jmc [Sat, 23 Jul 2016 19:31:35 +0000 (19:31 +0000)]
rework crl2pkcs7; with help from jsing
espie [Sat, 23 Jul 2016 18:09:47 +0000 (18:09 +0000)]
no quirks in FwUpdate.
okay theo
deraadt [Sat, 23 Jul 2016 17:55:45 +0000 (17:55 +0000)]
Back out the automatic pkg.conf installpath changes; because pkg_add has
an immature heuristic for "what is a release and what is a snapshot".
This change maybe improved the post-release experience, but it damages the
pre-release experience, which may result in less effective pre-release
testing, which risks creating poor releases, which may result in poor
post-release experiences.
Specific case: subtle breakage to fw_update.
jsg [Sat, 23 Jul 2016 16:22:17 +0000 (16:22 +0000)]
Some armv7 machines are shipped with linux images that run USB OTG ports
in client mode and provide serial access to a getty and networking.
Make it clear that a real serial console that can interact with the
firmware is required.
Suggested by and wording tweaks from ian@
stsp [Sat, 23 Jul 2016 15:53:19 +0000 (15:53 +0000)]
Back out the dhclient BPF change. There are DHCP servers out there which
send frames to the ethernet broadcast address, so this will need some more
thought and it's too late for 6.0.
Problem reported by Holger Mikolon.
ok mpi@
patrick [Sat, 23 Jul 2016 15:02:08 +0000 (15:02 +0000)]
Previously the uarts attached in order, so that the first attached uart
is always the serial console. With device tree enumeration, this order
is not given anymore. The serial console might now attach with a
different minor and has to be updated, otherwise there will be no
further output on the serial. Thus, re-create the i.MX6 console with
the correct minor number on attach.
ok jsg@, kettenis@
tedu [Sat, 23 Jul 2016 14:52:39 +0000 (14:52 +0000)]
do the pool debug release dance. ok deraadt
kettenis [Sat, 23 Jul 2016 14:39:10 +0000 (14:39 +0000)]
The linux kernel treated the "phy-reset-gpio" as active-low regardless of what
the device tree says. As a result many device trees encode it as active-high
when active-low is needed. For now just override the device tree.
ok jsg@, patrick@
krw [Sat, 23 Jul 2016 09:12:33 +0000 (09:12 +0000)]
At n2k16 David Vasek pointed out that FFS partitions on 4K disks are
created with far fewer inodes than DEV_BSIZE devices.
Scale the default 'density' value by (sector size)/DEV_BSIZE to
create the same number of inodes. Obviously a NO-OP on DEV_BSIZE
devices.
Thanks David!
ok deraadt@
bluhm [Sat, 23 Jul 2016 08:57:18 +0000 (08:57 +0000)]
Before terminal characteristics are displayed, stty(1) activates
pledge(2). Then the values cannot be modified anymore. Let stty
error out if the display and modify mode are combined on the command
line to avoid a pledge violation later on.
OK deraadt@
mlarkin [Sat, 23 Jul 2016 07:25:29 +0000 (07:25 +0000)]
Fix a few CPUID emulation issues:
Don't advertise a hyperthreaded CPU. This doesn't make a lot of sense now
as we only provide UP guest support. This, combined with the other CPUID
issues fixed, fooled NetBSD's topology enumeration code into thinking we
had an unsupportable core/thread/package configuration.
Also fixed the unsupported CPUID functions by returning 0 in the return
registers instead of leaving whatever trash happened to be there before
the call was made.
mlarkin [Sat, 23 Jul 2016 07:17:21 +0000 (07:17 +0000)]
Dump vcpu state on unknown exit type, and add a diagnostic message
(including vcpu state dump) on failure to enter due to an incorrect
guest state.
Added as a debug facility when diagnosing interruptibility state
problems seen while testing NetBSD guest VMs.
mlarkin [Sat, 23 Jul 2016 07:00:39 +0000 (07:00 +0000)]
Ensure some undesirable entry controls are cleared, instead of relying
on the default settings.
