commit: 6415dc98e78ef635bc1cbb0e2411f8cf06edc048
parent 8bfb60a368487a8ffa1e0b20543becc4bea0806b
Author: Michael Forney <mforney@mforney.org>
Date: Mon, 9 Oct 2017 23:05:23 -0700
openbsd: Update to 6.2
Diffstat:
13 files changed, 133 insertions(+), 61 deletions(-)
diff --git a/pkg/libressl/gen.lua b/pkg/libressl/gen.lua
@@ -272,8 +272,6 @@ lib('libcrypto.a', [[crypto/(
des/(des_enc.c fcrypt_b.c)
rc4/(rc4_enc.c rc4_skey.c)
whrlpool/wp_block.c
-
- compat/freezero.c
) $builddir/pkg/openbsd/libbsd.a]])
file('lib/libcrypto.a', '644', '$outdir/libcrypto.a')
diff --git a/pkg/openbsd/gen.lua b/pkg/openbsd/gen.lua
@@ -32,7 +32,7 @@ lib('libbsd.a', {paths[[
crypt/(arc4random.c.o arc4random_uniform.c)
gen/(fts.c getprogname.c pwcache.c readpassphrase.c setprogname.c vis.c warnc.c vwarnc.c)
net/base64.c
- stdlib/(reallocarray.c recallocarray.c strtonum.c)
+ stdlib/(freezero.c reallocarray.c recallocarray.c strtonum.c)
string/(explicit_bzero.c strmode.c timingsafe_memcmp.c)
)
lib/libcrypto/arc4random/getentropy_linux.c
@@ -88,12 +88,12 @@ file('bin/yacc', '755', '$outdir/yacc')
man{'usr.bin/yacc/yacc.1'}
fetch('curl', paths[[
- -s '/^/src\//' './(
+ -s '/^/src\//' '(
bin/pax
include
lib/(libc/(crypt gen net stdlib string) libcrypto/arc4random)
usr.bin/(diff doas fmt nc patch yacc)
)/*'
';'
- -s '/^/src\//' './sys/sys/*'
+ -s '/^/src\//' 'sys/sys/*'
]])
diff --git a/pkg/openbsd/include/stdlib.h b/pkg/openbsd/include/stdlib.h
@@ -1,5 +1,6 @@
#include_next <stdlib.h>
#include <stdint.h>
+void freezero(void *, size_t);
void *reallocarray(void *, size_t, size_t);
void *recallocarray(void *, size_t, size_t, size_t);
long long strtonum(const char *, long long, long long, const char **);
diff --git a/pkg/openbsd/patch/0013-setprogname-Explicitly-discard-const-qualifier.patch b/pkg/openbsd/patch/0013-setprogname-Explicitly-discard-const-qualifier.patch
@@ -1,26 +1,23 @@
-From 6ab5ad90eea823a8b7020108c827bc600d674d0b Mon Sep 17 00:00:00 2001
+From 7cc3b8b8b1ca390b6ed65d3234827bc7393f9300 Mon Sep 17 00:00:00 2001
From: Michael Forney <mforney@mforney.org>
Date: Sun, 11 Dec 2016 14:36:13 -0800
Subject: [PATCH] setprogname: Explicitly discard const qualifier
---
- lib/libc/gen/setprogname.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
+ lib/libc/gen/setprogname.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/libc/gen/setprogname.c b/lib/libc/gen/setprogname.c
-index ec3189fa6..173148ba8 100644
+index bce4cbdac44..0c1573c9162 100644
--- a/lib/libc/gen/setprogname.c
+++ b/lib/libc/gen/setprogname.c
-@@ -25,7 +25,7 @@ setprogname(const char *progname)
-
- tmpn = strrchr(progname, '/');
+@@ -27,5 +27,5 @@ setprogname(const char *progname)
if (tmpn == NULL)
-- __progname = progname;
-+ __progname = (char *)progname;
+ __progname = (char *)progname;
else
- __progname = tmpn + 1;
+ __progname = (char *)tmpn + 1;
}
--
-2.12.2
+2.14.2
diff --git a/pkg/openbsd/patch/0016-doas-Port-to-linux-musl.patch b/pkg/openbsd/patch/0016-doas-Port-to-linux-musl.patch
@@ -1,4 +1,4 @@
-From e7cec3119e6eff94fd02c9c773c3cf5d19db23de Mon Sep 17 00:00:00 2001
+From c86749aeb88fa67ab84efce23c1a69691ae87dae Mon Sep 17 00:00:00 2001
From: Michael Forney <mforney@mforney.org>
Date: Sun, 26 Feb 2017 16:50:55 -0800
Subject: [PATCH] doas: Port to linux/musl
@@ -22,11 +22,11 @@ Replace calls to errc with err after setting errno.
