Date: Tue, 27 Dec 2016 09:40:07 +0000 (UTC) From: "Andrey V. Elsukov" <ae@FreeBSD.org> To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r310629 - in projects/ipsec: . contrib/bsnmp/lib contrib/bsnmp/snmp_target contrib/bsnmp/snmpd contrib/libarchive/cpio/test contrib/libarchive/libarchive contrib/libarchive/libarchive/t... Message-ID: <201612270940.uBR9e7Wm010102@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ae Date: Tue Dec 27 09:40:07 2016 New Revision: 310629 URL: https://svnweb.freebsd.org/changeset/base/310629 Log: Merge from head/. Added: projects/ipsec/contrib/libarchive/libarchive/test/test_read_format_zip_jar.c - copied unchanged from r310628, head/contrib/libarchive/libarchive/test/test_read_format_zip_jar.c projects/ipsec/contrib/libarchive/libarchive/test/test_read_format_zip_jar.jar.uu - copied unchanged from r310628, head/contrib/libarchive/libarchive/test/test_read_format_zip_jar.jar.uu projects/ipsec/sys/arm/nvidia/drm2/ - copied from r310628, head/sys/arm/nvidia/drm2/ projects/ipsec/sys/dev/drm2/drm_platform.c - copied unchanged from r310628, head/sys/dev/drm2/drm_platform.c projects/ipsec/sys/dev/ichiic/ig4_acpi.c - copied unchanged from r310628, head/sys/dev/ichiic/ig4_acpi.c projects/ipsec/sys/mips/ingenic/jz4780_rtc.c - copied unchanged from r310628, head/sys/mips/ingenic/jz4780_rtc.c Modified: projects/ipsec/Makefile.libcompat projects/ipsec/contrib/bsnmp/lib/snmp.c projects/ipsec/contrib/bsnmp/lib/snmpclient.c projects/ipsec/contrib/bsnmp/snmp_target/target_snmp.c projects/ipsec/contrib/bsnmp/snmpd/action.c projects/ipsec/contrib/bsnmp/snmpd/main.c projects/ipsec/contrib/bsnmp/snmpd/snmpd.h projects/ipsec/contrib/bsnmp/snmpd/trans_lsock.c projects/ipsec/contrib/bsnmp/snmpd/trans_udp.c projects/ipsec/contrib/bsnmp/snmpd/trap.c projects/ipsec/contrib/libarchive/cpio/test/test_owner_parse.c projects/ipsec/contrib/libarchive/libarchive/archive_read.c projects/ipsec/contrib/libarchive/libarchive/archive_read_disk_posix.c projects/ipsec/contrib/libarchive/libarchive/archive_read_support_filter_xz.c projects/ipsec/contrib/libarchive/libarchive/archive_read_support_format_7zip.c projects/ipsec/contrib/libarchive/libarchive/archive_read_support_format_cpio.c projects/ipsec/contrib/libarchive/libarchive/archive_read_support_format_zip.c projects/ipsec/contrib/libarchive/libarchive/archive_string.c projects/ipsec/contrib/libarchive/libarchive/archive_write_set_format_iso9660.c projects/ipsec/contrib/libarchive/libarchive/test/test_read_disk_directory_traversals.c projects/ipsec/contrib/libarchive/libarchive/test/test_write_disk_appledouble.c projects/ipsec/contrib/libarchive/libarchive/test/test_write_format_xar_empty.c projects/ipsec/contrib/libarchive/libarchive/test/test_write_format_zip_empty.c projects/ipsec/contrib/libarchive/libarchive/test/test_write_format_zip_empty_zip64.c projects/ipsec/contrib/libarchive/tar/read.c projects/ipsec/contrib/libarchive/tar/write.c projects/ipsec/etc/snmpd.config projects/ipsec/lib/libarchive/tests/Makefile projects/ipsec/lib/libc/stdio/vfprintf.c projects/ipsec/libexec/rtld-elf/rtld.c projects/ipsec/libexec/rtld-elf/rtld.h projects/ipsec/libexec/talkd/table.c projects/ipsec/share/man/man4/cxgbe.4 projects/ipsec/share/man/man4/cxgbev.4 projects/ipsec/share/mk/dirdeps.mk projects/ipsec/share/mk/gendirdeps.mk projects/ipsec/share/mk/meta.stage.mk projects/ipsec/share/mk/meta2deps.py projects/ipsec/share/mk/meta2deps.sh projects/ipsec/share/zoneinfo/Makefile projects/ipsec/sys/arm/allwinner/clk/aw_modclk.c projects/ipsec/sys/arm/conf/TEGRA124 projects/ipsec/sys/arm/nvidia/tegra124/files.tegra124 projects/ipsec/sys/boot/forth/loader.conf projects/ipsec/sys/cam/ctl/ctl.c projects/ipsec/sys/cam/ctl/ctl_cmd_table.c projects/ipsec/sys/cam/ctl/ctl_error.c projects/ipsec/sys/cam/ctl/ctl_error.h projects/ipsec/sys/cam/ctl/ctl_frontend.c projects/ipsec/sys/cam/ctl/ctl_private.h projects/ipsec/sys/cam/ctl/ctl_tpc.c projects/ipsec/sys/cam/ctl/ctl_tpc_local.c projects/ipsec/sys/cam/scsi/scsi_all.c projects/ipsec/sys/cam/scsi/scsi_all.h projects/ipsec/sys/compat/linuxkpi/common/include/linux/cdev.h projects/ipsec/sys/compat/linuxkpi/common/include/linux/device.h projects/ipsec/sys/compat/linuxkpi/common/include/linux/fs.h projects/ipsec/sys/compat/linuxkpi/common/include/linux/gfp.h projects/ipsec/sys/compat/linuxkpi/common/include/linux/list.h projects/ipsec/sys/compat/linuxkpi/common/src/linux_compat.c projects/ipsec/sys/conf/files projects/ipsec/sys/conf/kern.post.mk projects/ipsec/sys/contrib/vchiq/interface/vchiq_arm/vchiq_version.c projects/ipsec/sys/dev/drm2/drmP.h projects/ipsec/sys/dev/drm2/drm_fb_helper.c projects/ipsec/sys/dev/evdev/evdev_utils.c projects/ipsec/sys/dev/hyperv/utilities/vmbus_icreg.h projects/ipsec/sys/dev/hyperv/utilities/vmbus_timesync.c projects/ipsec/sys/dev/ichiic/ig4_iic.c projects/ipsec/sys/dev/ichiic/ig4_pci.c