openbsd
5 months agoIntroduce debugging levels, to make debugging a bit more useful.
mglocker [Sun, 12 May 2024 12:20:36 +0000 (12:20 +0000)]
Introduce debugging levels, to make debugging a bit more useful.

5 months agosync
tb [Sun, 12 May 2024 11:52:04 +0000 (11:52 +0000)]
sync

5 months agoInstall X509V3_EXT_get_nid.3
tb [Sun, 12 May 2024 11:50:36 +0000 (11:50 +0000)]
Install X509V3_EXT_get_nid.3

5 months agoAdd minimal manpage documenting the misnamed X509V3_EXT_get_nid()
tb [Sun, 12 May 2024 11:49:47 +0000 (11:49 +0000)]
Add minimal manpage documenting the misnamed X509V3_EXT_get_nid()

This avoids a dangling reference in i2s_ASN1_ENUMERATED_TABLE.
To complete this manual, someone will need to document X509V3_EXT_METHOD,
but that's for a much more rainy day than today.

5 months agovm_page_zero_enable was removed in 2015
jsg [Sun, 12 May 2024 09:41:09 +0000 (09:41 +0000)]
vm_page_zero_enable was removed in 2015

5 months agoremove uvm_swprekeyprint extern for var we never had
jsg [Sun, 12 May 2024 09:27:13 +0000 (09:27 +0000)]
remove uvm_swprekeyprint extern for var we never had

5 months agoremove ufs_hashlock extern for var we never had
jsg [Sun, 12 May 2024 09:19:54 +0000 (09:19 +0000)]
remove ufs_hashlock extern for var we never had

5 months agonfs_procids was removed in 1996
jsg [Sun, 12 May 2024 09:09:39 +0000 (09:09 +0000)]
nfs_procids was removed in 1996

5 months agopcic_isa_intr_list and npcic_isa_intr_list were removed in 1999
jsg [Sun, 12 May 2024 08:49:26 +0000 (08:49 +0000)]
pcic_isa_intr_list and npcic_isa_intr_list were removed in 1999

5 months agortw_host_rfio was removed in 2007
jsg [Sun, 12 May 2024 08:44:09 +0000 (08:44 +0000)]
rtw_host_rfio was removed in 2007

5 months agocomsiraddr was removed in 2016
jsg [Sun, 12 May 2024 08:42:13 +0000 (08:42 +0000)]
comsiraddr was removed in 2016

5 months agosync_ifp and ticket_pabuf don't exist, remove externs
jsg [Sun, 12 May 2024 08:31:05 +0000 (08:31 +0000)]
sync_ifp and ticket_pabuf don't exist, remove externs

5 months agottybuf[] was removed in 2001, ttydefaults in 1988
jsg [Sun, 12 May 2024 08:21:56 +0000 (08:21 +0000)]
ttybuf[] was removed in 2001, ttydefaults in 1988

5 months agodefaul -> default; ok jmc@ ratchov@
jsg [Sun, 12 May 2024 06:24:44 +0000 (06:24 +0000)]
defaul -> default; ok jmc@ ratchov@

5 months agoAvoid .Xr to no longer public X509_LOOKUP_by_subject(3)
tb [Sun, 12 May 2024 05:08:59 +0000 (05:08 +0000)]
Avoid .Xr to no longer public X509_LOOKUP_by_subject(3)

looks good to jmc

5 months agosync the cpu(4) pages for i386/amd64:
jmc [Sat, 11 May 2024 20:35:13 +0000 (20:35 +0000)]
sync the cpu(4) pages for i386/amd64:

- remove section headers. in a document little over one screenful in size,
three section headers within DESCRIPTION seems greedy
- mark up sysctl names
- use the more general hw.sensors sysctl name to show cpu temp. the previously
suggested hw.sensors.cpu*.temp0 is no longer universal

5 months agoUse %b to format cpu flag info in dmesg, so we have the raw values
guenther [Sat, 11 May 2024 19:21:47 +0000 (19:21 +0000)]
Use %b to format cpu flag info in dmesg, so we have the raw values
too.  This is also much more space efficient.
Reduce the cpu flag noise in dmesg by suppressing lines and registers
that are identical with the previous CPU and show -/+ info if there
are any differences.

particular feedback from deraadt@, kettenis@, jsg@, and dv@
ok deraadt@

5 months agoMove X509V3_add_standard_extensions out of the way
tb [Sat, 11 May 2024 18:59:39 +0000 (18:59 +0000)]
Move X509V3_add_standard_extensions out of the way

This function is only used by OpenLDAP and it's been a noop since
forever. It has no business to be squeezed in between a number of
other, quite unrelated functions. It's distracting.

