tb [Fri, 28 Jul 2023 10:35:14 +0000 (10:35 +0000)]
Remove various ${thing}_options
Various, ancient ciphers exposed some of their innards via an _options()
API. Apart from openssl version/speed, only some lua thingie in nmap ever
looked at these. Go figure.
hppa testing by miod, i386 testing by sthen. Thanks!
ok jsing
tb [Fri, 28 Jul 2023 10:33:13 +0000 (10:33 +0000)]
Remove more ASN1_BIT_STRING API
This removes ASN1_BIT_STRING_name_print(), ASN1_BIT_STRING_{num,set}_asc().
Before trust was properly handled using OIDs, there was a period where it
used bit strings. The actual interfaces used in openssl x509 were removed,
but the functions they wrapped remained unused for the next 24 years.
ok jsing
tb [Fri, 28 Jul 2023 10:30:16 +0000 (10:30 +0000)]
Remove ASN1_BIT_STRING_check
This was added with the TS code for no discernible reason. I could not
find a single consumer. In the unlikely event that you need this, it is
easy enough to write a better version of it yourself.
ok jsing
tb [Fri, 28 Jul 2023 10:28:02 +0000 (10:28 +0000)]
Provide CMS{,_SignerInfo}_get_version
Add accessors for the syntax versions of ContentInfo and SignerInfo.
These will be used soon in rpki-client for some more compliance checks.
ok job jsing
tb [Fri, 28 Jul 2023 10:26:33 +0000 (10:26 +0000)]
Remove sk_nid_triple_*()
The nid_triple stack is no more. Its type never was part of the public API.
Why its stack macros were will remain a mystery.
ok jsing
tb [Fri, 28 Jul 2023 10:25:05 +0000 (10:25 +0000)]
Remove OBJ_add_sigid() and OBJ_sigid_free()
Another bit of unused extensibility that was responsible for a lot
of complexity until recently. This removes the remaining stubs from
the public API.
ok jsing
tb [Fri, 28 Jul 2023 10:23:19 +0000 (10:23 +0000)]
Remove more ERR cruft
Ever wondered how many entries populate the various err hashes?
Me neither. Remove this garbage.
ok jsing
tb [Fri, 28 Jul 2023 10:21:01 +0000 (10:21 +0000)]
Remove ERR_{get,set}_implementation()
Much like ex_data, applications can make the library use their own error
stack implementation. Well, except as of right now they no longer can.
ok jsing
tb [Fri, 28 Jul 2023 10:19:20 +0000 (10:19 +0000)]
Make ex_data implementations internal
To state the obvious: library suffers from way too much extensibility. In
theory, applications can implement their own ex_data implementation. In
practice, none did. A glance at ex_data.c might give an idea as to why.
Make this internal so this particular turd can be replaced with something
slightly saner.
Also sync up the CRYPTO_EX_INDEX_* defines with OpenSSL - at least
the parts we support.
ok jsing
tb [Fri, 28 Jul 2023 10:17:21 +0000 (10:17 +0000)]
Remove BUF_[a-z]* API
This are a bunch of strange string handlers with NULL checks that make
no real sense except to some devs who like to sprinkle them everywhere.
Fortunately, nothing uses these anymore, so they can go.
ok jsing
tb [Fri, 28 Jul 2023 10:13:50 +0000 (10:13 +0000)]
Drop BIO_n{read,write}{,0}()
This is one of those strange things that should never have made it into
a security-oriented libraries. From BIO_s_bio.3:
.\" The following non-copying I/O functions are intentionally undocumented
.\" because they seem fragile and unused by anything:
It was used in a single place: the gorgeous ssltest. I'm not smart enough
to follow. Also:
/* WARNING: The non-copying interface is largely untested as of yet
* and may contain bugs. */
Oh, really? Into the great bitbucket in the sky you go.
ok jsing
tb [Fri, 28 Jul 2023 10:07:30 +0000 (10:07 +0000)]
Remove the get_rfc*_prime_*() API
Inconsistently named with the rest of the API, so OpenSSL 1.1 introduced
the same functions with a BN_ prefix. We'll keep the latter.
ok jsing
tb [Fri, 28 Jul 2023 10:05:16 +0000 (10:05 +0000)]
Make BN_BLINDING internal
RSA is pretty bad. In my most optimistic moments I dream of a world that
stopped using it. That won't happen during my lifetime, unfortunately.