Call openlog at start to set syslog identity.
---
usr.bin/doas/doas.1 | 9 ----
- usr.bin/doas/doas.c | 98 ++++++++++++++++++++----------------
+ usr.bin/doas/doas.c | 95 +++++++++++++++++++----------------
usr.bin/doas/doas.h | 4 ++
usr.bin/doas/parse.y | 1 +
usr.bin/doas/persist.c | 133 +++++++++++++++++++++++++++++++++++++++++++++++++
- 5 files changed, 193 insertions(+), 52 deletions(-)
+ 5 files changed, 191 insertions(+), 51 deletions(-)
create mode 100644 usr.bin/doas/persist.c
diff --git a/usr.bin/doas/doas.1 b/usr.bin/doas/doas.1
@@ -57,7 +57,7 @@ index d39c4aab2d5..3097991bc68 100644
Parse and check the configuration file
.Ar config ,
diff --git a/usr.bin/doas/doas.c b/usr.bin/doas/doas.c
-index 328834cc461..4cab9d272a3 100644
+index 9ec4257dffd..4fb934321cf 100644
--- a/usr.bin/doas/doas.c
+++ b/usr.bin/doas/doas.c
@@ -21,7 +21,6 @@
@@ -139,7 +139,7 @@ index 328834cc461..4cab9d272a3 100644
if (!challenge) {
char host[HOST_NAME_MAX + 1];
if (gethostname(host, sizeof(host)))
-@@ -221,20 +242,18 @@ authuser(char *myname, char *login_style, int persist)
+@@ -221,20 +242,17 @@ authuser(char *myname, char *login_style, int persist)
response = readpassphrase(challenge, rbuf, sizeof(rbuf),
RPP_REQUIRE_TTY);
if (response == NULL && errno == ENOTTY) {
@@ -151,11 +151,9 @@ index 328834cc461..4cab9d272a3 100644
- if (!auth_userresponse(as, response, 0)) {
- syslog(LOG_AUTHPRIV | LOG_NOTICE,
- "failed auth for %s", myname);
-- errc(1, EPERM, NULL);
+ if (!verifypasswd(myname, response)) {
+ syslog(LOG_NOTICE, "failed auth for %s", myname);
-+ errno = EPERM;
-+ err(1, NULL);
+ errx(1, "Authorization failed");
}
explicit_bzero(rbuf, sizeof(rbuf));
good:
@@ -166,7 +164,7 @@ index 328834cc461..4cab9d272a3 100644
close(fd);
}
}
-@@ -242,14 +261,13 @@ good:
+@@ -242,14 +260,13 @@ good:
int
main(int argc, char **argv)
{
@@ -181,9 +179,9 @@ index 328834cc461..4cab9d272a3 100644
- char myname[_PW_NAME_LEN + 1];
+ char myname[LOGIN_NAME_MAX + 1];
struct passwd *pw;
- struct rule *rule;
+ const struct rule *rule;
uid_t uid;
-@@ -261,28 +279,20 @@ main(int argc, char **argv)
+@@ -261,28 +278,20 @@ main(int argc, char **argv)
int nflag = 0;
char cwdpath[PATH_MAX];
const char *cwd;
@@ -215,7 +213,7 @@ index 328834cc461..4cab9d272a3 100644
case 'u':
if (parseuid(optarg, &target) != 0)
errx(1, "unknown user");
-@@ -352,16 +362,16 @@ main(int argc, char **argv)
+@@ -352,16 +361,16 @@ main(int argc, char **argv)
cmd = argv[0];
if (!permit(uid, groups, ngroups, &rule, target, cmd,
(const char **)argv + 1)) {
@@ -236,7 +234,7 @@ index 328834cc461..4cab9d272a3 100644
}
if (pledge("stdio rpath getpw exec id", NULL) == -1)
-@@ -371,10 +381,12 @@ main(int argc, char **argv)
+@@ -371,10 +380,12 @@ main(int argc, char **argv)
if (!pw)
errx(1, "no passwd entry for target");
@@ -253,7 +251,7 @@ index 328834cc461..4cab9d272a3 100644
if (pledge("stdio rpath exec", NULL) == -1)
err(1, "pledge");
-@@ -387,7 +399,7 @@ main(int argc, char **argv)
+@@ -387,7 +398,7 @@ main(int argc, char **argv)
if (pledge("stdio exec", NULL) == -1)
err(1, "pledge");
@@ -263,12 +261,12 @@ index 328834cc461..4cab9d272a3 100644
envp = prepenv(rule);