Noticed when booting a NetBSD guest VM.
djm [Sat, 23 Jul 2016 02:54:08 +0000 (02:54 +0000)]
fix pledge violation with ssh -f; reported by Valentin Kozamernik
ok dtucker@
jmc [Sat, 23 Jul 2016 00:10:15 +0000 (00:10 +0000)]
hint at the default for XSRCDIR; from tim kuijsten
allows us to zap some verbiage from the beginning...
ok deraadt
jsg [Fri, 22 Jul 2016 13:40:39 +0000 (13:40 +0000)]
Attach imx(4) on i.mx6 quad plus which appears to be largely compatible
with i.mx6 quad but with more memory bandwidth and some graphics tweaks.
ok kettenis@
krw [Fri, 22 Jul 2016 13:23:38 +0000 (13:23 +0000)]
Actually DECLINE and delete unused offers. Don't just say so in a comment.
In situations where >1 offer is received this will eliminate unbounded memory
growth and make us a more polite netizen. In some corner cases it might
prevent reuse of inappropriate older offers.
ok millert@
jsg [Fri, 22 Jul 2016 13:20:30 +0000 (13:20 +0000)]
Fallback to the known fec irq number on imx.6 if the fdt
interrupts-extended property is missing or not the size we expect.
Some dtbs implement a workaround for "ERR006687 ENET: Only the ENET
wake-up interrupt request can wake the system from Wait mode" suggested
by the IMX6DQCE errata document to set an undocumented gpio mux mode and
handle the interrupt via gpio.
We don't support gpio interrupts yet, hopefully this change is enough
to make interrupts work on wandboard and sabre lite again till we do.
Discussed with kettenis and patrick, tested on sabre lite by patrick.
kettenis [Fri, 22 Jul 2016 13:11:01 +0000 (13:11 +0000)]
Set the vfs_systcl member of the vsfops struct to eopnotsupp. While we check
for a null pointer now, all other filesystems fill in the complete table.
ok deraadt@, tom@
eric [Fri, 22 Jul 2016 12:12:29 +0000 (12:12 +0000)]
Create a smtp transaction context on a session only for the duration of
that transaction.
ok gilles@
mpi [Fri, 22 Jul 2016 11:14:41 +0000 (11:14 +0000)]
Revert in_selectsrc() refactoring, it breaks IPv6.
Reported by Heiko on bugs@.
ok stsp@, claudio@
mpi [Fri, 22 Jul 2016 11:03:30 +0000 (11:03 +0000)]
Check for errors when deleting routes inside rtable_walk() and abort
the walk if a route cannot be deleted.
Prevent an infinite recursion reported by Dimitris Papastamos.
ok claudio@
kettenis [Fri, 22 Jul 2016 09:54:09 +0000 (09:54 +0000)]
Prevent NULL-pointer call for filesystems that don't provide vfs_sysctl
in their vfsops.
Issue reported by Tim Newsham.
ok claudio@, natano@
benno [Fri, 22 Jul 2016 09:32:26 +0000 (09:32 +0000)]
add a regression test
reyk [Fri, 22 Jul 2016 09:31:33 +0000 (09:31 +0000)]
"wpath" is needed in the parent pledge when using the /dev/switch0 device.
benno [Fri, 22 Jul 2016 09:30:36 +0000 (09:30 +0000)]
fix some cases where we relay_abort_http() the connection too soon.
instead, pass a more specific error back and handle the errors in
relay_test() instead.
reported by Arto Jonsson and Hiltjo Posthuma, thanks!
ok bluhm@ reyk@
reyk [Fri, 22 Jul 2016 09:28:59 +0000 (09:28 +0000)]
Fix generated Perl headers.
With input from bluhm@
mpi [Fri, 22 Jul 2016 07:39:06 +0000 (07:39 +0000)]
Fix a double rtfree(9) triggered when IPSEC inserts a more specific
route because of PMTU.
otto@ reported the issue and helped me tracking it down during more
than one month, he is the man!
mikeb@ figured out the bug was in the forwarding path.
