openbsd
2 years agoAdd a mostly empty hmac_local.h. HMAC_CTX and a few other things
tb [Sun, 12 Dec 2021 21:27:37 +0000 (21:27 +0000)]
Add a mostly empty hmac_local.h. HMAC_CTX and a few other things
from hmac.h will be moved there in an umpcoming bump. Include this
file where it will be needed.

ok inoguchi

2 years agoAdd -I${LIBCRYPTO_SRC}/hmac to CFLAGS. Needed in an upcoming commit.
tb [Sun, 12 Dec 2021 21:23:47 +0000 (21:23 +0000)]
Add -I${LIBCRYPTO_SRC}/hmac to CFLAGS. Needed in an upcoming commit.

ok inoguchi

2 years agoAdd header guards to evp_locl.h.
tb [Sun, 12 Dec 2021 21:21:58 +0000 (21:21 +0000)]
Add header guards to evp_locl.h.

ok inoguchi

2 years agoReplace deprecated IO::Socket::INET6 with IO::Socket::IP.
bluhm [Sun, 12 Dec 2021 21:16:53 +0000 (21:16 +0000)]
Replace deprecated IO::Socket::INET6 with IO::Socket::IP.

2 years agoConvert req.c to compile with opaque EVP_MD_CTX.
tb [Sun, 12 Dec 2021 20:42:37 +0000 (20:42 +0000)]
Convert req.c to compile with opaque EVP_MD_CTX.

ok inoguchi

2 years agoConvert passwd.c to opaque EVP_MD_CTX and add a bit of error checking.
tb [Sun, 12 Dec 2021 20:40:25 +0000 (20:40 +0000)]
Convert passwd.c to opaque EVP_MD_CTX and add a bit of error checking.

tweak/ok inoguchi

2 years agoMake speed.c compile with opaque EVP_CIPHER, EVP_MD and HMAC_CTX.
tb [Sun, 12 Dec 2021 20:35:40 +0000 (20:35 +0000)]
Make speed.c compile with opaque EVP_CIPHER, EVP_MD and HMAC_CTX.

ok inoguchi

2 years agoA few more simplifications using get0_pubkey instead of get_pubkey + free.
tb [Sun, 12 Dec 2021 20:34:04 +0000 (20:34 +0000)]
A few more simplifications using get0_pubkey instead of get_pubkey + free.

2 years agoSimplify x509.c slightly by using X509_get0_pubkey() instead of
tb [Sun, 12 Dec 2021 20:29:15 +0000 (20:29 +0000)]
Simplify x509.c slightly by using X509_get0_pubkey() instead of
X509_get_pubkey()

ok inoguchi

2 years agoMake x509.c compile with opaque EVP_PKEY.
tb [Sun, 12 Dec 2021 20:28:02 +0000 (20:28 +0000)]
Make x509.c compile with opaque EVP_PKEY.

ok inoguchi

2 years agoUse correct spelling of NULL
tb [Sun, 12 Dec 2021 20:22:59 +0000 (20:22 +0000)]
Use correct spelling of NULL

ok inoguchi

2 years agoMake ts.c compile with opaque EVP_MD_CTX.
tb [Sun, 12 Dec 2021 20:22:08 +0000 (20:22 +0000)]
Make ts.c compile with opaque EVP_MD_CTX.

ok inoguchi

2 years agodocument the ub_* constants
schwarze [Sun, 12 Dec 2021 20:16:36 +0000 (20:16 +0000)]
document the ub_* constants

2 years agotypo
schwarze [Sun, 12 Dec 2021 18:15:43 +0000 (18:15 +0000)]
typo

2 years agoNew manual page providing a rudimentary description of BIO_new_NDEF(3).
schwarze [Sun, 12 Dec 2021 17:31:18 +0000 (17:31 +0000)]
New manual page providing a rudimentary description of BIO_new_NDEF(3).
The API surrounding this is so complicated and streaming is so rarely
used in practice that describing this in more detail is not a priority
right now.  The documentation of the wrapper BIO_new_CMS(3) is also
rather vague, and BIO_new_PKCS7() isn't described at all so far.

