martijn [Fri, 22 Jan 2021 06:33:26 +0000 (06:33 +0000)]
Remove the traphandler process, which was nothing more then a sham.
It did nothing more then receive a message over UDP, do some basic ber
and ASN.1 parsing and forward the packet to the parent process. snmpe can
do/does the same thing but with a far more thorough ASN.1 validation.
Because we move trap receiving to snmpe we get trap over tcp for free.
However, to make sure that a normal snmp port doesn't automatically start
handling traps a new set of "listen on" flags are introduced: read, write,
and notify. To enable trap handling either let snmpd listen on port 162
without flags, or add the notify flag. Only a flag without port results in
listening on port 162.
To keep current behaviour copy all UDP-based "listen on" lines without port
and add the notify keyword:
listen on 127.0.0.1 port 666
becomes
listen on 127.0.0.1 port 666
listen on 127.0.0.1 notify
This change also enforces snmpd to honor trap community on receiving a
trap, where previously no community was checked before handling a packet.
OK denis@, rob@
rob [Fri, 22 Jan 2021 03:20:56 +0000 (03:20 +0000)]
Valid integer and enumerated types always have non-zero length. Perform
check to ensure we avoid a possible (undefined) negative shift. Found
with clang static analyzer.
Tweaked and OK martijn@
dtucker [Fri, 22 Jan 2021 02:46:40 +0000 (02:46 +0000)]
PubkeyAcceptedKeyTypes->PubkeyAcceptedAlgorithms here too.
dtucker [Fri, 22 Jan 2021 02:44:58 +0000 (02:44 +0000)]
Rename PubkeyAcceptedKeyTypes keyword to PubkeyAcceptedAlgorithms.
While the two were originally equivalent, this actually specifies the
signature algorithms that are accepted. Some key types (eg RSA) can be
used by multiple algorithms (eg ssh-rsa, rsa-sha2-512) so the old name is
becoming increasingly misleading. The old name is retained as an alias.
Prompted by bz#3253, help & ok djm@, man page help jmc@
eric [Thu, 21 Jan 2021 22:03:25 +0000 (22:03 +0000)]
when using fake keys, skip the private key check
ok tb@
eric [Thu, 21 Jan 2021 22:02:17 +0000 (22:02 +0000)]
return -1 on error for consistency
ok tb@
millert [Thu, 21 Jan 2021 20:08:17 +0000 (20:08 +0000)]
Ignore special keys returned by the curses getch() function.
Prevents canfield from suspending itself when you resize the window.
Canfield is not prepared to deal with anything other than normal
characters so just ignore them. OK tb@ pjanzen@
florian [Thu, 21 Jan 2021 19:12:13 +0000 (19:12 +0000)]
ndp only deals with current localtime. Print time with subsecond
resolution in a less roundabout way.
OK phessler, bluhm
eric [Thu, 21 Jan 2021 19:11:39 +0000 (19:11 +0000)]
sync for libtls bump
eric [Thu, 21 Jan 2021 19:09:43 +0000 (19:09 +0000)]
minor bump after symbol addition
eric [Thu, 21 Jan 2021 19:09:10 +0000 (19:09 +0000)]
Allow setting a keypair on a tls context without specifying the private
key, and fake it internally with the certificate public key instead.
It makes it easier for privsep engines like relayd that don't have to
use bogus keys anymore.
ok beck@ tb@ jsing@
jsing [Thu, 21 Jan 2021 18:48:56 +0000 (18:48 +0000)]
Mop up unused dtls1_build_sequence_number() function.
bluhm [Thu, 21 Jan 2021 17:02:37 +0000 (17:02 +0000)]
Pledge violation for SO_RTABLE prints "wroute" now. Adapt test.
tobhe [Thu, 21 Jan 2021 16:50:46 +0000 (16:50 +0000)]
Handle NO_PROPOSAL_CHOSEN for CREATE_CHILD_SA.
ok markus@
tobhe [Thu, 21 Jan 2021 16:46:47 +0000 (16:46 +0000)]
Add support for INVALID_KE_PAYLOAD in CREATE_CHILD_SA
exchange. In the case of an invalid KE error, retry
CREATE_CHILD_SA exchange with different group instead
of restarting the full IKE handshake.
ok markus@
jmc [Thu, 21 Jan 2021 13:19:58 +0000 (13:19 +0000)]
revert previous after complaints from sthen and deraadt;
mpi [Thu, 21 Jan 2021 13:19:25 +0000 (13:19 +0000)]
Make it possible to convert map arguments to long and insert nsecs in maps.
