HardenedBSD/src 8217d4e. ObsoleteFiles.inc, contrib/pam-krb5/docs pam_krb5.pod

Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi
DeltaFile
+1,268-937lib/libpam/modules/pam_krb5/pam-krb5.8
+9-6contrib/pam-krb5/docs/pam_krb5.pod
+10-2lib/libpam/modules/pam_krb5/Makefile
+7-4ObsoleteFiles.inc
+6-0contrib/pam-krb5/module/auth.c
+3-0contrib/pam-krb5/module/internal.h
+1,303-9491 files not shown
+1,306-9497 files

HardenedBSD/src f3d25cf. ObsoleteFiles.inc, contrib/pam-krb5/docs pam_krb5.pod

Merge branch 'freebsd/current/main' into hardened/current/master
DeltaFile
+1,268-937lib/libpam/modules/pam_krb5/pam-krb5.8
+9-6contrib/pam-krb5/docs/pam_krb5.pod
+10-2lib/libpam/modules/pam_krb5/Makefile
+7-4ObsoleteFiles.inc
+6-0contrib/pam-krb5/module/auth.c
+3-0contrib/pam-krb5/module/options.c
+1,303-9491 files not shown
+1,306-9497 files

HardenedBSD/src 8e55bbacontrib/ntp/ntpd ntp_io.c, lib/libc/db/mpool mpool.c

Merge branch 'freebsd/14-stable/main' into hardened/14-stable/master
DeltaFile
+1-1contrib/ntp/ntpd/ntp_io.c
+1-1lib/libc/db/mpool/mpool.c
+1-1share/man/man4/isp.4
+1-1usr.sbin/lpr/lpr/lpr.1
+1-1usr.sbin/ypldap/ldapclient.c
+5-55 files

HardenedBSD/src 43e336d. ObsoleteFiles.inc, contrib/pam-krb5/docs pam_krb5.pod

Merge branch 'freebsd/15-stable/main' into hardened/15-stable/main
DeltaFile
+1,268-937lib/libpam/modules/pam_krb5/pam-krb5.8
+9-6contrib/pam-krb5/docs/pam_krb5.pod
+10-2lib/libpam/modules/pam_krb5/Makefile
+5-2ObsoleteFiles.inc
+6-0contrib/pam-krb5/module/auth.c
+3-0contrib/pam-krb5/module/internal.h
+1,301-9478 files not shown
+1,311-95414 files

HardenedBSD/src 815f085release/scripts pkg-stage.sh

release: Ship DVD with only emacs at nox flavour

Contrary to the claim made in a previous commit, removing KDE and
adding all of vim and emacs results in an image which does not fit
into 4.7 GB; to be specific, it lands at 4.722 GB rather than the
claimed 4.689 GB.  (This descrepancy resulted from doing test DVD
image builds using an out-of-date tree, and became visible when the
15.0-RC3 images were built.)

Limit the emacs packages shipped on the DVD to the "nox" flavor;
this brings the disk image down to 4.407 GB, aka under the 4.7 GB
limit for standard DVDs.

Fixes:  6cc6beb4c889 ("release: Remove KDE from dvd1.iso")
MFC after:      1 day (for 15.0-RC4)

(cherry picked from commit c8cf5a99f82bc52849960e689442421ad5a6d412)
DeltaFile
+1-1release/scripts/pkg-stage.sh
+1-11 files

HardenedBSD/src e9a7a3eshare/man/man4 isp.4

isp.4: Fix a typo in the manual page

- s/Chanel/Channel/

(cherry picked from commit 8158b813d90f01368b2045709feee1980a323198)
DeltaFile
+1-1share/man/man4/isp.4
+1-11 files

HardenedBSD/src 37432fausr.sbin/lpr/lpr lpr.1

lpr(1): Fix a typo in a debug message

- s/unexpect/unexpected/

(cherry picked from commit 66d4a37bc389bf19ebf2210b0fff762baa659c32)
DeltaFile
+1-1usr.sbin/lpr/lpr/lpr.1
+1-11 files

HardenedBSD/src ad81800lib/libc/db/mpool mpool.c

mpool(3): Fix a typo in statistical message

- s/cacheing/caching/

(cherry picked from commit d76ea20f99965e8f3b9dbfcb41ca148711d528bb)
DeltaFile
+1-1lib/libc/db/mpool/mpool.c
+1-11 files

