tb [Fri, 10 Sep 2021 14:57:31 +0000 (14:57 +0000)]
Expose SSL_get_tlext_status_type() in tls1.h
ok beck jsing
tb [Fri, 10 Sep 2021 14:55:53 +0000 (14:55 +0000)]
Expose SSL_R_NO_APPLICATION_PROTOCOL in ssl.h
ok beck jsing
tb [Fri, 10 Sep 2021 14:55:24 +0000 (14:55 +0000)]
Expose SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE in ssl.h
ok beck jsing
tb [Fri, 10 Sep 2021 14:54:14 +0000 (14:54 +0000)]
Expose SSL_CTX_get0_privatekey() in ssl.h
ok beck
tb [Fri, 10 Sep 2021 14:50:19 +0000 (14:50 +0000)]
Remove TLS1_get_{,client_}version()
ok jsing
tb [Fri, 10 Sep 2021 14:49:13 +0000 (14:49 +0000)]
Remove SSL3_RECORD and SSL3_BUFFER
with/ok jsing
tb [Fri, 10 Sep 2021 14:47:24 +0000 (14:47 +0000)]
Remove TLS1_RT_HEARTBEAT
ok jsing
tb [Fri, 10 Sep 2021 14:46:31 +0000 (14:46 +0000)]
Make SSL opaque
with/ok jsing
tb [Fri, 10 Sep 2021 14:44:25 +0000 (14:44 +0000)]
Remove struct tls_session_ticket_ext_st and TLS_SESSION_TICKET_EXT
from public visibility.
with/ok jsing
tb [Fri, 10 Sep 2021 14:39:22 +0000 (14:39 +0000)]
Uncomment LIBRESSL_HAS_{TLS1_3,DTLS1_2} in opensslfeatures.h
tb [Fri, 10 Sep 2021 14:37:14 +0000 (14:37 +0000)]
Use BN_RAND_* instead of mysterious values in the documentation of
BN_rand_range()
From OpenSSL 1.1.1l
ok beck jsing
tb [Fri, 10 Sep 2021 14:35:36 +0000 (14:35 +0000)]
Expose EC_GROUP_order_bits() in <openssl/ec.h>
ok beck jsing
tb [Fri, 10 Sep 2021 14:33:44 +0000 (14:33 +0000)]
Expose BN_bn2{,le}binpad() and BN_lebin2bn() in <openssl/bn.h>
ok beck inoguchi
tb [Fri, 10 Sep 2021 14:32:05 +0000 (14:32 +0000)]
Expose BN_RAND_* in <openssl/bn.h>
ok beck jsing
nicm [Fri, 10 Sep 2021 14:22:24 +0000 (14:22 +0000)]
Get rid of the last two warnings by turning them off around the problem
statements, if the compiler supports it.
schwarze [Fri, 10 Sep 2021 13:23:44 +0000 (13:23 +0000)]
Quirk-compatibility with GNU tbl(1):
With the "nospaces" option, skip space characters before and after "T{",
in addition to skipping those at the beginning and end of data cells.
Minor issue reported by <Oliver dot Corff at email dot de>.
claudio [Fri, 10 Sep 2021 13:20:03 +0000 (13:20 +0000)]
Properly handle keep-alive for HTTP/1.1. If the server uses HTTP/1.1
keep-alive is the default. Check this early on and disable keep-alive
if a Connection: closed header is sent. Fixes the keep-alive issues
I have seen.
OK sthen@
schwarze [Fri, 10 Sep 2021 12:06:29 +0000 (12:06 +0000)]
In a tbl(7) having the "nospaces" option, skip space characters
not only at the end of data cells, but also after "T}",
aligning the behaviour of the parser with GNU tbl(1).
Issue reported by <Oliver dot Corff at email dot de>.
dtucker [Fri, 10 Sep 2021 11:38:38 +0000 (11:38 +0000)]
Document that non-interactive commands are run via the user's shell
using the -c flag. ok jmc@
dtucker [Fri, 10 Sep 2021 10:26:02 +0000 (10:26 +0000)]
Document behaviour of arguments following non-interactive commands.