diff --git a/usr.bin/doas/doas.h b/usr.bin/doas/doas.h
-index ba54c3f71df..0c1f5fa4e2b 100644
+index cbeb3399419..b1a4c819954 100644
--- a/usr.bin/doas/doas.h
+++ b/usr.bin/doas/doas.h
@@ -31,6 +31,10 @@ extern int parse_errors;
- char **prepenv(struct rule *);
+ char **prepenv(const struct rule *);
+int openpersist(int *valid);
+int setpersist(int fd);
diff --git a/pkg/openbsd/patch/0018-getentropy-Support-BearSSL-SHA512-implementation.patch b/pkg/openbsd/patch/0018-getentropy-Support-BearSSL-SHA512-implementation.patch
@@ -1,4 +1,4 @@
-From 2b0e36df23d26fe09ce3f21cff2ed6a4600aeb54 Mon Sep 17 00:00:00 2001
+From 37f2f6274588cad438c6fd6c7b37bd5e5ce3ae20 Mon Sep 17 00:00:00 2001
From: Michael Forney <mforney@mforney.org>
Date: Sat, 27 May 2017 18:49:33 -0700
Subject: [PATCH] getentropy: Support BearSSL SHA512 implementation
@@ -8,7 +8,7 @@ Subject: [PATCH] getentropy: Support BearSSL SHA512 implementation
1 file changed, 32 insertions(+), 1 deletion(-)
diff --git a/lib/libcrypto/arc4random/getentropy_linux.c b/lib/libcrypto/arc4random/getentropy_linux.c
-index ac97658efe3..0a684ebd29f 100644
+index a845239eb3e..6a7fe863abb 100644
--- a/lib/libcrypto/arc4random/getentropy_linux.c
+++ b/lib/libcrypto/arc4random/getentropy_linux.c
@@ -47,7 +47,13 @@
@@ -41,7 +41,7 @@ index ac97658efe3..0a684ebd29f 100644
int getentropy(void *buf, size_t len);
-@@ -327,16 +339,28 @@ static const int cl[] = {
+@@ -330,16 +342,28 @@ static const int cl[] = {
static int
getentropy_phdr(struct dl_phdr_info *info, size_t size, void *data)
{
@@ -70,7 +70,7 @@ index ac97658efe3..0a684ebd29f 100644
int save_errno = errno, e, pgs = getpagesize(), faster = 0, repeat;
static int cnt;
struct timespec ts;
-@@ -344,7 +368,6 @@ getentropy_fallback(void *buf, size_t len)
+@@ -347,7 +371,6 @@ getentropy_fallback(void *buf, size_t len)
struct rusage ru;
sigset_t sigset;
struct stat st;
@@ -78,7 +78,7 @@ index ac97658efe3..0a684ebd29f 100644
static pid_t lastpid;
pid_t pid;
size_t i, ii, m;
-@@ -361,7 +384,11 @@ getentropy_fallback(void *buf, size_t len)
+@@ -364,7 +387,11 @@ getentropy_fallback(void *buf, size_t len)
}
for (i = 0; i < len; ) {
int j;
@@ -90,7 +90,7 @@ index ac97658efe3..0a684ebd29f 100644
for (j = 0; j < repeat; j++) {
HX((e = gettimeofday(&tv, NULL)) == -1, tv);
if (e != -1) {
-@@ -532,7 +559,11 @@ getentropy_fallback(void *buf, size_t len)
+@@ -535,7 +562,11 @@ getentropy_fallback(void *buf, size_t len)
#endif
#endif
@@ -103,5 +103,5 @@ index ac97658efe3..0a684ebd29f 100644
i += min(sizeof(results), len - i);
}
--
-2.13.0
+2.14.2
diff --git a/pkg/openbsd/patch/0019-nc-Port-to-linux.patch b/pkg/openbsd/patch/0019-nc-Port-to-linux.patch
@@ -1,4 +1,4 @@
-From 7c9b2a037c0c19b608f8a595bd1fe04d9651ebcf Mon Sep 17 00:00:00 2001
+From 67f9a56d25334db296561d0269b4cec6a7e24cf7 Mon Sep 17 00:00:00 2001
From: Michael Forney <mforney@mforney.org>
Date: Fri, 16 Jun 2017 20:32:42 -0700
Subject: [PATCH] nc: Port to linux
@@ -8,12 +8,12 @@ Subject: [PATCH] nc: Port to linux
1 file changed, 31 insertions(+), 14 deletions(-)
diff --git a/usr.bin/nc/netcat.c b/usr.bin/nc/netcat.c
-index e222e1e7311..cc94bdba196 100644
+index ce55972a7c2..24d1c463f51 100644
--- a/usr.bin/nc/netcat.c
