BSD Commit Log Search

Merge branch 'freebsd/current/main' into hardened/current/master

Merge branch 'freebsd/main' into hardenedbsd/main

Account for the ctl test needing the ctl(4) module

This testcase does not function unless the /dev/ctl/... node exists,
which is created by the ctl(4) module. Require the ctl(4) module to be
loaded so the test can be executed.

MFC after: 1 week
Differential Revision:  https://reviews.freebsd.org/D54518

(cherry picked from commit da59b3147b01203bb18bcd03cce7a6d5916e87c3)

INDEX.fonts: Minor maintenance

+ Mention relevance of this file in the vt manual screen.font entry
+ The vidfont manual is in section one, not eight
+ Remove leftover blank line from freebsd tag removal

MFC after:      3 days

crypto/openssl: fix importing new versions from pristine trees

Prior to this change, CC was not being passed through to Configure,
which was resulting in failures when Configure was running compiler
checks.

Pass through CC via `WRK_ENV` to Configure so the compiler is defined
properly as part of the initial build.

MFC after:      1 month
Fixes:          d18058b7b850 ("crypto/openssl: apply polish to new vendor import process")
Differential Revision:  https://reviews.freebsd.org/D52595

(cherry picked from commit 52c4b76d1dd385fbe33b78172e39a10749b83d13)

Bump `__FreeBSD_version` for ee6882e6b1287aa9

While the change in ee6882e6b1287aa9 was likely benign, this commit is
playing it safe by updating __FreeBSD_version, per the libcrypto
dependencies change, as libcrypto now explicitly depends on libpthread
and has threading support explicitly enabled.

This is a direct commit to stable/15.

OpenSSL: update Makefiles to reflect 3.5.1 release

This is a targeted effort to update the INCS and SRCS entries for
libcrypto, the legacy provider, and libssl to match what upstream
(OpenSSL) builds in their respective libraries.

The number of stylistic changes were kept at a minimum.

Another incoming change will reformat this file to make future
maintenance easier.

MFC after:      1 week
Differential Revision:  https://reviews.freebsd.org/D52554

(cherry picked from commit d5984d5f29a7c717b88ccd17a85a747792403cdf)

net/wireguard-tools: Set maintainer

Improve port:
- Replace PORTVERSION with DISTVERSION.
- Remove MAKE_ENV+=MANDIR="${PREFIX}/share/man" - it's default value.
- Fix warnings from portclippy.
- Improve indents.
- Replace ".if ${PORT_OPTIONS:MWGQUICK}" with
  "WGQUICK_VARS= USE_RC_SUBR=wireguard_wgquick".
- Add strip bin/wg.

PR:             292620
Approved by:    Juhani Krekelä <juhani at krekela.fi> (new maintainer)

iwlwifi: fix the gcc build

- Only apply the previously added CWARNFLAGS to `drv.c` instead of the
  whole module.
- Only apply `-Wno-initializer-overrides` to CWARNFLAGS in the clang
  scenario as it's not supported with gcc.

This fixes building the module with gcc and avoids accidentally
introducing tech debt with the module, in the event other issues are
accidentally introduced.

MFC after:      3 days
Fixes:          6b627f8858 ("iwlwifi: update Intel's mvm/mld drivers")
Differential Revision:  https://reviews.freebsd.org/D53591

(cherry picked from commit 2ec6a2e5f01120ea8d4e667e7773d8b140e40c75)

crypto/openssl: update vendor update instructions

This change fills out the requirements for doing vendor updates,
documents the new vendor update process, and guides whoever needs to do
the next version update a bit better than the documentation did prior to
this change so everyone can pitch in with version updates a bit better.

Convert the document to Markdown while here to make it easier to
render/print out the directions in a structured format.

MFC after:      2 weeks
Differential Revision:  https://reviews.freebsd.org/D53190

(cherry picked from commit 08cdcff58acb2aec881e42c7f097d6492d864898)

OpenSSL: update vendor sources to match 3.5.5 content

MFC with:       f25b8c9fb4f58cf61adb47d7570abe7caa6d385d
MFC after:      1 week

openssl: import 3.5.5

This change adds OpenSSL 3.5.5 from upstream [1].

The 3.5.5 artifact was been verified via PGP key [2] and by SHA256 checksum [3].

This is a security release, but also contains several bugfixes. All of
the CVE-worthy issues have already been addressed on the target
branch(es), so the net-result is that this is a bugfix release.

More information about the release (from a high level) can be found in
the release notes [4].

MFC after:      1 week

1. https://github.com/openssl/openssl/releases/download/openssl-3.5.5/openssl-3.5.5.tar.gz
2. https://github.com/openssl/openssl/releases/download/openssl-3.5.5/openssl-3.5.5.tar.gz.asc
3. https://github.com/openssl/openssl/releases/download/openssl-3.5.5/openssl-3.5.5.tar.gz.sha256
4. https://github.com/openssl/openssl/blob/openssl-3.5.5/NEWS.md

    [2 lines not shown]

math/wxmaxima: Use wx 3.2, fix connection to maxima

- Use wx 3.2
- Fix connection to maxima by reverting upstream patch:
https://github.com/wxMaxima-developers/wxmaxima/issues/2028

PR:             289270
Approved by:    eduardo (mentor)

devel/pthreadpool: update 0.1-126 → 0.1.147

PR:             291106
Reported by:    Mikhail Teterin <mi at FreeBSD.org>

games/chessx: update 1.6.2 -> 1.6.8

- submitter is maintainer

Changes:        https://github.com/Isarhamster/chessx/blob/master/ChangeLog.md
PR:             292841

sockstat: Surround explicit IPv6 addresses with brackets

PR:             254611
Approved by:    otis, tuexen, des
MFC after:      1 week
Differential Revision:  https://reviews.freebsd.org/D54375

graphics/drm-latest-kmod: apply 2b49118158d0aa7cb to port

This unbreaks the package build with clang 21+.