Prompted by github PR#139 from EvanTheB, feedback & ok djm@ jmc@
tb [Fri, 10 Sep 2021 09:25:29 +0000 (09:25 +0000)]
Do not ignore SSL_TLSEXT_ERR_FATAL from the ALPN callback
As reported by Jeremy Harris, we inherited a strange behavior from
OpenSSL, in that we ignore the SSL_TLSEXT_ERR_FATAL return from the
ALPN callback. RFC 7301, 3.2 states: 'In the event that the server
supports no protocols that the client advertises, then the server
SHALL respond with a fatal "no_application_protocol" alert.'
Honor this requirement and succeed only on SSL_TLSEXT_ERR_{OK,NOACK}
which is the current behavior of OpenSSL. The documentation change
is taken from OpenSSL 1.1.1 as well.
As pointed out by jsing, there is more to be fixed here:
- ensure that the same protocol is selected on session resumption
- should the callback be called even if no ALPN extension was sent?
- ensure for TLSv1.2 and earlier that the SNI has already been processed
ok beck jsing
tb [Fri, 10 Sep 2021 09:08:03 +0000 (09:08 +0000)]
Prepare to provide BN_RAND_* flags for BN_rand_range()
ok beck jsing
tb [Fri, 10 Sep 2021 08:59:56 +0000 (08:59 +0000)]
Prepare to provide SSL_CTX_get0_privatekey()
ok beck
nicm [Fri, 10 Sep 2021 08:52:46 +0000 (08:52 +0000)]
Disable aliases inside aliases for the moment.
dtucker [Fri, 10 Sep 2021 07:11:11 +0000 (07:11 +0000)]
Clarify which file's attributes -p preserves, and that it's specifically
the file mode bits. bz#3340 from calestyo at scientia.net, ok djm@ jmc@
anton [Fri, 10 Sep 2021 05:48:43 +0000 (05:48 +0000)]
Minor KNF nit, align struct field.
anton [Fri, 10 Sep 2021 05:47:38 +0000 (05:47 +0000)]
Instead of letting uhidev drivers get the report sizes, do it once in
uhidev and pass the same sizes as part of the attach arguments. Makes
the uhidev drivers a bit less repetitive.
It might look tempting to let uhidev assign the sizes after a driver has
attached, removing the need to repeat this logic in each driver. This
does however not work since the input size must be known while calling
uhidev_open() in order to open the interrupt pipe; and uhidev_open() is
called from several attach routines.
Note that this change only works and applies to when attaching to a
single report ID.
ok jcs@
djm [Fri, 10 Sep 2021 05:46:09 +0000 (05:46 +0000)]
openssh-7.4 was incorrectly listed twice; spotted by Dmitry
Belyavskiy, ok dtucker@
anton [Fri, 10 Sep 2021 05:46:01 +0000 (05:46 +0000)]
Remove unused repsizes array.
ok jcs@ as part of a larger diff
deraadt [Fri, 10 Sep 2021 00:02:43 +0000 (00:02 +0000)]
annotate what symbols are used from sys/param.h lines, or delete them
if not required. when deleting, add sys/signal.h or other lines which
were not being pulled in
deraadt [Fri, 10 Sep 2021 00:01:13 +0000 (00:01 +0000)]
nothing from sys/param.h is used
deraadt [Fri, 10 Sep 2021 00:00:55 +0000 (00:00 +0000)]
the SunOS lseek 4G wraparound workaround is not needed, consequently
pulling BSD from sys/param.h is not needed either
kettenis [Thu, 9 Sep 2021 22:46:03 +0000 (22:46 +0000)]
Adjust for DT binding changes. Add some temporary backwards compatibility
code to help making the transition. This will be removed in a few weeks.
nicm [Thu, 9 Sep 2021 21:55:03 +0000 (21:55 +0000)]
Keep -? as usage.
jasper [Thu, 9 Sep 2021 20:08:15 +0000 (20:08 +0000)]
add test for printing empty arguments
ok mpi@
jasper [Thu, 9 Sep 2021 20:07:49 +0000 (20:07 +0000)]
fix crash when passing empty cli arguments as B_AT_NIL wasn't handled as a valid argument type
found with afl++
ok mpi@
nicm [Thu, 9 Sep 2021 19:37:17 +0000 (19:37 +0000)]
Turn on both button and all mouse modes for menus since some terminals
only support the former.
jasper [Thu, 9 Sep 2021 19:02:50 +0000 (19:02 +0000)]
add hist() tests similar to mapempty.bt
ok mpi@
mpi [Thu, 9 Sep 2021 18:41:39 +0000 (18:41 +0000)]
Add THREAD_PID_OFFSET to tracepoint arguments that pass a TID to userland.
