From nobody Sat Oct 25 21:56:30 2025
X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4cvDB65rJvz6Dddk;
	Sat, 25 Oct 2025 21:56:30 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R12" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4cvDB652zLz3kNZ;
	Sat, 25 Oct 2025 21:56:30 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1761429390;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=d3Z1LKOTbkIeejzcuUzxOfKiX8qD4us7IIfLPHWo/a4=;
	b=ZnU58DxrWnMV8QTGQdtY9ZOkmzbld1OSvDICtzLxRMjYUZJyI2d52SlpdeIEuL9om9ZqTz
	u5xFfMfxMw6uQMULA58zu+gfWl8A+cwEocBKqt5SCeOWu0VH/+ZQkunTcKlu+Zq5tHFL0l
	GTSFRKeH4uMgndrEKu63RTy35Y+YQqswKE+GI5Z7zpSIFfxeYklX1tEaaFEloZNug8qV6T
	cZgZHoHHt6IiCX7tXTjKGOFRGH/8chcvPCdE+OaWF7BCeFH8ql9jtNL9nc8TlAt50U3LNt
	S36BBpgAi+XWTnr2XyUTRVzebiJK4pKAeYhLwK5S6m6jHJKEtiUVaLmfjQ/USg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1761429390;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=d3Z1LKOTbkIeejzcuUzxOfKiX8qD4us7IIfLPHWo/a4=;
	b=plHszZWS7MP1NNFTzJYFlzkBEtbq7HE/pI13Y/B9ExoUGVWm5492/Gt1d8E3stW/Q5p1xs
	2/C5WYIP1S/sIVnYTyMimiwTemFkapwAbwcvG7mxwLimj7FqMzuzfHxk1JchIywgwWJy8V
	ekTISbtW0hq/WtcnqpPDMXmcdExljusnKsRxrH/nkzqdbI99ocq4eyK/Pm0zXILZJF4Elj
	gdmcTbJvWZ5k5ba0o+W5CFQBaZb5K+j0z4lBIFNLDJyVXRCj6Va3XP/vdIPyLi1wFU2OaF
	sdwYocEEP9alDlOeQ4fv25JIpjy61lA35HbjU99tggjKDshnGljfVe6/M5Au1Q==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1761429390; a=rsa-sha256; cv=none;
	b=a1zcBs7r2jNR6QYzsrbs7lUGyZ5naQGA2Pd/L/pxi0GuA29jp6/aqmQzUBA0prUWsxj6NC
	IH2E4ZrD62icF3ZJ56E6vloZTSxbEqP8XAC9VHK043W3H6WAKlvhRW/ruR/u+FMECvt6uY
	saO2SeCS3k8+AJ2zIod3cgzmj48K1mfL1kxZTI1rMqqu/HIwOdIzZnhMbryfytUBHB8bJu
	A/rjlGQ+FmGMSFzZPetkwZAoc2C2B4X8BIKCrfJ40ZtM5nEhHi9XrccoLgURxbV7Y7tv60
	R0vhds+G+Dh4PNLQtYXowEHNy0FHf85YaBS+q4k6KVqymNHNia/NAUZ+QP/xkw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4cvDB64RJnz145t;
	Sat, 25 Oct 2025 21:56:30 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 59PLuUsX060739;
	Sat, 25 Oct 2025 21:56:30 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 59PLuUZe060736;
	Sat, 25 Oct 2025 21:56:30 GMT
	(envelope-from git)
Date: Sat, 25 Oct 2025 21:56:30 GMT
Message-Id: <202510252156.59PLuUZe060736@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: Jose Luis Duran <jlduran@FreeBSD.org>
Subject: git: eae98e28a0e1 - main - blocklist: blacklist: Chase
  recent upstream changes
List-Id: Commit messages for the main branch of the src repository <dev-commits-src-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main
List-Help: <mailto:dev-commits-src-main+help@freebsd.org>
List-Post: <mailto:dev-commits-src-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-main+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-main@freebsd.org
Sender: owner-dev-commits-src-main@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: jlduran
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: eae98e28a0e17f625e29f9849a4dc655636d9164
Auto-Submitted: auto-generated

The branch main has been updated by jlduran:

URL: https://cgit.FreeBSD.org/src/commit/?id=eae98e28a0e17f625e29f9849a4dc655636d9164

commit eae98e28a0e17f625e29f9849a4dc655636d9164
Author:     Jose Luis Duran <jlduran@FreeBSD.org>
AuthorDate: 2025-10-25 21:24:13 +0000
Commit:     Jose Luis Duran <jlduran@FreeBSD.org>
CommitDate: 2025-10-25 21:56:08 +0000

    blocklist: blacklist: Chase recent upstream changes
    
    Upstream introduced an extra column in blocklistctl(8) to display the
    name of the rule associated in the database entry.
    
    It is intended to avoid confusion when seemingly duplicate locations
    appear in the output of the blocklistctl dump command.  Especially when
    users are transitioning from the old nomenclature to the new one.
    
    The latest patches will not be fully backported to blacklistctl(8), to
    avoid breaking current scripts that may be parsing its output.  Also we
    are slowly preparing to feature-freeze everything related to blacklist.
    