5 months agoMake two NULL checks more explicit
tb [Sat, 11 May 2024 18:52:52 +0000 (18:52 +0000)]
Make two NULL checks more explicit

5 months agoUnwrap a line
tb [Sat, 11 May 2024 18:48:47 +0000 (18:48 +0000)]
Unwrap a line

5 months agofix prototype; iosf_i2c_relese -> iosf_i2c_release
jsg [Sat, 11 May 2024 14:49:56 +0000 (14:49 +0000)]
fix prototype; iosf_i2c_relese -> iosf_i2c_release

5 months agoSync DSA_METHOD documentation with reality
tb [Sat, 11 May 2024 06:53:19 +0000 (06:53 +0000)]
Sync DSA_METHOD documentation with reality

It is dubious whether this opaque struct's internals should be documented
in the first place. This also has been incomplete since forever. For now
zap the stuff that no longer exists and make an attempt at matching KNF a
bit more closely.

5 months agoRemove unused DSA methods
tb [Sat, 11 May 2024 06:43:50 +0000 (06:43 +0000)]
Remove unused DSA methods

There are no accessors to set them, so this has been involved in a bunch
of dead logic ever since we made DSA opaque a few years ago.

ok jsing

5 months agoRemove unused PEM_USER and PEM_CTX
tb [Sat, 11 May 2024 05:41:28 +0000 (05:41 +0000)]
Remove unused PEM_USER and PEM_CTX

I could not find any use of this in all of OpenSSL's git history since
SSLeay 0.8.1b.

ok jsing

5 months agoRevert r1.108. An Intel 11th Gen i5 Framework laptop with a SanDisk SN850 disk
krw [Fri, 10 May 2024 21:23:32 +0000 (21:23 +0000)]
Revert r1.108. An Intel 11th Gen i5 Framework laptop with a SanDisk SN850 disk
found a way to prevent the kernel from enabling the nvme controller while
resuming.

Fixes resuming on the Framework13.

Problem reported and reversion tested by ian@

5 months agopax: make list file handle line-buffered unless it is stderr.
millert [Fri, 10 May 2024 20:28:31 +0000 (20:28 +0000)]
pax: make list file handle line-buffered unless it is stderr.
This fixes a problem where the file list output was fully-buffered
when used as part of a pipeline.  With this change, files are listed
as they are extracted in verbose mode.  OK deraadt@ guenther@

5 months agoKeep probing upstream servers.
florian [Fri, 10 May 2024 15:02:26 +0000 (15:02 +0000)]
Keep probing upstream servers.

(lib)unbound might mark many servers down in case of a network issue.
This is something that can easily happen for unwind(8).

Problem pointed out by Kirill A. Korinsky in unbound(8).
https://github.com/NLnetLabs/unbound/issues/362

OK sthen

5 months agoMake the kernel compile also when turning on debugging.
mglocker [Fri, 10 May 2024 10:49:10 +0000 (10:49 +0000)]
Make the kernel compile also when turning on debugging.

ok mpi@

5 months agoRegen
claudio [Fri, 10 May 2024 09:21:41 +0000 (09:21 +0000)]
Regen

5 months agoThe ptsignal() race against p_sigmask changes by dosigsuspend() are fixed.
claudio [Fri, 10 May 2024 09:21:01 +0000 (09:21 +0000)]
The ptsignal() race against p_sigmask changes by dosigsuspend() are fixed.
Unlock sigsuspend() and __thrsigdivert() again.

5 months agoCorrect display the details of COMMAND using the ps command from the kernel
asou [Fri, 10 May 2024 06:46:14 +0000 (06:46 +0000)]
Correct display the details of COMMAND using the ps command from the kernel
crash dump.

OK millert@

5 months agoFix broken debugging.
mglocker [Fri, 10 May 2024 06:14:10 +0000 (06:14 +0000)]
Fix broken debugging.