Bring these values in sync with the `tid' builtin which already include
the offset. This is necessary to build script comparing them, like:
tracepoint:sched:enqueue
{
@ts[arg0] = nsecs;
}
tracepoint:sched:on__cpu
/@ts[tid]/
{
latency = nsecs - @ts[tid];
}
Discussed with and ok bluhm@
mpi [Thu, 9 Sep 2021 18:23:31 +0000 (18:23 +0000)]
Move a check to avoid panicing on contended rwlock(9) outside of DIAGNOSTIC.
ok kettenis@
anton [Thu, 9 Sep 2021 17:36:34 +0000 (17:36 +0000)]
Ensure that the kill signal undergoing testing is not ignored.
ok bluhm@
schwarze [Thu, 9 Sep 2021 16:50:57 +0000 (16:50 +0000)]
In HTML output, in cells with an "n" (number) layout, pad numbers
on the right side with UTF-8 punctuation and figure spaces such
that numbers in different tbl(7) rows align at the decimal point.
The exact HTML output format was suggested
by <Oliver dot Corff at email dot de>;
the implementation in C is mine.
krw [Thu, 9 Sep 2021 15:21:39 +0000 (15:21 +0000)]
Simplify logic in USER_edit() loop to eliminate unnecessary
goto's.
Rename CMD_SAVE to CMD_QUIT to reflect actual command (Xquit) and
help and man page verbiage.
No intentional functional change.
beck [Thu, 9 Sep 2021 15:09:43 +0000 (15:09 +0000)]
When calling the legacy callback, ensure we catch the case where it
has decided to change a succeess to a failure and change the error code.
Fixes a regression in the openssl-ruby tests which expect to test this
functionality.
ok tb@
tb [Thu, 9 Sep 2021 15:02:33 +0000 (15:02 +0000)]
Rework openssl-ruby-tests to run all passing tests first, then
run the one failing test as a separate regress test. This way,
all regressions should be caught with REGRESS_FAIL_EARLY=yes or
on bluhm's regress webpage.
This needs an up-to-date openssl-ruby-tests package and an
upcoming commit by beck in x509_verify.c to work.
ok beck bluhm
schwarze [Thu, 9 Sep 2021 14:45:18 +0000 (14:45 +0000)]
If the layout or data of an individual cell in a tbl(7) contains
only "_", "-", or "=", requesting a horizontal line to be drawn
across the middle of the cell, print <hr/> in that cell in HTML
output.
That is arguably slightly ugly because HTML 5 regards <hr/> as
semantic markup, meaning "thematic break". If somebody knowns
a better way to render a horizontal line across the middle of a
table cell with pure HTML and CSS, and without implying a specific
meaning, please tell me.
Missing feature reported by <Oliver dot Corff at email dot de>.
claudio [Thu, 9 Sep 2021 14:15:49 +0000 (14:15 +0000)]
Rework how various OIDs are compared in the code.
Instead of converting the ASN1_OBJECT into a string and comparing the
strings, convert the string into an ASN1_OBJECT once and then compare
these objects with OBJ_cmp().
Makes the code a bit easier to read and removes some repetitive conversions.
With input and OK tb@
nicm [Thu, 9 Sep 2021 13:38:32 +0000 (13:38 +0000)]
Expand argument to run-shell again.
claudio [Thu, 9 Sep 2021 13:02:36 +0000 (13:02 +0000)]
No need to initialize nuv, it is assigned to before use.
krw [Thu, 9 Sep 2021 12:36:45 +0000 (12:36 +0000)]
Scan unit_types[] array using nitems() and eliminate the NULL
sentinal entry.
No functional change.
tb [Thu, 9 Sep 2021 12:14:22 +0000 (12:14 +0000)]
zap trailing whitespace
tb [Thu, 9 Sep 2021 12:12:39 +0000 (12:12 +0000)]
zap trailing whitespace
mpi [Thu, 9 Sep 2021 12:09:11 +0000 (12:09 +0000)]
Relax the check for accessing variable before setting them.
