openbsd
2 years agoCall x a cert for readability.
tb [Wed, 5 Jan 2022 17:43:04 +0000 (17:43 +0000)]
Call x a cert for readability.

2 years agoNow that i is free, rename j to i for use as loop variable in
tb [Wed, 5 Jan 2022 17:41:41 +0000 (17:41 +0000)]
Now that i is free, rename j to i for use as loop variable in
various loops in addr_validate_path_internal().

2 years agoadjust Xr for fw_update to section 8;
jmc [Wed, 5 Jan 2022 17:39:24 +0000 (17:39 +0000)]
adjust Xr for fw_update to section 8;
ok afresh sthen deraadt

2 years agoIn addr_validate_path_internal() rename i to depth because that's
tb [Wed, 5 Jan 2022 17:38:14 +0000 (17:38 +0000)]
In addr_validate_path_internal() rename i to depth because that's
what it is.

2 years agoTurn the validation_err() macro into a function
tb [Wed, 5 Jan 2022 17:36:32 +0000 (17:36 +0000)]
Turn the validation_err() macro into a function

validation_err() is an ugly macro with side effects and a goto in it.
At the cost of a few lines of code we can turn this into a function
where the side effects are explicit and ret is now explicitly set in
the main body of addr_validate_path_internal().

We get to a point where it is halfway possible to reason about the
convoluted control flow in this function.

ok inoguchi jsing

2 years agoMove variable declarations in X509v3_addr_canonize() to the top of
tb [Wed, 5 Jan 2022 17:27:40 +0000 (17:27 +0000)]
Move variable declarations in X509v3_addr_canonize() to the top of
the function and unindent some code.

ok inoguchi jsing

2 years agoRevise for tls13_key_share rename.
jsing [Wed, 5 Jan 2022 17:10:59 +0000 (17:10 +0000)]
Revise for tls13_key_share rename.

2 years agoRename tls13_key_share to tls_key_share.
jsing [Wed, 5 Jan 2022 17:10:02 +0000 (17:10 +0000)]
Rename tls13_key_share to tls_key_share.

In preparation to use the key share code in both the TLSv1.3 and legacy
stacks, rename tls13_key_share to tls_key_share, moving it into the shared
handshake struct. Further changes will then allow the legacy stack to make
use of the same code for ephemeral key exchange.

ok inoguchi@ tb@

2 years agoRemove unused function arguments in iwm/iwx interrupt handlers.
stsp [Wed, 5 Jan 2022 17:06:20 +0000 (17:06 +0000)]
Remove unused function arguments in iwm/iwx interrupt handlers.

pointed out by + ok millert@

2 years agoSwitch snmpd(8) to using EVP_Digest{Init,Final}_ex() and drop a no
tb [Wed, 5 Jan 2022 17:01:06 +0000 (17:01 +0000)]
Switch snmpd(8) to using EVP_Digest{Init,Final}_ex() and drop a no
longer needed EVP_MD_CTX_reset().

ok martijn

2 years agosync
deraadt [Wed, 5 Jan 2022 16:46:55 +0000 (16:46 +0000)]
sync

2 years agoCompensate for i386 pcitag_t union
deraadt [Wed, 5 Jan 2022 16:46:11 +0000 (16:46 +0000)]
Compensate for i386 pcitag_t union
ok jsg kettenis

2 years agoAdd error checking for EVP_Digest* to snmpd(8).
tb [Wed, 5 Jan 2022 16:41:42 +0000 (16:41 +0000)]
Add error checking for EVP_Digest* to snmpd(8).

ok martijn

2 years agoAdd error checking for EVP_Digest*() to snmp(1).
tb [Wed, 5 Jan 2022 16:41:07 +0000 (16:41 +0000)]
Add error checking for EVP_Digest*() to snmp(1).

ok martijn

2 years agoUse new shell-based fw_update(8)
deraadt [Wed, 5 Jan 2022 16:35:33 +0000 (16:35 +0000)]
Use new shell-based fw_update(8)
with afresh1

2 years agoIn iwx(4), fix wrong pointer assignment in iwx_bar_frame_release().
stsp [Wed, 5 Jan 2022 16:33:42 +0000 (16:33 +0000)]
In iwx(4), fix wrong pointer assignment in iwx_bar_frame_release().

