openbsd
2 years agoucc does not claim multiple report ids
anton [Wed, 17 Nov 2021 06:21:23 +0000 (06:21 +0000)]
ucc does not claim multiple report ids

2 years agoFix a double free in uhidev_close() caused by a race between
anton [Wed, 17 Nov 2021 06:20:30 +0000 (06:20 +0000)]
Fix a double free in uhidev_close() caused by a race between
uhidev_open() and uhidev_close(). In uhidev_close() the UHIDEV_OPEN flag
is cleared early on but the same thread can end up sleeping while
closing the input or output pipe. This allows another thread to enter
uhidev_open() but only to fail opening either the input or output pipe
since they are already open for exclusive use. The uhidev_open() error
path frees the input buffer but leaves a dangling pointer around;
causing uhidev_close() to free the same buffer.

This can at least happen on xhci(4) which can end up sleeping in
xhci_pipe_close().

Reported by and ok gnezdo@

2 years agowc(1): fix NULL pointer dereference in cnt()
cheloha [Tue, 16 Nov 2021 23:34:24 +0000 (23:34 +0000)]
wc(1): fix NULL pointer dereference in cnt()

If the "file" argument to cnt() is NULL and we call warn(3) we will
get a NULL dereference.

Change the name of the argument to "path" and make "file" a local
variable.  Ensure that we set "file" to a valid C-string, even if
"path" is NULL.

While we're here, const the file name pointers, too.

Thread: https://marc.info/?l=openbsd-tech&m=163708784422157&w=2

ok millert@

2 years agofix an accidental NULL deref introduced last year, found by patrick.
deraadt [Tue, 16 Nov 2021 21:55:21 +0000 (21:55 +0000)]
fix an accidental NULL deref introduced last year, found by patrick.
rewrite the code with a goto so this never happens again.
ok patrick millert

2 years agoZero all copies of pre-shared key.
tobhe [Tue, 16 Nov 2021 21:43:36 +0000 (21:43 +0000)]
Zero all copies of pre-shared key.

ok markus@

2 years agodocument GH_DISTFILE that was added to ports/infrastructure/mk/bsd.port.mk
sthen [Tue, 16 Nov 2021 21:19:24 +0000 (21:19 +0000)]
document GH_DISTFILE that was added to ports/infrastructure/mk/bsd.port.mk

2 years agomove memory allocations in pfr_add_addrs() outside of NET_LOCK()/PF_LOCK()
sashan [Tue, 16 Nov 2021 20:51:30 +0000 (20:51 +0000)]
move memory allocations in pfr_add_addrs() outside of NET_LOCK()/PF_LOCK()
scope.

feedback by bluhm@

OK bluhm@

2 years agoValidate RTM_PROPOSAL in resolver not frontend
kn [Tue, 16 Nov 2021 16:45:23 +0000 (16:45 +0000)]
Validate RTM_PROPOSAL in resolver not frontend

The resolver is the actual consumer and shouldn't trust the frontend.
Fold the IPv4/IPv6 specific checks thanks to the previous commit.

Idea from florian
OK florian

2 years agoSimplify address family handling, ditch inet_ntop(3)
kn [Tue, 16 Nov 2021 16:37:52 +0000 (16:37 +0000)]
Simplify address family handling, ditch inet_ntop(3)

Reduce duplicate code and use getnameinfo(3) for IPv4 as well.

This commit is the equivalent of sbin/resolvd/resolvd.c revision 1.21
"Simplify address family handling, ditch inet_ntop(3)".

OK florian

2 years agoInstall missing scope identifier for IPv6 link-local addresses
kn [Tue, 16 Nov 2021 16:30:42 +0000 (16:30 +0000)]
Install missing scope identifier for IPv6 link-local addresses

RTM_PROPOSAL's list of IP addresses does not contain scope IDs by design.
This is not a problem as the proposal is always bound to an interface,
as long as we use it...

Fill in the scope ID for link-local IPs and replace inet_ntop(3) usage with
getnameinfo(3) in the IPv6 case such that it actually turns up in the string
representation.

This is the unwind specific fix to ensure working IPv6LL;  libunbound still
requires another fix.

This commit is the equivalent of sbin/resolvd/resolvd.c revision 1.20
"Install missing scope identifier for IPv6 link-local addresses".

OK florian

2 years agoUse size of struct not pointer
kn [Tue, 16 Nov 2021 16:24:22 +0000 (16:24 +0000)]
Use size of struct not pointer

Pointed out by florian, thanks.
No change as the sockaddr remains unused by getnameinfo() in this case.

