openbsd
2 years agomatch other archs use %s for version printf
jsg [Wed, 10 Aug 2022 03:18:19 +0000 (03:18 +0000)]
match other archs use %s for version printf

2 years agoBackout "Call getuptime() just once per function"
kn [Tue, 9 Aug 2022 21:10:02 +0000 (21:10 +0000)]
Backout "Call getuptime() just once per function"

This caused stuck ndp cache entries as found by naddy, sorry.

2 years agosync
deraadt [Tue, 9 Aug 2022 21:09:40 +0000 (21:09 +0000)]
sync

2 years agoprevent breakable hyphens in segment identifiers
schwarze [Tue, 9 Aug 2022 11:21:50 +0000 (11:21 +0000)]
prevent breakable hyphens in segment identifiers
from being turned into underscores;
bug reported by <Eldred dot fr> Habert

2 years agoMake the http code respect MAX_CONN_TIMEOUT and fail connects once they
claudio [Tue, 9 Aug 2022 09:02:26 +0000 (09:02 +0000)]
Make the http code respect MAX_CONN_TIMEOUT and fail connects once they
hit this timeout. This is in line with the rsync code.
OK tb@ job@

2 years agoSync inflateGetHeader() fix from userland
tb [Tue, 9 Aug 2022 07:39:00 +0000 (07:39 +0000)]
Sync inflateGetHeader() fix from userland

2 years agoPull in inflateGetHeader() buffer overflow fix
tb [Tue, 9 Aug 2022 07:38:25 +0000 (07:38 +0000)]
Pull in inflateGetHeader() buffer overflow fix

2 years agoFix buffer overflow in inflateGetHeader()
tb [Tue, 9 Aug 2022 07:37:35 +0000 (07:37 +0000)]
Fix buffer overflow in inflateGetHeader()

This is the initial fix combined with a fix for a NULL deref introduced
in the initial fix.

ok millert, help from tj

commit eff308af425b67093bab25f80f1ae950166bece1
Author: Mark Adler <fork@madler.net>
Date:   Sat Jul 30 15:51:11 2022 -0700

    Fix a bug when getting a gzip header extra field with inflate().

    If the extra field was larger than the space the user provided with
    inflateGetHeader(), and if multiple calls of inflate() delivered
    the extra header data, then there could be a buffer overflow of the
    provided space. This commit assures that provided space is not
    exceeded.

https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1

commit 1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d (HEAD -> develop, origin/develop)
Author: Mark Adler <fork@madler.net>
Date:   Mon Aug 8 10:50:09 2022 -0700

    Fix extra field processing bug that dereferences NULL state->head.

    The recent commit to fix a gzip header extra field processing bug
    introduced the new bug fixed here.

https://github.com/madler/zlib/commit/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d

2 years agoriscv64: trigger deferred timer interrupts from splx(9)
cheloha [Tue, 9 Aug 2022 04:49:08 +0000 (04:49 +0000)]
riscv64: trigger deferred timer interrupts from splx(9)

In order to move riscv64 to a machine-independent clock interrupt
subsystem, the riscv64 clock interrupt code needs to function without
any specific knowledge of the clock interrupt schedule.

The easiest way to achieve this (as we just did with powerpc and
powerpc64) is, if the timer interrupt fires while the CPU is at or
above IPL_CLOCK, defer clock interrupt work until the the timer
interrupt is logically unmasked in splx(9).

In particular, trigger the timer interrupt from plic_setipl() so the
interrupt, if any, is pending before we handle soft interrupts.

Because we're no longer deferring work until the next tick, we don't
need to count pending statclock ticks in struct cpu_info.

kettenis@ notes that the timer triggering code should be refactored
into more generic code when we add support for a non-plic(4) riscv64
machine.

Graciously fixed, compiled, and tested by jca@.

Link: https://marc.info/?l=openbsd-tech&m=165931635410276&w=2
ok kettenis@

2 years agopowerpc64: trigger deferred DEC interrupts from splx(9)
cheloha [Tue, 9 Aug 2022 04:40:08 +0000 (04:40 +0000)]
powerpc64: trigger deferred DEC interrupts from splx(9)

In order to move to a machine-independent clock interrupt subsystem,
the powerpc64 clock interrupt code needs to work without knowing
anything about the clock interrupt schedule.

The easiest way to do this is, if the DEC fires while the CPU's IPL is
at or above IPL_CLOCK, to postpone clock interrupt work until the
clock interrupt is logically unmasked from splx(9).

Because we no longer defer work until the next tick, we don't need to
keep track of pending statclock ticks in the cpu_info struct.

With input from kettenis@.

Graciously compiled and tested by gkoehler@ and kettenis@.

Link: https://marc.info/?l=openbsd-tech&m=165862522102767&w=2
ok kettenis@ gkoehler@.

