Apply patch from upstream Heimdal for encoding fix
RFC 4402 specifies the implementation of the gss_pseudo_random()
function for the krb5 mechanism (and the C bindings therein).
The implementation uses a PRF+ function that concatenates the output
of individual krb5 pseudo-random operations produced with a counter
and seed. The original implementation of this function in Heimdal
incorrectly encoded the counter as a little-endian integer, but the
RFC specifies the counter encoding as big-endian. The implementation
initializes the counter to zero, so the first block of output (16 octets,
for the modern AES enctypes 17 and 18) is unchanged. (RFC 4402 specifies
that the counter should begin at 1, but both existing implementations
begin with zero and it looks like the standard will be re-issued, with
test vectors, to begin at zero.)
This is upstream's commit f85652af868e64811f2b32b815d4198e7f9017f6,
from 13 October, 2013:
% Fix krb5's gss_pseudo_random() (n is big-endian)
%
% The first enctype RFC3961 prf output length's bytes are correct because
% the little- and big-endian representations of unsigned zero are the
% same. The second block of output was wrong because the counter was not
% being encoded as big-endian.
%
% This change could break applications. But those applications would not
% have been interoperating with other implementations anyways (in
% particular: MIT's).
Bump __FreeBSD_version accordingly and add a note in UPDATING.
Approved by: hrs (mentor, src committer)
command line options. The "jail_<jname>_*" rc.conf(5) variables for
per-jail configuration are automatically converted to
/var/run/jail.<jname>.conf before the jail(8) utility is invoked.
This is transparently backward compatible.
- Fix a minor bug in jail(8) which prevented it from returning false
when jail -r failed.
Approved by: re (glebius)
r256095:
- Add gnu/usr.bin/rcs back to the base system.
r256120:
- Add WITHOUT_RCS back to src.conf.5.
r256121:
- Remove UPDATING entry regarding gnu/usr.bin/rcs removal.
Requested by: many
Approved by: re (marius)
Discussed with: core
Vendor update to [c]dialog-1.2-20130925 has fixed known problems.
Vendor update SVN revisions: 255917-255917, 255852, and 255958.
Reviewed by: gjb
Approved by: re (gjb)
process dies, the process descriptor will be closed and pdfork(2)ed child
will be killed, which is not the case when regular fork(2) is used.
The PROCDESC option is now part of the GENERIC kernel configuration, so we
can start depending on it.
Add UPDATING entry to inform that this option is now required and log
detailed instruction to syslog if pdfork(2) is not available:
The pdfork(2) system call is not available; recompile the kernel with options PROCDESC
Submitted by: Mariusz Zaborski <oshogbo@FreeBSD.org>
Sponsored by: Google Summer of Code 2013
extensions and also tried to be link time compatible with ports libiconv.
This splits that functionality and enables the parts that shouldn't
interfere with the port by default.
WITH_ICONV (now on by default) - adds iconv.h, iconv_open(3) etc.
WITH_LIBICONV_COMPAT (off by default) adds the libiconv_open etc API, linker
symbols and even a stub libiconv.so.3 that are good enough to be able
to 'pkg delete -f libiconv' on a running system and reasonably expect it
to work.
I have tortured many machines over the last few days to try and reduce
the possibilities of foot-shooting as much as I can. I've successfully
recompiled to enable and disable the libiconv_compat modes, ports that use
libiconv alongside system iconv etc. If you don't enable the
WITH_LIBICONV_COMPAT switch, they don't share symbol space.
This is an extension of behavior on other system. iconv(3) is a standard
libc interface and libiconv port expects to be able to run alongside it on
systems that have it.
Bumped osreldate.
Do this by forcing inclusion of
sys/cddl/compat/opensolaris/sys/debug_compat.h
via -include option into all source files from OpenSolaris.
Note that this -include option must always be after -include opt_global.h.
Additionally, remove forced definition of DEBUG for some modules and fix
their build without DEBUG.
Also, meaning of DEBUG was overloaded to enable WITNESS support for some
OpenSolaris (primarily ZFS) locks. Now this overloading is removed and
that use of DEBUG is replaced with a new option OPENSOLARIS_WITNESS.