2 years agoadd a few more checks for incorrect specs
espie [Tue, 16 Nov 2021 15:59:58 +0000 (15:59 +0000)]
add a few more checks for incorrect specs

2 years agoreally nail down the flavor part better... write this as an extended
espie [Tue, 16 Nov 2021 15:56:44 +0000 (15:56 +0000)]
really nail down the flavor part better... write this as an extended
regexp because it's not that readable

2 years agotweak the packages-specs regexp a bit:
espie [Tue, 16 Nov 2021 15:38:52 +0000 (15:38 +0000)]
tweak the packages-specs regexp a bit:
stem-* shouldn't have any cruft added.

2 years agoIn x509_vfy.h rev. 1.37 and x509_vfy.c rev. 1.91, tb@ provided
schwarze [Tue, 16 Nov 2021 14:07:57 +0000 (14:07 +0000)]
In x509_vfy.h rev. 1.37 and x509_vfy.c rev. 1.91, tb@ provided
X509_STORE_CTX_get_verify_cb(3); document it.

2 years agoTo debug IPsec and tdb refcounting it is useful to have "show tdb"
bluhm [Tue, 16 Nov 2021 13:53:14 +0000 (13:53 +0000)]
To debug IPsec and tdb refcounting it is useful to have "show tdb"
and "show all tdbs" in ddb.
tested by Hrvoje Popovski; OK mvs@

2 years agoUse nowake when poll/select has empty fd set
visa [Tue, 16 Nov 2021 13:48:23 +0000 (13:48 +0000)]
Use nowake when poll/select has empty fd set

When the fd set is empty, the code waits for a signal or timeout.
Wakeups from the kqueue are neither expected nor wanted.

OK cheloha@, millert@, anton@, mpi@

2 years agoRemove an old note about poor performance
visa [Tue, 16 Nov 2021 13:46:16 +0000 (13:46 +0000)]
Remove an old note about poor performance

The new kqueue-based poll/select implementation does not suffer from
select collisions.

OK cheloha@, millert@

2 years agofix typo in an error message printed by iwx_phy_ctxt_update()
stsp [Tue, 16 Nov 2021 12:56:11 +0000 (12:56 +0000)]
fix typo in an error message printed by iwx_phy_ctxt_update()

2 years agofix typo in an error message printed by iwm_phy_ctxt_update()
stsp [Tue, 16 Nov 2021 12:55:50 +0000 (12:55 +0000)]
fix typo in an error message printed by iwm_phy_ctxt_update()

2 years agoRecently, tb@ provided the following functions:
schwarze [Tue, 16 Nov 2021 12:06:57 +0000 (12:06 +0000)]
Recently, tb@ provided the following functions:
X509_STORE_CTX_set_error_depth      x509_vfy.h 1.37  x509_vfy.c  1.91
X509_STORE_CTX_set_current_cert     x509_vfy.h 1.37  x509_vfy.c  1.91
X509_STORE_CTX_get_num_untrusted    x509_vfy.h 1.36  x509_vfy.c  1.90
X509_STORE_CTX_set0_verified_chain  x509_vfy.h 1.37  x509_vfy.c  1.91

Merge the documentation from the OpenSSL 1.1.1 branch,
which is still under a free license; tweaked by me.

2 years agohilkbd(4): Fix swedish keyboard layout botch on non-PS/2 style keyboards
landry [Tue, 16 Nov 2021 10:20:52 +0000 (10:20 +0000)]
hilkbd(4): Fix swedish keyboard layout botch on non-PS/2 style keyboards
introduced in 1.7 and preventing `o' and `p' keys from working as
intended.  Reported by Anders Gustafsson.

From miod@

2 years agoMove UNIX domain sockets garbage collector out of `unp_lock.
mvs [Tue, 16 Nov 2021 08:56:19 +0000 (08:56 +0000)]
Move UNIX domain sockets garbage collector out of `unp_lock.

Except `unp_ino' this leaves only per-socket data protected by
`unp_lock'. The `unp_ino' protection is not the big deal and will be
done with mutex(9) in the future diff.

The garbage collector flags moved from from `unp_flags' to unp_gcflags'.

The two new locks introduced to protect garbage collector data. The
`unp_gc_lock' rwlock(9) protects `unp_defer', `unp_gcing', `unp_gcflags'
and `unp_link' list. The `unp_df_lock' protects `ud_link' list.

We need to simultaneously lock `unp_gc_lock' and `unp_lock'. When we
perform unp_attach() or unp_detach() we link PCB to `unp_link' list with
`unp_lock' held. But when unp_gc() does `unp_link' list walkthrough with
the `unp_gc_lock' lock held it should lock socket while performs
`so_rcv' buffer scan and the lock order should be the opposite.

In the future diff `unp_lock' will be replaced by per-socket `so_lock'
so it's better to enforce `unp_gc_lock' -> `unp_lock' (solock()) lock
order and release `unp_lock' in the unp_attach() and unp_detach() paths.
The previously committed diffs made this safe.

