--- a/usr/src/cmd/cmd-crypto/etc/Makefile.ca-links Sun Apr 22 15:19:49 2012 +0100
+++ b/usr/src/cmd/cmd-crypto/etc/Makefile.ca-links Thu Apr 26 21:14:28 2012 +0100
@@ -20,7 +20,7 @@
#
#
# Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
-#
+# Copyright (c) 2012, OmniTI Computer Consulting, Inc. All rights reserved.
#
# These CA certs are extracted from the NSS database libnssckbi.so.
@@ -180,3 +180,6 @@
ROOTCALINK=$(ROOTETCCALINKDIR)/`$(OPENSSL) x509 -noout -hash -in $<`.0; \
$(RM) $$ROOTCALINK; \
$(LN) -s $(CATARGDIR)/$(@F) $$ROOTCALINK
+ -ROOTCALINK=$(ROOTETCCALINKDIR)/`$(OPENSSL) x509 -noout -subject_hash_old -in $< 2>/dev/null`.0; \
+ test "$$ROOTCALINK" = "$(ROOTETCCALINKDIR)/.0" || $(RM) $$ROOTCALINK; \
+ test "$$ROOTCALINK" = "$(ROOTETCCALINKDIR)/.0" || $(LN) -s $(CATARGDIR)/$(@F) $$ROOTCALINK
--- a/usr/src/cmd/nscd/cache.c Sun Apr 22 15:19:49 2012 +0100
+++ b/usr/src/cmd/nscd/cache.c Thu Apr 26 21:14:28 2012 +0100
@@ -20,6 +20,7 @@
*/
/*
* Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright 2012 Milan Jurik. All rights reserved.
*/
/*
@@ -692,11 +693,11 @@
*/
nsc_db_t *
make_cache(enum db_type dbtype, int dbop, char *name,
- int (*compar) (const void *, const void *),
- void (*getlogstr)(char *, char *, size_t, nss_XbyY_args_t *),
- uint_t (*gethash)(nss_XbyY_key_t *, int),
- enum hash_type httype, int htsize) {
-
+ int (*compar) (const void *, const void *),
+ void (*getlogstr)(char *, char *, size_t, nss_XbyY_args_t *),
+ uint_t (*gethash)(nss_XbyY_key_t *, int),
+ enum hash_type httype, int htsize)
+{
nsc_db_t *nscdb;
char *me = "make_cache";
@@ -728,7 +729,7 @@
/* The cache is an AVL tree */
avl_create(&nscdb->tree, nscdb->compar, sizeof (nsc_entry_t),
- offsetof(nsc_entry_t, avl_link));
+ offsetof(nsc_entry_t, avl_link));
/* Assign log routine */
if (getlogstr == NULL) {
@@ -957,7 +958,7 @@
*/
void
nsc_info(nsc_ctx_t *ctx, char *dbname, nscd_cfg_cache_t cfg[],
- nscd_cfg_stat_cache_t stats[])
+ nscd_cfg_stat_cache_t stats[])
{
int i;
char *me = "nsc_info";
@@ -1040,7 +1041,8 @@
* not a daemon.
*/
int
-nsc_dump(char *dbname, int dbop) {
+nsc_dump(char *dbname, int dbop)
+{
nsc_ctx_t *ctx;
nsc_db_t *nscdb;
nscd_bool_t enabled;
@@ -1091,35 +1093,38 @@
/*
* These macros are for exclusive use of nsc_lookup
*/
-#define NSC_LOOKUP_RETURN(retcode, loglevel, fmt) \
- (void) mutex_unlock(&nscdb->db_mutex); \
+#define NSC_LOOKUP_LOG(loglevel, fmt) \
_NSCD_LOG(NSCD_LOG_CACHE, NSCD_LOG_LEVEL_##loglevel) \
- (me, fmt, whoami); \
- return (retcode);
+ (me, fmt, whoami);
+
+static int
+nsc_lookup_no_cache(nsc_lookup_args_t *largs, const char *str)
+{
+ char *me = "nsc_lookup_no_cache";
+ nss_status_t status;
-#define NSC_LOOKUP_NO_CACHE(str) \
- _NSCD_LOG(NSCD_LOG_CACHE, NSCD_LOG_LEVEL_DEBUG) \
- (me, "%s: name service lookup (bypassing cache\n", \
- str); \
- nss_psearch(largs->buffer, largs->bufsize); \
- status = NSCD_GET_STATUS(largs->buffer); \
- _NSCD_LOG(NSCD_LOG_CACHE, NSCD_LOG_LEVEL_DEBUG) \
- (me, "%s: name service lookup status = %d\n", \
- str, status); \
- if (status == NSS_SUCCESS) { \
- return (SUCCESS); \
- } else if (status == NSS_NOTFOUND) \
- return (NOTFOUND); \
- else \
+ _NSCD_LOG(NSCD_LOG_CACHE, NSCD_LOG_LEVEL_DEBUG)
+ (me, "%s: name service lookup (bypassing cache)\n", str);
+ nss_psearch(largs->buffer, largs->bufsize);
+ status = NSCD_GET_STATUS(largs->buffer);
+ _NSCD_LOG(NSCD_LOG_CACHE, NSCD_LOG_LEVEL_DEBUG)
+ (me, "%s: name service lookup status = %d\n", str, status);
+ if (status == NSS_SUCCESS) {
+ return (SUCCESS);
+ } else if (status == NSS_NOTFOUND) {
+ return (NOTFOUND);
+ } else {
return (SERVERERROR);
+ }
+}
/*
* This function starts the revalidation and reaper threads
* for a cache
*/
static void
-start_threads(nsc_ctx_t *ctx) {
-
+start_threads(nsc_ctx_t *ctx)
+{
int errnum;
char *me = "start_threads";
@@ -1128,11 +1133,11 @@
*/
if (ctx->revalidate_on != nscd_true) {
if (thr_create(NULL, NULL, (void *(*)(void *))revalidate,
- ctx, 0, NULL) != 0) {
+ ctx, 0, NULL) != 0) {
errnum = errno;
_NSCD_LOG(NSCD_LOG_CACHE, NSCD_LOG_LEVEL_ERROR)
- (me, "thr_create (revalidate thread for %s): %s\n",
- ctx->dbname, strerror(errnum));
+ (me, "thr_create (revalidate thread for %s): %s\n",
+ ctx->dbname, strerror(errnum));
exit(1);
}
ctx->revalidate_on = nscd_true;
@@ -1143,11 +1148,11 @@
*/
if (ctx->reaper_on != nscd_true) {
if (thr_create(NULL, NULL, (void *(*)(void *))reaper,
- ctx, 0, NULL) != 0) {
+ ctx, 0, NULL) != 0) {
errnum = errno;
_NSCD_LOG(NSCD_LOG_CACHE, NSCD_LOG_LEVEL_ERROR)
- (me, "thr_create (reaper thread for %s): %s\n",
- ctx->dbname, strerror(errnum));
+ (me, "thr_create (reaper thread for %s): %s\n",
+ ctx->dbname, strerror(errnum));
exit(1);
}
ctx->reaper_on = nscd_true;
@@ -1239,11 +1244,10 @@
static int
check_config(nsc_lookup_args_t *largs, nscd_cfg_cache_t *cfgp,
- char *whoami, int flag)
+ char *whoami, int flag)
{
nsc_db_t *nscdb;
nsc_ctx_t *ctx;
- nss_status_t status;
char *me = "check_config";
ctx = largs->ctx;
@@ -1267,18 +1271,16 @@
if (UPDATEBIT & flag)
return (NOTFOUND);
- else {
- NSC_LOOKUP_NO_CACHE(whoami);
- }
+ else
+ return (nsc_lookup_no_cache(largs, whoami));
}
/*
* if caller requests lookup using his
* own nsswitch config, bypass cache
*/
- if (nsw_config_in_phdr(largs->buffer)) {
- NSC_LOOKUP_NO_CACHE(whoami);
- }
+ if (nsw_config_in_phdr(largs->buffer))
+ return (nsc_lookup_no_cache(largs, whoami));
/* no need of cache if we are dealing with 0 ttls */
if (cfgp->pos_ttl <= 0 && cfgp->neg_ttl <= 0) {
@@ -1286,7 +1288,7 @@
return (NOTFOUND);
else if (cfgp->avoid_ns == nscd_true)
return (SERVERERROR);
- NSC_LOOKUP_NO_CACHE(whoami);
+ return (nsc_lookup_no_cache(largs, whoami));
}
return (CONTINUE);
@@ -1298,7 +1300,7 @@
*/
static void
check_db_file(nsc_ctx_t *ctx, nscd_cfg_cache_t cfg,
- char *whoami, time_t now)
+ char *whoami, time_t now)
{
struct stat buf;
nscd_bool_t file_modified = nscd_false;
@@ -1343,8 +1345,8 @@
}
static int
-lookup_int(nsc_lookup_args_t *largs, int flag) {
-
+lookup_int(nsc_lookup_args_t *largs, int flag)
+{
nsc_ctx_t *ctx;
nsc_db_t *nscdb;
nscd_cfg_cache_t cfg;
@@ -1364,7 +1366,7 @@
/* extract dbop, dbname, key and cred */
status = nss_packed_getkey(largs->buffer, largs->bufsize, &dbname,
- &dbop, &args);
+ &dbop, &args);
if (status != NSS_SUCCESS) {
_NSCD_LOG(NSCD_LOG_CACHE, NSCD_LOG_LEVEL_ERROR)
(me, "nss_packed_getkey failure (%d)\n", status);
@@ -1379,9 +1381,8 @@
if (UPDATEBIT & flag)
return (NOTFOUND);
- else {
- NSC_LOOKUP_NO_CACHE(dbname);
- }
+ else
+ return (nsc_lookup_no_cache(largs, dbname));
}
}
ctx = largs->ctx;
@@ -1390,13 +1391,12 @@
if ((largs->nscdb = nsc_get_db(ctx, dbop)) == NULL) {
_NSCD_LOG(NSCD_LOG_CACHE, NSCD_LOG_LEVEL_WARNING)
(me, "%s:%d: no cache found\n",
- dbname, dbop);
+ dbname, dbop);
if (UPDATEBIT & flag)
return (NOTFOUND);
- else {
- NSC_LOOKUP_NO_CACHE(dbname);
- }
+ else
+ return (nsc_lookup_no_cache(largs, dbname));
}
}
@@ -1404,7 +1404,7 @@
_NSCD_LOG_IF(NSCD_LOG_CACHE, NSCD_LOG_LEVEL_ALL) {
(void) nscdb->getlogstr(nscdb->name, whoami,
- sizeof (whoami), &args);
+ sizeof (whoami), &args);
}
if (UPDATEBIT & flag) {
@@ -1436,7 +1436,7 @@
/* Either no entry and avoid name service */
if (rc == NSCD_DB_ENTRY_NOT_FOUND ||
- rc == NSCD_INVALID_ARGUMENT)
+ rc == NSCD_INVALID_ARGUMENT)
return (NOTFOUND);
/* OR memory error */
@@ -1483,10 +1483,10 @@
if (cfg.avoid_ns == nscd_true)
next_action = _NSC_USECACHED;
else if ((flag & UPDATEBIT) ||
- (this_stats->timestamp < now)) {
+ (this_stats->timestamp < now)) {
_NSCD_LOG(NSCD_LOG_CACHE, NSCD_LOG_LEVEL_DEBUG)
(me, "%s: cached entry needs to be updated\n",
- whoami);
+ whoami);
next_action = _NSC_NSLOOKUP;
} else
next_action = _NSC_USECACHED;
@@ -1506,8 +1506,10 @@
_NSCD_LOG(NSCD_LOG_CACHE,
NSCD_LOG_LEVEL_DEBUG_6)
(me, "%s: throttling load\n", whoami);
- NSC_LOOKUP_RETURN(NOSERVER, WARNING,
- "%s: no clearance to wait\n");
+ (void) mutex_unlock(&nscdb->db_mutex);
+ NSC_LOOKUP_LOG(WARNING,
+ "%s: no clearance to wait\n");
+ return (NOSERVER);
}
/* yes can wait */
(void) nscd_wait(ctx, nscdb, this_entry);
@@ -1535,13 +1537,15 @@
(void) mutex_lock(&ctx->stats_mutex);
ctx->stats.drop_count++;
(void) mutex_unlock(&ctx->stats_mutex);
- NSC_LOOKUP_RETURN(NOSERVER, WARNING,
- "%s: no clearance for lookup\n");
+ (void) mutex_unlock(&nscdb->db_mutex);
+ NSC_LOOKUP_LOG(WARNING,
+ "%s: no clearance for lookup\n");
+ return (NOSERVER);
}
/* block any threads accessing this entry */
- this_stats->status = (flag & UPDATEBIT)?
- ST_UPDATE_PENDING:ST_LOOKUP_PENDING;
+ this_stats->status = (flag & UPDATEBIT) ?