HardenedBSD/src 1780b0dusr.sbin/ypldap ldapclient.c

ypldap(8): Fix a typo in a debug message

- s/unexpect/unexpected/

(cherry picked from commit 843a4ad5814fe4344b245819880d423343b2d5ab)
DeltaFile
+1-1usr.sbin/ypldap/ldapclient.c
+1-11 files

HardenedBSD/src 7f0bb97share/man/man4 snd_dummy.4

snd_dummy.4: Fix a typo in the manual page

- s/devic/device/

(cherry picked from commit bb3bfc7ca87ef9b2309bfac38aa0083727b27dc6)
DeltaFile
+1-1share/man/man4/snd_dummy.4
+1-11 files

HardenedBSD/src e44d079share/man/man4 isp.4

isp.4: Fix a typo in the manual page

- s/Chanel/Channel/

(cherry picked from commit 8158b813d90f01368b2045709feee1980a323198)
DeltaFile
+1-1share/man/man4/isp.4
+1-11 files

HardenedBSD/src 29edde7usr.sbin/lpr/lpr lpr.1

lpr(1): Fix a typo in a debug message

- s/unexpect/unexpected/

(cherry picked from commit 66d4a37bc389bf19ebf2210b0fff762baa659c32)
DeltaFile
+1-1usr.sbin/lpr/lpr/lpr.1
+1-11 files

HardenedBSD/src ccbd07clib/libc/db/mpool mpool.c

mpool(3): Fix a typo in statistical message

- s/cacheing/caching/

(cherry picked from commit d76ea20f99965e8f3b9dbfcb41ca148711d528bb)
DeltaFile
+1-1lib/libc/db/mpool/mpool.c
+1-11 files

HardenedBSD/src 605c437usr.sbin/ypldap ldapclient.c

ypldap(8): Fix a typo in a debug message

- s/unexpect/unexpected/

(cherry picked from commit 843a4ad5814fe4344b245819880d423343b2d5ab)
DeltaFile
+1-1usr.sbin/ypldap/ldapclient.c
+1-11 files

HardenedBSD/src 25587b3contrib/ntp/ntpd ntp_io.c

ntpd: Fix segfault when same IP on multiple interfaces

Use the protype socket to obtain the IP address for an error message.
Using the resultant socket address, a NULL because create_interface()
had failed, results in SIGSEGV.

To reproduce this bug,

ifconfig bridge100 create
ifconfig bridge100 10.10.10.10/24
ifconfig bridge101 create
ifconfig bridge101 10.10.10.10/24
ntpd -n

PR:             291119

(cherry picked from commit ac1f48b4a7be104d222dea60f1da946fcb345fb1)
DeltaFile
+1-1contrib/ntp/ntpd/ntp_io.c
+1-11 files

HardenedBSD/src 383ad19contrib/ntp/ntpd ntp_io.c

ntpd: Fix segfault when same IP on multiple interfaces

Use the protype socket to obtain the IP address for an error message.
Using the resultant socket address, a NULL because create_interface()
had failed, results in SIGSEGV.

To reproduce this bug,

ifconfig bridge100 create
ifconfig bridge100 10.10.10.10/24
ifconfig bridge101 create
ifconfig bridge101 10.10.10.10/24
ntpd -n

PR:             291119
MFC after:      3 days

(cherry picked from commit ac1f48b4a7be104d222dea60f1da946fcb345fb1)
DeltaFile
+1-1contrib/ntp/ntpd/ntp_io.c
+1-11 files

HardenedBSD/src 1773d3d. ObsoleteFiles.inc

ObsoleteFiles: Fix typo in recent entry

Fixes:          feb8971db4b1 ("pcic.4: Remove stale manual")
DeltaFile
+2-2ObsoleteFiles.inc
+2-21 files

HardenedBSD/src 4166181. ObsoleteFiles.inc, lib/libpam/modules/pam_krb5 pam-krb5.8 Makefile

pam_krb5: Fix manual page in MIT case

* Always install the manual page as pam_krb5(8) regardless of which
  version we're using.
* Regenerate it using pod2mdoc instead of pod2man so it doesn't claim
  to be part of “User Contributed Perl Documentation”.
* Put the correct section number in the header and footer.
* Don't cross-reference non-existent pam(7) manual page.