The `unp_df_lock' introduced because the `unp_lock' and `unp_gc_lock'
state are unknown when unp_discard() called. Since it touches only
`ud_link' list the re-lock dances are unwanted in this path. Also this
keeps M_WAITOK allocation outside rwlock(9) when unp_discard() called
from unp_externalize() error path.

ok bluhm@

2 years agoSync boot.h with ld.so's boot.c, getting rid of struct boot_dyn,
guenther [Tue, 16 Nov 2021 02:46:46 +0000 (02:46 +0000)]
Sync boot.h with ld.so's boot.c, getting rid of struct boot_dyn,
only initializing the variables we need to, and switching to a
"while < end-of-array" style for DT_REL/RELA processing

ok drahn@ kettenis@

2 years agostyle
tobhe [Mon, 15 Nov 2021 22:37:35 +0000 (22:37 +0000)]
style

2 years agoPass sockaddr length to be on the safe side, still
kn [Mon, 15 Nov 2021 18:25:52 +0000 (18:25 +0000)]
Pass sockaddr length to be on the safe side, still

2 years agoRevert previous
kn [Mon, 15 Nov 2021 18:23:45 +0000 (18:23 +0000)]
Revert previous

sockaddr_storage should stay since it is preferred and less error prone.

From deraadt
OK florian

2 years agosync
deraadt [Mon, 15 Nov 2021 17:42:50 +0000 (17:42 +0000)]
sync

2 years agoAvoid huge sockaddr_storage
kn [Mon, 15 Nov 2021 17:33:51 +0000 (17:33 +0000)]
Avoid huge sockaddr_storage

sockaddr_{in,in6} are enough and a simple sockaddr pointer is enough to
abstract them  (sockaddr_storage is what worked for me, there is no other
reason to use it).

While here, be portable and pass a non-zero length to getnameinfo(3);
while OpenBSD's implementation ignores it in the NI_NUMERICHOST case,
at least the old KAME stack didn't.

No functional change.

Prodded by florian
OK florian

2 years agoCopy p_p->ps_pledge into a local variable (called pledge) in every function
deraadt [Mon, 15 Nov 2021 17:14:51 +0000 (17:14 +0000)]
Copy p_p->ps_pledge into a local variable (called pledge) in every function
which checks PLEDGE_* bits more than once.  Some functions are called without
locking, and this avoids misinterpreting bits which have some coupled behaviour.
ok cheloha kettenis

2 years agoAdjust how the repository count limit works. Instead of failing hard just
claudio [Mon, 15 Nov 2021 16:32:15 +0000 (16:32 +0000)]
Adjust how the repository count limit works. Instead of failing hard just
fall back to a possible cache and try to validate what is available.
This still limits the number of repositories fetched but allows valid
repositories to finish with the available data.
OK job@

2 years agonew manual page ASN1_BIT_STRING_set(3) documenting four BIT STRING accessors
schwarze [Mon, 15 Nov 2021 16:18:36 +0000 (16:18 +0000)]
new manual page ASN1_BIT_STRING_set(3) documenting four BIT STRING accessors

2 years agoRevert to eager removal of poll/select knotes
visa [Mon, 15 Nov 2021 15:48:54 +0000 (15:48 +0000)]
Revert to eager removal of poll/select knotes

This should prevent a panic that bluhm@ has reported.

2 years agoThird attempt to solve the claim multiple report ids conflict. Using the
anton [Mon, 15 Nov 2021 15:38:08 +0000 (15:38 +0000)]
Third attempt to solve the claim multiple report ids conflict. Using the
report id to signal that multiple ones should be claimed by the match
routines does not work. All valid report ids 1-255 cannot of course be
used and 0 which is reserved by the USB HID specification is internally
used to represents devices lacking an explicit report id.

Therefore, use presence of the claimed array to signal that multiple
report ids can be claimed.

Tested by gnezdo@

2 years agoIn preparation for once again trying the resolve the claim multiple
anton [Mon, 15 Nov 2021 15:36:24 +0000 (15:36 +0000)]
In preparation for once again trying the resolve the claim multiple
report ids conflict, extract the claim multiple report ids conditional
in order to minimize the required upcoming changes to resolve the
conflict.

