Date: Wed, 15 Oct 2014 12:37:57 +0000 (UTC) From: Mark Murray <markm@FreeBSD.org> To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r273128 - in projects/random_number_generator: cddl/contrib/opensolaris/cmd/dtrace/test/tst/common/usdt lib/libc/arm/aeabi lib/libfetch release release/amd64 release/i386 release/tools ... Message-ID: <201410151237.s9FCbv9Q018071@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: markm Date: Wed Oct 15 12:37:56 2014 New Revision: 273128 URL: https://svnweb.freebsd.org/changeset/base/273128 Log: MFC - tracking commit. Merging r273070 through r273127. Added: projects/random_number_generator/lib/libc/arm/aeabi/aeabi_asm_double.S - copied unchanged from r273127, head/lib/libc/arm/aeabi/aeabi_asm_double.S projects/random_number_generator/lib/libc/arm/aeabi/aeabi_asm_float.S - copied unchanged from r273127, head/lib/libc/arm/aeabi/aeabi_asm_float.S projects/random_number_generator/release/amd64/mk-azure.sh - copied unchanged from r273127, head/release/amd64/mk-azure.sh projects/random_number_generator/release/i386/mk-azure.sh - copied unchanged from r273127, head/release/i386/mk-azure.sh projects/random_number_generator/release/tools/azure.conf - copied unchanged from r273127, head/release/tools/azure.conf Deleted: projects/random_number_generator/cddl/contrib/opensolaris/cmd/dtrace/test/tst/common/usdt/main.c Modified: projects/random_number_generator/lib/libc/arm/aeabi/Makefile.inc projects/random_number_generator/lib/libc/arm/aeabi/Symbol.map projects/random_number_generator/lib/libc/arm/aeabi/aeabi_double.c projects/random_number_generator/lib/libc/arm/aeabi/aeabi_float.c projects/random_number_generator/lib/libc/arm/aeabi/aeabi_vfp_double.S projects/random_number_generator/lib/libc/arm/aeabi/aeabi_vfp_float.S projects/random_number_generator/lib/libfetch/common.c projects/random_number_generator/lib/libfetch/fetch.3 projects/random_number_generator/release/Makefile projects/random_number_generator/release/amd64/mk-vmimage.sh projects/random_number_generator/release/i386/mk-vmimage.sh projects/random_number_generator/share/examples/bhyve/vmrun.sh projects/random_number_generator/share/man/man4/gif.4 projects/random_number_generator/share/man/man4/tcp.4 projects/random_number_generator/share/misc/scsi_modes projects/random_number_generator/sys/amd64/vmm/vmm_instruction_emul.c projects/random_number_generator/sys/arm/conf/PANDABOARD projects/random_number_generator/sys/arm/ti/am335x/am335x_scm_padconf.c projects/random_number_generator/sys/arm/ti/omap4/omap4_scm_padconf.c projects/random_number_generator/sys/cam/ctl/ctl.c projects/random_number_generator/sys/cam/ctl/ctl.h projects/random_number_generator/sys/cam/ctl/ctl_backend.h projects/random_number_generator/sys/cam/ctl/ctl_cmd_table.c projects/random_number_generator/sys/cam/ctl/ctl_io.h projects/random_number_generator/sys/cam/ctl/ctl_private.h projects/random_number_generator/sys/cam/scsi/scsi_all.h projects/random_number_generator/sys/cam/scsi/scsi_da.h projects/random_number_generator/sys/conf/files projects/random_number_generator/sys/dev/ixgbe/ixgbe.c projects/random_number_generator/sys/fs/autofs/autofs.c projects/random_number_generator/sys/fs/autofs/autofs.h projects/random_number_generator/sys/fs/autofs/autofs_ioctl.h projects/random_number_generator/sys/kern/kern_descrip.c projects/random_number_generator/sys/kern/vfs_subr.c projects/random_number_generator/sys/modules/if_gif/Makefile projects/random_number_generator/sys/net/if_gif.c projects/random_number_generator/sys/net/if_gif.h projects/random_number_generator/sys/netinet/in_gif.c projects/random_number_generator/sys/netinet/in_gif.h projects/random_number_generator/sys/netinet6/in6_gif.c projects/random_number_generator/sys/netinet6/in6_gif.h projects/random_number_generator/sys/powerpc/powermac/pmu.c projects/random_number_generator/usr.sbin/autofs/automountd.c projects/random_number_generator/usr.sbin/autofs/common.c