5 months agoAdd missing EC_KEY_free()
tb [Fri, 10 May 2024 05:12:03 +0000 (05:12 +0000)]
Add missing EC_KEY_free()

While eckey_from_explicit_params() frees *out_eckey, eckey_from_object()
and eckey_from_params() do not. These functions are currently all callled
with a NULL *out_eckey, but the latter two would leak if that should ever
change.

ok jsing

5 months agoRemove fixed nonce length information from algorithm2
tb [Fri, 10 May 2024 05:08:05 +0000 (05:08 +0000)]
Remove fixed nonce length information from algorithm2

This information has been part of tls12_key_block_generate() for a while
now. It remained in this table because at that point SSL_CIPHER was still
public. Nothing can access algorithm2 anymore from the outside, so this is
dead weight.

ok jsing

5 months agoInline dsa_builtin_keygen() in DSA_generate_key()
tb [Fri, 10 May 2024 04:53:55 +0000 (04:53 +0000)]
Inline dsa_builtin_keygen() in DSA_generate_key()

ok djm

5 months agomake pf_match_rule() prototype match the function
jsg [Fri, 10 May 2024 03:50:12 +0000 (03:50 +0000)]
make pf_match_rule() prototype match the function

5 months agoMake the openssl_dsa_meth static const
tb [Thu, 9 May 2024 20:57:49 +0000 (20:57 +0000)]
Make the openssl_dsa_meth static const

5 months agoMove openssl_dsa_meth below the methods it uses
tb [Thu, 9 May 2024 20:56:52 +0000 (20:56 +0000)]
Move openssl_dsa_meth below the methods it uses

no functional change

5 months agoMake the DH_METHOD static const
tb [Thu, 9 May 2024 20:43:36 +0000 (20:43 +0000)]
Make the DH_METHOD static const

5 months agoMove public API and DH_METHOD to the bottom of the file
tb [Thu, 9 May 2024 20:40:42 +0000 (20:40 +0000)]
Move public API and DH_METHOD to the bottom of the file

no functional change

5 months agosync the SSL text; ok tb
jmc [Thu, 9 May 2024 17:57:36 +0000 (17:57 +0000)]
sync the SSL text; ok tb

5 months ago- drop ref to non-installed g++(1) page
jmc [Thu, 9 May 2024 17:22:20 +0000 (17:22 +0000)]
- drop ref to non-installed g++(1) page
- drop ref to clang that isn;t particularly helpful and only relevant
to some platforms, as suggested by kettenis

5 months agoEnable ufshci(4) on amd64.
mglocker [Thu, 9 May 2024 17:05:22 +0000 (17:05 +0000)]
Enable ufshci(4) on amd64.

ok kettenis@ deraadt@

5 months agoTiny style tweaks in X509_REQ_add_extension_nid()
tb [Thu, 9 May 2024 14:29:08 +0000 (14:29 +0000)]
Tiny style tweaks in X509_REQ_add_extension_nid()

Test & assign and use ret instead of rv.

ok jsing

5 months agoStreamline X509_REQ_check_private_key() a bit
tb [Thu, 9 May 2024 14:27:21 +0000 (14:27 +0000)]
Streamline X509_REQ_check_private_key() a bit

Use better variable names, split the success from the error path and
return directly rather than using an ok variable.

ok jsing

5 months agoZap some extra parentheses in X509_REQ_get_pubkey()
tb [Thu, 9 May 2024 14:22:16 +0000 (14:22 +0000)]
Zap some extra parentheses in X509_REQ_get_pubkey()

ok jsing

5 months agoClean up X509_to_X509_REQ()
tb [Thu, 9 May 2024 14:20:57 +0000 (14:20 +0000)]
Clean up X509_to_X509_REQ()

Use better variable names. X509_REQ_new() sets the version to the only
specified version, so there is no point to set it. Extract the subject
name, then assign to make it more obvious that we error happens if the
cert has a missing subject. Switch to X509_get0_pubkey() to avoid some
strange dance with a strangely named variable to adjust the refcount.

ok jsing

5 months agoFurther simplify X509_REQ_get_extensions()
tb [Thu, 9 May 2024 14:00:52 +0000 (14:00 +0000)]
Further simplify X509_REQ_get_extensions()

Instead of inlining a poor version of ASN1_TYPE_unpack_sequence() with
missing error checks, just call the real thing. It's safer and simpler.

ok jsing

5 months agosimplify exit message handling, which was more complicated than
djm [Thu, 9 May 2024 09:46:47 +0000 (09:46 +0000)]
simplify exit message handling, which was more complicated than
it needed to be because of unexpunged ssh1 remnants. ok markus@