projects/ipsec/sys/dev/ichiic/ig4_var.h projects/ipsec/sys/dev/mlx4/mlx4_core/mlx4.h projects/ipsec/sys/dev/mlx4/mlx4_core/mlx4_main.c projects/ipsec/sys/dev/mlx4/mlx4_ib/mlx4_ib_main.c projects/ipsec/sys/dev/sfxge/sfxge.h projects/ipsec/sys/dev/sfxge/sfxge_rx.c projects/ipsec/sys/dev/sfxge/sfxge_tx.c projects/ipsec/sys/dev/spibus/spigen.c projects/ipsec/sys/dev/usb/wlan/if_rsu.c projects/ipsec/sys/dev/xen/evtchn/evtchn_dev.c projects/ipsec/sys/fs/nfs/nfs.h projects/ipsec/sys/fs/nfs/nfs_commonkrpc.c projects/ipsec/sys/fs/nfs/nfs_commonport.c projects/ipsec/sys/fs/nfs/nfs_commonsubs.c projects/ipsec/sys/fs/nfs/nfsclstate.h projects/ipsec/sys/fs/nfsclient/nfs_clcomsubs.c projects/ipsec/sys/fs/nfsclient/nfs_clport.c projects/ipsec/sys/fs/nfsclient/nfs_clrpcops.c projects/ipsec/sys/fs/nfsclient/nfs_clstate.c projects/ipsec/sys/fs/nfsclient/nfs_clvfsops.c projects/ipsec/sys/fs/nfsclient/nfsmount.h projects/ipsec/sys/i386/i386/pmap.c projects/ipsec/sys/i386/include/pcpu.h projects/ipsec/sys/kern/kern_event.c projects/ipsec/sys/kern/subr_sleepqueue.c projects/ipsec/sys/mips/include/trap.h projects/ipsec/sys/mips/ingenic/files.jz4780 projects/ipsec/sys/mips/ingenic/jz4780_lcd.c projects/ipsec/sys/mips/malta/malta_machdep.c projects/ipsec/sys/mips/mips/db_trace.c projects/ipsec/sys/mips/mips/exception.S projects/ipsec/sys/mips/mips/minidump_machdep.c projects/ipsec/sys/mips/mips/pmap.c projects/ipsec/sys/mips/mips/uma_machdep.c projects/ipsec/sys/modules/i2c/controllers/ichiic/Makefile projects/ipsec/sys/net80211/ieee80211.c projects/ipsec/sys/net80211/ieee80211_crypto.c projects/ipsec/sys/net80211/ieee80211_crypto.h projects/ipsec/sys/net80211/ieee80211_crypto_wep.c projects/ipsec/sys/net80211/ieee80211_ioctl.c projects/ipsec/sys/net80211/ieee80211_proto.c projects/ipsec/sys/net80211/ieee80211_var.h projects/ipsec/sys/netinet/sctp_asconf.c projects/ipsec/sys/netinet/sctp_auth.c projects/ipsec/sys/netinet/sctp_auth.h projects/ipsec/sys/netinet/sctp_bsd_addr.c projects/ipsec/sys/netinet/sctp_bsd_addr.h projects/ipsec/sys/netinet/sctp_cc_functions.c projects/ipsec/sys/netinet/sctp_crc32.c projects/ipsec/sys/netinet/sctp_indata.c projects/ipsec/sys/netinet/sctp_indata.h projects/ipsec/sys/netinet/sctp_input.c projects/ipsec/sys/netinet/sctp_input.h projects/ipsec/sys/netinet/sctp_output.c projects/ipsec/sys/netinet/sctp_output.h projects/ipsec/sys/netinet/sctp_pcb.c projects/ipsec/sys/netinet/sctp_pcb.h projects/ipsec/sys/netinet/sctp_ss_functions.c projects/ipsec/sys/netinet/sctp_structs.h projects/ipsec/sys/netinet/sctp_sysctl.c projects/ipsec/sys/netinet/sctp_timer.c projects/ipsec/sys/netinet/sctp_usrreq.c projects/ipsec/sys/netinet/sctputil.c projects/ipsec/sys/netinet/sctputil.h projects/ipsec/sys/netinet/tcp_sack.c projects/ipsec/sys/netinet6/sctp6_usrreq.c projects/ipsec/sys/powerpc/powerpc/machdep.c projects/ipsec/sys/sys/event.h projects/ipsec/sys/vm/swap_pager.c projects/ipsec/sys/vm/vm_meter.c projects/ipsec/sys/x86/xen/xen_apic.c projects/ipsec/sys/x86/xen/xen_intr.c projects/ipsec/sys/xen/xen_intr.h projects/ipsec/usr.bin/logger/logger.1 projects/ipsec/usr.bin/logger/logger.c projects/ipsec/usr.sbin/bsnmpd/tools/bsnmptools/bsnmpget.c projects/ipsec/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptc.c projects/ipsec/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c projects/ipsec/usr.sbin/jail/jail.c projects/ipsec/usr.sbin/jls/jls.c projects/ipsec/usr.sbin/pstat/pstat.c projects/ipsec/usr.sbin/syslogd/syslogd.8 projects/ipsec/usr.sbin/syslogd/syslogd.c Directory Properties: projects/ipsec/ (props changed) projects/ipsec/contrib/libarchive/ (props changed) Modified: projects/ipsec/Makefile.libcompat ============================================================================== --- projects/ipsec/Makefile.libcompat Tue Dec 27 09:29:17 2016 (r310628) +++ projects/ipsec/Makefile.libcompat Tue Dec 27 09:40:07 2016 (r310629) @@ -85,7 +85,7 @@ LIBCOMPATCFLAGS+= -isystem ${LIBCOMPATTM .if ${X_COMPILER_VERSION} >= 40800 && \ (${MK_CLANG_BOOTSTRAP} == "no" && ${MK_GCC_BOOTSTRAP} == "no") LIBCOMPATCXXFLAGS+= -isystem ${LIBCOMPATTMP}/usr/include/c++/v1 -std=c++11 \ - -nostdinc++ -L${LIBCOMPAT_OBJTREE}${.CURDIR}/lib/libc++ + -nostdinc++ .endif .endif Modified: projects/ipsec/contrib/bsnmp/lib/snmp.c ============================================================================== --- projects/ipsec/contrib/bsnmp/lib/snmp.c Tue Dec 27 09:29:17 2016 (r310628) +++ projects/ipsec/contrib/bsnmp/lib/snmp.c Tue Dec 27 09:40:07 2016 (r310629) @@ -38,19 +38,21 @@ */ #include <sys/types.h> #include <sys/socket.h> +#include <ctype.h> +#include <errno.h> +#include <netdb.h> #include <stdio.h> #include <stdlib.h> #include <stddef.h> #include <stdarg.h> +#include <string.h> #ifdef HAVE_STDINT_H #include <stdint.h> #elif defined(HAVE_INTTYPES_H) #include <inttypes.h> #endif -#include <string.h> -#include <ctype.h> -#include <netdb.h> -#include <errno.h> +#include <netinet/in.h> +#include <arpa/inet.h> #include "asn1.h" #include "snmp.h" @@ -1384,29 +1386,16 @@ snmp_value_parse(const char *str, enum s case SNMP_SYNTAX_IPADDRESS: { struct hostent *he; - u_long ip[4]; - int n; - if (sscanf(str, "%lu.