projects/random_number_generator/usr.sbin/autofs/common.h projects/random_number_generator/usr.sbin/autofs/token.l Directory Properties: projects/random_number_generator/ (props changed) projects/random_number_generator/cddl/ (props changed) projects/random_number_generator/cddl/contrib/opensolaris/ (props changed) projects/random_number_generator/lib/libc/ (props changed) projects/random_number_generator/share/ (props changed) projects/random_number_generator/share/man/man4/ (props changed) projects/random_number_generator/sys/ (props changed) projects/random_number_generator/sys/amd64/vmm/ (props changed) projects/random_number_generator/sys/conf/ (props changed) Modified: projects/random_number_generator/lib/libc/arm/aeabi/Makefile.inc ============================================================================== --- projects/random_number_generator/lib/libc/arm/aeabi/Makefile.inc Wed Oct 15 09:28:45 2014 (r273127) +++ projects/random_number_generator/lib/libc/arm/aeabi/Makefile.inc Wed Oct 15 12:37:56 2014 (r273128) @@ -6,7 +6,9 @@ SRCS+= aeabi_atexit.c \ aeabi_unwind_cpp.c \ aeabi_unwind_exidx.c .if ${MACHINE_ARCH:Marm*hf*} == "" -SRCS+= aeabi_double.c \ +SRCS+= aeabi_asm_double.S \ + aeabi_asm_float.S \ + aeabi_double.c \ aeabi_float.c .endif .if ${MACHINE_ARCH:Marmv6*} Modified: projects/random_number_generator/lib/libc/arm/aeabi/Symbol.map ============================================================================== --- projects/random_number_generator/lib/libc/arm/aeabi/Symbol.map Wed Oct 15 09:28:45 2014 (r273127) +++ projects/random_number_generator/lib/libc/arm/aeabi/Symbol.map Wed Oct 15 12:37:56 2014 (r273128) @@ -17,6 +17,10 @@ FBSDprivate_1.0 { __aeabi_dcmpgt; __aeabi_dcmpun; + __aeabi_cdcmpeq; + __aeabi_cdcmple; + __aeabi_cdrcmple; + __aeabi_d2iz; __aeabi_d2f; @@ -33,6 +37,10 @@ FBSDprivate_1.0 { __aeabi_fcmpgt; __aeabi_fcmpun; + __aeabi_cfcmpeq; + __aeabi_cfcmple; + __aeabi_cfrcmple; + __aeabi_f2iz; __aeabi_f2d; Copied: projects/random_number_generator/lib/libc/arm/aeabi/aeabi_asm_double.S (from r273127, head/lib/libc/arm/aeabi/aeabi_asm_double.S) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ projects/random_number_generator/lib/libc/arm/aeabi/aeabi_asm_double.S Wed Oct 15 12:37:56 2014 (r273128, copy of r273127, head/lib/libc/arm/aeabi/aeabi_asm_double.S) @@ -0,0 +1,117 @@ +/* + * Copyright (C) 2014 Andrew Turner + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + */ + +#include <machine/asm.h> +__FBSDID("$FreeBSD$"); + +#define PCR_Z (1 << 30) +#define PCR_C (1 << 29) + +/* + * These functions return the result in the CPSR register. + * + * For __aeabi_cdcmple: + * Z C + * LT 0 0 + * EQ 1 1 + * else 0 1 + * + * __aeabi_cdrcmple is the same as __aeabi_cdcmple, however the arguments + * have been swapped. + */ +ENTRY(__aeabi_cdcmple) + push {r4, r5, r6, r7, ip, lr} + + /* Backup the input registers */ + mov r4, r0 + mov r5, r1 + mov r6, r2 + mov r7, r3 + /* Is it less than? */ + bl __aeabi_dcmplt + cmp r0, #1 + bne 1f + /* Yes, clear Z and C */ + msr cpsr_c, #(0) + b 99f + +1: + /* Restore the input regsters for the next function call */ + mov r0, r4 + mov r1, r5 + mov r2, r6 + mov r3, r7 + /* Is it equal? */ + bl __aeabi_dcmpeq + cmp r0, #1 + bne 2f + /* Yes, set Z and C */ + msr cpsr_c, #(PCR_Z | PCR_C) + b 99f + +2: + /* Not less than or equal, set C and clear Z */ + msr cpsr_c, #(PCR_C) + +99: + pop {r4, r5, r6, r7, ip, pc} +END(__aeabi_cdcmple) + +ENTRY(__aeabi_cdrcmple) + /* Swap the first half of the arguments */ + mov ip, r0 + mov r0, r2 + mov r2, ip + + /* And the second half */ + mov ip, r1 + mov r1, r3 + mov r3, ip + + b __aeabi_cdcmple +END(__aeabi_cdrcmple) + +/* + * This is just like __aeabi_cdcmple except it will not throw an exception + * in the presence of a quiet NaN. If either argument is a signalling NaN we + * will still signal. + */ +ENTRY(__aeabi_cdcmpeq) + /* Check if we can call __aeabi_cfcmple safely */ + push {r0, r1, r2, r3, r4, lr} + bl __aeabi_cdcmpeq_helper + cmp r0, #1 + pop {r0, r1, r2, r3, r4, lr} + beq 1f + + bl __aeabi_cdcmple + RET + +1: + msr cpsr_c, #(PCR_C) + RET +END(__aeabi_cdcmpeq) Copied: projects/random_number_generator/lib/libc/arm/aeabi/aeabi_asm_float.S (from r273127, head/lib/libc/arm/aeabi/aeabi_asm_float.S) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ projects/random_number_generator/lib/libc/arm/aeabi/aeabi_asm_float.S Wed Oct 15 12:37:56 2014 (r273128, copy of r273127, head/lib/libc/arm/aeabi/aeabi_asm_float.S) @@ -0,0 +1,108 @@ +/* + * Copyright (C) 2014 Andrew Turner + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + */ + +#include <machine/asm.h> +__FBSDID("$FreeBSD$"); + +#define PCR_Z (1 << 30) +#define PCR_C (1 << 29) + +/* + * These functions return the result in the CPSR register. + * + * For __aeabi_cfcmple: + * Z C + * LT 0 0 + * EQ 1 1 + * else 0 1 + * + * __aeabi_cfrcmple is the same as __aeabi_cfcmple, however the arguments + * have been swapped. + */ +ENTRY(__aeabi_cfcmple) + push {r4, r5, ip, lr} + + /* Backup the input registers */ + mov r4, r0 + mov r5, r1 + /* Is it less than? */ + bl __aeabi_fcmplt + cmp r0, #1 + bne 1f + /* Yes, clear Z and C */ + msr cpsr_c, #(0) + b 99f + +1: + /* Restore the input regsters for the next function call */ + mov r0, r4 + mov r1, r5 + /* Is it equal? */ + bl __aeabi_fcmpeq + cmp r0, #1 + bne 2f + /* Yes, set Z and C */ + msr cpsr_c, #(PCR_Z | PCR_C) + b 99f + +2: + /* Not less than or equal, set C and clear Z */ + msr cpsr_c, #(PCR_C) + +99: + pop {r4, r5, ip, pc} +END(__aeabi_cfcmple) + +ENTRY(__aeabi_cfrcmple) + /* Swap the arguments */ + mov ip, r0 + mov r0, r1 + mov r1, ip + + b __aeabi_cfcmple +END(__aeabi_cfrcmple) + +/* + * This is just like __aeabi_cfcmple except it will not throw an exception + * in the presence of a quiet NaN. If either argument is a signalling NaN we + * will still signal. + */ +ENTRY(__aeabi_cfcmpeq) + /* Check if we can call __aeabi_cfcmple safely */ + push {r0, r1, r2, lr} + bl __aeabi_cfcmpeq_helper + cmp r0, #1 + pop {r0, r1, r2, lr} + beq 1f + + bl __aeabi_cfcmple + RET + +1: + msreq cpsr_c, #(PCR_C) + RET +END(__aeabi_cfcmpeq) Modified: projects/random_number_generator/lib/libc/arm/aeabi/aeabi_double.c ============================================================================== --- projects/random_number_generator/lib/libc/arm/aeabi/aeabi_double.c Wed Oct 15 09:28:45 2014 (r273127) +++ projects/random_number_generator/lib/libc/arm/aeabi/aeabi_double.c Wed Oct 15 12:37:56 2014 (r273128) @@ -74,3 +74,28 @@ float64 AEABI_FUNC2(ddiv, float64, float float64 AEABI_FUNC2(dmul, float64, float64_mul) float64 AEABI_FUNC2(dsub, float64, float64_sub) +int +__aeabi_cdcmpeq_helper(float64 a, float64 b) +{ + int quiet = 0; + + /* Check if a is a NaN */ + if ((a << 1) > 0xffe0000000000000ull) { + /* If it's a signalling NaN we will always signal */ + if ((a & 0x0008000000000000ull) == 0) + return (0); + + quiet = 1; + } + + /* Check if b is a NaN */ + if ((b << 1) > 0xffe0000000000000ull) { + /* If it's a signalling NaN we will always signal */ + if ((b & 0x0008000000000000ull) == 0) + return (0); + + quiet = 1; + } + + return (quiet); +} Modified: projects/random_number_generator/lib/libc/arm/aeabi/aeabi_float.c ============================================================================== --- projects/random_number_generator/lib/libc/arm/aeabi/aeabi_float.c Wed Oct 15 09:28:45 2014 (r273127) +++ projects/random_number_generator/lib/libc/arm/aeabi/aeabi_float.c Wed Oct 15 12:37:56 2014 (r273128) @@ -74,3 +74,28 @@ float32 AEABI_FUNC2(fdiv, float32, float float32 AEABI_FUNC2(fmul, float32, float32_mul) float32 AEABI_FUNC2(fsub, float32, float32_sub) +int +__aeabi_cfcmpeq_helper(float32 a, float32 b) +{ + int quiet = 0; + + /* Check if a is a NaN */ + if ((a << 1) > 0xff000000u) { + /* If it's a signalling NaN we will always signal */ + if ((a & 0x00400000u) == 0) + return (0); + + quiet = 1; + } + + /* Check if b is a NaN */ + if ((b << 1) > 0xff000000u) { + /* If it's a signalling NaN we will always signal */ + if ((b & 0x00400000u) == 0) + return (0); + + quiet = 1; + } + + return (quiet); +} Modified: projects/random_number_generator/lib/libc/arm/aeabi/aeabi_vfp_double.S ============================================================================== --- projects/random_number_generator/lib/libc/arm/aeabi/aeabi_vfp_double.S Wed Oct 15 09:28:45 2014 (r273127) +++ projects/random_number_generator/lib/libc/arm/aeabi/aeabi_vfp_double.S Wed Oct 15 12:37:56 2014 (r273128) @@ -33,6 +33,33 @@ __FBSDID("$FreeBSD$"); .fpu vfp .syntax unified +/* void __aeabi_cdcmpeq(double, double) */ +AEABI_ENTRY(cdcmpeq) + LOAD_DREG(d0, r0, r1) + LOAD_DREG(d1, r2, r3) + vcmp.f64 d0, d1 + vmrs APSR_nzcv, fpscr + RET +AEABI_END(cdcmpeq) + +/* void __aeabi_cdcmple(double, double) */ +AEABI_ENTRY(cdcmple) + LOAD_DREG(d0, r0, r1) + LOAD_DREG(d1, r2, r3) + vcmpe.f64 d0, d1 + vmrs APSR_nzcv, fpscr + RET +AEABI_END(cdcmple) + +/* void __aeabi_cdrcmple(double, double) */ +AEABI_ENTRY(cdrcmple) + LOAD_DREG(d0, r0, r1) + LOAD_DREG(d1, r2, r3) + vcmpe.f64 d1, d0 + vmrs APSR_nzcv, fpscr + RET +AEABI_END(cdrcmple) + /* int __aeabi_dcmpeq(double, double) */ AEABI_ENTRY(dcmpeq) LOAD_DREG(d0, r0, r1) Modified: projects/random_number_generator/lib/libc/arm/aeabi/aeabi_vfp_float.S ============================================================================== --- projects/random_number_generator/lib/libc/arm/aeabi/aeabi_vfp_float.S Wed Oct 15 09:28:45 2014 (r273127) +++ projects/random_number_generator/lib/libc/arm/aeabi/aeabi_vfp_float.S Wed Oct 15 12:37:56 2014 (r273128) @@ -33,6 +33,30 @@ __FBSDID("$FreeBSD$"); .fpu vfp .syntax unified +/* void __aeabi_cfcmpeq(float, float) */ +AEABI_ENTRY(cfcmpeq) + LOAD_SREGS(s0, s1, r0, r1) + vcmp.f32 s0, s1 + vmrs APSR_nzcv, fpscr + RET +AEABI_END(cfcmpeq) + +/* void __aeabi_cfcmple(float, float) */ +AEABI_ENTRY(cfcmple) + LOAD_SREGS(s0, s1, r0, r1) + vcmpe.f32 s0, s1 + vmrs APSR_nzcv, fpscr + RET +AEABI_END(cfcmple) + +/* void __aeabi_cfrcmple(float, float) */ +AEABI_ENTRY(cfrcmple) + LOAD_SREGS(s0, s1, r0, r1) + vcmpe.f32 s1, s0 + vmrs APSR_nzcv, fpscr + RET +AEABI_END(cfrcmple) + /* int __aeabi_fcmpeq(float, float) */ AEABI_ENTRY(fcmpeq) LOAD_SREGS(s0, s1, r0, r1) Modified: projects/random_number_generator/lib/libfetch/common.c ============================================================================== --- projects/random_number_generator/lib/libfetch/common.c Wed Oct 15 09:28:45 2014 (r273127) +++ projects/random_number_generator/lib/libfetch/common.c Wed Oct 15 12:37:56 2014 (r273128) @@ -675,10 +675,14 @@ fetch_ssl_setup_transport_layer(SSL_CTX ssl_ctx_options = SSL_OP_ALL | SSL_OP_NO_TICKET; if (getenv("SSL_ALLOW_SSL2") == NULL) ssl_ctx_options |= SSL_OP_NO_SSLv2; - if (getenv("SSL_NO_SSL3") != NULL) + if (getenv("SSL_ALLOW_SSL3") == NULL) ssl_ctx_options |= SSL_OP_NO_SSLv3; if (getenv("SSL_NO_TLS1") != NULL) ssl_ctx_options |= SSL_OP_NO_TLSv1; + if (getenv("SSL_NO_TLS1_1") != NULL) + ssl_ctx_options |= SSL_OP_NO_TLSv1_1; + if (getenv("SSL_NO_TLS1_2") != NULL) + ssl_ctx_options |= SSL_OP_NO_TLSv1_2; if (verbose) fetch_info("SSL options: %lx", ssl_ctx_options); SSL_CTX_set_options(ctx, ssl_ctx_options); @@ -873,8 +877,8 @@ fetch_ssl(conn_t *conn, const struct url } if (verbose) { - fetch_info("SSL connection established using %s", - SSL_get_cipher(conn->ssl)); + fetch_info("%s connection established using %s", + SSL_get_version(conn->ssl), SSL_get_cipher(conn->ssl)); name = X509_get_subject_name(conn->ssl_cert); str = X509_NAME_oneline(name, 0, 0); fetch_info("Certificate subject: %s", str); Modified: projects/random_number_generator/lib/libfetch/fetch.3 ============================================================================== --- projects/random_number_generator/lib/libfetch/fetch.3 Wed Oct 15 09:28:45 2014 (r273127) +++ projects/random_number_generator/lib/libfetch/fetch.3 