2 years agosync
deraadt [Mon, 8 Aug 2022 23:50:13 +0000 (23:50 +0000)]
sync

2 years agoIf interface drivers had enabled transmit offloading of the payload
bluhm [Mon, 8 Aug 2022 23:00:51 +0000 (23:00 +0000)]
If interface drivers had enabled transmit offloading of the payload
checksum, IPv6 fragments contained invalid checksum.  For fragments
the protocol checksum has to be calculated before fragmentation.
Hardware cannot do this as it is too late.  Do it earlier in software.
tested and OK mbuhl@

2 years agoFor putenv(3), return an error if string starts with a '=' character.
millert [Mon, 8 Aug 2022 22:40:03 +0000 (22:40 +0000)]
For putenv(3), return an error if string starts with a '=' character.
Both FreeBSD and NetBSD have this behavior.  OK deraadt@

2 years agoswitch fgetln remnants to getline. ok millert@
op [Mon, 8 Aug 2022 17:57:05 +0000 (17:57 +0000)]
switch fgetln remnants to getline.  ok millert@

2 years agofully switch quiz(6) to getline; diff from Ben Fuller (ben [at] bvnf
op [Mon, 8 Aug 2022 17:54:08 +0000 (17:54 +0000)]
fully switch quiz(6) to getline; diff from Ben Fuller (ben [at] bvnf
space), ok millert@

2 years agoConstify in6_addr pointer arguments in nd6_*() functions
kn [Mon, 8 Aug 2022 17:47:59 +0000 (17:47 +0000)]
Constify in6_addr pointer arguments in nd6_*() functions

All of them are passed to inspect/copy out fields, none of the functions
writes to the struct.

This makes it easier to argue about code (in MP context).

OK bluhm

2 years agoAdd YGJ, Yanago Kitaro, Tottori, Japan
jeremy [Mon, 8 Aug 2022 17:45:11 +0000 (17:45 +0000)]
Add YGJ, Yanago Kitaro, Tottori, Japan

Also known as Miho-Yanago.  Flew in and out of here in 2019.

2 years agotop(1): display uptime with seconds, print uptime in fixed format
cheloha [Mon, 8 Aug 2022 16:54:09 +0000 (16:54 +0000)]
top(1): display uptime with seconds, print uptime in fixed format

1. It's sometimes useful to know the system uptime with more precision
   than one minute.

So, this patch changes top(1) to print seconds of uptime in addition
to minutes, hours, and days.

2. It's *always* annoying when the information you want on a realtime
   display is not shown in the same place in a consistent format.

So, this patch also changes top(1) to always print the uptime like
this:

up D days HH:MM:SS

This is much easier to read at a glance.  In particular, it requires
no additional thought on my part to figure out whether the machine has
been up less than one day.

Maybe of note is that these changes make top(1)'s output different
from that of uptime(1).  I don't think this matters very much.  top(1)
is a realtime display, so it isn't likely to be parsed.  uptime(1) is
a different story.

Link: https://marc.info/?l=openbsd-tech&m=160046282400892&w=2
Positive feedback from kn@.

ok gnezdo@ bluhm@ millert@

2 years agosync
deraadt [Mon, 8 Aug 2022 16:52:23 +0000 (16:52 +0000)]
sync

2 years agoCall getuptime() just once per function
kn [Mon, 8 Aug 2022 15:56:35 +0000 (15:56 +0000)]
Call getuptime() just once per function

IPv6 pendant to bluhm's sys/netinet/if_ether.c r1.249:
    Instead of calling getuptime() all the time in ARP code, do it only
    once per function.  This gives a more consistent time value.
    OK claudio@ miod@ mvs@

OK bluhm

2 years agoremove unused arm and armv7 headers
jsg [Mon, 8 Aug 2022 15:28:59 +0000 (15:28 +0000)]
remove unused arm and armv7 headers
ok miod@

2 years agoUnify the maximum idle IO timeout for RSYNC & HTTPS
job [Mon, 8 Aug 2022 15:22:31 +0000 (15:22 +0000)]
Unify the maximum idle IO timeout for RSYNC & HTTPS

OK claudio@

2 years agoremove mouse.h last used by pre-wscons drivers
jsg [Mon, 8 Aug 2022 14:43:09 +0000 (14:43 +0000)]
remove mouse.h last used by pre-wscons drivers
ok miod@ millert@

2 years agoSet rsync connection timeout to 15 seconds.
job [Mon, 8 Aug 2022 14:10:10 +0000 (14:10 +0000)]
Set rsync connection timeout to 15 seconds.

OK sthen@

2 years agoTo make protocol input functions MP safe, internet PCB need protection.
bluhm [Mon, 8 Aug 2022 12:06:30 +0000 (12:06 +0000)]
To make protocol input functions MP safe, internet PCB need protection.
Use their reference counter in more places.
The in_pcb lookup functions hold the PCBs in hash tables protected
by table->inpt_mtx mutex.  Whenever a result is returned, increment
the ref count before releasing the mutex.  Then the inp can be used
as long as neccessary.  Unref it at the end of all functions that
call in_pcb lookup.
As a shortcut, pf may also hold a reference to the PCB.  When
pf_inp_lookup() returns it, it also incements the ref count and the
caller can handle it like the inp from table lookup.
OK sashan@

2 years agoChange branch condition inverted to realize original intention in
aoyama [Mon, 8 Aug 2022 11:27:18 +0000 (11:27 +0000)]
Change branch condition inverted to realize original intention in
comment.

