openbsd
3 years agoReprogram outbound windows to match the device tree. Necessary because
kettenis [Wed, 20 Jan 2021 12:44:45 +0000 (12:44 +0000)]
Reprogram outbound windows to match the device tree.  Necessary because
the EDK2-based UEFI firmware sets it to its own hardcoded values.
Makes device-tree mode work with newer versions of the Raspberry Pi firmware.

ok patrick@

3 years agotypo; spotted by jmc
sthen [Wed, 20 Jan 2021 12:37:26 +0000 (12:37 +0000)]
typo; spotted by jmc

3 years agoCheck management capabilities before trying to attach temperature sensors,
jmatthew [Wed, 20 Jan 2021 10:04:26 +0000 (10:04 +0000)]
Check management capabilities before trying to attach temperature sensors,
avoiding an unhelpful error message if the card's firmware doesn't expose
the sensor registers.

tested by chris@, who saw the unhelpful error message
ok dlg@

3 years agoPledge before authentication when possible
kn [Wed, 20 Jan 2021 07:30:51 +0000 (07:30 +0000)]
Pledge before authentication when possible

Generally, pleding before parsing the file seems hardly possible due to
unveil() being involved.

Pledging in case of the winning rule being a "persist" one is not possible
either due to TIOC{SET,CHK}VERAUTH not being allowed in the "tty" pledge.

But if "persist" is not used, we can pledge before authentication
without having to hoist or chang anything.

Feedback deraadt tedu
OK tdeu

3 years agoChange so that window_flags escapes # automatically which means configs
nicm [Wed, 20 Jan 2021 07:16:54 +0000 (07:16 +0000)]
Change so that window_flags escapes # automatically which means configs
will not have to change. A new format window_raw_flags contains the old
unescaped version.

3 years agoDrop unneeded cast in seal_record_protected_cipher
tb [Wed, 20 Jan 2021 07:05:25 +0000 (07:05 +0000)]
Drop unneeded cast in seal_record_protected_cipher

eiv_len was changed from an int to a size_t in r1.10, so casting it
to a size_t is now a noop.

ok jsing

3 years agopflog(4) tried to log the translated packet with rdr-to, nat-to,
bluhm [Tue, 19 Jan 2021 22:22:23 +0000 (22:22 +0000)]
pflog(4) tried to log the translated packet with rdr-to, nat-to,
and af-to addresses and ports applied.  Therefore it created a mbuf
chain on the stack with a partial copy.  This is too complicated
for IP options, extension header, NAT46 af-to, and fragmented mbuf
chains.  It even caused a crash in syzkaller.  Usually the length
checks in pf_setup_pdesc() rejected the faked mbuf and the goto
copy logged the packet unmodified.  Remove the pflog_mtap() function
and call bpf_mtap_hdr() directly.  As the old buggy code was bypassed
in most cases, tcpdump(8) output of pflog does not change.
Uncondionally log the unmodified packet.
Reported-by: syzbot+947e89e06ac3fec187d0@syzkaller.appspotmail.com
OK sashan@

3 years agoblacklist com on m3000s. our com code causes faults somehow.
dlg [Tue, 19 Jan 2021 21:52:59 +0000 (21:52 +0000)]
blacklist com on m3000s. our com code causes faults somehow.

console i/o still happens using ofw routines, which is Good Enough(tm)
for now. having a working machine means i can better test changes
now though.

ok deraadt@

3 years agoImplement intx support.
kettenis [Tue, 19 Jan 2021 19:46:40 +0000 (19:46 +0000)]
Implement intx support.

ok patrick@

3 years agopipex(4): convert ifunit() to if_unit(9)
mvs [Tue, 19 Jan 2021 19:39:58 +0000 (19:39 +0000)]
pipex(4): convert ifunit() to if_unit(9)

ok dlg@

3 years agoswitch(4): convert ifunit to if_unit(9)
mvs [Tue, 19 Jan 2021 19:39:14 +0000 (19:39 +0000)]
switch(4): convert ifunit to if_unit(9)

ok dlg@

3 years agopppoe(4): convert ifunit() to if_unit(9)
mvs [Tue, 19 Jan 2021 19:38:29 +0000 (19:38 +0000)]
pppoe(4): convert ifunit() to if_unit(9)