+ ST_UPDATE_PENDING : ST_LOOKUP_PENDING;
/* release lock and do name service lookup */
(void) mutex_unlock(&nscdb->db_mutex);
@@ -1556,7 +1560,7 @@
_NSCD_LOG(NSCD_LOG_CACHE, NSCD_LOG_LEVEL_DEBUG)
(me, "%s: name service lookup status = %d\n",
- whoami, status);
+ whoami, status);
if (status == NSS_SUCCESS) {
int ttl;
@@ -1568,20 +1572,24 @@
status = dup_packed_buffer(largs, this_entry);
if (status != NSS_SUCCESS) {
delete_entry(nscdb, ctx, this_entry);
- NSC_LOOKUP_RETURN(SERVERERROR, ERROR,
- "%s: failed to update cache\n");
+ (void) mutex_unlock(&nscdb->db_mutex);
+ NSC_LOOKUP_LOG(ERROR,
+ "%s: failed to update cache\n");
+ return (SERVERERROR);
}
/*
* store unpacked key in cache
*/
status = nss_packed_getkey(this_entry->buffer,
- this_entry->bufsize,
- &dbname, &dbop, &args);
+ this_entry->bufsize,
+ &dbname, &dbop, &args);
if (status != NSS_SUCCESS) {
delete_entry(nscdb, ctx, this_entry);
- NSC_LOOKUP_RETURN(SERVERERROR, ERROR,
- "%s: failed to extract key\n");
+ (void) mutex_unlock(&nscdb->db_mutex);
+ NSC_LOOKUP_LOG(ERROR,
+ "%s: failed to extract key\n");
+ return (SERVERERROR);
}
this_entry->key = args.key; /* struct copy */
@@ -1605,8 +1613,10 @@
*/
start_threads(ctx);
- NSC_LOOKUP_RETURN(SUCCESS, DEBUG,
- "%s: cache updated with positive entry\n");
+ (void) mutex_unlock(&nscdb->db_mutex);
+ NSC_LOOKUP_LOG(DEBUG,
+ "%s: cache updated with positive entry\n");
+ return (SUCCESS);
} else if (status == NSS_NOTFOUND) {
/*
* data not found in name service
@@ -1617,25 +1627,32 @@
if (NSCD_GET_ERRNO(largs->buffer) == ERANGE) {
delete_entry(nscdb, ctx, this_entry);
- NSC_LOOKUP_RETURN(NOTFOUND, DEBUG,
- "%s: ERANGE, cache not updated with negative entry\n");
+ (void) mutex_unlock(&nscdb->db_mutex);
+ NSC_LOOKUP_LOG(DEBUG,
+ "%s: ERANGE, cache not updated "
+ "with negative entry\n");
+ return (NOTFOUND);
}
status = dup_packed_buffer(largs, this_entry);
if (status != NSS_SUCCESS) {
delete_entry(nscdb, ctx, this_entry);
- NSC_LOOKUP_RETURN(SERVERERROR, ERROR,
- "%s: failed to update cache\n");
+ (void) mutex_unlock(&nscdb->db_mutex);
+ NSC_LOOKUP_LOG(ERROR,
+ "%s: failed to update cache\n");
+ return (SERVERERROR);
}
/* store unpacked key in cache */
status = nss_packed_getkey(this_entry->buffer,
- this_entry->bufsize,
- &dbname, &dbop, &args);
+ this_entry->bufsize,
+ &dbname, &dbop, &args);
if (status != NSS_SUCCESS) {
delete_entry(nscdb, ctx, this_entry);
- NSC_LOOKUP_RETURN(SERVERERROR, ERROR,
- "%s: failed to extract key\n");
+ (void) mutex_unlock(&nscdb->db_mutex);
+ NSC_LOOKUP_LOG(ERROR,
+ "%s: failed to extract key\n");
+ return (SERVERERROR);
}
this_entry->key = args.key; /* struct copy */
@@ -1655,8 +1672,10 @@
*/
start_threads(ctx);
- NSC_LOOKUP_RETURN(NOTFOUND, DEBUG,
- "%s: cache updated with negative entry\n");
+ (void) mutex_unlock(&nscdb->db_mutex);
+ NSC_LOOKUP_LOG(DEBUG,
+ "%s: cache updated with negative entry\n");
+ return (NOTFOUND);
} else {
/*
* name service lookup failed
@@ -1672,8 +1691,9 @@
(void) mutex_unlock(&nscdb->db_mutex);
_NSCD_LOG(NSCD_LOG_CACHE, NSCD_LOG_LEVEL_WARNING)
- (me, "%s: name service lookup failed (status=%d, errno=%d)\n",
- whoami, status, errnum);
+ (me, "%s: name service lookup failed "
+ "(status=%d, errno=%d)\n",
+ whoami, status, errnum);
return (SERVERERROR);
}
@@ -1682,12 +1702,13 @@
* found entry in cache
*/
if (UPDATEBIT & flag) {
- NSC_LOOKUP_RETURN(SUCCESS, DEBUG,
- "%s: no need to update\n");
+ (void) mutex_unlock(&nscdb->db_mutex);
+ NSC_LOOKUP_LOG(DEBUG, "%s: no need to update\n");
+ return (SUCCESS);
}
if (NSCD_GET_STATUS((nss_pheader_t *)this_entry->buffer) ==
- NSS_SUCCESS) {
+ NSS_SUCCESS) {
/* positive hit */
(void) mutex_lock(&ctx->stats_mutex);
ctx->stats.pos_hits++;
@@ -1695,13 +1716,17 @@
/* update response buffer */
if (copy_result(largs->buffer,
- this_entry->buffer) != NSS_SUCCESS) {
- NSC_LOOKUP_RETURN(SERVERERROR, ERROR,
- "%s: response buffer insufficient\n");
+ this_entry->buffer) != NSS_SUCCESS) {
+ (void) mutex_unlock(&nscdb->db_mutex);
+ NSC_LOOKUP_LOG(ERROR,
+ "%s: response buffer insufficient\n");
+ return (SERVERERROR);
}
- NSC_LOOKUP_RETURN(SUCCESS, DEBUG,
- "%s: positive entry in cache\n");
+ (void) mutex_unlock(&nscdb->db_mutex);
+ NSC_LOOKUP_LOG(DEBUG,
+ "%s: positive entry in cache\n");
+ return (SUCCESS);
} else {
/* negative hit */
(void) mutex_lock(&ctx->stats_mutex);
@@ -1709,18 +1734,21 @@
(void) mutex_unlock(&ctx->stats_mutex);
NSCD_SET_STATUS((nss_pheader_t *)largs->buffer,
- NSCD_GET_STATUS(this_entry->buffer),
- NSCD_GET_ERRNO(this_entry->buffer));
+ NSCD_GET_STATUS(this_entry->buffer),
+ NSCD_GET_ERRNO(this_entry->buffer));
NSCD_SET_HERRNO((nss_pheader_t *)largs->buffer,
- NSCD_GET_HERRNO(this_entry->buffer));
+ NSCD_GET_HERRNO(this_entry->buffer));
- NSC_LOOKUP_RETURN(NOTFOUND, DEBUG,
- "%s: negative entry in cache\n");
+ (void) mutex_unlock(&nscdb->db_mutex);
+ NSC_LOOKUP_LOG(DEBUG,
+ "%s: negative entry in cache\n");
+ return (NOTFOUND);
}
}
- NSC_LOOKUP_RETURN(SERVERERROR, ERROR,
- "%s: cache backend failure\n");
+ (void) mutex_unlock(&nscdb->db_mutex);
+ NSC_LOOKUP_LOG(ERROR, "%s: cache backend failure\n");
+ return (SERVERERROR);
}
/*
@@ -1741,11 +1769,11 @@
switch (rc) {
case SUCCESS:
- NSCD_RETURN_STATUS(phdr, NSS_SUCCESS, 0);
+ NSCD_SET_STATUS(phdr, NSS_SUCCESS, 0);
break;
case NOTFOUND:
- NSCD_RETURN_STATUS(phdr, NSS_NOTFOUND, -1);
+ NSCD_SET_STATUS(phdr, NSS_NOTFOUND, -1);
break;
case SERVERERROR:
@@ -1759,7 +1787,7 @@
break;
case NOSERVER:
- NSCD_RETURN_STATUS(phdr, NSS_TRYLOCAL, -1);
+ NSCD_SET_STATUS(phdr, NSS_TRYLOCAL, -1);
break;
}
}
@@ -1946,7 +1974,8 @@
* Invalidate cache
*/
void
-nsc_invalidate(nsc_ctx_t *ctx, char *dbname, nsc_ctx_t **ctxs) {
+nsc_invalidate(nsc_ctx_t *ctx, char *dbname, nsc_ctx_t **ctxs)
+{
int i;
char *me = "nsc_invalidate";
@@ -1957,16 +1986,14 @@
if (dbname) {
if ((i = get_cache_idx(dbname)) == -1) {
- _NSCD_LOG(NSCD_LOG_CACHE,
- NSCD_LOG_LEVEL_WARNING)
+ _NSCD_LOG(NSCD_LOG_CACHE, NSCD_LOG_LEVEL_WARNING)
(me, "%s: invalid cache name\n", dbname);
return;
}
if ((ctx = cache_ctx_p[i]) == NULL) {
- _NSCD_LOG(NSCD_LOG_CACHE,
- NSCD_LOG_LEVEL_WARNING)
+ _NSCD_LOG(NSCD_LOG_CACHE, NSCD_LOG_LEVEL_WARNING)
(me, "%s: no cache context found\n",
- dbname);
+ dbname);
return;
}
ctx_invalidate(ctx);
@@ -1987,7 +2014,8 @@
* Invalidate cache by context
*/
static void
-ctx_invalidate(nsc_ctx_t *ctx) {
+ctx_invalidate(nsc_ctx_t *ctx)
+{
int i;
nsc_entry_t *entry;
char *me = "ctx_invalidate";
@@ -2041,8 +2069,8 @@
static nscd_rc_t
lookup_cache(nsc_lookup_args_t *largs, nscd_cfg_cache_t *cfgp,
- nss_XbyY_args_t *argp, char *whoami, nsc_entry_t **entry) {
-
+ nss_XbyY_args_t *argp, char *whoami, nsc_entry_t **entry)
+{
nsc_db_t *nscdb;
nsc_ctx_t *ctx;
uint_t hash;
@@ -2073,8 +2101,8 @@
/* move it to the hash table */
if (nscdb->htable) {
if (nscdb->htable[hash] == NULL ||
- (*entry)->stats.hits >=
- nscdb->htable[hash]->stats.hits) {
+ (*entry)->stats.hits >=
+ nscdb->htable[hash]->stats.hits) {
nscdb->htable[hash] = *entry;
}
}
@@ -2086,18 +2114,16 @@
(me, "%s: cache miss\n", whoami);
if (cfgp->avoid_ns == nscd_true) {
- _NSCD_LOG(NSCD_LOG_CACHE,
- NSCD_LOG_LEVEL_DEBUG)
+ _NSCD_LOG(NSCD_LOG_CACHE, NSCD_LOG_LEVEL_DEBUG)
(me, "%s: avoid name service\n", whoami);
return (NSCD_DB_ENTRY_NOT_FOUND);
}
/* allocate memory for new entry (stub) */
*entry = (nsc_entry_t *)umem_cache_alloc(nsc_entry_cache,
- UMEM_DEFAULT);
+ UMEM_DEFAULT);
if (*entry == NULL) {
- _NSCD_LOG(NSCD_LOG_CACHE,
- NSCD_LOG_LEVEL_ERROR)
+ _NSCD_LOG(NSCD_LOG_CACHE, NSCD_LOG_LEVEL_ERROR)
(me, "%s: memory allocation failure\n", whoami);
return (NSCD_NO_MEMORY);
}
@@ -2132,13 +2158,13 @@
if (cfgp->maxentries > 0 && nentries > cfgp->maxentries) {
_NSCD_LOG(NSCD_LOG_CACHE, NSCD_LOG_LEVEL_DEBUG)
(me, "%s: maximum entries exceeded -- "
- "deleting least recently used entry\n",
- whoami);
+ "deleting least recently used entry\n",
+ whoami);
node = nscdb->qhead;
while (node != NULL && node != *entry) {
if (node->stats.status == ST_DISCARD ||
- !(node->stats.status & ST_PENDING)) {
+ !(node->stats.status & ST_PENDING)) {
delete_entry(nscdb, ctx, node);
break;
}
@@ -2156,7 +2182,8 @@
}
static void
-reaper(nsc_ctx_t *ctx) {
+reaper(nsc_ctx_t *ctx)
+{
uint_t ttl, extra_sleep, total_sleep, intervals;
uint_t nodes_per_interval, seconds_per_interval;
ulong_t nsc_entries;
@@ -2207,12 +2234,12 @@
_NSCD_LOG(NSCD_LOG_CACHE, NSCD_LOG_LEVEL_DEBUG)
(me, "%s: total entries = %d, "
- "seconds per interval = %d, "
- "nodes per interval = %d\n",
- ctx->dbname, nsc_entries, seconds_per_interval,
- nodes_per_interval);
+ "seconds per interval = %d, "
+ "nodes per interval = %d\n",
+ ctx->dbname, nsc_entries, seconds_per_interval,
+ nodes_per_interval);
total_sleep = reap_cache(ctx, nodes_per_interval,
- seconds_per_interval);
+ seconds_per_interval);
extra_sleep = 1 + ttl - total_sleep;
if (extra_sleep > 0)
(void) sleep(extra_sleep);
@@ -2222,7 +2249,8 @@
static uint_t
reap_cache(nsc_ctx_t *ctx, uint_t nodes_per_interval,
- uint_t seconds_per_interval) {
+ uint_t seconds_per_interval)
+{
uint_t nodes_togo, total_sleep;
time_t now;
nsc_entry_t *node, *next_node;
@@ -2254,8 +2282,8 @@
if ((node = nscdb->reap_node) == NULL)
break;
if (node->stats.status == ST_DISCARD ||
- (!(node->stats.status & ST_PENDING) &&
- node->stats.timestamp < now)) {
+ (!(node->stats.status & ST_PENDING) &&
+ node->stats.timestamp < now)) {
/*
* Delete entry if its discard flag is
* set OR if it has expired. Entries
@@ -2287,8 +2315,9 @@
*/
nentries = avl_numnodes(&nscdb->tree);
for (slot = 0, value = _NSC_INIT_HTSIZE_SLOT_VALUE;
- slot < _NSC_HTSIZE_NUM_SLOTS && nentries > value;
- value = (value << 1) + 1, slot++);
+ slot < _NSC_HTSIZE_NUM_SLOTS && nentries > value;
+ value = (value << 1) + 1, slot++)
+ ;
if (nscdb->hash_type == nsc_ht_power2)
newhtsize = _NSC_INIT_HTSIZE_POWER2 << slot;
else
@@ -2302,7 +2331,7 @@
_NSCD_LOG(NSCD_LOG_CACHE, NSCD_LOG_LEVEL_DEBUG)
(me, "%s: resizing hash table from %d to %d\n",
- nscdb->name, nscdb->htsize, newhtsize);
+ nscdb->name, nscdb->htsize, newhtsize);
/*
* Dump old hashes because it would be time
@@ -2312,9 +2341,8 @@
nscdb->htable = calloc(newhtsize, sizeof (*(nscdb->htable)));
if (nscdb->htable == NULL) {
_NSCD_LOG(NSCD_LOG_CACHE, NSCD_LOG_LEVEL_ERROR)
- (me,
- "%s: memory allocation failure\n",
- nscdb->name);
+ (me, "%s: memory allocation failure\n",
+ nscdb->name);
/* -1 to try later */
nscdb->htsize = -1;
} else {
@@ -2366,7 +2394,7 @@
node = next_node;
next_node = next_node->qprev;
if (node->stats.status == ST_DISCARD ||
- !(node->stats.status & ST_PENDING)) {
+ !(node->stats.status & ST_PENDING)) {
/* Leave nodes with pending updates alone */
delete_entry(nscdb, ctx, node);
count++;
--- a/usr/src/cmd/nscd/nscd_admin.c Sun Apr 22 15:19:49 2012 +0100
+++ b/usr/src/cmd/nscd/nscd_admin.c Thu Apr 26 21:14:28 2012 +0100
@@ -21,10 +21,9 @@
/*
* Copyright 2006 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
+ * Copyright 2012 Milan Jurik. All rights reserved.
*/
-#pragma ident "%Z%%M% %I% %E% SMI"
-
#include <stdlib.h>
#include <locale.h>
#include <string.h>
@@ -72,11 +71,11 @@
} else {
admin_c.cache_cfg[i] = cfg_default;
(void) memset(&admin_c.cache_stats[i], 0,
- sizeof (admin_c.cache_stats[0]));
+ sizeof (admin_c.cache_stats[0]));
}
}
(void) memcpy(((char *)outbuf) + phdr->data_off,
- &admin_c, sizeof (admin_c));
+ &admin_c, sizeof (admin_c));
return (0);
}
@@ -114,16 +113,16 @@
_nscd_logit(me, "total_size = %d\n", set->total_size);
_nscd_logit(me, "debug_level_set = %d, debug_level = %d\n",
- set->debug_level_set, set->debug_level);
+ set->debug_level_set, set->debug_level);
_nscd_logit(me, "logfile_set = %d, logfile = %s\n",
- set->logfile_set, *set->logfile == '\0' ?
- "" : set->logfile);
+ set->logfile_set, *set->logfile == '\0' ?