Found by Tetsuya Isaki at NetBSD and nono project, during
investigating work-in-progress NetBSD/luna88k.
It originally comes from Mach luna88k port, more than 30 years ago:-)

Tested by me, "That's much better!" miod@

2 years agoBuild llvm-cov in base.
fcambus [Mon, 8 Aug 2022 09:25:13 +0000 (09:25 +0000)]
Build llvm-cov in base.

Since llvm-profdata is in base as well, we can now produce reports from
coverage data without having to install the devel/llvm port.

OK gnezdo@

2 years agoBefore ypconnect(2) addition, "getpw" was a horrible "hole" that triggered
deraadt [Mon, 8 Aug 2022 01:53:01 +0000 (01:53 +0000)]
Before ypconnect(2) addition, "getpw" was a horrible "hole" that triggered
on libc trying to open /var/run/ypbind.lock, so pledge had to BYPASSUNVEIL
accesses to this file.  We accepted the opening of that file for a small
period for build cross-over, but that waiting period ends now.

2 years agoStart to add annotations to the cpu_info members, doing I/a/o for
guenther [Sun, 7 Aug 2022 23:56:06 +0000 (23:56 +0000)]
Start to add annotations to the cpu_info members, doing I/a/o for
immutable/atomic/owned ala <sys/proc.h>.  Move CPUF_USERSEGS and
CPUF_USERXSTATE, which really are private to the CPU, into a new
ci_pflags and rename s/CPUF_/CPUPF_/.  Make all (remaining) ci_flags
alterations via atomic_{set,clear}bits_int(), so its annotation
isn't a lie.  Delete ci_info member as unused all the way from
rev 1.1

ok jsg@ mlarkin@

2 years agoUse PMAP_PREFER_ALIGN() == 0 rather than !defined(PMAP_PREFER) to enable the
miod [Sun, 7 Aug 2022 19:40:48 +0000 (19:40 +0000)]
Use PMAP_PREFER_ALIGN() == 0 rather than !defined(PMAP_PREFER) to enable the
fast path in the pager code; this benefits most mips64 platforms.

ok kettenis@ mpi@

2 years agoMove fallback PMAP_PREFER definitions from uvm_map.c to uvm_pmap.h for them
miod [Sun, 7 Aug 2022 19:39:25 +0000 (19:39 +0000)]
Move fallback PMAP_PREFER definitions from uvm_map.c to uvm_pmap.h for them
to be available to other files. NFC

ok kettenis@ mpi@

2 years agozap extra space in usage added by mistake in last commit.
op [Sun, 7 Aug 2022 07:43:53 +0000 (07:43 +0000)]
zap extra space in usage added by mistake in last commit.

2 years agoModern EFI systems tend to want larger EFI Sys partitions, they play
deraadt [Sun, 7 Aug 2022 03:22:29 +0000 (03:22 +0000)]
Modern EFI systems tend to want larger EFI Sys partitions, they play
games in there, in particular during BIOS upgrade sequences.
ok krw kettenis dv

2 years agosync
deraadt [Sun, 7 Aug 2022 01:32:12 +0000 (01:32 +0000)]
sync

2 years agoFix fallout from netlock removal in media ioctl. The bridge does
bluhm [Sun, 7 Aug 2022 00:57:43 +0000 (00:57 +0000)]
Fix fallout from netlock removal in media ioctl.  The bridge does
not support media parameter, so just skip these ioctls.  Do not
release a netlock that was not taken.
panic found and fix tested by Michael Graves; OK mvs@

2 years agoUse NI_MAXHOST and NI_MAXSERV constants to allocate temporary strings
bluhm [Sat, 6 Aug 2022 23:35:30 +0000 (23:35 +0000)]
Use NI_MAXHOST and NI_MAXSERV constants to allocate temporary strings
for saddr_ntop() and inet_ntop().  This avoids truncation warnings
and is better than arbitrary size values with 64 or 128 bytes.
OK deraadt@

2 years agoImprove HISTORY and add AUTHORS.
schwarze [Sat, 6 Aug 2022 19:04:49 +0000 (19:04 +0000)]
Improve HISTORY and add AUTHORS.
In particular, mention the 4.0BSD and v8/Tahoe APIs that were
supported until OpenBSD 5.4 and that matter for the evolution
of RE functions in the BSD libc.

Joint work with and OK jsg@.

