sthen [Tue, 1 Mar 2022 21:19:11 +0000 (21:19 +0000)]
Support mtime/atime/ctime extended headers in !SMALL builds.
These are becoming quite common in distributed software (including
tars produced by Python and Go) and often standard timestamps are
not set, resulting in extracted files dated as the epoch.
Lots of help from tb@, ok tb@ millert@
kettenis [Tue, 1 Mar 2022 20:45:27 +0000 (20:45 +0000)]
The display controller sits behind a DART. We must make sure we keep
that DART enabled with the mappings provided by the firmware. Otherwise
the display controller can no longer access the framebuffer and the
display goes black.
ok jsg@
florian [Tue, 1 Mar 2022 18:34:21 +0000 (18:34 +0000)]
Update to libunbound 1.15.0; heavy lifting by sthen in unbound(8).
Upstream renamed parse_edns_from_pkt to parse_edns_from_query_pkt and
added two arguments (config_file and comm_point) that we don't use,
adjust callers in frontend accordingly.
florian [Tue, 1 Mar 2022 18:30:23 +0000 (18:30 +0000)]
Upstream renamed parse_extract_edns to
parse_extract_edns_from_response_msg and parse_edns_from_pkt to
parse_edns_from_query_pkt in libunbound 1.14.0.
Both funktions work equally well for us but it would look weird to use
the "from_response_msg" function on the query so switch to
parse_edns_from_pkt in preparation for the libunbound update.
testing & OK sthen
nicm [Tue, 1 Mar 2022 15:20:22 +0000 (15:20 +0000)]
Don't convert codes for special keys (Tab, Enter, Escape).
krw [Tue, 1 Mar 2022 14:39:30 +0000 (14:39 +0000)]
Tweak SCSI section to clarify that SCSIDEBUG enables probing/attachment
debug info, with any additional debug info being requested via SCSIDEBUG_*
options.
Pointed out by Scott Nicholas.
jsg [Tue, 1 Mar 2022 11:50:37 +0000 (11:50 +0000)]
__i2c_transfer() should not lock the bus
i2c_transfer() locks the bus
claudio [Tue, 1 Mar 2022 09:53:42 +0000 (09:53 +0000)]
up_dump_prefix() should not clear the p->flags before possibly calling
prefix_adjout_destroy(). Doing so will restult in a double pt_unref()
call because prefix_adjout_destroy() no longer notices that the prefix
was an actuall withdraw and wrongly calls prefix_unlink().
For updates the PREFIX_FLAG_UPDATE flag needs to be cleared after
removing the prefix from the update RB tree.
Adjust the EoR codepath in a similar way. EoR have a NULL pt_entry and
so prefix_adjout_destroy() is unable to do the RB_REMOVE.
This fixes the regress errors reported by anton@
OK tb@
claudio [Tue, 1 Mar 2022 09:46:22 +0000 (09:46 +0000)]
Rewrite some comments to hopefully be easier to understand.
No code change.
claudio [Tue, 1 Mar 2022 09:39:36 +0000 (09:39 +0000)]
Remove another empty line
claudio [Tue, 1 Mar 2022 09:38:06 +0000 (09:38 +0000)]
Reshuffle functions for better order and remove an excessive empty line.
jsg [Tue, 1 Mar 2022 08:07:38 +0000 (08:07 +0000)]
change some defines to static inline functions
anton [Tue, 1 Mar 2022 06:13:17 +0000 (06:13 +0000)]
ci(1) populates the author keyword using getlogin(2), therefore favor
logname(1) when normalizing the output.
jsg [Tue, 1 Mar 2022 04:08:03 +0000 (04:08 +0000)]
change some defines to static inline functions
djm [Tue, 1 Mar 2022 01:59:19 +0000 (01:59 +0000)]
pack pollfd array before server_accept_loop() ppoll() call,
and terminate sshd if ppoll() returns errno==EINVAL
avoids spin in ppoll when MaxStartups > RLIMIT_NOFILE, reported by
Daniel Micay
feedback/ok deraadt
tedu [Tue, 1 Mar 2022 01:22:11 +0000 (01:22 +0000)]
add rtable capability to login.conf.