First we can't assume rules are written in the order they will be executed.
Secondly filters might need to check variables before they had a chance to
be populated by the right event.
schwarze [Thu, 9 Sep 2021 11:48:06 +0000 (11:48 +0000)]
Do not abuse the "cleandir" target to delete part of the test output.
According to /usr/share/mk/bsd.README, that target is only intended
to delete tags files, and there are no tags files here. Instead,
make sure the "clean" target does not leave any test output behind.
Issue reported and patch OK'ed by bluhm@.
mpi [Thu, 9 Sep 2021 11:20:40 +0000 (11:20 +0000)]
Let ba2str() handle unitialized map just like ba2long() does.
mpi [Thu, 9 Sep 2021 10:00:04 +0000 (10:00 +0000)]
Hook test for command line arguments support.
mpi [Thu, 9 Sep 2021 09:56:32 +0000 (09:56 +0000)]
Test assigning multiple probes to a single action.
This relies on the 'interval' provider which should always be present.
mpi [Thu, 9 Sep 2021 09:53:11 +0000 (09:53 +0000)]
Make it possible to associate multiple probes to a single rule.
The following syntax, reducing duplication, is now allowed:
END,
interval:hz:2
{
...
}
Rule descriptors are now linked to a list of probe descriptors instead of
a single one. Enabled kernel probes are now linked to btrace(8) probe
descriptors.
While here stop parsing filter and probe if debug is not enabled.
mpi [Thu, 9 Sep 2021 09:43:49 +0000 (09:43 +0000)]
Handle new NIL type in ba_name().
Fix filter debugging.
mpi [Thu, 9 Sep 2021 09:38:38 +0000 (09:38 +0000)]
Prepare for executing regress triggering kernel probes.
root and kern.allowdt=1 are needed for those, otherwise mark them as SKIPPED.
mpi [Thu, 9 Sep 2021 07:17:31 +0000 (07:17 +0000)]
Do not treat empty map has invalid.
mpi [Thu, 9 Sep 2021 07:03:10 +0000 (07:03 +0000)]
Use a dynamic buffer to allow parsing scripts bigger than BUFSIZ.
ok jasper@
mpi [Thu, 9 Sep 2021 06:59:51 +0000 (06:59 +0000)]
Check clear(), delete(), zero() and print() after clear().
ok jasper@
mpi [Thu, 9 Sep 2021 06:58:39 +0000 (06:58 +0000)]
Make sure all map operators work after calling clear() on a map.
Fix assertions found by jasper@ with AFL++.
ok jasper@
nicm [Thu, 9 Sep 2021 06:57:48 +0000 (06:57 +0000)]
Fix parsing of aliases again (GitHub issue 2842), also make argument
parsing a bit simpler and fix the names of some client flags.
jmc [Thu, 9 Sep 2021 06:17:39 +0000 (06:17 +0000)]
- move CAVEATS to its correct order
- use the term "legacy" protocol rather than "original", as the latter
made the text misleading
- uppercase SCP
ok djm
jsg [Thu, 9 Sep 2021 04:09:41 +0000 (04:09 +0000)]
drm: Copy drm_wait_vblank to user before returning
From Mark Yacoub
6fd6e20520ccd05a1ac3321404dd498cc28576cb in linux 5.10.y/5.10.62
fa0b1ef5f7a694f48e00804a391245f3471aa155 in mainline linux
jsg [Thu, 9 Sep 2021 04:06:55 +0000 (04:06 +0000)]
drm/amd/pm: change the workload type for some cards
From Kenneth Feng
b00ca567579a4c2f9a4cd6f9a63946f793e8b506 in linux 5.10.y/5.10.62
93c5701b00d50d192ce2247cb10d6c0b3fe25cd8 in mainline linux
jsg [Thu, 9 Sep 2021 04:04:45 +0000 (04:04 +0000)]
Revert "drm/amd/pm: fix workload mismatch on vega10"
From Kenneth Feng
3c37ec4350220a548ffc6753646913899e86b1c7 in linux 5.10.y/5.10.62
2fd31689f9e44af949f60ff4f8aca013e628ab81 in mainline linux
jsg [Thu, 9 Sep 2021 04:02:53 +0000 (04:02 +0000)]
drm/i915: Fix syncmap memory leak
From Matthew Brost
257ea8a5edc04d5199db83137fbaa24e1de98e9e in linux 5.10.y/5.10.62
a63bcf08f0efb5348105bb8e0e1e8c6671077753 in mainline linux
jsg [Thu, 9 Sep 2021 04:01:05 +0000 (04:01 +0000)]
drm/amdgpu: Cancel delayed work when GFXOFF is disabled
From Michel Daenzer
da3067eadcc156b742657c0694beae0a7c49d157 in linux 5.10.y/5.10.62
32bc8f8373d2d6a681c96e4b25dca60d4d1c6016 in mainline linux
jcs [Thu, 9 Sep 2021 02:23:14 +0000 (02:23 +0000)]
Don't print references to Intel's website for downloading firmware
when loading fails, it will just confuse people
ok jsg
djm [Wed, 8 Sep 2021 23:31:39 +0000 (23:31 +0000)]
Use the SFTP protocol by default. The original scp/rcp protocol remains
available via the -O flag.
