01 2016 (r299147) @@ -2629,6 +2629,9 @@ process_ACK: INP_WLOCK_ASSERT(tp->t_inpcb); acked = BYTES_THIS_ACK(tp, th); + KASSERT(acked >= 0, ("%s: acked unexepectedly negative " + "(tp->snd_una=%u, th->th_ack=%u, tp=%p, m=%p)", __func__, + tp->snd_una, th->th_ack, tp, m)); TCPSTAT_INC(tcps_rcvackpack); TCPSTAT_ADD(tcps_rcvackbyte, acked); @@ -2698,12 +2701,18 @@ process_ACK: SOCKBUF_LOCK(&so->so_snd); if (acked > so->so_snd.sb_cc) { - tp->snd_wnd -= so->so_snd.sb_cc; + if (tp->snd_wnd >= so->so_snd.sb_cc) + tp->snd_wnd -= so->so_snd.sb_cc; + else + tp->snd_wnd = 0; sbdrop_locked(&so->so_snd, (int)so->so_snd.sb_cc); ourfinisacked = 1; } else { sbdrop_locked(&so->so_snd, acked); - tp->snd_wnd -= acked; + if (tp->snd_wnd >= (u_long) acked) + tp->snd_wnd -= acked; + else + tp->snd_wnd = 0; ourfinisacked = 0; } /* NB: sowwakeup_locked() does an implicit unlock. */ From owner-svn-src-stable-9@freebsd.org Fri May 6 01:38:14 2016 Return-Path: Delivered-To: svn-src-stable-9@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 12E5AB2E9B5; Fri, 6 May 2016 01:38:14 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D7C201DE6; Fri, 6 May 2016 01:38:13 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u461cDqG050900; Fri, 6 May 2016 01:38:13 GMT (envelope-from pfg@FreeBSD.org) Received: (from pfg@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u461cC2N050898; Fri, 6 May 2016 01:38:12 GMT (envelope-from pfg@FreeBSD.org) Message-Id: <201605060138.u461cC2N050898@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: pfg set sender to pfg@FreeBSD.org using -f From: "Pedro F. Giffuni" Date: Fri, 6 May 2016 01:38:12 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r299149 - stable/9/sbin/restore X-SVN-Group: stable-9 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-9@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for only the 9-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 May 2016 01:38:14 -0000 Author: pfg Date: Fri May 6 01:38:12 2016 New Revision: 299149 URL: https://svnweb.freebsd.org/changeset/base/299149 Log: MFC r298868, r298874: restore: fix memory and resource handle leaks. CID: 272297, 1007784 Modified: stable/9/sbin/restore/main.c stable/9/sbin/restore/symtab.c Directory Properties: stable/9/sbin/restore/ (props changed) Modified: stable/9/sbin/restore/main.c ============================================================================== --- stable/9/sbin/restore/main.c Fri May 6 01:37:06 2016 (r299148) +++ stable/9/sbin/restore/main.c Fri May 6 01:38:12 2016 (r299149) @@ -366,7 +366,8 @@ obsolete(int *argcp, char **argvp[]) if (flags) { *p = '\0'; *nargv++ = flagsp; - } + } else + free(flagsp); /* Copy remaining arguments. */ while ((*nargv++ = *argv++)); Modified: stable/9/sbin/restore/symtab.c ============================================================================== --- stable/9/sbin/restore/symtab.c Fri May 6 01:37:06 2016 (r299148) +++ stable/9/sbin/restore/symtab.c Fri May 6 01:38:12 2016 (r299149) @@ -559,6 +559,7 @@ initsymtable(char *filename) fprintf(stderr, "read: %s\n", strerror(errno)); panic("cannot read symbol table file %s\n", filename); } + (void)close(fd); switch (command) { case 'r': /* From owner-svn-src-stable-9@freebsd.org Fri May 6 23:55:29 2016 Return-Path: Delivered-To: svn-src-stable-9@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C8C90B31354; Fri, 6 May 2016 23:55:29 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7B64D1455; Fri, 6 May 2016 23:55:29 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u46NtSn0061499; Fri, 6 May 2016 23:55:28 GMT (envelope-from rmacklem@FreeBSD.org) Received: (from rmacklem@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u46NtSZ0061497; Fri, 6 May 2016 23:55:28 GMT (envelope-from rmacklem@FreeBSD.org) Message-Id: <201605062355.u46NtSZ0061497@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: rmacklem set sender to