+ "" : set->logfile);
_nscd_logit(me, "cache_cfg_num = %d\n",
- set->cache_cfg_num);
+ set->cache_cfg_num);
_nscd_logit(me, "cache_flush_num = %d\n",
- set->cache_flush_num);
+ set->cache_flush_num);
}
/*
@@ -132,11 +131,11 @@
if (set->debug_level_set == nscd_true) {
if (_nscd_set_debug_level(set->debug_level)
- != NSCD_SUCCESS) {
+ != NSCD_SUCCESS) {
_NSCD_LOG(NSCD_LOG_ADMIN, NSCD_LOG_LEVEL_ERROR)
(me, "unable to set debug level %d\n",
- set->debug_level);
+ set->debug_level);
goto err_exit;
}
@@ -152,7 +151,7 @@
goto err_exit;
}
(void) strlcpy(admin_c.logfile, set->logfile,
- NSCD_LOGFILE_LEN);
+ NSCD_LOGFILE_LEN);
}
/*
@@ -162,7 +161,7 @@
_NSCD_LOG(NSCD_LOG_ADMIN, NSCD_LOG_LEVEL_ERROR)
(me, "number of caches (%d) to change out of bound %s\n",
- set->cache_cfg_num);
+ set->cache_cfg_num);
goto err_exit;
}
@@ -177,14 +176,14 @@
if (cache_ctx_p[j] == NULL) {
_NSCD_LOG(NSCD_LOG_ADMIN, NSCD_LOG_LEVEL_ERROR)
(me, "unable to find cache context for %s\n",
- dbname);
+ dbname);
}
rc = _nscd_cfg_get_handle(group, dbname, &h, NULL);
if (rc != NSCD_SUCCESS) {
_NSCD_LOG(NSCD_LOG_ADMIN, NSCD_LOG_LEVEL_ERROR)
(me, "unable to get handle for < %s : %s >\n",
- dbname, group);
+ dbname, group);
goto err_exit;
}
@@ -193,7 +192,7 @@
if (rc != NSCD_SUCCESS) {
_NSCD_LOG(NSCD_LOG_ADMIN, NSCD_LOG_LEVEL_ERROR)
(me, "unable to set admin data for < %s : %s >\n",
- dbname, group);
+ dbname, group);
_nscd_cfg_free_handle(h);
@@ -209,7 +208,7 @@
_NSCD_LOG(NSCD_LOG_ADMIN, NSCD_LOG_LEVEL_ERROR)
(me, "number of caches (%d) to flush out of bound %s\n",
- set->cache_flush_num);
+ set->cache_flush_num);
goto err_exit;
}
@@ -222,7 +221,7 @@
if (cache_ctx_p[j] == NULL) {
_NSCD_LOG(NSCD_LOG_ADMIN, NSCD_LOG_LEVEL_ERROR)
(me, "unable to find cache context for %s\n",
- dbname);
+ dbname);
}
nsc_invalidate(cache_ctx_p[j], NULL, NULL);
}
@@ -248,9 +247,9 @@
_NSCD_LOG(NSCD_LOG_ADMIN, NSCD_LOG_LEVEL_ERROR)
(me, "SETADMIN call failed\n");
- NSCD_RETURN_N2N_STATUS(phdr, NSS_NSCD_PRIV, 0, rc);
+ NSCD_SET_N2N_STATUS(phdr, NSS_NSCD_PRIV, 0, rc);
} else {
- NSCD_RETURN_STATUS_SUCCESS(phdr);
+ NSCD_SET_STATUS_SUCCESS(phdr);
}
}
@@ -393,7 +392,7 @@
callnum = NSCD_GETADMIN;
(void) _nscd_doorcall_data(callnum, NULL, sizeof (admin_c),
- &admin_c, sizeof (admin_c), &phdr);
+ &admin_c, sizeof (admin_c), &phdr);
if (NSCD_STATUS_IS_NOT_OK(&phdr)) {
return (1);
@@ -406,5 +405,5 @@
_nscd_client_setadmin()
{
return (_nscd_doorcall_data(NSCD_SETADMIN, &admin_mod,
- sizeof (admin_mod), NULL, 0, NULL));
+ sizeof (admin_mod), NULL, 0, NULL));
}
--- a/usr/src/cmd/nscd/nscd_door.c Sun Apr 22 15:19:49 2012 +0100
+++ b/usr/src/cmd/nscd/nscd_door.c Thu Apr 26 21:14:28 2012 +0100
@@ -22,10 +22,9 @@
/*
* Copyright 2007 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
+ * Copyright 2012 Milan Jurik. All rights reserved.
*/
-#pragma ident "%Z%%M% %I% %E% SMI"
-
#include <sys/param.h>
#include <string.h>
#include <door.h>
@@ -48,14 +47,16 @@
_NSCD_LOG(NSCD_LOG_FRONT_END, NSCD_LOG_LEVEL_DEBUG)
(me, "door is %s (fd is %d)\n", NAME_SERVICE_DOOR,
- *doorfd);
+ *doorfd);
- if (*doorfd == -1)
- NSCD_RETURN_STATUS(phdr, NSS_ERROR, errno);
+ if (*doorfd == -1) {
+ NSCD_SET_STATUS(phdr, NSS_ERROR, errno);
+ return;
+ }
if (door_info(*doorfd, &doori) < 0 ||
- (doori.di_attributes & DOOR_REVOKED) ||
- doori.di_data != (uintptr_t)NAME_SERVICE_DOOR_COOKIE) {
+ (doori.di_attributes & DOOR_REVOKED) ||
+ doori.di_data != (uintptr_t)NAME_SERVICE_DOOR_COOKIE) {
/*
* we should close doorfd because we just opened it
@@ -65,10 +66,11 @@
_NSCD_LOG(NSCD_LOG_FRONT_END, NSCD_LOG_LEVEL_DEBUG)
(me, "door %d not valid\n", *doorfd);
- NSCD_RETURN_STATUS(phdr, NSS_ERROR, ECONNREFUSED);
+ NSCD_SET_STATUS(phdr, NSS_ERROR, ECONNREFUSED);
+ return;
}
- NSCD_RETURN_STATUS_SUCCESS(phdr);
+ NSCD_SET_STATUS_SUCCESS(phdr);
}
/* general door call functions used by nscd */
@@ -87,15 +89,14 @@
(void) memmove(outdata, dp, phdr->data_len);
} else {
- _NSCD_LOG(NSCD_LOG_FRONT_END,
- NSCD_LOG_LEVEL_DEBUG)
+ _NSCD_LOG(NSCD_LOG_FRONT_END, NSCD_LOG_LEVEL_DEBUG)
(me, "output buffer not large enough "
- " should be > %d but is %d\n",
- phdr->data_len, outdlen);
+ " should be > %d but is %d\n",
+ phdr->data_len, outdlen);
if (outphdr != NULL) {
NSCD_SET_N2N_STATUS(phdr, NSS_NSCD_PRIV,
- 0, NSCD_INVALID_ARGUMENT);
+ 0, NSCD_INVALID_ARGUMENT);
NSCD_COPY_STATUS(outphdr, phdr);
}
ret = NSS_NSCD_PRIV;
@@ -130,7 +131,7 @@
phdr = (nss_pheader_t *)dptr;
_NSCD_LOG(NSCD_LOG_FRONT_END, NSCD_LOG_LEVEL_DEBUG)
(me, "door call (%d) failed (status = %d, error = %s)\n",
- callnum, ret, strerror(NSCD_GET_ERRNO(phdr)));
+ callnum, ret, strerror(NSCD_GET_ERRNO(phdr)));
}
return (ret);
@@ -169,7 +170,7 @@
if (ret != NSS_SUCCESS) {
_NSCD_LOG(NSCD_LOG_FRONT_END, NSCD_LOG_LEVEL_DEBUG)
(me, "door call (%d) failed (status = %d, error = %s)\n",
- callnum, ret, strerror(NSCD_GET_ERRNO(phdr_d)));
+ callnum, ret, strerror(NSCD_GET_ERRNO(phdr_d)));
} else {
if (phdr != NULL) {
NSCD_COPY_STATUS(phdr, phdr_d);
@@ -230,7 +231,7 @@
_NSCD_LOG(NSCD_LOG_FRONT_END, NSCD_LOG_LEVEL_DEBUG)
(me, "door call (%d to %d) did not get through (%s)\n",
- callnum, fd, strerror(errnum));
+ callnum, fd, strerror(errnum));
return (NSS_ERROR);
}
@@ -250,9 +251,9 @@
_NSCD_LOG(NSCD_LOG_FRONT_END, NSCD_LOG_LEVEL_DEBUG)
(me, "door call (%d to %d) failed: p_status = %d, "
- "p_errno = %s, nscd status = %d\n", callnum, fd,
- ret, strerror(NSCD_GET_ERRNO(phdr_d)),
- NSCD_GET_NSCD_STATUS(phdr_d));
+ "p_errno = %s, nscd status = %d\n", callnum, fd,
+ ret, strerror(NSCD_GET_ERRNO(phdr_d)),
+ NSCD_GET_NSCD_STATUS(phdr_d));
} else
ret = copy_output(outdata, outdlen, phdr_d, phdr);
@@ -291,21 +292,20 @@
_NSCD_LOG(NSCD_LOG_FRONT_END, NSCD_LOG_LEVEL_DEBUG)
(me, "door call (to fd %d) failed (%s)\n",
- doorfd, strerror(errnum));
+ doorfd, strerror(errnum));
(void) close(doorfd);
- NSCD_RETURN_STATUS(phdr, NSS_ERROR, errnum);
+ NSCD_SET_STATUS(phdr, NSS_ERROR, errnum);
+ return;
}
*adata = param.data_size;
*ndata = param.rsize;
*dptr = (void *)param.data_ptr;
if (*adata == 0 || *dptr == NULL) {
- (void) close(doorfd);
-
_NSCD_LOG(NSCD_LOG_FRONT_END, NSCD_LOG_LEVEL_DEBUG)
(me, "no data\n");
- NSCD_RETURN_STATUS(phdr, NSS_ERROR, ENOTCONN);
+ NSCD_SET_STATUS(phdr, NSS_ERROR, ENOTCONN);
}
(void) close(doorfd);
@@ -348,8 +348,8 @@
_NSCD_LOG(NSCD_LOG_FRONT_END, NSCD_LOG_LEVEL_DEBUG)
(me, "door call (%d) failed (status = %d, error = %s)\n",
- callnum, NSCD_GET_STATUS(phdr_d),
- strerror(NSCD_GET_ERRNO(phdr_d)));
+ callnum, NSCD_GET_STATUS(phdr_d),
+ strerror(NSCD_GET_ERRNO(phdr_d)));
}
return (NSCD_GET_STATUS(phdr_d));
--- a/usr/src/cmd/nscd/nscd_door.h Sun Apr 22 15:19:49 2012 +0100
+++ b/usr/src/cmd/nscd/nscd_door.h Thu Apr 26 21:14:28 2012 +0100
@@ -22,13 +22,12 @@
/*
* Copyright 2007 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
+ * Copyright 2012 Milan Jurik. All rights reserved.
*/
#ifndef _NSCD_DOOR_H
#define _NSCD_DOOR_H
-#pragma ident "%Z%%M% %I% %E% SMI"
-
/*
* Definitions for nscd to nscd door interfaces
*/
@@ -97,24 +96,10 @@
(ph)->p_herrno = herrno;
-#define NSCD_RETURN_STATUS(ph, st, errno) \
- { \
- int e = errno; \
- (ph)->p_status = st; \
- if (e != -1) \
- (ph)->p_errno = e; \
- return; \
- }
-
#define NSCD_SET_STATUS_SUCCESS(ph) \
(ph)->p_status = NSS_SUCCESS; \
(ph)->p_errno = 0;
-#define NSCD_RETURN_STATUS_SUCCESS(ph) \
- (ph)->p_status = NSS_SUCCESS; \
- (ph)->p_errno = 0; \
- return;
-
#define NSCD_SET_N2N_STATUS(ph, st, errno, n2nst) \
{ \
int e = errno; \
@@ -124,16 +109,6 @@
(ph)->nscdpriv = n2nst; \
}
-#define NSCD_RETURN_N2N_STATUS(ph, st, errno, n2nst) \
- { \
- int e = errno; \
- (ph)->p_status = st; \
- if (e != -1) \
- (ph)->p_errno = e; \
- (ph)->nscdpriv = n2nst; \
- return; \
- }
-
#define NSCD_STATUS_IS_OK(ph) \
(((ph)->p_status) == NSS_SUCCESS)
--- a/usr/src/cmd/nscd/nscd_frontend.c Sun Apr 22 15:19:49 2012 +0100
+++ b/usr/src/cmd/nscd/nscd_frontend.c Thu Apr 26 21:14:28 2012 +0100
@@ -21,6 +21,7 @@
/*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
+ * Copyright 2012 Milan Jurik. All rights reserved.
