Don't remove other elements in a RB_FOREACH_SAFE walk since that is not safe.
repo_move_valid() walks the tree with RB_FOREACH_SAFE() but it also calls
RB_REMOVE() via filepath_put() on an other element in a case where a
conflict is resolved. This results in a use-after-free if that element is
the next one in the tree (nfp). Instead of removing the present
conflicting node (ofp), replace the contents of it, free fp and swap fp
with ofp.
With and OK tb@
Rework the special case for CRL files when it comes to the entity_queue.
CRL are not accounted in the entity_queue, they are loaded together with
MFT files and passed back together as well. Instead of increasing
entity_queue skip the entity_queue decrease at the end of the function
for CRL files. This way goto done cases will account CRLs correctly as well.
OK tb@
iked: Store RADIUS-assigned IPv6 address in the IPv6 slot
The IPv6 branch of iked_radius_config() stored the address in the
IPv4 slot sa_rad_addr and tagged it AF_INET. Use sa_rad_addr6 and
AF_INET6 instead. Also exempt IKEV2_CFG_INTERNAL_IP6_ADDRESS from
the "use config rather than radius" check, as already done for IPv4.
ok yasuoka@
rpki-client: avoid bad free in nca_hist_load()
If the first getline() call fails with a file error, nca_hist remains
uninitialized and will be passed to nca_hist_free() in the error path.
Initialize nca_hist to NULL to avoid this.
ok claudio
Use M_WAITOK and BUS_DMA_WAITOK instead of M_NOWAIT and BUS_DMA_NOWAIT in
places where we're allowed to sleep. Hopefully this fixes the
qwx0: failed to init DP: 12
issue that some of us occasionally experience.
ok stsp@
Allocate the psegs that are reserved for the pagedeamon only if no other
psegs are available. Let the pagedeamon only start a new swap cluster
if there are still at least two reserved slots available. This goes a
long way towards guaranteeing that we have the resources to actually
write out the swap cluster once it is filled. This is important since
the code that drops a cluster may need to acquire an rwlock, which means
the pagedaemon could sleep. This is undesirable and may even lead to
deadlocks.
Note that there still is a possibility that we may fail to allocate a buf
from the bufpool, which would lead us to the same undesirable path. So
far I've not been able to hit that case.
ok claudio@
Do not ship evtag functions in base libevent.
Upstream libevent 2.1.13-stable contains several security fixes.
Our reduced libevent 1.4.15-stable does not contain the affected
code. The functions in event_tagging.c are only used by evrpc which
we have removed from libevent. As the attack vectors for the
upstream fixes go through evrpc to evtag, better remove this dead
code and do not export it in our libevent. Major library bump
needed.
OK dlg@ claudio@ sthen@
der_len needs to be int so that the error check around i2d_X509_PUBKEY()
works. Only positive der_len values make it to base64_encode() where it
is promoted to size_t which is fine.
OK tb@
ASnum are unsigned 32bit values. Use %u to print them not %d.
Also use json_do_uint() just to be consistent. The json encoder operates
with 64bit values so it does not matter there as much as it does for printf.
With and OK tb@
- fix syntax in example login_ldap.conf file, it had :\ on a line
presumably when converted from getcap in the ports version
- switch to a more unix-y sample filter, and add a commented-out example
for ActiveDirectory
based on a diff from Chaz Kettleson which was ok with tweaks by claudio@,
and incorporating feedback from Andrew Daugherity