ok dlg@ kn@

3 years agopipex(4): convert ifunit() to if_unit(9)
mvs [Tue, 19 Jan 2021 19:37:42 +0000 (19:37 +0000)]
pipex(4): convert ifunit() to if_unit(9)

ok dlg@

3 years agokern/subr_disk.c: convert ifunit() to if_unit(9)
mvs [Tue, 19 Jan 2021 19:36:48 +0000 (19:36 +0000)]
kern/subr_disk.c: convert ifunit() to if_unit(9)

ok dlg@

3 years agonfs/nfs_boot.c: convert ifunit() to if_unit(9)
mvs [Tue, 19 Jan 2021 19:35:59 +0000 (19:35 +0000)]
nfs/nfs_boot.c: convert ifunit() to if_unit(9)

ok dlg@

3 years agoEnable athn(4)
kettenis [Tue, 19 Jan 2021 19:14:39 +0000 (19:14 +0000)]
Enable athn(4)

3 years agoAdd code to handle change of cipher state in the new TLSv1.2 record layer.
jsing [Tue, 19 Jan 2021 19:07:39 +0000 (19:07 +0000)]
Add code to handle change of cipher state in the new TLSv1.2 record layer.

This provides the basic framework for handling change of cipher state in
the new TLSv1.2 record layer, creating new record protection. In the DTLS
case we retain the previous write record protection and can switch back to
it when retransmitting. This will allow the record layer to start owning
sequence numbers and encryption/decryption state.

ok inoguchi@ tb@

3 years agoProvide functions to determine if TLSv1.2 record protection is engaged.
jsing [Tue, 19 Jan 2021 18:57:09 +0000 (18:57 +0000)]
Provide functions to determine if TLSv1.2 record protection is engaged.

Call these functions from code that needs to know if we've changed cipher
state and enabled record protection, rather than inconsistently checking
various pointers from other places in the code base. This also fixes a
minor bug where the wrong pointers are checked if we're operating with
AEAD.

ok inoguchi@ tb@

3 years agoProvide record layer overhead for DTLS.
jsing [Tue, 19 Jan 2021 18:51:08 +0000 (18:51 +0000)]
Provide record layer overhead for DTLS.

Rather than manually calculating the maximum record layer overhead in the
DTLS code, have the record layer provide this information. This also makes
it work correctly with AEAD ciphersuites.

ok inoguchi@ tb@

3 years agoFactor out code for explicit IV length, block size and MAC length.
jsing [Tue, 19 Jan 2021 18:34:02 +0000 (18:34 +0000)]
Factor out code for explicit IV length, block size and MAC length.

Pull this code up into the record protection struct, which means we only
need the length checks in one place. This code will soon be used for
additional purposes.

ok inoguchi@ tb@

3 years agos/KHz/kHz/ and reduce dmesg spam a bit
kettenis [Tue, 19 Jan 2021 18:07:15 +0000 (18:07 +0000)]
s/KHz/kHz/ and reduce dmesg spam a bit

ok tb@, deraadt@

3 years agos/KHZ/kHz/ and reduce dmesg spam a bit
kettenis [Tue, 19 Jan 2021 18:04:43 +0000 (18:04 +0000)]
s/KHZ/kHz/ and reduce dmesg spam a bit

ok tb@, deraadt@

3 years ago/etc/malloc.conf path-approval in pledge is no longer needed since 6.5
deraadt [Tue, 19 Jan 2021 17:41:51 +0000 (17:41 +0000)]
/etc/malloc.conf path-approval in pledge is no longer needed since 6.5
moved option control into a sysctl.
reminder that we can delete this from benjamin baier

3 years agoGet rid of inet_net_pton and inet_net_ntop.
florian [Tue, 19 Jan 2021 17:38:41 +0000 (17:38 +0000)]
Get rid of inet_net_pton and inet_net_ntop.

This is not an api that seems to have caught on (especially the
AF_INET6 variant), maybe we can get rid of it entirely.
It is not difficult to hand-roll the AF_INET6 variant.
OK tb

3 years agoMake imsg event structs static to fix -fno-common.
florian [Tue, 19 Jan 2021 16:54:48 +0000 (16:54 +0000)]
Make imsg event structs static to fix -fno-common.
Follows claudio's lead in ospfd et al.
Problem reported by mortimer.