Regarding authorship of the v8 functions, Russ Cox writes
near the end of https://swtch.com/~rsc/regexp/regexp1.html :
"While writing the text editor sam in the early 1980s, Rob Pike
wrote a new regular expression implementation, which Dave Presotto
extracted into a library that appeared in the Eighth Edition.
Pike's implementation incorporated submatch tracking into an efficient
NFA simulation but, like the rest of the Eighth Edition source, was
not widely distributed.  Pike himself did not realize that his
technique was anything new.
Henry Spencer reimplemented the Eighth Edition library interface
from scratch, but using backtracking, and released his implementation
into the public domain.  It became very widely used, eventually
serving as the basis for the slow regular expression implementations
mentioned earlier: Perl, PCRE, Python, and so on.  (In his defense,
Spencer knew the routines could be slow, and he didn't know that a
more efficient algorithm existed.  He even warned in the documentation,
"Many users have found the speed perfectly adequate, although
replacing the insides of egrep with this code would be a mistake.")
Pike's regular expression implementation, extended to support
Unicode, was made freely available with sam in late 1992, but the
particularly efficient regular expression search algorithm went
unnoticed."  [...]

2 years agoadd a -t flag to change the request timeout
op [Sat, 6 Aug 2022 17:11:36 +0000 (17:11 +0000)]
add a -t flag to change the request timeout

original diff from Alfred Morgan (alfred [at] 54 dot org)
ok florian@ and manpage tweaks by me.

2 years agoClean up the netlock macros. Merge NET_RLOCK_IN_SOFTNET and
bluhm [Sat, 6 Aug 2022 15:57:58 +0000 (15:57 +0000)]
Clean up the netlock macros.  Merge NET_RLOCK_IN_SOFTNET and
NET_RLOCK_IN_IOCTL, which have the same implementation.  The R and
W are hard to see, call the new macro NET_LOCK_SHARED.  Rename the
opposite assertion from NET_ASSERT_WLOCKED to NET_ASSERT_LOCKED_EXCLUSIVE.
Update some outdated comments about net locking.
OK mpi@ mvs@

2 years agoRefactor readdoslabel() into a more readable form using various
krw [Sat, 6 Aug 2022 14:48:33 +0000 (14:48 +0000)]
Refactor readdoslabel() into a more readable form using various
helper functions.

The refactored code ensures disklabels are read from/written to
disk only from/to unused space or an OpenBSD partition. This
prevents accidental damage to filesystems that start immediately
following an MBR or GPT.

The refactored code also finds the disklabel present on the
i386/amd64 floppyXX.img, rather than spoofing the media as a
single MSDOS partition.

Tweak and positive comments from jmatthew@

2 years agoblist: use swblk_t type (defined in sys/blist.h)
semarie [Sat, 6 Aug 2022 13:44:04 +0000 (13:44 +0000)]
blist: use swblk_t type (defined in sys/blist.h)

reduce the diff with DragonFlyBSD by using swblk_t and u_swblk_t types.

while here, move bitmap type (u_swblk_t) to u_int64_t on all archs. it makes the
regress the same on 64 and 32bits archs (and it success on both).

ok mpi@

2 years agoremove swblk_t type from sys/types.h
semarie [Sat, 6 Aug 2022 13:31:13 +0000 (13:31 +0000)]
remove swblk_t type from sys/types.h

- it is currently unused (except in some regress)
- it is non-standard
- it shouldn't have been visible in first place

ok jca@ mpi@ todd@ deraadt@

2 years agomention tascodec(4)
jsg [Sat, 6 Aug 2022 12:09:59 +0000 (12:09 +0000)]
mention tascodec(4)

2 years agotascodec(4)
kettenis [Sat, 6 Aug 2022 12:00:18 +0000 (12:00 +0000)]
tascodec(4)

2 years agoDelete the ridiculous first three sentences of BUGS
schwarze [Sat, 6 Aug 2022 11:05:23 +0000 (11:05 +0000)]
Delete the ridiculous first three sentences of BUGS
and fix some minor markup nits:
get rid of useless .Tn macros and add one missing .Fn macro.
No objection from jsg@.

2 years agoadd arch to Dt
jsg [Sat, 6 Aug 2022 11:03:14 +0000 (11:03 +0000)]
add arch to Dt

2 years agoadd arch to Dt
jsg [Sat, 6 Aug 2022 10:51:30 +0000 (10:51 +0000)]
add arch to Dt

2 years agoremove comma on last Xr
jsg [Sat, 6 Aug 2022 10:44:46 +0000 (10:44 +0000)]
remove comma on last Xr

2 years agosimplaudio -> simpleaudio
jsg [Sat, 6 Aug 2022 10:42:37 +0000 (10:42 +0000)]
simplaudio -> simpleaudio

2 years agoFix backpointer.
kettenis [Sat, 6 Aug 2022 09:42:13 +0000 (09:42 +0000)]
Fix backpointer.

ok jsg@

2 years agoaplaudio(4), apldma(4), aplmca(4) and aplnco(4)
kettenis [Sat, 6 Aug 2022 09:40:55 +0000 (09:40 +0000)]
aplaudio(4), apldma(4), aplmca(4) and aplnco(4)

2 years agoPrevent buffer overflow in OF_getpropintarray().
kettenis [Sat, 6 Aug 2022 08:59:28 +0000 (08:59 +0000)]
Prevent buffer overflow in OF_getpropintarray().

