| Age | Commit message (Collapse) | Author |
|---|
|
For some packages (OpenSSL, Kerberos) we want to ship runtime libraries
in a separate package, e.g. openssl and openssl-lib. Currently this is
done using PACKAGE=openssl-lib, but that creates packages with strange
names like openssl-lib-lib32.
Instead, add a new LIB_PACKAGE option to bsd.lib.mk that causes runtime
libraries to be placed in a new -lib subpackage. This significantly
improves the set of packages we create; for example, OpenSSL goes from:
FreeBSD-openssl
FreeBSD-openssl-dbg
FreeBSD-openssl-lib
FreeBSD-openssl-lib-dbg
FreeBSD-openssl-lib-dbg-lib32
FreeBSD-openssl-lib-dev
FreeBSD-openssl-lib-dev-lib32
FreeBSD-openssl-lib-lib32
FreeBSD-openssl-lib-man
FreeBSD-openssl-man
to:
FreeBSD-openssl
FreeBSD-openssl-dbg
FreeBSD-openssl-dbg-lib32
FreeBSD-openssl-dev
FreeBSD-openssl-dev-lib32
FreeBSD-openssl-lib
FreeBSD-openssl-lib32
FreeBSD-openssl-man
While here, move /usr/bin/krb5-config and /usr/bin/compile_et into
the kerberos-dev package.
Reviewed by: des
Differential Revision: https://reviews.freebsd.org/D51925
|
|
This is apparently needed for the cross-build from Linux to succeed.
Fixes: cb5e41b160838880de7d03100afa02e4edee5a9e
|
|
libcrypt bundles the various hash functions it needs,
duplicating code that is also found in libmd.
Unbundle the hash functions and apply the same hack used
for libncursesw so static consumers link -lmd in addition
to -lcrypt.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D47062
|
|
Prevent a potentially sufficiently smart compiler from optimising
away our attempts to clear sensitive buffers.
A related change was discussed and rejected in D16059, but I don't
believe the reasoning there applies: the code clearly documents its
intent that the `memset` calls clear sensitive buffers so they don't
hang around. `explicit_bzero` is the appropriate function for this
purpose. A potential performance disadvantage seems less important:
the functions in crypt are specifically designed to be slow, so a
few extra calls to guarantee that sensitive buffers are cleared does
not significantly affect runtime.
See also: D16059
Reviewed by: delphij, kevans
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D47037
|
|
Reduce the number of md5c.c between the three of these from two to one
by just reaching into the kernel build for both userland builds. The
precedent for this already exists for sha2 in both cases.
_libmd_ symbol privatization bits have been moved to sys/md5.h and
md5.h remains to #include <sys/md5.h> for compatibility.
This stops exporting MD5Pad() in the process because the kernel stopped
exporting it in 502a35d60f4c. soversion is bumped accordingly.
This also renames the libc version of stack_protector.c; it previously
only worked by coincidence because .PATH ordering worked out such that
we got the right one, but this is not the case anymore. Remove the
landmine.
PR: 280784 (exp-run)
Reviewed by: allanjude, delphij
Differential Revision: https://reviews.freebsd.org/D34497
|
|
This is a residual of the $FreeBSD$ removal.
MFC After: 3 days (though I'll just run the command on the branches)
Sponsored by: Netflix
|
|
Apply the following automated changes to try to eliminate
no-longer-needed sys/cdefs.h includes as well as now-empty
blank lines in a row.
Remove /^#if.*\n#endif.*\n#include\s+<sys/cdefs.h>.*\n/
Remove /\n+#include\s+<sys/cdefs.h>.*\n+#if.*\n#endif.*\n+/
Remove /\n+#if.*\n#endif.*\n+/
Remove /^#if.*\n#endif.*\n/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/types.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/param.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/capsicum.h>/
Sponsored by: Netflix
|
|
Normalize on hard tabs.
I didn't catch this before pushing the previous commit.
No functional changes intended.
MFC after: 2 weeks
MFC with: 8ef8da882ff475e3da3bde57d97593a68f7d97b2
|
|
No functional change intended.
MFC after: 2 weeks
|
|
Remove /^\.\\"\n\.\\"\s*\$FreeBSD\$$\n/
|
|
Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/
|
|
Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/
|
|
Remove /^\s*\*\n \*\s+\$FreeBSD\$$\n/
|
|
The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.
Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix
|
|
This was rendered obsolete in 2012 by a0ee974f0bad, since auth_getval
was the only reason the header was included.
MFC after: 1 week
|
|
Repeating the default WARNS here makes it slightly more difficult to
experiment with default WARNS changes, e.g. if we did something absolutely
bananas and introduced a WARNS=7 and wanted to try lifting the default to
that.
Drop most of them; there is one in the blake2 kernel module, but I suspect
it should be dropped -- the default WARNS in the rest of the build doesn't
currently apply to kernel modules, and I haven't put too much thought into
whether it makes sense to make it so.