This bug caused the driver to read block ack request information sent
by firmware from the wrong offset. The driver flushes buffered frames
and moves its Rx block ack window based on this information. Possible
consequences of this bug are packet loss or even stalled traffic if
the Rx BA window gets out of sync between driver and firmware. Though
this effect might get cancelled out when the driver re-syncs the BA
window in its regular Rx code path.

Spotted by Christian Ehrhardt.

2 years agoCommit the correct version of fw_update
afresh1 [Wed, 5 Jan 2022 16:32:46 +0000 (16:32 +0000)]
Commit the correct version of fw_update

Sigh.

2 years agoAdd the shell based fw_update and updated man page
afresh1 [Wed, 5 Jan 2022 16:28:19 +0000 (16:28 +0000)]
Add the shell based fw_update and updated man page

This allows installing firmware from the installer without having
to wait to boot into a live system.

commit deraadt@

2 years agoWe are moving back to a shell-script based fw_update, written in such a
deraadt [Wed, 5 Jan 2022 16:24:29 +0000 (16:24 +0000)]
We are moving back to a shell-script based fw_update, written in such a
way that the install script can also run it. This allows earlier retrieval
of downloaded firmwares, based upon patterns found in dmesg.
many iterations of this in snaps for about a month.

2 years agoformatting nit, noticed by jmc@, thx!
espie [Wed, 5 Jan 2022 14:50:03 +0000 (14:50 +0000)]
formatting nit, noticed by jmc@, thx!

2 years agoWrap long lines and add some braces
inoguchi [Wed, 5 Jan 2022 13:41:12 +0000 (13:41 +0000)]
Wrap long lines and add some braces

2 years agoUse LC_CTYPE instead of LC_ALL.
martijn [Wed, 5 Jan 2022 13:27:04 +0000 (13:27 +0000)]
Use LC_CTYPE instead of LC_ALL.
Makes regress pass when LC_CTYPE is set.

Found by and OK tb@

2 years agoCheck function return value
inoguchi [Wed, 5 Jan 2022 12:51:49 +0000 (12:51 +0000)]
Check function return value

2 years agoChecking pointer variable with NULL
inoguchi [Wed, 5 Jan 2022 11:38:19 +0000 (11:38 +0000)]
Checking pointer variable with NULL

2 years agoSwitch proc_parser_root_cert() to not pass the entity but instead the
claudio [Wed, 5 Jan 2022 11:07:35 +0000 (11:07 +0000)]
Switch proc_parser_root_cert() to not pass the entity but instead the
file, pkey and tal id. This is the last proc_parser function that needed
to be converted.
OK job@

2 years agodhcpd: straightforward conversion to HMAC_CTX on the heap, similar
tb [Wed, 5 Jan 2022 11:01:59 +0000 (11:01 +0000)]
dhcpd: straightforward conversion to HMAC_CTX on the heap, similar
to what was done in spamd a while back.

ok florian

2 years agosnmpd: Straightforward conversion to EVP_* on the heap.
tb [Wed, 5 Jan 2022 11:00:49 +0000 (11:00 +0000)]
snmpd: Straightforward conversion to EVP_* on the heap.
It would be nice if someone added error checking for the EVP_Digest*
calls.

tested by & ok martijn

2 years agoStraightforward conversion to EVP_* on the heap.
tb [Wed, 5 Jan 2022 10:59:21 +0000 (10:59 +0000)]
Straightforward conversion to EVP_* on the heap.