Reviewed by:    cperciva
Differential Revision:  https://reviews.freebsd.org/D53885

(cherry picked from commit 961b934407f09d4241cfad76a9c8833baa2650e1)
DeltaFile
+1,268-937lib/libpam/modules/pam_krb5/pam-krb5.8
+10-2lib/libpam/modules/pam_krb5/Makefile
+3-0ObsoleteFiles.inc
+1,281-9393 files

HardenedBSD/src 5995c03. ObsoleteFiles.inc

ObsoleteFiles: Fix repeated typo in recent entries

Fixes:          685a78570b35 ("random: remove hifn(4)")
Fixes:          5b9fba1cb0d8 ("Retire pccard(4)")
Fixes:          3cf85a69ae7d ("hifn.4: Really remove")
Fixes:          8a8c58f71e80 ("pccard.4: Really remove")
Fixes:          6aaf184dc4e2 ("pcic.4: Really remove")
Fixes:          daa1f9b415f3 ("apm(8): Drop MLINK to apmconf(8)")
Fixes:          961b934407f0 ("pam_krb5: Fix manual page in MIT case")
DeltaFile
+5-5ObsoleteFiles.inc
+5-51 files

HardenedBSD/src 2eb030dcontrib/pam-krb5/docs pam_krb5.pod, contrib/pam-krb5/module auth.c internal.h

pam_krb5: Restore allow_kdc_spoof option

Not only does the new pam_krb5 module not have the same allow_kdc_spoof
option that the old one had, its behavior in this matter defaults to
insecure.  Reimplement allow_kdc_spoof and switch the default back.

Reviewed by:    cy
Differential Revision:  https://reviews.freebsd.org/D53884

(cherry picked from commit fe5c8baf25a5b40285c3ef85b69391d591e4a76c)
DeltaFile
+9-6contrib/pam-krb5/docs/pam_krb5.pod
+6-0contrib/pam-krb5/module/auth.c
+3-0contrib/pam-krb5/module/internal.h
+3-0contrib/pam-krb5/module/options.c
+21-64 files

HardenedBSD/src 961b934. ObsoleteFiles.inc, lib/libpam/modules/pam_krb5 pam-krb5.8 Makefile

pam_krb5: Fix manual page in MIT case

* Always install the manual page as pam_krb5(8) regardless of which
  version we're using.
* Regenerate it using pod2mdoc instead of pod2man so it doesn't claim
  to be part of “User Contributed Perl Documentation”.
* Put the correct section number in the header and footer.
* Don't cross-reference non-existent pam(7) manual page.

Reviewed by:    cperciva
Differential Revision:  https://reviews.freebsd.org/D53885
DeltaFile
+1,268-937lib/libpam/modules/pam_krb5/pam-krb5.8
+10-2lib/libpam/modules/pam_krb5/Makefile
+3-0ObsoleteFiles.inc
+1,281-9393 files

HardenedBSD/src fe5c8bacontrib/pam-krb5/docs pam_krb5.pod, contrib/pam-krb5/module auth.c internal.h

pam_krb5: Restore allow_kdc_spoof option

Not only does the new pam_krb5 module not have the same allow_kdc_spoof
option that the old one had, its behavior in this matter defaults to
insecure.  Reimplement allow_kdc_spoof and switch the default back.

Reviewed by:    cy
Differential Revision:  https://reviews.freebsd.org/D53884
DeltaFile
+9-6contrib/pam-krb5/docs/pam_krb5.pod
+6-0contrib/pam-krb5/module/auth.c
+3-0contrib/pam-krb5/module/internal.h
+3-0contrib/pam-krb5/module/options.c
+21-64 files

HardenedBSD/src ec6c9b9usr.sbin/freebsd-update freebsd-update.sh

Merge branch 'freebsd/14-stable/main' into hardened/14-stable/master
DeltaFile
+8-8usr.sbin/freebsd-update/freebsd-update.sh
+8-81 files

HardenedBSD/src df3def8lib/libsys pathconf.2, sys/fs/nfs nfs_commonsubs.c nfs_var.h