Tested by gnezdo@

2 years agoNo need to declare optind, optarg or opterr; unistd.h does this for us.
millert [Mon, 15 Nov 2021 15:14:24 +0000 (15:14 +0000)]
No need to declare optind, optarg or opterr; unistd.h does this for us.
From Jan Stary.  OK deraadt@

2 years agoChange printing of maps to use qsort to order the output using a pointer
claudio [Mon, 15 Nov 2021 14:57:57 +0000 (14:57 +0000)]
Change printing of maps to use qsort to order the output using a pointer
array. This replaces the current solution that only prints one element for
a certain value and not all elements with tha same value.
This can be further optimized but printing is not really a hot path in btrace.
OK mpi@

2 years agodocument ASN1_PRINTABLE_type(3) and ASN1_UNIVERSALSTRING_to_string(3)
schwarze [Mon, 15 Nov 2021 13:39:40 +0000 (13:39 +0000)]
document ASN1_PRINTABLE_type(3) and ASN1_UNIVERSALSTRING_to_string(3)

2 years agoTidy up; no change.
ajacoutot [Mon, 15 Nov 2021 12:56:11 +0000 (12:56 +0000)]
Tidy up; no change.

2 years agodocument ASN1_item_pack(3) and ASN1_item_unpack(3)
schwarze [Mon, 15 Nov 2021 11:51:09 +0000 (11:51 +0000)]
document ASN1_item_pack(3) and ASN1_item_unpack(3)

2 years agoLeave the hardware cursor at the position of the selected line in choose
nicm [Mon, 15 Nov 2021 10:58:13 +0000 (10:58 +0000)]
Leave the hardware cursor at the position of the selected line in choose
modes and current editing position and at the command prompt. It is
invisible but this is helpful for people using screen readers. GitHub
issue 2970.

2 years agodocument i2a_ASN1_STRING(3) and a2i_ASN1_STRING(3)
schwarze [Mon, 15 Nov 2021 10:41:11 +0000 (10:41 +0000)]
document i2a_ASN1_STRING(3) and a2i_ASN1_STRING(3)

2 years agoFix a strange check in the auto DH codepath
tb [Sun, 14 Nov 2021 22:31:29 +0000 (22:31 +0000)]
Fix a strange check in the auto DH codepath

The code assumes that the server certificate has an RSA key and bases
the calculation of the size of the ephemeral DH key on this assumption.
So instead of checking whether we have any key by inspecting the dh
part of the union, let's check that we actually have an RSA key.
While here, make sure that its length is non-negative.

ok jsing

2 years agoDelete all the no-op RELOC_GOT() macros and their uses.
guenther [Sun, 14 Nov 2021 22:07:38 +0000 (22:07 +0000)]
Delete all the no-op RELOC_GOT() macros and their uses.
Annotate RELOC_DYN() on non-hppa as only used in lib/csu.
Delete some inconsistent comments, adjust whitespace, and reorder
  mips64's archdep.h so that the ld.so/*/archdep.h files look
  (almost) the same.

ok visa@ kettenis@

2 years agoMake sure efiboot is built with RELA/REL relocations and not RELR,
guenther [Sun, 14 Nov 2021 21:51:48 +0000 (21:51 +0000)]
Make sure efiboot is built with RELA/REL relocations and not RELR,
as self_reloc.c only handles the former.

ok deraadt@ kettenis@

2 years agouse ppoll() instead of pselect()
deraadt [Sun, 14 Nov 2021 18:47:43 +0000 (18:47 +0000)]
use ppoll() instead of pselect()
with djm

2 years agoWhen we transition from RENEWING to REBINDING state we have to
florian [Sun, 14 Nov 2021 18:13:19 +0000 (18:13 +0000)]
When we transition from RENEWING to REBINDING state we have to
calculate the next timeout based on the rebinding time (T2), not
renewal time (T1). At this point T1 already expired and we would wait
way too long, past the lease lifetime.

Spotted while investigating a problem reported by Zack Newman on misc@

2 years agoCalculate initial OpenBSD partition start/size using LBA values
krw [Sun, 14 Nov 2021 17:28:29 +0000 (17:28 +0000)]
Calculate initial OpenBSD partition start/size using LBA values
instead of CHS values. Shorter, easier to follow.

No intentional functional change.

2 years agothe last argument of BIO_gets(3) is called "size", not "len"
schwarze [Sun, 14 Nov 2021 13:40:16 +0000 (13:40 +0000)]
the last argument of BIO_gets(3) is called "size", not "len"

2 years agofix a typo; diff from Matthias Schmidt <xosc dot org> on tech@
schwarze [Sun, 14 Nov 2021 11:22:36 +0000 (11:22 +0000)]
fix a typo; diff from Matthias Schmidt <xosc dot org> on tech@

2 years agoImprove and simplify timer handling in "stop" and "reload".
ajacoutot [Sun, 14 Nov 2021 09:31:44 +0000 (09:31 +0000)]
Improve and simplify timer handling in "stop" and "reload".
Rename _rc_wait to _rc_wait_for_start since only "start" uses this now (to
handle rc_bg daemons).
In any situation, none of these actions should be able to hang boot or shutdown.

We should now be able to manage most corner cases out there ("most" because it's
unreasonable to assume we can cope with all the non-default
rc_{start,stop,reload} crazyness).