*/
#include <stdlib.h>
@@ -389,7 +390,8 @@
_NSCD_LOG(NSCD_LOG_FRONT_END, NSCD_LOG_LEVEL_DEBUG)
(me, "door_ucred: %s\n", strerror(errno));
- NSCD_RETURN_STATUS(phdr, NSS_ERROR, errnum);
+ NSCD_SET_STATUS(phdr, NSS_ERROR, errnum);
+ return;
}
eset = ucred_getprivset(uc, PRIV_EFFECTIVE);
@@ -405,7 +407,8 @@
ucred_getruid(uc), ucred_geteuid(uc), zoneid);
ucred_free(uc);
- NSCD_RETURN_STATUS(phdr, NSS_ERROR, EACCES);
+ NSCD_SET_STATUS(phdr, NSS_ERROR, EACCES);
+ return;
}
_NSCD_LOG(NSCD_LOG_FRONT_END, NSCD_LOG_LEVEL_DEBUG)
@@ -415,7 +418,7 @@
ucred_free(uc);
- NSCD_RETURN_STATUS_SUCCESS(phdr);
+ NSCD_SET_STATUS_SUCCESS(phdr);
}
void
@@ -439,7 +442,8 @@
_NSCD_LOG(log_comp, NSCD_LOG_LEVEL_ERROR)
(me, "door_ucred: %s\n", strerror(errno));
- NSCD_RETURN_STATUS(phdr, NSS_ERROR, errnum);
+ NSCD_SET_STATUS(phdr, NSS_ERROR, errnum);
+ return;
}
NSCD_SET_STATUS_SUCCESS(phdr);
--- a/usr/src/cmd/nscd/nscd_selfcred.c Sun Apr 22 15:19:49 2012 +0100
+++ b/usr/src/cmd/nscd/nscd_selfcred.c Thu Apr 26 21:14:28 2012 +0100
@@ -520,8 +520,9 @@
_NSCD_LOG(NSCD_LOG_SELF_CRED, NSCD_LOG_LEVEL_DEBUG)
(me, "door_ucred failed: %s\n", strerror(errnum));
- NSCD_RETURN_N2N_STATUS(phdr, NSS_NSCD_PRIV, errnum,
+ NSCD_SET_N2N_STATUS(phdr, NSS_NSCD_PRIV, errnum,
NSCD_DOOR_UCRED_ERROR);
+ return;
}
uid = ucred_geteuid(uc);
@@ -716,8 +717,9 @@
_NSCD_LOG(NSCD_LOG_SELF_CRED, NSCD_LOG_LEVEL_DEBUG)
(me, "MAIN IMPOSTER CAUGHT! i am %d not NSCD_MAIN\n", iam);
- NSCD_RETURN_N2N_STATUS(phdr, NSS_NSCD_PRIV, 0,
+ NSCD_SET_N2N_STATUS(phdr, NSS_NSCD_PRIV, 0,
NSCD_SELF_CRED_MAIN_IMPOSTER);
+ return;
}
/* forker doesn't return stats, it just pauses */
@@ -725,11 +727,8 @@
_NSCD_LOG(NSCD_LOG_SELF_CRED, NSCD_LOG_LEVEL_DEBUG)
(me, "forker ready to pause ...\n");
- /*CONSTCOND*/
- while (1)
+ for (;;)
(void) pause();
-
- NSCD_RETURN_STATUS_SUCCESS(phdr);
}
/* remember the current activity sequence number */
@@ -784,8 +783,9 @@
_NSCD_LOG(NSCD_LOG_SELF_CRED, NSCD_LOG_LEVEL_DEBUG)
(me, "MAIN IMPOSTER CAUGHT! i am %d not NSCD_MAIN\n", iam);
- NSCD_RETURN_N2N_STATUS(phdr, NSS_NSCD_PRIV, 0,
+ NSCD_SET_N2N_STATUS(phdr, NSS_NSCD_PRIV, 0,
NSCD_SELF_CRED_MAIN_IMPOSTER);
+ return;
}
/* only forker handles fork requests */
@@ -793,8 +793,9 @@
_NSCD_LOG(NSCD_LOG_SELF_CRED, NSCD_LOG_LEVEL_DEBUG)
(me, "MAIN IMPOSTER CAUGHT! I AM NOT FORKER!\n");
- NSCD_RETURN_N2N_STATUS(phdr, NSS_NSCD_PRIV, 0,
+ NSCD_SET_N2N_STATUS(phdr, NSS_NSCD_PRIV, 0,
NSCD_SELF_CRED_WRONG_NSCD);
+ return;
}
/* fork a child for the slot assigned by the main nscd */
@@ -809,8 +810,9 @@
_NSCD_LOG(NSCD_LOG_SELF_CRED, NSCD_LOG_LEVEL_DEBUG)
(me, "bas slot number\n");
- NSCD_RETURN_N2N_STATUS(phdr, NSS_NSCD_PRIV, 0,
+ NSCD_SET_N2N_STATUS(phdr, NSS_NSCD_PRIV, 0,
NSCD_SELF_CRED_INVALID_SLOT_NUMBER);
+ return;
}
_NSCD_LOG(NSCD_LOG_SELF_CRED, NSCD_LOG_LEVEL_DEBUG)
@@ -854,7 +856,8 @@
NSCD_IMHERE | (NSCD_CHILD & NSCD_WHOAMI),
&ih, sizeof (ih), NULL);
- NSCD_RETURN_STATUS_SUCCESS(phdr);
+ NSCD_SET_STATUS_SUCCESS(phdr);
+ return;
} if (cid == (pid_t)-1) {
_NSCD_LOG(NSCD_LOG_SELF_CRED, NSCD_LOG_LEVEL_DEBUG)
(me, "forker unable to fork ...\n");
@@ -953,8 +956,9 @@
_NSCD_LOG(NSCD_LOG_SELF_CRED, NSCD_LOG_LEVEL_ERROR)
(me, "no door to talk to the forker\n");
- NSCD_RETURN_N2N_STATUS(phdr, NSS_NSCD_PRIV, 0,
+ NSCD_SET_N2N_STATUS(phdr, NSS_NSCD_PRIV, 0,
NSCD_SELF_CRED_NO_FORKER);
+ return;
}
/* get door client's credential information */
@@ -963,8 +967,9 @@
_NSCD_LOG(NSCD_LOG_SELF_CRED, NSCD_LOG_LEVEL_DEBUG)
(me, "door_ucred failed: %s\n", strerror(errnum));
- NSCD_RETURN_N2N_STATUS(phdr, NSS_NSCD_PRIV, errnum,
+ NSCD_SET_N2N_STATUS(phdr, NSS_NSCD_PRIV, errnum,
NSCD_DOOR_UCRED_ERROR);
+ return;
}
/* get door client's effective uid and effective gid */
@@ -983,8 +988,9 @@
(me, "no child slot available (child array = %p, slot = %d)\n",
child, ch->child_slot);
- NSCD_RETURN_N2N_STATUS(phdr, NSS_NSCD_PRIV, 0,
+ NSCD_SET_N2N_STATUS(phdr, NSS_NSCD_PRIV, 0,
NSCD_SELF_CRED_NO_CHILD_SLOT);
+ return;
}
/* create the per user nscd if necessary */
@@ -1036,8 +1042,9 @@
if (ch->child_state != CHILD_STATE_PIDKNOWN) {
- NSCD_RETURN_N2N_STATUS(phdr, NSS_NSCD_PRIV, 0,
+ NSCD_SET_N2N_STATUS(phdr, NSS_NSCD_PRIV, 0,
NSCD_SELF_CRED_INVALID_SLOT_STATE);
+ return;
}
*door = ch->child_door;
@@ -1046,7 +1053,7 @@
(me, "returning door %d for slot %d, uid %d, gid = %d\n",
*door, ch->child_slot, set2uid, set2gid);
- NSCD_RETURN_STATUS(phdr, NSS_ALTRETRY, 0);
+ NSCD_SET_STATUS(phdr, NSS_ALTRETRY, 0);
}
static char **
@@ -1260,8 +1267,9 @@
_NSCD_LOG(NSCD_LOG_SELF_CRED, NSCD_LOG_LEVEL_DEBUG)
(me, "door_ucred failed: %s\n", strerror(errnum));
- NSCD_RETURN_N2N_STATUS(phdr, NSS_NSCD_PRIV, errnum,
+ NSCD_SET_N2N_STATUS(phdr, NSS_NSCD_PRIV, errnum,
NSCD_DOOR_UCRED_ERROR);
+ return;
}
/* get door client's effective uid */
@@ -1275,8 +1283,9 @@
/* is the per-user nscd running ? if not, no one to serve */
ch = get_cslot(uid, 1);
if (ch == NULL) {
- NSCD_RETURN_N2N_STATUS(phdr, NSS_NSCD_PRIV, 0,
+ NSCD_SET_N2N_STATUS(phdr, NSS_NSCD_PRIV, 0,
NSCD_SELF_CRED_NO_CHILD_SLOT);
+ return;
}
ret = _nscd_doorcall_fd(ch->child_door, NSCD_GETADMIN,
@@ -1457,8 +1466,7 @@
int found;
char *me = "check_user_process";
- /*CONSTCOND*/
- while (1) {
+ for (;;) {
(void) sleep(60);
found = 0;
@@ -1492,7 +1500,6 @@
}
(void) closedir(dp);
}
- /* NOTREACHED */
/*LINTED E_FUNC_HAS_NO_RETURN_STMT*/
}
--- a/usr/src/cmd/nscd/nscd_switch.c Sun Apr 22 15:19:49 2012 +0100
+++ b/usr/src/cmd/nscd/nscd_switch.c Thu Apr 26 21:14:28 2012 +0100
@@ -22,6 +22,7 @@
/*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
+ * Copyright 2012 Milan Jurik. All rights reserved.
*/
#include <stdlib.h> /* getenv() */
@@ -1352,13 +1353,15 @@
char *me = "nss_psearch";
if (buffer == NULL || length == 0) {
- NSCD_RETURN_STATUS(pbuf, NSS_ERROR, EFAULT);
+ NSCD_SET_STATUS(pbuf, NSS_ERROR, EFAULT);
+ return;
}
status = nss_packed_arg_init(buffer, length,
NULL, &initf, &dbop, &arg);
if (status != NSS_SUCCESS) {
- NSCD_RETURN_STATUS(pbuf, status, -1);
+ NSCD_SET_STATUS(pbuf, status, -1);
+ return;
}
/*
@@ -1376,7 +1379,8 @@
*/
rc = set_initf_key(pbuf);
if (rc != 0) {
- NSCD_RETURN_STATUS(pbuf, NSS_UNAVAIL, EINVAL);
+ NSCD_SET_STATUS(pbuf, NSS_UNAVAIL, EINVAL);
+ return;
}
initf = nscd_initf;
@@ -1443,7 +1447,8 @@
nscd_getent_p1_cookie_t *cookie;
if (buffer == NULL) {
- NSCD_RETURN_STATUS(pbuf, NSS_ERROR, EFAULT);
+ NSCD_SET_STATUS(pbuf, NSS_ERROR, EFAULT);
+ return;
}
off = pbuf->key_off;
@@ -1464,7 +1469,8 @@
if (cookie_num_p != NULL)
*cookie_num_p = &cookie->p1_cookie_num;
if (setent == 1 && cookie->p1_cookie_num == NSCD_NEW_COOKIE) {
- NSCD_RETURN_STATUS_SUCCESS(pbuf);
+ NSCD_SET_STATUS_SUCCESS(pbuf);
+ return;
}
/*
@@ -1475,8 +1481,10 @@
if (cookie->p1_seqnum == NSCD_P0_COOKIE_SEQNUM) {
nscd_getent_p0_cookie_t *p0c =
(nscd_getent_p0_cookie_t *)cookie;
- if (p0c->p0_time == _nscd_get_start_time())
- NSCD_RETURN_STATUS_SUCCESS(pbuf);
+ if (p0c->p0_time == _nscd_get_start_time()) {
+ NSCD_SET_STATUS_SUCCESS(pbuf);
+ return;
+ }
}
_NSCD_LOG(NSCD_LOG_SWITCH_ENGINE, NSCD_LOG_LEVEL_DEBUG)
@@ -1490,7 +1498,8 @@
(me, "No matching context found (cookie number: %lld)\n",
cookie->p1_cookie_num);
- NSCD_RETURN_STATUS(pbuf, NSS_ERROR, EFAULT);
+ NSCD_SET_STATUS(pbuf, NSS_ERROR, EFAULT);
+ return;
}
/* if not called by nss_psetent, verify sequence number */
@@ -1500,12 +1509,13 @@
(me, "invalid sequence # (%lld)\n", cookie->p1_seqnum);
_nscd_free_ctx_if_aborted(ctx);
- NSCD_RETURN_STATUS(pbuf, NSS_ERROR, EFAULT);
+ NSCD_SET_STATUS(pbuf, NSS_ERROR, EFAULT);
+ return;
}
contextp->ctx = (struct nss_getent_context *)ctx;
- NSCD_RETURN_STATUS_SUCCESS(pbuf);
+ NSCD_SET_STATUS_SUCCESS(pbuf);
}
void
@@ -1520,7 +1530,8 @@
char *me = "nss_psetent";
if (buffer == NULL || length == 0) {
- NSCD_RETURN_STATUS(pbuf, NSS_ERROR, EFAULT);
+ NSCD_SET_STATUS(pbuf, NSS_ERROR, EFAULT);
+ return;
}
/*
@@ -1542,7 +1553,8 @@
_NSCD_LOG(NSCD_LOG_SWITCH_ENGINE,
NSCD_LOG_LEVEL_DEBUG)
(me, "NSS_TRYLOCAL: fallback to caller process\n");
- NSCD_RETURN_STATUS(pbuf, NSS_TRYLOCAL, 0);
+ NSCD_SET_STATUS(pbuf, NSS_TRYLOCAL, 0);
+ return;
}
}
}
@@ -1590,7 +1602,7 @@
(me, "returning a p0 cookie: pid = %ld, time = %ld, seq #= %llx\n",
p0c->p0_pid, p0c->p0_time, p0c->p0_seqnum);
- NSCD_RETURN_STATUS(pbuf, NSS_SUCCESS, 0);
+ NSCD_SET_STATUS(pbuf, NSS_SUCCESS, 0);
}
static void
@@ -1639,14 +1651,15 @@
_NSCD_LOG(NSCD_LOG_SWITCH_ENGINE, NSCD_LOG_LEVEL_DEBUG)
(me, "NSS_TRYLOCAL: cookie # = %lld, sequence # = %lld\n",
*cookie_num_p, *seqnum_p);
- NSCD_RETURN_STATUS(pbuf, NSS_TRYLOCAL, 0);
+ NSCD_SET_STATUS(pbuf, NSS_TRYLOCAL, 0);
+ return;
}
_NSCD_LOG(NSCD_LOG_SWITCH_ENGINE, NSCD_LOG_LEVEL_DEBUG)
(me, "NSS_SUCCESS: cookie # = %lld, sequence # = %lld\n",
ctx->cookie_num, ctx->seq_num);
- NSCD_RETURN_STATUS(pbuf, NSS_SUCCESS, 0);
+ NSCD_SET_STATUS(pbuf, NSS_SUCCESS, 0);
}
void
@@ -1666,7 +1679,8 @@
char *me = "nss_pgetent";
if (buffer == NULL || length == 0) {
- NSCD_RETURN_STATUS(pbuf, NSS_ERROR, EFAULT);
+ NSCD_SET_STATUS(pbuf, NSS_ERROR, EFAULT);
+ return;
}
/* verify the cookie passed in */
@@ -1680,7 +1694,8 @@
*/
rc = set_initf_key(pbuf);
if (rc != 0) {
- NSCD_RETURN_STATUS(pbuf, NSS_UNAVAIL, EINVAL);
+ NSCD_SET_STATUS(pbuf, NSS_UNAVAIL, EINVAL);
+ return;
}
initf = nscd_initf;
@@ -1703,7 +1718,8 @@
clear_initf_key();
_nscd_free_ctx_if_aborted(
(nscd_getent_context_t *)contextp->ctx);
- NSCD_RETURN_STATUS(pbuf, status, -1);
+ NSCD_SET_STATUS(pbuf, status, -1);
+ return;
}
/* Perform local search and pack results into return buffer */
@@ -1751,7 +1767,8 @@
char *me = "nss_pendent";
if (buffer == NULL || length == 0) {
- NSCD_RETURN_STATUS(pbuf, NSS_ERROR, EFAULT);
+ NSCD_SET_STATUS(pbuf, NSS_ERROR, EFAULT);
+ return;
}
/* map the contextp from the cookie information */
@@ -1769,7 +1786,7 @@
/* Perform local endent and reset context */
nss_endent(NULL, NULL, contextp);
- NSCD_RETURN_STATUS(pbuf, NSS_SUCCESS, 0);
+ NSCD_SET_STATUS(pbuf, NSS_SUCCESS, 0);
}
/*ARGSUSED*/
@@ -1779,5 +1796,5 @@
nss_pheader_t *pbuf = (nss_pheader_t *)buffer;
/* unnecessary, kept for completeness */
- NSCD_RETURN_STATUS_SUCCESS(pbuf);
+ NSCD_SET_STATUS_SUCCESS(pbuf);
}
--- a/usr/src/cmd/sendmail/src/tls.c Sun Apr 22 15:19:49 2012 +0100
+++ b/usr/src/cmd/sendmail/src/tls.c Thu Apr 26 21:14:28 2012 +0100
@@ -1,6 +1,7 @@
/*
* Copyright (c) 2000-2006, 2008, 2009 Sendmail, Inc. and its suppliers.
* All rights reserved.
+ * Copyright (c) 2012, OmniTI Computer Consulting, Inc. All rights reserved.
*
* By using this file, you agree to the terms and conditions set
* forth in the LICENSE file which can be found at the top level of
@@ -1168,7 +1169,7 @@
MACROS_T *mac;
bool certreq;
{
- SSL_CIPHER *c;
+ const SSL_CIPHER *c;
int b, r;
long verifyok;
char *s, *who;
--- a/usr/src/cmd/sgs/include/rtld.h Sun Apr 22 15:19:49 2012 +0100
+++ b/usr/src/cmd/sgs/include/rtld.h Thu Apr 26 21:14:28 2012 +0100
@@ -1106,6 +1106,10 @@
* capabilities of the system. This structure follows the Objcapset definition
* from libld.h, however the system can only have one platform or machine
* hardware name, thus this structure is a little simpler.
+ *
+ * Note, the amd64 version of elf_rtbndr assumes that the sc_hw_1 value is at
+ * offset zero. If you are changing this structure in a way that invalidates
+ * this you need to update that code.
*/
typedef struct {
elfcap_mask_t sc_hw_1; /* CA_SUNW_HW_1 capabilities */
--- a/usr/src/cmd/sgs/rtld/amd64/boot_elf.s Sun Apr 22 15:19:49 2012 +0100
+++ b/usr/src/cmd/sgs/rtld/amd64/boot_elf.s Thu Apr 26 21:14:28 2012 +0100
@@ -22,10 +22,9 @@
/*
* Copyright 2008 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
+ * Copyright (c) 2012 Joyent, Inc. All rights reserved.