Necessary to measure latency, example below to better understand the kqueue
select(2) regression:
syscall:select:entry { @start[pid] = nsecs; }
syscall:select:return { @usecs = hist((nsecs - @start[pid]) / 1000); }
mvs [Thu, 21 Jan 2021 13:18:07 +0000 (13:18 +0000)]
carp(4): convert ifunit() to if_unit(9)
ok dlg@ bluhm@
mvs [Thu, 21 Jan 2021 13:17:13 +0000 (13:17 +0000)]
vlan(4): convert ifunit() to if_unit(9)
ok dlg@ kn@
jmc [Thu, 21 Jan 2021 12:43:30 +0000 (12:43 +0000)]
remove an unneccessary escape; from martin vahlensieck
ok gilles
while, there, zap an unneccessary Tn;
dlg [Thu, 21 Jan 2021 12:33:14 +0000 (12:33 +0000)]
let vfs keep track of nonblocking state for us.
ok claudio@ mvs@
kevlo [Thu, 21 Jan 2021 11:05:38 +0000 (11:05 +0000)]
Document IFM_2500_T media type.
ok claudio@ jmc@ sthen@
sthen [Thu, 21 Jan 2021 10:31:57 +0000 (10:31 +0000)]
Backport "Squelch udp connect 'no route to host' errors" from upstream.
Problem reported and diff tested by danj@
From
5906811ff19f005110b2edbda5aa144ad5fa05b1 Mon Sep 17 00:00:00 2001
From: "W.C.A. Wijngaards" <wouter@nlnetlabs.nl>
Date: Tue, 1 Dec 2020 09:09:13 +0100
Subject: [PATCH] - Fix #358: Squelch udp connect 'no route to host' errors on
low verbosity.
kn [Thu, 21 Jan 2021 08:13:59 +0000 (08:13 +0000)]
Revert r1.87 "Pledge before authentication when possible"
Someone reported to me that
''This breaks ansible managed machines where "persist" isn't used. There
i get
/bsd: doas[49341]: pledge "proc", syscall 2
Using "persist", everything is fine.''
jmc [Thu, 21 Jan 2021 07:12:34 +0000 (07:12 +0000)]
some updates from pjanzen;
tb [Thu, 21 Jan 2021 05:02:25 +0000 (05:02 +0000)]
don't set AUTO_RETRY. it's a remnant of an experiment.
mortimer [Thu, 21 Jan 2021 00:16:36 +0000 (00:16 +0000)]
Rearrange variables in dump / restore to handle -fno-common.
Largely following the commit by mckusick in FreeBSD.
ok naddy@
bluhm [Wed, 20 Jan 2021 23:25:19 +0000 (23:25 +0000)]
An invalid packet may not have set src and dst in packet descriptor.
Add a NULL check to prevent crash in pflog(4) introduced in previous
commit.
Reported-by: syzbot+c6d2f2ad34b822bce98a@syzkaller.appspotmail.com
otto [Wed, 20 Jan 2021 19:44:48 +0000 (19:44 +0000)]
Missing return value; ok jmc@
tobhe [Wed, 20 Jan 2021 18:44:28 +0000 (18:44 +0000)]
Make sure to enforce matching dstid as initiator. Use policy lookup
to make sure the negotiated SA matches the selected policy.
ok patrick@
claudio [Wed, 20 Jan 2021 18:02:19 +0000 (18:02 +0000)]
Cleanup, fix and add a few more test cases. Make sure that the decision
flags work (by checking the same routes with and without the flag).
bluhm [Wed, 20 Jan 2021 17:38:18 +0000 (17:38 +0000)]
Test path MTU discovery with IPv6 TCP packets tunneled in IPv4 ESP.
bluhm [Wed, 20 Jan 2021 16:36:09 +0000 (16:36 +0000)]
If pledge "wroute" is missing for setsockopt SO_RTABLE, print failure
message "wroute" into dmesg. Since revision 1.263 pledge "wroute"
allows to change the routing table of a socket.