2 years agoRewrite X509_ALGOR_set_md() without reaching into EVP_MD.
tb [Sun, 12 Dec 2021 14:27:20 +0000 (14:27 +0000)]
Rewrite X509_ALGOR_set_md() without reaching into EVP_MD.

ok inoguchi schwarze

2 years agoReplace deprecated IO::Socket::INET6 with IO::Socket::IP.
bluhm [Sun, 12 Dec 2021 10:56:49 +0000 (10:56 +0000)]
Replace deprecated IO::Socket::INET6 with IO::Socket::IP.

2 years agoUse vnode parameter instead of vfinddev() in mfs_strategy()
visa [Sun, 12 Dec 2021 09:17:17 +0000 (09:17 +0000)]
Use vnode parameter instead of vfinddev() in mfs_strategy()

Getting the mfs device vnode through vfinddev() is more complex than
necessary. Also, the indirection is not robust.

OK mpi@

2 years agoAdd vnode parameter to VOP_STRATEGY()
visa [Sun, 12 Dec 2021 09:14:58 +0000 (09:14 +0000)]
Add vnode parameter to VOP_STRATEGY()

Pass the device vnode as a parameter to VOP_STRATEGY() to allow calling
the correct vop_strategy callback. Now the vnode is also available
in the callback.

OK mpi@

2 years agoMerge two bugfixes in ASN1_STRING_TABLE_add(3) and ASN1_STRING_TABLE_get(3)
schwarze [Sat, 11 Dec 2021 22:58:48 +0000 (22:58 +0000)]
Merge two bugfixes in ASN1_STRING_TABLE_add(3) and ASN1_STRING_TABLE_get(3)
from the OpenSSL 1.1.1 branch, which is still under a free license,
mostly this commit:

commit d35c0ff30b31be9fd5dcf3d552a16feb8de464bc
Author: Dr. Stephen Henson <steve@openssl.org>
Date: Fri Oct 19 15:06:31 2012 +0000
fix ASN1_STRING_TABLE_add so it can override existing string table values

This fixes a segfault in ASN1_STRING_TABLE_add(3), which tried to change a
static const entry when called with an nid already in the default table,
and it switches the precedence of the two tables in ASN1_STRING_TABLE_get(3).

In addition, it changes behaviour in the following minor ways:
* Ignore negative minsize and maxsize arguments, not just -1.
* Ignore a zero mask and zero flags.
It's unclear whether these additional changes make the API absolutely
better, but we want compatibility with OpenSSL in these functions.

Tweaks & OK tb@.

2 years agoMerge the deletion of <ctype.h>, which isn't used here,
schwarze [Sat, 11 Dec 2021 22:34:36 +0000 (22:34 +0000)]
Merge the deletion of <ctype.h>, which isn't used here,
and some style improvements from the OpenSSL 1.1.1 branch,
which is still under a free license.
No functional change.
OK and additional tweaks tb@.

2 years agoChange compatible string to something that makes more sense.
kettenis [Sat, 11 Dec 2021 20:36:26 +0000 (20:36 +0000)]
Change compatible string to something that makes more sense.

2 years agoremove unused variable to fix build with llvm 13; ok jca@
naddy [Sat, 11 Dec 2021 20:11:17 +0000 (20:11 +0000)]
remove unused variable to fix build with llvm 13; ok jca@

2 years agoStart the default OpenBSD partition either immediately following
krw [Sat, 11 Dec 2021 20:09:28 +0000 (20:09 +0000)]
Start the default OpenBSD partition either immediately following
any boot partition specified via '-b' or /usr/mdec/mbr; at the
power of 2 block after the first track; or immediately following
the MBR if there is only one track.

Mark any non-EFISYS boot partition created by -b as DOSACTIVE.
Suggested by kettenis@, better than a separate new option.

Brings -b behaviour into line with many uses of -e to create boot
partitions, allowing for the eventual elimination of said -e uses
in the creation of the various boot media and in the install
scripts.