*/
-#pragma ident "%Z%%M% %I% %E% SMI"
-
#if defined(lint)
#include <sys/types.h>
@@ -33,6 +32,7 @@
#include <_audit.h>
#include <_elf.h>
#include <sys/regset.h>
+#include <sys/auxv_386.h>
/* ARGSUSED0 */
int
@@ -45,6 +45,7 @@
#include <link.h>
#include <_audit.h>
#include <sys/asm_linkage.h>
+#include <sys/auxv_386.h>
.file "boot_elf.s"
.text
@@ -106,12 +107,12 @@
* %r11 8
* %rax 8
* =======
- * Subtotal: 144 (16byte aligned)
+ * Subtotal: 144 (32byte aligned)
*
* Saved Media Regs (used to pass floating point args):
- * %xmm0 - %xmm7 16 * 8: 128
+ * %xmm0 - %xmm7 32 * 8: 256
* =======
- * Total: 272 (16byte aligned)
+ * Total: 400 (32byte aligned)
*
* So - will subtract the following to create enough space
*
@@ -131,14 +132,14 @@
* -144(%rbp) entering %r10
* -152(%rbp) entering %r11
* -160(%rbp) entering %rax
- * -176(%rbp) entering %xmm0
- * -192(%rbp) entering %xmm1
- * -208(%rbp) entering %xmm2
- * -224(%rbp) entering %xmm3
- * -240(%rbp) entering %xmm4
- * -256(%rbp) entering %xmm5
- * -272(%rbp) entering %xmm6
- * -288(%rbp) entering %xmm7
+ * -192(%rbp) entering %xmm0
+ * -224(%rbp) entering %xmm1
+ * -256(%rbp) entering %xmm2
+ * -288(%rbp) entering %xmm3
+ * -320(%rbp) entering %xmm4
+ * -384(%rbp) entering %xmm5
+ * -416(%rbp) entering %xmm6
+ * -448(%rbp) entering %xmm7
*
*/
#define SPDYNOFF -8
@@ -148,39 +149,41 @@
/*
* The next set of offsets are relative to %rsp.
- * We guarantee %rsp is ABI compliant 16-byte aligned. This guarantees the
- * xmm registers are saved to 16-byte aligned addresses.
+ * We guarantee %rsp is ABI compliant 32-byte aligned. This guarantees the
+ * ymm registers are saved to 32-byte aligned addresses.
* %rbp may only be 8 byte aligned if we came in from non-ABI compliant code.
*/
-#define SPRDIOFF 192
-#define SPRSIOFF 184
-#define SPRDXOFF 176
-#define SPRCXOFF 168
-#define SPR8OFF 160
-#define SPR9OFF 152
-#define SPR10OFF 144
-#define SPR11OFF 136
-#define SPRAXOFF 128
-#define SPXMM0OFF 112
-#define SPXMM1OFF 96
-#define SPXMM2OFF 80
-#define SPXMM3OFF 64
-#define SPXMM4OFF 48
-#define SPXMM5OFF 32
-#define SPXMM6OFF 16
+#define SPRDIOFF 320
+#define SPRSIOFF 312
+#define SPRDXOFF 304
+#define SPRCXOFF 296
+#define SPR8OFF 288
+#define SPR9OFF 280
+#define SPR10OFF 272
+#define SPR11OFF 264
+#define SPRAXOFF 256
+#define SPXMM0OFF 224
+#define SPXMM1OFF 192
+#define SPXMM2OFF 160
+#define SPXMM3OFF 128
+#define SPXMM4OFF 96
+#define SPXMM5OFF 64
+#define SPXMM6OFF 32
#define SPXMM7OFF 0
+ /* See elf_rtbndr for explanation behind org_scapset */
+ .extern org_scapset
.globl elf_plt_trace
.type elf_plt_trace,@function
.align 16
elf_plt_trace:
/*
- * Enforce ABI 16-byte stack alignment here.
+ * Enforce ABI 32-byte stack alignment here.
* The next andq instruction does this pseudo code:
* If %rsp is 8 byte aligned then subtract 8 from %rsp.
*/
- andq $-16, %rsp /* enforce ABI 16-byte stack alignment */
- subq $272,%rsp / create some local storage
+ andq $-32, %rsp /* enforce ABI 32-byte stack alignment */
+ subq $400,%rsp / create some local storage
movq %rdi, SPRDIOFF(%rsp)
movq %rsi, SPRSIOFF(%rsp)
@@ -191,6 +194,14 @@
movq %r10, SPR10OFF(%rsp)
movq %r11, SPR11OFF(%rsp)
movq %rax, SPRAXOFF(%rsp)
+
+ movq org_scapset@GOTPCREL(%rip),%r9
+ movq (%r9),%r9
+ movl (%r9),%edx
+ testl $AV_386_AVX,%edx
+ jne .trace_save_ymm
+
+.trace_save_xmm:
movdqa %xmm0, SPXMM0OFF(%rsp)
movdqa %xmm1, SPXMM1OFF(%rsp)
movdqa %xmm2, SPXMM2OFF(%rsp)
@@ -199,6 +210,19 @@
movdqa %xmm5, SPXMM5OFF(%rsp)
movdqa %xmm6, SPXMM6OFF(%rsp)
movdqa %xmm7, SPXMM7OFF(%rsp)
+ jmp .trace_save_finish
+
+.trace_save_ymm:
+ vmovdqa %ymm0, SPXMM0OFF(%rsp)
+ vmovdqa %ymm1, SPXMM1OFF(%rsp)
+ vmovdqa %ymm2, SPXMM2OFF(%rsp)
+ vmovdqa %ymm3, SPXMM3OFF(%rsp)
+ vmovdqa %ymm4, SPXMM4OFF(%rsp)
+ vmovdqa %ymm5, SPXMM5OFF(%rsp)
+ vmovdqa %ymm6, SPXMM6OFF(%rsp)
+ vmovdqa %ymm7, SPXMM7OFF(%rsp)
+
+.trace_save_finish:
movq SPDYNOFF(%rbp), %rax / %rax = dyndata
testb $LA_SYMB_NOPLTENTER, SBFLAGS_OFF(%rax) / <link.h>
@@ -273,6 +297,34 @@
/
/ Restore registers
/
+ movq org_scapset@GOTPCREL(%rip),%r9
+ movq (%r9),%r9
+ movl (%r9),%edx
+ testl $AV_386_AVX,%edx
+ jne .trace_restore_ymm
+
+.trace_restore_xmm:
+ movdqa SPXMM0OFF(%rsp), %xmm0
+ movdqa SPXMM1OFF(%rsp), %xmm1
+ movdqa SPXMM2OFF(%rsp), %xmm2
+ movdqa SPXMM3OFF(%rsp), %xmm3
+ movdqa SPXMM4OFF(%rsp), %xmm4
+ movdqa SPXMM5OFF(%rsp), %xmm5
+ movdqa SPXMM6OFF(%rsp), %xmm6
+ movdqa SPXMM7OFF(%rsp), %xmm7
+ jmp .trace_restore_finish
+
+.trace_restore_ymm:
+ vmovdqa SPXMM0OFF(%rsp), %ymm0
+ vmovdqa SPXMM1OFF(%rsp), %ymm1
+ vmovdqa SPXMM2OFF(%rsp), %ymm2
+ vmovdqa SPXMM3OFF(%rsp), %ymm3
+ vmovdqa SPXMM4OFF(%rsp), %ymm4
+ vmovdqa SPXMM5OFF(%rsp), %ymm5
+ vmovdqa SPXMM6OFF(%rsp), %ymm6
+ vmovdqa SPXMM7OFF(%rsp), %ymm7
+
+.trace_restore_finish:
movq SPRDIOFF(%rsp), %rdi
movq SPRSIOFF(%rsp), %rsi
movq SPRDXOFF(%rsp), %rdx
@@ -282,14 +334,6 @@
movq SPR10OFF(%rsp), %r10
movq SPR11OFF(%rsp), %r11
movq SPRAXOFF(%rsp), %rax
- movdqa SPXMM0OFF(%rsp), %xmm0
- movdqa SPXMM1OFF(%rsp), %xmm1
- movdqa SPXMM2OFF(%rsp), %xmm2
- movdqa SPXMM3OFF(%rsp), %xmm3
- movdqa SPXMM4OFF(%rsp), %xmm4
- movdqa SPXMM5OFF(%rsp), %xmm5
- movdqa SPXMM6OFF(%rsp), %xmm6
- movdqa SPXMM7OFF(%rsp), %xmm7
subq $8, %rbp / adjust %rbp for 'ret'
movq %rbp, %rsp /
@@ -365,6 +409,36 @@
/ Restore registers using %r11 which contains our old %rsp value
/ before growing the stack.
/
+
+ / Yes, we have to do this dance again. Sorry.
+ movq org_scapset@GOTPCREL(%rip),%r9
+ movq (%r9),%r9
+ movl (%r9),%edx
+ testl $AV_386_AVX,%edx
+ jne .trace_r2_ymm
+
+.trace_r2_xmm:
+ movdqa SPXMM0OFF(%r11), %xmm0
+ movdqa SPXMM1OFF(%r11), %xmm1
+ movdqa SPXMM2OFF(%r11), %xmm2
+ movdqa SPXMM3OFF(%r11), %xmm3
+ movdqa SPXMM4OFF(%r11), %xmm4
+ movdqa SPXMM5OFF(%r11), %xmm5
+ movdqa SPXMM6OFF(%r11), %xmm6
+ movdqa SPXMM7OFF(%r11), %xmm7
+ jmp .trace_r2_finish
+
+.trace_r2_ymm:
+ vmovdqa SPXMM0OFF(%r11), %ymm0
+ vmovdqa SPXMM1OFF(%r11), %ymm1
+ vmovdqa SPXMM2OFF(%r11), %ymm2
+ vmovdqa SPXMM3OFF(%r11), %ymm3
+ vmovdqa SPXMM4OFF(%r11), %ymm4
+ vmovdqa SPXMM5OFF(%r11), %ymm5
+ vmovdqa SPXMM6OFF(%r11), %ymm6
+ vmovdqa SPXMM7OFF(%r11), %ymm7
+
+.trace_r2_finish:
movq SPRDIOFF(%r11), %rdi
movq SPRSIOFF(%r11), %rsi
movq SPRDXOFF(%r11), %rdx
@@ -373,14 +447,6 @@
movq SPR9OFF(%r11), %r9
movq SPR10OFF(%r11), %r10
movq SPRAXOFF(%r11), %rax
- movdqa SPXMM0OFF(%r11), %xmm0
- movdqa SPXMM1OFF(%r11), %xmm1
- movdqa SPXMM2OFF(%r11), %xmm2
- movdqa SPXMM3OFF(%r11), %xmm3
- movdqa SPXMM4OFF(%r11), %xmm4
- movdqa SPXMM5OFF(%r11), %xmm5
- movdqa SPXMM6OFF(%r11), %xmm6
- movdqa SPXMM7OFF(%r11), %xmm7
movq SPR11OFF(%r11), %r11 / retore %r11 last
/*
@@ -493,7 +559,14 @@
* the AMD64 ABI. We must save on the local stack all possible register
* arguments before interposing functions to resolve the called function.
* Possible arguments must be restored before invoking the resolved function.
- *
+ *
+ * Before the AVX instruction set enhancements to AMD64 there were no changes in
+ * the set of registers and their sizes across different processors. With AVX,
+ * the xmm registers became the lower 128 bits of the ymm registers. Because of
+ * this, we need to conditionally save 256 bits instead of 128 bits. Regardless
+ * of whether we have ymm registers or not, we're always going to push the stack
+ * space assuming that we do to simplify the code.
+ *
* Local stack space storage for elf_rtbndr is allocated as follows:
*
* Saved regs:
@@ -506,12 +579,12 @@
* %r9 8
* %r10 8
* =======
- * Subtotal: 64 (16byte aligned)
+ * Subtotal: 64 (32byte aligned)
*
* Saved Media Regs (used to pass floating point args):
- * %xmm0 - %xmm7 16 * 8: 128
+ * %ymm0 - %ymm7 32 * 8 256
* =======
- * Total: 192 (16byte aligned)
+ * Total: 320 (32byte aligned)
*
* So - will subtract the following to create enough space
*
@@ -523,21 +596,25 @@
* 40(%rsp) save %r8
* 48(%rsp) save %r9
* 56(%rsp) save %r10
- * 64(%rsp) save %xmm0
- * 80(%rsp) save %xmm1
- * 96(%rsp) save %xmm2
- * 112(%rsp) save %xmm3
- * 128(%rsp) save %xmm4
- * 144(%rsp) save %xmm5
- * 160(%rsp) save %xmm6
- * 176(%rsp) save %xmm7
+ * 64(%rsp) save %ymm0
+ * 96(%rsp) save %ymm1
+ * 128(%rsp) save %ymm2
+ * 160(%rsp) save %ymm3
+ * 192(%rsp) save %ymm4
+ * 224(%rsp) save %ymm5
+ * 256(%rsp) save %ymm6
+ * 288(%rsp) save %ymm7
*
* Note: Some callers may use 8-byte stack alignment instead of the
* ABI required 16-byte alignment. We use %rsp offsets to save/restore
* registers because %rbp may not be 16-byte aligned. We guarantee %rsp
* is 16-byte aligned in the function preamble.
*/
-#define LS_SIZE $192 /* local stack space to save all possible arguments */
+/*
+ * As the registers may either be xmm or ymm, we've left the name as xmm, but
+ * increased the offset between them to always cover the xmm and ymm cases.
+ */
+#define LS_SIZE $320 /* local stack space to save all possible arguments */
#define LSRAXOFF 0 /* for SSE register count */
#define LSRDIOFF 8 /* arg 0 ... */
#define LSRSIOFF 16
@@ -547,14 +624,23 @@
#define LSR9OFF 48
#define LSR10OFF 56 /* ... arg 5 */
#define LSXMM0OFF 64 /* SSE arg 0 ... */
-#define LSXMM1OFF 80
-#define LSXMM2OFF 96
-#define LSXMM3OFF 112
-#define LSXMM4OFF 128
-#define LSXMM5OFF 144
-#define LSXMM6OFF 160
-#define LSXMM7OFF 176 /* ... SSE arg 7 */
+#define LSXMM1OFF 96
+#define LSXMM2OFF 128
+#define LSXMM3OFF 160
+#define LSXMM4OFF 192
+#define LSXMM5OFF 224
+#define LSXMM6OFF 256
+#define LSXMM7OFF 288 /* ... SSE arg 7 */
+ /*
+ * The org_scapset is a global variable that is a part of rtld. It
+ * contains the capabilities that the kernel has told us are supported
+ * (auxv_hwcap). This is necessary for determining whether or not we
+ * need to save and restore AVX registers or simple SSE registers. Note,
+ * that the field we care about is currently at offset 0, if that
+ * changes, this code will have to be updated.
+ */
+ .extern org_scapset
.weak _elf_rtbndr
_elf_rtbndr = elf_rtbndr
@@ -569,7 +655,7 @@
* The next andq instruction does this pseudo code:
* If %rsp is 8 byte aligned then subtract 8 from %rsp.
*/
- andq $-16, %rsp /* enforce ABI 16-byte stack alignment */
+ andq $-32, %rsp /* enforce ABI 32-byte stack alignment */
subq LS_SIZE, %rsp /* save all ABI defined argument registers */
@@ -582,6 +668,16 @@
movq %r9, LSR9OFF(%rsp) /* .. arg 5 */
movq %r10, LSR10OFF(%rsp) /* call chain reg */
+ /*
+ * Our xmm registers could secretly by ymm registers in disguise.
