sys/rpc: UNIX auth: Do not log on bogus AUTH_SYS messages
Remove the printf() stances added in commit d4cc791f3b2e ("sys/rpc: UNIX
auth: Fix OOB reads on too short message").
Even if it can be helpful to know why an authentication message is
rejected, printing explanatory messages on each request attempt is
a remote log filler that could be triggered by accident, and the generic
RPC code generally does not do that. These printf() calls should be
restored only after some limiting or configuration mechanism is devised.
MFC with: d4cc791f3b2e ("sys/rpc: UNIX auth: Fix OOB reads on too short message")
Sponsored by: The FreeBSD Foundation
sys/rpc: UNIX auth: Support XDR_FREE
xdr_authunix_parms() does not allocate any auxiliary memory, so we can
simply support XDR_FREE by just returning TRUE.
Although there are currently no callers passing XDR_FREE, this makes us
immune to such a change in a way that doesn't cost more but is more
constructive than a mere KASSERT().
Suggested by: rmacklem
MFC after: 2 days
Sponsored by: The FreeBSD Foundation
sys/rpc: UNIX auth: Fix OOB reads on too short message
In the inline version (_svcauth_unix()), fix multiple possible OOB reads
when the credentials part of a request is too short to contain mandatory
fields or with respect to the hostname length or number of groups it
advertises. The previously existing check was arriving too late and
relied on possibly wrong data coming from earlier OOB reads.
While here, use 'uint32_t' as the length/size type, as it is more than
enough and removes the need for conversions, explicit or implicit.
While here, factor out setting 'stat' to AUTH_BADCRED and then jumping
to 'done' on error, through the new 'badcred' label. While here,
through comments, refer to what the non-inline version is doing
(xdr_authunix_parms() in 'authunix_prot.c') and the reasons.
Reviewed by: rmacklem
Fixes: dfdcada31e79 ("Add the new kernel-mode NFS Lock Manager.")
MFC after: 2 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52964
sys/rpc: UNIX auth: Use AUTH_SYS_MAX_{GROUPS,HOSTNAME} as limits (2/2)
Remove local defines from 'svc_auth_unix.c' and use the new limit
macros instead.
Reviewed by: rmacklem
MFC after: 2 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52963
sys/rpc: UNIX auth: Fix OOB accesses, notably writes on decode
When the received authentication message had more than XU_NGROUPS, we
would write group IDs beyond the end of cr_groups[] in the 'struct
xucred' being filled (as 'ngroups_max' is always greater than
XU_NGROUPS).
For robustness, prevent various OOB accesses that would result from
a change of value of XU_NGROUPS or a 'struct xucred' with an invalid
'cr_ngroups' field, even if these cases are unlikely.
Reviewed by: rmacklem
Fixes: dfdcada31e79 ("Add the new kernel-mode NFS Lock Manager.")
MFC after: 2 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52960
sys/rpc: Define AUTH_SYS_MAX_{GROUPS,HOSTNAME}
As, respectively, the maximum number of "supplementary" groups and the
maximum hostname size allowed in the credentials structure for AUTH_SYS
(aka, AUTH_UNIX).
Will be used in subsequent commits.
Reviewed by: rmacklem
MFC after: 2 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52961
sys/rpc: UNIX auth: Use AUTH_SYS_MAX_{GROUPS,HOSTNAME} as limits (1/2)
Consistently with the XDR_INLINE() variant of xdr_authunix_parms()
(_svcauth_unix() in 'svc_auth_unix.c'), reject messages with credentials
having a machine name length in excess of AUTH_SYS_MAX_HOSTNAME or more
than AUTH_SYS_MAX_GROUPS supplementary groups, which do not conform to
RFC 5531. This is done mainly because we cannot store excess groups
anyway, even if at odds with the robustness principle ("be liberal in
what you accept").
While here, make sure the current code is immune to AUTH_SYS_MAX_GROUPS
changing value (in future RFCs?) even if that seems improbable.
Reviewed by: rmacklem
Fixes: dfdcada31e79 ("Add the new kernel-mode NFS Lock Manager.")