from Matthew Martin
dtucker [Mon, 28 Feb 2022 21:56:29 +0000 (21:56 +0000)]
Remove unused ivbits argument from chacha_keysetup to match other
instances in the tree. ok deraadt@
sthen [Mon, 28 Feb 2022 21:23:38 +0000 (21:23 +0000)]
provide a login class for vmd, the "daemon" class now has a datasize
limit which is a bit low for VMs. only done on amd64 as vmd is only
provided there. ok deraadt@
krw [Mon, 28 Feb 2022 16:17:37 +0000 (16:17 +0000)]
#include <disktab.h> not needed for successful compile.
Last #include of disktab.h in the tree.
kettenis [Mon, 28 Feb 2022 15:51:02 +0000 (15:51 +0000)]
The IOMMUs integrated on Apple's M1 Pro/MaxJ SoC use a different page table
layout where the physical (CPU) address needs to be shifted to allow for the
larger physical address space implemented in these SoCs. Make apldart(4)
handle this new page table layout based on the compatible property.
ok jsg@
visa [Mon, 28 Feb 2022 15:49:57 +0000 (15:49 +0000)]
Remove unneeded symbol name lookup.
krw [Mon, 28 Feb 2022 14:48:11 +0000 (14:48 +0000)]
Shuffle some SCSIDEBUG code to simplify code, tersify the
emitted verbiage, and show INQUIRY header & vendor info early so
humans can more easily determine what scsi_probe_link() will
do.
No functional change outside SCSIDEBUG.
claudio [Mon, 28 Feb 2022 14:32:01 +0000 (14:32 +0000)]
Instead of handrolling what is mostly prefix_link/prefix_unlink in
prefix_move() and prefix_adjout_update() use the functions by
refactoring them a bit so they work in these cases.
Move the pftable update and prefix evaluate call to prefix_add
make nexthop_link() a noop for prefixes of the Adj-RIB-Out and
in prefix_unlink() don't clear p->pt after the pt_unref() call.
In prefix_adjout_* functions make sure to call prefix_unlink() when
a prefix is linked and gets removed or replaced.
OK tb@
claudio [Mon, 28 Feb 2022 12:52:38 +0000 (12:52 +0000)]
In the Adj-RIB-Out specific dump functions assert that PREFIX_FLAG_ADJOUT
is set. Similar checks are done for updates and withdraws.
OK tb@
nicm [Mon, 28 Feb 2022 09:34:57 +0000 (09:34 +0000)]
Exit on SIGHUP before attach also, GitHub issue 3084.
nicm [Mon, 28 Feb 2022 09:24:22 +0000 (09:24 +0000)]
Map control keys back to an ASCII uppercase letter when passing them on
as extended keys.
jsg [Mon, 28 Feb 2022 09:01:29 +0000 (09:01 +0000)]
remove some unused defines
jsg [Mon, 28 Feb 2022 02:40:16 +0000 (02:40 +0000)]
add pcie_aspm_enabled() for the next linux 5.15.y release
dlg [Mon, 28 Feb 2022 00:12:11 +0000 (00:12 +0000)]
add the mbuf tags that prevent output loops.
mostly copied from vxlan where the tag is checked in output and
set in encap. etherip appears to be one of the first drivers i
reworked, so it's a bit crufty. the ipv4 vs ipv6 handling could
be done better.
mortimer [Sun, 27 Feb 2022 23:45:55 +0000 (23:45 +0000)]
Enable unwind tables on all clang architectures.
Fixes backtraces on i386 (tested by bluhm) and armv7.
OK bluhm@
millert [Sun, 27 Feb 2022 22:14:56 +0000 (22:14 +0000)]
The At macro doesn't accept v8, v9 or v10. Noticed by jmc@
bluhm [Sun, 27 Feb 2022 20:30:30 +0000 (20:30 +0000)]
Add gzip-static option to httpd. This allows to deliver precompressed
files with content-encoding gzip.
from prx at si3t dot ch; OK tracey@
kettenis [Sun, 27 Feb 2022 17:36:52 +0000 (17:36 +0000)]
Adjust definition of DART_L1_TABLE to what Linux uses.
ok jsg@
millert [Sun, 27 Feb 2022 15:02:08 +0000 (15:02 +0000)]
Use ',' in custom separator example and change shell prompt to non-root.
jca [Sun, 27 Feb 2022 13:22:32 +0000 (13:22 +0000)]
Enable libedit line editing
Sync our hardcoded config with what cmake detects in ports/devel/llvm.