Note that ~user/ prefixed paths in SFTP mode require a protocol extension
that was first shipped in OpenSSH 8.7.
ok deraadt, after baking in snaps for a while without incident
jmc [Wed, 8 Sep 2021 20:33:42 +0000 (20:33 +0000)]
update rge: can do 10/100/1Gb/2.5Gb according to chris
jmc [Wed, 8 Sep 2021 20:29:21 +0000 (20:29 +0000)]
attempt to standardise the way we specify speeds in our name description (Nd)
lines;
sthen and deraadt argued for unit suffixes for speeds 1Gb+
deraadt also requested Gigabit be standardised to 1Gb
ok sthen deraadt ian benno
tb [Wed, 8 Sep 2021 17:29:21 +0000 (17:29 +0000)]
Prepare to provide EC_GROUP_order_bits()
ok jsing
tb [Wed, 8 Sep 2021 17:27:33 +0000 (17:27 +0000)]
Provide SSL_SESSION_is_resumable and SSL_set_psk_use_session_callback stubs
ok jsing
tb [Wed, 8 Sep 2021 17:24:23 +0000 (17:24 +0000)]
Prepare to provide API stubs for PHA
ok bcook jsing
claudio [Wed, 8 Sep 2021 16:37:20 +0000 (16:37 +0000)]
The number of elements being processed is known upfront. So allocate the
storage needed outside of the loop. This reduces the number of recallocarray
calls.
OK tb@
jca [Wed, 8 Sep 2021 15:57:27 +0000 (15:57 +0000)]
Zap _THIS_PORT helper for printf("%n") tracking in ports land
This hack isn't very useful now that libc aborts on printf("%n") calls,
it's expected that the resulting error would lead to a build
failure, and that the coredump along with the syslog message should be
enough to find the culprit.
Hinted by naddy@ and prodded by deraadt@
mpi [Wed, 8 Sep 2021 15:34:01 +0000 (15:34 +0000)]
Revert a chunk committed by inadvertence in my last fix.
tb [Wed, 8 Sep 2021 14:33:02 +0000 (14:33 +0000)]
Fix leak in cms_RecipientInfo_kekri_decrypt()
Free ec->key before reassigning it.
From OpenSSL 1.1.1,
58e1e397
ok inoguchi
dv [Wed, 8 Sep 2021 13:29:51 +0000 (13:29 +0000)]
btrace(8): add initial support for cli arguments
This adds initial support for passing cli args to btrace(8) for use
in bt(5) scripts. Similar to bpftrace, they are referenced via $1,
$2, etc. with $# being the number of command line arguments provided.
Adds an initial regress test and a Makefile change to allow providing
arguments to regress tests in a .args file.
Currently no limit is imposed on the number of arguments, keeping
a similar approach as observed in bpftrace. References to undefined
arguments result in a new "nil" type that contextually acts as a
zero or empty string. More work can be done here to improve bpftrace
compatibility.
ok mpi@, jasper@
kn [Wed, 8 Sep 2021 13:16:53 +0000 (13:16 +0000)]
Backout "Merge sysupgrade watchdog and prompt timeout code"
(commitid 0SH0ijktpPPcSctj)
"/autoinstall[2697]: start_timeout: not found" during non-interactive
upgrade, e.g. sysupgrade(8).