ok martijn

2 years agoUse calloc instead of malloc
inoguchi [Wed, 5 Jan 2022 10:33:36 +0000 (10:33 +0000)]
Use calloc instead of malloc

suggested by tb@

2 years agoCheck NULL first and unindent the rest of the code
inoguchi [Wed, 5 Jan 2022 10:29:08 +0000 (10:29 +0000)]
Check NULL first and unindent the rest of the code

suggested by tb@

2 years agoConvert openssl(1) cms option handling
inoguchi [Wed, 5 Jan 2022 10:01:39 +0000 (10:01 +0000)]
Convert openssl(1) cms option handling

Just applying new option handling and no functional changes.
Referred to verify.c and using 'verify_shared_options'.

ok and comments from jsing@ and tb@

2 years agoProvide regress for SSL public APIs.
jsing [Wed, 5 Jan 2022 09:59:39 +0000 (09:59 +0000)]
Provide regress for SSL public APIs.

This will largely test curly and inconsistent APIs that are not covered by
other regress tests. Currently, this tests the wonder that is
SSL_get_peer_cert_chain().

2 years agodocument -m
espie [Wed, 5 Jan 2022 09:19:15 +0000 (09:19 +0000)]
document -m

2 years agoselect all RSA hostkey algorithms for UpdateHostkeys tests, not just
djm [Wed, 5 Jan 2022 08:25:05 +0000 (08:25 +0000)]
select all RSA hostkey algorithms for UpdateHostkeys tests, not just
RSA-SHA1

2 years agoRemove bandaid to work around expected range_should_be_prefix() problem.
tb [Wed, 5 Jan 2022 07:50:40 +0000 (07:50 +0000)]
Remove bandaid to work around expected range_should_be_prefix() problem.

2 years agoRemove a bogus memcmp in range_should_be_prefix()
tb [Wed, 5 Jan 2022 07:47:15 +0000 (07:47 +0000)]
Remove a bogus memcmp in range_should_be_prefix()

range_should_be_prefix() currently always fails. The reason for this
is that OpenSSL commit 42d7d7dd incorrectly moved a memcmp() out of
an assertion.  As a consequence, the library emits and accepts
incorrectly encoded ipAddrBlock extensions since it will never detect
ranges that MUST be encoded as a prefix according to RFC 3779, 2.2.3.7.

The return -1 from this memcmp() indicates to the callers that the
range should be expressed as a range, so callers must check beforehand
that min <= max to be able to fail. Thus, remove this memcmp() and
add a check to make_addressRange(), the only caller that didn't already
ensure that min <= max.

This fixes the noisy output in regress/lib/libcrypto/x509/rfc3779.

ok inoguchi jsing

2 years agoPolish X509v3_addr_subset() a bit
tb [Wed, 5 Jan 2022 07:37:01 +0000 (07:37 +0000)]
Polish X509v3_addr_subset() a bit

Use child and parent instead of a and b. Split unrelated checks. Use
accessors and assign to local variables to avoid ugly line wrapping.
Declare vriables up front instead of mixing declarations with
assignments from function returns.

ok inoguchi jsing

2 years agoReadability tweaks in addr_contains()
tb [Wed, 5 Jan 2022 07:29:47 +0000 (07:29 +0000)]
Readability tweaks in addr_contains()

Assign to local variables to avoid ugly line wrapping.

ok inoguchi jsing

2 years agoFix a bug in addr_contains() introduced in OpenSSL commit be71c372
tb [Wed, 5 Jan 2022 07:28:41 +0000 (07:28 +0000)]
Fix a bug in addr_contains() introduced in OpenSSL commit be71c372
by returning 0 instead of -1 on extract_min_max() failure. Callers
would interpret -1 as success of addr_contains().

ok inoguchi jsing

2 years agoadd a basic printer for EAPOL packets.
dlg [Wed, 5 Jan 2022 05:53:03 +0000 (05:53 +0000)]
add a basic printer for EAPOL packets.