2 years agoAdd support for interrupts represented by ACPI PCI Interrupt Link Devices.
kettenis [Sat, 11 Dec 2021 20:07:27 +0000 (20:07 +0000)]
Add support for interrupts represented by ACPI PCI Interrupt Link Devices.
This makes PCI interrupts work on QEMU's SBSA target.

ok patrick@

2 years agoThanks to the reverse engineering efforts by Hector Martin, we now know
kettenis [Sat, 11 Dec 2021 20:04:37 +0000 (20:04 +0000)]
Thanks to the reverse engineering efforts by Hector Martin, we now know
that we can controll the CS# pin directly from the SPI controller itself.
Add support for this as future device trees will probably use this mode
instead of explicitly specifying a "cs-gpios" property.

ok patrick@

2 years agoAttach apldart(4) early.
kettenis [Sat, 11 Dec 2021 19:45:05 +0000 (19:45 +0000)]
Attach apldart(4) early.

2 years agodocument STABLE_NO_MASK and STABLE_FLAGS_MALLOC,
schwarze [Sat, 11 Dec 2021 18:51:25 +0000 (18:51 +0000)]
document STABLE_NO_MASK and STABLE_FLAGS_MALLOC,
mention which argument values can be used to not change the respective fields,
and tweak a few additional wordings

2 years agotwo more "the the" fixes;
jmc [Sat, 11 Dec 2021 17:25:10 +0000 (17:25 +0000)]
two more "the the" fixes;

2 years agoProtect the write access to the TDB flags field with a mutex per
bluhm [Sat, 11 Dec 2021 16:33:46 +0000 (16:33 +0000)]
Protect the write access to the TDB flags field with a mutex per
TDB.  Clearing the timeout flags just before pool put in tdb_free()
does not make sense.  Move this to tdb_delete().  While there make
the parentheses in the flag check consistent.
tested by Hrvoje Popovski; OK tobhe@

2 years agodoubled word; from Leon Fischer
tb [Sat, 11 Dec 2021 13:34:38 +0000 (13:34 +0000)]
doubled word; from Leon Fischer

2 years agoClarify usage of __EV_POLL and __EV_SELECT
visa [Sat, 11 Dec 2021 09:28:26 +0000 (09:28 +0000)]
Clarify usage of __EV_POLL and __EV_SELECT

Make __EV_POLL specific to kqueue-based poll(2), to remove overlap
with __EV_SELECT that only select(2) uses.

OK millert@ mpi@

2 years agoStop passing __FILE__ and __LINE__ to various libcrypto functions. The arguments
anton [Sat, 11 Dec 2021 07:38:03 +0000 (07:38 +0000)]
Stop passing __FILE__ and __LINE__ to various libcrypto functions. The arguments
are unused in the end anyway and occupies needless space, especially in ftp(1)
shipped with the ramdisk.

ok tb@

2 years agofix a copy-and-paste error;
schwarze [Fri, 10 Dec 2021 17:26:54 +0000 (17:26 +0000)]
fix a copy-and-paste error;
from Richard Ulmer <... rulmer at mailbox dot org>

2 years agoexplain how X509_NAME_ENTRY_set_data(3) uses MBSTRING_FLAG
schwarze [Fri, 10 Dec 2021 16:58:20 +0000 (16:58 +0000)]
explain how X509_NAME_ENTRY_set_data(3) uses MBSTRING_FLAG

2 years agodocument the following constants:
schwarze [Fri, 10 Dec 2021 16:19:52 +0000 (16:19 +0000)]
document the following constants:
B_ASN1_DIRECTORYSTRING, B_ASN1_PRINTABLE, B_ASN1_DISPLAYTEXT, B_ASN1_TIME,
DIRSTRING_TYPE, PKCS9STRING_TYPE

2 years agoUpdate the *.ok files to reflect the slightly larger
krw [Fri, 10 Dec 2021 13:17:09 +0000 (13:17 +0000)]
Update the *.ok files to reflect the slightly larger
last partition the latest fdisk allows.