Notes:
svn path=/head/; revision=366304
|
|
Update a bunch of Makefile.depend files as
a result of adding Makefile.depend.options files
Reviewed by: bdrewery
MFC after: 1 week
Sponsored by: Juniper Networks
Differential Revision: https://reviews.freebsd.org/D22494
Notes:
svn path=/head/; revision=355617
|
|
All of them are needed to be able to boot to single user and be able
to repair a existing FreeBSD installation so put them directly into
FreeBSD-runtime.
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D21503
Notes:
svn path=/head/; revision=351855
|
|
is not available.
Submitted by: Ali Mashtizadeh <ali mashtizadeh.com>
MFC after: 3 days
Notes:
svn path=/head/; revision=348302
|
|
are finialized after r336539, so do not do it.
Submitted by: David CARLIER <devnexen gmail com>
MFC after: 1 month (after r336539)
Differential Revision: https://reviews.freebsd.org/D16059
Notes:
svn path=/head/; revision=336541
|
|
copied_key and copied_salt are assigned with NULL and never used
otherwise. Remove the two variables and related code.
Reviewed by: pfg
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D16314
Notes:
svn path=/head/; revision=336540
|
|
The double compilation of the kernel sources in libmd and libcrypt is
baffling, but add yet another define hack to prevent duplicate symbols.
Add documentation and SHA2-224 test cases to libmd.
Integrate with the md5(1) command, document, and add more test cases;
self-tests pass.
Notes:
svn path=/head/; revision=336126
|
|
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using mis-identified many licenses so this was mostly a manual - error
prone - task.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
Notes:
svn path=/head/; revision=326219
|
|
Mainly focus on files that use BSD 3-Clause license.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
Notes:
svn path=/head/; revision=326025
|
|
Sponsored by: Dell EMC Isilon
Notes:
svn path=/head/; revision=325188
|
|
Notes:
svn path=/projects/make-check-sandbox/; revision=321917
|
|
bsd.subdir.mk is included from bsd.obj.mk, which is included via bsd.lib.mk.
MFC after: 3 days
Notes:
svn path=/head/; revision=321915
|
|
`SUBDIR.${MK_TESTS}+= tests` idiom.
This is a follow up to r321912.
Notes:
svn path=/projects/make-check-sandbox/; revision=321914
|
|
directories to SUBDIR.${MK_TESTS} idiom
This is being done to pave the way for future work (and homogenity) in
^/projects/make-check-sandbox .
No functional change intended.
MFC after: 1 weeks
Notes:
svn path=/head/; revision=321912
|
|
ATF tests have a default WARNS of 0, unlike other usermode programs.
Reviewed by: ngie, julian
MFC after: 3 weeks
Sponsored by: Spectra Logic Corporation
Differential Revision: https://reviews.freebsd.org/D9933
Notes:
svn path=/head/; revision=315035
|
|
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.
Submitted by: Jan Schaumann <jschauma@stevens.edu>
Pull Request: https://github.com/freebsd/freebsd/pull/96
Notes:
svn path=/head/; revision=314436
|
|
This simplifies pathing in make/displayed output
MFC after: 3 weeks
Sponsored by: Dell EMC Isilon
Notes:
svn path=/head/; revision=312503
|
|
glibc has a pretty nice function called crypt_r(3), which is nothing
more than crypt(3), but thread-safe. It accomplishes this by introducing
a 'struct crypt_data' structure that contains a buffer that is large
enough to hold the resulting string.
Let's go ahead and also add this function. It would be a shame if a
useful function like this wouldn't be usable in multithreaded apps.
Refactor crypt.c and all of the backends to no longer declare static
arrays, but write their output in a provided buffer.
There is no need to do any buffer length computation here, as we'll just
need to ensure that 'struct crypt_data' is large enough, which it is.
_PASSWORD_LEN is defined to 128 bytes, but in this case I'm picking 256,
as this is going to be part of the actual ABI.
Differential Revision: https://reviews.freebsd.org/D7306
Notes:
svn path=/head/; revision=303920
|
|
It is not a password hashing algorithm
Reported by: cem
Notes:
svn path=/head/; revision=301168
|
|
Connect it to userland (libmd, libcrypt, sbin/md5) and kernel (crypto.ko)
Support for skein as a ZFS checksum algorithm was introduced in r289422
but is disconnected because FreeBSD lacked a Skein implementation.
A further commit will enable it in ZFS.
Reviewed by: cem
Sponsored by: ScaleEngine Inc.
Differential Revision: https://reviews.freebsd.org/D6166
Notes:
svn path=/head/; revision=300921
|
|
This implements SHA-512/256, which generates a 256 bit hash by
calculating the SHA-512 then truncating the result. A different initial
value is used, making the result different from the first 256 bits of
the SHA-512 of the same input. SHA-512 is ~50% faster than SHA-256 on
64bit platforms, so the result is a faster 256 bit hash.
The main goal of this implementation is to enable support for this
faster hashing algorithm in ZFS. The feature was introduced into ZFS
in r289422, but is disconnected because SHA-512/256 support was missing.