OK florian@ semarie@
bluhm [Wed, 20 Jan 2021 13:50:09 +0000 (13:50 +0000)]
Check the rewritten address output from tcpdump -e on pflog.
bluhm [Wed, 20 Jan 2021 13:40:15 +0000 (13:40 +0000)]
Print rewritten addresses in tcpdump(8) logged with pflog(4) for
rdr-to, nat-to, af-to rules. The kernel uses the information from
the packet description and fills it into the fields in the pflog
header. While doing this, it is trival to figure out whether the
packet has been rewritten.
OK sashan@
kettenis [Wed, 20 Jan 2021 12:44:45 +0000 (12:44 +0000)]
Reprogram outbound windows to match the device tree. Necessary because
the EDK2-based UEFI firmware sets it to its own hardcoded values.
Makes device-tree mode work with newer versions of the Raspberry Pi firmware.
ok patrick@
sthen [Wed, 20 Jan 2021 12:37:26 +0000 (12:37 +0000)]
typo; spotted by jmc
jmatthew [Wed, 20 Jan 2021 10:04:26 +0000 (10:04 +0000)]
Check management capabilities before trying to attach temperature sensors,
avoiding an unhelpful error message if the card's firmware doesn't expose
the sensor registers.
tested by chris@, who saw the unhelpful error message
ok dlg@
kn [Wed, 20 Jan 2021 07:30:51 +0000 (07:30 +0000)]
Pledge before authentication when possible
Generally, pleding before parsing the file seems hardly possible due to
unveil() being involved.
Pledging in case of the winning rule being a "persist" one is not possible
either due to TIOC{SET,CHK}VERAUTH not being allowed in the "tty" pledge.
But if "persist" is not used, we can pledge before authentication
without having to hoist or chang anything.
Feedback deraadt tedu
OK tdeu
nicm [Wed, 20 Jan 2021 07:16:54 +0000 (07:16 +0000)]
Change so that window_flags escapes # automatically which means configs
will not have to change. A new format window_raw_flags contains the old
unescaped version.
tb [Wed, 20 Jan 2021 07:05:25 +0000 (07:05 +0000)]
Drop unneeded cast in seal_record_protected_cipher
eiv_len was changed from an int to a size_t in r1.10, so casting it
to a size_t is now a noop.
ok jsing
bluhm [Tue, 19 Jan 2021 22:22:23 +0000 (22:22 +0000)]
pflog(4) tried to log the translated packet with rdr-to, nat-to,
and af-to addresses and ports applied. Therefore it created a mbuf
chain on the stack with a partial copy. This is too complicated
for IP options, extension header, NAT46 af-to, and fragmented mbuf
chains. It even caused a crash in syzkaller. Usually the length
checks in pf_setup_pdesc() rejected the faked mbuf and the goto
copy logged the packet unmodified. Remove the pflog_mtap() function
and call bpf_mtap_hdr() directly. As the old buggy code was bypassed
in most cases, tcpdump(8) output of pflog does not change.
Uncondionally log the unmodified packet.
Reported-by: syzbot+947e89e06ac3fec187d0@syzkaller.appspotmail.com
OK sashan@
dlg [Tue, 19 Jan 2021 21:52:59 +0000 (21:52 +0000)]
blacklist com on m3000s. our com code causes faults somehow.
console i/o still happens using ofw routines, which is Good Enough(tm)
for now. having a working machine means i can better test changes
now though.
ok deraadt@
kettenis [Tue, 19 Jan 2021 19:46:40 +0000 (19:46 +0000)]
Implement intx support.