5 months agoctime(3) and ctime_r(3) can fail when timestamps are way off.
florian [Thu, 9 May 2024 08:35:40 +0000 (08:35 +0000)]
ctime(3) and ctime_r(3) can fail when timestamps are way off.
Add missing error checks to all calls under sbin/

Input kettenis, millert
OK millert

5 months agoctime(3) and ctime_r(3) can fail when timestamps are way off.
florian [Thu, 9 May 2024 08:35:03 +0000 (08:35 +0000)]
ctime(3) and ctime_r(3) can fail when timestamps are way off.
Add missing error checks to all calls under libexec/

Input kettenis, millert
OK millert

5 months agoBack then I faced intermittent file-system corruptions for which setting
mglocker [Thu, 9 May 2024 08:24:09 +0000 (08:24 +0000)]
Back then I faced intermittent file-system corruptions for which setting
FUA (Force Unit Access) did help.  In the meantime it turned out that
those file-system corruptions were most likely caused by the slot issues.
Now that we fixed the slot management and limited to one slot for now,
remove FUA again, which increases the write performance significantly.

5 months agoSprinkle some more DPRINTFs.
mglocker [Thu, 9 May 2024 08:21:52 +0000 (08:21 +0000)]
Sprinkle some more DPRINTFs.

5 months agoPack hardware descriptor structures.
mglocker [Thu, 9 May 2024 08:20:22 +0000 (08:20 +0000)]
Pack hardware descriptor structures.

5 months agoParse the OCS response value for completed commands, and set error on
mglocker [Thu, 9 May 2024 08:18:20 +0000 (08:18 +0000)]
Parse the OCS response value for completed commands, and set error on
failure.

5 months agoPerform bus DMA synchronization to update the command descriptors.
mglocker [Thu, 9 May 2024 08:16:32 +0000 (08:16 +0000)]
Perform bus DMA synchronization to update the command descriptors.

5 months agoUse 1U for bit operations on 32-bit registers.
mglocker [Thu, 9 May 2024 08:13:57 +0000 (08:13 +0000)]
Use 1U for bit operations on 32-bit registers.

Proposed by dlg@

5 months agoDon't do math on KVA to get the required slot offset since that could
mglocker [Thu, 9 May 2024 08:12:22 +0000 (08:12 +0000)]
Don't do math on KVA to get the required slot offset since that could
cause invalid pointers depending on the compiler interpretation of
(void *).  Instead work with the structure pointer itself.

Proposed by dlg@

5 months agoDon't use the task id for UPIU commands. We don't use task management
mglocker [Thu, 9 May 2024 08:09:17 +0000 (08:09 +0000)]
Don't use the task id for UPIU commands.  We don't use task management
commands yet.

5 months agoDon't schedule interrupt aggregation when commands are still in-progress.
mglocker [Thu, 9 May 2024 08:06:42 +0000 (08:06 +0000)]
Don't schedule interrupt aggregation when commands are still in-progress.
As of the documentation:

"NOTE Write operations to IACTH and IATOVAL are only allowed when no
commands are outstanding."

Instead we only schedule interrupt aggregation at the start of the
SCSI command call, when all commands have completed.

5 months agoPrevent that scheduling of new commands is interfering with processing
mglocker [Thu, 9 May 2024 08:04:48 +0000 (08:04 +0000)]
Prevent that scheduling of new commands is interfering with processing
of completed commands with a command mutex.

5 months agoDon't relay on the doorbell register to track our slots. As of the
mglocker [Thu, 9 May 2024 08:02:59 +0000 (08:02 +0000)]
Don't relay on the doorbell register to track our slots.  As of the
documentation:

"UTRLDBR is a volatile register; software should only use its value to
determine commands that have completed, not to determine which commands
have previously been issued."

Instead we use the CCB structure to track our slots, as proposed by dlg@.

CAVEAT: Since using more than one slot is currently causing OCS errors,
we limit the slots to one until we can find a solution.