Blinding is one way of making it a little less leaky. Unfortunately this
side-channel leak mitigation leaked out of the library for no good reason.
Let's at least fix that aspect of it.
ok jsing
tb [Fri, 28 Jul 2023 10:02:11 +0000 (10:02 +0000)]
Remove ASN1_bn_print() and ASN1_buf_print()
ASN1_bn_print() is a hilariously bad API that was replaced with a saner
interface internally. ASN1_buf_print() isn't terrible, but it is too
specialized to be of real use. It was only exposed because ASN1_bn_print()
was already there. Its only use had been in the EdDSA printing code before
it was replaced with an internal helper.
ok jsing
tb [Fri, 28 Jul 2023 10:00:10 +0000 (10:00 +0000)]
Make ASN1_{primitive,template}_* internal
These were long removed from the public OpenSSL API, so we can do the
same. Remove ASN1_template_{d2i,i2d}() - those are unused internally.
ok jsing
tb [Fri, 28 Jul 2023 09:58:30 +0000 (09:58 +0000)]
Make ASN.1 BIO internal
With every bump we can remove a bit more of the ASN.1 BIO and the
streaming interface. At some point enough will be internal so that
we can rewrite it and bring it in a shape where mere mortals can
follow all the twists and turns. This is the next step: BIO_f_asn1(3)
goes away and takes BIO_asn1_{get,set}_{prefix,suffix}() with it,
a bunch of functions helping along in a write-after-free recently.
The getters go away, the setters stay for now.
ok jsing
tb [Fri, 28 Jul 2023 09:53:55 +0000 (09:53 +0000)]
Set OPENSSL_NO_ENGINE, remove engine code
ENGINE was special. It's horrible code even by the low standards of this
library. Some ports may now try to use the stubs which will fail, but
the fallout from this should be minimal. Of course there are various
language bindings that expose the ENGINE API. OpenSSL 3 disabling ENGINE
by default will likely help fixing this at some point.
ok jsing
tb [Fri, 28 Jul 2023 09:47:16 +0000 (09:47 +0000)]
sync
tb [Fri, 28 Jul 2023 09:46:36 +0000 (09:46 +0000)]
Drop DSO and define OPENSSL_NO_DSO
DSO and in particular dlopen() was used for dynamic engines, which we
removed a long time ago and for dynamic conf modules, which we removed
only very recently. Now remove this dangerous interface.
ok jsing
claudio [Fri, 28 Jul 2023 09:46:13 +0000 (09:46 +0000)]
Properly emulate wait_event_interruptible_locked().
This function is called with the wait_queue_head locked, so the code
can not use prepare_to_wait()/finish_wait() since these assume the
wqh is unlocked. Also the lock needs to be held right up to the
schedule()/sleep_finish() call.
OK kettenis@ jsg@
tb [Fri, 28 Jul 2023 09:42:44 +0000 (09:42 +0000)]
Drop the comp module
opensslfeatures.h has long defined OPENSSL_NO_COMP and the build with
ZLIB was broken in openssl(1) since 2015 and in libcrypto since 2022.
ZLIB was unifdefed a while ago, now we can retire the public API.
The comp.h header stays devoid of code because a number of ports use it
for historic reasons.
ok jsing
claudio [Fri, 28 Jul 2023 09:41:43 +0000 (09:41 +0000)]
Remove local hack in intel_atomic_commit_fence_wait().
This functions registers the proc on two wait_queues so either one
can wakeup the proc. Until lately this was not possible because a
mutex was held when setting up the wait state. Since the rework of
the sleep API and the cleanup of the linux wait.h implementation this
is no longer the case.
Tested by various people with different inteldrm versions.
OK kettenis@ jsg@
mvs [Fri, 28 Jul 2023 09:33:16 +0000 (09:33 +0000)]
Compare m_pullup(9) return value against NULL instead of 0.
tb [Fri, 28 Jul 2023 09:31:21 +0000 (09:31 +0000)]
Remove some unneeded includes from ecdh.c
tb [Fri, 28 Jul 2023 09:30:22 +0000 (09:30 +0000)]
Pull up zeroing of out; drop unnecessary check
Move the zeroing of the output buffer a few lines up and remove an
unnecessary check.
requested/ok jsing
tb [Fri, 28 Jul 2023 09:29:24 +0000 (09:29 +0000)]
Rename buflen to buf_len, use calloc/freezero
Some cosmetic tweaks in ecdh_compute_key(). Rename buflen to buf_len
to match out_len, use calloc() and freezero().