Several tests have been made and no obvious regression has been found.
But that doesn't mean there isn't; if some behavior changed for the worst, talk
to me.

ok robert@ sthen@

2 years agoPut curly brace on the correct line.
jsing [Sun, 14 Nov 2021 08:21:47 +0000 (08:21 +0000)]
Put curly brace on the correct line.

2 years agomatch .events with .fd better
deraadt [Sun, 14 Nov 2021 06:15:36 +0000 (06:15 +0000)]
match .events with .fd better

2 years agoconvert select() to poll()
deraadt [Sun, 14 Nov 2021 03:25:10 +0000 (03:25 +0000)]
convert select() to poll()
ok djm

2 years ago"autoconf" is an automatic "up"
kn [Sun, 14 Nov 2021 03:02:06 +0000 (03:02 +0000)]
"autoconf" is an automatic "up"

OK deraadt

2 years agoSplit out the hppa and mips64 versions of boot.h similar to how I
guenther [Sun, 14 Nov 2021 00:45:38 +0000 (00:45 +0000)]
Split out the hppa and mips64 versions of boot.h similar to how I
split ld.so/boot.c in 2019:
 * delete extraneous #includes
 * delete jmprel handling on non-hppa
 * delete RELOC_GOT() and DT_PROC bits on non-mips64

ok visa@

2 years agoCatch up with (proposed) Linux device tree bindings.
kettenis [Sat, 13 Nov 2021 23:24:24 +0000 (23:24 +0000)]
Catch up with (proposed) Linux device tree bindings.

2 years agoreplace select() with ppoll(), including converting timeval's to timespec's
deraadt [Sat, 13 Nov 2021 21:14:13 +0000 (21:14 +0000)]
replace select() with ppoll(), including converting timeval's to timespec's
to make things easier.
back and forth and ok; djm

2 years agoThe key/nonce disclaimers were copied from ipsec.conf.5 but aren't relevant
tobhe [Sat, 13 Nov 2021 20:56:51 +0000 (20:56 +0000)]
The key/nonce disclaimers were copied from ipsec.conf.5 but aren't relevant
to iked. Encryption keys and nonces are generated by the handshake and don't
have to be supplied in the config.

2 years agoTest ASN1_STRING_copy(3).
schwarze [Sat, 13 Nov 2021 20:50:14 +0000 (20:50 +0000)]
Test ASN1_STRING_copy(3).

As a side effect, this also tests various aspects of ASN1_STRING_new(3),
ASN1_STRING_set(3), ASN1_STRING_length_set(3), ASN1_STRING_get0_data(3),
ASN1_STRING_length(3), and ASN1_STRING_type(3).

2 years agoFix a nasty quirk in ASN1_STRING_copy(3).
schwarze [Sat, 13 Nov 2021 20:44:00 +0000 (20:44 +0000)]
Fix a nasty quirk in ASN1_STRING_copy(3).
In case of failure, it reported the failure
but corrupted the type of the destination string.
Instead, let's make sure that in case of failure,
existing objects remain in their original state.

OK tb@

2 years agoDocument the interactions of X509_V_FLAG_USE_CHECK_TIME,
schwarze [Sat, 13 Nov 2021 19:21:17 +0000 (19:21 +0000)]
Document the interactions of X509_V_FLAG_USE_CHECK_TIME,
X509_V_FLAG_NO_CHECK_TIME, X509_VERIFY_PARAM_set_time(3),
X509_VERIFY_PARAM_set_flags(3), and X509_VERIFY_PARAM_clear_flags(3)
in detail because the API design is both surprising and surprisingly
complicated in this respect, and the resulting nasty traps have
already caused bugs in the past.

2 years agoMark the public X509_VP_FLAG_* constants as intentionally undocumented.
schwarze [Sat, 13 Nov 2021 18:50:31 +0000 (18:50 +0000)]
Mark the public X509_VP_FLAG_* constants as intentionally undocumented.
With LibreSSL, they can only be used internally in the library itself,
and even with OpenSSL, no real-world application code uses them.
OK tb@

2 years agoFix a bug in check_crl_time() that could result in incomplete
schwarze [Sat, 13 Nov 2021 18:24:45 +0000 (18:24 +0000)]
Fix a bug in check_crl_time() that could result in incomplete
verification, accepting CRLs that ought to be rejected, if an unusual
combination of verification flags was specified.

If time verification was explicitly requested with
X509_V_FLAG_USE_CHECK_TIME, it was skipped on CRLs if
X509_V_FLAG_NO_CHECK_TIME was also set, even though the former is
documented to override the latter both in the OpenSSL and in the
LibreSSL X509_VERIFY_PARAM_set_flags(3) manual page.

