671f5582 cy Nov. 27, 2022, 2:41 a.m.
A malformed principal will cause kadmind to segfault. The PR
addresses only when chpass is requested but delete is also affected.
Fix both.

PR:		268002
Reported by:	Robert Morris <rtm@lcs.mit.edu>
MFC after:	3 days
cgit
5040a7a9 cy Nov. 27, 2022, 2:41 a.m.
Inspired by upstream 9d6dd21256f87988605fa75172be9cc92535064c.

Obtained from:	Heimdal 9d6dd21256f87988605fa75172be9cc92535064c
MFC after:	3 days
cgit
80999dcd cy Nov. 27, 2022, 2:41 a.m.
Inspired by:	Heimdal commmit 1b213c1082be4ef5a1c23928d614c762f837dbe7
MFC after:	3 days
cgit
879b0e9c cy Nov. 27, 2022, 2:41 a.m.
Obtained from:	Heimdal commit 4a0e01f9edabe36d0f2cab188078dd29fa5aaf02
MFC after:	3 days
cgit
780f663d cy Nov. 27, 2022, 2:41 a.m.
Generally obtained from upstream 655c057769f56bd8cdb7d16e93f1e7a7cb260342.

PR:		267944, 267972
Obtained from:	Heimdal commit 655c057769f56bd8cdb7d16e93f1e7a7cb260342
MFC after:	3 days
cgit
e13150e2 cy Nov. 27, 2022, 2:41 a.m.
krb5_ret_preincipal() returns a non-zero return code when
a garbage principal is passed to it. Unfortunately ret_principal_ent()
does not check the return code, with garbage pointing to what would
have been the principal. This results in a segfault when free() is
called.

PR:		267944, 267972
Reported by:	Robert Morris <rtm@lcs.mit.edu>
MFC after:	3 days
cgit
41e85e8e jhibbits Nov. 27, 2022, 12:45 a.m.
Probing disabled devices just adds noise.
cgit
598e073f jhibbits Nov. 26, 2022, 4:32 p.m.
BUS_PASS_SUPPORTDEV is semantically better than BUS_PASS_RESOURCE, since
it's a support device for dtsec, so only needs probed before dtsec, not
before interrupts.

Suggested by:	manu
cgit
fae4c649 jhibbits Nov. 26, 2022, 4:28 p.m.
Avoid the fragile nature of depending on ordering of the devices in the
FDT by forcing the MDIO driver to precede the DTSEC driver.
cgit
21d5b592 jhibbits Nov. 26, 2022, 3:55 p.m.
It's possible the MDIO device hasn't been and attached, or is incorrect
in the device tree so can't probe and attach.  In this case,
ofw_bus_find_child_device_by_phandle() will fail, and return NULL.
Return an error from find_mdio() here to prevent the MAC from attaching,
rather than worry about a NULL pointer dereference later on when
accessing the PHY.
cgit
f93d92f4 emaste Nov. 25, 2022, 2:13 p.m.
Reviewed by:	kevans
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D37482
cgit
ff0c7816 netchild Nov. 25, 2022, 9:17 a.m.
We only support updates from major version N to N+1:
stable/13 was branched on 20210122, remove all old entries from stable/10
branch point in 2013 to 20210122.
cgit
280f11f1 bapt Nov. 25, 2022, 8:05 a.m.
a1ab15ab bapt Nov. 25, 2022, 7:49 a.m.
The main difference with the chown in luaposix, is that it checks
and reports if a user or a group do exist when a string is passed
as arguments

Reviewed by:	kevans
Differential Revision:	https://reviews.freebsd.org/D37479
cgit
3026214e mjg Nov. 24, 2022, 7:46 p.m.
Sponsored by:	Rubicon Communications, LLC ("Netgate")
cgit