ok jsing
tb [Fri, 28 Jul 2023 09:28:37 +0000 (09:28 +0000)]
Move KDF handling to ECDH_compute_key()
In OpenSSL
e2285d87, the KDF handling was moved from the compute_key()
method into the public API. A consequence of this change is that the
ECDH_compute_key() API no longer returns -1 for some errors. Existing
checks for <= 0 are safe as are those checking for the exact length as
return value, which is all what the ecosystem seems to be doing.
ok jsing
tb [Fri, 28 Jul 2023 09:25:12 +0000 (09:25 +0000)]
Merge ecdh.h into ec.h
The remaining two ECDH interfaces are relocated into ec.h. ecdh.h
remains. It does nothing but include ec.h.
ok jsing
tb [Fri, 28 Jul 2023 09:22:26 +0000 (09:22 +0000)]
Excise ECDH_METHOD
Unlike ECDSA_METHOD, this has been unused forever but kind of needed to
stay for symmetry with ECDSA_METHOD. Now we can finally take it behind
the barn and remove its tendrils into ENGINE.
ok jsing
tb [Fri, 28 Jul 2023 09:19:58 +0000 (09:19 +0000)]
Remove ECDH errors
Much like the ECDSA errors, the ECDH errors have been unused for a
while. Garbage collect them.
ok jsing
tb [Fri, 28 Jul 2023 09:18:10 +0000 (09:18 +0000)]
Remove some unneeded includes from ecdsa.h
tb [Fri, 28 Jul 2023 09:16:17 +0000 (09:16 +0000)]
Merge ecdsa.h into ec.h
Move the remaining ECDSA API into ec.h to match OpenSSL 1.1's interface
better. In particular, the EC_KEY sign and verify method accessors are
moved to the right header. Whether the rest of the ECDSA stuff belongs
there is debatable, but that was upstream's choice.
ok jsing
tb [Fri, 28 Jul 2023 09:08:31 +0000 (09:08 +0000)]
Remove ECDSA_METHOD
After smtpd (in base) and libtls finally switched from ECDSA_METHOD to
EC_KEY_METHOD, much of the ECDSA_METHOD code was neutered. Remove the
remaining public API as well as numerous tentacles into ENGINE.
ok jsing
tb [Fri, 28 Jul 2023 09:01:25 +0000 (09:01 +0000)]
Remove ecs_err.c
These error codes have been unused for a while, so the public API loading
them is pointless.
ok jsing
tb [Fri, 28 Jul 2023 08:57:46 +0000 (08:57 +0000)]
Place public ECDSA API next to the internal methods
It is hard to remember that ECDSA_do_{sign,verify}() call ecdsa_sign_sig().
Especially since the distinction to ECDSA_{sign,verify}() isn't clear from
the names. To add to the confusion, the public API is ordered differently
than the methods they call. So in this case it seems tidier to place the
public API next to the methods.
ok jsing
tb [Fri, 28 Jul 2023 08:54:41 +0000 (08:54 +0000)]
Remove ECDSA_{do_,}sign_ex()
There is no reason to keep these. It is cleaner to keep ECDSA_sign_setup()
but remove the logic for passed-in kinv and r.
Refuse to cooperate as far as possible. Someone could still implement
their own versions of ECDSA_{do_,}_sign_ex() and ECDSA_sign_setup() by
leveraging EC_KEY_METHOD_get_sign() and building their own wrappers.
We can't make such an implementation of ECDSA_sign_setup() fail, but we
make the actual signing fail since we no longer "do the right thing".
ok jsing
tb [Fri, 28 Jul 2023 08:49:43 +0000 (08:49 +0000)]
Make extended ECDSA signing routines internal
ECDSA_sign_setup() permits precomputing the values of the inverse of the
random k and the corresponding r. These can then be fed into the signing
routines ECDSA_{do_,}sign_ex() multiple times if needed. This is not a
great idea and the interface adds a lot of unwanted complexity.
Not to mention that nothing ever used this correctly - if s works out to
0, a special error code is thrown requesting that the caller provide new
kinv and r values. Unsurprisingly, nobody ever checked for that special
error code.
ok jsing
This commit marks the start of a libcrypto major bump. Do not build the
tree until I bumped the shlib_version and synced file sets (in about 35
commits).
claudio [Fri, 28 Jul 2023 07:31:38 +0000 (07:31 +0000)]
Use ibuf_data() instead of accessing the ibuf buf pointer directly.