The same bug in x509_check_cert_time() was already fixed by beck@
in rev. 1.57 on 2017/01/20.

This syncs the beginning of the function check_crl_time() with the
OpenSSL 1.1.1 branch, which is still under a free license.

OK beck@

This teaches that having too many flags and options is bad because they
breed bugs, and even more so if they are poorly designed to override
each other in surprising ways.

2 years agoUse long filenames by default on FAT filesystems
kn [Sat, 13 Nov 2021 18:18:59 +0000 (18:18 +0000)]
Use long filenames by default on FAT filesystems

These days, 8.3 filenames are often a problem, filesystems containing
firmware with long names must not truncate them -- it's also a sane default
as portable file system between OSes, anyway.

Altough undocumented in mount_msdos(8), the default for FAT32 already is to
use long filenames:  ever since its import from NetBSD in 1998.

Previously, mount_msdos would ignore long filenames and default to short
filenames unless a flag was used or long ones were found on the filesystem
prior to mounting it.

Just always mount with support for long filenames (unless `-s' is used).

As various install media use FAT filesystems, adjust the remaining ones to
also pass explicit mount option reflecting the previous default.

OK deraadt

2 years agoSimplify address family handling, ditch inet_ntop(3)
kn [Sat, 13 Nov 2021 17:49:40 +0000 (17:49 +0000)]
Simplify address family handling, ditch inet_ntop(3)

Reduce duplicate code, use getnameinfo(3) for IPv4 as well and use
gai_strerror(3) in case of failure.

This was split out as part of the previous IPv6-LL fix.

2 years agoInstall missing scope identifier for IPv6 link-local addresses
kn [Sat, 13 Nov 2021 17:32:46 +0000 (17:32 +0000)]
Install missing scope identifier for IPv6 link-local addresses

RTM_PROPOSAL's list of IP addresses does not contain scope IDs by design.
This is not a problem as the proposal is always bound to an interface,
as long as we use it...

Fill in the scope ID for link-local IPs and replace inet_ntop(3) usage with
getnameinfo(3) in the IPv6 case such that it actually turns up in the string
representation.

Otherwise resolv.conf(5) ends up with "nameserver fe80::1" entries and
libc/asr won't be able to resolve without an interface.

2 years agoIt really looks like pledge "stdio dns" is possible earlier.
deraadt [Sat, 13 Nov 2021 17:26:13 +0000 (17:26 +0000)]
It really looks like pledge "stdio dns" is possible earlier.
Discussed with mestre

2 years agodocument ASN1_STRING_copy(3)
schwarze [Sat, 13 Nov 2021 17:12:18 +0000 (17:12 +0000)]
document ASN1_STRING_copy(3)

2 years agoUse a proper PKGPATH in the WRKOBJDIR example
kn [Sat, 13 Nov 2021 12:09:30 +0000 (12:09 +0000)]
Use a proper PKGPATH in the WRKOBJDIR example

www/mozilla is a module, www/mozilla-firefox is an actual port.

OK sthen

2 years agoUn-hook the X11 tests. The new X server doesn't install libfb anymore.
matthieu [Sat, 13 Nov 2021 08:48:50 +0000 (08:48 +0000)]
Un-hook the X11 tests. The new X server doesn't install libfb anymore.
ok kettenis@, anton@

2 years agohook up unfdpassfail and ungc
anton [Sat, 13 Nov 2021 08:25:42 +0000 (08:25 +0000)]
hook up unfdpassfail and ungc

2 years agoLet filt_fileattach() run without the kernel lock
visa [Sat, 13 Nov 2021 06:04:02 +0000 (06:04 +0000)]
Let filt_fileattach() run without the kernel lock

This makes it possible to attach pipe, socket and kqueue event filters
without acquiring the kernel lock. Event filters behind vn_kqfilter()
are not MP-safe yet, so vn_kqfilter() has to take KERNEL_LOCK().
dmabuf_kqfilter() can skip locking because it has no side effects.

OK anton@, mpi@

2 years agoAdd support for RELR relocations in the executable and share objects.
guenther [Fri, 12 Nov 2021 22:28:13 +0000 (22:28 +0000)]
Add support for RELR relocations in the executable and share objects.
This doesn't affect ld.so's self-reloc, which still requires DT_REL/DT_RELA

ok kettenis@

2 years agoTeach binutils enough about RELR relocations to not break them and for
guenther [Fri, 12 Nov 2021 22:23:40 +0000 (22:23 +0000)]
Teach binutils enough about RELR relocations to not break them and for
readelf to display them in a way compatible with llvm-readelf, including
the --raw-relr debugging option

ok kettenis@

2 years agoAdd #defines and typedefs for RELR, a compressed form for relative relocations
guenther [Fri, 12 Nov 2021 22:20:57 +0000 (22:20 +0000)]
Add #defines and typedefs for RELR, a compressed form for relative relocations

ok kettenis@

2 years agoDocument the public constants X509_V_FLAG_POLICY_MASK
schwarze [Fri, 12 Nov 2021 18:56:00 +0000 (18:56 +0000)]
Document the public constants X509_V_FLAG_POLICY_MASK
and X509_V_FLAG_USE_CHECK_TIME.