Brought up privately by cheloha@, then by Andrei on tech@, input and ok
gnezdo@
bluhm [Sun, 27 Feb 2022 10:14:01 +0000 (10:14 +0000)]
Fix whitespace and uninitialized variable in dt(4).
OK mpi@
jmc [Sun, 27 Feb 2022 07:13:31 +0000 (07:13 +0000)]
tweak the opening paragraph for readability, and tidy up one of the examples;
ok millert
krw [Sun, 27 Feb 2022 02:27:55 +0000 (02:27 +0000)]
SC_DEBUG() requires an initialized scsi_link. Shuffle
code to make it so.
Pointed out by clang when prodded with SCSIDEBUG.
naddy [Sun, 27 Feb 2022 01:33:59 +0000 (01:33 +0000)]
include rejected signature algorithm in error message and not the
(useless) key type; ok djm@
bluhm [Sat, 26 Feb 2022 20:14:06 +0000 (20:14 +0000)]
Allow pledged pf ioctl test to pass also when pf is disabled.
millert [Sat, 26 Feb 2022 17:42:12 +0000 (17:42 +0000)]
setuserenv: a missing /etc/login.conf file is not an error.
The code to handle LOGIN_SETENV (and thus LOGIN_SETALL) returned
an error if /etc/login.conf could not be opened. We should simply
return success from setuserenv() in this case like we do for the
other flags. From Matthew Martin, OK deraadt@
jsing [Sat, 26 Feb 2022 16:45:31 +0000 (16:45 +0000)]
Add regress coverage for ASN1_OBJECT public interfaces.
otto [Sat, 26 Feb 2022 16:14:42 +0000 (16:14 +0000)]
Currently malloc caches a number of free'ed regions up to 128k
in size. This cache is indexed by size (in # of pages), so it is
very quick to check. Some programs allocate and deallocate larger
allocations in a frantic way. Accomodate those programs by also
keeping a cache of regions between 128k and 2M, in a cache of variable
sized regions.
Tested by many in snaps; ok deraadt@
kettenis [Sat, 26 Feb 2022 13:38:46 +0000 (13:38 +0000)]
regen
kettenis [Sat, 26 Feb 2022 13:38:11 +0000 (13:38 +0000)]
Add Broadcom BCM4387.
claudio [Sat, 26 Feb 2022 11:48:50 +0000 (11:48 +0000)]
Remove excessive ;
dlg [Sat, 26 Feb 2022 04:46:34 +0000 (04:46 +0000)]
add the mbuf tag that prevents loops in vxlan_encap, not vxlan_output.
vxlan_output calls ether_output, which will do arp for ipv4 packets.
if arp hasn't resolved an address for a peer yet, it will queue the
packet and transmit it again after resolution completes. the way
it outputs is to call the interface output routine again, which is
vxlan_output.
if we tag the packet in vxlan_output before arp, and then arp calls
vxlan_output again, it looks like a loop and drops it. moving the
tagging to when we add all the encap headers in vxlan_encap avoids
this issue.
dlg [Sat, 26 Feb 2022 02:15:45 +0000 (02:15 +0000)]
have another go at fixing assert "sc->sc_dev == NUM" failed.
claudio figured it out. his clue was that multiple concurrent calls
to tunopen (or tapopen) will share a vnode. because tunopen can sleep,
multiple programs can be inside tunopen for the same tun interface at
the same time, all with references against the same vnode.
at the same time as this another thread/program can call VOP_REVOKE
via tun_clone_destroy (eg, ifconfig tun1 destroy does this).