MFC after: 2 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52962
misc/py-haystack_ai: Update to 2.18.1
- Enhancement Notes:
- Added tools to agent run parameters to enhance the agent's
flexibility. Users can now choose a subset of tools for the agent at
runtime by providing a list of tool names, or supply an entirely new
set by passing Tool objects or a Toolset.
- Bug Fixes
- Fix Agent run_async method to correctly handle async streaming
callbacks. This previously triggered errors due to a bug.
- Prevent duplication of the last assistant message in the chat
history when initializing from an AgentSnapshot.
- We were setting response_format to None in OpenAIChatGenerator by
default which doesn't follow the API spec. We now omit the variable
if response_format is not passed by the user.
Sponsored by: resulta.tech
ipfw: do not use errno value for error reporting
table_do_modify_record() already uses errno value on error.
Also this fixes problem when `ipfw table add` returns ENOTTY that
is unrelated to operation.
Tested by: dhw
Fixes: 09025a714708
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D53050
math/py-numpy: Revert "math/py-numpy: Migrate to PEP517"
This reverts commit 3f582fcf38bb0cee40f9346683490aceb3bda654.
The goal was to unblock package building ASAP while we investigate
Requested by: antoine
graphics/gowall: Update 0.2.1 => 0.2.3
This release brings two big features: image compression and OCR. Added
new port options for both of those and also for upscaling feature.
Changelog: https://github.com/Achno/gowall/releases/tag/v0.2.3
PR: 290176
Reported by: Yusuf Yaman <nxjoseph at protonmail.com> (maintainer)
blacklist: Avoid duplicate manual pages in METALOG
Previously, blacklist man pages were just a symlink to their blocklist
counterpart, this in turn installed blocklist man pages twice, and
resulted in a duplicate error when running metalog_reader.lua -c.
Take advantage of the duplication to document nuances in blacklist, such
as the fact that it uses the new database and socket name (blocklist).
Also, note that it has been renamed to blocklist. In the future, it
will help to document its deprecation.
Approved by: re (cperciva)
Approved by: emaste (mentor)
Fixes: 7238317403b9 ("blocklist: Rename blacklist to blocklist")
MFC after: 2 days
(cherry picked from commit c6240045536548c22ce40d9ef36c1dc52abcfc9c)
(cherry picked from commit f935c0f66f75e882185ed8bc46f39054f2ced4e1)
blocklist-helper: Silence a bogus pf warning
Silence a bogus warning about (an ethernet) anchor not being found.
It has been reported as PR 280516. In the meantime, just sweep under
the carpet.
Approved by: re (cperciva)
Approved by: emaste (mentor)
MFC after: 2 days
(cherry picked from commit 2347ca21d657121670e6e7246c6ac32efc996cac)
(cherry picked from commit ba5768504bee39191754fc1aece3927c8936f27c)
blocklist: Rename blacklist to blocklist
Follow up upstream rename from blacklist to blocklist.
- Old names and rc scripts are still valid, but emitting an ugly warning
- Old firewall rules and anchor names should work, but emitting an ugly
warning
- Old MK_BLACKLIST* knobs are wired to the new ones
Although care has been taken not to break current configurations, this
is a large patch containing mostly duplicated code. If issues arise, it
will be swiftly reverted.
Approved by: re (cperciva)
Reviewed by: ivy (pkgbase)
Approved by: emaste (mentor)
MFC after: 2 days
Relnotes: yes
[2 lines not shown]
blocklist: Revert upstream commit ddf6d71
Upstream commit ddf6d71 ("implement BLOCKLIST_BAD_USER as a "one-count"
failure") introduced BLOCKLIST_BAD_USER with a one-count failure
mechanism. BLOCKLIST_AUTH_FAIL was implemented with a two-count failure
mechanism. Since we have been utilizing BLOCKLIST_AUTH_FAIL, the number
of failed attempts now doubles towards the maximum limit (nfails),
giving system administrators the impression that the number of failed
authentication attempts is inaccurate.
Revert this commit until a consensus has been reached. We do not want
to introduce yet another breaking change with the renaming of the
library.
Approved by: re (cperciva)
Approved by: emaste (mentor)
MFC after: 2 days
(cherry picked from commit 4d56eb007b18881becb2107f87bd2a7edca3e6bf)
(cherry picked from commit a719ef67e8ed2cbae5f397d2a4680a02495b79ab)