While here, fix a typo and improve the wording
for X509_V_FLAG_NOTIFY_POLICY.

2 years agosigsuspend(2): sleep on &nowake channel
cheloha [Fri, 12 Nov 2021 17:57:13 +0000 (17:57 +0000)]
sigsuspend(2): sleep on &nowake channel

sigsuspend(2) only returns upon delivery of a signal: we do not expect
a wakeup(9).  Indicate this by sleeping on &nowake instead of
&p->p_p->ps_sigacts.  We still need to loop here to handle spurious
wakeups, though.

Spurious wakeup case pointed out by kettenis@.

ok claudio@

2 years agoAdd support for controlling keyboard LEDs.
kettenis [Fri, 12 Nov 2021 17:05:15 +0000 (17:05 +0000)]
Add support for controlling keyboard LEDs.

ok patrick@

2 years agoUse a mutex to lock the bus such that we can safely access the bus from
kettenis [Fri, 12 Nov 2021 17:04:32 +0000 (17:04 +0000)]
Use a mutex to lock the bus such that we can safely access the bus from
interrupt handlers and process context.

ok patrick@

2 years agoImplement the probe variable. Can be used for example with
claudio [Fri, 12 Nov 2021 16:57:24 +0000 (16:57 +0000)]
Implement the probe variable. Can be used for example with
@map[probe] = count();
OK mpi@

2 years ago"netconfigd" is now better known as resolvd(8)
deraadt [Fri, 12 Nov 2021 15:49:41 +0000 (15:49 +0000)]
"netconfigd" is now better known as resolvd(8)

2 years agoBump maxproc-cur to 512 for the pbuild user.
ajacoutot [Fri, 12 Nov 2021 15:40:19 +0000 (15:40 +0000)]
Bump maxproc-cur to 512 for the pbuild user.
This will prevent recurring failures in bulks ('cannot fork').

ok tb@ sthen@ deraadt@

2 years agoUpdate awk to Nov 03, 2021 version.
millert [Fri, 12 Nov 2021 15:16:58 +0000 (15:16 +0000)]
Update awk to Nov 03, 2021 version.
We already had the fix so no actual code changes.

2 years agomention what X509_cmp_time(3) does with a cmp_time argument of NULL
schwarze [Fri, 12 Nov 2021 14:34:57 +0000 (14:34 +0000)]
mention what X509_cmp_time(3) does with a cmp_time argument of NULL

2 years agoRefactor order of checks when handling IKEv2 message fragments.
tobhe [Fri, 12 Nov 2021 14:18:54 +0000 (14:18 +0000)]
Refactor order of checks when handling IKEv2 message fragments.
Only modify SA after sucessful ikev2_msg_decrypt().

ok patrick@

2 years agoAs pointed out by tb@, LibreSSL no longer supports user-defined
schwarze [Fri, 12 Nov 2021 14:05:28 +0000 (14:05 +0000)]
As pointed out by tb@, LibreSSL no longer supports user-defined
X509_LOOKUP_METHODs because these objects are now opaque.
Simplify the documentation accordingly, shortening it by
about 35 input lines in total, but continue providing the
information which RETURN VALUES functions might return with
other implementations of the library.
OK tb@

2 years agoIn x509_vfy.h rev. 1.41, tb@ provided X509_STORE_CTX_get_by_subject(3),
schwarze [Fri, 12 Nov 2021 11:41:50 +0000 (11:41 +0000)]
In x509_vfy.h rev. 1.41, tb@ provided X509_STORE_CTX_get_by_subject(3),
changed the return type of X509_OBJECT_get_type(3) and argument
types of X509_LOOKUP_by_subject(3), X509_LOOKUP_by_issuer_serial(3),
X509_LOOKUP_by_fingerprint(3), X509_LOOKUP_by_alias(3),
X509_OBJECT_idx_by_subject(3), X509_OBJECT_retrieve_by_subject(3),
and X509_STORE_get_by_subject(3) from int to X509_LOOKUP_TYPE, and
in rev. 1.42, he provided X509_STORE_CTX_get_obj_by_subject(3).

Adjust the documentation.
Joint work with and OK tb@.

2 years agoAdd support for 40MHz channels to the iwn(4) driver.
stsp [Fri, 12 Nov 2021 11:41:04 +0000 (11:41 +0000)]
Add support for 40MHz channels to the iwn(4) driver.