VOP_REVOKE marks a vnode as bad, which in turn means that subsequent
open()s of a tun interface will get a brand new vnode.
so multiple threads holding references to a vnode can be sleeping in
tun_dev_open on the interface cloner lock. one thread wins and takes
ownership of the tun interface, then another thread can destroy that tun
interface, calls VOP_REVOKE which calls tun_dev_close to tear down the
vnodes association with the tun interface and mark the vnode as bad.
the thread that called tun_clone_destroy then creates another instance
of the interface by calling tun_clone_create immediately.
one of the original threads with the old vnode reference wakes up and
takes ownership of the new tun_softc. however, because the vnode is bad,
all the vnode ops have been replaced with the deadfs ops. the close() op
on the old vnode is now a nop from the point of view of tun interfaces.
the old vnode is no longer associated with tun and tap and will now
never call tun_dev_close (via tunclose or tapclose), which in turn means
sc_dev won't get cleared.
another thread can now call tun_clone_destroy against the new instance
of tun_softc. this instance has sc_dev set, so it tries to revoke it,
but there's no vnode associated with it because the old vnode reference
is dead.
because this second call to VOP_REVOKE couldnt find a vnode, it
can't call tunclose against it, so sc_dev is still set and this
KASSERT fires.
claudio and i came up with the following, which is to have tun_dev_open
check the state of the vnode associated with the current open call
after all the sleeping and potential tun_clone_destroy and
tun_clone_create calls. if the vnode has been made bad/dead after
all the sleeping, it returns with ENXIO.
Reported-by: syzbot+5e13201866c43afbfbf6@syzkaller.appspotmail.com
ok claudio@ visa@
guenther [Fri, 25 Feb 2022 23:51:03 +0000 (23:51 +0000)]
Reported-by: syzbot+1b5b209ce506db4d411d@syzkaller.appspotmail.com
Revert the pr_usrreqs move: syzkaller found a NULL pointer deref
and I won't be available to monitor for followup issues for a bit
bluhm [Fri, 25 Feb 2022 22:18:44 +0000 (22:18 +0000)]
To fix crashes seen by Hrvoje with pfsync, IPsec and parallel
forwarding, protect tdb flags and lists in pfsync with a mutex.
help and OK sashan@
tedu [Fri, 25 Feb 2022 18:29:32 +0000 (18:29 +0000)]
use setall for setusercontext, to make it simpler to inherit new changes.
note that the addition of setenv doesn't do much, since doas will rewrite
the environment anyway (but added variables are accessible in keepenv,
should anybody be using that feature).
tedu [Fri, 25 Feb 2022 18:24:01 +0000 (18:24 +0000)]
add setrtable to pledge("id"). from Matthew Martin
ok deraadt
rob [Fri, 25 Feb 2022 18:05:49 +0000 (18:05 +0000)]
A few additional changes related to the now 32 bit accounting flag.
Pointers from and discussions with millert and deraadt.
Ok millert@, deraadt@, bluhm@
rob [Fri, 25 Feb 2022 17:31:40 +0000 (17:31 +0000)]
Whitespace.
tb [Fri, 25 Feb 2022 16:00:39 +0000 (16:00 +0000)]
fix indent and other minor KNF nits
visa [Fri, 25 Feb 2022 13:51:02 +0000 (13:51 +0000)]
Enable cduart(4) on arm64.
OK kettenis@
claudio [Fri, 25 Feb 2022 12:56:12 +0000 (12:56 +0000)]
The pointer returned by pt_fill() can be directly used in most cases.
There is no need for an extra local variable.
Noticed by and OK tb@
claudio [Fri, 25 Feb 2022 11:36:54 +0000 (11:36 +0000)]
For add-path send the Adj-RIB-Out needs to handle multiple paths per
prefix. For this extend the RB trees of the Adj-RIB-Out to also consider
the path_id. Add functions to lookup a prefix without path_id so that
bgpctl works. Rename functions so that all Adj-RIB-Out specific functions
start with prefix_adjout_
For now the path_id_tx in the Adj-RIB-Out is forced to 0 since
up_generate_updates() is not ready to handle more than one path per prefix.