Merge branch 'freebsd/15-stable/main' into hardened/15-stable/main
DeltaFile
+22-9sys/fs/nfs/nfs_commonsubs.c
+12-6sys/fs/nfsserver/nfs_nfsdport.c
+7-2sys/fs/nfsserver/nfs_nfsdserv.c
+6-2sys/fs/nfsclient/nfs_clvnops.c
+6-2lib/libsys/pathconf.2
+2-2sys/fs/nfs/nfs_var.h
+55-234 files not shown
+63-2610 files

HardenedBSD/src b409b78usr.sbin/freebsd-update freebsd-update.sh

freebsd-update: Add some diagnositic information for a failure case

Users report freebsd-update failing with "The update metadata index is
correctly signed, but failed an integrity check."  Add a hint at which
of the cases is failing to help track down the issue.

PR:             264205
Reviewed by:    dch
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52222

(cherry picked from commit af4ba95daf75cf1b1624dd57038cfaa3ed2753e7)
(cherry picked from commit d653eca0ef889a8e3fa1e370d2b3ce7b031441a2)
DeltaFile
+8-8usr.sbin/freebsd-update/freebsd-update.sh
+8-81 files

HardenedBSD/src bac4d3f. UPDATING

UPDATING: Add an entry for f27afc476551
DeltaFile
+4-0UPDATING
+4-01 files

HardenedBSD/src 33d1524sys/sys param.h

param.h: Bump __FreeBSD_version to 1500502

Commit f27afc476551 changes the internal KAPI between the
NFS modules.  As such, all must be recompiled from sources.
Bump __FreeBSD_version to 1500502 for this.
DeltaFile
+1-1sys/sys/param.h
+1-11 files

HardenedBSD/src f27afc4sys/fs/nfs nfs_commonsubs.c nfs_var.h, sys/fs/nfsclient nfs_clvnops.c nfs_clstate.c

nfs: Add support for the new _PC_CASE_INSENSITIVE name

Commit d6864221d8 added support for the _PC_CASE_INSENSITIVE
name for pathconf, to indicate if case insensitive lookups
are configured.

This patch adds support for it for both NFSv4 and
NFSv3.

It also adds a fsidp argument to nfsv4_fillattr() which
will be used in future commit(s) related to NFSv4.n
directory delegations.

(cherry picked from commit e5aa60d0695803c83dc0af08c057b82c463da3f2)
DeltaFile
+22-9sys/fs/nfs/nfs_commonsubs.c
+12-6sys/fs/nfsserver/nfs_nfsdport.c
+7-2sys/fs/nfsserver/nfs_nfsdserv.c
+6-2sys/fs/nfsclient/nfs_clvnops.c
+2-2sys/fs/nfs/nfs_var.h
+2-1sys/fs/nfsclient/nfs_clstate.c
+51-221 files not shown
+52-237 files

HardenedBSD/src 52159ddlib/libsys pathconf.2

pathconf.2: Document the new _PC_CASE_INSENSITIVE name

Commit d6864221d8 added support for the _PC_CASE_INSENSITIVE
name for pathconf, to indicate if case insensitive lookups
are configured.

This patch documents this new name and also updates
the description for _PC_HAS_HIDDENSYSTEM to also
include UF_ARCHIVE.

This is a content change.

(cherry picked from commit b473bb274cef37d45940cad4624b5d3b7fc96e01)
DeltaFile
+6-2lib/libsys/pathconf.2
+6-21 files

HardenedBSD/src da9a6d6contrib/llvm-project/clang/lib/Driver/ToolChains FreeBSD.h, contrib/llvm-project/lldb/source/Host/freebsd Host.cpp

Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi
DeltaFile
+20-24contrib/llvm-project/lldb/source/Plugins/Process/Utility/RegisterContextFreeBSD_x86_64.cpp
+28-13contrib/llvm-project/lldb/source/Host/freebsd/Host.cpp
+18-2sys/dev/sound/pcm/channel.c
+5-0contrib/llvm-project/clang/lib/Driver/ToolChains/FreeBSD.h
+1-1lib/clang/freebsd_cc_version.h
+2-0lib/libgcc_s/Makefile
+74-401 files not shown
+75-407 files