+ */
+ movq org_scapset@GOTPCREL(%rip),%r9
+ movq (%r9),%r9
+ movl (%r9),%edx
+ testl $AV_386_AVX,%edx
+ jne .save_ymm
+
+.save_xmm:
movdqa %xmm0, LSXMM0OFF(%rsp) /* SSE arg 0 ... */
movdqa %xmm1, LSXMM1OFF(%rsp)
movdqa %xmm2, LSXMM2OFF(%rsp)
@@ -590,14 +686,57 @@
movdqa %xmm5, LSXMM5OFF(%rsp)
movdqa %xmm6, LSXMM6OFF(%rsp)
movdqa %xmm7, LSXMM7OFF(%rsp) /* ... SSE arg 7 */
+ jmp .save_finish
+.save_ymm:
+ vmovdqa %ymm0, LSXMM0OFF(%rsp) /* SSE arg 0 ... */
+ vmovdqa %ymm1, LSXMM1OFF(%rsp)
+ vmovdqa %ymm2, LSXMM2OFF(%rsp)
+ vmovdqa %ymm3, LSXMM3OFF(%rsp)
+ vmovdqa %ymm4, LSXMM4OFF(%rsp)
+ vmovdqa %ymm5, LSXMM5OFF(%rsp)
+ vmovdqa %ymm6, LSXMM6OFF(%rsp)
+ vmovdqa %ymm7, LSXMM7OFF(%rsp) /* ... SSE arg 7 */
+
+.save_finish:
movq LBPLMPOFF(%rbp), %rdi /* arg1 - *lmp */
movq LBPRELOCOFF(%rbp), %rsi /* arg2 - reloc index */
movq LBRPCOFF(%rbp), %rdx /* arg3 - pc of caller */
call elf_bndr@PLT /* call elf_rtbndr(lmp, relndx, pc) */
movq %rax, LBPRELOCOFF(%rbp) /* store final destination */
- /* restore possible arguments before invoking resolved function */
+ /*
+ * Restore possible arguments before invoking resolved function. We
+ * check the xmm vs. ymm regs first so we can use the others.
+ */
+ movq org_scapset@GOTPCREL(%rip),%r9
+ movq (%r9),%r9
+ movl (%r9),%edx
+ testl $AV_386_AVX,%edx
+ jne .restore_ymm
+
+.restore_xmm:
+ movdqa LSXMM0OFF(%rsp), %xmm0
+ movdqa LSXMM1OFF(%rsp), %xmm1
+ movdqa LSXMM2OFF(%rsp), %xmm2
+ movdqa LSXMM3OFF(%rsp), %xmm3
+ movdqa LSXMM4OFF(%rsp), %xmm4
+ movdqa LSXMM5OFF(%rsp), %xmm5
+ movdqa LSXMM6OFF(%rsp), %xmm6
+ movdqa LSXMM7OFF(%rsp), %xmm7
+ jmp .restore_finish
+
+.restore_ymm:
+ vmovdqa LSXMM0OFF(%rsp), %ymm0
+ vmovdqa LSXMM1OFF(%rsp), %ymm1
+ vmovdqa LSXMM2OFF(%rsp), %ymm2
+ vmovdqa LSXMM3OFF(%rsp), %ymm3
+ vmovdqa LSXMM4OFF(%rsp), %ymm4
+ vmovdqa LSXMM5OFF(%rsp), %ymm5
+ vmovdqa LSXMM6OFF(%rsp), %ymm6
+ vmovdqa LSXMM7OFF(%rsp), %ymm7
+
+.restore_finish:
movq LSRAXOFF(%rsp), %rax
movq LSRDIOFF(%rsp), %rdi
movq LSRSIOFF(%rsp), %rsi
@@ -607,15 +746,6 @@
movq LSR9OFF(%rsp), %r9
movq LSR10OFF(%rsp), %r10
- movdqa LSXMM0OFF(%rsp), %xmm0
- movdqa LSXMM1OFF(%rsp), %xmm1
- movdqa LSXMM2OFF(%rsp), %xmm2
- movdqa LSXMM3OFF(%rsp), %xmm3
- movdqa LSXMM4OFF(%rsp), %xmm4
- movdqa LSXMM5OFF(%rsp), %xmm5
- movdqa LSXMM6OFF(%rsp), %xmm6
- movdqa LSXMM7OFF(%rsp), %xmm7
-
movq %rbp, %rsp
popq %rbp
--- a/usr/src/cmd/sgs/rtld/common/globals.c Sun Apr 22 15:19:49 2012 +0100
+++ b/usr/src/cmd/sgs/rtld/common/globals.c Thu Apr 26 21:14:28 2012 +0100
@@ -151,6 +151,9 @@
* override the system capabilities for testing purposes. Furthermore, these
* alternative capabilities can be specified such that they only apply to
* specified files rather than to all objects.
+ *
+ * The org_scapset is relied upon by the amd64 version of elf_rtbndr to
+ * determine whether or not AVX registers are present in the system.
*/
static Syscapset scapset = { 0 };
Syscapset *org_scapset = &scapset; /* original system and */
--- a/usr/src/common/net/wanboot/auxutil.c Sun Apr 22 15:19:49 2012 +0100
+++ b/usr/src/common/net/wanboot/auxutil.c Thu Apr 26 21:14:28 2012 +0100
@@ -61,6 +61,10 @@
* in this library. None of these are exposed.
*/
+/*
+ * Copyright (c) 2012, OmniTI Computer Consulting, Inc. All rights reserved.
+ */
+
#pragma ident "%Z%%M% %I% %E% SMI"
#include <stdio.h>
@@ -97,7 +101,11 @@
int unilen;
/* Convert the character to the bmp format. */
+#if OPENSSL_VERSION_NUMBER < 0x10000000L
if (asc2uni(str, len, &uni, &unilen) == 0) {
+#else
+ if (OPENSSL_asc2uni(str, len, &uni, &unilen) == 0) {
+#endif
SUNWerr(SUNW_F_ASC2BMPSTRING, SUNW_R_MEMORY_FAILURE);
return (NULL);
}
--- a/usr/src/common/net/wanboot/boot_http.c Sun Apr 22 15:19:49 2012 +0100
+++ b/usr/src/common/net/wanboot/boot_http.c Thu Apr 26 21:14:28 2012 +0100
@@ -21,6 +21,7 @@
/*
* Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, OmniTI Computer Consulting, Inc. All rights reserved.
*/
#include <errno.h>
@@ -1767,7 +1768,11 @@
static SSL_CTX *
initialize_ctx(http_conn_t *c_id)
{
+#if OPENSSL_VERSION_NUMBER < 0x10000000L
SSL_METHOD *meth;
+#else
+ const SSL_METHOD *meth;
+#endif
SSL_CTX *ctx;
ERR_clear_error();
--- a/usr/src/common/net/wanboot/p12misc.c Sun Apr 22 15:19:49 2012 +0100
+++ b/usr/src/common/net/wanboot/p12misc.c Thu Apr 26 21:14:28 2012 +0100
@@ -58,6 +58,10 @@
* Use is subject to license terms.
*/
+/*
+ * Copyright (c) 2012, OmniTI Computer Consulting, Inc. All rights reserved.
+ */
+
#pragma ident "%Z%%M% %I% %E% SMI"
#include <stdio.h>
@@ -440,7 +444,11 @@
}
str = ty->value.bmpstring;
+#if OPENSSL_VERSION_NUMBER < 0x10000000L
*fname = uni2asc(str->data, str->length);
+#else
+ *fname = OPENSSL_uni2asc(str->data, str->length);
+#endif
if (*fname == NULL) {
SUNWerr(SUNW_F_GET_PKEY_FNAME, SUNW_R_MEMORY_FAILURE);
return (-1);
--- a/usr/src/lib/krb5/plugins/preauth/pkinit/pkinit_crypto_openssl.c Sun Apr 22 15:19:49 2012 +0100
+++ b/usr/src/lib/krb5/plugins/preauth/pkinit/pkinit_crypto_openssl.c Thu Apr 26 21:14:28 2012 +0100
@@ -30,6 +30,7 @@
/*
* Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, OmniTI Computer Consulting, Inc. All rights reserved.
*/
#include <errno.h>
@@ -1278,7 +1279,7 @@
revoked = sk_X509_CRL_new_null();
for (i = 0; i < size; i++)
sk_X509_CRL_push(revoked, sk_X509_CRL_value(idctx->revoked, i));
- size = sk_X509_num(p7->d.sign->crl);
+ size = sk_X509_CRL_num(p7->d.sign->crl);
for (i = 0; i < size; i++)
sk_X509_CRL_push(revoked, sk_X509_CRL_value(p7->d.sign->crl, i));
}
@@ -1419,7 +1420,7 @@
pkiDebug("PKCS7 Verification successful\n");
else {
pkiDebug("wrong oid in eContentType\n");
- print_buffer(p7->d.sign->contents->type->data,
+ print_buffer((unsigned char *)p7->d.sign->contents->type->data,
(unsigned int)p7->d.sign->contents->type->length);
retval = KRB5KDC_ERR_PREAUTH_FAILED;
krb5_set_error_message(context, retval, "wrong oid\n");
@@ -4773,7 +4774,11 @@
if (buf == NULL)
return ENOMEM;
+#if OPENSSL_VERSION_NUMBER < 0x10000000L
len = EVP_PKEY_decrypt(buf, data, (int)data_len, pkey);
+#else
+ len = EVP_PKEY_decrypt_old(buf, data, (int)data_len, pkey);
+#endif
if (len <= 0) {
pkiDebug("unable to decrypt received data (len=%d)\n", data_len);
/* Solaris Kerberos */
@@ -5908,7 +5913,7 @@
continue;
}
if (flag != 0) {
- sk_X509_push(ca_crls, X509_CRL_dup(xi->crl));
+ sk_X509_CRL_push(ca_crls, X509_CRL_dup(xi->crl));
}
}
}
@@ -5938,7 +5943,7 @@
}
break;
case CATYPE_CRLS:
- if (sk_X509_num(ca_crls) == 0) {
+ if (sk_X509_CRL_num(ca_crls) == 0) {
pkiDebug("no crls in file, %s\n", filename);
if (id_cryptoctx->revoked == NULL)
sk_X509_CRL_free(ca_crls);
--- a/usr/src/lib/libkmf/plugins/kmf_openssl/common/openssl_spi.c Sun Apr 22 15:19:49 2012 +0100
+++ b/usr/src/lib/libkmf/plugins/kmf_openssl/common/openssl_spi.c Thu Apr 26 21:14:28 2012 +0100
@@ -4,6 +4,9 @@
* Use is subject to license terms.
*/
/*
+ * Copyright (c) 2012, OmniTI Computer Consulting, Inc. All rights reserved.
+ */
+/*
* Written by Dr Stephen N Henson ([email protected]) for the OpenSSL
* project 2000.
*/
@@ -2027,7 +2030,11 @@
int j;
int ext_index, nid, len;
BIO *mem = NULL;
+#if OPENSSL_VERSION_NUMBER < 0x10000000L
STACK *emlst = NULL;
+#else
+ STACK_OF(OPENSSL_STRING) *emlst = NULL;
+#endif
X509_EXTENSION *ex;
X509_CINF *ci;
@@ -2140,8 +2147,14 @@
case KMF_CERT_EMAIL:
emlst = X509_get1_email(xcert);
+#if OPENSSL_VERSION_NUMBER < 0x10000000L
for (j = 0; j < sk_num(emlst); j++)
(void) BIO_printf(mem, "%s\n", sk_value(emlst, j));
+#else
+ for (j = 0; j < sk_OPENSSL_STRING_num(emlst); j++)
+ (void) BIO_printf(mem, "%s\n",
+ sk_OPENSSL_STRING_value(emlst, j));
+#endif
len = BIO_gets(mem, resultStr, KMF_CERT_PRINTABLE_LEN);
X509_email_free(emlst);
@@ -4265,8 +4278,13 @@
ty = sk_ASN1_TYPE_value(attr->value.set, 0);
}
if (ty != NULL) {
+#if OPENSSL_VERSION_NUMBER < 0x10000000L
key->label = uni2asc(ty->value.bmpstring->data,
ty->value.bmpstring->length);
+#else
+ key->label = OPENSSL_uni2asc(ty->value.bmpstring->data,
+ ty->value.bmpstring->length);
+#endif
}
} else {
key->label = NULL;
--- a/usr/src/lib/libpkg/common/p12lib.c Sun Apr 22 15:19:49 2012 +0100
+++ b/usr/src/lib/libpkg/common/p12lib.c Thu Apr 26 21:14:28 2012 +0100
@@ -58,6 +58,10 @@
* Use is subject to license terms.
*/
+/*
+ * Copyright (c) 2012, OmniTI Computer Consulting, Inc. All rights reserved.
+ */
+
#include <strings.h>
#include <stdlib.h>
@@ -1137,7 +1141,11 @@
}
str = ty->value.bmpstring;
+#if OPENSSL_VERSION_NUMBER < 0x10000000L
*fname = uni2asc(str->data, str->length);
+#else
+ *fname = OPENSSL_uni2asc(str->data, str->length);
+#endif
if (*fname == NULL) {
SUNWerr(SUNW_F_GET_PKEY_FNAME, SUNW_R_MEMORY_FAILURE);
return (-1);
@@ -2295,7 +2303,11 @@
int unilen;
/* Convert the character to the bmp format. */
+#if OPENSSL_VERSION_NUMBER < 0x10000000L
if (asc2uni(str, len, &uni, &unilen) == 0) {
+#else
+ if (OPENSSL_asc2uni(str, len, &uni, &unilen) == 0) {
+#endif
SUNWerr(SUNW_F_ASC2BMPSTRING, SUNW_R_MEMORY_FAILURE);
return (NULL);
}
--- a/usr/src/pkg/Makefile Sun Apr 22 15:19:49 2012 +0100
+++ b/usr/src/pkg/Makefile Thu Apr 26 21:14:28 2012 +0100
@@ -152,6 +152,10 @@
i386_ARCH64= amd64
sparc_ARCH64= sparcv9
+OPENSSL = /usr/bin/openssl
+OPENSSL10.cmd = $(OPENSSL) version | $(NAWK) '{if($$2<1){print "\043";}}'
+OPENSSL10_ONLY = $(OPENSSL10.cmd:sh)
+
#
# macros and transforms needed by pkgmogrify
#
@@ -168,6 +172,7 @@
PKGMOG_DEFINES= \
i386_ONLY=$(POUND_SIGN) \
sparc_ONLY=$(POUND_SIGN) \
+ OPENSSL10_ONLY=$(OPENSSL10_ONLY) \
$(PKGMACH)_ONLY= \
ARCH=$(PKGMACH) \
ARCH32=$($(PKGMACH)_ARCH32) \
--- a/usr/src/pkg/manifests/crypto-ca-certificates.mf Sun Apr 22 15:19:49 2012 +0100
+++ b/usr/src/pkg/manifests/crypto-ca-certificates.mf Thu Apr 26 21:14:28 2012 +0100
@@ -21,6 +21,7 @@
#
# Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2012, OmniTI Computer Consulting, Inc. All rights reserved.