OK tb@
dtucker [Fri, 25 Feb 2022 09:46:24 +0000 (09:46 +0000)]
Remove the char * casts from arguments to do_lstat, do_readdir and
do_stat paths since the underlying functions now take a const char *.
Patch from vapier at gentoo.org.
guenther [Fri, 25 Feb 2022 08:36:01 +0000 (08:36 +0000)]
Move pr_attach and pr_detach to a new structure pr_usrreqs that can
then be shared among protosw structures, following the same basic
direction as NetBSD and FreeBSD for this.
Split PRU_CONTROL out of pr_usrreq into pru_control, giving it the
proper prototype to eliminate the previously necessary casts.
ok mvs@ bluhm@
guenther [Fri, 25 Feb 2022 08:33:26 +0000 (08:33 +0000)]
in6_ioctl() is declared in in6_var.h as it's used in if_umb.c, so
don't declare it again in the .c file
ok dlg@ mvs@ bluhm@
djm [Fri, 25 Feb 2022 02:09:27 +0000 (02:09 +0000)]
save an unneccessary alloc/free, based on patch from
Martin Vahlensieck; ok dtucker@
beck [Thu, 24 Feb 2022 22:05:06 +0000 (22:05 +0000)]
Get rid of SHA1 for comparing CRL's - use SHA512 just like we do for certs.
ok tb@
tb [Thu, 24 Feb 2022 21:07:03 +0000 (21:07 +0000)]
Remove accidentally committed debug code.
claudio [Thu, 24 Feb 2022 14:54:03 +0000 (14:54 +0000)]
struct prefix holds path_id_tx for the path id sent to peers when
add-path send is enabled. Start using this instead of 0. Currently
nothing sets path_id_tx to any value != 0 so this is the same but
a bit more correct.
OK tb@
krw [Thu, 24 Feb 2022 14:44:14 +0000 (14:44 +0000)]
Rename parselabel() to parsefstab() and makelabel() to
parsedisktab().
Move non-fstab and non-disktab bits to the single points of
invocation for both.
No intentional functional change.
visa [Thu, 24 Feb 2022 14:19:10 +0000 (14:19 +0000)]
Fix kernel stack alignment on riscv64
Pad trapframe and switchframe structs so that their size is a multiple
of 16 bytes. This makes context switching and exception handlers keep
kernel stack properly aligned.
OK kettenis@
visa [Thu, 24 Feb 2022 14:16:53 +0000 (14:16 +0000)]
Reserve room for holding curcpu pointer in u-area
The tp register contains the curcpu pointer in kernel mode. The pointer
has to be saved and replaced with the TCB pointer in the register when
entering user mode. These steps are reversed when returning to kernel.
The curcpu pointer is saved in the u-area. Explicitly reserve room for
the pointer to make the saving more visible.
OK kettenis@
jsg [Thu, 24 Feb 2022 13:14:18 +0000 (13:14 +0000)]
drm/amd/display: fix yellow carp wm clamping
From Dmytro Laktyushkin
1ddab2ee882900df817dd89882618356b7ecbab3 in linux 5.15.y/5.15.25
60fdf98a774eee244a4e00c34a9e7729b61d0f44 in mainline linux
jsg [Thu, 24 Feb 2022 13:11:45 +0000 (13:11 +0000)]
drm/amd/display: Cap pflip irqs per max otg number
From Roman Li
929b2eddebc2cb5ecf220337658f8d8538d4ab9d in linux 5.15.y/5.15.25
328e34a5ad227399391891d454043e5d73e598d2 in mainline linux
jsg [Thu, 24 Feb 2022 13:09:00 +0000 (13:09 +0000)]
display/amd: decrease message verbosity about watermarks table failure
From Mario Limonciello
3fd92f5be6c48cce92c90ecf71719582645da888 in linux 5.15.y/5.15.25
03ad3093c7c069d6ab4403730009ebafeea9ee37 in mainline linux
jsg [Thu, 24 Feb 2022 13:06:39 +0000 (13:06 +0000)]
drm/i915/ttm: tweak priority hint selection