%lu.%lu.%lu%n", &ip[0], &ip[1], &ip[2], - &ip[3], &n) == 4 && (size_t)n == strlen(str) && - ip[0] <= 0xff && ip[1] <= 0xff && - ip[2] <= 0xff && ip[3] <= 0xff) { - v->ipaddress[0] = (u_char)ip[0]; - v->ipaddress[1] = (u_char)ip[1]; - v->ipaddress[2] = (u_char)ip[2]; - v->ipaddress[3] = (u_char)ip[3]; + if (inet_pton(AF_INET, str, &v->ipaddress) == 1) return (0); - } - - if ((he = gethostbyname(str)) == NULL) + if ((he = gethostbyname2(str, AF_INET)) == NULL) return (-1); if (he->h_addrtype != AF_INET) return (-1); - v->ipaddress[0] = he->h_addr[0]; - v->ipaddress[1] = he->h_addr[1]; - v->ipaddress[2] = he->h_addr[2]; - v->ipaddress[3] = he->h_addr[3]; + memcpy(v->ipaddress, he->h_addr, sizeof(v->ipaddress)); + return (0); } Modified: projects/ipsec/contrib/bsnmp/lib/snmpclient.c ============================================================================== --- projects/ipsec/contrib/bsnmp/lib/snmpclient.c Tue Dec 27 09:29:17 2016 (r310628) +++ projects/ipsec/contrib/bsnmp/lib/snmpclient.c Tue Dec 27 09:40:07 2016 (r310629) @@ -1214,7 +1214,7 @@ snmp_next_reqid(struct snmp_client * c) int32_t i; i = c->next_reqid; - if (c->next_reqid >= c->max_reqid) + if (c->next_reqid >= c->max_reqid) c->next_reqid = c->min_reqid; else c->next_reqid++; @@ -1230,7 +1230,7 @@ snmp_send_packet(struct snmp_pdu * pdu) u_char *buf; struct asn_buf b; ssize_t ret; - + if ((buf = malloc(snmp_client.txbuflen)) == NULL) { seterr(&snmp_client, "%s", strerror(errno)); return (-1); @@ -1684,9 +1684,9 @@ snmp_dialog(struct snmp_v1_pdu *req, str struct timeval tv = snmp_client.timeout; struct timeval end; struct snmp_pdu pdu; - u_int i; - int32_t reqid; int ret; + int32_t reqid; + u_int i; /* * Make a copy of the request and replace the syntaxes by NULL Modified: projects/ipsec/contrib/bsnmp/snmp_target/target_snmp.c ============================================================================== --- projects/ipsec/contrib/bsnmp/snmp_target/target_snmp.c Tue Dec 27 09:29:17 2016 (r310628) +++ projects/ipsec/contrib/bsnmp/snmp_target/target_snmp.c Tue Dec 27 09:40:07 2016 (r310629) @@ -299,7 +299,7 @@ op_snmp_target_addrs(struct snmp_context return (target_delete_address(addrs)); break; default: - break; + break; } return (SNMP_ERR_NOERROR); Modified: projects/ipsec/contrib/bsnmp/snmpd/action.c ============================================================================== --- projects/ipsec/contrib/bsnmp/snmpd/action.c Tue Dec 27 09:29:17 2016 (r310628) +++ projects/ipsec/contrib/bsnmp/snmpd/action.c Tue Dec 27 09:40:07 2016 (r310629) @@ -38,12 +38,13 @@ #include <sys/sysctl.h> #include <sys/un.h> #include <sys/utsname.h> +#include <ctype.h> +#include <errno.h> +#include <inttypes.h> +#include <stdarg.h> #include <stdio.h> #include <stdlib.h> -#include <stdarg.h> #include <string.h> -#include <ctype.h> -#include <errno.h> #include <syslog.h> #include "snmpmod.h" @@ -219,6 +220,21 @@ save_boots: return (0); } +void +update_snmpd_engine_time(void) +{ + uint64_t etime; + + etime = (get_ticks() - start_tick) / 100ULL; + if (etime < INT32_MAX) + snmpd_engine.engine_time = etime; + else { + start_tick = get_ticks(); + (void)set_snmpd_engine(); + snmpd_engine.engine_time = start_tick; + } +} + /************************************************************* * * System group @@ -1118,7 +1134,7 @@ op_snmp_engine(struct snmp_context *ctx value->v.integer = snmpd_engine.engine_boots; break; case LEAF_snmpEngineTime: - snmpd_engine.engine_time = (get_ticks() - start_tick) / 100ULL; + update_snmpd_engine_time(); value->v.integer = snmpd_engine.engine_time; break; case LEAF_snmpEngineMaxMessageSize: Modified: projects/ipsec/contrib/bsnmp/snmpd/main.c ============================================================================== --- projects/ipsec/contrib/bsnmp/snmpd/main.c Tue Dec 27 09:29:17 2016 (r310628) +++ projects/ipsec/contrib/bsnmp/snmpd/main.c Tue Dec 27 09:40:07 2016 (r310629) @@ -53,7 +53,6 @@ #include <unistd.h> #include <signal.h> #include <dlfcn.h> -#include <inttypes.h> #ifdef USE_TCPWRAPPERS #include <arpa/inet.h> @@ -282,12 +281,13 @@ snmp_output(struct snmp_pdu *pdu, u_char const char *dest) { struct asn_buf resp_b; + enum snmp_code code; resp_b.asn_ptr = sndbuf; resp_b.asn_len = snmpd.txbuf; - if (snmp_pdu_encode(pdu, &resp_b) != 0) { - syslog(LOG_ERR, "cannot encode message"); + if ((code = snmp_pdu_encode(pdu, &resp_b)) != SNMP_CODE_OK) { + syslog(LOG_ERR, "cannot encode message (code=%d)", code); abort(); } if (debug.dump_pdus) { @@ -303,7 +303,6 @@ snmp_output(struct snmp_pdu *pdu, u_char static enum snmp_code snmp_pdu_auth_user(struct snmp_pdu *pdu) { - uint64_t etime; usm_user = NULL; /* un-authenticated snmpEngineId discovery */ @@ -311,6 +310,7 @@ snmp_pdu_auth_user(struct snmp_pdu *pdu) pdu->engine.engine_len = snmpd_engine.engine_len; memcpy(pdu->engine.engine_id, snmpd_engine.engine_id, snmpd_engine.engine_len); + update_snmpd_engine_time(); pdu->engine.engine_boots = snmpd_engine.engine_boots; pdu->engine.engine_time = snmpd_engine.engine_time; pdu->flags |= SNMP_MSG_AUTODISCOVER; @@ -333,21 +333,14 @@ snmp_pdu_auth_user(struct snmp_pdu *pdu) /* authenticated snmpEngineId discovery */ if ((pdu->flags & SNMP_MSG_AUTH_FLAG) != 0) { - etime = (get_ticks() - start_tick) / 100ULL; - if (etime < INT32_MAX) - snmpd_engine.engine_time = etime; - else { - start_tick = get_ticks(); - set_snmpd_engine(); - snmpd_engine.engine_time = start_tick; - } - + update_snmpd_engine_time(); pdu->user.auth_proto = usm_user->suser.auth_proto; memcpy(pdu->user.auth_key, usm_user->suser.auth_key, sizeof(pdu->user.auth_key)); if (pdu->engine.engine_boots == 0 && pdu->engine.engine_time == 0) { + update_snmpd_engine_time(); pdu->flags |= SNMP_MSG_AUTODISCOVER; return (SNMP_CODE_OK); } @@ -642,6 +635,7 @@ decoded: pdu->engine.engine_time == 0) { asn_append_oid(&(pdu->bindings[pdu->nbindings++].var), &oid_usmNotInTimeWindows); + update_snmpd_engine_time(); pdu->engine.engine_boots = snmpd_engine.engine_boots; pdu->engine.engine_time = snmpd_engine.engine_time; } @@ -1030,154 +1024,6 @@ snmp_input_consume(struct port_input *pi pi->length -= pi->consumed; } -static void -check_priv_dgram(struct port_input *pi, struct sockcred *cred) -{ - - /* process explicitly sends credentials */ - if (cred) - pi->priv = (cred->sc_euid == 0); - else - pi->priv = 0; -} - -static void -check_priv_stream(struct port_input *pi) -{ - struct xucred ucred; - socklen_t ucredlen; - - /* obtain the accept time credentials */ - ucredlen = sizeof(ucred); - - if (getsockopt(pi->fd, 0, LOCAL_PEERCRED, &ucred, &ucredlen) == 0 && - ucredlen >= sizeof(ucred) && ucred.cr_version == XUCRED_VERSION) - pi->priv = (ucred.cr_uid == 0); - else - pi->priv = 0; -} - -/* - * Input from a stream socket. - */ -static int -recv_stream(struct port_input *pi) -{ - struct msghdr msg; - struct iovec iov[1]; - ssize_t len; - - if (pi->buf == NULL) { - /* no buffer yet - allocate one */ - if ((pi->buf = buf_alloc(0)) == NULL) { - /* ups - could not get buffer. Return an error - * the caller must close the transport. */ - return (-1); - } - pi->buflen = buf_size(0); - pi->consumed = 0; - pi->length = 0; - } - - /* try to get a message */ - msg.msg_name = pi->peer; - msg.msg_namelen = pi->peerlen; - msg.msg_iov = iov; - msg.msg_iovlen = 1; - msg.msg_control = NULL; - msg.msg_controllen = 0; - msg.msg_flags = 0; - - iov[0].iov_base = pi->buf + pi->length; - iov[0].iov_len = pi->buflen - pi->length; - - len = recvmsg(pi->fd, &msg, 0); - - if (len == -1 || len == 0) - /* receive error */ - return (-1); - - pi->length += len; - - if (pi->cred) - check_priv_stream(pi); - - return (0); -} - -/* - * Input from a datagram socket. - * Each receive should return one datagram. - */ -static int -recv_dgram(struct port_input *pi, struct in_addr *laddr) -{ - u_char embuf[1000]; - char cbuf[CMSG_SPACE(SOCKCREDSIZE(CMGROUP_MAX)) + - CMSG_SPACE(sizeof(struct in_addr))]; - struct msghdr msg; - struct iovec iov[1]; - ssize_t len; - struct cmsghdr *cmsg; - struct sockcred *cred = NULL; - - if (pi->buf == NULL) { - /* no buffer yet - allocate one */ - if ((pi->buf = buf_alloc(0)) == NULL) { - /* ups - could not get buffer. Read away input - * and drop it */ - (void)recvfrom(pi->fd, embuf, sizeof(embuf), - 0, NULL, NULL); - /* return error */ - return (-1); - } - pi->buflen = buf_size(0); - } - - /* try to get a message */ - msg.msg_name = pi->peer; - msg.msg_namelen = pi->peerlen; - msg.msg_iov = iov; - msg.msg_iovlen = 1; - memset(cbuf, 0, sizeof(cbuf)); - msg.msg_control = cbuf; - msg.msg_controllen = sizeof(cbuf); - msg.msg_flags = 0; - - iov[0].iov_base = pi->buf; - iov[0].iov_len = pi->buflen; - - len = recvmsg(pi->fd, &msg, 0); - - if (len == -1 || len == 0) - /* receive error */ - return (-1); - - if (msg.msg_flags & MSG_TRUNC) { - /* truncated - drop */ - snmpd_stats.silentDrops++; - snmpd_stats.inTooLong++; - return (-1); - } - - pi->length = (size_t)len; - - for (cmsg = CMSG_FIRSTHDR(&msg); cmsg != NULL; - cmsg = CMSG_NXTHDR(&msg, cmsg)) { - if (cmsg->cmsg_level == IPPROTO_IP && - cmsg->cmsg_type == IP_RECVDSTADDR) - memcpy(laddr, CMSG_DATA(cmsg), sizeof(struct in_addr)); - if (cmsg->cmsg_level == SOL_SOCKET && - cmsg->cmsg_type == SCM_CREDS) - cred = (struct sockcred *)CMSG_DATA(cmsg); - } - - if (pi->cred) - check_priv_dgram(pi, cred); - - return (0); -} - /* * Input from a socket */ @@ -1189,43 +1035,15 @@ snmpd_input(struct port_input *pi, struc struct snmp_pdu pdu; enum snmpd_input_err ierr, ferr; enum snmpd_proxy_err perr; + ssize_t ret, slen; int32_t vi; - int ret; - ssize_t slen; #ifdef USE_TCPWRAPPERS char client[16]; #endif struct msghdr msg; struct iovec iov[1]; - char cbuf[CMSG_SPACE(sizeof(struct in_addr))]; - struct cmsghdr *cmsgp; - - /* get input depending on the transport */ - if (pi->stream) { - msg.msg_control = NULL; - msg.msg_controllen = 0; - - ret = recv_stream(pi); - } else { - struct in_addr *laddr; - - memset(cbuf, 0, CMSG_SPACE(sizeof(struct in_addr))); - msg.msg_control = cbuf; - msg.msg_controllen = CMSG_SPACE(sizeof(struct in_addr)); - cmsgp = CMSG_FIRSTHDR(&msg); - cmsgp->cmsg_len = CMSG_LEN(sizeof(struct in_addr)); - cmsgp->cmsg_level = IPPROTO_IP; - cmsgp->cmsg_type = IP_SENDSRCADDR; - laddr = (struct in_addr *)CMSG_DATA(cmsgp); - - ret = recv_dgram(pi, laddr); - - if (laddr->s_addr == 0) { - msg.msg_control = NULL; - msg.msg_controllen = 0; - } - } + ret = tport->transport->vtab->recv(pi); if (ret == -1) return (-1); Modified: projects/ipsec/contrib/bsnmp/snmpd/snmpd.h ============================================================================== --- projects/ipsec/contrib/bsnmp/snmpd/snmpd.h Tue Dec 27 09:29:17 2016 (r310628) +++ projects/ipsec/contrib/bsnmp/snmpd/snmpd.h Tue Dec 27 09:40:07 2016 (r310629) @@ -193,6 +193,7 @@ struct transport_def { ssize_t (*send)(struct tport *, const u_char *, size_t, const struct sockaddr *, size_t); + ssize_t (*recv)(struct port_input *); }; struct transport { struct asn_oid index; /* transport table index */ @@ -332,6 +333,7 @@ int init_actvals(void); extern char engine_file[]; int init_snmpd_engine(void); int set_snmpd_engine(void); +void update_snmpd_engine_time(void); int read_config(const char *, struct lmodule *); int define_macro(const char *name, const char *value); Modified: projects/ipsec/contrib/bsnmp/snmpd/trans_lsock.c ============================================================================== --- projects/ipsec/contrib/bsnmp/snmpd/trans_lsock.c Tue Dec 27 09:29:17 2016 (r310628) +++ projects/ipsec/contrib/bsnmp/snmpd/trans_lsock.c Tue Dec 27 09:40:07 2016 (r310629) @@ -32,15 +32,16 @@ */ #include <sys/types.h> #include <sys/queue.h> -#include <sys/un.h> #include <sys/stat.h> +#include <sys/ucred.h> +#include <sys/un.h> +#include <errno.h> +#include <stddef.h> #include <stdio.h> #include <stdlib.h> -#include <stddef.h> -#include <syslog.h> #include <string.h> -#include <errno.h> +#include <syslog.h> #include <unistd.h> #include "snmpmod.h" @@ -58,6 +59,7 @@ static void lsock_close_port(struct tpor static int lsock_init_port(struct tport *); static ssize_t lsock_send(struct tport *, const u_char *, size_t, const struct sockaddr *, size_t); +static ssize_t lsock_recv(struct port_input *); /* exported */ const struct transport_def lsock_trans = { @@ -67,7 +69,8 @@ const struct transport_def lsock_trans = lsock_stop, lsock_close_port, lsock_init_port, - lsock_send + lsock_send, + lsock_recv }; static struct transport *my_trans; @@ -417,10 +420,77 @@ lsock_send(struct tport *tp, const u_cha return (-1); } } - + return (sendto(peer->input.fd, buf, len, 0, addr, addrlen)); } +static void +check_priv_stream(struct port_input *pi) +{ + struct xucred ucred; + socklen_t ucredlen; + + /* obtain the accept time credentials */ + ucredlen = sizeof(ucred); + + if (getsockopt(pi->fd, 0, LOCAL_PEERCRED, &ucred, &ucredlen) == 0 && + ucredlen >= sizeof(ucred) && ucred.cr_version == XUCRED_VERSION) + pi->priv = (ucred.cr_uid == 0); + else + pi->priv = 0; +} + +/* + * Receive something + */ +static ssize_t +lsock_recv(struct port_input *pi) +{ + struct msghdr msg; + struct iovec iov[1]; + ssize_t len; + + msg.msg_control = NULL; + msg.msg_controllen = 0; + + if (pi->buf == NULL) { + /* no buffer yet - allocate one */ + if ((pi->buf = buf_alloc(0)) == NULL) { + /* ups - could not get buffer. Return an error + * the caller must close the transport. */ + return (-1); + } + pi->buflen = buf_size(0); + pi->consumed = 0; + pi->length = 0; + } + + /* try to get a message */ + msg.msg_name = pi->peer; + msg.msg_namelen = pi->peerlen; + msg.msg_iov = iov; + msg.msg_iovlen = 1; + msg.msg_control = NULL; + msg.msg_controllen = 0; + msg.msg_flags = 0; + + iov[0].iov_base = pi->buf + pi->length; + iov[0].iov_len = pi->buflen - pi->length; + + len = recvmsg(pi->fd, &msg, 0); + + if (len == -1 || len == 0) + /* receive error */ + return (-1); + + pi->length += len; + + if (pi->cred) + check_priv_stream(pi); + + return (0); +} + /* * Dependency to create a lsock port */ Modified: projects/ipsec/contrib/bsnmp/snmpd/trans_udp.c ============================================================================== --- projects/ipsec/contrib/bsnmp/snmpd/trans_udp.c Tue Dec 27 09:29:17 2016 (r310628) +++ projects/ipsec/contrib/bsnmp/snmpd/trans_udp.c Tue Dec 27 09:40:07 