ok patrick@
mvs [Tue, 19 Jan 2021 19:39:58 +0000 (19:39 +0000)]
pipex(4): convert ifunit() to if_unit(9)
ok dlg@
mvs [Tue, 19 Jan 2021 19:39:14 +0000 (19:39 +0000)]
switch(4): convert ifunit to if_unit(9)
ok dlg@
mvs [Tue, 19 Jan 2021 19:38:29 +0000 (19:38 +0000)]
pppoe(4): convert ifunit() to if_unit(9)
ok dlg@ kn@
mvs [Tue, 19 Jan 2021 19:37:42 +0000 (19:37 +0000)]
pipex(4): convert ifunit() to if_unit(9)
ok dlg@
mvs [Tue, 19 Jan 2021 19:36:48 +0000 (19:36 +0000)]
kern/subr_disk.c: convert ifunit() to if_unit(9)
ok dlg@
mvs [Tue, 19 Jan 2021 19:35:59 +0000 (19:35 +0000)]
nfs/nfs_boot.c: convert ifunit() to if_unit(9)
ok dlg@
kettenis [Tue, 19 Jan 2021 19:14:39 +0000 (19:14 +0000)]
Enable athn(4)
jsing [Tue, 19 Jan 2021 19:07:39 +0000 (19:07 +0000)]
Add code to handle change of cipher state in the new TLSv1.2 record layer.
This provides the basic framework for handling change of cipher state in
the new TLSv1.2 record layer, creating new record protection. In the DTLS
case we retain the previous write record protection and can switch back to
it when retransmitting. This will allow the record layer to start owning
sequence numbers and encryption/decryption state.
ok inoguchi@ tb@
jsing [Tue, 19 Jan 2021 18:57:09 +0000 (18:57 +0000)]
Provide functions to determine if TLSv1.2 record protection is engaged.
Call these functions from code that needs to know if we've changed cipher
state and enabled record protection, rather than inconsistently checking
various pointers from other places in the code base. This also fixes a
minor bug where the wrong pointers are checked if we're operating with
AEAD.
ok inoguchi@ tb@
jsing [Tue, 19 Jan 2021 18:51:08 +0000 (18:51 +0000)]
Provide record layer overhead for DTLS.
Rather than manually calculating the maximum record layer overhead in the
DTLS code, have the record layer provide this information. This also makes
it work correctly with AEAD ciphersuites.
ok inoguchi@ tb@
jsing [Tue, 19 Jan 2021 18:34:02 +0000 (18:34 +0000)]
Factor out code for explicit IV length, block size and MAC length.
Pull this code up into the record protection struct, which means we only
need the length checks in one place. This code will soon be used for
additional purposes.
ok inoguchi@ tb@
kettenis [Tue, 19 Jan 2021 18:07:15 +0000 (18:07 +0000)]
s/KHz/kHz/ and reduce dmesg spam a bit
ok tb@, deraadt@
kettenis [Tue, 19 Jan 2021 18:04:43 +0000 (18:04 +0000)]
s/KHZ/kHz/ and reduce dmesg spam a bit
ok tb@, deraadt@
deraadt [Tue, 19 Jan 2021 17:41:51 +0000 (17:41 +0000)]
/etc/malloc.conf path-approval in pledge is no longer needed since 6.5
moved option control into a sysctl.
reminder that we can delete this from benjamin baier
florian [Tue, 19 Jan 2021 17:38:41 +0000 (17:38 +0000)]
Get rid of inet_net_pton and inet_net_ntop.
This is not an api that seems to have caught on (especially the
AF_INET6 variant), maybe we can get rid of it entirely.
It is not difficult to hand-roll the AF_INET6 variant.
OK tb
florian [Tue, 19 Jan 2021 16:54:48 +0000 (16:54 +0000)]
Make imsg event structs static to fix -fno-common.
Follows claudio's lead in ospfd et al.
Problem reported by mortimer.
florian [Tue, 19 Jan 2021 16:54:00 +0000 (16:54 +0000)]
Move control_state and ctl_conns to control.c, it's not needed
elsewhere and unbreaks -fno-common.
Inspired by claudio
Problem reported by mortimer
florian [Tue, 19 Jan 2021 16:53:27 +0000 (16:53 +0000)]
No need for a global rad_process; unbreaks -fno-common.
Problem reported by mortimer
florian [Tue, 19 Jan 2021 16:52:40 +0000 (16:52 +0000)]
Make imsg event structs static to fix -fno-common.