ok mikeb@, deraadt@, claudio@
djm [Fri, 22 Jul 2016 07:00:46 +0000 (07:00 +0000)]
improve wording; suggested by jmc@
dtucker [Fri, 22 Jul 2016 05:46:11 +0000 (05:46 +0000)]
Lower loglevel for "Authenticated with partial success" message similar to
other similar level. bz#2599, patch from cgallek at gmail.com, ok markus@
djm [Fri, 22 Jul 2016 03:47:36 +0000 (03:47 +0000)]
constify a few functions' arguments; patch from Jakub Jelen bz#2581
djm [Fri, 22 Jul 2016 03:39:13 +0000 (03:39 +0000)]
move debug("%p", key) to before key is free'd; probable undefined
behaviour on strict compilers; reported by Jakub Jelen bz#2581
djm [Fri, 22 Jul 2016 03:35:11 +0000 (03:35 +0000)]
reverse the order in which -J/JumpHost proxies are visited to be
more intuitive and document
reported by and manpage bits naddy@
jmc [Thu, 21 Jul 2016 18:40:26 +0000 (18:40 +0000)]
rework DESCRIPTION a little: no-command seems clearer than no-XXX;
jmc [Thu, 21 Jul 2016 18:33:27 +0000 (18:33 +0000)]
rename NOTES to COMMON SYNTAX (explains itself better); rework the
passphrase section a little; move the DER|PEM stuff in there to help
avoid text repetition, and prefer the lowercase (less keys to press);
adjust ENVIRONMENT to format a little more nicely;
jmc [Thu, 21 Jul 2016 16:34:08 +0000 (16:34 +0000)]
strip back openssl crl somewhat: remove the examples
and move any relevant text into the main body;
reyk [Thu, 21 Jul 2016 14:25:36 +0000 (14:25 +0000)]
Add basic support for OpenFlow 1.3 PACKET_IN+PACKET_OUT,
no FLOW_MOD yet.
jmc [Thu, 21 Jul 2016 10:42:49 +0000 (10:42 +0000)]
zap trailing whitespace;
mikeb [Thu, 21 Jul 2016 10:21:00 +0000 (10:21 +0000)]
Remove a few debugging leftovers
claudio [Thu, 21 Jul 2016 10:13:58 +0000 (10:13 +0000)]
Remove a fatal() in peer_up when the local addrs of a peer can't be figured out.
Instead bring the session down and wait for admin help.
OK henning@, benno@, phessler@
claudio [Thu, 21 Jul 2016 10:11:11 +0000 (10:11 +0000)]
Add AF_UNIX support to tcpbench and also make it possible to randomize the
write size in the client. pledge setup can be made tighter but that will be
done in a second step.
OK benno@, henning@, markus@ and some man page input by jmc@
krw [Thu, 21 Jul 2016 09:58:55 +0000 (09:58 +0000)]
Use explicit idiom when testing the result of strcmp() and strncmp().
i.e. == 0 and != 0 as appropriate. No intentional functional change.
Suggested by & ok tom@
reyk [Thu, 21 Jul 2016 08:40:14 +0000 (08:40 +0000)]
long to uint32_t port
reyk [Thu, 21 Jul 2016 08:39:23 +0000 (08:39 +0000)]
With uint32_t ports, we cannot sneak the port into an int anymore
stsp [Thu, 21 Jul 2016 08:38:33 +0000 (08:38 +0000)]
Make rtwn(4) and urtwn(4) respect the RTS threshold set by net80211.
ok mpi@
reyk [Thu, 21 Jul 2016 07:58:44 +0000 (07:58 +0000)]
Turn ofp*_debug functions into ofp*_validate functions to follow a
similar approach like iked: first validate the packet, then parse it,
and execute actions. debug logging is a side effect of validation.
deraadt [Thu, 21 Jul 2016 07:22:38 +0000 (07:22 +0000)]
2004 privsep caused "tcpdump -r" to became a priviledged operation because
we felt chroot-containment was also necessary for off-line analysis. Today
use of pledge "stdio" for the packet parser acts as an even better sandbox.
We can therefore silently ignore chroot setup failure, and regain tcpdump -r
support.
Result of a discussion with tedu -- which probably happened because we
became aware of the laughable retarded -Z option in upstream tcpdump.
ok tedu sthen guenther stsp
jsg [Thu, 21 Jul 2016 02:32:23 +0000 (02:32 +0000)]
set and clear the 10baseT bit in statchg
ok patrick@
dtucker [Thu, 21 Jul 2016 01:39:35 +0000 (01:39 +0000)]
Skip passwords longer than 1k in length so clients can't easily DoS sshd
by sending very long passwords, causing it to spend CPU hashing them.
feedback djm@, ok markus@.