5 months agossl_ciph.c: unwrap a line
tb [Thu, 9 May 2024 07:55:48 +0000 (07:55 +0000)]
ssl_ciph.c: unwrap a line

5 months agoRemove leftover logic of SSL2 support
tb [Thu, 9 May 2024 07:47:50 +0000 (07:47 +0000)]
Remove leftover logic of SSL2 support

SSL2_CF_8_BYTE_ENC was set by things such as RC4_64_WITH_MD5, which fell
victim to tedu's axe a decade ago. Zap that.

ok jsing

5 months agoPlug a "leak" in ssl_security_group()
tb [Thu, 9 May 2024 07:12:03 +0000 (07:12 +0000)]
Plug a "leak" in ssl_security_group()

The way the CBB API is used, CBB_add_u16() and CBB_finish() can't actually
fail here, but if they could, cbb->base would leak. Rewrite this code with
the proper idioms to make it look right.

ok jsing

5 months agoAlign RSA and EC key generation with each other
tb [Thu, 9 May 2024 06:08:11 +0000 (06:08 +0000)]
Align RSA and EC key generation with each other

Being two different cryptographic primitives, it is clear that there must
be some differences between RSA and EC keygen, but they don't have to be
entirely different. We need to set the key type, RSA needs a bit size and
ECDSA needs a curve. That's all the differences there need to be.

Garbage collect a few useless elses and avoid two exit labels paths where
one would do just fine.

As another small bonus, this file no longer uses "deprecated API", so the
portable fork can get rid of an ugly openssl 3 patch if they want to.

ok florian

5 months agoSuppress cache-info dmesg lines when they are identical to the
guenther [Wed, 8 May 2024 18:00:55 +0000 (18:00 +0000)]
Suppress cache-info dmesg lines when they are identical to the
previous cpu.

testing on hybrid box by jmatthew@
suggestions from kettenis@
ok deraadt@

5 months agoixl(4): force mss of tso packets in hardware supported range.
jan [Wed, 8 May 2024 17:52:11 +0000 (17:52 +0000)]
ixl(4): force mss of tso packets in hardware supported range.

ok bluhm@

5 months agofix line wrapping in function definition
tb [Wed, 8 May 2024 16:35:05 +0000 (16:35 +0000)]
fix line wrapping in function definition

5 months ago- for pwraction, point to acpibtn(4)
jmc [Wed, 8 May 2024 15:30:26 +0000 (15:30 +0000)]
- for pwraction, point to acpibtn(4)
- for lidaction, document the value 0
- for lidaction, adjust the description to a format similar
to that of pwraction

ok kettenis deraadt

5 months agoAdd more regress coverage for lhash.
jsing [Wed, 8 May 2024 15:13:23 +0000 (15:13 +0000)]
Add more regress coverage for lhash.

5 months agofix iwx(4) monitor mode
stsp [Wed, 8 May 2024 14:03:54 +0000 (14:03 +0000)]
fix iwx(4) monitor mode

Monitor mode was broken by a recent firmware update. Two tweaks make
it work again:

1) The firmware does not like us sending the power-mode command while
in monitor mode and will panic, so simply don't do that.

2) We no longer add two queues while in monitor mode, just one queue
for frame injection. This queue's index will be 1, not 2. Make the
driver expect the correct index to prevent an error when monitor mode
is entered.

tested by jmc@ and myself on iwx ax200

5 months agodisable the regular ieee80211_encap() Tx path in monitor mode
stsp [Wed, 8 May 2024 14:02:59 +0000 (14:02 +0000)]
disable the regular ieee80211_encap() Tx path in monitor mode

Frames injected from user space carry the DLT_IEEE802_11_RADIO
mbuf tag, and are handled as a special case. Do not fall back
to regular encapsulation while we are in monitor mode and the
frame injected by userspace is found to be invalid.

This fixes an issue when iwx(4) runs in monitor mode with addresses
configured on the interface and leaving 11n/11ac mode directly for
monitor mode. In this case, traffic generated by userspace or the
kernel (such as ICMPv6) would trigger Tx attempts, which in turn
would trigger an attempt to set up a block ACK agreement and then
cause a firmware panic.

This points at a related issue where interface configuration state
is not properly cleaned up while switching into monitor mode.
The 11n/11ac interface config should ideally be cleared completely,
preventing block ack from being initiated.

But preventing the stack from trying to send frames down the regular
Tx path in monitor mode is a good idea in general because drivers may
not handle this very well for various reasons, block ack being just one.

tested by jmc@ and myself on iwx ax200

5 months agoRework how action SIG_HOLD is handled in ptsignal.
claudio [Wed, 8 May 2024 13:05:33 +0000 (13:05 +0000)]
Rework how action SIG_HOLD is handled in ptsignal.

Since we want to unlock sigsuspend, ptsignal needs to double check in the
SSLEEP case that the signal being delivered is still masked or unmasked.
Remove the early return for action SIG_HOLD so that the SSLEEP case can
properly recheck the sigmask.