Tested:
4965: jsg
5300: stsp, Jan Stary
6030: Fred Crowsons
6200: stsp
6205: stsp, Josh Grosse
6300: okan, afresh1

2 years agoSync the iwn(4) "enhanced Tx power" eeprom data structure with Linux.
stsp [Fri, 12 Nov 2021 11:40:35 +0000 (11:40 +0000)]
Sync the iwn(4) "enhanced Tx power" eeprom data structure with Linux.
No functional change, as this data is not being used anywhere yet.

2 years agosync after libc++abi minor bump
robert [Fri, 12 Nov 2021 10:09:58 +0000 (10:09 +0000)]
sync after libc++abi minor bump

2 years agobackport https://reviews.llvm.org/D107127 to fix shared libraries using emutls
robert [Fri, 12 Nov 2021 10:08:35 +0000 (10:08 +0000)]
backport https://reviews.llvm.org/D107127 to fix shared libraries using emutls

Our emulated TLS implementation relies on local state (e.g. for the pthread
key), and if we duplicate this state across different shared libraries,
accesses to the same TLS variable from different shared libraries will yield
different results (see https://github.com/android/ndk/issues/1551 for an
example). __emutls_get_address is the only external entry point for emulated
TLS, and by making it default visibility and weak, we can rely on the dynamic
linker to coalesce multiple copies at runtime and ensure a single unique copy
of TLS state. This is a best effort;

Also bump the libc++abi minor because now it picks up the __emutls_get_address
symbol.

ok kettenis@

2 years agoConsistency in test; no behavior change.
ajacoutot [Fri, 12 Nov 2021 08:47:02 +0000 (08:47 +0000)]
Consistency in test; no behavior change.

2 years agoSet SECONDS to 0 in _rc_wait.
ajacoutot [Fri, 12 Nov 2021 08:44:05 +0000 (08:44 +0000)]
Set SECONDS to 0 in _rc_wait.
While this is not strictly required, it's a failsafe and more fair to
daemon_timeout as we will effectively wait for the start/stop/reload sequence
instead of the duration of the rc.d script itself.

2 years agoSimplify _rc_exit.
ajacoutot [Fri, 12 Nov 2021 08:38:02 +0000 (08:38 +0000)]
Simplify _rc_exit.

2 years agohonor objdir
anton [Fri, 12 Nov 2021 06:53:51 +0000 (06:53 +0000)]
honor objdir

2 years agoaggressively pre-fill the pollfd array with fd=-1
deraadt [Fri, 12 Nov 2021 05:23:49 +0000 (05:23 +0000)]
aggressively pre-fill the pollfd array with fd=-1

2 years agoKeep knotes between poll/select systems calls
visa [Fri, 12 Nov 2021 04:34:22 +0000 (04:34 +0000)]
Keep knotes between poll/select systems calls

Reduce the time overhead of kqueue-based poll(2) and select(2) by
keeping knotes registered between the system calls. It is expected that
the set of monitored file descriptors is relatively unchanged between
consecutive iterations of these system calls. By keeping the knotes,
the system saves the effort of repeated knote unregistering and
re-registering.

To avoid receiving events from file descriptors that are no longer in
the monitored set, each poll/select knote is assigned an increasing
serial number. Every iteration of poll/select uses a previously unused
range of serials for its knotes. In the setup stage, kqueue_register()
updates the serials of any existing knotes in the currently monitored
set. Function kqueue_scan() delivers only the events whose serials are
recent enough; expired knotes are dropped. When the serial range is
about to wrap around, all the knotes in the kqueue backend are dropped.

This change is a space-time tradeoff. Memory usage is increased somewhat
because of the retained knotes. The increase is limited by the number
of open file descriptors and active threads.

Idea from DragonFly BSD, initial patch by mpi@, kqueue_scan()-based
approach by me.

Tested by anton@ and mpi@
OK mpi@

2 years agoAdd test case for INVALID_KE in IKE_SA_INIT fallback.
tobhe [Thu, 11 Nov 2021 22:12:52 +0000 (22:12 +0000)]
Add test case for INVALID_KE in IKE_SA_INIT fallback.

2 years agonwid -> join
kn [Thu, 11 Nov 2021 21:05:46 +0000 (21:05 +0000)]
nwid -> join

Missed in the previous commit to the installer and wifi driver manuals:
---
Use ifconfig(8)'s "join" command by default

Its adoption went quite well, so install "join" rather than the old "nwid"
in new hostname.if(5) files and follow this trend in our wifi manuals.

OK deraadt sthen
---

Spotted/diff from From Raf Czlonka < rczlonka AT gmail DOT com>, thanks!

Tweak the example sentence while here.
Feedback jmc sthen