#
set name=pkg.fmri value=pkg:/crypto/ca-certificates@$(PKGVERS)
@@ -214,34 +215,64 @@
license lic_CDDL license=lic_CDDL
link path=etc/openssl/certs/00673b5b.0 \
target=../../certs/CA/thawte_Primary_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/024dc131.0 \
+ target=../../certs/CA/Microsec_e-Szigno_Root_CA.pem
link path=etc/openssl/certs/02b73561.0 \
target=../../certs/CA/Comodo_Secure_Services_root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/039c618a.0 \
+ target=../../certs/CA/TURKTRUST_Certificate_Services_Provider_Root_2.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/03f0efa4.0 \
+ target=../../certs/CA/Wells_Fargo_Root_CA.pem
link path=etc/openssl/certs/0481cb65.0 \
target=../../certs/CA/AOL_Time_Warner_Root_Certification_Authority_2.pem
link path=etc/openssl/certs/052e396b.0 \
target=../../certs/CA/AddTrust_Qualified_Certificates_Root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/0750887b.0 \
+ target=../../certs/CA/IPS_CLASE3_root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/080911ac.0 \
+ target=../../certs/CA/QuoVadis_Root_CA.pem
link path=etc/openssl/certs/08aef7bb.0 \
target=../../certs/CA/WellsSecure_Public_Root_Certificate_Authority.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/09ca81a7.0 \
+ target=../../certs/CA/Thawte_Personal_Premium_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/0a8f0c78.0 \
+ target=../../certs/CA/IPS_Chained_CAs_root.pem
link path=etc/openssl/certs/0c364b2d.0 \
target=../../certs/CA/Entrust.net_Secure_Personal_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/0d1b923b.0 \
+ target=../../certs/CA/S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.pem
link path=etc/openssl/certs/0dbd0096.0 \
target=../../certs/CA/AOL_Time_Warner_Root_Certification_Authority_1.pem
link path=etc/openssl/certs/0e82f83a.0 \
target=../../certs/CA/Thawte_Personal_Basic_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/0f11b315.0 \
+ target=../../certs/CA/Verisign_Class_2_Public_Primary_Certification_Authority.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/106cd822.0 \
+ target=../../certs/CA/Verisign_RSA_Secure_Server_CA.pem
link path=etc/openssl/certs/111e6273.0 \
target=../../certs/CA/GlobalSign_Root_CA_-_R2.pem
link path=etc/openssl/certs/1155c94b.0 \
target=../../certs/CA/Firmaprofesional_Root_CA.pem
link path=etc/openssl/certs/11a09b38.0 \
target=../../certs/CA/TDC_OCES_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/11c69ce5.0 \
+ target=../../certs/CA/RSA_Security_1024_v3.pem
link path=etc/openssl/certs/11f154d6.0 \
target=../../certs/CA/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem
link path=etc/openssl/certs/124bbd54.0 \
target=../../certs/CA/Comodo_Trusted_Services_root.pem
link path=etc/openssl/certs/128b9c8d.0 \
target=../../certs/CA/Digital_Signature_Trust_Co._Global_CA_2.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/12ac4d91.0 \
+ target=../../certs/CA/AOL_Time_Warner_Root_Certification_Authority_2.pem
link path=etc/openssl/certs/12d55845.0 \
target=../../certs/CA/DST_Root_CA_X3.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/157753a5.0 \
+ target=../../certs/CA/AddTrust_External_Root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/166851b2.0 \
+ target=../../certs/CA/Entrust.net_Secure_Personal_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/16b3fe3c.0 \
+ target=../../certs/CA/beTRUSTed_Root_CA_-_RSA_Implementation.pem
link path=etc/openssl/certs/17b51fe6.0 \
target=../../certs/CA/Certplus_Class_2_Primary_CA.pem
link path=etc/openssl/certs/19899da5.0 \
@@ -249,14 +280,40 @@
link path=etc/openssl/certs/1dac3003.0 \
target=../../certs/CA/DST_ACES_CA_X6.pem
link path=etc/openssl/certs/1dcd6f4c.0 target=../../certs/CA/Taiwan_GRCA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/1ec4d31a.0 \
+ target=../../certs/CA/Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/201cada0.0 \
+ target=../../certs/CA/America_Online_Root_Certification_Authority_2.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/20d096ba.0 \
+ target=../../certs/CA/ValiCert_Class_1_VA.pem
link path=etc/openssl/certs/219d9499.0 \
target=../../certs/CA/Go_Daddy_Class_2_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/2251b13a.0 \
+ target=../../certs/CA/ComSign_Secured_CA.pem
link path=etc/openssl/certs/23f4c490.0 \
target=../../certs/CA/Starfield_Class_2_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/244b5494.0 \
+ target=../../certs/CA/DigiCert_High_Assurance_EV_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/24ad0b63.0 \
+ target=../../certs/CA/Verisign_Class_1_Public_Primary_Certification_Authority.pem
link path=etc/openssl/certs/256fd83b.0 \
target=../../certs/CA/TC_TrustCenter,_Germany,_Class_2_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/2835ab7b.0 \
+ target=../../certs/CA/GTE_CyberTrust_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/2ab3b959.0 \
+ target=../../certs/CA/NetLock_Express_Class_C_Root.pem
link path=etc/openssl/certs/2afc57aa.0 \
target=../../certs/CA/TC_TrustCenter_Class_2_CA_II.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/2c3e3f84.0 \
+ target=../../certs/CA/UTN_USERFirst_Object_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/2c543cd1.0 \
+ target=../../certs/CA/GeoTrust_Global_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/2cfc4974.0 \
+ target=../../certs/CA/TDC_OCES_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/2e4eed3c.0 \
+ target=../../certs/CA/thawte_Primary_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/2e5ac55d.0 \
+ target=../../certs/CA/DST_Root_CA_X3.pem
link path=etc/openssl/certs/2edf7016.0 \
target=../../certs/CA/Verisign_Class_1_Public_Primary_Certification_Authority.pem
link path=etc/openssl/certs/2fa87019.0 \
@@ -269,34 +326,66 @@
target=../../certs/CA/StartCom_Certification_Authority.pem
link path=etc/openssl/certs/343eb6cb.0 \
target=../../certs/CA/Cybertrust_Global_Root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/3513523f.0 \
+ target=../../certs/CA/DigiCert_Global_Root_CA.pem
link path=etc/openssl/certs/399e7759.0 \
target=../../certs/CA/DigiCert_Global_Root_CA.pem
link path=etc/openssl/certs/3a3b02ce.0 \
target=../../certs/CA/OISTE_WISeKey_Global_Root_GA_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/3a7f6b22.0 \
+ target=../../certs/CA/Thawte_Personal_Basic_CA.pem
link path=etc/openssl/certs/3ad48a91.0 \
target=../../certs/CA/Baltimore_CyberTrust_Root.pem
link path=etc/openssl/certs/3c58f906.0 \
target=../../certs/CA/AddTrust_External_Root.pem
link path=etc/openssl/certs/3c860d51.0 \
target=../../certs/CA/SwissSign_Gold_CA_-_G2.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/3dfd7537.0 \
+ target=../../certs/CA/Visa_International_Global_Root_2.pem
link path=etc/openssl/certs/3e7271e8.0 \
target=../../certs/CA/Entrust.net_Premium_2048_Secure_Server_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/3ee7e181.0 \
+ target=../../certs/CA/IGC_A.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/40547a79.0 \
+ target=../../certs/CA/COMODO_Certification_Authority.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/40e67a49.0 \
+ target=../../certs/CA/Digital_Signature_Trust_Co._Global_CA_4.pem
link path=etc/openssl/certs/412bea73.0 \
target=../../certs/CA/Thawte_Personal_Premium_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/415660c1.0 \
+ target=../../certs/CA/Verisign_Class_3_Public_Primary_Certification_Authority.pem
link path=etc/openssl/certs/4166ec0c.0 \
target=../../certs/CA/RSA_Security_1024_v3.pem
link path=etc/openssl/certs/4184de39.0 \
target=../../certs/CA/IPS_Timestamping_root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/4304c5e5.0 \
+ target=../../certs/CA/Network_Solutions_Certificate_Authority.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/442adcac.0 \
+ target=../../certs/CA/Certum_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/4597689c.0 \
+ target=../../certs/CA/Equifax_Secure_eBusiness_CA_2.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/4615970e.0 \
+ target=../../certs/CA/Digital_Signature_Trust_Co._Global_CA_2.pem
link path=etc/openssl/certs/4643210f.0 \
target=../../certs/CA/Digital_Signature_Trust_Co._Global_CA_4.pem
link path=etc/openssl/certs/46b2fd3b.0 \
target=../../certs/CA/SwissSign_Platinum_CA_-_G2.pem
link path=etc/openssl/certs/47996b5c.0 \
target=../../certs/CA/beTRUSTed_Root_CA_-_Entrust_Implementation.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/480720ec.0 \
+ target=../../certs/CA/GeoTrust_Primary_Certification_Authority.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/48ef30f1.0 \
+ target=../../certs/CA/TC_TrustCenter,_Germany,_Class_2_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/4a6481c9.0 \
+ target=../../certs/CA/GlobalSign_Root_CA_-_R2.pem
link path=etc/openssl/certs/4d654d1d.0 \
target=../../certs/CA/GTE_CyberTrust_Global_Root.pem
link path=etc/openssl/certs/4e18c148.0 \
target=../../certs/CA/Deutsche_Telekom_Root_CA_2.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/4efc7a23.0 \
+ target=../../certs/CA/Entrust.net_Global_Secure_Server_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/4f316efb.0 \
+ target=../../certs/CA/SwissSign_Gold_CA_-_G2.pem
link path=etc/openssl/certs/4fbd6bfa.0 \
target=../../certs/CA/UTN_DATACorp_SGC_Root_CA.pem
link path=etc/openssl/certs/5021a0a2.0 \
@@ -305,10 +394,22 @@
target=../../certs/CA/SwissSign_Silver_CA_-_G2.pem
link path=etc/openssl/certs/54edfa5d.0 \
target=../../certs/CA/TC_TrustCenter,_Germany,_Class_3_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/55a10908.0 \
+ target=../../certs/CA/ValiCert_Class_2_VA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/5620c4aa.0 \
+ target=../../certs/CA/TC_TrustCenter_Class_3_CA_II.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/56657bde.0 \
+ target=../../certs/CA/Comodo_Trusted_Services_root.pem
link path=etc/openssl/certs/56b8a0b6.0 \
target=../../certs/CA/TURKTRUST_Certificate_Services_Provider_Root_2.pem
link path=etc/openssl/certs/57692373.0 \
target=../../certs/CA/GeoTrust_Global_CA_2.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/578d5c04.0 \
+ target=../../certs/CA/Equifax_Secure_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/57b0f75e.0 \
+ target=../../certs/CA/UTN-USER_First-Network_Applications.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/57bcb2da.0 \
+ target=../../certs/CA/SwissSign_Silver_CA_-_G2.pem
link path=etc/openssl/certs/58a44af1.0 target=../../certs/CA/IGC_A.pem
link path=etc/openssl/certs/594f1775.0 \
target=../../certs/CA/Equifax_Secure_CA.pem
@@ -316,18 +417,48 @@
target=../../certs/CA/COMODO_Certification_Authority.pem
link path=etc/openssl/certs/5a5372fc.0 \
target=../../certs/CA/NetLock_Business_Class_B_Root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/5a950642.0 \
+ target=../../certs/CA/IPS_CLASEA1_root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/5ad8a5d6.0 \
+ target=../../certs/CA/GlobalSign_Root_CA.pem
link path=etc/openssl/certs/5cf9d536.0 \
target=../../certs/CA/QuoVadis_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/5f267794.0 \
+ target=../../certs/CA/Entrust.net_Secure_Server_CA.pem
link path=etc/openssl/certs/635ccfd5.0 \
target=../../certs/CA/NetLock_Express_Class_C_Root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/6410666e.0 \
+ target=../../certs/CA/Taiwan_GRCA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/64d1f6f4.0 \
+ target=../../certs/CA/Thawte_Personal_Freemail_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/653b494a.0 \
+ target=../../certs/CA/Baltimore_CyberTrust_Root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/667c66d4.0 \
+ target=../../certs/CA/Swisscom_Root_CA_1.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/67d559d1.0 \
+ target=../../certs/CA/Sonera_Class_1_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/686ef281.0 \
+ target=../../certs/CA/beTRUSTed_Root_CA_-_Entrust_Implementation.pem
link path=etc/openssl/certs/69105f4f.0 \
target=../../certs/CA/DigiCert_Assured_ID_Root_CA.pem
link path=etc/openssl/certs/6adf0799.0 \
target=../../certs/CA/Wells_Fargo_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/6b99d060.0 \
+ target=../../certs/CA/Entrust_Root_Certification_Authority.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/6cb3815b.0 \
+ target=../../certs/CA/Verisign_Time_Stamping_Authority_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/6cc3c4c3.0 \
+ target=../../certs/CA/Thawte_Server_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/6db5a580.0 \
+ target=../../certs/CA/IPS_CLASEA3_root.pem
link path=etc/openssl/certs/6e8bf996.0 \
target=../../certs/CA/Certum_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/6faac4e3.0 \
+ target=../../certs/CA/Verisign_Class_4_Public_Primary_Certification_Authority_-_G2.pem
link path=etc/openssl/certs/6fcc125d.0 \
target=../../certs/CA/Visa_eCommerce_Root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/706f604c.0 \
+ target=../../certs/CA/XRamp_Global_CA_Root.pem
link path=etc/openssl/certs/709afd2b.0 \
target=../../certs/CA/Thawte_Personal_Freemail_CA.pem
link path=etc/openssl/certs/72bf6a04.0 \
@@ -344,10 +475,20 @@
target=../../certs/CA/Verisign_Class_3_Public_Primary_Certification_Authority.pem
link path=etc/openssl/certs/76579174.0 \
target=../../certs/CA/XRamp_Global_CA_Root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/76cb8f92.0 \
+ target=../../certs/CA/Cybertrust_Global_Root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/76faf6c0.0 \
+ target=../../certs/CA/QuoVadis_Root_CA_3.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/778e3cb0.0 \
+ target=../../certs/CA/UTN_DATACorp_SGC_Root_CA.pem
link path=etc/openssl/certs/788c9bfc.0 \
target=../../certs/CA/Visa_International_Global_Root_2.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/790a7190.0 \
+ target=../../certs/CA/DST_ACES_CA_X6.pem
link path=etc/openssl/certs/7999be0d.0 \
target=../../certs/CA/GeoTrust_Global_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/79ad8b43.0 \
+ target=../../certs/CA/Equifax_Secure_eBusiness_CA_1.pem
link path=etc/openssl/certs/7a481e66.0 \
target=../../certs/CA/TC_TrustCenter_Class_3_CA_II.pem
link path=etc/openssl/certs/7a819ef2.0 \
@@ -356,6 +497,10 @@
target=../../certs/CA/RSA_Root_Certificate_1.pem
link path=etc/openssl/certs/7d453d8f.0 \
target=../../certs/CA/Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/7d5a75e4.0 \
+ target=../../certs/CA/WellsSecure_Public_Root_Certificate_Authority.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/812e17de.0 \
+ target=../../certs/CA/Deutsche_Telekom_Root_CA_2.pem
link path=etc/openssl/certs/81b9768f.0 \
target=../../certs/CA/DigiCert_High_Assurance_EV_Root_CA.pem
link path=etc/openssl/certs/8317b10c.0 \
@@ -364,12 +509,24 @@
target=../../certs/CA/RSA_Security_2048_v3.pem
link path=etc/openssl/certs/84cba82f.0 \
target=../../certs/CA/TURKTRUST_Certificate_Services_Provider_Root_1.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/861a399d.0 \