ok jsg@

2 years agomatch recent Intel CPUs in fw_update(8)
jsg [Sat, 6 Aug 2022 03:12:19 +0000 (03:12 +0000)]
match recent Intel CPUs in fw_update(8)

Intel CPUs mostly used to have processor name strings of the form
cpu0: Intel(R) Pentium(R) M processor 1.60GHz ("GenuineIntel" 686-class) 1.60 GHz, 06-0d-06
cpu0: Intel(R) Core(TM) i7-5600U CPU @ 2.60GHz, 2494.61 MHz, 06-3d-04
recent CPUs use
cpu0: 11th Gen Intel(R) Core(TM) i5-1130G7 @ 1.10GHz, 30009.37 MHz, 06-8c-01
cpu0: 12th Gen Intel(R) Core(TM) i5-12400, 4390.71 MHz, 06-97-02
cpu0: 12th Gen Intel(R) Core(TM) i7-1260P, 1995.55 MHz, 06-9a-03

change pattern used to handle this

also covers oddities such as
cpu0: Genuine Intel(R) CPU @ 600MHz, 600.10 MHz
cpu0: Genuine Intel(R) CPU @ 1.00GHz, 1000.13 MHz, 06-26-01
cpu0: Genuine Intel(R) CPU L2400 @ 1.66GHz ("GenuineIntel" 686-class) 1.67 GHz, 06-0e-08

test chips use "Genuine Intel(R) CPU 0000"

2 years agoSupport wildcards in fw_update patterns
afresh1 [Fri, 5 Aug 2022 18:01:40 +0000 (18:01 +0000)]
Support wildcards in fw_update patterns

Up to two wildcards, since we have to work around the way ksh does things.

Tweaks and suggestions from kn@ and halex@

2 years agofix error message
tb [Fri, 5 Aug 2022 17:19:09 +0000 (17:19 +0000)]
fix error message

2 years agoUse the FAIL macro instead of fprintf(stderr, "FAIL: ...\n");
tb [Fri, 5 Aug 2022 17:12:32 +0000 (17:12 +0000)]
Use the FAIL macro instead of fprintf(stderr, "FAIL: ...\n");

2 years agoMake the bogokey[] global static const.
tb [Fri, 5 Aug 2022 17:08:02 +0000 (17:08 +0000)]
Make the bogokey[] global static const.

2 years agoMove CBB_init() to a consistent place.
tb [Fri, 5 Aug 2022 17:06:17 +0000 (17:06 +0000)]
Move CBB_init() to a consistent place.

2 years agoConsistently initialize failure to 1 at the top of the function and
tb [Fri, 5 Aug 2022 17:03:33 +0000 (17:03 +0000)]
Consistently initialize failure to 1 at the top of the function and
clear it right before the done label.

2 years agoFix bounds check in ucc_add_key(); ok anton@
miod [Fri, 5 Aug 2022 16:59:50 +0000 (16:59 +0000)]
Fix bounds check in ucc_add_key(); ok anton@

2 years agoConsistently check for CBB_init() failure.
tb [Fri, 5 Aug 2022 16:51:11 +0000 (16:51 +0000)]
Consistently check for CBB_init() failure.

2 years agoRemove overly aggressive trust check in legacy verifier that breaks
beck [Fri, 5 Aug 2022 14:46:52 +0000 (14:46 +0000)]
Remove overly aggressive trust check in legacy verifier that breaks
p5-IO-Socket-SSL regress and regress/sbin/iked/live

Still passes the mutt regress that this was intended to fix.

ok tb@

2 years agoThe netlock for SIOCSIFMEDIA and SIOCGIFMEDIA ioctl is not necessary.
bluhm [Fri, 5 Aug 2022 13:57:16 +0000 (13:57 +0000)]
The netlock for SIOCSIFMEDIA and SIOCGIFMEDIA ioctl is not necessary.
Legacy drivers run with kernel lock, interface media is MP safe or
has kernel lock.  Assert kernel lock in ix(4) and ixl(4).
OK kettenis@

2 years agoSkip disabled nodes.
kettenis [Fri, 5 Aug 2022 13:25:43 +0000 (13:25 +0000)]
Skip disabled nodes.

2 years agoput ci_mutex_level inside DIAGNOSTIC
robert [Fri, 5 Aug 2022 12:52:35 +0000 (12:52 +0000)]
put ci_mutex_level inside DIAGNOSTIC

2 years agoAmong published AT&T UNIX releases, a shutdown(8) command was contained
schwarze [Fri, 5 Aug 2022 09:15:28 +0000 (09:15 +0000)]
Among published AT&T UNIX releases, a shutdown(8) command was contained
in PWB/UNIX 1.0 (July 1977) and in System III (1982),
but not in v7 (Jan 1979) nor in 32v (May 1979).
According to the Australian UNIX User Group Newsletter Vol. I No. I
https://www.tuhs.org/Archive/Documentation/AUUGN/AUUGN-V01.1.pdf ,
(October 1978), Letter from John Lions on page 20, UNIX/TS 1.0 (late
1978 or early 1979) also contained an implementation of shutdown(8).
So it is unlikely it came from the CSRC and more likely it was
invented either by the PWB or by the USG group.
Since we don't know for sure, only cite the first public release.