Also convert some ibuf_add(() calls to ibuf_add_buf() where appropriate.
OK tobhe@ tb@
jsg [Fri, 28 Jul 2023 07:10:26 +0000 (07:10 +0000)]
Revert "drm/amd/display: edp do not add non-edid timings"
From Hersen Wu
1d4607f2a50c749e47a4b80030733cbf77c5570a in linux-6.1.y/6.1.42
d6149086b45e150c170beaa4546495fd1880724c in mainline linux
jsg [Fri, 28 Jul 2023 07:08:10 +0000 (07:08 +0000)]
drm/amd/display: Add polling method to handle MST reply packet
From Wayne Lin
2f2ba3c16230e1de649a877e5819673c849ca0f2 in linux-6.1.y/6.1.42
4f6d9e38c4d244ad106eb9ebd8c0e1215e866f35 in mainline linux
jsg [Fri, 28 Jul 2023 07:05:07 +0000 (07:05 +0000)]
drm/amd/display: fix linux dp link lost handled only one time
From Hersen Wu
78ea2ed76ce94f090d2a9c36b1b58f79ce3b93b8 in linux-6.1.y/6.1.42
e322843e5e33e72ff218d661f3d15ff9c9f2f1b5 in mainline linux
jsg [Fri, 28 Jul 2023 07:02:47 +0000 (07:02 +0000)]
drm/amd/display: Clean up errors & warnings in amdgpu_dm.c
From Srinivasan Shanmugam
b31143b0fbbd7bae05905f838bb7f8c07eb86662 in linux-6.1.y/6.1.42
87279fdf5ee0ad1360765ef70389d1c4d0f81bb6 in mainline linux
jsg [Fri, 28 Jul 2023 07:00:27 +0000 (07:00 +0000)]
drm/amd/display: force connector state when bpc changes during compliance
From Qingqing Zhuo
c14702daf1f5969e1dead51eff596f776007434d in linux-6.1.y/6.1.42
028c4ccfb8127255d60f8d9edde96cacf2958082 in mainline linux
jsg [Fri, 28 Jul 2023 06:56:32 +0000 (06:56 +0000)]
drm/dp_mst: Clear MSG_RDY flag before sending new message
From Wayne Lin
00f68f5c1be12828a6f0b1e0f1017e1399b23a73 in linux-6.1.y/6.1.42
72f1de49ffb90b29748284f27f1d6b829ab1de95 in mainline linux
jsg [Fri, 28 Jul 2023 06:52:04 +0000 (06:52 +0000)]
drm/amd/display: fix some coding style issues
From Srinivasan Shanmugam
c085ffaf67db1ba48b733bc7fe4d7f5be9b77e2b in linux-6.1.y/6.1.42
ae67558be712237109100fd14f12378adcf24356 in mainline linux
jsg [Fri, 28 Jul 2023 06:50:28 +0000 (06:50 +0000)]
drm/amd/display: use max_dsc_bpp in amdgpu_dm
From Hamza Mahfooz
374735cbe2f17dd80829adba5d0b764e9246341a in linux-6.1.y/6.1.42
6e5abe94c6eb9b281398e39819217e8fdd1c336f in mainline linux
jsg [Fri, 28 Jul 2023 06:48:41 +0000 (06:48 +0000)]
drm/ttm: fix bulk_move corruption when adding a entry
From Yunxiang Li
70a3015683b007a0db4a1e858791b69afd45fc83 in linux-6.1.y/6.1.42
4481913607e58196c48a4fef5e6f45350684ec3c in mainline linux
jsg [Fri, 28 Jul 2023 06:47:10 +0000 (06:47 +0000)]
drm/radeon: Fix integer overflow in radeon_cs_parser_init
From hackyzh002
2e1be420b86980c25a75325e90dfc3fc73126f61 in linux-6.1.y/6.1.42
f828b681d0cd566f86351c0b913e6cb6ed8c7b9c in mainline linux
jsg [Fri, 28 Jul 2023 06:45:27 +0000 (06:45 +0000)]
drm/amd/display: Keep PHY active for DP displays on DCN31
From Nicholas Kazlauskas
b9741ba942f3f2c36de96241dfaf2dbbd3b5c826 in linux-6.1.y/6.1.42
2387ccf43e3c6cb5dbd757c5ef410cca9f14b971 in mainline linux
jsg [Fri, 28 Jul 2023 06:43:33 +0000 (06:43 +0000)]
drm/amd/display: check TG is non-null before checking if enabled