Spotted, fix tested and ok anton@

2 years agoMissed unlinked control notifications, GitHub issue 2996.
nicm [Fri, 10 Dec 2021 12:51:11 +0000 (12:51 +0000)]
Missed unlinked control notifications, GitHub issue 2996.

2 years agoMention XParseColor(3) for the cursor colour escape sequence.
nicm [Fri, 10 Dec 2021 12:45:32 +0000 (12:45 +0000)]
Mention XParseColor(3) for the cursor colour escape sequence.

2 years agoAdd a NOBLOCK flag rather than adding amount to wait for when
nicm [Fri, 10 Dec 2021 12:42:37 +0000 (12:42 +0000)]
Add a NOBLOCK flag rather than adding amount to wait for when
dealing with potentially-long sequences. GitHub issue 3001.

2 years agoRevert "kbind(2): disable system call if not initialized before
guenther [Fri, 10 Dec 2021 05:34:42 +0000 (05:34 +0000)]
Revert "kbind(2): disable system call if not initialized before
first __tfork(2)"

The immediate issue is that a process linked with -znow will still
perform lazy relocation on objects loaded with dlopen(), but there
are possibly other dark corners to plumb to find a better invariant.

Problem reported by thfr@

2 years agoMove 'unconacc' test to regress/sys/kern/unixsockets/ directory.
mvs [Fri, 10 Dec 2021 00:50:18 +0000 (00:50 +0000)]
Move 'unconacc' test to regress/sys/kern/unixsockets/ directory.

2 years agoMove 'undgram_conclose' test to regress/sys/kern/unixsockets directory.
mvs [Fri, 10 Dec 2021 00:33:25 +0000 (00:33 +0000)]
Move 'undgram_conclose' test to regress/sys/kern/unixsockets directory.

2 years agoMove 'unsendrecvthr' test to regress/sys/kern/unixsockets directory.
mvs [Thu, 9 Dec 2021 23:37:17 +0000 (23:37 +0000)]
Move 'unsendrecvthr' test to regress/sys/kern/unixsockets directory.

2 years agoMove 'unfdpassfail' test to regress/sys/kern/unixsockets/ directory.
mvs [Thu, 9 Dec 2021 23:26:48 +0000 (23:26 +0000)]
Move 'unfdpassfail' test to regress/sys/kern/unixsockets/ directory.

2 years agoimrove the description of lesskey; based on a diff from richard ulmer
jmc [Thu, 9 Dec 2021 21:09:51 +0000 (21:09 +0000)]
imrove the description of lesskey; based on a diff from richard ulmer
ok deraadt schwarze

2 years agoMake the clockpad work in "raw" mode.
kettenis [Thu, 9 Dec 2021 20:47:27 +0000 (20:47 +0000)]
Make the clockpad work in "raw" mode.

ok patrick@

2 years agoBroken ACPI tables containing scopes that are larger than their outer shell
patrick [Thu, 9 Dec 2021 20:21:35 +0000 (20:21 +0000)]
Broken ACPI tables containing scopes that are larger than their outer shell
are caught by our ACPI parser.  Unfortunately in such cases our reaction was
to start parsing AML somewhere outside our current scope.  The intention was
to clamp down the inner scope to the maximum of the outer one.  So, rectify it.

This issue has shown up in EDK2's QEMU SBSA target, where the SSDT table was
generated incorrectly.  Surprisingly neither Linux nor ACPICA's iASL noticed
that the table was broken.

ok kettenis@ millert@

2 years agoFix cpuid leaf clamping to let through cpuid(0x15) when we have an
guenther [Thu, 9 Dec 2021 19:33:53 +0000 (19:33 +0000)]
Fix cpuid leaf clamping to let through cpuid(0x15) when we have an
invariant TSC and report that correctly in the guest's cpuid(0).eax

prompted by debug messages in report from Josh Grosse (josh(at)jggimi.net)

ok mlarkin@

2 years agodocument V_ASN1_SEQUENCE and V_ASN1_SET
schwarze [Thu, 9 Dec 2021 19:05:09 +0000 (19:05 +0000)]
document V_ASN1_SEQUENCE and V_ASN1_SET