Follows claudio's lead in ospfd et al.
Problem reported by mortimer.
florian [Tue, 19 Jan 2021 16:52:12 +0000 (16:52 +0000)]
Move control_state and ctl_conns to control.c, it's not needed
elsewhere and unbreaks -fno-common.
Inspired by claudio
Problem reported by mortimer
florian [Tue, 19 Jan 2021 16:51:28 +0000 (16:51 +0000)]
Prevent more yacc clashes; fixes -fno-common.
Problem reported by mortimer.
florian [Tue, 19 Jan 2021 16:50:50 +0000 (16:50 +0000)]
Reduce scope of routesock unbreaking -fno-common.
Problem reported by mortimer.
florian [Tue, 19 Jan 2021 16:50:23 +0000 (16:50 +0000)]
No need for a global uw_process; unbreaks -fno-common.
Problem reported by mortimer
florian [Tue, 19 Jan 2021 16:49:56 +0000 (16:49 +0000)]
Make imsg event structs static to fix -fno-common.
Follows claudio's lead in ospfd et al.
Problem reported by mortimer.
florian [Tue, 19 Jan 2021 16:49:10 +0000 (16:49 +0000)]
Move control_state and ctl_conns to control.c, it's not needed
elsewhere and unbreaks -fno-common.
Inspired by claudio
Problem reported by mortimer
florian [Tue, 19 Jan 2021 16:48:20 +0000 (16:48 +0000)]
No need for a global slaacd_process; unbreaks -fno-common.
Problem reported by mortimer
florian [Tue, 19 Jan 2021 16:43:44 +0000 (16:43 +0000)]
Prevent an overflow in inet_net_pton(3) when the passed in buffer is
too small in the AF_INET6 case.
Spotted by Brad House (brad AT brad-house.com) with the c-ares
regression test.
The man page says
Caution: The dst field should be zeroed before calling inet_net_pton() as
the function will only fill the number of bytes necessary to encode the
network number in network byte order.
Which seems to suggest that the function should work if the passed in
storage is big enough to hold the prefix, which might be smaller than
sizeof(in6_addr).
Input & OK tb
anton [Tue, 19 Jan 2021 16:05:59 +0000 (16:05 +0000)]
usb_init_task() wants a struct usb_task as the first argument
ok kn@ mvs@
claudio [Tue, 19 Jan 2021 16:04:46 +0000 (16:04 +0000)]
First bits of a regress test that ensures that the decision process
works.
claudio [Tue, 19 Jan 2021 16:02:56 +0000 (16:02 +0000)]
Like ospfd allocate the recv buffer with malloc() on first call.
This code assumes some alignment of the buffer which may not be
the case with bss memory.
claudio [Tue, 19 Jan 2021 16:02:22 +0000 (16:02 +0000)]
Like ospfd allocate the recv buffer with malloc() on first call.
This code assumes some alignment of the buffer which may not be
the case with bss memory.
claudio [Tue, 19 Jan 2021 16:02:06 +0000 (16:02 +0000)]
Like ospfd allocate the recv buffer with malloc() on first call.
This code assumes some alignment of the buffer which may not be
the case with bss memory.
claudio [Tue, 19 Jan 2021 16:01:39 +0000 (16:01 +0000)]
Allocate the recv buffer with malloc() on first call. This code assumes
some alignment of the buffer which may not be the case with bss memory.
claudio [Tue, 19 Jan 2021 15:59:25 +0000 (15:59 +0000)]
Adjust the disc_recv_packet() code to not use IBUF_READ_SIZE and to
use a local recv_buf that is allocated on first call with malloc().
The memory returned from malloc() is properly aligned which may not
be the case for bss or stack memory.
claudio [Tue, 19 Jan 2021 15:23:25 +0000 (15:23 +0000)]
Kill log_procnames and properly define ldpd_process.
claudio [Tue, 19 Jan 2021 15:14:35 +0000 (15:14 +0000)]
Do the same control cleanup as in other daemons. Move ctl_conns exclusivly
into control.c
mpi [Tue, 19 Jan 2021 13:21:36 +0000 (13:21 +0000)]
(re)Introduce locking for amaps & anons.