rmacklem@FreeBSD.org using -f From: Rick Macklem Date: Fri, 6 May 2016 23:55:28 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r299207 - in stable/9/sys/fs: nfs nfsclient X-SVN-Group: stable-9 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-9@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for only the 9-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 May 2016 23:55:29 -0000 Author: rmacklem Date: Fri May 6 23:55:28 2016 New Revision: 299207 URL: https://svnweb.freebsd.org/changeset/base/299207 Log: MFC: r297837 Bruce Evans reported that there was a performance regression between the old and new NFS clients. He did a good job of isolating the problem which was caused by the new NFS client not setting the post write mtime correctly. The new NFS client code was cloned from the old client, but was incorrect, because the mtime in the nfs vnode's cache wasn't yet updated. This patch fixes this problem. The patch also adds missing mutex locking. Modified: stable/9/sys/fs/nfs/nfsport.h stable/9/sys/fs/nfsclient/nfs_clrpcops.c Directory Properties: stable/9/sys/ (props changed) stable/9/sys/fs/ (props changed) Modified: stable/9/sys/fs/nfs/nfsport.h ============================================================================== --- stable/9/sys/fs/nfs/nfsport.h Fri May 6 23:49:10 2016 (r299206) +++ stable/9/sys/fs/nfs/nfsport.h Fri May 6 23:55:28 2016 (r299207) @@ -706,12 +706,14 @@ MALLOC_DECLARE(M_NEWNFSDROLLBACK); /* * Set the n_time in the client write rpc, as required. */ -#define NFSWRITERPC_SETTIME(w, n, v4) \ +#define NFSWRITERPC_SETTIME(w, n, a, v4) \ do { \ if (w) { \ - (n)->n_mtime = (n)->n_vattr.na_vattr.va_mtime; \ + mtx_lock(&((n)->n_mtx)); \ + (n)->n_mtime = (a)->na_mtime; \ if (v4) \ - (n)->n_change = (n)->n_vattr.na_vattr.va_filerev; \ + (n)->n_change = (a)->na_filerev; \ + mtx_unlock(&((n)->n_mtx)); \ } \ } while (0) Modified: stable/9/sys/fs/nfsclient/nfs_clrpcops.c ============================================================================== --- stable/9/sys/fs/nfsclient/nfs_clrpcops.c Fri May 6 23:49:10 2016 (r299206) +++ stable/9/sys/fs/nfsclient/nfs_clrpcops.c Fri May 6 23:55:28 2016 (r299207) @@ -1618,7 +1618,7 @@ nfsrpc_writerpc(vnode_t vp, struct uio * } if (error) goto nfsmout; - NFSWRITERPC_SETTIME(wccflag, np, (nd->nd_flag & ND_NFSV4)); + NFSWRITERPC_SETTIME(wccflag, np, nap, (nd->nd_flag & ND_NFSV4)); mbuf_freem(nd->nd_mrep); nd->nd_mrep = NULL; tsiz -= len; From owner-svn-src-stable-9@freebsd.org Sat May 7 00:07:04 2016 Return-Path: Delivered-To: svn-src-stable-9@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A3C4EB31807; Sat, 7 May 2016 00:07:04 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 625391BD5; Sat, 7 May 2016 00:07:04 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u47073GX064578; Sat, 7 May 2016 00:07:03 GMT (envelope-from rmacklem@FreeBSD.org) Received: (from rmacklem@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u47073mF064577; Sat, 7 May 2016 00:07:03 GMT (envelope-from rmacklem@FreeBSD.org) Message-Id: <201605070007.u47073mF064577@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: rmacklem set sender to rmacklem@FreeBSD.org using -f From: Rick Macklem Date: Sat, 7 May 2016 00:07:03 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r299209 - stable/9/sys/fs/nfsserver X-SVN-Group: stable-9 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-9@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for only the 9-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 May 2016 00:07:04 -0000 Author: rmacklem Date: Sat May 7 00:07:03 2016 New Revision: 299209 URL: https://svnweb.freebsd.org/changeset/base/299209 Log: MFC: r297869 If the VOP_SETATTR() call that saves the exclusive create verifier failed, the NFS server would leave the newly created vnode locked. This could result in a file system that would not unmount and processes