2 years agodocument V_ASN1_BOOLEAN
schwarze [Thu, 9 Dec 2021 19:03:14 +0000 (19:03 +0000)]
document V_ASN1_BOOLEAN

2 years agoimprove the documentation of V_ASN1_APP_CHOOSE
schwarze [Thu, 9 Dec 2021 19:01:52 +0000 (19:01 +0000)]
improve the documentation of V_ASN1_APP_CHOOSE

2 years agoMention V_ASN1_PRIMITIVE_TAG and V_ASN1_EOC.
schwarze [Thu, 9 Dec 2021 19:00:00 +0000 (19:00 +0000)]
Mention V_ASN1_PRIMITIVE_TAG and V_ASN1_EOC.
Seeing the symbolic names in addition to the magic numbers
makes it esier to understand the text.

2 years agoadd the missing STANDARDS section
schwarze [Thu, 9 Dec 2021 18:52:09 +0000 (18:52 +0000)]
add the missing STANDARDS section

2 years agoDocument V_ASN1_ANY.
schwarze [Thu, 9 Dec 2021 18:50:26 +0000 (18:50 +0000)]
Document V_ASN1_ANY.
While here, tweak some wordings a bit to make it less likely that
readers confuse the type held by an ASN1_TYPE object with the type
of the ASN1_TYPE object itself, which is always V_ASN1_ANY.

2 years agodocument V_ASN1_NEG
schwarze [Thu, 9 Dec 2021 18:45:45 +0000 (18:45 +0000)]
document V_ASN1_NEG

2 years agodocument V_ASN1_OBJECT
schwarze [Thu, 9 Dec 2021 18:43:50 +0000 (18:43 +0000)]
document V_ASN1_OBJECT

2 years agodocument V_ASN1_NULL
schwarze [Thu, 9 Dec 2021 18:42:35 +0000 (18:42 +0000)]
document V_ASN1_NULL

2 years agofix a typo in an .Xr argument
schwarze [Thu, 9 Dec 2021 18:33:34 +0000 (18:33 +0000)]
fix a typo in an .Xr argument

2 years agoConvert t1_enc.c to opaque EVP_MD_CTX.
tb [Thu, 9 Dec 2021 17:54:41 +0000 (17:54 +0000)]
Convert t1_enc.c to opaque EVP_MD_CTX.

ok inoguchi jsing

2 years agoConvert ssl_srvr.c to opaque EVP_MD_CTX.
tb [Thu, 9 Dec 2021 17:53:29 +0000 (17:53 +0000)]
Convert ssl_srvr.c to opaque EVP_MD_CTX.

ok inoguchi jsing

2 years agoConvert ssl_clnt.c to opaque EVP_MD_CTX
tb [Thu, 9 Dec 2021 17:50:48 +0000 (17:50 +0000)]
Convert ssl_clnt.c to opaque EVP_MD_CTX

ok inoguchi jsing

2 years agoConvert s3_cbc.c to opaque EVP_MD_CTX.
tb [Thu, 9 Dec 2021 17:45:49 +0000 (17:45 +0000)]
Convert s3_cbc.c to opaque EVP_MD_CTX.

ok inoguchi jsing

2 years agoRemove old 'ungc' test
mvs [Thu, 9 Dec 2021 17:44:53 +0000 (17:44 +0000)]
Remove old 'ungc' test

2 years agoCommit 'ungc.c'
mvs [Thu, 9 Dec 2021 17:42:59 +0000 (17:42 +0000)]
Commit 'ungc.c'

2 years agoMove 'ungc' test to regress/sys/kern/unixsockets
mvs [Thu, 9 Dec 2021 17:41:51 +0000 (17:41 +0000)]
Move 'ungc' test to regress/sys/kern/unixsockets

2 years agoAdd sys/kern/unixsockets directory to contain all unix(4) sockets tests.
mvs [Thu, 9 Dec 2021 17:25:54 +0000 (17:25 +0000)]
Add sys/kern/unixsockets directory to contain all unix(4) sockets tests.
Add 'undgram_selfconn' test to check unix(4) socket connecting to itself.