From Matthew Auld
79bdf56cc55d103f2a276318fd973a296a110b95 in linux 5.15.y/5.15.25
0bdc0a0699929c814a8aecd55d2accb8c11beae2 in mainline linux
jsg [Thu, 24 Feb 2022 13:04:07 +0000 (13:04 +0000)]
drm/i915: Fix mbus join config lookup
From Ville Syrjala
fe802b3fe7631c35abbf280702c5d29b867a1150 in linux 5.15.y/5.15.25
8d9d2a723d64b650f2e6423024ccb4a33f0cdc40 in mainline linux
jsg [Thu, 24 Feb 2022 13:02:08 +0000 (13:02 +0000)]
drm/i915: Fix dbuf slice config lookup
From Ville Syrjala
34f5556ddf2b5fc25696832fa4a1a7013fc80a05 in linux 5.15.y/5.15.25
698bef8ff5d2edea5d1c9d6e5adf1bfed1e8a106 in mainline linux
jsg [Thu, 24 Feb 2022 12:59:55 +0000 (12:59 +0000)]
drm/i915/opregion: check port number bounds for SWSCI display power state
From Jani Nikula
d006f2fe7d627b3ff3f637cf2fa90d30e05887c9 in linux 5.15.y/5.15.25
ea958422291de248b9e2eaaeea36004e84b64043 in mainline linux
jsg [Thu, 24 Feb 2022 12:57:15 +0000 (12:57 +0000)]
drm/amdgpu: skipping SDMA hw_init and hw_fini for S0ix.
From Rajib Mahapatra
960c8a55016bece26140eef7a8077e9dc3709098 in linux 5.15.y/5.15.25
f8f4e2a518347063179def4e64580b2d28233d03 in mainline linux
jsg [Thu, 24 Feb 2022 12:54:50 +0000 (12:54 +0000)]
drm/amd/pm: correct the sequence of sending gpu reset msg
From Yifan Zhang
3851046599c1907c956b126bac18c4b84bf6a16b in linux 5.15.y/5.15.25
9c4f59ea3f865693150edf0c91d1cc6b451360dd in mainline linux
jsg [Thu, 24 Feb 2022 12:52:42 +0000 (12:52 +0000)]
drm/atomic: Don't pollute crtc_state->mode_blob with error pointers
From Ville Syrjala
a1596e0277ed430dc2f44b61ebc2c1ecdab718e4 in linux 5.15.y/5.15.25
439cf34c8e0a8a33d8c15a31be1b7423426bc765 in mainline linux
jsg [Thu, 24 Feb 2022 12:49:47 +0000 (12:49 +0000)]
drm/radeon: Fix backlight control on iMac 12,1
From Nicholas Bishop
68f3a4252e9718843bd172f9761267aa288647d0 in linux 5.15.y/5.15.25
364438fd629f7611a84c8e6d7de91659300f1502 in mainline linux
jsg [Thu, 24 Feb 2022 12:47:29 +0000 (12:47 +0000)]
drm/amdgpu: fix logic inversion in check
From Christian Koenig
0fec53c5dca8a218e20b1d3964db23391a689dff in linux 5.15.y/5.15.25
e8ae38720e1a685fd98cfa5ae118c9d07b45ca79 in mainline linux
jsg [Thu, 24 Feb 2022 12:45:37 +0000 (12:45 +0000)]
drm/amd: Only run s3 or s0ix if system is configured properly
From Mario Limonciello
38108fd273acbc6248870a7a3e61714398af6f94 in linux 5.15.y/5.15.25
04ef860469fda6a646dc841190d05b31fae68e8c in mainline linux
jsg [Thu, 24 Feb 2022 12:42:54 +0000 (12:42 +0000)]
drm/amd: add support to check whether the system is set to s3
From Mario Limonciello
72808bb42c87c4887c553ea8d9f4ecaf15d867d3 in linux 5.15.y/5.15.25
f52a2b8badbd24faf73a13c9c07fdb9d07352944 in mainline linux
jsg [Thu, 24 Feb 2022 12:40:35 +0000 (12:40 +0000)]
drm/amd: Warn users about potential s0ix problems
From Mario Limonciello
64519c9e32ac548fd47cf16767f4b779a8cbdd14 in linux 5.15.y/5.15.25
a6ed2035878e5ad2e43ed175d8812ac9399d6c40 in mainline linux
claudio [Thu, 24 Feb 2022 08:45:00 +0000 (08:45 +0000)]
Regen most of the config output. With support for alternating ports the
moment when the default listeners are added to the config got moved into
parse_config() and so is now visible in the printed config. Showing the
listen on statements is probably a good thing.