EAPOL turns out to be a little container for a bunch of other types
of packets, including EAP for use with vanilla 802.1X, a kind of
capability announcement thing, and MACsec Key Agreement.

it's not worth adding a separately file for such a small chunk of
functionality, and it seems specific to ethernet. parsers/printers
for the sub protocols can come later if needed.

ok deraadt@ visa@

2 years agoethertypes.h has now added the missing ethertypes we're looking at here.
dlg [Wed, 5 Jan 2022 05:47:53 +0000 (05:47 +0000)]
ethertypes.h has now added the missing ethertypes we're looking at here.

2 years agofix some more -Wunused-but-set-variable
dlg [Wed, 5 Jan 2022 05:46:18 +0000 (05:46 +0000)]
fix some more -Wunused-but-set-variable

2 years agofix another -Wunused-but-set-variable
dlg [Wed, 5 Jan 2022 05:41:25 +0000 (05:41 +0000)]
fix another -Wunused-but-set-variable

2 years agomore -Wunused-but-set-variable fixes
dlg [Wed, 5 Jan 2022 05:37:37 +0000 (05:37 +0000)]
more -Wunused-but-set-variable fixes

2 years agoclean up another -Wunused-but-set-variable thing
dlg [Wed, 5 Jan 2022 05:36:37 +0000 (05:36 +0000)]
clean up another -Wunused-but-set-variable thing

2 years agoclean up some -Wunused-but-set-variable.
dlg [Wed, 5 Jan 2022 05:35:19 +0000 (05:35 +0000)]
clean up some -Wunused-but-set-variable.

this file had it's own verison of TCHECK, but also not. not the best.

2 years agofix some -Wunused-but-set-variable stuff.
dlg [Wed, 5 Jan 2022 05:33:14 +0000 (05:33 +0000)]
fix some -Wunused-but-set-variable stuff.

2 years agosilence a -Wunused-but-set-variable
dlg [Wed, 5 Jan 2022 05:29:54 +0000 (05:29 +0000)]
silence a -Wunused-but-set-variable

2 years agoadd NSH and NHRP ethertypes, mostly for tcpdump stuff.
dlg [Wed, 5 Jan 2022 05:19:22 +0000 (05:19 +0000)]
add NSH and NHRP ethertypes, mostly for tcpdump stuff.

ok deraadt@

2 years agorename ETHERTYPE_PAE to ETHERTYPE_EAPOL.
dlg [Wed, 5 Jan 2022 05:18:24 +0000 (05:18 +0000)]
rename ETHERTYPE_PAE to ETHERTYPE_EAPOL.

everyone else seems to use ETHERTYPE_EAPOL, and as a bonus it also
appears to be more correct.

ok deraadt@ stsp@

2 years agoregress test both sshsig message hash algorithms, possible now because
djm [Wed, 5 Jan 2022 04:56:15 +0000 (04:56 +0000)]
regress test both sshsig message hash algorithms, possible now because
the algorithm is controllable via the CLI

2 years agoallow selection of hash at sshsig signing time; code already supported
djm [Wed, 5 Jan 2022 04:50:11 +0000 (04:50 +0000)]
allow selection of hash at sshsig signing time; code already supported
either sha512 (default) or sha256, but plumbing wasn't there
mostly by Linus Nordberg

2 years agoadd missing -O option to usage() for ssh-keygen -Y sign;
djm [Wed, 5 Jan 2022 04:27:54 +0000 (04:27 +0000)]
add missing -O option to usage() for ssh-keygen -Y sign;
from Linus Nordberg

2 years agomove sig_process_opts() to before sig_sign(); no functional code change
djm [Wed, 5 Jan 2022 04:27:01 +0000 (04:27 +0000)]
move sig_process_opts() to before sig_sign(); no functional code change