Wed Oct 15 12:37:56 2014 (r273128) @@ -26,7 +26,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 30, 2013 +.Dd October 15, 2014 .Dt FETCH 3 .Os .Sh NAME @@ -438,15 +438,17 @@ input (see .Pp By default .Nm libfetch -allows SSLv3 and TLSv1 when negotiating the connecting with the remote +allows TLSv1 and newer when negotiating the connecting with the remote peer. -You can change this behavior by setting the environment variable +You can change this behavior by setting the .Ev SSL_ALLOW_SSL2 -to allow SSLv2 (not recommended) and -.Ev SSL_NO_SSL3 -or -.Ev SSL_NO_TLS1 -to disable the respective methods. +and +.Ev SSL_ALLOW_SSL3 +environment variables to allow SSLv2 and SSLv3, respectively, and +.Ev SSL_NO_TLS1 , +.Ev SSL_NO_TLS1_1 and +.Ev SSL_NO_TLS1_2 +to disable TLS 1.0, 1.1 and 1.2 respectively. .Sh AUTHENTICATION Apart from setting the appropriate environment variables and specifying the user name and password in the URL or the @@ -646,6 +648,8 @@ Same as for compatibility. .It Ev SSL_ALLOW_SSL2 Allow SSL version 2 when negotiating the connection (not recommended). +.It Ev SSL_ALLOW_SSL3 +Allow SSL version 3 when negotiating the connection (not recommended). .It Ev SSL_CA_CERT_FILE CA certificate bundle containing trusted CA certificates. Default value: @@ -660,10 +664,12 @@ PEM encoded client key in case key and c are stored separately. .It Ev SSL_CRL_FILE File containing certificate revocation list. -.It Ev SSL_NO_SSL3 -Don't allow SSL version 3 when negotiating the connection. .It Ev SSL_NO_TLS1 -Don't allow TLV version 1 when negotiating the connection. +Do not allow TLS version 1.0 when negotiating the connection. +.It Ev SSL_NO_TLS1_1 +Do not allow TLS version 1.1 when negotiating the connection. +.It Ev SSL_NO_TLS1_2 +Do not allow TLS version 1.2 when negotiating the connection. .It Ev SSL_NO_VERIFY_HOSTNAME If set, do not verify that the hostname matches the subject of the certificate presented by the server. Modified: projects/random_number_generator/release/Makefile ============================================================================== --- projects/random_number_generator/release/Makefile Wed Oct 15 09:28:45 2014 (r273127) +++ projects/random_number_generator/release/Makefile Wed Oct 15 12:37:56 2014 (r273128) @@ -101,6 +101,7 @@ VMTARGETS= vm-base vm-image VMFORMATS?= vhd vmdk qcow2 raw VMSIZE?= 20G VMBASE?= vm +AZURECONF?= ${.CURDIR}/tools/azure.conf CLEANFILES= packagesystem *.txz MANIFEST system ${IMAGES} .if defined(WITH_COMPRESSED_IMAGES) && !empty(WITH_COMPRESSED_IMAGES) @@ -121,6 +122,12 @@ CLEANDIRS= dist ftp release bootonly dvd .if defined(WITH_VMIMAGES) && !empty(WITH_VMIMAGES) CLEANDIRS+= ${VMTARGETS} .endif +.if exists(${.CURDIR}/${TARGET}/mk-azure.sh) +CLEANFILES+= ${OSRELEASE}.vhd \ + ${OSRELEASE}.vhd.raw \ + azure.img +CLEANDIRS+= vm-azure +.endif beforeclean: chflags -R noschg . .include <bsd.obj.mk> @@ -338,3 +345,11 @@ vm-image: vm-base . endif .endif touch ${.TARGET} + +vm-azure: +.if exists(${.CURDIR}/${TARGET}/mk-azure.sh) + env TARGET=${TARGET} TARGET_ARCH=${TARGET_ARCH} AZURECONF=${AZURECONF} \ + ${.CURDIR}/${TARGET}/mk-azure.sh ${.TARGET} azure.img \ + ${WORLDDIR} ${.TARGET} ${VMSIZE} ${OSRELEASE}.vhd +.endif + touch ${.TARGET} Copied: projects/random_number_generator/release/amd64/mk-azure.sh (from r273127, head/release/amd64/mk-azure.sh) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ projects/random_number_generator/release/amd64/mk-azure.sh Wed Oct 15 12:37:56 2014 (r273128, copy of r273127, head/release/amd64/mk-azure.sh) @@ -0,0 +1,173 @@ +#!/bin/sh +#- +# Copyright (c) 2014 The FreeBSD Foundation +# All rights reserved. +# +# This software was developed by Glen Barber under sponsorship +# from the FreeBSD Foundation. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# +# mk-azure.sh: Create virtual machine disk images for Microsoft Azure +# +# $FreeBSD$ +# + +export PATH="/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin" + +usage() { + echo "Usage:" + echo -n "$(basename ${0}) vm-azure <base image>" + echo " <source tree> <dest dir> <disk image size> <vm image name>" + exit 1 +} + +panic() { + msg="${@}" + printf "${msg}\n" + if [ ! -z "${mddev}" ]; then + mdconfig -d -u ${mddev} + fi + # Do not allow one failure case to chain through any remaining image + # builds. + exit 0 +} + +vm_create_azure() { + # Arguments: + # vm-azure <base image> <source tree> <dest dir> <disk image size> <vm image name> + + VMBASE="${1}" + WORLDDIR="${2}" + DESTDIR="${3}" + VMSIZE="${4}" + VMIMAGE="${5}" + + if [ -z "${VMBASE}" -o -z "${WORLDDIR}" -o -z "${DESTDIR}" \ + -o -z "${VMSIZE}" -o -z "${VMIMAGE}" ]; then + usage + fi + + trap "umount ${DESTDIR}/dev ${DESTDIR}" INT QUIT TRAP ABRT TERM + + i=0 + mkdir -p ${DESTDIR} + truncate -s ${VMSIZE} ${VMBASE} + mddev=$(mdconfig -f ${VMBASE}) + newfs -j /dev/${mddev} + mkdir -p ${DESTDIR} + mount /dev/${mddev} ${DESTDIR} + make -C ${WORLDDIR} DESTDIR=$(realpath ${DESTDIR}) \ + installworld installkernel distribution || \ + panic 1 "\n\nCannot install the base system to ${DESTDIR}." + mount -t devfs devfs ${DESTDIR}/dev + chroot ${DESTDIR} /usr/bin/newaliases + echo '# Custom /etc/fstab for FreeBSD VM images' \ + > ${DESTDIR}/etc/fstab + echo '/dev/gpt/rootfs / ufs rw 2 2' \ + >> ${DESTDIR}/etc/fstab + # Although a swap partition is created, it is not used in Azure. + echo '#/dev/gpt/swapfs none swap sw 0 0' \ + >> ${DESTDIR}/etc/fstab + + chroot ${DESTDIR} /etc/rc.d/ldconfig forcestart + chroot ${DESTDIR} env ASSUME_ALWAYS_YES=yes /usr/sbin/pkg bootstrap -y + chroot ${DESTDIR} env ASSUME_ALWAYS_YES=yes /usr/sbin/pkg install -y \ + python python2 python27 py27-asn1 sudo bash + if [ ! -z "${VM_EXTRA_PACKAGES}" ]; then + chroot ${DESTDIR} env ASSUME_ALWAYS_YES=yes /usr/sbin/pkg install -y \ + ${VM_EXTRA_PACKAGES} + fi + + fetch -o ${DESTDIR}/usr/sbin/waagent \ + http://people.freebsd.org/~gjb/waagent + chmod +x ${DESTDIR}/usr/sbin/waagent + rm -f ${DESTDIR}/etc/resolv.conf + chroot ${DESTDIR} /usr/sbin/waagent -verbose -install + yes | chroot ${DESTDIR} /usr/sbin/waagent -deprovision + echo 'sshd_enable="YES"' > ${DESTDIR}/etc/rc.conf + echo 'ifconfig_hn0="SYNCDHCP"' >> ${DESTDIR}/etc/rc.conf + echo 'waagent_enable="YES"' >> ${DESTDIR}/etc/rc.conf + + echo 'console="comconsole vidconsole"' >> ${DESTDIR}/boot/loader.conf + echo 'comconsole_speed="115200"' >> ${DESTDIR}/boot/loader.conf + + if [ ! -z "${VM_RC_LIST}" ]; then + for _rcvar in ${VM_RC_LIST}; do + echo ${_rcvar}_enable="YES" >> ${DESTDIR}/etc/rc.conf + done + fi + + sync + + while ! umount ${DESTDIR}/dev ${DESTDIR}; do + i=$(( $i + 1 )) + if [ $i -ge 10 ]; then + # This should never happen. But, it has happened. + msg="Cannot umount(8) ${DESTDIR}\n" + msg="${msg}Something has gone horribly wrong." + panic 1 "${msg}" + fi + sleep 1 + done + + echo "Creating image... Please wait." + + mkimg -f vhdf -s gpt \ + -b /boot/pmbr -p freebsd-boot/bootfs:=/boot/gptboot \ + -p freebsd-swap/swapfs::1G \ + -p freebsd-ufs/rootfs:=${VMBASE} \ + -o ${VMIMAGE}.raw + + if [ ! -x "/usr/local/bin/qemu-img" ]; then + env ASSUME_ALWAYS_YES=yes pkg install -y emulators/qemu-devel + fi + + size=$(qemu-img info -f raw --output json ${VMIMAGE}.raw | awk '/virtual-size/ {print $2}' | tr -d ',') + size=$(( ( ${size} / ( 1024 * 1024 ) + 1 ) * ( 1024 * 1024 ) )) + qemu-img resize ${VMIMAGE}.raw ${size} + qemu-img convert -f raw -o subformat=fixed -O vpc ${VMIMAGE}.raw ${VMIMAGE} + + return 0 +} + +main() { + cmd="${1}" + shift 1 + + if [ -e "${AZURECONF}" -a ! -c "${AZURECONF}" ]; then + . ${AZURECONF} + fi + + case ${cmd} in + vm-azure) + eval vm_create_azure "$@" || return 0 + ;; + *|\?) + usage + ;; + esac + + return 0 +} + +main "$@" Modified: projects/random_number_generator/release/amd64/mk-vmimage.sh ============================================================================== --- projects/random_number_generator/release/amd64/mk-vmimage.sh