    MFC:    2 days
---
 contrib/blocklist/bin/blacklistctl.8 |  3 +--
 contrib/blocklist/bin/blacklistd.c   | 18 ++++++++----------
 contrib/blocklist/bin/blocklistctl.8 |  6 +++++-
 3 files changed, 14 insertions(+), 13 deletions(-)

diff --git a/contrib/blocklist/bin/blacklistctl.8 b/contrib/blocklist/bin/blacklistctl.8
index 4d557c0c979d..08f1d1b9e5af 100644
--- a/contrib/blocklist/bin/blacklistctl.8
+++ b/contrib/blocklist/bin/blacklistctl.8
@@ -45,7 +45,6 @@ is a program used to display and change the state of the
 database.
 The following sub-commands are supported:
 .Ss dump
-.Pp
 The following options are available for the
 .Cm dump
 sub-command:
@@ -90,7 +89,7 @@ associated with the database entry.
 column will show the identifier for the packet filter rule associated
 with the database entry, though this may only be the word
 .Ql OK
-for packet filters which do not creat a unique identifier for each rule.
+for packet filters which do not create a unique identifier for each rule.
 .It Ql nfail
 The number of
 .Em failures
diff --git a/contrib/blocklist/bin/blacklistd.c b/contrib/blocklist/bin/blacklistd.c
index ded3075ed707..b5f9358122ef 100644
--- a/contrib/blocklist/bin/blacklistd.c
+++ b/contrib/blocklist/bin/blacklistd.c
@@ -1,4 +1,4 @@
-/*	$NetBSD: blocklistd.c,v 1.10 2025/03/26 17:09:35 christos Exp $	*/
+/*	$NetBSD: blocklistd.c,v 1.11 2025/10/25 16:55:23 christos Exp $	*/
 
 /*-
  * Copyright (c) 2015 The NetBSD Foundation, Inc.
@@ -35,7 +35,7 @@
 #ifdef HAVE_SYS_CDEFS_H
 #include <sys/cdefs.h>
 #endif
-__RCSID("$NetBSD: blocklistd.c,v 1.10 2025/03/26 17:09:35 christos Exp $");
+__RCSID("$NetBSD: blocklistd.c,v 1.11 2025/10/25 16:55:23 christos Exp $");
 
 #include <sys/types.h>
 #include <sys/socket.h>
@@ -191,12 +191,12 @@ process(bl_t bl)
 	}
 
 	if (getremoteaddress(bi, &rss, &rsl) == -1)
-		goto out;
+		return;
 
 	if (debug || bi->bi_msg[0]) {
 		sockaddr_snprintf(rbuf, sizeof(rbuf), "%a:%p", (void *)&rss);
 		(*lfun)(bi->bi_msg[0] ? LOG_INFO : LOG_DEBUG,
-		    "processing type=%d fd=%d remote=%s msg=%s uid=%lu gid=%lu",
+		    "processing type=%d fd=%d remote=%s msg=\"%s\" uid=%lu gid=%lu",
 		    bi->bi_type, bi->bi_fd, rbuf,
 		    bi->bi_msg, (unsigned long)bi->bi_uid,
 		    (unsigned long)bi->bi_gid);
@@ -204,12 +204,12 @@ process(bl_t bl)
 
 	if (conf_find(bi->bi_fd, bi->bi_uid, &rss, &c) == NULL) {
 		(*lfun)(LOG_DEBUG, "no rule matched");
-		goto out;
+		return;
 	}
 
 
 	if (state_get(state, &c, &dbi) == -1)
-		goto out;
+		return;
 
 	if (debug) {
 		char b1[128], b2[128];
@@ -226,7 +226,7 @@ process(bl_t bl)
 		 * set the number of fails to be one less than the
 		 * configured limit.  Fallthrough to the normal BL_ADD
 		 * processing, which will increment the failure count
-		 * to the threshhold, and block the abusive address.
+		 * to the threshold, and block the abusive address.
 		 */
 		if (c.c_nfail != -1)
 			dbi.count = c.c_nfail - 1;
@@ -269,8 +269,6 @@ process(bl_t bl)
 	state_put(state, &c, &dbi);
 
 out:
-	close(bi->bi_fd);
-
 	if (debug) {
 		char b1[128], b2[128];
 		(*lfun)(LOG_DEBUG, "%s: final db state for %s: count=%d/%d "
@@ -565,7 +563,7 @@ main(int argc, char *argv[])
 			conf_parse(configfile);
 		}
 		ret = poll(pfd, (nfds_t)nfd, tout);
-		if (debug)
+		if (debug && ret != 0)
 			(*lfun)(LOG_DEBUG, "received %d from poll()", ret);
 		switch (ret) {
 		case -1:
diff --git a/contrib/blocklist/bin/blocklistctl.8 b/contrib/blocklist/bin/blocklistctl.8
index 7943c54159c1..75228599a9de 100644
--- a/contrib/blocklist/bin/blocklistctl.8
+++ b/contrib/blocklist/bin/blocklistctl.8
@@ -27,7 +27,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 .\" POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd January 27, 2025
+.Dd October 25, 2025
 .Dt BLOCKLISTCTL 8
 .Os
 .Sh NAME
@@ -82,6 +82,10 @@ sub-command consists of a header (unless
 was given) and one line for each record in the database, where each line
 has the following columns:
 .Bl -tag -width indent
+.It Ql rulename
+The packet filter rule name associated with the database entry,
+usually
+.Dv blocklistd .
 .It Ql address/ma:port
 The remote address, mask, and local port number of the client connection
 associated with the database entry.