Failure noticed by anton@
tb [Thu, 24 Feb 2022 08:35:45 +0000 (08:35 +0000)]
Minor tweaks
i is a silly name for BN_num_bits(dsa->q); move a comment for readability.
tb [Thu, 24 Feb 2022 08:31:11 +0000 (08:31 +0000)]
Add sanity checks on p and q in old_dsa_priv_decode()
dsa_do_verify() has checks on dsa->p and dsa->q that ensure that p isn't
overly long and that q has one of the three allowed lengths specified in
FIPS 186-3, namely 160, 224, or 256.
Do these checks on deserialization of DSA keys without parameters. This
means that we will now reject keys we would previously deserialize. Such
keys are useless in that signatures generated by them would be rejected
by both LibreSSL and OpenSSL.
This avoids a timeout flagged in oss-fuzz #26899 due to a ridiculous
DSA key whose q has size 65KiB. The timeout comes from additional checks
on DSA keys added by miod in dsa_ameth.c r1.18, especially checking such
a humungous number for primality is expensive.
ok jsing
mvs [Thu, 24 Feb 2022 07:43:02 +0000 (07:43 +0000)]
regen
mvs [Thu, 24 Feb 2022 07:41:51 +0000 (07:41 +0000)]
Unlock getsockname(2) syscall. For inet and UNIX sockets it fills passed
'sockaddr' structure with socket's address. For key management and route
domain sockets it just returns error.
ok bluhm@
guenther [Thu, 24 Feb 2022 07:08:21 +0000 (07:08 +0000)]
Fix PIC_SYM() macro: it never needs to token paste, so it's not
dependent on __STDC__ and doesn't need the ## operator.
ok jsg@
dlg [Thu, 24 Feb 2022 03:57:06 +0000 (03:57 +0000)]
document the tunnel ioctls that vxlan supports.
i need to add the bridge ioctls i copes with at some point.
dlg [Thu, 24 Feb 2022 03:25:18 +0000 (03:25 +0000)]
slight wording tweak
bluhm [Wed, 23 Feb 2022 22:50:32 +0000 (22:50 +0000)]
Prints in iked fuzzer fill 77% of full regress output. Nobody wants
to see 23.2 MB text output unless when debugging a failure. And
then a logfile is better than stderr.
OK claudio@
djm [Wed, 23 Feb 2022 21:21:49 +0000 (21:21 +0000)]
free(3) wants stdlib.h
djm [Wed, 23 Feb 2022 21:21:16 +0000 (21:21 +0000)]
put back the scp manpage changes for SFTP mode too
deraadt [Wed, 23 Feb 2022 19:13:29 +0000 (19:13 +0000)]
sync
deraadt [Wed, 23 Feb 2022 19:01:00 +0000 (19:01 +0000)]
and we go back to testing sftp-scp after the 8.9 release...
dlg [Wed, 23 Feb 2022 13:37:06 +0000 (13:37 +0000)]
better help for getting addresses for dgrams received with divert-to.
getsockname is for connected sockets, not all sockets. dgrams need
to use some setsockopt stuff and cmsgs to get packet info like that.
suggested by K R on bugs@
sthen [Wed, 23 Feb 2022 12:12:11 +0000 (12:12 +0000)]
merge upstream commit to unbound: "Fix that TCP interface does not use
TLS when TLS is also configured"
sthen [Wed, 23 Feb 2022 12:04:05 +0000 (12:04 +0000)]
merge unbound 1.15.0
sthen [Wed, 23 Feb 2022 11:57:23 +0000 (11:57 +0000)]
update to unbound 1.15.0, ok florian@