3 years agoMove control_state and ctl_conns to control.c, it's not needed
florian [Tue, 19 Jan 2021 16:54:00 +0000 (16:54 +0000)]
Move control_state and ctl_conns to control.c, it's not needed
elsewhere and unbreaks -fno-common.
Inspired by claudio
Problem reported by mortimer

3 years agoNo need for a global rad_process; unbreaks -fno-common.
florian [Tue, 19 Jan 2021 16:53:27 +0000 (16:53 +0000)]
No need for a global rad_process; unbreaks -fno-common.
Problem reported by mortimer

3 years agoMake imsg event structs static to fix -fno-common.
florian [Tue, 19 Jan 2021 16:52:40 +0000 (16:52 +0000)]
Make imsg event structs static to fix -fno-common.
Follows claudio's lead in ospfd et al.
Problem reported by mortimer.

3 years agoMove control_state and ctl_conns to control.c, it's not needed
florian [Tue, 19 Jan 2021 16:52:12 +0000 (16:52 +0000)]
Move control_state and ctl_conns to control.c, it's not needed
elsewhere and unbreaks -fno-common.
Inspired by claudio
Problem reported by mortimer

3 years agoPrevent more yacc clashes; fixes -fno-common.
florian [Tue, 19 Jan 2021 16:51:28 +0000 (16:51 +0000)]
Prevent more yacc clashes; fixes -fno-common.
Problem reported by mortimer.

3 years agoReduce scope of routesock unbreaking -fno-common.
florian [Tue, 19 Jan 2021 16:50:50 +0000 (16:50 +0000)]
Reduce scope of routesock unbreaking -fno-common.
Problem reported by mortimer.

3 years agoNo need for a global uw_process; unbreaks -fno-common.
florian [Tue, 19 Jan 2021 16:50:23 +0000 (16:50 +0000)]
No need for a global uw_process; unbreaks -fno-common.
Problem reported by mortimer

3 years agoMake imsg event structs static to fix -fno-common.
florian [Tue, 19 Jan 2021 16:49:56 +0000 (16:49 +0000)]
Make imsg event structs static to fix -fno-common.
Follows claudio's lead in ospfd et al.
Problem reported by mortimer.

3 years agoMove control_state and ctl_conns to control.c, it's not needed
florian [Tue, 19 Jan 2021 16:49:10 +0000 (16:49 +0000)]
Move control_state and ctl_conns to control.c, it's not needed
elsewhere and unbreaks -fno-common.
Inspired by claudio
Problem reported by mortimer

3 years agoNo need for a global slaacd_process; unbreaks -fno-common.
florian [Tue, 19 Jan 2021 16:48:20 +0000 (16:48 +0000)]
No need for a global slaacd_process; unbreaks -fno-common.
Problem reported by mortimer

3 years agoPrevent an overflow in inet_net_pton(3) when the passed in buffer is
florian [Tue, 19 Jan 2021 16:43:44 +0000 (16:43 +0000)]
Prevent an overflow in inet_net_pton(3) when the passed in buffer is
too small in the AF_INET6 case.
Spotted by Brad House (brad AT brad-house.com) with the c-ares
regression test.

The man page says
     Caution: The dst field should be zeroed before calling inet_net_pton() as
     the function will only fill the number of bytes necessary to encode the
     network number in network byte order.

Which seems to suggest that the function should work if the passed in
storage is big enough to hold the prefix, which might be smaller than
sizeof(in6_addr).

Input & OK tb

3 years agousb_init_task() wants a struct usb_task as the first argument
anton [Tue, 19 Jan 2021 16:05:59 +0000 (16:05 +0000)]
usb_init_task() wants a struct usb_task as the first argument

ok kn@ mvs@

3 years agoFirst bits of a regress test that ensures that the decision process
claudio [Tue, 19 Jan 2021 16:04:46 +0000 (16:04 +0000)]
First bits of a regress test that ensures that the decision process
works.

3 years agoLike ospfd allocate the recv buffer with malloc() on first call.
claudio [Tue, 19 Jan 2021 16:02:56 +0000 (16:02 +0000)]
Like ospfd allocate the recv buffer with malloc() on first call.
This code assumes some alignment of the buffer which may not be
the case with bss memory.

3 years agoLike ospfd allocate the recv buffer with malloc() on first call.
claudio [Tue, 19 Jan 2021 16:02:22 +0000 (16:02 +0000)]
Like ospfd allocate the recv buffer with malloc() on first call.
This code assumes some alignment of the buffer which may not be
the case with bss memory.