MFH:            2026Q1
Approved by:    emaste (maintainer)
Reviewed by:    emaste, dim
Differential Revision:  https://reviews.freebsd.org/D54993

graphics/lightzone: force jdk8 because it does not build with jdk11+

PR:             292671

games/lizzie: force jdk8 because it does not build with jdk11+

PR:             292662

devel/gitleaks: Update WWW

devel/got: update to 0.121

No user-visible changes.

databases/mysql80-server: fix build with libc++ 20 and higher

With libc++ 20 and higher, databases/mysql80-server fails to compile,
resulting in errors similar to:

    In file included from /wrkdirs/usr/ports/databases/mysql80-server/work/mysql-8.0.44/router/src/harness/src/stdx/filesystem.cc:40:
    /wrkdirs/usr/ports/databases/mysql80-server/work/mysql-8.0.44/router/src/harness/src/../include/mysql/harness/stdx/expected.h:74:8: error: 'is_default_constructible' cannot be specialized: Users are not allowed to specialize this standard library entity [-Winvalid-specialization]
       74 | struct is_default_constructible<std::unique_ptr<T, void (*)(T *)>>
          |        ^
    /usr/include/c++/v1/__type_traits/is_constructible.h:49:8: note: marked '_Clang::no_specializations' here
       49 | struct _LIBCPP_NO_SPECIALIZATIONS is_default_constructible : integral_constant<bool, __is_constructible(_Tp)> {};
          |        ^
    /usr/include/c++/v1/__config:1167:9: note: expanded from macro '_LIBCPP_NO_SPECIALIZATIONS'
     1167 |       [[_Clang::__no_specializations__("Users are not allowed to specialize this standard library entity")]]
          |         ^

This is due to a workaround for a std::unique_ptr problem which is only
applicable to gcc before 7.1, so the whole workaround can be deleted,
which fixes the problem.

    [6 lines not shown]

sysutils/auto-admin: Update to 0.8.4.14

auto-cups-setup: Tolerate missing drivers (prep for deprecation)
auto-install-base-components: Check for pkgbase
auto-ly-enable: New script to enable ly login manager
auto-pkg-latest:
    Fix missing _${VERSION_MINOR} in kmods repo config
    Offer to overwrite config file when already using latest
auto-update-system: Include /etc/pkg in repo checks
auto-dreckly-setup: Fix pkgsrc wip URL

devel/gitleaks: Fix version option

PR:             292559

devel/taskflow: Fix fetch because 4.0.0 was re-rolled

PR:             292433
Reported by:    Sebastian Oswald <sko at rostwald.de>

emulators/virtualbox-ose-additions-7{0,1,2}: Fix build on i386

Runtime not tested.

MFH:    2026Q1

math/vtk9: fix build with libc++ 21

With libc++ 21, math/vtk9 fails to compile, resulting in errors similar
to:

    In file included from /wrkdirs/usr/ports/math/vtk9/work/VTK-9.5.2/ThirdParty/fmt/vtkfmt/src/os.cc:14:
    In file included from /wrkdirs/usr/ports/math/vtk9/work/VTK-9.5.2/ThirdParty/fmt/vtkfmt/vtkfmt/os.h:11:
    /wrkdirs/usr/ports/math/vtk9/work/VTK-9.5.2/ThirdParty/fmt/vtkfmt/vtkfmt/format.h:747:28: error: use of undeclared identifier 'malloc'
      747 |     T* p = static_cast<T*>(malloc(n * sizeof(T)));
          |                            ^~~~~~
    /wrkdirs/usr/ports/math/vtk9/work/VTK-9.5.2/ThirdParty/fmt/vtkfmt/vtkfmt/format.h:752:35: error: use of undeclared identifier 'free'
      752 |   void deallocate(T* p, size_t) { free(p); }
          |                                   ^~~~

This is because malloc and free are defined in <cstdlib>, which is not
included in vtk's format.h. Add the include to fix the build.

PR:             292590
Approved by:    yuri (maintainer)
MFH:            2026Q1

misc/py-pytorch: fix build with clang >= 19 and libc++ 21

In ports f07b5ade5369 misc/py-pytorch was forced onto llvm:max=15, with
the reason "fix build on 14". Remove this, and add a patch to make it
build with clang >= 19 and libc++ 21.

PR:             292664
Approved by:    yuri (maintainer)
MFH:            2026Q1

sysutils/mise: No longer requires rust-nightly

PR:             291744
Reported by:    James TD Smith <ahktenzero+freebsd at mohorovi.cc>

sctp: fix socket type created by sctp_peeloff()

When calling sctp_peeloff() on a SOCK_SEQPACKET socket, the created
and returned socket has the type SOCK_STREAM.
This is specified in section 9.2 of RFC 6458.

Reported by:    Xin Long
MFC after:      3 days