2016 (r310629) @@ -32,6 +32,7 @@ */ #include <sys/types.h> #include <sys/queue.h> +#include <sys/ucred.h> #include <stdlib.h> #include <syslog.h> @@ -54,6 +55,7 @@ static void udp_close_port(struct tport static int udp_init_port(struct tport *); static ssize_t udp_send(struct tport *, const u_char *, size_t, const struct sockaddr *, size_t); +static ssize_t udp_recv(struct port_input *); /* exported */ const struct transport_def udp_trans = { @@ -63,7 +65,8 @@ const struct transport_def udp_trans = { udp_stop, udp_close_port, udp_init_port, - udp_send + udp_send, + udp_recv }; static struct transport *my_trans; @@ -218,6 +221,123 @@ udp_send(struct tport *tp, const u_char return (sendto(p->input.fd, buf, len, 0, addr, addrlen)); } +static void +check_priv_dgram(struct port_input *pi, struct sockcred *cred) +{ + + /* process explicitly sends credentials */ + if (cred) + pi->priv = (cred->sc_euid == 0); + else + pi->priv = 0; +} + +/* + * Input from a datagram socket. + * Each receive should return one datagram. + */ +static ssize_t +recv_dgram(struct port_input *pi, struct in_addr *laddr) +{ + u_char embuf[1000]; + char cbuf[CMSG_SPACE(SOCKCREDSIZE(CMGROUP_MAX)) + + CMSG_SPACE(sizeof(struct in_addr))]; + struct msghdr msg; + struct iovec iov[1]; + ssize_t len; + struct cmsghdr *cmsg; + struct sockcred *cred = NULL; + + if (pi->buf == NULL) { + /* no buffer yet - allocate one */ + if ((pi->buf = buf_alloc(0)) == NULL) { + /* ups - could not get buffer. Read away input + * and drop it */ + (void)recvfrom(pi->fd, embuf, sizeof(embuf), + 0, NULL, NULL); + /* return error */ + return (-1); + } + pi->buflen = buf_size(0); + } + + /* try to get a message */ + msg.msg_name = pi->peer; + msg.msg_namelen = pi->peerlen; + msg.msg_iov = iov; + msg.msg_iovlen = 1; + memset(cbuf, 0, sizeof(cbuf)); + msg.msg_control = cbuf; + msg.msg_controllen = sizeof(cbuf); + msg.msg_flags = 0; + + iov[0].iov_base = pi->buf; + iov[0].iov_len = pi->buflen; + + len = recvmsg(pi->fd, &msg, 0); + + if (len == -1 || len == 0) + /* receive error */ + return (-1); + + if (msg.msg_flags & MSG_TRUNC) { + /* truncated - drop */ + snmpd_stats.silentDrops++; + snmpd_stats.inTooLong++; + return (-1); + } + + pi->length = (size_t)len; + + for (cmsg = CMSG_FIRSTHDR(&msg); cmsg != NULL; + cmsg = CMSG_NXTHDR(&msg, cmsg)) { + if (cmsg->cmsg_level == IPPROTO_IP && + cmsg->cmsg_type == IP_RECVDSTADDR) + memcpy(laddr, CMSG_DATA(cmsg), sizeof(struct in_addr)); + if (cmsg->cmsg_level == SOL_SOCKET && + cmsg->cmsg_type == SCM_CREDS) + cred = (struct sockcred *)CMSG_DATA(cmsg); + } + + if (pi->cred) + check_priv_dgram(pi, cred); + + return (0); +} + +/* + * Receive something + */ +static ssize_t +udp_recv(struct port_input *pi) +{ + struct in_addr *laddr; + struct msghdr msg; + char cbuf[CMSG_SPACE(sizeof(struct in_addr))]; + struct cmsghdr *cmsgp; + ssize_t ret; + + memset(cbuf, 0, sizeof(cbuf)); + + msg.msg_control = cbuf; + msg.msg_controllen = sizeof(cbuf); + + cmsgp = CMSG_FIRSTHDR(&msg); + cmsgp->cmsg_len = CMSG_LEN(sizeof(struct in_addr)); + cmsgp->cmsg_level = IPPROTO_IP; + cmsgp->cmsg_type = IP_SENDSRCADDR; + laddr = (struct in_addr *)CMSG_DATA(cmsgp); + + ret = recv_dgram(pi, laddr); + + if (laddr->s_addr == INADDR_ANY) { + msg.msg_control = NULL; + msg.msg_controllen = 0; + } + + return (ret); +} + /* * Port table */ Modified: projects/ipsec/contrib/bsnmp/snmpd/trap.c ============================================================================== --- projects/ipsec/contrib/bsnmp/snmpd/trap.c Tue Dec 27 09:29:17 2016 (r310628) +++ projects/ipsec/contrib/bsnmp/snmpd/trap.c Tue Dec 27 09:40:07 2016 (r310629) @@ -214,7 +214,7 @@ trapsink_unmodify(struct trapsink *t, st t->version = tdep->rb_version; if (tdep->set & TDEP_COMM) strcpy(t->comm, tdep->rb_comm); - + return (SNMP_ERR_NOERROR); } @@ -464,7 +464,6 @@ static void snmp_create_v3_trap(struct snmp_pdu *pdu, struct target_param *target, const struct asn_oid *trap_oid) { - uint64_t etime; struct usm_user *usmuser; memset(pdu, 0, sizeof(*pdu)); @@ -487,14 +486,7 @@ snmp_create_v3_trap(struct snmp_pdu *pdu pdu->nbindings = 2; - etime = (get_ticks() - start_tick) / 100ULL; - if (etime < INT32_MAX) - snmpd_engine.engine_time = etime; - else { - start_tick = get_ticks(); - set_snmpd_engine(); - snmpd_engine.engine_time = start_tick; - } + update_snmpd_engine_time(); memcpy(pdu->engine.engine_id, snmpd_engine.engine_id, snmpd_engine.engine_len); @@ -546,7 +538,7 @@ snmp_send_trap(const struct asn_oid *tra TAILQ_FOREACH(t, &trapsink_list, link) { if (t->status != TRAPSINK_ACTIVE) continue; - + if (t->version == TRAPSINK_V1) snmp_create_v1_trap(&pdu, t->comm, trap_oid); else Modified: projects/ipsec/contrib/libarchive/cpio/test/test_owner_parse.c ============================================================================== --- projects/ipsec/contrib/libarchive/cpio/test/test_owner_parse.c