wedged, waiting for the file to be unlocked. Since this VOP_SETATTR() never fails for most file systems, this bug doesn't normally manifest itself. I found it during testing of an exported GlusterFS file system, which can fail. This patch adds the vput() and changes the error to the correct NFS one. Modified: stable/9/sys/fs/nfsserver/nfs_nfsdport.c Directory Properties: stable/9/sys/ (props changed) stable/9/sys/fs/ (props changed) Modified: stable/9/sys/fs/nfsserver/nfs_nfsdport.c ============================================================================== --- stable/9/sys/fs/nfsserver/nfs_nfsdport.c Sat May 7 00:02:28 2016 (r299208) +++ stable/9/sys/fs/nfsserver/nfs_nfsdport.c Sat May 7 00:07:03 2016 (r299209) @@ -788,6 +788,11 @@ nfsvno_createsub(struct nfsrv_descript * nvap->na_atime.tv_nsec = cverf[1]; error = VOP_SETATTR(ndp->ni_vp, &nvap->na_vattr, nd->nd_cred); + if (error != 0) { + vput(ndp->ni_vp); + ndp->ni_vp = NULL; + error = NFSERR_NOTSUPP; + } } } /* @@ -1413,6 +1418,11 @@ nfsvno_open(struct nfsrv_descript *nd, s nvap->na_atime.tv_nsec = cverf[1]; nd->nd_repstat = VOP_SETATTR(ndp->ni_vp, &nvap->na_vattr, cred); + if (nd->nd_repstat != 0) { + vput(ndp->ni_vp); + ndp->ni_vp = NULL; + nd->nd_repstat = NFSERR_NOTSUPP; + } } else { nfsrv_fixattr(nd, ndp->ni_vp, nvap, aclp, p, attrbitp, exp); From owner-svn-src-stable-9@freebsd.org Sat May 7 08:26:07 2016 Return-Path: Delivered-To: svn-src-stable-9@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3D2C9B31E81; Sat, 7 May 2016 08:26:07 +0000 (UTC) (envelope-from dchagin@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 039691059; Sat, 7 May 2016 08:26:06 +0000 (UTC) (envelope-from dchagin@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u478Q6dU019972; Sat, 7 May 2016 08:26:06 GMT (envelope-from dchagin@FreeBSD.org) Received: (from dchagin@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u478Q5hN019966; Sat, 7 May 2016 08:26:05 GMT (envelope-from dchagin@FreeBSD.org) Message-Id: <201605070826.u478Q5hN019966@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: dchagin set sender to dchagin@FreeBSD.org using -f From: Dmitry Chagin Date: Sat, 7 May 2016 08:26:05 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r299214 - in stable/9/sys: compat/svr4 dev/streams modules/streams modules/svr4 X-SVN-Group: stable-9 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-9@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for only the 9-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 May 2016 08:26:07 -0000 Author: dchagin Date: Sat May 7 08:26:05 2016 New Revision: 299214 URL: https://svnweb.freebsd.org/changeset/base/299214 Log: MFC r298519: Fix streams and svr4 module dependency. Both modules are complaining about undefined symbol svr4_delete_socket which was moved from streams to the svr4 module in r160558 that created a two-way dependency between them. MFC r298520: Allow to build svr4 module with SYSV support separatelly from the kernel build. PR: 208464 Reported by: Kristoffer Eriksson Modified: stable/9/sys/compat/svr4/svr4_ipc.c stable/9/sys/compat/svr4/svr4_socket.c stable/9/sys/compat/svr4/svr4_sysvec.c stable/9/sys/dev/streams/streams.c stable/9/sys/modules/streams/Makefile stable/9/sys/modules/svr4/Makefile Directory Properties: stable/9/sys/ (props changed) stable/9/sys/dev/ (props changed) stable/9/sys/modules/ (props changed) stable/9/sys/modules/svr4/ (props changed) Modified: stable/9/sys/compat/svr4/svr4_ipc.c ============================================================================== --- stable/9/sys/compat/svr4/svr4_ipc.c Sat May 7 03:41:29 2016 (r299213) +++ stable/9/sys/compat/svr4/svr4_ipc.c Sat May 7 08:26:05 2016 (r299214) @@ -86,14 +86,10 @@ __FBSDID("$FreeBSD$"); #include #include -#if defined(SYSVMSG) || defined(SYSVSHM) || defined(SYSVSEM) static void svr4_to_bsd_ipc_perm(const struct svr4_ipc_perm *, struct ipc_perm *); static void bsd_to_svr4_ipc_perm(const struct ipc_perm *, struct svr4_ipc_perm *); -#endif - -#ifdef SYSVSEM static void bsd_to_svr4_semid_ds(const struct semid_ds *, struct svr4_semid_ds *); static void svr4_to_bsd_semid_ds(const struct svr4_semid_ds *, @@ -101,9 +97,6 @@ static void svr4_to_bsd_semid_ds(const s static int svr4_semop(struct thread *, void *); static int svr4_semget(struct thread *, void *); static int svr4_semctl(struct thread *, void *); -#endif - -#ifdef SYSVMSG static void bsd_to_svr4_msqid_ds(const struct msqid_ds *, struct svr4_msqid_ds *); static void svr4_to_bsd_msqid_ds(const struct svr4_msqid_ds *, @@ -112,9 +105,6 @@ static int svr4_msgsnd(struct thread *, static int svr4_msgrcv(struct thread *, void *); static int svr4_msgget(struct thread *, void *); static int svr4_msgctl(struct thread *, void *); -#endif - -#ifdef SYSVSHM static void bsd_to_svr4_shmid_ds(const struct shmid_ds *, struct svr4_shmid_ds *); static void svr4_to_bsd_shmid_ds(const struct svr4_shmid_ds *, @@ -123,9 +113,6 @@ static int svr4_shmat(struct thread *, v static int svr4_shmdt(struct thread *, void *); static int svr4_shmget(struct thread *, void *); static int svr4_shmctl(struct thread *, void *); -#endif - -#if defined(SYSVMSG) || defined(SYSVSHM) || defined(SYSVSEM) static void svr4_to_bsd_ipc_perm(spp, bpp) @@ -154,9 +141,7 @@ bsd_to_svr4_ipc_perm(bpp, spp) spp->mode = bpp->mode; spp->seq = bpp->seq; } -#endif -#ifdef SYSVSEM static void bsd_to_svr4_semid_ds(bds, sds) const struct semid_ds *bds; @@ -331,10 +316,7 @@ svr4_sys_semsys(td, uap) } } -MODULE_DEPEND(svr4elf, sysvsem, 1, 1, 1); -#endif -#ifdef SYSVMSG static void bsd_to_svr4_msqid_ds(bds, sds) const struct msqid_ds *bds; @@ -421,7 +403,7 @@ svr4_msgrcv(td, v) return sys_msgrcv(td, &ap); } - + struct svr4_sys_msgget_args { int what; svr4_key_t key; @@ -504,10 +486,6 @@ svr4_sys_msgsys(td, uap) } } -MODULE_DEPEND(svr4elf, sysvmsg, 1, 1, 1); -#endif - -#ifdef SYSVSHM static void bsd_to_svr4_shmid_ds(bds, sds) @@ -657,7 +635,7 @@ svr4_shmctl(td, v) default: return (EINVAL); } - + error = kern_shmctl(td, uap->shmid, cmd, &bs, &bufsize); if (error) return (error); @@ -697,4 +675,5 @@ svr4_sys_shmsys(td, uap) } MODULE_DEPEND(svr4elf, sysvshm, 1, 1, 1); -#endif /* SYSVSHM */ +MODULE_DEPEND(svr4elf, sysvmsg, 1, 1, 1); +MODULE_DEPEND(svr4elf, sysvsem, 1, 1, 1); Modified: stable/9/sys/compat/svr4/svr4_socket.c ============================================================================== --- stable/9/sys/compat/svr4/svr4_socket.c Sat May 7 03:41:29 2016 (r299213) +++ stable/9/sys/compat/svr4/svr4_socket.c Sat May 7 08:26:05 2016 (r299214) @@ -66,6 +66,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include struct svr4_sockcache_entry { struct proc *p; /* Process for the socket */ @@ -168,6 +169,19 @@ svr4_delete_socket(p, fp) mtx_unlock(&svr4_sockcache_lock); } +struct svr4_strm * +svr4_stream_get(fp) + struct file *fp; +{ + struct socket *so; + + if (fp == NULL || fp->f_type != DTYPE_SOCKET) + return NULL; + + so = fp->f_data; + return so->so_emuldata; +} + void svr4_purge_sockcache(arg, p) void *arg; Modified: stable/9/sys/compat/svr4/svr4_sysvec.c ============================================================================== --- stable/9/sys/compat/svr4/svr4_sysvec.c Sat May 7 03:41:29 2016 (r299213) +++ stable/9/sys/compat/svr4/svr4_sysvec.c Sat May 7 08:26:05 2016 (r299214) @@ -311,4 +311,4 @@ static moduledata_t svr4_elf_mod = { 0 }; DECLARE_MODULE_TIED(svr4elf, svr4_elf_mod, SI_SUB_EXEC, SI_ORDER_ANY); -MODULE_DEPEND(svr4elf, streams, 1, 1, 1); +MODULE_VERSION(svr4elf, 1); Modified: stable/9/sys/dev/streams/streams.c ============================================================================== --- stable/9/sys/dev/streams/streams.c Sat May 7 03:41:29 2016 (r299213) +++ stable/9/sys/dev/streams/streams.c Sat May 7 08:26:05 2016 (r299214) @@ -175,6 +175,7 @@ static moduledata_t streams_mod = { }; DECLARE_MODULE(streams, streams_mod, SI_SUB_DRIVERS, SI_ORDER_ANY); MODULE_VERSION(streams, 1); +MODULE_DEPEND(streams, svr4elf, 1, 1, 1); /* * We only need open() and close() routines. open() calls socreate() @@ -328,19 +329,6 @@ svr4_ptm_alloc(td) } -struct svr4_strm * -svr4_stream_get(fp) - struct file *fp; -{ - struct socket *so; - - if (fp == NULL || fp->f_type != DTYPE_SOCKET) - return NULL; - - so = fp->f_data; - return so->so_emuldata; -} - static int svr4_soo_close(struct file *fp, struct thread *td) { Modified: stable/9/sys/modules/streams/Makefile ============================================================================== --- stable/9/sys/modules/streams/Makefile Sat May 7 03:41:29 2016 (r299213) +++ stable/9/sys/modules/streams/Makefile Sat May 7 08:26:05 2016 (r299214) @@ -5,10 +5,6 @@ KMOD= streams SRCS= streams.c -EXPORT_SYMS= svr4_str_initialized \ - svr4_stream_get \ - svr4_delete_socket - .if defined(DEBUG) CFLAGS+= -DDEBUG_SVR4 .endif Modified: stable/9/sys/modules/svr4/Makefile ============================================================================== --- stable/9/sys/modules/svr4/Makefile Sat May 7 03:41:29 2016 (r299213) +++ stable/9/sys/modules/svr4/Makefile Sat May 7 08:26:05 2016 (r299214) @@ -8,6 +8,7 @@ SRCS= svr4_sysent.c svr4_sysvec.c opt_co svr4_termios.c svr4_stream.c svr4_socket.c svr4_sockio.c \ svr4_machdep.c svr4_resource.c svr4_ipc.c OBJS= svr4_locore.o +EXPORT_SYMS= svr4_delete_socket SRCS+= opt_ktrace.h opt_sysvipc.h From owner-svn-src-stable-9@freebsd.org Sat May 7 21:34:05 2016 Return-Path: Delivered-To: svn-src-stable-9@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CCD3EB32946; Sat, 7 May 2016 21:34:05 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 900431371; Sat, 7 May 2016 21:34:05 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u47LY4pv058787; Sat, 7 May 2016 21:34:04 GMT (envelope-from rmacklem@FreeBSD.org) Received: (from rmacklem@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u47LY4vU058786; Sat, 7 May 2016 21:34:04 GMT (envelope-from rmacklem@FreeBSD.org) Message-Id: <201605072134.u47LY4vU058786@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: rmacklem set sender to rmacklem@FreeBSD.org using -f From: Rick Macklem Date: Sat, 7 May 2016 21:34:04 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r299225 - stable/9/sys/fs/nfsserver X-SVN-Group: stable-9 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-9@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for only the 9-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 May 2016 21:34:05 -0000 Author: rmacklem Date: Sat May 7 21:34:04 2016 New Revision: 299225 URL: https://svnweb.freebsd.org/changeset/base/299225 Log: MFC: r298523 Allow the NFSv4 server to reply NFSERR_WRONGSEC for the SetClientID operation. It was reported via email that a Linux client couldn't do a Kerberized NFS mount when only "sec=krb5" was specified for the exports. The Linux client attempted a mount via krb5i and the server replied NFSERR_SERVERFAULT. Although NFSERR_WRONGSEC isn't listed as an error for SetClientID, I think it is the correct reply, so this patch enables that. I do not know if this fixes the mount attempt, but adding "krb5i" to the list of allowed security flavours does allow the mount to work. Modified: stable/9/sys/fs/nfsserver/nfs_nfsdsubs.c Directory Properties: stable/9/sys/ (props changed) stable/9/sys/fs/ (props changed) Modified: stable/9/sys/fs/nfsserver/nfs_nfsdsubs.c ============================================================================== --- stable/9/sys/fs/nfsserver/nfs_nfsdsubs.c Sat May 7 20:23:26 2016 (r299224) +++ stable/9/sys/fs/nfsserver/nfs_nfsdsubs.c Sat May 7 21:34:04 2016 (r299225) @@ -1130,6 +1130,7 @@ static short nfsv4err_setclientid[] = { NFSERR_INVAL, NFSERR_RESOURCE, NFSERR_SERVERFAULT, + NFSERR_WRONGSEC, 0, };