3 years agoLike ospfd allocate the recv buffer with malloc() on first call.
claudio [Tue, 19 Jan 2021 16:02:06 +0000 (16:02 +0000)]
Like ospfd allocate the recv buffer with malloc() on first call.
This code assumes some alignment of the buffer which may not be
the case with bss memory.

3 years agoAllocate the recv buffer with malloc() on first call. This code assumes
claudio [Tue, 19 Jan 2021 16:01:39 +0000 (16:01 +0000)]
Allocate the recv buffer with malloc() on first call. This code assumes
some alignment of the buffer which may not be the case with bss memory.

3 years agoAdjust the disc_recv_packet() code to not use IBUF_READ_SIZE and to
claudio [Tue, 19 Jan 2021 15:59:25 +0000 (15:59 +0000)]
Adjust the disc_recv_packet() code to not use IBUF_READ_SIZE and to
use a local recv_buf that is allocated on first call with malloc().
The memory returned from malloc() is properly aligned which may not
be the case for bss or stack memory.

3 years agoKill log_procnames and properly define ldpd_process.
claudio [Tue, 19 Jan 2021 15:23:25 +0000 (15:23 +0000)]
Kill log_procnames and properly define ldpd_process.

3 years agoDo the same control cleanup as in other daemons. Move ctl_conns exclusivly
claudio [Tue, 19 Jan 2021 15:14:35 +0000 (15:14 +0000)]
Do the same control cleanup as in other daemons. Move ctl_conns exclusivly
into control.c

3 years ago(re)Introduce locking for amaps & anons.
mpi [Tue, 19 Jan 2021 13:21:36 +0000 (13:21 +0000)]
(re)Introduce locking for amaps & anons.

A rwlock is attached to every amap and is shared with all its anon.  The
same lock will be used by multiple amaps if they have anons in common.

This should be enough to get the upper part of the fault handler out of the
KERNEL_LOCK() which seems to bring up to 20% improvements in builds.

This is based/copied/adapted from the most recent work done in NetBSD which
is an evolution of the precendent simple_lock scheme.

Tested by many, thanks!

ok kettenis@, mvs@

3 years agoMake struct imsgev static like in the other routing daemons. With this
claudio [Tue, 19 Jan 2021 12:29:46 +0000 (12:29 +0000)]
Make struct imsgev static like in the other routing daemons. With this
dvmrpd should compile with -fno-common

3 years agoRemove some unused #defines and remove some commented-out variables.
kettenis [Tue, 19 Jan 2021 12:29:07 +0000 (12:29 +0000)]
Remove some unused #defines and remove some commented-out variables.

3 years agoKill dvrmpd_process and log_procnames. Unneeded abstraction for this
claudio [Tue, 19 Jan 2021 12:26:38 +0000 (12:26 +0000)]
Kill dvrmpd_process and log_procnames. Unneeded abstraction for this
simple daemon.

3 years agoCleanup control like in the other routing daemons. Move control_state
claudio [Tue, 19 Jan 2021 12:23:30 +0000 (12:23 +0000)]
Cleanup control like in the other routing daemons. Move control_state
and ctl_conns to control.c cleanup headers and the engine accordingly.

3 years agoLike dvrmpd there is no need for a static pkt buffer. Adjust code accordingly.
claudio [Tue, 19 Jan 2021 11:49:26 +0000 (11:49 +0000)]
Like dvrmpd there is no need for a static pkt buffer. Adjust code accordingly.

3 years agoAnother pkt_ptr cleanup. There is actually no need to make the pkt
claudio [Tue, 19 Jan 2021 11:46:10 +0000 (11:46 +0000)]
Another pkt_ptr cleanup. There is actually no need to make the pkt
a static memory region. Just use the stack.

3 years agoLike all other log.c just exit(1) in fatal()
claudio [Tue, 19 Jan 2021 11:39:13 +0000 (11:39 +0000)]
Like all other log.c just exit(1) in fatal()

3 years agoKill global eigrpd_process and instead pass the proc to merge_config()
claudio [Tue, 19 Jan 2021 10:53:25 +0000 (10:53 +0000)]
Kill global eigrpd_process and instead pass the proc to merge_config()
and config_clear(). Also set log_procname directly and remove the
log_procnames array.

3 years agoUse log_procname instead of log_procnames[eigrpd_process]. It should be
claudio [Tue, 19 Jan 2021 10:51:35 +0000 (10:51 +0000)]
Use log_procname instead of log_procnames[eigrpd_process]. It should be
the same thing.

