From owner-svn-src-all@freebsd.org Thu Feb 2 19:56:42 2017 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AF455CCDCB0; Thu, 2 Feb 2017 19:56:42 +0000 (UTC) (envelope-from glebius@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 89C85C38; Thu, 2 Feb 2017 19:56:42 +0000 (UTC) (envelope-from glebius@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v12JufSr057278; Thu, 2 Feb 2017 19:56:41 GMT (envelope-from glebius@FreeBSD.org) Received: (from glebius@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v12JufOv057273; Thu, 2 Feb 2017 19:56:41 GMT (envelope-from glebius@FreeBSD.org) Message-Id: <201702021956.v12JufOv057273@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: glebius set sender to glebius@FreeBSD.org using -f From: Gleb Smirnoff Date: Thu, 2 Feb 2017 19:56:41 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r313104 - in head: contrib/tcpdump usr.sbin/tcpdump/tcpdump X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Feb 2017 19:56:42 -0000 Author: glebius Date: Thu Feb 2 19:56:41 2017 New Revision: 313104 URL: https://svnweb.freebsd.org/changeset/base/313104 Log: Reduce diff to upstream using HAVE_CAPSICUM instead of __FreeBSD__. It'll also make it easier to upstream HAVE_CASPER patch. Modified: head/contrib/tcpdump/config.h.in head/contrib/tcpdump/configure head/contrib/tcpdump/configure.in head/contrib/tcpdump/tcpdump.c head/usr.sbin/tcpdump/tcpdump/config.h Modified: head/contrib/tcpdump/config.h.in ============================================================================== --- head/contrib/tcpdump/config.h.in Thu Feb 2 19:50:28 2017 (r313103) +++ head/contrib/tcpdump/config.h.in Thu Feb 2 19:56:41 2017 (r313104) @@ -9,8 +9,8 @@ /* Define to 1 if you have the `bpf_dump' function. */ #undef HAVE_BPF_DUMP -/* Casper library support available */ -#undef HAVE_CASPER +/* capsicum support available */ +#undef HAVE_CAPSICUM /* Define to 1 if you have the `cap_enter' function. */ #undef HAVE_CAP_ENTER Modified: head/contrib/tcpdump/configure ============================================================================== --- head/contrib/tcpdump/configure Thu Feb 2 19:50:28 2017 (r313103) +++ head/contrib/tcpdump/configure Thu Feb 2 19:56:41 2017 (r313104) @@ -4593,7 +4593,7 @@ fi $as_echo_n "checking whether to sandbox using capsicum... " >&6; } if test "x$ac_lbl_capsicum_function_seen" = "xyes" -a "x$ac_lbl_capsicum_function_not_seen" != "xyes"; then -$as_echo "#define HAVE_CASPER 1" >>confdefs.h +$as_echo "#define HAVE_CAPSICUM 1" >>confdefs.h { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } Modified: head/contrib/tcpdump/configure.in ============================================================================== --- head/contrib/tcpdump/configure.in Thu Feb 2 19:50:28 2017 (r313103) +++ head/contrib/tcpdump/configure.in Thu Feb 2 19:56:41 2017 (r313104) @@ -228,7 +228,7 @@ if test ! -z "$with_sandbox-capsicum" && fi AC_MSG_CHECKING([whether to sandbox using capsicum]) if test "x$ac_lbl_capsicum_function_seen" = "xyes" -a "x$ac_lbl_capsicum_function_not_seen" != "xyes"; then - AC_DEFINE(HAVE_CASPER, 1, [casper support