On top of this update siglist only in one place at the end of ptsignal
this now includes the clearing of signals for the SA_CONT and SA_STOP
cases.

OK mpi@

5 months agoFix route leak in ip input.
bluhm [Wed, 8 May 2024 13:01:30 +0000 (13:01 +0000)]
Fix route leak in ip input.

In previous commit when refactoring the route cache, a rtfree() has
been forgotten.  For each forwarded packet the reference counter
of the route entry was increased.  This eventually leads to an
integer overflow and triggers kassert.

reported by and OK jan@

5 months agoAvoid OpenSSL SSL repetitions
tb [Wed, 8 May 2024 09:41:33 +0000 (09:41 +0000)]
Avoid OpenSSL SSL repetitions

with the help of jmc

5 months agoavoid various repetitions in the descriptions of libcrypto and libssl
tb [Wed, 8 May 2024 08:24:23 +0000 (08:24 +0000)]
avoid various repetitions in the descriptions of libcrypto and libssl

with/ok jmc

5 months agoSimplify X509_REQ_get_extensions()
tb [Wed, 8 May 2024 08:20:08 +0000 (08:20 +0000)]
Simplify X509_REQ_get_extensions()

Now that we know the two OIDs we need to look for when checking for the
extension list attribute in a certification request, we can simplify this
quite a bit. There is one change of behavior. Attribute value sets are not
supposed to be empty and it makes no sense to return an empty stack of
extensions in that case, return NULL instead, matching BoringSSL.

This removes last use of ext_nids and ext_nid_list[], so these two bits
of unprotected global mutable state can now join the party in the attic.

ok jsing

5 months agoSimplify X509_REQ_extension_nid()
tb [Wed, 8 May 2024 08:11:50 +0000 (08:11 +0000)]
Simplify X509_REQ_extension_nid()

Now that the global ext_nids[] array can no longer be modified by the
application, we can simplify this by returning the two possible NIDs
that we accept in the extension list attribute in PKCS#10 certification
requests.

The year is 2024. This API is entirely unused by the ecosystem. Well not
entirely! One small village of indomitable rare API use still holds out
against the cleansers. You may have guessed it: security/xca.

ok jsing

5 months agoDefang X509_REQ_{s,g}et_extension_nids()
tb [Wed, 8 May 2024 07:55:10 +0000 (07:55 +0000)]
Defang X509_REQ_{s,g}et_extension_nids()

These fiddle with unprotected global state, so aren't thread safe and
of course there was no good reason to have this API in the first place.
Nothing uses it, so it becomes a noop and will be removed in the next
major bump.

ok jsing

5 months agosymbols test: drop headers that don't define any symbols
tb [Wed, 8 May 2024 06:54:43 +0000 (06:54 +0000)]
symbols test: drop headers that don't define any symbols

5 months agoavoid memcpy(malloc(0), ..., 0), which is not portable.
djm [Tue, 7 May 2024 23:40:53 +0000 (23:40 +0000)]
avoid memcpy(malloc(0), ..., 0), which is not portable.
ok florian@

5 months agoopenssl: toolkit implementing the TLS v1 protocol is weird
tb [Tue, 7 May 2024 21:00:18 +0000 (21:00 +0000)]
openssl: toolkit implementing the TLS v1 protocol is weird

Well, it's a toolkit alright, and a terrible one at that, but TLS v1
(which is this beloved toolkit's name for TLS v1.0) is a thing firmly
from the past, so drop the v1.

5 months agoPEM_read_bio_PrivateKey: fix grammar
tb [Tue, 7 May 2024 20:40:07 +0000 (20:40 +0000)]
PEM_read_bio_PrivateKey: fix grammar

This old [...] routines use [...] -> These old [...] routines [...]

5 months agoAdditional check for TSO packets with 0 MSS.
jan [Tue, 7 May 2024 18:35:23 +0000 (18:35 +0000)]
Additional check for TSO packets with 0 MSS.

Tested by bluhm

ok bluhm@

5 months agorw_enter() with RW_NOSLEEP returns EBUSY and not the expected EWOULDBLOCK
claudio [Tue, 7 May 2024 15:54:23 +0000 (15:54 +0000)]
rw_enter() with RW_NOSLEEP returns EBUSY and not the expected EWOULDBLOCK

This fixes random gmake failures during ports builds caused by:
   gmake[2]: *** read jobs pipe: Device busy.  Stop.
Fix verified by tb@ on his bulk build box
OK mvs@ tb@

6 months agoClear MNT_LOCAL flag on FUSE file system. It can be local or remote, but
mvs [Tue, 7 May 2024 14:27:11 +0000 (14:27 +0000)]
Clear MNT_LOCAL flag on FUSE file system. It can be local or remote, but
kernel can't tell the difference.