Discussed and ok visa@ bluhm@

2 years agosync
deraadt [Thu, 9 Dec 2021 17:22:49 +0000 (17:22 +0000)]
sync

2 years agoInline collect_data() in asn1_collect().
jsing [Thu, 9 Dec 2021 17:01:41 +0000 (17:01 +0000)]
Inline collect_data() in asn1_collect().

While here stop assigning a size_t to an int without bounds checks.

ok inoguchi@ tb@

2 years agoPull the recursion depth check up to the top of asn1_collect()
jsing [Thu, 9 Dec 2021 16:58:44 +0000 (16:58 +0000)]
Pull the recursion depth check up to the top of asn1_collect()

ok inoguchi@ tb@

2 years agoRemove handling of a NULL BUF_MEM from asn1_collect()
jsing [Thu, 9 Dec 2021 16:56:15 +0000 (16:56 +0000)]
Remove handling of a NULL BUF_MEM from asn1_collect()

asn1_collect() (and hence collect_data()) is never called without
a BUF_MEM - the only caller that passed NULL was removed in OpenSSL
commit e1cc0671ac5.

ok inoguchi@ tb@

2 years agoFix missing return in asn1_compare_bytes()
jsing [Thu, 9 Dec 2021 16:31:33 +0000 (16:31 +0000)]
Fix missing return in asn1_compare_bytes()

2 years agoAdd initial tests for coverage of ASN.1 complex/constructed types.
jsing [Thu, 9 Dec 2021 16:30:57 +0000 (16:30 +0000)]
Add initial tests for coverage of ASN.1 complex/constructed types.

2 years agoAdd initial tests for coverage of ASN.1 basic/primitive types.
jsing [Thu, 9 Dec 2021 16:30:05 +0000 (16:30 +0000)]
Add initial tests for coverage of ASN.1 basic/primitive types.

2 years agoRework in which state to add and not add the server-ip and
florian [Thu, 9 Dec 2021 16:20:12 +0000 (16:20 +0000)]
Rework in which state to add and not add the server-ip and
requested-ip option as well as setting ciaddr.

This started with joel@ pointing out that their CPE is ignoring
RENEWING and REBINDING requests when ciaddr was not set.

RFC 2131 4.3.6, Table 4 has a good overview, we got a bunch of it
wrong.

Previously the logic for this was all over the place which made it
difficult to reason about, it is now contained in the engine process
in request_dhcp_request() and request_dhcp_discover().

Problem pointed out by, lots of testing and review as well as OK joel@
Additional testing and 50% review benno@

2 years agoFix an issue that might possibly turn into a DOS depending on
schwarze [Thu, 9 Dec 2021 15:28:58 +0000 (15:28 +0000)]
Fix an issue that might possibly turn into a DOS depending on
how application software uses the API function BIO_indent(3):

If the caller asks for some output, but not more than some negative
number of bytes, give them zero bytes of output rather than drowning
them in nearly INT_MAX bytes.

OK tb@

2 years agoAdd a section "NAMING CONVENTIONS".
schwarze [Thu, 9 Dec 2021 15:11:48 +0000 (15:11 +0000)]
Add a section "NAMING CONVENTIONS".

There is no need to explain well-known acronyms that are widely
used outside OpenSSL, too (like AES, ASN.1, CMS, ECDSA, PKCS...),
but OpenSSL uses plenty of idiosyncratic naming elements that
deserve to be explained (like d2i, ex, get0, ndef, sk, ...).

Requested by jsing@; feedback and OK tb@.