Brought to our attention by tomas.kuthan at oracle.com, shilei-c at
360.cn and coredump at autistici.org
reyk [Wed, 20 Jul 2016 21:06:09 +0000 (21:06 +0000)]
fix typos in comments
reyk [Wed, 20 Jul 2016 21:04:44 +0000 (21:04 +0000)]
pledge switchctl
reyk [Wed, 20 Jul 2016 21:01:06 +0000 (21:01 +0000)]
pledge(2) all the switchd processes.
krw [Wed, 20 Jul 2016 20:45:13 +0000 (20:45 +0000)]
Plug potential leak of device list.
Problem found by Michael McConville.
Tested & ok stsp@
benno [Wed, 20 Jul 2016 20:39:49 +0000 (20:39 +0000)]
s/sudo/doas/
reyk [Wed, 20 Jul 2016 20:07:02 +0000 (20:07 +0000)]
Handle ports as uint32_t instead of in_port_t: OpenFlow 1.0 used 16bit
ports, but later versions switched to 32bit ports (for the case that a
virtual switch has more than 65535 switch ports, of course).
reyk [Wed, 20 Jul 2016 19:57:54 +0000 (19:57 +0000)]
Parse and print OpenFlow 1.3 PACKET_IN and OXM (Openflow eXtended Match) -
no action yet.
bluhm [Wed, 20 Jul 2016 19:57:53 +0000 (19:57 +0000)]
To tune the TCP SYN cache we need more information. Print the
relevant counters with netstat -s -p tcp.
OK henning@
krw [Wed, 20 Jul 2016 19:56:24 +0000 (19:56 +0000)]
Use more compact idiom to select architecture dependent files to compile. No
intentional functional change.
Diff from Miod.
ok millert@ deraadt@
deraadt [Wed, 20 Jul 2016 19:40:04 +0000 (19:40 +0000)]
Shrink priv_write_file() API so that it does less, and the callers ask
it to do less. Discussion with guenther.
ok krw
deraadt [Wed, 20 Jul 2016 19:25:39 +0000 (19:25 +0000)]
As a general rule, fchown before fchmod is a safer order (because many
systems throw away bits upon chown). Not in this case, but code gets
copied..
ok krw
vgross [Wed, 20 Jul 2016 18:51:50 +0000 (18:51 +0000)]
Split in6_selectsrc() into a low-level part and a pcb-level part, and
convert in_selectsrc() prototype to match.
Ok bluhm@ mpi@.
stsp [Wed, 20 Jul 2016 18:24:38 +0000 (18:24 +0000)]
Disable the beacon filter in iwm(4). This allows beacons to pass through to
the stack while associated, which in turn makes it possible to keep track of
HT protection changes.
ok mpi@
stsp [Wed, 20 Jul 2016 16:24:37 +0000 (16:24 +0000)]
Make the iwn(4) LED flash 10 times slower in monitor mode.
Makes running monitor mode over extended periods of time much less annoying.
ok benno@
stsp [Wed, 20 Jul 2016 15:40:27 +0000 (15:40 +0000)]
In net80211, enable RTS for frames above a particular size (currently 512
bytes). This is what other OS have been doing for years. In our stack this
feature was present but disabled at compile-time by an #ifdef.
This is a low risk change because drivers were already required to use RTS
whenever the AP set the USE_PROTECTION flag in ERP elements of its beacons.
This change allows for reasonable throughput on loaded 11g networks
whereas before they were practically unusable.
tests and ok phessler@
jmc [Wed, 20 Jul 2016 14:42:03 +0000 (14:42 +0000)]
strip back openssl ciphers:
- rearrange the descriptions of -V and -v to read more logically
- move the cipherlist text into the cipherlist description
- zap examples
reyk [Wed, 20 Jul 2016 14:15:08 +0000 (14:15 +0000)]
Update OpenFlow 1.3 stub based on the 1.0 code.
reyk [Wed, 20 Jul 2016 14:04:51 +0000 (14:04 +0000)]
Fix dependencies of generated map files.
schwarze [Wed, 20 Jul 2016 13:02:44 +0000 (13:02 +0000)]
tag_signal() is dead; from LLVM via Christos Zoulas
reyk [Wed, 20 Jul 2016 12:31:00 +0000 (12:31 +0000)]
When parsing the configuration. initialize the auth structure
correctly, as parse.y's $$ is not zero-initialized.