3 years agoSame control cleanup that was done for ospfd and ripd. Move the
claudio [Tue, 19 Jan 2021 10:37:25 +0000 (10:37 +0000)]
Same control cleanup that was done for ospfd and ripd. Move the
control_state and ctl_conns structs into control.c nothing else
uses these structs.

3 years agoLike in ospfd use a static pkt_ptr buffer
claudio [Tue, 19 Jan 2021 10:31:12 +0000 (10:31 +0000)]
Like in ospfd use a static pkt_ptr buffer

3 years agoForgot one IBUF_READ_SIZE to READ_BUF_SIZE change.
claudio [Tue, 19 Jan 2021 10:30:00 +0000 (10:30 +0000)]
Forgot one IBUF_READ_SIZE to READ_BUF_SIZE change.

3 years agoDo not use IBUF_READ_SIZE for the packet read buffer size. Instead
claudio [Tue, 19 Jan 2021 10:28:07 +0000 (10:28 +0000)]
Do not use IBUF_READ_SIZE for the packet read buffer size. Instead
define READ_BUF_SIZE like the other daemons.

3 years agoMake the struct imsgev structs static and with that ripd -fno-common clean.
claudio [Tue, 19 Jan 2021 10:20:47 +0000 (10:20 +0000)]
Make the struct imsgev structs static and with that ripd -fno-common clean.

3 years agoRemove the PROC_* enums and ripd_process, they are no longer needed.
claudio [Tue, 19 Jan 2021 10:18:56 +0000 (10:18 +0000)]
Remove the PROC_* enums and ripd_process, they are no longer needed.
Instead assign the process name directly to log_procname which was
the last user of ripd_process.

3 years agoLike in all other log.c file just use exit(1) in fatal() calls.
claudio [Tue, 19 Jan 2021 10:16:44 +0000 (10:16 +0000)]
Like in all other log.c file just use exit(1) in fatal() calls.
This log.c should be further synced with the other log.c files.

3 years agoMove the interface demote out of if_del and into the only place where
claudio [Tue, 19 Jan 2021 10:09:59 +0000 (10:09 +0000)]
Move the interface demote out of if_del and into the only place where
it is needed (the if_del call in ripe.c). With this the ripd_process
check in ripe_demote_iface() can be removed.

3 years agoLike in ospfd make the pkt_ptr a local static buffer.
claudio [Tue, 19 Jan 2021 10:02:22 +0000 (10:02 +0000)]
Like in ospfd make the pkt_ptr a local static buffer.

3 years agoApply same cleanup to the control code as in ospfd.
claudio [Tue, 19 Jan 2021 10:00:36 +0000 (10:00 +0000)]
Apply same cleanup to the control code as in ospfd.
Internalize control_state and ctl_conns.

3 years agoMake the struct imsgev static. With this ospf6d compiles with -fno-common
claudio [Tue, 19 Jan 2021 09:54:08 +0000 (09:54 +0000)]
Make the struct imsgev static. With this ospf6d compiles with -fno-common

3 years agoUse ospfe_imsg_compose_rde() instead of exporting iev_rde and using
claudio [Tue, 19 Jan 2021 09:53:11 +0000 (09:53 +0000)]
Use ospfe_imsg_compose_rde() instead of exporting iev_rde and using
imsg_compose_event() directly. This is needed to make the imsg event
structures static in ospfe.c, rde.c and ospf6d.c.

3 years agoLike in ospfd rename nconf to noeconf in the ospf engine to remove
claudio [Tue, 19 Jan 2021 09:48:34 +0000 (09:48 +0000)]
Like in ospfd rename nconf to noeconf in the ospf engine to remove
a common symbol.

3 years agoProperly define ospfd_process as an extern in the header file.
claudio [Tue, 19 Jan 2021 09:46:51 +0000 (09:46 +0000)]
Properly define ospfd_process as an extern in the header file.

3 years agoLike in ospfd use a static pkt_ptr buffer.
claudio [Tue, 19 Jan 2021 09:43:40 +0000 (09:43 +0000)]
Like in ospfd use a static pkt_ptr buffer.

3 years agoDo the same control cleanup as in ospfd. Move control_state and ctl_conns
claudio [Tue, 19 Jan 2021 09:42:11 +0000 (09:42 +0000)]
Do the same control cleanup as in ospfd. Move control_state and ctl_conns
into control.c nothing outside needs access to this.