From Taimur Hassan
889bac5fd7969b745c0554155852ce1e3c140497 in linux-6.1.y/6.1.42
5a25cefc0920088bb9afafeb80ad3dcd84fe278b in mainline linux
jsg [Fri, 28 Jul 2023 06:41:36 +0000 (06:41 +0000)]
drm/amd/display: Disable MPC split by default on special asic
From Zhikai Zhai
9f28e8c2be1e1a8077f139121b01d139cb60b4b5 in linux-6.1.y/6.1.42
a460beefe77d780ac48f19d39333852a7f93ffc1 in mainline linux
jsg [Fri, 28 Jul 2023 06:39:54 +0000 (06:39 +0000)]
drm/amd/display: only accept async flips for fast updates
From Simon Ser
4385420741743247a7bdedb5c0b1eb5efe9a9edd in linux-6.1.y/6.1.42
1ca67aba8d11c2849d395013e1fdce02918d5657 in mainline linux
jsg [Fri, 28 Jul 2023 06:37:37 +0000 (06:37 +0000)]
drm/client: Fix memory leak in drm_client_modeset_probe
From Jocelyn Falempe
917bef37cfaca07781c6fbaf6cd9404d27e64e6f in linux-6.1.y/6.1.42
2329cc7a101af1a844fbf706c0724c0baea38365 in mainline linux
guenther [Fri, 28 Jul 2023 06:36:16 +0000 (06:36 +0000)]
Include a newline in a DPRINTF()
jsg [Fri, 28 Jul 2023 06:35:45 +0000 (06:35 +0000)]
drm/client: Fix memory leak in drm_client_target_cloned
From Jocelyn Falempe
b5359d7a5087ac398fc429da6833133b4784c268 in linux-6.1.y/6.1.42
c2a88e8bdf5f6239948d75283d0ae7e0c7945b03 in mainline linux
jsg [Fri, 28 Jul 2023 06:33:27 +0000 (06:33 +0000)]
drm/amdgpu/pm: make mclk consistent for smu 13.0.7
From Alex Deucher
91bd7acf89cbc118e8d5e01947e59f7928e26893 in linux-6.1.y/6.1.42
068c8bb10f37bb84824625dbbda053a3a3e0d6e1 in mainline linux
jsg [Fri, 28 Jul 2023 06:32:14 +0000 (06:32 +0000)]
drm/amdgpu/pm: make gfxclock consistent for sienna cichlid
From Alex Deucher
0b4f3d9a5c8a21486f806fa6583a6a21e3922bab in linux-6.1.y/6.1.42
a4eb11824170d742531998f4ebd1c6a18b63db47 in mainline linux
jsg [Fri, 28 Jul 2023 06:30:13 +0000 (06:30 +0000)]
dma-buf/dma-resv: Stop leaking on krealloc() failure
From Ville Syrjala
19e7b9f1f7e1cb92a4cc53b4c064f7fb4b1f1983 in linux-6.1.y/6.1.42
05abb3be91d8788328231ee02973ab3d47f5e3d2 in mainline linux
guenther [Fri, 28 Jul 2023 06:18:35 +0000 (06:18 +0000)]
Add CODEPATCH_CODE() macro to simplify defining a symbol for a chunk
of code to use in codepatching. Use that for all the existing
codepatching snippets.
Similarly, add CODEPATCH_CODE_LEN() which is CODEPATCH_CODE() but also
provides a short variable holding the length of the codepatch snippet.
Use that for some snippets that will be used for retpoline replacement.
ok kettenis@ deraadt@
tb [Fri, 28 Jul 2023 05:53:10 +0000 (05:53 +0000)]
Remove ASN1_BIT_STRING_set doco
tb [Fri, 28 Jul 2023 05:49:53 +0000 (05:49 +0000)]
Remove stale .Xr missed in previous
tb [Fri, 28 Jul 2023 05:48:54 +0000 (05:48 +0000)]
sync
tb [Fri, 28 Jul 2023 05:48:33 +0000 (05:48 +0000)]
Remove ASN1_BIT_STRING_num_asc.3
jmc [Fri, 28 Jul 2023 05:42:36 +0000 (05:42 +0000)]
%C is a callable macro in mdoc(7) so, as we do for %D, escape it;
djm [Fri, 28 Jul 2023 05:33:15 +0000 (05:33 +0000)]
don't need to start a command here; use ssh -N instead.