+++ b/usr.bin/nc/netcat.c
-@@ -73,6 +73,31 @@
- #define TLS_CCERT (1 << 4)
+@@ -75,6 +75,31 @@
#define TLS_MUSTSTAPLE (1 << 5)
+ #define TLS_COMPAT (1 << 6)
+#ifndef IPTOS_DSCP_CS0
+# define IPTOS_DSCP_CS0 0x00
@@ -43,7 +43,7 @@ index e222e1e7311..cc94bdba196 100644
/* Command Line Options */
int dflag; /* detached, no stdin */
int Fflag; /* fdpass sock to stdout */
-@@ -95,7 +120,6 @@ int Iflag; /* TCP receive buffer size */
+@@ -97,7 +122,6 @@ int Iflag; /* TCP receive buffer size */
int Oflag; /* TCP send buffer size */
int Sflag; /* TCP MD5 signature option */
int Tflag = -1; /* IP Type of Service */
@@ -51,7 +51,7 @@ index e222e1e7311..cc94bdba196 100644
int usetls; /* use TLS */
char *Cflag; /* Public cert file */
-@@ -259,12 +283,6 @@ main(int argc, char *argv[])
+@@ -266,12 +290,6 @@ main(int argc, char *argv[])
case 'u':
uflag = 1;
break;
@@ -64,7 +64,7 @@ index e222e1e7311..cc94bdba196 100644
case 'v':
vflag = 1;
break;
-@@ -326,10 +344,6 @@ main(int argc, char *argv[])
+@@ -344,10 +362,6 @@ main(int argc, char *argv[])
argc -= optind;
argv += optind;
@@ -75,7 +75,7 @@ index e222e1e7311..cc94bdba196 100644
if (family == AF_UNIX) {
if (pledge("stdio rpath wpath cpath tmppath unix", NULL) == -1)
err(1, "pledge");
-@@ -880,8 +894,12 @@ remote_connect(const char *host, const char *port, struct addrinfo hints)
+@@ -907,8 +921,12 @@ remote_connect(const char *host, const char *port, struct addrinfo hints)
if (sflag || pflag) {
struct addrinfo ahints, *ares;
@@ -89,23 +89,23 @@ index e222e1e7311..cc94bdba196 100644
memset(&ahints, 0, sizeof(struct addrinfo));
ahints.ai_family = res->ai_family;
ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
-@@ -1673,7 +1691,6 @@ help(void)
+@@ -1721,7 +1739,6 @@ help(void)
\t-t Answer TELNET negotiation\n\
\t-U Use UNIX domain socket\n\
\t-u UDP mode\n\
- \t-V rtable Specify alternate routing table\n\
\t-v Verbose\n\
+ \t-W recvlimit Terminate after receiving a number of packets\n\
\t-w timeout Timeout for connects and final net reads\n\
- \t-X proto Proxy protocol: \"4\", \"5\" (SOCKS) or \"connect\"\n\
-@@ -1692,7 +1709,7 @@ usage(int ret)
+@@ -1742,7 +1759,7 @@ usage(int ret)
"\t [-i interval] [-K keyfile] [-M ttl] [-m minttl] [-O length]\n"
"\t [-o staplefile] [-P proxy_username] [-p source_port] "
"[-R CAfile]\n"
-- "\t [-s source] [-T keyword] [-V rtable] [-w timeout] "
-+ "\t [-s source] [-T keyword] [-w timeout] "
- "[-X proxy_protocol]\n"
- "\t [-x proxy_address[:port]] [destination] [port]\n");
- if (ret)
+- "\t [-s source] [-T keyword] [-V rtable] [-W recvlimit] "
++ "\t [-s source] [-T keyword] [-W recvlimit] "
+ "[-w timeout]\n"
+ "\t [-X proxy_protocol] [-x proxy_address[:port]] "
+ "[-Z peercertfile]\n"
--
-2.13.1
+2.14.2
diff --git a/pkg/openbsd/patch/0020-yacc-Remove-__unused.patch b/pkg/openbsd/patch/0020-yacc-Remove-__unused.patch
@@ -0,0 +1,27 @@
+From 8c468833465d7fa0d5372807de01272414b1f4bb Mon Sep 17 00:00:00 2001
+From: Michael Forney <mforney@mforney.org>
+Date: Tue, 10 Oct 2017 02:55:38 -0700
+Subject: [PATCH] yacc: Remove __unused
+
+We can't define this to __attribute__((unused)) because musl uses this
+identifier as a structure field.