3 years agoMake the imsg event structures static, properly define ospfd_process and
claudio [Tue, 19 Jan 2021 09:37:53 +0000 (09:37 +0000)]
Make the imsg event structures static, properly define ospfd_process and
rename nconf in the ospf engine to noeconf. This fixes the last common
symbols in ospfd.

3 years agoInternalize a few more things into the control code. Both control_state
claudio [Tue, 19 Jan 2021 09:33:38 +0000 (09:33 +0000)]
Internalize a few more things into the control code. Both control_state
and ctl_conns are not really needed outside of control.c

3 years agoUse a static pkt_ptr buffer instead of allocating it dynamically.
claudio [Tue, 19 Jan 2021 09:29:49 +0000 (09:29 +0000)]
Use a static pkt_ptr buffer instead of allocating it dynamically.
Removes another -fno-common issue from the build.

3 years agoUse ospfe_imsg_compose_rde() instead of calling imsg_compose_event() with
claudio [Tue, 19 Jan 2021 09:25:53 +0000 (09:25 +0000)]
Use ospfe_imsg_compose_rde() instead of calling imsg_compose_event() with
a local export of iev_rde. Remove the extern in preperation of -fno-common
cleanup.

3 years agoDo the KAME embedded scope fixup in the two places where getifaddrs() is
claudio [Tue, 19 Jan 2021 09:16:20 +0000 (09:16 +0000)]
Do the KAME embedded scope fixup in the two places where getifaddrs() is
used. With this there should be no more embedded scopes left and therefor
in6addr_to_text() can be removed. getnameinfo() will just do the right
thing now.
OK eric@

3 years agoFix the embedded scope hack. They way this was written is buggy since the
claudio [Tue, 19 Jan 2021 09:04:13 +0000 (09:04 +0000)]
Fix the embedded scope hack. They way this was written is buggy since the
else does not skip enough of the original code. Instead use a temporary
sockaddr pointer and adjust it to point to the sin6 one if an embedded
scope was detected.
OK jca@

3 years agogre(4): convert ifunit() to if_unit(9)
mvs [Tue, 19 Jan 2021 07:31:47 +0000 (07:31 +0000)]
gre(4): convert ifunit() to if_unit(9)

ok dlg@

3 years agotpmr(4): convert ifunit() to if_unit(9)
mvs [Tue, 19 Jan 2021 07:31:05 +0000 (07:31 +0000)]
tpmr(4): convert ifunit() to if_unit(9)

ok dlg@

3 years agobpe(4): convert ifunit() to if_unit(9)
mvs [Tue, 19 Jan 2021 07:30:19 +0000 (07:30 +0000)]
bpe(4): convert ifunit() to if_unit(9)

ok dlg@

3 years agoaggr(4): convert ifunit() to if_unit(9)
mvs [Tue, 19 Jan 2021 07:29:42 +0000 (07:29 +0000)]
aggr(4): convert ifunit() to if_unit(9)

ok dlg@

3 years agoFix httpd example config
tb [Mon, 18 Jan 2021 18:47:49 +0000 (18:47 +0000)]
Fix httpd example config

A server configuration yields multiple struct server_config in the
env->sc_servers queue: an actual server ("parent") and one for each
location directive in httpd.conf.  In parent_configure(), the parents
are configured first, then the corresponding locations.

parse.y r1.118 kills the parent if an error is encountered on loading
the TLS keypairs but leaves the locations in the sc_servers queue.
When running the default config without TLS keys already in place, this
then leads to the self-explanatory "invalid location" error message. Its
intention is to indicates the unexpected situation that config_setserver()
encounters a location without an associated server.

Fix this by not only destroying the parent but also removing all of its
locations.

ok jsing

3 years agoMark `ps_oppid' as atomic.
mvs [Mon, 18 Jan 2021 18:47:05 +0000 (18:47 +0000)]
Mark `ps_oppid' as atomic.

ok mpi@

3 years agoregen
mvs [Mon, 18 Jan 2021 18:44:30 +0000 (18:44 +0000)]
regen

3 years agoRevert wrong commit.
mvs [Mon, 18 Jan 2021 18:43:52 +0000 (18:43 +0000)]
Revert wrong commit.