Reported by Joel Carnat <joel at carnat dot net>, thanks.
stsp [Wed, 8 Sep 2021 13:06:53 +0000 (13:06 +0000)]
Add a missing call to iwx_ctxt_info_free_fw_img() in an error path
of iwx_ctxt_info_init() which should always free on error.
Also, free firmware paging DMA memory in case loading firmware has failed.
If we don't free paging on error we hit KASSERT(dram->paging == NULL)
in iwx_init_fw_sec() once we try to load firmware again. I have hit
this while debugging firmware load failures during suspend/resume.
ok mpi@
stsp [Wed, 8 Sep 2021 13:06:23 +0000 (13:06 +0000)]
Make iwm(4) and iwx(4) raise IPL to splnet() while loading firmware.
ok mpi@
tb [Wed, 8 Sep 2021 12:56:14 +0000 (12:56 +0000)]
Prepare to provide SSL_get_tlsext_status_type()
Needed for nginx-lua to build with opaque SSL.
ok inoguchi jsing
tb [Wed, 8 Sep 2021 12:32:07 +0000 (12:32 +0000)]
Prepare to provide SSL_set0_rbio()
This is needed for telephony/coturn and telephony/resiprocate to compile
without opaque SSL.
ok inoguchi jsing
tb [Wed, 8 Sep 2021 12:19:17 +0000 (12:19 +0000)]
Prepare to provide BN_bn2{,le}binpad() and BN_lebin2bn()
As found by jsg and patrick, this is needed for newer uboot and
will also be used in upcoming elliptic curve work.
This is from OpenSSL 1.1.1l with minor style tweaks.
ok beck inoguchi
stsp [Wed, 8 Sep 2021 11:40:30 +0000 (11:40 +0000)]
Improve debug output when sending 802.11 action frames by showing the
action frame subtypes we care about (i.e. those related to 11n block ack).
ok mpi@
tobhe [Wed, 8 Sep 2021 11:38:39 +0000 (11:38 +0000)]
Print correct RTP_PROPOSAL types with 'unwindctl status autoconf'.
Feedback and ok florian@
stsp [Wed, 8 Sep 2021 11:35:08 +0000 (11:35 +0000)]
Let iwm(4) and iwx(4) sleep for 1 second while loading firmware.
Sleeping for 1 second matches what iwn(4) does. Fixes issues where loading
firmware failed for bogus reasons. I could trigger this failure on AX200
with suspend/resume but it was not inherently specific to suspend/resume.
The previous code was looping over tsleep(9) in steps of 100msec.
This could lead to a race where the firmware's alive interrupt fired between
the endtsleep() timeout handler, which marks the sleep timeout as expired,
and sleep_finish(), which reschedules the sleeping thread. The driver would
see EWOULDBLOCK and report an error even though loading firmware did succeed.
ok mpi@
job [Wed, 8 Sep 2021 10:49:34 +0000 (10:49 +0000)]
Replace bare ; with continue;
OK tb@
job [Wed, 8 Sep 2021 09:49:24 +0000 (09:49 +0000)]
Fix indentation of comments and labels
OK tb@
djm [Wed, 8 Sep 2021 03:23:44 +0000 (03:23 +0000)]
correct my mistake in previous fix; spotted by halex
benno [Tue, 7 Sep 2021 19:35:41 +0000 (19:35 +0000)]
document that SFP modules work in SFP+ cards.
change the title to show speeds of 100 and 1Gb too.
ok sthen@
mpi [Tue, 7 Sep 2021 19:31:56 +0000 (19:31 +0000)]
Hook new tests.
mpi [Tue, 7 Sep 2021 19:30:44 +0000 (19:30 +0000)]
Check that clear() and zero() only work with map.
mpi [Tue, 7 Sep 2021 19:29:12 +0000 (19:29 +0000)]
Check that map/hist functions are called with the right argument.
Change the parser to make clear() and zero() accept only local and
global variables as arguments.
Since the parser has no knowledge of the type of a variable abort
the execution if clear() or zero() are being called with something
other than a map or hist.
Fix assertions found by jasper@ with AFL++ (port coming soon!).
ok jasper@
mpi [Tue, 7 Sep 2021 19:20:22 +0000 (19:20 +0000)]
Test that syntax errors do not trigger sanity checks.