2 years agoregression test for find-principals NULL deref; from Fabian Stelzer
djm [Wed, 5 Jan 2022 04:10:39 +0000 (04:10 +0000)]
regression test for find-principals NULL deref; from Fabian Stelzer

2 years agoDelete 'emul' keyword: it's been just returned 'native' for a long time
guenther [Wed, 5 Jan 2022 04:10:36 +0000 (04:10 +0000)]
Delete 'emul' keyword: it's been just returned 'native' for a long time

ok jsg@ deraadt@

2 years agoNULL deref when using find-principals when matching an allowed_signers
djm [Wed, 5 Jan 2022 04:02:42 +0000 (04:02 +0000)]
NULL deref when using find-principals when matching an allowed_signers
line that contains a namespace restriction, but no restriction
specified on the command-line; report and fix from Fabian Stelzer

2 years agouse the index provided by the txcompletion descriptor in txeof.
dlg [Wed, 5 Jan 2022 03:53:26 +0000 (03:53 +0000)]
use the index provided by the txcompletion descriptor in txeof.

this replaces the use of a register in txeof to figure out how much
of the ring has been completed by the hardware. that register isn't
reset when an interface is taken down and brought up again, which
messes with the calculations of free slots on the ring, which in
turn messes up the ability to transmit packets.

this means the watchdog can't know where the hardware is up to
anymore, so just restartthe chip if the watchdog fires.

it seems to be important to start the tx ring in msk_init on the
0th ring entry that we use to reset the high address value to 0.
we still fill the 0th descriptor, but we let the first msk_start
call post it for us when a packet goes on the ring.

a slight tweak and ok jmatthew@

2 years agoAdd mpfclock(4), a driver for the PolarFire SoC MSS clock controller.
visa [Wed, 5 Jan 2022 03:32:43 +0000 (03:32 +0000)]
Add mpfclock(4), a driver for the PolarFire SoC MSS clock controller.

OK kettenis@

2 years agoremove unused defines
jsg [Wed, 5 Jan 2022 02:00:55 +0000 (02:00 +0000)]
remove unused defines
ok gnezdo@

2 years agoFuture-proof by adding some proposed compatible strings to match on.
kettenis [Tue, 4 Jan 2022 20:55:48 +0000 (20:55 +0000)]
Future-proof by adding some proposed compatible strings to match on.

2 years agoReadability tweaks in the print helper i2r_IPAddressOrRanges.
tb [Tue, 4 Jan 2022 20:52:34 +0000 (20:52 +0000)]
Readability tweaks in the print helper i2r_IPAddressOrRanges.

Assign repeated nested expressions to local variables and avoid some
awkward line wrapping.

2 years agostruct pci_matchid is useful an upcoming userland program that wants
deraadt [Tue, 4 Jan 2022 20:43:44 +0000 (20:43 +0000)]
struct pci_matchid is useful an upcoming userland program that wants
to includes pcivar.h because it inspects vid/pid tables

2 years agohide more things behind _KERNEL, in case userland manages to include
deraadt [Tue, 4 Jan 2022 20:41:42 +0000 (20:41 +0000)]
hide more things behind _KERNEL, in case userland manages to include
this file

2 years agoConsistently name variables with a _len suffix instead of mixing
tb [Tue, 4 Jan 2022 20:40:43 +0000 (20:40 +0000)]
Consistently name variables with a _len suffix instead of mixing
things like prefixlen, afi_length, etc.

suggested by jsing

2 years agoOnly check the parent to be canonical once we know it is non-NULL.
tb [Tue, 4 Jan 2022 20:33:02 +0000 (20:33 +0000)]
Only check the parent to be canonical once we know it is non-NULL.

suggested by jsing during review

2 years agoRefactor extract_min_max()
tb [Tue, 4 Jan 2022 20:30:30 +0000 (20:30 +0000)]
Refactor extract_min_max()

extract_min_max() crammed all the work in two return statements
inside a switch.  Make this more readable by splitting out the
extraction of the min and max as BIT STRINGs from an addressPrefix
or an addressRange and once that's done expanding them to raw
addresses.