Wed Oct 15 09:28:45 2014 (r273127) +++ projects/random_number_generator/release/amd64/mk-vmimage.sh Wed Oct 15 12:37:56 2014 (r273128) @@ -32,7 +32,7 @@ # $FreeBSD$ # -PATH="/bin:/usr/bin:/sbin:/usr/sbin" +PATH="/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin" export PATH usage_vm_base() { @@ -58,16 +58,25 @@ usage() { } panic() { - rc="${1}" - shift 1 msg="${@}" printf "${msg}\n" if [ ! -z "${mddev}" ]; then mdconfig -d -u ${mddev} fi + case ${cmd} in + vm-base) + # If the vm-base target fails, the vm-image target + # cannot possibly succeed. Touch the .TARGET file + # so it is not attempted. + touch vm-image + ;; + *) + # FALLTHROUGH + ;; + esac # Do not allow one failure case to chain through any remaining image # builds. - exit 0 + return 1 } vm_create_baseimage() { @@ -96,7 +105,7 @@ vm_create_baseimage() { cd ${WORLDDIR} && \ make DESTDIR=${DESTDIR} \ installworld installkernel distribution || \ - panic 1 "\n\nCannot install the base system to ${DESTDIR}." + panic "\n\nCannot install the base system to ${DESTDIR}." chroot ${DESTDIR} /usr/bin/newaliases echo '# Custom /etc/fstab for FreeBSD VM images' \ > ${DESTDIR}/etc/fstab @@ -111,7 +120,7 @@ vm_create_baseimage() { # This should never happen. But, it has happened. msg="Cannot umount(8) ${DESTDIR}\n" msg="${msg}Something has gone horribly wrong." - panic 1 "${msg}" + panic "${msg}" fi sleep 1 done @@ -141,11 +150,11 @@ vm_create_vmdisk() { if [ -z "${mkimg_version}" ]; then msg="Cannot determine mkimg(1) version.\n" msg="${msg}Cannot continue without a known mkimg(1) version." - panic 0 "${msg}" + panic "${msg}" fi if ! mkimg --formats 2>/dev/null | grep -q ${FORMAT}; then - panic 0 "'${FORMAT}' is not supported by this mkimg(1).\n" + panic "'${FORMAT}' is not supported by this mkimg(1).\n" fi case ${FORMAT} in Copied: projects/random_number_generator/release/i386/mk-azure.sh (from r273127, head/release/i386/mk-azure.sh) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ projects/random_number_generator/release/i386/mk-azure.sh Wed Oct 15 12:37:56 2014 (r273128, copy of r273127, head/release/i386/mk-azure.sh) @@ -0,0 +1,173 @@ +#!/bin/sh +#- +# Copyright (c) 2014 The FreeBSD Foundation +# All rights reserved. +# +# This software was developed by Glen Barber under sponsorship +# from the FreeBSD Foundation. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# +# mk-azure.sh: Create virtual machine disk images for Microsoft Azure +# +# $FreeBSD$ +# + +export PATH="/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin" + +usage() { + echo "Usage:" + echo -n "$(basename ${0}) vm-azure <base image>" + echo " <source tree> <dest dir> <disk image size> <vm image name>" + exit 1 +} + +panic() { + msg="${@}" + printf "${msg}\n" + if [ ! -z "${mddev}" ]; then + mdconfig -d -u ${mddev} + fi + # Do not allow one failure case to chain through any remaining image + # builds. + exit 0 +} + +vm_create_azure() { + # Arguments: + # vm-azure <base image> <source tree> <dest dir> <disk image size> <vm image name> + + VMBASE="${1}" + WORLDDIR="${2}" + DESTDIR="${3}" + VMSIZE="${4}" + VMIMAGE="${5}" + + if [ -z "${VMBASE}" -o -z "${WORLDDIR}" -o -z "${DESTDIR}" \ + -o -z "${VMSIZE}" -o -z "${VMIMAGE}" ]; then + usage + fi + + trap "umount ${DESTDIR}/dev ${DESTDIR}" INT QUIT TRAP ABRT TERM + + i=0 + mkdir -p ${DESTDIR} + truncate -s ${VMSIZE} ${VMBASE} + mddev=$(mdconfig -f ${VMBASE}) + newfs -j /dev/${mddev} + mkdir -p ${DESTDIR} + mount /dev/${mddev} ${DESTDIR} + make -C ${WORLDDIR} DESTDIR=$(realpath ${DESTDIR}) \ + installworld installkernel distribution || \ + panic 1 "\n\nCannot install the base system to ${DESTDIR}." + mount -t devfs devfs ${DESTDIR}/dev + chroot ${DESTDIR} /usr/bin/newaliases + echo '# Custom /etc/fstab for FreeBSD VM images' \ + > ${DESTDIR}/etc/fstab + echo '/dev/gpt/rootfs / ufs rw 2 2' \ + >> ${DESTDIR}/etc/fstab + # Although a swap partition is created, it