It was a mistake to say "appeared in 4.0BSD".  That release only
contained a stub manual page (without a DESCRIPTION), and the
file man8/BUGS in 4.0BSD mentions it without giving details,
presumably trying to indicate it wasn't really available yet.
The is no shutdown(8) implementation in BSD before 4.1cBSD.

OK jsg@

2 years agoRemove most of the indirection introduced in previous and instead fetch
tb [Fri, 5 Aug 2022 08:51:35 +0000 (08:51 +0000)]
Remove most of the indirection introduced in previous and instead fetch
the appropriate tls_extension_funcs pointers for client and server from
libssl and reach into them directly.

ok jsing

2 years agodon't prompt for FIDO passphrase before attempting to enroll the
djm [Fri, 5 Aug 2022 05:01:40 +0000 (05:01 +0000)]
don't prompt for FIDO passphrase before attempting to enroll the
credential, just let the enroll operating fail and we'll attempt
to get a PIN anyway. Might avoid some unneccessary PIN prompts.

Part of GHPR#302 from Corinna Vinschen; ok dtucker@

2 years agochange some 4.4BSD references to earlier releases
jsg [Fri, 5 Aug 2022 00:53:57 +0000 (00:53 +0000)]
change some 4.4BSD references to earlier releases
ok schwarze@

2 years agoUse 16 bit variable to store more fragment flag. This avoids loss
bluhm [Thu, 4 Aug 2022 18:05:09 +0000 (18:05 +0000)]
Use 16 bit variable to store more fragment flag.  This avoids loss
of significant bits on big endian machines.  Bug has been introduced
in previous commit by removing the =! 0 check.
OK mvs@

2 years agoAdd HISTORY and AUTHORS.
schwarze [Thu, 4 Aug 2022 15:38:33 +0000 (15:38 +0000)]
Add HISTORY and AUTHORS.

In https://minnie.tuhs.org/pipermail/tuhs/2020-January/019955.html ,
Brian Walden wrote (which looks like a reliable source to me):

"GWRL stands for Gottfried W. R. Luderer, the author of cut(1) and
paste(1), probably around 1978.  Those came either from PWB or USG,
as he worked with, or for, Berkley Tague. Thus they made their way
into AT&T commercial UNIX, first into System III and the into System
V, and that's why they are missing from early BSD releases as they
didn't get into Research UNIX until the 8th Edition.
[...]
I knew Dr. Luderer [...]
I also briefly worked for Berk when he was the department head
for 45263 in Whippany Bell Labs before moving to Murray Hill."

Omission pointed out by daniel@.
Joint work with jsg@.
OK jsg@ daniel@.

2 years agoOnce all files from argv have been read the main process can unveil to
claudio [Thu, 4 Aug 2022 13:44:07 +0000 (13:44 +0000)]
Once all files from argv have been read the main process can unveil to
the cachedir and if output files are written to outputdir. In -f mode
the unveil can be read-only in normal operation rwc is required because
the main process writes the RRDP files and also does the cleanup at the
end of the run.
Input from tb@ and mestre@, OK tb@

2 years agoChange g and G to go to top and bottom of menu, GitHub issue 3286.
nicm [Thu, 4 Aug 2022 12:06:09 +0000 (12:06 +0000)]
Change g and G to go to top and bottom of menu, GitHub issue 3286.

2 years agoSWITCH section in ifconfig(8) no longer exists; point people at VEB instead
stsp [Thu, 4 Aug 2022 11:50:51 +0000 (11:50 +0000)]
SWITCH section in ifconfig(8) no longer exists; point people at VEB instead

2 years agoCorrect a markup mistake found with mandoc -T lint:
schwarze [Thu, 4 Aug 2022 11:50:46 +0000 (11:50 +0000)]
Correct a markup mistake found with mandoc -T lint:
Use .Vt instead of .Tn for mode_t and dev_t.
While here, also use .Fa rather than .Va for st_rdev (as usual
for struct fields), and correctly mark up st_mode and S_IFMT.

2 years agoFor clarity and consistency, refer to ".Bx 4.0" rather than ".Bx 4".
schwarze [Thu, 4 Aug 2022 11:31:18 +0000 (11:31 +0000)]
For clarity and consistency, refer to ".Bx 4.0" rather than ".Bx 4".
Also, mention /usr/ucb/man because /usr/bin/man did not provide -f in 4.0BSD.

2 years agoUse ".Bx 4.0" rather than ".Bx 4" for clarity and consistency.
schwarze [Thu, 4 Aug 2022 11:14:46 +0000 (11:14 +0000)]
Use ".Bx 4.0" rather than ".Bx 4" for clarity and consistency.
Both are correct, but "4.0" avoids the misunderstanding that we were
talking about any unspecified 4.xBSD release, and it is much more widely
used in our manuals.
Discussed with jsg@ in the context of other manual pages.

