security/openssh-portable: Sync some files with src.
Namely this updates some LIBWRAP behavior and updates a few incorrect
docs.
Submitted by: jlduran
Differential Revision: https://reviews.freebsd.org/D53273
math/mpir: Fix upstream site
Apparently, the old domain no longer belongs to the upstream.
However, the source code is available on GitHub.
While here pet portclippy.
PR: 294784
Approved by: wen (maintainer)
Sponsored by: UNIS Labs
MFH: 2026Q2
(cherry picked from commit 4446355417e101af1680a69aab8a181b90faa664)
math/mpir: Fix upstream site
Apparently, the old domain no longer belongs to the upstream.
However, the source code is available on GitHub.
While here pet portclippy.
PR: 294784
Approved by: wen (maintainer)
Sponsored by: UNIS Labs
MFH: 2026Q2
security/openssh-portable: Disable X11Forwarding by default.
This syncs with src and upstream.
Submitted by: jlduran
Differential Revision: https://reviews.freebsd.org/D53268
sound: Remove some forward declarations from sound.h and uaudio.h
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
(cherry picked from commit 602249f033d146d9c731d8b1cb4b2e0899c61ad9)
mixer(3): Rename _mixer_readvol() to mixer_readvol()
No functional change intended.
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
(cherry picked from commit c39237a4fd2b1472e452052103156c915942d070)
ports-mgmt/poudriere-devel: Update to 3.3.0-2565-g0198103a3
Changes:
- options: Improve performance by loading ports_env.
- bulk: Revert not refetching on checksum failure (for distinfo-expected rerolled distfile cases).
- testport: do not check the parent directory of a port does not have Mk.
- Fix documented default for `CHECK_CHANGED_OPTIONS`.
- sh: Add simple command redirect vfork support from Jilles.
ports-mgmt/poudriere: Update to 3.4.8
Changes:
- options: Improve performance by loading ports_env.
- bulk: Revert not refetching on checksum failure (for distinfo-expected rerolled distfile cases).
- testport: do not check the parent directory of a port does not have Mk.
- Fix documented default for `CHECK_CHANGED_OPTIONS`.
*/*: Bump consumers of dns/ldns after update to 1.9.0
Force rebuild comsumers - upstream changed ABI without bump soname.
ldns 1.9.0 inserted LDNS_RDF_TYPE_INT64 at enum position 5, shifting
every subsequent value by +1. But port kept the shared library as
libldns.so.3.6.0 - no SONAME bump - so consumers wasn't flagged for
rebuild and still has the old 1.8.x enum constants baked in.
Example of error for opendnssec:
[adapter] error parsing RR at line 2 (Syntax error, could not parse
the RR's rdata)
PR: 291573
Sponsored by: UNIS Labs
(cherry picked from commit f9b1e7f4458fbfa802d69a5f77203be9fdc4a14f)
vt_core: make sure the driver's functions exist
These are NULL if they're not implemented. Make sure all the functions
we need are there before doing anything.
Also invert the first if statment to lessen the indentation a bit.
Reported by: Quentin Thébault <quentin.thebault at defenso.fr>
MFC after: 3 days
vt_core: delay the shutdown splash event handler
Even though the functions are currently executed in the correct order,
there's no garuntee that this will always be the case.
Reported by: kevans
Discussed with: kevans
Fixes: 4b862c713ac5556ab4bd1828b47c5eb9cb28e067
MFC after: 3 days
Revert "bulk checksum: Don't retry fetch on failure if networking disabled."
This reverts commit 20dc590c29e35866065bcbccc60a8d015289488e.
Networking is disabled pre-fetch and post-checksum. So the refetch does
still have networking. It is done in case a cached file does not match
what's in distinfo / rerolled upstream. That is, reverting this fixes
fetching distinfo-expected rerolled distfiles.
What we want is probably to only call `make checksum` and not `make fetch`.
This would cause 1 fetch attempt and would redownload a rerolled
distfile. Rather than risk more regression here though just revert to
what works.
(cherry picked from commit 0198103a348b99189259957ff1edfa5636237c37)
Revert "bulk checksum: Don't retry fetch on failure if networking disabled."
This reverts commit 20dc590c29e35866065bcbccc60a8d015289488e.
Networking is disabled pre-fetch and post-checksum. So the refetch does
still have networking. It is done in case a cached file does not match
what's in distinfo / rerolled upstream. That is, reverting this fixes
fetching distinfo-expected rerolled distfiles.
What we want is probably to only call `make checksum` and not `make fetch`.
This would cause 1 fetch attempt and would redownload a rerolled
distfile. Rather than risk more regression here though just revert to
what works.
security/openssh-portable: XMSS has been removed. Tidy up options
XMSS key support was removed in 10.1 https://www.openssh.com/txt/release-10.1
Remove option from port Makefile
PR: 290220
ifnet: if_detach(): Fix races with vmove operations
The rationality is that the driver private data holds a strong reference
to the interface, and the detach operation shall never fail. Given the
vmove operation, if_vmove_loan(), if_vmove_reclaim() or vnet_if_return()
is not atomic and spans multiple steps, acquire ifnet_detach_sxlock only
for if_detach_internal() and if_vmove() is not sufficient. It is possible
that the thread running if_detach() sees stale vnet, or the vmoving is
in progress, then if_unlink_ifnet() will fail.
Fix that by extending coverage of ifnet_detach_sxlock a bit to also
cover if_unlink_ifnet(), so that the entire detach and vmove operation
is serialized.
Given it is an error when the if_unlink_ifnet() fails, and if_detach()
is a public KPI, prefer panic() over assertion on failure, to indicate
explicitly that bad thing happens. That shall also prevent potential
corrupted status of the interface, which is a bit hard to diagnose.
[4 lines not shown]
devel/lua-language-server: Enable verbose builds and support ccache
There are two build phases: first the port builds luamake, and then
it uses luamake to build LuaLS. Verbosity (i.e. showing build
commands) and building with ccache is enabled for both phases.
Reviewed by: Dave Marker
Approved by: Dave Marker (maintianer)
Differential Revision: https://reviews.freebsd.org/D56566
ifinfo: improve output of hwassist value
In addition to print the hexadecimal number hwassist, also print
the symbolic names of the corresponding CSUM_* flags.
Reviewed by: tuexen
Differential Revision: https://reviews.freebsd.org/D55055
Event: Wiesbaden Hackathon 2026
(cherry picked from commit d84870d90bafe75eb87759df0ab41ff0214c866e)