MFC after: 17 days
Formerly, a command like find dir1/dir2 -delete would delete everything
under dir1/dir2 but not dir1/dir2 itself.
When -L is not specified and "." can be opened, the fts(3) code underlying
find(1) is careful to avoid following symlinks or being dropped in different
locations by moving the directory fts is currently traversing. If a
problematic concurrent modification is detected, fts will not enter the
directory or abort. Files found in the search are returned via the current
working directory and a pathname not containing a slash.
For paranoia, find(1) verifies this when -delete is used. However, it is too
paranoid about the root of the traversal. It is already assumed that the
initial pathname does not refer to directories or symlinks that might be
replaced by untrusted users; otherwise, the whole traversal would be unsafe.
Therefore, it is not necessary to do the check for fts_level ==
FTS_ROOTLEVEL.
Deleting the pathnames given as arguments can be prevented without error
messages using -mindepth 1 or by changing directory and passing "." as
argument to find. This works in the old as well as the new version of find.
Tested by: Kurt Lidl
Reviewed by: jhb
* Make Yarrow an optional kernel component -- enabled by "YARROW_RNG" option.
The files sha2.c, hash.c, randomdev_soft.c and yarrow.c comprise yarrow.
* random(4) device doesn't really depend on rijndael-*. Yarrow, however, does.
* Add random_adaptors.[ch] which is basically a store of random_adaptor's.
random_adaptor is basically an adapter that plugs in to random(4).
random_adaptor can only be plugged in to random(4) very early in bootup.
Unplugging random_adaptor from random(4) is not supported, and is probably a
bad idea anyway, due to potential loss of entropy pools.
We currently have 3 random_adaptors:
+ yarrow
+ rdrand (ivy.c)
+ nehemeiah
* Remove platform dependent logic from probe.c, and move it into
corresponding registration routines of each random_adaptor provider.
probe.c doesn't do anything other than picking a specific random_adaptor
from a list of registered ones.
* If the kernel doesn't have any random_adaptor adapters present then the
creation of /dev/random is postponed until next random_adaptor is kldload'ed.
* Fix randomdev_soft.c to refer to its own random_adaptor, instead of a
system wide one.
Submitted by: arthurmesh@gmail.com, obrien
Obtained from: Juniper Networks
Reviewed by: obrien
Before this change path matching had the following features:
- for device nodes the patterns were matched against full path
- in the above case '/' in a path could be matched by a wildcard
- for directories and links only the last component was matched
So, for example, a pattern like 're*' could match the following entries:
- re0 device
- responder/u0 device
- zvol/recpool directory
Although it was possible to work around this behavior (once it was spotted
and understood), it was very confusing and contrary to documentation.
Now we always match a full path for all types of devfs entries (devices,
directories, links) and a '/' has to be matched explicitly.
This behavior follows the shell globbing rules.
This change is originally developed by Jaakko Heinonen.
Many thanks!
PR: kern/122838
Submitted by: jh
MFC after: 4 weeks
make the ARM EABI the default ABI on arm, armeb, armv6 and armv6eb.
This is intended to be the default ABI from now on with the old ABI to be
retired. Because of this all users are strongly suggested to upgrade to the
ARM EABI.
As the two ABIs are incompatible it is unlikely upgrading in place will
work. Users should perform a full backup and either use an external machine
to upgrade, or install to an alternative location on their media. They
should also reinstall all ports or packages when these are available.
The only known issues are:
- pkg incorrectly detects the ABI. This is fixed upstream, and will a
patch will be made to the port.
- GDB can have issues with executables built with clang.
__FreeBSD_version has been bumped.
to a memory-mapped file in the traced process's address space
even if neither the traced process nor the tracing process had
write access to that file.
Security: CVE-2013-2171
Security: FreeBSD-SA-13:06.mmap
Approved by: so
mergemaster. This allows bootstrap verions of tools to be used.
Add a note to UPDATING about this change.
Discussed with: jhb
Sponsored by: DARPA, AFRL
MFC after: 5 days