2 years agoAdd some glue to fetch the tlsext functions from the tls_extensions[]
tb [Thu, 4 Aug 2022 09:28:31 +0000 (09:28 +0000)]
Add some glue to fetch the tlsext functions from the tls_extensions[]
table rather than calling the functions directly.

2 years agoMake tlsext_*_{build,needs,parse}() functions static
tb [Thu, 4 Aug 2022 09:27:36 +0000 (09:27 +0000)]
Make tlsext_*_{build,needs,parse}() functions static

None of these functions are used outside of ssl_tlsext.c. The only reason
they are prototyped in the header is for the use of tlsexttest.c. Rather
than having a big pile of useless copy-paste in the header, we can adapt
the test to avoid using these functions directly.

ok jsing

2 years agoDefault to softraid on boot-device iff found
kn [Thu, 4 Aug 2022 09:16:53 +0000 (09:16 +0000)]
Default to softraid on boot-device iff found

root on softraid on sparc64 currently requires explicitly passing the volume
name as part of the boot arguments, e.g.
boot-file=sr0
boot-file=sr0a:/bsd
or
{ok} boot my-devalias sr0:

(ofwboot always probes for softraid devices, assembles them but continues
 to ignore such volumes unless specified.)

This is inconsistent with softraid support on other platforms and has
further drawbacks when it comes to sysupgrade logic.

Unless an explicit root disk was given, make ofwboot default to the softraid
volume on the boot device to make root on softraid work out of the box
without having to set variables or pass arguments in OpenBoot.

Eventually, ofwboot's disk discovery and softraid assembly machinery will be
fixed and boot-file won't be misused for softraid purposes anymore.

Remove the quirky softraid paragraph from boot_sparc64(8) now that it
is purely optional, expecting users from now on to either leave boot-file
empty or pass a kernel filename alone.

Tested on T4-2 guest domains with and without root on softraid.

Feedback claudio kettenis stsp
OK kettenis (previous diff)
OK stsp

2 years agoMop up key_len assignments.
jsing [Thu, 4 Aug 2022 08:06:48 +0000 (08:06 +0000)]
Mop up key_len assignments.

Remove unnecessary conditions for XTS mode, since we know which are XTS.
Also use bytes rather than bits / 8.

ok tb@

2 years agoMop up EVP_CIPH_FLAG_FIPS usage.
jsing [Thu, 4 Aug 2022 08:02:31 +0000 (08:02 +0000)]
Mop up EVP_CIPH_FLAG_FIPS usage.

LibreSSL does not do FIPS and nothing else sets or checks these.

ok tb@

2 years agoRemove various aesni_* defines to aes_* functions.
jsing [Thu, 4 Aug 2022 08:00:11 +0000 (08:00 +0000)]
Remove various aesni_* defines to aes_* functions.

A number of the AES-NI functions are #defines to an aes_* function - remove
these and just use the AES variant directly.

ok tb@

2 years agoadd openbsd-73-syspatch.pub to the sets
robert [Thu, 4 Aug 2022 07:16:49 +0000 (07:16 +0000)]
add openbsd-73-syspatch.pub to the sets

2 years agoadd 7.3 syspatch pubkey
robert [Thu, 4 Aug 2022 07:15:33 +0000 (07:15 +0000)]
add 7.3 syspatch pubkey

2 years agochange some 4.4BSD references to earlier releases
jsg [Thu, 4 Aug 2022 06:20:24 +0000 (06:20 +0000)]
change some 4.4BSD references to earlier releases
ok schwarze@

2 years agocu first appeared outside of Bell Labs in PWB/UNIX 1.0 before v7
jsg [Thu, 4 Aug 2022 04:01:48 +0000 (04:01 +0000)]
cu first appeared outside of Bell Labs in PWB/UNIX 1.0 before v7
mention tip in 4.1c while here

with and ok schwarze@ ok nicm@

2 years agoAdd workarounds for some symbols that are hidden under !LIBRESSL_INTERNAL
tb [Wed, 3 Aug 2022 20:17:38 +0000 (20:17 +0000)]
Add workarounds for some symbols that are hidden under !LIBRESSL_INTERNAL
until the next bump exposes new symbols that we can use.

2 years agoPrepare to provide PKCS12 accessors
tb [Wed, 3 Aug 2022 20:16:06 +0000 (20:16 +0000)]
Prepare to provide PKCS12 accessors

In order to be able to make pkcs12/ opaque, we need an entire family of
accessors. These are in a particularly nasty tangle since this was done
in about a dozen steps while sprinkling const, renaming functions, etc.
The public API also adds backward compat macros for functions that were
in the tree for half a day and then renamed. Of course some of them got
picked up by some ports.