From Kirill A. Korinsky

ok claudio mpi

6 months agodrop the MD byte-swap micro-optimizations on clang architectures
naddy [Tue, 7 May 2024 14:26:48 +0000 (14:26 +0000)]
drop the MD byte-swap micro-optimizations on clang architectures

The compiler already translates the generic code into arithmetic
byte-swap instructions or byte-swapping memory load and store
instructions if available on an architecture.

ok deraadt@ guenther@

6 months agoReorder functions and drop static function prototypes.
jsing [Tue, 7 May 2024 13:40:42 +0000 (13:40 +0000)]
Reorder functions and drop static function prototypes.

No functional change.

6 months agoadd smtpd-tables.7 for real; spotted by tb, thanks!
op [Tue, 7 May 2024 12:13:43 +0000 (12:13 +0000)]
add smtpd-tables.7 for real; spotted by tb, thanks!

6 months agochange the smtpd table protocol
op [Tue, 7 May 2024 12:10:06 +0000 (12:10 +0000)]
change the smtpd table protocol

Using imsg for the "proc" table (external programs) has proven quite
painful in practice since a lot of smtpd internals (structs, enums,
etc..) have to be kept in sync with the various tables implementations.

Instead, a filter-like protocol for tables decouples the implementations
and allows to write and test tables easily.

The new text-based transport protocol is documented in the (added)
smtpd-tables(7) manpage.

The old imsg protocol is no longer supported and existing tables have to
be converted.  In particular, users of opensmtpd-extras tables will need
install the new opensmtpd-table-* packages.

With lots of suggestions and improvements from gilles and a tweak
from Philipp (philipp+openbsd [at] bureaucracy [dot] de), thanks!

ok gilles

6 months agoIn Rev 1.296 the update of the siglist was moved to the end of ptsignal().
claudio [Tue, 7 May 2024 10:46:35 +0000 (10:46 +0000)]
In Rev 1.296 the update of the siglist was moved to the end of ptsignal().
One atomic_clearbits_int() hiding in SSTOP was missed when converting all
the exceptions that cleared the siglist again. Instead of clearing the bits
the mask needs to be set to 0 so that it is properly ignored.
OK mpi@

6 months agosync
op [Tue, 7 May 2024 09:10:58 +0000 (09:10 +0000)]
sync

6 months agoinstall smtpd-tables(7)
op [Tue, 7 May 2024 09:10:33 +0000 (09:10 +0000)]
install smtpd-tables(7)

6 months agosync
deraadt [Tue, 7 May 2024 00:44:02 +0000 (00:44 +0000)]
sync

6 months agoremove SSH1 leftovers
tobias [Mon, 6 May 2024 19:26:17 +0000 (19:26 +0000)]
remove SSH1 leftovers

Authored with Space Meyer <git at the-space dot agency>

ok djm

6 months agovmstat/dkstats.c: remove obfuscatory timerset() macro
cheloha [Mon, 6 May 2024 16:54:22 +0000 (16:54 +0000)]
vmstat/dkstats.c: remove obfuscatory timerset() macro

Using a macro to perform a plain struct assignment obfuscates the
obvious.  Delete the timerset() macro.

While here, remove some superfluous timerclear(3) calls.

Thread: https://marc.info/?l=openbsd-tech&m=171346446031940&w=2

ok millert@

6 months agotty(1): exit with status 2 if unveil(2) or pledge(2) fail
cheloha [Mon, 6 May 2024 16:49:46 +0000 (16:49 +0000)]
tty(1): exit with status 2 if unveil(2) or pledge(2) fail

tty(1) returns >1 on error, not 1.

Thread: https://marc.info/?l=openbsd-tech&m=171494082629111&w=2

ok deraadt@ guenther@

6 months agoFix function wrapping.
jsing [Mon, 6 May 2024 14:38:20 +0000 (14:38 +0000)]
Fix function wrapping.

6 months agoEnable lhash regress.
jsing [Mon, 6 May 2024 14:37:26 +0000 (14:37 +0000)]
Enable lhash regress.