available]) + AC_DEFINE(HAVE_CAPSICUM, 1, [capsicum support available]) AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) Modified: head/contrib/tcpdump/tcpdump.c ============================================================================== --- head/contrib/tcpdump/tcpdump.c Thu Feb 2 19:50:28 2017 (r313103) +++ head/contrib/tcpdump/tcpdump.c Thu Feb 2 19:56:41 2017 (r313104) @@ -75,18 +75,18 @@ The Regents of the University of Califor * to compile if has already been included; including the headers * in the opposite order works fine. */ -#ifdef __FreeBSD__ +#ifdef HAVE_CAPSICUM #include #include +#include +#include +#include #include #ifdef HAVE_CASPER #include #include -#include -#include -#include #endif /* HAVE_CASPER */ -#endif /* __FreeBSD__ */ +#endif /* HAVE_CAPSICUM */ #include #include #include @@ -249,7 +249,7 @@ struct dump_info { char *CurrentFileName; pcap_t *pd; pcap_dumper_t *p; -#ifdef __FreeBSD__ +#ifdef HAVE_CAPSICUM int dirfd; #endif }; @@ -789,7 +789,7 @@ tstamp_precision_to_string(int precision } #endif -#ifdef __FreeBSD__ +#ifdef HAVE_CAPSICUM /* * Ensure that, on a dump file's descriptor, we have all the rights * necessary to make the standard I/O library work with an fdopen()ed @@ -1188,10 +1188,10 @@ main(int argc, char **argv) #endif int status; FILE *VFile; -#ifdef __FreeBSD__ +#ifdef HAVE_CAPSICUM cap_rights_t rights; -#endif /* !__FreeBSD__ */ int cansandbox; +#endif /* HAVE_CAPSICUM */ int Oflag = 1; /* run filter code optimizer */ int yflag_dlt = -1; const char *yflag_dlt_name = NULL; @@ -1685,7 +1685,7 @@ main(int argc, char **argv) if (pd == NULL) error("%s", ebuf); -#ifdef __FreeBSD__ +#ifdef HAVE_CAPSICUM cap_rights_init(&rights, CAP_READ); if (cap_rights_limit(fileno(pcap_file(pd)), &rights) < 0 && errno != ENOSYS) { @@ -1916,7 +1916,7 @@ main(int argc, char **argv) if (pcap_setfilter(pd, &fcode) < 0) error("%s", pcap_geterr(pd)); -#ifdef __FreeBSD__ +#ifdef HAVE_CAPSICUM if (RFileName == NULL && VFileName == NULL) { static const unsigned long cmds[] = { BIOCGSTATS, BIOCROTZBUF }; @@ -1966,11 +1966,11 @@ main(int argc, char **argv) #endif /* HAVE_LIBCAP_NG */ if (p == NULL) error("%s", pcap_geterr(pd)); -#ifdef __FreeBSD__ +#ifdef HAVE_CAPSICUM set_dumper_capsicum_rights(p); #endif if (Cflag != 0 || Gflag != 0) { -#ifdef __FreeBSD__ +#ifdef HAVE_CAPSICUM dumpinfo.WFileName = strdup(basename(WFileName)); if (dumpinfo.WFileName == NULL) { error("Unable to allocate memory for file %s", @@ -1992,7 +1992,7 @@ main(int argc, char **argv) errno != ENOSYS) { error("unable to limit dump descriptor fcntls"); } -#else /* !__FreeBSD__ */ +#else /* !HAVE_CAPSICUM */ dumpinfo.WFileName = WFileName; #endif callback = dump_packet_and_trunc; @@ -2064,7 +2064,7 @@ main(int argc, char **argv) (void)fflush(stderr); } -#ifdef __FreeBSD__ +#ifdef HAVE_CAPSICUM cansandbox = (VFileName == NULL && zflag == NULL); #ifdef HAVE_CASPER cansandbox = (cansandbox && (ndo->ndo_nflag || capdns != NULL)); @@ -2073,7 +2073,7 @@ main(int argc, char **argv) #endif /* HAVE_CASPER */ if (cansandbox && cap_enter() < 0 && errno != ENOSYS) error("unable to