A rwlock is attached to every amap and is shared with all its anon. The
same lock will be used by multiple amaps if they have anons in common.
This should be enough to get the upper part of the fault handler out of the
KERNEL_LOCK() which seems to bring up to 20% improvements in builds.
This is based/copied/adapted from the most recent work done in NetBSD which
is an evolution of the precendent simple_lock scheme.
Tested by many, thanks!
ok kettenis@, mvs@
claudio [Tue, 19 Jan 2021 12:29:46 +0000 (12:29 +0000)]
Make struct imsgev static like in the other routing daemons. With this
dvmrpd should compile with -fno-common
kettenis [Tue, 19 Jan 2021 12:29:07 +0000 (12:29 +0000)]
Remove some unused #defines and remove some commented-out variables.
claudio [Tue, 19 Jan 2021 12:26:38 +0000 (12:26 +0000)]
Kill dvrmpd_process and log_procnames. Unneeded abstraction for this
simple daemon.
claudio [Tue, 19 Jan 2021 12:23:30 +0000 (12:23 +0000)]
Cleanup control like in the other routing daemons. Move control_state
and ctl_conns to control.c cleanup headers and the engine accordingly.
claudio [Tue, 19 Jan 2021 11:49:26 +0000 (11:49 +0000)]
Like dvrmpd there is no need for a static pkt buffer. Adjust code accordingly.
claudio [Tue, 19 Jan 2021 11:46:10 +0000 (11:46 +0000)]
Another pkt_ptr cleanup. There is actually no need to make the pkt
a static memory region. Just use the stack.
claudio [Tue, 19 Jan 2021 11:39:13 +0000 (11:39 +0000)]
Like all other log.c just exit(1) in fatal()
claudio [Tue, 19 Jan 2021 10:53:25 +0000 (10:53 +0000)]
Kill global eigrpd_process and instead pass the proc to merge_config()
and config_clear(). Also set log_procname directly and remove the
log_procnames array.
claudio [Tue, 19 Jan 2021 10:51:35 +0000 (10:51 +0000)]
Use log_procname instead of log_procnames[eigrpd_process]. It should be
the same thing.
claudio [Tue, 19 Jan 2021 10:37:25 +0000 (10:37 +0000)]
Same control cleanup that was done for ospfd and ripd. Move the
control_state and ctl_conns structs into control.c nothing else
uses these structs.
claudio [Tue, 19 Jan 2021 10:31:12 +0000 (10:31 +0000)]
Like in ospfd use a static pkt_ptr buffer
claudio [Tue, 19 Jan 2021 10:30:00 +0000 (10:30 +0000)]
Forgot one IBUF_READ_SIZE to READ_BUF_SIZE change.
claudio [Tue, 19 Jan 2021 10:28:07 +0000 (10:28 +0000)]
Do not use IBUF_READ_SIZE for the packet read buffer size. Instead
define READ_BUF_SIZE like the other daemons.
claudio [Tue, 19 Jan 2021 10:20:47 +0000 (10:20 +0000)]
Make the struct imsgev structs static and with that ripd -fno-common clean.
claudio [Tue, 19 Jan 2021 10:18:56 +0000 (10:18 +0000)]
Remove the PROC_* enums and ripd_process, they are no longer needed.
Instead assign the process name directly to log_procname which was
the last user of ripd_process.
claudio [Tue, 19 Jan 2021 10:16:44 +0000 (10:16 +0000)]
Like in all other log.c file just use exit(1) in fatal() calls.
This log.c should be further synced with the other log.c files.
claudio [Tue, 19 Jan 2021 10:09:59 +0000 (10:09 +0000)]
Move the interface demote out of if_del and into the only place where
it is needed (the if_del call in ripe.c). With this the ripd_process
check in ripe_demote_iface() can be removed.
claudio [Tue, 19 Jan 2021 10:02:22 +0000 (10:02 +0000)]
Like in ospfd make the pkt_ptr a local static buffer.
claudio [Tue, 19 Jan 2021 10:00:36 +0000 (10:00 +0000)]
Apply same cleanup to the control code as in ospfd.
Internalize control_state and ctl_conns.