Fixes failure on cygwin spotted by Darren
jsg [Fri, 28 Jul 2023 03:06:46 +0000 (03:06 +0000)]
Fix off-by-one: SEFF0ECX_WAITPKG is bit 5, not bit 4.
from guenther@ in amd64
djm [Thu, 27 Jul 2023 22:26:49 +0000 (22:26 +0000)]
don't incorrectly truncate logged strings retrieved from PKCS#11
modules; based on GHPR406 by Jakub Jelen; ok markus
djm [Thu, 27 Jul 2023 22:25:17 +0000 (22:25 +0000)]
make sshd_config AuthorizedPrincipalsCommand and AuthorizedKeysCommand
accept the %D (routing domain) and a new %C (connection address/port
4-tuple) as expansion sequences; ok markus
djm [Thu, 27 Jul 2023 22:23:05 +0000 (22:23 +0000)]
increase default KDF work-factor for OpenSSH format private keys from
16 to 24; { feedback ok } x { deraadt markus }
mvs [Thu, 27 Jul 2023 22:20:51 +0000 (22:20 +0000)]
Fix routing message size check in route_output(). `rtm_hdrlen' type is
u_short, so add sizeof(rtm->rtm_hdrlen) instead of 1 to its offset
within rt_msghdr structure.
ok claudio
jan [Thu, 27 Jul 2023 20:21:25 +0000 (20:21 +0000)]
Fix inline vlan-tag handling of forwarded LRO packets from ix(4)
Implement vlan-tag parsing ether_extract_header() to use this information
to adjust the MSS calculation of LRO packets.
pointed out by mbuhl and bluhm
with tweaks from bluhm
ok bluhm@
kettenis [Thu, 27 Jul 2023 18:17:14 +0000 (18:17 +0000)]
Make _eprol (and _etext) hidden. Fixes "cc -pg" on arm64 where the
current code which has a local _eprol label in the inline asm and a
global _eprol declaration results in an incorrect relocation. This
also removes an unnecessary relocation on hppa (and possible on
other architectures as well).
ok guenther@
cheloha [Thu, 27 Jul 2023 17:52:53 +0000 (17:52 +0000)]
sched_init_cpu: move profclock staggering to clockintr_cpu_init()
initclocks() runs after sched_init_cpu() is called for secondary CPUs,
so profclock_period is still zero and the clockintr_stagger() call for
spc_profclock is useless. For now, just stagger spc_profclock during
clockintr_cpu_init() along with everything else.
guenther [Thu, 27 Jul 2023 16:33:56 +0000 (16:33 +0000)]
Fix off-by-one: SEFF0ECX_WAITPKG is bit 5, not bit 4.
ok mlarkin@ kettenis@ deraadt@
dv [Thu, 27 Jul 2023 09:27:43 +0000 (09:27 +0000)]
vmd(8): fix verbose logging in child processes.
The introduction of exec for vm's and fork+exec for virtio block
and network devices missed passing the log verbosity in argv. Add
the "-v" arguments based on current vverbosity at time of exec.
ok brynet@, mlarkin@
tb [Thu, 27 Jul 2023 07:08:09 +0000 (07:08 +0000)]
Prepare the ssltest for the upcoming bump
This is a hack. The test is in rather poor shape and it is hard to tell
whether it still does what it is supposed to be doing. Hopefully somemone
will rewrite this in a style that doesn't make me squeal on opening this
file...
tb [Thu, 27 Jul 2023 07:01:50 +0000 (07:01 +0000)]
Remove antiquated options output
This is uninteresting and rather meaningless except for the implementer.