+ target=../../certs/CA/AddTrust_Low-Value_Services_Root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/861e0100.0 \
+ target=../../certs/CA/NetLock_Qualified_Class_QA_Root.pem
link path=etc/openssl/certs/86f32474.0 \
target=../../certs/CA/IPS_CLASE3_root.pem
link path=etc/openssl/certs/87753b0d.0 \
target=../../certs/CA/GeoTrust_Universal_CA_2.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/8867006a.0 \
+ target=../../certs/CA/GeoTrust_Universal_CA_2.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/88f89ea7.0 \
+ target=../../certs/CA/TURKTRUST_Certificate_Services_Provider_Root_1.pem
link path=etc/openssl/certs/89c02a45.0 \
target=../../certs/CA/COMODO_ECC_Certification_Authority.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/8b59b1ad.0 \
+ target=../../certs/CA/AddTrust_Public_Services_Root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/8f111d69.0 \
+ target=../../certs/CA/MD5_Collisions_Forged_Rogue_CA_25c3.pem
link path=etc/openssl/certs/8f7b96c4.0 \
target=../../certs/CA/Equifax_Secure_eBusiness_CA_2.pem
link path=etc/openssl/certs/8fe643df.0 \
@@ -378,36 +535,92 @@
target=../../certs/CA/QuoVadis_Root_CA_3.pem
link path=etc/openssl/certs/95750816.0 \
target=../../certs/CA/Verisign_Time_Stamping_Authority_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/972672fc.0 \
+ target=../../certs/CA/TC_TrustCenter,_Germany,_Class_3_CA.pem
link path=etc/openssl/certs/9772ca32.0 \
target=../../certs/CA/GeoTrust_Primary_Certification_Authority.pem
link path=etc/openssl/certs/97b4211c.0 \
target=../../certs/CA/GTE_CyberTrust_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/98ec67f0.0 \
+ target=../../certs/CA/Thawte_Premium_Server_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/9af9f759.0 \
+ target=../../certs/CA/RSA_Root_Certificate_1.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/9b353c9a.0 \
+ target=../../certs/CA/TDC_Internet_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/9c2e7d30.0 \
+ target=../../certs/CA/Sonera_Class_2_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/9d520b32.0 \
+ target=../../certs/CA/Security_Communication_EV_RootCA1.pem
link path=etc/openssl/certs/9d6523ce.0 \
target=../../certs/CA/ePKI_Root_Certification_Authority.pem
link path=etc/openssl/certs/9dbefe7b.0 \
target=../../certs/CA/Security_Communication_EV_RootCA1.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/9e6afd31.0 \
+ target=../../certs/CA/Thawte_Time_Stamping_CA.pem
link path=etc/openssl/certs/9ec3a561.0 \
target=../../certs/CA/UTN_USERFirst_Email_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/9f541fb4.0 \
+ target=../../certs/CA/Digital_Signature_Trust_Co._Global_CA_3.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/a01d1cc2.0 \
+ target=../../certs/CA/IPS_Servidores_root.pem
link path=etc/openssl/certs/a0bc6fbb.0 \
target=../../certs/CA/Camerfirma_Global_Chambersign_Root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/a137bd1c.0 \
+ target=../../certs/CA/beTRUSTed_Root_CA-Baltimore_Implementation.pem
link path=etc/openssl/certs/a15b3b6b.0 \
target=../../certs/CA/Digital_Signature_Trust_Co._Global_CA_3.pem
link path=etc/openssl/certs/a2df7ad7.0 \
target=../../certs/CA/AddTrust_Public_Services_Root.pem
link path=etc/openssl/certs/a3896b44.0 \
target=../../certs/CA/Security_Communication_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/a5fd78f0.0 \
+ target=../../certs/CA/TC_TrustCenter_Class_2_CA_II.pem
link path=etc/openssl/certs/a6776c69.0 \
target=../../certs/CA/IPS_Chained_CAs_root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/a6a593ba.0 \
+ target=../../certs/CA/Digital_Signature_Trust_Co._Global_CA_1.pem
link path=etc/openssl/certs/a7605362.0 \
target=../../certs/CA/Sonera_Class_2_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/a760e1bd.0 \
+ target=../../certs/CA/Visa_eCommerce_Root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/a8dee976.0 \
+ target=../../certs/CA/SwissSign_Platinum_CA_-_G2.pem
link path=etc/openssl/certs/aaa45464.0 \
target=../../certs/CA/Thawte_Time_Stamping_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/ad088e1d.0 \
+ target=../../certs/CA/GeoTrust_Universal_CA.pem
link path=etc/openssl/certs/add67345.0 \
target=../../certs/CA/NetLock_Notary_Class_A_Root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/ae8153b9.0 \
+ target=../../certs/CA/StartCom_Certification_Authority.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/aee5f10d.0 \
+ target=../../certs/CA/Entrust.net_Premium_2048_Secure_Server_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/af4f0c93.0 \
+ target=../../certs/CA/Entrust.net_Global_Secure_Personal_CA.pem
link path=etc/openssl/certs/b0f3e76e.0 \
target=../../certs/CA/GlobalSign_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/b1159c4c.0 \
+ target=../../certs/CA/DigiCert_Assured_ID_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/b13cc6df.0 \
+ target=../../certs/CA/UTN_USERFirst_Hardware_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/b1b8a7f3.0 \
+ target=../../certs/CA/OISTE_WISeKey_Global_Root_GA_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/b204d74a.0 \
+ target=../../certs/CA/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/b42ff584.0 \
+ target=../../certs/CA/Staat_der_Nederlanden_Root_CA.pem
link path=etc/openssl/certs/b5f329fa.0 \
target=../../certs/CA/Verisign_Class_2_Public_Primary_Certification_Authority.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/b66938e9.0 \
+ target=../../certs/CA/Secure_Global_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/b7e7231a.0 \
+ target=../../certs/CA/NetLock_Business_Class_B_Root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/b8e83700.0 \
+ target=../../certs/CA/Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/bad35b78.0 \
+ target=../../certs/CA/Verisign_Class_4_Public_Primary_Certification_Authority_-_G3.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/bb2d49a0.0 \
+ target=../../certs/CA/ComSign_CA.pem
link path=etc/openssl/certs/bcdd5959.0 \
target=../../certs/CA/ValiCert_Class_2_VA.pem
link path=etc/openssl/certs/bda4cc84.0 \
@@ -418,6 +631,8 @@
target=../../certs/CA/Entrust_Root_Certification_Authority.pem
link path=etc/openssl/certs/bf87590f.0 \
target=../../certs/CA/beTRUSTed_Root_CA_-_RSA_Implementation.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/c0ff1f52.0 \
+ target=../../certs/CA/Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.pem
link path=etc/openssl/certs/c19d42c7.0 \
target=../../certs/CA/Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.pem
link path=etc/openssl/certs/c215bc69.0 \
@@ -426,27 +641,63 @@
target=../../certs/CA/Thawte_Premium_Server_CA.pem
link path=etc/openssl/certs/c527e4ab.0 \
target=../../certs/CA/Verisign_Class_4_Public_Primary_Certification_Authority_-_G3.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/c5e082db.0 \
+ target=../../certs/CA/UTN_USERFirst_Email_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/c692a373.0 \
+ target=../../certs/CA/GTE_CyberTrust_Global_Root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/c8841d13.0 \
+ target=../../certs/CA/TC_TrustCenter_Universal_CA_I.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/c99398f3.0 \
+ target=../../certs/CA/RSA_Security_2048_v3.pem
link path=etc/openssl/certs/c9bc75ba.0 \
target=../../certs/CA/ABAecom_sub.,_Am._Bankers_Assn._Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/c9f83a1c.0 \
+ target=../../certs/CA/Comodo_Secure_Services_root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/ca6e4ad9.0 \
+ target=../../certs/CA/ePKI_Root_Certification_Authority.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/cb357862.0 \
+ target=../../certs/CA/Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/cb59f961.0 \
+ target=../../certs/CA/Camerfirma_Global_Chambersign_Root.pem
link path=etc/openssl/certs/cb796bc1.0 target=../../certs/CA/StartCom_Ltd..pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/cbeee9e2.0 \
+ target=../../certs/CA/GeoTrust_Global_CA_2.pem
link path=etc/openssl/certs/ccb919f9.0 \
target=../../certs/CA/UTN_USERFirst_Object_Root_CA.pem
link path=etc/openssl/certs/cdaebb72.0 \
target=../../certs/CA/Staat_der_Nederlanden_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/ce026bf8.0 \
+ target=../../certs/CA/Firmaprofesional_Root_CA.pem
link path=etc/openssl/certs/cf701eeb.0 \
target=../../certs/CA/SecureTrust_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/d0cba2e5.0 \
+ target=../../certs/CA/StartCom_Ltd..pem
link path=etc/openssl/certs/d2adc77d.0 \
target=../../certs/CA/Entrust.net_Global_Secure_Personal_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/d495d385.0 \
+ target=../../certs/CA/IPS_Timestamping_root.pem
link path=etc/openssl/certs/d537fba6.0 \
target=../../certs/CA/TDC_Internet_Root_CA.pem
link path=etc/openssl/certs/d78a75c7.0 \
target=../../certs/CA/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/d7e8dc79.0 \
+ target=../../certs/CA/QuoVadis_Root_CA_2.pem
link path=etc/openssl/certs/d8274e24.0 \
target=../../certs/CA/UTN-USER_First-Network_Applications.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/d9d12c58.0 \
+ target=../../certs/CA/NetLock_Notary_Class_A_Root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/dc45b0bd.0 \
+ target=../../certs/CA/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/dc4ebcb9.0 \
+ target=../../certs/CA/IPS_CLASE1_root.pem
link path=etc/openssl/certs/ddc328ff.0 \
target=../../certs/CA/Thawte_Server_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/e113c810.0 \
+ target=../../certs/CA/Certigna.pem
link path=etc/openssl/certs/e268a4c5.0 \
target=../../certs/CA/AddTrust_Low-Value_Services_Root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/e536d871.0 \
+ target=../../certs/CA/AddTrust_Qualified_Certificates_Root.pem
link path=etc/openssl/certs/e60bf0c0.0 \
target=../../certs/CA/Swisscom_Root_CA_1.pem
link path=etc/openssl/certs/e7461595.0 \
@@ -455,14 +706,38 @@
target=../../certs/CA/GeoTrust_Universal_CA.pem
link path=etc/openssl/certs/e7b8d656.0 \
target=../../certs/CA/Equifax_Secure_eBusiness_CA_1.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/eacdeb40.0 \
+ target=../../certs/CA/America_Online_Root_Certification_Authority_1.pem
link path=etc/openssl/certs/ed049835.0 \
target=../../certs/CA/Verisign_Class_4_Public_Primary_Certification_Authority_-_G2.pem
link path=etc/openssl/certs/ed524cf5.0 \
target=../../certs/CA/Entrust.net_Secure_Server_CA.pem
link path=etc/openssl/certs/ed62f4e3.0 \
target=../../certs/CA/Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/ed9bb25c.0 \
+ target=../../certs/CA/AOL_Time_Warner_Root_Certification_Authority_1.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/ee1365c0.0 \
+ target=../../certs/CA/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/ee64a828.0 \
+ target=../../certs/CA/Comodo_AAA_Services_root.pem
link path=etc/openssl/certs/ee7cd6fb.0 \
target=../../certs/CA/Camerfirma_Chambers_of_Commerce_Root.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/eed8c118.0 \
+ target=../../certs/CA/COMODO_ECC_Certification_Authority.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/ef2f636c.0 \
+ target=../../certs/CA/Equifax_Secure_Global_eBusiness_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/f060240e.0 \
+ target=../../certs/CA/Certplus_Class_2_Primary_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/f081611a.0 \
+ target=../../certs/CA/Go_Daddy_Class_2_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/f2cce23a.0 \
+ target=../../certs/CA/beTRUSTed_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/f3377b1b.0 \
+ target=../../certs/CA/Security_Communication_Root_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/f387163d.0 \
+ target=../../certs/CA/Starfield_Class_2_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/f39fc864.0 \
+ target=../../certs/CA/SecureTrust_CA.pem
link path=etc/openssl/certs/f3cf1e8e.0 \
target=../../certs/CA/beTRUSTed_Root_CA-Baltimore_Implementation.pem
link path=etc/openssl/certs/f4996e82.0 \
@@ -477,11 +752,15 @@
target=../../certs/CA/IPS_Servidores_root.pem
link path=etc/openssl/certs/f73e89fd.0 \
target=../../certs/CA/Verisign_RSA_Secure_Server_CA.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/f90208f7.0 \
+ target=../../certs/CA/Camerfirma_Chambers_of_Commerce_Root.pem
link path=etc/openssl/certs/f950ccc2.0 \
target=../../certs/CA/IPS_CLASE1_root.pem
link path=etc/openssl/certs/facacbc6.0 \
target=../../certs/CA/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.pem
link path=etc/openssl/certs/fde84897.0 target=../../certs/CA/Certigna.pem
+$(OPENSSL10_ONLY)link path=etc/openssl/certs/fe30b214.0 \
+ target=../../certs/CA/ABAecom_sub.,_Am._Bankers_Assn._Root_CA.pem
link path=etc/openssl/certs/ff588423.0 target=../../certs/CA/ComSign_CA.pem
link path=etc/openssl/certs/ff783690.0 \
target=../../certs/CA/UTN_USERFirst_Hardware_Root_CA.pem
--- a/usr/src/uts/common/os/logsubr.c Sun Apr 22 15:19:49 2012 +0100
+++ b/usr/src/uts/common/os/logsubr.c Thu Apr 26 21:14:28 2012 +0100
@@ -246,7 +246,7 @@
/*
* Now that logging is enabled, emit the SunOS banner.
*/
- printf("\rOpenIndiana Build %s %u-bit (illumos 13672:bc588248a482)\n",
+ printf("\rOpenIndiana Build %s %u-bit (illumos 13676:98ca40df9171)\n",
utsname.version, NBBY * (uint_t)sizeof (void *));
printf("SunOS Release %s - Copyright 1983-2010 Oracle and/or its "
"affiliates.\n", utsname.release);
--- a/usr/src/uts/common/vm/vm_pagelist.c Sun Apr 22 15:19:49 2012 +0100
+++ b/usr/src/uts/common/vm/vm_pagelist.c Thu Apr 26 21:14:28 2012 +0100
@@ -22,6 +22,10 @@
* Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved.
*/
+/*
+ * Copyright 2012 Joyent, Inc. All rights reserved.
+ */
+
/* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */
/* All Rights Reserved */
@@ -3181,7 +3185,14 @@
page_unlock_nocapture(pp);
return (0);
}
- if (PP_ISNORELOC(pp)) {
+
+ /*
+ * If a page has been marked non-relocatable or has been
+ * explicitly locked in memory, we don't want to relocate it;
+ * unlock the pages and fail the operation.
+ */
+ if (PP_ISNORELOC(pp) ||
+ pp->p_lckcnt != 0 || pp->p_cowcnt != 0) {
VM_STAT_ADD(vmm_vmstats.ptcpfailcage[szc]);
while (i != (pgcnt_t)-1) {
pp = &spp[i];
--- a/usr/src/uts/i86pc/os/cpuid.c Sun Apr 22 15:19:49 2012 +0100
+++ b/usr/src/uts/i86pc/os/cpuid.c Thu Apr 26 21:14:28 2012 +0100
@@ -30,7 +30,7 @@
* Portions Copyright 2009 Advanced Micro Devices, Inc.
*/
/*
- * Copyright (c) 2011, Joyent, Inc. All rights reserved.
+ * Copyright (c) 2012, Joyent, Inc. All rights reserved.
*/
/*
* Various routines to handle identification
@@ -2576,8 +2576,12 @@
if (*ecx & CPUID_INTC_ECX_PCLMULQDQ)
hwcap_flags |= AV_386_PCLMULQDQ;
if ((*ecx & CPUID_INTC_ECX_XSAVE) &&
- (*ecx & CPUID_INTC_ECX_OSXSAVE))
+ (*ecx & CPUID_INTC_ECX_OSXSAVE)) {
hwcap_flags |= AV_386_XSAVE;
+
+ if (*ecx & CPUID_INTC_ECX_AVX)
+ hwcap_flags |= AV_386_AVX;
+ }
if (*ecx & CPUID_INTC_ECX_VMX)
hwcap_flags |= AV_386_VMX;
if (*ecx & CPUID_INTC_ECX_POPCNT)