ok inoguchi jsing

2 years agoRemove checks that are duplicated in extract_min_max()
tb [Tue, 4 Jan 2022 20:23:05 +0000 (20:23 +0000)]
Remove checks that are duplicated in extract_min_max()

The NULL checks and the checks that aor->type is reasonable are already
performed in extract_min_max(), so it is unnecessary to repeat them
in X509v3_addr_get_range()

ok inoguchi jsing

2 years agosync
deraadt [Tue, 4 Jan 2022 20:21:14 +0000 (20:21 +0000)]
sync

2 years agoMake X509v3_addr_get_range() readable.
tb [Tue, 4 Jan 2022 20:21:04 +0000 (20:21 +0000)]
Make X509v3_addr_get_range() readable.

Instead of checking everything in a single if statement, group the
checks according to their purposes.

ok inoguchi jsing

2 years agoAdd a length check to make_addressPrefix()
tb [Tue, 4 Jan 2022 20:17:07 +0000 (20:17 +0000)]
Add a length check to make_addressPrefix()

Make the callers pass in the afi so that make_addressPrefix() can check
prefixlen to be reasonable. If the afi is anything else than IPv4 or
IPv6, cap its length at the length needed for IPv6. This way we avoid
arbitrary out-of-bounds reads if the caller decides to pass in something
stupid.

ok inoguchi jsing

2 years agoRemove some dead code
tb [Tue, 4 Jan 2022 20:04:38 +0000 (20:04 +0000)]
Remove some dead code

IPAddressRange_new() populates both its min and max members, so
they won't ever be NULL and will never need to be allocated.

ok inoguchi jsing

2 years agoDrop a pointless NULL check
tb [Tue, 4 Jan 2022 20:02:22 +0000 (20:02 +0000)]
Drop a pointless NULL check

IPAddressOrRange_new() instantiates a choice type, so we need to
allocate one member of the union ourselves, so aor->u.addressPrefix
will always be NULL.

ok inoguchi jsing

2 years agoFirst pass over x509_addr_validate_path()
tb [Tue, 4 Jan 2022 19:56:53 +0000 (19:56 +0000)]
First pass over x509_addr_validate_path()

Replace reaching into the structs with IPAddressFamily accessors
and add a few comments that explain what the code is actually doing.

ok inoguchi jsing

2 years agoDocument ruby31 FLAVOR
jeremy [Tue, 4 Jan 2022 19:51:24 +0000 (19:51 +0000)]
Document ruby31 FLAVOR

2 years agoRefactor IPAddressFamily accessors
tb [Tue, 4 Jan 2022 19:49:14 +0000 (19:49 +0000)]
Refactor IPAddressFamily accessors

Introduce a helper function that allows fetching the AFI and the
optional SAFI out of an IPAddressFamily. Also add two wrappers that
only fetch and validate the AFI, where validation currently only
means that the length is between 2 and 3.

Use these accessors throughout to simplify and streamline the code.

ok inoguchi jsing

2 years agoPass the filename back from the parser to the parent.
claudio [Tue, 4 Jan 2022 18:41:32 +0000 (18:41 +0000)]
Pass the filename back from the parser to the parent.
The parent will then add the filename to the filepath tree instead
of doing that in entity_write_req(). In the parser pass the filename
instead of the full entity object to various proc_parser functions.
With this it will be possible to check more then one file in the parser.
OK tb@, earlyer version OK benno@

2 years agoFix -n mode by setting repository states to REPO_DONE instead of the
claudio [Tue, 4 Jan 2022 18:16:09 +0000 (18:16 +0000)]
Fix -n mode by setting repository states to REPO_DONE instead of the
more correct REPO_FAILED. The problem is that with REPO_FAILED the repo
no longer matches a subsequent rrdp_get lookup and as a result the repo
uses rsync which wrong in this case.
OK benno@ tb@