Found by Rene Ammerlaan
OK markus@ florian@
jsg [Wed, 20 Jul 2016 11:43:31 +0000 (11:43 +0000)]
Add a -n flag to check the configuration and exit. Matches what almost
all the other daemons do.
ok reyk@
naddy [Wed, 20 Jul 2016 10:45:27 +0000 (10:45 +0000)]
Do not clobber the global jump_host variables when parsing an inactive
configuration. ok djm@
stsp [Wed, 20 Jul 2016 10:26:42 +0000 (10:26 +0000)]
Bring iwn_update_htprot() back, so iwn(4) will properly keep track
of HT protection changes while associated.
HT protection affects behaviour on Tx but is configured along with Rx settings
(because Intel likes it that way). And our previous iwn_update_htprot()
implementation had a bug where it would accidentally clear bits which enable
CCK rates for Rx. The Intel Wireless-N 2200 chip accordingly stopped receiving
some frames (most notably broadcast frames) and the link broke down.
Also, restore the power-saving level after updating the Rx config (like
Linux does), and add some DELAYs for good measure to ensure the firmware
has time to process asynchronous commands we send.
tested by myself and mlarkin@
ok mlarkin@
stsp [Wed, 20 Jul 2016 10:24:43 +0000 (10:24 +0000)]
Unbreak ural(4), which had been dropping frames on Tx while
the IFF_RUNNING flag was set since last November (r1.138).
Apparently nobody is using this driver, except for martijn@.
Fix tested by martijn@ and myself.
ok dlg@
mpi [Wed, 20 Jul 2016 09:48:06 +0000 (09:48 +0000)]
ATI controllers seem to need the same workaround as VIA controllers.
This should hopefully help people reporting errors with SB700.
From FreeBSD, ok kettenis@, krw@
bluhm [Wed, 20 Jul 2016 09:15:28 +0000 (09:15 +0000)]
Make the size for the syn cache hash array tunable. As we are
swapping between two syn caches for random reseeding anyway, this
feature can be added easily. When the cache is empty, there is an
opportunity to change the hash size. This allows an admin under
SYN flood attack to defend his machine.
Suggested by claudio@; OK jung@ claudio@ jmc@
yasuoka [Wed, 20 Jul 2016 07:21:24 +0000 (07:21 +0000)]
Fix typo
from Atzm Watanabe
bluhm [Tue, 19 Jul 2016 21:28:43 +0000 (21:28 +0000)]
Plug an mbuf leak in the error path of tcp signature in tcp_output().
OK claudio@ henning@
jmc [Tue, 19 Jul 2016 20:02:47 +0000 (20:02 +0000)]
strip back openssl ca: in particular remove some excessively wordy sections,
move some other sections into more relevant places, and remove the example
ca file;
reyk [Tue, 19 Jul 2016 18:14:08 +0000 (18:14 +0000)]
The -DNAME=switch flag is an artifact from the PoC when I couldn't
decide on a name. Remove it and fix the name to switchd now.
reyk [Tue, 19 Jul 2016 18:11:08 +0000 (18:11 +0000)]
Correctly use ssize_t instead of size_t for read/write return values.
Pointed out by David Hill and clang.
reyk [Tue, 19 Jul 2016 18:09:39 +0000 (18:09 +0000)]
Remove unused variable
reyk [Tue, 19 Jul 2016 18:04:04 +0000 (18:04 +0000)]
A bit of cleanup and style changes. ofcconn needs more work.
reyk [Tue, 19 Jul 2016 17:34:13 +0000 (17:34 +0000)]
L2 tun is tap now
reyk [Tue, 19 Jul 2016 17:31:22 +0000 (17:31 +0000)]
Don't use .p_shutdown in the proc struct
reyk [Tue, 19 Jul 2016 17:30:30 +0000 (17:30 +0000)]
Comment out device/switch(4) for now
krw [Tue, 19 Jul 2016 17:23:20 +0000 (17:23 +0000)]
Narrow the BPF read filter rules so only packets sent to the
interface's LLADDR pass. Rely on dhclient's existing ability to
detect and react to LLADDR changes.