2 years agoProperly enable NAT-T without udpencap if mobike was negotiated without NAT.
tobhe [Thu, 9 Dec 2021 13:49:45 +0000 (13:49 +0000)]
Properly enable NAT-T without udpencap if mobike was negotiated without NAT.
Fixes a bug where iked sent zero-prefixed NAT-T messages on port 500 causing
parsing errors.

ok markus@ patrick@

2 years agoMove switch to NAT-T port and udpencap activation to ikev2_enable_natt().
tobhe [Thu, 9 Dec 2021 13:36:59 +0000 (13:36 +0000)]
Move switch to NAT-T port and udpencap activation to ikev2_enable_natt().

ok patrick@

2 years agoaplpmgr(4)
kettenis [Thu, 9 Dec 2021 11:44:31 +0000 (11:44 +0000)]
aplpmgr(4)

2 years agoAdd aplpmgr(4), a driver for the power management controller found on
kettenis [Thu, 9 Dec 2021 11:38:26 +0000 (11:38 +0000)]
Add aplpmgr(4), a driver for the power management controller found on
various Apple SoCs.

ok patrick@

2 years agosync
deraadt [Thu, 9 Dec 2021 04:06:58 +0000 (04:06 +0000)]
sync

2 years agoWe only have one syscall table: inline sysent/SYS_MAXSYSCALL and
guenther [Thu, 9 Dec 2021 00:26:10 +0000 (00:26 +0000)]
We only have one syscall table: inline sysent/SYS_MAXSYSCALL and
SYS_syscall as the nosys() function into the MD syscall entry
routines and the SYSCALL_DEBUG support.  Adjust alpha's syscall
check to match the other archs.  Also, make sysent const to get it
into .rodata.

With that, 'struct emul' is unused: delete it and all its references

ok millert@

2 years agolsearch(3): reimplement using lfind(3)
cheloha [Wed, 8 Dec 2021 22:06:28 +0000 (22:06 +0000)]
lsearch(3): reimplement using lfind(3)

lsearch(3) is really just lfind(3) with an additional branch to append
the key if lfind(3) fails.  If we get rid of the underlying
linear_base() function and move the search portion into lfind(3) and
the key-copying portion into lsearch(3) we get smaller and simpler
code.

Misc. notes:

- We do not need to keep the historical comment about errno.  lsearch(3)
  is pure computation and does not set errno.  That's really all you
  need to know.  The specification reserves no errors, either.

- We are using lfind(3) internally now, so it switches from
  PROTO_DEPRECATED to PROTO_NORMAL in hidden/search.h and needs
  DEF_WEAK in stdlib/lsearch.c.

With advice from guenther@ on symbol housekeeping in libc.

Thread: https://marc.info/?l=openbsd-tech&m=163885187632449&w=2

ok millert@

2 years agonew manual page ASN1_bn_print(3)
schwarze [Wed, 8 Dec 2021 21:52:29 +0000 (21:52 +0000)]
new manual page ASN1_bn_print(3)

2 years agowtmp doesn't need to reload syslogd.
martijn [Wed, 8 Dec 2021 20:18:43 +0000 (20:18 +0000)]
wtmp doesn't need to reload syslogd.

From Anton Kasimov <kasimov <dot> an <at> gmail <dot> com>
OK bluhm@

2 years agorelayd/ssl.c: Remove a workaround that uses a copy of the old
tb [Wed, 8 Dec 2021 19:25:04 +0000 (19:25 +0000)]
relayd/ssl.c: Remove a workaround that uses a copy of the old
certificate instead of using it directly because BIO_new_mem_buf()
used to take an non-const buffer. This was changed in 2018, so we
can now remove an XXX and simplify the code.

ok bluhm

2 years agoThe /etc/iked/certs/ directory is used for both local and peer
tobhe [Wed, 8 Dec 2021 19:17:35 +0000 (19:17 +0000)]
The /etc/iked/certs/ directory is used for both local and peer
certificates.  Check if we have a matching key before using a
certificate as local to prevent cryptic error messages later
when the signature is checked.

ok markus@ patrick@

2 years agodocument BIO_indent(3);
schwarze [Wed, 8 Dec 2021 16:31:10 +0000 (16:31 +0000)]
document BIO_indent(3);
while here, improve some of the existing text in minor ways

2 years agoStart documenting the locking strategy of struct tdb fields. Note
bluhm [Wed, 8 Dec 2021 14:24:18 +0000 (14:24 +0000)]
Start documenting the locking strategy of struct tdb fields.  Note
that gettdb_dir() is MP safe now.  Add the tdb_sadb_mtx mutex in
udpencap_ctlinput() to protect the access to tdb_snext.  Make the
braces consistently for all these TDB loops.  Move NET_ASSERT_LOCKED()
into the functions where the read access happens.
OK mvs@

2 years agoRemove unnecessary select(2) exceptfds kludges.
visa [Wed, 8 Dec 2021 13:22:53 +0000 (13:22 +0000)]
Remove unnecessary select(2) exceptfds kludges.