is not used in Azure. + echo '#/dev/gpt/swapfs none swap sw 0 0' \ + >> ${DESTDIR}/etc/fstab + + chroot ${DESTDIR} /etc/rc.d/ldconfig forcestart + chroot ${DESTDIR} env ASSUME_ALWAYS_YES=yes /usr/sbin/pkg bootstrap -y + chroot ${DESTDIR} env ASSUME_ALWAYS_YES=yes /usr/sbin/pkg install -y \ + python python2 python27 py27-asn1 sudo bash + if [ ! -z "${VM_EXTRA_PACKAGES}" ]; then + chroot ${DESTDIR} env ASSUME_ALWAYS_YES=yes /usr/sbin/pkg install -y \ + ${VM_EXTRA_PACKAGES} + fi + + fetch -o ${DESTDIR}/usr/sbin/waagent \ + http://people.freebsd.org/~gjb/waagent + chmod +x ${DESTDIR}/usr/sbin/waagent + rm -f ${DESTDIR}/etc/resolv.conf + chroot ${DESTDIR} /usr/sbin/waagent -verbose -install + yes | chroot ${DESTDIR} /usr/sbin/waagent -deprovision + echo 'sshd_enable="YES"' > ${DESTDIR}/etc/rc.conf + echo 'ifconfig_hn0="SYNCDHCP"' >> ${DESTDIR}/etc/rc.conf + echo 'waagent_enable="YES"' >> ${DESTDIR}/etc/rc.conf + + echo 'console="comconsole vidconsole"' >> ${DESTDIR}/boot/loader.conf + echo 'comconsole_speed="115200"' >> ${DESTDIR}/boot/loader.conf + + if [ ! -z "${VM_RC_LIST}" ]; then + for _rcvar in ${VM_RC_LIST}; do + echo ${_rcvar}_enable="YES" >> ${DESTDIR}/etc/rc.conf + done + fi + + sync + + while ! umount ${DESTDIR}/dev ${DESTDIR}; do + i=$(( $i + 1 )) + if [ $i -ge 10 ]; then + # This should never happen. But, it has happened. + msg="Cannot umount(8) ${DESTDIR}\n" + msg="${msg}Something has gone horribly wrong." + panic 1 "${msg}" + fi + sleep 1 + done + + echo "Creating image... Please wait." + + mkimg -f vhdf -s gpt \ + -b /boot/pmbr -p freebsd-boot/bootfs:=/boot/gptboot \ + -p freebsd-swap/swapfs::1G \ + -p freebsd-ufs/rootfs:=${VMBASE} \ + -o ${VMIMAGE}.raw + + if [ ! -x "/usr/local/bin/qemu-img" ]; then + env ASSUME_ALWAYS_YES=yes pkg install -y emulators/qemu-devel + fi + + size=$(qemu-img info -f raw --output json ${VMIMAGE}.raw | awk '/virtual-size/ {print $2}' | tr -d ',') + size=$(( ( ${size} / ( 1024 * 1024 ) + 1 ) * ( 1024 * 1024 ) )) + qemu-img resize ${VMIMAGE}.raw ${size} + qemu-img convert -f raw -o subformat=fixed -O vpc ${VMIMAGE}.raw ${VMIMAGE} + + return 0 +} + +main() { + cmd="${1}" + shift 1 + + if [ -e "${AZURECONF}" -a ! -c "${AZURECONF}" ]; then + . ${AZURECONF} + fi + + case ${cmd} in + vm-azure) + eval vm_create_azure "$@" || return 0 + ;; + *|\?) + usage + ;; + esac + + return 0 +} + +main "$@" Modified: projects/random_number_generator/release/i386/mk-vmimage.sh ============================================================================== --- projects/random_number_generator/release/i386/mk-vmimage.sh Wed Oct 15 09:28:45 2014 (r273127) +++ projects/random_number_generator/release/i386/mk-vmimage.sh Wed Oct 15 12:37:56 2014 (r273128) @@ -32,7 +32,7 @@ # $FreeBSD$ # -PATH="/bin:/usr/bin:/sbin:/usr/sbin" +PATH="/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin" export PATH usage_vm_base() { @@ -58,16 +58,25 @@ usage() { } panic() { - rc="${1}" - shift 1 msg="${@}" printf "${msg}\n" if [ ! -z "${mddev}" ]; then mdconfig -d -u ${mddev} fi + case ${cmd} in + vm-base) + # If the vm-base target fails, the vm-image target + # cannot possibly succeed. Touch the .TARGET file + # so it is not attempted. + touch vm-image + ;; + *) + # FALLTHROUGH + ;; + esac # Do not allow one failure case to chain through any remaining image # builds. - exit 0 + return 1 } vm_create_baseimage() { @@ -96,7 +105,7 @@ vm_create_baseimage() { cd ${WORLDDIR} && \ make DESTDIR=${DESTDIR} \ installworld installkernel distribution || \ - panic 1 "\n\nCannot install the base system to ${DESTDIR}." + panic "\n\nCannot install the base system to ${DESTDIR}." chroot ${DESTDIR} /usr/bin/newaliases echo '# Custom /etc/fstab for FreeBSD VM images' \ > ${DESTDIR}/etc/fstab @@ -111,7 +120,7 @@ vm_create_baseimage() { # This should never happen. But, it has happened. msg="Cannot umount(8) ${DESTDIR}\n" *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201410151237.s9FCbv9Q018071>