Some of the gruesome hacks in here will go away with the next bump, but
that doesn't mean that the pkcs12 directory will be prettier afterward.

ok jsing

2 years agoSince ts(1) is line-based, always using line buffering
job [Wed, 3 Aug 2022 16:54:30 +0000 (16:54 +0000)]
Since ts(1) is line-based, always using line buffering

makes sense millert@
yep deraadt@

2 years agoAdd aplaudio(4) and aplmca(4). The aplmca(4) driver controls the hardware
kettenis [Wed, 3 Aug 2022 13:42:16 +0000 (13:42 +0000)]
Add aplaudio(4) and aplmca(4).  The aplmca(4) driver controls the hardware
block that takes data from apldma(4), serializes it and sends it out on
the i2s ports.  The aplaudio(4) driver ties together aplmca(4) and various
codecs to present an audio(4) interface to the system.

This is still WIP, but good enough to play back audio on the speaker in the
M1 mini.

ok patrick@

2 years agoClear active state when we attach.
kettenis [Wed, 3 Aug 2022 13:36:51 +0000 (13:36 +0000)]
Clear active state when we attach.

ok patrick@

2 years agoDo not crash when searching for .* with extremely long lines. Reported
nicm [Wed, 3 Aug 2022 13:27:48 +0000 (13:27 +0000)]
Do not crash when searching for .* with extremely long lines. Reported
by Torbjorn Lonnemark, GitHub issue 3272.

2 years agoAdd comment that NEXTHOP_FLAPPED is only set on oldstate of a nexthop.
claudio [Wed, 3 Aug 2022 08:56:23 +0000 (08:56 +0000)]
Add comment that NEXTHOP_FLAPPED is only set on oldstate of a nexthop.

2 years agotail(1) first appeared outside of Bell Labs in PWB/UNIX 1.0
jsg [Wed, 3 Aug 2022 08:28:19 +0000 (08:28 +0000)]
tail(1) first appeared outside of Bell Labs in PWB/UNIX 1.0

with and ok schwarze@

2 years agosed(1) first appeared outside of Bell Labs in PWB/UNIX 1.0
jsg [Wed, 3 Aug 2022 08:16:50 +0000 (08:16 +0000)]
sed(1) first appeared outside of Bell Labs in PWB/UNIX 1.0

it did not start in the PWB group

"The talk said that tools like grep and sed came from PWB,
but that's not true. They were original"

"The flow from PWB back to the main research line was a trickle at best.
We had bad NIH in 1127."

Rob Pike
https://minnie.tuhs.org/pipermail/tuhs/2020-February/020329.html

The 4.4BSD version was written by Diomidis Spinellis
credited in csrg/admin/admin/contrib

"In 1992, as a bored PhD student, I reimplemented sed(1) and contributed
it the unencumbered BSD version that was then being put together"
https://www.spinellis.gr/blog/FreeBSD.html

with and ok schwarze@

2 years agoFix a modify after free error in kroute_remove()
claudio [Wed, 3 Aug 2022 08:16:05 +0000 (08:16 +0000)]
Fix a modify after free error in kroute_remove()

knexthop_validate() will modify the kroute the nexthop points to.
Because of this knexthop_validate() needs to be called before the
to be removed kroute is freed. Move the code into kroute_remove[46]
so the order is correct.
Problem found and fix tested by sthen@.
OK sthen@ tb@

2 years agoBug was reported by Chriss Cappucio. It has turned out my earlier change
sashan [Wed, 3 Aug 2022 08:16:04 +0000 (08:16 +0000)]
Bug was reported by Chriss Cappucio. It has turned out my earlier change
to pf_lb.c was not complete. We must add a test to determine number of
addresses defined by pool, so we don't treat pool definition
172.16.0.0/16 as a single IP address in pool. If pool is defined as
172.16.0.0/16, then we don't want to fall back to PF_POOL_NONE. Missing
this measure in pf_map_addr() may cause pf_get_sport() to enter infinite
loop when source ports translation become depleted for the first address
found in pool (like 172.16.0.1), because the bug prevents pf_map_addr()
to move to next address in pool (like 172.16.0.2).

while investigating issue I've also noticed an oddity for small random
pools such as 192.168.1.32/28. One would expect the addresses for nat
will be randomly picked from range .32 - .47 in this case. however the
random selection yield significantly more (like 20%) addresses ending by .32
In order to fix it we make random pool to use arc4random_uniform(~mask + 1)
instead of current arc4random().

feedback by claudio@
tested by hrvoje@

2 years agoFix possible NULL dereference in knexthop_validate().
claudio [Wed, 3 Aug 2022 08:11:18 +0000 (08:11 +0000)]
Fix possible NULL dereference in knexthop_validate().

kroute_match() may return NULL so setting kn->ifindex should only
be done if the kroute is valid. Also set the ifindex to 0 in
kroute_detach_nexthop().
Based on a bigger diff which is OK tb@ and sthen@

2 years agomake(1) first appeared outside of Bell Labs in PWB/UNIX 1.0
jsg [Wed, 3 Aug 2022 07:54:47 +0000 (07:54 +0000)]
make(1) first appeared outside of Bell Labs in PWB/UNIX 1.0

it did not start in the PWB group
"PWB did not create make; Stu Feldman did it in research." Doug McIlroy
https://minnie.tuhs.org/pipermail/tuhs/2015-November/007572.html

with and ok schwarze@