+---
+ usr.bin/yacc/main.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/usr.bin/yacc/main.c b/usr.bin/yacc/main.c
+index 3d9f6add5c8..dd34a04c5bf 100644
+--- a/usr.bin/yacc/main.c
++++ b/usr.bin/yacc/main.c
+@@ -122,7 +122,7 @@ done(int k)
+
+
+ void
+-onintr(__unused int signo)
++onintr(int signo)
+ {
+ sigdie = 1;
+ done(1);
+--
+2.14.2
+
diff --git a/pkg/openbsd/patch/0021-Add-standalone-freezero.patch b/pkg/openbsd/patch/0021-Add-standalone-freezero.patch
@@ -0,0 +1,51 @@
+From 98a3b77cfa775c87010159d49f5b17d84fe1aa7b Mon Sep 17 00:00:00 2001
+From: Michael Forney <mforney@mforney.org>
+Date: Tue, 10 Oct 2017 03:07:56 -0700
+Subject: [PATCH] Add standalone freezero
+
+---
+ lib/libc/stdlib/freezero.c | 32 ++++++++++++++++++++++++++++++++
+ 1 file changed, 32 insertions(+)
+ create mode 100644 lib/libc/stdlib/freezero.c
+
+diff --git a/lib/libc/stdlib/freezero.c b/lib/libc/stdlib/freezero.c
+new file mode 100644
+index 00000000000..31face3828b
+--- /dev/null
++++ b/lib/libc/stdlib/freezero.c
+@@ -0,0 +1,32 @@
++/*
++ * Copyright (c) 2008, 2010, 2011, 2016 Otto Moerbeek <otto@drijf.net>
++ * Copyright (c) 2012 Matthew Dempsky <matthew@openbsd.org>
++ * Copyright (c) 2008 Damien Miller <djm@openbsd.org>
++ * Copyright (c) 2000 Poul-Henning Kamp <phk@FreeBSD.org>
++ *
++ * Permission to use, copy, modify, and distribute this software for any
++ * purpose with or without fee is hereby granted, provided that the above
++ * copyright notice and this permission notice appear in all copies.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
++ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
++ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
++ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
++ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
++ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
++ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
++ */
++
++#include <string.h>
++#include <stdlib.h>
++
++void
++freezero(void *ptr, size_t sz)
++{
++ /* This is legal. */
++ if (ptr == NULL)
++ return;
++
++ explicit_bzero(ptr, sz);
++ free(ptr);
++}
+--
+2.14.2
+
diff --git a/pkg/openbsd/rev b/pkg/openbsd/rev
@@ -1 +1 @@
-16
+17
diff --git a/pkg/openbsd/sha256 b/pkg/openbsd/sha256
@@ -1,2 +1,2 @@
-3f3133369f8652cfaf9dafbe42952fc130b27ce51b63d3b474b48997d4c2e87a src.tar.gz
-941196277c2de814f3acc014e09798f92f490181a5e6cb09af86d41d6268f985 sys.tar.gz
+1a0e8d89307691748b98fba70b70c0f6832a9eeb3e6d1a37d9db8c89036f4e61 src.tar.gz
+1fe2c451a6151164a4e97fc07b639413a9846e67406f54578a3ff8ceba9e802f sys.tar.gz
diff --git a/pkg/openbsd/url b/pkg/openbsd/url
@@ -1,5 +1,5 @@
remote-name
-url = "http://mirrors.sonic.net/pub/OpenBSD/6.1/src.tar.gz"
+url = "https://mirrors.sonic.net/pub/OpenBSD/6.2/src.tar.gz"
remote-name
-url = "http://mirrors.sonic.net/pub/OpenBSD/6.1/sys.tar.gz"
+url = "https://mirrors.sonic.net/pub/OpenBSD/6.2/sys.tar.gz"
diff --git a/pkg/openssh/config.h b/pkg/openssh/config.h
@@ -160,7 +160,7 @@
/* #undef HAVE_FLOATINGPOINT_H */
/* #undef HAVE_FMT_SCALED */
#define HAVE_FREEADDRINFO 1
-/* #undef HAVE_FREEZERO */
+#define HAVE_FREEZERO 1
#define HAVE_FSBLKCNT_T 1
#define HAVE_FSFILCNT_T 1
#define HAVE_FSTATFS 1