enter the capability mode"); -#endif /* __FreeBSD __ */ +#endif /* HAVE_CAPSICUM */ do { status = pcap_loop(pd, cnt, callback, pcap_userdata); @@ -2124,7 +2124,7 @@ main(int argc, char **argv) pd = pcap_open_offline(RFileName, ebuf); if (pd == NULL) error("%s", ebuf); -#ifdef __FreeBSD__ +#ifdef HAVE_CAPSICUM cap_rights_init(&rights, CAP_READ); if (cap_rights_limit(fileno(pcap_file(pd)), &rights) < 0 && errno != ENOSYS) { @@ -2378,7 +2378,7 @@ dump_packet_and_trunc(u_char *user, cons /* If the time is greater than the specified window, rotate */ if (t - Gflag_time >= Gflag) { -#ifdef __FreeBSD__ +#ifdef HAVE_CAPSICUM FILE *fp; int fd; #endif @@ -2437,7 +2437,7 @@ dump_packet_and_trunc(u_char *user, cons capng_update(CAPNG_ADD, CAPNG_EFFECTIVE, CAP_DAC_OVERRIDE); capng_apply(CAPNG_SELECT_BOTH); #endif /* HAVE_LIBCAP_NG */ -#ifdef __FreeBSD__ +#ifdef HAVE_CAPSICUM fd = openat(dump_info->dirfd, dump_info->CurrentFileName, O_CREAT | O_WRONLY | O_TRUNC, 0644); @@ -2451,7 +2451,7 @@ dump_packet_and_trunc(u_char *user, cons dump_info->CurrentFileName); } dump_info->p = pcap_dump_fopen(dump_info->pd, fp); -#else /* !__FreeBSD__ */ +#else /* !HAVE_CAPSICUM */ dump_info->p = pcap_dump_open(dump_info->pd, dump_info->CurrentFileName); #endif #ifdef HAVE_LIBCAP_NG @@ -2460,7 +2460,7 @@ dump_packet_and_trunc(u_char *user, cons #endif /* HAVE_LIBCAP_NG */ if (dump_info->p == NULL) error("%s", pcap_geterr(pd)); -#ifdef __FreeBSD__ +#ifdef HAVE_CAPSICUM set_dumper_capsicum_rights(dump_info->p); #endif } @@ -2477,7 +2477,7 @@ dump_packet_and_trunc(u_char *user, cons if (size == -1) error("ftell fails on output file"); if (size > Cflag) { -#ifdef __FreeBSD__ +#ifdef HAVE_CAPSICUM FILE *fp; int fd; #endif @@ -2509,7 +2509,7 @@ dump_packet_and_trunc(u_char *user, cons capng_update(CAPNG_ADD, CAPNG_EFFECTIVE, CAP_DAC_OVERRIDE); capng_apply(CAPNG_SELECT_BOTH); #endif /* HAVE_LIBCAP_NG */ -#ifdef __FreeBSD__ +#ifdef HAVE_CAPSICUM fd = openat(dump_info->dirfd, dump_info->CurrentFileName, O_CREAT | O_WRONLY | O_TRUNC, 0644); if (fd < 0) { @@ -2522,7 +2522,7 @@ dump_packet_and_trunc(u_char *user, cons dump_info->CurrentFileName); } dump_info->p = pcap_dump_fopen(dump_info->pd, fp); -#else /* !__FreeBSD__ */ +#else /* !HAVE_CAPSICUM */ dump_info->p = pcap_dump_open(dump_info->pd, dump_info->CurrentFileName); #endif #ifdef HAVE_LIBCAP_NG @@ -2531,7 +2531,7 @@ dump_packet_and_trunc(u_char *user, cons #endif /* HAVE_LIBCAP_NG */ if (dump_info->p == NULL) error("%s", pcap_geterr(pd)); -#ifdef __FreeBSD__ +#ifdef HAVE_CAPSICUM set_dumper_capsicum_rights(dump_info->p); #endif } Modified: head/usr.sbin/tcpdump/tcpdump/config.h ============================================================================== --- head/usr.sbin/tcpdump/tcpdump/config.h Thu Feb 2 19:50:28 2017 (r313103) +++ head/usr.sbin/tcpdump/tcpdump/config.h Thu Feb 2 19:56:41 2017 (r313104) @@ -13,6 +13,9 @@ /* Define to 1 if you have the `bpf_dump' function. */ #define HAVE_BPF_DUMP 1 +/* capsicum support available */ +#define HAVE_CAPSICUM 1 + /* Casper library support available */ /* See Makefile */ /* #undef HAVE_CASPER */