No need to have several hundred lines of code backing half a dozen symbols
in the public API for this.
ok jsing
tb [Thu, 27 Jul 2023 06:41:39 +0000 (06:41 +0000)]
Annotate bogus output as incorrect
Some people already have way too many simple and not too important diffs in
their inbox. This isn't worth kicking something more important out of the
queue.
tb [Thu, 27 Jul 2023 06:20:45 +0000 (06:20 +0000)]
Fix two mandoc -Tlint warnings left in previous
tb [Thu, 27 Jul 2023 05:31:28 +0000 (05:31 +0000)]
Fix typo
guenther [Thu, 27 Jul 2023 01:51:35 +0000 (01:51 +0000)]
Report speculation control bits in dmesg cpu lines.
ok mlarkin@
guenther [Thu, 27 Jul 2023 00:30:07 +0000 (00:30 +0000)]
The interrupt resume (Xdoreti) and recurse (Xspllower) paths are
invoked using indirect branches and should have endbr64's.
ok deraadt@
guenther [Thu, 27 Jul 2023 00:28:24 +0000 (00:28 +0000)]
Follow the lead of mips64 and make cpu_idle_cycle() just call the
indirect pointer itself and provide an initializer for that going
to the default "just enable interrupts and halt" path.
ok kettenis@
djm [Wed, 26 Jul 2023 23:06:00 +0000 (23:06 +0000)]
make ssh -f (fork after authentication) work properly in multiplexed
cases (inc. ControlPersist). bz3589 bz3589
Based on patches by Peter Chubb; ok dtucker@
tb [Wed, 26 Jul 2023 22:51:01 +0000 (22:51 +0000)]
Prepare this test for the upcoming bump
tb [Wed, 26 Jul 2023 22:46:06 +0000 (22:46 +0000)]
Remove comment containing an outdated path
jmc [Wed, 26 Jul 2023 20:23:22 +0000 (20:23 +0000)]
revert previous: dlg tells me it's incorrect
tb [Wed, 26 Jul 2023 20:15:51 +0000 (20:15 +0000)]
Remove ERR_get_{err_state,string}_table documentation
tb [Wed, 26 Jul 2023 20:12:45 +0000 (20:12 +0000)]
Remove BUF_reverse and BUF_strdup documentation
tb [Wed, 26 Jul 2023 20:09:25 +0000 (20:09 +0000)]
sync
tb [Wed, 26 Jul 2023 20:08:59 +0000 (20:08 +0000)]
BN_BLINDING will be made internal-only. Remove its documentation
tb [Wed, 26 Jul 2023 20:01:51 +0000 (20:01 +0000)]
sync
tb [Wed, 26 Jul 2023 20:01:04 +0000 (20:01 +0000)]
BIO_f_asn1 and the prefix/suffix API will be removed
Remove their documentation and mark some associated constants as
intentionally undocumented until they will be removed from public
headers.
tb [Wed, 26 Jul 2023 19:30:43 +0000 (19:30 +0000)]
Document CMS_SignerInfos_get_version and CMS_get_version which will
be added in the upcoming bump.
tb [Wed, 26 Jul 2023 17:15:25 +0000 (17:15 +0000)]
Tweak EC_GROUP_check_discriminant()
Make the logic and control flow a bit more explicit and use a single
extra variable for computing the discriminant. Call it discriminant,
not tmp, tmp_1 or tmp_2.
ok jsing
tb [Wed, 26 Jul 2023 12:26:48 +0000 (12:26 +0000)]
Unindent a big block in EC_GROUP_get_affine_coordinates()
tb [Wed, 26 Jul 2023 12:24:28 +0000 (12:24 +0000)]
Introduce and use ec_encode_scalar()
This introduces two "inverses" of the ec_decode_scalar() function that take
a BIGNUM, reduce it modulo p and then encodes it into the curve's field
representation. For setting projective coordinates, we need a specialized
helper that deals with the Z_is_one optimization that is used to optimize
for calculations in standard affine coordinates of the projective plane.
This is used for simplifying EC_POINT_set_Jprojective_coordinates() and
for cleaning up and streamlining EC_GROUP_set_curve().
ok jsing
tb [Wed, 26 Jul 2023 12:16:55 +0000 (12:16 +0000)]
Garbage collect the unused order in check_discriminant()
ok jsing
tb [Wed, 26 Jul 2023 12:16:13 +0000 (12:16 +0000)]
Streamline check_discriminant()
Instead of inlining EC_GROUP_get_curve(), we can simply call it...
ok jsing
tb [Wed, 26 Jul 2023 12:12:13 +0000 (12:12 +0000)]
Introduce ec_decode_scalar()
This is a helper that decodes a scalar from field-internal representation
to a representation as a BIGNUM in the interval [0, p). This simplifies
EC_GROUP_get_curve() and EC_POINT_get_Jprojective_coordinates() to a few
obvious lines and prepares cleanup in EC_POINT_get_affine_coordinates().
ok jsing