2 years agoUse the device we read the hibernate signature from for the entire
guenther [Tue, 4 Jan 2022 18:13:31 +0000 (18:13 +0000)]
Use the device we read the hibernate signature from for the entire
resume.  This fixes setups where a umass device no longer attaching
at resume results in a softraid device being renumbered so the
hibernate-time device is no longer correct

ok mlarkin@ jsing@

2 years agoRestrict the pci(4) ioctl interface to devices detected by the kernel.
kettenis [Tue, 4 Jan 2022 16:15:28 +0000 (16:15 +0000)]
Restrict the pci(4) ioctl interface to devices detected by the kernel.
This fixes issues on the M1 Macs where the PCI probe done by Xorg
breaks the WiFi chip.

ok patrick@

2 years agofix length boundary checks for incoming packets in iwm/iwx
stsp [Tue, 4 Jan 2022 15:55:28 +0000 (15:55 +0000)]
fix length boundary checks for incoming packets in iwm/iwx

The minimum length and the maximum length required were both too low,
due to an error in accounting for the 4-byte packet length+flags header.

Patch by Christian Ehrhardt

2 years agofix Rx Block Ack session validity checks in iwm(4) and iwx(4)
stsp [Tue, 4 Jan 2022 15:53:57 +0000 (15:53 +0000)]
fix Rx Block Ack session validity checks in iwm(4) and iwx(4)

I ported a NULL pointer check from iwlwifi rxmq.c which cannot
happen in our version of this code. Instead we need to check
the BA session ID to determine whether a BA session is valid.

Patch by Christian Ehrhardt.

2 years agoSimplify the verify callback
tb [Tue, 4 Jan 2022 15:37:23 +0000 (15:37 +0000)]
Simplify the verify callback

The final warnx() is very noisy and essentially a remnant of earlier
debugging code. By ditching it and erroring directly on encountering
an unknown critical extension, the code becomes a bit simpler.

ok claudio

2 years agoTry to handle possible vm_register() failures and return an error back
claudio [Tue, 4 Jan 2022 15:25:05 +0000 (15:25 +0000)]
Try to handle possible vm_register() failures and return an error back
to the caller instead of most probably crashing because of a NULL pointer
access. This fixes also another -Wunused-but-set-variable warning.
OK benno@ dv@

2 years agoRemove unused imsg type IMSG_VMDOP_RECEIVE_VM_RESPONSE.
claudio [Tue, 4 Jan 2022 15:22:53 +0000 (15:22 +0000)]
Remove unused imsg type IMSG_VMDOP_RECEIVE_VM_RESPONSE.
OK benno@ dv@

2 years agoAnother -Wunused-but-set-variable fix.
claudio [Tue, 4 Jan 2022 15:21:40 +0000 (15:21 +0000)]
Another -Wunused-but-set-variable fix.
Based on input from dv@

2 years agoFix some simple -Wunused-but-set-variable warnings.
claudio [Tue, 4 Jan 2022 15:18:44 +0000 (15:18 +0000)]
Fix some simple -Wunused-but-set-variable warnings.
OK benno@ dv@

2 years ago- add LDAP
jmc [Tue, 4 Jan 2022 13:43:14 +0000 (13:43 +0000)]
- add LDAP
- capitalise RADIUS when referring to the protocol
- remove tis

from raf czlonka
ok sthen ajacoutot

2 years agoacpi_getprop() needs to actually make sure that we're looking at the
patrick [Tue, 4 Jan 2022 13:40:58 +0000 (13:40 +0000)]
acpi_getprop() needs to actually make sure that we're looking at the
correct property.  While there adjust acpi_getpropint() as well to
increase similarity with acpi_getprop().

ok kettenis@

2 years agoStop setting X509_V_FLAG_IGNORE_CRITICAL
tb [Tue, 4 Jan 2022 13:39:01 +0000 (13:39 +0000)]
Stop setting X509_V_FLAG_IGNORE_CRITICAL

Since the last bump, libcrypto knows about the RFC 3779 extensions.
Therefore, setting X509_V_FLAG_IGNORE_CRITICAL is no longer needed.
In fact, we want to error on critical extensions neither rpki-client
nor libcrypto knows about.