3 years agoConvert ifunit() to if_unit(9).
mvs [Mon, 18 Jan 2021 18:29:19 +0000 (18:29 +0000)]
Convert ifunit() to if_unit(9).

ok sashan@

3 years agoregen
mvs [Mon, 18 Jan 2021 18:27:53 +0000 (18:27 +0000)]
regen

3 years agoUnlock getppid(2).
mvs [Mon, 18 Jan 2021 18:25:51 +0000 (18:25 +0000)]
Unlock getppid(2).

ok mpi@

3 years agoRemove c++ comment that snuck in and remove useless debug output.
florian [Mon, 18 Jan 2021 15:26:04 +0000 (15:26 +0000)]
Remove c++ comment that snuck in and remove useless debug output.

3 years agoRemove unused variable in an effort to make this -fno-common clean.
florian [Mon, 18 Jan 2021 15:20:28 +0000 (15:20 +0000)]
Remove unused variable in an effort to make this -fno-common clean.

3 years agoadd IPPROTO_SCTP, ok claudio@
sthen [Mon, 18 Jan 2021 12:22:40 +0000 (12:22 +0000)]
add IPPROTO_SCTP, ok claudio@

3 years agoAdjust code to the change of struct bgpd_addr in bgpd.
claudio [Mon, 18 Jan 2021 12:16:09 +0000 (12:16 +0000)]
Adjust code to the change of struct bgpd_addr in bgpd.
OK denis@

3 years agoChange struct bgpd_addr VPN encoding. Instead of including two almost
claudio [Mon, 18 Jan 2021 12:15:36 +0000 (12:15 +0000)]
Change struct bgpd_addr VPN encoding. Instead of including two almost
equal versions put the RD and lable stack right into struct bgpd_addr.
For non-VPN addresses these extra fields are ignored. Since VPN and non-VPN
addresses encode the prefix in the same way now some code can be simplified.
In most cases a fallthrough or reuse of encoding functions is now possible.
It should also reduce the size of struct bgpd_addr a bit.
OK denis@

3 years agoFix long->int for convtime tests here too. Spotted by tobhe@.
dtucker [Mon, 18 Jan 2021 11:43:34 +0000 (11:43 +0000)]
Fix long->int for convtime tests here too.  Spotted by tobhe@.

3 years agoHide some warnings on newer GCC versions, GitHUb issue 2525.
nicm [Mon, 18 Jan 2021 11:14:23 +0000 (11:14 +0000)]
Hide some warnings on newer GCC versions, GitHUb issue 2525.

3 years agoThere is no need to clear every line entirely before drawing to it, this
nicm [Mon, 18 Jan 2021 10:27:54 +0000 (10:27 +0000)]
There is no need to clear every line entirely before drawing to it, this
means moving the cursor and messes up wrapping. Better to just clear the
sections that aren't written over. GitHub issue 2537.

3 years agoIntroduce new function if_unit(9). This function returns a pointer the
mvs [Mon, 18 Jan 2021 09:55:43 +0000 (09:55 +0000)]
Introduce new function if_unit(9). This function returns a pointer the
interface descriptor corresponding to the unique name. This descriptor
is guaranteed to be valid until if_put(9) is called on the returned
pointer. if_unit(9) should replace already existent ifunit() which
returns descriptor not safe for dereference when context was switched.
This allow us to avoid some use-after-free issues in ioctl(2) path.
Also this unifies interface descriptor usage.

ok claudio@ sashan@

3 years agosupport PCAP_NETMASK_UNKNOWN, adapted from an old commit in upstream
sthen [Mon, 18 Jan 2021 09:26:35 +0000 (09:26 +0000)]
support PCAP_NETMASK_UNKNOWN, adapted from an old commit in upstream
libpcap, ok dlg@

https://github.com/the-tcpdump-group/libpcap/commit/74b2de364f3443fc2414d0160b0b942f347c6fd4
https://github.com/the-tcpdump-group/libpcap/commit/117cb5eb2eb4fe212d3851f1205bb0b8f57873c6

3 years agocrank limits to satisfy piggy piggy clang
deraadt [Mon, 18 Jan 2021 04:08:08 +0000 (04:08 +0000)]
crank limits to satisfy piggy piggy clang

3 years agoSync SA configuration payload to new SA after IKE SA rekeying.
tobhe [Mon, 18 Jan 2021 01:23:53 +0000 (01:23 +0000)]
Sync SA configuration payload to new SA after IKE SA rekeying.