2 years agomark c2i_ASN1_OBJECT as intentionally undocumented;
schwarze [Wed, 8 Dec 2021 13:21:04 +0000 (13:21 +0000)]
mark c2i_ASN1_OBJECT as intentionally undocumented;
discussed with jsing@

2 years agomark i2c_ASN1_BIT_STRING, c2i_ASN1_BIT_STRING, and c2i_ASN1_INTEGER
schwarze [Wed, 8 Dec 2021 13:13:21 +0000 (13:13 +0000)]
mark i2c_ASN1_BIT_STRING, c2i_ASN1_BIT_STRING, and c2i_ASN1_INTEGER
as intentionally undocumented; discussed with jsing@

2 years agoFix select(2) exceptfds handling of FIFOs and pipes
visa [Wed, 8 Dec 2021 13:03:52 +0000 (13:03 +0000)]
Fix select(2) exceptfds handling of FIFOs and pipes

Prevent select(2) from indicating an exceptional condition when the
other end of a FIFO or pipe is closed.

Originally, select(2) returned an exceptfds event only with a pty or
socket that has out-of-band data pending. millert@ says that OpenBSD
diverged from this by accident when poll(2) and select(2) were changed
to use the same backend code in year 2003.

OK millert@

2 years agodrm/amd/display: Allow DSC on supported MST branch devices
jsg [Wed, 8 Dec 2021 11:42:02 +0000 (11:42 +0000)]
drm/amd/display: Allow DSC on supported MST branch devices

From Nicholas Kazlauskas
775191dd4c1bcf546ab7ce87f3476537615437b7 in linux 5.10.y/5.10.84
94ebc035456a4ccacfbbef60c444079a256623ad in mainline linux

2 years agodrm/amd/amdgpu: fix potential memleak
jsg [Wed, 8 Dec 2021 11:38:57 +0000 (11:38 +0000)]
drm/amd/amdgpu: fix potential memleak

From Bernard Zhao
c746945fb6bcbe3863c9ea6369c7ef376e38e5eb in linux 5.10.y/5.10.84
27dfaedc0d321b4ea4e10c53e4679d6911ab17aa in mainline linux

2 years agodrm/amd/amdkfd: Fix kernel panic when reset failed and been triggered again
jsg [Wed, 8 Dec 2021 11:36:25 +0000 (11:36 +0000)]
drm/amd/amdkfd: Fix kernel panic when reset failed and been triggered again

From shaoyunl
74aafe99efb68f15e50be9f7032c2168512f98a8 in linux 5.10.y/5.10.84
2cf49e00d40d5132e3d067b5aa6d84791929ab15 in mainline linux

2 years agozap a stray space
tb [Wed, 8 Dec 2021 03:40:44 +0000 (03:40 +0000)]
zap a stray space

2 years agoDelete the last emulation callbacks: we're Just ELF, so declare
guenther [Tue, 7 Dec 2021 22:17:02 +0000 (22:17 +0000)]
Delete the last emulation callbacks: we're Just ELF, so declare
exec_elf_fixup() and coredump_elf() in <sys/exec_elf.h> and call
them and the MD setregs() directly in kern_exec.c and kern_sig.c

Also delete e_name[] (only used by sysctl), e_errno (unused), and
e_syscallnames[] (only used by SYSCALL_DEBUG) and constipate
syscallnames to 'const char *const[]'

ok kettenis@

2 years agobetter error message for FIDO keys when we can't match them to a token
djm [Tue, 7 Dec 2021 22:06:45 +0000 (22:06 +0000)]
better error message for FIDO keys when we can't match them to a token