A further commit will enable it in ZFS.
This is the follow on to r292782
Reviewed by: cem
Sponsored by: ScaleEngine Inc.
Differential Revision: https://reviews.freebsd.org/D6061
Notes:
svn path=/head/; revision=300903
|
|
after r298107
Summary of changes:
- Replace all instances of FILES/TESTS with ${PACKAGE}FILES. This ensures that
namespacing is kept with FILES appropriately, and that this shouldn't need
to be repeated if the namespace changes -- only the definition of PACKAGE
needs to be changed
- Allow PACKAGE to be overridden by callers instead of forcing it to always be
`tests`. In the event we get to the point where things can be split up
enough in the base system, it would make more sense to group the tests
with the blocks they're a part of, e.g. byacc with byacc-tests, etc
- Remove PACKAGE definitions where possible, i.e. where FILES wasn't used
previously.
- Remove unnecessary TESTSPACKAGE definitions; this has been elided into
bsd.tests.mk
- Remove unnecessary BINDIRs used previously with ${PACKAGE}FILES;
${PACKAGE}FILESDIR is now automatically defined in bsd.test.mk.
- Fix installation of files under data/ subdirectories in lib/libc/tests/hash
and lib/libc/tests/net/getaddrinfo
- Remove unnecessary .include <bsd.own.mk>s (some opportunistic cleanup)
Document the proposed changes in share/examples/tests/tests/... via examples
so it's clear that ${PACKAGES}FILES is the suggested way forward in terms of
replacing FILES. share/mk/bsd.README didn't seem like the appropriate method
of communicating that info.
MFC after: never probably
X-MFC with: r298107
PR: 209114
Relnotes: yes
Tested with: buildworld, installworld, checkworld; buildworld, packageworld
Sponsored by: EMC / Isilon Storage Division
Notes:
svn path=/head/; revision=299094
|
|
Sponsored by: The FreeBSD Foundation
Notes:
svn path=/projects/release-pkg/; revision=296625
|
|
Sponsored by: EMC / Isilon Storage Division
Notes:
svn path=/head/; revision=296587
|
|
Sponsored by: The FreeBSD Foundation
Notes:
svn path=/projects/release-pkg/; revision=295278
|
|
Sponsored by: The FreeBSD Foundation
Notes:
svn path=/projects/release-pkg/; revision=295171
|
|
cperciva's libmd implementation is 5-30% faster
The same was done for SHA256 previously in r263218
cperciva's implementation was lacking SHA-384 which I implemented, validated against OpenSSL and the NIST documentation
Extend sbin/md5 to create sha384(1)
Chase dependancies on sys/crypto/sha2/sha2.{c,h} and replace them with sha512{c.c,.h}
Reviewed by: cperciva, des, delphij
Approved by: secteam, bapt (mentor)
MFC after: 2 weeks
Sponsored by: ScaleEngine Inc.
Differential Revision: https://reviews.freebsd.org/D3929
Notes:
svn path=/head/; revision=292782
|
|
kyua 0.12 has fix for https://github.com/jmmv/kyua/pull/148
which eliminates invalid XML characters from being written to test reports
with "kyua report-junit".
Notes:
svn path=/head/; revision=291616
|
|
This avoids using the staged headers for sys/crypto/sha2/*.h, such as sha256.h,
which added an unneeded pre-build dependency on libmd to libcrypt. This
header is an INCS in lib/libmd, but found via .PATH in sys/crypto/sha2.
Since the libcrypt build was already using the in-src libmd headers
directly, just teach it how to find the sha256.h header as well.
Sponsored by: EMC / Isilon Storage Division
Notes:
svn path=/head/; revision=291325
|
|
This both avoids some dependencies on xinstall.host and allows
bootstrapping on older releases to work due to lack of at least 'install -l'
support.
Sponsored by: EMC / Isilon Storage Division
Notes:
svn path=/head/; revision=291307
|
|
They are emitting characters which are triggering
a kyua bug which causes kyua to emit invalid XML.
This invalid XML is causing false failures in Jenkins.
On a separate note, kyua needs to be fixed with this:
https://github.com/jmmv/kyua/pull/148
or something similar.
Notes:
svn path=/head/; revision=291015
|
|
test suite as lib/libcrypt/crypt_test
MFC after: 1 week
Sponsored by: EMC / Isilon Storage Division
Notes:
svn path=/head/; revision=290908
|
|
netbsd-tests.test.mk (r289151)
- Eliminate explicit OBJTOP/SRCTOP setting
- Convert all ad hoc NetBSD test integration over to netbsd-tests.test.mk
- Remove unnecessary TESTSDIR setting
- Use SRCTOP where possible for clarity
MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Divison
Notes:
svn path=/head/; revision=289172
|
|
This has not been needed since r284171 in projects/bmake.
Sponsored by: EMC / Isilon Storage Division
Notes:
svn path=/head/; revision=288226
|
|
Notes:
svn path=/head/; revision=284481
|