On older LibreSSL versions with the default verify callback, this
causes verification failures. Implement a verify callback that
intercepts X509_V_ERR_UNHANDLED_CRITICAL_EXTENSIONS and checks that
the cert doesn't contain critical extensions not supported by libcrypto
other than the expected RFC 3779 extensions.

Tested with LibreSSL 3.3 and 3.4 on OpenBSD 6.9 and 7.0-stable by me
and with LibreSSL 3.2 on Linux by claudio.

input/ok claudio

2 years agoReturn 0 on failure from send/get kex functions in the legacy stack.
jsing [Tue, 4 Jan 2022 12:53:31 +0000 (12:53 +0000)]
Return 0 on failure from send/get kex functions in the legacy stack.

In the legacy stack, a message handling function returns -1 for failure,
0 for need more data and 1 for success (although in extra special cases
2 may also be used). However, the various send/get kex functions only
need to indicate success or failure - switch these to return 0 on failure
(rather than -1) and use normal result testing.

This leaves GOST unchanged for now, as that code is special and needs
extra work.

ok inoguchi@ tb@

2 years agoremove the last part of driver for aic-6250 scsi on aviion
jsg [Tue, 4 Jan 2022 11:31:42 +0000 (11:31 +0000)]
remove the last part of driver for aic-6250 scsi on aviion

2 years agoUse normal result testing for tls1_check_curve().
jsing [Tue, 4 Jan 2022 11:17:11 +0000 (11:17 +0000)]
Use normal result testing for tls1_check_curve().

2 years agoRefactor ssl3_get_server_kex_ecdhe() to separate parsing and validation.
jsing [Tue, 4 Jan 2022 11:14:54 +0000 (11:14 +0000)]
Refactor ssl3_get_server_kex_ecdhe() to separate parsing and validation.

If we receive something other than a "named curve", send a handshake
failure alert as we're unable to complete the handshake with the given
parameters. If the server responded with a curve that we did not advertise
send an illegal parameter alert.

ok inoguchi@ tb@

2 years agoPull key share group/length CBB code up from tls13_key_share_public()
jsing [Tue, 4 Jan 2022 11:01:58 +0000 (11:01 +0000)]
Pull key share group/length CBB code up from tls13_key_share_public()

This provides better symmetry with the parsing code and will allow for
better reuse with the legacy stack, which has different message structures.

ok inoguchi@ tb@

2 years agoremove files missed when sgi was removed
jsg [Tue, 4 Jan 2022 11:01:24 +0000 (11:01 +0000)]
remove files missed when sgi was removed
ok visa@

2 years agoOnly allow zero length key shares when we know we're doing HRR.
jsing [Tue, 4 Jan 2022 10:34:16 +0000 (10:34 +0000)]
Only allow zero length key shares when we know we're doing HRR.

ok inoguchi@ tb@

2 years agoLog command invocation in debugging log to aid in manually reproducing
dtucker [Tue, 4 Jan 2022 08:38:53 +0000 (08:38 +0000)]
Log command invocation in debugging log to aid in manually reproducing
failing commands.

2 years agounbreak test: was picking up system ssh-add instead of the one supposedly
djm [Tue, 4 Jan 2022 07:20:33 +0000 (07:20 +0000)]
unbreak test: was picking up system ssh-add instead of the one supposedly
being tested. Spotted by dtucker and using his VM zoo (which includes
some systems old enough to lack ed25519 key support)

2 years agoremove unused file
jsg [Tue, 4 Jan 2022 06:48:46 +0000 (06:48 +0000)]
remove unused file