This limits the number of packets that get dropped as a result of
dhclient setting BIOCSFILDROP on the bpf descriptor.
Problem with bridges and multiple dhclients noted by stsp@.
ok mpi@ stsp@ deraadt@ henning@
reyk [Tue, 19 Jul 2016 17:19:58 +0000 (17:19 +0000)]
Add two more tests that use traffic that was captured with tcpdump.
These files serve as an example, no more .pcap files should be added here
(especially not large ones).
reyk [Tue, 19 Jul 2016 17:04:19 +0000 (17:04 +0000)]
Add simple OpenFlow tests for switchd.
reyk [Tue, 19 Jul 2016 16:54:26 +0000 (16:54 +0000)]
Import switchd(8), a basic WIP OpenFlow implementation for OpenBSD.
switchd consists of two parts:
1. switchd(8) and switchctl(8), an OpenFlow controller or "vswitch".
2. switch(4), an OpenFlow-aware kernel "bridge".
This the 1st part, the driver will be imported later. The code will
remain disabled for a while, but it helps development to have it in
the tree. switchd currently supports partial OpenFlow 1.0, but the
goal is to use OpenFlow 1.3.5 instead (switch(4) already does 1.3.5).
For more background information see:
http://www.openbsd.org/papers/bsdcan2016-switchd.pdf
https://youtu.be/Cuo0qT-lqig
With help from yasuoka@ goda@
Import discussed with deraadt@
schwarze [Tue, 19 Jul 2016 16:22:34 +0000 (16:22 +0000)]
Since the mdoc/man parser unification, the parser is always allocated
in mparse_alloc(), so delete all the curp->man == NULL checks.
Triggered by a patch from Christos Zoulas suggesting to add
yet another such check.
mpi [Tue, 19 Jul 2016 16:08:46 +0000 (16:08 +0000)]
Fix the check supposed to prevent 'ip' and 'ip-stealth' balancing modes
from leaking the multicast address.
beck@ found the hard way that this made his second CARP master use a
wrong MAC address.
This is part of a bigger diff from Florian Riehm who is currently
working on a proper solution to fix balancing modes.
ok beck@, bluhm@
phessler [Tue, 19 Jul 2016 15:57:13 +0000 (15:57 +0000)]
protect a pf specific function with the correct #if. Fixes ramdisk building.
(we got lucky before, because the variable that used to be checked was
always available)
OK bluhm@
mpi [Tue, 19 Jul 2016 14:49:46 +0000 (14:49 +0000)]
NULLify a route pointer after calling rtfree(9).
This should theoretically be a no-op because we're freeing the PCB
right after, but it helps us debug a reference count problem found
by otto@.
ok mikeb@
henning [Tue, 19 Jul 2016 13:34:12 +0000 (13:34 +0000)]
style: no spaces after # for define/include, ok phessler benno
henning [Tue, 19 Jul 2016 13:30:51 +0000 (13:30 +0000)]
don't hide globals between function prototypes; ok phessler benno
schwarze [Tue, 19 Jul 2016 13:30:16 +0000 (13:30 +0000)]
Use __attribute__((__format__ throughout.
Triggered by a smaller patch from Christos Zoulas.
jmc [Tue, 19 Jul 2016 12:59:16 +0000 (12:59 +0000)]
tweak previous;
henning [Tue, 19 Jul 2016 12:51:19 +0000 (12:51 +0000)]
remove wrong and misleading comment, ok phessler
dtucker [Tue, 19 Jul 2016 11:38:53 +0000 (11:38 +0000)]
Allow wildcard for PermitOpen hosts as well as ports. bz#2582, patch from
openssh at mzpqnxow.com and jjelen at redhat.com. ok markus@
mpi [Tue, 19 Jul 2016 10:52:56 +0000 (10:52 +0000)]
Adapt test to the srp_swap() area.