Tue Dec 27 09:29:17 2016 (r310628) +++ projects/ipsec/contrib/libarchive/cpio/test/test_owner_parse.c Tue Dec 27 09:40:07 2016 (r310629) @@ -38,7 +38,7 @@ static const int root_gids[] = { 0, 1 }; * its primary group membership depends on how the user set up * their /etc/passwd. Likely values are 513 (None), 545 (Users), * or 544 (Administrators). Just check for one of those... - * TODO: Handle non-English localizations...e.g. French 'Administrateur' + * TODO: Handle non-English localizations... e.g. French 'Administrateur' * Use CreateWellKnownSID() and LookupAccountName()? */ #define ROOT "Administrator" Modified: projects/ipsec/contrib/libarchive/libarchive/archive_read.c ============================================================================== --- projects/ipsec/contrib/libarchive/libarchive/archive_read.c Tue Dec 27 09:29:17 2016 (r310628) +++ projects/ipsec/contrib/libarchive/libarchive/archive_read.c Tue Dec 27 09:40:07 2016 (r310629) @@ -764,7 +764,7 @@ archive_read_header_position(struct arch * we cannot say whether there are encrypted entries, then * ARCHIVE_READ_FORMAT_ENCRYPTION_DONT_KNOW is returned. * In general, this function will return values below zero when the - * reader is uncertain or totally uncapable of encryption support. + * reader is uncertain or totally incapable of encryption support. * When this function returns 0 you can be sure that the reader * supports encryption detection but no encrypted entries have * been found yet. Modified: projects/ipsec/contrib/libarchive/libarchive/archive_read_disk_posix.c ============================================================================== --- projects/ipsec/contrib/libarchive/libarchive/archive_read_disk_posix.c Tue Dec 27 09:29:17 2016 (r310628) +++ projects/ipsec/contrib/libarchive/libarchive/archive_read_disk_posix.c Tue Dec 27 09:40:07 2016 (r310629) @@ -1026,7 +1026,7 @@ next_entry(struct archive_read_disk *a, /* Save the times to be restored. This must be in before * calling archive_read_disk_descend() or any chance of it, - * especially, invokng a callback. */ + * especially, invoking a callback. */ t->restore_time.mtime = archive_entry_mtime(entry); t->restore_time.mtime_nsec = archive_entry_mtime_nsec(entry); t->restore_time.atime = archive_entry_atime(entry); Modified: projects/ipsec/contrib/libarchive/libarchive/archive_read_support_filter_xz.c ============================================================================== --- projects/ipsec/contrib/libarchive/libarchive/archive_read_support_filter_xz.c Tue Dec 27 09:29:17 2016 (r310628) +++ projects/ipsec/contrib/libarchive/libarchive/archive_read_support_filter_xz.c Tue Dec 27 09:40:07 2016 (r310629) @@ -293,7 +293,7 @@ lzma_bidder_bid(struct archive_read_filt /* Second through fifth bytes are dictionary size, stored in * little-endian order. The minimum dictionary size is * 1 << 12(4KiB) which the lzma of LZMA SDK uses with option - * -d12 and the maxinam dictionary size is 1 << 27(128MiB) + * -d12 and the maximum dictionary size is 1 << 27(128MiB) * which the one uses with option -d27. * NOTE: A comment of LZMA SDK source code says this dictionary * range is from 1 << 12 to 1 << 30. */ @@ -584,9 +584,7 @@ lzip_init(struct archive_read_filter *se return (ARCHIVE_FATAL); } ret = lzma_raw_decoder(&(state->stream), filters); -#if LZMA_VERSION < 50010000 free(filters[0].options); -#endif if (ret != LZMA_OK) { set_error(self, ret); return (ARCHIVE_FATAL); Modified: projects/ipsec/contrib/libarchive/libarchive/archive_read_support_format_7zip.c ============================================================================== --- projects/ipsec/contrib/libarchive/libarchive/archive_read_support_format_7zip.c Tue Dec 27 09:29:17 2016 (r310628) +++ projects/ipsec/contrib/libarchive/libarchive/archive_read_support_format_7zip.c Tue Dec 27 09:40:07 2016 (r310629) @@ -263,22 +263,22 @@ struct _7zip { /* * Decompressor controllers. */ - /* Decording LZMA1 and LZMA2 data. */ + /* Decoding LZMA1 and LZMA2 data. */ #ifdef HAVE_LZMA_H lzma_stream lzstream; int lzstream_valid; #endif - /* Decording bzip2 data. */ + /* Decoding bzip2 data. */ #if defined(HAVE_BZLIB_H) && defined(BZ_CONFIG_ERROR) bz_stream bzstream; int bzstream_valid; #endif - /* Decording deflate data. */ + /* Decoding deflate data. */ #ifdef HAVE_ZLIB_H z_stream stream; int stream_valid; #endif - /* Decording PPMd data. */ + /* Decoding PPMd data. */ int ppmd7_stat; CPpmd7 ppmd7_context; CPpmd7z_RangeDec range_dec; @@ -1056,10 +1056,7 @@ init_decompression(struct archive_read * #endif { lzma_options_delta delta_opt; - lzma_filter filters[LZMA_FILTERS_MAX]; -#if LZMA_VERSION < 50010000 - lzma_filter *ff; -#endif + lzma_filter filters[LZMA_FILTERS_MAX], *ff; int fi = 0; if (zip->lzstream_valid) { @@ -1144,9 +1141,7 @@ init_decompression(struct archive_read * else filters[fi].id = LZMA_FILTER_LZMA1; filters[fi].options = NULL; -#if LZMA_VERSION < 50010000 ff = &filters[fi]; -#endif r = lzma_properties_decode(&filters[fi], NULL, coder1->properties, (size_t)coder1->propertiesSize); if (r != LZMA_OK) { @@ -1158,9 +1153,7 @@ init_decompression(struct archive_read * filters[fi].id = LZMA_VLI_UNKNOWN; filters[fi].options = NULL; r = lzma_raw_decoder(&(zip->lzstream), filters); -#if LZMA_VERSION < 50010000 free(ff->options); -#endif if (r != LZMA_OK) { set_error(a, r); return (ARCHIVE_FAILED); Modified: projects/ipsec/contrib/libarchive/libarchive/archive_read_support_format_cpio.c ============================================================================== --- projects/ipsec/contrib/libarchive/libarchive/archive_read_support_format_cpio.c Tue Dec 27 09:29:17 2016 (r310628) +++ projects/ipsec/contrib/libarchive/libarchive/archive_read_support_format_cpio.c Tue Dec 27 09:40:07 2016 (r310629) @@ -326,7 +326,7 @@ archive_read_format_cpio_options(struct cpio = (struct cpio *)(a->format->data); if (strcmp(key, "compat-2x") == 0) { - /* Handle filnames as libarchive 2.x */ + /* Handle filenames as libarchive 2.x */ cpio->init_default_conversion = (val != NULL)?1:0; return (ARCHIVE_OK); } else if (strcmp(key, "hdrcharset") == 0) { Modified: projects/ipsec/contrib/libarchive/libarchive/archive_read_support_format_zip.c ============================================================================== --- projects/ipsec/contrib/libarchive/libarchive/archive_read_support_format_zip.c Tue Dec 27 09:29:17 2016 (r310628) +++ projects/ipsec/contrib/libarchive/libarchive/archive_read_support_format_zip.c Tue Dec 27 09:40:07 2016 (r310629) @@ -864,29 +864,33 @@ zip_read_local_file_header(struct archiv zip_entry->mode |= AE_IFREG; } - if ((zip_entry->mode & AE_IFMT) == 0) { - /* Especially in streaming mode, we can end up - here without having seen proper mode information. - Guess from the filename. */ + /* If the mode is totally empty, set some sane default. */ + if (zip_entry->mode == 0) { + zip_entry->mode |= 0664; + } + + /* Make sure that entries with a trailing '/' are marked as directories + * even if the External File Attributes contains bogus values. If this + * is not a directory and there is no type, assume regularfile. */ + if ((zip_entry->mode & AE_IFMT) != AE_IFDIR) { + int has_slash; + wp = archive_entry_pathname_w(entry); if (wp != NULL) { len = wcslen(wp); - if (len > 0 && wp[len - 1] == L'/') - zip_entry->mode |= AE_IFDIR; - else - zip_entry->mode |= AE_IFREG; + has_slash = len > 0 && wp[len - 1] == L'/'; } else { cp = archive_entry_pathname(entry); len = (cp != NULL)?strlen(cp):0; - if (len > 0 && cp[len - 1] == '/') - zip_entry->mode |= AE_IFDIR; - else - zip_entry->mode |= AE_IFREG; - } - if (zip_entry->mode == AE_IFDIR) { - zip_entry->mode |= 0775; - } else if (zip_entry->mode == AE_IFREG) { - zip_entry->mode |= 0664; + has_slash = len > 0 && cp[len - 1] == '/'; + } + /* Correct file type as needed. */ + if (has_slash) { + zip_entry->mode &= ~AE_IFMT; + zip_entry->mode |= AE_IFDIR; + zip_entry->mode |= 0111; + } else if ((zip_entry->mode & AE_IFMT) == 0) { + zip_entry->mode |= AE_IFREG; } } Modified: projects/ipsec/contrib/libarchive/libarchive/archive_string.c ============================================================================== --- projects/ipsec/contrib/libarchive/libarchive/archive_string.c Tue Dec 27 09:29:17 2016 (r310628) +++ projects/ipsec/contrib/libarchive/libarchive/archive_string.c Tue Dec 27 09:40:07 2016 (r310629) @@ -1827,7 +1827,7 @@ archive_string_conversion_set_opt(struct * A filename in UTF-8 was made with libarchive 2.x in a wrong * assumption that wchar_t was Unicode. * This option enables simulating the assumption in order to read - * that filname correctly. + * that filename correctly. */ case SCONV_SET_OPT_UTF8_LIBARCHIVE2X: #if (defined(_WIN32) && !defined(__CYGWIN__)) \ @@ -1939,12 +1939,19 @@ archive_strncat_l(struct archive_string struct archive_string_conv *sc) { const void *s; - size_t length; + size_t length = 0; int i, r = 0, r2; + if (_p != NULL && n > 0) { + if (sc != NULL && (sc->flag & SCONV_FROM_UTF16)) + length = utf16nbytes(_p, n); + else + length = mbsnbytes(_p, n); + } + /* We must allocate memory even if there is no data for conversion * or copy. This simulates archive_string_append behavior. */ - if (_p == NULL || n == 0) { + if (length == 0) { int tn = 1; if (sc != NULL && (sc->flag & SCONV_TO_UTF16)) tn = 2; @@ -1960,16 +1967,11 @@ archive_strncat_l(struct archive_string * If sc is NULL, we just make a copy. */ if (sc == NULL) { - length = mbsnbytes(_p, n); if (archive_string_append(as, _p, length) == NULL) return (-1);/* No memory */ return (0); } - if (sc->flag & SCONV_FROM_UTF16) - length = utf16nbytes(_p, n); - else *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201612270940.uBR9e7Wm010102>